Back to Details

hyperforce-2025

Compare original and translation side by side

🇺🇸

Original

English
🇨🇳

Translation

Chinese

🚨 CRITICAL GUIDELINES

⚠️ 重要指南

Windows File Path Requirements

Windows文件路径要求

MANDATORY: Always Use Backslashes on Windows for File Paths
When using Edit or Write tools on Windows, you MUST use backslashes (
\
) in file paths, NOT forward slashes (
/
).
Examples:
  • ❌ WRONG: 
    D:/repos/project/file.tsx
  • ✅ CORRECT: 
    D:\repos\project\file.tsx
This applies to:
  • Edit tool file_path parameter
  • Write tool file_path parameter
  • All file operations on Windows systems
强制要求:在Windows系统中始终使用反斜杠表示文件路径
在Windows系统上使用编辑或写入工具时,文件路径必须使用反斜杠(
\
),而非正斜杠(
/
)。
示例:
  • ❌ 错误:
    D:/repos/project/file.tsx
  • ✅ 正确:
    D:\repos\project\file.tsx
此要求适用于:
  • 编辑工具的file_path参数
  • 写入工具的file_path参数
  • Windows系统上的所有文件操作

Documentation Guidelines

文档编写指南

NEVER create new documentation files unless explicitly requested by the user.
  • Priority: Update existing README.md files rather than creating new documentation
  • Repository cleanliness: Keep repository root clean - only README.md unless user requests otherwise
  • Style: Documentation should be concise, direct, and professional - avoid AI-generated tone
  • User preference: Only create additional .md files when user specifically asks for documentation
除非用户明确要求,否则绝不要创建新的文档文件。
  • 优先级:优先更新现有README.md文件,而非创建新文档
  • 仓库整洁性:保持仓库根目录整洁 - 除非用户要求,否则仅保留README.md
  • 风格:文档应简洁、直接、专业 - 避免AI生成式语气
  • 用户偏好:仅在用户明确要求文档时才创建额外的.md文件

Salesforce Hyperforce Architecture (2025)

Salesforce Hyperforce 架构(2025版)

What is Hyperforce?

什么是Hyperforce?

Hyperforce is Salesforce's next-generation infrastructure architecture built on public cloud platforms (AWS, Azure, Google Cloud). It represents a complete re-architecture of Salesforce from data center-based infrastructure to cloud-native, containerized microservices.
Key Innovation: Infrastructure as code that can be deployed anywhere, giving customers choice, control, and data residency compliance.
Hyperforce是Salesforce基于公有云平台(AWS、Azure、谷歌云)构建的下一代基础设施架构。它代表了Salesforce从数据中心基础设施到云原生、容器化微服务的全面重构。
核心创新:基础设施即代码,可在任意环境部署,为客户提供选择权、控制权以及数据驻留合规性保障。

Five Architectural Principles

五大架构原则

1. Immutable Infrastructure

1. 不可变基础设施

Traditional: Patch and update existing servers Hyperforce: Destroy and recreate servers with each deployment
Old Architecture:
Server → Patch → Patch → Patch → Configuration Drift

Hyperforce:
Container Image v1 → Deploy
New Code → Build Container Image v2 → Replace v1 with v2
Result: Every deployment is identical, reproducible
Benefits:
  • No configuration drift
  • Consistent environments (dev = prod)
  • Fast rollback (redeploy previous image)
  • Security patches applied immediately
传统模式:对现有服务器打补丁和更新 Hyperforce模式:每次部署时销毁并重新创建服务器
Old Architecture:
Server → Patch → Patch → Patch → Configuration Drift

Hyperforce:
Container Image v1 → Deploy
New Code → Build Container Image v2 → Replace v1 with v2
Result: Every deployment is identical, reproducible
优势
  • 无配置漂移
  • 环境一致性(开发环境=生产环境)
  • 快速回滚(重新部署旧版本镜像)
  • 立即应用安全补丁

