npm - @umacloud/knowledge - Versions diffs - 1.0.1 - Mend

@umacloud/knowledge 1.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (418) hide show

package/00-governance/governance-capabilities.md +557 -0
package/00-governance/knowledge-map.md +39 -0
package/00-governance/maintenance-policy.md +76 -0
package/00-governance/review-checklist.md +81 -0
package/README.md +13 -0
package/ai/01-standards/agent-development-complete.md +691 -0
package/ai/01-standards/llm-application-complete.md +488 -0
package/ai/01-standards/mlops-complete.md +798 -0
package/ai/01-standards/prompt-engineering-complete.md +646 -0
package/ai/01-standards/rag-architecture-complete.md +649 -0
package/ai/02-playbooks/llm-evaluation-playbook.md +847 -0
package/ai/03-checklists/ai-project-checklist.md +215 -0
package/ai/04-antipatterns/ai-antipatterns.md +661 -0
package/ai/05-cases/case-rag-production.md +147 -0
package/ai/06-glossary/ai-glossary.md +162 -0
package/ai/agent-evaluation-benchmark.md +53 -0
package/ai/ai-agent-memory-context-management.md +41 -0
package/ai/ai-cost-capacity-optimization-playbook.md +42 -0
package/ai/ai-data-security-and-compliance-playbook.md +37 -0
package/ai/ai-domain-index-and-checklist.md +40 -0
package/ai/ai-governance-maturity-model.md +50 -0
package/ai/ai-model-selection-and-routing-strategy.md +47 -0
package/ai/ai-observability-and-oncall-runbook.md +52 -0
package/ai/ai-rag-engineering-playbook.md +42 -0
package/ai/ai-red-team-and-safety-evaluation.md +42 -0
package/ai/ai-release-readiness-and-rollback-gate.md +42 -0
package/ai/llm-agent-engineering-deep-dive.md +57 -0
package/ai/prompt-and-tool-guardrails.md +52 -0
package/api/01-standards/enterprise-api-standards.md +198 -0
package/api/01-standards/rest-api-design-guide.md +63 -0
package/api/02-playbooks/api-pagination-playbook.md +93 -0
package/api/02-playbooks/graphql-production-playbook.md +176 -0
package/api/03-checklists/api-review-checklist.md +55 -0
package/api/04-antipatterns/api-antipatterns.md +112 -0
package/architecture/01-standards/api-gateway-patterns.md +496 -0
package/architecture/01-standards/cloud-native-patterns.md +644 -0
package/architecture/01-standards/distributed-systems-patterns.md +591 -0
package/architecture/01-standards/event-driven-architecture.md +595 -0
package/architecture/01-standards/microservices-patterns-complete.md +968 -0
package/architecture/01-standards/microservices-patterns.md +495 -0
package/architecture/01-standards/system-design-interview.md +664 -0
package/architecture/02-playbooks/microservices-patterns-playbook.md +137 -0
package/architecture/02-playbooks/migration-playbook.md +780 -0
package/architecture/02-playbooks/system-design-playbook.md +779 -0
package/architecture/03-checklists/architecture-decision-checklist.md +297 -0
package/architecture/04-antipatterns/architecture-antipatterns.md +417 -0
package/architecture/05-cases/case-netflix-microservices.md +413 -0
package/architecture/06-glossary/architecture-glossary.md +164 -0
package/architecture/adr-template-and-examples.md +38 -0
package/architecture/api-gateway-deep-dive.md +1291 -0
package/architecture/configuration-management.md +1162 -0
package/architecture/distributed-transactions.md +1220 -0
package/architecture/microservices-complete.md +735 -0
package/architecture/resilience-and-disaster-patterns.md +37 -0
package/architecture/service-governance.md +1198 -0
package/architecture/system-architecture-deep-dive.md +37 -0
package/backend/01-standards/analytics-and-growth.md +65 -0
package/backend/01-standards/api-and-error-conventions.md +120 -0
package/backend/01-standards/application-layering-and-packaging.md +160 -0
package/backend/01-standards/auth-implementation.md +104 -0
package/backend/01-standards/backend-framework-idioms.md +74 -0
package/backend/01-standards/background-jobs-and-async.md +66 -0
package/backend/01-standards/caching-strategies-complete.md +390 -0
package/backend/01-standards/config-and-observability.md +77 -0
package/backend/01-standards/data-modeling-and-persistence.md +94 -0
package/backend/01-standards/django-complete.md +1765 -0
package/backend/01-standards/email-and-notifications.md +64 -0
package/backend/01-standards/fastapi-complete.md +925 -0
package/backend/01-standards/file-upload-and-storage.md +66 -0
package/backend/01-standards/graphql-api-complete.md +416 -0
package/backend/01-standards/llm-application-standard.md +78 -0
package/backend/01-standards/message-queue-patterns.md +379 -0
package/backend/01-standards/microservices-and-distributed.md +78 -0
package/backend/01-standards/nestjs-complete.md +2167 -0
package/backend/01-standards/payment-integration.md +80 -0
package/backend/01-standards/rate-limiting-complete.md +451 -0
package/backend/01-standards/realtime-and-websocket.md +65 -0
package/backend/01-standards/search-and-filtering.md +64 -0
package/backend/01-standards/spring-boot-complete.md +445 -0
package/backend/02-playbooks/api-design-playbook.md +718 -0
package/backend/02-playbooks/email-send-playbook.md +130 -0
package/backend/02-playbooks/file-upload-s3-playbook.md +153 -0
package/backend/02-playbooks/typescript-enterprise-playbook.md +133 -0
package/backend/02-playbooks/websocket-realtime-playbook.md +154 -0
package/backend/03-checklists/api-launch-checklist.md +189 -0
package/backend/04-antipatterns/backend-antipatterns.md +1051 -0
package/blockchain/01-standards/blockchain-basics.md +557 -0
package/blockchain/01-standards/smart-contract-development.md +1315 -0
package/cicd/01-standards/deployment-and-delivery-standard.md +96 -0
package/cicd/01-standards/github-actions-complete.md +473 -0
package/cicd/01-standards/release-and-store-submission.md +75 -0
package/cicd/02-playbooks/cicd-pipeline-playbook.md +144 -0
package/cicd/02-playbooks/release-management-playbook.md +605 -0
package/cicd/03-checklists/pipeline-security-checklist.md +168 -0
package/cicd/04-antipatterns/cicd-antipatterns.md +589 -0
package/cicd/05-cases/case-deployment-automation.md +221 -0
package/cicd/05-cases/case-gitops-transformation.md +212 -0
package/cicd/06-glossary/cicd-glossary.md +114 -0
package/cicd/cicd-blueprint-deep-dive.md +38 -0
package/cicd/release-readiness-gate.md +37 -0
