@umacloud/knowledge 1.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/00-governance/governance-capabilities.md +557 -0
- package/00-governance/knowledge-map.md +39 -0
- package/00-governance/maintenance-policy.md +76 -0
- package/00-governance/review-checklist.md +81 -0
- package/README.md +13 -0
- package/ai/01-standards/agent-development-complete.md +691 -0
- package/ai/01-standards/llm-application-complete.md +488 -0
- package/ai/01-standards/mlops-complete.md +798 -0
- package/ai/01-standards/prompt-engineering-complete.md +646 -0
- package/ai/01-standards/rag-architecture-complete.md +649 -0
- package/ai/02-playbooks/llm-evaluation-playbook.md +847 -0
- package/ai/03-checklists/ai-project-checklist.md +215 -0
- package/ai/04-antipatterns/ai-antipatterns.md +661 -0
- package/ai/05-cases/case-rag-production.md +147 -0
- package/ai/06-glossary/ai-glossary.md +162 -0
- package/ai/agent-evaluation-benchmark.md +53 -0
- package/ai/ai-agent-memory-context-management.md +41 -0
- package/ai/ai-cost-capacity-optimization-playbook.md +42 -0
- package/ai/ai-data-security-and-compliance-playbook.md +37 -0
- package/ai/ai-domain-index-and-checklist.md +40 -0
- package/ai/ai-governance-maturity-model.md +50 -0
- package/ai/ai-model-selection-and-routing-strategy.md +47 -0
- package/ai/ai-observability-and-oncall-runbook.md +52 -0
- package/ai/ai-rag-engineering-playbook.md +42 -0
- package/ai/ai-red-team-and-safety-evaluation.md +42 -0
- package/ai/ai-release-readiness-and-rollback-gate.md +42 -0
- package/ai/llm-agent-engineering-deep-dive.md +57 -0
- package/ai/prompt-and-tool-guardrails.md +52 -0
- package/api/01-standards/enterprise-api-standards.md +198 -0
- package/api/01-standards/rest-api-design-guide.md +63 -0
- package/api/02-playbooks/api-pagination-playbook.md +93 -0
- package/api/02-playbooks/graphql-production-playbook.md +176 -0
- package/api/03-checklists/api-review-checklist.md +55 -0
- package/api/04-antipatterns/api-antipatterns.md +112 -0
- package/architecture/01-standards/api-gateway-patterns.md +496 -0
- package/architecture/01-standards/cloud-native-patterns.md +644 -0
- package/architecture/01-standards/distributed-systems-patterns.md +591 -0
- package/architecture/01-standards/event-driven-architecture.md +595 -0
- package/architecture/01-standards/microservices-patterns-complete.md +968 -0
- package/architecture/01-standards/microservices-patterns.md +495 -0
- package/architecture/01-standards/system-design-interview.md +664 -0
- package/architecture/02-playbooks/microservices-patterns-playbook.md +137 -0
- package/architecture/02-playbooks/migration-playbook.md +780 -0
- package/architecture/02-playbooks/system-design-playbook.md +779 -0
- package/architecture/03-checklists/architecture-decision-checklist.md +297 -0
- package/architecture/04-antipatterns/architecture-antipatterns.md +417 -0
- package/architecture/05-cases/case-netflix-microservices.md +413 -0
- package/architecture/06-glossary/architecture-glossary.md +164 -0
- package/architecture/adr-template-and-examples.md +38 -0
- package/architecture/api-gateway-deep-dive.md +1291 -0
- package/architecture/configuration-management.md +1162 -0
- package/architecture/distributed-transactions.md +1220 -0
- package/architecture/microservices-complete.md +735 -0
- package/architecture/resilience-and-disaster-patterns.md +37 -0
- package/architecture/service-governance.md +1198 -0
- package/architecture/system-architecture-deep-dive.md +37 -0
- package/backend/01-standards/analytics-and-growth.md +65 -0
- package/backend/01-standards/api-and-error-conventions.md +120 -0
- package/backend/01-standards/application-layering-and-packaging.md +160 -0
- package/backend/01-standards/auth-implementation.md +104 -0
- package/backend/01-standards/backend-framework-idioms.md +74 -0
- package/backend/01-standards/background-jobs-and-async.md +66 -0
- package/backend/01-standards/caching-strategies-complete.md +390 -0
- package/backend/01-standards/config-and-observability.md +77 -0
- package/backend/01-standards/data-modeling-and-persistence.md +94 -0
- package/backend/01-standards/django-complete.md +1765 -0
- package/backend/01-standards/email-and-notifications.md +64 -0
- package/backend/01-standards/fastapi-complete.md +925 -0
- package/backend/01-standards/file-upload-and-storage.md +66 -0
- package/backend/01-standards/graphql-api-complete.md +416 -0
- package/backend/01-standards/llm-application-standard.md +78 -0
- package/backend/01-standards/message-queue-patterns.md +379 -0
- package/backend/01-standards/microservices-and-distributed.md +78 -0
- package/backend/01-standards/nestjs-complete.md +2167 -0
- package/backend/01-standards/payment-integration.md +80 -0
- package/backend/01-standards/rate-limiting-complete.md +451 -0
- package/backend/01-standards/realtime-and-websocket.md +65 -0
- package/backend/01-standards/search-and-filtering.md +64 -0
- package/backend/01-standards/spring-boot-complete.md +445 -0
- package/backend/02-playbooks/api-design-playbook.md +718 -0
- package/backend/02-playbooks/email-send-playbook.md +130 -0
- package/backend/02-playbooks/file-upload-s3-playbook.md +153 -0
- package/backend/02-playbooks/typescript-enterprise-playbook.md +133 -0
- package/backend/02-playbooks/websocket-realtime-playbook.md +154 -0
- package/backend/03-checklists/api-launch-checklist.md +189 -0
- package/backend/04-antipatterns/backend-antipatterns.md +1051 -0
- package/blockchain/01-standards/blockchain-basics.md +557 -0
- package/blockchain/01-standards/smart-contract-development.md +1315 -0
- package/cicd/01-standards/deployment-and-delivery-standard.md +96 -0
- package/cicd/01-standards/github-actions-complete.md +473 -0
- package/cicd/01-standards/release-and-store-submission.md +75 -0
- package/cicd/02-playbooks/cicd-pipeline-playbook.md +144 -0
- package/cicd/02-playbooks/release-management-playbook.md +605 -0
- package/cicd/03-checklists/pipeline-security-checklist.md +168 -0
- package/cicd/04-antipatterns/cicd-antipatterns.md +589 -0
- package/cicd/05-cases/case-deployment-automation.md +221 -0
- package/cicd/05-cases/case-gitops-transformation.md +212 -0
- package/cicd/06-glossary/cicd-glossary.md +114 -0
- package/cicd/cicd-blueprint-deep-dive.md +38 -0
- package/cicd/release-readiness-gate.md +37 -0
- package/cloud-native/01-standards/container-security.md +741 -0
- package/cloud-native/01-standards/kubernetes-complete.md +812 -0
- package/cloud-native/02-playbooks/api-gateway-playbook.md +155 -0
