A monolith fails as a unit — when it's down, it's down. Microservices fail partially — one service can be down while others continue working. This is both the greatest strength and the greatest challenge of microservices. The strength: a failing recommendation engine doesn't prevent customers from placing orders. The challenge: a failing service can cascade failures to every service that depends on it, turning a partial failure into a total outage.
How your services communicate determines whether partial failures stay partial or cascade. This guide covers the communication patterns that build resilient microservice architectures.
Synchronous Communication: When It's the Right Choice
Synchronous communication (HTTP/REST, gRPC) means the caller waits for the response. It's the natural choice when: the caller needs the response to continue processing (e.g., "get this user's permissions before authorizing the request"), the operation must complete before returning to the user (e.g., "charge the credit card before confirming the order"), or the interaction is a query (read-only data fetching).
The danger of synchronous communication is coupling: if Service A synchronously calls Service B, which synchronously calls Service C, and Service C is slow, all three services are slow. This is the "distributed monolith" anti-pattern — you have the operational complexity of microservices with the failure characteristics of a monolith.
Circuit Breakers: Preventing Cascading Failures
A circuit breaker monitors calls to a downstream service and "trips" (opens) when the failure rate exceeds a threshold. While open, all calls to the downstream service immediately return an error or fallback response without attempting the call. After a cool-down period, the circuit breaker allows a few test calls through — if they succeed, the circuit closes and normal operation resumes.
// Circuit breaker implementation (TypeScript)
enum CircuitState {
CLOSED, // Normal operation — calls pass through
OPEN, // Failures exceeded threshold — calls blocked
HALF_OPEN // Testing — limited calls allowed
}
class CircuitBreaker {
private state: CircuitState = CircuitState.CLOSED;
private failureCount: number = 0;
private successCount: number = 0;
private lastFailureTime: number = 0;
private readonly failureThreshold: number;
private readonly resetTimeout: number;
private readonly halfOpenMaxCalls: number;
constructor(options: {
failureThreshold?: number; // Failures before opening (default: 5)
resetTimeout?: number; // ms before trying half-open (default: 30000)
halfOpenMaxCalls?: number; // Test calls in half-open (default: 3)
} = {}) {
this.failureThreshold = options.failureThreshold ?? 5;
this.resetTimeout = options.resetTimeout ?? 30000;
this.halfOpenMaxCalls = options.halfOpenMaxCalls ?? 3;
}
async call<T>(fn: () => Promise<T>, fallback?: () => T): Promise<T> {
if (this.state === CircuitState.OPEN) {
// Check if enough time has passed to try half-open
if (Date.now() - this.lastFailureTime > this.resetTimeout) {
this.state = CircuitState.HALF_OPEN;
this.successCount = 0;
} else {
// Circuit is open — return fallback or throw
if (fallback) return fallback();
throw new Error('Circuit breaker is OPEN');
}
}
try {
const result = await fn();
this.onSuccess();
return result;
} catch (error) {
this.onFailure();
if (fallback) return fallback();
throw error;
}
}
private onSuccess() {
if (this.state === CircuitState.HALF_OPEN) {
this.successCount++;
if (this.successCount >= this.halfOpenMaxCalls) {
this.state = CircuitState.CLOSED;
this.failureCount = 0;
}
}
this.failureCount = 0;
}
private onFailure() {
this.failureCount++;
this.lastFailureTime = Date.now();
if (this.failureCount >= this.failureThreshold) {
this.state = CircuitState.OPEN;
}
}
}
// Usage
const userServiceBreaker = new CircuitBreaker({
failureThreshold: 5,
resetTimeout: 30000,
});
async function getUser(id: string) {
return userServiceBreaker.call(
() => httpClient.get(`http://user-service/users/${id}`),
() => ({ id, name: 'Unknown', cached: true }) // Graceful fallback
);
}Retries with Exponential Backoff
Transient failures (network glitches, brief overloads) are common in distributed systems. Retrying the request often succeeds. But naive retries (retry immediately, retry forever) make things worse — if a service is overloaded, 100 clients all retrying simultaneously amplifies the load.
