Using Kubectl Create for Manifest Generation: Practical Guidance

kubectl create can generate valid manifests for learning and simple use cases but lacks scalability for complex production needs.

JR

2 minute read

kubectl create can generate valid manifests for learning and simple use cases but lacks scalability for complex production needs.

Workflow for Generating Manifests with kubectl create

  1. Dry-run resource creation: Use kubectl create [resource-type] [options] --dry-run=client -o yaml to generate manifests without applying them.
    Example: 
    kubectl create deployment pihole --image=pihole/pihole --dry-run=client -o yaml > pihole-deployment.yaml
  2. Output to file: Redirect stdout to a file for reuse: 
    kubectl create service clusterip --name=homer --port=8080 --target-port=8080 --dry-run=client -o yaml > homer-service.yaml
  3. Validate and adjust: Inspect generated YAML for accuracy, adding labels, selectors, or annotations as needed.
  4. Apply manifests: Use kubectl apply -f manifest.yaml to deploy.

Policy Example: When to Use kubectl create

  • Allowed for:
    • Development/testing environments.
    • Simple resources (Services, Deployments, ConfigMaps).
    • Quick prototyping or certification exam prep (e.g., CKA).
  • Prohibited for:
    • Production clusters requiring version control, templating (Helm), or environment-specific overrides (Kustomize).
    • Resources needing complex configurations (e.g., StatefulSets with volume claims).

Tooling Complements

  • Krew: Extend kubectl with plugins like k9s for interactive management or kubectx for context switching.
  • kubectl explain: Validate generated manifest fields: 
    kubectl explain deployment.spec.template.spec.containers
  • Helm/Kustomize: Use for templating and managing multi-resource stacks (e.g., OwnCloud with persistent volumes and secrets).

Tradeoffs and Caveats

  • Pros:
    • Fast, built-in, no dependencies.
    • Ensures API compatibility (generates valid YAML for current cluster version).
  • Cons:
    • No version control or drift detection.
    • Minimal customization (e.g., can’t easily parameterize image tags).
    • Risk of overwriting existing resources if not carefully reviewed.

Troubleshooting Common Issues

  • Error: “Invalid option –dry-run”:
    Ensure you’re using --dry-run=client (not just --dry-run).
  • Manifest fails to apply:
    Check for missing fields (e.g., selector in Services) or invalid API versions (e.g., apps/v1 vs extensions).
  • Permissions denied:
    Run with sufficient context (e.g., kubectl config use-context dev-cluster).
  • Generated YAML includes unwanted defaults:
    Use --set or manually edit fields (e.g., resources.requests.memory in deployments).

For apps like Mealie or Immich, combine kubectl create with manual edits for DB secrets, ingress definitions, or resource limits. Reserve this method for bootstrapping, not long-term maintenance.

Source thread: Is kubectl create a valid way to auto generate valid manifests?

comments powered by Disqus