kubernetes-helm
Kubernetes環境とHelmチャートを操作し、アプリケーションのデプロイ、設定、トラブルシューティング、GitOps構築などを支援することで、Kubernetesの運用管理を効率化するSkill。
📜 元の英語説明(参考)
Manages Kubernetes clusters and Helm charts. Use when the user wants to write Kubernetes manifests, create Helm charts, deploy applications, debug pods, configure networking (services, ingress), set up autoscaling, manage secrets and config maps, write operators, troubleshoot cluster issues, or implement GitOps workflows. Trigger words: kubernetes, k8s, kubectl, helm, helm chart, pod, deployment, service, ingress, namespace, configmap, secret, hpa, pvc, statefulset, daemonset, cronjob, operator, kustomize, argocd, flux, gitops, node pool, taint, toleration, affinity.
🇯🇵 日本人クリエイター向け解説
Kubernetes環境とHelmチャートを操作し、アプリケーションのデプロイ、設定、トラブルシューティング、GitOps構築などを支援することで、Kubernetesの運用管理を効率化するSkill。
※ jpskill.com 編集部が日本のビジネス現場向けに補足した解説です。Skill本体の挙動とは独立した参考情報です。
下記のコマンドをコピーしてターミナル(Mac/Linux)または PowerShell(Windows)に貼り付けてください。 ダウンロード → 解凍 → 配置まで全自動。
mkdir -p ~/.claude/skills && cd ~/.claude/skills && curl -L -o kubernetes-helm.zip https://jpskill.com/download/15047.zip && unzip -o kubernetes-helm.zip && rm kubernetes-helm.zip$d = "$env:USERPROFILE\.claude\skills"; ni -Force -ItemType Directory $d | Out-Null; iwr https://jpskill.com/download/15047.zip -OutFile "$d\kubernetes-helm.zip"; Expand-Archive "$d\kubernetes-helm.zip" -DestinationPath $d -Force; ri "$d\kubernetes-helm.zip"完了後、Claude Code を再起動 → 普通に「動画プロンプト作って」のように話しかけるだけで自動発動します。
💾 手動でダウンロードしたい(コマンドが難しい人向け)
- 1. 下の青いボタンを押して
kubernetes-helm.zipをダウンロード - 2. ZIPファイルをダブルクリックで解凍 →
kubernetes-helmフォルダができる - 3. そのフォルダを
C:\Users\あなたの名前\.claude\skills\(Win)または~/.claude/skills/(Mac)へ移動 - 4. Claude Code を再起動
⚠️ ダウンロード・利用は自己責任でお願いします。当サイトは内容・動作・安全性について責任を負いません。
🎯 このSkillでできること
下記の説明文を読むと、このSkillがあなたに何をしてくれるかが分かります。Claudeにこの分野の依頼をすると、自動で発動します。
📦 インストール方法 (3ステップ)
- 1. 上の「ダウンロード」ボタンを押して .skill ファイルを取得
- 2. ファイル名の拡張子を .skill から .zip に変えて展開(macは自動展開可)
- 3. 展開してできたフォルダを、ホームフォルダの
.claude/skills/に置く- · macOS / Linux:
~/.claude/skills/ - · Windows:
%USERPROFILE%\.claude\skills\
- · macOS / Linux:
Claude Code を再起動すれば完了。「このSkillを使って…」と話しかけなくても、関連する依頼で自動的に呼び出されます。
詳しい使い方ガイドを見る →- 最終更新
- 2026-05-18
- 取得日時
- 2026-05-18
- 同梱ファイル
- 1
📖 Skill本文(日本語訳)
※ 原文(英語/中国語)を Gemini で日本語化したものです。Claude 自身は原文を読みます。誤訳がある場合は原文をご確認ください。
Kubernetes & Helm
概要
Kubernetes のマニフェストと Helm チャートを作成し、Kubernetes クラスタ上にアプリケーションをデプロイおよび管理し、ワークロードをデバッグし、ネットワークとストレージを構成し、オートスケーリングと可観測性を設定し、GitOps ワークフローを実装します。
手順
1. コアワークロード
Deployment:
apiVersion: apps/v1
kind: Deployment
metadata:
name: api-server
namespace: app
spec:
replicas: 3
selector:
matchLabels: { app: api-server }
strategy:
type: RollingUpdate
rollingUpdate: { maxUnavailable: 1, maxSurge: 1 }
template:
metadata:
labels: { app: api-server, version: v1 }
spec:
containers:
- name: api
image: registry.example.com/api:1.2.3
ports: [{ containerPort: 8080, name: http }]
env:
- name: DATABASE_URL
valueFrom: { secretKeyRef: { name: db-credentials, key: url } }
resources:
requests: { cpu: 250m, memory: 256Mi }
limits: { cpu: 500m, memory: 512Mi }
readinessProbe:
httpGet: { path: /health/ready, port: http }
initialDelaySeconds: 5
periodSeconds: 10
livenessProbe:
httpGet: { path: /health/live, port: http }
initialDelaySeconds: 15
lifecycle:
preStop:
exec: { command: ["/bin/sh", "-c", "sleep 10"] }
terminationGracePeriodSeconds: 30StatefulSet (データベース):
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: redis
spec:
