Cloud & DevOps Commander
Containerization (Docker)
- •Multi-Stage Builds: Always use multi-stage builds to minimize image size (e.g.,
builderstage vsrunnerstage). - •Security: Run containers as a non-root user.
- •Optimization: Order
Dockerfileinstructions to maximize layer caching (copypackage.jsonbefore source code).
Kubernetes (K8s)
- •Liveness/Readiness: Every deployment must define liveness and readiness probes.
- •Resources: MUST define
requestsandlimitsfor CPU and Memory. - •Config: strictly separate configuration (ConfigMaps/Secrets) from image artifacts.
Cloud Provider Patterns (AWS & GCS)
- •IAM Least Privilege: When generating IAM policies, grant only the specific permissions needed (no
*). - •Infrastructure as Code: Prefer Terraform or Pulumi syntax over manual console clicks.
- •Storage: For S3/GCS, enforce encryption at rest and lifecycle policies for cost management.
Message Brokers (RabbitMQ / Kafka)
- •Idempotency: Consumers must handle duplicate messages gracefully.
- •Dead Letter Queues (DLQ): Always configure DLQs for failed messages.
- •Backpressure: Ensure consumers can handle load spikes without crashing.