playbooks

home / skills / nickcrew / claude-cortex / kubernetes-deployment-patterns

kubernetes-deployment-patterns skill

/skills/kubernetes-deployment-patterns

This skill guides production-ready Kubernetes deployments by applying strategies, workload patterns, and autoscaling best practices across configurations,

npx playbooks add skill nickcrew/claude-cortex --skill kubernetes-deployment-patterns

Review the files below or copy the command above to add this skill to your agents.

Files (6)
SKILL.md
5.2 KB
---
name: kubernetes-deployment-patterns
description: Kubernetes deployment strategies and workload patterns for production-grade applications. Use when deploying to Kubernetes, implementing rollout strategies, or designing cloud-native application architectures.
---

# Kubernetes Deployment Patterns

Expert guidance for production-grade Kubernetes deployments covering deployment strategies, workload types, configuration management, resource optimization, and autoscaling patterns for cloud-native applications.

## When to Use This Skill

- Implementing deployment strategies (rolling updates, blue-green, canary releases)
- Choosing appropriate workload types (Deployment, StatefulSet, DaemonSet, Job)
- Designing rollout strategies for zero-downtime deployments
- Implementing configuration management with ConfigMaps and Secrets
- Setting up resource management and autoscaling (HPA, VPA)
- Configuring health checks and probe strategies
- Designing highly available applications on Kubernetes
- Implementing batch processing and scheduled jobs

## Core Concepts

### Deployment Strategies

**Rolling Update:** Gradually replace old pods with new ones (zero-downtime, default)
**Recreate:** Terminate all old pods before creating new ones (brief downtime)
**Blue-Green:** Run two environments, switch traffic instantly (2x resources)
**Canary:** Gradually shift traffic to new version while monitoring (risk mitigation)

### Workload Types

**Deployment:** Stateless applications (web servers, APIs, microservices)
**StatefulSet:** Stateful applications (databases, message queues)
**DaemonSet:** Node-level services (log collectors, monitoring agents)
**Job:** One-time tasks (batch processing, migrations)
**CronJob:** Scheduled tasks (backups, periodic reports)

### Resource Management

**Requests:** Guaranteed resources for scheduling
**Limits:** Maximum resources enforced by kubelet
**HPA:** Horizontal Pod Autoscaler (scale replicas based on metrics)
**VPA:** Vertical Pod Autoscaler (adjust resource requests/limits)

## Quick Reference

| Task | Load reference |
| --- | --- |
| Deployment strategies (rolling, blue-green, canary) | `skills/kubernetes-deployment-patterns/references/deployment-strategies.md` |
| Workload types (Deployment, StatefulSet, DaemonSet, Job) | `skills/kubernetes-deployment-patterns/references/workload-types.md` |
| Configuration management (ConfigMaps, Secrets) | `skills/kubernetes-deployment-patterns/references/configuration-management.md` |
| Resource management and autoscaling (HPA, VPA) | `skills/kubernetes-deployment-patterns/references/resource-management.md` |
| Production best practices and security | `skills/kubernetes-deployment-patterns/references/production-best-practices.md` |

## Workflow

### 1. Choose Deployment Strategy

```yaml
# Rolling update for standard deployments
strategy:
  type: RollingUpdate
  rollingUpdate:
    maxSurge: 1
    maxUnavailable: 0

# Recreate for incompatible versions
strategy:
  type: Recreate
```

### 2. Select Workload Type

- **Stateless?** → Use Deployment
- **Stateful with persistent identity?** → Use StatefulSet
- **One pod per node?** → Use DaemonSet
- **Run to completion?** → Use Job
- **Run on schedule?** → Use CronJob

### 3. Configure Resources

```yaml
resources:
  requests:
    memory: "256Mi"
    cpu: "250m"
  limits:
    memory: "512Mi"
    cpu: "1000m"
```

### 4. Add Configuration

```yaml
# ConfigMap for non-sensitive config
envFrom:
- configMapRef:
    name: app-config

# Secret for sensitive data
env:
- name: DB_PASSWORD
  valueFrom:
    secretKeyRef:
      name: db-credentials
      key: password
```

