Skip to main content

Documentation Index

Fetch the complete documentation index at: https://resources.devweekends.com/llms.txt

Use this file to discover all available pages before exploring further.

Overview

Performance optimization is about making systems faster and more efficient. The key is measuring first, then optimizing the right things. Amazon found that every 100ms of added latency cost them 1% in sales. Google discovered that a half-second delay in search results caused a 20% drop in traffic. Performance is not a luxury — it directly impacts revenue, user retention, and operational costs. But the biggest trap in performance work is optimizing the wrong thing. Profile first, optimize second, measure third. Always.

Performance Metrics

Latency

  • Time to complete one request
  • Measure: p50, p95, p99
  • Target: < 200ms for web APIs

Throughput

  • Requests per second (RPS)
  • Transactions per second (TPS)
  • Target: Depends on scale

Availability

  • Uptime percentage
  • 99.9% = 8.76 hours downtime/year
  • 99.99% = 52 minutes/year

Resource Usage

  • CPU, Memory, Disk, Network
  • Cost efficiency
  • Bottleneck identification

Caching Strategies

Cache Levels

┌─────────────────────────────────────────────────────────┐
│                    Client                               │
│  ┌─────────────────────────────────────────────────┐   │
│  │              Browser Cache                      │   │
│  │         (Static assets, API responses)          │   │
│  └─────────────────────────────────────────────────┘   │
└────────────────────────┬────────────────────────────────┘

┌────────────────────────┼────────────────────────────────┐
│                        ▼                                │
│  ┌─────────────────────────────────────────────────┐   │
│  │                   CDN                           │   │
│  │      (Edge caching, global distribution)        │   │
│  └─────────────────────────────────────────────────┘   │
│                        │                                │
│                        ▼                                │
│  ┌─────────────────────────────────────────────────┐   │
│  │            Application Cache                    │   │
│  │         (Redis, Memcached - in-memory)          │   │
│  └─────────────────────────────────────────────────┘   │
│                        │                                │
│                        ▼                                │
│  ┌─────────────────────────────────────────────────┐   │
│  │               Database                          │   │
│  │      (Query cache, buffer pool)                 │   │
│  └─────────────────────────────────────────────────┘   │
└─────────────────────────────────────────────────────────┘

Caching Patterns

Phil Karlton famously said there are only two hard things in computer science: cache invalidation and naming things. The challenge with caching is not adding one — it is keeping the cache consistent with the source of truth. Every caching pattern makes different trade-offs between consistency, complexity, and performance. 
# Cache-Aside (Lazy Loading) -- the most common pattern.
# Application manages the cache explicitly. Simple but the application
# bears full responsibility for cache consistency.
def get_user(user_id):
    # 1. Check cache first -- fast path, ~1ms
    cached = redis.get(f"user:{user_id}")
    if cached:
        return json.loads(cached)  # Cache hit -- serve from memory
    
    # 2. Cache miss -- fetch from DB (~10-100ms)
    user = db.query("SELECT * FROM users WHERE id = ?", user_id)
    
    # 3. Store in cache with TTL for next time.
    # TTL is your safety net: even if invalidation fails, stale data
    # expires automatically. Choose TTL based on acceptable staleness.
    redis.setex(f"user:{user_id}", 3600, json.dumps(user))  # 1 hour TTL
    
    return user

# Write-Through -- update DB and cache atomically.
# Guarantees cache is always fresh for reads, but adds latency to writes
# (must wait for both DB and cache writes before returning).
def update_user(user_id, data):
    # 1. Update database (source of truth)
    db.update("UPDATE users SET ... WHERE id = ?", data, user_id)
    
    # 2. Update cache immediately -- no stale reads after this point
    redis.setex(f"user:{user_id}", 3600, json.dumps(data))

# Cache Invalidation -- delete from cache, let next read repopulate.
# Simpler than write-through; avoids caching data that may never be read again.
def delete_user(user_id):
    db.delete("DELETE FROM users WHERE id = ?", user_id)
    redis.delete(f"user:{user_id}")  # Next read triggers fresh cache-aside load
Practical tip: Prefer cache invalidation (delete) over cache update (overwrite) on writes. If you update the cache and the DB write fails or rolls back, your cache now has data that does not exist in the database — a dangerous inconsistency. Deleting the cache entry and letting the next read repopulate is safer.

