Back to Details

alibabacloud-flink-instance-manage

Compare original and translation side by side

🇺🇸

Original

English
🇨🇳

Translation

Chinese

Alibaba Cloud Flink Instance Manage

阿里云Flink实例管理

Use this skill to operate Alibaba Cloud Flink instances, namespaces, and tags through 
scripts/instance_ops.py
.
通过
scripts/instance_ops.py
使用本技能操作阿里云Flink实例、命名空间和标签。

Execution Entrypoint Lock (mandatory)

执行入口锁(强制要求)

All resource operations in this skill must be executed through:
bash
python scripts/instance_ops.py <command> ...
Hard constraints:
  • Do not execute resource mutations with raw product commands such as 
    aliyun foasconsole ...
    or 
    aliyun ververica ...
    .
  • Do not bypass 
    scripts/instance_ops.py
    by calling OpenAPI/SDK snippets directly during task execution.
  • aliyun version
    and 
    aliyun configure list
    are allowed only as environment diagnostics, not as operation execution entrypoints.
If 
scripts/instance_ops.py
cannot run (for example 
ModuleNotFoundError
):
  1. Follow 
    references/python-environment-setup.md
    to install dependencies and verify.
  2. Re-run 
    python scripts/instance_ops.py describe_regions
    .
  3. If still blocked, stop and report the blocker; do not fallback to raw 
    aliyun foasconsole
    operations.
本技能的所有资源操作必须通过以下入口执行:
bash
python scripts/instance_ops.py <command> ...
硬性约束:
  • 请勿使用
    aliyun foasconsole ...
    aliyun ververica ...
    这类原始产品命令执行资源变更。
  • 任务执行过程中不要直接调用OpenAPI/SDK片段绕过
    scripts/instance_ops.py
  • aliyun version
    aliyun configure list
    仅允许用于环境诊断,不可作为操作执行入口。
如果
scripts/instance_ops.py
无法运行(例如出现
ModuleNotFoundError
):
  1. 参照
    references/python-environment-setup.md
    安装依赖并验证。
  2. 重新运行
    python scripts/instance_ops.py describe_regions
  3. 如果仍无法运行,停止操作并上报阻塞问题,不要回退到原生
    aliyun foasconsole
    操作。

Core lifecycle fast-path (high priority)

核心生命周期快速流程(高优先级)

When user asks an end-to-end lifecycle flow (create/tag/query/delete), execute this strictly in order on the same instance context:
  1. create
    (with 
    --confirm
    ) -> capture created 
    InstanceId
  2. wait/read-back (
    describe
    ) until target instance is visible/operable
  3. tag_resources
    -> 
    list_tags
    verification
  4. untag_resources
    -> 
    list_tags
    verification
  5. describe
    verification for target instance
  6. delete
    (with 
    --force_confirmation
    ) -> 
    describe
    absence verification
Hard rules for lifecycle flows:
  • Do not switch to another pre-existing instance in the middle of a flow unless user explicitly approves the switch.
  • If target instance is still provisioning, poll with read checks first; do not claim tag/delete success without readiness verification.
  • If the same-instance chain cannot be completed, mark 
    incomplete
    and report blocker/remediation; never report completed with partial substitution.
当用户要求端到端生命周期流程(创建/打标签/查询/删除)时,必须在同一实例上下文中严格按以下顺序执行:
  1. create
    (带
    --confirm
    参数)-> 捕获创建完成的
    InstanceId
  2. 等待/回读(
    describe
    )直到目标实例可见/可操作
  3. tag_resources
    -> 通过
    list_tags
    验证
  4. untag_resources
    -> 通过
    list_tags
    验证
  5. 对目标实例执行
    describe
    验证
  6. delete
    (带
    --force_confirmation
    参数)-> 通过
    describe
    验证实例已不存在
生命周期流程的硬性规则:
  • 除非用户明确批准切换,否则流程执行中途不要切换到其他已存在的实例。
  • 如果目标实例仍在部署中,先通过读请求轮询检查,未完成就绪验证前不要声明打标签/删除操作成功。
  • 如果同一实例的操作链无法完成,标记为
    incomplete
    并上报阻塞问题/修复方案,绝对不要用部分替代的方式上报完成。

0) Trigger gate (mandatory)

0) 触发门槛(强制要求)