Use exponential backoff with jitter: wait 1 second, then 2 seconds, then 4 seconds, then 8 seconds, with random jitter added to each delay to prevent synchronized retries.
async function retryWithBackoff<T>(
fn: () => Promise<T>,
options: {
maxRetries?: number;
baseDelay?: number; // ms
maxDelay?: number; // ms
retryableErrors?: (error: any) => boolean;
} = {}
): Promise<T> {
const maxRetries = options.maxRetries ?? 3;
const baseDelay = options.baseDelay ?? 1000;
const maxDelay = options.maxDelay ?? 30000;
const isRetryable = options.retryableErrors ?? ((e) =>
e.status === 429 || e.status === 503 || e.code === 'ECONNRESET'
);
let lastError: any;
for (let attempt = 0; attempt <= maxRetries; attempt++) {
try {
return await fn();
} catch (error) {
lastError = error;
if (attempt === maxRetries || !isRetryable(error)) throw error;
// Exponential backoff with full jitter
const delay = Math.min(
baseDelay * Math.pow(2, attempt) * (0.5 + Math.random()),
maxDelay
);
await new Promise(resolve => setTimeout(resolve, delay));
}
}
throw lastError;
}Asynchronous Communication: Decoupling Services
Asynchronous communication (message queues, event streaming) means the caller sends a message and doesn't wait for a response. It's the right choice when: the caller doesn't need an immediate response ("send a welcome email" — the user doesn't wait for the email to be sent), multiple services need to react to the same event, or you need to handle traffic spikes gracefully (the queue absorbs the spike).
Patterns for async communication: publish-subscribe (one event, many consumers), work queue (one message, one consumer), and request-reply over messaging (caller sends a message with a reply-to queue, consumer processes and responds).
Service Mesh: Infrastructure-Level Communication Control
A service mesh (Istio, Linkerd, Cilium service mesh) moves communication concerns — retries, circuit breaking, load balancing, mTLS, observability — from application code into the infrastructure layer. Instead of every service implementing its own circuit breaker and retry logic, the mesh proxy (sidecar) handles it transparently.
Benefits: Consistent communication policies across all services regardless of language. mTLS encryption between all services without application changes. Traffic splitting for canary deployments. Detailed observability (latency, error rates, throughput) for every service-to-service call.
Costs: Operational complexity (mesh control plane to manage). Resource overhead (sidecar proxy per pod adds CPU and memory). Debugging complexity (an additional network hop for every call). Learning curve for the team.
Timeouts: The Most Important Setting You're Probably Not Configuring
Every outgoing HTTP call must have a timeout. Without timeouts, a slow downstream service ties up connections and threads in the calling service until the system runs out of resources and crashes. Set timeouts based on the downstream service's expected response time: if the service normally responds in 100ms, set a timeout of 2-3 seconds. If it hasn't responded in 3 seconds, it's probably not going to.
Layer your timeouts: the overall request timeout (what the user sees) should be shorter than the sum of all downstream timeouts. If your API has a 5-second overall timeout but makes 3 downstream calls with 5-second timeouts each, a slowdown in all three services means the overall request times out after 5 seconds, but 15 seconds of resources are consumed.
Choosing the Right Communication Pattern
Synchronous + circuit breaker: Use for queries and operations where the caller needs the result immediately. Always pair with circuit breakers and timeouts.
Asynchronous + message queue: Use for commands (fire-and-forget actions), event notifications, and workloads that can tolerate eventual consistency.
Request-reply over messaging: Use when you need the response but want the decoupling benefits of async (queue handles backpressure, caller isn't blocked by temporary downstream failures).
ZeonEdge designs and implements microservices architectures with production-grade communication patterns, service mesh deployment, and resilience engineering. Talk to our architecture team.
Tags
Emily Watson
Technical Writer and Developer Advocate who simplifies complex technology for everyday readers.