nkds

导航

 

MonkeyCode云计算集成方案:云原生时代的AI编程助手

前言

云计算已成为现代软件开发的基石——从AWS、Azure到阿里云、腾讯云,云平台提供了从计算、存储到AI服务的全方位能力。然而,云开发的复杂性也在不断增加:多服务编排、基础设施即代码(IaC)、容器化部署、Serverless架构……MonkeyCode作为AI编程助手,正在为云原生开发者提供前所未有的效率提升。本文将深入探讨MonkeyCode在云计算各领域的实战应用。


一、云计算技术栈全景

1.1 云原生开发全景图

┌─────────────────────────────────────────────────────────────────┐
│                  MonkeyCode 云计算开发全景                         │
├──────────┬──────────┬──────────────┬──────────┬─────────────────┤
│  IaaS层    │  PaaS层   │  Serverless  │ 容器/编排   │ DevOps工具链     │
├──────────┼──────────┼──────────────┼──────────┼─────────────────┤
│ EC2/VM    │ RDS/DB   │ Lambda      │ Docker    │ Terraform       │
│ S3/OSS    │ ElasticCache | Functions  │ Kubernetes| CloudFormation │
│ VPC/网络  │ API Gateway| EventBridge| Helm      │ Ansible         │
│ IAM权限   │ SQS/SNS   │ StepFunctions| Istio     │ GitHub Actions  │
│ CDN/WAF   │ S3触发器  │ DynamoDB    │ Prometheus│ ArgoCD          │
└──────────┴──────────┴──────────────┴──────────┴─────────────────┘

1.2 MonkeyCode在云开发中的核心价值

开发场景 传统方式耗时 MonkeyCode辅助后 效率提升
Terraform编写 2-4小时 10-20分钟 8-12x
Dockerfile生成 30-60分钟 2-5分钟 10x
K8s YAML编排 1-3小时 15-30分钟 6-12x
CI/CD流水线 半天-1天 30-60分钟 8x
CloudFormation 2-3小时 15-25分钟 8x
Lambda函数 1-2小时 5-15分钟 8x

二、实战案例一:Terraform基础设施即代码

2.1 完整的Terraform配置 (AWS)

# MonkeyCode生成的Terraform配置 - AWS完整VPC+ECS+Fargate架构
# 包含: VPC子网、安全组、ALB、ECS集群、RDS、Redis、S3、CloudWatch

terraform {
  required_providers {
    aws = { source = "hashicorp/aws", version = "~> 5.0" }
    random = { source = "hashicorp/random", version = "~> 3.0" }
  }
  
  backend "s3" {
    bucket = "my-terraform-state"
    key    = "prod/infrastructure/terraform.tfstate"
    region = "ap-southeast-1"
    encrypt = true
    dynamodb_table = "terraform-locks"
  }
}

provider "aws" {
  region = var.aws_region
  
  default_tags {
    tags = {
      Project     = var.project_name
      Environment = var.environment
      ManagedBy   = "Terraform"
      Repository  = "monkeyCode-infra"
    }
  }
}

# ──── 变量定义 ────

variable "project_name" { default = "monkeyCode-app" }
variable "environment"  { default = "production" }
variable "aws_region"   { default = "ap-southeast-1" }

variable "vpc_cidr"           { default = "10.0.0.0/16" }
variable "availability_zones" { default = ["ap-southeast-1a", "ap-southeast-1b"] }
variable "private_subnets"    { default = ["10.0.1.0/24", "10.0.2.0/24"] }
variable "public_subnets"     { default = ["10.0.101.0/24", "10.0.102.0/24"] }

variable "app_port"        { default = 3000 }
variable "app_count"       { default = 3 }
variable "instance_type"   { default = "t3.micro" }
variable "db_instance_class" { default = "db.t3.micro" }
variable "db_name"         { default = "monkeycode_db" }

# ──── 随机资源命名 ────

resource "random_pet" "this" { length = 2; prefix = var.project_name }
locals { name_suffix = random_pet.this.id }

