packwise-skills 1.0.0 → 1.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.cursorrules +23 -23
- package/CLAUDE.md +25 -25
- package/LICENSE +21 -0
- package/README.md +404 -295
- package/audit.md +224 -224
- package/bin/packwise.js +322 -155
- package/install.sh +123 -0
- package/package.json +32 -31
- package/skill.md +944 -719
- package/sub-skills/ai/local-llm.md +183 -183
- package/sub-skills/ai/python-ml.md +164 -164
- package/sub-skills/backend/go-server.md +184 -184
- package/sub-skills/backend/java-spring.md +241 -241
- package/sub-skills/backend/node-server.md +164 -164
- package/sub-skills/backend/php-laravel.md +175 -175
- package/sub-skills/backend/python-server.md +164 -164
- package/sub-skills/backend/rust-backend.md +118 -118
- package/sub-skills/cli/python-cli.md +236 -236
- package/sub-skills/cli/sdk-library.md +497 -497
- package/sub-skills/cloud/ci-cd-pipelines.md +350 -350
- package/sub-skills/cloud/docker.md +191 -191
- package/sub-skills/cloud/kubernetes.md +277 -277
- package/sub-skills/cloud/payment-integration.md +307 -307
- package/sub-skills/cross-platform/multiplatform.md +252 -252
- package/sub-skills/desktop/electron.md +783 -783
- package/sub-skills/desktop/game-dev.md +443 -443
- package/sub-skills/desktop/native-app.md +123 -123
- package/sub-skills/desktop/scenarios.md +443 -443
- package/sub-skills/desktop/smart-platforms.md +324 -324
- package/sub-skills/desktop/tauri.md +428 -428
- package/sub-skills/desktop/vr-ar.md +252 -252
- package/sub-skills/desktop/web-to-desktop.md +153 -153
- package/sub-skills/embedded/car-infotainment.md +129 -129
- package/sub-skills/embedded/esp32.md +184 -184
- package/sub-skills/embedded/ros.md +150 -150
- package/sub-skills/embedded/stm32.md +160 -160
- package/sub-skills/mobile/android.md +322 -322
- package/sub-skills/mobile/capacitor.md +232 -232
- package/sub-skills/mobile/flutter-mobile.md +138 -138
- package/sub-skills/mobile/harmonyos.md +150 -150
- package/sub-skills/mobile/ios.md +245 -245
- package/sub-skills/mobile/react-native.md +443 -443
- package/sub-skills/mobile/wearables.md +230 -230
- package/sub-skills/plugins/browser-extension.md +308 -308
- package/sub-skills/plugins/jetbrains-plugin.md +226 -226
- package/sub-skills/plugins/vscode-extension.md +204 -204
- package/sub-skills/security/security-tools.md +174 -174
- package/sub-skills/web/monorepo.md +274 -274
- package/sub-skills/web/pwa.md +220 -220
- package/sub-skills/web/serverless-edge.md +295 -295
- package/sub-skills/web/spa.md +266 -266
- package/sub-skills/web/ssr.md +228 -228
- package/sub-skills/web/wasm.md +243 -243
|
@@ -1,277 +1,277 @@
|
|
|
1
|
-
# Kubernetes Build Sub-Skill
|
|
2
|
-
|
|
3
|
-
Package and deploy applications to Kubernetes clusters (K8s, K3s, EKS, GKE, AKS).
