Kubernetes YAML Generator
Developer UtilitiesGenerate Kubernetes manifests — Deployment, Service, Ingress, ConfigMap, Secret. Free, private — all processing in your browser.
Select project type
Dockerfile
Edit the Dockerfile above to customize it for your project. The template follows Docker best practices including multi-stage builds, non-root users, and health checks.
The Kubernetes YAML Generator creates production-ready K8s manifests for the resources you use daily: Deployments, Services (ClusterIP, NodePort, LoadBalancer), Ingresses, ConfigMaps, Secrets, CronJobs, StatefulSets, DaemonSets, PersistentVolumeClaims, HorizontalPodAutoscalers, and NetworkPolicies. Each form fills in the boilerplate (apiVersion, metadata, labels, selectors) and includes best-practice fields (resource requests/limits, liveness/readiness probes, security context, topology spread). The generator follows the latest K8s conventions (as of 1.30+) and produces manifests that pass kubectl apply --dry-run=client.
Writing Kubernetes YAML by hand is tedious and error-prone. One misplaced dash, wrong indentation, or mistyped field name and kubectl apply fails with a cryptic error. Boilerplate (apiVersion, labels, selectors) is the same 80% of the time across manifests. Production-ready manifests need dozens of fields (probes, limits, security, anti-affinity) most developers leave off. This generator fills them in by default, producing manifests ready for kubectl apply -f manifest.yaml in dev, staging, or production clusters.
Kubernetes YAML Generator — key features
10+ resource types
Deployment, Service, Ingress, ConfigMap, Secret, CronJob, StatefulSet, DaemonSet, PVC, HPA, NetworkPolicy.
Production-ready defaults
Resource limits, liveness/readiness probes, non-root security context, standard labels all included by default.
Validation
YAML syntax and K8s schema validation. Catches errors before kubectl apply fails.
Related resources
Generate Deployment + Service + Ingress together. All with matching selectors and labels.
Image pull secrets
Add imagePullSecrets for private registries (Docker Hub private, AWS ECR, GCP GCR).
Multiple environments
Produce base manifests. Use Kustomize or Helm for environment-specific variants (included tips in output).
Latest apiVersion
Uses current stable API versions (apps/v1, networking.k8s.io/v1, autoscaling/v2). Not deprecated versions.
Copy-paste ready
Output is valid YAML, directly applicable with kubectl apply -f. No placeholder values you forgot to replace.
How to use the Kubernetes YAML Generator
- 1
Choose resource type
Deployment for stateless apps, StatefulSet for databases, DaemonSet for per-node agents, CronJob for scheduled tasks.
- 2
Fill in basics
Name, namespace, labels, image, ports. Tool generates boilerplate automatically.
- 3
Configure resources
Requests (what you need) and limits (maximum). Start conservative: 100m CPU / 128Mi memory, tune later.
- 4
Set up probes
Liveness (restart if unhealthy) and readiness (serve traffic when ready). Critical for production.
- 5
Add dependencies
Companion Service for network access. Ingress for HTTP routing. ConfigMap/Secret for config.
- 6
Copy and apply
Download YAML. Apply with kubectl apply -f manifest.yaml.
Common use cases for the Kubernetes YAML Generator
Deployments
- →Deploy stateless web service: Deployment + Service + Ingress. Three manifests, ready to apply.
- →Deploy REST API: Deployment with HPA for auto-scaling based on CPU.
- →Deploy microservice: Deployment + ClusterIP Service for internal access + NetworkPolicy for security.
- →Deploy frontend (static site): nginx Deployment serving static files. CDN in front for performance.
Stateful workloads
- →Run database: StatefulSet + PersistentVolumeClaim + headless Service. Stable network IDs, persistent storage.
- →Redis cluster: StatefulSet for stable pod identity. ConfigMap for redis.conf.
- →Elasticsearch cluster: StatefulSet with anti-affinity to spread across nodes.
- →Message queue (RabbitMQ, Kafka): StatefulSet with persistent storage.
Scheduled jobs
- →Database backups: CronJob running pg_dump nightly. Output to object storage.
- →Daily reports: CronJob running analytics, sending email.
- →Data pipelines: CronJob triggering ETL runs.
