Ejecuta cualquier Skill en Manus
con un clic

Ejecuta cualquier Skill en Manus con un clic

kubernetes-manifests

Estrellas0

Forks0

Actualizado10 de febrero de 2026, 17:46

Write and review production-ready Kubernetes manifests with security, resource management, and operational best practices. Use when (1) creating new Kubernetes Deployment, Service, or Ingress manifests, (2) reviewing existing manifests for production readiness, (3) adding health probes, security contexts, or resource limits, (4) setting up Kustomize base/overlay structure, (5) containerizing .NET or React apps for Kubernetes, or (6) configuring PodDisruptionBudgets, topology spread, or autoscaling.

Instalación

Instalar con Codex o Claude Copia este prompt, pégalo en Codex, Claude u otro asistente, y deja que revise la página de la skill y la instale por ti.

Ejecutar en Manus

Fuente

jkappers

jkappers/agent-skills

Abrir repositorio de GitHub Ver repositorios del creador

Descarga

Ejecutar en Manus

Ocupaciones relacionadasSOC

Basado en la clasificación ocupacional SOC

Administradores de redes y sistemas informáticosOcupaciones informáticas y matemáticas·SOC 15-1244

Explorador de archivos

4 archivos

SKILL.md

readonly

Más de este repositorio

mismo repositorio

plan-jira-ticket

jkappers/agent-skills

Fetches a Jira ticket and starts implementation with a branch and plan. Use when (1) starting work on a Jira ticket, (2) creating a feature branch from a Jira issue, (3) beginning implementation of a story or task, (4) picking up a ticket from the backlog, or (5) user provides a Jira ticket ID to work on.

2026-02-200

clean-code

jkappers/agent-skills

Cleans up code files by removing dead code, simplifying structure, and eliminating redundancy without changing behavior. Use when (1) cleaning up code after implementation, (2) reducing complexity in a file or function, (3) removing dead code and unused imports, (4) simplifying control flow and expressions, (5) applying modern language idioms to legacy patterns, or (6) improving readability of dense or convoluted code.

2026-02-200

resolve-pr-feedback

jkappers/agent-skills

Resolve open PR review discussions by evaluating applicability and value, then fixing valid feedback with conventional commits. Use when (1) addressing reviewer feedback on a pull request, (2) resolving open PR discussions systematically, (3) triaging PR review comments for actionability, (4) batch-fixing code review feedback, or (5) cleaning up unresolved PR conversations.

2026-02-200

optimize-md

jkappers/agent-skills

Optimizes markdown documents for token efficiency, clarity, and LLM consumption. Use when (1) a markdown file needs streamlining for use as LLM context, (2) reducing token count in documentation without losing meaning, (3) converting verbose docs into concise reference material, (4) improving structure and scannability of markdown files, or (5) preparing best-practices or knowledge docs for agent consumption.

2026-02-200

sprint-planner

jkappers/agent-skills

Convert complex implementation plans into focused, autonomous agent sprints with measurable acceptance criteria. Use when (1) decomposing a large plan into agent-executable chunks, (2) breaking down multi-endpoint migrations or multi-step projects, (3) creating sprint definitions with acceptance criteria for autonomous agents, (4) planning dependency chains across implementation sprints, or (5) structuring work for parallel agent execution.

2026-02-160

enhance-prompt

jkappers/agent-skills

Analyzes and improves LLM prompts and agent instructions for token efficiency, determinism, and clarity. Use when (1) writing a new system prompt, skill, or CLAUDE.md file, (2) reviewing or improving an existing prompt for clarity and efficiency, (3) diagnosing why a prompt produces inconsistent or unexpected results, (4) converting natural language instructions into imperative LLM directives, or (5) evaluating prompt anti-patterns and suggesting fixes. Applies to all LLM platforms (Claude, GPT, Gemini, Llama).

2026-02-100

name

kubernetes-manifests

description

Kubernetes Manifest Authoring

Write and review production-ready Kubernetes manifests following security, resource management, and operational best practices.

