backend-principle-eng-python-pro-max
Compare original and translation side by side
🇺🇸
Original
English🇨🇳
Translation
ChineseBackend Principle Eng Python Pro Max
Python资深后端工程专家指南
Principal-level guidance for Python backend systems in product companies. Emphasizes correctness, reliability, and operational excellence.
面向产品公司Python后端系统的资深级指导方案,重点关注正确性、可靠性与卓越运维。
When to Apply
适用场景
- Designing or refactoring Python services, APIs, and data pipelines
- Reviewing PRs for correctness, reliability, performance, and security
- Planning migrations, scalability, or cost optimizations
- Incident follow-ups and systemic fixes
- 设计或重构Python服务、API与数据管道
- 评审PR以确保正确性、可靠性、性能与安全性
- 规划迁移、可扩展性或成本优化方案
- 事件复盘与系统性问题修复
Priority Model (highest to lowest)
优先级模型(从高到低)
| Priority | Category | Goal | Signals |
|---|---|---|---|
| 1 | Correctness & Contracts | No wrong answers | Strong validation, invariants, idempotency |
| 2 | Reliability & Resilience | Survive failures | Timeouts, retries, graceful degradation |
| 3 | Security & Privacy | Zero trust by default | Authz, secrets, minimal data exposure |
| 4 | Performance & Efficiency | Predictable latency | Async I/O, bounded queues, caching |
| 5 | Observability & Operability | Fast triage | Tracing, metrics, runbooks |
| 6 | Data & Consistency | Integrity over time | Safe migrations, outbox, versioning |
| 7 | Scalability & Evolution | Safe growth | Statelessness, partitioning, backpressure |
| 8 | Developer Experience & Testing | Sustainable velocity | CI gates, deterministic tests, typing |
| 优先级 | 类别 | 目标 | 关键指标 |
|---|---|---|---|
| 1 | 正确性与契约 | 无错误输出 | 严格校验、不变量、幂等性 |
| 2 | 可靠性与韧性 | 故障下持续运行 | 超时设置、重试机制、优雅降级 |
| 3 | 安全性与隐私 | 默认零信任 | 授权控制、密钥管理、最小数据暴露 |
| 4 | 性能与效率 | 可预测延迟 | 异步I/O、有界队列、缓存策略 |
| 5 | 可观测性与可运维性 | 快速问题定位 | 链路追踪、指标监控、运维手册 |
| 6 | 数据与一致性 | 长期数据完整性 | 安全迁移、事务发件箱、版本控制 |
| 7 | 可扩展性与演进性 | 安全增长 | 无状态设计、分片策略、背压机制 |
| 8 | 开发者体验与测试 | 可持续交付速度 | CI门禁、确定性测试、类型提示 |
Quick Reference (Rules)
快速参考准则
1. Correctness & Contracts (CRITICAL)
1. 正确性与契约(核心优先级)
- - Versioned schemas and explicit validation
api-contracts - - Validate at boundaries, reject unknowns
input-validation - - Safe retries with idempotency keys
idempotency - - Enforce domain rules in service and database
invariants - - Store UTC, use monotonic clocks for durations
time-utc
- - 带版本的 schema 与显式校验
api-contracts - - 在边界处校验,拒绝未知输入
input-validation - - 基于幂等键实现安全重试
idempotency - - 在服务与数据库中强制执行领域规则
invariants - - 存储UTC时间,使用单调时钟计算时长
time-utc
2. Reliability & Resilience (CRITICAL)
2. 可靠性与韧性(核心优先级)
- - Set per dependency; no unbounded waits
timeouts - - Bounded with jitter; avoid retry storms
retries - - Fail fast for degraded dependencies
circuit-breakers - - Isolate thread pools and task queues
bulkheads - - Graceful degradation under load
load-shedding
- - 为每个依赖设置超时;禁止无限制等待
timeouts - - 带抖动的有限重试;避免重试风暴
retries - - 对降级依赖快速失败
circuit-breakers - - 隔离线程池与任务队列
bulkheads - - 高负载下优雅降级
load-shedding
3. Security & Privacy (CRITICAL)
3. 安全性与隐私(核心优先级)
- - Enforce at every service boundary
authz - - Use vault/KMS; never in code or logs
