The Forgetful Champions: Why Stateless Apps Are Recovery Superstars

Posted on July 22, 2025 by Ajitabh

Remember our last chat about automated system recovery? We talked about the inevitable chaos of distributed systems and how crucial it is to design for failure. We also touched on RTOs and RPOs โ€“ those critical deadlines for getting back online and minimizing data loss. Today, we’re going to meet the first type of application in our recovery framework: the stateless application. And trust me, their “forgetful” nature is actually their greatest superpower when it comes to bouncing back from trouble.

Meet the Forgetful Ones: What Exactly is a Stateless App?

Imagine you walk up to a vending machine. You put in your money, press a button, and out pops your snack. The machine doesn’t remember you from yesterday, or even from five minutes ago when you bought a drink. Each interaction is a fresh start, a clean slate. That, my friends, is a stateless application in a nutshell.

A stateless system is designed so it doesn’t hold onto any client session information on the server side between requests. Every single request is treated as if it’s the very first one, carrying all the necessary information within itself.

Think of it like this:

  • A vending machine: You put money in, get a snack. The machine doesn’t care if you’re a regular or a first-timer.  
  • A search engine: You type a query, get results. The server doesn’t remember your last search unless you explicitly tell it to.  
  • A public library’s book lookup: You search for a book, get its location. The system doesn’t remember what other books you’ve looked up or if you’ve checked out books before.

Why is this “forgetfulness” a good thing?

  • Independence: Each request is a self-contained unit. No baggage from previous interactions.  
  • Scalability: This is huge! Because no session data is tied to a specific server, you can easily spread requests across tons of servers. Need more power? Just add more machines, and your load balancer will happily send traffic their way. This is called horizontal scaling, and it’s effortless.  
  • Resilience & Fault Tolerance: If a server handling your request suddenly decides to take a coffee break (i.e., crashes), no biggie! No user session data is lost because it wasn’t stored there in the first place. The next request just gets routed to a different, healthy server.  
  • Simplicity: Less state to manage means less complex code, making these apps easier to design, build, and maintain.  
  • Lower Resource Use: They don’t need to hog memory or processing power to remember past interactions.

Common examples you interact with daily include web servers (like the one serving this blog post!), REST APIs, Content Delivery Networks (CDNs), and DNS servers.

The above comparision clearly illustrate the core difference between stateful and stateless applications using a simple, relatable analogy, emphasizing the “forgetful” nature of statelessness.

Why Their Forgetfulness is a Superpower for Recovery

Here’s where the magic happens for automated recovery. Because stateless applications don’t store any unique, session-specific data on the server itself, if an instance fails, you don’t have to worry about recovering its “memory.” There’s nothing to recover!

This allows for a “disposable instance” paradigm:

  • Faster Recovery Times: Automated recovery for stateless apps can be incredibly quick, often in seconds. There’s no complex data replication or synchronization needed for individual instances to get back up to speed. Highly optimized systems can even achieve near-instantaneous recovery.  
  • Simplified Failover: If a server goes down, new instances can be spun up rapidly on different machines. Incoming requests are immediately accepted by these new instances without waiting for any state synchronization. It’s like having an endless supply of identical vending machines โ€“ if one breaks, you just wheel in another.  

This approach aligns perfectly with modern cloud-native principles: treat your infrastructure components as disposable and rebuildable.

The Dynamic Trio: Load Balancing, Auto-Scaling, and Automated Failover

The rapid recovery capabilities of stateless applications are primarily driven by three best friends working in perfect harmony:

  1. Load Balancing: This is your digital traffic cop. It efficiently distributes incoming requests across all your healthy servers, making sure no single server gets overwhelmed. This is crucial for keeping things running smoothly and for spreading the load when you add more machines. 
  2. Auto-Scaling: This is your automatic capacity manager. It dynamically adds or removes server instances based on real-time performance metrics. If traffic spikes, it spins up more servers. If a server fails, it automatically provisions a new one to replace it, ensuring you always have enough capacity.  
  3. Automated Failover: This is the seamless transition artist. When a component fails, automated failover instantly reroutes operations to a standby or redundant component, minimizing downtime without anyone lifting a finger. For stateless apps, this is super simple because there’s no complex session data to worry about.  

