technology 2017

Designing Data-Intensive Applications

by Martin Kleppmann
A comprehensive guide to the principles and trade-offs of modern data systems, exploring how to build scalable, reliable, and maintainable applications using a variety of storage and processing technologies.
distributed systems databases architecture data engineering

One-sentence summary: A comprehensive guide to the principles and trade-offs of modern data systems, exploring how to build scalable, reliable, and maintainable applications using a variety of storage and processing technologies.

Key Ideas

1. The Reliability, Scalability, and Maintainability Framework

Martin Kleppmann begins by defining the three fundamental pillars of high-quality data systems. Reliability means the system continues to work correctly even when things go wrong (hardware faults, software errors, or human error). This involves building fault-tolerant systems that can handle "faults" without them becoming "failures." Scalability is the system's ability to cope with increased load (e.g., more users, more data, or more complex queries). Scalability is not a one-dimensional "on/off" switch but a set of strategies for dealing with specific growth vectors, often involving the analysis of response times, throughput, and resource utilization.

Maintainability is perhaps the most important but often overlooked pillar. It describes how easy it is for people to work on the system over time. This includes operability (making it easy for operations teams to keep the system running), lucidity (managing complexity so that new engineers can understand the system), and extensibility (making it easy to adapt the system to new requirements). Kleppmann argues that most of the cost of software is not in its initial development but in its ongoing maintenance, so designing for maintainability is a critical long-term investment.

Practical application: When designing a new service, explicitly define your "load parameters" (e.g., requests per second, ratio of reads to writes) and "service level objectives" (e.g., 99th percentile response time). Use these to guide your architectural choices rather than just picking the "fastest" database.

2. Data Models and Query Languages: Matching Tools to Tasks

The book explores the evolution of data models, from the dominant relational model (SQL) to various NoSQL alternatives (document, graph, and key-value stores). Kleppmann emphasizes that no single data model is superior in all cases; instead, the choice depends on the structure of your data and how you need to access it. Relational models excel at many-to-one and many-to-many relationships, while document models are often a better fit for data that has a "self-contained" structure with few relationships to other entities.

Graph models, such as Neo4j, are specifically designed for highly interconnected data where relationships are as important as the data itself (e.g., social networks or fraud detection). The choice of data model also dictates the query language. Declarative languages like SQL allow the database engine to optimize queries, whereas imperative languages give the programmer more control but require more manual optimization. Kleppmann argues that understanding the underlying data model is more important than learning the syntax of a specific database.

Practical application: Don't default to a relational database just because it's familiar. If your data is mostly hierarchical and accessed as a single unit, a document store might simplify your code. If your data is a complex web of relationships, consider a graph database to avoid expensive "JOIN" operations.

3. Storage and Retrieval: How Databases Work Under the Hood

To build data-intensive applications, you must understand how databases store and retrieve data. Kleppmann explains the two main types of storage engines: Log-Structured Merge-Trees (LSM-Trees) and B-Trees. LSM-Trees (used in Cassandra and HBase) are optimized for high-write throughput by treating the database as an append-only log and then periodically merging and compacting data. B-Trees (used in most relational databases) are optimized for read performance by organizing data into fixed-size pages.

The book also covers indexing strategies, such as hash indexes, SSTables, and Bloom filters. These data structures are essential for speeding up lookups but come with their own trade-offs in terms of write overhead and memory usage. Additionally, Kleppmann discusses the difference between row-oriented storage (optimized for OLTP—Online Transaction Processing) and column-oriented storage (optimized for OLAP—Online Analytical Processing). Columnar storage is particularly effective for analytical queries that only need to access a few columns across millions of rows.

Practical application: If your application is write-heavy (e.g., logging or telemetry), look for a database that uses an LSM-Tree storage engine. If you are building a data warehouse for analytics, choose a column-oriented storage engine to significantly speed up your reports.

4. Encoding and Evolution: Managing Change over Time

As applications evolve, their data schemas inevitably change. Kleppmann discusses various ways of encoding data for storage and transmission, including JSON, XML, and binary formats like Protocol Buffers, Thrift, and Avro. The key challenge is maintaining backward and forward compatibility: ensuring that newer code can read data written by older code, and vice versa. This is crucial for rolling updates, where different versions of a service may be running simultaneously.

