DEV Community: Juan Torchia The latest articles on DEV Community by Juan Torchia (@jtorchia). https://dev.to/jtorchia https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F885942%2F5b3b3860-d364-4de0-a335-cb7c251109d9.jpeg DEV Community: Juan Torchia https://dev.to/jtorchia en Show HN: Needle distilled Gemini tool calling into 26M parameters — technical read, zero hype Juan Torchia Sun, 17 May 2026 12:30:43 +0000 https://dev.to/jtorchia/show-hn-needle-distilled-gemini-tool-calling-into-26m-parameters-technical-read-zero-hype-46jo https://dev.to/jtorchia/show-hn-needle-distilled-gemini-tool-calling-into-26m-parameters-technical-read-zero-hype-46jo <h1> Show HN: Needle distilled Gemini tool calling into 26M parameters — technical read, zero hype </h1> <p>I was in the middle of reviewing my Ollama pipeline when the HN post appeared: <em>Needle</em>, a 26M parameter model distilled from Gemini specifically for tool calling. My first reaction was skeptical. 26M sounds like a toy. Then I read more carefully and understood that the interesting point isn't the size — it's the problem they're actually attacking.</p> <p>Here's my technical read. No euphoria, no easy dismissal.</p> <h2> The real problem behind Needle and Gemini tool calling distillation </h2> <p>My thesis is this: <strong>the bottleneck in systems with external tools isn't the LLM's general reasoning — it's the parsability of the output</strong>. If the model produces malformed JSON, calls functions with wrong arguments, or hallucinates tool names that don't exist, the whole system breaks — doesn't matter how "intelligent" the model is at other tasks.</p> <p>I ran into this directly while building agent loops with Claude Code. The most fragile part was never the reasoning; it was the reliability of the data contract. It reminded me of when I resisted TypeScript for years thinking types were bureaucracy. Then I understood that most avoidable failures start as poorly expressed data contracts. Tool calling is exactly the same: a model can be brilliant in prose and terrible at respecting a strict JSON schema under latency pressure.</p> <p><strong>Needle attacks that specific point</strong>: it takes Gemini's tool calling behavior — which is consistent and well-structured — and distills it into a small, specialized model. The hypothesis is that for <em>this specific task</em>, 26M parameters trained on the right behavior can outperform giant generalist models that were never fine-tuned to respect function schemas with precision.</p> <p>Is it true? In their own benchmarks, according to the project repo, yes. In my own real production, I don't know yet — and that difference matters.</p> <h2> What knowledge distillation is and why it matters here </h2> <p>Knowledge distillation is a technique where a large model — the <em>teacher</em> — generates outputs that are then used to train a smaller model — the <em>student</em>. The student doesn't learn from raw data: it learns to imitate the teacher's behavior on the distributions that matter most.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c"># Simplified concept of the distillation pipeline for tool calling:</span> <span class="c"># 1. Teacher (Gemini) generates thousands of correct tool calling examples</span> <span class="c"># 2. Student (Needle, 26M) trains on those examples</span> <span class="c"># 3. The student learns the teacher's output distribution, not hand-written rules</span> </code></pre> </div> <p>For tool calling, this makes particular sense. You don't need the model to know universal history. You need it to, when you hand it this schema:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="c1">// Tool definition — the model has to respect this 100%</span> <span class="kd">const</span> <span class="nx">tools</span> <span class="o">=</span> <span class="p">[</span> <span class="p">{</span> <span class="na">name</span><span class="p">:</span> <span class="dl">"</span><span class="s2">search_product</span><span class="dl">"</span><span class="p">,</span> <span class="na">description</span><span class="p">:</span> <span class="dl">"</span><span class="s2">Searches for a product by ID in the catalog</span><span class="dl">"</span><span class="p">,</span> <span class="na">parameters</span><span class="p">:</span> <span class="p">{</span> <span class="na">type</span><span class="p">:</span> <span class="dl">"</span><span class="s2">object</span><span class="dl">"</span><span class="p">,</span> <span class="na">properties</span><span class="p">:</span> <span class="p">{</span> <span class="na">product_id</span><span class="p">:</span> <span class="p">{</span> <span class="na">type</span><span class="p">:</span> <span class="dl">"</span><span class="s2">string</span><span class="dl">"</span> <span class="p">},</span> <span class="na">include_stock</span><span class="p">:</span> <span class="p">{</span> <span class="na">type</span><span class="p">:</span> <span class="dl">"</span><span class="s2">boolean</span><span class="dl">"</span> <span class="p">}</span> <span class="p">},</span> <span class="na">required</span><span class="p">:</span> <span class="p">[</span><span class="dl">"</span><span class="s2">product_id</span><span class="dl">"</span><span class="p">]</span> <span class="p">}</span> <span class="p">}</span> <span class="p">]</span> </code></pre> </div> <p>Produce exactly:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"name"</span><span class="p">:</span><span class="w"> </span><span class="s2">"search_product"</span><span class="p">,</span><span class="w"> </span><span class="nl">"arguments"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"product_id"</span><span class="p">:</span><span class="w"> </span><span class="s2">"SKU-4821"</span><span class="p">,</span><span class="w"> </span><span class="nl">"include_stock"</span><span class="p">:</span><span class="w"> </span><span class="kc">true</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <p>Not some creative variation with renamed keys, wrong types, or invented fields. Small generalist models fail at this constantly. If Needle solves it reliably, the use case exists.</p> <h2> How to test it in Ollama: a reproducible checklist </h2> <p>If you want to validate whether a model like Needle has a place in your stack, the criterion shouldn't be someone else's benchmark. It should be your own set of tools under your system's real conditions.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c"># Step 1: Install Ollama if you haven't</span> curl <span class="nt">-fsSL</span> https://ollama.com/install.sh | sh <span class="c"># Step 2: When the model is available in the Ollama registry, pull directly</span> <span class="c"># (check availability at https://ollama.com/search)</span> ollama pull needle <span class="c"># tentative name — verify the official registry</span> <span class="c"># Step 3: Prepare your own tool calling test suite</span> <span class="c"># Don't use the model README's examples; use YOUR real tools</span> </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="c1">// tool-calling-test.ts</span> <span class="c1">// Validation criteria I'd use to evaluate any small model</span> <span class="kr">interface</span> <span class="nx">TestResult</span> <span class="p">{</span> <span class="nl">case</span><span class="p">:</span> <span class="kr">string</span><span class="p">;</span> <span class="nl">expected</span><span class="p">:</span> <span class="nx">object</span><span class="p">;</span> <span class="nl">received</span><span class="p">:</span> <span class="kr">string</span><span class="p">;</span> <span class="nl">validJson</span><span class="p">:</span> <span class="nx">boolean</span><span class="p">;</span> <span class="nl">schemaRespected</span><span class="p">:</span> <span class="nx">boolean</span><span class="p">;</span> <span class="nl">latencyMs</span><span class="p">:</span> <span class="kr">number</span><span class="p">;</span> <span class="p">}</span> <span class="k">async</span> <span class="kd">function</span> <span class="nf">evaluateToolCallingModel</span><span class="p">(</span> <span class="nx">model</span><span class="p">:</span> <span class="kr">string</span><span class="p">,</span> <span class="nx">cases</span><span class="p">:</span> <span class="nb">Array</span><span class="o">&lt;</span><span class="p">{</span> <span class="na">prompt</span><span class="p">:</span> <span class="kr">string</span><span class="p">;</span> <span class="nl">expectedSchema</span><span class="p">:</span> <span class="nx">object</span> <span class="p">}</span><span class="o">&gt;</span> <span class="p">):</span> <span class="nb">Promise</span><span class="o">&lt;</span><span class="nx">TestResult</span><span class="p">[]</span><span class="o">&gt;</span> <span class="p">{</span> <span class="kd">const</span> <span class="na">results</span><span class="p">:</span> <span class="nx">TestResult</span><span class="p">[]</span> <span class="o">=</span> <span class="p">[];</span> <span class="k">for </span><span class="p">(</span><span class="kd">const</span> <span class="nx">testCase</span> <span class="k">of</span> <span class="nx">cases</span><span class="p">)</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">start</span> <span class="o">=</span> <span class="nb">Date</span><span class="p">.</span><span class="nf">now</span><span class="p">();</span> <span class="c1">// Call the model via Ollama API</span> <span class="kd">const</span> <span class="nx">response</span> <span class="o">=</span> <span class="k">await</span> <span class="nf">fetch</span><span class="p">(</span><span class="dl">"</span><span class="s2">http://localhost:11434/api/chat</span><span class="dl">"</span><span class="p">,</span> <span class="p">{</span> <span class="na">method</span><span class="p">:</span> <span class="dl">"</span><span class="s2">POST</span><span class="dl">"</span><span class="p">,</span> <span class="na">headers</span><span class="p">:</span> <span class="p">{</span> <span class="dl">"</span><span class="s2">Content-Type</span><span class="dl">"</span><span class="p">:</span> <span class="dl">"</span><span class="s2">application/json</span><span class="dl">"</span> <span class="p">},</span> <span class="na">body</span><span class="p">:</span> <span class="nx">JSON</span><span class="p">.</span><span class="nf">stringify</span><span class="p">({</span> <span class="na">model</span><span class="p">:</span> <span class="nx">model</span><span class="p">,</span> <span class="na">messages</span><span class="p">:</span> <span class="p">[{</span> <span class="na">role</span><span class="p">:</span> <span class="dl">"</span><span class="s2">user</span><span class="dl">"</span><span class="p">,</span> <span class="na">content</span><span class="p">:</span> <span class="nx">testCase</span><span class="p">.</span><span class="nx">prompt</span> <span class="p">}],</span> <span class="c1">// Pass tools as part of the request</span> <span class="na">tools</span><span class="p">:</span> <span class="p">[</span><span class="nx">testCase</span><span class="p">.</span><span class="nx">expectedSchema</span><span class="p">],</span> <span class="na">stream</span><span class="p">:</span> <span class="kc">false</span><span class="p">,</span> <span class="p">}),</span> <span class="p">});</span> <span class="kd">const</span> <span class="nx">data</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">response</span><span class="p">.</span><span class="nf">json</span><span class="p">();</span> <span class="kd">const</span> <span class="nx">latency</span> <span class="o">=</span> <span class="nb">Date</span><span class="p">.</span><span class="nf">now</span><span class="p">()</span> <span class="o">-</span> <span class="nx">start</span><span class="p">;</span> <span class="c1">// Validate if the JSON is parseable and if it respects the schema</span> <span class="kd">let</span> <span class="nx">validJson</span> <span class="o">=</span> <span class="kc">false</span><span class="p">;</span> <span class="kd">let</span> <span class="nx">schemaRespected</span> <span class="o">=</span> <span class="kc">false</span><span class="p">;</span> <span class="kd">let</span> <span class="nx">received</span> <span class="o">=</span> <span class="dl">""</span><span class="p">;</span> <span class="k">try</span> <span class="p">{</span> <span class="c1">// The tool_call should be in message.tool_calls[0]</span> <span class="kd">const</span> <span class="nx">toolCall</span> <span class="o">=</span> <span class="nx">data</span><span class="p">.</span><span class="nx">message</span><span class="p">?.</span><span class="nx">tool_calls</span><span class="p">?.[</span><span class="mi">0</span><span class="p">];</span> <span class="nx">received</span> <span class="o">=</span> <span class="nx">JSON</span><span class="p">.</span><span class="nf">stringify</span><span class="p">(</span><span class="nx">toolCall</span> <span class="o">??</span> <span class="nx">data</span><span class="p">.</span><span class="nx">message</span><span class="p">?.</span><span class="nx">content</span> <span class="o">??</span> <span class="dl">""</span><span class="p">);</span> <span class="nx">validJson</span> <span class="o">=</span> <span class="o">!!</span><span class="nx">toolCall</span><span class="p">;</span> <span class="c1">// Basic schema validation: required keys must be present</span> <span class="k">if </span><span class="p">(</span><span class="nx">toolCall</span><span class="p">?.</span><span class="kd">function</span><span class="p">?.</span><span class="nx">arguments</span><span class="p">)</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">args</span> <span class="o">=</span> <span class="nx">toolCall</span><span class="p">.</span><span class="kd">function</span><span class="p">.</span><span class="nx">arguments</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">requiredKeys</span> <span class="o">=</span> <span class="nb">Object</span><span class="p">.</span><span class="nf">keys</span><span class="p">(</span><span class="nx">testCase</span><span class="p">.</span><span class="nx">expectedSchema</span><span class="p">);</span> <span class="nx">schemaRespected</span> <span class="o">=</span> <span class="nx">requiredKeys</span><span class="p">.</span><span class="nf">every</span><span class="p">((</span><span class="nx">k</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="nx">k</span> <span class="k">in</span> <span class="nx">args</span><span class="p">);</span> <span class="p">}</span> <span class="p">}</span> <span class="k">catch</span> <span class="p">{</span> <span class="nx">received</span> <span class="o">=</span> <span class="dl">"</span><span class="s2">parse error</span><span class="dl">"</span><span class="p">;</span> <span class="p">}</span> <span class="nx">results</span><span class="p">.</span><span class="nf">push</span><span class="p">({</span> <span class="na">case</span><span class="p">:</span> <span class="nx">testCase</span><span class="p">.</span><span class="nx">prompt</span><span class="p">.</span><span class="nf">slice</span><span class="p">(</span><span class="mi">0</span><span class="p">,</span> <span class="mi">50</span><span class="p">),</span> <span class="na">expected</span><span class="p">:</span> <span class="nx">testCase</span><span class="p">.</span><span class="nx">expectedSchema</span><span class="p">,</span> <span class="nx">received</span><span class="p">,</span> <span class="nx">validJson</span><span class="p">,</span> <span class="nx">schemaRespected</span><span class="p">,</span> <span class="na">latencyMs</span><span class="p">:</span> <span class="nx">latency</span><span class="p">,</span> <span class="p">});</span> <span class="p">}</span> <span class="k">return</span> <span class="nx">results</span><span class="p">;</span> <span class="p">}</span> </code></pre> </div> <p>My minimum acceptance criteria for any tool calling model in a real system:</p> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Metric</th> <th>Minimum acceptable</th> <th>Why</th> </tr> </thead> <tbody> <tr> <td>Valid JSON</td> <td>99%+</td> <td>A parse error in production breaks the entire flow</td> </tr> <tr> <td>Schema respected</td> <td>95%+</td> <td>Wrong arguments are silently dangerous</td> </tr> <tr> <td>p95 latency</td> <td>&lt; 500ms local</td> <td>If it's slower than an external API, you've lost the point</td> </tr> <tr> <td>Tool name hallucination</td> <td>0%</td> <td>An invented name is a non-recoverable error</td> </tr> </tbody> </table></div> <h2> The limits that the hype doesn't mention </h2> <p>There are three limitations that don't show up in the headlines and that I consider essential before betting on a distilled model in a real system.</p> <p><strong>First, the teacher's distribution defines the ceiling.</strong> If Gemini has biases in how it generates tool calls — certain argument patterns, certain naming conventions — the student inherits them unfiltered. This matters if your API has conventions that drift from Gemini's style.</p> <p><strong>Second, generalization to unseen schemas is an open question.</strong> A distilled model can be excellent on the patterns it learned and brittle against complex schemas with <code>anyOf</code>, nested <code>$ref</code>s, or conditional validations. You have to test it explicitly against your own schemas — don't assume the general benchmark applies.</p> <p><strong>Third, 26M parameters implies limited context capacity.</strong> In systems where the prompt includes many tools simultaneously — common in backends with dozens of endpoints exposed as tools — degradation can be significant. That's a hypothesis to validate, not assume.</p> <p>None of this invalidates the project. It locates it. The same discipline I applied when reviewing <a href="https://juanchi.dev/en/blog/pnpm-workspaces-ci-cache-github-actions-40-minutes-fix" rel="noopener noreferrer">pnpm workspaces cache issues in CI</a> applies here: understand the limit first, then decide if it fits.</p> <h2> Where Needle makes sense and where it doesn't </h2> <p><strong>Scenarios where it makes sense to try Needle:</strong></p> <ul> <li>Local agent pipelines where network latency to external APIs is the bottleneck</li> <li>Edge devices or resource-constrained environments where a 26M model fits in memory comfortably</li> <li>Systems with a <em>bounded and stable</em> set of tools — not dozens of shifting schemas</li> <li>As a local fallback when external APIs are unavailable</li> </ul> <p><strong>Scenarios where it probably doesn't cut it:</strong></p> <ul> <li>Systems where reasoning between tool calling steps is complex — deciding <em>when</em> to call which tool, not just <em>how</em> to call it</li> <li>APIs with deeply nested or polymorphic schemas</li> <li>Flows where long conversational context matters — the 26M context limit is going to hurt</li> <li>Environments that need auditable safety guarantees — a privately distilled model is a considerably more opaque box</li> </ul> <p>The tension that surfaced in the <a href="https://juanchi.dev/en/blog/spring-boot-actuator-production-endpoints-hardening-checklist" rel="noopener noreferrer">Spring Boot Actuator in production</a> post applies differently here: the comfort of "it works in the demo" can hide surface risks that only show up under load or with unexpected inputs.</p> <h2> What this signals for the small model ecosystem </h2> <p>The uncomfortable thing about Needle isn't the model itself. It's what it confirms: <strong>functional specialization is going to pressure the hegemony of large general models on structured tasks</strong>.</p> <p>Tool calling, intent classification, entity extraction with fixed schemas — these are tasks where a well-trained distilled model can beat GPT-4 or Claude on cost and latency without sacrificing reliability. That changes the architecture calculation.</p> <p>In my current stack with Claude Code for complex reasoning and Ollama for local tasks, there's a gap exactly where Needle would aim: the tool router that decides which function to call and with what arguments, without needing the overhead of a 70B model for that. I'm not saying I'll adopt it tomorrow. I'm saying the category makes sense and the experiment deserves follow-through.</p> <p>Same as when I evaluated <a href="https://juanchi.dev/en/blog/spring-security-spring-boot-actuator-authorization-model-production" rel="noopener noreferrer">Jakarta EE vs Spring Boot tradeoffs</a> or compared <a href="https://juanchi.dev/en/blog/pnpm-vs-npm-vs-yarn-2026-monorepo-real-benchmark" rel="noopener noreferrer">package managers in real monorepos</a>, the honest answer isn't "adopt it now" or "ignore it" — it's "test it against your own criteria before committing."</p> <h2> FAQ: Needle, distillation, and tool calling in small models </h2> <p><strong>What exactly is model distillation in the LLM context?</strong><br> It's a process where a large model (<em>teacher</em>) generates a dataset of correct behavior — in this case, well-formed tool calling examples — which is used to train a small model (<em>student</em>). The student learns to imitate the teacher's output distribution on the specific tasks it was distilled for, without needing the teacher's full architecture.</p> <p><strong>Is 26M parameters enough for reliable tool calling?</strong><br> Depends on the scope. For a bounded set of tools with simple schemas, probably yes. For systems with dozens of complex tools, long contexts, or multi-step reasoning, it's an open hypothesis. The project's own benchmark is optimistic; validation against your own schemas is mandatory before betting on it.</p> <p><strong>How do I test it locally without risking a production system?</strong><br> With Ollama, if the model is available in the registry, it's as simple as <code>ollama pull [name]</code> and then evaluating with your own script against the schemas you already use. The validation checklist in this post is a starting point. Always against your real tools — never against the README examples.</p> <p><strong>What's the practical difference between Needle and using function calling from OpenAI or Anthropic?</strong><br> Latency, cost, and privacy. A local model has no network RTT, no per-token cost, and doesn't send your tool schemas to an external API. The tradeoff is that reliability depends entirely on the local model's training quality, without the backing of a provider with an SLA.</p> <p><strong>Is it worth it for an individual stack or only for companies with infrastructure?</strong><br> A 26M model runs on a MacBook with 8GB of RAM without drama. This isn't enterprise infrastructure. If you're already using Ollama for other tasks — like I am — adding a specialized model is operationally trivial. The real cost is evaluation time, not hardware.</p> <p><strong>What happens if the model hallucinates a tool name that doesn't exist in my system?</strong><br> That's the worst case and you have to design for it as an expected failure. The routing layer that consumes the model's output has to validate that the tool call <code>name</code> corresponds to a registered tool before executing anything. If it doesn't exist, the error has to be explicit and not silent. This is basic defensive design, independent of which model you use.</p> <h2> Conclusion: test it with your eyes open </h2> <p>I'm not going to say Needle is the future or that it's noise. My position is more specific: <strong>functional distillation of large model behavior into small specialized models is a legitimate direction, and tool calling is a use case where it makes genuine technical sense</strong>.</p> <p>What I don't buy is enthusiasm without friction. A 26M model has real limits around context, generalization, and reliability on unseen schemas. Those limits don't appear in the HN post and they will appear in production.</p> <p>My concrete recommendation: if you have an agent pipeline with a stable set of tools and latency is a problem, build a test harness with your own schemas, run it against the acceptance criteria in this post, and measure. If it clears 99% valid JSON and 95% schema respected on your own cases, you have something useful. If not, you know exactly why.</p> <p>That's more useful than any benchmark someone else wrote.</p> <p>Are you using local models for tool calling? Tell me at <a href="https://juanchi.dev" rel="noopener noreferrer">juanchi.dev</a> what stack you built and where you hit the limits.</p> <p><em>This article was originally published on <a href="https://juanchi.dev/en/blog/needle-gemini-tool-calling-26m-parameters-technical-read" rel="noopener noreferrer">juanchi.dev</a></em></p> english typescript llm ialocal Show HN: Needle distilled Gemini tool calling en 26M parámetros — lectura técnica sin hype Juan Torchia Sun, 17 May 2026 12:30:38 +0000 https://dev.to/jtorchia/show-hn-needle-distilled-gemini-tool-calling-en-26m-parametros-lectura-tecnica-sin-hype-1i7b https://dev.to/jtorchia/show-hn-needle-distilled-gemini-tool-calling-en-26m-parametros-lectura-tecnica-sin-hype-1i7b <h1> Show HN: Needle distilled Gemini tool calling en 26M parámetros — lectura técnica sin hype </h1> <p>Estaba revisando mi pipeline de Ollama cuando apareció el post en HN: <em>Needle</em>, un modelo de 26M de parámetros destilado desde Gemini específicamente para tool calling. Mi primera reacción fue escéptica. 26M suena a juguete. Después leí con más calma y entendí que el punto interesante no es el tamaño: es el problema que están atacando.</p> <p>Acá va mi lectura técnica, sin euforia y sin descarte fácil.</p> <h2> El problema real detrás de Needle y la destilación de Gemini para tool calling </h2> <p>Mi tesis es esta: <strong>el cuello de botella en sistemas con herramientas externas no es el razonamiento general del LLM, sino la parsabilidad del output</strong>. Si el modelo produce JSON mal formado, llama funciones con argumentos incorrectos o alucina nombres de tools que no existen, el sistema entero se rompe — no importa qué tan "inteligente" sea el modelo en otras tareas.</p> <p>Esto lo experimenté directamente mientras armaba loops de agentes con Claude Code. La parte más frágil nunca fue el razonamiento; fue la confiabilidad del contrato de datos. Me acordé de cuando me resistí a TypeScript durante años pensando que los tipos eran burocracia. Después entendí que muchas fallas evitables empiezan como contratos de datos mal expresados. Con tool calling pasa exactamente lo mismo: un modelo puede ser brillante en prosa y pésimo para respetar un esquema JSON estricto bajo presión de latencia.</p> <p><strong>Needle ataca ese punto específico</strong>: toma el comportamiento de tool calling de Gemini — que es consistente y bien estructurado — y lo destila en un modelo pequeño y especializado. La hipótesis es que para <em>esta tarea concreta</em>, 26M entrenados con el comportamiento correcto pueden superar a modelos gigantes generalistas que no fueron ajustados para respetar esquemas de función con precisión.</p> <p>¿Es verdad? En benchmarks propios, según el repositorio del proyecto, sí. En producción real propia, no lo sé todavía — y esa diferencia importa.</p> <h2> Qué es la destilación de conocimiento y por qué importa aquí </h2> <p>La destilación de conocimiento (<em>knowledge distillation</em>) es una técnica donde un modelo grande — el <em>teacher</em> — genera outputs que después se usan para entrenar un modelo pequeño — el <em>student</em>. El student no aprende de datos crudos: aprende a imitar el comportamiento del teacher en las distribuciones que más importan.