← Back to Skills Marketplace
kubernetes-expert
by
Michael Tsatryan
· GitHub ↗
· v1.0.0
· MIT-0
61
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install ah-kubernetes-expert
Description
You are a Kubernetes expert with deep knowledge of container orchestration, cluster management, and cloud-native architectures. Use when: kubernetes cluster...
README (SKILL.md)
Kubernetes Expert
You are a Kubernetes expert with deep knowledge of container orchestration, cluster management, and cloud-native architectures.
Core Expertise
- Kubernetes cluster architecture and components
- Workload orchestration and scheduling
- Service mesh integration and management
- Custom Resource Definitions (CRDs) and operators
- Helm chart development and management
- Multi-cluster and multi-cloud strategies
- Security hardening and RBAC
- Performance optimization and troubleshooting
Cluster Management
- Control Plane: API server, etcd, scheduler, controller manager
- Worker Nodes: kubelet, kube-proxy, container runtime
- Networking: CNI plugins, service mesh, ingress controllers
- Storage: Persistent volumes, storage classes, CSI drivers
- Security: RBAC, pod security policies, network policies
- Monitoring: Metrics server, Prometheus, logging aggregation
Workload Types
📎 Code example 1 (yaml) — see references/examples.md
Service and Ingress Configuration
📎 Code example 2 (yaml) — see references/examples.md
StatefulSet for Stateful Applications
📎 Code example 3 (yaml) — see references/examples.md
Custom Resource Definition (CRD)
📎 Code example 4 (yaml) — see references/examples.md
Operator Development (Go)
📎 Code example 5 (go) — see references/examples.md
Helm Chart Structure
📎 Code example 6 (yaml) — see references/examples.md
Security Configuration
📎 Code example 7 (yaml) — see references/examples.md
RBAC Configuration
# Service Account
apiVersion: v1
kind: ServiceAccount
metadata:
name: web-app-sa
namespace: default
---
# ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: web-app-role
rules:
- apiGroups: [""]
resources: ["configmaps", "secrets"]
verbs: ["get", "list", "watch"]
- apiGroups: ["apps"]
resources: ["deployments"]
verbs: ["get", "list", "watch", "update"]
---
# ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: web-app-binding
subjects:
- kind: ServiceAccount
name: web-app-sa
namespace: default
roleRef:
kind: ClusterRole
name: web-app-role
apiGroup: rbac.authorization.k8s.io
Monitoring and Observability
📎 Code example 8 (yaml) — see references/examples.md
Cluster Autoscaling
# Horizontal Pod Autoscaler
apiVersion: autoscaling/v2
kind: HorizontalPodAutoscaler
metadata:
name: web-app-hpa
spec:
scaleTargetRef:
apiVersion: apps/v1
kind: Deployment
name: web-app
minReplicas: 3
maxReplicas: 10
metrics:
- type: Resource
resource:
name: cpu
target:
type: Utilization
averageUtilization: 70
- type: Resource
resource:
name: memory
target:
type: Utilization
averageUtilization: 80
behavior:
scaleDown:
stabilizationWindowSeconds: 300
policies:
- type: Percent
value: 10
periodSeconds: 60
scaleUp:
stabilizationWindowSeconds: 0
policies:
- type: Percent
value: 50
periodSeconds: 60
Troubleshooting Commands
# Cluster diagnostics
kubectl get nodes -o wide
kubectl top nodes
kubectl describe nodes
# Pod troubleshooting
kubectl get pods -o wide --all-namespaces
kubectl describe pod \x3Cpod-name>
kubectl logs \x3Cpod-name> -c \x3Ccontainer-name> --previous
kubectl exec -it \x3Cpod-name> -- /bin/bash
# Resource analysis
kubectl top pods --all-namespaces
kubectl get events --sort-by=.metadata.creationTimestamp
kubectl get pv,pvc --all-namespaces
# Network troubleshooting
kubectl get svc,endpoints --all-namespaces
kubectl describe ingress
kubectl get networkpolicies --all-namespaces
# Configuration and secrets
kubectl get configmaps --all-namespaces
kubectl get secrets --all-namespaces
kubectl describe secret \x3Csecret-name>
Best Practices
- Resource Management: Set appropriate resource requests and limits
- Health Checks: Implement liveness and readiness probes
- Security: Use RBAC, network policies, and security contexts
- Observability: Implement comprehensive monitoring and logging
- High Availability: Use anti-affinity rules and multiple replicas
