sagas   transaction management  

Managing data consistency in a microservice architecture using Sagas - part 1

This is the first in a series of posts that expands on my recent MicroCPH talk on Managing data consistency in a microservice architecture using Sagas (slides, video).

The other posts in this series are:

Why sagas?

A distinctive characteristic of the microservice architecture is that in order to ensure loose coupling each service’s data is private. Unlike in a monolithic application, you no longer have a single database that any module of the application can update. As a result, one of the key challenges that you will face is maintaining data consistency across services.

Consider, for example, the customers and orders example application from my presentation. It consists of two services:

  • Order Service
    • Manages orders
    • Operations include createOrder() and cancelOrder()
  • Customer Service
    • Manages customer information including the customer’s available credit
    • Operations include createCustomer()

When the Order Service creates an Order it must ensure that there is sufficient credit available. Specifically, the createOrder() command must update data in both the Order Service and the Customer Service.

In a traditional application, you might consider using distributed transactions a.k.a. two phase commit (2PC). However, using 2PC is generally a bad idea a microservice architecture. It’s a form of synchronous communication that results in runtime coupling that significantly impacts the availability of an application.

What is a saga?

The solution is to implement commands, such as createOrder(), using a saga. A saga is a sequence of local transactions in each of the participating services. For example, here is the definition of the Create Order Saga, which is initiated by the createOrder() command:

Step Participant Transaction Compensating Transaction
1 Order Service createPendingOrder() rejectOrder()
2 Customer Service reserveCredit() -
3 Order Service approveOrder() -

The purpose of each step is as follows:

  • createPendingOrder() - create the Order in a PENDING state
  • reserveCredit() - attempt to reserve credit
  • approveOrder() - change the state of the Order to APPROVED
  • rejectOrder() - change the state of the Order to REJECTED

The sequence for the happy path is as follows:

  1. Order Service : createPendingOrder()
  2. Customer Service : reserveCredit()
  3. Order Service : approveOrder()

The sequence for the path when there is insufficient credit is as follows:

  1. Order Service : createPendingOrder()
  2. Customer Service : reserveCredit()
  3. Order Service : rejectOrder()

What are compensating transactions?

The rejectOrder() command is an example of a compensating transaction. Unlike ACID transactions, sagas cannot automatically undo changes made by previous steps since those changes are already committed. Instead, you must write compensating transactions that explicitly undo those changes. Each step of a saga that is followed by a step that can fail (for business reasons) must have a corresponding compensating transaction.

In the Create Order Saga, createOrder() has the rejectOrder() compensating transaction because the reserveCredit() step can fail. The reserveCredit() step does not need a compensating transaction because the approveOrder() step cannot fail. And, the approveOrder() step does not need a compensating transaction because it’s the last step of the saga.

What is the semantic lock counter-measure?

You might be wondering why createOrder() creates the order in a PENDING state, which is then changed to APPROVED by approveOrder(). The use of a PENDING state is an example of what is known as a semantic lock counter-measure. It prevents another transaction/saga from updating the Order while it is in the process of being created.

To see why this is necessary consider the following scenario where the cancelOrder() command is invoked while the Order is still being created:

Create Order Saga Cancel Order Saga
createOrder() - state=CREATED  
  cancelOrder() - state=CANCELLED
approveObject() - state=APPROVED  

In this scenario, the cancelOrder() command changes the status of the order to CANCELLED, and the approveOrder() command overwrites that change by setting the status to APPROVED. The customer would be quite surprised when the order is delivered!

The PENDING state prevents this problem. The cancelOrder() command will only cancel an Order if its state is APPROVED. If the state is PENDING, cancelOrder() returns an error to the client indicating that it should try again later. The semantic lock counter-measure is a kind of application-level locking. As I describe in the presentation, it’s a way to make sagas, which are inherently ACD, ACID again.

In a later post, I’ll describe how to implement this saga.

To learn more

sagas   transaction management  

Copyright © 2024 Chris Richardson • All rights reserved • Supported by Kong.

About is brought to you by Chris Richardson. Experienced software architect, author of POJOs in Action, the creator of the original, and the author of Microservices patterns.

Chris helps organizations improve agility and competitiveness through better software architecture. Learn more about his consulting engagements, and training workshops.

Upcoming public talks/workshops


Premium content and office hours is now available for paid subscribers at


Chris teaches comprehensive workshops for architects and developers that will enable your organization use microservices effectively.

Avoid the pitfalls of adopting microservices and learn essential topics, such as service decomposition and design and how to refactor a monolith to microservices.

Learn more

LEARN about microservices

Chris offers numerous other resources for learning the microservice architecture.

Get the book: Microservices Patterns

Read Chris Richardson's book:

Example microservices applications

Want to see an example? Check out Chris Richardson's example applications. See code

Remote consulting session

Got a specific microservice architecture-related question? For example:

  • Wondering whether your organization should adopt microservices?
  • Want to know how to migrate your monolith to microservices?
  • Facing a tricky microservice architecture design problem?

Consider signing up for a two hour, highly focussed, consulting session.

Virtual bootcamp: Distributed data patterns in a microservice architecture

My virtual bootcamp, distributed data patterns in a microservice architecture, is now open for enrollment!

It covers the key distributed data management patterns including Saga, API Composition, and CQRS.

It consists of video lectures, code labs, and a weekly ask-me-anything video conference repeated in multiple timezones.

The regular price is $395/person but use coupon ILFJODYS to sign up for $95 (valid until March 12, 2024). There are deeper discounts for buying multiple seats.

Learn more

Learn how to create a service template and microservice chassis

Take a look at my Manning LiveProject that teaches you how to develop a service template and microservice chassis.

Signup for the newsletter

BUILD microservices

Ready to start using the microservice architecture?

Consulting services

Engage Chris to create a microservices adoption roadmap and help you define your microservice architecture,

The Eventuate platform

Use the platform to tackle distributed data management challenges in your microservices architecture.

Eventuate is Chris's latest startup. It makes it easy to use the Saga pattern to manage transactions and the CQRS pattern to implement queries.

ASSESS your architecture

Assess your application's microservice architecture and identify what needs to be improved.

Consulting services

Engage Chris to conduct an architectural assessment.

Join the microservices google group


Note: tagging is work-in-process

GitOps   ·  Microservices adoption   ·  ancient lore   ·  anti-patterns   ·  application api   ·  application architecture   ·  architecting   ·  architecture   ·  architecture documentation   ·  assemblage   ·  beer   ·  books   ·  containers   ·  dark energy and dark matter   ·  deployment   ·  deployment pipeline   ·  design-time coupling   ·  developer experience   ·  development   ·  devops   ·  docker   ·  eventuate platform   ·  generative AI   ·  glossary   ·  health   ·  hexagonal architecture   ·  implementing commands   ·  implementing queries   ·  inter-service communication   ·  kubernetes   ·  loose coupling   ·  microservice architecture   ·  microservice chassis   ·  microservices adoption   ·  microservicesio updates   ·  modular monolith   ·  multi-architecture docker images   ·  observability   ·  pattern   ·  refactoring to microservices   ·  resilience   ·  sagas   ·  security   ·  service api   ·  service architecture   ·  service blueprint   ·  service collaboration   ·  service design   ·  service discovery   ·  service granularity   ·  service template   ·  software delivery metrics   ·  success triangle   ·  tacos   ·  team topologies   ·  testing   ·  transaction management   ·  transactional messaging

All content


24 Jul 2017 » Revised data patterns