Kubernetes Deployment Best Practices Checklist

Q: Kubernetes Deployment Best Practices Checklist

## The Complete Deployment Checklist A well-configured Kubernetes Deployment follows many best practices. Here is a reference manifest that passes all validator checks. ### Reference Manifest yaml apiVersion: apps/v1 kind: Deployment metadata: name: production-app labels: app.kubernetes.io/name: myapp app.kubernetes.io/version: "3.1.0" app.kubernetes.io/component: server app.kubernetes.io/managed-by: kubectl spec: replicas: 3 selector: matchLabels: app.kubern

A comprehensive checklist for Kubernetes Deployment manifests. Covers resource limits, probes, security context, image tagging, labels, and replica configuration.

Best Practices

Detailed Explanation

The Complete Deployment Checklist

A well-configured Kubernetes Deployment follows many best practices. Here is a reference manifest that passes all validator checks.

Reference Manifest

apiVersion: apps/v1
kind: Deployment
metadata:
  name: production-app
  labels:
    app.kubernetes.io/name: myapp
    app.kubernetes.io/version: "3.1.0"
    app.kubernetes.io/component: server
    app.kubernetes.io/managed-by: kubectl
spec:
  replicas: 3
  selector:
    matchLabels:
      app.kubernetes.io/name: myapp
  strategy:
    type: RollingUpdate
    rollingUpdate:
      maxSurge: 1
      maxUnavailable: 0
  template:
    metadata:
      labels:
        app.kubernetes.io/name: myapp
        app.kubernetes.io/version: "3.1.0"
    spec:
      securityContext:
        runAsNonRoot: true
        runAsUser: 1000
        fsGroup: 2000
      containers:
        - name: app
          image: myregistry.io/myapp:3.1.0
          ports:
            - containerPort: 8080
              name: http
          resources:
            requests:
              cpu: 200m
              memory: 256Mi
            limits:
              cpu: 1000m
              memory: 512Mi
          livenessProbe:
            httpGet:
              path: /healthz
              port: http
            initialDelaySeconds: 15
            periodSeconds: 10
          readinessProbe:
            httpGet:
              path: /ready
              port: http
            initialDelaySeconds: 5
            periodSeconds: 5
          securityContext:
            allowPrivilegeEscalation: false
            readOnlyRootFilesystem: true

Checklist

Check	Status	Notes
Stable API version	apps/v1	Not deprecated
metadata.name	present	DNS-compatible name
metadata.labels	present	Kubernetes recommended labels
Pinned image tag	3.1.0	Not :latest
Resource requests	set	For scheduling
Resource limits	set	For protection
Liveness probe	set	Auto-restart on failure
Readiness probe	set	Traffic management
runAsNonRoot	true	Security best practice
Replicas > 1	3	High availability
Rolling update strategy	configured	Zero-downtime deploys

Labels Convention

Kubernetes recommends these standard labels:

app.kubernetes.io/name: Application name
app.kubernetes.io/version: Application version
app.kubernetes.io/component: Component within the architecture
app.kubernetes.io/managed-by: Tool managing the resource

Use Case

Using as a reference when creating new Deployment manifests or auditing existing ones. Serves as a team standard for Kubernetes configuration quality.

Try It — K8s Manifest Validator

Open full tool →