# ──── VPC网络 ────

module "vpc" {
  source  = "terraform-aws-modules/vpc/aws"
  version = "~> 5.0"

  name = "${var.project_name}-vpc-${local.name_suffix}"
  cidr = var.vpc_cidr

  azs             = var.availability_zones
  private_subnets  = var.private_subnets
  public_subnets   = var.public_subnets

  enable_nat_gateway     = true
  single_nat_gateway     = true
  one_nat_gateway_per_az = false

  enable_vpn_gateway = false
  enable_dns_hostnames = true
  enable_dns_support   = true

  # 数据库私有子网
  database_subnets = ["10.0.21.0/24", "10.0.22.0/24"]

  tags = { Tier = "Network" }
}

# ──── 安全组 ────

resource "aws_security_group" "alb" {
  name        = "${var.project_name}-alb-${local.name_suffix}"
  description = "ALB Security Group"
  vpc_id      = module.vpc.vpc_id

  ingress {
    from_port   = 80
    to_port     = 80
    protocol    = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
  }
  ingress {
    from_port   = 443
    to_port     = 443
    protocol    = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
  }
  egress { from_port = 0; to_port = 0; protocol = "-1"; cidr_blocks = ["0.0.0.0/0"] }

  tags = { Name = "${var.project_name}-alb-sg"; Tier = "Web" }
}

resource "aws_security_group" "ecs" {
  name        = "${var.project_name}-ecs-${local.name_suffix}"
  description = "ECS Fargate Security Group"
  vpc_id      = module.vpc.vpc_id

  ingress {
    description     = "Allow traffic from ALB"
    from_port       = var.app_port
    to_port         = var.app_port
    protocol        = "tcp"
    security_groups = [aws_security_group.alb.id]
  }
  egress { from_port = 0; to_port = 0; protocol = "-1"; cidr_blocks = ["0.0.0.0/0"] }

  tags = { Name = "${var.project_name}-ecs-sg"; Tier = "App" }
}

resource "aws_security_group" "rds" {
  name        = "${var.project_name}-rds-${local.name_suffix}"
  description = "RDS Security Group"
  vpc_id      = module.vpc.vpc_id

  ingress {
    description     = "Allow ECS to connect to RDS"
    from_port       = 3306
    to_port         = 3306
    protocol        = "tcp"
    security_groups = [aws_security_group.ecs.id]
  }
  tags = { Name = "${var.project_name}-rds-sg"; Tier = "Data" }
}

# ──── ALB负载均衡 ────

resource "aws_lb" "main" {
  name               = "${var.project_name}-alb-${local.name_suffix}"
  internal           = false
  load_balancer_type = "application"
  security_groups    = [aws_security_group.alb.id]
  subnets            = module.vpc.public_subnet_ids

  enable_deletion_protection = var.environment == "production"

  access_logs {
    bucket  = aws_s3.logs_bucket.bucket
    prefix  = "alb-access-logs"
    enabled = true
  }
}

resource "aws_lb_target_group" "app" {
  name     = "${var.project_name}-tg-${local.name_suffix}"
  port     = var.app_port
  protocol = "HTTP"
  vpc_id   = module.vpc.vpc_id

  health_check {
    path                = "/health"
    healthy_threshold   = 2
    unhealthy_threshold = 3
    timeout             = 5
    interval            = 30
    matcher             = "200"
  }
}

resource "aws_lb_listener" "http" {
  load_balancer_arn = aws_lb.main.arn
  port              = 80
  protocol          = "HTTP"

  default_action {
    type = "redirect"
    redirect {
      port        = "443"
      protocol    = "HTTPS"
      status_code = "301"
    }
  }
}

resource "aws_lb_listener" "https" {
  load_balancer_arn = aws_lb.main.arn
  port              = 443
  protocol          = "HTTPS"
  ssl_policy        = "ELBSecurityPolicy-TLS-13-1-2-2021-06"
  certificate_arn   = data.aws_acm_certificate.main.arn

  default_action {
    type             = "forward"
    target_group_arn = aws_lb_target_group.app.arn
  }
}

data "aws_acm_certificate" "main" {
  domain   = "*.example.com"
  statuses = ["ISSUED"]
}

