blockmine 1.24.0 → 1.25.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (346) hide show
  1. package/CHANGELOG.md +32 -0
  2. package/README.en.md +427 -0
  3. package/README.md +40 -0
  4. package/backend/cli.js +1 -1
  5. package/backend/src/ai/plugin-assistant-system-prompt.md +664 -5
  6. package/backend/src/api/routes/bots.js +13 -0
  7. package/backend/src/api/routes/servers.js +14 -2
  8. package/backend/src/core/BotProcess.js +98 -2
  9. package/backend/src/core/PluginLoader.js +83 -3
  10. package/backend/src/core/PluginManager.js +75 -5
  11. package/backend/src/core/services/BotLifecycleService.js +186 -2
  12. package/backend/src/server.js +11 -1
  13. package/frontend/dist/assets/browser-ponyfill-DN7pwmHT.js +2 -0
  14. package/frontend/dist/assets/index-LSy71uwm.js +11261 -0
  15. package/frontend/dist/assets/index-SfhKxI4-.css +32 -0
  16. package/frontend/dist/flags/en.svg +32 -0
  17. package/frontend/dist/flags/ru.svg +5 -0
  18. package/frontend/dist/index.html +2 -2
  19. package/frontend/dist/locales/en/admin.json +100 -0
  20. package/frontend/dist/locales/en/api-keys.json +58 -0
  21. package/frontend/dist/locales/en/bots.json +110 -0
  22. package/frontend/dist/locales/en/common.json +47 -0
  23. package/frontend/dist/locales/en/configuration.json +22 -0
  24. package/frontend/dist/locales/en/console.json +10 -0
  25. package/frontend/dist/locales/en/dashboard.json +85 -0
  26. package/frontend/dist/locales/en/dialogs.json +70 -0
  27. package/frontend/dist/locales/en/event-graphs.json +50 -0
  28. package/frontend/dist/locales/en/graph-store.json +70 -0
  29. package/frontend/dist/locales/en/login.json +34 -0
  30. package/frontend/dist/locales/en/management.json +114 -0
  31. package/frontend/dist/locales/en/minecraft-viewer.json +27 -0
  32. package/frontend/dist/locales/en/nodes.json +1077 -0
  33. package/frontend/dist/locales/en/permissions.json +50 -0
  34. package/frontend/dist/locales/en/plugin-detail.json +49 -0
  35. package/frontend/dist/locales/en/plugins.json +110 -0
  36. package/frontend/dist/locales/en/proxies.json +81 -0
  37. package/frontend/dist/locales/en/servers.json +39 -0
  38. package/frontend/dist/locales/en/setup.json +17 -0
  39. package/frontend/dist/locales/en/sidebar.json +27 -0
  40. package/frontend/dist/locales/en/tasks.json +62 -0
  41. package/frontend/dist/locales/en/visual-editor.json +219 -0
  42. package/frontend/dist/locales/en/websocket.json +86 -0
  43. package/frontend/dist/locales/ru/admin.json +100 -0
  44. package/frontend/dist/locales/ru/api-keys.json +58 -0
  45. package/frontend/dist/locales/ru/bots.json +110 -0
  46. package/frontend/dist/locales/ru/common.json +49 -0
  47. package/frontend/dist/locales/ru/configuration.json +22 -0
  48. package/frontend/dist/locales/ru/console.json +10 -0
  49. package/frontend/dist/locales/ru/dashboard.json +85 -0
  50. package/frontend/dist/locales/ru/dialogs.json +70 -0
  51. package/frontend/dist/locales/ru/event-graphs.json +50 -0
  52. package/frontend/dist/locales/ru/graph-store.json +70 -0
  53. package/frontend/dist/locales/ru/login.json +34 -0
  54. package/frontend/dist/locales/ru/management.json +114 -0
  55. package/frontend/dist/locales/ru/minecraft-viewer.json +27 -0
  56. package/frontend/dist/locales/ru/nodes.json +1077 -0
  57. package/frontend/dist/locales/ru/permissions.json +50 -0
  58. package/frontend/dist/locales/ru/plugin-detail.json +49 -0
  59. package/frontend/dist/locales/ru/plugins.json +110 -0
  60. package/frontend/dist/locales/ru/proxies.json +81 -0
  61. package/frontend/dist/locales/ru/servers.json +39 -0
  62. package/frontend/dist/locales/ru/setup.json +17 -0
  63. package/frontend/dist/locales/ru/sidebar.json +27 -0
  64. package/frontend/dist/locales/ru/tasks.json +62 -0
  65. package/frontend/dist/locales/ru/visual-editor.json +221 -0
  66. package/frontend/dist/locales/ru/websocket.json +86 -0
  67. package/frontend/dist/monacoeditorwork/css.worker.bundle.js +7 -7
  68. package/frontend/dist/monacoeditorwork/html.worker.bundle.js +7 -7
  69. package/frontend/dist/monacoeditorwork/json.worker.bundle.js +7 -7
  70. package/frontend/dist/monacoeditorwork/ts.worker.bundle.js +3 -3
  71. package/frontend/package.json +4 -0
  72. package/package.json +1 -1
  73. package/screen/3dviewer.png +0 -0
  74. package/screen/console.png +0 -0
  75. package/screen/dashboard.png +0 -0
  76. package/screen/graph_collabe.png +0 -0
  77. package/screen/graph_live_debug.png +0 -0
  78. package/screen/language_selector.png +0 -0
  79. package/screen/management_command.png +0 -0
  80. package/screen/node_debug_trace.png +0 -0
  81. package/screen/plugin_/320/276/320/261/320/267/320/276/321/200.png +0 -0
  82. package/screen/websocket.png +0 -0
  83. package/screen//320/275/320/260/321/201/321/202/321/200/320/276/320/271/320/272/320/270_/320/276/321/202/320/264/320/265/320/273/321/214/320/275/321/213/321/205_/320/272/320/276/320/274/320/260/320/275/320/264_/320/272/320/260/320/266/320/264/321/203_/320/272/320/276/320/274/320/260/320/275/320/273/320/264/321/203_/320/274/320/276/320/266/320/275/320/276_/320/275/320/260/321/201/321/202/321/200/320/260/320/270/320/262/320/260/321/202/321/214.png +0 -0
  84. package/screen//320/277/320/273/320/260/320/275/320/270/321/200/320/276/320/262/321/211/320/270/320/272_/320/274/320/276/320/266/320/275/320/276_/320/267/320/260/320/264/320/260/320/262/320/260/321/202/321/214_/320/264/320/265/320/271/321/201/321/202/320/262/320/270/321/217_/320/277/320/276_/320/262/321/200/320/265/320/274/320/265/320/275/320/270.png +0 -0
  85. package/.claude/agents/README.md +0 -469
  86. package/.claude/agents/auth-route-debugger.md +0 -118
  87. package/.claude/agents/auth-route-tester.md +0 -93
