技能檔案

Incident Response

Name: Incident Response
Author: krazyuniks

Production incident response for GTS. Use for outages, degraded performance, security incidents, and emergency rollbacks.

krazyuniks0 星標2026年1月25日

職業
分類: 項目管理

技能內容

Incident Response Skill

Production incident response procedures for Guitar Tone Shootout.

When to Use: Site down, elevated error rates, security incidents, database issues, or any production emergency.

GTS Deployment Context

Architecture Overview

Component	Technology	Location
Reverse Proxy	nginx:alpine	Docker container
Application	FastAPI + uvicorn	Docker container
Database	PostgreSQL 18	Docker container, volume: `postgres_data`
Cache/Queue	Redis 8.4	Docker container, volume: `redis_data`
Task Workers	TaskIQ	Docker container (2 workers)
Scheduler

相關技能

Incident Response | Skills Pool

nginx (entry point, port 80/443)
  └── backend (port 8000)
        ├── db (PostgreSQL, port 5432)
        └── redis (port 6379)
              ├── worker (TaskIQ)
              └── scheduler (TaskIQ)

Resource	Path
Compose (dev)	`docker-compose.yml`
Compose (prod)	`docker-compose.prod.yml`
nginx config	`nginx.conf.template`
Backend code	`backend/app/`
Static assets	`astro/dist/`
Migrations	`backend/alembic/`
Secrets (prod)	`./secrets/` (file-based Docker secrets)

Level	Definition	Response Time	Examples
P1	Complete outage	Immediate	Site down, DB unreachable
P2	Major degradation	< 15 min	Auth broken, API errors > 50%
P3	Partial impact	< 1 hour	Feature broken, slow performance
P4	Minor issue	< 24 hours	UI bug, non-critical error

Type	Indicators	First Action
Outage	nginx returns 502/503/504	Check service health
DB Issue	Connection errors, slow queries	Check PostgreSQL
Redis Issue	Session loss, job failures	Check Redis
Worker Issue	Jobs stuck, not processing	Check TaskIQ workers
Security	Unusual access, data anomaly	Isolate, preserve evidence

# All services running?
docker compose ps

# nginx health
curl -sf http://localhost/health || echo "nginx DOWN"

# Backend health
curl -sf http://localhost:8000/health/ready || echo "backend DOWN"

# Database
docker compose exec -T db pg_isready -U shootout || echo "db DOWN"

# Redis
docker compose exec -T redis redis-cli ping || echo "redis DOWN"

# Recent logs (all services)
docker compose logs --tail=100

# Service-specific logs with timestamps
docker compose logs -t --tail=50 backend
docker compose logs -t --tail=50 worker
docker compose logs -t --tail=50 nginx

# Resource usage
docker stats --no-stream

# Database connections
docker compose exec -T db psql -U shootout -c "SELECT count(*) FROM pg_stat_activity;"

# Redis memory
docker compose exec -T redis redis-cli info memory | grep used_memory_human

# Pending jobs
docker compose exec -T redis redis-cli llen taskiq:queue:default

Log Pattern	Likely Cause	Check
`connection refused`	Service down	`docker compose ps`
`too many connections`	Connection leak	DB connection pool
`FATAL: role "shootout" does not exist`	DB not initialized	Migrations
`OOM killed`	Memory exhaustion	Resource limits
`timeout waiting for`	Service slow/hung	Resource usage
`permission denied`	Volume/secret issue	File permissions

# Restart single service
docker compose restart backend

# Restart with dependency chain
docker compose restart backend worker scheduler

# Full restart (preserves data)
docker compose down && docker compose up -d

# Kill idle connections
docker compose exec -T db psql -U shootout -c "
SELECT pg_terminate_backend(pid)
FROM pg_stat_activity
WHERE state = 'idle'
AND query_start < now() - interval '5 minutes';"

# Find slow queries
docker compose exec -T db psql -U shootout -c "
SELECT pid, now() - query_start AS duration, query
FROM pg_stat_activity
WHERE state = 'active'
ORDER BY duration DESC
LIMIT 5;"

# Kill specific query
docker compose exec -T db psql -U shootout -c "SELECT pg_cancel_backend(<pid>);"

# Stop all services accessing DB
docker compose stop backend worker scheduler

# Check for corruption
docker compose exec -T db psql -U shootout -c "SELECT * FROM pg_catalog.pg_database WHERE datname = 'shootout';"

