Claude
Skills
Sign in
Back

kubernetes-orchestration

Included with Lifetime
$97 forever

Comprehensive guide to Kubernetes container orchestration, covering workloads, networking, storage, security, and production operations

infrastructurekubernetesk8scontainersorchestrationcloud-nativedeploymentmicroservicesdevops

What this skill does


# Kubernetes Orchestration Skill

## Table of Contents

1. [Introduction](#introduction)
2. [Core Concepts](#core-concepts)
3. [Workloads](#workloads)
4. [Services and Networking](#services-and-networking)
5. [Ingress Controllers](#ingress-controllers)
6. [Configuration Management](#configuration-management)
7. [Storage](#storage)
8. [Namespaces and Resource Isolation](#namespaces-and-resource-isolation)
9. [Security and RBAC](#security-and-rbac)
10. [Autoscaling](#autoscaling)
11. [Monitoring and Observability](#monitoring-and-observability)
12. [Logging](#logging)
13. [Production Operations](#production-operations)
14. [Troubleshooting](#troubleshooting)

## Introduction

Kubernetes is an open-source container orchestration platform that automates the deployment, scaling, and management of containerized applications. It provides a robust framework for running distributed systems resiliently, handling scaling and failover for your applications, and providing deployment patterns.

### Key Benefits

- **Service Discovery and Load Balancing**: Automatic DNS and load balancing for containers
- **Storage Orchestration**: Mount storage systems from local, cloud, or network storage
- **Automated Rollouts and Rollbacks**: Declarative deployment with health monitoring
- **Automatic Bin Packing**: Optimal placement of containers based on resource requirements
- **Self-Healing**: Automatic restart, replacement, and rescheduling of failed containers
- **Secret and Configuration Management**: Store and manage sensitive information securely
- **Horizontal Scaling**: Scale applications up and down automatically or manually
- **Batch Execution**: Manage batch and CI workloads

## Core Concepts

### Cluster Architecture

A Kubernetes cluster consists of:

**Control Plane Components:**
- **kube-apiserver**: The API server is the front end for the Kubernetes control plane
- **etcd**: Consistent and highly-available key-value store for all cluster data
- **kube-scheduler**: Watches for newly created Pods and assigns them to nodes
- **kube-controller-manager**: Runs controller processes
- **cloud-controller-manager**: Integrates with cloud provider APIs

**Node Components:**
- **kubelet**: Agent that runs on each node and ensures containers are running
- **kube-proxy**: Network proxy maintaining network rules on nodes
- **container runtime**: Software responsible for running containers (containerd, CRI-O)

### Objects and Specifications

Kubernetes objects are persistent entities representing the state of your cluster. Every object includes:
- **metadata**: Data about the object (name, namespace, labels, annotations)
- **spec**: The desired state
- **status**: The current state (managed by Kubernetes)

## Workloads

### Pods

Pods are the smallest deployable units in Kubernetes, representing one or more containers that share storage and network resources.

**Basic Pod Example:**

```yaml
apiVersion: v1
kind: Pod
metadata:
  name: nginx-pod
  labels:
    app: nginx
spec:
  containers:
  - name: nginx
    image: nginx:1.21
    ports:
    - containerPort: 80
```

**Multi-Container Pod:**

```yaml
apiVersion: v1
kind: Pod
metadata:
  name: multi-container-pod
spec:
  containers:
  - name: nginx
    image: nginx:1.21
    ports:
    - containerPort: 80
    volumeMounts:
    - name: shared-data
      mountPath: /usr/share/nginx/html
  - name: sidecar
    image: busybox
    command: ['sh', '-c', 'while true; do echo "$(date)" > /pod-data/index.html; sleep 30; done']
    volumeMounts:
    - name: shared-data
      mountPath: /pod-data
  volumes:
  - name: shared-data
    emptyDir: {}
```

**Pod with Init Container:**

```yaml
apiVersion: v1
kind: Pod
metadata:
  name: init-demo
spec:
  initContainers:
  - name: install
    image: busybox:1.28
    command:
    - wget
    - "-O"
    - "/work-dir/index.html"
    - http://info.cern.ch
    volumeMounts:
    - name: workdir
      mountPath: "/work-dir"
  containers:
  - name: nginx
    image: nginx:1.21
    ports:
    - containerPort: 80
    volumeMounts:
    - name: workdir
      mountPath: /usr/share/nginx/html
  volumes:
  - name: workdir
    emptyDir: {}
```

**Pod with Security Context:**

```yaml
apiVersion: v1
kind: Pod
metadata:
  name: security-context-demo
spec:
  securityContext:
    runAsUser: 1000
    runAsGroup: 3000
    fsGroup: 2000
  containers:
  - name: sec-ctx-container
    image: busybox
    command: [ "sh", "-c", "sleep 1h" ]
    securityContext:
      allowPrivilegeEscalation: false
      capabilities:
        drop:
        - NET_RAW
        - ALL
      runAsNonRoot: true
      seccompProfile:
        type: RuntimeDefault
```