  88. package/.claude/agents/auto-error-resolver.md +0 -97
  89. package/.claude/agents/build-optimizer.md +0 -236
  90. package/.claude/agents/code-architect.md +0 -34
  91. package/.claude/agents/code-architecture-reviewer.md +0 -83
  92. package/.claude/agents/code-explorer.md +0 -51
  93. package/.claude/agents/code-refactor-master.md +0 -94
  94. package/.claude/agents/code-reviewer.md +0 -46
  95. package/.claude/agents/cost-optimizer.md +0 -134
  96. package/.claude/agents/deployment-orchestrator.md +0 -113
  97. package/.claude/agents/documentation-architect.md +0 -82
  98. package/.claude/agents/frontend-error-fixer.md +0 -77
  99. package/.claude/agents/iac-code-generator.md +0 -71
  100. package/.claude/agents/incident-responder.md +0 -346
  101. package/.claude/agents/infrastructure-architect.md +0 -31
  102. package/.claude/agents/kubernetes-specialist.md +0 -56
  103. package/.claude/agents/migration-planner.md +0 -181
  104. package/.claude/agents/network-architect.md +0 -196
  105. package/.claude/agents/plan-reviewer.md +0 -52
  106. package/.claude/agents/refactor-planner.md +0 -63
  107. package/.claude/agents/security-scanner.md +0 -102
  108. package/.claude/agents/web-research-specialist.md +0 -78
  109. package/.claude/commands/cost-analysis.md +0 -315
  110. package/.claude/commands/dev-docs-update.md +0 -55
  111. package/.claude/commands/dev-docs.md +0 -51
  112. package/.claude/commands/feature-dev.md +0 -125
  113. package/.claude/commands/incident-debug.md +0 -247
  114. package/.claude/commands/infra-plan.md +0 -81
  115. package/.claude/commands/migration-plan.md +0 -478
  116. package/.claude/commands/route-research-for-testing.md +0 -37
  117. package/.claude/commands/security-review.md +0 -66
  118. package/.claude/hooks/CONFIG.md +0 -448
  119. package/.claude/hooks/README.md +0 -163
  120. package/.claude/hooks/SKILL_ACTIVATION_COMPLETE.md +0 -226
  121. package/.claude/hooks/WINDOWS_HOOKS_README.md +0 -151
  122. package/.claude/hooks/add-skill-activation-banners.ts +0 -132
  123. package/.claude/hooks/comprehensive-skill-test.ts +0 -1315
  124. package/.claude/hooks/error-handling-reminder.sh +0 -12
  125. package/.claude/hooks/error-handling-reminder.ts +0 -222
  126. package/.claude/hooks/k8s-manifest-validator.sh +0 -56
  127. package/.claude/hooks/package-lock.json +0 -556
  128. package/.claude/hooks/package.json +0 -16
  129. package/.claude/hooks/post-tool-use-tracker.ps1 +0 -174
  130. package/.claude/hooks/post-tool-use-tracker.sh +0 -183
  131. package/.claude/hooks/security-policy-check.sh +0 -247
  132. package/.claude/hooks/skill-activation-prompt.ps1 +0 -10
  133. package/.claude/hooks/skill-activation-prompt.sh +0 -10
  134. package/.claude/hooks/skill-activation-prompt.ts +0 -141
  135. package/.claude/hooks/stop-build-check-enhanced.sh +0 -130
  136. package/.claude/hooks/terraform-validator.sh +0 -53
  137. package/.claude/hooks/test-input.json +0 -7
  138. package/.claude/hooks/test-skill-activation.ts +0 -427
  139. package/.claude/hooks/trigger-build-resolver.sh +0 -79
  140. package/.claude/hooks/tsc-check.sh +0 -173
  141. package/.claude/hooks/tsconfig.json +0 -19
  142. package/.claude/settings.json +0 -59
  143. package/.claude/settings.local.json +0 -67
  144. package/.claude/skills/README.md +0 -507
  145. package/.claude/skills/api-engineering/SKILL.md +0 -63
  146. package/.claude/skills/api-engineering/resources/api-versioning.md +0 -88
  147. package/.claude/skills/api-engineering/resources/graphql-patterns.md +0 -106
  148. package/.claude/skills/api-engineering/resources/rate-limiting.md +0 -118
  149. package/.claude/skills/api-engineering/resources/rest-api-design.md +0 -105
  150. package/.claude/skills/backend-dev-guidelines/SKILL.md +0 -306
  151. package/.claude/skills/backend-dev-guidelines/resources/architecture-overview.md +0 -451
  152. package/.claude/skills/backend-dev-guidelines/resources/async-and-errors.md +0 -307
  153. package/.claude/skills/backend-dev-guidelines/resources/complete-examples.md +0 -638
  154. package/.claude/skills/backend-dev-guidelines/resources/configuration.md +0 -275
  155. package/.claude/skills/backend-dev-guidelines/resources/database-patterns.md +0 -224
  156. package/.claude/skills/backend-dev-guidelines/resources/middleware-guide.md +0 -213
  157. package/.claude/skills/backend-dev-guidelines/resources/routing-and-controllers.md +0 -756
  158. package/.claude/skills/backend-dev-guidelines/resources/sentry-and-monitoring.md +0 -336
  159. package/.claude/skills/backend-dev-guidelines/resources/services-and-repositories.md +0 -789
  160. package/.claude/skills/backend-dev-guidelines/resources/testing-guide.md +0 -235
  161. package/.claude/skills/backend-dev-guidelines/resources/validation-patterns.md +0 -754
  162. package/.claude/skills/budget-and-cost-management/SKILL.md +0 -850
  163. package/.claude/skills/build-engineering/SKILL.md +0 -431
  164. package/.claude/skills/build-engineering/resources/artifact-repositories.md +0 -72
  165. package/.claude/skills/build-engineering/resources/build-caching.md +0 -96
  166. package/.claude/skills/build-engineering/resources/build-pipelines.md +0 -105
  167. package/.claude/skills/build-engineering/resources/build-security.md +0 -95
  168. package/.claude/skills/build-engineering/resources/build-systems.md +0 -389
  169. package/.claude/skills/build-engineering/resources/compilation-optimization.md +0 -201
  170. package/.claude/skills/build-engineering/resources/dependency-management.md +0 -73
  171. package/.claude/skills/build-engineering/resources/monorepo-builds.md +0 -110
  172. package/.claude/skills/build-engineering/resources/performance-optimization.md +0 -113