secrets - - Redact PII by default
data-min - - TLS everywhere; strong defaults
crypto - - Pin deps; scan CVEs
supply-chain
- - 在每个服务边界强制执行授权
authz - - 使用vault/KMS管理;绝不在代码或日志中存储
secrets - - 默认脱敏PII数据
data-min - - 全链路TLS;使用安全默认配置
crypto - - 固定依赖版本;扫描CVE漏洞
supply-chain
4. Performance & Efficiency (HIGH)
4. 性能与效率(高优先级)
- - Use async for I/O bound paths; avoid blocking
async-io - - Right-size DB/HTTP pools; avoid starvation
pooling - - TTL and stampede protection for hot reads
cache - - Batch I/O and DB operations where safe
batching - - Measure before optimizing
profiling
- - I/O密集路径使用异步;避免阻塞
async-io - - 合理配置数据库/HTTP连接池;避免资源饥饿
pooling - - 热点读设置TTL与缓存击穿保护
cache - - 在安全前提下批量处理I/O与数据库操作
batching - - 先测量再优化
profiling
5. Observability & Operability (HIGH)
5. 可观测性与可运维性(高优先级)
- - JSON logs with trace ids
structured-logs - - RED/USE metrics plus business KPIs
metrics - - Propagate context end-to-end
tracing - - SLO-based with runbooks
alerts - - Safe rollouts and rapid rollback
deploys
- - 带追踪ID的JSON格式日志
structured-logs - - RED/USE指标加上业务KPI
metrics - - 端到端传播上下文
tracing - - 基于SLO的告警并附带运维手册
alerts - - 安全发布与快速回滚
deploys
6. Data & Consistency (HIGH)
6. 数据与一致性(高优先级)
- - Clear boundaries; avoid cross-service tx
transactions - - Backward compatible migrations
schema-evolution - - Reliable event publishing
outbox - - Globally unique IDs
id-generation - - Use CQRS when complexity is justified
read-models
- - 明确边界;避免跨服务事务
transactions - - 向后兼容的迁移方案
schema-evolution - - 可靠的事件发布机制
outbox - - 全局唯一ID
id-generation - - 复杂度合理时使用CQRS
read-models
7. Scalability & Evolution (MEDIUM)
7. 可扩展性与演进性(中优先级)
- - Externalize state, scale horizontally
stateless - - Shard by stable keys
partitioning - - API and event versioning
versioning - - Bounded queues, explicit limits
backpressure - - Dynamic config with validation
config
- - 外部化状态,支持水平扩展
stateless - - 基于稳定键分片
partitioning - - API与事件版本控制
versioning - - 有界队列与显式限制
backpressure - - 带校验的动态配置
config
8. Developer Experience & Testing (MEDIUM)
8. 开发者体验与测试(中优先级)
- - Type hints for public APIs and core logic
typing - - Unit, integration, contract, load tests
tests - - Hermetic tests, fixed seeds, stable time
determinism - - Static analysis and formatting
lint
- - 对外API与核心逻辑添加类型提示
typing - - 单元测试、集成测试、契约测试、负载测试
tests - - 封闭环境测试、固定随机种子、稳定时间模拟
determinism - - 静态分析与代码格式化
lint
Execution Workflow
执行流程
- Clarify product goals, SLOs, latency and cost budgets
- Map data flow, dependencies, and failure modes
- Choose storage and consistency model (document tradeoffs)
- Define contracts: API schemas, events, and idempotency
- Implement with safe defaults, observability, and resilience
- Validate with tests, load, and failure scenarios
- Review risks and publish runbooks
- 明确产品目标、SLO、延迟与成本预算
- 梳理数据流、依赖关系与故障模式
- 选择存储与一致性模型(记录权衡方案)
- 定义契约:API schema、事件与幂等性规则
- 基于安全默认配置、可观测性与韧性实现功能
- 通过测试、负载与故障场景验证方案
- 评审风险并发布运维手册
Language-Specific Guidance
语言专属指导
See for stack defaults, async patterns, and tooling.
references/python-core.md详见获取栈默认配置、异步模式与工具相关内容。
references/python-core.md