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c"># Concepto simplificado del pipeline de destilación para tool calling:</span> <span class="c"># 1. Teacher (Gemini) genera miles de ejemplos de tool calling correcto</span> <span class="c"># 2. Student (Needle, 26M) entrena sobre esos ejemplos</span> <span class="c"># 3. El student aprende la distribución de outputs del teacher, no reglas escritas a mano</span> </code></pre> </div> <p>Para tool calling, esto tiene sentido particular. No necesitás que el modelo sepa historia universal. Necesitás que cuando le pasés este schema:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="c1">// Definición de herramienta — el modelo tiene que respetar esto al 100%</span> <span class="kd">const</span> <span class="nx">tools</span> <span class="o">=</span> <span class="p">[</span> <span class="p">{</span> <span class="na">name</span><span class="p">:</span> <span class="dl">"</span><span class="s2">buscar_producto</span><span class="dl">"</span><span class="p">,</span> <span class="na">description</span><span class="p">:</span> <span class="dl">"</span><span class="s2">Busca un producto por ID en el catálogo</span><span class="dl">"</span><span class="p">,</span> <span class="na">parameters</span><span class="p">:</span> <span class="p">{</span> <span class="na">type</span><span class="p">:</span> <span class="dl">"</span><span class="s2">object</span><span class="dl">"</span><span class="p">,</span> <span class="na">properties</span><span class="p">:</span> <span class="p">{</span> <span class="na">producto_id</span><span class="p">:</span> <span class="p">{</span> <span class="na">type</span><span class="p">:</span> <span class="dl">"</span><span class="s2">string</span><span class="dl">"</span> <span class="p">},</span> <span class="na">incluir_stock</span><span class="p">:</span> <span class="p">{</span> <span class="na">type</span><span class="p">:</span> <span class="dl">"</span><span class="s2">boolean</span><span class="dl">"</span> <span class="p">}</span> <span class="p">},</span> <span class="na">required</span><span class="p">:</span> <span class="p">[</span><span class="dl">"</span><span class="s2">producto_id</span><span class="dl">"</span><span class="p">]</span> <span class="p">}</span> <span class="p">}</span> <span class="p">]</span> </code></pre> </div> <p>El output sea exactamente:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"name"</span><span class="p">:</span><span class="w"> </span><span class="s2">"buscar_producto"</span><span class="p">,</span><span class="w"> </span><span class="nl">"arguments"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"producto_id"</span><span class="p">:</span><span class="w"> </span><span class="s2">"SKU-4821"</span><span class="p">,</span><span class="w"> </span><span class="nl">"incluir_stock"</span><span class="p">:</span><span class="w"> </span><span class="kc">true</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <p>Y no alguna variación creativa con claves renombradas, tipos erróneos o campos inventados. En eso los modelos pequeños generalistas fallan bastante. Si Needle lo resuelve de forma confiable, el caso de uso existe.</p> <h2> Cómo probarlo en Ollama: checklist reproducible </h2> <p>Si querés validar si un modelo como Needle tiene lugar en tu stack, el criterio no debería ser un benchmark ajeno. Debería ser tu propio conjunto de herramientas bajo las condiciones reales de tu sistema.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c"># Paso 1: Instalar Ollama si no lo tenés</span> curl <span class="nt">-fsSL</span> https://ollama.com/install.sh | sh <span class="c"># Paso 2: Cuando el modelo esté disponible en Ollama registry, pull directo</span> <span class="c"># (verificar disponibilidad en https://ollama.com/search)</span> ollama pull needle <span class="c"># nombre tentativo — verificar el registry oficial</span> <span class="c"># Paso 3: Preparar un set de pruebas de tool calling propio</span> <span class="c"># No uses los ejemplos del README del modelo; usá TUS herramientas reales</span> </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="c1">// prueba-tool-calling.ts</span> <span class="c1">// Criterios de validación que yo usaría para evaluar cualquier modelo pequeño</span> <span class="kr">interface</span> <span class="nx">ResultadoPrueba</span> <span class="p">{</span> <span class="nl">caso</span><span class="p">:</span> <span class="kr">string</span><span class="p">;</span> <span class="nl">esperado</span><span class="p">:</span> <span class="nx">object</span><span class="p">;</span> <span class="nl">obtenido</span><span class="p">:</span> <span class="kr">string</span><span class="p">;</span> <span class="nl">jsonValido</span><span class="p">:</span> <span class="nx">boolean</span><span class="p">;</span> <span class="nl">schemaRespetado</span><span class="p">:</span> <span class="nx">boolean</span><span class="p">;</span> <span class="nl">latenciaMs</span><span class="p">:</span> <span class="kr">number</span><span class="p">;</span> <span class="p">}</span> <span class="k">async</span> <span class="kd">function</span> <span class="nf">evaluarModeloToolCalling</span><span class="p">(</span> <span class="nx">modelo</span><span class="p">:</span> <span class="kr">string</span><span class="p">,</span> <span class="nx">casos</span><span class="p">:</span> <span class="nb">Array</span><span class="o">&lt;</span><span class="p">{</span> <span class="na">prompt</span><span class="p">:</span> <span class="kr">string</span><span class="p">;</span> <span class="nl">schemaEsperado</span><span class="p">:</span> <span class="nx">object</span> <span class="p">}</span><span class="o">&gt;</span> <span class="p">):</span> <span class="nb">Promise</span><span class="o">&lt;</span><span class="nx">ResultadoPrueba</span><span class="p">[]</span><span class="o">&gt;</span> <span class="p">{</span> <span class="kd">const</span> <span class="na">resultados</span><span class="p">:</span> <span class="nx">ResultadoPrueba</span><span class="p">[]</span> <span class="o">=</span> <span class="p">[];</span> <span class="k">for </span><span class="p">(</span><span class="kd">const</span> <span class="nx">caso</span> <span class="k">of</span> <span class="nx">casos</span><span class="p">)</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">inicio</span> <span class="o">=</span> <span class="nb">Date</span><span class="p">.</span><span class="nf">now</span><span class="p">();</span> <span class="c1">// Llamada al modelo vía API de Ollama</span> <span class="kd">const</span> <span class="nx">respuesta</span> <span class="o">=</span> <span class="k">await</span> <span class="nf">fetch</span><span class="p">(</span><span class="dl">"</span><span class="s2">http://localhost:11434/api/chat</span><span class="dl">"</span><span class="p">,</span> <span class="p">{</span> <span class="na">method</span><span class="p">:</span> <span class="dl">"</span><span class="s2">POST</span><span class="dl">"</span><span class="p">,</span> <span class="na">headers</span><span class="p">:</span> <span class="p">{</span> <span class="dl">"</span><span class="s2">Content-Type</span><span class="dl">"</span><span class="p">:</span> <span class="dl">"</span><span class="s2">application/json</span><span class="dl">"</span> <span class="p">},</span> <span class="na">body</span><span class="p">:</span> <span class="nx">JSON</span><span class="p">.</span><span class="nf">stringify</span><span class="p">({</span> <span class="na">model</span><span class="p">:</span> <span class="nx">modelo</span><span class="p">,</span> <span class="na">messages</span><span class="p">:</span> <span class="p">[{</span> <span class="na">role</span><span class="p">:</span> <span class="dl">"</span><span class="s2">user</span><span class="dl">"</span><span class="p">,</span> <span class="na">content</span><span class="p">:</span> <span class="nx">caso</span><span class="p">.</span><span class="nx">prompt</span> <span class="p">}],</span> <span class="c1">// Pasar las herramientas como parte del request</span> <span class="na">tools</span><span class="p">:</span> <span class="p">[</span><span class="nx">caso</span><span class="p">.</span><span class="nx">schemaEsperado</span><span class="p">],</span> <span class="na">stream</span><span class="p">:</span> <span class="kc">false</span><span class="p">,</span> <span class="p">}),</span> <span class="p">});</span> <span class="kd">const</span> <span class="nx">data</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">respuesta</span><span class="p">.</span><span class="nf">json</span><span class="p">();</span> <span class="kd">const</span> <span class="nx">latencia</span> <span class="o">=</span> <span class="nb">Date</span><span class="p">.</span><span class="nf">now</span><span class="p">()</span> <span class="o">-</span> <span class="nx">inicio</span><span class="p">;</span> <span class="c1">// Validar si el JSON es parseable y si respeta el schema</span> <span class="kd">let</span> <span class="nx">jsonValido</span> <span class="o">=</span> <span class="kc">false</span><span class="p">;</span> <span class="kd">let</span> <span class="nx">schemaRespetado</span> <span class="o">=</span> <span class="kc">false</span><span class="p">;</span> <span class="kd">let</span> <span class="nx">obtenido</span> <span class="o">=</span> <span class="dl">""</span><span class="p">;</span> <span class="k">try</span> <span class="p">{</span> <span class="c1">// El tool_call debería estar en message.tool_calls[0]</span> <span class="kd">const</span> <span class="nx">toolCall</span> <span class="o">=</span> <span class="nx">data</span><span class="p">.</span><span class="nx">message</span><span class="p">?.</span><span class="nx">tool_calls</span><span class="p">?.[</span><span class="mi">0</span><span class="p">];</span> <span class="nx">obtenido</span> <span class="o">=</span> <span class="nx">JSON</span><span class="p">.</span><span class="nf">stringify</span><span class="p">(</span><span class="nx">toolCall</span> <span class="o">??</span> <span class="nx">data</span><span class="p">.</span><span class="nx">message</span><span class="p">?.</span><span class="nx">content</span> <span class="o">??</span> <span class="dl">""</span><span class="p">);</span> <span class="nx">jsonValido</span> <span class="o">=</span> <span class="o">!!</span><span class="nx">toolCall</span><span class="p">;</span> <span class="c1">// Validación básica de schema: las claves required tienen que estar presentes</span> <span class="k">if </span><span class="p">(</span><span class="nx">toolCall</span><span class="p">?.</span><span class="kd">function</span><span class="p">?.</span><span class="nx">arguments</span><span class="p">)</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">args</span> <span class="o">=</span> <span class="nx">toolCall</span><span class="p">.</span><span class="kd">function</span><span class="p">.</span><span class="nx">arguments</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">requiredKeys</span> <span class="o">=</span> <span class="nb">Object</span><span class="p">.</span><span class="nf">keys</span><span class="p">(</span><span class="nx">caso</span><span class="p">.</span><span class="nx">schemaEsperado</span><span class="p">);</span> <span class="nx">schemaRespetado</span> <span class="o">=</span> <span class="nx">requiredKeys</span><span class="p">.</span><span class="nf">every</span><span class="p">((</span><span class="nx">k</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="nx">k</span> <span class="k">in</span> <span class="nx">args</span><span class="p">);</span> <span class="p">}</span> <span class="p">}</span> <span class="k">catch</span> <span class="p">{</span> <span class="nx">obtenido</span> <span class="o">=</span> <span class="dl">"</span><span class="s2">parse error</span><span class="dl">"</span><span class="p">;</span> <span class="p">}</span> <span class="nx">resultados</span><span class="p">.</span><span class="nf">push</span><span class="p">({</span> <span class="na">caso</span><span class="p">:</span> <span class="nx">caso</span><span class="p">.</span><span class="nx">prompt</span><span class="p">.</span><span class="nf">slice</span><span class="p">(</span><span class="mi">0</span><span class="p">,</span> <span class="mi">50</span><span class="p">),</span> <span class="na">esperado</span><span class="p">:</span> <span class="nx">caso</span><span class="p">.</span><span class="nx">schemaEsperado</span><span class="p">,</span> <span class="nx">obtenido</span><span class="p">,</span> <span class="nx">jsonValido</span><span class="p">,</span> <span class="nx">schemaRespetado</span><span class="p">,</span> <span class="na">latenciaMs</span><span class="p">:</span> <span class="nx">latencia</span><span class="p">,</span> <span class="p">});</span> <span class="p">}</span> <span class="k">return</span> <span class="nx">resultados</span><span class="p">;</span> <span class="p">}</span> </code></pre> </div> <p>Mi criterio mínimo de aceptación para cualquier modelo de tool calling en un sistema real:</p> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Métrica</th> <th>Mínimo aceptable</th> <th>Por qué</th> </tr> </thead> <tbody> <tr> <td>JSON válido</td> <td>99%+</td> <td>Un parse error en producción rompe el flujo entero</td> </tr> <tr> <td>Schema respetado</td> <td>95%+</td> <td>Argumentos incorrectos son silenciosamente peligrosos</td> </tr> <tr> <td>Latencia p95</td> <td>&lt; 500ms local</td> <td>Si tarda más que una API externa, perdiste el punto</td> </tr> <tr> <td>Hallucination de tool names</td> <td>0%</td> <td>Un nombre inventado es un error no recuperable</td> </tr> </tbody> </table></div> <h2> Los límites que el hype no menciona </h2> <p>Hay tres limitaciones que no aparecen en los titulares y que me parecen centrales antes de apostar por un modelo destilado en un sistema real.</p> <p><strong>Primero, la distribución del teacher define el techo.</strong> Si Gemini tiene sesgos en cómo genera tool calls — ciertos patrones de argumentos, ciertas convenciones de nombrado — el student los hereda sin filtro. Esto importa si tu API tiene convenciones que se alejan del estilo de Gemini.</p> <p><strong>Segundo, la generalización a schemas no vistos es una pregunta abierta.</strong> Un modelo destilado puede ser excelente en los patrones que aprendió y frágil frente a schemas complejos con <code>anyOf</code>, <code>$ref</code> anidados o validaciones condicionales. Hay que probarlo explícitamente con los schemas propios, no asumir que el benchmark general aplica.</p> <p><strong>Tercero, el tamaño de 26M parámetros implica capacidad de contexto limitada.</strong> En sistemas donde el prompt incluye muchas herramientas al mismo tiempo — algo común en backends con docenas de endpoints expuestos como tools — la degradación puede ser significativa. Es una hipótesis que hay que validar, no asumir.</p> <p>Esto no invalida el proyecto. Lo ubica. La misma disciplina que apliqué al revisar <a href="https://juanchi.dev/es/blog/pnpm-workspaces-cache-github-actions-ci-problema" rel="noopener noreferrer">problemas de caché en CI con pnpm workspaces</a> aplica acá: primero entender el límite, después decidir si encaja.</p> <h2> Dónde Needle sí tiene sentido y dónde no </h2> <p><strong>Escenarios donde tiene sentido probar Needle:</strong></p> <ul> <li>Pipelines de agentes locales donde la latencia de red hacia APIs externas es el cuello de botella</li> <li>Edge devices o entornos con recursos limitados donde un modelo de 26M entra en memoria cómodamente</li> <li>Sistemas con un conjunto <em>acotado y estable</em> de herramientas — no docenas de schemas cambiantes</li> <li>Como fallback local cuando las APIs externas no están disponibles</li> </ul> <p><strong>Escenarios donde probablemente no alcanza:</strong></p> <ul> <li>Sistemas donde el razonamiento entre pasos de tool calling es complejo — decidir <em>cuándo</em> llamar qué tool, no solo <em>cómo</em> llamarla</li> <li>APIs con schemas profundamente anidados o polimórficos</li> <li>Flujos donde el contexto conversacional largo importa — el límite de contexto de 26M va a doler</li> <li>Entornos que necesitan garantías de seguridad auditables — un modelo destilado privado es una caja más opaca</li> </ul> <p>La tensión que señaló el post de <a href="https://juanchi.dev/es/blog/spring-boot-actuator-endpoints-seguridad-produccion" rel="noopener noreferrer">Spring Boot Actuator en producción</a> aplica de otra manera acá: la comodidad de "funciona en el demo" puede esconder riesgos de superficie que solo aparecen bajo carga o con inputs inesperados.</p> <h2> Lo que esto anticipa para el ecosistema de modelos pequeños </h2> <p>Lo incómodo de Needle no es el modelo en sí. Es lo que confirma: <strong>la especialización funcional va a presionar la hegemonía de los modelos grandes generales en tareas estructuradas</strong>.</p> <p>Tool calling, clasificación de intents, extracción de entidades con schema fijo — son tareas donde un modelo destilado bien entrenado puede ganarle a GPT-4 o Claude en costo y latencia sin sacrificar confiabilidad. Eso cambia el cálculo de arquitectura.</p> <p>En mi stack actual con Claude Code para razonamiento complejo y Ollama para tareas locales, hay un hueco exactamente donde Needle apuntaría: el router de herramientas que decide qué función llamar y con qué argumentos, sin necesitar el overhead de un modelo de 70B para eso. No digo que lo vaya a adoptar mañana. Digo que la categoría tiene sentido y que el experimento merece seguimiento.</p> <p>Al igual que cuando evalué <a href="https://juanchi.dev/es/blog/spring-boot-actuator-security-spring-security-produccion-modelo-autorizacion" rel="noopener noreferrer">tradeoffs de Jakarta EE vs Spring Boot</a> o comparé <a href="https://juanchi.dev/es/blog/pnpm-vs-npm-2026-monorepo-benchmark-real" rel="noopener noreferrer">gestores de paquetes en monorepos reales</a>, la respuesta honesta no es "adoptalo ya" ni "ignoralo": es "probalo con tus propios criterios antes de comprometerte".</p> <h2> FAQ: Needle, destilación y tool calling en modelos pequeños </h2> <p><strong>¿Qué es exactamente la destilación de modelos en el contexto de LLMs?</strong><br> Es un proceso donde un modelo grande (<em>teacher</em>) genera un dataset de comportamiento correcto — en este caso, ejemplos de tool calling bien formados — que se usa para entrenar un modelo pequeño (<em>student</em>). El student aprende a imitar la distribución de outputs del teacher en las tareas específicas para las que fue destilado, sin necesitar la arquitectura completa del teacher.</p> <p><strong>¿26M parámetros es suficiente para tool calling confiable?</strong><br> Depende del scope. Para un conjunto acotado de herramientas con schemas simples, probablemente sí. Para sistemas con docenas de herramientas complejas, contextos largos o razonamiento multi-paso, es una hipótesis abierta. El benchmark del proyecto es optimista; la validación con schemas propios es obligatoria antes de apostar.</p> <p><strong>¿Cómo lo pruebo localmente sin comprometer un sistema en producción?</strong><br> Con Ollama, si el modelo está disponible en el registry, es tan simple como <code>ollama pull [nombre]</code> y después evaluar con un script propio contra los schemas que ya usás. El checklist de validación de este post es un punto de partida. Siempre contra tus herramientas reales, nunca contra los ejemplos del README.</p> <p><strong>¿Cuál es la diferencia práctica entre Needle y usar function calling de OpenAI o Anthropic?</strong><br> Latencia, costo y privacidad. Un modelo local no tiene RTT de red, no tiene costo por token y no manda los schemas de tus herramientas a una API externa. La contrapartida es que la confiabilidad depende enteramente de la calidad del entrenamiento del modelo local, sin el respaldo de un proveedor con SLA.</p> <p><strong>¿Vale la pena para un stack individual o solo para empresas con infraestructura?</strong><br> Un modelo de 26M entra en una MacBook con 8GB de RAM sin drama. No es infraestructura de empresa. Si ya usás Ollama para otras tareas — como yo — agregar un modelo especializado es operativamente trivial. El costo real es el tiempo de evaluación, no el hardware.</p> <p><strong>¿Qué pasa si el modelo alucina un nombre de herramienta que no existe en mi sistema?</strong><br> Es el peor caso y hay que diseñarlo como falla esperada. La capa de routing que consume el output del modelo tiene que validar que el <code>name</code> de la tool call corresponda a una herramienta registrada antes de ejecutar. Si no existe, el error tiene que ser explícito y no silencioso. Esto es diseño defensivo básico, independiente del modelo que uses.</p> <h2> Conclusión: probalo con los ojos abiertos </h2> <p>No voy a decir que Needle es el futuro ni que es ruido. Mi postura es más específica: <strong>la destilación funcional de comportamiento de modelos grandes en modelos pequeños especializados es una dirección legítima, y tool calling es un caso de uso donde tiene sentido técnico genuino</strong>.</p> <p>Lo que no compro es el entusiasmo sin fricción. Un modelo de 26M tiene límites reales de contexto, de generalización y de confiabilidad bajo schemas no vistos. Esos límites no aparecen en el post de HN y aparecerán en producción.</p> <p>Mi recomendación concreta: si tenés un pipeline de agentes con un conjunto estable de herramientas y latencia es un problema, armá un harness de prueba con los schemas propios, correlo contra los criterios de aceptación del post y medí. Si pasa el umbral de 99% de JSON válido y 95% de schema respetado en tus propios casos, tenés algo útil. Si no, sabés exactamente por qué.</p> <p>Eso es más útil que cualquier benchmark ajeno.</p> <p>¿Estás usando modelos locales para tool calling? Contame en <a href="https://juanchi.dev" rel="noopener noreferrer">juanchi.dev</a> qué stack armaste y dónde encontraste los límites.</p> <p><em>Este artículo fue publicado originalmente en <a href="https://juanchi.dev/es/blog/show-needle-distilled-gemini-tool-calling-modelo-pequeno-analisis" rel="noopener noreferrer">juanchi.dev</a></em></p> spanish espanol typescript llm OpenTelemetry on Spring Boot 3: when logs say OK and traces show the problem Juan Torchia Sat, 16 May 2026 19:06:15 +0000 https://dev.to/jtorchia/opentelemetry-on-spring-boot-3-when-logs-say-ok-and-traces-show-the-problem-193o https://dev.to/jtorchia/opentelemetry-on-spring-boot-3-when-logs-say-ok-and-traces-show-the-problem-193o <p>There's a question I've asked myself many times while debugging backend systems: did the request take long because the DB was slow, because the downstream kept us waiting, or because some internal loop fired 60 queries to fetch 60 records? The log says <code>duration_ms=340</code> and <code>status=200</code>. That's it. You start guessing.</p> <p>That moment of uncertainty is where this lab came from. Not to measure OpenTelemetry overhead, not to compare Jaeger against Tempo, but to answer something more concrete: what signals do you lose when you only have good logs, and what shows up when you add a trace?</p> <p>The repo is at <a href="https://github.com/JuanTorchia/opentelemetry-spring-boot-lab" rel="noopener noreferrer">github.com/JuanTorchia/opentelemetry-spring-boot-lab</a>, commit <code>c12ea4e848dc431c8bbd324318399172302fe053</code>, tag <code>editorial-final-diagnosis-comparison-v2</code>.</p> <h2> The setup: a lab that produces evidence, not benchmarks </h2> <p>The stack is Spring Boot 3.5.7, Java 21, PostgreSQL 16, OpenTelemetry API 1.43.0, OpenTelemetry Java Agent 2.9.0, and Jaeger all-in-one. Everything starts with Docker Compose. To reproduce it:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight powershell"><code><span class="c"># Quick smoke test with small dataset (1k tasks)</span><span class="w"> </span><span class="o">.</span><span class="n">\scripts\run-lab.ps1</span><span class="w"> </span><span class="nt">-Mode</span><span class="w"> </span><span class="nx">smoke</span><span class="w"> </span><span class="nt">-Size</span><span class="w"> </span><span class="nx">small</span><span class="w"> </span><span class="c"># Full editorial run (50k tasks, 200 requests, warmup 20, concurrency 8)</span><span class="w"> </span><span class="o">.</span><span class="n">\scripts\run-lab.ps1</span><span class="w"> </span><span class="nt">-Mode</span><span class="w"> </span><span class="nx">editorial</span><span class="w"> </span><span class="nt">-Size</span><span class="w"> </span><span class="nx">editorial</span><span class="w"> </span><span class="nt">-Runs</span><span class="w"> </span><span class="nx">3</span><span class="w"> </span><span class="nt">-Requests</span><span class="w"> </span><span class="nx">200</span><span class="w"> </span><span class="nt">-Warmup</span><span class="w"> </span><span class="nx">20</span><span class="w"> </span><span class="nt">-Concurrency</span><span class="w"> </span><span class="nx">8</span><span class="w"> </span></code></pre> </div> <p>The runner starts Compose, downloads the agent into <code>tools/</code>, packages the jar, seeds Postgres with synthetic tables (<code>organizations</code>, <code>users</code>, <code>projects</code>, <code>tasks</code>, <code>comments</code>), runs the scenarios, queries Jaeger by <code>traceId</code>, and regenerates the reports in <code>results/</code>.</p> <p>Jaeger was chosen for local simplicity: one image, web UI, REST API to query traces by <code>traceId</code>. Tempo is also valid, but needs more moving parts for a local editorial demo. This is not a production stack recommendation.</p> <p>The <code>editorial</code> dataset has 50,000 tasks. The <code>small</code> dataset has 1,000. That difference matters so the N+1 produces visible fan-out rather than a microsecond gap that disappears into noise.</p> <h2> The instrumentation decision I care about most </h2> <p>The <code>pom.xml</code> has <code>opentelemetry-api</code> as a compile dependency, but the agent arrives at runtime. That means HTTP server, HTTP client, and JDBC are instrumented automatically without touching business code.</p> <p>Manual spans are used only for business stages that the agent can't infer:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight java"><code><span class="c1">// LabService.java — manual span to mark business intent</span> <span class="nc">Span</span> <span class="n">span</span> <span class="o">=</span> <span class="n">tracer</span><span class="o">.</span><span class="na">spanBuilder</span><span class="o">(</span><span class="s">"business.n_plus_one.load_tasks_then_comments"</span><span class="o">).</span><span class="na">startSpan</span><span class="o">();</span> <span class="k">try</span> <span class="o">(</span><span class="kt">var</span> <span class="n">ignored</span> <span class="o">=</span> <span class="n">span</span><span class="o">.</span><span class="na">makeCurrent</span><span class="o">())</span> <span class="o">{</span> <span class="c1">// first fetches tasks, then runs one query per task</span> <span class="nc">List</span><span class="o">&lt;</span><span class="nc">Map</span><span class="o">&lt;</span><span class="nc">String</span><span class="o">,</span> <span class="nc">Object</span><span class="o">&gt;&gt;</span> <span class="n">tasks</span> <span class="o">=</span> <span class="n">jdbcTemplate</span><span class="o">.</span><span class="na">queryForList</span><span class="o">(</span> <span class="s">"select t.id, t.title, u.display_name as assignee from tasks t "</span> <span class="o">+</span> <span class="s">"join users u on u.id = t.assignee_id order by t.id limit ?"