2. Multi-Availability Zone Design

2. 多可用区设计

Architecture:
Region: US-East (Virginia)
├─ Availability Zone A (Data Center 1)
│  ├─ App Servers (Kubernetes pods)
│  ├─ Database Primary
│  └─ Load Balancer
├─ Availability Zone B (Data Center 2)
│  ├─ App Servers (Kubernetes pods)
│  ├─ Database Replica
│  └─ Load Balancer
└─ Availability Zone C (Data Center 3)
   ├─ App Servers (Kubernetes pods)
   ├─ Database Replica
   └─ Load Balancer

Traffic Distribution: Round-robin across all AZs
Failure Handling: If AZ fails, traffic routes to remaining AZs
RTO (Recovery Time Objective): <5 minutes
RPO (Recovery Point Objective): <30 seconds
Impact on Developers:
  • Higher availability (99.95%+ SLA)
  • Transparent failover (no code changes)
  • Regional data residency guaranteed
架构
Region: US-East (Virginia)
├─ Availability Zone A (Data Center 1)
│  ├─ App Servers (Kubernetes pods)
│  ├─ Database Primary
│  └─ Load Balancer
├─ Availability Zone B (Data Center 2)
│  ├─ App Servers (Kubernetes pods)
│  ├─ Database Replica
│  └─ Load Balancer
└─ Availability Zone C (Data Center 3)
   ├─ App Servers (Kubernetes pods)
   ├─ Database Replica
   └─ Load Balancer

Traffic Distribution: Round-robin across all AZs
Failure Handling: If AZ fails, traffic routes to remaining AZs
RTO (Recovery Time Objective): <5 minutes
RPO (Recovery Point Objective): <30 seconds
对开发者的影响
  • 更高可用性(99.95%+ SLA)
  • 透明故障转移(无需修改代码)
  • 区域数据驻留保障

3. Zero Trust Security

3. 零信任安全

Traditional: Perimeter security (firewall protects everything inside) Hyperforce: No implicit trust - verify everything, always
Zero Trust Model:
├─ Identity Verification (MFA required for all users by 2025)
├─ Device Trust (managed devices only)
├─ Network Segmentation (micro-segmentation between services)
├─ Least Privilege Access (minimal permissions by default)
├─ Continuous Monitoring (real-time threat detection)
└─ Encryption Everywhere (TLS 1.3, data at rest encryption)
Code Impact:
apex
// OLD: Assume internal traffic is safe
public without sharing class InternalService {
    // No auth checks - trusted network
}

// HYPERFORCE: Always verify, never trust
public with sharing class InternalService {
    // Always enforce sharing rules
    // Always validate session
    // Always check field-level security

    public List<Account> getAccounts() {
        // WITH SECURITY_ENFORCED prevents data leaks
        return [SELECT Id, Name FROM Account WITH SECURITY_ENFORCED];
    }
}
2025 Requirements:
  • MFA Mandatory: All users must enable MFA
  • Session Security: Shorter session timeouts, IP restrictions
  • API Security: JWT with short expiration (15 minutes)
传统模式:边界安全(防火墙保护内部所有资源) Hyperforce模式:无默认信任 - 始终验证所有请求
Zero Trust Model:
├─ Identity Verification (MFA required for all users by 2025)
├─ Device Trust (managed devices only)
├─ Network Segmentation (micro-segmentation between services)
├─ Least Privilege Access (minimal permissions by default)
├─ Continuous Monitoring (real-time threat detection)
└─ Encryption Everywhere (TLS 1.3, data at rest encryption)
代码影响
apex
// OLD: Assume internal traffic is safe
public without sharing class InternalService {
    // No auth checks - trusted network
}

// HYPERFORCE: Always verify, never trust
public with sharing class InternalService {
    // Always enforce sharing rules
    // Always validate session
    // Always check field-level security

    public List<Account> getAccounts() {
        // WITH SECURITY_ENFORCED prevents data leaks
        return [SELECT Id, Name FROM Account WITH SECURITY_ENFORCED];
    }
}
2025年要求
  • 强制启用MFA:所有用户必须启用多因素认证
  • 会话安全:更短的会话超时时间、IP限制
  • API安全:使用短有效期(15分钟)的JWT

4. Infrastructure as Code (IaC)

4. 基础设施即代码(IaC)

