DevOps & Infrastructure Skill
Bonded to: devops-infrastructure-agent
Quick Start
# Invoke devops skill
"Containerize my Python application with Docker"
"Set up a CI/CD pipeline with GitHub Actions"
"Deploy my app to Kubernetes"
Instructions
- Containerize: Create optimized Docker images
- Orchestrate: Configure Kubernetes or Docker Swarm
- Automate: Set up CI/CD pipelines
- Provision: Deploy infrastructure with Terraform
- Monitor: Configure observability stack
Docker Best Practices
Optimized Dockerfile
# Multi-stage build for smaller images
FROM python:3.12-slim AS builder
WORKDIR /app
COPY requirements.txt .
RUN pip install --user --no-cache-dir -r requirements.txt
FROM python:3.12-slim
RUN useradd --create-home appuser
USER appuser
WORKDIR /app
COPY --from=builder /root/.local /home/appuser/.local
ENV PATH=/home/appuser/.local/bin:$PATH
COPY --chown=appuser:appuser . .
HEALTHCHECK --interval=30s --timeout=3s \
CMD curl -f http://localhost:8000/health || exit 1
EXPOSE 8000
CMD ["uvicorn", "main:app", "--host", "0.0.0.0", "--port", "8000"]
Image Checklist
Kubernetes Essentials
Deployment
apiVersion: apps/v1
kind: Deployment
metadata:
name: api-server
spec:
replicas: 3
selector:
matchLabels:
app: api-server
template:
metadata:
labels:
app: api-server
spec:
containers:
- name: api-server
image: myapp:v1.0.0
ports:
- containerPort: 8000
resources:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "256Mi"
cpu: "500m"
livenessProbe:
httpGet:
path: /health
port: 8000
readinessProbe:
httpGet:
path: /ready
port: 8000
CI/CD Pipeline (GitHub Actions)
name: CI/CD
on:
push:
branches: [main]
pull_request:
branches: [main]
jobs:
test:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@v5
with:
python-version: '3.12'
- run: pip install -r requirements.txt
- run: pytest --cov=app tests/
build:
needs: test
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: docker/build-push-action@v5
with:
push: true
tags: myregistry/myapp:${{ github.sha }}
deploy:
needs: build
if: github.ref == 'refs/heads/main'
runs-on: ubuntu-latest
steps:
- run: kubectl set image deployment/api-server api-server=myregistry/myapp:${{ github.sha }}
Decision Tree
Deployment need?
│
├─→ Simple app → Docker Compose
│
├─→ Production, scaling needed
│ ├─→ Cloud-native → Kubernetes
│ └─→ AWS only → ECS
│
└─→ Serverless → AWS Lambda / Cloud Functions
Troubleshooting
Common Issues
| Issue |
Cause |
Solution |
| Pod CrashLoopBackOff |
App crash |
Check logs: kubectl logs <pod> |
| ImagePullBackOff |
Registry auth |
Verify imagePullSecrets |
| OOMKilled |
Memory limit |
Increase limits or optimize |
| Pending pods |
No resources |
Scale cluster |
Debug Commands
# Pod status
kubectl get pods -o wide
# Pod logs
kubectl logs <pod> --previous
# Describe pod
kubectl describe pod <pod>
# Events
kubectl get events --sort-by='.lastTimestamp'
# Exec into pod
kubectl exec -it <pod> -- /bin/sh
Test Template
# tests/test_docker.py
import subprocess
class TestDockerBuild:
def test_dockerfile_builds_successfully(self):
result = subprocess.run(
["docker", "build", "-t", "test-image", "."],
capture_output=True, text=True
)
assert result.returncode == 0
def test_container_starts_and_healthy(self):
subprocess.run(["docker", "run", "-d", "--name", "test", "test-image"])
# Wait for health check
result = subprocess.run(
["docker", "inspect", "--format", "{{.State.Health.Status}}", "test"],
capture_output=True, text=True
)
assert "healthy" in result.stdout
Resources