Illustration: How the Dynamic Trio Work Together

Imagine your website is running on a few servers behind a load balancer. If one server crashes, the load balancer immediately notices it’s unhealthy and stops sending new requests its way. Simultaneously, your auto-scaling service detects the lost capacity and automatically launches a brand new server. Once the new server is ready, the load balancer starts sending traffic to it, and your users never even knew there was a hiccup.

It’s a beautiful, self-healing dance.

Cloud-Native: The Natural Habitat for Stateless Heroes

It’s no surprise that stateless applications thrive in cloud-native environments. Architectures like micro-services, containers, and serverless computing are practically built for them.  

  • Microservices Architecture: Breaking your big application into smaller, independent services means if one tiny service fails, it doesn’t take down the whole house. Each microservice can be stateless, making it easier to isolate faults and scale independently.  
  • Serverless Computing: Think AWS Lambda or Azure Functions. You just write your code, and the cloud provider handles all the infrastructure. These functions are designed to respond to individual events without remembering past actions, making them perfect for stateless workloads. They can start almost instantaneously!  
  • Containerization (e.g., Kubernetes): Containers package your app and all its bits into a neat, portable unit. While Kubernetes has evolved to handle stateful apps, it’s a superstar for managing and recovering stateless containers, allowing for super-fast deployment and scaling.
  • Managed Services: Cloud providers offer services that inherently provide high availability and automated scaling. For stateless apps, this means less operational headache for you, as the cloud provider handles the underlying resilience.  

The bottom line? If you’re building a new stateless application, going cloud-native should be your default. It’s the most efficient way to achieve robust, automated recovery, letting you focus on your code, not on babysitting servers.

In our next post, we’ll tackle the trickier side of the coin: stateful applications. These guys do remember things, and that memory makes their recovery a whole different ballgame. Stay tuned!

Posted in Resilience | Tagged , , , | Leave a comment

The Unseen Heroes: Why Automated System Recovery Isn’t Optional Anymore

Posted on July 9, 2025 by Ajitabh

In today’s digital world, our lives and businesses run on a vast, intricate web of interconnected systems. Think about it: from your morning coffee order to global financial transactions, everything relies on distributed systems working seamlessly. But hereโ€™s a truth often whispered in server rooms: these complex systems, by their very nature, are destined to encounter glitches. Failures aren’t just possibilities; they’re an inevitable part of the landscape, like that one sock that always disappears in the laundry. ๐Ÿ˜€

We’re talking about everything from a single server deciding to take an unexpected nap (a “node crash”) to entire communication lines going silent, splitting your system into isolated islands (a “network partition”). Sometimes, messages just vanish into the ether, or different parts of your system end up with conflicting information, leading to messy “data inconsistencies”.

It’s like everyone in the office has a different version of the same meeting notes, and nobody knows which is right. Even seemingly minor issues, like a service briefly winking out, can trigger a domino effect, turning a small hiccup into a full-blown “retry storm” as clients desperately try to reconnect, overwhelming the very system they’re trying to reach. Imagine everyone hitting refresh on a website at the exact same time because it briefly went down. Isn’t this the digital equivalent of a stampede.

This isn’t just about fixing things when they break. It’s about building systems that can pick themselves up, dust themselves off, and keep running, often without anyone even noticing. This, dear readers, is the silent heroism of automated system recovery.

The Clock and the Data: Why Every Second (and Byte) Counts

At the heart of any recovery strategy are two critical metrics, often abbreviated because, well, we love our acronyms in tech:

  • Recovery Time Objective (RTO): This is your deadline. It’s the absolute maximum time your application can afford to be offline after a disruption. Think of it like a popular online retailer during the sale on Big Billion days or the Great Indian Festival. If their website goes down for even a few minutes, that’s millions in lost sales and a lot of very unhappy shoppers. Their RTO would be measured in seconds, maybe a minute. For a less critical internal tool, like a quarterly report generator, an RTO of a few hours might be perfectly fine.
  • Recovery Point Objective (RPO): This defines how much data you’re willing to lose. It’s usually measured in a time interval, like “the last five minutes of data”. For that same retailer, losing even a single customer’s order is a no-go. Their RPO would be zero. But for this blog, if the last five minutes of comments disappear, it’s annoying, but not catastrophic. My RPO could be a few hours and for some news blogs few minutes would be acceptable.