# If backup available, restore (see Rollback section)

# Check memory
docker compose exec -T redis redis-cli info memory

# Clear expired keys
docker compose exec -T redis redis-cli --scan --pattern '*' | head -100

# Emergency: flush non-critical data (loses sessions!)
docker compose exec -T redis redis-cli flushdb

# Check queue length
docker compose exec -T redis redis-cli llen taskiq:queue:default

# Check dead letter queue
docker compose exec -T redis redis-cli llen taskiq:dlq:default

# Clear stuck jobs (last resort)
docker compose exec -T redis redis-cli del taskiq:queue:default

# Check worker logs
docker compose logs --tail=50 worker

# Restart workers
docker compose restart worker

# Scale workers (if needed)
docker compose up -d --scale worker=4

# Ensure only ONE scheduler
docker compose ps scheduler

# If multiple, stop extras
docker compose stop scheduler
docker compose up -d scheduler

# Backend unreachable from nginx
docker compose exec nginx curl -sf http://backend:8000/health

# Check nginx config
docker compose exec nginx nginx -t

# Reload nginx config
docker compose exec nginx nginx -s reload

# Verify bind mount
docker compose exec nginx ls -la /static/

# Check file permissions
ls -la astro/dist/

# 1. Find last known good commit
git log --oneline -10

# 2. Check out previous version
git checkout <commit-sha>

# 3. Rebuild and restart (if code change)
docker compose build backend
docker compose up -d backend worker scheduler

# 4. Verify
curl -sf http://localhost:8000/health/ready

# 1. Check current revision
docker compose exec backend alembic current

# 2. Downgrade one step
docker compose exec backend alembic downgrade -1

# 3. Or downgrade to specific revision
docker compose exec backend alembic downgrade <revision>

# 4. Verify
docker compose exec backend alembic current

# 1. Stop all services
docker compose down

# 2. Restore DB from backup
docker volume rm postgres_data
docker volume create postgres_data
# Restore from backup (provider-specific)

# 3. Checkout known-good commit
git checkout <last-known-good-sha>

# 4. Start services
docker compose up -d

# 5. Run migrations (if needed)
docker compose exec backend alembic upgrade head

# 6. Verify all services
docker compose ps
curl -sf http://localhost/health

# 1. Generate new secrets
openssl rand -hex 32 > secrets/secret_key
openssl rand -hex 32 > secrets/db_password

# 2. Update PostgreSQL password
docker compose exec -T db psql -U postgres -c "ALTER USER shootout PASSWORD '<new-password>';"

# 3. Restart services to pick up new secrets
docker compose restart backend worker scheduler

# 4. Invalidate existing sessions (if compromised)
docker compose exec -T redis redis-cli flushdb

# Check auth status
./worktree.py auth-status

# Re-authenticate
./worktree.py auth-login

# Restore session
./worktree.py auth-restore

# Check queue depth
docker compose exec -T redis redis-cli llen taskiq:queue:default

# Check for failed jobs
docker compose exec -T redis redis-cli llen taskiq:dlq:default

# Scale workers temporarily
docker compose up -d --scale worker=4

# After backlog cleared, scale back
docker compose up -d --scale worker=2

# Check storage mount
docker compose exec backend ls -la /app/storage/

# Check disk space
df -h

# Check worker logs for FFmpeg errors
docker compose logs worker | grep -i ffmpeg

## Incident Report: [Title]

**Date:** YYYY-MM-DD
**Duration:** Start time - End time
**Severity:** P1/P2/P3

### Timeline
- HH:MM - [Event]
- HH:MM - [Action taken]
- HH:MM - [Resolution]

### Root Cause
[What caused the incident]

### Impact
- Users affected: ~N
- Data loss: Yes/No
- Features impacted: [list]

### Resolution
[What fixed it]

### Prevention
[What changes prevent recurrence]

Incident Response

Incident Response Skill

GTS Deployment Context

Architecture Overview

Incident Response

Incident Response Skill

GTS Deployment Context

Architecture Overview

Service Dependencies

Key Files & Paths

Production Secrets

Incident Classification

Severity Levels

Incident Types

Diagnostic Procedures

Quick Health Check (30 seconds)

Detailed Diagnostics

Common Error Patterns

Mitigation Procedures

1. Service Restart (First Response)

2. Database Issues

3. Redis Issues

4. Worker/Scheduler Issues

5. nginx/Routing Issues

Rollback Procedures

Code Rollback

Database Migration Rollback

Full System Rollback

Secrets Rotation (Security Incident)

GTS-Specific Incidents

T3K OAuth Token Expired

Job Processing Backlog

Audio Processing Failures

Incident Documentation

Monitoring Checklist

Related

Things Mac

Trello

Production Scheduling

Jira Integration

Production Scheduling

Cost Aware Llm Pipeline