  173. package/.claude/skills/build-engineering/resources/reproducible-builds.md +0 -82
  174. package/.claude/skills/cloud-engineering/SKILL.md +0 -675
  175. package/.claude/skills/cloud-engineering/resources/aws-patterns.md +0 -742
  176. package/.claude/skills/cloud-engineering/resources/azure-patterns.md +0 -714
  177. package/.claude/skills/cloud-engineering/resources/cleared-cloud-environments.md +0 -987
  178. package/.claude/skills/cloud-engineering/resources/cloud-cost-optimization.md +0 -757
  179. package/.claude/skills/cloud-engineering/resources/cloud-networking.md +0 -1058
  180. package/.claude/skills/cloud-engineering/resources/cloud-security-tools.md +0 -1530
  181. package/.claude/skills/cloud-engineering/resources/cloud-security.md +0 -990
  182. package/.claude/skills/cloud-engineering/resources/gcp-patterns.md +0 -758
  183. package/.claude/skills/cloud-engineering/resources/migration-strategies.md +0 -820
  184. package/.claude/skills/cloud-engineering/resources/multi-cloud-strategies.md +0 -670
  185. package/.claude/skills/cloud-engineering/resources/oci-patterns.md +0 -1198
  186. package/.claude/skills/cloud-engineering/resources/serverless-patterns.md +0 -795
  187. package/.claude/skills/cloud-engineering/resources/well-architected-frameworks.md +0 -966
  188. package/.claude/skills/cybersecurity/SKILL.md +0 -409
  189. package/.claude/skills/cybersecurity/resources/security-architecture.md +0 -266
  190. package/.claude/skills/database-engineering/SKILL.md +0 -61
  191. package/.claude/skills/database-engineering/resources/backup-and-recovery.md +0 -72
  192. package/.claude/skills/database-engineering/resources/database-replication.md +0 -63
  193. package/.claude/skills/database-engineering/resources/postgresql-fundamentals.md +0 -70
  194. package/.claude/skills/database-engineering/resources/query-optimization.md +0 -68
  195. package/.claude/skills/devsecops/SKILL.md +0 -374
  196. package/.claude/skills/devsecops/resources/ci-cd-security.md +0 -204
  197. package/.claude/skills/devsecops/resources/compliance-automation.md +0 -530
  198. package/.claude/skills/devsecops/resources/compliance-frameworks.md +0 -2322
  199. package/.claude/skills/devsecops/resources/container-security.md +0 -915
  200. package/.claude/skills/devsecops/resources/cspm-integration.md +0 -1440
  201. package/.claude/skills/devsecops/resources/policy-enforcement.md +0 -619
  202. package/.claude/skills/devsecops/resources/secrets-management.md +0 -755
  203. package/.claude/skills/devsecops/resources/security-monitoring.md +0 -146
  204. package/.claude/skills/devsecops/resources/security-scanning.md +0 -887
  205. package/.claude/skills/devsecops/resources/security-testing.md +0 -203
  206. package/.claude/skills/devsecops/resources/supply-chain-security.md +0 -518
  207. package/.claude/skills/devsecops/resources/vulnerability-management.md +0 -481
  208. package/.claude/skills/devsecops/resources/zero-trust-architecture.md +0 -177
  209. package/.claude/skills/documentation-as-code/SKILL.md +0 -323
  210. package/.claude/skills/documentation-as-code/resources/api-documentation.md +0 -90
  211. package/.claude/skills/documentation-as-code/resources/changelog-management.md +0 -79
  212. package/.claude/skills/documentation-as-code/resources/diagram-generation.md +0 -44
  213. package/.claude/skills/documentation-as-code/resources/docs-as-code-workflow.md +0 -99
  214. package/.claude/skills/documentation-as-code/resources/documentation-automation.md +0 -68
  215. package/.claude/skills/documentation-as-code/resources/documentation-sites.md +0 -79
  216. package/.claude/skills/documentation-as-code/resources/markdown-best-practices.md +0 -162
  217. package/.claude/skills/documentation-as-code/resources/openapi-specification.md +0 -77
  218. package/.claude/skills/documentation-as-code/resources/readme-engineering.md +0 -60
  219. package/.claude/skills/documentation-as-code/resources/technical-writing-guide.md +0 -202
  220. package/.claude/skills/engineering-management/SKILL.md +0 -356
  221. package/.claude/skills/engineering-management/resources/career-ladders.md +0 -609
  222. package/.claude/skills/engineering-management/resources/hiring-and-assessment.md +0 -555
  223. package/.claude/skills/engineering-management/resources/one-on-one-guides.md +0 -609
  224. package/.claude/skills/engineering-management/resources/resource-planning.md +0 -557
  225. package/.claude/skills/engineering-management/resources/team-organization-patterns.md +0 -491
  226. package/.claude/skills/engineering-management/resources/technical-interviews.md +0 -474
  227. package/.claude/skills/engineering-operations-management/SKILL.md +0 -817
  228. package/.claude/skills/error-tracking/SKILL.md +0 -379
  229. package/.claude/skills/frontend-design/SKILL.md +0 -42
  230. package/.claude/skills/frontend-dev-guidelines/SKILL.md +0 -403
  231. package/.claude/skills/frontend-dev-guidelines/resources/common-patterns.md +0 -331
  232. package/.claude/skills/frontend-dev-guidelines/resources/complete-examples.md +0 -872
  233. package/.claude/skills/frontend-dev-guidelines/resources/component-patterns.md +0 -502
  234. package/.claude/skills/frontend-dev-guidelines/resources/data-fetching.md +0 -767
  235. package/.claude/skills/frontend-dev-guidelines/resources/file-organization.md +0 -502
  236. package/.claude/skills/frontend-dev-guidelines/resources/loading-and-error-states.md +0 -501
  237. package/.claude/skills/frontend-dev-guidelines/resources/performance.md +0 -406
  238. package/.claude/skills/frontend-dev-guidelines/resources/routing-guide.md +0 -364
  239. package/.claude/skills/frontend-dev-guidelines/resources/styling-guide.md +0 -428
