K8s Manifest Templates

Deployment

apiVersion: apps/v1 kind: Deployment metadata: name: myapp namespace: default labels: app: myapp spec: replicas: 3 selector: matchLabels: app: myapp strategy: type: RollingUpdate rollingUpdate: maxUnavailable: 1 maxSurge: 1 template: metadata: labels: app: myapp version: v1.2.3 spec: containers: - name: myapp image: registry.example.com/myapp:v1.2.3 ports: - containerPort: 8080 env: - name: DB_HOST valueFrom: configMapKeyRef: name: myapp-config key: db_host - name: DB_PASSWORD valueFrom: secretKeyRef: name: myapp-secret key: db_password resources: requests: cpu: "100m" memory: "128Mi" limits: cpu: "500m" memory: "512Mi" livenessProbe: httpGet: path: /healthz port: 8080 initialDelaySeconds: 15 periodSeconds: 20 readinessProbe: httpGet: path: /ready port: 8080 initialDelaySeconds: 5 periodSeconds: 5 affinity: podAntiAffinity: preferredDuringSchedulingIgnoredDuringExecution: - weight: 100 podAffinityTerm: labelSelector: matchLabels: app: myapp topologyKey: kubernetes.io/hostname

Service

# ClusterIP (internal) apiVersion: v1 kind: Service metadata: name: myapp-svc spec: selector: app: myapp ports: - protocol: TCP port: 80 targetPort: 8080 type: ClusterIP --- # LoadBalancer (external) apiVersion: v1 kind: Service metadata: name: myapp-lb annotations: service.beta.kubernetes.io/aws-load-balancer-type: nlb spec: selector: app: myapp ports: - port: 443 targetPort: 8443 type: LoadBalancer --- # NodePort (development) apiVersion: v1 kind: Service metadata: name: myapp-nodeport spec: selector: app: myapp ports: - port: 80 targetPort: 8080 nodePort: 30080 type: NodePort

ConfigMap & Secret

apiVersion: v1 kind: ConfigMap metadata: name: myapp-config data: db_host: "postgres.default.svc.cluster.local" db_port: "5432" log_level: "info" app.properties: | server.port=8080 spring.datasource.url=jdbc:postgresql://postgres:5432/mydb --- apiVersion: v1 kind: Secret metadata: name: myapp-secret type: Opaque stringData: db_password: "SuperSecret123!" api_key: "sk-abc123xyz789" # TLS secret apiVersion: v1 kind: Secret metadata: name: tls-secret type: kubernetes.io/tls data: tls.crt: BASE64_ENCODED_CERT tls.key: BASE64_ENCODED_KEY # Create from CLI kubectl create secret generic myapp-secret \ --from-literal=db_password=SuperSecret123! \ --from-file=config.json=./config.json

Ingress

apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: myapp-ingress annotations: nginx.ingress.kubernetes.io/rewrite-target: / nginx.ingress.kubernetes.io/ssl-redirect: "true" cert-manager.io/cluster-issuer: letsencrypt-prod spec: ingressClassName: nginx tls: - hosts: - app.example.com secretName: app-tls-secret rules: - host: app.example.com http: paths: - path: /api pathType: Prefix backend: service: name: api-svc port: number: 80 - path: / pathType: Prefix backend: service: name: frontend-svc port: number: 80

StatefulSet & PVC

apiVersion: apps/v1 kind: StatefulSet metadata: name: postgres spec: serviceName: postgres-headless replicas: 1 selector: matchLabels: app: postgres template: metadata: labels: app: postgres spec: containers: - name: postgres image: postgres:16 env: - name: PGDATA value: /data/pgdata volumeMounts: - name: postgres-data mountPath: /data volumeClaimTemplates: - metadata: name: postgres-data spec: accessModes: [ReadWriteOnce] storageClassName: gp2 resources: requests: storage: 20Gi

Related Tools

โ˜ AWS CLI Reference AWS CLI common commands reference โ˜ IAM Policies Reference AWS IAM Policy syntax reference โ˜ S3 Operations Reference AWS S3 bucket operations guide โ˜ Lambda Patterns AWS Lambda function patterns โ˜ EC2 Reference AWS EC2 instance management โ˜ CloudFormation Basics CloudFormation template syntax โ˜ VPC Guide AWS VPC network config guide โ˜ RDS Guide AWS RDS database instance guide ๐Ÿ”ต GCP CLI Reference gcloud CLI tool cheatsheet ๐Ÿ”ต GCP IAM Guide Google Cloud IAM permissions ๐Ÿ”ต Cloud Run Reference Google Cloud Run deploy guide ๐Ÿ”ต BigQuery Reference Google BigQuery SQL reference