package/cloud-native/01-standards/container-security.md +741 -0
package/cloud-native/01-standards/kubernetes-complete.md +812 -0
package/cloud-native/02-playbooks/api-gateway-playbook.md +155 -0
package/cloud-native/02-playbooks/gitops-with-argocd.md +760 -0
package/cloud-native/02-playbooks/k8s-troubleshooting-playbook.md +1942 -0
package/cloud-native/02-playbooks/message-queue-playbook.md +129 -0
package/cloud-native/02-playbooks/multicloud-governance.md +726 -0
package/cloud-native/02-playbooks/serverless-patterns.md +788 -0
package/cloud-native/02-playbooks/service-mesh-playbook.md +612 -0
package/cloud-native/02-playbooks/terraform-iac-playbook.md +143 -0
package/cloud-native/03-checklists/container-security-checklist.md +431 -0
package/cloud-native/03-checklists/k8s-production-readiness-checklist.md +460 -0
package/cloud-native/04-antipatterns/container-antipatterns.md +660 -0
package/cloud-native/04-antipatterns/k8s-antipatterns.md +743 -0
package/cloud-native/05-cases/case-k8s-migration.md +478 -0
package/cloud-native/05-cases/case-k8s-scaling.md +642 -0
package/cloud-native/05-cases/case-k8s-security-incident.md +397 -0
package/cloud-native/06-glossary/cloud-native-glossary.md +337 -0
package/cross-platform/01-standards/cross-platform-frameworks.md +83 -0
package/cross-platform/01-standards/platform-selection-and-architecture.md +77 -0
package/data/01-standards/elasticsearch-complete.md +2098 -0
package/data/01-standards/postgresql-complete.md +1613 -0
package/data/01-standards/redis-complete.md +1527 -0
package/data/02-playbooks/database-optimization-playbook.md +403 -0
package/data/02-playbooks/elasticsearch-production-playbook.md +132 -0
package/data/03-checklists/database-launch-checklist.md +187 -0
package/data/04-antipatterns/database-antipatterns.md +873 -0
package/data/05-cases/case-database-migration.md +310 -0
package/data/06-glossary/database-glossary.md +440 -0
package/data/data-governance-and-modeling-deep-dive.md +39 -0
package/data-engineering/01-standards/airflow-complete.md +523 -0
package/data-engineering/01-standards/kafka-complete.md +1521 -0
package/data-engineering/02-playbooks/spark-etl-playbook.md +496 -0
package/data-engineering/03-checklists/pipeline-launch-checklist.md +194 -0
package/data-engineering/04-antipatterns/data-pipeline-antipatterns.md +684 -0
package/data-engineering/05-cases/case-real-time-pipeline.md +355 -0
package/data-engineering/06-glossary/data-engineering-glossary.md +429 -0
package/database/01-standards/database-schema-standards.md +147 -0
package/database/02-playbooks/postgresql-optimization-quick.md +52 -0
package/database/02-playbooks/postgresql-performance-optimization.md +58 -0
package/database/02-playbooks/postgresql-production-playbook.md +146 -0
package/database/02-playbooks/redis-caching-playbook.md +117 -0
package/database/03-checklists/database-review-checklist.md +50 -0
package/database/04-antipatterns/database-antipatterns.md +112 -0
package/design/01-standards/ui-design-system-complete.md +423 -0
package/design/02-playbooks/design-handoff-playbook.md +254 -0
package/design/02-playbooks/design-review-playbook.md +388 -0
package/design/03-checklists/design-review-checklist.md +246 -0
package/design/04-antipatterns/design-antipatterns.md +378 -0
package/design/05-cases/case-design-system-adoption.md +328 -0
package/design/06-glossary/design-glossary.md +329 -0
package/design/ui-full-lifecycle-cross-platform-playbook.md +571 -0
package/design/ux-system-deep-dive.md +38 -0
package/design-systems/00-craft-rules.md +71 -0
package/design-systems/aesthetic-families.md +43 -0
package/design-systems/anti-ai-slop.md +162 -0
package/design-systems/bold-geometric.md +120 -0
package/design-systems/brutalist-bold.md +103 -0
package/design-systems/editorial-clean.md +109 -0
package/design-systems/glass-aurora.md +108 -0
package/design-systems/modern-minimal.md +145 -0
package/design-systems/premium-luxury.md +106 -0
package/design-systems/product-type-design-map.md +48 -0
package/design-systems/soft-warm.md +123 -0
package/design-systems/tech-utility.md +113 -0
package/desktop/01-standards/desktop-app-standard.md +72 -0
package/desktop/01-standards/desktop-design.md +71 -0
package/development/00-governance/document-template.md +41 -0
package/development/01-standards/api-versioning-strategies.md +432 -0
package/development/01-standards/authentication-patterns-complete.md +479 -0
package/development/01-standards/css-architecture-complete.md +550 -0
package/development/01-standards/database-migration-strategies.md +484 -0
package/development/01-standards/elasticsearch-complete.md +347 -0
package/development/01-standards/git-complete.md +371 -0
package/development/01-standards/golang-complete.md +1565 -0
package/development/01-standards/graphql-complete.md +298 -0
package/development/01-standards/javascript-bundlers-complete.md +469 -0
package/development/01-standards/javascript-typescript-complete.md +528 -0
package/development/01-standards/jest-complete.md +275 -0
package/development/01-standards/linux-complete.md +234 -0
package/development/01-standards/logging-observability-complete.md +526 -0
package/development/01-standards/microservices-communication.md +502 -0
package/development/01-standards/mongodb-complete.md +406 -0
package/development/01-standards/oauth2-complete.md +285 -0
package/development/01-standards/performance-optimization-complete.md +289 -0
package/development/01-standards/playwright-complete.md +247 -0
package/development/01-standards/postgresql-complete.md +456 -0
package/development/01-standards/pytest-complete.md +340 -0
package/development/01-standards/python-async-programming.md +902 -0
package/development/01-standards/python-complete.md +956 -0
package/development/01-standards/python-decorators-complete.md +799 -0
package/development/01-standards/python-design-patterns.md +2854 -0
package/development/01-standards/python-packaging-distribution.md +420 -0
package/development/01-standards/python-testing-strategies.md +607 -0
package/development/01-standards/python-web-frameworks-comparison.md +471 -0
package/development/01-standards/redis-complete.md +317 -0
package/development/01-standards/rest-api-complete.md +316 -0
