DevBolt
Processed in your browser. Your data never leaves your device.

How do I validate Kubernetes YAML online?

Paste your Kubernetes manifest and click Validate to check for missing required fields, invalid resource types, label/selector mismatches, security issues, and best practices like resource limits and health probes. Supports 20+ resource types and multi-document YAML. Everything runs in your browser.

Validate Deployment YAML
Input
apiVersion: apps/v1
kind: Deployment
metadata:
  name: web-app
spec:
  replicas: 3
  selector:
    matchLabels:
      app: web
  template:
    metadata:
      labels:
        app: web
    spec:
      containers:
      - name: web
        image: nginx:1.25
Output
✓ Valid Deployment
API: apps/v1
Replicas: 3
Containers: 1 (web)
Image: nginx:1.25
← Back to tools

Kubernetes YAML Validator

Validate Kubernetes manifests for required fields, structural errors, security best practices, and common misconfigurations. Supports multi-document YAML.

About Kubernetes YAML Validation

Kubernetes manifests are YAML files that describe the desired state of your cluster resources — Deployments, Services, ConfigMaps, and more.

What we check:

  • Required fields — apiVersion, kind, metadata.name
  • Workload validation — Deployments, StatefulSets, DaemonSets, Jobs, CronJobs
  • Selector/label matching — ensures selectors match template labels
  • Container checks — image tags, resource requests/limits, health probes
  • Security — privileged mode, privilege escalation, running as root, securityContext
  • Service validation — ports, selectors, NodePort ranges, service types
  • Ingress — TLS configuration, rules, backend references
  • CronJob schedule validation and Secret type checks
  • Multi-document YAML support (separated by ---)

Everything runs in your browser — no data is sent over the network.

Tips & Best Practices

Pro Tip

Always set resource requests and limits

Without resource limits, a single pod can consume all CPU/memory on a node, killing other workloads. Set requests (guaranteed minimum) and limits (hard ceiling) for every container: resources: { requests: { cpu: 100m, memory: 128Mi }, limits: { cpu: 500m, memory: 512Mi } }.

Common Pitfall

Missing liveness probes cause zombie pods

Without a livenessProbe, Kubernetes doesn't know if your app is deadlocked. The pod stays 'Running' while serving zero requests. Add an HTTP or TCP liveness probe that checks actual application health, not just that the process is alive. Set initialDelaySeconds high enough for startup.

Real-World Example

Use readinessProbe to prevent traffic to unhealthy pods

During deployment, new pods receive traffic immediately even if they're still loading config or warming caches. A readinessProbe tells the Service to wait until the pod is ready. This prevents 502/503 errors during rollouts. Use a /healthz endpoint that checks dependencies (DB, cache).

Security Note

Run pods as non-root with read-only filesystem

Set securityContext: { runAsNonRoot: true, readOnlyRootFilesystem: true, allowPrivilegeEscalation: false }. This limits the blast radius of container escapes. Use emptyDir volumes for any paths that need write access (tmp, logs). Most app containers don't need to write to the root filesystem.

Frequently Asked Questions

How do I validate a Kubernetes YAML manifest online?
Paste your Kubernetes YAML into the input panel and the validator instantly checks for syntax errors, missing required fields, and best practice violations. It supports over 20 resource types including Deployment, Service, ConfigMap, Secret, Ingress, StatefulSet, DaemonSet, Job, CronJob, and PersistentVolumeClaim. The validator checks apiVersion, kind, metadata, spec structure, label selectors, container image formats, and port definitions. Results are categorized by severity. Everything runs client-side so your manifests stay private.
What are the most common Kubernetes YAML errors?
Frequent errors include indentation mistakes (YAML uses spaces not tabs), mismatched label selectors between Deployments and Services, missing required fields like apiVersion or metadata.name, incorrect apiVersion for a resource type, invalid container port numbers, and duplicate keys. Security issues include running containers as root, missing securityContext, and not setting readOnlyRootFilesystem. The validator flags all of these with line numbers and fix suggestions.
How do I check Kubernetes best practices in my manifests?
DevBolt's validator checks manifests against production best practices beyond basic syntax. It verifies resource requests and limits for CPU and memory, checks for readiness and liveness probes essential for rolling deployments, flags containers running as root or in privileged mode, validates that image tags avoid latest for reproducibility, and checks Pod disruption budgets for high availability. These checks catch deployment issues before they reach your cluster.

Related Inspect Tools

URL

URL Parser

Parse URLs into protocol, host, path, and query params

+-

Diff Checker

Compare two texts and see differences highlighted

CRN

Cron Expression Parser

Parse cron schedules into plain English with next run times

W#

Word & Character Counter

Count words, characters, sentences, and estimate reading time