Everything defined as code, version-controlled:
yaml
undefined
所有资源均通过代码定义并纳入版本控制
yaml
undefined

Hyperforce deployment manifest (conceptual)

Hyperforce deployment manifest (conceptual)

apiVersion: hyperforce.salesforce.com/v1 kind: SalesforceOrg metadata: name: production-org region: aws-us-east-1 spec: edition: enterprise features: - agentforce - dataCloud - einstein compute: pods: 50 autoScaling: min: 10 max: 100 targetCPU: 70% storage: size: 500GB replication: 3 backup: frequency: hourly retention: 30days networking: privateLink: enabled ipWhitelist: - 203.0.113.0/24

**Benefits for Developers**:
- **Reproducible**: Recreate exact environment anytime
- **Version Controlled**: Track all infrastructure changes in Git
- **Testable**: Validate infrastructure before deployment
- **Automated**: No manual configuration, eliminates human error
apiVersion: hyperforce.salesforce.com/v1 kind: SalesforceOrg metadata: name: production-org region: aws-us-east-1 spec: edition: enterprise features: - agentforce - dataCloud - einstein compute: pods: 50 autoScaling: min: 10 max: 100 targetCPU: 70% storage: size: 500GB replication: 3 backup: frequency: hourly retention: 30days networking: privateLink: enabled ipWhitelist: - 203.0.113.0/24

**对开发者的优势**:
- **可重现**:随时重建完全一致的环境
- **版本控制**:在Git中跟踪所有基础设施变更
- **可测试**:部署前验证基础设施
- **自动化**:无需手动配置,消除人为错误

5. Clean Slate (No Legacy Constraints)

5. 全新重构(无遗留约束)

Hyperforce rebuilt from scratch:
  • Modern Kubernetes orchestration
  • Cloud-native services (managed databases, object storage)
  • API-first design (everything accessible via API)
  • Microservices architecture (independent scaling)
  • No legacy code or technical debt
Hyperforce从零开始重建
  • 现代化Kubernetes编排
  • 云原生服务(托管数据库、对象存储)
  • API优先设计(所有功能均可通过API访问)
  • 微服务架构(独立扩缩容)
  • 无遗留代码或技术债务

Public Cloud Integration

公有云集成

AWS Hyperforce Architecture

AWS Hyperforce架构

┌────────────────────────────────────────────────────────┐
│                  AWS Region (us-east-1)                │
├────────────────────────────────────────────────────────┤
│  VPC (Virtual Private Cloud)                           │
│  ├─ Public Subnets (3 AZs)                             │
│  │  └─ Application Load Balancer (ALB)                 │
│  ├─ Private Subnets (3 AZs)                            │
│  │  ├─ EKS Cluster (Kubernetes)                        │
│  │  │  ├─ Salesforce App Pods (autoscaling)            │
│  │  │  ├─ Metadata Service Pods                        │
│  │  │  ├─ API Gateway Pods                             │
│  │  │  └─ Background Job Pods (Batch, Scheduled)       │
│  │  ├─ RDS Aurora PostgreSQL (multi-AZ)                │
│  │  ├─ ElastiCache Redis (session storage)             │
│  │  └─ S3 Buckets (attachments, documents)             │
│  └─ Database Subnets (3 AZs)                           │
│     └─ Aurora Database Cluster                         │
├────────────────────────────────────────────────────────┤
│  Additional Services                                   │
│  ├─ CloudWatch (monitoring, logs)                      │
│  ├─ CloudTrail (audit logs)                            │
│  ├─ AWS Shield (DDoS protection)                       │
│  ├─ AWS WAF (web application firewall)                 │
│  ├─ KMS (encryption key management)                    │
│  └─ PrivateLink (secure connectivity)                  │
└────────────────────────────────────────────────────────┘
AWS Services Used:
  • Compute: EKS (Elastic Kubernetes Service)
  • Database: Aurora PostgreSQL (multi-master)
  • Storage: S3 (object storage), EBS (block storage)
  • Networking: VPC, ALB, Route 53, CloudFront CDN
  • Security: IAM, KMS, Shield, WAF, Certificate Manager
┌────────────────────────────────────────────────────────┐
│                  AWS Region (us-east-1)                │
├────────────────────────────────────────────────────────┤
│  VPC (Virtual Private Cloud)                           │
│  ├─ Public Subnets (3 AZs)                             │
│  │  └─ Application Load Balancer (ALB)                 │
│  ├─ Private Subnets (3 AZs)                            │
│  │  ├─ EKS Cluster (Kubernetes)                        │
│  │  │  ├─ Salesforce App Pods (autoscaling)            │
│  │  │  ├─ Metadata Service Pods                        │
│  │  │  ├─ API Gateway Pods                             │
│  │  │  └─ Background Job Pods (Batch, Scheduled)       │
│  │  ├─ RDS Aurora PostgreSQL (multi-AZ)                │
│  │  ├─ ElastiCache Redis (session storage)             │
│  │  └─ S3 Buckets (attachments, documents)             │
│  └─ Database Subnets (3 AZs)                           │
│     └─ Aurora Database Cluster                         │
├────────────────────────────────────────────────────────┤
│  Additional Services                                   │
│  ├─ CloudWatch (monitoring, logs)                      │
│  ├─ CloudTrail (audit logs)                            │
│  ├─ AWS Shield (DDoS protection)                       │
│  ├─ AWS WAF (web application firewall)                 │
│  ├─ KMS (encryption key management)                    │
│  └─ PrivateLink (secure connectivity)                  │
└────────────────────────────────────────────────────────┘
使用的AWS服务
  • 计算:EKS(弹性Kubernetes服务)
  • 数据库:Aurora PostgreSQL(多主节点)
  • 存储:S3(对象存储)、EBS(块存储)
  • 网络:VPC、ALB、Route 53、CloudFront CDN
  • 安全:IAM、KMS、Shield、WAF、证书管理器