### 5. Implement Health Checks

```yaml
livenessProbe:
  httpGet:
    path: /healthz
    port: 8080
  initialDelaySeconds: 30
  periodSeconds: 10

readinessProbe:
  httpGet:
    path: /ready
    port: 8080
  initialDelaySeconds: 5
  periodSeconds: 5
```

### 6. Enable Autoscaling

```yaml
apiVersion: autoscaling/v2
kind: HorizontalPodAutoscaler
spec:
  scaleTargetRef:
    kind: Deployment
    name: app
  minReplicas: 2
  maxReplicas: 10
  metrics:
  - type: Resource
    resource:
      name: cpu
      target:
        type: Utilization
        averageUtilization: 70
```

## Common Mistakes

1. **Using `latest` tag:** Always use specific version tags for reproducibility
2. **No resource limits:** Can cause resource starvation and cluster instability
3. **Missing health checks:** Kubernetes can't manage pod health without probes
4. **Single replica in production:** No high availability or resilience
5. **Secrets in ConfigMaps:** Use Secrets for sensitive data, not ConfigMaps
6. **No update strategy:** Leads to unpredictable deployment behavior
7. **Running as root:** Security vulnerability, violates least privilege
8. **No monitoring:** Can't detect or debug issues in production

## Resources

- **Official Docs:** https://kubernetes.io/docs/concepts/workloads/
- **Deployment Strategies:** https://kubernetes.io/docs/concepts/workloads/controllers/deployment/
- **StatefulSets:** https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/
- **Autoscaling:** https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/
- **Configuration:** https://kubernetes.io/docs/concepts/configuration/
- **Best Practices:** https://kubernetes.io/docs/concepts/configuration/overview/

Overview

This skill provides expert guidance for production-grade Kubernetes deployments, covering rollout strategies, workload selection, configuration management, resource optimization, health checks, and autoscaling. It helps teams design reliable, observable, and secure cloud-native applications for zero-downtime rollouts and scalable operations.

How this skill works

The skill inspects deployment requirements and recommends patterns: which workload type fits (Deployment, StatefulSet, DaemonSet, Job/CronJob), which rollout strategy to apply (rolling, recreate, blue-green, canary), and how to configure probes, resources, and autoscalers. It produces concrete YAML snippets and checklists for resource requests/limits, ConfigMaps/Secrets usage, liveness/readiness probes, and HPA/VPA settings to enforce best practices.

When to use it

  • Deploying or upgrading services in Kubernetes with minimal downtime
  • Designing architecture for stateful vs stateless workloads
  • Implementing rollout controls like canary and blue-green releases
  • Configuring resource management and autoscaling (HPA/VPA)
  • Setting up health checks, probes, and production readiness
  • Creating batch jobs or scheduled tasks (Job, CronJob)

Best practices

  • Pin image tags; avoid :latest for reproducible deployments
  • Define requests and limits for CPU/memory to prevent resource contention
  • Always add liveness and readiness probes for lifecycle control
  • Use Secrets for sensitive data and ConfigMaps for non-sensitive config
  • Run multiple replicas and avoid single-replica production services
  • Enable monitoring and logging before releasing to production

Example use cases

  • Zero-downtime web service rollout using RollingUpdate with maxUnavailable=0 and maxSurge=1
  • Blue-green deployment for database-compatible major upgrades with traffic switch over a load balancer
  • Canary releases for new API endpoints to gradually shift production traffic and observe metrics
  • StatefulSet configuration for databases with stable network IDs and persistent volumes
  • Horizontal Pod Autoscaler for CPU-driven scaling and VPA for tuning resource requests

FAQ

Which workload should I choose for a relational database?

Use StatefulSet for workloads that need stable network identities and persistent storage; combine with persistentVolumeClaims for durable data.

When should I use blue-green vs canary?

Use blue-green for instant cutovers or when rollbacks must be immediate; use canary to mitigate risk by gradually shifting traffic and validating metrics.