|
|
4
|
-
|
|
5
|
-
**Current version**: Kubernetes 1.31 / Helm 3.x / Kustomize 5.x (2025-2026)
|
|
6
|
-
|
|
7
|
-
## When to Use
|
|
8
|
-
|
|
9
|
-
- Multi-container applications (Web + DB + Cache + Worker)
|
|
10
|
-
- Microservices architecture
|
|
11
|
-
- Auto-scaling requirements
|
|
12
|
-
- Multi-cloud or hybrid-cloud deployment
|
|
13
|
-
- Need rolling updates and zero-downtime deployments
|
|
14
|
-
|
|
15
|
-
## Core Concepts
|
|
16
|
-
|
|
17
|
-
| Concept | What It Does |
|
|
18
|
-
|---------|-------------|
|
|
19
|
-
| **Pod** | Smallest unit — runs one or more containers |
|
|
20
|
-
| **Deployment** | Manages pod replicas, rolling updates |
|
|
21
|
-
| **Service** | Network endpoint — stable IP/DNS for pods |
|
|
22
|
-
| **Ingress** | HTTP routing — domain → service mapping |
|
|
23
|
-
| **ConfigMap** | Non-secret configuration data |
|
|
24
|
-
| **Secret** | Sensitive data (passwords, tokens) |
|
|
25
|
-
| **PersistentVolume** | Durable storage (databases, uploads) |
|
|
26
|
-
| **Namespace** | Virtual cluster isolation |
|
|
27
|
-
|
|
28
|
-
## K8s Manifests
|
|
29
|
-
|
|
30
|
-
### Deployment + Service
|
|
31
|
-
|
|
32
|
-
```yaml
|
|
33
|
-
# k8s/deployment.yaml
|
|
34
|
-
apiVersion: apps/v1
|
|
35
|
-
kind: Deployment
|
|
36
|
-
metadata:
|
|
37
|
-
name: myapp
|
|
38
|
-
labels:
|
|
39
|
-
app: myapp
|
|
40
|
-
spec:
|
|
41
|
-
replicas: 3
|
|
42
|
-
selector:
|
|
43
|
-
matchLabels:
|
|
44
|
-
app: myapp
|
|
45
|
-
strategy:
|
|
46
|
-
type: RollingUpdate
|
|
47
|
-
rollingUpdate:
|
|
48
|
-
maxSurge: 1
|
|
49
|
-
maxUnavailable: 0 # Zero downtime
|
|
50
|
-
template:
|
|
51
|
-
metadata:
|
|
52
|
-
labels:
|
|
53
|
-
app: myapp
|
|
54
|
-
spec:
|
|
55
|
-
containers:
|
|
56
|
-
- name: myapp
|
|
57
|
-
image: registry.example.com/myapp:1.0.0
|
|
58
|
-
ports:
|
|
59
|
-
- containerPort: 3000
|
|
60
|
-
env:
|
|
61
|
-
- name: DATABASE_URL
|
|
62
|
-
valueFrom:
|
|
63
|
-
secretKeyRef:
|
|
64
|
-
name: myapp-secrets
|
|
65
|
-
key: database-url
|
|
66
|
-
resources:
|
|
67
|
-
requests:
|
|
68
|
-
cpu: "100m"
|
|
69
|
-
memory: "128Mi"
|
|
70
|
-
limits:
|
|
71
|
-
cpu: "500m"
|
|
72
|
-
memory: "512Mi"
|
|
73
|
-
livenessProbe:
|
|
74
|
-
httpGet:
|
|
75
|
-
path: /health
|
|
76
|
-
port: 3000
|
|
77
|
-
initialDelaySeconds: 10
|
|
78
|
-
periodSeconds: 30
|
|
79
|
-
readinessProbe:
|
|
80
|
-
httpGet:
|
|
81
|
-
path: /health
|
|
82
|
-
port: 3000
|
|
83
|
-
initialDelaySeconds: 5
|
|
84
|
-
periodSeconds: 10
|
|
85
|
-
```
|
|
86
|
-
|
|
87
|
-
```yaml
|
|
88
|
-
# k8s/service.yaml
|
|
89
|
-
apiVersion: v1
|
|
90
|
-
kind: Service
|
|
91
|
-
metadata:
|
|
92
|
-
name: myapp
|
|
93
|
-
spec:
|
|
94
|
-
selector:
|
|
95
|
-
app: myapp
|
|
96
|
-
ports:
|
|
97
|
-
- port: 80
|
|
98
|
-
targetPort: 3000
|
|
99
|
-
type: ClusterIP
|
|
100
|
-
```
|
|
101
|
-
|
|
102
|
-
```yaml
|
|