- package/cloud-native/02-playbooks/gitops-with-argocd.md +760 -0
- package/cloud-native/02-playbooks/k8s-troubleshooting-playbook.md +1942 -0
- package/cloud-native/02-playbooks/message-queue-playbook.md +129 -0
- package/cloud-native/02-playbooks/multicloud-governance.md +726 -0
- package/cloud-native/02-playbooks/serverless-patterns.md +788 -0
- package/cloud-native/02-playbooks/service-mesh-playbook.md +612 -0
- package/cloud-native/02-playbooks/terraform-iac-playbook.md +143 -0
- package/cloud-native/03-checklists/container-security-checklist.md +431 -0
- package/cloud-native/03-checklists/k8s-production-readiness-checklist.md +460 -0
- package/cloud-native/04-antipatterns/container-antipatterns.md +660 -0
- package/cloud-native/04-antipatterns/k8s-antipatterns.md +743 -0
- package/cloud-native/05-cases/case-k8s-migration.md +478 -0
- package/cloud-native/05-cases/case-k8s-scaling.md +642 -0
- package/cloud-native/05-cases/case-k8s-security-incident.md +397 -0
- package/cloud-native/06-glossary/cloud-native-glossary.md +337 -0
- package/cross-platform/01-standards/cross-platform-frameworks.md +83 -0
- package/cross-platform/01-standards/platform-selection-and-architecture.md +77 -0
- package/data/01-standards/elasticsearch-complete.md +2098 -0
- package/data/01-standards/postgresql-complete.md +1613 -0
- package/data/01-standards/redis-complete.md +1527 -0
- package/data/02-playbooks/database-optimization-playbook.md +403 -0
- package/data/02-playbooks/elasticsearch-production-playbook.md +132 -0
- package/data/03-checklists/database-launch-checklist.md +187 -0
- package/data/04-antipatterns/database-antipatterns.md +873 -0
- package/data/05-cases/case-database-migration.md +310 -0
- package/data/06-glossary/database-glossary.md +440 -0
- package/data/data-governance-and-modeling-deep-dive.md +39 -0
- package/data-engineering/01-standards/airflow-complete.md +523 -0
- package/data-engineering/01-standards/kafka-complete.md +1521 -0
- package/data-engineering/02-playbooks/spark-etl-playbook.md +496 -0
- package/data-engineering/03-checklists/pipeline-launch-checklist.md +194 -0
- package/data-engineering/04-antipatterns/data-pipeline-antipatterns.md +684 -0
- package/data-engineering/05-cases/case-real-time-pipeline.md +355 -0
- package/data-engineering/06-glossary/data-engineering-glossary.md +429 -0
- package/database/01-standards/database-schema-standards.md +147 -0
- package/database/02-playbooks/postgresql-optimization-quick.md +52 -0
- package/database/02-playbooks/postgresql-performance-optimization.md +58 -0
- package/database/02-playbooks/postgresql-production-playbook.md +146 -0
- package/database/02-playbooks/redis-caching-playbook.md +117 -0
- package/database/03-checklists/database-review-checklist.md +50 -0
- package/database/04-antipatterns/database-antipatterns.md +112 -0
- package/design/01-standards/ui-design-system-complete.md +423 -0
- package/design/02-playbooks/design-handoff-playbook.md +254 -0
- package/design/02-playbooks/design-review-playbook.md +388 -0
- package/design/03-checklists/design-review-checklist.md +246 -0
- package/design/04-antipatterns/design-antipatterns.md +378 -0
- package/design/05-cases/case-design-system-adoption.md +328 -0
- package/design/06-glossary/design-glossary.md +329 -0
- package/design/ui-full-lifecycle-cross-platform-playbook.md +571 -0
- package/design/ux-system-deep-dive.md +38 -0
- package/design-systems/00-craft-rules.md +71 -0
- package/design-systems/aesthetic-families.md +43 -0
- package/design-systems/anti-ai-slop.md +162 -0
- package/design-systems/bold-geometric.md +120 -0
- package/design-systems/brutalist-bold.md +103 -0
- package/design-systems/editorial-clean.md +109 -0
- package/design-systems/glass-aurora.md +108 -0
- package/design-systems/modern-minimal.md +145 -0
- package/design-systems/premium-luxury.md +106 -0
- package/design-systems/product-type-design-map.md +48 -0
- package/design-systems/soft-warm.md +123 -0
- package/design-systems/tech-utility.md +113 -0
- package/desktop/01-standards/desktop-app-standard.md +72 -0
- package/desktop/01-standards/desktop-design.md +71 -0
- package/development/00-governance/document-template.md +41 -0
- package/development/01-standards/api-versioning-strategies.md +432 -0
- package/development/01-standards/authentication-patterns-complete.md +479 -0
- package/development/01-standards/css-architecture-complete.md +550 -0
- package/development/01-standards/database-migration-strategies.md +484 -0
- package/development/01-standards/elasticsearch-complete.md +347 -0
- package/development/01-standards/git-complete.md +371 -0
- package/development/01-standards/golang-complete.md +1565 -0
- package/development/01-standards/graphql-complete.md +298 -0
- package/development/01-standards/javascript-bundlers-complete.md +469 -0
- package/development/01-standards/javascript-typescript-complete.md +528 -0
- package/development/01-standards/jest-complete.md +275 -0
- package/development/01-standards/linux-complete.md +234 -0
- package/development/01-standards/logging-observability-complete.md +526 -0
- package/development/01-standards/microservices-communication.md +502 -0
- package/development/01-standards/mongodb-complete.md +406 -0
- package/development/01-standards/oauth2-complete.md +285 -0
- package/development/01-standards/performance-optimization-complete.md +289 -0
- package/development/01-standards/playwright-complete.md +247 -0
- package/development/01-standards/postgresql-complete.md +456 -0
- package/development/01-standards/pytest-complete.md +340 -0
- package/development/01-standards/python-async-programming.md +902 -0
- package/development/01-standards/python-complete.md +956 -0
- package/development/01-standards/python-decorators-complete.md +799 -0
- package/development/01-standards/python-design-patterns.md +2854 -0
- package/development/01-standards/python-packaging-distribution.md +420 -0
- package/development/01-standards/python-testing-strategies.md +607 -0
- package/development/01-standards/python-web-frameworks-comparison.md +471 -0
- package/development/01-standards/redis-complete.md +317 -0
- package/development/01-standards/rest-api-complete.md +316 -0
- package/development/01-standards/rust-complete.md +578 -0
- package/development/01-standards/typescript-advanced-types.md +1513 -0
- package/development/01-standards/web-security-complete.md +292 -0
- package/development/02-playbooks/api-design-playbook.md +810 -0
- package/development/02-playbooks/database-migration-playbook.md +580 -0
