System Design Learning Hub

E-commerce Checkout

Designing a resilient checkout pipeline: cart, pricing, inventory, payments, and orders.

Gateway + Orchestrator + Payments + Inventory + Orders with events

Requirements

  • Cart and promo codes; taxes and shipping
  • Atomic order placement with payment authorization/capture
  • Inventory reservation and decrement

Non-functional Requirements

  • High availability: 99.9%+ during peak sales
  • Idempotency for checkout retries
  • Observability for payment/inventory failures

High-Level Design

  • Checkout orchestrator drives the saga across services
  • Payment authorization before order confirmation; capture on shipment
  • Inventory reservation with timeouts; eventual consistency to stock

Capacity & Sizing

  • Peak TPS during sales events; orchestrator horizontal scale
  • Reservation TTL sizing vs available inventory
  • Ledger/event storage growth from orders and payments

Key Components

  • Checkout Orchestrator (saga), Payment adapter(s)
  • Inventory reservation and stock service
  • Order service and events outbox

Data Model

Orders, items, payments, and inventory reservations

  • orders (order_id PK, user_id, status, total, currency, created_at)
  • order_items (order_id, sku, qty, price)
  • payments (payment_id PK, order_id, provider, status, auth_id, amount)
  • inventory_reservations (reservation_id PK, sku, qty, expires_at, order_id)

APIs

  • Add to cart: POST /api/cart/items with body { sku, qty }
  • Checkout: POST /api/checkout with body { cartId, paymentMethod, address }
  • Order by id: GET /api/orders/:id

Hot Path

  1. Validate cart → reserve inventory → authorize payment
  2. Create order → emit events → finalize reservations

Checkout Flow

  1. Validate cart, promotions, taxes, and shipping
  2. Reserve inventory per SKU with expiry
  3. Authorize payment with idempotency key
  4. Create order; emit events; release or adjust reservations on failure

Scaling

  • Shard orders by order_id prefix; scale orchestrators horizontally
  • Use queues for retries and outbox pattern for event delivery
  • Rate limit external providers; circuit breakers and fallbacks

Caching & TTL

  • Cache product/pricing lookups; invalidate on catalog changes
  • Short TTL caches for tax/shipping quotes

Failure Modes & Mitigations

  • Payment timeout → retry with idempotency; mark pending
  • Inventory race → conditional updates and reservations with TTL
  • Partial failures → saga compensation (refund/cancel)

Observability

  • Track auth/capture success rates, fraud flags, and stockouts
  • Trace across orchestrator, payment, and inventory services