Distributed Cache Systems

Caching introduces a fundamental tension in distributed systems: the cache is a copy, and copies can become stale. Every time you add a cache, you're accepting that reads might return data that no longer reflects the current state of the source of truth.

This isn't a bug—it's an inherent property of caching. The value proposition of caching (reduced latency, reduced load on source systems) comes precisely from serving copies instead of always querying the source. But this creates consistency challenges that, if mishandled, lead to subtle bugs, confused users, and data integrity issues.

Consider the consequences of cache inconsistency:

• E-commerce: User sees item in stock (cached), but checkout fails because it sold out
• Banking: User sees old balance after transfer completes
• Social media: Post displays old like count after user liked it
• Gaming: Leaderboard shows stale rankings after score update

None of these are necessarily wrong—users tolerate brief inconsistency in many contexts. But failing to understand and manage consistency expectations leads to poor user experiences and, in some cases, serious business problems.

This page examines cache consistency challenges in depth and provides strategies for achieving the right consistency level for your requirements.

Cache inconsistency occurs when the cached value differs from the source-of-truth value. Understanding why this happens is essential for designing appropriate solutions.

Sources of Inconsistency

1. Stale Data from TTL-Based Expiration

The most common cause: data changes in the source, but the cached copy hasn't expired yet.

T0: Cache user:42 with balance=$100, TTL=300s
T1: User deposits $50, database updated to $150
T150: Read user:42 → Returns $100 (stale)
T300: Cache expires
T301: Read user:42 → Returns $150 (fresh)

For 150 seconds, reads returned stale data. This is the price of caching.

2. Race Conditions During Updates

Concurrent operations can cause the cache to end up with wrong data even after an update attempt.

T0: Process A reads user:42 = $100 from DB
T1: Process B updates user:42 to $150 in DB
T2: Process B invalidates cache (or writes $150)
T3: Process A writes $100 to cache (from its stale read)

Result: Cache has $100, database has $150 — and it's not a TTL issue.

3. Distributed System Lag

In distributed caches with replication, updates may not propagate instantly:

• Write to cache master
• Replica hasn't received update yet
• Read from replica returns stale data

4. Network Partitions and Failures

During network issues:

• Invalidation messages may be lost
• Database updated but cache invalidation fails
• Cache retains stale data indefinitely

5. Clock Skew and Ordering

In distributed systems, time-based operations (TTL, timestamps) can misbehave:

• Server A's clock is ahead of Server B's
• TTL calculations differ between servers
• "Newer" data might appear older due to clock differences

Different use cases tolerate different amounts of inconsistency. Understanding your requirements prevents both under-engineering (too much inconsistency) and over-engineering (unnecessary complexity for strong consistency).

Consistency Spectrum

Matching Consistency to Requirements

Strong Consistency Use Cases:

• Account balances during transactions
• Inventory levels for last-item-in-stock
• Security permissions and access control
• Distributed locking and coordination

Read-Your-Writes Use Cases:

• Profile updates: user changes name, sees it immediately
• Order placement: user submits order, sees it in order history
• Settings changes: user toggles preference, sees it applied

Eventual Consistency Use Cases:

• Social media feeds: slight delay in new posts appearing is acceptable
• Product recommendations: stale recommendations still useful
• Analytics dashboards: real-time isn't required
• Search indexes: brief lag between publish and searchability

The Cost of Strong Consistency

Stronger consistency typically means:

• Higher latency: Must verify cache validity, potentially query source
• Lower throughput: More coordination, more source queries
• Higher complexity: Distributed protocols, locking mechanisms
• Reduced availability: May fail-closed rather than serve stale data

For most web applications, eventual consistency with bounded staleness (TTL) is sufficient. Reserve strong consistency for the specific operations that truly require it.

Cache invalidation is famously "one of the two hard things in computer science" (along with naming things and off-by-one errors). Each invalidation strategy has distinct characteristics.

Time-Based Expiration (TTL)

The simplest approach: data expires after a fixed time.