package/development/01-standards/rust-complete.md +578 -0
package/development/01-standards/typescript-advanced-types.md +1513 -0
package/development/01-standards/web-security-complete.md +292 -0
package/development/02-playbooks/api-design-playbook.md +810 -0
package/development/02-playbooks/database-migration-playbook.md +580 -0
package/development/02-playbooks/debugging-playbook.md +692 -0
package/development/02-playbooks/feature-delivery-playbook.md +430 -0
package/development/02-playbooks/incident-hotfix-playbook.md +387 -0
package/development/02-playbooks/performance-optimization-playbook.md +531 -0
package/development/02-playbooks/performance-tuning-playbook.md +652 -0
package/development/02-playbooks/refactor-playbook.md +403 -0
package/development/02-playbooks/release-playbook.md +469 -0
package/development/03-checklists/architecture-review-checklist.md +168 -0
package/development/03-checklists/data-migration-checklist.md +157 -0
package/development/03-checklists/oncall-handover-checklist.md +173 -0
package/development/03-checklists/pr-checklist.md +158 -0
package/development/03-checklists/production-readiness-checklist.md +190 -0
package/development/03-checklists/release-readiness-checklist.md +154 -0
package/development/03-checklists/security-review-checklist.md +182 -0
package/development/04-antipatterns/api-antipatterns.md +657 -0
package/development/04-antipatterns/architecture-antipatterns.md +686 -0
package/development/04-antipatterns/backend-antipatterns.md +648 -0
package/development/04-antipatterns/cicd-antipatterns.md +540 -0
package/development/04-antipatterns/code-smell-antipatterns.md +571 -0
package/development/04-antipatterns/data-antipatterns.md +658 -0
package/development/04-antipatterns/database-antipatterns.md +578 -0
package/development/04-antipatterns/frontend-antipatterns.md +635 -0
package/development/04-antipatterns/reliability-antipatterns.md +700 -0
package/development/04-antipatterns/security-antipatterns.md +747 -0
package/development/05-cases/case-api-version-migration.md +428 -0
package/development/05-cases/case-authorization-hardening.md +383 -0
package/development/05-cases/case-bluegreen-rollback.md +466 -0
package/development/05-cases/case-cache-snowball-protection.md +485 -0
package/development/05-cases/case-ci-cd-pipeline.md +544 -0
package/development/05-cases/case-database-scaling.md +500 -0
package/development/05-cases/case-db-hotspot-optimization.md +487 -0
package/development/05-cases/case-incident-mttr-reduction.md +563 -0
package/development/05-cases/case-microservice-migration.md +375 -0
package/development/05-cases/case-performance-optimization.md +406 -0
package/development/05-cases/case-security-incident-response.md +345 -0
package/development/06-glossary/full-stack-glossary.md +166 -0
package/development/09-maturity/quarterly-audit-template.md +35 -0
package/development/11-ui-excellence/ui-aesthetic-system.md +41 -0
package/development/11-ui-excellence/ui-engineering-excellence.md +435 -0
package/development/12-scenarios/development-scenarios-guide.md +565 -0
package/development/13-implementation-assets/implementation-toolkit.md +282 -0
package/development/13-implementation-assets/knowledge-gates-execution.md +43 -0
package/development/14-full-lifecycle/software-lifecycle-gates.md +511 -0
package/development/15-lifecycle-templates/project-templates-collection.md +791 -0
package/development/api-contract-and-versioning-guide.md +36 -0
package/development/api-governance-complete.md +43 -0
package/development/backend-engineering-complete.md +43 -0
package/development/code-review-quality-complete.md +43 -0
package/development/concurrency-reliability-complete.md +43 -0
package/development/database-engineering-complete.md +43 -0
package/development/engineering-effectiveness-complete.md +43 -0
package/development/engineering-standards-deep-dive.md +38 -0
package/development/frontend-engineering-complete.md +43 -0
package/development/performance-capacity-complete.md +43 -0
package/development/refactor-migration-complete.md +42 -0
package/development/refactoring-and-techdebt-playbook.md +37 -0
package/development/security-in-development-complete.md +43 -0
package/devops/01-standards/cicd-pipeline-complete.md +262 -0
package/devops/01-standards/docker-complete.md +1490 -0
package/devops/01-standards/github-actions-complete.md +337 -0
package/devops/01-standards/kubernetes-complete.md +638 -0
package/devops/01-standards/terraform-complete.md +2117 -0
package/devops/02-playbooks/docker-compose-playbook.md +233 -0
package/devops/02-playbooks/docker-k8s-production-playbook.md +186 -0
package/devops/02-playbooks/docker-production-playbook.md +952 -0
package/edge-iot/01-standards/edge-iot-complete.md +473 -0
package/experts/architect/api-design.md +178 -0
package/experts/architect/methodology.md +124 -0
package/experts/architect/security.md +75 -0
package/experts/backend-lead/methodology.md +216 -0
package/experts/devops/methodology.md +160 -0
package/experts/frontend-lead/methodology.md +178 -0
package/experts/product-manager/industry/ecommerce.md +43 -0
package/experts/product-manager/industry/saas.md +40 -0
package/experts/product-manager/methodology.md +97 -0
package/experts/qa-lead/methodology.md +123 -0
package/experts/qa-lead/test-strategy.md +128 -0
package/experts/uiux-designer/methodology.md +125 -0
package/frontend/01-standards/accessibility-complete.md +532 -0
package/frontend/01-standards/accessibility-standard.md +74 -0
package/frontend/01-standards/admin-dashboard-and-crud.md +72 -0
package/frontend/01-standards/design-tokens-complete.md +444 -0
package/frontend/01-standards/forms-and-validation.md +77 -0
package/frontend/01-standards/frontend-architecture-and-layering.md +119 -0
package/frontend/01-standards/i18n-and-localization.md +65 -0
package/frontend/01-standards/nextjs-complete.md +451 -0
package/frontend/01-standards/react-complete.md +713 -0
package/frontend/01-standards/react-hooks-complete-guide.md +1100 -0
package/frontend/01-standards/react-hooks-complete.md +1171 -0
package/frontend/01-standards/seo-and-web-vitals.md +77 -0
package/frontend/01-standards/state-management-complete.md +444 -0
