orchestrator Introduced in L7

Kubernetes

The container orchestrator. Powerful, complex, the de facto standard for running containers at scale.

Mindmap

hover · click to navigate
this tech depends on / used by alternative Shipyard anchor
What it is

The plain-English version

Kubernetes (k8s) is an orchestrator for containers across a cluster of machines. You declare what you want ("3 replicas of this image, exposed on port 80, autoscaling between 3 and 20") and Kubernetes makes it true and keeps it true — replacing failed instances, rolling out new versions, balancing load, all the operational work.

Why it exists

The problem it solves

Kubernetes is the right answer when you have containers across many machines, complex traffic management, and operational requirements that out-strip what platforms like Vercel or Cloudflare can do. It's the wrong answer for everyone else — the complexity tax is real.

What it competes with

Alternatives

AlternativeTypeWhen it wins
Dockercontainer runtimeThe container runtime that defined modern packaging. Build once, run anywhere — for real.
Where it shows up in Shipyard

Deep links

Vocabulary

The words you'll hear

Pod
Smallest unit. One or more containers that share network and storage.
Deployment
Declares N replicas of a pod template. Handles rollouts.
Service
Stable network endpoint for a set of pods.
Ingress
External traffic entry. TLS, hostnames, path routing.
Namespace
Logical division of the cluster (dev/staging/prod or by team).
ConfigMap / Secret
Configuration / secrets injected into pods.
Helm
Package manager. Charts are parameterized YAML bundles.
kubectl
The CLI. kubectl get pods, kubectl logs, kubectl apply -f.
Prompting

Bad vs. good prompt for Kubernetes

✕ Bad prompt
set up kubernetes for me
✓ Good prompt
Write the Kubernetes manifests for Tasklane: a Deployment (3 replicas of our image, resource requests/limits, liveness + readiness probes), a Service (ClusterIP), and an Ingress with TLS for tasklane.example. Use a separate namespace 'tasklane'. Mount DATABASE_URL from a Secret. Show all four files.

Why it works: Specifies the four manifests every real app needs, asks for both probes (different jobs!), names the namespace, and points to the secret pattern. The result is a reviewable kit, not random YAML.

Pitfalls

What bites real teams

⚠ Reaching for k8s too early

k8s is genuinely powerful and genuinely complex. Most apps don't need it. Cloudflare/Vercel/Render are kinder until you outgrow them.

⚠ Resource requests = 0

Without resource requests, the scheduler can't pack pods well, and one pod can starve others. Always set requests.

⚠ Liveness probe = readiness probe

Liveness restarts the pod; readiness pulls it from rotation. Setting them the same can cause restart cascades. They're different jobs.

References

Official docs only