Graceful degradation
Graceful degradation is the design property of a system that, when a dependency fails or saturates, returns reduced functionality rather than no functionality. A graceful-degradation example: a product page that loads with cached recommendations when the recommendation service is down, rather than 500-ing the entire page.
Graceful degradation is the dual of fault tolerance: fault tolerance prevents failure from being visible; graceful degradation prevents failure from being total. Patterns include feature flags that disable expensive functionality under load, stale-while-revalidate caching that returns last-known-good data when the source is unavailable, fallback to a simpler algorithm when the primary model times out, and asynchronous queueing that absorbs write spikes the database can't sustain. The wrong default is to fail closed everywhere — a strict 'always show fresh data or nothing' policy turns small dependency hiccups into total outages. The right default is application-specific: a banking transfer should fail closed; a product recommendation should fail open.
Related terms
- Fault tolerance
Fault tolerance is the property of a system to continue operating, possibly in a degraded state, when one or more of its components fail.
- Circuit breaker
A circuit breaker is a pattern that monitors calls to a downstream service and 'trips' (stops calling) when failures exceed a threshold, returning a fallback or error immediately.
- Backpressure
Backpressure is the signal a downstream component sends upstream to indicate that it cannot accept more work — explicitly slowing or rejecting incoming requests so the queue doesn't grow unboundedly.