The team at Fairwinds has managed hundreds of clusters for dozens of organizations, which gives us unique insight into the problems most organizations encounter in their Kubernetes environments. We see the same issues over and over again, most of them centering around security, efficiency, and reliability. We wanted to give our clients a way to identify and remediate those issues, so we built Polaris.
Polaris is an open source tool that we continue to use to help us manage hundreds of production workloads for our customers. It runs a variety of checks to ensure that you’ve configured Kubernetes pods and controllers using Kubernetes best practices, helping you avoid workload configuration problems.
But for many organizations, Polaris doesn't meet all of their needs. In order to better serve our users, we built Fairwinds Insights for organizations that need to:
The Fairwinds Insights platform bridges the gap between dev, sec, and ops by providing consistency across teams and clusters for identifying and remediating Kubernetes security risk.
Polaris does one thing very well: configuration validation. It runs over twenty checks that help users discover Kubernetes misconfigurations. This makes for a great open source project, and Polaris can help you avoid configuration problems and ensure that your organization is following Kubernetes best practices.
Insights, on the other hand, is a platform that provides many more capabilities. Any open source tool can link into Insights, making it simple to normalize the data and get it all in one place, improving your visibility into your Kubernetes deployment by pulling data from multiple sources together into a single view.
Insights offers many more benefits than Polaris; it’s built using multiple open source tools, providing many capabilities to users, including the ability to:
Fairwinds Insights can apply the benefits of Polaris and these other excellent tools across multiple clusters and collaborating teams in a way that is consistent across your entire organization.
Polaris provides point-in-time snapshots, which is a good way to get a quick sense of how you're doing.
However, the Polaris open source project doesn’t include a database, so changes in these snapshots aren't tracked. Insights tracks changes over time, so you can see the entire lifecycle of a finding. For example, if you fixed an issue and then it appears again, you could see when it recurred and more easily uncover how that happened. You can also see how your overall Polaris health score is going up or down.
Insights also makes it easy to see when you introduce new changes and how they impact your Kubernetes environment.
Polaris works very well on a single cluster, helping you configure Kubernetes pods and controllers using Kubernetes best practices, but what if you want to run it on every cluster in a large fleet? You'd need to have dozens of dashboard running to get visibility into all your cluster configurations.
While we only architected Polaris to provide a snapshot of single clusters, Insights is designed for multi-cluster deployments. Insights makes it easy to install Polaris and other tools across your entire fleet, putting all your findings behind a single pane of glass. This helps you to prioritize or de-prioritize findings based on which cluster they're in, so if you see an issue in a production cluster, you know resolving that quickly is more important than addressing the configuration issue uncovered in the dev cluster. This saves time and helps your focus on the most important issues.
Polaris presents its findings via a dashboard or via a command line interface (CLI):
This method works fine, but often you want to send those findings to external platforms to increase visibility and make sure engineers are getting notified.
When Fairwinds Insights finds issues, it can auto-create GitHub and Jira tickets or send Slack messages to your team. Insights also makes it easier to see trends in Datadog, aggregating findings from each plugin and presenting them in highly customizable views.
Polaris is great at what it does. It helps you validate your configurations and makes it easy for you to create custom policies for validation. We continue to make updates to Polaris and we encourage participation in our open source user group to help us determine the direction of the project.
Fairwinds Insights is a platform that provides visibility across multiple clusters, and because it incorporates multiple open source projects, it delivers a larger amount of useful and actionable information for the overall security and compliance of your Kubernetes environment. Our integrations in the Insights platform make it easy to view your Polaris results alongside other auditing tools, track changes over time, and push the data out to other locations, helping you to bridge the gap between development, security, and operations teams.
Both Polaris and Insights can help you identify and remediate issues with security, efficiency, and reliability in Kubernetes. Organizations that are early in their Kubernetes journey will likely want to start with Polaris, but once you’re operating multiple clusters across multiple teams, Fairwinds Insights can help provide consistency and governance to minimize risk and keep your clusters sailing smoothly.