Azure Hyperforce Architecture

Azure Hyperforce架构

Azure Region (East US)
├─ Virtual Network (VNet)
│  ├─ AKS (Azure Kubernetes Service)
│  │  └─ Salesforce workloads
│  ├─ Azure Database for PostgreSQL (Hyperscale)
│  ├─ Azure Cache for Redis
│  └─ Azure Blob Storage
├─ Azure Front Door (CDN + Load Balancer)
├─ Azure Monitor (logging, metrics)
├─ Azure Active Directory (identity)
└─ Azure Key Vault (secrets, encryption)
Azure Region (East US)
├─ Virtual Network (VNet)
│  ├─ AKS (Azure Kubernetes Service)
│  │  └─ Salesforce workloads
│  ├─ Azure Database for PostgreSQL (Hyperscale)
│  ├─ Azure Cache for Redis
│  └─ Azure Blob Storage
├─ Azure Front Door (CDN + Load Balancer)
├─ Azure Monitor (logging, metrics)
├─ Azure Active Directory (identity)
└─ Azure Key Vault (secrets, encryption)

Google Cloud Hyperforce Architecture

谷歌云Hyperforce架构

GCP Region (us-central1)
├─ VPC Network
│  ├─ GKE (Google Kubernetes Engine)
│  ├─ Cloud SQL (PostgreSQL)
│  ├─ Memorystore (Redis)
│  └─ Cloud Storage (GCS)
├─ Cloud Load Balancing
├─ Cloud Armor (DDoS protection)
├─ Cloud Monitoring (Stackdriver)
└─ Cloud KMS (encryption)
GCP Region (us-central1)
├─ VPC Network
│  ├─ GKE (Google Kubernetes Engine)
│  ├─ Cloud SQL (PostgreSQL)
│  ├─ Memorystore (Redis)
│  └─ Cloud Storage (GCS)
├─ Cloud Load Balancing
├─ Cloud Armor (DDoS protection)
├─ Cloud Monitoring (Stackdriver)
└─ Cloud KMS (encryption)

Data Residency and Compliance

数据驻留与合规性

Geographic Regions (2025)

地理区域(2025年)

Available Hyperforce Regions:
Americas:
├─ US East (Virginia) - AWS, Azure
├─ US West (Oregon) - AWS
├─ US Central (Iowa) - GCP
├─ Canada (Toronto) - AWS
└─ Brazil (São Paulo) - AWS

