Kepiye cara ngrancang sistem sing bisa nangani kahanan gagal kanthi apik?

Question

Accepted Answer

Ing skala gedhe, **kahanan gagal iku pasti bakal ana** — server bisa padha rusak, jaringan bisa gagal, dependensi bisa dadi ora ana. Ngrancang kanggo kahanan gagal iku tegese mbangun sistem sing **bisa pikun lan mulih saka kahanan gagal kanthi apik** tinimbang ngandel kabeh bisa lancar. Iki penting banget kanggo sistem sing reliable.

## Ngrancang kanggo kahanan gagal (mentalitase)

```text
ASSUME things WILL fail → at scale, failures are NORMAL, not exceptional:
  → servers crash, networks partition, disks fail, dependencies go down, traffic spikes
  → design systems to EXPECT and HANDLE failures gracefully (not assume everything works)
→ "everything fails all the time" → build resilience in.
```

## Teknik ketahanan

```text
✓ REDUNDANCY → multiple instances, no single point of failure (failover to healthy ones)
✓ RETRIES (with backoff) → retry transient failures (with exponential backoff + jitter to
  avoid overwhelming a recovering service)
✓ TIMEOUTS → don't wait forever for a failing dependency (fail fast)
✓ CIRCUIT BREAKERS → stop calling a failing service temporarily (prevent cascading failures;
  give it time to recover) → fail fast and fall back
✓ GRACEFUL DEGRADATION → reduced functionality vs total failure (e.g. show cached/partial
  data if a service is down)
✓ FALLBACKS → a default/alternative when something fails
✓ BULKHEADS / isolation → contain failures (one part failing doesn't sink everything)
```

## Ngindhari kahanan gagal sing nyebar

```text
⚠️ CASCADING failures → one failure triggers others (e.g. a slow service exhausts callers'
  resources → they fail too → spreads)
→ prevent with: timeouts, circuit breakers, isolation/bulkheads, load shedding, backpressure
✓ MONITORING/alerting → detect failures fast; test failure scenarios (chaos engineering)
```

## Kenapa iki penting

Paham cara ngrancang sistem sing bisa nangani kahanan gagal kanthi apik iku berharga amarga **kahanan gagal iku pasti bakal ana ing skala gedhe**, lan ngrancang kanggo hal kasebut iku penting banget kanggo sistem sing reliable, dadi iku pengetahuan rancang-sistem sing penting.

Mentalitase dhasar — **ngandel yen kahanan bakale gagal** (amarga ing skala gedhe, kahanan gagal iku normal, ora pengecualian — server bisa rusak, jaringan bisa terputus, dependensi bisa mudhun) lan ngrancang sistem kanggo ngandel lan nangani kahanan gagal kanthi apik tinimbang ngandel kabeh bisa lancar — iki dhasar kanggo mbangun sistem sing reliable, ditangkep ing prinsip "kabeh bisa gagal saben wektu." Paham **teknik ketahanan** iku pengetahuan praktis kunci: **redundansi** (ora ana titik kegagalan tunggal), **retry kanthi backoff** (nangani kahanan gagal sementara, kanthi exponential backoff lan jitter kanggo ngindhari ngambyek serbuan layanan sing lagi mbalik), **timeout** (gagal cepet tinimbang nunggu terus-terusan), **circuit breaker** (ngedhentian panggilan menyang layanan sing gagal kanggo ngindhari kahanan gagal nyebar lan ngasilaken kanggo mulih), **graceful degradation** (fungsi sing berkurang tinimbang gagal total, kaya nuduhke data sing ana), **fallback**, lan **bulkhead/isolasi** (ngabot kahanan gagal).

Iki teknik cara sistem bisa pikun lan mulih saka kahanan gagal sing pasti bakal ana.

Paham cara **ngindhari kahanan gagal nyebar** — mana siji kahanan gagal nyebabke kahanan gagal liya (layanan sing alon ngabisake resource sing nelayan manggon, nyebar kahanan gagal), dicegah kanthi timeout, circuit breaker, isolasi, load shedding, lan backpressure — iki penting banget, amarga kahanan gagal nyebar bisa ngowahi masalah cilik dadi outage gedhe.

Paham peran monitoring lan ujian skenario kahanan gagal (chaos engineering) ngrampungke gambare.

Amarga kahanan gagal iku pasti bakal ana ing skala gedhe lan ngrancang kanggo hal kasebut (kanthi mentalitase ngrancang kanggo kahanan gagal lan teknik ketahanan) iku penting banget kanggo sistem sing reliable, lan amarga paham mentalitase, teknik, lan pencegahan kahanan gagal nyebar iku penting kanggo mbangun sistem sing kuat, paham cara ngrancang kanggo kahanan gagal iku pengetahuan rancang-sistem sing berharga lan penting praktis — penting kanggo mbangun sistem reliable sing bisa pikun kahanan gagal sing pasti ing skala gedhe, inti ketahanan liwat redundansi, retry, circuit breaker, lan graceful degradation, lan ngiseni mentalitase ngrancang kanggo kahanan gagal sing membedha sistem kuat saka sistem rapuh.