103
|
-
# k8s/ingress.yaml
|
|
104
|
-
apiVersion: networking.k8s.io/v1
|
|
105
|
-
kind: Ingress
|
|
106
|
-
metadata:
|
|
107
|
-
name: myapp
|
|
108
|
-
annotations:
|
|
109
|
-
cert-manager.io/cluster-issuer: letsencrypt-prod
|
|
110
|
-
nginx.ingress.kubernetes.io/ssl-redirect: "true"
|
|
111
|
-
spec:
|
|
112
|
-
tls:
|
|
113
|
-
- hosts: [myapp.example.com]
|
|
114
|
-
secretName: myapp-tls
|
|
115
|
-
rules:
|
|
116
|
-
- host: myapp.example.com
|
|
117
|
-
http:
|
|
118
|
-
paths:
|
|
119
|
-
- path: /
|
|
120
|
-
pathType: Prefix
|
|
121
|
-
backend:
|
|
122
|
-
service:
|
|
123
|
-
name: myapp
|
|
124
|
-
port:
|
|
125
|
-
number: 80
|
|
126
|
-
```
|
|
127
|
-
|
|
128
|
-
```yaml
|
|
129
|
-
# k8s/configmap.yaml
|
|
130
|
-
apiVersion: v1
|
|
131
|
-
kind: ConfigMap
|
|
132
|
-
metadata:
|
|
133
|
-
name: myapp-config
|
|
134
|
-
data:
|
|
135
|
-
NODE_ENV: "production"
|
|
136
|
-
LOG_LEVEL: "info"
|
|
137
|
-
```
|
|
138
|
-
|
|
139
|
-
```yaml
|
|
140
|
-
# k8s/secret.yaml
|
|
141
|
-
apiVersion: v1
|
|
142
|
-
kind: Secret
|
|
143
|
-
metadata:
|
|
144
|
-
name: myapp-secrets
|
|
145
|
-
type: Opaque
|
|
146
|
-
stringData:
|
|
147
|
-
database-url: "postgres://user:pass@db:5432/myapp"
|
|
148
|
-
```
|
|
149
|
-
|
|
150
|
-
## K3s (Lightweight Kubernetes)
|
|
151
|
-
|
|
152
|
-
```bash
|
|
153
|
-
# Install K3s (single-node, production-ready)
|
|
154
|
-
curl -sfL https://get.k3s.io | sh -
|
|
155
|
-
|
|
156
|
-
# Verify
|
|
157
|
-
kubectl get nodes
|
|
158
|
-
|
|
159
|
-
# Deploy
|
|
160
|
-
kubectl apply -f k8s/
|
|
161
|
-
|
|
162
|
-
# K3s is ideal for:
|
|
163
|
-
# - Edge computing
|
|
164
|
-
# - IoT
|
|
165
|
-
# - Development/staging
|
|
166
|
-
# - Small production clusters
|
|
167
|
-
```
|
|
168
|
-
|
|
169
|
-
## Helm (Package Manager for K8s)
|
|
170
|
-
|
|
171
|
-
```bash
|
|
172
|
-
# Install
|
|
173
|
-
curl https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | bash
|
|
174
|
-
|
|
175
|
-
# Create chart
|
|
176
|
-
helm create myapp-chart
|
|
177
|
-
```
|
|
178
|
-
|
|
179
|
-
```
|
|
180
|
-
myapp-chart/
|
|
181
|
-
├── Chart.yaml ← Chart metadata
|
|
182
|
-
├── values.yaml ← Default values
|
|
183
|
-
├── templates/
|
|
184
|
-
│ ├── deployment.yaml ← Template with {{ .Values.xxx }}
|
|
185
|
-
│ ├── service.yaml
|
|
186
|
-
│ ├── ingress.yaml
|
|
187
|
-
│ └── _helpers.tpl ← Template helpers
|
|
188
|
-
└── charts/ ← Sub-charts (dependencies)
|
|
189
|
-
```
|
|
190
|
-
|
|
191
|
-
```yaml
|
|
192
|
-
# values.yaml
|
|
193
|
-
replicaCount: 3
|
|
194
|
-
image:
|
|
195
|
-
repository: registry.example.com/myapp
|
|
196
|
-
tag: "1.0.0"
|
|
197
|
-
pullPolicy: IfNotPresent
|
|
198
|
-
service:
|
|
199
|
-
type: ClusterIP
|
|
200
|
-
port: 80
|
|
201
|
-
ingress:
|
|
202
|
-
enabled: true
|
|
203
|
-
host: myapp.example.com
|
|
204
|
-
tls: true
|
|
205
|
-
resources:
|
