k8sAvoid common Kubernetes mistakes β resource limits, probe configuration, selector mismatches, and RBAC pitfalls.
Install via ClawdBot CLI:
clawdbot install ivangdavila/k8sRequires:
requests = guaranteed minimum β scheduler uses this for placementlimits = maximum allowed β exceeding memory = OOMKilled, CPU = throttledrequests without limits = burstable β can use more if availablereadinessProbe controls traffic β fails = removed from Service endpointslivenessProbe restarts container β fails = container killed and restartedstartupProbe for slow starts β disables liveness/readiness until successinitialDelaySeconds too short β pod killed before app startstimeoutSeconds too short β slow response = restart loopscheme: HTTPSapp, version, environmentmatchExpressions for complex selection β In, NotIn, ExistsenvFrom imports all keys β env.valueFrom for specific keyssubPath for single file without replacing directoryClusterIP internal only β default, only accessible within clusterNodePort exposes on node IP β 30000-32767 range, not for productionLoadBalancer provisions cloud LB β works only in supported environmentsstorageClassName must match β or use "" for no dynamic provisioningReadWriteOnce = single node β ReadWriteMany needed for multi-podpersistentVolumeReclaimPolicy controls PV fatekubectl apply vs create β apply for declarative (can update), create for imperative (fails if exists)-n namespace or set context defaultlatest in production β no version pinning, unpredictable updatesimagePullPolicy β Always for latest tag, IfNotPresent for versionedkubectl describe pod for events β shows scheduling failures, probe failureskubectl logs -f pod for logs β -p for previous container (after crash)kubectl exec -it pod -- sh for shell β debug inside containerkubectl get events --sort-by=.lastTimestamp β cluster-wide events timelineServiceAccount per workload β not default, for least privilegeRole is namespaced β ClusterRole is cluster-wideRoleBinding binds Role to user/SA β ClusterRoleBinding for cluster-widekubectl auth can-i verb resource --as=system:serviceaccount:ns:saGenerated Mar 1, 2026
A team is launching a containerized web app with multiple services, requiring proper resource limits, probe configurations, and service networking to ensure reliability and scalability. They must avoid common pitfalls like selector mismatches and unset image tags to prevent downtime in production environments.
An organization runs a database on Kubernetes, needing persistent storage with PVCs and RBAC for secure access. They must configure liveness probes carefully to avoid restart loops during database outages and ensure data persistence across pod restarts.
A DevOps team automates deployments using Kubernetes, requiring debugging tools like kubectl logs and describe to troubleshoot failed pods. They need to set up ConfigMaps for environment variables and avoid using latest image tags to maintain version control.
A cloud provider hosts multiple clients on a shared Kubernetes cluster, using RBAC with ServiceAccounts and Roles to enforce least privilege. They must manage network policies and secrets securely to prevent unauthorized access between tenants.
An online retailer scales their Kubernetes deployment for holiday sales, adjusting resource requests and limits to handle bursts. They use readiness probes to manage traffic flow and avoid OOMKills, ensuring high availability under load.
A company offers managed Kubernetes clusters, handling setup, maintenance, and updates for clients. They generate revenue through subscription fees based on cluster size and support levels, helping businesses focus on application development rather than infrastructure.
A consultancy provides expert services for Kubernetes adoption, including architecture design, troubleshooting, and staff training. Revenue comes from project-based contracts and workshop fees, assisting organizations in optimizing their container workflows.
A tech firm develops tools for monitoring, logging, and security in Kubernetes environments, such as dashboards or automated compliance checks. They earn revenue through software licenses or SaaS subscriptions, targeting teams needing enhanced observability.
π¬ Integration Tip
Ensure kubectl is installed and configured with proper cluster access; use consistent labeling and probe configurations to avoid common deployment errors.
Automatically update Clawdbot and all installed skills once daily. Runs via cron, checks for updates, applies them, and messages the user with a summary of what changed.
Full desktop computer use for headless Linux servers. Xvfb + XFCE virtual desktop with xdotool automation. 17 actions (click, type, scroll, screenshot, drag,...
Essential Docker commands and workflows for container management, image operations, and debugging.
Tool discovery and shell one-liner reference for sysadmin, DevOps, and security tasks. AUTO-CONSULT this skill when the user is: troubleshooting network issues, debugging processes, analyzing logs, working with SSL/TLS, managing DNS, testing HTTP endpoints, auditing security, working with containers, writing shell scripts, or asks 'what tool should I use for X'. Source: github.com/trimstray/the-book-of-secret-knowledge
Deploy applications and manage projects with complete CLI reference. Commands for deployments, projects, domains, environment variables, and live documentation access.
Monitor topics of interest and proactively alert when important developments occur. Use when user wants automated monitoring of specific subjects (e.g., product releases, price changes, news topics, technology updates). Supports scheduled web searches, AI-powered importance scoring, smart alerts vs weekly digests, and memory-aware contextual summaries.