Cache Invalidation Strategies

StrategyDescriptionUse When
TTL (Time-to-Live)Auto-expire after timeAcceptable staleness
Event-basedInvalidate on updateReal-time consistency
Version tagsChange key on updateImmutable objects

Database Optimization

Query Optimization

The most impactful performance improvement in most applications is fixing bad queries. A single unoptimized query can consume more resources than the rest of your application combined. The two fundamental rules: let the database use its indexes, and never fetch data you do not need. 
-- ❌ Slow: Full table scan -- YEAR() wraps the column in a function,
-- preventing the database from using an index on created_at.
-- The DB must read EVERY row and compute YEAR() on each one.
SELECT * FROM orders WHERE YEAR(created_at) = 2024;

-- ✅ Fast: Use index-friendly range query -- the database can use a
-- B-tree index on created_at to jump directly to the right range.
-- This can be 1000x faster on large tables.
SELECT * FROM orders 
WHERE created_at >= '2024-01-01' 
  AND created_at < '2025-01-01';

-- ❌ Slow: SELECT * fetches all columns, including that 5MB BLOB
-- column you forgot was there. Wastes network bandwidth and memory.
SELECT * FROM users WHERE id = 1;

-- ✅ Fast: Select only the columns you actually use in your code.
-- Bonus: a covering index can serve this entirely from the index
-- without touching the table at all.
SELECT id, name, email FROM users WHERE id = 1;

-- EXPLAIN ANALYZE is your best friend for query optimization.
-- It shows the actual execution plan AND timing for each step.
-- Look for: Seq Scan (missing index), high row estimates, Sort on disk.
EXPLAIN ANALYZE SELECT * FROM orders WHERE user_id = 123;

Indexing Strategy

-- Single column index
CREATE INDEX idx_users_email ON users(email);

-- Composite index (order matters!)
CREATE INDEX idx_orders_user_status ON orders(user_id, status);
-- This index helps: WHERE user_id = 1 AND status = 'pending'
-- Also helps: WHERE user_id = 1
-- Does NOT help: WHERE status = 'pending'

-- Covering index (includes all needed columns)
CREATE INDEX idx_users_covering ON users(email) INCLUDE (name, created_at);

Connection Pooling

Opening a new database connection involves TCP handshake, TLS negotiation, authentication, and session initialization — typically 20-50ms of pure overhead. For an API handling 1,000 requests per second, that is 20-50 seconds of wasted time every second. A connection pool maintains a set of pre-established connections that are borrowed and returned, reducing connection overhead to near zero. 
# ❌ Bad: New connection per request -- 20-50ms overhead EVERY time.
# At 1,000 RPS, you are spending 20-50 seconds/second just on handshakes.
# Also risks exhausting the database's max_connections limit.
def get_user(user_id):
    conn = psycopg2.connect(...)  # TCP + TLS + auth = ~30ms wasted
    result = conn.execute(query)
    conn.close()                  # Connection discarded, next request starts from scratch
    return result

# ✅ Good: Connection pool -- connections are created once, reused thousands of times.
# Borrowing a connection from the pool takes ~0.1ms instead of ~30ms.
from sqlalchemy import create_engine

engine = create_engine(
    DATABASE_URL,
    pool_size=20,        # Keep 20 connections warm and ready
    max_overflow=10,     # Allow up to 30 total under burst load
    pool_timeout=30      # Wait up to 30s for a connection before raising an error
)

Scaling Strategies

Vertical vs Horizontal Scaling

Vertical Scaling (Scale Up)     Horizontal Scaling (Scale Out)
┌─────────────────────┐         ┌──────┐ ┌──────┐ ┌──────┐
│                     │         │Server│ │Server│ │Server│
│    Bigger Server    │         │  1   │ │  2   │ │  3   │
│                     │         └──────┘ └──────┘ └──────┘
│  More CPU, RAM      │              │       │       │
│                     │              └───────┼───────┘
└─────────────────────┘                      │
                                    ┌────────┴────────┐
                                    │  Load Balancer  │
                                    └─────────────────┘

Load Balancing Algorithms

AlgorithmDescriptionBest For
Round RobinRotate through serversEqual server capacity
Least ConnectionsSend to server with fewest connectionsVariable request duration
IP HashSame client → same serverSession affinity
WeightedDistribute based on capacityMixed server sizes

Database Scaling

                     Read Replicas

    ┌─────────────────────┼─────────────────────┐
    │                     │                     │
    ▼                     ▼                     ▼
┌────────┐          ┌────────┐           ┌────────┐
│Replica │          │Replica │           │Replica │
│   1    │          │   2    │           │   3    │
└────────┘          └────────┘           └────────┘
    ▲                     ▲                     ▲
    │                     │                     │
    └─────────────────────┴─────────────────────┘

                    Replication

                    ┌─────────┐
                    │ Primary │ ◄── All writes
                    │   DB    │
                    └─────────┘

