playbooks

home / skills / thebushidocollective / han / kubernetes-resources

kubernetes-resources skill

/plugins/tools/kubernetes/skills/kubernetes-resources

This skill helps you manage Kubernetes resources like deployments, services, configmaps, and secrets with clear guidance and practical recommendations.

npx playbooks add skill thebushidocollective/han --skill kubernetes-resources

Review the files below or copy the command above to add this skill to your agents.

Files (1)
SKILL.md
3.8 KB
---
name: kubernetes-resources
user-invocable: false
description: Use when managing Kubernetes resources including deployments, services, configmaps, and secrets.
allowed-tools: []
---

# Kubernetes Resources

Understanding Kubernetes resource types and their relationships.

## Core Resources

### Pods

The smallest deployable unit in Kubernetes:

```yaml
apiVersion: v1
kind: Pod
metadata:
  name: my-pod
spec:
  containers:
  - name: app
    image: nginx:1.21
```

### ReplicaSets

Maintains a stable set of replica Pods:

```yaml
apiVersion: apps/v1
kind: ReplicaSet
metadata:
  name: my-replicaset
spec:
  replicas: 3
  selector:
    matchLabels:
      app: my-app
  template:
    # Pod template
```

### Deployments

Manages ReplicaSets and provides declarative updates:

```yaml
apiVersion: apps/v1
kind: Deployment
metadata:
  name: my-deployment
spec:
  replicas: 3
  strategy:
    type: RollingUpdate
    rollingUpdate:
      maxSurge: 1
      maxUnavailable: 0
  # ...
```

## Networking Resources

### Services

Exposes Pods to network traffic:

- **ClusterIP**: Internal cluster access only
- **NodePort**: Exposes on each Node's IP
- **LoadBalancer**: Cloud provider load balancer
- **ExternalName**: DNS CNAME record

```yaml
apiVersion: v1
kind: Service
metadata:
  name: my-service
spec:
  type: ClusterIP
  selector:
    app: my-app
  ports:
  - port: 80
    targetPort: 8080
```

### Ingress

HTTP/HTTPS routing to services:

```yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: my-ingress
spec:
  rules:
  - host: myapp.example.com
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: my-service
            port:
              number: 80
```

## Storage Resources

### PersistentVolume

Cluster-level storage resource:

```yaml
apiVersion: v1
kind: PersistentVolume
metadata:
  name: my-pv
spec:
  capacity:
    storage: 10Gi
  accessModes:
  - ReadWriteOnce
  persistentVolumeReclaimPolicy: Retain
  storageClassName: standard
```

### PersistentVolumeClaim

Request for storage:

```yaml
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: my-pvc
spec:
  accessModes:
  - ReadWriteOnce
  resources:
    requests:
      storage: 5Gi
  storageClassName: standard
```

## Configuration Resources

### ConfigMaps

Non-sensitive configuration data:

```yaml
apiVersion: v1
kind: ConfigMap
metadata:
  name: app-config
data:
  config.json: |
    {
      "key": "value"
    }
```

### Secrets

Sensitive information:

```yaml
apiVersion: v1
kind: Secret
metadata:
  name: app-secret
type: Opaque
stringData:
  username: admin
  password: secret123
```

## Workload Resources

### StatefulSet

For stateful applications:

```yaml
apiVersion: apps/v1
kind: StatefulSet
metadata:
  name: web
spec:
  serviceName: "nginx"
  replicas: 3
  selector:
    matchLabels:
      app: nginx
  template:
    # Pod template
  volumeClaimTemplates:
  - metadata:
      name: www
    spec:
      accessModes: [ "ReadWriteOnce" ]
      resources:
        requests:
          storage: 1Gi
```

### DaemonSet

Runs a Pod on every Node:

```yaml
apiVersion: apps/v1
kind: DaemonSet
metadata:
  name: monitoring-agent
spec:
  selector:
    matchLabels:
      name: monitoring-agent
  template:
    # Pod template
```

### Job

Run-to-completion tasks:

```yaml
apiVersion: batch/v1
kind: Job
metadata:
  name: batch-job
spec:
  template:
    spec:
      containers:
      - name: job
        image: busybox
        command: ["echo", "Hello"]
      restartPolicy: Never
  backoffLimit: 4
```

### CronJob

Scheduled jobs:

```yaml
apiVersion: batch/v1
kind: CronJob
metadata:
  name: scheduled-job
spec:
  schedule: "0 0 * * *"
  jobTemplate:
    spec:
      template:
        spec:
          containers:
          - name: job
            image: busybox
            command: ["echo", "Daily task"]
          restartPolicy: OnFailure
```

Overview

This skill helps manage Kubernetes resources including deployments, services, configmaps, secrets, and workload objects. It explains core resource types, networking and storage primitives, and common workload patterns so you can model, deploy, and operate applications on Kubernetes. Use it to understand relationships between objects and to create or troubleshoot resource manifests.

How this skill works

The skill inspects and explains Kubernetes resource kinds and their typical fields: Pods, ReplicaSets, Deployments, Services, Ingress, PersistentVolumes, PersistentVolumeClaims, ConfigMaps, Secrets, StatefulSets, DaemonSets, Jobs, and CronJobs. It highlights when to choose each object, key spec attributes, and common patterns such as rolling updates, volume claims, and service types. It provides concrete manifest examples and practical guidance for configuration and lifecycle operations.

When to use it

  • Designing or reviewing Kubernetes manifests for applications and infrastructure
  • Choosing the right workload controller (Deployment, StatefulSet, DaemonSet) for an app
  • Configuring networking and exposure (Service types, Ingress rules)
  • Provisioning storage with PersistentVolumes and PersistentVolumeClaims
  • Managing configuration and secrets separation (ConfigMap vs Secret)
  • Defining scheduled or batch tasks (CronJob, Job)

Best practices

  • Use Deployments for stateless apps and StatefulSets for stateful workloads with stable identities and storage
  • Store non-sensitive config in ConfigMaps and sensitive data in Secrets; mount or inject them as needed
  • Prefer rollingUpdate strategy for Deployments to avoid downtime; configure maxSurge and maxUnavailable
  • Request PersistentVolumeClaims with appropriate storageClass and accessModes matching PVs
  • Expose services with ClusterIP internally, NodePort for debugging, and LoadBalancer or Ingress for production traffic
  • Use Jobs and CronJobs for one-off or scheduled tasks; set restartPolicy and backoff limits appropriately

Example use cases

  • Deploying a three-replica web application with a Deployment and Service (ClusterIP or LoadBalancer)
  • Running a database with StatefulSet and per-replica PersistentVolumeClaims for stable storage
  • Installing a cluster-wide monitoring agent as a DaemonSet to run on every node
  • Running nightly data processing with a CronJob that creates Jobs on schedule
  • Providing app configuration via ConfigMap and credentials via Secret mounted into Pods

FAQ

When should I use a StatefulSet instead of a Deployment?

Use a StatefulSet when pods need stable network IDs, stable storage, or ordered scaling and upgrades—typical for databases and other stateful services.

How do I choose between Service types?

Use ClusterIP for internal services, NodePort for simple external exposure or debugging, LoadBalancer when using a cloud provider load balancer, and Ingress for HTTP(S) routing with host/path rules.