  240. package/.claude/skills/frontend-dev-guidelines/resources/typescript-standards.md +0 -418
  241. package/.claude/skills/general-it-engineering/SKILL.md +0 -393
  242. package/.claude/skills/general-it-engineering/resources/asset-management.md +0 -712
  243. package/.claude/skills/general-it-engineering/resources/automation-orchestration.md +0 -817
  244. package/.claude/skills/general-it-engineering/resources/business-continuity.md +0 -786
  245. package/.claude/skills/general-it-engineering/resources/change-management.md +0 -715
  246. package/.claude/skills/general-it-engineering/resources/enterprise-monitoring.md +0 -729
  247. package/.claude/skills/general-it-engineering/resources/help-desk-operations.md +0 -738
  248. package/.claude/skills/general-it-engineering/resources/incident-service-management.md +0 -834
  249. package/.claude/skills/general-it-engineering/resources/it-governance.md +0 -753
  250. package/.claude/skills/general-it-engineering/resources/itil-framework.md +0 -503
  251. package/.claude/skills/general-it-engineering/resources/service-management.md +0 -669
  252. package/.claude/skills/infrastructure-architecture/SKILL.md +0 -328
  253. package/.claude/skills/infrastructure-architecture/resources/architecture-decision-records.md +0 -505
  254. package/.claude/skills/infrastructure-architecture/resources/architecture-patterns.md +0 -528
  255. package/.claude/skills/infrastructure-architecture/resources/capacity-planning.md +0 -453
  256. package/.claude/skills/infrastructure-architecture/resources/cleared-environment-architecture.md +0 -773
  257. package/.claude/skills/infrastructure-architecture/resources/cost-architecture.md +0 -499
  258. package/.claude/skills/infrastructure-architecture/resources/data-architecture.md +0 -501
  259. package/.claude/skills/infrastructure-architecture/resources/disaster-recovery.md +0 -535
  260. package/.claude/skills/infrastructure-architecture/resources/migration-architecture.md +0 -512
  261. package/.claude/skills/infrastructure-architecture/resources/multi-region-design.md +0 -608
  262. package/.claude/skills/infrastructure-architecture/resources/reference-architectures.md +0 -562
  263. package/.claude/skills/infrastructure-architecture/resources/security-architecture.md +0 -538
  264. package/.claude/skills/infrastructure-architecture/resources/system-design-principles.md +0 -489
  265. package/.claude/skills/infrastructure-architecture/resources/workload-classification.md +0 -1000
  266. package/.claude/skills/infrastructure-strategy/SKILL.md +0 -924
  267. package/.claude/skills/network-engineering/SKILL.md +0 -385
  268. package/.claude/skills/network-engineering/resources/dns-management.md +0 -738
  269. package/.claude/skills/network-engineering/resources/load-balancing.md +0 -820
  270. package/.claude/skills/network-engineering/resources/network-architecture.md +0 -546
  271. package/.claude/skills/network-engineering/resources/network-security.md +0 -921
  272. package/.claude/skills/network-engineering/resources/network-troubleshooting.md +0 -749
  273. package/.claude/skills/network-engineering/resources/routing-switching.md +0 -373
  274. package/.claude/skills/network-engineering/resources/sdn-networking.md +0 -695
  275. package/.claude/skills/network-engineering/resources/service-mesh-networking.md +0 -777
  276. package/.claude/skills/network-engineering/resources/tcp-ip-protocols.md +0 -444
  277. package/.claude/skills/network-engineering/resources/vpn-connectivity.md +0 -672
  278. package/.claude/skills/node-development/SKILL.md +0 -317
  279. package/.claude/skills/observability-engineering/SKILL.md +0 -101
  280. package/.claude/skills/observability-engineering/resources/apm-tools.md +0 -97
  281. package/.claude/skills/observability-engineering/resources/correlation-strategies.md +0 -87
  282. package/.claude/skills/observability-engineering/resources/distributed-tracing.md +0 -98
  283. package/.claude/skills/observability-engineering/resources/logs-aggregation.md +0 -118
  284. package/.claude/skills/observability-engineering/resources/observability-cost-optimization.md +0 -141
  285. package/.claude/skills/observability-engineering/resources/opentelemetry.md +0 -110
  286. package/.claude/skills/platform-engineering/SKILL.md +0 -555
  287. package/.claude/skills/platform-engineering/resources/architecture-overview.md +0 -600
  288. package/.claude/skills/platform-engineering/resources/container-orchestration.md +0 -916
  289. package/.claude/skills/platform-engineering/resources/cost-optimization.md +0 -634
  290. package/.claude/skills/platform-engineering/resources/developer-platforms.md +0 -670
  291. package/.claude/skills/platform-engineering/resources/gitops-automation.md +0 -650
  292. package/.claude/skills/platform-engineering/resources/infrastructure-as-code.md +0 -778
  293. package/.claude/skills/platform-engineering/resources/infrastructure-standards.md +0 -708
  294. package/.claude/skills/platform-engineering/resources/multi-tenancy.md +0 -602
  295. package/.claude/skills/platform-engineering/resources/platform-security.md +0 -711
  296. package/.claude/skills/platform-engineering/resources/resource-management.md +0 -592
  297. package/.claude/skills/platform-engineering/resources/service-mesh.md +0 -628
  298. package/.claude/skills/release-engineering/SKILL.md +0 -393
  299. package/.claude/skills/release-engineering/resources/artifact-management.md +0 -108
  300. package/.claude/skills/release-engineering/resources/build-optimization.md +0 -84
  301. package/.claude/skills/release-engineering/resources/ci-cd-pipelines.md +0 -411
  302. package/.claude/skills/release-engineering/resources/deployment-strategies.md +0 -197
  303. package/.claude/skills/release-engineering/resources/pipeline-security.md +0 -62