Profiling & Benchmarking

Application Profiling

Profiling is the X-ray machine that reveals where your application actually spends its time. Without profiling, you are guessing — and developers are notoriously bad at guessing bottlenecks. Studies show that engineers correctly identify performance bottlenecks less than 30% of the time without measurement. The function you think is slow is almost never the actual problem. 
# CPU Profiling -- identifies which functions consume the most CPU time.
# cProfile is a deterministic profiler built into Python's standard library.
# Overhead is ~10-20%, so it is usable even in staging environments.
import cProfile
import pstats

def profile_function(func):
    """Wrap any function to see where time is actually spent.
    The output shows: total calls, time per call, cumulative time.
    Sort by 'cumulative' to find the function that is the real bottleneck
    (not the one called most often, but the one where time accumulates)."""
    profiler = cProfile.Profile()
    profiler.enable()
    
    result = func()
    
    profiler.disable()
    stats = pstats.Stats(profiler)
    stats.sort_stats('cumulative')  # Sort by total time spent (including sub-calls)
    stats.print_stats(10)           # Show top 10 slowest -- start here
    
    return result

# Memory Profiling -- essential for long-running services (APIs, workers).
# A function that leaks 1KB per call does not matter if called once,
# but at 1,000 RPS that is 1MB/second -- the service crashes in hours.
from memory_profiler import profile

@profile  # Decorating a function shows line-by-line memory usage
def memory_intensive_function():
    # This shows: Line 1 allocates 38MB, Line 2 allocates 0MB (sum is lazy).
    # Without profiling, you might blame sum() -- the profiler proves otherwise.
    large_list = [i for i in range(1000000)]  # ~38MB for 1M Python ints
    return sum(large_list)

# Production-friendly alternative: py-spy (sampling profiler, near-zero overhead).
# Attach to a running process without restarting it -- invaluable for debugging
# production performance issues in real time.
# Usage: py-spy top --pid 12345          (live top-like view)
# Usage: py-spy record -o profile.svg --pid 12345  (flame graph output)
Practical tip: Use flame graphs (generated by py-spy, async-profiler for Java, or pprof for Go) to visualize where time is spent. The width of each bar represents cumulative time. Wide bars at the top are your bottlenecks. Netflix uses flame graphs as their primary performance debugging tool across thousands of microservices.

Load Testing

# Using locust for load testing
from locust import HttpUser, task, between

class WebsiteUser(HttpUser):
    wait_time = between(1, 5)
    
    @task(3)
    def view_homepage(self):
        self.client.get("/")
    
    @task(1)
    def view_product(self):
        self.client.get("/products/1")
    
    @task(1)
    def create_order(self):
        self.client.post("/orders", json={
            "product_id": 1,
            "quantity": 2
        })

N+1 Query Problem

The single most common performance killer in web applications. It is sneaky because the code looks clean and each individual query is fast — but the total number of queries is proportional to your data set size. With 100 orders, you make 101 queries. With 10,000 orders, you make 10,001 queries. The database is doing 10,000x more work than necessary. 
# ❌ N+1 Problem: 1 query for orders + N queries for users.
# With 1,000 orders, this fires 1,001 database queries!
# Each query is ~5ms, so total = 5 seconds. Unacceptable.
orders = Order.objects.all()  # Query 1: SELECT * FROM orders
for order in orders:
    print(order.user.name)    # Query 2...1001: SELECT * FROM users WHERE id = ?
                              # ORM lazily loads each user on first access

# ✅ Eager Loading: exactly 2 queries total, regardless of N.
# Query 1: SELECT * FROM orders
# Query 2: SELECT * FROM users WHERE id IN (1, 2, 3, ... 1000)
# Total: ~10ms instead of 5 seconds. 500x improvement.
orders = Order.objects.select_related('user').all()
for order in orders:
    print(order.user.name)    # Already loaded -- no additional query

# For many-to-many relationships, use prefetch_related (separate query, joined in Python)
orders = Order.objects.prefetch_related('items').all()
How to detect N+1: Enable query logging in development and watch for repeated similar queries. Django Debug Toolbar, Rails bullet gem, and SQLAlchemy’s echo mode all surface this pattern. In production, look for endpoints where query count scales linearly with response size.