package/frontend/01-standards/vue-complete.md +499 -0
package/frontend/01-standards/vue3-complete.md +2002 -0
package/frontend/01-standards/web-framework-best-practices.md +64 -0
package/frontend/01-standards/web-performance-complete.md +495 -0
package/frontend/02-playbooks/accessibility-a11y-playbook.md +161 -0
package/frontend/02-playbooks/frontend-performance-playbook.md +707 -0
package/frontend/02-playbooks/i18n-internationalization-playbook.md +120 -0
package/frontend/02-playbooks/performance-optimization-playbook.md +163 -0
package/frontend/02-playbooks/react-nextjs-production-playbook.md +167 -0
package/frontend/02-playbooks/react-state-management-playbook.md +173 -0
package/frontend/03-checklists/component-quality-checklist.md +166 -0
package/frontend/03-checklists/frontend-launch-checklist.md +299 -0
package/frontend/04-antipatterns/frontend-antipatterns.md +886 -0
package/frontend/05-cases/case-performance-optimization.md +274 -0
package/harmony/01-standards/harmonyos-arkts-standard.md +75 -0
package/harmony/01-standards/harmonyos-design.md +65 -0
package/high-quality-engineering-playbook.md +54 -0
package/incident/01-standards/incident-response-complete.md +303 -0
package/incident/02-playbooks/chaos-engineering-playbook.md +883 -0
package/incident/02-playbooks/postmortem-playbook.md +398 -0
package/incident/03-checklists/incident-readiness-checklist.md +181 -0
package/incident/04-antipatterns/incident-antipatterns.md +490 -0
package/incident/05-cases/case-cascade-failure.md +176 -0
package/incident/06-glossary/incident-glossary.md +114 -0
package/incident/postmortem-and-response-deep-dive.md +39 -0
package/industries/ecommerce/ecommerce-complete.md +631 -0
package/industries/education/education-complete.md +555 -0
package/industries/fintech/fintech-complete.md +501 -0
package/industries/gaming/gaming-complete.md +587 -0
package/industries/healthcare/healthcare-complete.md +452 -0
package/low-code/01-standards/low-code-complete.md +944 -0
package/miniprogram/01-standards/ai-common-mistakes.md +61 -0
package/miniprogram/01-standards/miniprogram-custom-navbar-capsule.md +77 -0
package/miniprogram/01-standards/miniprogram-design.md +61 -0
package/miniprogram/01-standards/miniprogram-standard.md +81 -0
package/mobile/01-standards/android-material-design.md +70 -0
package/mobile/01-standards/flutter-complete.md +384 -0
package/mobile/01-standards/ios-design-hig.md +78 -0
package/mobile/01-standards/mobile-app-standard.md +85 -0
package/mobile/01-standards/react-native-complete.md +352 -0
package/mobile/02-playbooks/mobile-cross-platform-playbook.md +175 -0
package/mobile/02-playbooks/mobile-performance.md +473 -0
package/mobile/03-checklists/mobile-release-checklist.md +234 -0
package/mobile/04-antipatterns/mobile-antipatterns.md +798 -0
package/mobile/05-cases/case-app-performance.md +500 -0
package/mobile/05-cases/case-app-startup-optimization.md +218 -0
package/mobile/06-glossary/mobile-glossary.md +484 -0
package/observability/01-standards/observability-standards.md +103 -0
package/observability/02-playbooks/prometheus-grafana-playbook.md +135 -0
package/observability/02-playbooks/structured-logging-playbook.md +73 -0
package/observability/03-checklists/observability-checklist.md +54 -0
package/observability/04-antipatterns/observability-antipatterns.md +106 -0
package/operations/01-standards/prometheus-monitoring-complete.md +1578 -0
package/operations/02-playbooks/capacity-planning-playbook.md +620 -0
package/operations/03-checklists/production-launch-checklist.md +365 -0
package/operations/04-antipatterns/operations-antipatterns.md +664 -0
package/operations/05-cases/case-sre-practices.md +581 -0
package/operations/06-glossary/operations-glossary.md +120 -0
package/operations/aiops-anomaly-detection.md +758 -0
package/operations/capacity-planning.md +1061 -0
package/operations/chaos-engineering.md +659 -0
package/operations/incident-command-system.md +38 -0
package/operations/observability-complete.md +442 -0
package/operations/slo-sli-playbook.md +517 -0
package/operations/sre-operations-deep-dive.md +39 -0
package/package.json +8 -0
package/performance/01-standards/performance-and-scalability.md +80 -0
package/performance/01-standards/performance-standards.md +156 -0
package/performance/02-playbooks/query-optimization-playbook.md +103 -0
package/performance/03-checklists/performance-checklist.md +56 -0
package/performance/04-antipatterns/performance-antipatterns.md +146 -0
package/product/01-standards/product-management-complete.md +285 -0
package/product/02-playbooks/feature-launch-playbook.md +207 -0
package/product/02-playbooks/user-research-playbook.md +532 -0
package/product/03-checklists/feature-launch-checklist.md +275 -0
package/product/04-antipatterns/product-antipatterns.md +355 -0
package/product/05-cases/case-mvp-to-scale.md +384 -0
package/product/06-glossary/product-glossary.md +462 -0
package/product/feature-prioritization-framework.md +40 -0
package/product/kpi-and-metric-tree.md +37 -0
package/product/product-discovery-and-prd-deep-dive.md +41 -0
package/quantum/01-standards/quantum-complete.md +1186 -0
package/security/01-standards/api-security-complete.md +511 -0
package/security/01-standards/container-runtime-security.md +574 -0
package/security/01-standards/data-protection-gdpr.md +543 -0
package/security/01-standards/owasp-top10-complete.md +1890 -0
package/security/01-standards/secure-coding-baseline.md +90 -0
package/security/01-standards/supply-chain-security.md +441 -0
package/security/01-standards/web-security-checklist.md +108 -0
package/security/01-standards/zero-trust-architecture.md +521 -0
package/security/02-playbooks/auth-sso-playbook.md +166 -0
package/security/02-playbooks/incident-response-security-playbook.md +588 -0
package/security/02-playbooks/owasp-api-security-playbook.md +129 -0
package/security/02-playbooks/payment-integration-playbook.md +119 -0
package/security/02-playbooks/penetration-testing-playbook.md +517 -0
package/security/03-checklists/security-audit-checklist.md +356 -0
package/security/04-antipatterns/security-coding-antipatterns.md +580 -0
package/security/05-cases/case-log4shell-incident.md +537 -0
package/security/05-cases/case-major-breaches.md +468 -0
