kubernetes-flux
Kubernetes Flux Skill
Installation
The skill invokes the Flux CLI. Install:
- macOS/Linux (Homebrew):
brew install fluxcd/tap/flux - macOS/Linux (script):
curl -s https://fluxcd.io/install.sh | sudo bash - Windows (winget):
winget install -e --id FluxCD.Flux - Windows (Chocolatey):
choco install flux - Custom dir:
curl -s https://fluxcd.io/install.sh | bash -s ~/.local/bin
Verify: flux --version. Then use flux bootstrap to deploy controllers if needed.
Cheat Sheet & Best Practices
Bootstrap: flux bootstrap git --url=ssh://git@host/repo.git --path=clusters/my-cluster; use --branch, --interval, --private-key-file or --token-auth as needed.
Status: flux check — controllers/CRDs; flux get all -A — all resources; flux get kustomizations; flux tree kustomization <name> — managed objects.
Hacks: Use flux get sources git and flux get kustomizations to see sync state. Reconcile on demand: flux reconcile kustomization <name> --with-source. Pin versions with FLUX_VERSION on install script. Prefer Git over Helm for app manifests when using GitOps.
Certifications & Training
Kubernetes: CKA / CKAD (Linux Foundation). Flux: GitOps with Flux (LFS269). Skill data: Bootstrap, reconcile, status (flux check, flux get all), tree; GitOps workflow.
Hooks & Workflows
Suggested hooks: Pre-apply: flux check. Post-push (to Git repo used by Flux): optional reconcile trigger. Use with devops (always) for GitOps clusters.
Workflows: Use with devops (always). Flow: bootstrap or reconcile; debug with flux get all, flux tree kustomization. See gitops-workflow skill and enterprise workflows.
Overview
This skill provides comprehensive Kubernetes cluster management through kubectl, enabling AI agents to inspect, troubleshoot, and manage Kubernetes resources.
When to Use
- Debugging application pods and containers
- Monitoring deployment rollouts and status
- Analyzing service networking and endpoints
- Investigating cluster events and errors
- Troubleshooting performance issues
- Managing application scaling
- Port forwarding for local development
Requirements
- kubectl installed and configured
- Valid KUBECONFIG file or default context
- Cluster access credentials
- Appropriate RBAC permissions
Quick Reference
# Get pods in current namespace
kubectl get pods
# Get pods in specific namespace
kubectl get pods -n production
# Get pods with labels
kubectl get pods -l app=web -n production
# Describe a pod
kubectl describe pod my-app-123 -n default
# Get pod logs
kubectl logs my-app-123 -n default
# Get logs with tail
kubectl logs my-app-123 -n default --tail=100
# Get logs since time
kubectl logs my-app-123 -n default --since=1h
# List recent events
kubectl get events -n default --sort-by='.lastTimestamp' | tail -20
# Watch events in real-time
kubectl get events -n default -w
Resource Discovery
Pods
# List all pods
kubectl get pods -n <namespace>
# List pods with wide output
kubectl get pods -n <namespace> -o wide
# List pods across all namespaces
kubectl get pods -A
# Filter by label
kubectl get pods -l app=nginx -n <namespace>
Deployments
# List deployments
kubectl get deployments -n <namespace>
# Get deployment details
kubectl describe deployment <name> -n <namespace>
# Check rollout status
kubectl rollout status deployment/<name> -n <namespace>
Services
# List services
kubectl get svc -n <namespace>
# Describe service
kubectl describe svc <name> -n <namespace>
# Get endpoints
kubectl get endpoints <name> -n <namespace>
ConfigMaps and Secrets
# List ConfigMaps
kubectl get configmaps -n <namespace>
# Describe ConfigMap
kubectl describe configmap <name> -n <namespace>
# Get ConfigMap data
kubectl get configmap <name> -n <namespace> -o yaml
# List Secrets (names only)
kubectl get secrets -n <namespace>
# Describe Secret (values masked)
kubectl describe secret <name> -n <namespace>
Namespaces
# List namespaces
kubectl get namespaces
# Get namespace details
kubectl describe namespace <name>
Troubleshooting
Pod Debugging
# Describe pod for events and conditions
kubectl describe pod <name> -n <namespace>
# Get pod logs
kubectl logs <pod-name> -n <namespace>
# Get logs from specific container
kubectl logs <pod-name> -c <container-name> -n <namespace>
# Get previous container logs (after crash)
kubectl logs <pod-name> -n <namespace> --previous
# Exec into pod
kubectl exec -it <pod-name> -n <namespace> -- /bin/sh
# Run command in pod
kubectl exec <pod-name> -n <namespace> -- ls -la /app