Async Processing

Background Jobs with Celery

The principle is simple: if the user does not need to wait for it, do not make them wait. Sending a confirmation email takes 2 seconds? The user should not stare at a spinner for 2 seconds — save the order, queue the email, and respond immediately. The email gets sent 2 seconds later in the background, and the user never notices. 
from celery import Celery

app = Celery('tasks', broker='redis://localhost:6379')

@app.task
def send_email(user_id, template):
    """Runs in a separate worker process, not in the web request lifecycle.
    If the email service is slow or down, it retries without blocking users."""
    user = get_user(user_id)
    email_service.send(user.email, template)

@app.task
def generate_report(report_id):
    """Reports can take minutes to generate. Running this synchronously
    would tie up a web worker and likely trigger a request timeout."""
    data = fetch_large_dataset()
    report = process_data(data)
    save_report(report_id, report)

# Usage -- the API endpoint responds in ~50ms instead of ~2500ms
# because it offloads slow work to background workers.
@api.post("/orders")
def create_order(order_data):
    order = save_order(order_data)             # ~50ms -- the only synchronous work
    
    # Queue async tasks -- these are added to Redis in ~1ms each
    send_email.delay(order.user_id, "order_confirmation")  # Runs later in background
    generate_report.delay(order.id)                         # Runs later in background
    
    return {"order_id": order.id}  # Return to user immediately
Practical tip: Make background tasks idempotent (safe to retry). Messages can be delivered more than once if a worker crashes mid-processing. If send_email is called twice, the user should not receive two emails. Use deduplication keys or check-before-send logic.

Event-Driven with Message Queues

import aio_pika
import asyncio

async def publish_event(event_type: str, data: dict):
    connection = await aio_pika.connect_robust("amqp://localhost/")
    async with connection:
        channel = await connection.channel()
        await channel.default_exchange.publish(
            aio_pika.Message(body=json.dumps(data).encode()),
            routing_key=event_type,
        )

async def consume_events(queue_name: str, handler):
    connection = await aio_pika.connect_robust("amqp://localhost/")
    async with connection:
        channel = await connection.channel()
        queue = await channel.declare_queue(queue_name)
        async for message in queue:
            async with message.process():
                await handler(json.loads(message.body))

Frontend Performance

Critical Rendering Path

HTML ──► DOM ──┐
              ├──► Render Tree ──► Layout ──► Paint
CSS ──► CSSOM ─┘

Optimization Techniques

<!-- Defer non-critical JavaScript -->
<script src="analytics.js" defer></script>

<!-- Preload critical resources -->
<link rel="preload" href="critical.css" as="style">
<link rel="preload" href="hero-image.webp" as="image">

<!-- Lazy load images -->
<img src="placeholder.jpg" data-src="actual-image.jpg" loading="lazy">

<!-- Use modern image formats -->
<picture>
  <source srcset="image.avif" type="image/avif">
  <source srcset="image.webp" type="image/webp">
  <img src="image.jpg" alt="Description">
</picture>

Bundle Optimization

Every kilobyte of JavaScript you ship must be downloaded, parsed, and executed on the user’s device. On a mid-range Android phone on a 3G connection, 1MB of JavaScript can take 4-5 seconds to process. Bundle optimization directly impacts your Time to Interactive (TTI) metric and user experience. 
// Code splitting -- load heavy components only when the user navigates to them.
// The initial page load ships a smaller bundle, and HeavyComponent is
// fetched on-demand as a separate network request.
const HeavyComponent = lazy(() => import('./HeavyComponent'));

// Tree shaking -- bundlers (webpack, esbuild, Rollup) eliminate unused code,
// but only from ES module imports (import/export), not CommonJS (require).
import { debounce } from 'lodash-es';  // ✅ Tree-shakeable: only debounce ships (~300B)
import _ from 'lodash';                 // ❌ Entire library ships (~72KB gzipped!)

Database Performance

Query Optimization Checklist

IssueSymptomSolution
Missing indexSlow queries, full table scansAdd appropriate index
Too many indexesSlow writesRemove unused indexes
N+1 queriesMany similar queriesUse eager loading/JOINs
SELECT *Fetching unused dataSelect only needed columns
Large result setsHigh memory usagePagination, streaming
Lock contentionTimeouts, deadlocksReduce transaction scope

Slow Query Analysis

Slow query logs are the single most valuable tool for database performance. Enable them from day one, not after you have a performance crisis. Most databases have a built-in slow query log — use it. 
-- PostgreSQL: Enable slow query log -- every query over 1 second gets logged
-- with its execution plan, helping you find the worst offenders.
ALTER SYSTEM SET log_min_duration_statement = 1000;  -- Log queries > 1s

-- EXPLAIN ANALYZE actually executes the query and shows real timing data.
-- BUFFERS shows how much data was read from cache vs disk.
-- This is your X-ray machine for query performance.
EXPLAIN (ANALYZE, BUFFERS, FORMAT TEXT)
SELECT * FROM orders 
WHERE user_id = 123 
ORDER BY created_at DESC 
LIMIT 10;

-- What to look for in the output:
-- - Seq Scan: full table scan -- almost always means a missing index
-- - High "actual time": the wall-clock time for that operation
-- - "Rows Removed by Filter": large number = index is not selective enough
-- - "Sort Method: external merge Disk": data too large for memory sort
-- - "Buffers: shared read": data was NOT in PostgreSQL's cache (cold query)
Practical tip: Run EXPLAIN ANALYZE on every query in your critical path before deploying to production. A query that runs in 5ms on your dev database with 1,000 rows may take 5 seconds on production with 10 million rows. The execution plan will reveal whether it will scale.