- →Certificate renewal: CronJob running certbot or cert-manager challenges.
System workloads
- →Log collection: DaemonSet on every node running Fluentd or Filebeat.
- →Monitoring agents: DaemonSet for Prometheus node-exporter, Datadog, or Dynatrace.
- →Network plugins: DaemonSet for Calico, Cilium, Weave.
- →Storage drivers: DaemonSet for CSI drivers.
Kubernetes YAML Generator — examples
Simple Deployment + Service
Stateless app with internal access.
App: myapp, image: myapp:1.0, port: 3000
apiVersion: apps/v1
kind: Deployment
metadata:
name: myapp
spec:
replicas: 3
selector:
matchLabels:
app: myapp
template:
metadata:
labels:
app: myapp
spec:
containers:
- name: app
image: myapp:1.0
ports:
- containerPort: 3000
---
apiVersion: v1
kind: Service
metadata:
name: myapp
spec:
selector:
app: myapp
ports:
- port: 80
targetPort: 3000Deployment with probes
Production-ready with health checks.
App with /health endpoint
apiVersion: apps/v1
kind: Deployment
metadata:
name: myapp
spec:
replicas: 3
selector:
matchLabels:
app: myapp
template:
metadata:
labels:
app: myapp
spec:
containers:
- name: app
image: myapp:1.0
ports:
- containerPort: 3000
resources:
requests:
cpu: 100m
memory: 128Mi
limits:
cpu: 500m
memory: 512Mi
livenessProbe:
httpGet: { path: /health, port: 3000 }
initialDelaySeconds: 30
readinessProbe:
httpGet: { path: /ready, port: 3000 }Ingress with TLS
Public-facing with HTTPS.
Host: example.com, service: myapp:80
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: myapp
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
spec:
tls:
- hosts: [example.com]
secretName: myapp-tls
rules:
- host: example.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: myapp
port: { number: 80 }CronJob
Daily backup schedule.
Schedule: daily 2am
apiVersion: batch/v1
kind: CronJob
metadata:
name: backup
spec:
schedule: "0 2 * * *"
jobTemplate:
spec:
template:
spec:
containers:
- name: backup
image: backup-tool:1.0
command: ["sh", "-c", "pg_dump ..."]
restartPolicy: OnFailureConfigMap
Non-secret configuration.
App config values
apiVersion: v1 kind: ConfigMap metadata: name: myapp-config data: API_URL: https://api.example.com LOG_LEVEL: info FEATURE_FLAG_NEW_UI: "true"
HorizontalPodAutoscaler
Auto-scale based on CPU.
Scale myapp between 3 and 10 based on CPU
apiVersion: autoscaling/v2
kind: HorizontalPodAutoscaler
metadata:
name: myapp
spec:
scaleTargetRef:
apiVersion: apps/v1
kind: Deployment
name: myapp
minReplicas: 3
maxReplicas: 10
metrics:
- type: Resource
resource:
name: cpu
target:
type: Utilization
averageUtilization: 70Technical details
Kubernetes manifests are YAML files that describe desired state of resources. The API server reconciles actual state to match.
Universal manifest structure:
``yaml``
apiVersion: apps/v1 # API group/version for this resource
kind: Deployment # Resource type
metadata: # Resource identity
name: my-app
namespace: default # Optional
labels:
app: my-app
spec: # Desired state (varies by kind)
# ...
Common resources and their specs:
Deployment (stateless apps):
``yaml``
apiVersion: apps/v1
kind: Deployment
metadata:
name: my-app
spec:
replicas: 3
selector:
matchLabels:
app: my-app
template:
metadata:
labels:
app: my-app
spec:
containers:
- name: app
image: myapp:1.0
ports:
- containerPort: 3000
resources:
requests:
cpu: 100m
memory: 128Mi
limits:
cpu: 500m
memory: 512Mi
livenessProbe:
httpGet:
path: /health
port: 3000
initialDelaySeconds: 30
readinessProbe:
httpGet:
path: /ready
port: 3000
Service (network routing):
``yaml``
apiVersion: v1
kind: Service
metadata:
name: my-app
spec:
type: ClusterIP # or NodePort, LoadBalancer
selector:
app: my-app
ports:
- port: 80 # External port
targetPort: 3000 # Pod port
Ingress (HTTP routing):
``yaml``
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: my-app
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
spec:
tls:
- hosts: [example.com]
secretName: my-app-tls
rules:
- host: example.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: my-app
port: { number: 80 }
Key production-readiness fields:
- Resources (requests/limits): requests = guaranteed, limits = maximum. Without these, pods can be evicted or hog resources.