|
206
|
-
requests:
|
|
207
|
-
cpu: 100m
|
|
208
|
-
memory: 128Mi
|
|
209
|
-
limits:
|
|
210
|
-
cpu: 500m
|
|
211
|
-
memory: 512Mi
|
|
212
|
-
```
|
|
213
|
-
|
|
214
|
-
```bash
|
|
215
|
-
# Install
|
|
216
|
-
helm install myapp ./myapp-chart -f values.yaml
|
|
217
|
-
|
|
218
|
-
# Upgrade
|
|
219
|
-
helm upgrade myapp ./myapp-chart --set image.tag=1.1.0
|
|
220
|
-
|
|
221
|
-
# Rollback
|
|
222
|
-
helm rollback myapp 1
|
|
223
|
-
|
|
224
|
-
# Uninstall
|
|
225
|
-
helm uninstall myapp
|
|
226
|
-
```
|
|
227
|
-
|
|
228
|
-
## Kustomize (Template-Free Config)
|
|
229
|
-
|
|
230
|
-
```yaml
|
|
231
|
-
# kustomization.yaml
|
|
232
|
-
apiVersion: kustomize.config.k8s.io/v1beta1
|
|
233
|
-
kind: Kustomization
|
|
234
|
-
resources:
|
|
235
|
-
- deployment.yaml
|
|
236
|
-
- service.yaml
|
|
237
|
-
- ingress.yaml
|
|
238
|
-
commonLabels:
|
|
239
|
-
app: myapp
|
|
240
|
-
images:
|
|
241
|
-
- name: registry.example.com/myapp
|
|
242
|
-
newTag: "1.0.0"
|
|
243
|
-
patches:
|
|
244
|
-
- path: patches/replicas.yaml
|
|
245
|
-
```
|
|
246
|
-
|
|
247
|
-
```bash
|
|
248
|
-
# Apply
|
|
249
|
-
kubectl apply -k .
|
|
250
|
-
|
|
251
|
-
# Different overlays for environments
|
|
252
|
-
# overlays/production/kustomization.yaml
|
|
253
|
-
# overlays/staging/kustomization.yaml
|
|
254
|
-
```
|
|
255
|
-
|
|
256
|
-
## Helm vs Kustomize
|
|
257
|
-
|
|
258
|
-
| Feature | Helm | Kustomize |
|
|
259
|
-
|---------|------|-----------|
|
|
260
|
-
| Approach | Template-based (Go templates) | Overlay/patch based |
|
|
261
|
-
| Complexity | Higher (chart structure) | Lower (plain YAML) |
|
|
262
|
-
| Package registry | ArtifactHub (thousands of charts) | No registry |
|
|
263
|
-
| Best for | Distributable packages | Environment overlays |
|
|
264
|
-
| Secret management | External (Vault, Sealed Secrets) | External |
|
|
265
|
-
|
|
266
|
-
## Common Pitfalls
|
|
267
|
-
|
|
268
|
-
| Issue | Fix |
|
|
269
|
-
|-------|-----|
|
|
270
|
-
| Pod CrashLoopBackOff | Check logs: `kubectl logs pod-name`; verify health endpoint |
|
|
271
|
-
| ImagePullBackOff | Check image name/tag; verify registry credentials (`imagePullSecrets`) |
|
|
272
|
-
| Service not reachable | Check selector labels match; verify port mapping |
|
|
273
|
-
| ConfigMap/Secret not updating | K8s caches them; restart pods or use `--force` |
|
|
274
|
-
| Out of memory | Increase `resources.limits.memory`; check for memory leaks |
|
|
275
|
-
| PersistentVolume not mounting | Check PVC status; verify storage class exists |
|
|
276
|
-
| DNS not resolving | Check CoreDNS pods running; use fully qualified names |
|
|
277
|
-
| Ingress 404 | Verify Ingress controller installed; check host and path rules |
|
|
1
|
+
# Kubernetes Build Sub-Skill
|
|
2
|
+
|
|
3
|
+
Package and deploy applications to Kubernetes clusters (K8s, K3s, EKS, GKE, AKS).
