Back to Details

devops

Compare original and translation side by side

🇺🇸

Original

English
🇨🇳

Translation

Chinese

DevOps Skill

DevOps 技能指南

Comprehensive guide for deploying and managing cloud infrastructure across Cloudflare edge platform, Docker containerization, and Google Cloud Platform.
一份关于在Cloudflare边缘平台、Docker容器化环境以及Google Cloud Platform上部署和管理云基础设施的综合指南。

When to Use This Skill

何时使用该技能

Use this skill when:
  • Deploying serverless applications to Cloudflare Workers
  • Containerizing applications with Docker
  • Managing Google Cloud infrastructure with gcloud CLI
  • Setting up CI/CD pipelines across platforms
  • Optimizing cloud infrastructure costs
  • Implementing multi-region deployments
  • Building edge-first architectures
  • Managing container orchestration with Kubernetes
  • Configuring cloud storage solutions (R2, Cloud Storage)
  • Automating infrastructure with scripts and IaC
在以下场景使用该技能:
  • 将无服务器应用部署到Cloudflare Workers
  • 使用Docker对应用进行容器化
  • 通过gcloud CLI管理Google Cloud基础设施
  • 跨平台搭建CI/CD流水线
  • 优化云基础设施成本
  • 实施多区域部署
  • 构建边缘优先架构
  • 使用Kubernetes管理容器编排
  • 配置云存储解决方案(R2、Cloud Storage)
  • 通过脚本和基础设施即代码(IaC)实现基础设施自动化

Platform Selection Guide

平台选择指南

When to Use Cloudflare

何时选择Cloudflare

Best For:
  • Edge-first applications with global distribution
  • Ultra-low latency requirements (<50ms)
  • Static sites with serverless functions
  • Zero egress cost scenarios (R2 storage)
  • WebSocket/real-time applications (Durable Objects)
  • AI/ML at the edge (Workers AI)
Key Products:
  • Workers (serverless functions)
  • R2 (object storage, S3-compatible)
  • D1 (SQLite database with global replication)
  • KV (key-value store)
  • Pages (static hosting + functions)
  • Durable Objects (stateful compute)
  • Browser Rendering (headless browser automation)
Cost Profile: Pay-per-request, generous free tier, zero egress fees
最佳适用场景:
  • 需要全球分发的边缘优先应用
  • 超低延迟需求(<50ms)
  • 搭配无服务器函数的静态站点
  • 零出口成本场景(R2存储)
  • WebSocket/实时应用(Durable Objects)
  • 边缘AI/ML(Workers AI)
核心产品:
  • Workers(无服务器函数)
  • R2(对象存储,兼容S3)
  • D1(支持全球复制的SQLite数据库)
  • KV(键值存储)
  • Pages(静态托管+函数)
  • Durable Objects(有状态计算)
  • Browser Rendering(无头浏览器自动化)
成本概况: 按请求付费,免费额度充足,零出口费用

When to Use Docker

何时选择Docker

Best For:
  • Local development consistency
  • Microservices architectures
  • Multi-language stack applications
  • Traditional VPS/VM deployments
  • Kubernetes orchestration
  • CI/CD build environments
  • Database containerization (dev/test)
Key Capabilities:
  • Application isolation and portability
  • Multi-stage builds for optimization
  • Docker Compose for multi-container apps
  • Volume management for data persistence
  • Network configuration and service discovery
  • Cross-platform compatibility (amd64, arm64)
Cost Profile: Infrastructure cost only (compute + storage)
最佳适用场景:
  • 本地开发环境一致性保障
  • 微服务架构
  • 多技术栈应用
  • 传统VPS/VM部署
  • Kubernetes编排
  • CI/CD构建环境
  • 数据库容器化(开发/测试环境)
核心能力:
  • 应用隔离与可移植性
  • 多阶段构建优化
  • Docker Compose多容器应用管理
  • 数据持久化卷管理
  • 网络配置与服务发现
  • 跨平台兼容性(amd64、arm64)
成本概况: 仅需支付基础设施成本(计算+存储)

