Kubernetes deployment strategies and workload patterns for production-grade applications. Use when deploying to Kubernetes, implementing rollout strategies, or designing cloud-native application architectures.
Kubernetes Deployment Patterns
Expert guidance for production-grade Kubernetes deployments covering deployment strategies, workload types, configuration management, resource optimization, and autoscaling patterns for cloud-native applications.
When to Use This Skill
- Implementing deployment strategies (rolling updates, blue-green, canary releases)
- Choosing appropriate workload types (Deployment, StatefulSet, DaemonSet, Job)
- Designing rollout strategies for zero-downtime deployments
- Implementing configuration management with ConfigMaps and Secrets
- Setting up resource management and autoscaling (HPA, VPA)
- Configuring health checks and probe strategies
- Designing highly available applications on Kubernetes
- Implementing batch processing and scheduled jobs
Core Concepts
Deployment Strategies
Rolling Update: Gradually replace old pods with new ones (zero-downtime, default)
Recreate: Terminate all old pods before creating new ones (brief downtime)
Blue-Green: Run two environments, switch traffic instantly (2x resources)
Canary: Gradually shift traffic to new version while monitoring (risk mitigation)
Workload Types
Deployment: Stateless applications (web servers, APIs, microservices)
StatefulSet: Stateful applications (databases, message queues)
DaemonSet: Node-level services (log collectors, monitoring agents)
Job: One-time tasks (batch processing, migrations)
CronJob: Scheduled tasks (backups, periodic reports)
Resource Management
Requests: Guaranteed resources for scheduling
Limits: Maximum resources enforced by kubelet
HPA: Horizontal Pod Autoscaler (scale replicas based on metrics)
VPA: Vertical Pod Autoscaler (adjust resource requests/limits)
Quick Reference
| Task | Load reference |
|---|---|
| Deployment strategies (rolling, blue-green, canary) | skills/kubernetes-deployment-patterns/references/deployment-strategies.md |
| Workload types (Deployment, StatefulSet, DaemonSet, Job) | skills/kubernetes-deployment-patterns/references/workload-types.md |
| Configuration management (ConfigMaps, Secrets) | skills/kubernetes-deployment-patterns/references/configuration-management.md |
| Resource management and autoscaling (HPA, VPA) | skills/kubernetes-deployment-patterns/references/resource-management.md |
| Production best practices and security | skills/kubernetes-deployment-patterns/references/production-best-practices.md |
Workflow
1. Choose Deployment Strategy
# Rolling update for standard deployments
strategy:
type: RollingUpdate
rollingUpdate:
maxSurge: 1
maxUnavailable: 0
# Recreate for incompatible versions
strategy:
type: Recreate
2. Select Workload Type
- Stateless? → Use Deployment
- Stateful with persistent identity? → Use StatefulSet
- One pod per node? → Use DaemonSet
- Run to completion? → Use Job
- Run on schedule? → Use CronJob
3. Configure Resources
resources:
requests:
memory: "256Mi"
cpu: "250m"
limits:
memory: "512Mi"
cpu: "1000m"
4. Add Configuration
# ConfigMap for non-sensitive config
envFrom:
- configMapRef:
name: app-config
# Secret for sensitive data
env:
- name: DB_PASSWORD
valueFrom:
secretKeyRef:
name: db-credentials
key: password
5. Implement Health Checks
livenessProbe:
httpGet:
path: /healthz
port: 8080
initialDelaySeconds: 30
periodSeconds: 10
readinessProbe:
httpGet:
path: /ready
port: 8080
initialDelaySeconds: 5
periodSeconds: 5
6. Enable Autoscaling
apiVersion: autoscaling/v2
kind: HorizontalPodAutoscaler
spec:
scaleTargetRef:
kind: Deployment
name: app
minReplicas: 2
maxReplicas: 10
metrics:
- type: Resource
resource:
name: cpu
target:
type: Utilization
averageUtilization: 70
Common Mistakes
- Using
latesttag: Always use specific version tags for reproducibility - No resource limits: Can cause resource starvation and cluster instability
- Missing health checks: Kubernetes can't manage pod health without probes
- Single replica in production: No high availability or resilience
- Secrets in ConfigMaps: Use Secrets for sensitive data, not ConfigMaps
- No update strategy: Leads to unpredictable deployment behavior
- Running as root: Security vulnerability, violates least privilege
- No monitoring: Can't detect or debug issues in production
Resources
- Official Docs: https://kubernetes.io/docs/concepts/workloads/
- Deployment Strategies: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/
- StatefulSets: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/
- Autoscaling: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/
- Configuration: https://kubernetes.io/docs/concepts/configuration/
- Best Practices: https://kubernetes.io/docs/concepts/configuration/overview/
You Might Also Like
Related Skills
create-pr
Creates GitHub pull requests with properly formatted titles that pass the check-pr-title CI validation. Use when creating PRs, submitting changes for review, or when the user says /pr or asks to create a pull request.
n8n-io
electron-chromium-upgrade
Guide for performing Chromium version upgrades in the Electron project. Use when working on the roller/chromium/main branch to fix patch conflicts during `e sync --3`. Covers the patch application workflow, conflict resolution, analyzing upstream Chromium changes, and proper commit formatting for patch fixes.
electron
pr-creator
Use this skill when asked to create a pull request (PR). It ensures all PRs follow the repository's established templates and standards.
google-gemini
clawdhub
Use the ClawdHub CLI to search, install, update, and publish agent skills from clawdhub.com. Use when you need to fetch new skills on the fly, sync installed skills to latest or a specific version, or publish new/updated skill folders with the npm-installed clawdhub CLI.
moltbottmux
Remote-control tmux sessions for interactive CLIs by sending keystrokes and scraping pane output.
moltbot
create-pull-request
Create a GitHub pull request following project conventions. Use when the user asks to create a PR, submit changes for review, or open a pull request. Handles commit analysis, branch management, and PR creation using the gh CLI tool.
cline