**Pod with Resource Limits and Requests:**

```yaml
apiVersion: v1
kind: Pod
metadata:
  name: resource-demo
spec:
  containers:
  - name: app
    image: nginx:1.21
    resources:
      requests:
        memory: "64Mi"
        cpu: "250m"
      limits:
        memory: "128Mi"
        cpu: "500m"
```

**Pod with Probes:**

```yaml
apiVersion: v1
kind: Pod
metadata:
  name: probe-demo
spec:
  containers:
  - name: app
    image: nginx:1.21
    ports:
    - containerPort: 80
    livenessProbe:
      httpGet:
        path: /healthz
        port: 80
      initialDelaySeconds: 3
      periodSeconds: 10
      timeoutSeconds: 1
      failureThreshold: 3
    readinessProbe:
      httpGet:
        path: /ready
        port: 80
      initialDelaySeconds: 5
      periodSeconds: 5
      successThreshold: 1
    startupProbe:
      httpGet:
        path: /startup
        port: 80
      initialDelaySeconds: 0
      periodSeconds: 10
      failureThreshold: 30
```

### Deployments

Deployments provide declarative updates for Pods and ReplicaSets, enabling rolling updates and rollbacks.

**Basic Deployment:**

```yaml
apiVersion: apps/v1
kind: Deployment
metadata:
  name: nginx-deployment
  labels:
    app: nginx
spec:
  replicas: 3
  selector:
    matchLabels:
      app: nginx
  template:
    metadata:
      labels:
        app: nginx
    spec:
      containers:
      - name: nginx
        image: nginx:1.21
        ports:
        - containerPort: 80
```

**Deployment with Rolling Update Strategy:**

```yaml
apiVersion: apps/v1
kind: Deployment
metadata:
  name: rolling-update-deployment
spec:
  replicas: 5
  strategy:
    type: RollingUpdate
    rollingUpdate:
      maxSurge: 1
      maxUnavailable: 1
  selector:
    matchLabels:
      app: myapp
  template:
    metadata:
      labels:
        app: myapp
    spec:
      containers:
      - name: myapp
        image: myapp:v2
        ports:
        - containerPort: 8080
        resources:
          requests:
            cpu: 100m
            memory: 128Mi
          limits:
            cpu: 500m
            memory: 512Mi
```

**Deployment with Recreate Strategy:**

```yaml
apiVersion: apps/v1
kind: Deployment
metadata:
  name: recreate-deployment
spec:
  replicas: 3
  strategy:
    type: Recreate
  selector:
    matchLabels:
      app: database-migration
  template:
    metadata:
      labels:
        app: database-migration
    spec:
      containers:
      - name: migrator
        image: migrator:v1
```

**Blue-Green Deployment Pattern:**

```yaml
# Blue Deployment
apiVersion: apps/v1
kind: Deployment
metadata:
  name: myapp-blue
spec:
  replicas: 3
  selector:
    matchLabels:
      app: myapp
      version: blue
  template:
    metadata:
      labels:
        app: myapp
        version: blue
    spec:
      containers:
      - name: myapp
        image: myapp:v1.0
        ports:
        - containerPort: 8080
---
# Green Deployment
apiVersion: apps/v1
kind: Deployment
metadata:
  name: myapp-green
spec:
  replicas: 3
  selector:
    matchLabels:
      app: myapp
      version: green
  template:
    metadata:
      labels:
        app: myapp
        version: green
    spec:
      containers:
      - name: myapp
        image: myapp:v2.0
        ports:
        - containerPort: 8080
```

### StatefulSets

StatefulSets manage stateful applications requirin
Files: 3
Size: 140.0 KB
Complexity: 40/100
Category: infrastructure
Source: https://github.com/manutej/luxor-claude-marketplace/tree/main/plugins/luxor-devops-suite/skills/kubernetes-orchestration

Related in infrastructure

progressive-loading

Included

Implements hub-and-spoke lazy loading to minimize token usage in large skills. Use when building multi-module skills that need conditional on-demand loading.

infrastructure

cicd-pipeline-qe-orchestrator

Included

Orchestrate quality engineering across CI/CD pipeline phases. Use when designing test strategies, planning quality gates, or implementing shift-left/shift-right testing.

infrastructurescripts

evaluation-framework

Included

Provides weighted scoring, rubrics, and decision-threshold patterns. Use when designing quality gates, evaluation systems, or decision frameworks.

infrastructure

authentication-patterns

Included

Provides auth patterns for API keys, OAuth, and token management. Use when implementing or reviewing service authentication and credential handling.

infrastructure

damage-control

Included

Recovers broken agent state via crash recovery, context overflow, and merge conflict protocols. Use when an agent session fails or a worktree is corrupted.

infrastructure

storage-templates

Included

Provides templates and lifecycle patterns for storage and documentation systems. Use when organizing knowledge storage, config lifecycle, or naming conventions.

infrastructure
Sign up & unlock — $97