← 返回 Skills 市场
magicczc

k8s skill

作者 magicCzc · GitHub ↗ · v1.0.1 · MIT-0
cross-platform ✓ 安全检测通过
128
总下载
1
收藏
0
当前安装
2
版本数
在 OpenClaw 中安装
/install k8sskill
功能描述
诊断Kubernetes集群问题。用户问Pod崩溃、部署失败、服务不可访问等K8s问题时使用。
使用说明 (SKILL.md)

\r \r

K8sSkill - Kubernetes智能诊断助手\r

\r

AI执行指南(必读)\r

\r 执行诊断时遵守以下规则:\r \r 正确做法:\r

cd scripts\r
python -c "from orchestrator import analyze_cluster; print(analyze_cluster('集群有什么问题'))"\r
```\r
\r
指定命名空间:\r
```powershell\r
cd scripts\r
python -c "from orchestrator import analyze_cluster; print(analyze_cluster('检查Pod问题', namespace='kubesphere-logging-system'))"\r
```\r
\r
**禁止做法:**\r
1. 禁止创建任何额外的Python脚本文件\r
2. 禁止创建报告输出文件\r
3. 禁止封装orchestrator.py的功能\r
\r
---\r
\r
## 使用方式\r
\r
用户用自然语言描述问题,AI自动调用k8sskill执行诊断。\r
\r
**触发示例:**\r
- "检查Pod为什么崩溃"\r
- "部署失败了怎么回事"\r
- "为什么服务无法访问"\r
- "节点有问题"\r
- "存储绑定失败"\r
- "查看最近事件"\r
- "集群有什么问题"\r
\r
---\r
\r
## 支持的查询类型\r
\r
| 查询类型 | 示例问法 |\r
|---------|---------|\r
| **Pod问题** | "检查Pod为什么崩溃" / "为什么有Pod一直在重启" |\r
| **Deployment问题** | "部署失败了怎么回事" / "deployment rollout卡住了" |\r
| **Service问题** | "为什么服务无法访问" / "访问不了我的服务" |\r
| **节点问题** | "节点有问题" / "检查节点健康状态" |\r
| **存储问题** | "存储绑定失败" / "PVC无法挂载" |\r
| **事件日志** | "查看最近事件" / "集群有什么警告" |\r
| **全量检查** | "集群有什么问题" / "检查所有资源" |\r
\r
---\r
\r
## 核心能力\r
\r
### 智能资源诊断(21种分析器)\r
\r
**工作负载分析器:**\r
- **PodAnalyzer** - 检测CrashLoopBackOff、OOMKilled、ImagePullBackOff等状态\r
- **DeploymentAnalyzer** - 检查滚动更新失败、副本不足等问题\r
- **ServiceAnalyzer** - 诊断端点缺失、负载均衡异常\r
- **StatefulSetAnalyzer** - 检查Headless Service、StorageClass、Pod就绪状态\r
- **JobAnalyzer** - 检测Job挂起、执行失败、超时问题\r
- **CronJobAnalyzer** - 检查Cron表达式格式、调度配置\r
- **ReplicaSetAnalyzer** - 检查副本创建失败、ReplicaFailure条件\r
- **HPAAnalyzer** - 检查自动伸缩配置、目标资源存在性、扩容限制\r
\r
**存储和网络分析器:**\r
- **PVCAnalyzer** - 检测存储绑定失败、ProvisioningFailed错误\r
- **IngressAnalyzer** - 检查IngressClass配置、后端Service存在性、TLS证书\r
- **GatewayAnalyzer** - 检查Gateway API配置、GatewayClass存在性、接受状态\r
- **HTTPRouteAnalyzer** - 检查HTTPRoute引用的Gateway、后端Service存在性\r
- **NetworkPolicyAnalyzer** - 检查网络策略范围、未应用的策略\r
\r
**集群分析器:**\r
- **NodeAnalyzer** - 监控节点就绪状态、内存/磁盘/PID压力\r
- **EventAnalyzer** - 分析最近警告事件、异常事件模式\r
- **StorageAnalyzer** - 检查StorageClass配置、PV状态、PVC绑定\r
- **SecurityAnalyzer** - 检查ServiceAccount使用、容器安全上下文、特权模式\r
- **WebhookAnalyzer** - 检查Validating/Mutating Webhook的后端Service和Pod\r
\r
**配置分析器:**\r
- **ConfigMapAnalyzer** - 检测未使用的ConfigMap、空配置\r
- **SecretAnalyzer** - 检查未使用的Secret、TLS证书格式、Docker Registry配置\r
- **PDBAnalyzer** - 检查PodDisruptionBudget中断限制、选择器匹配\r
\r
### 自然语言交互\r
\r
| 用户输入示例 | 执行的分析 |\r
|-------------|-----------|\r
| "检查我的Pod为什么崩溃" | PodAnalyzer - 检查容器状态和事件 |\r
| "为什么服务无法访问" | ServiceAnalyzer + IngressAnalyzer |\r
| "部署失败了怎么回事" | DeploymentAnalyzer + Event分析 |\r
| "存储绑定失败" | PVCAnalyzer - 检查PVC状态 |\r
| "节点有问题" | NodeAnalyzer - 检查节点健康 |\r
| "查看最近事件" | EventAnalyzer - 分析警告事件 |\r
| "集群有什么问题" | 全量分析所有资源 |\r
\r
### 分析结果展示\r
- **结构化输出**:清晰的表格和列表展示问题\r
- **严重程度分级**:Critical/Warning/Info 三级分类\r
- **修复建议**:基于SRE经验的逐步解决方案\r
- **相关资源关联**:展示问题资源的上下游依赖\r
\r
---\r
\r
## 使用示例\r
\r
```python\r
