Workflow Orchestration for Building Resilient Software Systems

Nice! Thanks for the comment and some validation 😀

Ya, pretty much the case with everything.

Was just recently looking at the GitHub repo for the .NET SDK for point of reference to see what it looked like.

So, just to be sure how Temporal works, if an "n" step process (Workflow) is executed and if somewhere a step (Activity) "x" is considered (through business logic code) to be failing, then we c/would re-attempt our workflow from the step "x" / "x-1" (assuming idempotency)?
If yes, does that mean Temporal is trying to influence 2 (arguably huge) scenarios:
- simplify failure management pattern (reduce code/implementation branching depth on left or right)
- simplify developer lives by letting them not worry about simple enough things
Those are big things, but, maybe someday we will get:
- detect an underlying reason for a certain observation (e.g. exception due to socket close) and deal in some standard way

@@avineshwar yes and yes. For the last, you can certainly handle in code different errors in different ways, and can do so across all Activities and Workflows. It would be nice someday to have some automated ML-based error handling, and a system like Temporal is a necessary base for that, since we not only have information on all failures, but are also the orchestrator deciding what to do next.

@@loren-sr I see (when I think about "fast af" operations and AI, seems like apple/oranges by today's standard). Thanks. All good information.

Temporal doesn’t have a visual flow charter like camunda. Correct?

Routing slip can definitely work for the provided example. I'll prefer coupling it with a state machine for complex scenarios though

As in choreography?

I just use PowerPoint, nothing special. In terms of how I make them, specifically for a video, I've been thinking about making a video about that

You bet

Well the key is you don't/shouldn't need to respond to the client instantly. The simplest example is placing an order. You don't need the entire workflow to succeed/fail to respond to the client. You accept the request to place the order, you do so and return to the client. The payment processing and everything else involved can be async/out of process. If the payment service is unavailable or the payment fails, you'd email the customer to notify them. I talk about this a bit more in this video: czcams.com/video/wEUTMuRSZT0/video.html

What you're referring to is more event choreography where you don't have centralized orchestrator, but each boundary is consuming events and publishing events. Check out: czcams.com/video/TA12e2ZJcGg/video.html

responding service doesn’t care about the commanding service (or any other) in your scenario above - responding service simply lands a response event in the broker.
commanding service emits messages without knowing the who and the how regarding response events.
if a specific event handler is missing from the commanding service how has it been released while falling short of the Definition of Done? 👈
Even if you rely on a list of supported events in the commanding service’s configuration and hand roll verification to ensure supporting handlers are available/registered, such configuration needs to be kept up-to-date.
easiest strategy is good testing practices 😋

It fits more on top of messaging infrastructure. There can be state involved which is needed if you want to keep track of which events have occurred or something in their contents to then send a command. If state is involved, you'll likely use a library to handle this. The alternative is event choreography, which I will cover independently in a separate video.

@Petar Vucetin aka "Routing Slip"-pattern. My first goto when flow is linear, especially if team/codebase has no existing orchestration (it's not only "stateless", it's also dead simple).

One option is the outbox pattern: czcams.com/video/u8fOnxAxKHk/video.html

Temporal's Node/TypeScript SDK is pretty stable, and hitting v1 soon (which won't have any major breaking changes).

@@loren-sr Thanks a lot.

Good question! It's core infrastructure, no different than a database. What do you do to prevent your database from being a single point if failure? Generally, a cluster for high availability and also use the outbox pattern: czcams.com/video/u8fOnxAxKHk/video.html

Not entirely sure what you mean by of "in the broker". Ultimately you're using a broker in a more of a "hub and spoke" way to broker messages between services. How you interact and handle those messages will be something you need to write in code. Can't say I'm a fan of using anything that's based more on markup/metadata like json to define the workflow.

Mt 2 cents:
In this example, probably the _business_ of 'ordering' depends on (business) capacities of payment and warehouse. If your business had a "sales", maybe _that_ would talk to payment. Business workflows belongs to some business context, and is bound to change with the way business works. That's also why you don't want the flow-logic (orchestration) in some generic component.

@@CodeOpinion Yes, we use the broker as a "hub and spoke" for messages. Except for the invocation of the workflow at 6:15, there the client directly invokes the workflow at a service and doesn't follow the route via the broker. My question is why not use the broker here? Would it make sense to also relay this first message/call that invokes the workflow via the broker?

