"16. Have I 'got around' or 'beaten' the CAP theorem?
No. You might have designed a system that is not heavily affected by it. That's good."
Our thoughts on CAP and how we've dealt with it while building a distributed truly ACID database might also be interesting to some: http://foundationdb.com/white-papers/the-cap-theorem/
Of course two systems can only be consistent if they can communicate, so you have to either sacrifice availability until the partition is resolved, or give up on consistency.
A) Formulating the theorem in the first place
B) Coming up with the proof yourself
But if your definition of "available and consistent" goes beyond this, then you have to start considering the CAP theorem.
It's one of these worst-case scenarios where worst-case doesn't matter.
That said, practically speaking your system may have to wait for the partition to be fixed, which would either make the system practically unavailable or practically inconsistent. But not theoretically, at least, not as this site describes it.
This is only even theoretically true if a) you have no bound on memory and b) the link will always come back up. In practice, neither of these is true.
Further, if you're relying on never being partitioned then any network break requires delaying availability until the partition is resolved. CAP is then relevant if you're not willing to do this (and virtually no one is going to be so inclined).
That part is confusing to me. Doesn't the term partition have another meaning in distributed system design? For instance, consistent hashing "partitions" keys to multiple nodes. I haven't heard partition as a term describing dataloss.
so partitioning still has the sense of "splitting" - it's just that the explanation focuses on messages rather than the network.
i've found there are lots of more-common things that cause partitions in practice than equipment-in-the-middle failures. human errors are probably the biggest: network configuration changes, fresh bugs in your own software - or in your dependencies, etc.
also, while a network might be asynchronous, there's usually a limit to how long a message can be delayed in practice. ...the limit might be how much memory you have to queue up messages...or perhaps how long your client-side software (or your end-user) is willing to wait for a message when a dialog is more complex than request/response.
when designing distributed software, i've found that it's helpful to ask: when (not if) X process/server/cluster/data-center fails or becomes unreachable - temporarily or forever - how should the rest of my system respond?
so, perhaps the most important take-away from the FAQ for designers is #13: that C and A are "spectrums" that you tune to meet your own requirements when the various failure scenarios happen.
The main tradeoff is that after writing the values 1, 2, 3 in order, reads could see anything from no value or any one of those three values until the nodes converge.
In a Consistent system, if a read happens after writing and you see a 3, you will never see a 2, 1 or no value on subsequent reads. In the case of a network partition, the system will prefer to not be available than to return reads older than reads that have already been returned.
However, I was under the impression that this is not the "default" and I am likely to get performance poorer than distributed systems designed to be Consistent (like HBase).
It's true that QUORUM reads will have half (in a 3-replica system) the throughput as ONE, but with Cassandra reads up to 8x as fast as HBase , it still wins handily.
Finally, the reason this is worth making configurable in the first place is that almost all applications do just fine with most operations at ONE.
> There is another way. You can't avoid the CAP theorem, but you can isolate its complexity and prevent it from sabotaging your ability to reason about your systems.
I have a different definition of "debunk".
16. Have I 'got around' or 'beaten' the CAP theorem?
No. You might have designed a system that is not heavily affected by it. That's good.