Debugs Kubernetes resource quota and limit issues including ResourceQuota exceeded, LimitRange violations, OOMKilled due to memory limits, and CPU throttling. Use when hitting quota limits, container resource constraint errors, or capacity issues.
Retrieves Kubernetes container logs with various patterns including multi-container pods, previous container logs, init containers, and label-based aggregation. Use when checking application logs, debugging crashes, or analyzing container output.
Walk through adding a new external Helm component to the kuberise platform
Kubernetes native configuration management with Kustomize. Use for environment-specific configs, resource patching, manifest organization, multi-environment deployments, and GitOps workflows. Triggers: kustomize, kustomization, overlay, base, patch, strategic merge, json patch, json6902, configmap generator, secret generator, namespace, namePrefix, nameSuffix, commonLabels, commonAnnotations, component, transformer, replacement, multi-environment, dev/staging/prod configs, k8s manifest management.
Creates and optimizes Docker configurations including Dockerfiles, docker-compose files, and container orchestration. Covers multi-stage builds, layer optimization, security hardening, networking, volumes, and debugging. Trigger keywords: docker, container, dockerfile, image, compose, registry, build, layer, cache, multi-stage, volume, network, port, environment, containerize, orchestration, registry, push, pull, tag, alpine, slim, distroless.
Kubernetes node autoscaling and cost optimization with Karpenter. Use when implementing node provisioning, spot instance management, cluster right-sizing, node consolidation, or reducing compute costs. Covers NodePool configuration, EC2NodeClass setup, disruption budgets, spot/on-demand mix strategies, multi-architecture support, and capacity-type selection.
Kubernetes deployment patterns, resource configuration, and operational best practices
Scaffold a new local Helm chart and register it in the app-of-apps
Kubernetes deployment, cluster architecture, security, and operations. Includes manifests, Helm charts, RBAC, network policies, troubleshooting, and production best practices. Trigger keywords: kubernetes, k8s, pod, deployment, statefulset, daemonset, service, ingress, configmap, secret, pvc, namespace, helm, chart, kubectl, cluster, rbac, networkpolicy, podsecurity, operator, crd, job, cronjob, hpa, pdb, kustomize.
Infrastructure as Code security scanning skill for Terraform, CloudFormation, Kubernetes manifests, Helm charts, and ARM templates. This skill should be used when auditing IaC configurations for misconfigurations, scanning Terraform plans, validating Kubernetes security policies, checking cloud infrastructure compliance, or integrating security into CI/CD pipelines. Triggers on requests to scan Terraform, audit CloudFormation, check Kubernetes manifests, validate Helm charts, or find IaC security issues.
Write production-ready CEL (Common Expression Language) code for Kubernetes ValidatingAdmissionPolicies, CRD validation rules, and security policies. Use when users need to create admission policies, validate Kubernetes resources, enforce security constraints, or write CEL expressions for Kubernetes.
Create production-ready KRO ResourceGraphDefinitions using Pulumi TypeScript. Use when users need to define custom Kubernetes APIs, compose resources with KRO, integrate AWS ACK resources, or build platform abstractions using Pulumi infrastructure as code.
Container and Kubernetes security assessment skill for Docker, Kubernetes, and container orchestration platforms. This skill should be used when scanning container images for vulnerabilities, auditing Kubernetes cluster security, testing container escape scenarios, reviewing Docker configurations, or performing container runtime security analysis. Triggers on requests to scan Docker images, audit Kubernetes security, test container configurations, or assess container orchestration security.
Kubernetes expert: kubectl, manifests, RBAC, networking, Helm, troubleshooting. Use when deploying to Kubernetes, writing manifests, or debugging K8s issues.
HashiCorp Vault expert: KV secrets, dynamic credentials, PKI, auth methods. Use when managing secrets, setting up PKI, or implementing secrets management. Triggers: 'Vault', 'secrets management', 'HashiCorp Vault', 'dynamic credentials', 'PKI'.
腾讯云COS对象存储:存储桶配置、权限管理、CDN加速。Use when storing files, building static websites, or CDN distribution. Triggers: 'COS', '腾讯云存储', '对象存储', 'CDN'. Works with: Claude Code, Codex, OpenCode, Cursor, Cline, OpenClaw, Kimi.
Helm expert: chart development, values configuration, Go template syntax, Helm hooks, library charts, and production deployment patterns. Use when creating Helm charts, managing releases, or configuring Kubernetes applications with Helm.
Deployment architecture, multi-tenancy design, and environment-specific deployment commands. Use when the user asks about how the application is deployed, multi-tenant architecture with Navigator, Fly.io deployment, or frontend stack details.
Learn how to deploy PocketBase on Google Cloud Run using the new volume mounting feature, enabling scale-to-zero, infinite storage, and easy backups.
Analyze Kubernetes resource lifecycle in Prow CI job artifacts by parsing audit logs and pod logs from GCS, generating interactive HTML reports with timelines
Expert Harbor container registry administrator specializing in registry operations, vulnerability scanning with Trivy, artifact signing with Notary, RBAC, and multi-region replication. Use when managing container registries, implementing security policies, configuring image scanning, or setting up disaster recovery.