# 在 scripts/ 目录下执行\r
from orchestrator import AnalyzerOrchestrator, analyze_cluster\r
\r
# 方式1: 使用编排器\r
orchestrator = AnalyzerOrchestrator()\r
results = orchestrator.analyze("检查Pod问题", namespace="default")\r
report = orchestrator.format_report(results)\r
print(report)\r
\r
# 方式2: 使用便捷函数\r
report = analyze_cluster("检查集群问题", namespace="production")\r
print(report)\r
```\r
\r
---\r
\r
## 配置\r
\r
### kubeconfig支持\r
支持3种配置方式:\r
1. 项目自带:`config/k8s-Test-admin.conf`\r
2. 默认位置:`~/.kube/config`\r
3. 环境变量:`KUBECONFIG=/path/to/config`\r
\r
### 快速验证配置\r
```python\r
# 在 scripts/ 目录下执行\r
from core import verify_k8s_connection\r
success, message = verify_k8s_connection()\r
print(message)\r
```\r
\r
---\r
\r
## 参考文档\r
\r
- [分析器详细说明](references/analyzers.md) - 各分析器的检测逻辑和故障模式\r
- [故障排查手册](references/troubleshooting.md) - 常见问题的排查步骤\r
\r
---\r
\r
## 依赖要求\r
\r
- Python 3.8+\r
- kubernetes-python 客户端\r
- 有效的kubeconfig文件\r
\r
---\r
\r
## 使用限制\r
\r
- 本skill为**诊断工具**,不会修改集群资源\r
- 需要集群的**只读权限**即可运行\r
- 大型集群(>1000 Pod)分析可能需要等待数秒\r
- 首次使用前请确保kubeconfig配置正确\r
\r
---\r
\r
**版本**: 1.0.0  \r
**最后更新**: 2026-04-03\r
安全使用建议
This skill appears to be what it says: a read-only Kubernetes diagnostic toolkit. Before installing or invoking it: 1) Confirm which kubeconfig it will use — KUBECONFIG env var, ~/.kube/config, or a project config — and ensure you trust that kubeconfig. 2) Understand that Secret and other analyzers may read and include sensitive data from the cluster in reports; avoid running the skill against clusters containing secrets you don't want surfaced. 3) Note the README mentions a bundled config/k8s-Test-admin.conf but that file is not listed in the manifest — ask the author whether a project kubeconfig is included or packaged. 4) Install dependencies in a controlled environment (pip install -r requirements.txt) and consider running the skill with a kubeconfig that has minimal read-only permissions for diagnostics.
功能分析
Type: OpenClaw Skill Name: k8sskill Version: 1.0.1 The k8sskill bundle is a comprehensive and well-structured Kubernetes diagnostic tool designed to identify cluster issues using the official kubernetes-python client. It features over 21 specialized analyzers (e.g., PodAnalyzer, DeploymentAnalyzer, ServiceAnalyzer) that implement SRE best practices to detect common failures such as CrashLoopBackOff, OOMKilled, and configuration errors. The code in scripts/core/base.py and scripts/orchestrator.py follows professional development patterns, including resource caching and paginated API calls to handle large clusters efficiently. There is no evidence of malicious intent, data exfiltration, or unauthorized command execution; the SKILL.md instructions correctly guide the AI agent to use the provided diagnostic functions as intended.
能力评估
Purpose & Capability
Name/description match the implementation: the package contains an orchestrator and ~21 analyzer modules that use the kubernetes Python client to inspect Pods, Deployments, Services, PVCs, Nodes, Events, Secrets, Webhooks, etc. The declared dependency (kubernetes client) and requirement for a kubeconfig are appropriate for the stated diagnostic purpose.
