Kubernetes

deployment-patterns is a practical deployment-patterns skill for CI/CD workflows, Dockerized delivery, health checks, and rollback-safe production rollouts. Use this deployment-patterns guide to choose rolling, blue-green, or canary deployment patterns for web apps with less guesswork.

prometheus-configuration helps you install and use Prometheus for scraping, retention, alerting, and recording rules across Kubernetes, Docker Compose, and server setups.

Use the distributed-tracing skill to design and explain request tracing across microservices with Jaeger and Tempo. Covers install basics, trace and span concepts, Kubernetes setup patterns, context propagation, and practical usage for observability and latency debugging.

k8s-manifest-generator helps generate production-shaped Kubernetes manifests for Deployment, Service, ConfigMap, Secret, and PVC resources using repo templates and spec references.

k8s-security-policies helps teams draft Kubernetes NetworkPolicy, Pod Security Standards labels, and RBAC patterns using repo-backed templates and references for hardening and audit-ready rollout planning.

gitops-workflow helps you design Kubernetes GitOps with ArgoCD or Flux, covering install paths, repo structure, sync policies, and deployment-ready usage guidance.

helm-chart-scaffolding helps scaffold and organize Helm charts for Kubernetes apps with templates, chart structure guidance, and validation steps for Deployment, Service, ingress, values, and Helm lint workflows.

multi-cloud-architecture helps design and compare AWS, Azure, GCP, and OCI architectures using service mappings and proven patterns like primary/DR, active-active, and portable platform baselines.

The hybrid-cloud-networking skill guides secure on-prem to cloud connectivity planning, comparing VPN vs dedicated links like Direct Connect and ExpressRoute, with redundancy, routing, and failover tips. Use it as a hybrid-cloud-networking guide for deployment decisions.

istio-traffic-management helps teams draft Istio traffic policies like VirtualService, DestinationRule, Gateway, and ServiceEntry for canary, retries, circuit breaking, and mirroring. Use it to translate deployment intent into clear routing and resilience manifests with practical prompts and review checks.

linkerd-patterns helps teams apply Linkerd patterns for Kubernetes workloads, including mTLS, sidecar injection, traffic splits, retries, timeouts, service profiles, and multi-cluster planning for Deployment-based rollouts.

deployment-pipeline-design helps you design multi-stage CI/CD pipelines with approval gates, security checks, rollout strategy, environment promotion, and rollback logic for Kubernetes, ECS, VMs, serverless, and other deployment targets.

gitlab-ci-patterns helps draft GitLab CI/CD pipelines with stages, caching, artifacts, Docker build and push jobs, and Kubernetes-style deployment flows for faster setup and review.

terraform-skill is a diagnose-first skill for Terraform and OpenTofu work. Use it to review, debug, or plan changes across modules, tests, CI, scans, and state operations with version-aware guidance. It helps reduce identity churn, secrets exposure, blast radius, CI drift, and state corruption.

Use the cloud skill to create PlantUML cloud architecture diagrams with official provider stencil icons for AWS, Azure, GCP, Alibaba Cloud, IBM Cloud, and OpenStack. It is a strong cloud guide for Cloud Architecture, with install and usage patterns, service boundaries, and flow-aware layouts for real deployment diagrams.

detecting-container-escape-with-falco-rules helps detect container escape attempts with Falco runtime security rules. It focuses on syscall signals, privileged containers, host-path abuse, validation, and incident response workflows for Kubernetes and Linux container environments.

detecting-container-escape-attempts helps investigate, detect, and triage container escape signals in Docker and Kubernetes. Use this detecting-container-escape-attempts guide for incident triage, escape vectors, alert interpretation, and response workflows based on Falco, Sysdig, auditd, and container inspection evidence.

building-devsecops-pipeline-with-gitlab-ci helps you design and implement a GitLab CI/CD DevSecOps pipeline with SAST, DAST, container scanning, dependency scanning, secret detection, and license checks. It is useful for install, usage, and security audit workflows, with guidance grounded in GitLab templates, variables, and pipeline structure.

auditing-kubernetes-cluster-rbac helps audit Kubernetes RBAC for overbroad roles, risky bindings, secret access, and privilege escalation paths. It is built for security audit workflows across EKS, GKE, AKS, and self-managed clusters, with practical guidance for kubectl, rbac-tool, KubiScan, and Kubeaudit.

analyzing-kubernetes-audit-logs is a Kubernetes security analysis skill for turning API server audit logs into actionable findings. Use it to investigate exec into pods, secret access, RBAC changes, privileged workloads, and anonymous API access, or to build detection rules and triage summaries from JSON lines audit data.

wendy-contributing is a practical guide for contributing to WendyOS, covering Yocto builds, wendy-agent internals, E2E testing, and device-specific OS behavior. Use it for wendy-contributing usage when you need help with meta-wendyos layers, bitbake recipes, mDNS/Avahi, device identity, or wendy-contributing for Backend Development.

deployment-engineer is a CI/CD and release-planning skill for building deployment pipelines, drafting runbooks, and adding verification, rollback, and observability steps. Includes GitHub Actions examples, Kubernetes references, and helper scripts to generate and validate deployment plans.