</span><span class="o">,</span> <span class="n">limit</span><span class="o">);</span> <span class="k">for</span> <span class="o">(</span><span class="nc">Map</span><span class="o">&lt;</span><span class="nc">String</span><span class="o">,</span> <span class="nc">Object</span><span class="o">&gt;</span> <span class="n">task</span> <span class="o">:</span> <span class="n">tasks</span><span class="o">)</span> <span class="o">{</span> <span class="nc">Long</span> <span class="n">taskId</span> <span class="o">=</span> <span class="o">((</span><span class="nc">Number</span><span class="o">)</span> <span class="n">task</span><span class="o">.</span><span class="na">get</span><span class="o">(</span><span class="s">"id"</span><span class="o">)).</span><span class="na">longValue</span><span class="o">();</span> <span class="c1">// this query repeats per task → fan-out</span> <span class="nc">Integer</span> <span class="n">comments</span> <span class="o">=</span> <span class="n">jdbcTemplate</span><span class="o">.</span><span class="na">queryForObject</span><span class="o">(</span> <span class="s">"select count(*) from comments where task_id = ?"</span><span class="o">,</span> <span class="nc">Integer</span><span class="o">.</span><span class="na">class</span><span class="o">,</span> <span class="n">taskId</span><span class="o">);</span> <span class="c1">// ...</span> <span class="o">}</span> <span class="n">span</span><span class="o">.</span><span class="na">setAttribute</span><span class="o">(</span><span class="s">"lab.n_plus_one.expected_extra_queries"</span><span class="o">,</span> <span class="n">enriched</span><span class="o">.</span><span class="na">size</span><span class="o">());</span> <span class="o">}</span> <span class="k">finally</span> <span class="o">{</span> <span class="n">span</span><span class="o">.</span><span class="na">end</span><span class="o">();</span> <span class="o">}</span> </code></pre> </div> <p>That mix is more honest for the post: auto-instrumentation for infrastructure, manual spans to explain intent. If I had used only manual spans, the lab would require observability-specific code in every layer. If I had relied only on the agent, business spans would be invisible.</p> <p>The <code>logback-spring.xml</code> injects <code>traceId</code> and <code>spanId</code> into every log line:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight xml"><code><span class="c">&lt;!-- logback-spring.xml --&gt;</span> <span class="nt">&lt;pattern&gt;</span>%d{yyyy-MM-dd'T'HH:mm:ss.SSSXXX} %-5level traceId=%X{trace_id:-none} spanId=%X{span_id:-none} %logger{36} - %msg%n<span class="nt">&lt;/pattern&gt;</span> </code></pre> </div> <p>That's what connects both worlds. A log with <code>traceId</code> lets you jump directly to the trace in Jaeger. Without it, logs and traces are islands.</p> <h2> The Matrix That Summarizes The Diagnosis </h2> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Scenario</th> <th>p95</th> <th>Avg spans</th> <th>Avg DB spans</th> <th>Error spans/request</th> <th>Defensible diagnosis</th> </tr> </thead> <tbody> <tr> <td>baseline</td> <td>55 ms</td> <td>3.04</td> <td>1.04</td> <td>0</td> <td>Healthy request, no weird story.</td> </tr> <tr> <td>optimized</td> <td>59 ms</td> <td>3.04</td> <td>1.04</td> <td>0</td> <td>Same functional shape, no DB fan-out.</td> </tr> <tr> <td>n-plus-one</td> <td>209 ms</td> <td>63.38</td> <td>61.38</td> <td>0</td> <td>DB fan-out visible inside one request.</td> </tr> <tr> <td>downstream-slow</td> <td>374 ms</td> <td>4</td> <td>0</td> <td>0</td> <td>Time concentrates in downstream.</td> </tr> <tr> <td>mixed</td> <td>395 ms</td> <td>7.57</td> <td>1.57</td> <td>0</td> <td>DB, downstream, and transformation compete.</td> </tr> <tr> <td>partial-error</td> <td>184 ms</td> <td>6.27</td> <td>1.27</td> <td>3</td> <td>Downstream error inside a partial response.</td> </tr> </tbody> </table></div> <p>This table is not trying to crown a tool. It summarizes which signals are available for diagnosis. The strong point is not that one number is universal: it is that N+1 leaves a very different shape than the optimized case, and that shape does not appear in a flat log unless you enable SQL debug.</p> <h2> What the six scenarios reveal </h2> <p>The lab has six endpoints: <code>baseline</code>, <code>n-plus-one</code>, <code>optimized</code>, <code>downstream-slow</code>, <code>mixed</code>, and <code>partial-error</code>. Each produces different signals that the runner consolidates into <code>results/comparison.md</code> and <code>results/diagnosis-comparison.md</code>.</p> <p>The finding I most want to defend:</p> <p><strong>N+1 vs optimized</strong>: both return the same response shape. The log for both says <code>status=200</code>. The difference lives in the trace: <code>n-plus-one</code> generates an average of <strong>63.38 spans</strong> per request in the editorial run; <code>optimized</code> generates <strong>3.04</strong>. That's not a universal performance claim — it's a diagnostic signal. With only logs and no SQL debug enabled, the difference is ambiguous. With the trace, DB fan-out is visible without extra configuration.</p> <p><strong>Downstream-slow</strong>: p95 sits at <strong>374 ms</strong>, very close to the configured 300 ms delay. Logs show total duration and <code>traceId</code>. What they don't show is where that time went: was it DB? was it the downstream? was it in-memory transformation? The trace separates it: the downstream HTTP client span dominates the hierarchy. The local DB appears as a secondary span with low duration.</p> <p><strong>Mixed</strong>: this is where flat logs fail the most. Three stages compete (DB, downstream, transformation) and none is obviously dominant. p95 reaches <strong>395 ms</strong>. The trace shows the temporal distribution per stage. The log just says it was slow.</p> <p><strong>Partial-error</strong>: the endpoint responds with HTTP 206 (partial content). The log records <code>traceId</code>, status, and error type. The trace goes further: the downstream span is marked with error, nested under a request that technically responded. Logs and trace don't replace each other here — they complement. The log alerts and lets you correlate. The trace places the error in the causal hierarchy.</p> <h2> The Screenshot That Changed The Diagnosis </h2> <p>In Jaeger, <code>n-plus-one</code> does not look like a request that is merely a bit slower. It looks like a request with DB fan-out: many repeated spans under the same business operation.</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fzrwcrw0nacyetckt1vt9.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fzrwcrw0nacyetckt1vt9.png" alt="Jaeger trace showing DB fan-out in the N+1 scenario" width="800" height="611"></a></p> <p>The optimized case, on the other hand, keeps a compact shape. I do not need to read the code to suspect that the previous case was not "Postgres is slow" in the abstract, but the query shape.</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fldud8cw9ah8pwqq1rbya.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fldud8cw9ah8pwqq1rbya.png" alt="Jaeger trace for the optimized scenario" width="800" height="611"></a></p> <p>The partial-error case matters for another reason: the request can respond, while the downstream span is marked as errored. That nuance is exactly where logs and traces complement each other: the log alerts, the trace locates.</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fmbz79pyo9mc44a8u34in.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fmbz79pyo9mc44a8u34in.png" alt="Jaeger trace with partial downstream error marked" width="800" height="611"></a></p> <h2> The honest limits of the metrics </h2> <p>The <code>*_vs_root_pct</code> fields in <code>results/diagnosis-comparison.md</code> are cumulative percentages of span durations exported by Jaeger. They can exceed 100% when there are nested spans, client/server pairs, or overlap. The <code>duration_denominator_type</code> field indicates what was used as the denominator: <code>root_span</code>, <code>http_request_span</code>, or <code>largest_observed_span</code> if the trace was ambiguous.</p> <p>These are not overhead numbers. They are not an exact distribution of real request time. They are cumulative diagnostic signals. Treating them like CPU percentages would be a misread that this lab doesn't try to encourage.</p> <p>Similarly, <code>diagnosis_confidence_*</code> is an editorial classification coded in <code>ScenarioDiagnosis.java</code>, not an automatically measured metric. For N+1, <code>diagnosisConfidenceLogs</code> is <code>low</code> and <code>diagnosisConfidenceTrace</code> is <code>high</code>. That reflects the fact that without SQL debug, the log is ambiguous. It's not a universal benchmark of which tool is better.</p> <h2> My position: what I accept and what I don't buy </h2> <p>I accept that OpenTelemetry with the Java Agent is a reasonable way to add structural visibility to a Spring Boot 3 app without polluting business code. JDBC and HTTP client auto-instrumentation works well for common scenarios.</p> <p>I don't buy the narrative that traces replace logs. The lab's <code>RequestCompletionLoggingFilter</code> is a Servlet filter that records every completed request with scenario, method, path, status, and duration. Those logs are operationally useful even when Jaeger is unavailable. The <code>traceId</code> in the log is the bridge, not the replacement.</p> <p>I also don't buy that Jaeger is the only valid option. It was chosen because it starts with one image and has a ready web UI. Tempo, Zipkin, or any OTLP-compatible backend would solve the same problem in this context.</p> <p>The honest trade-off is this: auto-instrumentation reduces accidental work but adds an agent on the classpath that exports data in the background. In a local lab that's trivial. In production, agent overhead depends on load, exporter configuration, and sampling. This lab doesn't measure that, and claiming otherwise would be misleading.</p> <h2> What to do with this </h2> <p>If you already have structured logs in production with <code>traceId</code> and <code>spanId</code>, the next step isn't replacing anything. It's adding a trace backend and connecting both worlds. The lab shows that Spring Boot 3 auto-instrumentation with the Java Agent is enough for common scenarios, and that manual spans only make sense when you want to name business intent that the agent can't infer.</p> <p>If you're evaluating whether the effort is worth it: the case where it's most clearly justified isn't the healthy baseline. It's the mixed scenario or the N+1, where logs give you a number and the trace gives you a shape. The difference between guessing and diagnosing.</p> <p>After this lab, my rule is simple: logs tell you what happened; traces help you understand how it happened. If the flat log only gives you total duration, you do not have an explanation yet. You have a clue.</p> <p><em>This article was originally published on <a href="https://juanchi.dev/en/blog/opentelemetry-spring-boot-logs-vs-traces-diagnosis" rel="noopener noreferrer">juanchi.dev</a></em></p> english experimentos backend observabilidad OpenTelemetry en Spring Boot 3: cuando el log dice OK y el trace muestra el problema Juan Torchia Sat, 16 May 2026 19:06:09 +0000 https://dev.to/jtorchia/opentelemetry-en-spring-boot-3-cuando-el-log-dice-ok-y-el-trace-muestra-el-problema-4639 https://dev.to/jtorchia/opentelemetry-en-spring-boot-3-cuando-el-log-dice-ok-y-el-trace-muestra-el-problema-4639 <p>Hay una pregunta que me hice muchas veces debuggeando sistemas backend: ¿la request tardó porque la DB fue lenta, porque el downstream nos clavó, o porque algún loop interno disparó 60 queries para traer 60 registros? El log dice <code>duration_ms=340</code> y <code>status=200</code>. Eso es todo. Empezás a adivinar.</p> <p>Ese momento de incertidumbre fue el origen de este laboratorio. No para medir overhead de OpenTelemetry, no para comparar Jaeger contra Tempo, sino para responder algo más concreto: ¿qué señales perdés cuando solo tenés logs buenos, y qué aparece cuando sumás un trace?</p> <p>El repo está en <a href="https://github.com/JuanTorchia/opentelemetry-spring-boot-lab" rel="noopener noreferrer">github.com/JuanTorchia/opentelemetry-spring-boot-lab</a>, commit <code>c12ea4e848dc431c8bbd324318399172302fe053</code>, tag <code>editorial-final-diagnosis-comparison-v2</code>.</p> <h2> El setup: un laboratorio que produce evidencia, no benchmarks </h2> <p>El stack es Spring Boot 3.5.7, Java 21, PostgreSQL 16, OpenTelemetry API 1.43.0, OpenTelemetry Java Agent 2.9.0 y Jaeger all-in-one. Todo levanta con Docker Compose. Para reproducirlo:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight powershell"><code><span class="c"># Smoke rápido con dataset pequeño (1k tasks)</span><span class="w"> </span><span class="o">.</span><span class="n">\scripts\run-lab.ps1</span><span class="w"> </span><span class="nt">-Mode</span><span class="w"> </span><span class="nx">smoke</span><span class="w"> </span><span class="nt">-Size</span><span class="w"> </span><span class="nx">small</span><span class="w"> </span><span class="c"># Corrida editorial completa (50k tasks, 200 requests, warmup 20, concurrencia 8)</span><span class="w"> </span><span class="o">.</span><span class="n">\scripts\run-lab.ps1</span><span class="w"> </span><span class="nt">-Mode</span><span class="w"> </span><span class="nx">editorial</span><span class="w"> </span><span class="nt">-Size</span><span class="w"> </span><span class="nx">editorial</span><span class="w"> </span><span class="nt">-Runs</span><span class="w"> </span><span class="nx">3</span><span class="w"> </span><span class="nt">-Requests</span><span class="w"> </span><span class="nx">200</span><span class="w"> </span><span class="nt">-Warmup</span><span class="w"> </span><span class="nx">20</span><span class="w"> </span><span class="nt">-Concurrency</span><span class="w"> </span><span class="nx">8</span><span class="w"> </span></code></pre> </div> <p>El runner levanta Compose, descarga el agente en <code>tools/</code>, empaqueta el jar, seedea Postgres con tablas sintéticas (<code>organizations</code>, <code>users</code>, <code>projects</code>, <code>tasks</code>, <code>comments</code>), ejecuta los escenarios, consulta Jaeger por <code>traceId</code> y regenera los reportes en <code>results/</code>.</p> <p>Jaeger fue elegido por simplicidad local: una imagen, UI web, API REST para consultar traces por <code>traceId</code>. Tempo también es válido, pero necesita más piezas para una demo editorial local. No es una recomendación de stack productivo.</p> <p>El dataset <code>editorial</code> tiene 50.000 tasks. El <code>small</code> tiene 1.000. La diferencia importa para que el N+1 produzca fan-out visible y no una diferencia de microsegundos que desaparece en el ruido.</p> <h2> La decisión de instrumentación que más me importa </h2> <p>El <code>pom.xml</code> tiene <code>opentelemetry-api</code> como dependencia de compilación, pero el agente llega en runtime. Eso significa que HTTP server, HTTP client y JDBC se instrumentan automáticamente sin tocar el código de negocio.</p> <p>Los spans manuales se usan solo para etapas de negocio que el agente no puede inferir:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight java"><code><span class="c1">// LabService.java — span manual para marcar intención de negocio</span> <span class="nc">Span</span> <span class="n">span</span> <span class="o">=</span> <span class="n">tracer</span><span class="o">.</span><span class="na">spanBuilder</span><span class="o">(</span><span class="s">"business.n_plus_one.load_tasks_then_comments"</span><span class="o">).</span><span class="na">startSpan</span><span class="o">();</span> <span class="k">try</span> <span class="o">(</span><span class="kt">var</span> <span class="n">ignored</span> <span class="o">=</span> <span class="n">span</span><span class="o">.</span><span class="na">makeCurrent</span><span class="o">())</span> <span class="o">{</span> <span class="c1">// primero trae tasks, luego hace una query por cada una</span> <span class="nc">List</span><span class="o">&lt;</span><span class="nc">Map</span><span class="o">&lt;</span><span class="nc">String</span><span class="o">,</span> <span class="nc">Object</span><span class="o">&gt;&gt;</span> <span class="n">tasks</span> <span class="o">=</span> <span class="n">jdbcTemplate</span><span class="o">.</span><span class="na">queryForList</span><span class="o">(</span> <span class="s">"select t.id, t.title, u.display_name as assignee from tasks t "</span> <span class="o">+</span> <span class="s">"join users u on u.id = t.assignee_id order by t.id limit ?"</span><span class="o">,</span> <span class="n">limit</span><span class="o">);</span> <span class="k">for</span> <span class="o">(</span><span class="nc">Map</span><span class="o">&lt;</span><span class="nc">String</span><span class="o">,</span> <span class="nc">Object</span><span class="o">&gt;</span> <span class="n">task</span> <span class="o">:</span> <span class="n">tasks</span><span class="o">)</span> <span class="o">{</span> <span class="nc">Long</span> <span class="n">taskId</span> <span class="o">=</span> <span class="o">((</span><span class="nc">Number</span><span class="o">)</span> <span class="n">task</span><span class="o">.</span><span class="na">get</span><span class="o">(</span><span class="s">"id"</span><span class="o">)).</span><span class="na">longValue</span><span class="o">();</span> <span class="c1">// esta query se repite por cada task → fan-out</span> <span class="nc">Integer</span> <span class="n">comments</span> <span class="o">=</span> <span class="n">jdbcTemplate</span><span class="o">.</span><span class="na">queryForObject</span><span class="o">(</span> <span class="s">"select count(*) from comments where task_id = ?"</span><span class="o">,</span> <span class="nc">Integer</span><span class="o">.</span><span class="na">class</span><span class="o">,</span> <span class="n">taskId</span><span class="o">);</span> <span class="c1">// ...</span> <span class="o">}</span> <span class="n">span</span><span class="o">.</span><span class="na">setAttribute</span><span class="o">(</span><span class="s">"lab.n_plus_one.expected_extra_queries"</span><span class="o">,</span> <span class="n">enriched</span><span class="o">.</span><span class="na">size</span><span class="o">());</span> <span class="o">}</span> <span class="k">finally</span> <span class="o">{</span> <span class="n">span</span><span class="o">.</span><span class="na">end</span><span class="o">();</span> <span class="o">}</span> </code></pre> </div> <p>Esa mezcla es más honesta para el post: auto-instrumentación para infraestructura, spans manuales para explicar intención. Si hubiera usado solo spans manuales, el lab requeriría código específico de observabilidad en cada capa. Si hubiera confiado solo en el agente, los spans de negocio serían invisibles.</p> <p>El <code>logback-spring.xml</code> inyecta <code>traceId</code> y <code>spanId</code> en cada línea de log:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight xml"><code><span class="c">&lt;!-- logback-spring.xml --&gt;</span> <span class="nt">&lt;pattern&gt;</span>%d{yyyy-MM-dd'T'HH:mm:ss.SSSXXX} %-5level traceId=%X{trace_id:-none} spanId=%X{span_id:-none} %logger{36} - %msg%n<span class="nt">&lt;/pattern&gt;</span> </code></pre> </div> <p>Eso es lo que conecta ambos mundos. Un log con <code>traceId</code> te permite saltar directo al trace en Jaeger. Sin eso, logs y traces son islas.</p> <h2> La matriz que resume el diagnóstico </h2> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Escenario</th> <th>p95</th> <th>Spans promedio</th> <th>DB spans promedio</th> <th>Error spans/request</th> <th>Diagnóstico defendible</th> </tr> </thead> <tbody> <tr> <td>baseline</td> <td>55 ms</td> <td>3,04</td> <td>1,04</td> <td>0</td> <td>Request sana, sin historia rara.</td> </tr> <tr> <td>optimized</td> <td>59 ms</td> <td>3,04</td> <td>1,04</td> <td>0</td> <td>Misma forma funcional, sin fan-out DB.</td> </tr> <tr> <td>n-plus-one</td> <td>209 ms</td> <td>63,38</td> <td>61,38</td> <td>0</td> <td>Fan-out DB visible en una sola request.</td> </tr> <tr> <td>downstream-slow</td> <td>374 ms</td> <td>4</td> <td>0</td> <td>0</td> <td>El tiempo se concentra en downstream.</td> </tr> <tr> <td>mixed</td> <td>395 ms</td> <td>7,57</td> <td>1,57</td> <td>0</td> <td>DB, downstream y transformación compiten.</td> </tr> <tr> <td>partial-error</td> <td>184 ms</td> <td>6,27</td> <td>1,27</td> <td>3</td> <td>Error downstream dentro de una respuesta parcial.</td> </tr> </tbody> </table></div> <p>Esta tabla no intenta coronar una herramienta. Resume qué señales quedan disponibles para diagnosticar. El dato fuerte no es que un número sea universal: es que el N+1 deja una forma muy distinta al caso optimizado, y esa forma no aparece en un log plano sin activar SQL debug.</p> <h2> Lo que revelan los seis escenarios </h2> <p>El laboratorio tiene seis endpoints: <code>baseline</code>, <code>n-plus-one</code>, <code>optimized</code>, <code>downstream-slow</code>, <code>mixed</code> y <code>partial-error</code>. Cada uno produce señales diferentes que el runner consolida en <code>results/comparison.md</code> y <code>results/diagnosis-comparison.md</code>.</p> <p>El hallazgo que más me interesa defender:</p> <p><strong>N+1 vs optimized</strong>: ambos devuelven el mismo shape de respuesta. El log de ambos dice <code>status=200</code>. La diferencia está en el trace: <code>n-plus-one</code> genera un promedio de <strong>63,38 spans</strong> por request en la corrida editorial; <code>optimized</code> genera <strong>3,04</strong>. Eso no es un claim de performance universal, es una señal diagnóstica. Con solo los logs, sin activar SQL debug, la diferencia es ambigua. Con el trace, el fan-out DB es visible sin configuración extra.</p> <p><strong>Downstream-slow</strong>: el p95 está en <strong>374 ms</strong>, muy cerca del delay configurado de 300 ms. Los logs muestran la duración total y el <code>traceId</code>. Lo que no muestran es dónde se fue ese tiempo: ¿fue DB? ¿fue el downstream? ¿fue transformación en memoria? El trace lo separa: el span HTTP client del downstream domina la jerarquía. La DB local aparece como span secundario de duración baja.</p> <p><strong>Mixed</strong>: aquí es donde los logs planos fallan más. Tres etapas compiten (DB, downstream, transformación) y ninguna es dominante de forma obvia. El p95 llega a <strong>395 ms</strong>. El trace muestra la distribución temporal por etapa. El log solo dice que tardó.</p> <p><strong>Partial-error</strong>: el endpoint responde con HTTP 206 (partial content). El log registra el <code>traceId</code>, el status y el tipo de error. El trace va más lejos: el span del downstream está marcado con error, anidado bajo una request que técnicamente respondió. Logs y trace no se reemplazan acá, se complementan. El log avisa y permite correlacionar. El trace ubica el error en la jerarquía causal.</p> <h2> La captura que cambió el diagnóstico </h2> <p>En Jaeger, <code>n-plus-one</code> no se ve como una request apenas más lenta. Se ve como una request con fan-out DB: muchos spans repetidos bajo una misma operación de negocio.</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fzrwcrw0nacyetckt1vt9.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fzrwcrw0nacyetckt1vt9.png" alt="Trace de Jaeger mostrando fan-out DB en el escenario N+1" width="" height=""></a></p> <p>El caso optimizado, en cambio, mantiene una forma compacta. No necesito mirar el código para sospechar que el problema del caso anterior no era "Postgres lento" en abstracto, sino el shape de queries.</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fldud8cw9ah8pwqq1rbya.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fldud8cw9ah8pwqq1rbya.png" alt="Trace de Jaeger del escenario optimizado" width="800" height="611"></a></p> <p>El caso de error parcial también vale por otra razón: la request puede responder, pero el span del downstream queda marcado con error. Ese matiz es justo donde logs y traces se complementan: el log avisa, el trace ubica.</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fmbz79pyo9mc44a8u34in.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fmbz79pyo9mc44a8u34in.png" alt="Trace de Jaeger con error parcial marcado en downstream" width="800" height="611"></a></p> <h2> El límite honesto de las métricas </h2> <p>Los campos <code>*_vs_root_pct</code> en <code>results/diagnosis-comparison.md</code> son porcentajes acumulados de duración de spans exportados por Jaeger. Pueden superar el 100% cuando hay spans anidados, pares cliente/servidor o solapamiento. El campo <code>duration_denominator_type</code> indica qué se usó como denominador: <code>root_span</code>, <code>http_request_span</code> o <code>largest_observed_span</code> si la traza quedó ambigua.</p> <p>No son overhead. No son distribución exacta del tiempo real de la request. Son señales diagnósticas acumuladas. Usarlas como si fueran porcentajes de CPU sería un error de interpretación que este lab no intenta fomentar.</p> <p>De la misma forma, <code>diagnosis_confidence_*</code> es una clasificación editorial codificada en <code>ScenarioDiagnosis.java</code>, no una métrica medida automáticamente. Para N+1, <code>diagnosisConfidenceLogs</code> es <code>low</code> y <code>diagnosisConfidenceTrace</code> es <code>high</code>. Eso refleja que sin SQL debug, el log es ambiguo. No es un benchmark universal de qué herramienta es mejor.</p> <h2> Mi postura: qué acepto y qué no compro </h2> <p>Acepto que OpenTelemetry con el Java Agent es una forma razonable de agregar visibilidad estructural a una app Spring Boot 3 sin ensuciar el código de negocio. La auto-instrumentación de JDBC y HTTP client funciona bien para escenarios comunes.</p> <p>No compro la narrativa de que los traces reemplazan los logs. El <code>RequestCompletionLoggingFilter</code> del lab es un filtro Servlet que registra cada request completada con escenario, método, path, status y duración. Esos logs son operativamente útiles aunque Jaeger no esté disponible. El <code>traceId</code> en el log es el puente, no el reemplazo.</p> <p>Tampoco compro que Jaeger sea la única opción válida. Se eligió porque levanta con una imagen y tiene UI web lista. Tempo, Zipkin o cualquier backend compatible con OTLP resolverían el mismo problema en este contexto.</p> <p>El trade-off honesto es este: la auto-instrumentación reduce trabajo accidental pero agrega un agente en el classpath que exporta datos en background. En un laboratorio local eso es trivial. En producción, el overhead del agente depende de la carga, la configuración del exporter y el sampling. Este lab no mide eso, y sería engañoso afirmar que sí.</p> <h2> Qué hacer con esto </h2> <p>Si ya tenés logs estructurados en producción con <code>traceId</code> y <code>spanId</code>, el paso siguiente no es reemplazar nada. Es agregar el backend de traces y conectar ambos mundos. El lab muestra que la auto-instrumentación de Spring Boot 3 con el Java Agent es suficiente para los escenarios comunes, y que los spans manuales tienen sentido solo cuando querés nombrar intención de negocio que el agente no puede inferir.</p> <p>Si estás evaluando si vale la pena el esfuerzo: el caso donde más claramente lo justifica no es el baseline sano. Es el escenario mixto o el N+1, donde los logs te dan un número y el trace te da una forma. La diferencia entre adivinar y diagnosticar.