serviceName: redis
replicas: 3
selector:
matchLabels: { app: redis }
template:
spec:
containers:
- name: redis
image: redis:7-alpine
ports: [{ containerPort: 6379 }]
volumeMounts: [{ name: data, mountPath: /data }]
volumeClaimTemplates:
- metadata: { name: data }
spec:
accessModes: ["ReadWriteOnce"]
storageClassName: gp3
resources: { requests: { storage: 10Gi } }CronJob:
apiVersion: batch/v1
kind: CronJob
metadata:
name: db-backup
spec:
schedule: "0 2 * * *"
concurrencyPolicy: Forbid
jobTemplate:
spec:
backoffLimit: 2
template:
spec:
restartPolicy: OnFailure
containers:
- name: backup
image: registry.example.com/db-backup:latest
envFrom: [{ secretRef: { name: backup-credentials } }]2. ネットワーキング
Service + Ingress:
apiVersion: v1
kind: Service
metadata:
name: api-server
spec:
type: ClusterIP
selector: { app: api-server }
ports: [{ port: 80, targetPort: http }]
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: api-ingress
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
spec:
ingressClassName: nginx
tls: [{ hosts: [api.example.com], secretName: api-tls }]
rules:
- host: api.example.com
http:
paths:
- path: /
pathType: Prefix
backend: { service: { name: api-server, port: { number: 80 } } }3. オートスケーリング
apiVersion: autoscaling/v2
kind: HorizontalPodAutoscaler
metadata:
name: api-server
spec:
scaleTargetRef: { apiVersion: apps/v1, kind: Deployment, name: api-server }
minReplicas: 3
maxReplicas: 20
metrics:
- type: Resource
resource: { name: cpu, target: { type: Utilization, averageUtilization: 70 } }
behavior:
scaleUp: { stabilizationWindowSeconds: 60, policies: [{ type: Pods, value: 4, periodSeconds: 60 }] }
scaleDown: { stabilizationWindowSeconds: 300 }4. Helm チャート
チャート構造:
charts/api-server/
├── Chart.yaml
├── values.yaml
├── templates/
│ ├── _helpers.tpl
│ ├── deployment.yaml
│ ├── service.yaml
│ ├── ingress.yaml
│ └── hpa.yamlvalues.yaml:
replicaCount: 2
image:
repository: registry.example.com/api
tag: latest
service: { type: ClusterIP, port: 80 }
ingress:
enabled: false
className: nginx
resources:
requests: { cpu: 250m, memory: 256Mi }
limits: { cpu: 500m, memory: 512Mi }
autoscaling:
enabled: false
minReplicas: 2
maxReplicas: 10コマンド:
helm upgrade --install api-server ./charts/api-server -n app --create-namespace -f values-prod.yaml --set image.tag=1.2.3
helm diff upgrade api-server ./charts/api-server -f values-prod.yaml
helm rollback api-server 1 -n app
helm template api-server ./charts/api-server -f values-prod.yaml # debug5. デバッグ
kubectl describe pod <name> -n <ns> # イベントの確認
kubectl logs <pod> -n <ns> --previous # クラッシュしたコンテナのログ
kubectl exec -it <pod> -n <ns> -- /bin/sh # pod へのシェル
kubectl port-forward svc/api-server 8080:80 -n app
kubectl top pods -n appよくある問題:
ImagePullBackOff→ イメージ名、タグ、レジストリ認証 (imagePullSecrets) を確認してくださいCrashLoopBackOff→ ログ (--previous)、プローブ、リソース制限を確認してくださいPending→ ノードリソース、PVC バインディング、taint を確認してくださいOOMKilled→ メモリ制限を増やしてください
6. ArgoCD による GitOps
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: api-server
namespace: argocd
spec:
source:
repoURL: https://github.com/company/k8s-manifests
targetRevision: main
path: overlays/production
destination:
server: https://kubernetes.default.svc
namespace: app
syncPolicy:
automated: { prune: true, selfHeal: true }
syncOptions: [CreateNamespace=true]例
例 1: フルアプリケーションスタック
入力: "Deploy: Node.js API (3 replicas), React frontend, PostgreSQL, Redis, background worker. Include ingress, TLS, autoscaling, persistent storage."
