Temporal Nexus - Temporal feature

SUPPORT, STABILITY, and DEPENDENCY INFO

Temporal Nexus is available in Public Preview for both Temporal Cloud and self-hosted deployments.

• Temporal Go SDK support for Nexus is available in Public Preview.
• Temporal Java SDK support for Nexus is available in Pre-release.

Nexus allows you to reliably connect your Temporal Applications. It was designed with Durable Execution in mind and enables each team to have their own Namespace for improved modularity, security, troubleshooting, and fault isolation.

Nexus Services can be used within and across Namespaces, which are connected by a global mTLS-secured Envoy mesh in Temporal Cloud. Nexus Operations are arbitrary-duration operations (sync or async) that can be implemented with Temporal primitives, like Workflows, or execute arbitrary code.

Unlike other forms of inter-service communication, Nexus combines a familiar programming model with the resiliency of the Temporal Platform and it's queue-based Worker architecture. The result is an integrated Temporal experience with improved security, observability, and reliability for cross-team, cross-domain, cross-namespace, and multi-region use cases.

Why use Temporal Nexus?

Temporal Nexus provides:

• A fully integrated Temporal SDK experience:
  • Use Nexus Services from a caller Workflow.
  • Run Nexus Services in a Worker, often the same Worker as underlying primitives.
  • Implement long-running asynchronous Nexus Operations as Workflows.
  • Handle low-latency synchronous Nexus Operations with Temporal primitives or arbitrary code.
  • At-least-once execution. Option for at-most-once execution using handler Workflow policy.
• Nexus Endpoints with a queue-based Worker architecture:
  • Connect callers and handlers through Nexus Endpoints, a reverse proxy for Nexus Services.
  • Manage Endpoints in the Temporal Nexus Registry.
  • Use an Nexus Endpoint by name, which routes to an upstream target Namespace and Task Queue.
  • Workers poll an Endpoint's target Task Queue, for automatic load balancing.
• Built-in Temporal Nexus Machinery:
  • Reliable state-machine-based invocation and completion callbacks for Nexus Operations.
  • Atomic handoff from Workflow Event History to Nexus Operation state machines.
  • Automatic retries and circuit breaking.
• Integrated observability:
  • Operation lifecycle and error info in Workflow Event History.
  • Bi-directional linking for end-to-end debugging across Namespaces.
  • Metrics, traces, and logs.
• Improved blast radius isolation:
  • Each team can have its own Namespace.
  • Per-Namespace security & rate limits.
  • Isolate misbehaving Workers.
• Enhanced security and connectivity in Temporal Cloud
  • Built-in access controls. Restrict which callers can use a Nexus Endpoint.
  • Global mTLS-secured Envoy mesh, connecting all Namespaces in an Account.

Should you be using Temporal Nexus?

• Cross-team, cross-domain, and cross-namespace use cases - Nexus is purpose-built to connect Temporal Applications within and across Namespaces. It addresses the limitations of Child Workflows and Activity Wrappers that target a remote Namespace. Nexus has a streamlined Temporal developer experience, reliable execution, and integrated observability.

• Share a subset of a Temporal Application - Abstract and share a subset of an Application as a Nexus Service. Expose Services on a Nexus Endpoint for others to use and secure access with Endpoint access control policies. Nexus Endpoints decouple callers from handlers, so teams can operate more autonomously.

• Design for growth - Temporal Nexus enables a modular application design that can evolve as you grow. Start with Nexus Services in a monolithic Namespace and move Services to separate Namespaces with small configuration changes and no downtime for service consumers.

• Smaller failure domains - When teams operate in the same monolithic Namespace, everything is available to everyone, and mis-behaving workers can trigger rate limits that affect all teams operating in that monolithic Namespace. Nexus enables each team to have their own Namespace for improved security, troubleshooting, and fault isolation.

• Multi-region use cases - Nexus requests in Temporal Cloud are routed across a global mTLS-secured Envoy mesh. Reliable execution is provided with built-in Nexus Machinery and Temporal's queue-based Worker architecture.

Advantages of Temporal Nexus:

• Reliably connect Temporal Applications within and across Namespaces.
• Service contracts suitable for sharing across teams.
• Abstract underlying Temporal primitives, like Workflows – or execute arbitrary code.
• Modular design that streamlines multi-team development.
• Improved security and blast-radius isolation with isolated Namespaces.
• Same queue-based Worker architecture, no bespoke service deployments needed.

Related 📚

• Nexus keynote & demo - Replay video
• Nexus deep dive - Replay video
• Production deployment in Temporal Cloudfeature-guide
• Self-hosted configuration to enable Nexusfeature-guide
• Go SDK Nexus - quick start and code samplefeature-guide
• Java SDK Nexus - quick start and code samplefeature-guide
• Nexusencyclopedia

*The Nexus Registry is Account-scoped in Temporal Cloud and Cluster-scoped in self-hosted deployments.