- package/development/02-playbooks/debugging-playbook.md +692 -0
- package/development/02-playbooks/feature-delivery-playbook.md +430 -0
- package/development/02-playbooks/incident-hotfix-playbook.md +387 -0
- package/development/02-playbooks/performance-optimization-playbook.md +531 -0
- package/development/02-playbooks/performance-tuning-playbook.md +652 -0
- package/development/02-playbooks/refactor-playbook.md +403 -0
- package/development/02-playbooks/release-playbook.md +469 -0
- package/development/03-checklists/architecture-review-checklist.md +168 -0
- package/development/03-checklists/data-migration-checklist.md +157 -0
- package/development/03-checklists/oncall-handover-checklist.md +173 -0
- package/development/03-checklists/pr-checklist.md +158 -0
- package/development/03-checklists/production-readiness-checklist.md +190 -0
- package/development/03-checklists/release-readiness-checklist.md +154 -0
- package/development/03-checklists/security-review-checklist.md +182 -0
- package/development/04-antipatterns/api-antipatterns.md +657 -0
- package/development/04-antipatterns/architecture-antipatterns.md +686 -0
- package/development/04-antipatterns/backend-antipatterns.md +648 -0
- package/development/04-antipatterns/cicd-antipatterns.md +540 -0
- package/development/04-antipatterns/code-smell-antipatterns.md +571 -0
- package/development/04-antipatterns/data-antipatterns.md +658 -0
- package/development/04-antipatterns/database-antipatterns.md +578 -0
- package/development/04-antipatterns/frontend-antipatterns.md +635 -0
- package/development/04-antipatterns/reliability-antipatterns.md +700 -0
- package/development/04-antipatterns/security-antipatterns.md +747 -0
- package/development/05-cases/case-api-version-migration.md +428 -0
- package/development/05-cases/case-authorization-hardening.md +383 -0
- package/development/05-cases/case-bluegreen-rollback.md +466 -0
- package/development/05-cases/case-cache-snowball-protection.md +485 -0
- package/development/05-cases/case-ci-cd-pipeline.md +544 -0
- package/development/05-cases/case-database-scaling.md +500 -0
- package/development/05-cases/case-db-hotspot-optimization.md +487 -0
- package/development/05-cases/case-incident-mttr-reduction.md +563 -0
- package/development/05-cases/case-microservice-migration.md +375 -0
- package/development/05-cases/case-performance-optimization.md +406 -0
- package/development/05-cases/case-security-incident-response.md +345 -0
- package/development/06-glossary/full-stack-glossary.md +166 -0
- package/development/09-maturity/quarterly-audit-template.md +35 -0
- package/development/11-ui-excellence/ui-aesthetic-system.md +41 -0
- package/development/11-ui-excellence/ui-engineering-excellence.md +435 -0
- package/development/12-scenarios/development-scenarios-guide.md +565 -0
- package/development/13-implementation-assets/implementation-toolkit.md +282 -0
- package/development/13-implementation-assets/knowledge-gates-execution.md +43 -0
- package/development/14-full-lifecycle/software-lifecycle-gates.md +511 -0
- package/development/15-lifecycle-templates/project-templates-collection.md +791 -0
- package/development/api-contract-and-versioning-guide.md +36 -0
- package/development/api-governance-complete.md +43 -0
- package/development/backend-engineering-complete.md +43 -0
- package/development/code-review-quality-complete.md +43 -0
- package/development/concurrency-reliability-complete.md +43 -0
- package/development/database-engineering-complete.md +43 -0
- package/development/engineering-effectiveness-complete.md +43 -0
- package/development/engineering-standards-deep-dive.md +38 -0
- package/development/frontend-engineering-complete.md +43 -0
- package/development/performance-capacity-complete.md +43 -0
- package/development/refactor-migration-complete.md +42 -0
- package/development/refactoring-and-techdebt-playbook.md +37 -0
- package/development/security-in-development-complete.md +43 -0
- package/devops/01-standards/cicd-pipeline-complete.md +262 -0
- package/devops/01-standards/docker-complete.md +1490 -0
- package/devops/01-standards/github-actions-complete.md +337 -0
- package/devops/01-standards/kubernetes-complete.md +638 -0
- package/devops/01-standards/terraform-complete.md +2117 -0
- package/devops/02-playbooks/docker-compose-playbook.md +233 -0
- package/devops/02-playbooks/docker-k8s-production-playbook.md +186 -0
- package/devops/02-playbooks/docker-production-playbook.md +952 -0
- package/edge-iot/01-standards/edge-iot-complete.md +473 -0
- package/experts/architect/api-design.md +178 -0
- package/experts/architect/methodology.md +124 -0
- package/experts/architect/security.md +75 -0
- package/experts/backend-lead/methodology.md +216 -0
- package/experts/devops/methodology.md +160 -0
- package/experts/frontend-lead/methodology.md +178 -0
- package/experts/product-manager/industry/ecommerce.md +43 -0
- package/experts/product-manager/industry/saas.md +40 -0
- package/experts/product-manager/methodology.md +97 -0
- package/experts/qa-lead/methodology.md +123 -0
- package/experts/qa-lead/test-strategy.md +128 -0
- package/experts/uiux-designer/methodology.md +125 -0
- package/frontend/01-standards/accessibility-complete.md +532 -0
- package/frontend/01-standards/accessibility-standard.md +74 -0
- package/frontend/01-standards/admin-dashboard-and-crud.md +72 -0
- package/frontend/01-standards/design-tokens-complete.md +444 -0
- package/frontend/01-standards/forms-and-validation.md +77 -0
- package/frontend/01-standards/frontend-architecture-and-layering.md +119 -0
- package/frontend/01-standards/i18n-and-localization.md +65 -0
- package/frontend/01-standards/nextjs-complete.md +451 -0
- package/frontend/01-standards/react-complete.md +713 -0
- package/frontend/01-standards/react-hooks-complete-guide.md +1100 -0
- package/frontend/01-standards/react-hooks-complete.md +1171 -0
- package/frontend/01-standards/seo-and-web-vitals.md +77 -0
- package/frontend/01-standards/state-management-complete.md +444 -0
- package/frontend/01-standards/vue-complete.md +499 -0
- package/frontend/01-standards/vue3-complete.md +2002 -0
- package/frontend/01-standards/web-framework-best-practices.md +64 -0
- package/frontend/01-standards/web-performance-complete.md +495 -0
- package/frontend/02-playbooks/accessibility-a11y-playbook.md +161 -0
- package/frontend/02-playbooks/frontend-performance-playbook.md +707 -0
- package/frontend/02-playbooks/i18n-internationalization-playbook.md +120 -0
- package/frontend/02-playbooks/performance-optimization-playbook.md +163 -0