</p> <p>Después de este lab, mi regla queda así: logs para saber qué pasó; traces para entender cómo pasó. Si el log plano te da solo duración total, todavía no tenés una explicación. Tenés una pista.</p> <p><em>Este artículo fue publicado originalmente en <a href="https://juanchi.dev/es/blog/opentelemetry-spring-boot-logs-vs-traces-diagnostico" rel="noopener noreferrer">juanchi.dev</a></em></p> spanish espanol experimentos backend Prisma vs JDBC: the benchmark that almost made me blame the wrong ORM Juan Torchia Sat, 16 May 2026 01:36:53 +0000 https://dev.to/jtorchia/prisma-vs-jdbc-the-benchmark-that-almost-made-me-blame-the-wrong-orm-585m https://dev.to/jtorchia/prisma-vs-jdbc-the-benchmark-that-almost-made-me-blame-the-wrong-orm-585m <p>There's a discussion that surfaces every time someone posts an ORM benchmark: "of course JDBC is faster, you're measuring the abstraction". They're right, but only halfway. What nobody says is that the abstraction isn't the only culprit — sometimes the culprit is you, because you let an N+1 slip through without noticing.</p> <p>I built <a href="https://github.com/JuanTorchia/prismavsjdbc" rel="noopener noreferrer">prismavsjdbc</a> to test this in a controlled way. It's not a benchmark about who wins. It's a lab where the same PostgreSQL 16, the same 50k-task dataset, and the same business scenarios run against two stacks: Node.js 24 LTS + TypeScript + Prisma 5 on one side, and Spring Boot 3 + Java 21 LTS + <code>JdbcTemplate</code> on the other. The analyzed commit is <code>2cd33e32bd29a1d4b46a26af0b56d6a912f5e4f5</code>, tag <code>best-effort-editorial-final</code>.</p> <p>The thesis I'm defending is this: <strong>query shape, SQL/request, and N+1 explain more than the slogan "ORM vs raw SQL"</strong>. When you optimize the shape, both stacks improve. When you don't, both stacks charge you.</p> <h2> The problem that almost made me draw the wrong conclusion </h2> <p>The first version of the lab had an obvious trap, even though I didn't see it at first. It compared the most comfortable Prisma implementation — using <code>include</code> to fetch relations — against a manual join in JDBC. The result was predictable: JDBC measured 1 SQL/request, idiomatic Prisma measured 4 SQL/request on <code>read-by-id</code>, and latency reflected that.</p> <p>Incorrect conclusion I almost published: "Prisma is slower because it emits more queries".</p> <p>Correct conclusion: I was comparing different shapes. Prisma's <code>include</code> fires separate queries per relation — that's not a bug, it's the documented contract of the API. JDBC did a join because I wrote it that way. It's not fair to compare them without acknowledging that.</p> <p>That friction changed the entire lab design: I needed three levels within each stack.</p> <h2> Three levels: naive, idiomatic, best-effort </h2> <p>Adding the <code>level</code> column to <code>results/comparison.csv</code> was the most important decision in the project. Without it, any results table is a trap for the reader.</p> <ul> <li> <strong>naive</strong>: the most direct implementation possible, with no thought given to performance. In both stacks, this includes deliberate N+1 — per-task queries inside a loop.</li> <li> <strong>idiomatic</strong>: the normal, maintainable way to write code in each stack. Prisma with <code>include</code> and <code>_count</code>, JDBC with the join any Java dev would write without obsessing over micro-optimizations.</li> <li> <strong>best-effort</strong>: the tightest code the team would accept without it becoming a hack. For Prisma, this means dropping to <code>$queryRaw</code> when the shape is aggregational.</li> </ul> <p>The <code>read-by-id</code> scenario with idiomatic Prisma measured 4 SQL/request due to <code>include</code>. The <code>read-by-id-best-effort</code> variant with <code>$queryRaw</code> dropped to 1 SQL/request — the same join JDBC uses. The PostgreSQL plan for that query is clean:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight sql"><code><span class="c1">-- read-by-id-best-effort: same SQL in Prisma $queryRaw and in JdbcTemplate</span> <span class="k">select</span> <span class="n">t</span><span class="p">.</span><span class="n">id</span><span class="p">,</span> <span class="n">t</span><span class="p">.</span><span class="n">title</span><span class="p">,</span> <span class="n">t</span><span class="p">.</span><span class="n">status</span><span class="p">,</span> <span class="n">t</span><span class="p">.</span><span class="n">created_at</span> <span class="k">as</span> <span class="nv">"createdAt"</span><span class="p">,</span> <span class="n">p</span><span class="p">.</span><span class="n">id</span> <span class="k">as</span> <span class="nv">"projectId"</span><span class="p">,</span> <span class="n">p</span><span class="p">.</span><span class="n">name</span> <span class="k">as</span> <span class="nv">"projectName"</span><span class="p">,</span> <span class="n">o</span><span class="p">.</span><span class="n">id</span> <span class="k">as</span> <span class="nv">"organizationId"</span><span class="p">,</span> <span class="n">o</span><span class="p">.</span><span class="n">name</span> <span class="k">as</span> <span class="nv">"organizationName"</span><span class="p">,</span> <span class="n">u</span><span class="p">.</span><span class="n">id</span> <span class="k">as</span> <span class="nv">"assigneeId"</span><span class="p">,</span> <span class="n">u</span><span class="p">.</span><span class="n">display_name</span> <span class="k">as</span> <span class="nv">"assigneeName"</span> <span class="k">from</span> <span class="n">tasks</span> <span class="n">t</span> <span class="k">join</span> <span class="n">projects</span> <span class="n">p</span> <span class="k">on</span> <span class="n">p</span><span class="p">.</span><span class="n">id</span> <span class="o">=</span> <span class="n">t</span><span class="p">.</span><span class="n">project_id</span> <span class="k">join</span> <span class="n">organizations</span> <span class="n">o</span> <span class="k">on</span> <span class="n">o</span><span class="p">.</span><span class="n">id</span> <span class="o">=</span> <span class="n">p</span><span class="p">.</span><span class="n">organization_id</span> <span class="k">join</span> <span class="n">users</span> <span class="n">u</span> <span class="k">on</span> <span class="n">u</span><span class="p">.</span><span class="n">id</span> <span class="o">=</span> <span class="n">t</span><span class="p">.</span><span class="n">assignee_id</span> <span class="k">where</span> <span class="n">t</span><span class="p">.</span><span class="n">id</span> <span class="o">=</span> <span class="s1">'00000000-0000-4000-0100-000000000001'</span><span class="p">::</span><span class="n">uuid</span> <span class="k">limit</span> <span class="mi">1</span><span class="p">;</span> <span class="c1">-- Execution Time: 0.242 ms, Buffers: shared hit=9</span> </code></pre> </div> <p>When Prisma and JDBC emit the same SQL, the PostgreSQL plan is identical. That closes the runtime debate: the bottleneck was the shape, not the client.</p> <h2> N+1 is the usual villain, but the lab shows it with numbers </h2> <p>The <code>n-plus-one-trap</code> scenario exists to make explicit something every developer knows in theory but underestimates in practice. The naive level in both stacks fires individual queries per task — on a 50k-task dataset with concurrency 16, that scales brutally.</p> <p>The biggest jump in the lab wasn't between Prisma and JDBC. It was between naive and idiomatic within Prisma. When you go from N+1 to <code>include/_count</code>, the reduction in SQL/request is immediate and visible in latency. After that, if you want to squeeze more, <code>$queryRaw</code> gives you another jump — but smaller than the first.</p> <p>The interesting part on the Java side is that <code>CountingJdbc</code> — the wrapper over <code>JdbcTemplate</code> in <code>apps/jdbc-service/src/main/java/com/example/jdbclab/CountingJdbc.java</code> — uses an <code>AtomicLong</code> to count queries. That allows an objective SQL/request comparison without relying on logs or <code>pg_stat_statements</code> as the primary source:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight java"><code><span class="c1">// CountingJdbc.java — instrumentation with no magic, easy to audit</span> <span class="nd">@Component</span> <span class="kd">public</span> <span class="kd">class</span> <span class="nc">CountingJdbc</span> <span class="o">{</span> <span class="kd">private</span> <span class="kd">final</span> <span class="nc">JdbcTemplate</span> <span class="n">jdbc</span><span class="o">;</span> <span class="kd">private</span> <span class="kd">final</span> <span class="nc">AtomicLong</span> <span class="n">queryCount</span> <span class="o">=</span> <span class="k">new</span> <span class="nc">AtomicLong</span><span class="o">();</span> <span class="kd">public</span> <span class="o">&lt;</span><span class="no">T</span><span class="o">&gt;</span> <span class="nc">List</span><span class="o">&lt;</span><span class="no">T</span><span class="o">&gt;</span> <span class="nf">query</span><span class="o">(</span><span class="nc">String</span> <span class="n">sql</span><span class="o">,</span> <span class="nc">RowMapper</span><span class="o">&lt;</span><span class="no">T</span><span class="o">&gt;</span> <span class="n">mapper</span><span class="o">,</span> <span class="nc">Object</span><span class="o">...</span> <span class="n">args</span><span class="o">)</span> <span class="o">{</span> <span class="c1">// each call to the wrapper adds 1 to the counter</span> <span class="n">queryCount</span><span class="o">.</span><span class="na">incrementAndGet</span><span class="o">();</span> <span class="k">return</span> <span class="n">jdbc</span><span class="o">.</span><span class="na">query</span><span class="o">(</span><span class="n">sql</span><span class="o">,</span> <span class="n">mapper</span><span class="o">,</span> <span class="n">args</span><span class="o">);</span> <span class="o">}</span> <span class="kd">public</span> <span class="kt">long</span> <span class="nf">count</span><span class="o">()</span> <span class="o">{</span> <span class="k">return</span> <span class="n">queryCount</span><span class="o">.</span><span class="na">get</span><span class="o">();</span> <span class="o">}</span> <span class="o">}</span> </code></pre> </div> <p>On the Prisma side, the equivalent lives in <code>apps/prisma-client/src/db.ts</code>: it hooks into the client's <code>query</code> event to count. That symmetry in instrumentation is what makes the SQL/request numbers comparable across stacks.</p> <h2> When $queryRaw makes sense and when it's a surrender </h2> <p>This is the part where a lot of Prisma posts aren't honest. <code>$queryRaw</code> exists and is valid, but using it for everything is admitting you don't want to use Prisma — you're using PostgreSQL with a fancy TypeScript client.</p> <p>The decision in the lab was clear: best-effort with <code>$queryRaw</code> makes sense in <code>relation-summary</code> and <code>report-aggregation</code> because the shape is genuinely aggregational. Prisma <code>groupBy</code> doesn't cleanly express <code>date_trunc</code> + join by organization, and forcing it would be worse than writing SQL.</p> <p>By contrast, <code>paginated-list</code> has no best-effort variant because idiomatic Prisma already emits 1 SQL/request with <code>findMany</code> and filters. Adding <code>$queryRaw</code> there wouldn't change anything meaningful — it would be complexity with no benefit.</p> <p>The table in <code>docs/brief-post.md</code> models this well: the <code>level</code> column isn't a scale of "how much effort you put in" but of "how much the SQL shape changes when you apply the variant".</p> <h2> What the lab can't guarantee </h2> <p>The HTTP runner is homegrown — not k6 or wrk. The hardware is local. Docker Desktop, GC, plan cache, and indexes can shift absolute latencies between runs. The editorial run used 3 runs, 300 requests per run, 30 warmup requests, concurrency 16, and a 50k-task dataset — but those numbers on different hardware can produce different results.</p> <p>The version matrix (<code>docs/java-version-matrix.md</code>) shows Java 21 vs Java 25: there are differences, but the main argument — that N+1 and SQL/request dominate — holds on both JVMs. Java 25 improved <code>read-by-id</code> by ~20% over Java 21 in the local run, but that doesn't change the fact that the problem in <code>relation-summary-naive</code> was the shape, not the JVM.</p> <p>I wouldn't publish those absolute numbers as universal truth. I publish them as evidence of a pattern: when you change the shape, the delta is orders of magnitude larger than when you change the runtime.</p> <h2> The position I landed on </h2> <p>Prisma is not slow. Prisma with <code>include</code> emitting 4 queries where you could emit 1 is an ergonomics trade-off with an observable cost — and that cost is worth it for most endpoints in an API that isn't under extreme pressure. When shape genuinely matters, <code>$queryRaw</code> exists and works well.</p> <p>JDBC with <code>JdbcTemplate</code> is not superior just because it's raw SQL. It's predictable because the developer controls the shape from the start. The risk is on the other side: that nobody checks whether those Java loops are also doing N+1 without an ORM to blame.</p> <p>The lab is reproducible. If you have Docker, Node 24 LTS, and Java 21 or 25, you can run it:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c"># full editorial run — Bash</span> bash scripts/run-lab.sh <span class="nt">--mode</span> editorial <span class="nt">--size</span> editorial <span class="nt">--runs</span> 3 <span class="nt">--requests</span> 300 <span class="nt">--warmup</span> 30 <span class="nt">--concurrency</span> 16 </code></pre> </div> <p>And if you just want to verify the scenarios run without errors before committing time:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c"># quick smoke test to validate the setup</span> bash scripts/run-lab.sh <span class="nt">--mode</span> smoke <span class="nt">--size</span> small </code></pre> </div> <p>The code is at <a href="https://github.com/JuanTorchia/prismavsjdbc" rel="noopener noreferrer">github.com/JuanTorchia/prismavsjdbc</a>. Editorial results are in <code>results/comparison.csv</code> and <code>results/comparison.md</code>.</p> <p>What I'd like to know: in the stack you're using right now, do you have real visibility into the SQL/request count for each endpoint? Or do you assume the ORM handles it on its own?</p> <p><em>This article was originally published on <a href="https://juanchi.dev/en/blog/prisma-vs-jdbc-benchmark-query-shape-n1" rel="noopener noreferrer">juanchi.dev</a>.</em></p> english experiments typescript performance Prisma vs JDBC: el benchmark que casi me hace culpar al ORM equivocado Juan Torchia Sat, 16 May 2026 01:36:44 +0000 https://dev.to/jtorchia/prisma-vs-jdbc-el-benchmark-que-casi-me-hace-culpar-al-orm-equivocado-12hc https://dev.to/jtorchia/prisma-vs-jdbc-el-benchmark-que-casi-me-hace-culpar-al-orm-equivocado-12hc <p>Hay una discusión que aparece cada vez que alguien postea un benchmark de ORM: "claro que JDBC es más rápido, estás midiendo la abstracción". Y tienen razón, pero solo a medias. Lo que nadie dice es que la abstracción no es el único culpable — a veces el culpable sos vos, que dejaste pasar un N+1 sin darte cuenta.</p> <p>Armé <a href="https://github.com/JuanTorchia/prismavsjdbc" rel="noopener noreferrer">prismavsjdbc</a> para probar esto de forma controlada. No es un benchmark de quién gana. Es un laboratorio donde el mismo PostgreSQL 16, el mismo dataset de 50k tasks y los mismos casos de negocio corren contra dos stacks: Node.js 24 LTS + TypeScript + Prisma 5 por un lado, y Spring Boot 3 + Java 21 LTS + <code>JdbcTemplate</code> por el otro. El commit analizado es <code>2cd33e32bd29a1d4b46a26af0b56d6a912f5e4f5</code>, tag <code>best-effort-editorial-final</code>.</p> <p>La tesis que defiendo es esta: <strong>query shape, SQL/request y N+1 explican más que el slogan "ORM vs SQL directo"</strong>. Cuando optimizás el shape, los dos stacks mejoran. Cuando no, los dos te cobran.</p> <h2> El problema que casi me hace concluir mal </h2> <p>La primera versión del laboratorio tenía una trampa obvia, aunque no la vi al principio. Comparaba la implementación más cómoda de Prisma — usando <code>include</code> para traer relaciones — contra un join manual en JDBC. El resultado era predecible: JDBC medía 1 SQL/request, Prisma idiomatic medía 4 SQL/request en <code>read-by-id</code>, y la latencia lo reflejaba.</p> <p>Conclusión incorrecta que casi publico: "Prisma es más lento porque emite más queries".</p> <p>Conclusión correcta: estaba comparando shapes distintos. El <code>include</code> de Prisma hace queries separadas por relación — no es un bug, es el contrato documentado de la API. JDBC hacía un join porque yo lo escribí así. No es fair compararlos sin reconocerlo.</p> <p>Esa es la fricción que cambió todo el diseño del lab: necesitaba tres niveles dentro de cada stack.</p> <h2> Tres niveles: naive, idiomatic, best-effort </h2> <p>Agregar la columna <code>level</code> al <code>results/comparison.csv</code> fue la decisión más importante del proyecto. Sin ella, cualquier tabla de resultados es una trampa para el lector.</p> <ul> <li> <strong>naive</strong>: la implementación más directa posible, sin pensar en performance. En ambos stacks, esto incluye N+1 deliberado — consultas por task dentro de un loop.</li> <li> <strong>idiomatic</strong>: la forma normal y mantenible de escribir el código en cada stack. Prisma con <code>include</code> y <code>_count</code>, JDBC con el join que escribiría cualquier dev Java sin obsesionarse con micro-optimizaciones.</li> <li> <strong>best-effort</strong>: el código más ajustado que acepta el equipo sin convertirse en un hack. Para Prisma, esto significa bajar a <code>$queryRaw</code> cuando el shape es agregacional.</li> </ul> <p>El escenario <code>read-by-id</code> con Prisma idiomatic midió 4 SQL/request por el <code>include</code>. La variante <code>read-by-id-best-effort</code> con <code>$queryRaw</code> bajó a 1 SQL/request — el mismo join que usa JDBC. El plan de PostgreSQL para ese query es limpio:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight sql"><code><span class="c1">-- read-by-id-best-effort: mismo SQL en Prisma $queryRaw y en JdbcTemplate</span> <span class="k">select</span> <span class="n">t</span><span class="p">.</span><span class="n">id</span><span class="p">,</span> <span class="n">t</span><span class="p">.</span><span class="n">title</span><span class="p">,</span> <span class="n">t</span><span class="p">.</span><span class="n">status</span><span class="p">,</span> <span class="n">t</span><span class="p">.</span><span class="n">created_at</span> <span class="k">as</span> <span class="nv">"createdAt"</span><span class="p">,</span> <span class="n">p</span><span class="p">.</span><span class="n">id</span> <span class="k">as</span> <span class="nv">"projectId"</span><span class="p">,</span> <span class="n">p</span><span class="p">.</span><span class="n">name</span> <span class="k">as</span> <span class="nv">"projectName"</span><span class="p">,</span> <span class="n">o</span><span class="p">.</span><span class="n">id</span> <span class="k">as</span> <span class="nv">"organizationId"</span><span class="p">,</span> <span class="n">o</span><span class="p">.</span><span class="n">name</span> <span class="k">as</span> <span class="nv">"organizationName"</span><span class="p">,</span> <span class="n">u</span><span class="p">.</span><span class="n">id</span> <span class="k">as</span> <span class="nv">"assigneeId"</span><span class="p">,</span> <span class="n">u</span><span class="p">.</span><span class="n">display_name</span> <span class="k">as</span> <span class="nv">"assigneeName"</span> <span class="k">from</span> <span class="n">tasks</span> <span class="n">t</span> <span class="k">join</span> <span class="n">projects</span> <span class="n">p</span> <span class="k">on</span> <span class="n">p</span><span class="p">.</span><span class="n">id</span> <span class="o">=</span> <span class="n">t</span><span class="p">.</span><span class="n">project_id</span> <span class="k">join</span> <span class="n">organizations</span> <span class="n">o</span> <span class="k">on</span> <span class="n">o</span><span class="p">.</span><span class="n">id</span> <span class="o">=</span> <span class="n">p</span><span class="p">.</span><span class="n">organization_id</span> <span class="k">join</span> <span class="n">users</span> <span class="n">u</span> <span class="k">on</span> <span class="n">u</span><span class="p">.</span><span class="n">id</span> <span class="o">=</span> <span class="n">t</span><span class="p">.</span><span class="n">assignee_id</span> <span class="k">where</span> <span class="n">t</span><span class="p">.</span><span class="n">id</span> <span class="o">=</span> <span class="s1">'00000000-0000-4000-0100-000000000001'</span><span class="p">::</span><span class="n">uuid</span> <span class="k">limit</span> <span class="mi">1</span><span class="p">;</span> <span class="c1">-- Execution Time: 0.242 ms, Buffers: shared hit=9</span> </code></pre> </div> <p>Cuando Prisma y JDBC emiten el mismo SQL, el plan de PostgreSQL es idéntico. Eso cierra la discusión del runtime: el cuello de botella era el shape, no el cliente.</p> <h2> El N+1 es el villano de siempre, pero el lab lo muestra con números </h2> <p>El escenario <code>n-plus-one-trap</code> existe para hacer explícito algo que cualquier desarrollador sabe en teoría pero subestima en práctica. El nivel naive en ambos stacks hace consultas individuales por task — en un dataset de 50k tasks con concurrencia 16, eso escala de manera brutal.</p> <p>El salto más importante en el lab no fue entre Prisma y JDBC. Fue entre naive e idiomatic dentro de Prisma. Cuando pasás de N+1 a <code>include/_count</code>, la reducción de SQL/request es inmediata y visible en la latencia. Después, si querés apretarlo más, <code>$queryRaw</code> te da otro salto — pero menor que el primero.</p> <p>Lo interesante del lado Java es que <code>CountingJdbc</code> — el wrapper sobre <code>JdbcTemplate</code> que está en <code>apps/jdbc-service/src/main/java/com/example/jdbclab/CountingJdbc.java</code> — usa un <code>AtomicLong</code> para contar queries. Eso permite comparar SQL/request de forma objetiva sin depender de logs ni de <code>pg_stat_statements</code> como fuente principal:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight java"><code><span class="c1">// CountingJdbc.java — instrumentación sin magia, fácil de auditar</span> <span class="nd">@Component</span> <span class="kd">public</span> <span class="kd">class</span> <span class="nc">CountingJdbc</span> <span class="o">{</span> <span class="kd">private</span> <span class="kd">final</span> <span class="nc">JdbcTemplate</span> <span class="n">jdbc</span><span class="o">;</span> <span class="kd">private</span> <span class="kd">final</span> <span class="nc">AtomicLong</span> <span class="n">queryCount</span> <span class="o">=</span> <span class="k">new</span> <span class="nc">AtomicLong</span><span class="o">();</span> <span class="kd">public</span> <span class="o">&lt;</span><span class="no">T</span><span class="o">&gt;</span> <span class="nc">List</span><span class="o">&lt;</span><span class="no">T</span><span class="o">&gt;</span> <span class="nf">query</span><span class="o">(</span><span class="nc">String</span> <span class="n">sql</span><span class="o">,</span> <span class="nc">RowMapper</span><span class="o">&lt;</span><span class="no">T</span><span class="o">&gt;</span> <span class="n">mapper</span><span class="o">,</span> <span class="nc">Object</span><span class="o">...</span> <span class="n">args</span><span class="o">)</span> <span class="o">{</span> <span class="c1">// cada llamada al wrapper suma 1 al contador</span> <span class="n">queryCount</span><span class="o">.</span><span class="na">incrementAndGet</span><span class="o">();</span> <span class="k">return</span> <span class="n">jdbc</span><span class="o">.</span><span class="na">query</span><span class="o">(</span><span class="n">sql</span><span class="o">,</span> <span class="n">mapper</span><span class="o">,</span> <span class="n">args</span><span class="o">);</span> <span class="o">}</span> <span class="kd">public</span> <span class="kt">long</span> <span class="nf">count</span><span class="o">()</span> <span class="o">{</span> <span class="k">return</span> <span class="n">queryCount</span><span class="o">.</span><span class="na">get</span><span class="o">();</span> <span class="o">}</span> <span class="o">}</span> </code></pre> </div> <p>Del lado de Prisma, el equivalente está en <code>apps/prisma-client/src/db.ts</code>: se engancha al evento <code>query</code> del cliente para contar. Esa simetría en la instrumentación es lo que hace que los números de SQL/request sean comparables entre stacks.</p> <h2> Cuándo $queryRaw tiene sentido y cuándo es una rendición </h2> <p>Esta es la parte donde muchos posts sobre Prisma no son honestos. <code>$queryRaw</code> existe y es válido, pero usarlo para todo es admitir que no querés usar Prisma — estás usando PostgreSQL con un cliente TypeScript de lujo.</p> <p>La decisión en el lab fue clara: best-effort con <code>$queryRaw</code> tiene sentido en <code>relation-summary</code> y <code>report-aggregation</code> porque el shape es genuinamente agregacional. Prisma <code>groupBy</code> no expresa limpiamente <code>date_trunc</code> + join por organization, y forzarlo sería peor que escribir SQL.</p> <p>En cambio, <code>paginated-list</code> no tiene variante best-effort porque Prisma idiomatic ya emite 1 SQL/request con <code>findMany</code> y filtros. Agregar <code>$queryRaw</code> ahí no cambiaría nada relevante — sería complejidad sin beneficio.</p> <p>La tabla en <code>docs/brief-post.md</code> lo modela bien: la columna <code>level</code> no es una escala de "cuánto esfuerzo pusiste" sino de "cuánto cambia el shape SQL cuando aplicás la variante".</p> <h2> Lo que el lab no puede garantizar </h2> <p>El runner HTTP es propio — no es k6 ni wrk. El hardware es local. Docker Desktop, GC, plan cache e índices pueden mover las latencias absolutas entre corridas. La corrida editorial usó 3 runs, 300 requests por run, warmup de 30, concurrencia 16 y dataset de 50k tasks, pero esos números en otro hardware pueden dar resultados distintos.</p> <p>La matriz de versiones (<code>docs/java-version-matrix.md</code>) muestra Java 21 vs Java 25: hay diferencias, pero el argumento principal — que N+1 y SQL/request dominan — se mantiene en ambas JVMs. Java 25 mejoró <code>read-by-id</code> un ~20% sobre Java 21 en la corrida local, pero eso no cambia que el problema en <code>relation-summary-naive</code> era el shape, no la JVM.</p> <p>No publicaría esos números absolutos como verdad universal. Los publico como evidencia de un patrón: cuando cambiás el shape, el delta es órdenes de magnitud mayor que cuando cambiás el runtime.</p> <h2> La postura que me quedé </h2> <p>Prisma no es lento. Prisma con <code>include</code> que emite 4 queries donde podrías emitir 1 es una decisión de ergonomía que tiene un costo observable — y ese costo vale la pena en la mayoría de los endpoints de una API que no está bajo presión extrema. Cuando el shape importa de verdad, <code>$queryRaw</code> existe y funciona bien.