Concurrency and resilience in AI systems

Param HarrisonParam HarrisonChief mentor
7 min read
AI EngineeringSystem DesignAI EngineeringProduction AI

Share this post

Want to build AI Agent Design Patterns hands-on? Try the AI Agent Design Patterns

What is The challenge?

Your product just hit 1,000 concurrent AI sessions.

  • Some requests hang, others timeout
  • GPU utilization drops even as queues grow
  • Retries multiply and costs spike overnight

Discussion: How do you maintain throughput when both humans and models are unpredictable clients?

What is concurrency in AI systems?

AI workloads are bursty and heterogeneous:

  • Some prompts finish in 0.5s
  • Some generate 5,000 tokens
  • Some make multiple model calls (RAG, agents)

If you don't design for concurrency, your system will degrade under load long before you hit hardware limits.

Example: the "naive" pipeline

flowchart LR
    A[User Request] --> B[Model Call]
    B --> C[Postprocessing]
    C --> D[Response]

If B stalls, everyone waits.

Resilient pipeline with concurrency

flowchart LR
    A[User Request] --> B[Queue]
    B --> C[Worker Pool]
    C --> D[Model Call]
    D --> E[Postprocessing]
    E --> F[Response Stream]

Each worker handles one or more concurrent streams.

Backpressure is handled upstream by the queue, not the model.

2. Queue-centric architecture

Queues are your safety net, they absorb spikes, allow retries, and decouple ingestion from inference.

sequenceDiagram
    participant User
    participant API
    participant Queue
    participant Worker
    participant Model
    
    User->>API: Send Prompt
    API->>Queue: enqueue(task)
    Worker->>Queue: pull(task)
    Worker->>Model: call()
    Model-->>Worker: stream(tokens)
    Worker-->>User: stream via SSE

Challenge: How do you avoid reprocessing a task when a worker crashes mid-generation?

Answer: Use acknowledgements + idempotent checkpoints. Each worker commits progress (token index or chunk hash) before marking done.

How do you design for idempotency?

LLM requests aren't naturally idempotent, generating again may produce a different result.

But you can enforce semantic idempotency:

  • Deterministic inputs (same prompt, temperature=0)
  • Idempotent function-calling (same args → same side effects)
  • Store deduplication keys (request_hash, user_id, timestamp)
flowchart LR
    A[Task Request] -->|hash| B{Seen Before?}
    B -->|Yes| C[Return cached output]
    B -->|No| D[Execute model call]
    D --> E[Store result + hash]

4. Retry logic & circuit breaking

When model APIs or network layers fail, naive retries cause storms. Design layered failure policies:

Level Strategy
Network Exponential backoff (50ms → 5s)
Task queue Dead-letter queue after N retries
Model selection Fallback to smaller/faster model
Chain orchestration Skip optional steps, degrade gracefully 
flowchart LR
    A[Call LLM] -->|Timeout| B[Retry 1]
    B -->|Fails| C[Retry 2]
    C -->|Fails| D[Fallback Model]
    D -->|Fails| E[Error Response + Log]

Challenge: How do you retry without duplicating side effects (e.g., API calls, DB writes)?

Answer: Separate generation (pure) from effects (impure), and replay only the pure layer.

5. Handling model failures mid-stream

Streaming models fail halfway through responses more often than you think.

Mitigation tactics:

  • Emit partial completions with error: true
  • Allow resume-from-token if your model supports incremental decoding
  • Maintain timeout per token, not per request
sequenceDiagram
    participant M as Model
    participant W as Worker
    participant U as User
    
    M-->>W: token1...token500
    M--xW: disconnect
    W-->>U: event: error, partial: true
    W->>M: reconnect(resume=501)

6. Concurrency models for AI systems

A) thread pools

Good for CPU-bound postprocessing or embeddings.

B) async event loop (e.g., asyncio, tokio)

Perfect for streaming IO-heavy tasks like SSE, API chaining.

C) worker queues

Distribute long or GPU-heavy inference to background pools.

flowchart TD
    A[Frontend] -->|enqueue| B[Queue]
    B -->|pull| C[Async Worker]
    C --> D[Model API]

Engineering rule: Each concurrency model should have bounded load. Otherwise, your "infinite concurrency" becomes "infinite memory leak."

How do you design for graceful degradation?

In production, something will fail. The goal isn't to avoid failure, it's to fail predictably.

Strategies:

  • Serve cached answer if live inference fails
  • Fallback to shorter context if prompt too long
  • Switch to smaller model if token budget exceeds threshold
  • Display partial outputs with visual "continuation" state

Example: Anthropic's Claude UI sometimes finishes with "truncated output" instead of erroring, that's graceful degradation.