Events
# List events sorted by time
kubectl get events -n <namespace> --sort-by='.lastTimestamp'
# Filter warning events
kubectl get events -n <namespace> --field-selector type=Warning
# Watch events live
kubectl get events -n <namespace> -w
Management Operations
Scaling
# Scale deployment
kubectl scale deployment <name> --replicas=5 -n <namespace>
# Autoscale deployment
kubectl autoscale deployment <name> --min=2 --max=10 --cpu-percent=80 -n <namespace>
Rollouts
# Check rollout status
kubectl rollout status deployment/<name> -n <namespace>
# View rollout history
kubectl rollout history deployment/<name> -n <namespace>
# Rollback to previous version
kubectl rollout undo deployment/<name> -n <namespace>
# Rollback to specific revision
kubectl rollout undo deployment/<name> --to-revision=2 -n <namespace>
Port Forwarding
# Forward local port to pod
kubectl port-forward <pod-name> 8080:80 -n <namespace>
# Forward to service
kubectl port-forward svc/<service-name> 8080:80 -n <namespace>
Context Management
# Get current context
kubectl config current-context
# List all contexts
kubectl config get-contexts
# Switch context
kubectl config use-context <context-name>
# Set default namespace
kubectl config set-context --current --namespace=<namespace>
Common Workflows
Troubleshoot a Failing Pod
# 1. Find the problematic pod
kubectl get pods -n production
# 2. Describe for events
kubectl describe pod <pod-name> -n production
# 3. Check events
kubectl get events -n production --sort-by='.lastTimestamp' | tail -20
# 4. Get logs
kubectl logs <pod-name> -n production --tail=200
Monitor Deployment Rollout
# 1. Check deployment status
kubectl get deployments -n production
# 2. Watch rollout
kubectl rollout status deployment/<name> -n production
# 3. Watch pods
kubectl get pods -l app=<app-name> -n production -w
Debug Service Connectivity
# 1. Check service
kubectl describe svc <name> -n <namespace>
# 2. Check endpoints
kubectl get endpoints <name> -n <namespace>
# 3. Check backing pods
kubectl get pods -l <service-selector> -n <namespace>
# 4. Port forward for testing
kubectl port-forward svc/<name> 8080:80 -n <namespace>
Safety Features
Blocked Operations
The following are dangerous and require confirmation:
kubectl deletecommands- Destructive exec commands (rm, dd, mkfs)
- Scale to 0 replicas in production
Masked Output
Secret values are always masked. Only metadata shown.
Error Handling
| Error | Cause | Fix |
|---|---|---|
kubectl not found |
Not installed | Install kubectl |
Unable to connect |
Cluster unreachable | Check network/VPN |
Forbidden |
RBAC permissions | Request permissions |
NotFound |
Resource missing | Verify name/namespace |
context deadline exceeded |
Timeout | Check cluster health |
Related
- kubectl docs: https://kubernetes.io/docs/reference/kubectl/
- Kubernetes API: https://kubernetes.io/docs/reference/kubernetes-api/
Memory Protocol (MANDATORY)
Before starting:
cat .claude/context/memory/learnings.md
After completing: Record any new patterns or exceptions discovered.
ASSUME INTERRUPTION: Your context may reset. If it's not in memory, it didn't happen.
More from oimiragieo/agent-studio
gcloud-cli
Google Cloud CLI operations and resource management
961pyqt6-ui-development-rules
PyQt6 desktop GUI development rules -- signal/slot architecture, QSS theming, QThread concurrency, layout management, and cross-platform rendering. Enforces MVC separation and responsive UI patterns.
544filesystem
File system operations guidance - read, write, search, and manage files using Claude Code's built-in tools.
356chrome-browser
Browser automation with two integrations - Chrome DevTools MCP (always available, performance tracing) and Claude-in-Chrome extension (authenticated sessions, GIF recording). Use DevTools for testing/debugging, Claude-in-Chrome for authenticated workflows.
300slack-notifications
Slack messaging, channels, and notifications - send messages, manage channels, interact with users, upload files, and add reactions. Use for team communication, incident notifications, and workflow alerts.
242context-compressor
Compress large context before reasoning to reduce token usage while preserving evidence. Use this whenever the user mentions huge files, long prompts, RAG payloads, prompt caching, expensive sessions, codebase context, chat history compaction, or wants the same answer quality with fewer tokens.
145