Connection Pool Sizing

Getting pool size right is surprisingly important. Too few connections and requests queue up waiting for a connection (increased latency). Too many connections and the database spends more time context-switching between connections than doing useful work (decreased throughput for everyone). PostgreSQL’s official guidance: more connections is NOT always better. 
# Formula from PostgreSQL wiki (originally from Brian Kress at Oracle):
# connections = (core_count * 2) + effective_spindle_count
# For SSD: connections approximately equals (cores * 2) + 1
# A 4-core server with SSD needs roughly 9 connections -- not 100!

from sqlalchemy import create_engine

engine = create_engine(
    DATABASE_URL,
    pool_size=20,           # Warm connections maintained in the pool
    max_overflow=10,        # Burst capacity: up to 30 total under spike load
    pool_timeout=30,        # How long to wait for a connection before error (seconds)
    pool_recycle=1800,      # Close and recreate connections after 30 min (prevents stale)
    pool_pre_ping=True,     # Health-check each connection before use (catches dropped connections)
)
Practical tip: If your application has more pool connections than your database can efficiently handle, use a connection pooler like PgBouncer between your app and PostgreSQL. PgBouncer multiplexes hundreds of application connections through a smaller number of actual database connections.

Application-Level Optimization

Async I/O

The key insight: most web application time is spent WAITING — waiting for database responses, waiting for API calls, waiting for file reads. With synchronous code, each wait blocks the entire thread. With async I/O, the thread does useful work while waiting, dramatically improving throughput. The analogy: a synchronous waiter takes one order, walks to the kitchen, waits for the food, delivers it, then takes the next order. An async waiter takes all orders, sends them to the kitchen at once, and delivers food as it comes out. 
import asyncio
import aiohttp

# ❌ Sequential -- each request waits for the previous one to finish.
# 10 URLs at 200ms each = 2 seconds total. The thread just sits idle
# waiting for each response.
def fetch_all_sequential(urls):
    results = []
    for url in urls:
        response = requests.get(url)    # Block for 200ms
        results.append(response.json())
    return results  # Takes N * avg_response_time = 2 seconds

# ✅ Concurrent -- all requests fire simultaneously, we collect results.
# 10 URLs at 200ms each = ~200ms total (limited by the slowest response).
# 10x speedup with zero additional hardware.
async def fetch_all_concurrent(urls):
    async with aiohttp.ClientSession() as session:
        tasks = [fetch(session, url) for url in urls]
        return await asyncio.gather(*tasks)  # Takes max(response_times) = 200ms

async def fetch(session, url):
    async with session.get(url) as response:
        return await response.json()

Efficient Data Structures

Choosing the right data structure is often a bigger win than any algorithmic optimization. Using a list where you need a set turns an O(1) lookup into an O(n) scan. At 1 million items, that is the difference between 1 microsecond and 1 second. 
# Use appropriate data structures for the access pattern
from collections import deque, defaultdict
from functools import lru_cache

# deque: O(1) append/pop from BOTH ends (list.pop(0) is O(n)!)
# Use for: queues, sliding windows, recent-N buffers
queue = deque(maxlen=1000)  # Bounded -- automatically evicts oldest when full

# defaultdict: eliminates the "check if key exists, then update" pattern.
# Cleaner code AND slightly faster due to fewer dictionary lookups.
counts = defaultdict(int)
for item in items:
    counts[item] += 1  # Auto-initializes missing keys to 0

# lru_cache: automatic memoization -- caches function results by arguments.
# Turns repeated expensive calls into O(1) dictionary lookups.
# Use for: recursive algorithms, expensive API/DB calls with stable inputs.
@lru_cache(maxsize=1000)  # Stores last 1000 unique results, evicts least-recently-used
def expensive_calculation(n):
    return fibonacci(n)   # Only computed once per unique n, then served from cache
Practical tip: Before reaching for complex algorithms, check if switching data structures solves the problem. Replacing if item in my_list (O(n)) with if item in my_set (O(1)) is a one-line change that can eliminate entire performance bottlenecks.