package/security/06-glossary/security-glossary.md +212 -0
package/security/compliance-automation.md +993 -0
package/security/container-security.md +680 -0
package/security/devsecops-complete.md +426 -0
package/security/sast-dast-sca.md +775 -0
package/security/secrets-management.md +594 -0
package/security/security-architecture-deep-dive.md +37 -0
package/security/threat-modeling-stride-playbook.md +40 -0
package/seed-templates/auth-system.md +59 -0
package/seed-templates/blog-content.md +94 -0
package/seed-templates/dashboard.md +89 -0
package/seed-templates/docs-site.md +73 -0
package/seed-templates/e-commerce.md +50 -0
package/seed-templates/saas-landing.md +92 -0
package/seed-templates/settings-page.md +51 -0
package/testing/01-standards/test-strategy-and-layering.md +83 -0
package/testing/01-standards/testing-strategy-complete.md +422 -0
package/testing/01-standards/unit-testing-best-practices.md +118 -0
package/testing/02-playbooks/e2e-testing-playbook.md +988 -0
package/testing/02-playbooks/testing-strategy-playbook.md +126 -0
package/testing/03-checklists/test-strategy-checklist.md +208 -0
package/testing/04-antipatterns/testing-antipatterns.md +718 -0
package/testing/05-cases/case-testing-transformation.md +300 -0
package/testing/06-glossary/testing-glossary.md +110 -0
package/testing/risk-based-test-matrix.md +36 -0
package/testing/testing-strategy-deep-dive.md +37 -0

package/architecture/service-governance.md ADDED Viewed

@@ -0,0 +1,1198 @@
+---
+id: service-governance
+title: 服务治理完全指南
+domain: architecture
+category: service-governance.md
+difficulty: intermediate
+tags: [architecture, governance, service, 服务注册与发现, 核心能力, 概述, 熔断与降级, 负载均衡]
+quality_score: 70
+last_updated: 2026-06-15
+---
+# 服务治理完全指南
+## 概述
+服务治理是一套用于管理微服务架构中服务间交互的方法论和技术体系。它涵盖服务注册发现、负载均衡、流量控制、熔断降级、服务容错、服务监控等各个方面,确保微服务系统的稳定性、可靠性和高性能。
+## 核心能力
+### 1. 服务生命周期管理
+- 服务注册与发现
+- 服务上下线管理
+- 服务健康检查
+### 2. 流量治理
+- 负载均衡
+- 流量分配
+- 灰度发布
+- 流量镜像
+### 3. 可靠性保障
+- 熔断降级
+- 限流控制
+- 超时控制
+- 重试机制
+### 4. 安全治理
+- 认证授权
+- 访问控制
+- 通信加密
+- 审计日志
+### 5. 可观测性
+- 指标监控
+- 日志采集
+- 分布式追踪
+- 服务依赖分析
+## 服务注册与发现
+### 核心概念
+```
+服务提供者(Provider): 提供服务的应用
+服务消费者(Consumer): 调用服务的应用
+服务注册中心(Registry): 存储服务实例信息
+```
+### 注册中心对比
+#### Consul
+```
+架构:
+- Server节点(Raft协议)
+- Client节点
+- Agent(每个节点运行)
+特性:
+- 服务发现
+- 健康检查
+- KV存储
+- 多数据中心
+- DNS/HTTP接口
+优点:
+- 功能全面
+- 支持多语言
+- 配置中心集成
+缺点:
+- 需要部署Agent
+- 运维复杂度
+适用场景:
+- 异构技术栈
+- 多数据中心
+- 配置管理需求
+```
+#### Nacos
+```
+架构:
+- Nacos Server(集群)
+- Nacos Client
+- 数据存储(MySQL/嵌入式)
+特性:
+- 服务发现
+- 配置管理
+- 动态DNS
+- 服务元数据管理
+优点:
+- 阿里开源,生产验证
+- Spring Cloud Alibaba集成
+- 中文文档完善
+- 简单易用
+缺点:
+- 社区生态相对较小
+- 性能不如Consul
+适用场景:
+- Spring Cloud生态
+- 国内环境
+- 中小型系统
+```
+#### Eureka
+```
+架构:
+- Eureka Server(集群)
+- Eureka Client
+- AP架构
+特性:
+- 服务注册发现
+- 自我保护模式
+- 区域感知
+优点:
+- Spring Cloud原生支持
+- 高可用设计
+- 简单易用
+缺点:
+- 已进入维护模式
+- 功能单一
+- 性能一般
+适用场景:
+- Spring Cloud Netflix生态
+- 已有Eureka系统
+```
+#### ZooKeeper
+```
+架构:
+- Leader节点
+- Follower节点
+- Observer节点
+- CP架构
+特性:
+- 服务注册
+- 配置管理
+- 分布式锁
+- Leader选举
+优点:
+- 成熟稳定
+- 强一致性
+- 功能丰富
+缺点:
+- 重,复杂
+- 临时节点会导致注册频繁
+- 运维成本高
+适用场景:
+- Hadoop生态
+- 已有ZK集群
+```
+### 实现示例(Spring Cloud + Nacos)
+#### 服务注册
+```java
+// application.yml
+spring:
+  application:
+    name: order-service
+  cloud:
+    nacos:
+      discovery:
+        server-addr: localhost:8848
+        namespace: dev
+        group: DEFAULT_GROUP
+        metadata:
+          version: 1.0.0
+          region: cn-east-1
+// 启动类
+@SpringBootApplication
+@EnableDiscoveryClient
+public class OrderServiceApplication {
+    public static void main(String[] args) {
+        SpringApplication.run(OrderServiceApplication.class, args);
+    }
+}
+```
+#### 服务发现
+```java
+@Service
+public class OrderService {
+    @Autowired
+    private DiscoveryClient discoveryClient;
+    @Autowired
+    private RestTemplate restTemplate;
+    public List<ServiceInstance> getInventoryServiceInstances() {
+        return discoveryClient.getInstances("inventory-service");
+    }
+    public String callInventoryService() {
+        // 使用负载均衡
+        ServiceInstance instance = loadBalancer.choose("inventory-service");
+        String url = instance.getUri().toString() + "/inventory/check";
+        return restTemplate.getForObject(url, String.class);
+    }
+}
+// 使用Feign(自动集成负载均衡)
+@FeignClient(name = "inventory-service")
+public interface InventoryClient {
+    @GetMapping("/inventory/check")
+    String checkInventory();
+}
+```
+## 负载均衡
+### 负载均衡策略
+#### 轮询(Round Robin)
+```
+特点:
+- 依次分发请求
+- 简单公平
+适用:
+- 服务器性能相近
+- 无状态服务
+```
+#### 加权轮询(Weighted Round Robin)
+```
+特点:
+- 根据权重分配流量
+- 权重高的实例获得更多请求
+适用:
+- 服务器性能不均
+- 灰度发布
+```
+#### 最少连接(Least Connections)
+```
+特点:
+- 选择当前连接数最少的服务器
+- 动态调整
+适用:
+- 长连接场景
+- 请求处理时间差异大
+```
+#### 一致性哈希(Consistent Hash)
+```
+特点:
+- 根据请求特征(如用户ID)哈希
+- 同一特征请求路由到同一服务器
+适用:
+- 有状态服务
+- 缓存场景
+```
+#### 随机(Random)
+```
+特点:
+- 随机选择服务器
+- 简单
+适用:
+- 无特殊要求场景
+```
+### 客户端负载均衡
+#### Spring Cloud LoadBalancer
+```java
+// 配置
+@Configuration
+public class LoadBalancerConfig {
+    @Bean
+    ReactorLoadBalancer<ServiceInstance> randomLoadBalancer(
+            Environment environment,
+            LoadBalancerClientFactory factory) {
+        String serviceId = environment.getProperty(LoadBalancerClientFactory.PROPERTY_NAME);
+        return new RandomLoadBalancer(
+            factory.getLazyProvider(serviceId, ServiceInstanceListSupplier.class),
+            serviceId
+        );
+    }
+}
+// 自定义负载均衡策略
+public class CustomLoadBalancer implements ReactorServiceInstanceLoadBalancer {
+    @Override
+    public Mono<Response<ServiceInstance>> choose(Request request) {
+        ServiceInstanceListSupplier supplier = serviceInstanceListSupplierProvider
+            .getIfAvailable(NoopServiceInstanceListSupplier::new);
+        return supplier.get()
+            .next()
+            .map(instances -> {
+                // 自定义选择逻辑
+                ServiceInstance instance = selectInstance(instances);
+                return new DefaultResponse(instance);
+            });
+    }
+    private ServiceInstance selectInstance(List<ServiceInstance> instances) {
+        // 根据实例权重、响应时间等选择
+        // ...