# ──── ECS Fargate集群 ────

resource "aws_ecs_cluster" "main" {
  name = "${var.project_name}-cluster-${local.name_suffix}"

  setting {
    name  = "containerInsights"
    value = "enabled"
  }
}

data "aws_iam_role" "ecs_task_execution" {
  name = "ecsTaskExecutionRole"
}

resource "aws_ecs_task_definition" "app" {
  family                   = "${var.project_name}-task-${local.name_suffix}"
  network_mode             = "awsvpc"
  requires_compatibilities = ["FARGATE"]
  cpu                      = "256"
  memory                   = "512"
  execution_role_arn       = data.aws_iam_role.ecs_task_execution.arn
  task_role_arn           = aws_iam_role.ecs_task.arn

  container_definitions = jsonencode([
    {
      name      = "app-container"
      image     = "${aws_ecr_repository.app.repository_url}:latest"
      essential = true
      portMappings = [{ containerPort = var.app_port, protocol = "tcp" }]
      
      environment = [
        { name = "NODE_ENV", value = var.environment },
        { name = "DB_HOST",  value = aws_db_instance.main.address },
        { name = "DB_NAME",  value = var.db_name },
        { name = "REDIS_ENDPOINT", value = aws_elasticache_cluster.redis.cache_nodes[0].address },
      ]
      
      secrets = [
        { nameFrom = "DB_PASSWORD", valueFrom = aws_secretsmanager_secret.db_password.arn },
      ]
      
      logConfiguration = {
        logDriver = "awslogs"
        options = {
          "awslogs-group"         = aws_cloudwatch_log_group.ecs.name,
          "awslogs-region"        = var.aws_region,
          "awslogs-stream-prefix" = "ecs",
        }
      }
      
      healthCheck = {
        command = ["CMD-SHELL", "curl -f http://localhost:${var.app_port}/health || exit 1"]
        interval = 30
        timeout  = 5
        retries  = 3
        startPeriod = 60
      }
    }
  ])
}

resource "aws_ecs_service" "app" {
  name            = "${var.project_name}-service-${local.name_suffix}"
  cluster         = aws_ecs_cluster.main.id
  task_definition = aws_ecs_task_definition.app.arn
  desired_count   = var.app_count
  launch_type     = "FARGATE"

  network_configuration {
    subnets         = module.vpc.private_subnet_ids
    security_groups = [aws_security_group.ecs.id]
    assign_public_ip = false
  }

  load_balancer {
    target_group_arn = aws_lb_target_group.app.arn
    container_name   = "app-container"
    container_port   = var.app_port
  }

  deployment_controller {
    type = "CODE_DEPLOY"
  }

  deployment_circuit_breaker {
    enable   = true
    rollback = true
  }
}

# ──── RDS MySQL数据库 ────

resource "aws_db_instance" "main" {
  identifier     = "${var.project_name}-db-${local.name_suffix}"
  engine         = "mysql"
  engine_version = "8.0"
  instance_class = var.db_instance_class
  allocated_storage     = 20
  max_allocated_storage = 100
  storage_type          = "gp3"
  storage_encrypted     = true
  kms_key_id            = aws_kms_key.data.arn
  
  db_name  = var.db_name
  username = "admin"
  password = random_password.db_master.result
  
  multi_az               = var.environment == "production"
  db_subnet_group_name   = aws_db_subnet_group.main.name
  vpc_security_group_ids = [aws_security_group.rds.id]
  
  backup_retention_period = 7
  backup_window          = "03:00-04:00"
  maintenance_window    = "Sun:04:00-Sun:05:00"
  
  deletion_protection      = var.environment == "production"
  skip_final_snapshot     = false
  final_snapshot_identifier = "${var.project_name}-final-snapshot-${local.name_suffix}"
  
  performance_insights_enabled = var.environment == "production"
  
  monitoring_interval = var.environment == "production" ? 60 : 0
  
  tags = { Tier = "Data"; Type = "MySQL" }
}

resource "random_password" "db_master" {
  length  = 32; special = false; upper = true; lower = true; numeric = true
}

resource "aws_secretsmanager_secret" "db_password" {
  name                    = "${var.project_name}/db/password"
  recovery_window_in_days = var.environment == "production" ? 30 : 0
}
resource "aws_secretsmanager_secret_version" "db_password" {
  secret_id     = aws_secretsmanager_secret.db_password.id
  secret_string = jsonencode({ username = "admin", password = random_password.db_master.result })
}