Performance Testing Strategy

Types of Tests

Test TypePurposeTools
Load TestingNormal expected loadLocust, k6, JMeter
Stress TestingBeyond normal capacitySame tools, higher load
Spike TestingSudden traffic spikesSimulate flash sales
Soak TestingExtended period (memory leaks)Run for hours/days
Breakpoint TestingFind system limitsGradually increase load

Key Metrics to Track

# Response time percentiles
p50 = 100ms   # Median - most users
p95 = 500ms   # 95% of requests faster than this
p99 = 1000ms  # Tail latency - worst 1%

# Throughput
rps = 10000   # Requests per second

# Error rate
error_rate = errors / total_requests  # Should be < 1%

# Saturation
cpu_usage = 70%      # Alert at 80%
memory_usage = 60%   # Alert at 75%

Optimization Checklist

1

Measure First

Never optimize without data. Profile your application, identify bottlenecks using APM tools (New Relic, Datadog, Jaeger).
2

Cache Aggressively

Add caching at every level - browser, CDN, application, database. Use cache-aside pattern with appropriate TTLs.
3

Optimize Queries

Use EXPLAIN ANALYZE, add proper indexes, avoid N+1 queries, use connection pooling.
4

Use Async

Don’t block on I/O. Use async/await, message queues, background jobs for long-running tasks.
5

Optimize Frontend

Minimize bundle size, lazy load, use CDN, optimize images, implement proper caching headers.
6

Scale Appropriately

Start with vertical scaling (simpler), move to horizontal when needed. Use auto-scaling.

Quick Reference

Latency Targets

OperationGoodAcceptablePoor
Page load< 1s< 3s> 5s
API response< 100ms< 500ms> 1s
Database query< 10ms< 100ms> 500ms
Cache lookup< 1ms< 10ms> 50ms

Capacity Planning Formula

Required Capacity = (Peak RPS × Avg Response Time) / Utilization Target

Example:
- Peak: 10,000 RPS
- Avg response: 100ms
- Target utilization: 70%

Capacity = (10000 × 0.1) / 0.7 = 1,429 concurrent connections needed
Remember: “Premature optimization is the root of all evil” — Donald Knuth. But read the full quote: “We should forget about small efficiencies, say about 97% of the time: premature optimization is the root of all evil. Yet we should not pass up our opportunities in that critical 3%.” The wisdom is not “never optimize” — it is “optimize the right 3%, and identify it through measurement, not guesswork.”
Common Mistake: Optimizing based on assumptions. The code you think is slow is rarely the actual bottleneck. Always profile first, optimize the actual hot paths, and verify improvements with benchmarks. A common trap: spending a week optimizing an algorithm from O(n log n) to O(n) when the real bottleneck is an unindexed database query that takes 1000x longer than the algorithm.

