{"id":"v5cn-kube-apiserver","name":"kube-apiserver","af_score":54.5,"security_score":78.8,"reliability_score":58.8,"what_it_does":"kube-apiserver is the Kubernetes API server process. It exposes Kubernetes REST APIs used to authenticate/authorize clients, validate requests, and persist/retrieve cluster state via etcd, while orchestrating core Kubernetes APIs (e.g., resources, watches, admission control, and federation/aggregation).","best_when":"You run or manage a Kubernetes cluster and need the standard Kubernetes API endpoint available to trusted clients and controllers.","avoid_when":"You cannot operate secure control-plane components or cannot meet Kubernetes operational requirements (HA, certificates, RBAC, network policies).","last_evaluated":"2026-04-04T21:27:46.046158+00:00","has_mcp":false,"has_api":true,"auth_methods":["Client certificate (mTLS) via kubeconfig","Bearer tokens (e.g., service account tokens, static tokens)","Webhook token authentication (delegated)","Static token authentication (depending on config)"],"has_free_tier":false,"known_gotchas":["Long-running operations may be asynchronous (watch-based workflows, status subresources)","Strong consistency expectations vary by resource and operation; retries can cause additional side effects if not conditioned","Admission webhooks and validations can reject requests; agents should surface returned status/details","RBAC/authorization failures can look similar to validation errors—ensure proper authn/authz context in retries"],"error_quality":0.0}