# ──── Redis缓存 ────

resource "aws_elasticache_subnet_group" "redis" {
  name       = "${var.project_name}-redis-subnet-${local.name_suffix}"
  subnet_ids = module.vpc.database_subnet_ids
}

resource "aws_elasticache_replication_group" "redis" {
  replication_group_id       = "${var.project_name}-redis-${local.name_suffix}"
  description                 = "Redis cache for ${var.project_name}"
  engine                     = "redis"
  engine_version             = "7.0"
  node_type                  = "cache.t3.micro"
  num_cache_clusters         = var.environment == "production" ? 2 : 1
  automatic_failover_enabled = var.environment == "production"
  port                       = 6379
  parameter_group_name       = "default.redis7"
  subnet_group_name          = aws_elasticache_subnet_group.redis.name
  security_group_ids         = [aws_security_group.ecs.id]
  
  at_rest_encryption_enabled = true
  transit_encryption_enabled = true
  auth_token                 = random_password.redis_auth.result
  
  tags = { Tier = "Cache"; Type = "Redis" }
}

resource "random_password" "redis_auth" { length = 64; special = false }

# ──── S3存储桶 ────

resource "aws_s3_bucket" "assets" {
  bucket = "${var.project_name}-assets-${local.name_suffix}"
  tags   = { Tier = "Storage"; Type = "Assets" }
}

resource "aws_s3_bucket_versioning" "assets" {
  bucket = aws_s3_bucket.assets.id
  versioning_configuration { status = "Enabled" }
}

resource "aws_s3_bucket_server_side_encryption_configuration" "assets" {
  bucket = aws_s3_bucket.assets.id
  rule {
    apply_server_side_encryption_by_default {
      sse_algorithm = "AES256"
    }
  }
}

resource "aws_s3_bucket_public_access_block" "assets" {
  bucket = aws_s3_bucket.assets.id
  block_public_acls   = true
  block_public_policy = true
  ignore_public_acls  = true
  restrict_public_buckets = true
}

resource "aws_s3_bucket" "logs_bucket" {
  bucket = "${var.project_name}-logs-${local.name_suffix}"
  lifecycle_rule {
    id      = "auto-expire"
    enabled = true
    expiration { days = 90 }
  }
}

# ──── ECR容器仓库 ────

resource "aws_ecr_repository" "app" {
  name                 = "${var.project_name}/app"
  image_tag_mutability = "MUTABLE"
  image_scanning_configuration { scan_on_push = true }
  encryption_configuration { encryption_type = "KMS" }
}

# ──── CloudWatch日志和告警 ────

resource "aws_cloudwatch_log_group" "ecs" {
  name              = "/ecs/${var.project_name}"
  retention_in_days = var.environment == "production" ? 30 : 7
}

resource "aws_cloudwatch_metric_alarm" "high_cpu" {
  alarm_name          = "${var.project_name}-cpu-high-${local.name_suffix}"
  comparison_operator = "GreaterThanThreshold"
  evaluation_periods  = 2
  metric_name         = "CPUUtilization"
  namespace           = "AWS/ECS"
  period              = 300
  statistic           = "Average"
  threshold           = 80
  alarm_description   = "Average CPU utilization over 80%"
  alarm_actions       = [aws_sns_topic.alerts.arn]

  dimensions = { ClusterName = aws_ecs_cluster.main.name, ServiceName = aws_ecs_service.app.name }
}

resource "aws_sns_topic" "alerts" { name = "${var.project_name}-alerts-${local.name_suffix}" }

# ──── KMS密钥 ────

resource "aws_kms_key" "data" {
  description             = "KMS key for ${var.project_name} data encryption"
  deletion_window_in_days = var.environment == "production" ? 30 : 7
  enable_key_rotation    = true
}

# ──── 输出值 ────

output "alb_dns_name" { value = aws_lb.main.dns_name; description = "Application Load Balancer DNS" }
output "cluster_name" { value = aws_ecs_cluster.main.name; description = "ECS Cluster Name" }
output "db_endpoint"   { value = aws_db_instance.main.endpoint; description = "RDS Endpoint" }
output "ecr_url"       { value = aws_ecr_repository.app.repository_url; description = "ECR Repository URL" }

