kubernetes
Kubernetes
Essential kubectl commands and Kubernetes patterns.
Context & Namespace
# View contexts
kubectl config get-contexts
kubectl config current-context
# Switch context
kubectl config use-context production
# Set default namespace
kubectl config set-context --current --namespace=my-app
# Use namespace in command
kubectl get pods -n kube-system
kubectl get pods --all-namespaces # or -A
Pods
# List pods
kubectl get pods
kubectl get pods -o wide # More details
kubectl get pods -w # Watch mode
kubectl get pods --show-labels
kubectl get pods -l app=web # By label
# Pod details
kubectl describe pod my-pod
kubectl get pod my-pod -o yaml
# Logs
kubectl logs my-pod
kubectl logs my-pod -f # Follow
kubectl logs my-pod --tail=100
kubectl logs my-pod -c my-container # Specific container
kubectl logs my-pod --previous # Previous crash
# Exec into pod
kubectl exec -it my-pod -- /bin/sh
kubectl exec -it my-pod -c my-container -- bash
# Port forward
kubectl port-forward my-pod 8080:80
kubectl port-forward svc/my-service 8080:80
# Copy files
kubectl cp my-pod:/app/file.txt ./file.txt
kubectl cp ./file.txt my-pod:/app/
# Delete
kubectl delete pod my-pod
kubectl delete pod my-pod --grace-period=0 --force
Deployments
# Create deployment
kubectl create deployment web --image=nginx:latest --replicas=3
# List
kubectl get deployments
kubectl get deploy
# Scale
kubectl scale deployment web --replicas=5
# Update image
kubectl set image deployment/web nginx=nginx:1.25
# Rollout status
kubectl rollout status deployment/web
# Rollback
kubectl rollout undo deployment/web
kubectl rollout undo deployment/web --to-revision=2
# History
kubectl rollout history deployment/web
# Restart (rolling)
kubectl rollout restart deployment/web
Deployment YAML
apiVersion: apps/v1
kind: Deployment
metadata:
name: web
labels:
app: web
spec:
replicas: 3
selector:
matchLabels:
app: web
template:
metadata:
labels:
app: web
spec:
containers:
- name: web
image: nginx:1.25
ports:
- containerPort: 80
resources:
requests:
cpu: 100m
memory: 128Mi
limits:
cpu: 500m
memory: 256Mi
livenessProbe:
httpGet:
path: /health
port: 80
initialDelaySeconds: 10
periodSeconds: 30
readinessProbe:
httpGet:
path: /ready
port: 80
initialDelaySeconds: 5
periodSeconds: 10
env:
- name: NODE_ENV
value: "production"
- name: DB_PASSWORD
valueFrom:
secretKeyRef:
name: db-secret
key: password
Services
# ClusterIP (internal)
apiVersion: v1
kind: Service
metadata:
name: web
spec:
selector:
app: web
ports:
- port: 80
targetPort: 8080
---
# LoadBalancer (external)
apiVersion: v1
kind: Service
metadata:
name: web-public
spec:
type: LoadBalancer
selector:
app: web
ports:
- port: 80
targetPort: 8080
---
# NodePort
apiVersion: v1
kind: Service
metadata:
name: web-nodeport
spec:
type: NodePort
selector:
app: web
ports:
- port: 80
targetPort: 8080
nodePort: 30080
# Quick expose
kubectl expose deployment web --port=80 --target-port=8080
kubectl expose deployment web --type=LoadBalancer --port=80
# List services
kubectl get svc
kubectl describe svc web
ConfigMaps & Secrets
# ConfigMap
kubectl create configmap app-config --from-literal=key=value
kubectl create configmap app-config --from-file=config.yaml
# Secret
kubectl create secret generic db-creds \
--from-literal=username=admin \
--from-literal=password=secret123
# View
kubectl get configmap app-config -o yaml
kubectl get secret db-creds -o jsonpath='{.data.password}' | base64 -d
Apply & Delete
# Apply manifest
kubectl apply -f deployment.yaml
kubectl apply -f ./k8s/ # All files in directory
kubectl apply -f https://example.com/manifest.yaml
# Delete
kubectl delete -f deployment.yaml
kubectl delete deployment web
kubectl delete all -l app=web # By label
# Dry run
kubectl apply -f deployment.yaml --dry-run=client
kubectl apply -f deployment.yaml --dry-run=server
Debugging Quick Reference
# Pod not starting?
kubectl describe pod my-pod # Check Events section
kubectl get events --sort-by='.lastTimestamp'
# CrashLoopBackOff?
kubectl logs my-pod --previous # Logs from crashed container
# Can't connect to service?
kubectl get endpoints my-service # Check if endpoints exist
kubectl run debug --rm -it --image=busybox -- wget -qO- http://my-service
# Resource issues?
kubectl top pods
kubectl top nodes
kubectl describe node <node-name> # Check Allocatable vs Allocated
Reference
For debugging patterns: references/debugging.md
For YAML templates: references/manifests.md
More from 1mangesh1/dev-skills-collection
curl-http
HTTP request construction and API testing with curl and HTTPie. Use when user asks to "test API", "make HTTP request", "curl POST", "send request", "test endpoint", "debug API", "upload file", "check response time", "set auth header", "basic auth with curl", "send JSON", "test webhook", "check status code", "follow redirects", "rate limit testing", "measure API latency", "stress test endpoint", "mock API response", or any HTTP calls from the command line.
28database-indexing
Database indexing internals, index type selection, query plan analysis, and write-overhead tradeoffs across PostgreSQL, MySQL, and MongoDB. Use when user asks to "optimize queries", "create indexes", "fix slow queries", "read EXPLAIN output", "reduce query time", "index strategy", "database performance", "composite index", "covering index", "partial index", "index bloat", "unused indexes", or needs help diagnosing and resolving database performance problems.
13testing-strategies
Testing strategies, patterns, and methodologies across the full testing spectrum. Use when asked about unit tests, integration tests, e2e tests, test pyramid, mocking, test doubles, TDD, property-based testing, snapshot testing, test coverage, mutation testing, contract testing, performance testing, test data management, CI/CD testing, flaky tests, test anti-patterns, test organization, test isolation, test fixtures, test parameterization, or any testing strategy, approach, or methodology.
10secret-scanner
This skill should be used when the user asks to "scan for secrets", "find API keys", "detect credentials", "check for hardcoded passwords", "find leaked tokens", "scan for sensitive keys", "check git history for secrets", "audit repository for credentials", or mentions secret detection, credential scanning, API key exposure, token leakage, password detection, or security key auditing.
10terraform
Terraform infrastructure as code for provisioning, modules, state management, and workspaces. Use when user asks to "create infrastructure", "write Terraform", "manage state", "create module", "import resource", "plan changes", or any IaC tasks.
10security-hardening
Security hardening, secure coding practices, and infrastructure defense. Use when the user asks about hardening security, secure coding, OWASP vulnerabilities, input validation, sanitization, SQL injection prevention, XSS protection, CSRF tokens, CORS configuration, secure headers, CSP, HSTS, rate limiting, file upload security, secrets management, dependency auditing, Docker security, TLS/HTTPS, logging security events, server hardening, API security, authentication hardening, encryption, or any application and infrastructure security defense.
9