Binary encoding formats are generally more efficient than text-based formats and often provide built-in support for schema evolution. For example, Avro uses a schema to encode and decode data, allowing you to add or remove fields without breaking existing consumers, provided certain rules are followed. Kleppmann also touches on the "data outlives code" principle: data in a database might be years old, while the code that reads it is updated every day, making long-term compatibility a primary concern.

Practical application: Use a binary encoding format like Avro or Protobuf for internal service communication and long-term data storage. This provides better performance and more robust schema evolution compared to JSON, especially in a microservices environment.

5. Replication and Partitioning: Scaling to Many Machines

To handle more data or more traffic than a single machine can manage, you must distribute your data across multiple machines. Kleppmann explains the two main techniques for this: replication and partitioning (sharding). Replication involves keeping a copy of the same data on multiple nodes to improve reliability and read performance. He discusses different replication topologies, such as leader-based (single-leader), multi-leader, and leaderless (Quorum-based), each with different trade-offs regarding consistency and availability.

Partitioning involves breaking a large dataset into smaller pieces (partitions) and distributing them across different nodes. This allows a single machine to handle only a portion of the total load. The challenge is deciding how to partition the data (e.g., by key range or by hash of the key) to avoid "hotspots"—nodes that receive a disproportionate amount of traffic. Kleppmann also covers the complexities of rebalancing partitions as the cluster grows or as nodes fail.

Practical application: If your application needs high availability across geographical regions, consider a multi-leader or leaderless replication strategy. If you have a massive dataset that exceeds the storage of a single node, use hash-based partitioning to distribute the load evenly across a cluster.

6. Transactions and Distributed Consistency: The Search for Truth

Transactions are a fundamental abstraction for simplifying error handling in databases. The book explains the ACID properties (Atomicity, Consistency, Isolation, Durability) and the various isolation levels, such as Read Committed, Snapshot Isolation, and Serializability. Kleppmann clarifies that many "ACID" databases don't actually provide full serializability by default, which can lead to subtle race conditions like "write skew."

In a distributed environment, transactions become even more complex. The book explores the CAP theorem (Consistency, Availability, and Partition Tolerance) and the trade-offs between "linearizability" (making the system behave as if there were only one copy of the data) and "eventual consistency." Kleppmann also discusses consensus algorithms like Paxos and Raft, which are used to help a group of nodes agree on a single value, such as who the current leader is or which transactions have been committed.

Practical application: Understand the isolation level provided by your database. If your application relies on complex multi-row updates, you may need to explicitly use "SELECT FOR UPDATE" or higher isolation levels to prevent data corruption. Be aware that seeking "perfect" consistency in a distributed system often comes at the cost of performance and availability.

7. The Future of Data Systems: Batch and Stream Processing

The final section of the book looks beyond traditional databases to batch and stream processing. Batch processing (e.g., MapReduce, Spark) involves running a computation over a large, fixed dataset to produce a result. It is highly efficient for large-scale analysis but has high latency. Stream processing (e.g., Kafka, Flink) involves processing data as it arrives, providing much lower latency for real-time applications.

Kleppmann introduces the concept of "derived data"—data that is transformed from one form to another (e.g., a search index or a cache created from a primary database). He argues that modern systems are increasingly built as a pipeline of data moving through different storage and processing engines. This approach, often called "Kappa" or "Lambda" architecture, treats the "log" as the source of truth and uses stream processing to keep derived views up to date.

Practical application: Instead of trying to make one database do everything, use a "polyglot persistence" approach. Use a primary database for your source of truth, and then use a stream processor to feed that data into a specialized search engine (like Elasticsearch) or a cache (like Redis) for faster access.

Frameworks and Models

The Data Systems Trade-off Matrix

A mental model for evaluating any data technology based on its core design choices.

Feature Option A Option B Trade-off
Consistency Linearizability (Strong) Eventual Consistency (Weak) Performance vs. Correctness
Storage Engine B-Tree (Read-optimized) LSM-Tree (Write-optimized) Read latency vs. Write throughput
Encoding Text (JSON/XML) Binary (Avro/Protobuf) Human-readability vs. Efficiency
Replication Leader-based Leaderless (Quorum) Simplicity vs. Fault-tolerance
Processing Batch (High throughput) Stream (Low latency) Freshness of data vs. Efficiency

CAP Theorem Visualization

While often misunderstood, CAP remains a useful starting point for distributed systems design.