- package/frontend/02-playbooks/react-nextjs-production-playbook.md +167 -0
- package/frontend/02-playbooks/react-state-management-playbook.md +173 -0
- package/frontend/03-checklists/component-quality-checklist.md +166 -0
- package/frontend/03-checklists/frontend-launch-checklist.md +299 -0
- package/frontend/04-antipatterns/frontend-antipatterns.md +886 -0
- package/frontend/05-cases/case-performance-optimization.md +274 -0
- package/harmony/01-standards/harmonyos-arkts-standard.md +75 -0
- package/harmony/01-standards/harmonyos-design.md +65 -0
- package/high-quality-engineering-playbook.md +54 -0
- package/incident/01-standards/incident-response-complete.md +303 -0
- package/incident/02-playbooks/chaos-engineering-playbook.md +883 -0
- package/incident/02-playbooks/postmortem-playbook.md +398 -0
- package/incident/03-checklists/incident-readiness-checklist.md +181 -0
- package/incident/04-antipatterns/incident-antipatterns.md +490 -0
- package/incident/05-cases/case-cascade-failure.md +176 -0
- package/incident/06-glossary/incident-glossary.md +114 -0
- package/incident/postmortem-and-response-deep-dive.md +39 -0
- package/industries/ecommerce/ecommerce-complete.md +631 -0
- package/industries/education/education-complete.md +555 -0
- package/industries/fintech/fintech-complete.md +501 -0
- package/industries/gaming/gaming-complete.md +587 -0
- package/industries/healthcare/healthcare-complete.md +452 -0
- package/low-code/01-standards/low-code-complete.md +944 -0
- package/miniprogram/01-standards/ai-common-mistakes.md +61 -0
- package/miniprogram/01-standards/miniprogram-custom-navbar-capsule.md +77 -0
- package/miniprogram/01-standards/miniprogram-design.md +61 -0
- package/miniprogram/01-standards/miniprogram-standard.md +81 -0
- package/mobile/01-standards/android-material-design.md +70 -0
- package/mobile/01-standards/flutter-complete.md +384 -0
- package/mobile/01-standards/ios-design-hig.md +78 -0
- package/mobile/01-standards/mobile-app-standard.md +85 -0
- package/mobile/01-standards/react-native-complete.md +352 -0
- package/mobile/02-playbooks/mobile-cross-platform-playbook.md +175 -0
- package/mobile/02-playbooks/mobile-performance.md +473 -0
- package/mobile/03-checklists/mobile-release-checklist.md +234 -0
- package/mobile/04-antipatterns/mobile-antipatterns.md +798 -0
- package/mobile/05-cases/case-app-performance.md +500 -0
- package/mobile/05-cases/case-app-startup-optimization.md +218 -0
- package/mobile/06-glossary/mobile-glossary.md +484 -0
- package/observability/01-standards/observability-standards.md +103 -0
- package/observability/02-playbooks/prometheus-grafana-playbook.md +135 -0
- package/observability/02-playbooks/structured-logging-playbook.md +73 -0
- package/observability/03-checklists/observability-checklist.md +54 -0
- package/observability/04-antipatterns/observability-antipatterns.md +106 -0
- package/operations/01-standards/prometheus-monitoring-complete.md +1578 -0
- package/operations/02-playbooks/capacity-planning-playbook.md +620 -0
- package/operations/03-checklists/production-launch-checklist.md +365 -0
- package/operations/04-antipatterns/operations-antipatterns.md +664 -0
- package/operations/05-cases/case-sre-practices.md +581 -0
- package/operations/06-glossary/operations-glossary.md +120 -0
- package/operations/aiops-anomaly-detection.md +758 -0
- package/operations/capacity-planning.md +1061 -0
- package/operations/chaos-engineering.md +659 -0
- package/operations/incident-command-system.md +38 -0
- package/operations/observability-complete.md +442 -0
- package/operations/slo-sli-playbook.md +517 -0
- package/operations/sre-operations-deep-dive.md +39 -0
- package/package.json +8 -0
- package/performance/01-standards/performance-and-scalability.md +80 -0
- package/performance/01-standards/performance-standards.md +156 -0
- package/performance/02-playbooks/query-optimization-playbook.md +103 -0
- package/performance/03-checklists/performance-checklist.md +56 -0
- package/performance/04-antipatterns/performance-antipatterns.md +146 -0
- package/product/01-standards/product-management-complete.md +285 -0
- package/product/02-playbooks/feature-launch-playbook.md +207 -0
- package/product/02-playbooks/user-research-playbook.md +532 -0
- package/product/03-checklists/feature-launch-checklist.md +275 -0
- package/product/04-antipatterns/product-antipatterns.md +355 -0
- package/product/05-cases/case-mvp-to-scale.md +384 -0
- package/product/06-glossary/product-glossary.md +462 -0
- package/product/feature-prioritization-framework.md +40 -0
- package/product/kpi-and-metric-tree.md +37 -0
- package/product/product-discovery-and-prd-deep-dive.md +41 -0
- package/quantum/01-standards/quantum-complete.md +1186 -0
- package/security/01-standards/api-security-complete.md +511 -0
- package/security/01-standards/container-runtime-security.md +574 -0
- package/security/01-standards/data-protection-gdpr.md +543 -0
- package/security/01-standards/owasp-top10-complete.md +1890 -0
- package/security/01-standards/secure-coding-baseline.md +90 -0
- package/security/01-standards/supply-chain-security.md +441 -0
- package/security/01-standards/web-security-checklist.md +108 -0
- package/security/01-standards/zero-trust-architecture.md +521 -0
- package/security/02-playbooks/auth-sso-playbook.md +166 -0
- package/security/02-playbooks/incident-response-security-playbook.md +588 -0
- package/security/02-playbooks/owasp-api-security-playbook.md +129 -0
- package/security/02-playbooks/payment-integration-playbook.md +119 -0
- package/security/02-playbooks/penetration-testing-playbook.md +517 -0
- package/security/03-checklists/security-audit-checklist.md +356 -0
- package/security/04-antipatterns/security-coding-antipatterns.md +580 -0
- package/security/05-cases/case-log4shell-incident.md +537 -0
- package/security/05-cases/case-major-breaches.md +468 -0
- package/security/06-glossary/security-glossary.md +212 -0
- package/security/compliance-automation.md +993 -0
- package/security/container-security.md +680 -0
- package/security/devsecops-complete.md +426 -0
- package/security/sast-dast-sca.md +775 -0
- package/security/secrets-management.md +594 -0
- package/security/security-architecture-deep-dive.md +37 -0
- package/security/threat-modeling-stride-playbook.md +40 -0
- package/seed-templates/auth-system.md +59 -0
- package/seed-templates/blog-content.md +94 -0
- package/seed-templates/dashboard.md +89 -0
- package/seed-templates/docs-site.md +73 -0
- package/seed-templates/e-commerce.md +50 -0