出力: Namespace with quotas, API Deployment with HPA (3-20 on CPU/memory) and probes, frontend Deployment with nginx ConfigMap, PostgreSQL StatefulSet (50Gi PVC), Redis Deployment, Worker Deployment with KEDA scaling, Ingress with cert-manager TLS and path routing, S
(原文がここで切り詰められています)
📜 原文 SKILL.md(Claudeが読む英語/中国語)を展開
Kubernetes & Helm
Overview
Writes Kubernetes manifests and Helm charts, deploys and manages applications on Kubernetes clusters, debugs workloads, configures networking and storage, sets up autoscaling and observability, and implements GitOps workflows.
Instructions
1. Core Workloads
Deployment:
apiVersion: apps/v1
kind: Deployment
metadata:
name: api-server
namespace: app
spec:
replicas: 3
selector:
matchLabels: { app: api-server }
strategy:
type: RollingUpdate
rollingUpdate: { maxUnavailable: 1, maxSurge: 1 }
template:
metadata:
labels: { app: api-server, version: v1 }
spec:
containers:
- name: api
image: registry.example.com/api:1.2.3
ports: [{ containerPort: 8080, name: http }]
env:
- name: DATABASE_URL
valueFrom: { secretKeyRef: { name: db-credentials, key: url } }
resources:
requests: { cpu: 250m, memory: 256Mi }
limits: { cpu: 500m, memory: 512Mi }
readinessProbe:
httpGet: { path: /health/ready, port: http }
initialDelaySeconds: 5
periodSeconds: 10
livenessProbe:
httpGet: { path: /health/live, port: http }
initialDelaySeconds: 15
lifecycle:
preStop:
exec: { command: ["/bin/sh", "-c", "sleep 10"] }
terminationGracePeriodSeconds: 30StatefulSet (databases):
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: redis
spec:
serviceName: redis
replicas: 3
selector:
matchLabels: { app: redis }
template:
spec:
containers:
- name: redis
image: redis:7-alpine
ports: [{ containerPort: 6379 }]
volumeMounts: [{ name: data, mountPath: /data }]
volumeClaimTemplates:
- metadata: { name: data }
spec:
accessModes: ["ReadWriteOnce"]
storageClassName: gp3
resources: { requests: { storage: 10Gi } }CronJob:
apiVersion: batch/v1
kind: CronJob
metadata:
name: db-backup
spec:
schedule: "0 2 * * *"
concurrencyPolicy: Forbid
jobTemplate:
spec:
backoffLimit: 2
template:
spec:
restartPolicy: OnFailure
containers:
- name: backup
image: registry.example.com/db-backup:latest
envFrom: [{ secretRef: { name: backup-credentials } }]2. Networking
Service + Ingress:
apiVersion: v1
kind: Service
metadata:
name: api-server
spec:
type: ClusterIP
selector: { app: api-server }
ports: [{ port: 80, targetPort: http }]
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: api-ingress
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
spec:
ingressClassName: nginx
tls: [{ hosts: [api.example.com], secretName: api-tls }]
rules:
- host: api.example.com
http:
paths:
- path: /
pathType: Prefix
backend: { service: { name: api-server, port: { number: 80 } } }3. Autoscaling
apiVersion: autoscaling/v2
kind: HorizontalPodAutoscaler
metadata:
name: api-server
spec:
scaleTargetRef: { apiVersion: apps/v1, kind: Deployment, name: api-server }
minReplicas: 3
maxReplicas: 20
metrics:
- type: Resource
resource: { name: cpu, target: { type: Utilization, averageUtilization: 70 } }
behavior:
scaleUp: { stabilizationWindowSeconds: 60, policies: [{ type: Pods, value: 4, periodSeconds: 60 }] }
scaleDown: { stabilizationWindowSeconds: 300 }4. Helm Charts
