Kubernetes is increasingly becoming mainstream, the industry standard for next-generation workloads and digital transformation. In 2022, a Cloud Native Computing Foundation report showed 96% of respondents were using or evaluating Kubernetes, while 79% were using managed services, such as Amazon Elastic Kubernetes Service (Amazon EKS), Azure Kubernetes Service (AKS), and Google Kubernetes Engine (GKE). That growth hasn’t slowed down in 2023, not least because Kubernetes is a powerful platform for deploying software. According to The State of Kubernetes 2023, 90% of respondents “agree that cloud native technology, including Kubernetes, is transforming the way their business operates.” As adoption grows, it’s important to align with best practices for configuring Kubernetes workflows, otherwise it’s far too easy to introduce problems related to security, efficiency, and reliability. Fairwinds created the open source Polaris project for open source configuration validation to help define and enforce these best practices.
Polaris checks for issues related to CPU and memory settings, liveness and readiness probes, security issues (such as containers running as root), and many more. Polaris can run in three different modes:
As a dashboard, showing you what resources in your cluster need attention
As an Admission Controller, blocking problematic resources from entering the cluster
In CI/CD, assessing infrastructure-as-code before it gets checked in
Adding Polaris into your workflow can help you ensure you're following best practices as you deploy into Kubernetes. And now, Polaris also provides the ability to upload your Polaris results to Fairwinds Insights. Uploading to Fairwinds Insights offers additional capabilities, such as ticketing integrations, an integration with Slack, and the ability to add teammates to get the most out of your Polaris findings.
Watch this video to walk through how to upload your Polaris results to Insights:
If you’re already using Polaris, you can start by running the Polaris audit command to see what's going on inside of the Kubernetes cluster you’re attached to. In my video, you can see that there are several findings, such as privilege escalation allowed, pull policy not set to always, and so on.
To upload your Polaris results to Fairwinds Insights, simply add the --upload-insights flag, and pick a name for your cluster. Polaris will then prompt you to sign up for a free account with Fairwinds Insights.
Now, create a new organization in Insights.
You will receive a message that your integration is successful. If you go back to the command line, you will see a success message, as well as a link back to the application. Click that link to see your results populated in Fairwinds Insights!
These are all the results that Polaris gave you in the original audit, but they're now in this nice, easy to navigate user interface. You can now see details on every single check. For example, in the video walkthrough, you can see a liveness probe that hasn't been configured. Insights provides helpful code blocks to show you exactly what you need to do to resolve this Action Item.
You can also simply resolve it if you know it is working as intended or you don’t plan to fix it for another reason.
Check out another result. Let’s look at the Action Item that indicates “Pod should be configured with a valid topology spread constraint.”
In Insights, you can create a ticket inside of Jira or GitHub to follow up on the Action Item, selecting a project and creating a ticket. You can also add additional fields and values to your tickets from Insights. You’ll simply need to set up your integrations in Insights, which are available for Slack, GitHub, Jira, Azure DevOps, and PagerDuty. You can reach out to any of these platforms from Insights and send your findings there.
In Fairwinds Insights, you can also snooze an Action Item if you don't want to deal with it yet (not everything is a top priority, and Insights helps you plan so you can address the most critical issues first). You can also assign the Action Item to yourself or to one of your teammates.
It’s simple to invite other people to this Insights account, so they can see the results as well. This is incredibly helpful for collaborating with teammates to get these issues fixed rather than just being able to see them.
We are excited to share the new Polaris upload to Insights functionality, which enables you to take the results of any Polaris scan and send them to Fairwinds Insights for free. It’s easy to share your results with your teammates and act on them. And while Polaris is a powerful tool, Insights includes a lot more functionality. All of it is available in the free tier, including the ability to view the cost of each of your workloads, enforce custom policies in an admission controller or as part of a CI CD process, as well as compliance and vulnerability reports.
If you want to try this out, get Polaris at https://github.com/FairwindsOps/polaris or check out Fairwinds Insights to learn more or sign up for the free tier.