- package/seed-templates/saas-landing.md +92 -0
- package/seed-templates/settings-page.md +51 -0
- package/testing/01-standards/test-strategy-and-layering.md +83 -0
- package/testing/01-standards/testing-strategy-complete.md +422 -0
- package/testing/01-standards/unit-testing-best-practices.md +118 -0
- package/testing/02-playbooks/e2e-testing-playbook.md +988 -0
- package/testing/02-playbooks/testing-strategy-playbook.md +126 -0
- package/testing/03-checklists/test-strategy-checklist.md +208 -0
- package/testing/04-antipatterns/testing-antipatterns.md +718 -0
- package/testing/05-cases/case-testing-transformation.md +300 -0
- package/testing/06-glossary/testing-glossary.md +110 -0
- package/testing/risk-based-test-matrix.md +36 -0
- package/testing/testing-strategy-deep-dive.md +37 -0
|
@@ -0,0 +1,788 @@
|
|
|
1
|
+
---
|
|
2
|
+
title: Serverless 模式作战手册
|
|
3
|
+
version: 1.0.0
|
|
4
|
+
last_updated: 2025-03-20
|
|
5
|
+
owner: platform-team
|
|
6
|
+
tags: [serverless, knative, functions, faas]
|
|
7
|
+
status: production
|
|
8
|
+
domain: cloud-native
|
|
9
|
+
difficulty: intermediate
|
|
10
|
+
quality_score: 70
|
|
11
|
+
---
|
|
12
|
+
|
|
13
|
+
# 开发:Excellent(11964948@qq.com)
|
|
14
|
+
# 功能:Serverless 架构模式作战手册
|
|
15
|
+
# 作用:指导 Knative、云函数等 Serverless 实践
|
|
16
|
+
# 创建时间:2025-03-20
|
|
17
|
+
# 最后修改:2025-03-20
|
|
18
|
+
|
|
19
|
+
## 目标
|
|
20
|
+
|
|
21
|
+
建立 Serverless 标准化开发和运维流程,确保:
|
|
22
|
+
- 事件驱动架构设计
|
|
23
|
+
- 弹性伸缩效率
|
|
24
|
+
- 冷启动优化
|
|
25
|
+
- 成本可控可观测
|
|
26
|
+
|
|
27
|
+
## 适用场景
|
|
28
|
+
|
|
29
|
+
- 事件驱动处理
|
|
30
|
+
- API 网关后端
|
|
31
|
+
- 定时任务
|
|
32
|
+
- 数据处理管道
|
|
33
|
+
- 突发流量场景
|
|
34
|
+
|
|
35
|
+
## 执行清单
|
|
36
|
+
|
|
37
|
+
### 架构设计
|
|
38
|
+
|
|
39
|
+
- [ ] 评估是否适合 Serverless(无状态、快速响应)
|
|
40
|
+
- [ ] 选择合适的 Serverless 平台
|
|
41
|
+
- [ ] 设计事件源和触发器
|
|
42
|
+
- [ ] 规划函数粒度
|
|
43
|
+
- [ ] 设计冷启动优化策略
|
|
44
|
+
|
|
45
|
+
### Knative 部署
|
|
46
|
+
|
|
47
|
+
- [ ] 安装 Knative Serving
|
|
48
|
+
- [ ] 安装 Knative Eventing
|
|
49
|
+
- [ ] 配置网络层
|
|
50
|
+
- [ ] 配置自动伸缩
|
|
51
|
+
- [ ] 配置域名和 TLS
|
|
52
|
+
|
|
53
|
+
### 函数开发
|
|
54
|
+
|
|
55
|
+
- [ ] 实现函数处理逻辑
|
|
56
|
+
- [ ] 配置依赖和构建
|
|
57
|
+
- [ ] 设置资源限制
|
|
58
|
+
- [ ] 实现健康检查
|
|
59
|
+
- [ ] 配置日志和监控
|
|
60
|
+
|
|
61
|
+
## 核心配置
|
|
62
|
+
|
|
63
|
+
### 1. Knative Serving 安装
|
|
64
|
+
|
|
65
|
+
```yaml
|
|
66
|
+
# Knative Serving 配置
|
|
67
|
+
apiVersion: operator.knative.dev/v1beta1
|
|
68
|
+
kind: KnativeServing
|
|
69
|
+
metadata:
|
|
70
|
+
name: knative-serving
|
|
71
|
+
namespace: knative-serving
|
|
72
|
+
spec:
|
|
73
|
+
version: "1.12.0"
|
|
74
|
+
config:
|
|
75
|
+
network:
|
|
76
|
+
ingress-class: "kourier.ingress.networking.knative.dev"
|
|
77
|
+
autoscaler:
|
|
78
|
+
enable-scale-to-zero: "true"
|
|
79
|
+
scale-to-zero-pod-retention-period: "60s"
|
|
80
|
+
pod-autoscaler-class: "kpa.autoscaling.knative.dev"
|
|
81
|
+
defaults:
|
|
82
|
+
revision-timeout-seconds: "300"
|
|
83
|
+
container-concurrency: "100"
|
|
84
|
+
deployment:
|
|
85
|
+
progress-deadline: "600s"
|
|
86
|
+
```
|
|
87
|
+
|
|
88
|
+
### 2. Knative Service 配置
|
|
89
|
+
|
|
90
|
+
```yaml
|
|
91
|
+
apiVersion: serving.knative.dev/v1
|
|
92
|
+
kind: Service
|
|
93
|
+
metadata:
|
|
94
|
+
name: api-function
|
|
95
|
+
namespace: production
|
|
96
|
+
labels:
|
|
97
|
+
app: api-function
|
|
98
|
+
annotations:
|
|
99
|
+
# 最小实例数(避免冷启动)
|
|
100
|
+
autoscaling.knative.dev/min-scale: "1"
|
|
101
|
+
# 最大实例数
|
|
102
|
+
autoscaling.knative.dev/max-scale: "100"
|
|
103
|
+
# 目标并发
|
|
104
|
+
autoscaling.knative.dev/target: "80"
|
|
105
|
+
# 容器并发限制
|
|
106
|
+
autoscaling.knative.dev/container-concurrency: "100"
|
|
107
|
+
spec:
|
|
108
|
+
template:
|
|
109
|
+
metadata:
|
|
110
|
+
annotations:
|
|
111
|
+
# 修订版本超时
|
|
112
|
+
autoscaling.knative.dev/revision-timeout-seconds: "300"
|
|
113
|
+
spec:
|
|
114
|
+
containerConcurrency: 100
|
|
115
|
+
timeoutSeconds: 300
|
|
116
|
+
containers:
|
|
117
|
+
- image: registry.example.com/api-function:v1.0.0
|
|
118
|
+
ports:
|
|
119
|
+
- containerPort: 8080
|
|
120
|
+
env:
|
|
121
|
+
- name: LOG_LEVEL
|
|
122
|
+
value: "info"
|
|
123
|
+
- name: DATABASE_URL
|
|
124
|
+
valueFrom:
|
|
125
|
+
secretKeyRef:
|
|
126
|
+
name: db-credentials
|
|
127
|
+
key: url
|
|
128
|
+
resources:
|
|
129
|
+
requests:
|
|
130
|
+
cpu: "100m"
|
|
131
|
+
memory: "128Mi"
|
|
132
|
+
limits:
|
|
133
|
+
cpu: "1000m"
|
|
134
|
+
memory: "512Mi"
|
|
135
|
+
livenessProbe:
|
|
136
|
+
httpGet:
|
|
137
|
+
path: /health/live
|
|
138
|
+
port: 8080
|
|
139
|
+
readinessProbe:
|
|
140
|
+
httpGet:
|
|
141
|
+
path: /health/ready
|
|
142
|
+
port: 8080
|
|
143
|
+
```
|
|
144
|
+
|
|
145
|
+
### 3. Knative Eventing 配置
|
|
146
|
+
|
|
147
|
+
```yaml
|
|
148
|
+
# Broker 配置
|
|
149
|
+
apiVersion: eventing.knative.dev/v1
|
|
150
|
+
kind: Broker
|
|
151
|
+
metadata:
|
|
152
|
+
name: default
|
|
153
|
+
namespace: production
|
|
154
|
+
spec:
|
|
155
|
+
config:
|
|
156
|
+
apiVersion: v1
|
|
157
|
+
kind: ConfigMap
|
|
158
|
+
name: config-br-default-channel
|
|
159
|
+
namespace: knative-eventing
|
|
160
|
+
|
|
161
|
+
---
|
|
162
|
+
# Trigger 配置
|
|
163
|
+
apiVersion: eventing.knative.dev/v1
|
|
164
|
+
kind: Trigger
|
|
165
|
+
metadata:
|
|
166
|
+
name: order-created-trigger
|
|
167
|
+
namespace: production
|
|
168
|
+
spec:
|
|
169
|
+
broker: default
|
|
170
|
+
filter:
|
|
171
|
+
attributes:
|
|
172
|
+
type: order.created
|
|
173
|
+
source: order-service
|
|
174
|
+
subscriber:
|
|
175
|
+
ref:
|
|
176
|
+
apiVersion: serving.knative.dev/v1
|
|
177
|
+
kind: Service
|
|
178
|
+
name: order-processor
|
|
179
|
+
|
|
180
|
+
---
|
|
181
|
+
# 事件源配置
|
|
182
|
+
apiVersion: sources.knative.dev/v1
|
|
183
|
+
kind: ApiServerSource
|
|
184
|
+
metadata:
|
|
185
|
+
name: k8s-events-source
|
|
186
|
+
namespace: production
|
|
187
|
+
spec:
|
|
188
|
+
mode: Resource
|
|
189
|
+
resources:
|
|
190
|
+
- apiVersion: v1
|
|
191
|
+
kind: Event
|
|
192
|
+
serviceAccountName: events-sa
|
|
193
|
+
sink:
|
|
194
|
+
ref:
|
|
195
|
+
apiVersion: eventing.knative.dev/v1
|
|
196
|
+
kind: Broker
|
|
197
|
+
name: default
|
|
198
|
+
```
|
|
199
|
+
|
|
200
|
+
### 4. 函数代码示例
|
|
201
|
+
|
|
202
|
+
```python
|
|
203
|
+
# Python 函数示例(Flask)
|
|
204
|
+
from flask import Flask, request, jsonify
|
|
205
|
+
import logging
|
|
206
|
+
import os
|
|
207
|
+
|
|
208
|
+
app = Flask(__name__)
|
|
209
|
+
logger = logging.getLogger(__name__)
|
|
210
|
+
|
|
211
|
+
@app.route('/health/live')