These aren’t just technical jargon; they’re business decisions. The tighter your RTO and RPO, the more complex and, frankly, expensive your recovery solution will be. Itโ€™s like choosing between a spare tire you have to put on yourself (longer RTO, lower cost) and run-flat tires that keep you going (near-zero RTO, higher cost). You pick your battles based on what your business can actually afford to lose, both in time and data.

Building on Solid Ground: The Principles of Resilience

So, how do we build systems that can withstand the storm? It starts with a few foundational principles:

1. Fault Tolerance, Redundancy, and Decentralization

Imagine a bridge designed so that if one support beam fails, the entire structure doesn’t collapse. That’s fault tolerance. We achieve this through redundancy, which means duplicating critical components โ€“ servers, network paths, data storage โ€“ so there’s always a backup ready to jump in. Think of a data center with two power lines coming in from different grids. If one goes out, the other kicks in. Or having multiple copies of your customer database spread across different servers.

Decentralisation ensures that control isn’t concentrated in one place. If one part goes down, the rest of the system keeps chugging along, independently but cooperatively. It’s like a well-trained team where everyone knows how to do a bit of everything, so if one person calls in sick, the whole project doesn’t grind to a halt.

2. Scalability and Performance Optimization

A resilient system isn’t just tough; it’s also agile. Scalability means it can handle growing demands, whether by adding more instances (horizontal scaling) or upgrading existing ones (vertical scaling). Think of a popular streaming service. When a new hit show drops, they don’t just hope their servers can handle the millions of new viewers. They automatically spin up more servers (horizontal scaling) to meet the demand. If one server crashes, they just spin up another, no fuss.

Performance optimization, meanwhile, ensures your system runs efficiently, distributing requests evenly to prevent any single server from getting overwhelmed. It’s like a traffic controller directing cars to different lanes on a highway to prevent a massive jam.

3. Consistency Models

In a distributed world, keeping everyone on the same page about data is a monumental task. Consistency ensures all parts of your system have the same information and act the same way, even if lots of things are happening at once. This is where consistency models come in.

  • Strong Consistency means every read gets the absolute latest data, no matter what. Imagine your bank account. When you check your balance, you expect to see the exact current amount, not what it was five minutes ago. That’s strong consistency โ€“ crucial for financial transactions or inventory systems where every single item counts.
  • Eventual Consistency is more relaxed. It means data will eventually be consistent across all replicas, but there might be a brief period where some parts of the system see slightly older data. Think of a social media feed. If you post a photo, it might take a few seconds for all your followers to see it on their feeds. A slight delay is fine; the world won’t end. This model prioritises keeping the service available and fast, even if it means a tiny bit of lag in data synchronisation.

The choice of consistency model is a fundamental trade-off, often summarised by the CAP theorem (Consistency, Availability, Partition Tolerance) โ€“ you can’t perfectly have all three. It’s like trying to be perfectly on time, perfectly available, and perfectly consistent all at once โ€“ sometimes you have to pick your battles. Your decision here directly impacts how complex and fast your recovery will be, especially for applications that hold onto data.

In my next post, I will dive into the world of stateless applications and discover why their “forgetful” nature makes them champions of rapid, automated recovery. Stay tuned!

References and Recommended Reads

Here is an exhaustive set of references I have used for the series:

Posted in Resilience | Tagged , , , | Leave a comment

Book Review: Outage Box Set by T.W. Piperbrook

Posted on July 8, 2025 by Ajitabh

This five-book series by T.W. Piperbrook is a fast-paced, high-intensity ride packed with gore and werewolf horror. The story wastes no time plunging readers into chaos, delivering suspense and violent encounters that keep the adrenaline pumping.

