Kustomize Cheat Sheet 2026: Kubernetes Overlays

A quick reference for Kustomize — template-free Kubernetes configuration. Bookmark this page.

Basic Commands

# Build (render final YAML)
kustomize build .
kustomize build overlays/production

# Apply directly
kubectl apply -k .
kubectl apply -k overlays/production

# Preview diff
kubectl diff -k overlays/production

# Delete
kubectl delete -k .

Kustomization File Structure

# kustomization.yaml
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization

resources:
  - deployment.yaml
  - service.yaml
  - ingress.yaml

namespace: my-app

commonLabels:
  app: my-app
  team: backend

commonAnnotations:
  owner: backend-team

namePrefix: prod-
nameSuffix: -v2

images:
  - name: nginx
    newName: my-registry.com/nginx
    newTag: "1.25"

Patches

# Strategic merge patch (partial overlay)
patches:
  - path: increase-replicas.yaml
    target:
      kind: Deployment
      name: my-app

# JSON patch
patches:
  - target:
      kind: Deployment
      name: my-app
    patch: |-
      - op: replace
        path: /spec/replicas
        value: 5

# Inline patch
patches:
  - patch: |-
      apiVersion: apps/v1
      kind: Deployment
      metadata:
        name: my-app
      spec:
        replicas: 5

Overlay Pattern

├── base/
│   ├── kustomization.yaml
│   ├── deployment.yaml
│   └── service.yaml
├── overlays/
│   ├── development/
│   │   └── kustomization.yaml
│   ├── staging/
│   │   └── kustomization.yaml
│   └── production/
│       ├── kustomization.yaml
│       └── increase-replicas.yaml

# overlays/production/kustomization.yaml
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization

resources:
  - ../../base

namespace: production

patches:
  - path: increase-replicas.yaml

images:
  - name: my-app
    newTag: "v2.1.0"

ConfigMap and Secret Generators

configMapGenerator:
  - name: app-config
    literals:
      - DATABASE_HOST=postgres.production.svc
      - LOG_LEVEL=info
    files:
      - config.properties

secretGenerator:
  - name: app-secrets
    literals:
      - DB_PASSWORD=supersecret
    type: Opaque

generatorOptions:
  disableNameSuffixHash: true

Components (Reusable Mixins)

# components/monitoring/kustomization.yaml
apiVersion: kustomize.config.k8s.io/v1alpha1
kind: Component

resources:
  - servicemonitor.yaml

patches:
  - patch: |-
      apiVersion: apps/v1
      kind: Deployment
      metadata:
        name: my-app
      spec:
        template:
          metadata:
            annotations:
              prometheus.io/scrape: "true"
              prometheus.io/port: "8080"

# Use in overlay
components:
  - ../../components/monitoring

Tips and Tricks

• Use kubectl kustomize . as an alias for kustomize build .
• Use --enable-helm flag to render Helm charts within Kustomize
• Use components for cross-cutting concerns (monitoring, security)
• Use replacements (not vars) for field cross-references in newer versions
• Combine with ArgoCD for GitOps: point ArgoCD at your overlay directory

Related Resources

• Helm Cheat Sheet
• ArgoCD Cheat Sheet
• YAML Cheat Sheet