|
|
212
|
+
def liveness():
|
|
213
|
+
return jsonify({"status": "alive"})
|
|
214
|
+
|
|
215
|
+
@app.route('/health/ready')
|
|
216
|
+
def readiness():
|
|
217
|
+
# 检查依赖是否就绪
|
|
218
|
+
return jsonify({"status": "ready"})
|
|
219
|
+
|
|
220
|
+
@app.route('/', methods=['POST'])
|
|
221
|
+
def handle_event():
|
|
222
|
+
"""处理 CloudEvents 格式的事件"""
|
|
223
|
+
try:
|
|
224
|
+
# 解析 CloudEvent
|
|
225
|
+
event_data = request.get_json()
|
|
226
|
+
event_type = request.headers.get('Ce-Type')
|
|
227
|
+
event_source = request.headers.get('Ce-Source')
|
|
228
|
+
|
|
229
|
+
logger.info(f"Received event: type={event_type}, source={event_source}")
|
|
230
|
+
|
|
231
|
+
# 处理事件
|
|
232
|
+
result = process_event(event_type, event_data)
|
|
233
|
+
|
|
234
|
+
return jsonify({
|
|
235
|
+
"status": "success",
|
|
236
|
+
"result": result
|
|
237
|
+
})
|
|
238
|
+
except Exception as e:
|
|
239
|
+
logger.exception("Event processing failed")
|
|
240
|
+
return jsonify({
|
|
241
|
+
"status": "error",
|
|
242
|
+
"message": str(e)
|
|
243
|
+
}), 500
|
|
244
|
+
|
|
245
|
+
def process_event(event_type, data):
|
|
246
|
+
"""事件处理逻辑"""
|
|
247
|
+
if event_type == "order.created":
|
|
248
|
+
return process_order(data)
|
|
249
|
+
elif event_type == "user.registered":
|
|
250
|
+
return process_user(data)
|
|
251
|
+
else:
|
|
252
|
+
raise ValueError(f"Unknown event type: {event_type}")
|
|
253
|
+
|
|
254
|
+
def process_order(order_data):
|
|
255
|
+
"""处理订单事件"""
|
|
256
|
+
order_id = order_data.get('order_id')
|
|
257
|
+
# 业务逻辑
|
|
258
|
+
return {"order_id": order_id, "status": "processed"}
|
|
259
|
+
|
|
260
|
+
def process_user(user_data):
|
|
261
|
+
"""处理用户事件"""
|
|
262
|
+
user_id = user_data.get('user_id')
|
|
263
|
+
# 业务逻辑
|
|
264
|
+
return {"user_id": user_id, "status": "processed"}
|
|
265
|
+
|
|
266
|
+
if __name__ == '__main__':
|
|
267
|
+
port = int(os.environ.get('PORT', 8080))
|
|
268
|
+
app.run(host='0.0.0.0', port=port)
|
|
269
|
+
```
|
|
270
|
+
|
|
271
|
+
### 5. 云函数示例
|
|
272
|
+
|
|
273
|
+
```yaml
|
|
274
|
+
# AWS Lambda 函数配置
|
|
275
|
+
# serverless.yml
|
|
276
|
+
service: api-function
|
|
277
|
+
|
|
278
|
+
provider:
|
|
279
|
+
name: aws
|
|
280
|
+
runtime: python3.11
|
|
281
|
+
region: us-east-1
|
|
282
|
+
timeout: 30
|
|
283
|
+
memorySize: 256
|
|
284
|
+
environment:
|
|
285
|
+
LOG_LEVEL: info
|
|
286
|
+
DATABASE_URL: ${ssm:/api-function/database-url}
|
|
287
|
+
iam:
|
|
288
|
+
role:
|
|
289
|
+
statements:
|
|
290
|
+
- Effect: Allow
|
|
291
|
+
Action:
|
|
292
|
+
- dynamodb:Query
|
|
293
|
+
- dynamodb:GetItem
|
|
294
|
+
Resource: arn:aws:dynamodb:*:*:table/orders
|
|
295
|
+
|
|
296
|
+
functions:
|
|
297
|
+
processOrder:
|
|
298
|
+
handler: handler.process_order
|
|
299
|
+
events:
|
|
300
|
+
- http:
|
|
301
|
+
path: orders
|
|
302
|
+
method: post
|
|
303
|
+
cors: true
|
|
304
|
+
- sqs:
|
|
305
|
+
arn: arn:aws:sqs:*:*:order-queue
|
|
306
|
+
batchSize: 10
|
|
307
|
+
|
|
308
|
+
scheduledTask:
|
|
309
|
+
handler: handler.scheduled_task
|
|
310
|
+
events:
|
|
311
|
+
- schedule:
|
|
312
|
+
rate: cron(0 * * * ? *)
|
|
313
|
+
enabled: true
|
|
314
|
+
```
|
|
315
|
+
|
|
316
|
+
```python
|
|
317
|
+
# AWS Lambda 函数代码
|
|
318
|
+
import json
|
|
319
|
+
import logging
|
|
320
|
+
import boto3
|
|
321
|
+
|
|
322
|
+
logger = logging.getLogger()
|
|
323
|
+
logger.setLevel(logging.INFO)
|
|
324
|
+
|
|
325
|
+
dynamodb = boto3.resource('dynamodb')
|
|
326
|
+
table = dynamodb.Table('orders')
|
|
327
|
+
|
|
328
|
+
def process_order(event, context):
|
|
329
|
+
"""处理 HTTP 请求或 SQS 消息"""
|
|
330
|
+
try:
|
|
331
|
+
# HTTP 请求
|
|
332
|
+
if 'body' in event:
|
|
333
|
+
body = json.loads(event['body']) if isinstance(event['body'], str) else event['body']
|
|
334
|
+
order_id = body.get('order_id')
|
|
335
|
+
|
|
336
|
+
# 处理订单
|
|
337
|
+
result = {
|
|
338
|
+
'order_id': order_id,
|
|
339
|
+
'status': 'processed'
|
|
340
|
+
}
|
|
341
|
+
|
|
342
|
+
return {
|
|
343
|
+
'statusCode': 200,
|
|
344
|
+
'body': json.dumps({
|
|
345
|
+
'status': 'success',
|
|
346
|
+
'result': result
|
|
347
|
+
})
|
|
348
|
+
}
|
|
349
|
+
|
|
350
|
+
# SQS 消息
|
|
351
|
+
elif 'Records' in event:
|
|
352
|
+
for record in event['Records']:
|
|
353
|
+
message = json.loads(record['body'])
|
|
354
|
+
process_order_message(message)
|
|
355
|
+
|
|
356
|
+
return {'statusCode': 200}
|
|
357
|
+
|
|
358
|
+
except Exception as e:
|
|
359
|
+
logger.exception("Error processing event")
|
|
360
|
+
return {
|
|
361
|
+
'statusCode': 500,
|
|
362
|
+
'body': json.dumps({
|
|
363
|
+
'status': 'error',
|
|
364
|
+
'message': str(e)
|
|
365
|
+
})
|
|
366
|
+
}
|
|
367
|
+
|
|
368
|
+
def process_order_message(message):
|
|
369
|
+
"""处理 SQS 消息"""
|
|
370
|
+
order_id = message.get('order_id')
|
|
371
|
+
logger.info(f"Processing order: {order_id}")
|
|
372
|
+
|
|
373
|
+
# 更新数据库
|
|
374
|
+
table.update_item(
|
|
375
|
+
Key={'order_id': order_id},
|
|
376
|
+
UpdateExpression='SET #status = :status',
|
|
377
|
+
ExpressionAttributeNames={'#status': 'status'},
|
|
378
|
+
ExpressionAttributeValues={':status': 'processed'}
|
|
379
|
+
)
|
|
380
|
+
|
|
381
|
+
def scheduled_task(event, context):
|
|
382
|
+
"""定时任务"""
|
|
383
|
+
logger.info("Running scheduled task")
|
|
384
|
+
|
|
385
|
+
# 执行定时任务逻辑
|
|
386
|
+
# ...
|
|
387
|
+
|
|
388
|
+
return {'status': 'completed'}
|
|
389
|
+
```
|
|
390
|
+
|
|
391
|
+
### 6. 冷启动优化
|
|
392
|
+
|
|
393
|
+
```yaml
|
|
394
|
+
# Knative 配置 - 最小实例保持
|
|
395
|
+
apiVersion: serving.knative.dev/v1
|
|
396
|
+
kind: Service
|
|
397
|
+
metadata:
|
|
398
|
+
name: api-function
|
|
399
|
+
namespace: production
|
|
400
|
+
annotations:
|
|
401
|
+
# 保持至少 1 个实例(避免冷启动)
|
|
402
|
+
autoscaling.knative.dev/min-scale: "1"
|
|
403
|
+
# 缩容到零的等待时间
|
|
404
|
+
autoscaling.knative.dev/scale-to-zero-pod-retention-period: "5m"
|
|
405
|
+
spec:
|
|
406
|
+
template:
|
|
407
|
+
spec:
|
|
408
|
+
containers:
|
|
409
|
+
- image: registry.example.com/api-function:v1.0.0
|
|
410
|
+
# 启动探测
|
|
411
|
+
startupProbe:
|
|
412
|
+
httpGet:
|
|
413
|
+
path: /health/startup
|
|
414
|
+
port: 8080
|
|
415
|
+
initialDelaySeconds: 0
|
|
416
|
+
periodSeconds: 1
|
|
417
|
+
failureThreshold: 30
|
|
418
|
+
```
|
|
419
|
+
|
|
420
|
+
### 7. 函数依赖优化
|
|
421
|
+
|
|
422
|
+
```dockerfile
|
|
423
|
+
# 优化镜像大小和启动时间
|
|
424
|
+
FROM python:3.11-slim AS builder
|
|
425
|
+
|
|
426
|
+
WORKDIR /app
|
|
427
|
+
|
|
428
|
+
# 安装依赖
|
|
429
|
+
COPY requirements.txt .
