← Lessons

quiz vs the machine

Gold1390

System Design

At Least Once Job Execution

Why acknowledgements make jobs run at least once, and what that means.

5 min read · core · beat Gold to climb

The Delivery Guarantee

A worker pulls a job, runs it, then acknowledges the broker to delete it. If the worker crashes before acknowledging, the broker assumes failure and redelivers the job. This gives at least once execution.

Why Not Exactly Once

True exactly once delivery across a network is impossible in general. Consider the gap between finishing the work and sending the acknowledgement:

  • If the worker dies in that gap, the broker never hears success and redelivers.
  • The job then runs a second time, even though it already succeeded.

So duplicates are not a bug to eliminate but a reality to handle.

At Most Once Versus At Least Once

  • At most once acknowledges before working. A crash loses the job. Use only when losing work is acceptable.
  • At least once acknowledges after working. A crash duplicates the job. Preferred for important work.

The Required Discipline

Because redelivery can happen, every handler that has side effects must be idempotent so a duplicate run is harmless. At least once plus idempotent handlers is the practical recipe for exactly once effects.

Key idea

At least once means a job may run more than once, so handlers must be idempotent to keep effects correct.

Check yourself

Answer to earn rating on the learn ladder.

1. Why does at least once delivery allow duplicate execution?

2. What discipline makes at least once safe for important work?