Europe:
├─ UK (London) - AWS
├─ Germany (Frankfurt) - AWS, Azure
├─ France (Paris) - AWS
├─ Ireland (Dublin) - AWS
└─ Switzerland (Zurich) - AWS

Asia Pacific:
├─ Japan (Tokyo) - AWS
├─ Australia (Sydney) - AWS
├─ Singapore - AWS
├─ India (Mumbai) - AWS
└─ South Korea (Seoul) - AWS

Middle East:
└─ UAE (Dubai) - AWS
可用Hyperforce区域
Americas:
├─ US East (Virginia) - AWS, Azure
├─ US West (Oregon) - AWS
├─ US Central (Iowa) - GCP
├─ Canada (Toronto) - AWS
└─ Brazil (São Paulo) - AWS

Europe:
├─ UK (London) - AWS
├─ Germany (Frankfurt) - AWS, Azure
├─ France (Paris) - AWS
├─ Ireland (Dublin) - AWS
└─ Switzerland (Zurich) - AWS

Asia Pacific:
├─ Japan (Tokyo) - AWS
├─ Australia (Sydney) - AWS
├─ Singapore - AWS
├─ India (Mumbai) - AWS
└─ South Korea (Seoul) - AWS

Middle East:
└─ UAE (Dubai) - AWS

Data Residency Guarantees

数据驻留保障

What stays in region:
  • All customer data (records, attachments, metadata)
  • Database backups
  • Transaction logs
  • Audit logs
What may leave region:
  • Telemetry data (anonymized performance metrics)
  • Security threat intelligence
  • Platform health monitoring
Code Implication:
apex
// Data residency automatically enforced
// No code changes needed - Hyperforce handles it

// Example: File stored in org's region
ContentVersion cv = new ContentVersion(
    Title = 'Customer Contract',
    PathOnClient = 'contract.pdf',
    VersionData = Blob.valueOf('contract data')
);
insert cv;

// File automatically stored in:
// - AWS S3 in org's region
// - Encrypted at rest (AES-256)
// - Replicated across 3 AZs in region
// - Never leaves region boundary
保留在区域内的内容
  • 所有客户数据(记录、附件、元数据)
  • 数据库备份
  • 事务日志
  • 审计日志
可能离开区域的内容
  • 遥测数据(匿名性能指标)
  • 安全威胁情报
  • 平台健康监控
代码影响
apex
// Data residency automatically enforced
// No code changes needed - Hyperforce handles it

// Example: File stored in org's region
ContentVersion cv = new ContentVersion(
    Title = 'Customer Contract',
    PathOnClient = 'contract.pdf',
    VersionData = Blob.valueOf('contract data')
);
insert cv;

// File automatically stored in:
// - AWS S3 in org's region
// - Encrypted at rest (AES-256)
// - Replicated across 3 AZs in region
// - Never leaves region boundary

Compliance Certifications

合规认证

Hyperforce maintains:
  • SOC 2 Type II: Security, availability, confidentiality
  • ISO 27001: Information security management
  • GDPR: EU data protection compliance
  • HIPAA: Healthcare data protection (BAA available)
  • PCI DSS: Payment card data security
  • FedRAMP: US government cloud security (select regions)
Hyperforce已获得以下认证
  • SOC 2 Type II:安全、可用性、保密性
  • ISO 27001:信息安全管理
  • GDPR:欧盟数据保护合规
  • HIPAA:医疗保健数据保护(可签署业务关联协议BAA)
  • PCI DSS:支付卡数据安全
  • FedRAMP:美国政府云安全(部分区域支持)

Performance Improvements

性能提升

Latency Reduction

延迟降低

Old Architecture (data center-based):
User (Germany) → Transatlantic cable → US Data Center → Response
Latency: 150-200ms
Hyperforce:
User (Germany) → Frankfurt Hyperforce Region → Response
Latency: 10-30ms

Result: 5-10x faster for regional users
旧架构(基于数据中心):
User (Germany) → Transatlantic cable → US Data Center → Response
Latency: 150-200ms
Hyperforce架构
User (Germany) → Frankfurt Hyperforce Region → Response
Latency: 10-30ms

