Retry Budgets and Backoff Policy

Invariant (INV-12)

Within a session, retry count is monotonic and exhaustion is terminal. No timer/reconnect event resets an exhausted pair; only explicit Reset() starts a new session.

Tracker API (implemented)

  • RecordAttempt / RecordAttemptAt

  • State

  • IsExhausted

  • NextAttemptAfter

  • RecordSuccess

  • Reset

States:

  • ACTIVE

  • EXHAUSTED

Configuration knobs

  • MaxRetryCount

  • BackoffBase

  • MaxRetryDuration

  • WindowDuration

Validation coherence requires window_seconds >= backoff_base_seconds * max_retry_count.

Failure Injection Coverage

  • FI-C4-01: exhaustion at max count

  • FI-C4-02: no increment after exhausted

  • FI-C4-03: exhausted persists past window

Evidence

  • edge/retry/retry.go

  • edge/retry/retry_test.go (TestFI_C4_03_NoPeriodicReactivation)

  • edge/fi/fi_retry_test.go

  • edge/config/validate.go (window coherence rule)

See Also