Workflow

Identify the application type: .NET API, React SPA, worker service, or other
Determine the target resources: Deployment, Service, Ingress, HPA, PDB, NetworkPolicy
Generate manifests using the patterns below
Apply the security context, resource limits, and health probes
Validate against the Pre-Deployment Checklist

Core Manifest Structure

Every manifest includes these four required fields:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: my-app
  namespace: production
  labels:
    app.kubernetes.io/name: my-app
    app.kubernetes.io/version: "1.0.0"
    app.kubernetes.io/component: api
    app.kubernetes.io/managed-by: kustomize
spec:
  # ...

Use declarative YAML with kubectl apply. Store manifests in version control. Express desired state only.

Security Context

Apply to every pod and container. Non-negotiable for production.

spec:
  securityContext:
    runAsNonRoot: true
    runAsUser: 1000
    runAsGroup: 1000
    fsGroup: 1000
  containers:
  - name: app
    securityContext:
      allowPrivilegeEscalation: false
      readOnlyRootFilesystem: true
      capabilities:
        drop:
          - ALL

Setting	Requirement
`runAsNonRoot: true`	Required
`allowPrivilegeEscalation: false`	Required
`readOnlyRootFilesystem: true`	Recommended (mount emptyDir for /tmp)
`capabilities.drop: [ALL]`	Recommended
`hostNetwork/hostPID/hostIPC`	Never use unless explicitly justified

For .NET images, use UID 1654 (the app user). For nginx-unprivileged, use UID 101.

Resource Management

Always set memory requests and limits. Set CPU requests; omit CPU limits unless required.

resources:
  requests:
    memory: "256Mi"
    cpu: "100m"
  limits:
    memory: "512Mi"

Application Type	Memory Request	Memory Limit	CPU Request
.NET API	256Mi	512Mi	100m
React/Nginx frontend	64Mi	128Mi	50m
Worker service	128Mi-512Mi	256Mi-1Gi	100m-500m

Set requests = limits for critical services to achieve Guaranteed QoS (lowest eviction priority).

Health Probes

Configure all three probe types. Use dedicated endpoints.

livenessProbe:
  httpGet:
    path: /healthz
    port: 8080
  initialDelaySeconds: 10
  periodSeconds: 15
  timeoutSeconds: 5
  failureThreshold: 3
readinessProbe:
  httpGet:
    path: /ready
    port: 8080
  initialDelaySeconds: 5
  periodSeconds: 10
  timeoutSeconds: 5
  failureThreshold: 3
startupProbe:
  httpGet:
    path: /startup
    port: 8080
  failureThreshold: 30
  periodSeconds: 10

Probe	Purpose	On Failure
Liveness	Detect deadlocks/hangs	Restart container
Readiness	Control traffic routing	Remove from Service endpoints
Startup	Handle slow-starting apps	Delay other probes

Use startupProbe for slow-starting apps instead of large initialDelaySeconds. Keep probes lightweight.

For .NET apps: /health/live, /health/ready, /health/startup. For React/Nginx: /health for both liveness and readiness.

Labels

Apply the app.kubernetes.io/ recommended labels to all resources:

labels:
  app.kubernetes.io/name: myapp
  app.kubernetes.io/instance: myapp-production
  app.kubernetes.io/version: "1.2.3"
  app.kubernetes.io/component: frontend
  app.kubernetes.io/part-of: my-platform
  app.kubernetes.io/managed-by: kustomize

Add custom labels for cross-cutting concerns: environment, team, cost-center, tier.

Container Images

Never use :latest in production. Pin semantic versions or git SHAs.
Use digest references (@sha256:...) for maximum reproducibility.
Use distroless/minimal base images.
Set imagePullPolicy: IfNotPresent for tagged images.

Graceful Shutdown

Add a preStop hook to handle the delay between endpoint removal and ingress controller configuration updates:

lifecycle:
  preStop:
    exec:
      command: ["sleep", "10"]
terminationGracePeriodSeconds: 45

terminationGracePeriodSeconds must exceed preStop delay + application shutdown timeout.