The Evolution of Distributed Consensus

A hierarchy of how systems reach agreement.

  1. Quorums (Basic): Use a majority of nodes for reads and writes (R + W > N).
  2. Atomic Commit (Intermediate): Ensure all nodes either commit or abort (e.g., Two-Phase Commit).
  3. Consensus Algorithms (Advanced): Maintain a replicated state machine (e.g., Raft, Paxos).

Key Quotes

"Data is the most important part of most applications. But how it's handled is often an afterthought." — Martin Kleppmann

"Abstraction is the only way we can manage the complexity of modern software. But abstractions always leak." — Martin Kleppmann

"In a distributed system, there is no such thing as a global clock. You can only talk about the relative ordering of events." — Martin Kleppmann

"Eventual consistency is a very weak guarantee—it says that if you stop writing to the database and wait for an undefined period of time, then eventually all read requests will return the same value." — Martin Kleppmann

Connections with Other Books

When to Use This Knowledge

Raw Markdown 
# Designing Data-Intensive Applications

> **One-sentence summary:** A comprehensive guide to the principles and trade-offs of modern data systems, exploring how to build scalable, reliable, and maintainable applications using a variety of storage and processing technologies.

## Key Ideas

### 1. The Reliability, Scalability, and Maintainability Framework
Martin Kleppmann begins by defining the three fundamental pillars of high-quality data systems. **Reliability** means the system continues to work correctly even when things go wrong (hardware faults, software errors, or human error). This involves building fault-tolerant systems that can handle "faults" without them becoming "failures." **Scalability** is the system's ability to cope with increased load (e.g., more users, more data, or more complex queries). Scalability is not a one-dimensional "on/off" switch but a set of strategies for dealing with specific growth vectors, often involving the analysis of response times, throughput, and resource utilization.

**Maintainability** is perhaps the most important but often overlooked pillar. It describes how easy it is for people to work on the system over time. This includes operability (making it easy for operations teams to keep the system running), lucidity (managing complexity so that new engineers can understand the system), and extensibility (making it easy to adapt the system to new requirements). Kleppmann argues that most of the cost of software is not in its initial development but in its ongoing maintenance, so designing for maintainability is a critical long-term investment.

**Practical application:** When designing a new service, explicitly define your "load parameters" (e.g., requests per second, ratio of reads to writes) and "service level objectives" (e.g., 99th percentile response time). Use these to guide your architectural choices rather than just picking the "fastest" database.

### 2. Data Models and Query Languages: Matching Tools to Tasks
The book explores the evolution of data models, from the dominant relational model (SQL) to various NoSQL alternatives (document, graph, and key-value stores). Kleppmann emphasizes that no single data model is superior in all cases; instead, the choice depends on the structure of your data and how you need to access it. Relational models excel at many-to-one and many-to-many relationships, while document models are often a better fit for data that has a "self-contained" structure with few relationships to other entities.

Graph models, such as Neo4j, are specifically designed for highly interconnected data where relationships are as important as the data itself (e.g., social networks or fraud detection). The choice of data model also dictates the query language. Declarative languages like SQL allow the database engine to optimize queries, whereas imperative languages give the programmer more control but require more manual optimization. Kleppmann argues that understanding the underlying data model is more important than learning the syntax of a specific database.

**Practical application:** Don't default to a relational database just because it's familiar. If your data is mostly hierarchical and accessed as a single unit, a document store might simplify your code. If your data is a complex web of relationships, consider a graph database to avoid expensive "JOIN" operations.

### 3. Storage and Retrieval: How Databases Work Under the Hood
To build data-intensive applications, you must understand how databases store and retrieve data. Kleppmann explains the two main types of storage engines: Log-Structured Merge-Trees (LSM-Trees) and B-Trees. LSM-Trees (used in Cassandra and HBase) are optimized for high-write throughput by treating the database as an append-only log and then periodically merging and compacting data. B-Trees (used in most relational databases) are optimized for read performance by organizing data into fixed-size pages.

The book also covers indexing strategies, such as hash indexes, SSTables, and Bloom filters. These data structures are essential for speeding up lookups but come with their own trade-offs in terms of write overhead and memory usage. Additionally, Kleppmann discusses the difference between row-oriented storage (optimized for OLTP—Online Transaction Processing) and column-oriented storage (optimized for OLAP—Online Analytical Processing). Columnar storage is particularly effective for analytical queries that only need to access a few columns across millions of rows.