|
|
4
|
+
|
|
5
|
+
**Current version**: Kubernetes 1.31 / Helm 3.x / Kustomize 5.x (2025-2026)
|
|
6
|
+
|
|
7
|
+
## When to Use
|
|
8
|
+
|
|
9
|
+
- Multi-container applications (Web + DB + Cache + Worker)
|
|
10
|
+
- Microservices architecture
|
|
11
|
+
- Auto-scaling requirements
|
|
12
|
+
- Multi-cloud or hybrid-cloud deployment
|
|
13
|
+
- Need rolling updates and zero-downtime deployments
|
|
14
|
+
|
|
15
|
+
## Core Concepts
|
|
16
|
+
|
|
17
|
+
| Concept | What It Does |
|
|
18
|
+
|---------|-------------|
|
|
19
|
+
| **Pod** | Smallest unit — runs one or more containers |
|
|
20
|
+
| **Deployment** | Manages pod replicas, rolling updates |
|
|
21
|
+
| **Service** | Network endpoint — stable IP/DNS for pods |
|
|
22
|
+
| **Ingress** | HTTP routing — domain → service mapping |
|
|
23
|
+
| **ConfigMap** | Non-secret configuration data |
|
|
24
|
+
| **Secret** | Sensitive data (passwords, tokens) |
|
|
25
|
+
| **PersistentVolume** | Durable storage (databases, uploads) |
|
|
26
|
+
| **Namespace** | Virtual cluster isolation |
|
|
27
|
+
|
|
28
|
+
## K8s Manifests
|
|
29
|
+
|
|
30
|
+
### Deployment + Service
|
|
31
|
+
|
|
32
|
+
```yaml
|
|
33
|
+
# k8s/deployment.yaml
|
|
34
|
+
apiVersion: apps/v1
|
|
35
|
+
kind: Deployment
|
|
36
|
+
metadata:
|
|
37
|
+
name: myapp
|
|
38
|
+
labels:
|
|
39
|
+
app: myapp
|
|
40
|
+
spec:
|
|
41
|
+
replicas: 3
|
|
42
|
+
selector:
|
|
43
|
+
matchLabels:
|
|
44
|
+
app: myapp
|
|
45
|
+
strategy:
|
|
46
|
+
type: RollingUpdate
|
|
47
|
+
rollingUpdate:
|
|
48
|
+
maxSurge: 1
|
|
49
|
+
maxUnavailable: 0 # Zero downtime
|
|
50
|
+
template:
|
|
51
|
+
metadata:
|
|
52
|
+
labels:
|
|
53
|
+
app: myapp
|
|
54
|
+
spec:
|
|
55
|
+
containers:
|
|
56
|
+
- name: myapp
|
|
57
|
+
image: registry.example.com/myapp:1.0.0
|
|
58
|
+
ports:
|
|
59
|
+
- containerPort: 3000
|
|
60
|
+
env:
|
|
61
|
+
- name: DATABASE_URL
|
|
62
|
+
valueFrom:
|
|
63
|
+
secretKeyRef:
|
|
64
|
+
name: myapp-secrets
|
|
65
|
+
key: database-url
|
|
66
|
+
resources:
|
|
67
|
+
requests:
|
|
68
|
+
cpu: "100m"
|
|
69
|
+
memory: "128Mi"
|
|
70
|
+
limits:
|
|
71
|
+
cpu: "500m"
|
|
72
|
+
memory: "512Mi"
|
|
73
|
+
livenessProbe:
|
|
74
|
+
httpGet:
|
|
75
|
+
path: /health
|
|
76
|
+
port: 3000
|
|
77
|
+
initialDelaySeconds: 10
|
|
78
|
+
periodSeconds: 30
|
|
79
|
+
readinessProbe:
|
|
80
|
+
httpGet:
|
|
81
|
+
path: /health
|
|
82
|
+
port: 3000
|
|
83
|
+
initialDelaySeconds: 5
|
|
84
|
+
periodSeconds: 10
|
|
85
|
+
```
|
|
86
|
+
|
|
87
|
+
```yaml
|
|
88
|
+
# k8s/service.yaml
|
|
89
|
+
apiVersion: v1
|
|
90
|
+
kind: Service
|
|
91
|
+
metadata:
|
|
92
|
+
name: myapp
|
|
93
|
+
spec:
|
|
94
|
+
selector:
|
|
95
|
+
app: myapp
|
|
96
|
+
ports:
|
|
97
|
+
- port: 80
|
|
98
|
+
targetPort: 3000
|
|
99
|
+
type: ClusterIP
|
|
