k8s-cluster-management
K8s Cluster Management
Always use Kubespray for Kubernetes cluster installation. Kubespray playbooks are idempotent and converge to desired state.
Components (January 2026)
| Component | Version | Purpose |
|---|---|---|
| Kubernetes | v1.34.3 | Cluster |
| Kubespray | v2.29.1 | Installer |
| etcd | v3.5.26 | Key-value store |
| containerd | v2.2.1 | Container runtime |
| Cilium | v1.18.6 | CNI + Gateway |
| Gateway API | v1.4.0 | Ingress |
| cert-manager | v1.19.2 | TLS automation |
| MetalLB | v0.14.9 | Bare metal LB |
Note: For K8s v1.35.0, wait for Kubespray v2.30+.
Installation
Run from bastion server. See reference files for detailed commands:
- Kubernetes cluster: references/kubespray.md
- CNI: references/cilium.md
- Ingress: references/gateway-api.md
- TLS: references/cert-manager.md
kubectl Access
After installation, kubectl works directly from bastion:
# On bastion
kubectl get nodes
kubectl get pods -A
Or via VPN from any connected server:
# Connect to VPN first
tailscale up --login-server https://vpn.example.com --authkey <KEY>
# Then kubectl works
kubectl get nodes
Reference Files
- references/kubespray.md - Installation
- references/cilium.md - CNI
- references/gateway-api.md - Ingress
- references/cert-manager.md - TLS
- references/upgrades.md - Cluster upgrades
- references/essential-components.md - Essential components
- references/troubleshooting.md - Troubleshooting
More from nmime/infra-skills
skill-creator
Guide for creating effective skills. This skill should be used when users want to create a new skill (or update an existing skill) that extends Claude's capabilities with specialized knowledge, workflows, or tool integrations.
11minio-storage
MinIO S3-compatible object storage on Kubernetes. Use when deploying MinIO, configuring buckets, setting up integrations with GitLab/Loki/backups, or managing S3-compatible storage infrastructure.
7hetzner-infra
Hetzner cloud infrastructure provisioning for Kubernetes. Use when provisioning servers, networks, load balancers, firewalls, DNS zones, or storage on Hetzner Cloud via hcloud CLI.
6k8s-secrets
Vault + External Secrets Operator for secrets management.
6k8s-autoscaling
KEDA event-driven autoscaling for Kubernetes. Use when installing KEDA, configuring scalers (Prometheus, RabbitMQ, Kafka, etc.), setting up HPA, or implementing autoscaling best practices.
6k8s-observability
VictoriaMetrics + Loki + Grafana. Light or full mode.
6