Consistency Models and Convergence in Denormalized Systems

Denormalized systems relax consistency guarantees to gain throughput and latency. The canonical pattern is eventual consistency: updates to the normalized source of truth propagate asynchronously to derived projections via change streams (Kafka, AWS Kinesis, database transaction logs). This introduces a staleness window where reads from denormalized stores return stale data. The critical design question is defining an acceptable staleness budget and engineering the pipeline to meet it reliably. Meta and Pinterest target staleness Service Level Objectives (SLOs) like 95% of changes visible in feeds within 5 seconds, 99% within 30 seconds. Achieving this requires measuring end to end lag: event timestamp at source minus apply timestamp at projection. Queuing delay, processing time, and multi region replication lag all contribute. If cross region replication alone takes 100 to 300 milliseconds at p95 and you queue changes for batching efficiency, you burn most of your 5 second budget before processing starts. This forces aggressive tuning: small batch sizes (10 to 100 events), parallel consumers per partition, idempotent upserts with versioning to handle reordering. Idempotency and versioning prevent divergence from out of order delivery. Each source entity carries a monotonically increasing version number or vector clock. Consumers only apply updates with newer versions, discarding stale ones. For counters, which cannot use simple versioning, systems shard increments across 64 or 128 buckets and periodically fold shards into a canonical count, correcting drift. Meta reports approximate counters can diverge by low single digit percentages without reconciliation; periodic jobs (every 10 to 60 minutes) scan and repair using the event log as source of truth. The failure mode is dual write anomalies. If application code updates both the normalized database and a denormalized cache or index synchronously, partial failures leave them diverged permanently unless you implement compensation. The robust pattern is outbox: write the source update and an event to an outbox table in a single transaction, then a separate process reads the outbox and publishes to the change stream. This guarantees at least once delivery; idempotent consumers handle duplicates. Cross region consistency adds another layer: if a user writes in region A and immediately reads from a denormalized projection built in region B, replication lag can show stale data. Solutions include sticky routing (read your writes from the same region), version tokens (client passes the write version and read blocks until projection catches up), or explicit staleness indicators in the User Interface (UI).

Meta feed convergence: change data capture from normalized social graph publishes to Kafka; consumers apply to per user denormalized feed rows with version numbers; end to end lag monitored at p50 (under 1 second), p95 (under 5 seconds), p99 (under 30 seconds); periodic reconciliation jobs scan for drift and repair from event log

Pinterest homefeed pipeline: outbox pattern on normalized pin/board updates ensures all changes captured; Kafka consumers process in parallel per user shard; idempotent upserts using entity version prevent out of order application; staleness SLO of 5 seconds p95 met by tuning batch size to 50 events and provisioning 500 consumer instances