三、实战案例二:Docker + Docker Compose全栈配置

# docker-compose.yml - MonkeyCode生成
# 全栈应用: React前端 + Node.js后端 + PostgreSQL + Redis + Nginx反代

version: '3.9'

services:
  # ──── 前端服务 ────
  frontend:
    build:
      context: ./frontend
      dockerfile: Dockerfile
      args:
        - NODE_ENV=production
        - VITE_API_URL=http://api.monkeyCode.local
    image: monkeycode/frontend:latest
    container_name: mc-frontend
    restart: unless-stopped
    ports:
      - "3000:80"
    environment:
      - NODE_ENV=production
    networks:
      - app-network
    depends_on:
      - backend
    deploy:
      resources:
        limits:
          memory: 256M
          cpus: '0.5'
        reservations:
          memory: 128M
          cpus: '0.25'

  # ──── 后端API服务 ────
  backend:
    build:
      context: ./backend
      dockerfile: Dockerfile
    image: monkeycode/backend:latest
    container_name: mc-backend
    restart: unless-stopped
    ports:
      - "4000:4000"
    environment:
      - NODE_ENV=production
      - PORT=4000
      - DATABASE_URL=postgresql://mcuser:mcpassword@postgres:5432/monkeycode
      - REDIS_URL=redis://redis:6379
      - JWT_SECRET=${JWT_SECRET:-change-me-in-production}
      - SESSION_SECRET=${SESSION_SECRET:-change-me-too}
      - LOG_LEVEL=info
    volumes:
      - ./backend/uploads:/app/uploads
      - ./backend/logs:/app/logs
    networks:
      - app-network
    depends_on:
      postgres:
        condition: service_healthy
      redis:
        condition: service_healthy
    healthcheck:
      test: ["CMD", "curl", "-f", "http://localhost:4000/health"]
      interval: 30s
      timeout: 5s
      retries: 3
      start_period: 40s
    deploy:
      replicas: 2
      resources:
        limits:
          memory: 512M
          cpus: '1.0'
      restart_policy:
        condition: on-failure
        delay: 10s
        max_attempts: 3

  # ──── PostgreSQL数据库 ────
  postgres:
    image: postgres:16-alpine
    container_name: mc-postgres
    restart: unless-stopped
    ports:
      - "5432:5432"
    environment:
      POSTGRES_USER: mcuser
      POSTGRES_PASSWORD: mcpassword
      POSTGRES_DB: monkeycode
      PGDATA: /var/lib/postgresql/data/pgdata
    volumes:
      - pg_data:/var/lib/postgresql/data
      - ./init-db:/docker-entrypoint-initdb.d:ro
    networks:
      - app-network
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -U mcuser -d monkeycode"]
      interval: 10s
      timeout: 5s
      retries: 5
    command:
      - "postgres"
      - "-c"
      - "max_connections=200"
      - "-c"
      - "shared_buffers=256MB"
      - "-c"
      - "effective_cache_size=768MB"
      - "-c"
      - "work_mem=4MB"
      - "-c"
      - "maintenance_work_mem=64MB"

  # ──── Redis缓存 ────
  redis:
    image: redis:7-alpine
    container_name: mc-redis
    restart: unless-stopped
    ports:
      - "6379:6379"
    command: redis-server --appendonly yes --maxmemory 128mb --maxmemory-policy allkeys-lru
    volumes:
      - redis_data:/data
    networks:
      - app-network
    healthcheck:
      test: ["CMD", "redis-cli", "ping"]
      interval: 10s
      timeout: 3s
      retries: 3

  # ──── Nginx反向代理 ────
  nginx:
    image: nginx:alpine
    container_name: mc-nginx
    restart: unless-stopped
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - ./nginx/nginx.conf:/etc/nginx/nginx.conf:ro
      - ./nginx/conf.d:/etc/nginx/conf.d:ro
      - ./certs:/etc/nginx/certs:ro
      - nginx_logs:/var/log/nginx
    networks:
      - app-network
    depends_on:
      - frontend
      - backend

networks:
  app-network:
    driver: bridge
    ipam:
      config:
        - subnet: 172.28.0.0/16

volumes:
  pg_data:
    driver: local
  redis_data:
    driver: local
  nginx_logs:
    driver: local
# backend/Dockerfile - 多阶段构建优化
FROM node:20-alpine AS builder
WORKDIR /app
COPY package*.json ./
RUN npm ci --only=production=false && npm run build