  304. package/.claude/skills/release-engineering/resources/progressive-delivery.md +0 -83
  305. package/.claude/skills/release-engineering/resources/release-automation.md +0 -68
  306. package/.claude/skills/release-engineering/resources/release-orchestration.md +0 -77
  307. package/.claude/skills/release-engineering/resources/rollback-strategies.md +0 -66
  308. package/.claude/skills/release-engineering/resources/versioning-strategies.md +0 -59
  309. package/.claude/skills/route-tester/SKILL.md +0 -392
  310. package/.claude/skills/skill-developer/ADVANCED.md +0 -197
  311. package/.claude/skills/skill-developer/HOOK_MECHANISMS.md +0 -306
  312. package/.claude/skills/skill-developer/PATTERNS_LIBRARY.md +0 -152
  313. package/.claude/skills/skill-developer/SKILL.md +0 -430
  314. package/.claude/skills/skill-developer/SKILL_RULES_REFERENCE.md +0 -315
  315. package/.claude/skills/skill-developer/TRIGGER_TYPES.md +0 -305
  316. package/.claude/skills/skill-developer/TROUBLESHOOTING.md +0 -514
  317. package/.claude/skills/skill-rules.json +0 -2989
  318. package/.claude/skills/sre/SKILL.md +0 -464
  319. package/.claude/skills/sre/resources/alerting-best-practices.md +0 -282
  320. package/.claude/skills/sre/resources/capacity-planning.md +0 -226
  321. package/.claude/skills/sre/resources/chaos-engineering.md +0 -193
  322. package/.claude/skills/sre/resources/disaster-recovery.md +0 -232
  323. package/.claude/skills/sre/resources/incident-management.md +0 -436
  324. package/.claude/skills/sre/resources/observability-stack.md +0 -240
  325. package/.claude/skills/sre/resources/on-call-runbooks.md +0 -167
  326. package/.claude/skills/sre/resources/performance-optimization.md +0 -108
  327. package/.claude/skills/sre/resources/reliability-patterns.md +0 -183
  328. package/.claude/skills/sre/resources/slo-sli-sla.md +0 -464
  329. package/.claude/skills/sre/resources/toil-reduction.md +0 -145
  330. package/.claude/skills/systems-engineering/SKILL.md +0 -648
  331. package/.claude/skills/systems-engineering/resources/automation-patterns.md +0 -771
  332. package/.claude/skills/systems-engineering/resources/configuration-management.md +0 -998
  333. package/.claude/skills/systems-engineering/resources/linux-administration.md +0 -672
  334. package/.claude/skills/systems-engineering/resources/networking-fundamentals.md +0 -982
  335. package/.claude/skills/systems-engineering/resources/performance-tuning.md +0 -871
  336. package/.claude/skills/systems-engineering/resources/powershell-scripting.md +0 -482
  337. package/.claude/skills/systems-engineering/resources/security-hardening.md +0 -739
  338. package/.claude/skills/systems-engineering/resources/shell-scripting.md +0 -915
  339. package/.claude/skills/systems-engineering/resources/storage-management.md +0 -628
  340. package/.claude/skills/systems-engineering/resources/system-monitoring.md +0 -787
  341. package/.claude/skills/systems-engineering/resources/troubleshooting-guide.md +0 -753
  342. package/.claude/skills/systems-engineering/resources/windows-administration.md +0 -738
  343. package/.claude/skills/technical-leadership/SKILL.md +0 -728
  344. package/backend/docs/SECRETS_DOCUMENTATION.md +0 -327
  345. package/frontend/dist/assets/index-BC-NbKXi.css +0 -32
  346. package/frontend/dist/assets/index-DqJXZMHY.js +0 -11266
package/.claude/skills/platform-engineering/resources/container-orchestration.md DELETED
@@ -1,916 +0,0 @@
1
- # Container Orchestration with Kubernetes
2
-
3
- Deep dive into Kubernetes architecture, workload patterns, networking, storage, and security best practices for production container orchestration.
4
-
5
- ## Table of Contents
6
-
7
- - [Architecture](#architecture)
8
- - [Workload Resources](#workload-resources)
9
- - [Networking](#networking)
10
- - [Storage](#storage)
11
- - [Configuration Management](#configuration-management)
12
- - [Security](#security)
13
- - [Scaling](#scaling)
14
- - [Best Practices](#best-practices)
15
- - [Anti-Patterns](#anti-patterns)
16
-
17
- ## Architecture
18
-
19
- ### Control Plane Components
20
-
21
- **API Server:**
22
- ```yaml
23
- # All cluster interactions go through API server
24
- kubectl get pods # → API Server
25
- kubectl create -f app.yaml # → API Server
26
- kubectl delete deployment # → API Server
27
- ```
28
-
29
- **etcd:**
30
- ```
31
- # Distributed key-value store for cluster state
32
- /registry/pods/default/nginx-pod
33
- /registry/deployments/production/api-service
34
- /registry/services/default/frontend
35
- ```
36
-
37
- **Scheduler:**
38
- ```
39
- 1. Watch for new pods with no assigned node
40
- 2. Evaluate constraints (resources, affinity, taints)
41
- 3. Score nodes for best fit
42
- 4. Bind pod to selected node
43
- ```
44
-
45
- **Controller Manager:**
46
- ```
47
- Node Controller: Monitor node health
48
- Replication Controller: Maintain desired replica count
49
- Endpoint Controller: Populate endpoint objects
50
- Service Account Controller: Create default service accounts
51
- ```
52
-
53
- ### Node Components
54
-
55
- **Kubelet:**
56
- ```
57
- - Runs on each node
58
- - Manages pod lifecycle
59
- - Reports node and pod status
60
- - Executes health checks
61
- ```
62
-
63
- **Kube-proxy:**
64
- ```
65
- - Maintains network rules
66
- - Handles service networking
67
- - Implements service load balancing
68
- ```
69
-
70
- **Container Runtime:**
71
- ```
72
- - containerd (most common)
73
- - CRI-O
74
- - Docker (deprecated, use containerd)
75
- ```
76
-
77
- ## Workload Resources
78
-
79
- ### Pods
80
-
81
- **Simple Pod:**
82
- ```yaml
83
- apiVersion: v1
84
- kind: Pod
85
- metadata:
86
- name: nginx
87
- labels:
88
- app: nginx
89