+    }
+}
+```
+### 服务端负载均衡
+#### Nginx
+```nginx
+upstream backend {
+    # 加权轮询
+    server backend1.example.com weight=5;
+    server backend2.example.com weight=3;
+    server backend3.example.com backup;
+    # 健康检查
+    server backend4.example.com max_fails=3 fail_timeout=30s;
+    # 一致性哈希
+    hash $request_uri consistent;
+}
+server {
+    location / {
+        proxy_pass http://backend;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+    }
+}
+```
+## 熔断与降级
+### 熔断器模式(Circuit Breaker)
+#### 状态机
+```
+关闭状态(Closed):
+- 正常调用
+- 监控失败率
+打开状态(Open):
+- 快速失败,不调用下游
+- 等待超时后进入半开
+半开状态(Half-Open):
+- 允许少量请求
+- 测试下游是否恢复
+- 成功则关闭,失败则打开
+```
+#### 实现示例(Resilience4j)
+```java
+// 配置
+@Bean
+public CircuitBreakerConfig circuitBreakerConfig() {
+    return CircuitBreakerConfig.custom()
+        .failureRateThreshold(50) // 失败率阈值50%
+        .waitDurationInOpenState(Duration.ofMillis(1000)) // 开启状态等待时间
+        .permittedNumberOfCallsInHalfOpenState(2) // 半开状态允许的调用次数
+        .slidingWindowSize(10) // 滑动窗口大小
+        .slidingWindowType(SlidingWindowType.COUNT_BASED)
+        .build();
+}
+// 使用
+@Service
+public class OrderService {
+    private final CircuitBreaker circuitBreaker;
+    public OrderService(CircuitBreakerRegistry registry) {
+        this.circuitBreaker = registry.circuitBreaker("inventoryService");
+    }
+    public InventoryResponse checkInventory(String productId) {
+        return circuitBreaker.executeSupplier(() -> {
+            return inventoryClient.checkInventory(productId);
+        });
+    }
+    // 带降级方法
+    public InventoryResponse checkInventoryWithFallback(String productId) {
+        return circuitBreaker.executeSupplier(
+            () -> inventoryClient.checkInventory(productId),
+            () -> fallbackCheckInventory(productId)
+        );
+    }
+    private InventoryResponse fallbackCheckInventory(String productId) {
+        // 降级逻辑: 返回默认值或从缓存读取
+        return InventoryResponse.defaultResponse();
+    }
+}
+```
+#### 配置详解
+```yaml
+resilience4j:
+  circuitbreaker:
+    configs:
+      default:
+        failureRateThreshold: 50
+        waitDurationInOpenState: 1000
+        slidingWindowSize: 10
+        slidingWindowType: COUNT_BASED
+        permittedNumberOfCallsInHalfOpenState: 2
+        minimumNumberOfCalls: 5
+        recordExceptions:
+          - java.io.IOException
+          - java.net.SocketTimeoutException
+        ignoreExceptions:
+          - com.example.BusinessException
+    instances:
+      inventoryService:
+        baseConfig: default
+        failureRateThreshold: 60
+      paymentService:
+        baseConfig: default
+        waitDurationInOpenState: 5000
+```
+### 降级策略
+#### 返回默认值
+```java
+public Product getProduct(String productId) {
+    return circuitBreaker.executeSupplier(
+        () -> productClient.getProduct(productId),
+        () -> Product.defaultProduct() // 返回默认商品
+    );
+}
+```
+#### 返回缓存数据
+```java
+public Product getProduct(String productId) {
+    return circuitBreaker.executeSupplier(
+        () -> {
+            Product product = productClient.getProduct(productId);
+            cache.put(productId, product);
+            return product;
+        },
+        () -> cache.get(productId) // 降级返回缓存
+    );
+}
+```
+#### 返回空数据
+```java
+public List<Order> getUserOrders(String userId) {
+    return circuitBreaker.executeSupplier(
+        () -> orderClient.getUserOrders(userId),
+        () -> Collections.emptyList() // 降级返回空列表
+    );
+}
+```
+#### 页面降级
+```java
+@Controller
+public class PageController {
+    @GetMapping("/product/{id}")
+    public String getProductPage(@PathVariable String id, Model model) {
+        try {
+            Product product = productService.getProduct(id);
+            model.addAttribute("product", product);
+            return "product-detail";
+        } catch (Exception e) {
+            // 降级到静态页面
+            return "product-unavailable";
+        }
+    }
+}
+```
+## 限流控制
+### 限流算法
+#### 固定窗口计数器(Fixed Window)
+```
+原理:
+- 将时间划分为固定窗口
+- 每个窗口统计请求数
+- 超过阈值则拒绝
+优点:
+- 实现简单
+- 内存占用小
+缺点:
+- 临界时刻可能超限(突刺现象)
+- 不够平滑
+实现:
+if (counter.increment(windowKey) > limit) {
+    reject();
+}
+```
+#### 滑动窗口(Sliding Window)
+```
+原理:
+- 将窗口细分为多个小格
+- 滑动统计最近N个小格
+- 平滑限流
+优点:
+- 平滑限流
+- 避免突刺
+缺点:
+- 实现复杂
+- 内存占用较大
+实现(Redis):
+current_window = timestamp / granularity
+count = sum(redis.get(window_i)) for i in [current_window - window_size, current_window]
+if count > limit:
+    reject()
+```
+#### 令牌桶(Token Bucket)
+```
+原理:
+- 以固定速率生成令牌放入桶
+- 桶有最大容量
+- 请求获取令牌,获取不到则拒绝
+优点:
+- 允许突发流量
+- 平滑限流
+缺点:
+- 需要维护令牌生成
+实现(Guava RateLimiter):
+RateLimiter rateLimiter = RateLimiter.create(100); // 100 QPS
+if (rateLimiter.tryAcquire()) {
+    process();
+} else {
+    reject();
+}
+```
+#### 漏桶(Leaky Bucket)
+```
+原理:
+- 请求进入桶
+- 桶以固定速率流出
+- 桶满则拒绝
+优点:
+- 平滑流量
+- 保护下游
+缺点:
+- 不允许突发流量
+实现:
+if (queue.offer(request)) {
+    // 入队成功
+} else {
+    // 队列满,拒绝
+}
+```
+### 限流实现
+#### 基于Redis + Lua
+```java
+// Lua脚本
+String script =
+    "local key = KEYS[1] " +
+    "local limit = tonumber(ARGV[1]) " +
+    "local window = tonumber(ARGV[2]) " +
+    "local current = redis.call('INCR', key) " +
+    "if current == 1 then " +
+    "    redis.call('EXPIRE', key, window) " +
+    "end " +
+    "return current <= limit";
+// 使用
+public boolean allowRequest(String key, int limit, int window) {
+    DefaultRedisScript<Boolean> redisScript = new DefaultRedisScript<>(script, Boolean.class);
+    return redisTemplate.execute(
+        redisScript,
+        Collections.singletonList(key),
+        String.valueOf(limit),
+        String.valueOf(window)
+    );
+}
+```
+#### Spring Cloud Gateway限流
+```yaml
+spring:
+  cloud:
+    gateway:
+      routes:
+        - id: order-service
+          uri: lb://order-service
+          predicates:
+            - Path=/orders/**
+          filters:
+            - name: RequestRateLimiter
+              args:
+                redis-rate-limiter.replenishRate: 10 # 每秒生成令牌数
+                redis-rate-limiter.burstCapacity: 20 # 桶容量
+                key-resolver: "#{@userKeyResolver}"
+// KeyResolver
+@Bean
+public KeyResolver userKeyResolver() {
+    return exchange -> Mono.just(
+        exchange.getRequest().getHeaders().getFirst("X-User-Id")
+    );
+}
+```
+#### Sentinel限流
+```java
+// 配置
+FlowRule rule = new FlowRule();
+rule.setResource("createOrder");
+rule.setGrade(RuleConstant.FLOW_GRADE_QPS);
+rule.setCount(100); // 100 QPS
+FlowRuleManager.loadRules(Collections.singletonList(rule));
+// 使用
+public Order createOrder(OrderRequest request) {
+    try (Entry entry = SphU.entry("createOrder")) {
+        // 业务逻辑
+        return orderService.create(request);
+    } catch (BlockException e) {
+        // 被限流
+        throw new RateLimitException("请求过于频繁");
+    }
+}
+// 注解方式
+@SentinelResource(value = "createOrder", blockHandler = "handleBlock")
+public Order createOrder(OrderRequest request) {
+    return orderService.create(request);
+}
+public Order handleBlock(OrderRequest request, BlockException e) {
+    // 限流降级逻辑
+    throw new RateLimitException("请求过于频繁");
+}
+```
+### 分布式限流
+#### Redis + Lua实现分布式令牌桶
+```lua
+-- distributed_rate_limiter.lua
+local key = KEYS[1]
+local permits = tonumber(ARGV[1]) -- 请求数量
+local max_burst = tonumber(ARGV[2]) -- 最大突发
+local rate = tonumber(ARGV[3]) -- 速率
+local now = tonumber(ARGV[4])
+local info = redis.call("HMGET", key, "tokens", "last_refill")
+local tokens = tonumber(info[1])
+local last_refill = tonumber(info[2])
+if tokens == nil then
+    tokens = max_burst
+    last_refill = now
+end
+-- 计算新令牌
+local interval = now - last_refill
+local new_tokens = interval * rate
+tokens = math.min(max_burst, tokens + new_tokens)
+-- 检查是否足够
+if tokens < permits then
+    return 0 -- 拒绝
+end
+-- 扣减令牌
+tokens = tokens - permits
+redis.call("HMSET", key, "tokens", tokens, "last_refill", now)
+redis.call("EXPIRE", key, math.ceil(max_burst / rate) + 1)
+return 1 -- 允许
+```
+```java
+public class DistributedRateLimiter {
+    private RedisTemplate<String, String> redisTemplate;
+    private String script;
+    public boolean acquire(String key, int permits, int maxBurst, double rate) {
+        DefaultRedisScript<Long> redisScript = new DefaultRedisScript<>(script, Long.class);
+        Long result = redisTemplate.execute(
+            redisScript,
+            Collections.singletonList(key),
+            String.valueOf(permits),
+            String.valueOf(maxBurst),
+            String.valueOf(rate),
+            String.valueOf(System.currentTimeMillis())
+        );
+        return result != null && result == 1;
+    }
+}
+```
+## 超时控制
+### 超时设置原则
+```
+连接超时(Connection Timeout):
+- 建立连接的超时时间
+- 建议: 1-3秒
+读取超时(Read Timeout):
+- 等待响应的超时时间
+- 建议: 根据业务RT设置,通常3-10秒
+写超时(Write Timeout):
+- 发送数据的超时时间
+- 建议: 1-3秒
+```
+### 实现示例
+#### RestTemplate
+```java
+@Bean
+public RestTemplate restTemplate() {
+    HttpComponentsClientHttpRequestFactory factory =
+        new HttpComponentsClientHttpRequestFactory();
+    factory.setConnectTimeout(3000); // 连接超时3秒
+    factory.setReadTimeout(5000);    // 读取超时5秒
+    return new RestTemplate(factory);
+}
+```
+#### Feign
+```yaml
+feign:
+  client:
+    config:
+      default:
+        connectTimeout: 3000
+        readTimeout: 5000
+      inventory-service:
+        connectTimeout: 2000
+        readTimeout: 3000
+```
+#### OkHttp
+```java
+@Bean
+public OkHttpClient okHttpClient() {
+    return new OkHttpClient.Builder()
+        .connectTimeout(3, TimeUnit.SECONDS)
+        .readTimeout(5, TimeUnit.SECONDS)
+        .writeTimeout(3, TimeUnit.SECONDS)
+        .retryOnConnectionFailure(true)
+        .build();
+}
+```
+## 重试机制
+### 重试策略
+#### 固定间隔重试
+```java
+@Retryable(
+    value = {RemoteServiceException.class},
+    maxAttempts = 3,
+    backoff = @Backoff(delay = 1000) // 固定1秒
+)
+public Product getProduct(String productId) {
+    return productClient.getProduct(productId);
+}
+```
+#### 指数退避重试
+```java
+@Retryable(
+    value = {RemoteServiceException.class},
+    maxAttempts = 3,
+    backoff = @Backoff(delay = 1000, multiplier = 2) // 1s, 2s, 4s
+)
+public Product getProduct(String productId) {
+    return productClient.getProduct(productId);
+}
+```
+### 重试注意事项
+```
+必须条件:
+- 幂等性: 重试必须保证操作幂等
+- 可重试异常: 只对可恢复异常重试
+- 最大重试次数: 避免无限重试
+- 退避策略: 避免重试风暴
+不适合重试的场景:
+- 非幂等操作(如扣款)
+- 业务异常(如余额不足)
+- 资源不存在(404)
+```
+## 服务容错
+### 舱壁模式(Bulkhead)
+```
+原理:
+- 隔离资源,防止故障扩散
+- 为每个服务分配独立资源池
+实现(Resilience4j):
+@Bean
+public BulkheadConfig bulkheadConfig() {
+    return BulkheadConfig.custom()
+        .maxConcurrentCalls(10) // 最大并发数
+        .maxWaitDuration(Duration.ofMillis(500)) // 等待时间
+        .build();
+}
+@Service
+public class OrderService {
+    @Bulkhead(name = "inventoryService", fallbackMethod = "fallback")
+    public InventoryResponse checkInventory(String productId) {
+        return inventoryClient.checkInventory(productId);
+    }
+    public InventoryResponse fallback(String productId) {
+        return InventoryResponse.defaultResponse();
+    }
+}
+```
+### 故障隔离
+```
+线程池隔离:
+- 每个服务使用独立线程池
+- 故障不会影响其他服务
+信号量隔离:
+- 共享线程池,使用信号量限制并发
+- 轻量级,适合内部调用
+选择:
+- 网络调用: 线程池隔离
+- 本地调用: 信号量隔离
+```
+## 灰度发布
+### 基于权重的灰度
+```yaml
+spring:
+  cloud:
+    nacos:
+      discovery:
+        metadata:
+          version: v2
+          weight: 20 # 20%流量
+```
+### 基于Header的灰度
+```java
+@Configuration
+public class GrayLoadBalancerConfig {
+    @Bean
+    ReactorLoadBalancer<ServiceInstance> grayLoadBalancer(
+            Environment environment,
+            LoadBalancerClientFactory factory) {
+        return new GrayLoadBalancer(
