Skip to content

Kubernetes Skills

Verified

Kubernetes certificate management with cert-manager. Use when managing TLS certificates, configuring issuers, or troubleshooting certificate issues.

912

Install

Claude Code

Add to .claude/skills/

About This Skill

# Certificate Management with cert-manager

Manage TLS certificates using kubectl-mcp-server's cert-manager tools.

Check Installation

```python certmanager_detect_tool() ```

Certificates

List Certificates

```python # List all certificates certmanager_certificates_list_tool(namespace="default")

# Check certificate status # - True: Certificate ready # - False: Certificate not ready (check events) ```

Get Certificate Details

```python certmanager_certificate_get_tool( name="my-tls", namespace="default" ) # Shows: # - Issuer reference # - Secret name # - DNS names # - Expiry date # - Renewal time ```

Create Certificate

```python kubectl_apply(manifest=""" apiVersion: cert-manager.io/v1 kind: Certificate metadata: name: my-tls namespace: default spec: secretName: my-tls-secret issuerRef: name: letsencrypt-prod kind: ClusterIssuer dnsNames: - app.example.com - www.example.com """) ```

Issuers

List Issuers

```python # Namespace issuers certmanager_issuers_list_tool(namespace="default")

# Cluster-wide issuers certmanager_clusterissuers_list_tool() ```

Get Issuer Details

```python certmanager_issuer_get_tool(name="my-issuer", namespace="default") certmanager_clusterissuer_get_tool(name="letsencrypt-prod") ```

Create Let's Encrypt Issuer

```python # Staging (for testing) kubectl_apply(manifest=""" apiVersion: cert-manager.io/v1 kind: ClusterIssuer metadata: name: letsencrypt-staging spec: acme: server: https://acme-staging-v02.api.letsencrypt.org/directory email: [email protected] privateKeySecretRef: name: letsencrypt-staging-key solvers: - http01: ingress: class: nginx """)

# Production kubectl_apply(manifest=""" apiVersion: cert-manager.io/v1 kind: ClusterIssuer metadata: name: letsencrypt-prod spec: acme: server: https://acme-v02.api.letsencrypt.org/directory email: [email protected] privateKeySecretRef: name: letsencrypt-prod-key solvers: - http01: ingress: class: nginx """) ```

Create Self-Signed Issuer

```python kubectl_apply(manifest=""" apiVersion: cert-manager.io/v1 kind: ClusterIssuer metadata: name: selfsigned spec: selfSigned: {} """) ```

Certificate Requests

```python # List certificate requests certmanager_certificaterequests_list_tool(namespace="default")

# Get request details (for debugging) certmanager_certificaterequest_get_tool( name="my-tls-xxxxx", namespace="default" ) ```

Troubleshooting

Certificate Not Ready

  1. ```python
  2. certmanager_certificate_get_tool(name, namespace) # Check status
  3. certmanager_certificaterequests_list_tool(namespace) # Check request
  4. get_events(namespace) # Check events
  5. # Common issues:
  6. # - Issuer not ready
  7. # - DNS challenge failed
  8. # - Rate limited by Let's Encrypt
  9. ```

Issuer Not Ready

  1. ```python
  2. certmanager_clusterissuer_get_tool(name) # Check status
  3. get_events(namespace="cert-manager") # Check events
  4. # Common issues:
  5. # - Invalid credentials
  6. # - Network issues
  7. # - Invalid configuration
  8. ```

Ingress Integration

```python # Automatic certificate via ingress annotation kubectl_apply(manifest=""" apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: my-ingress annotations: cert-manager.io/cluster-issuer: letsencrypt-prod spec: tls: - hosts: - app.example.com secretName: app-tls rules: - host: app.example.com http: paths: - path: / pathType: Prefix backend: service: name: my-service port: number: 80 """) ```

Related Skills

  • k8s-networking - Ingress configuration
  • k8s-security - Security best practices

Use Cases

  • Manage TLS certificates in Kubernetes using cert-manager
  • Configure certificate issuers for Let's Encrypt and other CAs
  • Troubleshoot certificate renewal failures and expiration issues
  • Automate SSL/TLS certificate provisioning for Kubernetes ingress
  • Monitor certificate health and expiration across cluster namespaces

Pros & Cons

Pros

  • + Compatible with multiple platforms including claude-code, openclaw
  • + Well-documented with detailed usage instructions and examples
  • + Strong community adoption with a large number of downloads
  • + Open source with permissive licensing

Cons

  • - No built-in analytics or usage metrics dashboard
  • - Configuration may require familiarity with devops & infrastructure concepts

Frequently Asked Questions

What does Kubernetes Skills do?

Kubernetes certificate management with cert-manager. Use when managing TLS certificates, configuring issuers, or troubleshooting certificate issues.

What platforms support Kubernetes Skills?

Kubernetes Skills is available on Claude Code, OpenClaw.

What are the use cases for Kubernetes Skills?

Manage TLS certificates in Kubernetes using cert-manager. Configure certificate issuers for Let's Encrypt and other CAs. Troubleshoot certificate renewal failures and expiration issues.

Stay Updated on Agent Skills

Get weekly curated skills + safety alerts