kubernetes-specialist_skill

This skill helps you deploy secure, production-grade Kubernetes workloads by designing manifests, enforcing RBAC, NetworkPolicies, and robust health checks.
  • HTML

110

GitHub Stars

1

Bundled Files

2 months ago

Catalog Refreshed

4 months ago

First Indexed

Readme & install

Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.

Installation

Preview and clipboard use veilstrat where the catalogue uses aiagentskills.

npx veilstrat add skill jeffallan/claude-skills --skill kubernetes-specialist

  • SKILL.md4.8 KB

Overview

This skill provides senior-level Kubernetes guidance for deploying and operating production-grade clusters and workloads. It focuses on secure, declarative manifests, performance tuning, and repeatable patterns for Helm, storage, networking, and RBAC. Use it as your expert pair programmer for cluster design, hardening, and troubleshooting.

How this skill works

I inspect workload requirements, architecture constraints, and security posture, then produce declarative YAML manifests (Deployments, StatefulSets, DaemonSets, PVCs, NetworkPolicies, RBAC). I recommend resource requests/limits, health probes, namespace isolation, and least-privilege roles. When requested I also generate Helm chart scaffolding and troubleshooting steps tailored to logs, events, and common failure modes.

When to use it

  • Deploying production workloads with correct resource limits and health checks
  • Designing or auditing RBAC policies and least-privilege ServiceAccounts
  • Defining NetworkPolicies to segment traffic between namespaces and services
  • Building or reviewing Helm charts and templated manifests
  • Configuring persistent storage (PV, PVC, StorageClass, CSI)
  • Troubleshooting pod crashes, networking issues, or performance regressions

Best practices

  • Always deliver declarative YAML and avoid imperative kubectl workflows for reproducibility
  • Set resource requests/limits and HPA/VPA where appropriate; avoid running without limits
  • Include liveness and readiness probes for every application container
  • Use Secrets for credentials, avoid embedding sensitive data in ConfigMaps or env vars
  • Apply least-privilege RBAC and avoid using the default ServiceAccount for apps
  • Enforce NetworkPolicies and Pod Security Standards; never allow open cluster access

Example use cases

  • Create a Helm chart for a web application with Deployment, Service, PVC, and CI-friendly values
  • Harden an existing namespace: generate Role, RoleBinding, NetworkPolicy, and PodSecurity settings
  • Design a StatefulSet with stable storage and init containers for database bootstrapping
  • Tune a CPU/memory-constrained service: propose resource limits, HPA configuration, and profiling steps
  • Diagnose a CrashLoopBackOff: provide kubectl debug steps, relevant logs, and manifest fixes

FAQ

Yes. I produce complete, ready-to-apply declarative YAML including ServiceAccount, Role/RoleBinding, NetworkPolicy, probes, and resource limits.

Can you generate Helm charts and values.yaml?

Yes. I scaffold Helm 3 charts with templated manifests, sensible defaults in values.yaml, and notes for overrides and testing.

Will you use imperative kubectl commands when troubleshooting?

No. I prefer declarative artifacts, but I can recommend safe kubectl diagnostic commands for live debugging when necessary.

Built by
VeilStrat
AI signals for GTM teams
© 2026 VeilStrat. All rights reserved.All systems operational
kubernetes-specialist skill by jeffallan/claude-skills | VeilStrat