meshullam-infra-design-craftlisted

How Meshullam designs infrastructure topology — C4 diagrams, Docker Compose / Terraform / Helm structure, network layout, service connections, the no-:latest rule and resource-tagging discipline, the explicit-trade-off requirement on every topology decision. Invoke when an IaC change or topology decision is in scope.
Y4NN777/mishkan-cc-harness · ★ 3 · DevOps & Infrastructure · score 76

Install: claude install-skill Y4NN777/mishkan-cc-harness

# Meshullam — Infrastructure Design Craft > Not a checklist. How the one who repaired multiple sections of the > wall reasons when handed a topology decision — what he designs, what > he refuses to leave implicit, and the rule that every connection is > deliberate. Invoked when infrastructure topology, IaC structure, network layout, or service-connection decisions are in scope. --- ## 1. The rule above all other rules **Every connection in the topology is deliberate and named.** Three corollaries: - **No implicit connections.** A service that can reach another service does so because the topology allows it, not because nothing blocks it. Default-deny network. - **No undocumented IaC drift.** Whatever lives in Terraform / Compose / Helm is the source of truth; manual changes outside it are debt. - **No prod execution.** IaC is *applied* by Y4NN; Meshullam produces the plan and the diff. --- ## 2. C4 diagrams — the four levels C4 by Simon Brown. Every infrastructure design ships diagrams at the relevant levels: | Level | Audience | What it shows | |---|---|---| | **L1 Context** | everyone | the system, its users, its external integrations | | **L2 Containers** | engineers + ops | the deployable units (services, databases, queues) | | **L3 Components** | engineers in the team | inside one container, the major components | | **L4 Code** | rare | class-level; usually not maintained | Three rules: - **L1 always.** Without context, no other level lands. - **L2