Chart structure:
charts/api-server/
├── Chart.yaml
├── values.yaml
├── templates/
│ ├── _helpers.tpl
│ ├── deployment.yaml
│ ├── service.yaml
│ ├── ingress.yaml
│ └── hpa.yamlvalues.yaml:
replicaCount: 2
image:
repository: registry.example.com/api
tag: latest
service: { type: ClusterIP, port: 80 }
ingress:
enabled: false
className: nginx
resources:
requests: { cpu: 250m, memory: 256Mi }
limits: { cpu: 500m, memory: 512Mi }
autoscaling:
enabled: false
minReplicas: 2
maxReplicas: 10Commands:
helm upgrade --install api-server ./charts/api-server -n app --create-namespace -f values-prod.yaml --set image.tag=1.2.3
helm diff upgrade api-server ./charts/api-server -f values-prod.yaml
helm rollback api-server 1 -n app
helm template api-server ./charts/api-server -f values-prod.yaml # debug5. Debugging
kubectl describe pod <name> -n <ns> # Check events
kubectl logs <pod> -n <ns> --previous # Crashed container logs
kubectl exec -it <pod> -n <ns> -- /bin/sh # Shell into pod
kubectl port-forward svc/api-server 8080:80 -n app
kubectl top pods -n appCommon issues:
ImagePullBackOff→ Check image name, tag, registry auth (imagePullSecrets)CrashLoopBackOff→ Check logs (--previous), probes, resource limitsPending→ Check node resources, PVC binding, taintsOOMKilled→ Increase memory limits
6. GitOps with ArgoCD
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: api-server
namespace: argocd
spec:
source:
repoURL: https://github.com/company/k8s-manifests
targetRevision: main
path: overlays/production
destination:
server: https://kubernetes.default.svc
namespace: app
syncPolicy:
automated: { prune: true, selfHeal: true }
syncOptions: [CreateNamespace=true]Examples
Example 1: Full Application Stack
Input: "Deploy: Node.js API (3 replicas), React frontend, PostgreSQL, Redis, background worker. Include ingress, TLS, autoscaling, persistent storage."
Output: Namespace with quotas, API Deployment with HPA (3-20 on CPU/memory) and probes, frontend Deployment with nginx ConfigMap, PostgreSQL StatefulSet (50Gi PVC), Redis Deployment, Worker Deployment with KEDA scaling, Ingress with cert-manager TLS and path routing, Secrets via external-secrets-operator.
Example 2: Helm Chart for Multi-Tenant SaaS
Input: "Helm chart deploying per-tenant isolation: own namespace, database schema, subdomain. Single helm install per tenant."
Output: Chart with parameterized namespace, tenant-specific env vars, PostgreSQL schema init job, Ingress with {{ .Values.tenant.slug }}.app.example.com, NetworkPolicy isolation, resource quotas by plan (starter/pro/enterprise).
Guidelines
- Always set resource requests and limits on every container
- Use
RollingUpdatewithmaxUnavailable: 1andpreStopsleep for zero-downtime deploys - Configure both readiness and liveness probes
- Pin image tags — never use
latestin production - Use Helm for parameterized deployments, Kustomize for environment overlays
- Use
helm diffbefore every upgrade - Prefer
ClusterIP+ Ingress overLoadBalancerservices - Use PodDisruptionBudgets for production workloads
- Never run containers as root; drop all capabilities; use read-only root filesystem
- Use NetworkPolicies to restrict pod-to-pod traffic
- Scan images with Trivy in CI before deploying