100
|
+
```
|
|
101
|
+
|
|
102
|
+
```yaml
|
|
103
|
+
# k8s/ingress.yaml
|
|
104
|
+
apiVersion: networking.k8s.io/v1
|
|
105
|
+
kind: Ingress
|
|
106
|
+
metadata:
|
|
107
|
+
name: myapp
|
|
108
|
+
annotations:
|
|
109
|
+
cert-manager.io/cluster-issuer: letsencrypt-prod
|
|
110
|
+
nginx.ingress.kubernetes.io/ssl-redirect: "true"
|
|
111
|
+
spec:
|
|
112
|
+
tls:
|
|
113
|
+
- hosts: [myapp.example.com]
|
|
114
|
+
secretName: myapp-tls
|
|
115
|
+
rules:
|
|
116
|
+
- host: myapp.example.com
|
|
117
|
+
http:
|
|
118
|
+
paths:
|
|
119
|
+
- path: /
|
|
120
|
+
pathType: Prefix
|
|
121
|
+
backend:
|
|
122
|
+
service:
|
|
123
|
+
name: myapp
|
|
124
|
+
port:
|
|
125
|
+
number: 80
|
|
126
|
+
```
|
|
127
|
+
|
|
128
|
+
```yaml
|
|
129
|
+
# k8s/configmap.yaml
|
|
130
|
+
apiVersion: v1
|
|
131
|
+
kind: ConfigMap
|
|
132
|
+
metadata:
|
|
133
|
+
name: myapp-config
|
|
134
|
+
data:
|
|
135
|
+
NODE_ENV: "production"
|
|
136
|
+
LOG_LEVEL: "info"
|
|
137
|
+
```
|
|
138
|
+
|
|
139
|
+
```yaml
|
|
140
|
+
# k8s/secret.yaml
|
|
141
|
+
apiVersion: v1
|
|
142
|
+
kind: Secret
|
|
143
|
+
metadata:
|
|
144
|
+
name: myapp-secrets
|
|
145
|
+
type: Opaque
|
|
146
|
+
stringData:
|
|
147
|
+
database-url: "postgres://user:pass@db:5432/myapp"
|
|
148
|
+
```
|
|
149
|
+
|
|
150
|
+
## K3s (Lightweight Kubernetes)
|
|
151
|
+
|
|
152
|
+
```bash
|
|
153
|
+
# Install K3s (single-node, production-ready)
|
|
154
|
+
curl -sfL https://get.k3s.io | sh -
|
|
155
|
+
|
|
156
|
+
# Verify
|
|
157
|
+
kubectl get nodes
|
|
158
|
+
|
|
159
|
+
# Deploy
|
|
160
|
+
kubectl apply -f k8s/
|
|
161
|
+
|
|
162
|
+
# K3s is ideal for:
|
|
163
|
+
# - Edge computing
|
|
164
|
+
# - IoT
|
|
165
|
+
# - Development/staging
|
|
166
|
+
# - Small production clusters
|
|
167
|
+
```
|
|
168
|
+
|
|
169
|
+
## Helm (Package Manager for K8s)
|
|
170
|
+
|
|
171
|
+
```bash
|
|
172
|
+
# Install
|
|
173
|
+
curl https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | bash
|
|
174
|
+
|
|
175
|
+
# Create chart
|
|
176
|
+
helm create myapp-chart
|
|
177
|
+
```
|
|
178
|
+
|
|
179
|
+
```
|
|
180
|
+
myapp-chart/
|
|
181
|
+
├── Chart.yaml ← Chart metadata
|
|
182
|
+
├── values.yaml ← Default values
|
|
183
|
+
├── templates/
|
|
184
|
+
│ ├── deployment.yaml ← Template with {{ .Values.xxx }}
|
|
185
|
+
│ ├── service.yaml
|
|
186
|
+
│ ├── ingress.yaml
|
|
187
|
+
│ └── _helpers.tpl ← Template helpers
|
|
188
|
+
└── charts/ ← Sub-charts (dependencies)
|
|
189
|
+
```
|
|
190
|
+
|
|
191
|
+
```yaml
|
|
192
|
+
# values.yaml
|
|
193
|
+
replicaCount: 3
|
|
194
|
+
image:
|
|
195
|
+
repository: registry.example.com/myapp
|
|
196
|
+
tag: "1.0.0"
|
|
197
|
+
pullPolicy: IfNotPresent
|
|
198
|
+
service:
|
|
199
|
+
type: ClusterIP
|
|
200
|
+
port: 80
|
|
201
|
+
ingress:
|
|
202
|
+