Interview Deep-Dive

Strong Answer:
  • The divergence between p50 and p99 is the key signal. If p50 is fine, the system works well for most requests. But 1 in 100 requests is 10x slower. This pattern points to a specific subset of requests hitting a slow path — not a systemic degradation.
  • Common causes of p99 spikes with stable p50: (1) Garbage collection pauses — GC in Java or Go can introduce 100-500ms pauses that only affect requests unlucky enough to coincide with a GC cycle. Check GC logs for stop-the-world pause frequency and duration. (2) Database query plan regression — a small percentage of queries may be hitting a full table scan due to parameter sniffing or stale statistics, while most queries use the index correctly. Check PostgreSQL’s pg_stat_statements for queries with high variance in execution time. (3) Downstream service timeouts — if your service calls an external API that is intermittently slow, the p99 reflects those timeout cases. Check distributed traces for spans with high p99. (4) Connection pool exhaustion — under peak load, some requests wait for a database connection while the pool is fully utilized. The pool_timeout setting determines how long they wait. (5) Lock contention — if a subset of requests compete for the same rows (hot keys), they serialize through the lock.
  • My investigation steps: Pull p99 traces from Jaeger or Datadog and examine 10-20 slow requests. Find the common thread — is it always the same endpoint, the same database query, the same downstream service, or the same time of day? Correlate with deployment history: did p99 start degrading after a specific release? Check if the data set grew significantly (more rows, larger payloads) over the past month.
  • The gradual degradation over a month is a strong signal of data growth. A query that was fast on 1 million rows may hit a tipping point at 10 million rows where the query planner switches from an index scan to a sequential scan because the index is no longer selective enough.
Follow-up: You discover the p99 issue is caused by the database. 1% of queries are scanning a partition with 50 million rows while 99% hit a smaller partition with 500K rows. How do you fix this without rewriting the application?This is a classic data skew problem. The immediate fix: create a partial index specifically for the large partition. If the slow queries filter on WHERE tenant_id = 'large_customer', create CREATE INDEX idx_large_tenant ON orders(created_at) WHERE tenant_id = 'large_customer'. This targets the exact queries causing the p99 spike without adding index overhead to the other 99% of writes. For a longer-term fix, implement table partitioning: split the orders table by tenant_id (list partitioning) or by date range (range partitioning). The large customer’s data lives in its own partition, which the planner handles independently. Partition pruning ensures queries that do not touch the large partition never even look at it. If partitioning is too invasive, consider a materialized view for the common query patterns on the large partition — precompute the expensive aggregation and refresh it on a schedule.
Strong Answer:
  • Cache invalidation is hard because you are maintaining two copies of truth (cache and database) and they can diverge in subtle ways. The three main strategies are: (1) TTL-based — set an expiration time, accept that data may be stale for up to that duration. Simple, reliable, but you cannot control when updates become visible. (2) Event-based — invalidate the cache whenever the source data changes. Low staleness, but you need a reliable event delivery mechanism and must handle race conditions. (3) Write-through — update cache and database together on every write. Cache is always fresh for reads, but adds latency to writes.
  • A well-known production incident: Facebook’s Memcache thundering herd. When a cached value expires, thousands of concurrent requests simultaneously discover the cache miss and all hit the database to repopulate it. The database, expecting to handle 10 requests per second for that key, suddenly gets 10,000 simultaneous queries for the same data. This can cascade into a database overload. Facebook solved this with lease-based locking: when a cache miss occurs, the first request gets a “lease” (a lock) to fetch from the database. All other requests wait briefly for that first request to populate the cache, then read from cache. Only one database query executes instead of 10,000.
  • Another common failure mode: race conditions during cache invalidation. Request A reads value X from the database. Between the read and the cache write, Request B updates X to Y in the database and invalidates the cache. Request A then writes the stale value X into the cache. The cache now contains X while the database contains Y, and it stays wrong until TTL expires. Prevention: use cache-aside with delete-on-write (not update-on-write) — the next read after the delete will fetch fresh data.
  • My practical guideline: always set a TTL even on event-invalidated caches. The TTL is your safety net — if the invalidation event is lost (network partition, message queue issue), stale data eventually expires rather than living in cache forever. I have seen systems where a failed invalidation event caused a cache to serve stale data for weeks because there was no TTL.
Follow-up: You are caching user profiles with a 1-hour TTL. A user updates their display name and immediately refreshes the page but sees the old name. How do you solve this without removing the cache?This is a read-your-writes consistency problem. Several solutions without removing caching: (1) After the update, invalidate the cache entry for that specific user. The next read triggers a cache miss and fetches fresh data. Cost: one extra database read, which is acceptable since profile updates are infrequent. (2) Write-through on update: when the user updates their profile, update both the database and the cache atomically. The cache is immediately fresh for the next read. (3) Client-side optimistic update: the frontend immediately shows the new name from the form submission data, without waiting for a round-trip to the backend. Even if the backend read hits a stale cache, the user sees the correct name in their UI. (4) Read-after-write routing: for a short window after a write (say 5 seconds), route that user’s reads to the primary database bypassing the cache entirely. This is the pattern DynamoDB uses for strongly consistent reads. I prefer option 1 (invalidate on write) for most cases because it is simple, reliable, and handles the common case without adding complexity.
Strong Answer:
  • Vertical scaling means adding more CPU, RAM, or faster disks to a single server. Horizontal scaling means adding more servers and distributing the load. The decision is not ideology — it is engineering economics driven by the specific workload.