It depends on what the workflow is and if the client is "aware" of what's actually happening. In the case of an Order, you simply tell them the order was placed initially. If there is an issue with their credit card or payment, you can email them etc. It really depends on the exact use case. Long running process means it can take milliseconds or it can take days or weeks even. It all depends on what the workflow is. Check out the video I did on using WebSockets as a means to push down to the client. czcams.com/video/Tu1GEIhkIqU/video.html

@@CodeOpinion I’ll definitely check out the video. Thank you!

This is orchestration as there is something controlling the workflow. I'm using a combination of sending commands and consuming events (or replies) in the orchestration. Choreography would be each service consuming events and publish events without any central knowledge of the workflow.

​@@CodeOpinion I have the same question for the video. because I was assuming there would be a master process with central knowledge of the workflow which would use that knowledge to pick up events from the MQ, convert those events to specific commands and then put it back to the MQ. so the chain would goes like
service A -> Event -> MQ -> Orchestrator -> Command -> MQ -> service B.

@@chengchen9032 Exactly. There's different tools/libraries/frameworks that can help you orchestrate. In a bunch of my videos I use NServiceBus which is a .NET Library, but you can also use other tooling such as Termporal (temporal.io) that has SDKs for bunch of languages/platforms.

I got it, ordering service (the one with the workflow label) owning the workflow and orchestrates it. I assume, If there is any failure, the same flow expected to issue compensation for all the involved parties.

Correct

Yes as well as other tools like Temporal or messaging libraries that provide a stateful saga.

That's what I was thinking as well. I guess it depends on how the asynchronous communication is done between the parts. What happens if something is not available? Will it be picked up once it is back or will it fail immediately?

Ya good suggestion.

There’s a great video on this topic from Mauro Servienti czcams.com/video/hev65ozmYPI/video.html

I'd say more often then not it's async because of resilience and failures. Check out czcams.com/video/LMKVzguhFw4/video.html

You generally have a timeout and retry limits set as parameters when starting your workflow or calling your next activity.
In Cadence, the cadence service (broker) ensures to follow up on the pending workflow. Even if the codebase changes, you can replay the workflow in its entirety

Meaning something like gRPC's non-blocking async? It's still service to service direct calls. If you call a service and it's unavailable, or you call a service async non-blocking, and your own service fails and doesn't get the reply. Adding messaging that's durable in the mix removes services needing to be online.

More like rest api call on separate thread. I was thinking about something like an outbox pattern; but instead of messaging event to the queue, use rest api call on separate thread. With this approach, other services doesn’t have to be online.

Yes to a degree. The problem with service to service is if you do it, it can become viral. A calls B that calls C that calls D. At some point that becomes unreliable. Rather deliver a message to a broker and then you're done. I have a video coming out in a few weeks that illustrates where I think rpc and service to service is viable.

Thanks for the reply. I’ll think about how separate thread rest api call can(or cannot) work in the situation you mentioned. I was wondering about this because my company’s going the separate thread route. Having watched your videos, it felt awkward, but as a clueless junior couldn’t make an argument against it. Thanks again for the great video as always

My application currently works exactly as you described. 1 api asynchronously awaits for another apis response and then once received continues the rest of its own execution. However this is called temporal coupling and must be avoided. Your 1st api cannot proceed with the success flow or error flow until it receives a response and throws an exception if it times out. So it’s not exactly an asynchronous execution if it’s waiting for something to finish. Hence this complex event driven architecture is favorable because not only can you control the execution flow but also you can pick up where you left off in case if the consumer of a message is unavailable momentarily and then comes back alive after a short period or something.

Use an outbox: czcams.com/video/u8fOnxAxKHk/video.html

Generally the logic is around consuming events and sending commands. Generally no I/O or db access. If the service owning the orchestration is down, then yes it won't execute until it's back up

My definition of a service is "the authority of a set of business capabilities." They could be a combination of HTTP APIs as well as separate processes that are consuming messages off a queue/broker. A lot of your questions I actually cover in a ton of videos. You're about to go down a rabbit hole :) Here are some that might be helpful.
re: scaling message processing - czcams.com/video/xv6Ljbq6me8/video.html
re: communicating to client from background processing: czcams.com/video/Tu1GEIhkIqU/video.html

Messaging is a broad topic. I've got videos at many that focus specifically on various aspects, one of them being idempotence.

It depends on the orchestrator's implementation. It can be separate, or each of the services can own its own orchestration and execute its own operations and compensations.