Cover of the book series 'Outage' by T.W. Piperbrook, featuring a snowy background, a paw print, and bold text highlighting the title, author, and description of the series.Bo

The books are relatively short, and in my view, the entire story could have been comfortably told in a single novel without losing any impact. Still, spreading it across five books does create natural breakpoints that might appeal to readers who enjoy serialized horror.

Thereโ€™s a wide cast of characters โ€” some likable, others not โ€” but all felt believable. Piperbrook does a good job showcasing different shades of human behavior when thrust into terrifying, high-stress situations. Some characters live, some merely survive, and their arcs add a grim realism to the story.

Overall, Outage is an okay read. It didnโ€™t blow me away, but it held my interest enough that Iโ€™d be willing to try more of Piperbrookโ€™s work before deciding how I feel about him as an author. A special mention to Troy Duranโ€™s audio narration, which was well done and added an extra layer of tension to the story.

Posted in Book Reviews | Tagged | Leave a comment

Why Insurance-Linked Plans Like HDFC Sanchay Par Advantage May Not Be as Attractive as They Look

Posted on July 4, 2025 by Ajitabh

Recently, I received a proposal for the popular HDFC Life Sanchay Par Advantage, a traditional insurance-linked savings plan that promises guaranteed payouts, a sizable life cover, and tax-free returns.

On the surface, the numbers look very impressive โ€” large cumulative payouts, substantial maturity benefits, and a comforting insurance cushion.

But when you take a closer look, break down the actual yearly cash flows, and compute the real rate of return (IRR), the story changes quite dramatically.

In this post, Iโ€™ll show you:

โœ… What the plan promises
โœ… A year-by-year cash flow table
โœ… A graph of cumulative balances
โœ… And finally โ€” why even with the maturity benefit, the actual return (IRR) is quite modest.

The Proposal Highlights

ParameterValue
ProductHDFC Life Sanchay Par Advantage
Annual Premiumโ‚น5,00,000
Premium Paying Term6 years
Life Coverโ‚น52,50,000
Payout Period20 years (starting right after year 1)
Annual Payoutโ‚น1,05,200 (can be monthly)
Maturity Benefit (Year 20)โ‚น37,25,000
Total Payouts + Maturityโ‚น58,29,000 over 20 years

Sounds impressive, doesnโ€™t it?

The Hidden Picture: Cash Flows Over Time

Letโ€™s lay out the cash flows year by year.
In this plan:

  • You pay โ‚น5,00,000 in year 0 (start), then
  • From year 1 to year 5, you pay โ‚น5,00,000 each year but also start getting โ‚น1,05,200 payouts immediately, effectively reducing your net outgo to โ‚น3,94,800.
  • From year 6 to year 19, you receive โ‚น1,05,200 each year.
  • In year 20, you receive โ‚น1,05,200 plus the maturity benefit of โ‚น37,25,000.

Revised Cash Flow Table

YearCash FlowCumulative Balance
0-โ‚น5,00,000-โ‚น5,00,000
1-โ‚น3,94,800-โ‚น8,94,800
2-โ‚น3,94,800-โ‚น12,89,600
3-โ‚น3,94,800-โ‚น16,84,400
4-โ‚น3,94,800-โ‚น20,79,200
5-โ‚น3,94,800-โ‚น24,74,000
6+โ‚น1,05,200-โ‚น23,68,800
7+โ‚น1,05,200-โ‚น22,63,600
8+โ‚น1,05,200-โ‚น21,58,400
9+โ‚น1,05,200-โ‚น20,53,200
10+โ‚น1,05,200-โ‚น19,48,000
11+โ‚น1,05,200-โ‚น18,42,800
12+โ‚น1,05,200-โ‚น17,37,600
13+โ‚น1,05,200-โ‚น16,32,400
14+โ‚น1,05,200-โ‚น15,27,200
15+โ‚น1,05,200-โ‚น14,22,000
16+โ‚น1,05,200-โ‚น13,16,800
17+โ‚น1,05,200-โ‚น12,11,600
18+โ‚น1,05,200-โ‚น11,06,400
19+โ‚น1,05,200-โ‚น10,01,200
20+โ‚น38,30,200+โ‚น28,29,000

So by the end of 20 years, you have a gross cumulative balance of about โ‚น28.29 lakh โ€” i.e. your payouts plus maturity exceed your total outgo by this amount.

