✦ For everyone, free.

Practical knowledge for real and everyday life

Home

6.24 Kubernetes Manifest Authoring Practice

Learn how to author Kubernetes manifests effectively, covering best practices, structure, and tools for deploying and managing containerized applications.

Kubernetes Manifest Authoring Practice is the accumulated body of practical guidance experienced practitioners follow when writing manifests, covering habits around explicitness, safety, and maintainability that go beyond mere syntactic correctness, aimed at producing manifests that behave predictably in production and remain understandable to whoever maintains them next.


Avoiding Mutable Image References

The Risk of Floating Tags

Referencing a container image by a mutable tag such as latest, or any tag that a CI pipeline routinely overwrites, means the exact code running under a given manifest can change without any corresponding change to the manifest itself, undermining the traceability that declarative configuration is meant to provide.

Preferring Immutable References

Pinning to a specific version tag, or better, an image digest, ensures that reapplying an unchanged manifest always results in the exact same running code, restoring the reproducibility that a floating tag quietly breaks.


Setting Resource Requests and Limits Deliberately

Avoiding Unbounded Consumption

Omitting resource requests and limits entirely leaves a container free to consume as much CPU and memory as the node happens to have available, risking noisy-neighbor effects on other workloads sharing the same node and making capacity planning far less predictable.

Requests Reflecting Realistic Needs

Well-authored manifests set requests based on a workload's actual observed steady-state consumption rather than arbitrary round numbers, since under-provisioned requests can starve a workload of guaranteed capacity while over-provisioned requests waste cluster capacity that could otherwise be allocated to other workloads.


Configuring Health Probes Appropriately

Distinguishing Liveness From Readiness

A common authoring mistake conflates liveness and readiness checks, using an identical probe for both, when the two serve different purposes: liveness restarts a genuinely stuck process, while readiness governs traffic eligibility, and a check appropriate for one is not always appropriate for the other.

Avoiding Overly Aggressive Probe Timing

Probe intervals and failure thresholds set too aggressively can cause a slow-starting or briefly overloaded but otherwise healthy container to be restarted or removed from service unnecessarily, making realistic timing, informed by a workload's actual startup and response characteristics, an important authoring consideration.


Applying the Principle of Least Privilege

Avoiding Unnecessary Privilege Escalation

Manifests should avoid setting privileged: true or running as the root user unless a workload genuinely requires it, since doing so unnecessarily widens the node runtime boundary a compromised container could exploit.

Dropping Unneeded Capabilities

Explicitly dropping all Linux capabilities and adding back only the specific ones a container actually needs is a more disciplined default than accepting whatever broad capability set a runtime grants by default, meaningfully narrowing a container's potential blast radius if compromised.


Keeping Manifests Readable and Reviewable

Consistent Formatting

Consistent indentation, key ordering, and spacing across a team's manifests reduces the cognitive overhead of reviewing diffs, since a reviewer can focus on the actual semantic change rather than being distracted by incidental formatting differences between files authored by different people.

Sparing, Purposeful Comments

Because well-chosen field names and structure are usually self-explanatory, comments are best reserved for genuinely non-obvious decisions, such as explaining why a particular resource limit was set unusually high or low, rather than restating what a field obviously already does.


Structuring for Change Over Time

Anticipating Reasonable Future Variation

Authoring a manifest with an eye toward likely future variation, such as separating environment-specific values into a place that overlay or templating tooling can easily target, avoids painful restructuring later, without over-engineering for hypothetical variation that may never actually be needed.

Avoiding Premature Abstraction

Conversely, introducing templating or parameterization for values that have never actually varied, and show no clear signal of needing to, adds unnecessary complexity; authoring practice favors introducing abstraction in response to a real, observed need rather than speculatively in advance.


Validating Before Committing

Treating Local Validation as a Habit

Running local schema linting or a client-side dry run before committing a manifest change catches a meaningful share of structural mistakes immediately, rather than deferring that discovery to a CI pipeline or, worse, an actual failed deployment.