High Availability

Topology Spread

Distribute pods across zones:

topologySpreadConstraints:
- maxSkew: 1
  topologyKey: topology.kubernetes.io/zone
  whenUnsatisfiable: ScheduleAnyway
  labelSelector:
    matchLabels:
      app: myapp

Pod Disruption Budget

Protect against voluntary disruptions (node drains, upgrades):

apiVersion: policy/v1
kind: PodDisruptionBudget
metadata:
  name: myapp-pdb
spec:
  minAvailable: "50%"
  selector:
    matchLabels:
      app: myapp

Use percentages for scaling flexibility. Never set maxUnavailable: 0 or minAvailable: 100%.

HPA (Stateless Apps)

apiVersion: autoscaling/v2
kind: HorizontalPodAutoscaler
metadata:
  name: myapp-hpa
spec:
  scaleTargetRef:
    apiVersion: apps/v1
    kind: Deployment
    name: myapp
  minReplicas: 2
  maxReplicas: 10
  metrics:
  - type: Resource
    resource:
      name: cpu
      target:
        type: Utilization
        averageUtilization: 70
  behavior:
    scaleDown:
      stabilizationWindowSeconds: 300

Services and Ingress

Use ClusterIP for inter-service communication. Use Ingress over multiple LoadBalancer services.

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: myapp-ingress
  annotations:
    nginx.ingress.kubernetes.io/ssl-redirect: "true"
spec:
  ingressClassName: nginx
  tls:
  - hosts:
    - myapp.example.com
    secretName: myapp-tls
  rules:
  - host: myapp.example.com
    http:
      paths:
      - path: /api
        pathType: Prefix
        backend:
          service:
            name: api-service
            port:
              number: 80
      - path: /
        pathType: Prefix
        backend:
          service:
            name: frontend-service
            port:
              number: 80

ConfigMaps and Secrets

Use ConfigMaps for non-sensitive config. Use Secrets for sensitive data. Prefer volume mounts over environment variables. Enable encryption at rest for Secrets.

volumes:
- name: config-volume
  configMap:
    name: app-config
- name: secret-volume
  secret:
    secretName: app-secrets

Use immutable ConfigMaps (immutable: true) for stable configurations. Keep ConfigMaps under 1 MiB.

Deployment Strategy

Strategy	Use Case
`RollingUpdate` (default)	Stateless web services, APIs
`Recreate`	Stateful apps, single-version requirements
Blue/Green, Canary	Advanced (requires Flagger, Argo Rollouts)

strategy:
  type: RollingUpdate
  rollingUpdate:
    maxSurge: 25%
    maxUnavailable: 25%

Application-Specific Guidance

For detailed .NET and React/Vite manifest patterns, see:

references/dotnet-manifests.md — GC configuration, Kestrel ports, structured logging, chiseled images
references/react-manifests.md — NGINX SPA routing, runtime env vars, non-root NGINX, CSP headers
references/kustomize.md — Base/overlay structure, generators, patches, components, GitOps integration

kubernetes-manifests

Más de este repositorio

Más de este repositorio

Kubernetes Manifest Authoring

Workflow

Core Manifest Structure

Security Context

Resource Management

Health Probes

Labels

Container Images

Graceful Shutdown

High Availability

Topology Spread

Pod Disruption Budget

HPA (Stateless Apps)

Services and Ingress

ConfigMaps and Secrets

Deployment Strategy

Application-Specific Guidance

Pre-Deployment Checklist

Kubernetes Manifest Authoring

Workflow

Core Manifest Structure

Security Context

Resource Management

Health Probes

Labels

Container Images

Graceful Shutdown

High Availability

Topology Spread

Pod Disruption Budget

HPA (Stateless Apps)

Services and Ingress

ConfigMaps and Secrets

Deployment Strategy

Application-Specific Guidance

Pre-Deployment Checklist