The Real Return You Earn

Now letโ€™s compute the effective IRR (internal rate of return) on these cash flows.

  • Over 6 years, you invest a total of โ‚น24,74,000 (after adjusting for payouts received during premium years).
  • Over 20 years, you get total payouts + maturity of โ‚น58,29,000.

So approximate CAGR is:

โ‰ˆ (58,29,000 / 24,74,000) ^ (1/20) – 1 โ‰ˆ (2.35)^0.05 – 1 โ‰ˆ 4.4% p.a.

This means your effective compounded return is approximately 4.4% p.a. tax-free.

Why Do Such Plans Look So Lucrative?

Insurance sales illustrations often:

โœ… Highlight large cumulative payouts like “โ‚น58,29,000”,
โœ… Emphasize tax-free income,
โœ… Focus on the big life cover of โ‚น52.5 lakh,
โœ… Present it as a โ€œrisk-free assured income.โ€

What they usually donโ€™t show clearly is:

  • The actual yearly cash flows which are modest until the final year.
  • The impact of locking your money for 20 years.
  • How a 4.4% return lags inflation, which averages 5-6% over long periods.

Bottom Line: Should You Go for It?

So with the maturity benefit, the product is like a long-term tax-free FD yielding ~4.4%, with bundled life insurance.

If you value the insurance and the forced discipline, it might suit you. Otherwise:

โœ… For insurance, a simple term plan of โ‚น52.5 lakh would cost just ~โ‚น6-8k per year.
โœ… For investment, diversified equity or balanced mutual funds over 20 years historically yield 10-12%, much better beating inflation.

If you still like such plans for the psychological comfort of โ€œassured money,โ€ thatโ€™s perfectly okay. But at least go in fully aware:

FeatureHDFC Sanchay Par AdvantageTerm Plan + Equity SIP
Life coverโ‚น52.5 lakh bundledโ‚น52.5 lakh for ~โ‚น8k/year
Total 6-year outgoโ‚น30 lakhโ‚น30 lakh into SIP + minimal for term
Expected corpus @20 yrs~โ‚น58 lakh (4.4% IRR)~โ‚น1.1 crore (12% SIP CAGR)
Flexibility & liquidityLocked for 20 yrsWithdraw anytime from SIP

They are insurance-led savings products โ€” not true investment plans.
Your money could work much harder for you elsewhere.

Posted in Personal Finance / Investments | Tagged | Leave a comment

Using Telegram for Automation Using Python Telethon Module

Posted on May 17, 2021 by Ajitabh

Telegram is a cloud based messaging application which provides an excellent set of APIs to allow developers to automate on top of the platform. It is increasingly being used to automate various notifications and messages. It has become a platform of choice to create bots which interact with users and groups.

Telethon is an asyncio Python 3 library for interacting with telegram API. It is one of the very exhaustive libraries which allows users to interact with telegram API as a user or as a bot.

Recently I have written some AWS Lambda functions to automate certain personal notifications. I could have run the code as a container on one of my VPSs or on Hulu or other platforms, but I took this exercise as an opportunity to learn more about serverless and functions. Also, my kind of load is something which can easyly fall under the Lambda free tier.

In this post we will look into the process of how to start with the development and write some basic python applications.

Registering As a Telegram Developer

Following steps can be followed to obtain the API ID for telegram –

  • Sign up for Telegram using any application
  • Login to the https://my.telegram.org/ website using the same mobile number. Telegram will send you a confirmation code on Telegram application. After entering the confirmation code, you will be seeing the following screen –
Screenshot of Telegram Core Developer Page
  • In the above screen select the API Development Tools and complete the form. This page will provide some basic information in addition to api_id and api_hash.

Setting up Telethon Development Environment

I assume that the reader is familiar with basic python and knows how to set up a virtual environment, so rather than explaining, I would more focus on quick code to get the development environment up and running.