Apply this skill only when both are true:
  1. User intent is a Flink cloud resource operation (
    create
    , 
    describe
    , 
    modify
    , 
    delete
    , 
    renew
    , 
    convert
    , namespace ops, tag ops, cleanup).
  2. Request clearly targets Flink instance scope (for example Flink 
    instance_id
    , namespace under a Flink instance, Flink instance tags, Flink instance billing or spec changes, Flink instance lifecycle flow).
Do not trigger for unrelated prompts, generic coding questions, or tasks that do not require Flink cloud operations. Do not trigger for non-Flink Alibaba Cloud resources (for example ECS/RDS/SLB instances, VPC-only operations, or generic "Aliyun instance" requests without Flink context).
If request intent is ambiguous, ask one clarification question before running any command.
仅当同时满足以下两个条件时才可使用本技能:
  1. 用户意图是Flink云资源操作(
    create
    describe
    modify
    delete
    renew
    convert
    、命名空间操作、标签操作、清理操作)。
  2. 请求明确指向Flink实例范围(例如Flink 
    instance_id
    、Flink实例下的命名空间、Flink实例标签、Flink实例计费或规格变更、Flink实例生命周期流程)。
无关提示、通用编码问题、不需要Flink云操作的任务请勿触发。非Flink类阿里云资源(例如ECS/RDS/SLB实例、仅VPC相关操作、没有Flink上下文的通用“阿里云实例”请求)请勿触发。
如果请求意图不明确,运行任何命令前先询问一个澄清问题。

1) Quick checks

1) 快速检查

  1. Verify toolchain and credentials before any resource operation.
  2. Use explicit user-provided parameters for region, instance, namespace, and spec.
  3. Run read operations first when a write operation depends on current resource state.
bash
aliyun version
aliyun configure list
Use 
scripts/instance_ops.py
as the only resource-operation execution entrypoint. For toolchain verification, run a read-only operation instead of 
--help
:
bash
python scripts/instance_ops.py describe_regions
If CLI is missing or outdated, read 
references/cli-installation-guide.md
. If permission errors appear, read 
references/ram-policies.md
.
  1. 执行任何资源操作前先验证工具链和凭证。
  2. 区域、实例、命名空间和规格使用用户明确提供的参数。
  3. 当写操作依赖当前资源状态时,先运行读操作。
bash
aliyun version
aliyun configure list
scripts/instance_ops.py
是唯一的资源操作执行入口。工具链验证时运行只读操作而非
--help
bash
python scripts/instance_ops.py describe_regions
如果CLI缺失或版本过旧,阅读
references/cli-installation-guide.md
。如果出现权限错误,阅读
references/ram-policies.md

Credential setup (default credential chain only)

凭证设置(仅使用默认凭证链)

Do not export or hardcode AccessKey ID/Secret in scripts or shell commands. Use Alibaba Cloud default credential chain instead:
bash
undefined
不要在脚本或Shell命令中导出或硬编码AccessKey ID/Secret,改用阿里云默认凭证链:
bash
undefined

Option A (recommended): use default CLI profile credentials

选项A(推荐):使用默认CLI配置文件凭证

aliyun configure aliyun configure list

Option B: when running on Alibaba Cloud compute environments, attach a RAM role
(ECS/ACK/FC/SAE, etc.) and rely on role-based temporary credentials.
aliyun configure aliyun configure list

选项B:在阿里云计算环境中运行时,绑定RAM角色(ECS/ACK/FC/SAE等),使用基于角色的临时凭证。

2) Mandatory safety rules

2) 强制安全规则

For any write operation, confirmation flags are mandatory:
Use the single source of truth in 
references/required-confirmation-model.md
(section 2.2) for the command-to-flag mapping.
Additional guardrails (must follow):
  • Never auto-switch write operation type after a failure.
  • Any fallback that changes operation type requires explicit user approval first.
  • Never substitute target resource (instance/namespace) in a lifecycle flow without explicit user approval.
  • Never assume default region; always require 
    --region_id
    .
  • Never claim success from write response only.
If a required flag is missing:
  1. Do not execute.
  2. Rebuild the command with the correct flag.
  3. Execute once.
Never use blind retries. Follow the retry policy in 
references/output-handling.md
.
任何写操作都必须携带确认标识:
命令与标识的映射关系以
references/required-confirmation-model.md
(2.2节)的内容为唯一可信来源。
额外防护规则(必须遵守):
  • 失败后绝对不要自动切换写操作类型。
  • 任何变更操作类型的回退方案都需要先获得用户明确批准。
  • 没有用户明确批准的情况下,生命周期流程中绝对不要替换目标资源(实例/命名空间)。
  • 绝对不要假设默认区域,始终要求传入
    --region_id
  • 绝对不要仅通过写操作的返回结果就声明操作成功。
如果缺少必填标识:
  1. 不要执行。
  2. 用正确的标识重建命令。
  3. 执行一次。
绝对不要盲目重试,遵循
references/output-handling.md
中的重试策略。