Result: 5-10x faster for regional users

Auto-Scaling

自动扩缩容

Traditional: Fixed capacity, must provision for peak load Hyperforce: Dynamic scaling based on demand
Business Hours (9 AM - 5 PM):
├─ High user load
├─ Kubernetes scales up pods: 50 → 150
└─ Response times maintained

Off Hours (6 PM - 8 AM):
├─ Low user load
├─ Kubernetes scales down pods: 150 → 30
└─ Cost savings (pay for what you use)

Black Friday (peak event):
├─ Extreme load
├─ Kubernetes scales to maximum: 30 → 500 pods in minutes
└─ No downtime, no performance degradation
Governor Limits - No Change:
apex
// Hyperforce does NOT change governor limits
// Limits remain the same as classic Salesforce:
// - 100 SOQL queries per transaction
// - 150 DML statements
// - 6 MB heap size (sync), 12 MB (async)

// But: Infrastructure scales to handle more concurrent users
传统模式:固定容量,必须为峰值负载预留资源 Hyperforce模式:根据需求动态扩缩容
Business Hours (9 AM - 5 PM):
├─ High user load
├─ Kubernetes scales up pods: 50 → 150
└─ Response times maintained

Off Hours (6 PM - 8 AM):
├─ Low user load
├─ Kubernetes scales down pods: 150 → 30
└─ Cost savings (pay for what you use)

Black Friday (peak event):
├─ Extreme load
├─ Kubernetes scales to maximum: 30 → 500 pods in minutes
└─ No downtime, no performance degradation
Governor限制无变化
apex
// Hyperforce does NOT change governor limits
// Limits remain the same as classic Salesforce:
// - 100 SOQL queries per transaction
// - 150 DML statements
// - 6 MB heap size (sync), 12 MB (async)

// But: Infrastructure scales to handle more concurrent users

Migration to Hyperforce

迁移至Hyperforce

Migration Process

迁移流程

Salesforce handles migration (no customer action required):
Phase 1: Assessment (Salesforce internal)
├─ Analyze org size, customizations
├─ Identify any incompatible features
└─ Plan migration window

Phase 2: Pre-Migration (Customer notified)
├─ Salesforce sends notification (90 days notice)
├─ Customer tests in sandbox (migrated first)
└─ Customer validates functionality

Phase 3: Migration (Weekend maintenance window)
├─ Backup all data
├─ Replicate data to Hyperforce
├─ Cutover DNS (redirect traffic)
└─ Validate migration success

Phase 4: Post-Migration
├─ Monitor performance
├─ Support customer issues
└─ Decommission old infrastructure

Downtime: Typically <2 hours
Salesforce负责迁移(无需客户操作):
Phase 1: Assessment (Salesforce internal)
├─ Analyze org size, customizations
├─ Identify any incompatible features
└─ Plan migration window

Phase 2: Pre-Migration (Customer notified)
├─ Salesforce sends notification (90 days notice)
├─ Customer tests in sandbox (migrated first)
└─ Customer validates functionality

Phase 3: Migration (Weekend maintenance window)
├─ Backup all data
├─ Replicate data to Hyperforce
├─ Cutover DNS (redirect traffic)
└─ Validate migration success

Phase 4: Post-Migration
├─ Monitor performance
├─ Support customer issues
└─ Decommission old infrastructure

Downtime: Typically <2 hours

What Changes for Developers?

对开发者有哪些变化?