</p> <p>JDBC con <code>JdbcTemplate</code> no es superior por ser SQL directo. Es predecible porque el desarrollador controla el shape desde el primer momento. El riesgo está en el lado opuesto: que nadie revise si esos loops en Java también están haciendo N+1 sin que el ORM sea el chivo expiatorio.</p> <p>El lab es reproducible. Si tenés Docker, Node 24 LTS y Java 21 o 25, podés correrlo:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c"># corrida editorial completa — Bash</span> bash scripts/run-lab.sh <span class="nt">--mode</span> editorial <span class="nt">--size</span> editorial <span class="nt">--runs</span> 3 <span class="nt">--requests</span> 300 <span class="nt">--warmup</span> 30 <span class="nt">--concurrency</span> 16 </code></pre> </div> <p>Y si querés solo verificar que los escenarios corren sin errores antes de comprometer tiempo:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c"># smoke rápido para validar el setup</span> bash scripts/run-lab.sh <span class="nt">--mode</span> smoke <span class="nt">--size</span> small </code></pre> </div> <p>El código está en <a href="https://github.com/JuanTorchia/prismavsjdbc" rel="noopener noreferrer">github.com/JuanTorchia/prismavsjdbc</a>. Los resultados editoriales están en <code>results/comparison.csv</code> y <code>results/comparison.md</code>.</p> <p>Lo que me gustaría saber: en el stack que usás ahora mismo, ¿tenés visibilidad real del SQL/request de cada endpoint? ¿O asumís que el ORM lo resuelve solo?</p> <p><em>Este articulo fue publicado originalmente en <a href="https://juanchi.dev/es/blog/prisma-vs-jdbc-benchmark-query-shape-n1" rel="noopener noreferrer">juanchi.dev</a>.</em></p> spanish espanol experimentos typescript Retry isn't free: budget, amplification, and the cost that never shows up in p95 Juan Torchia Fri, 15 May 2026 15:55:35 +0000 https://dev.to/jtorchia/retry-isnt-free-budget-amplification-and-the-cost-that-never-shows-up-in-p95-ae9 https://dev.to/jtorchia/retry-isnt-free-budget-amplification-and-the-cost-that-never-shows-up-in-p95-ae9 <p>There's a decision I've gotten wrong more than once: adding retry as if it were a free improvement. Configure three attempts with exponential backoff, the system looks more stable on the dashboard, done. What I wasn't watching was how many extra calls I was sending to the downstream on every failure.</p> <p>This post comes from an experiment I built to measure exactly that: when retry buys real availability, when it multiplies pressure, and when it simply changes nothing because the problem isn't transient. The repo is <a href="https://github.com/JuanTorchia/retry-resilience-experiment" rel="noopener noreferrer"><code>retry-resilience-experiment</code></a>, commit <code>bdfc350</code>, with Spring Boot 3.3.5, Java 21, Resilience4j 2.2.0, and k6 as the load generator.</p> <p>My thesis is simple: retry is budget. Each extra attempt consumes user wait time, hits the real downstream, and can accelerate a degradation that was already in progress. It's not a feature you flip on and call it done.</p> <h2> The problem with only looking at success rate </h2> <p>When the downstream has simulated random failures at 35%, the difference between policies is visible. With <code>no-retry-standard-timeout</code>, the success rate in that run was <code>0.6529</code>. With <code>immediate-retry</code>, it climbed to <code>0.955</code>. That looks like a clear win.</p> <p>But the number that matters is right next to it: <code>retry_amplification_factor</code>. With <code>immediate-retry</code> on <code>random-failures</code> it reached <code>1.465</code>. That means for every user request, the system made 1.465 real calls to the downstream. In <code>jitter-random-failures</code> it was <code>1.471</code>. The downstream received almost 47% more traffic than k6 generated.</p> <p>For transient failures that might be acceptable. The downstream is failing for external reasons, retries land at different moments, and the outcome improves. But that 47% extra isn't abstract: downstream capacity has to exist to absorb it. If the service is already at its limit, that overhead is the nudge that tips it over.</p> <p>The metric the repo defines as a contract for not fooling yourself is exactly that:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight java"><code><span class="c1">// MetricSnapshot.java — this line exists to prevent self-deception</span> <span class="kt">double</span> <span class="n">retryAmplificationFactor</span><span class="o">,</span> <span class="c1">// downstream_calls / total_requests</span> </code></pre> </div> <p>If you only look at <code>successRate</code> and <code>errorRate</code>, you can believe you won when you actually pushed 47% more load onto a system that was already struggling.</p> <h2> progressive-degradation: where retry can accelerate the collapse </h2> <p>This scenario is the most interesting one methodologically, and also the one with the most important warning.</p> <p>The <code>PROGRESSIVE_DEGRADATION</code> downstream implements this:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight java"><code><span class="c1">// DownstreamScenario.java — delay grows with each real call received</span> <span class="k">case</span> <span class="no">PROGRESSIVE_DEGRADATION</span> <span class="o">-&gt;</span> <span class="nc">Duration</span><span class="o">.</span><span class="na">ofMillis</span><span class="o">(</span><span class="nc">Math</span><span class="o">.</span><span class="na">min</span><span class="o">(</span><span class="mi">900</span><span class="o">,</span> <span class="mi">80</span> <span class="o">+</span> <span class="n">callNumber</span> <span class="o">*</span> <span class="mi">3</span><span class="o">));</span> </code></pre> </div> <p>The delay isn't external or fixed: it grows with <code>callNumber</code>, which is the counter of real calls to the downstream. That means a policy with more retries generates more calls, and those calls accelerate the degradation. It's not the same failure for everyone: policies with retry degrade faster because they push harder.</p> <p>The numbers from the run show this clearly. With <code>no-retry-standard-timeout</code>, <code>7720</code> total requests were processed and <code>7720</code> downstream calls were initiated. With <code>immediate-retry</code>, total requests dropped to <code>2939</code> but downstream calls went up to <code>8699</code>, with an amplification factor of <code>2.96</code>. The retry policy processed fewer user requests but made more downstream calls.</p> <p>To be clear: this isn't a design flaw, it's the point of the experiment. The lab documents it explicitly in <code>docs/brief-post.md</code>: <code>progressive-degradation</code> should be read as load-sensitive degradation, not as an identical external failure for all policies. If you treat it as a direct comparison between policies under the same conditions, the conclusion is framed wrong from the start.</p> <p>What you can conclude: in scenarios where the degradation rate depends on the volume of calls received, retries can be an accelerant. That has a name in production: retry storm. And the lab reproduces it in a controlled way.</p> <h2> The percentiles that lie to you when there are timeouts </h2> <p>There's a technical detail that changed how I read the results, and the README documents it honestly.</p> <p>The caller timeout is implemented with <code>future.cancel(true)</code> in the <code>RetryExecutor</code>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight java"><code><span class="c1">// RetryExecutor.java — cancel(true) interrupts the attempt from the caller side</span> <span class="k">try</span> <span class="o">{</span> <span class="n">future</span><span class="o">.</span><span class="na">get</span><span class="o">(</span><span class="n">policy</span><span class="o">.</span><span class="na">timeout</span><span class="o">().</span><span class="na">toMillis</span><span class="o">(),</span> <span class="nc">TimeUnit</span><span class="o">.</span><span class="na">MILLISECONDS</span><span class="o">);</span> <span class="k">return</span> <span class="k">new</span> <span class="nf">AttemptResult</span><span class="o">(</span><span class="kc">true</span><span class="o">,</span> <span class="n">elapsedMs</span><span class="o">(</span><span class="n">started</span><span class="o">),</span> <span class="s">"ok"</span><span class="o">,</span> <span class="kc">true</span><span class="o">);</span> <span class="o">}</span> <span class="k">catch</span> <span class="o">(</span><span class="nc">TimeoutException</span> <span class="n">timeout</span><span class="o">)</span> <span class="o">{</span> <span class="n">future</span><span class="o">.</span><span class="na">cancel</span><span class="o">(</span><span class="kc">true</span><span class="o">);</span> <span class="k">return</span> <span class="k">new</span> <span class="nf">AttemptResult</span><span class="o">(</span><span class="kc">false</span><span class="o">,</span> <span class="n">elapsedMs</span><span class="o">(</span><span class="n">started</span><span class="o">),</span> <span class="s">"timeout"</span><span class="o">,</span> <span class="kc">true</span><span class="o">);</span> <span class="o">}</span> </code></pre> </div> <p>When an attempt exceeds the timeout, the latency recorded for that attempt is capped by the caller timeout: <code>STANDARD_TIMEOUT = Duration.ofMillis(260)</code>. That's why in <code>progressive-degradation</code> almost all <code>all_attempt_p95_ms</code> and <code>all_attempt_p99_ms</code> values show exactly <code>260</code>. It's not that the downstream responded in 260 ms: it's that the caller stopped waiting at 260 ms and recorded that as the attempt latency.</p> <p>What happens after the <code>cancel(true)</code> in the simulated downstream isn't fully modeled. In a real system with HTTP, a database, or a queue, the downstream may keep executing work even after the client has given up. The lab counts initiated calls but can't guarantee there's no residual work post-cancellation.</p> <p>This also matters for reading <code>successful_requests_per_second</code>. The value of <code>0.95</code> that appears across several <code>progressive-degradation</code> scenarios isn't the system's maximum capacity: it's the useful work observed under that closed k6 load. With a different VU configuration, a different duration, or a real network, the numbers would differ.</p> <h2> circuit-breaker and bulkhead: visible rejections as a protection signal </h2> <p>In <code>progressive-degradation</code>, the circuit breaker produces something that looks contradictory at first glance. The <code>13-circuit-breaker-progressive-degradation</code> run has <code>total_requests = 44777</code> and <code>circuit_breaker_rejected = 44718</code>. The error rate is <code>0.9987</code>. That looks catastrophic.</p> <p>But look at the downstream calls: <code>198</code>. Amplification factor: <code>0.004</code>. The circuit breaker almost completely stopped sending calls to the downstream. The rejections are visible to the client, but the downstream is protected.</p> <p>Compare that with <code>immediate-retry-progressive-degradation</code>, which has <code>downstream_calls = 8699</code> and keeps failing at the same rate, and the trade-off becomes obvious. The circuit breaker chooses to reject fast rather than multiply pressure on something that can no longer respond.</p> <p>The bulkhead in the same run shows a different variant: <code>bulkhead_rejected = 22122</code> with <code>downstream_calls = 3668</code>. It limits concurrency instead of opening the circuit, but the effect is similar: it reduces downstream pressure at the cost of visible rejections.</p> <p>Those concurrency signals (<code>max_inflight_downstream = 16</code> for bulkhead, <code>40</code> for most other runs) are observations, not proof of saturation. The lab renamed the metric from <code>saturationObservation</code> to <code>concurrencyObservation</code> for exactly that reason: high <code>max_inflight</code> doesn't prove CPU, network, or connection pool saturation. It's a signal that invites investigation, not a conclusion.</p> <h2> What I conclude and what I don't </h2> <p>This experiment is a local simulation, a single published run, against a simulated downstream with in-memory delays. The numbers don't represent production, don't represent any real provider, and don't support claiming "this policy scales to X RPS". If you want to publish exact values with strong claims, the README says it clearly: run at least three <code>editorial</code> runs and look for consistency, not a single pass.</p> <p>What I think can be sustained:</p> <ul> <li>In transient failures, retry can improve success rate but always has an amplification factor greater than 1. That overhead exists and has to fit within the system.</li> <li>In load-sensitive degradation, more retries can accelerate the degradation because they generate more calls. This isn't universal, but the scenario is real and the experiment reproduces it.</li> <li>p95 and p99 of attempts don't tell you the real downstream latency when there are timeouts: they tell you how long the caller waited before giving up.</li> <li>Circuit breaker and bulkhead produce visible rejections that can be exactly the right decision to protect the system.</li> </ul> <p>What I don't conclude: that one policy is better than another in the abstract, that these numbers apply to a different system, or that <code>max_inflight_downstream</code> proves saturation.</p> <p>The question I'm leaving open for further exploration: how much real residual work actually remains in the downstream after a <code>future.cancel(true)</code> in a system with an HTTP connection pool? The lab notes it as a known limitation. In production that's exactly where the difference lies between a timeout that protects and one that only hides the problem.</p> <p>The repo is at <a href="https://github.com/JuanTorchia/retry-resilience-experiment" rel="noopener noreferrer"><code>github.com/JuanTorchia/retry-resilience-experiment</code></a>. If you run it and get different numbers, I want to know.</p> <p><em>This article was originally published on <a href="https://juanchi.dev/en/blog/retry-backoff-jitter-spring-boot-amplification" rel="noopener noreferrer">juanchi.dev</a>.</em></p> english experiments backend arquitectura Retry no es gratis: presupuesto, amplificación y el costo que no aparece en el p95 Juan Torchia Fri, 15 May 2026 15:55:26 +0000 https://dev.to/jtorchia/retry-no-es-gratis-presupuesto-amplificacion-y-el-costo-que-no-aparece-en-el-p95-22no https://dev.to/jtorchia/retry-no-es-gratis-presupuesto-amplificacion-y-el-costo-que-no-aparece-en-el-p95-22no <p>Hay una decisión que tomé mal más de una vez: agregar retry como si fuera una mejora sin costo. Configuro tres intentos con backoff exponencial, el sistema se ve más estable en el dashboard, y listo. Lo que no estaba mirando era cuántas llamadas extra le estaba mandando al downstream en cada falla.</p> <p>Este post nace de un experimento que armé para medir eso con precisión: cuándo retry compra disponibilidad real, cuándo multiplica presión y cuándo simplemente no cambia nada porque el problema no es transitorio. El repo es <a href="https://github.com/JuanTorchia/retry-resilience-experiment" rel="noopener noreferrer"><code>retry-resilience-experiment</code></a>, commit <code>bdfc350</code>, con Spring Boot 3.3.5, Java 21, Resilience4j 2.2.0 y k6 como generador de carga.</p> <p>Mi tesis es simple: retry es presupuesto. Cada intento extra consume tiempo de espera del usuario, llama al downstream real y puede acelerar una degradación que ya estaba en curso. No es una feature que activás y listo.</p> <h2> El problema de mirar solo el success rate </h2> <p>Cuando el downstream tiene fallas aleatorias simuladas al 35%, la diferencia entre políticas es visible. Con <code>no-retry-standard-timeout</code>, el success rate en esa corrida fue <code>0.6529</code>. Con <code>immediate-retry</code>, subió a <code>0.955</code>. Eso parece una victoria clara.</p> <p>Pero el número que importa está al lado: el <code>retry_amplification_factor</code>. Con <code>immediate-retry</code> en <code>random-failures</code> llegó a <code>1.465</code>. Eso significa que por cada request del usuario, el sistema hizo 1.465 llamadas reales al downstream. En <code>jitter-random-failures</code> fue <code>1.471</code>. El downstream recibió casi un 47% más de tráfico del que generó k6.</p> <p>En fallas transitorias eso puede ser aceptable. El downstream está fallando por razones externas, los reintentos aterrizan en momentos distintos y el resultado mejora. Pero ese 47% extra no es abstracto: tiene que existir capacidad downstream para absorberlo. Si el servicio ya está al límite, ese overhead es el empujón que lo tira.</p> <p>La métrica que el repo define como contrato para no engañarse es exactamente esa:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight java"><code><span class="c1">// MetricSnapshot.java — la razón de esta línea es evitar autoengaño</span> <span class="kt">double</span> <span class="n">retryAmplificationFactor</span><span class="o">,</span> <span class="c1">// downstream_calls / total_requests</span> </code></pre> </div> <p>Si solo mirás <code>successRate</code> y <code>errorRate</code>, podés creer que ganaste cuando en realidad le metiste 47% más de carga a un sistema que ya estaba sufriendo.</p> <h2> progressive-degradation: donde el retry puede acelerar la caída </h2> <p>Este escenario es el más interesante metodológicamente, y también el que tiene la advertencia más importante.</p> <p>El downstream de <code>PROGRESSIVE_DEGRADATION</code> implementa esto:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight java"><code><span class="c1">// DownstreamScenario.java — el delay sube con cada llamada real recibida</span> <span class="k">case</span> <span class="no">PROGRESSIVE_DEGRADATION</span> <span class="o">-&gt;</span> <span class="nc">Duration</span><span class="o">.</span><span class="na">ofMillis</span><span class="o">(</span><span class="nc">Math</span><span class="o">.</span><span class="na">min</span><span class="o">(</span><span class="mi">900</span><span class="o">,</span> <span class="mi">80</span> <span class="o">+</span> <span class="n">callNumber</span> <span class="o">*</span> <span class="mi">3</span><span class="o">));</span> </code></pre> </div> <p>El delay no es externo ni fijo: crece con <code>callNumber</code>, que es el contador de llamadas reales al downstream. Esto significa que una política con más retries genera más llamadas, y esas llamadas aceleran la degradación. No es la misma falla para todos: las políticas con retry se degradan más rápido porque presionan más.</p> <p>Los números de la corrida muestran eso claramente. Con <code>no-retry-standard-timeout</code> se procesaron <code>7720</code> requests totales y se iniciaron <code>7720</code> llamadas downstream. Con <code>immediate-retry</code>, los requests totales bajaron a <code>2939</code> pero las llamadas downstream subieron a <code>8699</code>, con un amplification factor de <code>2.96</code>. La policy con retry procesó menos requests de usuarios pero le hizo más llamadas al downstream.</p> <p>Ahora bien: esto no es un fallo de diseño, es el punto del experimento. El laboratorio lo documenta explícitamente en <code>docs/brief-post.md</code>: <code>progressive-degradation</code> debe leerse como degradación sensible a carga, no como falla externa idéntica para todos. Si lo tratás como comparación directa entre políticas bajo las mismas condiciones, la conclusión está mal planteada desde el vantage point.</p> <p>Lo que sí podés concluir: en escenarios donde la velocidad de degradación depende del volumen de llamadas recibidas, los retries pueden ser un acelerador de la caída. Eso tiene nombre en producción: retry storm. Y el laboratorio lo reproduce de forma controlada.</p> <h2> Los percentiles que te mienten cuando hay timeouts </h2> <p>Hay un detalle técnico que cambió mi forma de leer los resultados, y que el README documenta con honestidad.</p> <p>El timeout del caller se implementa con <code>future.cancel(true)</code> en el <code>RetryExecutor</code>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight java"><code><span class="c1">// RetryExecutor.java — el cancel(true) interrumpe el intento desde el caller</span> <span class="k">try</span> <span class="o">{</span> <span class="n">future</span><span class="o">.</span><span class="na">get</span><span class="o">(</span><span class="n">policy</span><span class="o">.</span><span class="na">timeout</span><span class="o">().</span><span class="na">toMillis</span><span class="o">(),</span> <span class="nc">TimeUnit</span><span class="o">.</span><span class="na">MILLISECONDS</span><span class="o">);</span> <span class="k">return</span> <span class="k">new</span> <span class="nf">AttemptResult</span><span class="o">(</span><span class="kc">true</span><span class="o">,</span> <span class="n">elapsedMs</span><span class="o">(</span><span class="n">started</span><span class="o">),</span> <span class="s">"ok"</span><span class="o">,</span> <span class="kc">true</span><span class="o">);</span> <span class="o">}</span> <span class="k">catch</span> <span class="o">(</span><span class="nc">TimeoutException</span> <span class="n">timeout</span><span class="o">)</span> <span class="o">{</span> <span class="n">future</span><span class="o">.</span><span class="na">cancel</span><span class="o">(</span><span class="kc">true</span><span class="o">);</span> <span class="k">return</span> <span class="k">new</span> <span class="nf">AttemptResult</span><span class="o">(</span><span class="kc">false</span><span class="o">,</span> <span class="n">elapsedMs</span><span class="o">(</span><span class="n">started</span><span class="o">),</span> <span class="s">"timeout"</span><span class="o">,</span> <span class="kc">true</span><span class="o">);</span> <span class="o">}</span> </code></pre> </div> <p>Cuando un intento vence el timeout, la latencia registrada para ese intento está capada por el timeout del caller: <code>STANDARD_TIMEOUT = Duration.ofMillis(260)</code>. Por eso en <code>progressive-degradation</code> casi todos los <code>all_attempt_p95_ms</code> y <code>all_attempt_p99_ms</code> muestran exactamente <code>260</code>. No es que el downstream respondió en 260 ms: es que el caller dejó de esperar a los 260 ms y registró eso como latencia del intento.</p> <p>Lo que pasa después del <code>cancel(true)</code> en el downstream simulado no se modela completamente. En un sistema real con HTTP, base de datos o cola, el downstream puede seguir ejecutando trabajo aunque el cliente ya no espere. El laboratorio cuenta llamadas iniciadas, pero no puede garantizar que no hay trabajo residual post-cancelación.</p> <p>Esto importa para leer <code>successful_requests_per_second</code> también. El valor de <code>0.95</code> que aparece en varios escenarios de <code>progressive-degradation</code> no es la capacidad máxima del sistema: es el trabajo útil observado bajo esa carga cerrada de k6. Con otra configuración de VUs, otra duración o una red real, los números serían distintos.</p> <h2> circuit-breaker y bulkhead: rechazos visibles como señal de protección </h2> <p>En <code>progressive-degradation</code>, el circuit breaker produce algo que parece contradictorio al primer vistazo. La corrida <code>13-circuit-breaker-progressive-degradation</code> tiene <code>total_requests = 44777</code> y <code>circuit_breaker_rejected = 44718</code>. El error rate es <code>0.9987</code>. Eso parece catastrófico.</p> <p>Pero mirá las llamadas downstream: <code>198</code>. Amplification factor: <code>0.004</code>. El circuit breaker dejó de mandar llamadas al downstream casi por completo. Los rechazos son visibles hacia el cliente, pero el downstream está protegido.</p> <p>Si comparás con <code>immediate-retry-progressive-degradation</code>, que tiene <code>downstream_calls = 8699</code> y sigue fallando igual, el trade-off se hace evidente. El circuit breaker elige rechazar rápido antes que multiplicar presión sobre algo que ya no puede responder.</p> <p>El bulkhead en la misma corrida muestra una variante distinta: <code>bulkhead_rejected = 22122</code> con <code>downstream_calls = 3668</code>. Limita concurrencia en lugar de cortar el circuito, pero el efecto es similar: reduce presión downstream a costa de rechazos visibles.</p> <p>Esas señales de concurrencia (<code>max_inflight_downstream = 16</code> para bulkhead, <code>40</code> para la mayoría de las otras corridas) son observaciones, no prueba de saturación. El laboratorio renombró la métrica de <code>saturationObservation</code> a <code>concurrencyObservation</code> exactamente por eso: <code>max_inflight</code> alto no prueba saturación de CPU, red ni pool de conexiones. Es una señal que invita a investigar, no una conclusión.</p> <h2> Qué concluyo y qué no </h2> <p>Este experimento es una simulación local, corrida única publicada, sobre un downstream simulado con delays en memoria. Los números no representan producción, no representan ningún proveedor real y no permiten afirmar "esta política escala a X RPS". Si querés publicar valores exactos con claims fuertes, el README lo dice claramente: hacé al menos tres corridas <code>editorial</code> y mirá consistencia, no una sola pasada.</p> <p>Lo que sí creo que puede sostenerse:</p> <ul> <li>En fallas transitorias, retry puede mejorar success rate pero siempre tiene un amplification factor mayor a 1. Ese overhead existe y tiene que caber en el sistema.</li> <li>En degradación sensible a carga, más retries pueden acelerar la degradación porque generan más llamadas. Esto no es universal, pero el escenario es real y el experimento lo reproduce.</li> <li>p95 y p99 de intentos no te cuentan la latencia real del downstream cuando hay timeouts: te cuentan cuánto esperó el caller antes de rendirse.</li> <li>Circuit breaker y bulkhead producen rechazos visibles que pueden ser exactamente la decisión correcta para proteger el sistema.</li> </ul> <p>Lo que no concluyo: que una política es mejor que otra en abstracto, que estos números aplican a otro sistema, o que <code>max_inflight_downstream</code> prueba saturación.</p> <p>La pregunta que me dejo para seguir explorando: ¿cuánto trabajo residual real queda en el downstream después de un <code>future.cancel(true)</code> en un sistema con pool de conexiones HTTP? El laboratorio lo anota como limitación conocida. En producción eso es exactamente donde está la diferencia entre un timeout que protege y uno que solo esconde el problema.</p> <p>El repo está en <a href="https://github.com/JuanTorchia/retry-resilience-experiment" rel="noopener noreferrer"><code>github.com/JuanTorchia/retry-resilience-experiment</code></a>. Si lo corrés y obtenés números distintos, me interesa saberlo.</p> <p><em>Este articulo fue publicado originalmente en <a href="https://juanchi.dev/es/blog/retry-backoff-jitter-spring-boot-amplification" rel="noopener noreferrer">juanchi.dev</a>.</em></p> spanish espanol experimentos backend HikariCP: the p95 that lies to you and how to read the real pool signals Juan Torchia Fri, 15 May 2026 03:11:26 +0000 https://dev.to/jtorchia/hikaricp-the-p95-that-lies-to-you-and-how-to-read-the-real-pool-signals-10eo https://dev.to/jtorchia/hikaricp-the-p95-that-lies-to-you-and-how-to-read-the-real-pool-signals-10eo <h1> HikariCP: the p95 that lies to you and how to read the real pool signals </h1> <p>There was a version of this analysis that started wrong. I was looking at the p95 for the <code>tiny</code> scenario with a 500ms delay and seeing <code>260.78ms</code>. Compared to the <code>default</code> scenario showing <code>2418.16ms</code>, it looked almost five times faster. That's a classic trap, and I almost fell for it.