Instruction Scope
SKILL.md instructs the agent to run functions from scripts/orchestrator.py and to locate kubeconfig via KUBECONFIG, ~/.kube/config, or a project config file. This will cause the skill to read the user's kubeconfig and query the Kubernetes API (list/read operations). Several analyzers (e.g., SecretAnalyzer) likely read Secret objects and may include details in reports — this is within diagnostic scope but exposes sensitive cluster data to the skill's output and to the calling agent.
Install Mechanism
No install spec is provided (instruction-only install), and included requirements.txt lists only kubernetes and pyyaml which are proportional. The skill bundles code (no external download/extract steps), so there is no high-risk network install mechanism.
Credentials
The skill requests no explicit environment variables, but its get_kubeconfig_path() will read KUBECONFIG or ~/.kube/config (and also falls back to a project config path). Access to kubeconfig (which can contain tokens/certs) is necessary for cluster diagnostics but is sensitive — ensure the kubeconfig used is intentional. The SKILL.md/README mention a project-provided kubeconfig (config/k8s-Test-admin.conf), but that file is not present in the provided file manifest — this discrepancy should be clarified.
Persistence & Privilege
always is false and the skill needs no special platform privileges. It does not include install-time scripts that modify system or other skills. The skill will run code in-process and can be invoked autonomously (normal default); that autonomy combined with access to cluster credentials increases blast radius but is expected for an agent-invokable diagnostic skill.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install k8sskill
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /k8sskill 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.1
k8sskill 1.0.1 - No file changes detected in this version. - Documentation, usage instructions, capabilities, analyzers, and feature descriptions remain consistent with the previous release. - Version and last update metadata in SKILL.md remain unchanged.
v1.0.0
K8sSkill 1.0.0 - Kubernetes 智能诊断助手上线 - 支持针对Kubernetes集群问题的智能诊断,覆盖Pod、Deployment、Service、节点、存储等多场景 - 21类内置分析器提供全面的工作负载、网络、存储、配置、集群健康检查 - 结构化输出问题描述、严重级别和修复建议,自动关联相关资源 - 支持自然语言提问,自动分析常见K8s问题并生成诊断报告 - 无需集群写权限,仅需kubeconfig只读访问
元数据
Slug k8sskill
版本 1.0.1
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 2
常见问题

k8s skill 是什么?

诊断Kubernetes集群问题。用户问Pod崩溃、部署失败、服务不可访问等K8s问题时使用。 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 128 次。

如何安装 k8s skill?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install k8sskill」即可一键安装,无需额外配置。

k8s skill 是免费的吗?

是的,k8s skill 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

k8s skill 支持哪些平台?

k8s skill 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 k8s skill?

由 magicCzc(@magicczc)开发并维护,当前版本 v1.0.1。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论