No Code Changes Required:
apex
// Your Apex code works identically on Hyperforce
public class MyController {
    public List<Account> getAccounts() {
        return [SELECT Id, Name FROM Account LIMIT 10];
    }
}

// No changes needed
// Same APIs, same limits, same behavior
Potential Performance Improvements:
  • Faster API responses (lower latency)
  • Better handling of concurrent users
  • Improved batch job processing (parallel execution)
Backward Compatibility: 100% compatible with existing code
无需修改代码
apex
// Your Apex code works identically on Hyperforce
public class MyController {
    public List<Account> getAccounts() {
        return [SELECT Id, Name FROM Account LIMIT 10];
    }
}

// No changes needed
// Same APIs, same limits, same behavior
潜在性能提升
  • API响应更快(延迟更低)
  • 更好的并发用户处理能力
  • 批处理作业性能提升(并行执行)
向后兼容性:与现有代码100%兼容

Testing Pre-Migration

迁移前测试

Use Sandbox Migration:
1. Salesforce migrates your sandbox first
2. Test all critical functionality:
   ├─ Custom Apex classes
   ├─ Triggers and workflows
   ├─ Integrations (API callouts)
   ├─ Lightning components
   └─ Reports and dashboards

3. Validate performance:
   ├─ Run load tests
   ├─ Check API response times
   └─ Verify batch jobs complete

4. Report any issues to Salesforce
5. Production migration scheduled after sandbox validated
使用沙箱迁移测试
1. Salesforce migrates your sandbox first
2. Test all critical functionality:
   ├─ Custom Apex classes
   ├─ Triggers and workflows
   ├─ Integrations (API callouts)
   ├─ Lightning components
   └─ Reports and dashboards

3. Validate performance:
   ├─ Run load tests
   ├─ Check API response times
   └─ Verify batch jobs complete

4. Report any issues to Salesforce
5. Production migration scheduled after sandbox validated

Hyperforce for Developers

面向开发者的Hyperforce

Enhanced APIs

增强型API

Hyperforce exposes infrastructure APIs:
apex
// Query org's Hyperforce region (API 62.0+)
Organization org = [SELECT Id, InstanceName, InfrastructureRegion__c FROM Organization LIMIT 1];
System.debug('Region: ' + org.InfrastructureRegion__c); // 'aws-us-east-1'

// Check if org is on Hyperforce
System.debug('Is Hyperforce: ' + org.IsHyperforce__c); // true
Hyperforce暴露基础设施API
apex
// Query org's Hyperforce region (API 62.0+)
Organization org = [SELECT Id, InstanceName, InfrastructureRegion__c FROM Organization LIMIT 1];
System.debug('Region: ' + org.InfrastructureRegion__c); // 'aws-us-east-1'

// Check if org is on Hyperforce
System.debug('Is Hyperforce: ' + org.IsHyperforce__c); // true

Private Connectivity

私有连接

AWS PrivateLink / Azure Private Link:
Traditional: Salesforce API → Public Internet → Your API
Security: TLS encryption, but still public internet

Hyperforce PrivateLink: Salesforce API → Private Network → Your API
Security: Never touches public internet, lower latency

Setup:
1. Create VPC Endpoint (AWS) or Private Endpoint (Azure)
2. Salesforce provides service endpoint name
3. Configure Named Credential in Salesforce with private endpoint
4. API calls route over private network
Configuration:
apex
// Named Credential uses PrivateLink endpoint
// Setup → Named Credentials → External API (PrivateLink)
// URL: https://api.internal.example.com (private endpoint)

// Apex callout
HttpRequest req = new HttpRequest();
req.setEndpoint('callout:ExternalAPIPrivateLink/data');
req.setMethod('GET');

Http http = new Http();
HttpResponse res = http.send(req);

// Callout never leaves private network
// Lower latency, higher security
AWS PrivateLink / Azure Private Link
Traditional: Salesforce API → Public Internet → Your API
Security: TLS encryption, but still public internet

Hyperforce PrivateLink: Salesforce API → Private Network → Your API
Security: Never touches public internet, lower latency

Setup:
1. Create VPC Endpoint (AWS) or Private Endpoint (Azure)
2. Salesforce provides service endpoint name
3. Configure Named Credential in Salesforce with private endpoint
4. API calls route over private network
配置
apex
// Named Credential uses PrivateLink endpoint
// Setup → Named Credentials → External API (PrivateLink)
// URL: https://api.internal.example.com (private endpoint)

// Apex callout
HttpRequest req = new HttpRequest();
req.setEndpoint('callout:ExternalAPIPrivateLink/data');
req.setMethod('GET');

Http http = new Http();
HttpResponse res = http.send(req);