|
|
430
|
+
RUN pip install --no-cache-dir --target=/app/deps -r requirements.txt
|
|
431
|
+
|
|
432
|
+
# 生产镜像
|
|
433
|
+
FROM gcr.io/distroless/python3-debian12
|
|
434
|
+
|
|
435
|
+
WORKDIR /app
|
|
436
|
+
|
|
437
|
+
# 复制依赖
|
|
438
|
+
COPY --from=builder /app/deps /app/deps
|
|
439
|
+
COPY . /app
|
|
440
|
+
|
|
441
|
+
# 设置 Python 路径
|
|
442
|
+
ENV PYTHONPATH=/app/deps
|
|
443
|
+
|
|
444
|
+
# 非特权用户
|
|
445
|
+
USER nonroot:nonroot
|
|
446
|
+
|
|
447
|
+
EXPOSE 8080
|
|
448
|
+
|
|
449
|
+
CMD ["python", "/app/main.py"]
|
|
450
|
+
```
|
|
451
|
+
|
|
452
|
+
## 最佳实践
|
|
453
|
+
|
|
454
|
+
### 1. 函数设计原则
|
|
455
|
+
|
|
456
|
+
```python
|
|
457
|
+
# [DONE] 正确:单一职责、快速响应
|
|
458
|
+
def handle_event(event, context):
|
|
459
|
+
"""处理单一类型事件"""
|
|
460
|
+
# 1. 验证输入
|
|
461
|
+
validate_event(event)
|
|
462
|
+
|
|
463
|
+
# 2. 执行业务逻辑
|
|
464
|
+
result = process_business_logic(event)
|
|
465
|
+
|
|
466
|
+
# 3. 返回结果
|
|
467
|
+
return result
|
|
468
|
+
|
|
469
|
+
# [FAIL] 错误:函数过于复杂、长时间运行
|
|
470
|
+
def handle_all_events(event, context):
|
|
471
|
+
"""处理所有类型事件"""
|
|
472
|
+
# 长时间运行的任务
|
|
473
|
+
# 复杂的业务逻辑
|
|
474
|
+
# 多个外部调用
|
|
475
|
+
# ...
|
|
476
|
+
```
|
|
477
|
+
|
|
478
|
+
### 2. 事件驱动架构
|
|
479
|
+
|
|
480
|
+
```yaml
|
|
481
|
+
# 生产者配置
|
|
482
|
+
apiVersion: eventing.knative.dev/v1
|
|
483
|
+
kind: Broker
|
|
484
|
+
metadata:
|
|
485
|
+
name: events-broker
|
|
486
|
+
namespace: production
|
|
487
|
+
---
|
|
488
|
+
# 消费者 Trigger
|
|
489
|
+
apiVersion: eventing.knative.dev/v1
|
|
490
|
+
kind: Trigger
|
|
491
|
+
metadata:
|
|
492
|
+
name: order-events-trigger
|
|
493
|
+
namespace: production
|
|
494
|
+
spec:
|
|
495
|
+
broker: events-broker
|
|
496
|
+
filter:
|
|
497
|
+
attributes:
|
|
498
|
+
type: order.created
|
|
499
|
+
subscriber:
|
|
500
|
+
ref:
|
|
501
|
+
apiVersion: serving.knative.dev/v1
|
|
502
|
+
kind: Service
|
|
503
|
+
name: order-processor
|
|
504
|
+
```
|
|
505
|
+
|
|
506
|
+
### 3. 错误处理和重试
|
|
507
|
+
|
|
508
|
+
```yaml
|
|
509
|
+
# 死信队列配置
|
|
510
|
+
apiVersion: eventing.knative.dev/v1
|
|
511
|
+
kind: Trigger
|
|
512
|
+
metadata:
|
|
513
|
+
name: order-events-trigger
|
|
514
|
+
namespace: production
|
|
515
|
+
spec:
|
|
516
|
+
broker: events-broker
|
|
517
|
+
filter:
|
|
518
|
+
attributes:
|
|
519
|
+
type: order.created
|
|
520
|
+
subscriber:
|
|
521
|
+
ref:
|
|
522
|
+
apiVersion: serving.knative.dev/v1
|
|
523
|
+
kind: Service
|
|
524
|
+
name: order-processor
|
|
525
|
+
delivery:
|
|
526
|
+
retry: 3
|
|
527
|
+
backoffPolicy: exponential
|
|
528
|
+
backoffDelay: "PT1S"
|
|
529
|
+
deadLetterSink:
|
|
530
|
+
ref:
|
|
531
|
+
apiVersion: serving.knative.dev/v1
|
|
532
|
+
kind: Service
|
|
533
|
+
name: dead-letter-handler
|
|
534
|
+
```
|
|
535
|
+
|
|
536
|
+
```python
|
|
537
|
+
# 函数错误处理
|
|
538
|
+
import logging
|
|
539
|
+
|
|
540
|
+
logger = logging.getLogger()
|
|
541
|
+
|
|
542
|
+
def handle_event(event, context):
|
|
543
|
+
try:
|
|
544
|
+
# 处理事件
|
|
545
|
+
result = process_event(event)
|
|
546
|
+
|
|
547
|
+
# 记录成功
|
|
548
|
+
logger.info(f"Event processed successfully: {event.get('id')}")
|
|
549
|
+
|
|
550
|
+
return result
|
|
551
|
+
|
|
552
|
+
except RetryableError as e:
|
|
553
|
+
# 可重试错误
|
|
554
|
+
logger.warning(f"Retryable error: {e}")
|
|
555
|
+
raise # 重新抛出以触发重试
|
|
556
|
+
|
|
557
|
+
except PermanentError as e:
|
|
558
|
+
# 永久性错误
|
|
559
|
+
logger.error(f"Permanent error: {e}")
|
|
560
|
+
# 发送到死信队列或记录
|
|
561
|
+
send_to_dead_letter_queue(event, e)
|
|
562
|
+
return {"status": "failed", "error": str(e)}
|
|
563
|
+
```
|
|
564
|
+
|
|
565
|
+
### 4. 状态管理
|
|
566
|
+
|
|
567
|
+
```python
|
|
568
|
+
# [DONE] 正确:使用外部状态存储
|
|
569
|
+
import redis
|
|
570
|
+
import json
|
|
571
|
+
|
|
572
|
+
redis_client = redis.Redis(
|
|
573
|
+
host=os.environ['REDIS_HOST'],
|
|
574
|
+
port=int(os.environ.get('REDIS_PORT', 6379)),
|
|
575
|
+
decode_responses=True
|
|
576
|
+
)
|
|
577
|
+
|
|
578
|
+
def handle_event(event, context):
|
|
579
|
+
# 从外部存储获取状态
|
|
580
|
+
session_id = event.get('session_id')
|
|
581
|
+
session = redis_client.get(f"session:{session_id}")
|
|
582
|
+
|
|
583
|
+
if session:
|
|
584
|
+
session_data = json.loads(session)
|
|
585
|
+
else:
|
|
586
|
+
session_data = {}
|
|
587
|
+
|
|
588
|
+
# 处理事件
|
|
589
|
+
session_data.update(event)
|
|
590
|
+
|
|
591
|
+
# 保存状态
|
|
592
|
+
redis_client.setex(
|
|
593
|
+
f"session:{session_id}",
|
|
594
|
+
3600, # 1小时过期
|
|
595
|
+
json.dumps(session_data)
|
|
596
|
+
)
|
|
597
|
+
|
|
598
|
+
return {"status": "success", "session": session_data}
|
|
599
|
+
|
|
600
|
+
# [FAIL] 错误:依赖本地状态
|
|
601
|
+
# 全局变量在函数实例间不共享
|
|
602
|
+
local_cache = {}
|
|
603
|
+
|
|
604
|
+
def handle_event(event, context):
|
|
605
|
+
# 本地缓存不可靠
|
|
606
|
+
key = event.get('id')
|
|
607
|
+
if key in local_cache:
|
|
608
|
+
return local_cache[key]
