We do not consider the presence of side effects a barrier to fault tolerance and automated process restarts. We do recognise that it’s easier to reason about restarting remote processes if they’re stateless, and so we provide a wrapper for the ManagedProcess
API that ensures all user defined callbacks are side effect free.
The choice, about whether or not it is safe to restart a process that might produce side effects, is left to the user. The ManagedProcess
API provides explicit support for evaluating user defined callbacks when a process has decided (for some reason) to shut down. We also give the user options about how to initialise and/or re-initialise a process that has been previously terminated.
When it comes to failure recovery, we defer to Erlang’s approach for handling process failures in a generic manner, by drawing on the OTP concept of supervision trees. Erlang’s supervisor module implements a process which supervises other processes called child processes. The supervisor process is responsible for starting, stopping, monitoring and even restarting its child processes. A supervisors children can be either worker processes or supervisors, which allows us to build hierarchical process structures (called supervision trees in Erlang parlance).