// Callout never leaves private network
// Lower latency, higher security

Monitoring

监控

CloudWatch / Azure Monitor Integration:
Salesforce publishes metrics to your cloud account:
├─ API request volume
├─ API response times
├─ Error rates
├─ Governor limit usage
└─ Batch job completion times

Benefits:
- Unified monitoring (Salesforce + your apps)
- Custom alerting (CloudWatch Alarms)
- Cost attribution (AWS Cost Explorer)
CloudWatch / Azure Monitor集成
Salesforce publishes metrics to your cloud account:
├─ API request volume
├─ API response times
├─ Error rates
├─ Governor limit usage
└─ Batch job completion times

Benefits:
- Unified monitoring (Salesforce + your apps)
- Custom alerting (CloudWatch Alarms)
- Cost attribution (AWS Cost Explorer)

Best Practices for Hyperforce

Hyperforce最佳实践

Security

安全

  • Enable MFA: Required for all users in 2025
  • Use WITH SECURITY_ENFORCED: Field-level security in SOQL
  • Implement IP whitelisting: Restrict access to known IPs
  • Monitor audit logs: Setup → Event Monitoring
  • Rotate credentials: API keys, certificates, passwords regularly
  • 启用MFA:2025年强制要求所有用户启用
  • 使用WITH SECURITY_ENFORCED:在SOQL中强制字段级安全
  • 实施IP白名单:限制仅可信IP访问
  • 监控审计日志:在Setup → Event Monitoring中配置
  • 定期轮换凭证:API密钥、证书、密码定期更新

Performance

性能

  • Leverage caching: Platform Cache for frequently accessed data
  • Optimize queries: Use indexed fields, selective queries
  • Async processing: Use @future, Queueable for non-critical work
  • Bulkification: Always design for 200+ records
  • Monitor limits: Use Limits class to track governor limit usage
  • 利用缓存:使用Platform Cache存储频繁访问的数据
  • 优化查询:使用索引字段、选择性查询
  • 异步处理:对非关键任务使用@future、Queueable
  • 批量处理:始终按200+记录的规模设计
  • 监控限制:使用Limits类跟踪Governor限制使用情况

Data Residency

数据驻留

  • Understand requirements: Know your compliance obligations
  • Choose correct region: Select region meeting your needs
  • Validate configurations: Ensure integrations respect boundaries
  • Document decisions: Maintain records of data residency choices
  • 了解合规要求:明确自身的合规义务
  • 选择正确区域:选择符合需求的部署区域
  • 验证配置:确保集成服务遵守区域边界
  • 记录决策:留存数据驻留相关的决策记录

Cost Optimization

成本优化

  • Right-size storage: Archive old data, delete unnecessary records
  • Optimize API calls: Batch API calls, use composite APIs
  • Schedule batch jobs efficiently: Run during off-peak hours
  • Monitor usage: Track API calls, storage, compute usage
  • 合理规划存储:归档旧数据,删除不必要的记录
  • 优化API调用:批量调用API,使用复合API
  • 高效调度批处理作业:在非高峰时段运行
  • 监控使用情况:跟踪API调用、存储、计算资源的使用量

Resources

资源

Future Roadmap (2025+)

未来路线图(2025及以后)

Expected Enhancements:
  • More regions (Africa, additional Asia Pacific)
  • Bring Your Own Cloud (BYOC) - use your own AWS/Azure account
  • Multi-region active-active (write to multiple regions simultaneously)
  • Edge computing (Salesforce at CDN edge locations)
  • Kubernetes cluster API (direct pod management for enterprises)
Hyperforce represents Salesforce's commitment to modern, cloud-native infrastructure that scales globally while meeting the most stringent compliance and performance requirements.
预期增强功能
  • 更多区域(非洲、更多亚太地区)
  • 自带云(BYOC)- 使用您自己的AWS/Azure账户
  • 多区域双活(同时写入多个区域)
  • 边缘计算(Salesforce部署在CDN边缘节点)
  • Kubernetes集群API(企业级直接Pod管理)
Hyperforce体现了Salesforce对现代化云原生基础设施的承诺,可实现全球扩展,同时满足最严格的合规性和性能要求。