**Practical application:** If your application is write-heavy (e.g., logging or telemetry), look for a database that uses an LSM-Tree storage engine. If you are building a data warehouse for analytics, choose a column-oriented storage engine to significantly speed up your reports.

### 4. Encoding and Evolution: Managing Change over Time
As applications evolve, their data schemas inevitably change. Kleppmann discusses various ways of encoding data for storage and transmission, including JSON, XML, and binary formats like Protocol Buffers, Thrift, and Avro. The key challenge is maintaining backward and forward compatibility: ensuring that newer code can read data written by older code, and vice versa. This is crucial for rolling updates, where different versions of a service may be running simultaneously.

Binary encoding formats are generally more efficient than text-based formats and often provide built-in support for schema evolution. For example, Avro uses a schema to encode and decode data, allowing you to add or remove fields without breaking existing consumers, provided certain rules are followed. Kleppmann also touches on the "data outlives code" principle: data in a database might be years old, while the code that reads it is updated every day, making long-term compatibility a primary concern.

**Practical application:** Use a binary encoding format like Avro or Protobuf for internal service communication and long-term data storage. This provides better performance and more robust schema evolution compared to JSON, especially in a microservices environment.

### 5. Replication and Partitioning: Scaling to Many Machines
To handle more data or more traffic than a single machine can manage, you must distribute your data across multiple machines. Kleppmann explains the two main techniques for this: replication and partitioning (sharding). Replication involves keeping a copy of the same data on multiple nodes to improve reliability and read performance. He discusses different replication topologies, such as leader-based (single-leader), multi-leader, and leaderless (Quorum-based), each with different trade-offs regarding consistency and availability.

Partitioning involves breaking a large dataset into smaller pieces (partitions) and distributing them across different nodes. This allows a single machine to handle only a portion of the total load. The challenge is deciding how to partition the data (e.g., by key range or by hash of the key) to avoid "hotspots"—nodes that receive a disproportionate amount of traffic. Kleppmann also covers the complexities of rebalancing partitions as the cluster grows or as nodes fail.

**Practical application:** If your application needs high availability across geographical regions, consider a multi-leader or leaderless replication strategy. If you have a massive dataset that exceeds the storage of a single node, use hash-based partitioning to distribute the load evenly across a cluster.

### 6. Transactions and Distributed Consistency: The Search for Truth
Transactions are a fundamental abstraction for simplifying error handling in databases. The book explains the ACID properties (Atomicity, Consistency, Isolation, Durability) and the various isolation levels, such as Read Committed, Snapshot Isolation, and Serializability. Kleppmann clarifies that many "ACID" databases don't actually provide full serializability by default, which can lead to subtle race conditions like "write skew."

In a distributed environment, transactions become even more complex. The book explores the CAP theorem (Consistency, Availability, and Partition Tolerance) and the trade-offs between "linearizability" (making the system behave as if there were only one copy of the data) and "eventual consistency." Kleppmann also discusses consensus algorithms like Paxos and Raft, which are used to help a group of nodes agree on a single value, such as who the current leader is or which transactions have been committed.

**Practical application:** Understand the isolation level provided by your database. If your application relies on complex multi-row updates, you may need to explicitly use "SELECT FOR UPDATE" or higher isolation levels to prevent data corruption. Be aware that seeking "perfect" consistency in a distributed system often comes at the cost of performance and availability.

### 7. The Future of Data Systems: Batch and Stream Processing
The final section of the book looks beyond traditional databases to batch and stream processing. Batch processing (e.g., MapReduce, Spark) involves running a computation over a large, fixed dataset to produce a result. It is highly efficient for large-scale analysis but has high latency. Stream processing (e.g., Kafka, Flink) involves processing data as it arrives, providing much lower latency for real-time applications.

Kleppmann introduces the concept of "derived data"—data that is transformed from one form to another (e.g., a search index or a cache created from a primary database). He argues that modern systems are increasingly built as a pipeline of data moving through different storage and processing engines. This approach, often called "Kappa" or "Lambda" architecture, treats the "log" as the source of truth and uses stream processing to keep derived views up to date.