When to Use Google Cloud

何时选择Google Cloud

Best For:
  • Enterprise-scale applications
  • Data analytics and ML pipelines (BigQuery, Vertex AI)
  • Hybrid/multi-cloud deployments
  • Kubernetes at scale (GKE)
  • Managed databases (Cloud SQL, Firestore, Spanner)
  • Complex IAM and compliance requirements
Key Services:
  • Compute Engine (VMs)
  • GKE (managed Kubernetes)
  • Cloud Run (containerized serverless)
  • App Engine (PaaS)
  • Cloud Storage (object storage)
  • Cloud SQL (managed databases)
Cost Profile: Varied pricing, sustained use discounts, committed use contracts
最佳适用场景:
  • 企业级应用
  • 数据分析与ML流水线(BigQuery、Vertex AI)
  • 混合/多云部署
  • 大规模Kubernetes(GKE)
  • 托管数据库(Cloud SQL、Firestore、Spanner)
  • 复杂IAM与合规要求
核心服务:
  • Compute Engine(虚拟机)
  • GKE(托管式Kubernetes)
  • Cloud Run(容器化无服务器)
  • App Engine(平台即服务)
  • Cloud Storage(对象存储)
  • Cloud SQL(托管数据库)
成本概况: 定价多样,包含持续使用折扣、承诺使用合约

Quick Start

快速开始

Cloudflare Workers

Cloudflare Workers

bash
undefined
bash
undefined

Install Wrangler CLI

Install Wrangler CLI

npm install -g wrangler
npm install -g wrangler

Create and deploy Worker

Create and deploy Worker

wrangler init my-worker cd my-worker wrangler deploy

See: `references/cloudflare-workers-basics.md`
wrangler init my-worker cd my-worker wrangler deploy

参考:`references/cloudflare-workers-basics.md`

Docker Container

Docker容器

bash
undefined
bash
undefined

Create Dockerfile

Create Dockerfile

cat > Dockerfile <<EOF FROM node:20-alpine WORKDIR /app COPY package*.json ./ RUN npm ci --production COPY . . EXPOSE 3000 CMD ["node", "server.js"] EOF
cat > Dockerfile <<EOF FROM node:20-alpine WORKDIR /app COPY package*.json ./ RUN npm ci --production COPY . . EXPOSE 3000 CMD ["node", "server.js"] EOF

Build and run

Build and run

docker build -t myapp . docker run -p 3000:3000 myapp

See: `references/docker-basics.md`
docker build -t myapp . docker run -p 3000:3000 myapp

参考:`references/docker-basics.md`

Google Cloud Deployment

Google Cloud部署

bash
undefined
bash
undefined

Install and authenticate

Install and authenticate

curl https://sdk.cloud.google.com | bash gcloud init gcloud auth login
curl https://sdk.cloud.google.com | bash gcloud init gcloud auth login

Deploy to Cloud Run

Deploy to Cloud Run

gcloud run deploy my-service
--image gcr.io/project/image
--region us-central1

See: `references/gcloud-platform.md`
gcloud run deploy my-service
--image gcr.io/project/image
--region us-central1