8. Real-world use case: multi-agent workflow runner

Imagine an AI pipeline that chains multiple agent calls (like planning → retrieval → summarization).

flowchart LR
    A[User Query]
    A --> B[Planner Agent]
    B --> C[Retriever Agent]
    C --> D[Summarizer Agent]
    D --> E[Final Response]

Each step can:

  • Fail
  • Timeout
  • Produce incomplete results

Resilient orchestration = partial success handling + rollback-safe chaining.

Challenge: How do you ensure 1 failed agent doesn't block the rest?

Answer: Isolate steps → run async → reconcile results.

graph TD
    B[Planner] -->|task| C1[Retriever#1]
    B -->|task| C2[Retriever#2]
    B -->|task| C3[Retriever#3]
    C1 & C2 & C3 --> D[Summarizer]

9. Observability for concurrency and failures

Metrics you must track:

  • Queue depth (tasks waiting)
  • Worker utilization
  • Failure rate per model endpoint
  • Average retries per task
  • End-to-end latency percentiles
flowchart TD
    subgraph Monitoring
        A[Workers]
        B[Metrics Pipeline]
        C[Dashboard]
        D[Alerting System]
    end

    A --> B --> C
    B --> D

Discussion Prompt: If your system slows down but CPU/GPU utilization is low, what's your first debugging step?

(Hint: Check queue wait times and async deadlocks.)

10. Core takeaways

Principle Why It Matters
Queues decouple speed Prevent cascading slowdowns
Idempotency is safety Avoid duplication & chaos
Retries ≠ reliability Add backoff, fallback, circuit breaking
Graceful degradation Keeps UX intact under failure
Metrics-first design Observability beats guesswork

A resilient AI system doesn't just scale horizontally, it fails gracefully.

Discussion prompts for engineers

  • What's your retry budget for model calls? (N retries × cost × tokens)
  • How would you design an idempotent AI pipeline with external APIs?
  • What's the best failure you've ever engineered, something that failed elegantly?
  • How would you simulate high-concurrency scenarios in staging without burning tokens?

Takeaway

  • Concurrency in AI systems requires deliberate architecture, queues, workers, and bounded load
  • Resilience comes from idempotency, graceful degradation, and observability
  • Failures are inevitable, design systems that fail predictably and recover gracefully

For more on building production AI systems, check out our AI Bootcamp for Software Engineers.

For a hands-on path through this topic, see AI Agents Fundamentals.

For a deeper hands-on path, see AI Agent Design Patterns.

Key takeaways

  1. The pattern described above addresses a specific production failure mode that naive implementations miss.
  2. Mechanical guardrails beat heroic debugging. Ship the fix that prevents the bug class, not the bug instance.
  3. Measure before and after. If the change is not visible in metrics, it was not worth the complexity.
  4. To see this pattern wired into a full production agent stack, walk through the Build your own coding agent course, or start with the AI Agents Fundamentals primer.

Frequently asked questions

How do you make LLM requests idempotent in production?

LLM requests aren't naturally idempotent because the same prompt generates different outputs. You enforce semantic idempotency by using deterministic inputs (temperature=0), idempotent function-calling (same args always produce same side effects), and deduplication keys that track request_hash + user_id + timestamp. This prevents reprocessing when workers crash mid-generation.

What happens when you retry LLM API calls without exponential backoff?

Naive retries create cascading storms. A single timeout triggers multiple retries, which trigger more timeouts, multiplying API calls and costs. Exponential backoff (50ms to 5s) reduces contention, but you also need circuit breaking to stop bad requests early and fallback policies (switch to smaller model, skip optional steps) to degrade gracefully instead of retrying forever.

Why should AI systems use queues instead of direct synchronous calls?

Queues decouple request ingestion from inference, absorbing traffic spikes without blocking callers. LLM workloads are highly variable: some requests finish in 0.5s, others generate thousands of tokens. Without queues, a single slow request stalls everyone. Queues also enable retries, handle backpressure upstream, and provide a natural place to implement circuit breaking and graceful degradation.

For the full reference, see the Python asyncio documentation.

Share this post

Continue Reading

Query anonymization for RAG bias mitigation

9 min read
LLM Engineering

pip vs uv vs poetry for Python AI services

9 min read
AI Engineering in Practice

Retry patterns for LLM API errors in production

8 min read
AI Engineering in Practice

Weekly Bytes of AI

Technical deep-dives for engineers building production AI systems.

Architecture patterns, system design, cost optimization, and real-world case studies. No fluff, just engineering insights.

Unsubscribe anytime. We respect your inbox.

Ready to go deeper?

Go beyond articles. Build production AI systems with hands-on workshops and our intensive AI Bootcamp.

Explore AI BootcampBrowse Workshops