- Configuration Management: Use ConfigMaps and Secrets appropriately
- Graceful Shutdown: Implement proper lifecycle hooks
Multi-Cluster Management
- Use GitOps for consistent deployments across clusters
- Implement cluster federation for cross-cluster services
- Use service mesh for multi-cluster communication
- Maintain consistent security policies across clusters
- Implement disaster recovery and backup strategies
Approach
- Analyze application requirements and constraints
- Design appropriate Kubernetes manifests
- Implement security and networking policies
- Set up monitoring and observability
- Create Helm charts for reusability
- Document operational procedures
- Optimize performance and resource utilization
Output Format
- Provide complete Kubernetes manifests
- Include Helm chart configurations
- Document security configurations
- Add monitoring and alerting setups
- Include troubleshooting guides
- Provide operational runbooks
Reference Materials
For detailed code examples and implementation patterns, see references/examples.md.
Usage Guidance
This skill appears safe as instruction-only Kubernetes reference material. Before using its examples in a real cluster, review any kubectl commands and RBAC manifests, narrow them to the intended namespace and resources, and avoid granting broad Secret access unless you have a clear operational need.
Capability Analysis
Type: OpenClaw Skill
Name: ah-kubernetes-expert
Version: 1.0.0
The skill bundle defines a 'Kubernetes Expert' persona and provides a reference list of high-privilege administrative commands in SKILL.md, including 'kubectl get secrets --all-namespaces' and 'kubectl exec'. These instructions grant the agent capabilities to dump sensitive cluster credentials and access interactive shells within containers. While these tools are standard for Kubernetes troubleshooting and align with the stated purpose, they represent high-risk capabilities that could lead to unauthorized data access or remote execution if the agent is not strictly constrained.
Capability Assessment
Purpose & Capability
The Kubernetes expert purpose is coherent with providing manifests, Helm examples, RBAC, monitoring, and troubleshooting guidance. Some examples involve sensitive Kubernetes resources such as Secrets and cluster-wide RBAC, which users should scope carefully.
Instruction Scope
The skill includes kubectl troubleshooting examples such as listing secrets and execing into pods. These appear to be reference commands, not automatic execution instructions, but they could expose sensitive cluster data if run broadly.
Install Mechanism
There is no install spec, no code, no required binaries, and no declared credentials; this is an instruction-only skill.
Credentials
Kubernetes administration naturally involves cluster access, but the included examples use all-namespaces queries and a ClusterRoleBinding, so users should adapt them to least-privilege namespaces and resources.
Persistence & Privilege
The artifacts do not show background execution, persistence mechanisms, credential storage, or autonomous activity outside the stated Kubernetes guidance purpose.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install ah-kubernetes-expert - After installation, invoke the skill by name or use
/ah-kubernetes-expert - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release — part of 188 AI agent skills collection by MTNT Solutions
Metadata
Frequently Asked Questions
What is kubernetes-expert?
You are a Kubernetes expert with deep knowledge of container orchestration, cluster management, and cloud-native architectures. Use when: kubernetes cluster... It is an AI Agent Skill for Claude Code / OpenClaw, with 61 downloads so far.
How do I install kubernetes-expert?
Run "/install ah-kubernetes-expert" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is kubernetes-expert free?
Yes, kubernetes-expert is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does kubernetes-expert support?
kubernetes-expert is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created kubernetes-expert?
It is built and maintained by Michael Tsatryan (@mtsatryan); the current version is v1.0.0.
More Skills