参考:`references/gcloud-platform.md`

Reference Navigation

参考文档导航

Cloudflare Platform

Cloudflare平台

  • cloudflare-platform.md
    - Edge computing overview, key components
  • cloudflare-workers-basics.md
    - Getting started, handler types, basic patterns
  • cloudflare-workers-advanced.md
    - Advanced patterns, performance, optimization
  • cloudflare-workers-apis.md
    - Runtime APIs, bindings, integrations
  • cloudflare-r2-storage.md
    - R2 object storage, S3 compatibility, best practices
  • cloudflare-d1-kv.md
    - D1 SQLite database, KV store, use cases
  • browser-rendering.md
    - Puppeteer/Playwright automation on Cloudflare
  • cloudflare-platform.md
    - 边缘计算概述、核心组件
  • cloudflare-workers-basics.md
    - 入门指南、处理器类型、基础模式
  • cloudflare-workers-advanced.md
    - 进阶模式、性能优化
  • cloudflare-workers-apis.md
    - 运行时API、绑定、集成
  • cloudflare-r2-storage.md
    - R2对象存储、S3兼容性、最佳实践
  • cloudflare-d1-kv.md
    - D1 SQLite数据库、KV存储、使用场景
  • browser-rendering.md
    - Cloudflare上的Puppeteer/Playwright自动化

Docker Containerization

Docker容器化

  • docker-basics.md
    - Core concepts, Dockerfile, images, containers
  • docker-compose.md
    - Multi-container apps, networking, volumes
  • docker-basics.md
    - 核心概念、Dockerfile、镜像、容器
  • docker-compose.md
    - 多容器应用、网络、卷

Google Cloud Platform

Google Cloud Platform

  • gcloud-platform.md
    - GCP overview, gcloud CLI, authentication
  • gcloud-services.md
    - Compute Engine, GKE, Cloud Run, App Engine
  • gcloud-platform.md
    - GCP概述、gcloud CLI、身份验证
  • gcloud-services.md
    - Compute Engine、GKE、Cloud Run、App Engine

Python Utilities

Python工具

  • scripts/cloudflare-deploy.py
    - Automate Cloudflare Worker deployments
  • scripts/docker-optimize.py
    - Analyze and optimize Dockerfiles
  • scripts/cloudflare-deploy.py
    - 自动化Cloudflare Worker部署
  • scripts/docker-optimize.py
    - 分析并优化Dockerfile

Common Workflows

常见工作流

Edge + Container Hybrid

边缘+容器混合架构

yaml
undefined
yaml
undefined

Cloudflare Workers (API Gateway)

Cloudflare Workers (API网关)

-> Docker containers on Cloud Run (Backend Services)

-> Cloud Run上的Docker容器(后端服务)

-> R2 (Object Storage)

-> R2 (对象存储)

Benefits:

优势:

- Edge caching and routing

- 边缘缓存与路由

- Containerized business logic

- 容器化业务逻辑

- Global distribution

- 全球分发

undefined
undefined

Multi-Stage Docker Build

多阶段Docker构建

dockerfile
undefined
dockerfile
undefined

Build stage

Build stage

FROM node:20-alpine AS build WORKDIR /app COPY package*.json ./ RUN npm ci COPY . . RUN npm run build
FROM node:20-alpine AS build WORKDIR /app COPY package*.json ./ RUN npm ci COPY . . RUN npm run build

Production stage

Production stage

FROM node:20-alpine WORKDIR /app COPY --from=build /app/dist ./dist COPY --from=build /app/node_modules ./node_modules USER node CMD ["node", "dist/server.js"]
undefined
FROM node:20-alpine WORKDIR /app COPY --from=build /app/dist ./dist COPY --from=build /app/node_modules ./node_modules USER node CMD ["node", "dist/server.js"]
undefined

CI/CD Pipeline Pattern

CI/CD流水线模式

yaml
undefined
yaml
undefined

1. Build: Docker multi-stage build

1. 构建: Docker多阶段构建

2. Test: Run tests in container

2. 测试: 在容器中运行测试

3. Push: Push to registry (GCR, Docker Hub)

3. 推送: 推送到镜像仓库(GCR、Docker Hub)

4. Deploy: Deploy to Cloudflare Workers / Cloud Run

4. 部署: 部署到Cloudflare Workers / Cloud Run

5. Verify: Health checks and smoke tests

5. 验证: 健康检查与冒烟测试

undefined
undefined

Best Practices

最佳实践

Security

安全

  • Run containers as non-root user
  • Use service account impersonation (GCP)
  • Store secrets in environment variables, not code
  • Scan images for vulnerabilities (Docker Scout)
  • Use API tokens with minimal permissions
  • 以非root用户运行容器
  • 使用服务账号模拟(GCP)
  • 将密钥存储在环境变量中,而非代码里
  • 扫描镜像漏洞(Docker Scout)
  • 使用权限最小化的API令牌

