Eclipse MicroProfile Fault Tolerance 1.0

Primary tabs


MicroProfile Fault Tolerance spec

This specification defines a programming model for building resilient microservices. 

As you know, it is increasingly important to build fault tolerant microservices. Fault tolerance is about leveraging different strategies to guide the execution and result of some logic. Retry policies, bulkheads, and circuit breakers are popular concepts in this area. They dictate whether and when executions should take place, and fallbacks offer an alternative result when an execution does not complete successfully.


This specifications defines the follwoing aspects: 

  • Timeout: Define a duration for timeout

  • RetryPolicy: Define a criteria on when to retry

  • Fallback: provide an alternative solution for a failed execution.

  • CircuitBreaker: offer a way of fail fast by automatically failing execution to prevent the system overloading and indefinite wait or timeout by the clients.

  • Bulkhead: isolate failures in part of the system while the rest part of the system can still function.

This specification defines the following annotations (Retry, Fallback, CircuitBreaker, Bulkhead, Timeout, Asynchronous) so that microservice developers can just add annotation to the business logic without the need to understand the implementation details. This programming model is very flexible as all policies except Fallback can be switched off. This flexibility makes this specification very attrictive as microservices using this programming model can function anywhere including the service mesh architecture e.g. Istio. It will not conflict with any infrastructure fault tolerance policies because it is can be easily switched off.