- Probes: liveness (when to restart), readiness (when to serve traffic), startup (initial slow boot).
- SecurityContext: runAsNonRoot, readOnlyRootFilesystem, drop capabilities.
- TopologySpreadConstraints: spread pods across availability zones.
- PodDisruptionBudget: minimum available during upgrades.
- HorizontalPodAutoscaler: scale based on CPU, memory, or custom metrics.
- NetworkPolicy: firewall rules between pods.
Labels and selectors:
Labels identify resources. Selectors find resources by labels. Standard labels (2026):
``
app.kubernetes.io/name: myapp
app.kubernetes.io/instance: myapp-production
app.kubernetes.io/version: 1.0.0
app.kubernetes.io/component: api
app.kubernetes.io/part-of: mysystem
app.kubernetes.io/managed-by: helm
API versions over time:
- apps/v1 — current stable for Deployment, StatefulSet, DaemonSet.
- networking.k8s.io/v1 — current stable for Ingress, NetworkPolicy.
- batch/v1 — Job, CronJob.
- autoscaling/v2 — HPA with custom metrics.
- Old versions (extensions/v1beta1, apps/v1beta1) — deprecated, should be migrated.
Namespaces:
Isolate resources. Specify with metadata.namespace or kubectl -n. Common: default, kube-system, ingress-nginx, monitoring.
Common problems and solutions
⚠Missing resource limits
Without limits, a pod can consume all node resources — affecting other pods or causing OOM kills. Always set requests and limits. Start conservative, tune based on metrics.
⚠Wrong apiVersion
Kubernetes APIs evolve. Old apiVersion (extensions/v1beta1) was deprecated. Use current stable: apps/v1 for workloads, networking.k8s.io/v1 for networking, autoscaling/v2 for HPA.
⚠Mismatched selectors
Deployment selector must match Pod template labels. Service selector must match Pod labels. Mismatch = Deployment has no pods, Service routes to nothing.
⚠No readiness probe
Without readiness probe, traffic sent to pods before they are ready causes 500 errors during deploys and pod recreation. Readiness probes make rolling deploys safe.
⚠Running as root in production
Pods should run as non-root with readOnlyRootFilesystem. Set securityContext.runAsNonRoot: true. Many images have pre-defined non-root users (node, nobody).
⚠Secrets in ConfigMaps
ConfigMaps are not encrypted at rest by default. Secrets ARE. Use Secret for passwords, API keys, tokens. Use ConfigMap for non-sensitive config.
⚠Missing labels
Without labels, you cannot query resources (kubectl get pods -l app=myapp). Use standard labels: app.kubernetes.io/name, version, component. Makes operations much easier.
⚠CrashLoopBackOff mystery
Common cause: missing environment variable, wrong image tag, port mismatch. Check: kubectl describe pod, kubectl logs. Always check the actual error message rather than guess.
Kubernetes YAML Generator — comparisons and alternatives
Kubernetes vs Docker Compose: Compose for single-host or dev. K8s for multi-host production, auto-scaling, self-healing. Migrate from Compose to K8s when scale or reliability requirements grow.
K8s vs Docker Swarm: Both orchestrate containers. K8s is industry standard with massive ecosystem. Swarm is simpler but declining in adoption. New projects: K8s.
Plain YAML vs Helm: Plain YAML for simple apps. Helm (charts) for templating and versioning. Helm is essential for deploying third-party software (Prometheus, Postgres operators). For your own apps, Kustomize or plain YAML often sufficient.
Plain YAML vs Kustomize: Kustomize is built into kubectl (kubectl apply -k). Base + overlay pattern for environments. Simpler than Helm for your own apps.