SET user:42 "{...}" EX 300    # Expires in 5 minutes

Advantages:

• Simple to implement and understand
• No coordination required between writers
• Natural bound on staleness

Disadvantages:

• Data may be stale until TTL expires
• No immediate consistency on update
• Short TTLs increase source load; long TTLs increase staleness

Best Practices:

• Use shorter TTLs for frequently-changing data
• Use longer TTLs for stable reference data
• Consider data criticality when setting TTL

Explicit Invalidation (Write-Through Updates)

Application explicitly invalidates or updates cache when data changes.

Invalidate (Delete) on Write:

def update_user(user_id, data):
    database.update(user_id, data)
    cache.delete(f"user:{user_id}")
    # Next read will cache fresh data

Update (Write-Through) on Write:

def update_user(user_id, data):
    database.update(user_id, data)
    cache.set(f"user:{user_id}", data, ex=300)
    # Cache immediately has fresh data

Invalidate vs Update Trade-off:

Event-Driven Invalidation

Decouple cache invalidation from the write path using events:

1. Application writes to database
2. Application publishes "data changed" event
3. Separate consumer receives event and invalidates cache

Advantages:

• Write path isn't blocked by cache operations
• Single invalidation point handles all caches
• Works across services in microservices

Disadvantages:

• Eventual consistency (event delivery delay)
• Event delivery guarantees matter (at-least-once, exactly-once)
• More infrastructure complexity

Race conditions are the most insidious source of cache inconsistency. They occur intermittently, are hard to reproduce, and can cause data to be incorrect indefinitely.

The Classic Race

The problem we saw earlier:

1. Process A reads stale data from DB
2. Process B updates DB and invalidates cache
3. Process A writes stale data to cache

Result: Cache has stale data, and TTL won't help because the data was just "refreshed."

Solution 1: Cache-Aside with Read Locking

Prevent concurrent cache population for the same key:

def get_user(user_id):
    cached = cache.get(f"user:{user_id}")
    if cached:
        return cached
    
    # Acquire lock before populating
    lock_key = f"lock:user:{user_id}"
    if cache.set(lock_key, "1", nx=True, ex=5):  # Got lock
        try:
            user = db.get_user(user_id)
            cache.set(f"user:{user_id}", serialize(user), ex=300)
            return user
        finally:
            cache.delete(lock_key)
    else:
        # Someone else is populating, wait and retry
        time.sleep(0.1)
        return get_user(user_id)

Solution 2: Version Stamping

Include a version number in cached data and only accept newer versions:

def update_user(user_id, data):
    # Atomically increment version in DB
    new_version = db.update_user_with_version(user_id, data)
    
    # Only cache if this is the latest version
    cached = cache.get(f"user:{user_id}")
    if cached and cached['version'] >= new_version:
        return  # Cached version is newer, don't overwrite
    
    data['version'] = new_version
    cache.set(f"user:{user_id}", serialize(data), ex=300)

def populate_cache(user_id):
    user = db.get_user(user_id)
    
    # Check-and-set: only write if no newer version exists
    cached = cache.get(f"user:{user_id}")
    if cached and cached['version'] >= user['version']:
        return  # Already have newer version
    
    cache.set(f"user:{user_id}", serialize(user), ex=300)

Solution 3: Delayed Invalidation

Invalidate twice with a delay to catch late writes:

def update_user(user_id, data):
    db.update_user(user_id, data)
    
    # Immediate invalidation
    cache.delete(f"user:{user_id}")
    
    # Delayed second invalidation (catches late writes)
    delayed_queue.enqueue_in(1.0, "invalidate_cache", f"user:{user_id}")

This catches the race condition where a stale read was in-flight during the update. The second invalidation clears the stale data written by the late process.

Read-your-writes consistency ensures that after a user makes a change, they immediately see that change reflected—even if other users might see stale data briefly.

Why It Matters

Without read-your-writes:

1. User updates profile name from "Bob" to "Robert"
2. Server responds "Update successful"
3. User refreshes profile page
4. Page shows "Bob" (cached value)
5. User confused: "My update didn't work!"

Even though the update succeeded, the user experience is broken.

Implementation Strategies

Strategy 1: Write-Through to Cache

After updating the database, immediately update the cache:

def update_profile(user_id, data):
    db.update_user(user_id, data)
    cache.set(f"user:{user_id}", serialize(data), ex=300)
    return data  # Return fresh data to client

Subsequent reads (from any replica) will get the fresh data.