  • Vertical scaling advantages: simplicity. No distributed systems complexity — no network partitions, no data synchronization, no load balancer configuration, no distributed debugging. Your existing code works unchanged. A single modern server with 128 cores, 1TB RAM, and NVMe SSDs can handle an enormous amount of work. Stack Overflow serves 1.3 billion page views per month from just 9 web servers and 4 SQL servers because they optimized vertically first.
  • Vertical scaling breaks down when: (1) You hit the hardware ceiling — there is a maximum server size available from cloud providers (e.g., AWS’s x1e.32xlarge with 128 vCPUs and 4TB RAM). If your workload exceeds that, you must go horizontal. (2) You need fault tolerance — a single server is a single point of failure. If it dies, everything is down. (3) Your workload is embarrassingly parallel (web requests, map-reduce) and scales linearly with more nodes.
  • Horizontal scaling advantages: near-infinite theoretical capacity (add more nodes), fault tolerance (lose one node, others continue), and geographic distribution (servers in multiple regions for lower latency).
  • Horizontal scaling breaks down when: (1) Your workload requires strong consistency across nodes — distributed consensus (Raft, Paxos) adds latency and complexity. (2) The coordination overhead exceeds the benefit — 100 servers each running at 5% utilization is more expensive and harder to manage than 5 servers at 100%. (3) Your data has hot spots that cannot be sharded evenly — one shard gets 80% of traffic while others sit idle.
  • My decision framework: start vertical (simpler, cheaper, faster to implement). Add monitoring. When monitoring shows you are approaching the limits of the current server (CPU > 80% sustained, or memory is fully utilized), evaluate whether the next size up is cost-effective. When vertical scaling becomes more expensive than horizontal (usually around the 4-8 core range for compute-bound, or 64-128GB for memory-bound), or when you need fault tolerance, transition to horizontal.
Follow-up: You have horizontally scaled your stateless web tier to 10 instances behind a load balancer. But your single PostgreSQL database is now the bottleneck. What are your options?This is the classic “your database does not scale horizontally” problem. Options in order of complexity: (1) Read replicas — if your workload is 90% reads (common for most web apps), add 2-3 read replicas and route read queries to them. Writes still go to the primary. This can give you 3-4x read throughput with minimal application changes. (2) Connection pooling with PgBouncer between app and database — many applications exhaust the database’s max_connections before the database CPU or I/O is saturated. PgBouncer multiplexes hundreds of application connections through fewer database connections. (3) Query optimization and caching — often the database is not genuinely overloaded; it is doing unnecessary work. Add Redis caching for hot queries, fix N+1 problems, add missing indexes. This can give you 10-100x improvement. (4) Vertical scaling of the database — a larger RDS instance (32 cores, 256GB RAM) with provisioned IOPS. Databases benefit enormously from vertical scaling because more RAM means larger buffer cache means fewer disk reads. (5) Sharding — split data across multiple database instances by a shard key (tenant_id, user_id). This is the nuclear option: it gives you near-linear horizontal scaling but adds enormous application complexity (cross-shard queries, distributed transactions, rebalancing). Only pursue this after exhausting options 1-4. Companies like Instagram ran a single PostgreSQL instance until they reached 30 million users.
Strong Answer:
  • First, I need to confirm it is actually an N+1 problem. I would enable query logging (Django Debug Toolbar, Rails bullet gem, or SQLAlchemy’s echo=True) and look at the API endpoint’s query log. The signature of N+1 is unmistakable: one initial query (SELECT * FROM orders WHERE user_id = 123) followed by hundreds of nearly identical queries (SELECT * FROM users WHERE id = 1, SELECT * FROM users WHERE id = 2, … repeated for every order). If I see 501 queries for an endpoint that returns 500 orders, that is the problem.
  • The root cause is the ORM’s lazy loading behavior. When you access order.user.name, the ORM fires a separate query to load the user for that specific order. This is fine for a single order, but in a loop over 500 orders, you get 500 individual queries instead of one batch query.
  • The fix depends on the relationship type. For a foreign key relationship (order belongs_to user): use eager loading with a JOIN. In Django: Order.objects.select_related('user') generates SELECT orders.*, users.* FROM orders JOIN users ON orders.user_id = users.id. One query instead of 501. In SQLAlchemy: query.options(joinedload(Order.user)). In Rails: Order.includes(:user).
  • For a many-to-many relationship (order has_many items): use prefetch loading, which fires two queries instead of N+1. In Django: Order.objects.prefetch_related('items') generates SELECT * FROM orders plus SELECT * FROM order_items WHERE order_id IN (1, 2, ..., 500). Two queries total.
  • The performance impact is dramatic. 500 individual queries at 5ms each = 2.5 seconds of database time. One query with a JOIN = 10-20ms. That is a 100-200x improvement from a one-line ORM change.
  • Prevention: I would add a development-time N+1 detector. Django’s nplusone package, Rails’ bullet gem, or SQLAlchemy’s event listeners can raise warnings or errors when N+1 patterns are detected during development and testing, preventing them from reaching production.
Follow-up: You fix the N+1 with eager loading, but now the single JOIN query returns a huge result set because each order has 20 items. The response payload is 50MB. What do you do?This is the “eager loading causes a Cartesian explosion” problem. If 500 orders each have 20 items and you use a JOIN, the result set is 10,000 rows with duplicated order data in every row. Three solutions: (1) Use subquery loading (prefetch) instead of JOIN loading. This fires 2 queries (one for orders, one for items filtered by the order IDs) and assembles them in application memory. No Cartesian explosion. (2) Implement pagination — do not return 500 orders at once. Return 20 per page with cursor-based pagination. Now even the worst case is 20 orders with 20 items each = 400 rows, which is manageable. (3) Use a GraphQL-style approach where the client specifies which fields it needs. If the client only needs order ID and total (not the full item list), do not load items at all. The key principle: solve the N+1 problem with the lightest-weight loading strategy that fits your data shape, not by always reaching for JOINs.