$ mkdir telethon-dev && cd telethon-dev 
$ python3 -m venv venv-telethon
$ source venv-telethon/bin/activate
(venv-telethon) $ pip install --upgrade pip
(venv-telethon) $ pip install telethon
(venv-telethon) $ pip install python-dotenv

Obtaining The Telegram Session

I will be using .env file for storing the api_id and api_hash so that the same can be used in the code which we will write. Replace NNNNN with your api_id and XX with your api_hash

TELEGRAM_API_ID=NNNNN
TELEGRAM_API_HASH=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

Next we will need to create a session to be used in our code. For full automation, it is needed that we store the session either as a file or as a string. Since the cloud environments destroy the ephimeral storage they provide, so I will get the session as a string. The following python code will help obtain the same.

#! /usr/bin/env python3

import os

from dotenv import load_dotenv

from telethon.sync import TelegramClient
from telethon.sessions import StringSession

load_dotenv()

with TelegramClient(StringSession(), os.getenv("TELEGRAM_API_ID"), os.getenv("TELEGRAM_API_HASH")) as client:
    print(client.session.save())

When this code is executed, it will prompt for your phone number. Here you would need to print the phone number with the country code. In the next step, an authorization code will be received in the telegram application which would need to be entered in the application prompt. Once the authorization code is typed correctly, the session will be printed as a string value on standard output. You would need to save the same. 

(venv-telethon) $ ./get_string_session.py
 Please enter your phone (or bot token): +91xxxxxxxxxx
 Please enter the code you received: zzzzz
Signed in successfully as KKKKKK KKKKKKK
9vznqQDuX2q34Fyir634qgDysl4gZ4Fhu82eZ9yHs35rKyXf9vznqQDuX2q34Fyir634qgDyslLov-S0t7KpTK6q6EdEnla7cqGD26N5uHg9rFtg83J8t2l5TlStCsuhWjdzbb29MFFSU5-l4gZ4Fhu9vznqQDuX2q34Fyir634qgDysl9vznqQDuX2q34Fyir634qgDy_x7Sr9lFgZsH99aOD35nSqw3RzBmm51EUIeKhG4hNeHuF1nwzttuBGQqqqfao8sTB5_purgT-hAd2prYJDBcavzH8igqk5KDCTsZVLVFIV32a9Odfvzg2MlnGRud64-S0t7KpTK6q6EdEnla7cqGD26N5uHg9rFtg83J8t2l5TlStCsuhWjdzbb29MFFSU5=

I normally put the string session along with the API ID and Hash in the .env file. All these three values would need to be protected and should never be shared with a third party.

For the next code, I will assume that you have used a variable TELEGRAM_STRING_SESSION. So the final .env file will look like below – 

TELEGRAM_API_ID=NNNNN
TELEGRAM_API_HASH=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
TELEGRAM_STRING_SESSION=YYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYY

Sending a Message to A Contact

Now we have the ground work done, so we will write a simple python application to send a message to a contact. The important point to note here is that the recipient must be in your telegram contacts. 

#! /usr/bin/env python3

import os

from telethon.sync import TelegramClient
from telethon.sessions import StringSession
from dotenv import load_dotenv

load_dotenv()

try:
    client = TelegramClient(StringSession(os.getenv("STRING_TOKEN")), os.getenv("API_ID"), os.getenv("API_HASH"))
    client.start()
except Exception as e:
    print(f"Exception while starting the client - {e}")
else:
    print("Client started")

async def main():
    try:
        # Replace the xxxxx in the following line with the full international mobile number of the contact
        # In place of mobile number you can use the telegram user id of the contact if you know
        ret_value = await client.send_message("xxxxxxxxxxx", 'Hi')
    except Exception as e:
        print(f"Exception while sending the message - {e}")
    else:
        print(f"Message sent. Return Value {ret_value}")

with client:
    client.loop.run_until_complete(main())

Next Steps

The telethon API is quite versatile, a detailed API documentation can be find at https://tl.telethon.dev/. Hope this post will help the reader quickly start off with the telegram messaging with telethon module.

Posted in Automation, Programming, Tips/Code Snippets | Tagged , , , | 1 Comment