- environment: production
90
- spec:
91
- containers:
92
- - name: nginx
93
- image: nginx:1.25
94
- ports:
95
- - containerPort: 80
96
- name: http
97
- protocol: TCP
98
- resources:
99
- requests:
100
- memory: "64Mi"
101
- cpu: "100m"
102
- limits:
103
- memory: "128Mi"
104
- cpu: "500m"
105
- livenessProbe:
106
- httpGet:
107
- path: /healthz
108
- port: 80
109
- initialDelaySeconds: 30
110
- periodSeconds: 10
111
- readinessProbe:
112
- httpGet:
113
- path: /ready
114
- port: 80
115
- initialDelaySeconds: 5
116
- periodSeconds: 5
117
- ```
118
-
119
- **Multi-container Pod (Sidecar Pattern):**
120
- ```yaml
121
- apiVersion: v1
122
- kind: Pod
123
- metadata:
124
- name: app-with-logging
125
- spec:
126
- containers:
127
- # Main application
128
- - name: app
129
- image: myapp:1.0
130
- volumeMounts:
131
- - name: logs
132
- mountPath: /var/log/app
133
-
134
- # Logging sidecar
135
- - name: log-shipper
136
- image: fluent/fluent-bit:2.0
137
- volumeMounts:
138
- - name: logs
139
- mountPath: /var/log/app
140
- readOnly: true
141
-
142
- volumes:
143
- - name: logs
144
- emptyDir: {}
145
- ```
146
-
147
- ### Deployments
148
-
149
- **Production Deployment:**
150
- ```yaml
151
- apiVersion: apps/v1
152
- kind: Deployment
153
- metadata:
154
- name: api-service
155
- namespace: production
156
- labels:
157
- app: api-service
158
- team: platform
159
- spec:
160
- replicas: 3
161
- revisionHistoryLimit: 10
162
-
163
- # Pod selection
164
- selector:
165
- matchLabels:
166
- app: api-service
167
-
168
- # Update strategy
169
- strategy:
170
- type: RollingUpdate
171
- rollingUpdate:
172
- maxSurge: 1 # Allow 1 extra pod during update
173
- maxUnavailable: 0 # No downtime
174
-
175
- # Pod template
176
- template:
177
- metadata:
178
- labels:
179
- app: api-service
180
- version: v1.2.3
181
- annotations:
182
- prometheus.io/scrape: "true"
183
- prometheus.io/port: "8080"
184
- prometheus.io/path: "/metrics"
185
- spec:
186
- # Security context
187
- securityContext:
188
- runAsNonRoot: true
189
- runAsUser: 1000
190
- fsGroup: 1000
191
-
192
- # Service account
193
- serviceAccountName: api-service
194
-
195
- # Init containers
196
- initContainers:
197
- - name: migration
198
- image: api-service:v1.2.3
199
- command: ['npm', 'run', 'migrate']
200
- envFrom:
201
- - secretRef:
202
- name: database-credentials
203
-
204
- # Main containers
205
- containers:
206
- - name: api
207
- image: api-service:v1.2.3
208
- imagePullPolicy: IfNotPresent
209
-
210
- ports:
211
- - name: http
212
- containerPort: 8080
213
- protocol: TCP
214
-
215
- # Environment variables
216
- env:
217
- - name: NODE_ENV
218
- value: "production"
219
- - name: PORT
220
- value: "8080"
221
- - name: DATABASE_URL
222
- valueFrom:
223
- secretKeyRef:
224
- name: database-credentials
225
- key: url
226
-
227
- # Resource management
228
- resources:
229
- requests:
230
- memory: "256Mi"
231
- cpu: "100m"
232
- limits:
233
- memory: "512Mi"
234
- cpu: "1000m"
235
-
236
- # Health checks
237
- livenessProbe:
238
- httpGet:
239
- path: /health
240
- port: 8080
241
- initialDelaySeconds: 30
242
- periodSeconds: 10
243
- timeoutSeconds: 5
244
- failureThreshold: 3
245
-
246
- readinessProbe:
247
- httpGet:
248
- path: /ready
249
- port: 8080
250
- initialDelaySeconds: 10
251
- periodSeconds: 5
252
- timeoutSeconds: 3
253
- failureThreshold: 2
254
-
255
- # Startup probe (for slow-starting apps)
256
- startupProbe:
257
- httpGet:
258
- path: /health
259
- port: 8080
260
- failureThreshold: 30
261
- periodSeconds: 10
262
-
263
- # Volume mounts
264
- volumeMounts:
265
- - name: config
266
- mountPath: /app/config
267
- readOnly: true
268
- - name: cache
269
- mountPath: /app/cache
270
-
271
- # Volumes
272
- volumes:
273
- - name: config
274
- configMap:
275
- name: api-config
276
- - name: cache
277
- emptyDir:
278
- sizeLimit: 1Gi
279
-
280
- # Affinity rules
281
- affinity:
282
- podAntiAffinity:
283
- preferredDuringSchedulingIgnoredDuringExecution:
284
- - weight: 100
285
- podAffinityTerm:
286
- labelSelector:
287
- matchExpressions:
288
- - key: app
289
- operator: In
290
- values:
291
- - api-service
292
- topologyKey: kubernetes.io/hostname
293
- ```
294
-
295
- ### StatefulSets
296
-
297
- **Database StatefulSet:**
298
- ```yaml
299
- apiVersion: apps/v1
300
- kind: StatefulSet
301
- metadata:
302
- name: postgres
303
- namespace: databases
304
- spec:
305
- serviceName: postgres
306
- replicas: 3
307
- selector:
308
- matchLabels:
309
- app: postgres
310
-
311
- template:
312
- metadata:
313
- labels:
314
- app: postgres
315
- spec:
316
- containers:
317
- - name: postgres
318
- image: postgres:15
319
- ports:
320
- - containerPort: 5432
321
- name: postgres
322
-
323
- env:
324
- - name: POSTGRES_PASSWORD
325
- valueFrom:
326
- secretKeyRef:
327
- name: postgres-secret
328
- key: password
329
- - name: PGDATA
330
- value: /var/lib/postgresql/data/pgdata
331
-
332
- volumeMounts:
333
- - name: data
334
- mountPath: /var/lib/postgresql/data
335
-
336
- resources:
337
- requests:
338
- memory: "1Gi"
339
- cpu: "500m"
340
- limits:
341
- memory: "2Gi"
342
- cpu: "2000m"
343
-
344
- # Volume claim templates (creates PVC per pod)
345
- volumeClaimTemplates:
346
- - metadata:
347
- name: data
348
- spec:
349
- accessModes: [ "ReadWriteOnce" ]
350
- storageClassName: fast-ssd
351
- resources:
352
- requests:
353
- storage: 100Gi
354
- ```
355
-
356
- ### DaemonSets
357
-
358
- **Monitoring Agent:**
359
- ```yaml
360
- apiVersion: apps/v1
361
- kind: DaemonSet
362
- metadata:
363
- name: node-exporter
364
- namespace: monitoring
365
- spec:
366
- selector:
367
- matchLabels:
368
- app: node-exporter
369
-
370
- template:
371
- metadata:
372
- labels:
373
- app: node-exporter
374
