Workflow Orchestration Patterns

1---2name: workflow-orchestration-patterns3description: Design durable workflows with Temporal for distributed systems. Covers workflow vs activity separation, saga patterns, state management, and determinism constraints. Use when building long-running processes, distributed transactions, or microservice orchestration.4---5 6# Workflow Orchestration Patterns7 8Master workflow orchestration architecture with Temporal, covering fundamental design decisions, resilience patterns, and best practices for building reliable distributed systems.9 10## When to Use Workflow Orchestration11 12### Ideal Use Cases (Source: docs.temporal.io)13 14- **Multi-step processes** spanning machines/services/databases15- **Distributed transactions** requiring all-or-nothing semantics16- **Long-running workflows** (hours to years) with automatic state persistence17- **Failure recovery** that must resume from last successful step18- **Business processes**: bookings, orders, campaigns, approvals19- **Entity lifecycle management**: inventory tracking, account management, cart workflows20- **Infrastructure automation**: CI/CD pipelines, provisioning, deployments21- **Human-in-the-loop** systems requiring timeouts and escalations22 23### When NOT to Use24 25- Simple CRUD operations (use direct API calls)26- Pure data processing pipelines (use Airflow, batch processing)27- Stateless request/response (use standard APIs)28- Real-time streaming (use Kafka, event processors)29 30## Critical Design Decision: Workflows vs Activities31 32**The Fundamental Rule** (Source: temporal.io/blog/workflow-engine-principles):33 34- **Workflows** = Orchestration logic and decision-making35- **Activities** = External interactions (APIs, databases, network calls)36 37### Workflows (Orchestration)38 39**Characteristics:**40 41- Contain business logic and coordination42- **MUST be deterministic** (same inputs → same outputs)43- **Cannot** perform direct external calls44- State automatically preserved across failures45- Can run for years despite infrastructure failures46 47**Example workflow tasks:**48 49- Decide which steps to execute50- Handle compensation logic51- Manage timeouts and retries52- Coordinate child workflows53 54### Activities (External Interactions)55 56**Characteristics:**57 58- Handle all external system interactions59- Can be non-deterministic (API calls, DB writes)60- Include built-in timeouts and retry logic61- **Must be idempotent** (calling N times = calling once)62- Short-lived (seconds to minutes typically)63 64**Example activity tasks:**65 66- Call payment gateway API67- Write to database68- Send emails or notifications69- Query external services70 71### Design Decision Framework72 73```74Does it touch external systems? → Activity75Is it orchestration/decision logic? → Workflow76```77 78## Core Workflow Patterns79 80### 1. Saga Pattern with Compensation81 82**Purpose**: Implement distributed transactions with rollback capability83 84**Pattern** (Source: temporal.io/blog/compensating-actions-part-of-a-complete-breakfast-with-sagas):85 86```87For each step:88  1. Register compensation BEFORE executing89  2. Execute the step (via activity)90  3. On failure, run all compensations in reverse order (LIFO)91```92 93**Example: Payment Workflow**94 951. Reserve inventory (compensation: release inventory)962. Charge payment (compensation: refund payment)973. Fulfill order (compensation: cancel fulfillment)98 99**Critical Requirements:**100 101- Compensations must be idempotent102- Register compensation BEFORE executing step103- Run compensations in reverse order104- Handle partial failures gracefully105 106### 2. Entity Workflows (Actor Model)107 108**Purpose**: Long-lived workflow representing single entity instance109 110**Pattern** (Source: docs.temporal.io/evaluate/use-cases-design-patterns):111 112- One workflow execution = one entity (cart, account, inventory item)113- Workflow persists for entity lifetime114- Receives signals for state changes115- Supports queries for current state116 117**Example Use Cases:**118 119- Shopping cart (add items, checkout, expiration)120- Bank account (deposits, withdrawals, balance checks)121- Product inventory (stock updates, reservations)122 123**Benefits:**124 125- Encapsulates entity behavior126- Guarantees consistency per entity127- Natural event sourcing128 129### 3. Fan-Out/Fan-In (Parallel Execution)130 131**Purpose**: Execute multiple tasks in parallel, aggregate results132 133**Pattern:**134 135- Spawn child workflows or parallel activities136- Wait for all to complete137- Aggregate results138- Handle partial failures139 140**Scaling Rule** (Source: temporal.io/blog/workflow-engine-principles):141 142- Don't scale individual workflows143- For 1M tasks: spawn 1K child workflows × 1K tasks each144- Keep each workflow bounded145 146### 4. Async Callback Pattern147 