add-k8s-service
往 Kubernetes 集群添加普通服务。当用户请求部署新应用、添加新服务到集群时使用此技能。
Best use case
add-k8s-service is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
往 Kubernetes 集群添加普通服务。当用户请求部署新应用、添加新服务到集群时使用此技能。
Teams using add-k8s-service should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/add-k8s-service/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How add-k8s-service Compares
| Feature / Agent | add-k8s-service | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
往 Kubernetes 集群添加普通服务。当用户请求部署新应用、添加新服务到集群时使用此技能。
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
SKILL.md Source
# 添加 Kubernetes 服务
## 概述
在 home-ops 集群中部署新的普通服务,使用 GitOps (Flux) 模式管理。
## 目录结构
新服务应创建在 `k8s/apps/common/<app-name>/` 下:
```
k8s/apps/common/<app-name>/
├── ks.yaml # Flux Kustomization (入口)
└── app/
├── kustomization.yaml # Kustomize 配置
├── helmrelease.yaml # HelmRelease (使用 app-template,路由也在此定义)
└── externalsecret.yaml # 可选:外部密钥
```
## 步骤
### 1. 创建 ks.yaml (Flux Kustomization)
```yaml
---
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
name: &app <app-name>
namespace: &namespace default
spec:
targetNamespace: *namespace
dependsOn:
- name: cilium
namespace: kube-system
interval: 1h
path: ./k8s/apps/common/<app-name>/app
prune: true
retryInterval: 2m
sourceRef:
kind: GitRepository
name: flux-system
namespace: flux-system
timeout: 5m
wait: false
```
### 2. 创建 app/helmrelease.yaml
使用 `app-template` chart:
```yaml
---
apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
name: &app <app-name>
spec:
interval: 1h
chartRef:
kind: OCIRepository
name: app-template
namespace: flux-system
values:
controllers:
<app-name>:
annotations:
reloader.stakater.com/auto: "true"
containers:
app:
image:
repository: <image-repo>
tag: <image-tag>
env:
TZ: ${TIMEZONE}
probes:
liveness: &probes
enabled: true
custom: true
spec:
httpGet:
path: /health
port: &port 80
initialDelaySeconds: 0
periodSeconds: 10
timeoutSeconds: 1
failureThreshold: 10
readiness: *probes
securityContext:
allowPrivilegeEscalation: false
readOnlyRootFilesystem: true
capabilities: { drop: ["ALL"] }
resources:
requests:
cpu: 10m
memory: 16Mi
limits:
memory: 100Mi
defaultPodOptions:
securityContext:
runAsNonRoot: true
runAsUser: 1000
runAsGroup: 1000
fsGroup: 1000
fsGroupChangePolicy: OnRootMismatch
service:
app:
ports:
http:
port: *port
route:
app:
annotations:
gethomepage.dev/enabled: "true"
gethomepage.dev/group: external
gethomepage.dev/name: <app-name>
gethomepage.dev/icon: <icon>.svg
hostnames: ["{{ .Release.Name }}.${MAIN_DOMAIN}"]
parentRefs:
- name: envoy-external
namespace: network
rules:
- backendRefs:
- identifier: app
port: *port
```
### 3. 创建 app/kustomization.yaml
```yaml
---
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- ./helmrelease.yaml
# - ./externalsecret.yaml # 如果需要密钥
```
### 4. (可选) 创建 app/externalsecret.yaml
如果服务需要密钥:
```yaml
---
# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/external-secrets.io/externalsecret_v1.json
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: &secret <app-name>-secret
spec:
secretStoreRef:
kind: ClusterSecretStore
name: azure-store
target:
name: *secret
template:
data:
KEY_NAME: "{{ .KEY_NAME }}"
dataFrom:
- extract:
key: <azure-keyvault-secret-name>
```
### 5. 注册服务到集群
在 `k8s/clusters/staging/apps.yaml` 或相关 kustomization 中引入新服务。
## 原则
- **Chart**: 除非特殊情况,始终使用 `app-template` 作为 Helm chart
- **密钥**: 使用 ExternalSecret 从 Azure KeyVault 同步,不要硬编码
- **组件**: 如需复用组件,从 `k8s/components/` 引入
- **安全**: 遵循最小权限原则,设置 securityContext
- **资源**: 始终设置 resources requests/limits
## 验证
1. 检查文件语法: `kubectl kustomize k8s/apps/common/<app-name>/app`
2. 提交后等待 Flux 自动同步
3. 检查状态: `flux get kustomization <app-name>`
4. 检查 Pod: `kubectl get pods -l app.kubernetes.io/name=<app-name>`
## 参考模板
- 简单服务: `k8s/apps/common/echo/`
- 带密钥服务: `k8s/apps/common/vaultwarden/`
- 带数据库服务: `k8s/apps/common/affine/`Related Skills
add-service
새 API 서비스를 생성합니다. service + hook + type 세트를 함께 생성합니다. 사용법: /add-service EntityName
add-background-service
Create BackgroundService implementations for scheduled or polling tasks (project)
acc-create-domain-service
Generates DDD Domain Services for PHP 8.5. Creates stateless services for business logic that doesn't belong to entities or value objects. Includes unit tests.
abp-service-patterns
ABP Framework application layer patterns including AppServices, DTOs, Mapperly mapping, Unit of Work, and common patterns like Filter DTOs and ResponseModel. Use when: (1) creating AppServices, (2) mapping DTOs with Mapperly, (3) implementing list filtering, (4) wrapping API responses.
lets-go-rss
A lightweight, full-platform RSS subscription manager that aggregates content from YouTube, Vimeo, Behance, Twitter/X, and Chinese platforms like Bilibili, Weibo, and Douyin, featuring deduplication and AI smart classification.
ontopo
An AI agent skill to search for Israeli restaurants, check table availability, view menus, and retrieve booking links via the Ontopo platform, acting as an unofficial interface to its data.
vly-money
Generate crypto payment links for supported tokens and networks, manage access to X402 payment-protected content, and provide direct access to the vly.money wallet interface.
chrome-debug
This skill empowers AI agents to debug web applications and inspect browser behavior using the Chrome DevTools Protocol (CDP), offering both collaborative (headful) and automated (headless) modes.
whisper-transcribe
Transcribes audio and video files to text using OpenAI's Whisper CLI, enhanced with contextual grounding from local markdown files for improved accuracy.
modal-deployment
Run Python code in the cloud with serverless containers, GPUs, and autoscaling using Modal. This skill enables agents to generate code for deploying ML models, running batch jobs, serving APIs, and scaling compute-intensive workloads.
grail-miner
This skill assists in setting up, managing, and optimizing Grail miners on Bittensor Subnet 81, handling tasks like environment configuration, R2 storage, model checkpoint management, and performance tuning.
astro
This skill provides essential Astro framework patterns, focusing on server-side rendering (SSR), static site generation (SSG), middleware, and TypeScript best practices. It helps AI agents implement secure authentication, manage API routes, and debug rendering behaviors within Astro projects.