OrbStack-optimized Skaffold workflows for local Kubernetes development without port-forward. Use when configuring Skaffold with OrbStack, accessing services via LoadBalancer or Ingress, or when the user mentions OrbStack, k8s.orb.local, service access, or eliminating port-forward.
/plugin marketplace add laurigates/claude-plugins/plugin install laurigates-container-plugin-container-plugin@laurigates/claude-pluginsThis skill inherits all available tools. When active, it can use any tool Claude has access to.
OrbStack provides superior local Kubernetes networking compared to other tools (minikube, kind, Docker Desktop). Services are accessible directly from macOS without port-forward.
| Feature | OrbStack | minikube/kind |
|---|---|---|
| LoadBalancer auto-provision | ✅ Yes | ❌ Needs MetalLB |
Wildcard DNS (*.k8s.orb.local) | ✅ Yes | ❌ No |
| cluster.local from host | ✅ Yes | ❌ No |
| Pod IP direct access | ✅ Yes | ❌ No |
| Auto HTTPS certificates | ✅ Yes | ❌ No |
Change service type from ClusterIP to LoadBalancer:
apiVersion: v1
kind: Service
metadata:
name: my-app
spec:
type: LoadBalancer # OrbStack auto-provisions external IP
ports:
- port: 80
targetPort: 8080
selector:
app: my-app
Access: curl http://my-app.default.svc.cluster.local from macOS
One-time setup - Install Ingress controller:
# Ingress-NGINX (recommended)
kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.8.1/deploy/static/provider/cloud/deploy.yaml
# OR Traefik
helm repo add traefik https://traefik.github.io/charts
helm install traefik traefik/traefik
Create Ingress for your service:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: my-app
spec:
ingressClassName: nginx
rules:
- host: my-app.k8s.orb.local
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: my-app
port:
number: 80
Access: http://my-app.k8s.orb.local (auto-resolves)
OrbStack exposes cluster DNS to macOS:
# Access any service directly
curl http://my-app.default.svc.cluster.local:8080
# Full DNS pattern
curl http://<service>.<namespace>.svc.cluster.local:<port>
apiVersion: skaffold/v4beta11
kind: Config
metadata:
name: my-app
build:
local:
push: false
useBuildkit: true
artifacts:
- image: my-app
docker:
dockerfile: Dockerfile
deploy:
kubeContext: orbstack
kubectl:
manifests:
- k8s/*.yaml
statusCheck: true
statusCheckDeadlineSeconds: 180
# Port-forward REMOVED - use LoadBalancer/Ingress instead
profiles:
- name: local-ingress
deploy:
kubeContext: orbstack
kubectl:
manifests:
- k8s/base/*.yaml
- k8s/ingress/*.yaml # Ingress resources
profiles:
- name: services-only
build:
artifacts: [] # Don't build frontend
deploy:
kubeContext: orbstack
kubectl:
manifests:
- k8s/namespace.yaml
- k8s/database/*.yaml
- k8s/api/*.yaml
Access backend at http://api.k8s.orb.local while running npm run dev locally.
# k8s/service.yaml
apiVersion: v1
kind: Service
metadata:
name: {{ .name }}
labels:
app: {{ .name }}
spec:
type: LoadBalancer
ports:
- name: http
port: 80
targetPort: {{ .containerPort | default 8080 }}
selector:
app: {{ .name }}
# k8s/ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: {{ .name }}
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /
spec:
ingressClassName: nginx
rules:
- host: {{ .name }}.k8s.orb.local
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: {{ .name }}
port:
number: 80
# skaffold.yaml with port-forward
portForward:
- resourceType: service
resourceName: api
port: 8080
localPort: 8080
address: 127.0.0.1
- resourceType: service
resourceName: frontend
port: 3000
localPort: 3000
address: 127.0.0.1
skaffold dev # Services at localhost:8080, localhost:3000
# k8s/services.yaml - Change service types
apiVersion: v1
kind: Service
metadata:
name: api
spec:
type: LoadBalancer # Changed from ClusterIP
ports:
- port: 8080
---
apiVersion: v1
kind: Service
metadata:
name: frontend
spec:
type: LoadBalancer # Changed from ClusterIP
ports:
- port: 3000
# skaffold.yaml - Remove portForward section entirely
deploy:
kubeContext: orbstack
kubectl:
manifests:
- k8s/*.yaml
# No portForward needed!
skaffold dev # Services at api.default.svc.cluster.local:8080
# frontend.default.svc.cluster.local:3000
# k8s/postgresql.yaml
apiVersion: v1
kind: Service
metadata:
name: postgresql
spec:
type: LoadBalancer # Access from local tools (DBeaver, pgAdmin)
ports:
- port: 5432
Connection string: postgres://user:pass@postgresql.default.svc.cluster.local:5432/db <!-- pragma: allowlist secret -->
# k8s/ingress.yaml - Single Ingress for all services
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: app-ingress
spec:
ingressClassName: nginx
rules:
- host: api.k8s.orb.local
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: api
port:
number: 8080
- host: web.k8s.orb.local
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: frontend
port:
number: 3000
- host: admin.k8s.orb.local
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: admin-panel
port:
number: 8000
OrbStack restricts services to localhost by default - safe on untrusted networks.
Settings → Kubernetes → "Expose services to local network devices"
Only enable when:
kubectl get svc<pending>)nslookup my-app.default.svc.cluster.localkubectl -n ingress-nginx get pods
kubectl -n ingress-nginx get svc
kubectl describe ingress my-app
# Test cluster DNS from macOS
nslookup my-service.default.svc.cluster.local
# If short names fail, use full domain
# ❌ my-service.default.svc
# ✅ my-service.default.svc.cluster.local
# Get pod IP
kubectl get pods -o wide
# Connect directly (OrbStack routes pod network to macOS)
curl http://10.42.0.15:8080
portForward from skaffold.yamlkubeContext: orbstack in deploy config.k8s.orb.local URLs# Start development (no --port-forward needed)
skaffold dev --kube-context=orbstack
# Run specific profile
skaffold dev -p services-only --kube-context=orbstack
# Check service accessibility
kubectl get svc -o wide
# Verify Ingress
kubectl get ingress
This skill should be used when the user asks to "create a slash command", "add a command", "write a custom command", "define command arguments", "use command frontmatter", "organize commands", "create command with file references", "interactive command", "use AskUserQuestion in command", or needs guidance on slash command structure, YAML frontmatter fields, dynamic arguments, bash execution in commands, user interaction patterns, or command development best practices for Claude Code.
This skill should be used when the user asks to "create an agent", "add an agent", "write a subagent", "agent frontmatter", "when to use description", "agent examples", "agent tools", "agent colors", "autonomous agent", or needs guidance on agent structure, system prompts, triggering conditions, or agent development best practices for Claude Code plugins.
This skill should be used when the user asks to "create a hook", "add a PreToolUse/PostToolUse/Stop hook", "validate tool use", "implement prompt-based hooks", "use ${CLAUDE_PLUGIN_ROOT}", "set up event-driven automation", "block dangerous commands", or mentions hook events (PreToolUse, PostToolUse, Stop, SubagentStop, SessionStart, SessionEnd, UserPromptSubmit, PreCompact, Notification). Provides comprehensive guidance for creating and implementing Claude Code plugin hooks with focus on advanced prompt-based hooks API.