148**Purpose**: Wait for external event or human approval149 150**Pattern:**151 152- Workflow sends request and waits for signal153- External system processes asynchronously154- Sends signal to resume workflow155- Workflow continues with response156 157**Use Cases:**158 159- Human approval workflows160- Webhook callbacks161- Long-running external processes162 163## State Management and Determinism164 165### Automatic State Preservation166 167**How Temporal Works** (Source: docs.temporal.io/workflows):168 169- Complete program state preserved automatically170- Event History records every command and event171- Seamless recovery from crashes172- Applications restore pre-failure state173 174### Determinism Constraints175 176**Workflows Execute as State Machines**:177 178- Replay behavior must be consistent179- Same inputs → identical outputs every time180 181**Prohibited in Workflows** (Source: docs.temporal.io/workflows):182 183- ❌ Threading, locks, synchronization primitives184- ❌ Random number generation (`random()`)185- ❌ Global state or static variables186- ❌ System time (`datetime.now()`)187- ❌ Direct file I/O or network calls188- ❌ Non-deterministic libraries189 190**Allowed in Workflows**:191 192- ✅ `workflow.now()` (deterministic time)193- ✅ `workflow.random()` (deterministic random)194- ✅ Pure functions and calculations195- ✅ Calling activities (non-deterministic operations)196 197### Versioning Strategies198 199**Challenge**: Changing workflow code while old executions still running200 201**Solutions**:202 2031. **Versioning API**: Use `workflow.get_version()` for safe changes2042. **New Workflow Type**: Create new workflow, route new executions to it2053. **Backward Compatibility**: Ensure old events replay correctly206 207## Resilience and Error Handling208 209### Retry Policies210 211**Default Behavior**: Temporal retries activities forever212 213**Configure Retry**:214 215- Initial retry interval216- Backoff coefficient (exponential backoff)217- Maximum interval (cap retry delay)218- Maximum attempts (eventually fail)219 220**Non-Retryable Errors**:221 222- Invalid input (validation failures)223- Business rule violations224- Permanent failures (resource not found)225 226### Idempotency Requirements227 228**Why Critical** (Source: docs.temporal.io/activities):229 230- Activities may execute multiple times231- Network failures trigger retries232- Duplicate execution must be safe233 234**Implementation Strategies**:235 236- Idempotency keys (deduplication)237- Check-then-act with unique constraints238- Upsert operations instead of insert239- Track processed request IDs240 241### Activity Heartbeats242 243**Purpose**: Detect stalled long-running activities244 245**Pattern**:246 247- Activity sends periodic heartbeat248- Includes progress information249- Timeout if no heartbeat received250- Enables progress-based retry251 252## Best Practices253 254### Workflow Design255 2561. **Keep workflows focused** - Single responsibility per workflow2572. **Small workflows** - Use child workflows for scalability2583. **Clear boundaries** - Workflow orchestrates, activities execute2594. **Test locally** - Use time-skipping test environment260 261### Activity Design262 2631. **Idempotent operations** - Safe to retry2642. **Short-lived** - Seconds to minutes, not hours2653. **Timeout configuration** - Always set timeouts2664. **Heartbeat for long tasks** - Report progress2675. **Error handling** - Distinguish retryable vs non-retryable268 269### Common Pitfalls270 271**Workflow Violations**:272 273- Using `datetime.now()` instead of `workflow.now()`274- Threading or async operations in workflow code275- Calling external APIs directly from workflow276- Non-deterministic logic in workflows277 278**Activity Mistakes**:279 280- Non-idempotent operations (can't handle retries)281- Missing timeouts (activities run forever)282- No error classification (retry validation errors)283- Ignoring payload limits (2MB per argument)284 285### Operational Considerations286 287**Monitoring**:288 289- Workflow execution duration290- Activity failure rates291- Retry attempts and backoff292- Pending workflow counts293 294**Scalability**:295 296- Horizontal scaling with workers297- Task queue partitioning298- Child workflow decomposition299- Activity batching when appropriate300 301## Additional Resources302 303**Official Documentation**:304 305- Temporal Core Concepts: docs.temporal.io/workflows306- Workflow Patterns: docs.temporal.io/evaluate/use-cases-design-patterns307- Best Practices: docs.temporal.io/develop/best-practices308- Saga Pattern: temporal.io/blog/saga-pattern-made-easy309 310**Key Principles**:311 3121. Workflows = orchestration, Activities = external calls3132. Determinism is non-negotiable for workflows3143. Idempotency is critical for activities3154. State preservation is automatic3165. Design for failure and recovery