enabled: true
|
|
203
|
+
host: myapp.example.com
|
|
204
|
+
tls: true
|
|
205
|
+
resources:
|
|
206
|
+
requests:
|
|
207
|
+
cpu: 100m
|
|
208
|
+
memory: 128Mi
|
|
209
|
+
limits:
|
|
210
|
+
cpu: 500m
|
|
211
|
+
memory: 512Mi
|
|
212
|
+
```
|
|
213
|
+
|
|
214
|
+
```bash
|
|
215
|
+
# Install
|
|
216
|
+
helm install myapp ./myapp-chart -f values.yaml
|
|
217
|
+
|
|
218
|
+
# Upgrade
|
|
219
|
+
helm upgrade myapp ./myapp-chart --set image.tag=1.1.0
|
|
220
|
+
|
|
221
|
+
# Rollback
|
|
222
|
+
helm rollback myapp 1
|
|
223
|
+
|
|
224
|
+
# Uninstall
|
|
225
|
+
helm uninstall myapp
|
|
226
|
+
```
|
|
227
|
+
|
|
228
|
+
## Kustomize (Template-Free Config)
|
|
229
|
+
|
|
230
|
+
```yaml
|
|
231
|
+
# kustomization.yaml
|
|
232
|
+
apiVersion: kustomize.config.k8s.io/v1beta1
|
|
233
|
+
kind: Kustomization
|
|
234
|
+
resources:
|
|
235
|
+
- deployment.yaml
|
|
236
|
+
- service.yaml
|
|
237
|
+
- ingress.yaml
|
|
238
|
+
commonLabels:
|
|
239
|
+
app: myapp
|
|
240
|
+
images:
|
|
241
|
+
- name: registry.example.com/myapp
|
|
242
|
+
newTag: "1.0.0"
|
|
243
|
+
patches:
|
|
244
|
+
- path: patches/replicas.yaml
|
|
245
|
+
```
|
|
246
|
+
|
|
247
|
+
```bash
|
|
248
|
+
# Apply
|
|
249
|
+
kubectl apply -k .
|
|
250
|
+
|
|
251
|
+
# Different overlays for environments
|
|
252
|
+
# overlays/production/kustomization.yaml
|
|
253
|
+
# overlays/staging/kustomization.yaml
|
|
254
|
+
```
|
|
255
|
+
|
|
256
|
+
## Helm vs Kustomize
|
|
257
|
+
|
|
258
|
+
| Feature | Helm | Kustomize |
|
|
259
|
+
|---------|------|-----------|
|
|
260
|
+
| Approach | Template-based (Go templates) | Overlay/patch based |
|
|
261
|
+
| Complexity | Higher (chart structure) | Lower (plain YAML) |
|
|
262
|
+
| Package registry | ArtifactHub (thousands of charts) | No registry |
|
|
263
|
+
| Best for | Distributable packages | Environment overlays |
|
|
264
|
+
| Secret management | External (Vault, Sealed Secrets) | External |
|
|
265
|
+
|
|
266
|
+
## Common Pitfalls
|
|
267
|
+
|
|
268
|
+
| Issue | Fix |
|
|
269
|
+
|-------|-----|
|
|
270
|
+
| Pod CrashLoopBackOff | Check logs: `kubectl logs pod-name`; verify health endpoint |
|
|
271
|
+
| ImagePullBackOff | Check image name/tag; verify registry credentials (`imagePullSecrets`) |
|
|
272
|
+
| Service not reachable | Check selector labels match; verify port mapping |
|
|
273
|
+
| ConfigMap/Secret not updating | K8s caches them; restart pods or use `--force` |
|
|
274
|
+
| Out of memory | Increase `resources.limits.memory`; check for memory leaks |
|
|
275
|
+
| PersistentVolume not mounting | Check PVC status; verify storage class exists |
|
|
276
|
+
| DNS not resolving | Check CoreDNS pods running; use fully qualified names |
|
|
277
|
+
| Ingress 404 | Verify Ingress controller installed; check host and path rules |
|