**Practical application:** Instead of trying to make one database do everything, use a "polyglot persistence" approach. Use a primary database for your source of truth, and then use a stream processor to feed that data into a specialized search engine (like Elasticsearch) or a cache (like Redis) for faster access.

## Frameworks and Models

### The Data Systems Trade-off Matrix
A mental model for evaluating any data technology based on its core design choices.

| Feature | Option A | Option B | Trade-off |
|---------|----------|----------|-----------|
| **Consistency** | Linearizability (Strong) | Eventual Consistency (Weak) | Performance vs. Correctness |
| **Storage Engine** | B-Tree (Read-optimized) | LSM-Tree (Write-optimized) | Read latency vs. Write throughput |
| **Encoding** | Text (JSON/XML) | Binary (Avro/Protobuf) | Human-readability vs. Efficiency |
| **Replication** | Leader-based | Leaderless (Quorum) | Simplicity vs. Fault-tolerance |
| **Processing** | Batch (High throughput) | Stream (Low latency) | Freshness of data vs. Efficiency |

### CAP Theorem Visualization
While often misunderstood, CAP remains a useful starting point for distributed systems design.

- **Consistency (C):** Every read receives the most recent write or an error.
- **Availability (A):** Every request receives a (non-error) response, without the guarantee that it contains the most recent write.
- **Partition Tolerance (P):** The system continues to operate despite an arbitrary number of messages being dropped by the network between nodes.
- **The Reality:** In a distributed system, network partitions (P) are inevitable, so you must choose between Consistency (CP) and Availability (AP) during a partition.

### The Evolution of Distributed Consensus
A hierarchy of how systems reach agreement.

1. **Quorums (Basic):** Use a majority of nodes for reads and writes (R + W > N).
2. **Atomic Commit (Intermediate):** Ensure all nodes either commit or abort (e.g., Two-Phase Commit).
3. **Consensus Algorithms (Advanced):** Maintain a replicated state machine (e.g., Raft, Paxos).

## Key Quotes

> "Data is the most important part of most applications. But how it's handled is often an afterthought." — Martin Kleppmann

> "Abstraction is the only way we can manage the complexity of modern software. But abstractions always leak." — Martin Kleppmann

> "In a distributed system, there is no such thing as a global clock. You can only talk about the relative ordering of events." — Martin Kleppmann

> "Eventual consistency is a very weak guarantee—it says that if you stop writing to the database and wait for an undefined period of time, then eventually all read requests will return the same value." — Martin Kleppmann

## Connections with Other Books

- [[clean-architecture]]: While Robert C. Martin focuses on the structure of the *code*, Kleppmann focuses on the structure of the *data*. Both argue that "the database is a detail" that should be decoupled from the core business logic, but Kleppmann provides the technical depth to understand *why* those details matter.
- [[antifragile]]: Kleppmann’s focus on reliability and fault tolerance in distributed systems is a practical implementation of Taleb’s "antifragility." A well-designed distributed system is one that can withstand (and even learn from) individual node failures.
- [[the-mythical-man-month]]: Brooks discusses the human side of complex systems; Kleppmann discusses the technical side. Both agree that "accidental complexity" (complexity caused by our choice of tools or processes) is the greatest threat to a project's success.
- [[working-effectively-with-legacy-code]]: Kleppmann’s discussion of schema evolution and data encoding is essential for anyone working with legacy data systems that must be modernized without breaking existing functionality.
- [[design-patterns]]: Just as Gamma et al. provided a vocabulary for object-oriented design, Kleppmann provides a vocabulary for distributed systems design (e.g., SSTables, Quorums, Linearizability).

## When to Use This Knowledge

- When you are **choosing a database** for a new project and need to understand the trade-offs between different models.
- When you are **scaling an application** and need to decide between replication and partitioning.
- When you are **debugging a race condition** in a distributed system and need to understand isolation levels.
- When you are **designing an API** that needs to support multiple versions of a client (schema evolution).
- When you are **building a real-time data pipeline** and need to choose between batch and stream processing.
- When you are **interviewing for a senior engineer or architect role**—this book is essentially the "bible" for system design interviews.
- When you want to **understand how the "cloud" actually works** at the infrastructure level.
- When you need to **explain to a stakeholder** why "perfect" consistency is making the system slow or expensive.