- spec:
375
- hostNetwork: true
376
- hostPID: true
377
-
378
- containers:
379
- - name: node-exporter
380
- image: prom/node-exporter:v1.6.0
381
- args:
382
- - --path.procfs=/host/proc
383
- - --path.sysfs=/host/sys
384
-
385
- ports:
386
- - containerPort: 9100
387
- hostPort: 9100
388
- name: metrics
389
-
390
- volumeMounts:
391
- - name: proc
392
- mountPath: /host/proc
393
- readOnly: true
394
- - name: sys
395
- mountPath: /host/sys
396
- readOnly: true
397
-
398
- resources:
399
- requests:
400
- memory: "50Mi"
401
- cpu: "50m"
402
- limits:
403
- memory: "100Mi"
404
- cpu: "200m"
405
-
406
- volumes:
407
- - name: proc
408
- hostPath:
409
- path: /proc
410
- - name: sys
411
- hostPath:
412
- path: /sys
413
-
414
- tolerations:
415
- - effect: NoSchedule
416
- operator: Exists
417
- ```
418
-
419
- ## Networking
420
-
421
- ### Services
422
-
423
- **ClusterIP (Internal):**
424
- ```yaml
425
- apiVersion: v1
426
- kind: Service
427
- metadata:
428
- name: api-service
429
- namespace: production
430
- spec:
431
- type: ClusterIP
432
- selector:
433
- app: api-service
434
- ports:
435
- - port: 80
436
- targetPort: 8080
437
- protocol: TCP
438
- name: http
439
- ```
440
-
441
- **LoadBalancer (External):**
442
- ```yaml
443
- apiVersion: v1
444
- kind: Service
445
- metadata:
446
- name: frontend
447
- namespace: production
448
- annotations:
449
- service.beta.kubernetes.io/aws-load-balancer-type: nlb
450
- spec:
451
- type: LoadBalancer
452
- selector:
453
- app: frontend
454
- ports:
455
- - port: 80
456
- targetPort: 8080
457
- protocol: TCP
458
- ```
459
-
460
- **Headless Service (StatefulSet):**
461
- ```yaml
462
- apiVersion: v1
463
- kind: Service
464
- metadata:
465
- name: postgres
466
- namespace: databases
467
- spec:
468
- clusterIP: None # Headless
469
- selector:
470
- app: postgres
471
- ports:
472
- - port: 5432
473
- targetPort: 5432
474
- ```
475
-
476
- ### Ingress
477
-
478
- **NGINX Ingress with TLS:**
479
- ```yaml
480
- apiVersion: networking.k8s.io/v1
481
- kind: Ingress
482
- metadata:
483
- name: app-ingress
484
- namespace: production
485
- annotations:
486
- cert-manager.io/cluster-issuer: letsencrypt-prod
487
- nginx.ingress.kubernetes.io/ssl-redirect: "true"
488
- nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
489
- nginx.ingress.kubernetes.io/rate-limit: "100"
490
- spec:
491
- ingressClassName: nginx
492
-
493
- tls:
494
- - hosts:
495
- - api.example.com
496
- - app.example.com
497
- secretName: app-tls-cert
498
-
499
- rules:
500
- - host: api.example.com
501
- http:
502
- paths:
503
- - path: /
504
- pathType: Prefix
505
- backend:
506
- service:
507
- name: api-service
508
- port:
509
- number: 80
510
-
511
- - host: app.example.com
512
- http:
513
- paths:
514
- - path: /
515
- pathType: Prefix
516
- backend:
517
- service:
518
- name: frontend
519
- port:
520
- number: 80
521
- ```
522
-
523
- ### Network Policies
524
-
525
- **Restrict Pod Communication:**
526
- ```yaml
527
- apiVersion: networking.k8s.io/v1
528
- kind: NetworkPolicy
529
- metadata:
530
- name: api-network-policy
531
- namespace: production
532
- spec:
533
- podSelector:
534
- matchLabels:
535
- app: api-service
536
-
537
- policyTypes:
538
- - Ingress
539
- - Egress
540
-
541
- # Ingress rules
542
- ingress:
543
- - from:
544
- # Allow from frontend pods
545
- - podSelector:
546
- matchLabels:
547
- app: frontend
548
- # Allow from ingress controller
549
- - namespaceSelector:
550
- matchLabels:
551
- name: ingress-nginx
552
- ports:
553
- - protocol: TCP
554
- port: 8080
555
-
556
- # Egress rules
557
- egress:
558
- # Allow DNS
559
- - to:
560
- - namespaceSelector:
561
- matchLabels:
562
- name: kube-system
563
- ports:
564
- - protocol: UDP
565
- port: 53
566
-
567
- # Allow database access
568
- - to:
569
- - podSelector:
570
- matchLabels:
571
- app: postgres
572
- ports:
573
- - protocol: TCP
574
- port: 5432
575
- ```
576
-
577
- ## Storage
578
-
579
- ### PersistentVolume and PersistentVolumeClaim
580
-
581
- **PersistentVolume:**
582
- ```yaml
583
- apiVersion: v1
584
- kind: PersistentVolume
585
- metadata:
586
- name: data-pv-001
587
- spec:
588
- capacity:
589
- storage: 100Gi
590
- volumeMode: Filesystem
591
- accessModes:
592
- - ReadWriteOnce
593
- persistentVolumeReclaimPolicy: Retain
594
- storageClassName: fast-ssd
595
-
596
- # AWS EBS
597
- awsElasticBlockStore:
598
- volumeID: vol-0123456789abcdef
599
- fsType: ext4
600
- ```
601
-
602
- **PersistentVolumeClaim:**
603
- ```yaml
604
- apiVersion: v1
605
- kind: PersistentVolumeClaim
606
- metadata:
607
- name: app-data
608
- namespace: production
609
- spec:
610
- accessModes:
611
- - ReadWriteOnce
612
- storageClassName: fast-ssd
613
- resources:
614
- requests:
615
- storage: 50Gi
616
- ```
617
-
618
- **Usage in Pod:**
619
- ```yaml
620
- apiVersion: v1
621
- kind: Pod
622
- metadata:
623
- name: app
624
- spec:
625
- containers:
626
- - name: app
627
- image: myapp:1.0
628
- volumeMounts:
629
- - mountPath: /data
630
- name: app-data
631
-
632
- volumes:
633
- - name: app-data
634
- persistentVolumeClaim:
635
- claimName: app-data
636
- ```
637
-
638
- ### StorageClass
639
-
640
- **Dynamic Provisioning:**
641
- ```yaml
642
- apiVersion: storage.k8s.io/v1
643
- kind: StorageClass
644
- metadata:
645
- name: fast-ssd
646
- provisioner: kubernetes.io/aws-ebs
647
- parameters:
648
- type: gp3
649
- iops: "3000"
650
- throughput: "125"
651
- encrypted: "true"
652
- volumeBindingMode: WaitForFirstConsumer
653
- allowVolumeExpansion: true
654
- reclaimPolicy: Delete
655
- ```
656
-
657
- ## Configuration Management
658
-
659
- ### ConfigMaps
660
-
661
- ```yaml
662
- apiVersion: v1
663
- kind: ConfigMap
664
- metadata:
665
- name: app-config
666
- namespace: production