|
|
609
|
+
# ...
|
|
610
|
+
```
|
|
611
|
+
|
|
612
|
+
## 反模式
|
|
613
|
+
|
|
614
|
+
### 禁止操作
|
|
615
|
+
|
|
616
|
+
```python
|
|
617
|
+
# [FAIL] 禁止:长时间运行任务
|
|
618
|
+
def handle_event(event, context):
|
|
619
|
+
# 同步等待长时间操作
|
|
620
|
+
time.sleep(300) # 阻塞 5 分钟
|
|
621
|
+
# 应该使用异步处理或消息队列
|
|
622
|
+
|
|
623
|
+
# [FAIL] 禁止:阻塞式调用
|
|
624
|
+
def handle_event(event, context):
|
|
625
|
+
# 同步调用外部 API
|
|
626
|
+
response = requests.get(url, timeout=300)
|
|
627
|
+
# 应该设置合理超时或使用异步
|
|
628
|
+
|
|
629
|
+
# [FAIL] 禁止:大内存占用
|
|
630
|
+
def handle_event(event, context):
|
|
631
|
+
# 加载大文件到内存
|
|
632
|
+
data = open('large_file.dat').read()
|
|
633
|
+
# 应该使用流式处理
|
|
634
|
+
|
|
635
|
+
# [FAIL] 禁止:硬编码配置
|
|
636
|
+
DATABASE_URL = "postgres://user:pass@host/db"
|
|
637
|
+
# 应该使用环境变量
|
|
638
|
+
|
|
639
|
+
# [FAIL] 禁止:忽略超时
|
|
640
|
+
def handle_event(event, context):
|
|
641
|
+
# 无限循环
|
|
642
|
+
while True:
|
|
643
|
+
process_queue()
|
|
644
|
+
# 应该设置超时和退出条件
|
|
645
|
+
```
|
|
646
|
+
|
|
647
|
+
## 实战案例
|
|
648
|
+
|
|
649
|
+
### 案例 1:图片处理管道
|
|
650
|
+
|
|
651
|
+
```yaml
|
|
652
|
+
# 上传触发处理
|
|
653
|
+
apiVersion: sources.knative.dev/v1beta2
|
|
654
|
+
kind: ContainerSource
|
|
655
|
+
metadata:
|
|
656
|
+
name: s3-event-source
|
|
657
|
+
namespace: production
|
|
658
|
+
spec:
|
|
659
|
+
template:
|
|
660
|
+
spec:
|
|
661
|
+
containers:
|
|
662
|
+
- image: gcr.io/knative-releases/knative.dev/eventing/cmd/awssqs
|
|
663
|
+
env:
|
|
664
|
+
- name: AWS_ACCESS_KEY_ID
|
|
665
|
+
valueFrom:
|
|
666
|
+
secretKeyRef:
|
|
667
|
+
name: aws-credentials
|
|
668
|
+
key: access-key-id
|
|
669
|
+
- name: AWS_SECRET_ACCESS_KEY
|
|
670
|
+
valueFrom:
|
|
671
|
+
secretKeyRef:
|
|
672
|
+
name: aws-credentials
|
|
673
|
+
key: secret-access-key
|
|
674
|
+
- name: AWS_REGION
|
|
675
|
+
value: us-east-1
|
|
676
|
+
- name: QUEUE_URL
|
|
677
|
+
value: https://sqs.us-east-1.amazonaws.com/123456789/image-upload-queue
|
|
678
|
+
sink:
|
|
679
|
+
ref:
|
|
680
|
+
apiVersion: eventing.knative.dev/v1
|
|
681
|
+
kind: Broker
|
|
682
|
+
name: default
|
|
683
|
+
---
|
|
684
|
+
# 图片处理函数
|
|
685
|
+
apiVersion: serving.knative.dev/v1
|
|
686
|
+
kind: Service
|
|
687
|
+
metadata:
|
|
688
|
+
name: image-processor
|
|
689
|
+
namespace: production
|
|
690
|
+
spec:
|
|
691
|
+
template:
|
|
692
|
+
spec:
|
|
693
|
+
containers:
|
|
694
|
+
- image: registry.example.com/image-processor:v1.0.0
|
|
695
|
+
env:
|
|
696
|
+
- name: OUTPUT_BUCKET
|
|
697
|
+
value: processed-images
|
|
698
|
+
resources:
|
|
699
|
+
limits:
|
|
700
|
+
cpu: "2000m"
|
|
701
|
+
memory: "2Gi"
|
|
702
|
+
```
|
|
703
|
+
|
|
704
|
+
### 案例 2:定时数据处理
|
|
705
|
+
|
|
706
|
+
```yaml
|
|
707
|
+
# CronJob 源
|
|
708
|
+
apiVersion: sources.knative.dev/v1
|
|
709
|
+
kind: ApiServerSource
|
|
710
|
+
metadata:
|
|
711
|
+
name: cron-events
|
|
712
|
+
namespace: production
|
|
713
|
+
spec:
|
|
714
|
+
schedule: "0 */1 * * *" # 每小时
|
|
715
|
+
sink:
|
|
716
|
+
ref:
|
|
717
|
+
apiVersion: serving.knative.dev/v1
|
|
718
|
+
kind: Service
|
|
719
|
+
name: data-aggregator
|
|
720
|
+
---
|
|
721
|
+
# 聚合函数
|
|
722
|
+
apiVersion: serving.knative.dev/v1
|
|
723
|
+
kind: Service
|
|
724
|
+
metadata:
|
|
725
|
+
name: data-aggregator
|
|
726
|
+
namespace: production
|
|
727
|
+
spec:
|
|
728
|
+
template:
|
|
729
|
+
metadata:
|
|
730
|
+
annotations:
|
|
731
|
+
autoscaling.knative.dev/min-scale: "0" # 允许缩零
|
|
732
|
+
autoscaling.knative.dev/max-scale: "1" # 单实例
|
|
733
|
+
spec:
|
|
734
|
+
containers:
|
|
735
|
+
- image: registry.example.com/data-aggregator:v1.0.0
|
|
736
|
+
env:
|
|
737
|
+
- name: DB_URL
|
|
738
|
+
valueFrom:
|
|
739
|
+
secretKeyRef:
|
|
740
|
+
name: db-credentials
|
|
741
|
+
key: url
|
|
742
|
+
```
|
|
743
|
+
|
|
744
|
+
## 检查清单
|
|
745
|
+
|
|
746
|
+
### 设计检查
|
|
747
|
+
|
|
748
|
+
- [ ] 函数无状态
|
|
749
|
+
- [ ] 执行时间 < 5 分钟
|
|
750
|
+
- [ ] 内存使用合理(< 512MB)
|
|
751
|
+
- [ ] 使用外部状态存储
|
|
752
|
+
- [ ] 事件驱动设计
|
|
753
|
+
- [ ] 冷启动影响评估
|
|
754
|
+
|
|
755
|
+
### 实现检查
|
|
756
|
+
|
|
757
|
+
- [ ] 依赖最小化
|
|
758
|
+
- [ ] 错误处理完善
|
|
759
|
+
- [ ] 日志记录充分
|
|
760
|
+
- [ ] 超时配置合理
|
|
761
|
+
- [ ] 环境变量配置
|
|
762
|
+
- [ ] 健康检查实现
|
|
763
|
+
|
|
764
|
+
### 运维检查
|
|
765
|
+
|
|
766
|
+
- [ ] 监控指标配置
|
|
767
|
+
- [ ] 告警规则设置
|
|
768
|
+
- [ ] 死信队列配置
|
|
769
|
+
- [ ] 成本监控
|
|
770
|
+
- [ ] 冷启动优化
|
|
771
|
+
- [ ] 安全策略配置
|
|
772
|
+
|
|
773
|
+
### 安全检查
|
|
774
|
+
|
|
775
|
+
- [ ] IAM 权限最小化
|
|
776
|
+
- [ ] 环境变量加密
|
|
777
|
+
- [ ] 输入验证
|
|
778
|
+
- [ ] 依赖安全扫描
|
|
779
|
+
- [ ] 网络隔离
|
|
780
|
+
- [ ] 审计日志
|
|
781
|
+
|
|
782
|
+
## 参考资料
|
|
783
|
+
|
|
784
|
+
- [Knative 官方文档](https://knative.dev/docs/)
|
|
785
|
+
- [AWS Lambda 最佳实践](https://docs.aws.amazon.com/lambda/latest/dg/best-practices.html)
|
|
786
|
+
- [Serverless Framework](https://www.serverless.com/framework/docs/)
|
|
787
|
+
- [CloudEvents 规范](https://cloudevents.io/)
|
|
788
|
+
- [Serverless 架构模式](https://www.oreilly.com/library/view/serverless-architectures-on/9781491971540/)
|