K8s Cluster Management Skill

K8s Cluster Management

Always use Kubespray for Kubernetes cluster installation. Kubespray playbooks are idempotent and converge to desired state.

Components (January 2026)

| Component | Version | Purpose | |-----------|---------|--------| | Kubernetes | v1.34.3 | Cluster | | Kubespray | v2.29.1 | Installer | | etcd | v3.5.26 | Key-value store | | containerd | v2.2.1 | Container runtime | | Cilium | v1.18.6 | CNI + Gateway | | Gateway API | v1.4.0 | Ingress | | cert-manager | v1.19.2 | TLS automation | | MetalLB | v0.14.9 | Bare metal LB |

Note: For K8s v1.35.0, wait for Kubespray v2.30+.

Installation

Run from bastion server. See reference files for detailed commands:

Kubernetes cluster: references/kubespray.md
CNI: references/cilium.md
Ingress: references/gateway-api.md
TLS: references/cert-manager.md

kubectl Access

After installation, kubectl works directly from bastion:

# On bastion
kubectl get nodes
kubectl get pods -A

Or via VPN from any connected server:

# Connect to VPN first
tailscale up --login-server https://vpn.example.com --authkey <KEY>

# Then kubectl works
kubectl get nodes

Reference Files

references/kubespray.md - Installation
references/cilium.md - CNI
references/gateway-api.md - Ingress
references/cert-manager.md - TLS
references/upgrades.md - Cluster upgrades
references/essential-components.md - Essential components
references/troubleshooting.md - Troubleshooting

Agent Skills: K8s Cluster Management

Install this agent skill to your local

Skill Files