In Case of Emergency, Do Not Break
Feature flagging systems can either fail safe or fail broken when they go down. In a fail-safe system, no updates are made and everything continues to operate as usual, with users seeing no changes after the system comes back up. This is possible because flag states are set and maintained on the client side. In a fail-broken system, user experience may be affected by failed calls, timeouts, or error messages. While there are reasons to use a fail-broken system, most applications benefit from failing safe. Testing failure states is crucial for ensuring an application's expected behavior during unknown-unknown failure scenarios.
Company
LaunchDarkly
Date published
Oct. 10, 2018
Author(s)
Heidi Waterhouse
Word count
366
Language
English
Hacker News points
None found.