</p> <p>The <code>tiny</code> scenario had a 97.05% error rate. Out of 8139 attempts, 7899 failed. Those 260ms were the average rejection time, not the time for a useful response. It wasn't fast — it was failing fast. And that difference matters enormously when you're trying to understand whether your HikariCP configuration is working or not.</p> <p>That led me to build <a href="https://github.com/JuanTorchia/hikaricp-pool-experiment" rel="noopener noreferrer">hikaricp-pool-experiment</a>: a reproducible lab with Java 21, Spring Boot 3.4.5, PostgreSQL 16, HikariCP, Docker Compose, and k6 0.51.0. The goal wasn't to simulate production or document a real incident. It was to build an environment where pool signals would be visible and measurable, so I could reason about them with actual numbers.</p> <h2> The experiment design </h2> <p>The app exposes two endpoints:</p> <ul> <li> <code>GET /api/query?delayMs=500</code>: executes a real query against PostgreSQL and holds the connection using <code>pg_sleep</code> for the specified duration.</li> <li> <code>GET /api/pool</code>: returns the pool state in real time — <code>active</code>, <code>idle</code>, <code>total</code>, <code>threadsAwaitingConnection</code>, and the effective configuration.</li> </ul> <p>The <code>delayMs</code> is the central mechanism of the experiment. An instant query can hide contention even at high concurrency because connections get released before the next request needs them. With <code>pg_sleep(0.5)</code>, each connection stays occupied for half a second. With 50 virtual users hitting in parallel, pressure on the pool becomes visible quickly.</p> <p>The k6 script does something that the original draft didn't have cleanly separated: it records <code>query_duration</code> for all attempts and <code>query_success_duration</code> only for those that return HTTP 200. Without that distinction, the p95 aggregates fast rejections with slow successful queries and the resulting number doesn't represent any useful reality.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="c1">// load/hikari-pool.js — critical separation between all attempts and successful ones</span> <span class="kd">const</span> <span class="nx">ok</span> <span class="o">=</span> <span class="nf">check</span><span class="p">(</span><span class="nx">queryResponse</span><span class="p">,</span> <span class="p">{</span> <span class="dl">'</span><span class="s1">query status is 200</span><span class="dl">'</span><span class="p">:</span> <span class="p">(</span><span class="nx">response</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="nx">response</span><span class="p">.</span><span class="nx">status</span> <span class="o">===</span> <span class="mi">200</span><span class="p">,</span> <span class="p">});</span> <span class="nx">queryDuration</span><span class="p">.</span><span class="nf">add</span><span class="p">(</span><span class="nx">queryResponse</span><span class="p">.</span><span class="nx">timings</span><span class="p">.</span><span class="nx">duration</span><span class="p">);</span> <span class="k">if </span><span class="p">(</span><span class="nx">ok</span><span class="p">)</span> <span class="p">{</span> <span class="nx">querySuccessDuration</span><span class="p">.</span><span class="nf">add</span><span class="p">(</span><span class="nx">queryResponse</span><span class="p">.</span><span class="nx">timings</span><span class="p">.</span><span class="nx">duration</span><span class="p">);</span> <span class="p">}</span> <span class="nx">queryErrors</span><span class="p">.</span><span class="nf">add</span><span class="p">(</span><span class="o">!</span><span class="nx">ok</span><span class="p">);</span> </code></pre> </div> <p>The scenarios defined in <code>application.yml</code> are:</p> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Scenario</th> <th><code>maximumPoolSize</code></th> <th><code>connectionTimeout</code></th> </tr> </thead> <tbody> <tr> <td><code>default</code></td> <td>10 (Spring Boot default)</td> <td>30000ms (HikariCP default)</td> </tr> <tr> <td><code>tiny</code></td> <td>2</td> <td>250ms</td> </tr> <tr> <td><code>pool4</code></td> <td>4</td> <td>1500ms</td> </tr> <tr> <td><code>pool8</code></td> <td>8</td> <td>1500ms</td> </tr> <tr> <td><code>pool16</code></td> <td>16</td> <td>1500ms</td> </tr> <tr> <td><code>pool32</code></td> <td>32</td> <td>1500ms</td> </tr> </tbody> </table></div> <p>The matrix was run with two delays — 50ms and 500ms — because the contrast matters: a query that releases its connection quickly and a query that holds it for half a second don't stress the pool the same way.</p> <p>To reproduce it from scratch:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight powershell"><code><span class="o">.</span><span class="n">\scripts\run-matrix.ps1</span><span class="w"> </span><span class="nt">-Vus</span><span class="w"> </span><span class="nx">50</span><span class="w"> </span><span class="nt">-Duration</span><span class="w"> </span><span class="nx">60s</span><span class="w"> </span></code></pre> </div> <p>Or scenario by scenario:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight powershell"><code><span class="n">docker</span><span class="w"> </span><span class="nx">compose</span><span class="w"> </span><span class="nx">down</span><span class="w"> </span><span class="nt">-v</span><span class="w"> </span><span class="o">.</span><span class="n">\scripts\run-scenario.ps1</span><span class="w"> </span><span class="nt">-Scenario</span><span class="w"> </span><span class="nx">tiny</span><span class="w"> </span><span class="nt">-Vus</span><span class="w"> </span><span class="nx">50</span><span class="w"> </span><span class="nt">-Duration</span><span class="w"> </span><span class="nx">60s</span><span class="w"> </span><span class="nt">-DelayMs</span><span class="w"> </span><span class="nx">500</span><span class="w"> </span><span class="o">.</span><span class="n">\scripts\run-scenario.ps1</span><span class="w"> </span><span class="nt">-Scenario</span><span class="w"> </span><span class="nx">pool16</span><span class="w"> </span><span class="nt">-Vus</span><span class="w"> </span><span class="nx">50</span><span class="w"> </span><span class="nt">-Duration</span><span class="w"> </span><span class="nx">60s</span><span class="w"> </span><span class="nt">-DelayMs</span><span class="w"> </span><span class="nx">500</span><span class="w"> </span></code></pre> </div> <blockquote> <p><strong>Important limitation:</strong> all of this is a single local run from 2026-05-14 on Windows with Docker Desktop/WSL2. The numbers are useful for comparing scenarios within the same machine. They are not a universal benchmark and don't reflect behavior in any cloud environment, Railway, or otherwise. <code>pg_sleep</code> holds connections artificially to make the pressure visible — it doesn't represent a real production workload.</p> </blockquote> <h2> The full results — and what to read in them </h2> <p>This is the table generated by <code>summarize-results.ps1</code> from the k6 JSON output:</p> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Scenario</th> <th>Delay</th> <th>Attempts</th> <th>Successful</th> <th>Failed</th> <th>Error rate</th> <th>Successful/s</th> <th>p95 all</th> <th>p95 successful</th> <th>Max active</th> <th>Max waiting</th> </tr> </thead> <tbody> <tr> <td>default</td> <td>50ms</td> <td>11772</td> <td>11772</td> <td>0</td> <td>0%</td> <td>195.38</td> <td>165.7ms</td> <td>165.7ms</td> <td>10</td> <td>30</td> </tr> <tr> <td>default</td> <td>500ms</td> <td>1240</td> <td>1240</td> <td>0</td> <td>0%</td> <td>19.85</td> <td>2418.16ms</td> <td>2418.16ms</td> <td>10</td> <td>39</td> </tr> <tr> <td>tiny</td> <td>50ms</td> <td>8289</td> <td>2325</td> <td>5964</td> <td>71.95%</td> <td>38.53</td> <td>298.81ms</td> <td>304.84ms</td> <td>2</td> <td>47</td> </tr> <tr> <td><strong>tiny</strong></td> <td><strong>500ms</strong></td> <td><strong>8139</strong></td> <td><strong>240</strong></td> <td><strong>7899</strong></td> <td><strong>97.05%</strong></td> <td><strong>3.97</strong></td> <td><strong>260.78ms</strong></td> <td><strong>752.51ms</strong></td> <td><strong>2</strong></td> <td><strong>47</strong></td> </tr> <tr> <td>pool4</td> <td>50ms</td> <td>4712</td> <td>4712</td> <td>0</td> <td>0%</td> <td>77.75</td> <td>557.55ms</td> <td>557.55ms</td> <td>4</td> <td>43</td> </tr> <tr> <td>pool4</td> <td>500ms</td> <td>1779</td> <td>492</td> <td>1287</td> <td>72.34%</td> <td>7.95</td> <td>1962.83ms</td> <td>1990.52ms</td> <td>4</td> <td>45</td> </tr> <tr> <td>pool8</td> <td>50ms</td> <td>9253</td> <td>9253</td> <td>0</td> <td>0%</td> <td>153.4</td> <td>365.15ms</td> <td>365.15ms</td> <td>8</td> <td>41</td> </tr> <tr> <td>pool8</td> <td>500ms</td> <td>1653</td> <td>984</td> <td>669</td> <td>40.47%</td> <td>15.87</td> <td>1996.36ms</td> <td>1998.83ms</td> <td>8</td> <td>41</td> </tr> <tr> <td>pool16</td> <td>50ms</td> <td>18155</td> <td>18155</td> <td>0</td> <td>0%</td> <td>301.83</td> <td>82.92ms</td> <td>82.92ms</td> <td>16</td> <td>40</td> </tr> <tr> <td>pool16</td> <td>500ms</td> <td>1948</td> <td>1947</td> <td>1</td> <td>0.05%</td> <td>31.62</td> <td>1492.44ms</td> <td>1492.44ms</td> <td>16</td> <td>31</td> </tr> <tr> <td>pool32</td> <td>50ms</td> <td>18892</td> <td>18892</td> <td>0</td> <td>0%</td> <td>314.16</td> <td>70.33ms</td> <td>70.33ms</td> <td>32</td> <td>32</td> </tr> <tr> <td>pool32</td> <td>500ms</td> <td>3830</td> <td>3830</td> <td>0</td> <td>0%</td> <td>63.00</td> <td>784.9ms</td> <td>784.9ms</td> <td>32</td> <td>24</td> </tr> </tbody> </table></div> <p>There are several things worth reading together, not in isolation.</p> <h2> The trap of a low p95 with a high error rate </h2> <p>The <code>tiny</code> scenario with a 500ms delay is the most instructive in the experiment. The p95 for all attempts is <code>260.78ms</code>. If you only look at that number, it looks like the pool responds very quickly. But the 97.05% error rate tells you that almost no query ever executed — HikariCP was rejecting requests after <code>connectionTimeout: 250ms</code> because there were no free connections.</p> <p>The separation between <code>query_duration</code> and <code>query_success_duration</code> makes visible what the aggregated number was hiding: the p95 for <strong>successful</strong> queries is <code>752.51ms</code> — almost three times higher. Those few queries that did get a connection took nearly a second, probably because they had to wait for one of the two pool connections to be released.</p> <p>When <code>active</code> is pinned at the pool maximum (2/2) and <code>waiting</code> reaches 47, the system isn't processing load — it's rejecting it. The 260ms is the time to fail, not to succeed.</p> <p><strong>Signal that matters:</strong> if <code>p95 all attempts</code> ≪ <code>p95 successful</code> and the error rate is high, the pool is in exhaustion. You're not seeing query latency — you're seeing rejection latency.</p> <h2> How to read the four signals together </h2> <p>The experiment confirmed that no single metric is enough. The signals that make sense to cross-reference are:</p> <h3> 1. Error rate + successful queries/s </h3> <p>These two together are the first filter. A 0% error rate with 19.85 successful/s (<code>default</code>, 500ms delay) is very different from a 97% error rate with 3.97 successful/s (<code>tiny</code>, 500ms delay). Successful throughput tells you how much useful work the system is doing; error rate tells you how much work it's throwing away.</p> <p>With <code>pool4</code> at 500ms delay: 72.34% error rate with only 7.95 successful/s. Four connections with 500ms queries give a theoretical ceiling of 8 successful/s (4 connections × 2 per second). The numbers match — the pool is at its limit and rejects the rest.</p> <h3> 2. <code>active = maximumPoolSize</code> sustained + <code>waiting &gt; 0</code> </h3> <p>This combination is the most direct operational signal that the pool is under pressure. When <code>maxActiveConnections</code> hits the configured ceiling and <code>maxThreadsAwaitingConnection</code> is greater than zero for a sustained period, application threads are waiting for a connection that isn't available.</p> <p>From the experiment:</p> <ul> <li> <code>tiny</code> 500ms delay: max active 2/2, max waiting 47. Pool exhausted from the start.</li> <li> <code>pool8</code> 500ms delay: max active 8/8, max waiting 41, error rate 40.47%. High pressure but not total.</li> <li> <code>pool32</code> 500ms delay: max active 32/32, max waiting 24, error rate 0%. The pool hits the ceiling but absorbs the load without rejecting requests.</li> </ul> <p>In <code>pool32</code> with 500ms delay, <code>waiting = 24</code> with 0% error rate means threads are waiting but the <code>connectionTimeout: 1500ms</code> is enough — queries queue up and eventually get a connection. That's a system under pressure that still works, not one in crisis.</p> <h3> 3. Attempt latency vs. successful latency </h3> <p>I already covered the <code>tiny</code> case. But it's worth generalizing: when there's significant error rate, the p95 of all attempts stops being an application performance metric and becomes a rejection speed metric. The real operational latency is that of successful queries.</p> <p>With <code>pool4</code> at 500ms delay: p95 all attempts <code>1962.83ms</code>, p95 successful <code>1990.52ms</code>. Here the numbers are similar because queries that do get through also wait a lot — the pool has 4 connections with 500ms queries, so almost all the time is spent waiting for one to free up.</p> <h3> 4. The jump from 50ms to 500ms as a pressure revealer </h3> <p>With a 50ms delay, <code>pool8</code> has zero errors and processes 153.4 successful/s. With a 500ms delay, it drops to 40.47% error rate and 15.87 successful/s. The pool didn't change — the connection hold time changed. If each connection takes ten times longer to release, a pool that was previously sufficient now isn't.</p> <p>This is the variable most frequently ignored when calibrating a pool: it's not just how many connections exist, but how long each query holds them. A pool of 16 connections with 50ms queries is very different from a pool of 16 connections with 500ms queries.</p> <h2> The diminishing returns of going from pool16 to pool32 with a short delay </h2> <p>There's an observation from the experiment that I think is important to avoid the easy conclusion of "more connections = better".</p> <p>With 50ms delay:</p> <ul> <li> <code>pool16</code>: 301.83 successful/s, p95 82.92ms</li> <li> <code>pool32</code>: 314.16 successful/s, p95 70.33ms</li> </ul> <p>Doubling the pool size gave only about ~4% improvement in throughput. The jump from <code>pool8</code> to <code>pool16</code> was much larger (153.4 → 301.83, nearly double). Beyond a certain point, the bottleneck is no longer the pool — it becomes something else. In this case, probably the Docker Desktop CPU or PostgreSQL itself under load from 50 VUs.</p> <p>This is consistent with the formula Brettwooldridge mentions in the HikariCP README: the optimal pool for database throughput is not simply "as large as possible". Beyond a certain threshold, adding connections creates overhead without real benefit, and in an environment with <code>max_connections</code> limits on PostgreSQL, you can run out of slots before throughput improves.</p> <p>The practical conclusion from the experiment isn't that 32 is the right number. It's that <code>pool16</code> with a 500ms delay has a 0.05% error rate and <code>pool32</code> has 0%, with 2x higher throughput. Depending on your actual query times and your PostgreSQL limits, the trade-off is different in each case.</p> <h2> The metrics the experiment exposes via Actuator </h2> <p>The app has Actuator enabled with health, info, metrics, and prometheus. During a run you can query pool state directly:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c"># Pool state via custom endpoint</span> curl http://localhost:8080/api/pool <span class="c"># Micrometer metrics via Actuator</span> curl http://localhost:8080/actuator/metrics/hikaricp.connections.active curl http://localhost:8080/actuator/metrics/hikaricp.connections.pending curl http://localhost:8080/actuator/metrics/hikaricp.connections.timeout </code></pre> </div> <p>The <code>/api/pool</code> endpoint uses <code>HikariPoolMXBean</code> directly and returns <code>active</code>, <code>idle</code>, <code>total</code>, <code>threadsAwaitingConnection</code>, and the effective configuration. That's what k6 queries in parallel to record the <code>hikari_pool_active</code>, <code>hikari_pool_idle</code>, <code>hikari_pool_total</code>, and <code>hikari_pool_threads_awaiting_connection</code> metrics.</p> <p>The <code>hikaricp.connections.timeout</code> metric from Actuator is the one I care most about in any real environment: it counts the number of times a thread waited for a connection and the <code>connectionTimeout</code> expired. If that counter is greater than zero, users are being affected — that's not a warning, it's a fact.</p> <h2> The experiment configuration vs. configuration for a real environment </h2> <p>The experiment uses values designed to make pool pressure visible in a lab, not values to copy into any system. The <code>tiny</code> profile has <code>connectionTimeout: 250ms</code> because 250ms makes the pool reject requests quickly and errors become immediately visible. In a real system, 250ms is probably too aggressive — you'll generate false positives during any brief spike.</p> <p>What does translate are the reading principles:</p> <p><strong>On <code>connectionTimeout</code>:</strong> the value defines the speed of failure, not the speed of success. A short timeout generates errors faster and makes symptoms visible sooner. A long timeout accumulates blocked threads that consume memory and can saturate the web server's thread pool before the error becomes obvious. Which one you want depends on whether you have circuit breakers and retry logic, and on how long a user can wait before the experience breaks.</p> <p><strong>On <code>maximumPoolSize</code>:</strong> the right number depends on the average query hold time, expected concurrency, and your PostgreSQL's <code>max_connections</code> limits. There's no universal formula. What the experiment shows is that with 500ms queries and 50 VUs, you need at least 16 connections to get close to zero error rate — and that doubling to 32 gives diminishing returns on throughput.</p> <p><strong>On managed cloud databases:</strong> if you use Railway, Supabase, RDS, or another service where you don't directly control the server, there's an additional parameter that matters and that this experiment doesn't cover: <code>maxLifetime</code>. The server may close idle connections before HikariCP's 30-minute default, and a connection that the pool thinks is alive but the server has already closed will generate <code>PSQLException: This connection has been closed</code> on the next use. Setting <code>maxLifetime</code> below the server's timeout is a necessary adjustment in those environments — but it's not something this local Docker lab can measure.</p> <h2> My take after the experiment </h2> <p>The most valuable thing from this exercise wasn't picking a connection count. It was understanding that you can't tune HikariCP by looking at a single metric.</p> <p>If you only look at the p95 of all attempts, you might conclude that a pool in crisis is "fast". If you only look at error rate, you can't tell whether the system is absorbing load or rejecting it. If you only look at <code>active</code>, you don't know whether the pool has headroom or is at its limit. You need to cross all four: error rate, successful queries/s, active vs. configured maximum, waiting, and successful latency.</p> <p>The other takeaway that stuck with me: there are two ways a pool can fail under load. One is the long timeout — threads waiting 30 seconds and eventually blowing up the heap. The other is the short timeout — fast rejections that generate a high error rate but create the illusion of low latency. The lab made both visible with real numbers.</p> <p>I don't buy the idea that there's a universally correct <code>maximumPoolSize</code>. What there is is a correct size for your combination of query hold time, expected concurrency, and database capacity. And that number only makes sense read alongside connection hold time and error rate — not in isolation.</p> <p>The repo has everything needed to run it again in your environment and compare:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight powershell"><code><span class="o">.</span><span class="n">\scripts\run-matrix.ps1</span><span class="w"> </span><span class="nt">-Vus</span><span class="w"> </span><span class="nx">50</span><span class="w"> </span><span class="nt">-Duration</span><span class="w"> </span><span class="nx">60s</span><span class="w"> </span></code></pre> </div> <p>If you change the delay, the concurrency, or the <code>maximumPoolSize</code>, the signals change. That's exactly the point.</p> <p>→ <a href="https://github.com/JuanTorchia/hikaricp-pool-experiment" rel="noopener noreferrer">github.com/JuanTorchia/hikaricp-pool-experiment</a></p> <p><strong>Reference:</strong></p> <ul> <li>HikariCP GitHub — Configuration: <a href="https://github.com/brettwooldridge/HikariCP#gear-configuration-knobs-baby" rel="noopener noreferrer">https://github.com/brettwooldridge/HikariCP#gear-configuration-knobs-baby</a> </li> </ul> english experiments performance backend HikariCP: el p95 que te miente y cómo leer las señales reales del pool Juan Torchia Fri, 15 May 2026 03:11:20 +0000 https://dev.to/jtorchia/hikaricp-el-p95-que-te-miente-y-como-leer-las-senales-reales-del-pool-1da6 https://dev.to/jtorchia/hikaricp-el-p95-que-te-miente-y-como-leer-las-senales-reales-del-pool-1da6 <h1> HikariCP: el p95 que te miente y cómo leer las señales reales del pool </h1> <p>Hubo una versión de este análisis que empezaba mal. Miraba el p95 del escenario <code>tiny</code> con delay de 500ms y veía <code>260.78ms</code>. Comparado con el escenario <code>default</code> que mostraba <code>2418.16ms</code>, parecía casi cinco veces más rápido. Eso es una trampa clásica, y casi me la como.</p> <p>El escenario <code>tiny</code> tenía 97.05% de error rate. De 8139 intentos, 7899 fallaban. Los 260ms eran el tiempo promedio de rechazo, no de respuesta útil. No era rápido — estaba fallando rápido. Y la diferencia importa muchísimo cuando estás intentando entender si la configuración de HikariCP sirve o no.</p> <p>Eso me llevó a armar <a href="https://github.com/JuanTorchia/hikaricp-pool-experiment" rel="noopener noreferrer">hikaricp-pool-experiment</a>: un laboratorio reproducible con Java 21, Spring Boot 3.4.5, PostgreSQL 16, HikariCP, Docker Compose y k6 0.51.0. El objetivo no fue simular producción ni documentar un incidente real. Fue construir un entorno donde las señales del pool fueran visibles y medibles, para poder razonar sobre ellas con números en la mano.</p> <h2> El diseño del experimento </h2> <p>La app expone dos endpoints:</p> <ul> <li> <code>GET /api/query?delayMs=500</code>: ejecuta una consulta real contra PostgreSQL y retiene la conexión usando <code>pg_sleep</code> durante el tiempo indicado.</li> <li> <code>GET /api/pool</code>: devuelve el estado del pool en tiempo real — <code>active</code>, <code>idle</code>, <code>total</code>, <code>threadsAwaitingConnection</code> y la configuración efectiva.</li> </ul> <p>El <code>delayMs</code> es el mecanismo central del experimento. Una query instantánea puede esconder contención aunque la concurrencia sea alta porque las conexiones se liberan antes de que el siguiente request las necesite. Con <code>pg_sleep(0.5)</code>, cada conexión queda ocupada durante medio segundo. Con 50 usuarios virtuales golpeando en paralelo, la presión sobre el pool se vuelve visible rápido.</p> <p>El script de k6 hace algo que el draft original no tenía bien separado: registra <code>query_duration</code> para todos los intentos y <code>query_success_duration</code> solo para los que devuelven HTTP 200. Sin esa distinción, el p95 agrega rechazos rápidos con queries exitosas lentas y el número resultante no representa ninguna realidad útil.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="c1">// load/hikari-pool.js — separación crítica entre intentos totales y exitosos</span> <span class="kd">const</span> <span class="nx">ok</span> <span class="o">=</span> <span class="nf">check</span><span class="p">(</span><span class="nx">queryResponse</span><span class="p">,</span> <span class="p">{</span> <span class="dl">'</span><span class="s1">query status is 200</span><span class="dl">'</span><span class="p">:</span> <span class="p">(</span><span class="nx">response</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="nx">response</span><span class="p">.</span><span class="nx">status</span> <span class="o">===</span> <span class="mi">200</span><span class="p">,</span> <span class="p">});</span> <span class="nx">queryDuration</span><span class="p">.</span><span class="nf">add</span><span class="p">(</span><span class="nx">queryResponse</span><span class="p">.</span><span class="nx">timings</span><span class="p">.</span><span class="nx">duration</span><span class="p">);</span> <span class="k">if </span><span class="p">(</span><span class="nx">ok</span><span class="p">)</span> <span class="p">{</span> <span class="nx">querySuccessDuration</span><span class="p">.</span><span class="nf">add</span><span class="p">(</span><span class="nx">queryResponse</span><span class="p">.</span><span class="nx">timings</span><span class="p">.</span><span class="nx">duration</span><span class="p">);</span> <span class="p">}</span> <span class="nx">queryErrors</span><span class="p">.</span><span class="nf">add</span><span class="p">(</span><span class="o">!</span><span class="nx">ok</span><span class="p">);</span> </code></pre> </div> <p>Los escenarios definidos en <code>application.yml</code> son:</p> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Escenario</th> <th><code>maximumPoolSize</code></th> <th><code>connectionTimeout</code></th> </tr> </thead> <tbody> <tr> <td><code>default</code></td> <td>10 (Spring Boot default)</td> <td>30000ms (HikariCP default)</td> </tr> <tr> <td><code>tiny</code></td> <td>2</td> <td>250ms</td> </tr> <tr> <td><code>pool4</code></td> <td>4</td> <td>1500ms</td> </tr> <tr> <td><code>pool8</code></td> <td>8</td> <td>1500ms</td> </tr> <tr> <td><code>pool16</code></td> <td>16</td> <td>1500ms</td> </tr> <tr> <td><code>pool32</code></td> <td>32</td> <td>1500ms</td> </tr> </tbody> </table></div> <p>La matriz se corrió con dos delays — 50ms y 500ms — porque el contraste es importante: una query que libera la conexión rápido y una query que la retiene durante medio segundo no estresan el pool de la misma manera.</p> <p>Para reproducirlo desde cero:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight powershell"><code><span class="o">.</span><span class="n">\scripts\run-matrix.ps1</span><span class="w"> </span><span class="nt">-Vus</span><span class="w"> </span><span class="nx">50</span><span class="w"> </span><span class="nt">-Duration</span><span class="w"> </span><span class="nx">60s</span><span class="w"> </span></code></pre> </div> <p>O escenario por escenario:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight powershell"><code><span class="n">docker</span><span class="w"> </span><span class="nx">compose</span><span class="w"> </span><span class="nx">down</span><span class="w"> </span><span class="nt">-v</span><span class="w"> </span><span class="o">.