jcardena.com Blog The cost of skipping the boring work: a confession
145 posts
EN ES

The cost of skipping the boring work: a confession

AI

A personal confession about skipping foundational data engineering work and the catastrophic, silent failure it caused. The lesson: the boring work is the bedrock of any reliable data or AI system.

The pressure was on. We had a demo for a new predictive model, and the data pipeline feeding it was mostly done. The core logic worked like a charm on clean inputs. We were behind schedule, and the temptation to declare victory was overwhelming. All that was left was the unsexy plumbing: meticulous logging, idempotent retry logic, a dead-letter queue for malformed records.

I made the call to cut the corner. "We'll add the gold-plating in phase two," I told the team, and myself. We shipped it. For a few weeks, we felt like heroes. Then the calls began.

The Seduction of the Happy Path

Every engineer knows the allure of the happy path. It's the clean flow where every API responds, every record conforms to the schema, and every transformation executes perfectly. The system I'm confessing to was a classic example: an event-driven pipeline to ingest user activity, enrich it, and aggregate it into features for an ML model.

The architecture was sound on paper, but it only accounted for success. It was a factory designed with no plan for faulty parts or jammed machinery.

Event StreamNaive ProcessingApparent SuccessSilent Data Loss
The Happy Path Illusion We Shipped

The "boring" work we deferred was about what happens when reality intervenes. What if an upstream service changed an enum value? What if a network blip caused a timeout? Our code, in its haste, simply crashed. The message queue, with its default retry policy, would try a few more times and then silently discard the message forever. We were dropping a small but devastating fraction of data on the floor and didn't even have a log to prove it.

Confusing Speed with Unmanaged Risk

The most dangerous failure mode is not a crash; it's silent corruption. Our pipeline appeared to be working. Metrics showed data flowing. But it was a lie of omission. We were processing the vast majority of clean records flawlessly, but the imperfect ones were vanishing into the ether.

In hindsight, the real mistake wasn't the desire for speed. It was failing to treat reliability as a feature to be managed. The team at Google SRE formalized this trade-off with the concept of an Error Budget, a powerful tool for making conscious decisions about risk. We didn't have one. We weren't making a calculated bet; we were just closing our eyes and hoping. By skipping the boring work, we had created a system with no audit trail, no way to debug, and no way to even count what we had lost. We were flying blind.

Paying the Debt, With Crippling Interest

The investigation was a nightmare. The first sign of trouble wasn't in our dashboards, but in the AI model's drifting, nonsensical predictions. It took a frantic, two-week scramble of manually combing through raw upstream logs and writing one-off reconciliation scripts to even identify the problem.

The "phase two" work was now "phase now," performed under the intense pressure of a production fire drill. The final cost was vastly disproportionate. What would have been a few days of calm engineering during the initial build became a multi-engineer emergency that consumed weeks. We had to implement the dead-letter queue, then write complex backfill logic to repair corrupted data. We had to add structured logging, then try to reconstruct what was lost. The trust our stakeholders had in the data was badly damaged and took months to rebuild.

A Better Checklist for Durable Systems

That experience burned a few non-negotiable rules into my brain for any system at the intersection of deterministic data pipelines and agentic AI.

  • Observability is for asking new questions. It's not just logging. When an LLM agent produces a weird result, you need to ask your system, "Show me the exact data lineage and transformation that led to this specific output." If you can't, you don't have a production system.
  • Idempotency is the bedrock of recovery. Any data transformation or agentic task must be safely retryable without creating duplicate state or side effects. This is the only way to automate recovery from the transient failures that are inevitable in distributed systems.
  • Unhappy paths demand a first-class home. A dead-letter queue (DLQ) isn't optional for any asynchronous flow. It's the destination for every record that fails validation or processing. Your DLQ isn't a graveyard; it's an inbox for investigation, replay, and resolution.
  • Document your failure assumptions. Why was this retry count chosen? What upstream data contract is this component dependent on? This "boring" documentation is a lifeline for whoever has to debug the system at 3am—and that person is often your future self.

These practices aren't "gold-plating." They are the foundation. They create the stable, predictable, and observable environment required to safely build and operate the powerful, but often unpredictable, agentic systems of today.

SOURCESUser ApplicationsEvent StreamsBatch FilesINGESTION AND VALIDATIONMessage QueueSchema RegistryDead-Letter QueueData ContractsCOOPERATIVE PROCESSINGDeterministicPipelinesAgentic WorkersSharedObservability BusIdempotent StateStoreSERVING AND CONSUMPTIONFeature StoreAPIs and ServicesML ModelsDashboards
A Resilient Data and AI Architecture

The unglamorous work is what allows for calm confidence. It’s the price of admission for building anything that lasts.

JC
Juan Cardena
Enterprise Architect, Data & AI

Enterprise architect with 25 years across web, software, data, and AI. MIT CDAO ’25. Writing on agentic AI in production.