Hasan,
The "Apply Circuit Breaker" assertion has no separate failure threshold that would apply only after a recovery period ends.
That said, with some creativity you may be able to achieve similar behavior.
For example, setting the sampling window greater than the recovery period effectively causes any failures that haven't expired yet to remain in the count so that it takes fewer failures to trigger a new breaker once the recovery period expires. So a circuit breaker that opens after 10 failures in 10 seconds, but has a recovery period of 7 seconds, would recover while any failures that occurred in the final 3 seconds are still counted. Sadly this would likely not work on a busy service where the threshold was reached in a fraction of the sampling window; if the 10 failures all happened in 2 seconds, then with the settings above the breaker would recover then open again for 7 more seconds because the count would still be 10 in the last 10 seconds.
Sharing the event tracker between multiple circuit breakers with different settings could also achieve what your looking for. For example:
apply circuit breaker (5 failures in 5 seconds, 5 second recovery, trackerId: $<mytracker})
apply circuit breaker ( 7 failures in 10 seconds, 5 second recovery trackerId: $<mytracker})
<routing logic>
Assuming the above circuit breakers share the same event tracker... the outer circuit breaker will stop traffic for 5 seconds after 5 failures, once that 5 seconds passes, the inner breaker will allow two more failures before it will stop traffic.
NOTE: You would want to do some testing because I believe that the inner circuit breaker opening would cause the outer breaker to eventually open as well... potentially extending the recovery period.
I hope this helps.
-------------------------------------------
Original Message:
Sent: Aug 06, 2025 08:08 AM
From: Hasan Akgoz
Subject: Circuit Breaker Half‑Open State Support
Hi community,
I would like to confirm whether Layer7 API Gateway natively supports a full circuit breaker pattern, specifically the Half‑Open state.
As you know, a typical circuit breaker has three states:
- Closed: Requests are forwarded as usual until the failure threshold is reached.
- Open: Requests are blocked for a defined cooldown period.
Half‑Open: a limited number of requests are allowed through to check if the backend has recovered. If successful, the circuit returns to Closed; otherwise, it switches back to Open.
My understanding is that Layer7 provides mechanisms such as timeouts, rate limiting, and error counting, but it doesn't have a native Half‑Open state implementation. Could you please confirm:
- Whether Half‑Open behavior can be configured out‑of‑the‑box.
- If not, what would be the recommended approach to simulate it (e.g., via cluster properties, cache, or custom policy logic)?
- Whether there are any best practices or reference implementations available for this use case.
Thanks for ideas
-------------------------------------------