Creating Kubernetes Deployment

The Manifest Trap: Why Manual Deployments Fail

You're staring at a blank deployment.yaml and the clock is ticking. You need to spin up a containerized application, but the Kubernetes API feels like a minefield of validation rules and subtle configuration traps. You type out the manifest, hit kubectl apply, and watch the pods spin up. But then they crash. Or they pass readiness checks too early. Or the service selector doesn't match the pod labels and your traffic goes to /dev/null.

We built this skill so you don't have to debug manifest syntax at 2 AM. Every kubectl action, whether creating a Deployment or reading logs, follows the same API-driven path ^[5]. When you scaffold a deployment manually, you're fighting against the API's strict expectations. The official docs show a basic example ^[1], but that's a toy for a tutorial. Real clusters demand resource limits, security contexts, and proper probe wiring. Every time you write a deployment from scratch, you risk introducing configuration drift, missing a critical health check, or getting the image pull policy wrong. You spend 45 minutes debugging a typo in matchLabels instead of shipping features. The trade-offs of manual object management are clear: speed now, pain later [4].

The Real Cost of Missing Probes and Resource Limits

Ignoring this isn't free. A missing resource limit can turn a noisy neighbor into a node eviction event, taking down your entire tenant. A misconfigured liveness probe restarts a healthy pod every 30 seconds, blowing your request budget and triggering false alarms in PagerDuty. You pay for the wasted engineer hours debugging manifest syntax, plus the cloud costs of spinning up pods that immediately die.

When you skip validation, you ship manifests that kubectl accepts but the cluster rejects or handles poorly. You end up with services that can't find their endpoints because the URL and ports in your app don't match the service definition ^[7]. Or you create an HPA that scales on the wrong metric because the selector is wrong. The cost compounds: every manual deployment is a chance for human error, and in K8s, human error looks like a production outage. A bad rollout can take down your P99 latency, and without a clear rollback strategy, you're stuck chasing logs while your users see 503s. You need a workflow that catches these errors before they leave your terminal.

How a SaaS Team Lost Checkout Traffic to a Bad Selector

Imagine a platform engineering team at a mid-sized SaaS company. They have 50 microservices. Every developer creates deployments manually. One engineer pushes a new version of the auth service. They forget to update the image tag in the manifest, or worse, they leave out the resources.requests block. The pod lands on a node with low memory. The OOM killer steps in. The pod restarts.

The readiness probe isn't wired, so the service router starts sending traffic to a container that hasn't initialized its database connections yet. The auth service returns 503s. The checkout flow breaks. The team spends two hours chasing logs, only to find the manifest lacked a startup probe to handle the slow DB connection. They realize they need a standardized workflow. They look at the kubectl reference docs ^[3] to understand the commands, but the docs don't give them a template. They need a repeatable process. They need to set selectors before creating the service pair ^[8]. They need to validate manifests before they hit the cluster. Without a scaffolded workflow, every deployment is a roll of the dice. The team eventually realizes that consistency isn't optional; it's the only way to scale deployments without scaling incidents.

Scaffold, Validate, and Rollout with Confidence

Once you install this skill, the workflow changes. You no longer guess at the YAML structure. You run the scaffold script, pass your image and replicas, and get a production-grade manifest with resource limits, security contexts, and probe definitions pre-wired. The scaffold-deployment.sh script generates the deployment from environment variables, so you never have to type the same boilerplate twice. You validate against schemas before you commit using validate-manifests.sh, which wraps kubeconform and exits non-zero on failure. The check-probes.sh validator ensures every manifest has required probe definitions, so you catch missing health checks at the terminal, not in production.

You get embedded references for kubectl rollout commands, so you know exactly how to undo a bad deploy, check status, restart a rollout, or view history without memorizing flags. The kubectl-rollout.md reference gives you the canonical knowledge right in your workspace. Your deployments become consistent, auditable, and safe. You spend seconds scaffolding instead of hours debugging. You can focus on the application logic while the skill handles the Kubernetes complexity. If you need a broader set of manifests and Helm charts, you can also explore the Kubernetes Deployment Pack for extended coverage.

What's in the Creating Kubernetes Deployment Skill

This is a multi-file deliverable designed for working engineers. Here's exactly what you get:

• skill.md — Orchestrator skill that defines the workflow for creating, validating, and managing Kubernetes Deployments. References all templates, scripts, validators, and references.
• templates/deployment.yaml — Production-grade Deployment template with resource limits, security context, and probe definitions.
• templates/service.yaml — Service template to expose the Deployment via ClusterIP, NodePort, or LoadBalancer.
• templates/hpa.yaml — HorizontalPodAutoscaler template for automatic scaling based on CPU/memory utilization.
• references/kubectl-rollout.md — Embedded canonical knowledge on kubectl rollout commands (undo, status, restart, history, pause, resume) sourced from Context7.
• references/probes-guide.md — Embedded canonical knowledge on Liveness, Readiness, and Startup probes configuration and best practices.
• scripts/validate-manifests.sh — Executable script that wraps kubeconform to validate Kubernetes manifests against schemas. Exits non-zero on validation failure.
• scripts/scaffold-deployment.sh — Executable script to scaffold a new Deployment YAML from environment variables (IMAGE, REPLICAS, PORT).
• validators/check-probes.sh — Validator script that checks YAML files for required probe definitions. Exits non-zero if probes are missing.
• examples/worked-nginx.yaml — Complete worked example of a Deployment, Service, and HPA for an Nginx application.

Install the Skill and Ship Safer Deployments

Stop shipping fragile manifests. Start deploying with confidence. Upgrade to Pro to install the Creating Kubernetes Deployment skill and lock in your workflow. Get the templates, scripts, and validators that catch errors before they hit production. Install it, run the scaffold, validate, and ship.