FROM node:20-alpine AS runner
RUN addgroup --system --gid 1001 nodejs \
    && adduser --system --uid 1001 appuser
WORKDIR /app
COPY --from=builder --chown=appuser:nodejs /app/dist ./dist
COPY --from=builder --chown=appuser:nodejs /app/node_modules ./node_modules
COPY --from=builder --chown=appuser:nodejs /app/package.json ./package.json
USER appuser
EXPOSE 4000
HEALTHCHECK --interval=30s --timeout=3s CMD curl -f http://localhost:4000/health || exit 1
CMD ["node", "dist/main.js"]

四、实战案例三:GitHub Actions CI/CD流水线

# .github/workflows/deploy.yml - MonkeyCode生成
name: 🚀 Deploy Pipeline

on:
  push:
    branches: [main, develop]
  pull_request:
    branches: [main]
  workflow_dispatch:

env:
  REGISTRY: ghcr.io
  IMAGE_NAME: ${{ github.repository }}

jobs:
  # ──── 测试阶段 ────
  test:
    runs-on: ubuntu-latest
    services:
      postgres:
        image: postgres:16-alpine
        env:
          POSTGRES_USER: test_user
          POSTGRES_PASSWORD: test_pass
          POSTGRES_DB: test_db
        options: >-
          --health-cmd pg_isready
          --health-interval 10s
          --health-timeout 5s
          --health-retries 5
        ports: ['5432:5432']
      redis:
        image: redis:7-alpine
        options: >-
          --health-cmd "redis-cli ping"
          --health-interval 10s
          --health-timeout 5s
          --health-retries 5
        ports: ['6379:6379']

    steps:
      - uses: actions/checkout@v4
      
      - name: Setup Node.js
        uses: actions/setup-node@v4
        with:
          node-version: '20'
          cache: 'npm'
      
      - name: Install dependencies
        run: npm ci
      
      - name: Run linting
        run: npm run lint
      
      - name: Run type check
        run: npm run type-check || true
      
      - name: Run unit tests
        run: npm run test:unit -- --coverage
        env:
          DATABASE_URL: postgresql://test_user:test_pass@localhost:5432/test_db
          REDIS_URL: redis://localhost:6379
          JWT_SECRET: test-secret-for-ci
          NODE_ENV: test
      
      - name: Upload coverage
        if: github.ref == 'refs/heads/main'
        uses: codecov/codecov-action@v3
        with:
          files: ./coverage/lcov.info
          fail_ci_if_error: false

  # ──── 构建镜像 ────
  build:
    needs: test
    runs-on: ubuntu-latest
    permissions:
      contents: read
      packages: write
    
    steps:
      - uses: actions/checkout@v4
      
      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3
      
      - name: Log in to Container Registry
        uses: docker/login-action@v3
        with:
          registry: ${{ env.REGISTRY }}
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}
      
      - name: Extract metadata
        id: meta
        uses: docker/metadata-action@v5
        with:
          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
          tags: |
            type=ref,event=branch
            type=sha,prefix=
            type=raw,value=latest,enable={{is_default_branch}}
      
      - name: Build and push
        uses: docker/build-push-action@v5
        with:
          context: .
          file: ./Dockerfile
          push: true
          tags: ${{ steps.meta.outputs.tags }}
          labels: ${{ steps.meta.outputs.labels }}
          cache-from: type=gha
          cache-to: type=gha,mode=max

  # ──── 部署到Staging ────
  deploy-staging:
    needs: build
    if: github.ref == 'refs/heads/develop'
    runs-on: ubuntu-latest
    environment: staging
    
    steps:
      - uses: actions/checkout@v4
      
      - name: Configure AWS credentials
        uses: aws-actions/configure-aws-credentials@v4
        with:
          role-to-assume: ${{ secrets.AWS_ROLE_STAGING }}
          aws-region: ap-southeast-1
      
      - name: Deploy to ECS
        run: |
          aws ecs update-service \
            --cluster monkeycode-staging-cluster \
            --service app-service \
            --force-new-deployment \
            --task-definition $(aws ecs describe-task-definition \
              --task-definition monkeycode-app-task \
              --query 'taskDefinition.taskDefinitionArn' --output text)
      
      - name: Wait for deployment
        run: |
          echo "Waiting for service to stabilize..."
          aws ecs wait services-stable \
            --cluster monkeycode-staging-cluster \
            --services app-service
          echo "✅ Staging deployment complete!"