Strategy 2: Session-Scoped Cache Bypass

Mark the user's session as having made recent writes:

def update_profile(user_id, data):
    db.update_user(user_id, data)
    cache.delete(f"user:{user_id}")
    
    # Mark session as having fresh data
    session['cache_bypass_until'] = time.time() + 5  # 5 second window

def get_profile(user_id):
    # Check if we should bypass cache
    if session.get('cache_bypass_until', 0) > time.time():
        return db.get_user(user_id)  # Skip cache, read from DB
    
    return cached_get_user(user_id)  # Normal cache-aside

Strategy 3: Client-Side Optimistic Updates

The client immediately displays the new value without waiting for server confirmation:

// Frontend code
async function updateUserName(newName) {
  // Immediately update UI (optimistic)
  setUserName(newName);
  
  try {
    await api.updateProfile({ name: newName });
  } catch (error) {
    // Revert on failure
    setUserName(previousName);
    showError("Update failed");
  }
}

The client displays the update immediately. If the server request fails, it reverts. This provides instant feedback without server-side changes.

Strategy 4: Return Fresh Data in Write Response

The write operation returns the fresh data, which the client uses:

# Server
@app.put("/users/{user_id}")
def update_user(user_id, data):
    updated_user = db.update_user(user_id, data)
    cache.delete(f"user:{user_id}")
    return updated_user  # Client has fresh data without another request

Real systems often have multiple caching layers, each with its own consistency characteristics:

• Browser cache: HTTP Cache-Control headers
• CDN cache: Edge caching for static and dynamic content
• Application cache: Redis/Memcached
• Database query cache: Built-in query result caching
• ORM cache: Hydrated object caching

The Coordination Challenge

When data changes, all layers need updating:

Data Update
    ↓
[Database] → Updated
    ↓
[App Cache] → Invalidated
    ↓
[CDN Cache] → Needs purge
    ↓
[Browser Cache] → Stale until TTL

Each layer has different invalidation mechanisms and latencies.

CDN Invalidation Strategies

Versioned URLs:

Include version in URL—changing version = new cache entry:

<link rel="stylesheet" href="/styles.css?v=1.2.3">
<script src="/app.js?v=abc123"></script>

Surrogate Keys (Cache Tags):

Tag cached responses with identifiers for bulk invalidation:

Surrogate-Key: user-42 profile-page-v1

When user 42's data changes:

curl -X PURGE https://cdn.example.com/ -H "Surrogate-Key: user-42"

Short TTL + Stale-While-Revalidate:

Cache-Control: max-age=60, stale-while-revalidate=300

Return stale content while fetching fresh content in background.

You can't fix consistency problems you can't see. Proactive monitoring helps detect and quantify inconsistency.

Metrics to Track

Active Consistency Checking

Shadow Reads:

Periodically read from both cache and database, compare:

async def shadow_consistency_check(key):
    """Compare cache and database values for a key."""
    cached_value = await cache.get(key)
    db_value = await db.get(key)
    
    if cached_value is None:
        metrics.increment("consistency.cache_miss")
        return
    
    if cached_value == db_value:
        metrics.increment("consistency.match")
    else:
        metrics.increment("consistency.mismatch")
        log.warning(f"Consistency mismatch for {key}", 
                    cached=cached_value, db=db_value)

Sampling:

You can't check every key. Sample a representative subset:

if random.random() < 0.01:  # 1% sample
    background_task.run(shadow_consistency_check, key)

Debugging Consistency Issues

When consistency problems are reported:

1. Identify the scope: Single key? Pattern? All keys?
2. Check timing: When did write occur? When was stale read?
3. Trace the flow: Was invalidation sent? Received? Applied?
4. Check replication: Is the read hitting a stale replica?
5. Review recent changes: New code? New cache config?

Useful Debug Information:

• Timestamp of cache entry (when was it written?)
• Version number if using versioning
• Source of the cache population (which service instance?)
• Invalidation event logs with timestamps

Cache consistency is an ongoing challenge, not a solved problem. Understanding the sources of inconsistency and applying appropriate strategies enables you to build systems that meet your specific requirements without over-engineering.