Retry asynchronous functions

This document describes how you can request asynchronous (non-HTTPS) background functions to retry on failure.

Semantics of retry

By default, without retries enabled, the semantics of executing a background function are "best effort." This means that while the goal is to execute the function exactly once, this is not guaranteed.

When you enable retries on a background function, however, the semantics change to "at-least-once" delivery (with the caveat that a function that keeps failing for days may eventually time out).

Why background functions fail to complete

On rare occasions, a function might exit prematurely due to an internal error, and by default the function might or might not be automatically retried.

More typically, a background function may fail to successfully complete due to errors thrown in the function code itself. Some of the reasons this might happen are as follows:

  • The function contains a bug and the runtime throws an exception.
  • The function cannot reach a service endpoint, or times out while trying to reach the endpoint.
  • The function intentionally throws an exception (for example, when a parameter fails validation).
  • When functions written in Node.js return a rejected promise or pass a non-null value to a callback.

In any of the above cases, the function stops executing by default and the event is discarded. If you want to retry the function when an error occurs, you can change the default retry policy by setting the "retry on failure" property. This causes the event to be retried repeatedly for up to multiple days until the function successfully completes.

Enabling and disabling retries

Using the API Console

You can enable or disable retries in the API Console as follows:

  1. Go to the Cloud Functions Overview page in the Cloud Platform Console.

  2. Click Create function. Alternatively, click an existing function to go to its details page and click Edit.

  3. Fill in the required fields for your function.

  4. Ensure the Trigger field is set to a background function trigger type, such as Cloud Pub/Sub or Cloud Storage.

  5. Expand the advanced settings by clicking More.

  6. Check or uncheck the box labeled Retry on failure.

Best practices

This section describes best practices for using retries.

Use retry to handle transient errors

Because your function is retried continuously until successful execution, permanent errors like bugs should be eliminated from your code thorough testing before enabling retries. Retries are best used to handle intermittent/transient failures that have a high likelihood of resolution upon retrying, such as a flaky service endpoint or timeout.

Set an end condition to avoid infinite retry loops

It is best practice to protect your function against continuous looping when using retries. You can do this by including a well-defined end condition, before the function begins processing. A simple yet effective approach is to discard events with timestamps older than a certain time. This helps to avoid excessive executions when failures are either persistent or longer-lived than expected.

For example, this code snippet discards all events older than 10 seconds:

const eventAgeMs = Date.now() - Date.parse(event.timestamp);
const eventMaxAgeMs = 10000;
if (eventAgeMs > eventMaxAgeMs) {
  console.log(`Dropping event ${event} with age[ms]: ${eventAgeMs}`);
  callback();
  return;
}

Use catch with Promises

If you turn on retries, you should consider adding catch to your promises. Cloud Functions does not understand a fatal error that shouldn't be retried, so you should modify your code accordingly if you support fatal errors.

Here is an example of what you should do:

return doFooAsync().catch((err) => {
    if (isFatal(err)) {
        console.error(`Fatal error ${err}`);
    }
    return Promise.reject(err);
});

Make retryable background functions idempotent

Background functions that can retried must be idempotent. Here are some general guidelines for making a background function idempotent:

  • Many external APIs (such as Stripe) let you supply an idempotency key as a parameter. If you are using such an API, you should use the event ID as the idempotency key.
  • Idempotency works well with at-least-once delivery, because it makes it safe to retry. So a general best practice for writing reliable code is to combine idempotency with retries.
  • Make sure that your code is internally idempotent. For example:
    • Make sure that mutations can happen more than once without changing the outcome.
    • Query database state in a transaction before mutating the state.
    • Make sure that all side effects are themselves idempotent.
  • Impose a transactional check outside the function, independent of the code. For example, persist state somewhere recording that a given event ID has already been processed.
  • Deal with duplicate function calls out-of-band. For example, have a separate clean up process that cleans up after duplicate function calls.

傳送您對下列選項的寶貴意見...

這個網頁
需要協助嗎?請前往我們的支援網頁