+            factory.getLazyProvider(environment.getProperty(LoadBalancerClientFactory.PROPERTY_NAME), ServiceInstanceListSupplier.class),
+            environment.getProperty(LoadBalancerClientFactory.PROPERTY_NAME)
+        );
+    }
+}
+public class GrayLoadBalancer implements ReactorServiceInstanceLoadBalancer {
+    @Override
+    public Mono<Response<ServiceInstance>> choose(Request request) {
+        DefaultRequestContext context = (DefaultRequestContext) request.getContext();
+        HttpHeaders headers = (HttpHeaders) context.getClientRequest().getHeaders();
+        String version = headers.getFirst("X-Service-Version");
+        return serviceInstanceListSupplierProvider.getIfAvailable()
+            .get()
+            .next()
+            .map(instances -> {
+                List<ServiceInstance> filtered = instances.stream()
+                    .filter(instance -> version == null ||
+                            version.equals(instance.getMetadata().get("version")))
+                    .collect(Collectors.toList());
+                if (filtered.isEmpty()) {
+                    filtered = instances;
+                }
+                ServiceInstance instance = selectInstance(filtered);
+                return new DefaultResponse(instance);
+            });
+    }
+}
+```
+## 服务监控
+### 健康检查
+#### Spring Boot Actuator
+```yaml
+management:
+  endpoints:
+    web:
+      exposure:
+        include: health,info,metrics
+  endpoint:
+    health:
+      show-details: always
+```
+#### 自定义健康检查
+```java
+@Component
+public class InventoryServiceHealthIndicator implements HealthIndicator {
+    @Autowired
+    private InventoryClient inventoryClient;
+    @Override
+    public Health health() {
+        try {
+            HealthStatus status = inventoryClient.checkHealth();
+            if (status.isHealthy()) {
+                return Health.up()
+                    .withDetail("inventory-service", "available")
+                    .build();
+            } else {
+                return Health.down()
+                    .withDetail("inventory-service", "unavailable")
+                    .build();
+            }
+        } catch (Exception e) {
+            return Health.down(e).build();
+        }
+    }
+}
+```
+### 指标采集
+#### Prometheus + Micrometer
+```java
+// 依赖
+implementation 'io.micrometer:micrometer-registry-prometheus'
+// 自定义指标
+@Service
+public class OrderService {
+    private final Counter orderCounter;
+    private final Timer orderTimer;
+    public OrderService(MeterRegistry registry) {
+        this.orderCounter = Counter.builder("order.count")
+            .description("Total order count")
+            .tag("type", "normal")
+            .register(registry);
+        this.orderTimer = Timer.builder("order.latency")
+            .description("Order processing latency")
+            .register(registry);
+    }
+    public Order createOrder(OrderRequest request) {
+        return orderTimer.record(() -> {
+            Order order = // 业务逻辑
+            orderCounter.increment();
+            return order;
+        });
+    }
+}
+```
+```yaml
+# application.yml
+management:
+  endpoints:
+    web:
+      exposure:
+        include: prometheus
+  metrics:
+    tags:
+      application: ${spring.application.name}
+    export:
+      prometheus:
+        enabled: true
+```
+## 服务网格治理
+### Istio流量管理
+#### 虚拟服务
+```yaml
+apiVersion: networking.istio.io/v1beta1
+kind: VirtualService
+metadata:
+  name: order-service
+spec:
+  hosts:
+    - order-service
+  http:
+    - match:
+        - headers:
+            x-user-type:
+              exact: vip
+      route:
+        - destination:
+            host: order-service
+            subset: v2
+          weight: 100
+    - route:
+        - destination:
+            host: order-service
+            subset: v1
+          weight: 90
+        - destination:
+            host: order-service
+            subset: v2
+          weight: 10
+```
+#### 目标规则
+```yaml
+apiVersion: networking.istio.io/v1beta1
+kind: DestinationRule
+metadata:
+  name: order-service
+spec:
+  host: order-service
+  trafficPolicy:
+    connectionPool:
+      tcp:
+        maxConnections: 100
+      http:
+        h2UpgradePolicy: UPGRADE
+        http1MaxPendingRequests: 100
+        http2MaxRequests: 1000
+    outlierDetection:
+      consecutive5xxErrors: 5
+      interval: 30s
+      baseEjectionTime: 30s
+      maxEjectionPercent: 50
+  subsets:
+    - name: v1
+      labels:
+        version: v1
+    - name: v2
+      labels:
+        version: v2
+```
+### Envoy过滤器
+```yaml
+apiVersion: networking.istio.io/v1alpha3
+kind: EnvoyFilter
+metadata:
+  name: custom-filter
+spec:
+  workloadLabels:
+    app: order-service
+  filters:
+    - filterName: envoy.lua
+      filterType: HTTP
+      filterConfig:
+        inline_code: |
+          function envoy_on_request(request_handle)
+            -- 自定义逻辑
+          end
+```
+## 最佳实践
+### 1. 服务治理分层
+```
+基础设施层:
+- Kubernetes Service
+- Istio Service Mesh
+应用层:
+- Spring Cloud
+- Dubbo
+混合治理:
+- 基础设施层 + 应用层
+- 渐进式演进
+```
+### 2. 容错设计原则
+```
+快速失败(Fail Fast):
+- 及时返回错误
+- 避免资源占用
+优雅降级(Graceful Degradation):
+- 提供有损服务
+- 保证核心功能
+自我保护:
+- 限流熔断
+- 资源隔离
+自我恢复:
+- 自动重试
+- 熔断器自动恢复
+```
+### 3. 监控告警
+```
+关键指标:
+- 服务可用性(99.9%+)
+- 响应时间(P99 < 500ms)
+- 错误率(< 0.1%)
+- QPS
+告警级别:
+- P0: 服务不可用(短信+电话)
+- P1: 性能下降(短信)
+- P2: 异常趋势(邮件)
+```
+### 4. 演进策略
+```
+阶段一: 基础治理
+- 服务注册发现
+- 负载均衡
+- 健康检查
+阶段二: 容错治理
+- 熔断降级
+- 限流控制
+- 重试机制
+阶段三: 流量治理
+- 灰度发布
+- 流量镜像
+- A/B测试
+阶段四: 智能治理
+- 自适应限流
+- 智能路由
+- AIOps
+```
+## 参考资源
+### 开源框架
+- Spring Cloud: https://spring.io/projects/spring-cloud
+- Dubbo: https://dubbo.apache.org/
+- Sentinel: https://sentinelguard.io/
+- Resilience4j: https://resilience4j.readme.io/
+- Istio: https://istio.io/
+### 学习资料
+- 《微服务设计》
+- 《Release It!》
+- Google SRE Book
+- Netflix技术博客