var configuration = new ConfigurationBuilder()
  .SetBasePath(AppContext.BaseDirectory)
  .AddJsonFile("appsettings.json", optional: true, reloadOnChange: false)
  .AddEnvironmentVariables(prefix: "RELIABILITY_")
  .Build();

var config = AppConfig.Load(configuration);
config.Validate();

{
  "App": {
    "RateLimitRequestsPerSecond": 8,
    "QueueCapacity": 24,
    "WorkerCount": 3,
    "EndToEndTimeoutMs": 30000,
    "AttemptTimeoutMs": 9000,
    "MaxAttemptsPerModel": 1,
    "CircuitBreakerFailureThreshold": 2,
    "CircuitBreakerOpenSeconds": 15,
    "LoadTotalRequests": 30,
    "LoadConcurrentClients": 4,
    "LoadBurstMode": false
  }
}

if (AttemptTimeoutMs > EndToEndTimeoutMs)
{
  throw new InvalidOperationException("App:AttemptTimeoutMs must be less than or equal to App:EndToEndTimeoutMs.");
}

public bool TryAcquire(DateTimeOffset nowUtc)
{
  lock (_gate)
  {
      if (_windowStartUtc == DateTimeOffset.MinValue)
      {
          _windowStartUtc = nowUtc;
      }

      if ((nowUtc - _windowStartUtc) >= _window)
      {
          _windowStartUtc = nowUtc;
          _requestCount = 0;
      }

      if (_requestCount >= _maxRequestsPerWindow)
      {
          return false;
      }

      _requestCount++;
      return true;
  }
}

_channel = Channel.CreateBounded<QueuedRequest>(new BoundedChannelOptions(config.QueueCapacity)
{
  FullMode = BoundedChannelFullMode.DropWrite,
  SingleReader = false,
  SingleWriter = false
});

if (!_rateLimiter.TryAcquire(DateTimeOffset.UtcNow))
{
  _metrics.RecordRateLimited();
  return InferenceResponse.FailureResponse(
      requestId: request.RequestId,
      outcome: RequestOutcome.RateLimited,
      responseText: "Rate limit exceeded. Retry shortly.",
      latencyMs: 0,
      modelAttempts: 0,
      detail: "rate-limited");
}

var depth = Interlocked.Increment(ref _queueDepth);
if (!_channel.Writer.TryWrite(queued))
{
  Interlocked.Decrement(ref _queueDepth);
  _metrics.RecordQueueRejected();

  return InferenceResponse.FailureResponse(
      requestId: request.RequestId,
      outcome: RequestOutcome.QueueRejected,
      responseText: "Queue is saturated. Retry shortly.",
      latencyMs: 0,
      modelAttempts: 0,
      detail: "queue-rejected");
}

var deadline = request.Deadline <= TimeSpan.Zero
  ? TimeSpan.FromMilliseconds(_config.EndToEndTimeoutMs)
  : request.Deadline;
deadlineCts.CancelAfter(deadline);

var remainingBudget = deadline - sw.Elapsed;
var attemptTimeout = remainingBudget < _attemptTimeout ? remainingBudget : _attemptTimeout;

if (!breaker.CanExecute(DateTimeOffset.UtcNow, out var breakerReason))
{
  attemptTrace.Add($"{model}:skip({breakerReason})");
  _metrics.RecordCircuitOpenSkip(model);
  continue;
}

public bool CanExecute(DateTimeOffset nowUtc, out string reason)
{
  lock (_gate)
  {
      if (_state == CircuitState.Open)
      {
          var elapsed = nowUtc - _openedAtUtc;
          if (elapsed < _openDuration)
          {
              reason = "circuit-open";
              return false;
          }

          _state = CircuitState.HalfOpen;
          _halfOpenProbeReserved = false;
      }

      if (_state == CircuitState.HalfOpen)
      {
          if (_halfOpenProbeReserved)
          {
              reason = "half-open-probe-in-flight";
              return false;
          }

          _halfOpenProbeReserved = true;
          reason = "half-open-probe";
          return true;
      }

      reason = "closed";
      return true;
  }
}

for (var modelIndex = 0; modelIndex < _modelChain.Count; modelIndex++)
{
  var model = _modelChain[modelIndex];

  for (var attempt = 1; attempt <= _retryPolicy.MaxAttempts; attempt++)
  {
      var text = await modelClient.CompleteAsync(
          systemPrompt,
          request.Prompt,
          attemptTimeout,
          requestToken);

      return InferenceResponse.SuccessResponse(
          requestId: request.RequestId,
          responseText: text,
          modelUsed: model,
          modelAttempts: attemptsMade,
          fallbackDepth: modelIndex,
          latencyMs: sw.Elapsed.TotalMilliseconds,
          detail: string.Join(" | ", attemptTrace));
  }
}

public async Task<string> CompleteAsync(
  string systemPrompt,
  string userPrompt,
  TimeSpan timeout,
  CancellationToken cancellationToken)
{
  using var timeoutCts = CancellationTokenSource.CreateLinkedTokenSource(cancellationToken);
  timeoutCts.CancelAfter(timeout);

  var request = new ChatRequest
  {
      Model = ModelName,
      Messages =
      [
          new Message(ChatRole.System, systemPrompt),
          new Message(ChatRole.User, userPrompt)
      ]
  };

  var builder = new StringBuilder(capacity: 512);
  await foreach (var chunk in _client.ChatAsync(request, timeoutCts.Token))
  {
      if (chunk?.Message?.Content is { Length: > 0 } text)
      {
          builder.Append(text);
      }
  }

  return builder.ToString().Trim();
}

var samples = _latencySamples.ToArray();
Array.Sort(samples);

var avg = samples.Length == 0 ? 0 : samples.Average();
var p50 = Percentile(samples, 0.50);
var p95 = Percentile(samples, 0.95);

var errorRate = completed == 0 ? 0 : (double)(failed + timedOut) / completed;
var timeoutRate = completed == 0 ? 0 : (double)timedOut / completed;
var fallbackRate = succeeded == 0 ? 0 : (double)Volatile.Read(ref _fallbackServed) / succeeded;

Console.WriteLine($"Latency(ms): avg={snapshot.AverageLatencyMs:F1} p50={snapshot.P50LatencyMs:F1} p95={snapshot.P95LatencyMs:F1}");
Console.WriteLine($"Rates: error={snapshot.ErrorRate:P1} timeout={snapshot.TimeoutRate:P1} fallback={snapshot.FallbackRate:P1}");
Console.WriteLine($"Queue: current={snapshot.CurrentQueueDepth} peak={snapshot.PeakQueueDepth} saturation={snapshot.QueueSaturation:P1}");

Load summary:
- Total: 30
- Success: 30
- Failed: 0
- Timed out: 0
- Rate limited: 0
- Queue rejected: 0
- Canceled: 0
- Avg latency (served): 11964.0 ms
- P95 latency (served): 22886.2 ms

Final metrics snapshot:
Requests: recv=30 enq=30 done=30 ok=30 fail=0 timeout=0
Rates: error=0.0% timeout=0.0% fallback=33.3%
Model attempts=40 | circuit-open-skips=3
llama3.2:3b    attempts=27    ok=20    fail=7     timeout=7     skip=3
mistral:7b     attempts=10    ok=7     fail=3     timeout=3     skip=0
phi3:mini      attempts=3     ok=3     fail=0     timeout=0     skip=0