</span><span class="n">\scripts\run-scenario.ps1</span><span class="w"> </span><span class="nt">-Scenario</span><span class="w"> </span><span class="nx">tiny</span><span class="w"> </span><span class="nt">-Vus</span><span class="w"> </span><span class="nx">50</span><span class="w"> </span><span class="nt">-Duration</span><span class="w"> </span><span class="nx">60s</span><span class="w"> </span><span class="nt">-DelayMs</span><span class="w"> </span><span class="nx">500</span><span class="w"> </span><span class="o">.</span><span class="n">\scripts\run-scenario.ps1</span><span class="w"> </span><span class="nt">-Scenario</span><span class="w"> </span><span class="nx">pool16</span><span class="w"> </span><span class="nt">-Vus</span><span class="w"> </span><span class="nx">50</span><span class="w"> </span><span class="nt">-Duration</span><span class="w"> </span><span class="nx">60s</span><span class="w"> </span><span class="nt">-DelayMs</span><span class="w"> </span><span class="nx">500</span><span class="w"> </span></code></pre> </div> <blockquote> <p><strong>Limitación importante:</strong> todo esto es un single local run del 2026-05-14 en Windows con Docker Desktop/WSL2. Los números sirven para comparar escenarios dentro de la misma máquina. No son un benchmark universal ni reflejan comportamiento en ningún entorno en la nube, Railway o de otro tipo. <code>pg_sleep</code> retiene conexiones de forma artificial para hacer visible la presión — no representa una workload real de producción.</p> </blockquote> <h2> Los resultados completos — y qué leer en ellos </h2> <p>Esta es la tabla que generó <code>summarize-results.ps1</code> a partir de los JSON de k6:</p> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Escenario</th> <th>Delay</th> <th>Intentos</th> <th>Exitosas</th> <th>Fallidas</th> <th>Error rate</th> <th>Exitosas/s</th> <th>p95 todos</th> <th>p95 exitosas</th> <th>Active máx.</th> <th>Waiting máx.</th> </tr> </thead> <tbody> <tr> <td>default</td> <td>50ms</td> <td>11772</td> <td>11772</td> <td>0</td> <td>0%</td> <td>195.38</td> <td>165.7ms</td> <td>165.7ms</td> <td>10</td> <td>30</td> </tr> <tr> <td>default</td> <td>500ms</td> <td>1240</td> <td>1240</td> <td>0</td> <td>0%</td> <td>19.85</td> <td>2418.16ms</td> <td>2418.16ms</td> <td>10</td> <td>39</td> </tr> <tr> <td>tiny</td> <td>50ms</td> <td>8289</td> <td>2325</td> <td>5964</td> <td>71.95%</td> <td>38.53</td> <td>298.81ms</td> <td>304.84ms</td> <td>2</td> <td>47</td> </tr> <tr> <td><strong>tiny</strong></td> <td><strong>500ms</strong></td> <td><strong>8139</strong></td> <td><strong>240</strong></td> <td><strong>7899</strong></td> <td><strong>97.05%</strong></td> <td><strong>3.97</strong></td> <td><strong>260.78ms</strong></td> <td><strong>752.51ms</strong></td> <td><strong>2</strong></td> <td><strong>47</strong></td> </tr> <tr> <td>pool4</td> <td>50ms</td> <td>4712</td> <td>4712</td> <td>0</td> <td>0%</td> <td>77.75</td> <td>557.55ms</td> <td>557.55ms</td> <td>4</td> <td>43</td> </tr> <tr> <td>pool4</td> <td>500ms</td> <td>1779</td> <td>492</td> <td>1287</td> <td>72.34%</td> <td>7.95</td> <td>1962.83ms</td> <td>1990.52ms</td> <td>4</td> <td>45</td> </tr> <tr> <td>pool8</td> <td>50ms</td> <td>9253</td> <td>9253</td> <td>0</td> <td>0%</td> <td>153.4</td> <td>365.15ms</td> <td>365.15ms</td> <td>8</td> <td>41</td> </tr> <tr> <td>pool8</td> <td>500ms</td> <td>1653</td> <td>984</td> <td>669</td> <td>40.47%</td> <td>15.87</td> <td>1996.36ms</td> <td>1998.83ms</td> <td>8</td> <td>41</td> </tr> <tr> <td>pool16</td> <td>50ms</td> <td>18155</td> <td>18155</td> <td>0</td> <td>0%</td> <td>301.83</td> <td>82.92ms</td> <td>82.92ms</td> <td>16</td> <td>40</td> </tr> <tr> <td>pool16</td> <td>500ms</td> <td>1948</td> <td>1947</td> <td>1</td> <td>0.05%</td> <td>31.62</td> <td>1492.44ms</td> <td>1492.44ms</td> <td>16</td> <td>31</td> </tr> <tr> <td>pool32</td> <td>50ms</td> <td>18892</td> <td>18892</td> <td>0</td> <td>0%</td> <td>314.16</td> <td>70.33ms</td> <td>70.33ms</td> <td>32</td> <td>32</td> </tr> <tr> <td>pool32</td> <td>500ms</td> <td>3830</td> <td>3830</td> <td>0</td> <td>0%</td> <td>63.00</td> <td>784.9ms</td> <td>784.9ms</td> <td>32</td> <td>24</td> </tr> </tbody> </table></div> <p>Hay varias cosas que vale la pena leer juntas, no por separado.</p> <h2> La trampa del p95 bajo con error rate alto </h2> <p>El caso <code>tiny</code> con delay 500ms es el más instructivo del experimento. El p95 de todos los intentos es <code>260.78ms</code>. Si solo mirás ese número, parecería que el pool responde muy rápido. Pero el 97.05% de error rate te dice que casi ninguna query llegó a ejecutarse — HikariCP estaba rechazando requests en <code>connectionTimeout: 250ms</code> porque no había conexiones libres.</p> <p>La separación entre <code>query_duration</code> y <code>query_success_duration</code> hace visible lo que el número agregado escondía: el p95 de las queries <strong>exitosas</strong> es <code>752.51ms</code> — casi tres veces más. Esas pocas queries que sí consiguieron una conexión tardaron casi un segundo, probablemente porque esperaron a que alguna de las dos conexiones del pool se liberara.</p> <p>Cuando <code>active</code> está pegado al máximo del pool (2/2) y <code>waiting</code> llega a 47, el sistema no está procesando carga — la está rechazando. Los 260ms son el tiempo de fracaso, no de éxito.</p> <p><strong>Señal que importa:</strong> si <code>p95 todos los intentos</code> ≪ <code>p95 exitosas</code> y el error rate es alto, el pool está en exhaustion. No estás viendo latencia de queries: estás viendo latencia de rechazo.</p> <h2> Cómo leer las cuatro señales en conjunto </h2> <p>El experimento confirmó que ninguna métrica sola alcanza. Las señales que tiene sentido cruzar son:</p> <h3> 1. Error rate + successful queries/s </h3> <p>Estas dos juntas son el primer filtro. Un error rate de 0% con 19.85 exitosas/s (<code>default</code>, delay 500ms) es muy diferente a un error rate de 97% con 3.97 exitosas/s (<code>tiny</code>, delay 500ms). El throughput de exitosas dice cuánto trabajo útil hace el sistema; el error rate dice cuánto trabajo está tirando a la basura.</p> <p>En <code>pool4</code> con delay 500ms: 72.34% de error rate con solo 7.95 exitosas/s. Cuatro conexiones con queries de 500ms dan un techo teórico de 8 exitosas/s (4 conexiones × 2 por segundo). Los números coinciden: el pool está al límite y rechaza el resto.</p> <h3> 2. <code>active = maximumPoolSize</code> sostenido + <code>waiting &gt; 0</code> </h3> <p>Esta combinación es la señal operativa más directa de que el pool está bajo presión. Cuando <code>maxActiveConnections</code> bate el techo configurado y <code>maxThreadsAwaitingConnection</code> es mayor que cero durante un período sostenido, los threads de la aplicación están esperando una conexión que no está disponible.</p> <p>Del experimento:</p> <ul> <li> <code>tiny</code> delay 500ms: active máx. 2/2, waiting máx. 47. Pool exhausto desde el principio.</li> <li> <code>pool8</code> delay 500ms: active máx. 8/8, waiting máx. 41, error rate 40.47%. Presión alta pero no total.</li> <li> <code>pool32</code> delay 500ms: active máx. 32/32, waiting máx. 24, error rate 0%. El pool llega al techo pero absorbe la carga sin rechazar.</li> </ul> <p>En <code>pool32</code> con delay 500ms, <code>waiting = 24</code> con error rate 0% significa que los threads esperan pero el <code>connectionTimeout: 1500ms</code> alcanza — las queries encolan y eventualmente consiguen conexión. Es un sistema bajo presión que aún funciona, no uno en crisis.</p> <h3> 3. Latencia de intentos vs. latencia de exitosas </h3> <p>Ya mencioné el caso <code>tiny</code>. Pero vale generalizar: cuando hay error rate significativo, el p95 de todos los intentos deja de ser una métrica de performance de la aplicación y pasa a ser una métrica de velocidad de rechazo. La latencia operativa real es la de las queries exitosas.</p> <p>En <code>pool4</code> delay 500ms: p95 todos los intentos <code>1962.83ms</code>, p95 exitosas <code>1990.52ms</code>. Acá los números son similares porque las queries que sí pasan también esperan mucho — el pool tiene 4 conexiones con queries de 500ms, así que casi todo el tiempo está esperando que alguna se libere.</p> <h3> 4. El salto de 50ms a 500ms como revelador de presión </h3> <p>Con delay 50ms, <code>pool8</code> no tiene un solo error y procesa 153.4 exitosas/s. Con delay 500ms, cae a 40.47% de error rate y 15.87 exitosas/s. El pool no cambió — cambió el tiempo de retención de la conexión. Si cada conexión tarda diez veces más en liberarse, el pool que antes era suficiente ahora no alcanza.</p> <p>Esta es la variable que más frecuentemente se ignora cuando se calibra un pool: no es solo cuántas conexiones hay, sino cuánto tiempo cada query las retiene. Un pool de 16 conexiones con queries de 50ms es muy diferente a un pool de 16 conexiones con queries de 500ms.</p> <h2> El límite del salto de pool16 a pool32 con delay corto </h2> <p>Hay una observación del experimento que me parece importante para evitar la conclusión fácil de "más conexiones = mejor".</p> <p>Con delay 50ms:</p> <ul> <li> <code>pool16</code>: 301.83 exitosas/s, p95 82.92ms</li> <li> <code>pool32</code>: 314.16 exitosas/s, p95 70.33ms</li> </ul> <p>Doblar el tamaño del pool dio una mejora de apenas ~4% en throughput. El salto de <code>pool8</code> a <code>pool16</code> fue mucho mayor (153.4 → 301.83, casi el doble). A partir de cierto punto, el cuello de botella deja de ser el pool y pasa a ser otra cosa — en este caso, probablemente el CPU del Docker Desktop o el propio PostgreSQL bajo carga de 50 VUs.</p> <p>Esto es consistente con la fórmula que Brettwooldridge menciona en el README de HikariCP: el pool óptimo para throughput de base de datos no es simplemente "el más grande posible". Más allá de cierto umbral, agregar conexiones genera overhead sin beneficio real, y en un entorno con límites de <code>max_connections</code> en PostgreSQL podés quedarte sin slots antes de que el throughput mejore.</p> <p>La conclusión práctica del experimento no es que 32 sea el número correcto. Es que <code>pool16</code> con delay 500ms tiene 0.05% de error rate y <code>pool32</code> tiene 0%, con un throughput 2x mayor. Dependiendo de los tiempos reales de las queries y los límites de la PostgreSQL, el trade-off es diferente en cada caso.</p> <h2> Las métricas que expone el experimento vía Actuator </h2> <p>La app tiene Actuator habilitado con health, info, metrics y prometheus. Durante una corrida podés consultar el estado del pool directamente:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c"># Estado del pool vía endpoint propio</span> curl http://localhost:8080/api/pool <span class="c"># Métricas Micrometer vía Actuator</span> curl http://localhost:8080/actuator/metrics/hikaricp.connections.active curl http://localhost:8080/actuator/metrics/hikaricp.connections.pending curl http://localhost:8080/actuator/metrics/hikaricp.connections.timeout </code></pre> </div> <p>El endpoint <code>/api/pool</code> usa <code>HikariPoolMXBean</code> directamente y devuelve <code>active</code>, <code>idle</code>, <code>total</code>, <code>threadsAwaitingConnection</code> y la configuración efectiva. Es lo que k6 consulta en paralelo para registrar las métricas <code>hikari_pool_active</code>, <code>hikari_pool_idle</code>, <code>hikari_pool_total</code> y <code>hikari_pool_threads_awaiting_connection</code>.</p> <p>La métrica <code>hikaricp.connections.timeout</code> de Actuator es la que más me interesa en cualquier entorno real: cuenta las veces que un thread esperó una conexión y se venció el <code>connectionTimeout</code>. Si ese contador es mayor que cero, hay usuarios afectados — no es una advertencia, es un hecho.</p> <h2> La configuración del experimento vs. configuración para un entorno real </h2> <p>El experimento usa valores diseñados para hacer visible la presión en un laboratorio, no valores para copiar en cualquier sistema. El perfil <code>tiny</code> tiene <code>connectionTimeout: 250ms</code> porque 250ms hace que el pool rechace requests rápido y los errores sean inmediatamente visibles. En un sistema real, 250ms es probablemente demasiado agresivo — vas a generar falsos positivos ante cualquier pico breve.</p> <p>Lo que sí traslada son los principios de lectura:</p> <p><strong>Sobre <code>connectionTimeout</code>:</strong> el valor define la velocidad del fallo, no la velocidad del éxito. Un timeout corto genera errores más rápido y hace que los síntomas sean visibles antes. Un timeout largo acumula threads bloqueados que consumen memoria y pueden saturar el thread pool del servidor web antes de que el error sea obvio. Cuál de los dos querés depende de si tenés circuit breakers y retry logic, y de cuánto tiempo puede esperar un usuario antes de que la experiencia se rompa.</p> <p><strong>Sobre <code>maximumPoolSize</code>:</strong> el número correcto depende del tiempo promedio de retención de las queries, la concurrencia esperada, y los límites de <code>max_connections</code> de la PostgreSQL. No hay una fórmula universal. Lo que el experimento muestra es que con queries de 500ms y 50 VUs, necesitás al menos 16 conexiones para llegar a error rate cercano a cero — y que doblar a 32 da rendimientos marginales decrecientes en el throughput.</p> <p><strong>Sobre bases de datos gestionadas en la nube:</strong> si usás Railway, Supabase, RDS u otro servicio donde no controlás el servidor directamente, hay un parámetro adicional que importa y que el experimento no cubre: <code>maxLifetime</code>. El servidor puede cerrar conexiones inactivas antes del default de 30 minutos de HikariCP, y una conexión que desde el pool "está viva" pero el servidor ya cerró va a generar <code>PSQLException: This connection has been closed</code> en el próximo uso. Configurar <code>maxLifetime</code> por debajo del timeout del servidor es un ajuste necesario en esos entornos — pero no es algo que este laboratorio local con Docker pueda medir.</p> <h2> Mi postura después del experimento </h2> <p>Lo más valioso del ejercicio no fue elegir un número de conexiones. Fue entender que HikariCP no se ajusta mirando una sola métrica.</p> <p>Si solo mirás el p95 de todos los intentos, podés concluir que un pool en crisis es "rápido". Si solo mirás el error rate, no sabés si el sistema está absorbiendo carga o rechazándola. Si solo mirás <code>active</code>, no sabés si el pool tiene margen o está al límite. Necesitás cruzar los cuatro: error rate, successful queries/s, active vs. máximo configurado, waiting, y latencia de exitosas.</p> <p>El otro aprendizaje que me quedó: hay dos formas de que un pool falle bajo carga. Una es el timeout largo — threads que esperan 30 segundos y eventualmente explotan el heap. La otra es el timeout corto — rechazos rápidos que generan error rate alto pero dan la ilusión de baja latencia. El laboratorio hizo visible las dos con números reales.</p> <p>No compro la idea de que hay un <code>maximumPoolSize</code> correcto universal. Lo que hay es un tamaño correcto para la combinación de tiempo de query, concurrencia esperada, y capacidad de la base de datos. Y ese número solo tiene sentido leído junto con el tiempo de retención de conexiones y la tasa de error — no en aislamiento.</p> <p>El repo tiene todo lo necesario para correrlo de nuevo en la entorno y comparar:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight powershell"><code><span class="o">.</span><span class="n">\scripts\run-matrix.ps1</span><span class="w"> </span><span class="nt">-Vus</span><span class="w"> </span><span class="nx">50</span><span class="w"> </span><span class="nt">-Duration</span><span class="w"> </span><span class="nx">60s</span><span class="w"> </span></code></pre> </div> <p>Si cambiás el delay, la concurrencia o el <code>maximumPoolSize</code>, las señales cambian. Eso es exactamente el punto.</p> <p>→ <a href="https://github.com/JuanTorchia/hikaricp-pool-experiment" rel="noopener noreferrer">github.com/JuanTorchia/hikaricp-pool-experiment</a></p> <p><strong>Referencia:</strong></p> <ul> <li>HikariCP GitHub — Configuration: <a href="https://github.com/brettwooldridge/HikariCP#gear-configuration-knobs-baby" rel="noopener noreferrer">https://github.com/brettwooldridge/HikariCP#gear-configuration-knobs-baby</a> </li> </ul> spanish espanol experimentos performance pnpm workspaces: the CI cache that survived the fix and cost me 40 minutes per build Juan Torchia Tue, 12 May 2026 14:31:10 +0000 https://dev.to/jtorchia/pnpm-workspaces-the-ci-cache-that-survived-the-fix-and-cost-me-40-minutes-per-build-2807 https://dev.to/jtorchia/pnpm-workspaces-the-ci-cache-that-survived-the-fix-and-cost-me-40-minutes-per-build-2807 <h1> pnpm workspaces: the CI cache that survived the fix and cost me 40 minutes per build </h1> <p>I finished my previous post convinced the monorepo was solid. Tests green, deploy successful, pnpm workspaces configured exactly as the docs say. Went to bed happy.</p> <p>Next morning I checked the third CI run and saw this in the logs:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight console"><code><span class="go">Cache not found for input keys: node-modules-cache-abc123 Run pnpm install --frozen-lockfile </span><span class="c">... </span><span class="go">Progress: resolved 847, reused 0, downloaded 847, added 847 </span></code></pre> </div> <p><code>reused 0</code>. Eight hundred and forty-seven packages downloaded from scratch. Forty minutes of build time where it should've been eight.</p> <p>My thesis, before I get into the details: <strong>pnpm's cache in GitHub Actions does not work out-of-the-box with monorepos</strong>. Not because pnpm is broken — pnpm is excellent, I'll say that without ambiguity — but because the store-dir in CI behaves differently than it does locally, and most people never configure it explicitly. That invisible difference destroys any cache strategy that doesn't account for it.</p> <h2> The real problem: pnpm store-dir in CI isn't where you think it is </h2> <p>When you run <code>pnpm install</code> on your machine, the global store lives at <code>~/.local/share/pnpm/store</code> (Linux) or <code>~/Library/pnpm/store</code> (macOS). Every project on your system shares that store — if a package already exists, pnpm links it with hard links. Instantaneous.</p> <p>In GitHub Actions, the runner starts clean on every execution. There's no previous store. So pnpm has two possible behaviors:</p> <ol> <li> <strong>Without explicit configuration</strong>: pnpm picks a dynamic path for the store — sometimes inside the workspace, sometimes in a temp dir on the runner. The path changes between runners and between runs.</li> <li> <strong>With an explicit <code>--store-dir</code></strong>: pnpm always uses exactly that path. You can cache that path with <code>actions/cache</code> and restore it on the next run.</li> </ol> <p>The problem with case 1 is that <code>actions/cache</code> needs a fixed path to work. If the store path varies, the restore never matches even if the key is identical. The cache exists in GitHub's S3, but it never gets restored because pnpm is looking in a different directory.</p> <p>This is exactly what pnpm's official CI documentation covers — but it's buried in the advanced configuration section, not in the quickstart that everyone copies.</p> <h2> The YAML before the fix: what everyone was copying </h2> <p>This was the workflow I had, assembled from a handful of tutorials:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="c1"># workflow BEFORE — broken cache in monorepo</span> <span class="na">name</span><span class="pi">:</span> <span class="s">CI</span> <span class="na">on</span><span class="pi">:</span> <span class="pi">[</span><span class="nv">push</span><span class="pi">,</span> <span class="nv">pull_request</span><span class="pi">]</span> <span class="na">jobs</span><span class="pi">:</span> <span class="na">build</span><span class="pi">:</span> <span class="na">runs-on</span><span class="pi">:</span> <span class="s">ubuntu-latest</span> <span class="na">steps</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">actions/checkout@v4</span> <span class="pi">-</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">pnpm/action-setup@v4</span> <span class="na">with</span><span class="pi">:</span> <span class="na">version</span><span class="pi">:</span> <span class="m">9</span> <span class="pi">-</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">actions/setup-node@v4</span> <span class="na">with</span><span class="pi">:</span> <span class="na">node-version</span><span class="pi">:</span> <span class="m">22</span> <span class="c1"># ⚠️ cache: 'pnpm' here looks like it does something, but it doesn't configure store-dir</span> <span class="na">cache</span><span class="pi">:</span> <span class="s1">'</span><span class="s">pnpm'</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Install dependencies</span> <span class="na">run</span><span class="pi">:</span> <span class="s">pnpm install --frozen-lockfile</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Build</span> <span class="na">run</span><span class="pi">:</span> <span class="s">pnpm run build</span> </code></pre> </div> <p>The <code>cache: 'pnpm'</code> in <code>setup-node</code> caches <code>node_modules</code> at the root project level. In a monorepo with workspaces, that's not enough: each package has its own <code>node_modules</code> with symlinks pointing back to the global store. If the store doesn't restore correctly, those symlinks point to nothing and pnpm reinstalls everything.</p> <p>The cache miss in the logs looked like this:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>##[group]Cache not found Key: node-modules-pnpm-store-Linux-abc1234def5678 Restore keys attempted: node-modules-pnpm-store-Linux- node-modules-pnpm-store- Cache Size: ~0 B ##[endgroup] </code></pre> </div> <p>Cache restored: zero bytes. Every run started from scratch.</p> <h2> The YAML after: explicit store-dir and workspace lockfile hashing </h2> <p>The fix requires three concrete changes:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="c1"># workflow AFTER — cache that actually works in a monorepo</span> <span class="na">name</span><span class="pi">:</span> <span class="s">CI</span> <span class="na">on</span><span class="pi">:</span> <span class="pi">[</span><span class="nv">push</span><span class="pi">,</span> <span class="nv">pull_request</span><span class="pi">]</span> <span class="na">jobs</span><span class="pi">:</span> <span class="na">build</span><span class="pi">:</span> <span class="na">runs-on</span><span class="pi">:</span> <span class="s">ubuntu-latest</span> <span class="na">env</span><span class="pi">:</span> <span class="c1"># Fixed store path — critical so actions/cache always finds the same thing</span> <span class="na">PNPM_STORE_PATH</span><span class="pi">:</span> <span class="s">~/.pnpm-store</span> <span class="na">steps</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">actions/checkout@v4</span> <span class="pi">-</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">pnpm/action-setup@v4</span> <span class="na">with</span><span class="pi">:</span> <span class="na">version</span><span class="pi">:</span> <span class="m">9</span> <span class="pi">-</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">actions/setup-node@v4</span> <span class="na">with</span><span class="pi">:</span> <span class="na">node-version</span><span class="pi">:</span> <span class="m">22</span> <span class="c1"># No cache: 'pnpm' here — we manage it manually below</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Get pnpm store path</span> <span class="na">id</span><span class="pi">:</span> <span class="s">pnpm-cache</span> <span class="na">run</span><span class="pi">:</span> <span class="pi">|</span> <span class="s"># Force the explicit store-dir so the path is predictable</span> <span class="s">pnpm config set store-dir $PNPM_STORE_PATH</span> <span class="s">echo "store-path=$PNPM_STORE_PATH" &gt;&gt; $GITHUB_OUTPUT</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Restore pnpm store cache</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">actions/cache@v4</span> <span class="na">with</span><span class="pi">:</span> <span class="na">path</span><span class="pi">:</span> <span class="s">${{ steps.pnpm-cache.outputs.store-path }}</span> <span class="c1"># Key includes lockfile hash — invalidates when dependencies change</span> <span class="na">key</span><span class="pi">:</span> <span class="s">pnpm-store-${{ runner.os }}-${{ hashFiles('**/pnpm-lock.yaml') }}</span> <span class="c1"># Broader restore key in case the lockfile changed partially</span> <span class="na">restore-keys</span><span class="pi">:</span> <span class="pi">|</span> <span class="s">pnpm-store-${{ runner.os }}-</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Install dependencies</span> <span class="na">run</span><span class="pi">:</span> <span class="s">pnpm install --frozen-lockfile</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Build workspaces</span> <span class="na">run</span><span class="pi">:</span> <span class="s">pnpm run -r build</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Tests</span> <span class="na">run</span><span class="pi">:</span> <span class="s">pnpm run -r test</span> </code></pre> </div> <p>The critical changes are in three places:</p> <p><strong>1. <code>PNPM_STORE_PATH</code> as a fixed environment variable.</strong> Without this, every runner picks its own path. With this, the store always lives at <code>~/.pnpm-store</code> and <code>actions/cache</code> knows exactly what to restore.</p> <p><strong>2. <code>pnpm config set store-dir</code> before install.</strong> Defining the environment variable isn't enough — you have to explicitly tell pnpm to use that path. This is the line missing from 90% of the examples I found.</p> <p><strong>3. `hashFiles('</strong>/pnpm-lock.yaml')<code>.** The </code><strong><code> matters. In a monorepo you can have lockfiles per workspace in addition to the root one. With </code></strong>/pnpm-lock.yaml<code>, the cache key changes if any lockfile in the repo changes. With just </code>pnpm-lock.yaml`, you miss changes in nested workspaces.</p> <h2> The gotchas nobody documents </h2> <h3> A broad <code>restore-keys</code> can cause more damage than good </h3> <p>With <code>restore-keys: pnpm-store-${{ runner.os }}-</code> you're telling GitHub Actions "if you can't find the exact key, use the most recent cache that matches this prefix." Sounds reasonable. The problem is a partially-restored store (from a different lockfile) can cause subtle conflicts where pnpm thinks a package is installed but it's missing a transitive dependency.</p> <p>My solution: use the broad restore-key only to reduce initial download time, but always run <code>pnpm install --frozen-lockfile</code> afterwards. The <code>--frozen-lockfile</code> guarantees consistency even if the store is partially stale.