  # ──── 部署到Production ────
  deploy-production:
    needs: build
    if: github.ref == 'refs/heads/main'
    runs-on: ubuntu-latest
    environment: production
    
    steps:
      - uses: actions/checkout@v4
      
      - name: Configure AWS credentials
        uses: aws-actions/configure-aws-credentials@v4
        with:
          role-to-assume: ${{ secrets.AWS_ROLE_PROD }}
          aws-region: ap-southeast-1
      
      - name: Run DB migrations
        run: |
          aws ecs run-task \
            --cluster monkeycode-prod-cluster \
            --task-definition monkeycode-migrate-task \
            --launch-type FARGATE \
            --network-configuration "awsvpcConfiguration={subnets=[subnet-xxx],assignPublicIp=DISABLED,securityGroups=[sg-xxx]}"
      
      - name: Blue/Green Deployment
        run: |
          # 使用CodeDeploy进行蓝绿部署
          aws deploy create-deployment \
            --application-name monkeycode-app \
            --deployment-group-name monkeycode-prod-dg \
            --revision "{\"revisionType\":\"AppSpecContent\",\"content\":{\"content\":\"{\\\"version\\\":0.0,\\\"Resources\\\":[{\\\"TargetService\\\":{\\\"Type\\\":\\\"AWS::ECS::Service\\\",\\\"Properties\\\":{\\\"TaskDefinition\\\":\\\"monkeycode-app-task\\\",\\\"LoadBalancerInfo\\\":{\\\"ContainerName\\\":\\\"app-container\\\",\\\"ContainerPort\\\":3000}}}}]}\",\"fileType\":\"YAML\"}}"

五、MonkeyCode云计算提示词模板

📝 MonkeyCode 云计算提示词:

【Terraform】
"用 Terraform 创建一个生产级的 AWS 基础设施:
 - VPC (2个AZ, 公有/私有/数据库子网)
 - ALB + HTTPS终止
 - ECS Fargate集群 (3个任务, 自动扩缩容)
 - RDS MySQL (多可用区, 加密备份)
 - Redis ElastiCache (集群模式)
 - S3 + CloudFront 静态资源
 - CloudWatch告警 + SNS通知
 - 所有资源使用变量和模块化设计"

【Docker】
"为以下项目创建完整的Docker配置:
 - 多阶段优化的Dockerfile (Node.js)
 - docker-compose.yml (含PostgreSQL+Redis+Nginx)
 - .dockerignore文件
 - 生产环境最佳实践(非root用户、健康检查、日志)"

【CI/CD】
"创建 GitHub Actions CI/CD流水线:
 - PR触发自动测试 (单元测试+集成测试+覆盖率报告)
 - main分支自动构建Docker镜像并推送到ECR
 - develop分支自动部署到Staging环境
 - main分支蓝绿部署到Production
 - 包含数据库迁移步骤和回滚机制"

六、总结

MonkeyCode在云计算领域的价值:

  • ☁️ 多云支持 — AWS/Azure/GCP/阿里云等主流云平台全覆盖
  • 🔧 IaC精通 — Terraform/CloudFormation/Pulumi 自动生成
  • 🐳 容器化专家 — Docker/Kubernetes/Helm 一键配置
  • 🚀 DevOps一体化 — 从代码提交到生产部署的全自动化
  • 💰 成本优化 — 智能推荐最经济的资源配置方案

"云不是终点,而是起点。MonkeyCode帮你把云的无限可能变成触手可及的现实。"


本文最后更新:2026年7月16日
作者:MonkeyCode团队

相关阅读:

下一篇预告:[MonkeyCode微服务架构实践]

posted on 2026-07-16 18:57  MonkeyCode  阅读(1)  评论(0)    收藏  举报