Reliable Actors with Retry Orchestration

Enterprise cloud developers have to build applications that are resilient to failures and interruptions. We advocate for, formalize, implement, and evaluate a simple, albeit effective, fault-tolerant programming model for the cloud based on actors, reliable message delivery, and retry orchestration. Our model simultaneously guarantees that (1) failed actor invocations are retried until success and (2) that a strict happens before relationship is preserved across failures within each distributed chain of invocations and retries. These guarantees make it possible to productively develop fault-tolerant distributed applications leveraging cloud services, ranging from classic problems of concurrency theory to enterprise applications. Built as a service mesh, our runtime can compose application components written in any programming language and scale with the application. We measure overhead relative to reliable message queues. Using an application inspired by a typical enterprise scenario, we assess fault tolerance and the impact of fault recovery on performance.