667
- data:
668
- # Simple key-value
669
- LOG_LEVEL: "info"
670
- ENABLE_FEATURE_X: "true"
671
-
672
- # Configuration file
673
- nginx.conf: |
674
- server {
675
- listen 80;
676
- server_name _;
677
-
678
- location / {
679
- proxy_pass http://backend:8080;
680
- }
681
- }
682
-
683
- # JSON configuration
684
- config.json: |
685
- {
686
- "database": {
687
- "pool": {
688
- "min": 5,
689
- "max": 20
690
- }
691
- }
692
- }
693
- ```
694
-
695
- ### Secrets
696
-
697
- ```yaml
698
- apiVersion: v1
699
- kind: Secret
700
- metadata:
701
- name: database-credentials
702
- namespace: production
703
- type: Opaque
704
- stringData:
705
- username: admin
706
- password: super-secret-password
707
- url: postgresql://admin:super-secret-password@db:5432/myapp
708
- ```
709
-
710
- **External Secrets Operator:**
711
- ```yaml
712
- apiVersion: external-secrets.io/v1beta1
713
- kind: ExternalSecret
714
- metadata:
715
- name: database-credentials
716
- namespace: production
717
- spec:
718
- refreshInterval: 1h
719
- secretStoreRef:
720
- name: aws-secrets-manager
721
- kind: SecretStore
722
-
723
- target:
724
- name: database-credentials
725
- creationPolicy: Owner
726
-
727
- data:
728
- - secretKey: password
729
- remoteRef:
730
- key: prod/database/password
731
- - secretKey: username
732
- remoteRef:
733
- key: prod/database/username
734
- ```
735
-
736
- ## Security
737
-
738
- ### Pod Security Standards
739
-
740
- ```yaml
741
- apiVersion: v1
742
- kind: Namespace
743
- metadata:
744
- name: production
745
- labels:
746
- pod-security.kubernetes.io/enforce: restricted
747
- pod-security.kubernetes.io/audit: restricted
748
- pod-security.kubernetes.io/warn: restricted
749
- ```
750
-
751
- **Secure Pod:**
752
- ```yaml
753
- apiVersion: v1
754
- kind: Pod
755
- metadata:
756
- name: secure-app
757
- spec:
758
- securityContext:
759
- runAsNonRoot: true
760
- runAsUser: 1000
761
- fsGroup: 1000
762
- seccompProfile:
763
- type: RuntimeDefault
764
-
765
- containers:
766
- - name: app
767
- image: myapp:1.0
768
- securityContext:
769
- allowPrivilegeEscalation: false
770
- readOnlyRootFilesystem: true
771
- capabilities:
772
- drop:
773
- - ALL
774
-
775
- volumeMounts:
776
- - name: tmp
777
- mountPath: /tmp
778
-
779
- volumes:
780
- - name: tmp
781
- emptyDir: {}
782
- ```
783
-
784
- ### RBAC
785
-
786
- **Service Account:**
787
- ```yaml
788
- apiVersion: v1
789
- kind: ServiceAccount
790
- metadata:
791
- name: api-service
792
- namespace: production
793
- ```
794
-
795
- **Role:**
796
- ```yaml
797
- apiVersion: rbac.authorization.k8s.io/v1
798
- kind: Role
799
- metadata:
800
- name: configmap-reader
801
- namespace: production
802
- rules:
803
- - apiGroups: [""]
804
- resources: ["configmaps"]
805
- verbs: ["get", "list", "watch"]
806
- ```
807
-
808
- **RoleBinding:**
809
- ```yaml
810
- apiVersion: rbac.authorization.k8s.io/v1
811
- kind: RoleBinding
812
- metadata:
813
- name: api-service-configmap-reader
814
- namespace: production
815
- subjects:
816
- - kind: ServiceAccount
817
- name: api-service
818
- namespace: production
819
- roleRef:
820
- kind: Role
821
- name: configmap-reader
822
- apiGroup: rbac.authorization.k8s.io
823
- ```
824
-
825
- ## Scaling
826
-
827
- ### Horizontal Pod Autoscaler
828
-
829
- ```yaml
830
- apiVersion: autoscaling/v2
831
- kind: HorizontalPodAutoscaler
832
- metadata:
833
- name: api-service
834
- namespace: production
835
- spec:
836
- scaleTargetRef:
837
- apiVersion: apps/v1
838
- kind: Deployment
839
- name: api-service
840
-
841
- minReplicas: 3
842
- maxReplicas: 100
843
-
844
- metrics:
845
- # CPU-based scaling
846
- - type: Resource
847
- resource:
848
- name: cpu
849
- target:
850
- type: Utilization
851
- averageUtilization: 70
852
-
853
- # Memory-based scaling
854
- - type: Resource
855
- resource:
856
- name: memory
857
- target:
858
- type: Utilization
859
- averageUtilization: 80
860
-
861
- # Custom metrics (requires metrics server)
862
- - type: Pods
863
- pods:
864
- metric:
865
- name: http_requests_per_second
866
- target:
867
- type: AverageValue
868
- averageValue: "1000"
869
-
870
- behavior:
871
- scaleDown:
872
- stabilizationWindowSeconds: 300
873
- policies:
874
- - type: Percent
875
- value: 10
876
- periodSeconds: 60
877
- scaleUp:
878
- stabilizationWindowSeconds: 0
879
- policies:
880
- - type: Percent
881
- value: 50
882
- periodSeconds: 30
883
- ```
884
-
885
- ## Best Practices
886
-
887
- 1. **Always set resource requests and limits**
888
- 2. **Implement health checks (liveness, readiness, startup)**
889
- 3. **Use namespaces for isolation**
890
- 4. **Run containers as non-root**
891
- 5. **Use read-only root filesystems**
892
- 6. **Implement network policies**
893
- 7. **Use secrets for sensitive data**
894
- 8. **Enable pod disruption budgets**
895
- 9. **Use multiple replicas for HA**
896
- 10. **Tag everything with labels**
897
-
898
- ## Anti-Patterns
899
-
900
- ❌ No resource limits (causes node resource exhaustion)
901
- ❌ Running as root user (security vulnerability)
902
- ❌ No health checks (pods stay in service when unhealthy)
903
- ❌ Latest image tag (not reproducible)
904
- ❌ Storing secrets in ConfigMaps
905
- ❌ No pod disruption budgets (maintenance causes downtime)
906
- ❌ Single replica for critical services
907
- ❌ No network policies (unrestricted pod communication)
908
- ❌ Privileged containers (security risk)
909
- ❌ Host network mode (unless required)
910
-
911
- ---
912
-
913
- **Related Resources:**
914
- - [infrastructure-as-code.md](infrastructure-as-code.md) - IaC patterns
915
- - [service-mesh.md](service-mesh.md) - Advanced networking with Istio
916
- - [platform-security.md](platform-security.md) - Security best practices