</p> <h3> <code>pnpm run -r build</code> doesn't respect dependency order between workspaces by default </h3> <p>If <code>apps/web</code> depends on <code>packages/ui</code>, you need <code>packages/ui</code> to build first. <code>pnpm run -r build</code> runs in parallel by default. The fix:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="c1"># Respect the workspace dependency graph order</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Build in topological order</span> <span class="na">run</span><span class="pi">:</span> <span class="s">pnpm run --filter="..." --workspace-concurrency=1 build</span> <span class="c1"># Or better yet, using the --sort flag:</span> <span class="c1"># pnpm run -r --sort build</span> </code></pre> </div> <p>The <code>--sort</code> flag makes pnpm respect the workspace dependency graph. Without this, in a monorepo with shared packages you'll see import errors for things that don't exist yet because the package you depend on hasn't compiled yet.</p> <h3> The cache is saved at the end of the job, not the beginning </h3> <p>This is <code>actions/cache</code> behavior that burns a lot of people: the cache is persisted when the job finishes <em>successfully</em>. If the job fails on the build step (after installing dependencies), the new store cache doesn't get saved. The next run downloads everything again.</p> <p>To mitigate this, you can split install into its own job:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">jobs</span><span class="pi">:</span> <span class="na">install</span><span class="pi">:</span> <span class="na">runs-on</span><span class="pi">:</span> <span class="s">ubuntu-latest</span> <span class="na">steps</span><span class="pi">:</span> <span class="c1"># Only installs and caches — always finishes successfully if deps are fine</span> <span class="s">...</span> <span class="na">build</span><span class="pi">:</span> <span class="na">needs</span><span class="pi">:</span> <span class="s">install</span> <span class="na">runs-on</span><span class="pi">:</span> <span class="s">ubuntu-latest</span> <span class="na">steps</span><span class="pi">:</span> <span class="c1"># Restores the cache from the previous job and builds</span> <span class="s">...</span> </code></pre> </div> <h2> The actual numbers </h2> <p>In a reproducible scenario with a three-workspace monorepo (<code>apps/web</code>, <code>packages/ui</code>, <code>packages/config</code>) and ~850 total dependencies:</p> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Configuration</th> <th>Install time</th> <th>Total CI time</th> </tr> </thead> <tbody> <tr> <td>No cache (downloads everything)</td> <td>~22 min</td> <td>~40 min</td> </tr> <tr> <td> <code>cache: 'pnpm'</code> in setup-node (broken cache)</td> <td>~20 min</td> <td>~38 min</td> </tr> <tr> <td>Explicit store-dir + lockfile hash</td> <td>~1.5 min</td> <td>~8 min</td> </tr> </tbody> </table></div> <p>The "broken cache" in the second row is the most treacherous case: the workflow shows the cache step exists, the log says "Cache found" on some runs, but the restore is partial. The time drops by barely 2 minutes because something is restored — just not enough to avoid most of the downloads.</p> <p>The difference between 38 and 8 minutes is exactly the kind of overhead that accumulates silently. A team of four people doing ten PRs a day is 1,200 minutes of wasted build time per week.</p> <h2> FAQ: pnpm workspaces cache GitHub Actions CI </h2> <p><strong>Why doesn't <code>cache: 'pnpm'</code> in <code>actions/setup-node</code> work well with monorepos?</strong></p> <p>Because it caches the <code>node_modules</code> in the root directory but not pnpm's global store. In a monorepo with workspaces, each package has its own <code>node_modules</code> with symlinks pointing to the store. If the store doesn't restore correctly, pnpm detects the broken symlinks and reinstalls everything from scratch. The fix is to cache the store directly with <code>actions/cache</code> and an explicit path.</p> <p><strong>What path does the pnpm store use in GitHub Actions runners?</strong></p> <p>Without explicit configuration, it varies. On Ubuntu runners it might be at <code>/home/runner/.local/share/pnpm/store</code> or in a temp path inside the workspace. That's exactly why the first rule is to define <code>store-dir</code> explicitly with <code>pnpm config set store-dir</code> before running <code>pnpm install</code>.</p> <p><strong>What's the right cache key strategy for pnpm in a monorepo?</strong></p> <p>Use <code>hashFiles('**/pnpm-lock.yaml')</code> with the double-asterisk glob. This includes the root lockfile and any lockfiles in subdirectories. Combined with <code>runner.os</code> to separate caches between Linux and macOS if you run on both. The broad restore-key without the hash works as a fallback but never as the primary key.</p> <p><strong>Do I need to change anything in <code>pnpm-workspace.yaml</code> for better cache behavior?</strong></p> <p>Not directly. <code>pnpm-workspace.yaml</code> defines the workspace structure, not store behavior. What does matter is that all packages have their dependencies properly declared in their respective <code>package.json</code> files. If a package uses a dependency that's only in the root without declaring it, pnpm might resolve it locally but fail in CI when the store is partially restored.</p> <p><strong>Is it worth separating the install job from the build job?</strong></p> <p>Depends on the size of the monorepo. For repos with more than 500 dependencies and builds that fail frequently (tests, linting) — yes, it's worth it: it guarantees the cache gets persisted even when the build fails. For small repos where install is fast, it's unnecessary overhead.</p> <p><strong>Does this work the same with pnpm 9 and Node.js 22?</strong></p> <p>Yes. The store-dir configuration has been stable since pnpm 8. With <code>pnpm/action-setup@v4</code> and <code>actions/setup-node@v4</code> the setup is identical regardless of Node version. What changes between pnpm versions are some command flags — <code>--workspace-concurrency</code> was renamed at some point — but the cache logic is the same.</p> <h2> The uncomfortable thing nobody says about pnpm and CI </h2> <p>pnpm is the best option for monorepos — I said it <a href="https://juanchi.dev/en/blog/pnpm-vs-npm-vs-yarn-2026-monorepo-real-benchmark" rel="noopener noreferrer">when I compared pnpm vs npm vs yarn with real benchmarks</a> and I stand by it. But it has a CI configuration curve that's genuinely frustrating because the errors are silent. The workflow "works" — CI doesn't explode, tests pass — but the cache is broken and nobody notices until someone actually looks at the timing with some attention.</p> <p>The previous post about <a href="https://juanchi.dev/en/blog/pnpm-workspaces-nextjs-16-monorepo-ci-hoisting-cache" rel="noopener noreferrer">pnpm workspaces in a monorepo with Next.js 16</a> ended with CI green. This post is what was left unresolved: the cache that survived the initial fix and kept silently costing time on every run. The lesson isn't that pnpm is poorly documented — the official CI docs are clear if you read them completely. The lesson is that "CI working" and "CI working efficiently" are two completely different states, and the second one requires you to watch the numbers, not just the green checkmark.</p> <p>If you're starting a new monorepo today, copy the fixed YAML directly. Don't use <code>cache: 'pnpm'</code> from setup-node as your only strategy. Configure store-dir before install. Use the <code>**/pnpm-lock.yaml</code> glob for the hash. That's ten extra lines that save thirty minutes per run.</p> <p>For architectures where CI time matters at scale — and if you're designing distributed systems, it does — these infrastructure details are part of the job. The same rigor I apply to digital signature system design or to analyzing <a href="https://juanchi.dev/en/blog/jakarta-ee-vs-spring-boot-2026-production-migration-tradeoffs" rel="noopener noreferrer">Jakarta EE vs Spring Boot tradeoffs</a> applies here: reasonable defaults are rarely the correct defaults for real-world cases.</p> <p><strong>Source:</strong></p> <ul> <li><a href="https://pnpm.io/continuous-integration" rel="noopener noreferrer">pnpm Docs — Continuous Integration</a></li> </ul> <p><em>This article was originally published on <a href="https://juanchi.dev/en/blog/pnpm-workspaces-ci-cache-github-actions-40-minutes-fix" rel="noopener noreferrer">juanchi.dev</a></em></p> english typescript pnpm node pnpm workspaces: el caché de CI que sobrevivió al fix y me costó 40 minutos de build Juan Torchia Tue, 12 May 2026 14:31:05 +0000 https://dev.to/jtorchia/pnpm-workspaces-el-cache-de-ci-que-sobrevivio-al-fix-y-me-costo-40-minutos-de-build-1hde https://dev.to/jtorchia/pnpm-workspaces-el-cache-de-ci-que-sobrevivio-al-fix-y-me-costo-40-minutos-de-build-1hde <h1> pnpm workspaces: el caché de CI que sobrevivió al fix y me costó 40 minutos de build </h1> <p>Terminé el post anterior convencido de que el monorepo andaba. Tests en verde, deploy exitoso, pnpm workspaces configurado como la documentación dice. Me fui a dormir contento.</p> <p>Al día siguiente revisé el tercer run de CI y vi esto en los logs:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight console"><code><span class="go">Cache not found for input keys: node-modules-cache-abc123 Run pnpm install --frozen-lockfile </span><span class="c">... </span><span class="go">Progress: resolved 847, reused 0, downloaded 847, added 847 </span></code></pre> </div> <p><code>reused 0</code>. Ochocientos cuarenta y siete paquetes descargados de cero. Cuarenta minutos de build donde deberían ser ocho.</p> <p>Mi tesis, antes de entrar al detalle: <strong>el caché de pnpm en GitHub Actions no funciona out-of-the-box con monorepos</strong>. No porque pnpm esté roto — pnpm es excelente, lo digo sin ambigüedad — sino porque el store-dir en CI tiene un comportamiento distinto al local que la mayoría no configura explícitamente. Y esa diferencia invisible destruye cualquier estrategia de caché que no la tenga en cuenta.</p> <h2> El problema real: pnpm store-dir en CI no es donde pensás </h2> <p>Cuando corrés <code>pnpm install</code> en tu máquina, el store global está en <code>~/.local/share/pnpm/store</code> (Linux) o <code>~/Library/pnpm/store</code> (macOS). Todos los proyectos del sistema comparten ese store: si un paquete ya existe, pnpm lo linkea con hard links. Instantáneo.</p> <p>En GitHub Actions, el runner arranca limpio con cada ejecución. No hay un store previo. Entonces pnpm tiene dos comportamientos posibles:</p> <ol> <li> <strong>Sin configuración explícita</strong>: pnpm elige una ruta dinámica para el store — a veces dentro del workspace, a veces en un temp dir del runner. El path cambia entre runners y entre runs.</li> <li> <strong>Con <code>--store-dir</code> explícito</strong>: pnpm siempre usa exactamente esa ruta. Podés cachear esa ruta con <code>actions/cache</code> y recuperarla en el próximo run.</li> </ol> <p>El problema con el caso 1 es que <code>actions/cache</code> necesita un path fijo para funcionar. Si el path del store varía, el restore nunca hace match aunque el key sea idéntico. El caché existe en S3 de GitHub, pero nunca se restaura porque pnpm busca en otro directorio.</p> <p>Esto es exactamente lo que muestra la documentación oficial de pnpm para CI — pero está enterrado en la sección de configuración avanzada, no en el quickstart que todos copian.</p> <h2> El YAML antes del fix: lo que copiaba todo el mundo </h2> <p>Este era el workflow que tenía, armado a partir de varios tutoriales:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="c1"># workflow ANTES — caché roto en monorepo</span> <span class="na">name</span><span class="pi">:</span> <span class="s">CI</span> <span class="na">on</span><span class="pi">:</span> <span class="pi">[</span><span class="nv">push</span><span class="pi">,</span> <span class="nv">pull_request</span><span class="pi">]</span> <span class="na">jobs</span><span class="pi">:</span> <span class="na">build</span><span class="pi">:</span> <span class="na">runs-on</span><span class="pi">:</span> <span class="s">ubuntu-latest</span> <span class="na">steps</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">actions/checkout@v4</span> <span class="pi">-</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">pnpm/action-setup@v4</span> <span class="na">with</span><span class="pi">:</span> <span class="na">version</span><span class="pi">:</span> <span class="m">9</span> <span class="pi">-</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">actions/setup-node@v4</span> <span class="na">with</span><span class="pi">:</span> <span class="na">node-version</span><span class="pi">:</span> <span class="m">22</span> <span class="c1"># ⚠️ cache: 'pnpm' acá parece que hace algo, pero no configura el store-dir</span> <span class="na">cache</span><span class="pi">:</span> <span class="s1">'</span><span class="s">pnpm'</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Instalar dependencias</span> <span class="na">run</span><span class="pi">:</span> <span class="s">pnpm install --frozen-lockfile</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Build</span> <span class="na">run</span><span class="pi">:</span> <span class="s">pnpm run build</span> </code></pre> </div> <p>El <code>cache: 'pnpm'</code> en <code>setup-node</code> cachea <code>node_modules</code> a nivel de proyecto raíz. En un monorepo con workspaces, eso es insuficiente: cada package tiene su propio <code>node_modules</code> con symlinks al store global. Si el store no se restaura correctamente, los symlinks apuntan a la nada y pnpm reinstala todo.</p> <p>El cache miss en los logs se veía así:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight console"><code><span class="gp">#</span><span class="c">#[group]Cache not found</span> <span class="go"> Key: node-modules-pnpm-store-Linux-abc1234def5678 Restore keys attempted: node-modules-pnpm-store-Linux- node-modules-pnpm-store- Cache Size: ~0 B </span><span class="gp">#</span><span class="c">#[endgroup]</span> </code></pre> </div> <p>Tamaño de caché restaurado: cero bytes. Cada run partía de cero.</p> <h2> El YAML después: store-dir explícito y hash por workspace </h2> <p>La solución requiere tres cambios concretos:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="c1"># workflow DESPUÉS — caché que realmente funciona en monorepo</span> <span class="na">name</span><span class="pi">:</span> <span class="s">CI</span> <span class="na">on</span><span class="pi">:</span> <span class="pi">[</span><span class="nv">push</span><span class="pi">,</span> <span class="nv">pull_request</span><span class="pi">]</span> <span class="na">jobs</span><span class="pi">:</span> <span class="na">build</span><span class="pi">:</span> <span class="na">runs-on</span><span class="pi">:</span> <span class="s">ubuntu-latest</span> <span class="na">env</span><span class="pi">:</span> <span class="c1"># Path fijo del store — crítico para que actions/cache encuentre siempre lo mismo</span> <span class="na">PNPM_STORE_PATH</span><span class="pi">:</span> <span class="s">~/.pnpm-store</span> <span class="na">steps</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">actions/checkout@v4</span> <span class="pi">-</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">pnpm/action-setup@v4</span> <span class="na">with</span><span class="pi">:</span> <span class="na">version</span><span class="pi">:</span> <span class="m">9</span> <span class="pi">-</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">actions/setup-node@v4</span> <span class="na">with</span><span class="pi">:</span> <span class="na">node-version</span><span class="pi">:</span> <span class="m">22</span> <span class="c1"># Sin cache: 'pnpm' acá — lo manejamos manualmente abajo</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Obtener path del store de pnpm</span> <span class="na">id</span><span class="pi">:</span> <span class="s">pnpm-cache</span> <span class="na">run</span><span class="pi">:</span> <span class="pi">|</span> <span class="s"># Forzamos el store-dir explícito para que el path sea predecible</span> <span class="s">pnpm config set store-dir $PNPM_STORE_PATH</span> <span class="s">echo "store-path=$PNPM_STORE_PATH" &gt;&gt; $GITHUB_OUTPUT</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Restaurar caché del store de pnpm</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">actions/cache@v4</span> <span class="na">with</span><span class="pi">:</span> <span class="na">path</span><span class="pi">:</span> <span class="s">${{ steps.pnpm-cache.outputs.store-path }}</span> <span class="c1"># Key con hash del lockfile — invalida cuando cambian dependencias</span> <span class="na">key</span><span class="pi">:</span> <span class="s">pnpm-store-${{ runner.os }}-${{ hashFiles('**/pnpm-lock.yaml') }}</span> <span class="c1"># Restore key más amplia por si el lockfile cambió parcialmente</span> <span class="na">restore-keys</span><span class="pi">:</span> <span class="pi">|</span> <span class="s">pnpm-store-${{ runner.os }}-</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Instalar dependencias</span> <span class="na">run</span><span class="pi">:</span> <span class="s">pnpm install --frozen-lockfile</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Build workspaces</span> <span class="na">run</span><span class="pi">:</span> <span class="s">pnpm run -r build</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Tests</span> <span class="na">run</span><span class="pi">:</span> <span class="s">pnpm run -r test</span> </code></pre> </div> <p>El cambio crítico está en tres lugares:</p> <p><strong>1. <code>PNPM_STORE_PATH</code> como variable de entorno fija.</strong> Sin esto, cada runner elige su propio path. Con esto, el store siempre vive en <code>~/.pnpm-store</code> y <code>actions/cache</code> sabe exactamente qué restaurar.</p> <p><strong>2. <code>pnpm config set store-dir</code> antes del install.</strong> No alcanza con definir la variable de entorno: hay que decirle explícitamente a pnpm que use ese path. Esta es la línea que faltaba en el 90% de los ejemplos que encontré.</p> <p><strong>3. `hashFiles('</strong>/pnpm-lock.yaml')<code>.** El </code><strong><code> es importante. En un monorepo podés tener lockfiles por workspace además del raíz. Con </code></strong>/pnpm-lock.yaml<code> el key de caché cambia si cualquier lockfile del repo cambia. Con solo </code>pnpm-lock.yaml` te perdés cambios en workspaces anidados.</p> <h2> Los gotchas que nadie documenta </h2> <h3> El <code>restore-keys</code> amplio puede hacer más daño que bien </h3> <p>Con <code>restore-keys: pnpm-store-${{ runner.os }}-</code> le decís a GitHub Actions "si no encontrás el key exacto, usá el caché más reciente que matchee este prefijo". Suena razonable. El problema es que un store parcialmente restaurado (de un lockfile diferente) puede causar conflictos sutiles donde pnpm cree que un paquete está instalado pero le falta una dependencia transitiva.</p> <p>Mi solución: usar el restore-key amplio solo para reducir el tiempo de descarga inicial, pero siempre correr <code>pnpm install --frozen-lockfile</code> después. El <code>--frozen-lockfile</code> garantiza consistencia aunque el store esté parcialmente stale.</p> <h3> <code>pnpm run -r build</code> no respeta el orden de dependencias entre workspaces por default </h3> <p>Si el package <code>apps/web</code> depende de <code>packages/ui</code>, necesitás que <code>packages/ui</code> se buildee primero. <code>pnpm run -r build</code> corre en paralelo por default. La solución:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="c1"># Respetar el orden del workspace graph</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Build en orden topológico</span> <span class="na">run</span><span class="pi">:</span> <span class="s">pnpm run --filter="..." --workspace-concurrency=1 build</span> <span class="c1"># O mejor aún, usando el flag --sort:</span> <span class="c1"># pnpm run -r --sort build</span> </code></pre> </div> <p>El flag <code>--sort</code> hace que pnpm respete el grafo de dependencias del workspace. Sin esto, en un monorepo con shared packages vas a ver errores de imports que no existen todavía porque el package del que dependés todavía no compiló.</p> <h3> El caché se guarda al final del job, no al principio </h3> <p>Esto es un comportamiento de <code>actions/cache</code> que quema a mucha gente: el caché se persiste cuando el job termina exitosamente. Si el job falla en el step de build (después de instalar dependencias), el nuevo caché del store no se guarda. El próximo run vuelve a descargar todo.</p> <p>Para mitigar esto, podés separar el install en un job propio:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">jobs</span><span class="pi">:</span> <span class="na">install</span><span class="pi">:</span> <span class="na">runs-on</span><span class="pi">:</span> <span class="s">ubuntu-latest</span> <span class="na">steps</span><span class="pi">:</span> <span class="c1"># Solo instala y cachea — siempre termina exitoso si las deps están bien</span> <span class="s">...</span> <span class="na">build</span><span class="pi">:</span> <span class="na">needs</span><span class="pi">:</span> <span class="s">install</span> <span class="na">runs-on</span><span class="pi">:</span> <span class="s">ubuntu-latest</span> <span class="na">steps</span><span class="pi">:</span> <span class="c1"># Restaura el caché del job anterior y buildea</span> <span class="s">...</span> </code></pre> </div> <h2> Los números concretos </h2> <p>En un escenario reproducible con un monorepo de tres workspaces (<code>apps/web</code>, <code>packages/ui</code>, <code>packages/config</code>) y un total de ~850 dependencias:</p> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Configuración</th> <th>Tiempo de install</th> <th>Tiempo total de CI</th> </tr> </thead> <tbody> <tr> <td>Sin caché (descarga todo)</td> <td>~22 min</td> <td>~40 min</td> </tr> <tr> <td> <code>cache: 'pnpm'</code> en setup-node (caché roto)</td> <td>~20 min</td> <td>~38 min</td> </tr> <tr> <td>Store-dir explícito + lockfile hash</td> <td>~1.5 min</td> <td>~8 min</td> </tr> </tbody> </table></div> <p>El "caché roto" de la segunda fila es el caso más traicionero: el workflow muestra que el paso de caché existe, el log dice "Cache found" en algunas corridas, pero el restore es parcial. El tiempo baja apenas 2 minutos porque algo se restaura — pero no lo suficiente para evitar la mayoría de las descargas.</p> <p>La diferencia entre 38 y 8 minutos es exactamente el tipo de overhead que se acumula silencioso. Un equipo de cuatro personas haciendo diez PRs por día son 1200 minutos de build time desperdiciado por semana.</p> <h2> FAQ: pnpm workspaces cache GitHub Actions CI </h2> <p><strong>¿Por qué <code>cache: 'pnpm'</code> en <code>actions/setup-node</code> no funciona bien con monorepos?</strong></p> <p>Porque cachea el <code>node_modules</code> del directorio raíz pero no el store global de pnpm. En un monorepo con workspaces, cada package tiene su propio <code>node_modules</code> con symlinks al store. Si el store no se restaura correctamente, pnpm detecta que los symlinks están rotos y reinstala todo de cero. La solución es cachear el store directamente con <code>actions/cache</code> y un path explícito.</p> <p><strong>¿Qué path tiene el store de pnpm en GitHub Actions runners?</strong></p> <p>Sin configuración explícita, varía. En runners Ubuntu puede estar en <code>/home/runner/.local/share/pnpm/store</code> o en un path temporal dentro del workspace. Por eso la primera regla es definir <code>store-dir</code> explícitamente con <code>pnpm config set store-dir</code> antes de correr <code>pnpm install</code>.</p> <p><strong>¿Cuál es la estrategia correcta de key para el caché de pnpm en monorepo?</strong></p> <p>Usar <code>hashFiles('**/pnpm-lock.yaml')</code> con el glob doble asterisco. Esto incluye el lockfile raíz y cualquier lockfile en subdirectorios. Combinado con <code>runner.os</code> para separar caché entre Linux y macOS si corrés en ambos. El restore-key amplio sin el hash sirve como fallback pero nunca como key principal.</p> <p><strong>¿Tengo que cambiar algo en <code>pnpm-workspace.yaml</code> para que el caché funcione mejor?</strong></p> <p>No directamente. <code>pnpm-workspace.yaml</code> define la estructura del workspace, no el comportamiento del store. Lo que sí importa es que todos los packages tengan sus dependencias declaradas correctamente en sus respectivos <code>package.json</code>: si un package usa una dependencia que solo está en el raíz sin declararlo, pnpm puede resolver localmente pero fallar en CI cuando el store se restaura parcialmente.</p> <p><strong>¿Vale la pena separar el job de install del job de build?</strong></p> <p>Depende del tamaño del monorepo. Para repos con más de 500 dependencias y builds que pueden fallar frecuentemente (tests, linting), sí vale: garantiza que el caché se persiste incluso cuando el build falla. Para repos chicos donde el install es rápido, es overhead innecesario.</p> <p><strong>¿Esto funciona igual con pnpm 9 y Node.js 22?</strong></p> <p>Sí. La configuración del store-dir es estable desde pnpm 8. Con <code>pnpm/action-setup@v4</code> y <code>actions/setup-node@v4</code> el setup es el mismo independientemente de la versión de Node. Lo que cambia entre versiones de pnpm son los flags de algunos comandos — por ejemplo, <code>--workspace-concurrency</code> fue renombrado en algún punto — pero la lógica de caché es idéntica.</p> <h2> Lo incómodo que nadie dice sobre pnpm y CI </h2> <p>pnpm es la mejor opción para monorepos — lo dije <a href="https://juanchi.dev/es/blog/pnpm-vs-npm-2026-monorepo-benchmark-real" rel="noopener noreferrer">cuando comparé pnpm vs npm vs yarn con benchmarks reales</a> y lo sostengo. Pero tiene una curva de configuración en CI que es genuinamente frustrante porque los errores son silenciosos. El workflow "funciona" — el CI no explota, los tests pasan — pero el caché está roto y nadie lo ve hasta que alguien mira los tiempos con atención.</p> <p>El post anterior sobre <a href="https://juanchi.dev/es/blog/pnpm-workspaces-monorepo-nextjs-ci-cache-problemas" rel="noopener noreferrer">pnpm workspaces en monorepo con Next.js 16</a> terminaba con el CI verde. Este post es lo que quedó sin resolver: el caché que sobrevivió al fix inicial y siguió costando tiempo en silencio. La lección no es que pnpm esté mal documentado — la documentación oficial de CI es clara si la leés completa. La lección es que "CI funcionando" y "CI funcionando eficientemente" son dos estados completamente distintos, y el segundo requiere que prestés atención a los números, no solo al check verde.</p> <p>Si arrancás un monorepo nuevo hoy, copiá el YAML del fix directamente. No uses el <code>cache: 'pnpm'</code> de setup-node como única estrategia. Configurá el store-dir antes del install. Usá el glob <code>**/pnpm-lock.yaml</code> para el hash. Son diez líneas extra que ahorran treinta minutos por run.</p> <p>Para arquitecturas donde el tiempo de CI importa a escala — y si estás diseñando sistemas distribuidos, importa — estos detalles de infraestructura son parte del trabajo. El mismo criterio que aplico al diseño de sistemas de firma digital o al análisis de <a href="https://juanchi.dev/es/blog/jakarta-ee-vs-spring-boot-2026-migracion-backend-produccion-tradeoffs" rel="noopener noreferrer">tradeoffs de Jakarta EE vs Spring Boot</a> aplica acá: los defaults razonables raramente son los defaults correctos para casos reales.</p> <p><strong>Fuente original:</strong></p> <ul> <li><a href="https://pnpm.io/continuous-integration" rel="noopener noreferrer">pnpm Docs — Continuous Integration</a></li> </ul> <p><em>Este artículo fue publicado originalmente en <a href="https://juanchi.dev/es/blog/pnpm-workspaces-cache-github-actions-ci-problema" rel="noopener noreferrer">juanchi.dev</a></em></p> spanish espanol typescript pnpm