Performance

性能

  • Multi-stage Docker builds to reduce image size
  • Edge caching with Cloudflare KV
  • Use R2 for zero egress cost storage
  • Implement health checks for containers
  • Set appropriate timeouts and resource limits
  • 多阶段Docker构建以减小镜像体积
  • 基于Cloudflare KV的边缘缓存
  • 使用R2实现零出口成本存储
  • 为容器配置健康检查
  • 设置合适的超时时间与资源限制

Cost Optimization

成本优化

  • Use Cloudflare R2 instead of S3 for large egress
  • Implement caching strategies (edge + KV)
  • Right-size container resources
  • Use sustained use discounts (GCP)
  • Monitor usage with cloud provider dashboards
  • 用Cloudflare R2替代S3以节省大量出口费用
  • 实施缓存策略(边缘+KV)
  • 合理配置容器资源规格
  • 使用GCP持续使用折扣
  • 通过云服务商仪表盘监控使用情况

Development

开发

  • Use Docker Compose for local development
  • Wrangler dev for local Worker testing
  • Named gcloud configurations for multi-environment
  • Version control infrastructure code
  • Implement automated testing in CI/CD
  • 使用Docker Compose进行本地开发
  • 使用Wrangler dev进行本地Worker测试
  • 为多环境配置命名gcloud配置
  • 对基础设施代码进行版本控制
  • 在CI/CD中实现自动化测试

Decision Matrix

决策矩阵

NeedChoose
Sub-50ms latency globallyCloudflare Workers
Large file storage (zero egress)Cloudflare R2
SQL database (global reads)Cloudflare D1
Containerized workloadsDocker + Cloud Run/GKE
Enterprise KubernetesGKE
Managed relational DBCloud SQL
Static site + APICloudflare Pages
WebSocket/real-timeCloudflare Durable Objects
ML/AI pipelinesGCP Vertex AI
Browser automationCloudflare Browser Rendering
需求选择方案
全球范围内延迟低于50msCloudflare Workers
大文件存储(零出口成本)Cloudflare R2
SQL数据库(全球读取)Cloudflare D1
容器化工作负载Docker + Cloud Run/GKE
企业级KubernetesGKE
托管关系型数据库Cloud SQL
静态站点+APICloudflare Pages
WebSocket/实时应用Cloudflare Durable Objects
ML/AI流水线GCP Vertex AI
浏览器自动化Cloudflare Browser Rendering

Resources

资源链接

Implementation Checklist

实施检查清单

Cloudflare Workers

Cloudflare Workers

  • Install Wrangler CLI
  • Create Worker project
  • Configure wrangler.toml (bindings, routes)
  • Test locally with 
    wrangler dev
  • Deploy with 
    wrangler deploy
  • 安装Wrangler CLI
  • 创建Worker项目
  • 配置wrangler.toml(绑定、路由)
  • 使用
    wrangler dev
    本地测试
  • 使用
    wrangler deploy
    部署

Docker

Docker

  • Write Dockerfile with multi-stage builds
  • Create .dockerignore file
  • Test build locally
  • Push to registry
  • Deploy to target platform
  • 编写带多阶段构建的Dockerfile
  • 创建.dockerignore文件
  • 本地测试构建
  • 推送到镜像仓库
  • 部署到目标平台

Google Cloud

Google Cloud

  • Install gcloud CLI
  • Authenticate with service account
  • Create project and enable APIs
  • Configure IAM permissions
  • Deploy and monitor resources
  • 安装gcloud CLI
  • 通过服务账号完成身份验证
  • 创建项目并启用API
  • 配置IAM权限
  • 部署并监控资源