Manual manifests vs operators: Operators (Postgres Operator, Elastic Operator) wrap complex apps. User creates a custom resource (simpler than full manifests). Operator generates underlying manifests. Great for databases and infrastructure.
kubectl vs GitOps (ArgoCD/Flux): kubectl apply for ad-hoc. GitOps (ArgoCD, Flux) sync cluster state from Git repo automatically. More reliable for teams; essential for production.
Imperative vs Declarative: kubectl create (imperative) — one-shot commands. kubectl apply (declarative) — reconcile to desired state. Always use declarative for production. Imperative for exploration.
Frequently asked questions about the Kubernetes YAML Generator
▶What is a Kubernetes manifest?
A manifest is a YAML (or JSON) file describing a Kubernetes resource — Deployment, Service, Pod, etc. Contains apiVersion, kind, metadata (name, labels), and spec (desired state). You apply manifests with kubectl apply -f manifest.yaml. The control plane reconciles actual state to match.
▶When to use Deployment vs StatefulSet vs DaemonSet?
Deployment — stateless apps (web, API). Pods are interchangeable. Rolling updates. StatefulSet — stateful apps (databases). Pods have stable identities. Persistent storage. DaemonSet — one pod per node (log collectors, monitoring agents, network plugins).
▶What is the difference between Service types?
ClusterIP — internal-only (within cluster). Default. NodePort — exposed on every node IP at specified port. LoadBalancer — cloud provider creates external LB (requires cloud integration). ExternalName — DNS redirect to external name.
▶What is an Ingress?
Ingress is HTTP/HTTPS routing. Routes external traffic to internal Services based on hostname and path. Requires an Ingress Controller (nginx-ingress, Traefik, AWS ALB) to actually do the routing. Typical: 1 Ingress per app, many apps share one Ingress Controller.
▶Why use resource limits?
Requests = guaranteed resources (CPU, memory). K8s schedules pods to nodes with enough requests free. Limits = maximum usage. Pods exceeding CPU limit are throttled; exceeding memory limit are killed (OOMKilled). Without these, pods can hog or starve.
▶What are liveness and readiness probes?
Liveness — when to restart a pod. Probe fails = kubelet restarts container. Use for detecting hung processes. Readiness — when to serve traffic. Probe fails = removed from Service endpoints. Use for ensuring app is ready to handle requests. Both are HTTP, TCP, or exec probes.
▶How do I store configuration?
ConfigMap for non-sensitive config (log level, API URLs, feature flags). Secret for passwords, keys, tokens (base64-encoded, can be encrypted at rest with KMS). Mount as env vars or files in pods.
▶Can I auto-scale pods?
Yes, with HorizontalPodAutoscaler (HPA). Scales Deployments/StatefulSets based on metrics (CPU, memory, custom). Example: scale between 3 and 10 pods based on CPU usage > 70%. Requires metrics-server installed.
▶What is a namespace?
A namespace isolates resources in a cluster. Resources in different namespaces can have the same name. Common namespaces: default (your app by default), kube-system (K8s internals), monitoring (Prometheus), ingress-nginx. Use namespaces for isolation and access control.
▶How do I deploy to different environments?
Options: Kustomize (built into kubectl, base + overlays for environments), Helm (templating with values per environment), GitOps (separate branches or repos for environments, synced by ArgoCD/Flux). Start with Kustomize for simple cases.
Additional resources
- Kubernetes Documentation — Official Kubernetes documentation.
- Kubernetes API Reference — Complete API documentation for all resources.
- kubectl Cheat Sheet — Common kubectl commands.
- Kubernetes for Beginners (Tooleras blog) — Our Kubernetes intro tutorial.
- Helm — Package manager for Kubernetes.
Related tools
All Developer UtilitiesChmod Calculator
Calculate Unix file permissions — convert between symbolic and octal notation
Cron Expression Generator
Build and understand cron expressions — visual editor, plain English explanation
Docker Compose Generator
Generate docker-compose.yml for multi-container apps — databases, caches, services
Dockerfile Generator
Generate production Dockerfiles for any stack — multi-stage, optimized, secure
.env File Validator
Validate .env files for syntax errors, missing required variables, secret leaks, and compare against .env.example templates.
.gitignore Generator
Create .gitignore files for 100+ languages, OS, IDEs — combinable templates
Learn more
Explore more tools
200+ free tools that run in your browser.
Browse all tools →