3) End-to-end execution protocol

3) 端到端执行协议

Before running any mutating command (
create
, 
modify_spec
, 
delete
, namespace writes, tag writes):
  1. Read 
    references/required-confirmation-model.md
  2. Read 
    references/output-handling.md
  3. Use command examples in 
    references/core-execution-flow.md
  4. For create-namespace, tag, delete-cleanup, follow 
    references/e2e-playbooks.md
Execution steps:
  1. Plan: list target resources and expected final state.
  2. Execute: run write command with required confirmation flag.
  3. Verify: run follow-up read command and validate state change.
  4. Report: provide closure output including:
    • command result (
      success
      / 
      error.code
      )
    • verification evidence (read-back result)
    • final status (
      completed
      / 
      incomplete
      ) with reason
运行任何变更命令(
create
modify_spec
delete
、命名空间写操作、标签写操作)前:
  1. 阅读
    references/required-confirmation-model.md
  2. 阅读
    references/output-handling.md
  3. 使用
    references/core-execution-flow.md
    中的命令示例
  4. 命名空间创建、打标签、删除清理操作参考
    references/e2e-playbooks.md
执行步骤:
  1. 规划:列出目标资源和预期最终状态。
  2. 执行:运行带必填确认标识的写命令。
  3. 验证:运行后续读命令,校验状态变更是否符合预期。
  4. 上报:提供闭环输出,包括:
    • 命令结果(
      success
      / 
      error.code
    • 验证凭证(回读结果)
    • 最终状态(
      completed
      / 
      incomplete
      )及原因

4) Batch execution protocol

4) 批量执行协议

When user asks batch operations (or provides multiple IDs/names):
  1. Keep deterministic order (input order).
  2. Execute and verify each item independently.
  3. Continue processing remaining items after a single-item failure unless user explicitly requires all-or-nothing.
  4. Return per-item summary: 
    item -> write result -> read-back verification
    .
当用户要求批量操作(或提供多个ID/名称)时:
  1. 保持确定的执行顺序(与输入顺序一致)。
  2. 每个条目独立执行和验证。
  3. 单条目失败后继续处理剩余条目,除非用户明确要求全有或全无。
  4. 返回每个条目的汇总结果:
    条目 -> 写操作结果 -> 回读验证结果

5) Idempotency and consistency rules

5) 幂等性与一致性规则

  • Maximum attempts for same write command: 2 (initial + one corrected retry).
  • AlreadyExists
    can be treated as success only if read-back matches expected target state.
  • NotFound
    during delete/untag can be treated as success only if read-back confirms absence.
  • For eventual consistency, perform read-back up to 3 checks before deciding retry/fail.
  • 同一条写命令的最大尝试次数:2次(初始执行 + 一次修正后重试)。
  • 仅当回读结果与预期目标状态匹配时,
    AlreadyExists
    才可视为成功。
  • 仅当回读确认资源不存在时,删除/取消标签操作中的
    NotFound
    才可视为成功。
  • 针对最终一致性场景,决定重试/失败前最多执行3次回读检查。

6) Completion gate (mandatory)

6) 完成门槛(强制要求)

A write task is complete only when all checks pass:
  1. Write command returns 
    success: true
    (or validated idempotent equivalent).
  2. Follow-up read confirms expected state.
  3. Final output states what changed and how it was verified.
If any check fails, mark task as incomplete and provide remediation guidance.
仅当所有检查都通过时,写任务才算完成:
  1. 写命令返回
    success: true
    (或经过验证的幂等等价结果)。
  2. 后续读操作确认状态符合预期。
  3. 最终输出说明变更内容及验证方式。
如果任何检查失败,将任务标记为未完成并提供修复指导。

7) References

7) 参考文档

  • references/quick-start.md
    : compact command checklist
  • references/required-confirmation-model.md
    : confirmation gate and flag mapping
  • references/core-execution-flow.md
    : operation command flow and examples
  • references/e2e-playbooks.md
    : end-to-end playbooks for key scenarios
  • references/output-handling.md
    : output parsing and retry handling
  • references/related-apis.md
    : API and CLI mapping
  • references/ram-policies.md
    : required RAM permissions and policy guidance
  • references/verification-method.md
    : post-execution verification steps
  • references/acceptance-criteria.md
    : expected success and failure behaviors
  • references/python-environment-setup.md
    : Python runtime and dependency setup
  • references/cli-installation-guide.md
    : Aliyun CLI install and configuration
  • references/quick-start.md
    :精简命令检查清单
  • references/required-confirmation-model.md
    :确认门槛和标识映射
  • references/core-execution-flow.md
    :操作命令流程和示例
  • references/e2e-playbooks.md
    :核心场景端到端操作指南
  • references/output-handling.md
    :输出解析和重试处理
  • references/related-apis.md
    :API和CLI映射关系
  • references/ram-policies.md
    :所需RAM权限和策略指导
  • references/verification-method.md
    :执行后验证步骤
  • references/acceptance-criteria.md
    :预期成功和失败行为
  • references/python-environment-setup.md
    :Python运行时和依赖设置
  • references/cli-installation-guide.md
    :Aliyun CLI安装和配置