- How We Can Help
- About Us
Configuring Kubernetes to be secure, efficient, and reliable is a complex, time-intensive effort. Fortunately, there are many open source Kubernetes tools that audit clusters and workloads and provide recommendations; but engineers often do not have the time to learn, install, run and operationalize these tools at scale.
Fairwinds Insights is an Open Source as a Service platform, integrating best-of-breed Kubernetes auditing tools that improve cluster security, workload reliability, and engineering productivity.
With Fairwinds Insights, we help:
VPEs and Directors of Engineering get high level visibility into the state of their Kubernetes infrastructure, including recommendations for security, efficiency, and reliability improvements.
CISOs and Security Managers understand any configuration and security risks with their Kubernetes and container infrastructure
DevOps Managers identify, prioritize, plan, and track potential configuration issues with Kubernetes
DevOps Engineers implement and use great open source auditing tools without having to spend cycles learning each one and building custom automation
Fairwinds Insights is in open beta, which is currently free and provides an extensive range of functionality. You can have up to two clusters per organization, and view historical data for up to seven days. If you’d like to add more clusters or longer data retention, contact to learn about our early adopter program.
Upon general availability, Fairwinds Insights beta users will transition to a free tier. You can read more about the beta program .
Fairwinds Insights provides a unified, multi-cluster view into three categories of Kubernetes configuration issues: security, efficiency, and reliability. This unified, multi-cluster view is available as SaaS during the open beta period, and as a self-hosted option upon general availability.
Fairwinds Insights also makes it easy to deploy multiple open-source tools through a single helm installation. This one-time install helps engineers avoid custom work for installing and configuring each tool.
Fairwinds Insights refers to the tools integrated with the software as ‘plugins’, and the helm chart as the ‘Fairwinds Insights Agent’.
Fairwinds Insights then aggregates findings from each plugin and publishes it into a multi-cluster view for easy consumption, prioritization, and issue tracking.
Currently, Fairwinds Insights operates as a SaaS platform. This means the Fairwinds Insight Agent (which is deployed as a helm chart) will report findings back to the SaaS platform hosted at insights.fairwinds.com.
A future “self-hosted” option is under roadmap consideration. Email us at email@example.com if you’d like to learn more about this roadmap.
Currently, the Agent installs , , , , and has experimental support for . You can enable or disable each of the tools when . If there are other open source tools you’d like to see integrated into Insights as a plugin, let us know at !
Security issues with Kubernetes deployments (e.g., deployments configured to run as root)
Cluster-level weaknesses (e.g., exposed pods, information disclosures, etc.)
Automated notification of Helm charts that are out of date
Efficiency and Reliability:
Recommended CPU and memory limits (for right-sizing your workloads)
Potential reliability issues with Kubernetes deployments (e.g., missing liveness and readiness probes)
The Fairwinds Insights Agent leverages helm to install open source plugins in a single deployment. The Fairwinds Insights Agent orchestrates the installation, configuration, update, and scan frequency of each plugin.
The Fairwinds Insights Agent is publicly available as a helm chart but requires a token to use. You can generate a token after creating an account at https://insights.fairwinds.com
You can learn more about the Fairwinds Insights Agent here: https://github.com/FairwindsOps/charts/tree/master/stable/insights-agent
Getting started with Insights is as easy as a helm install. Once you’ve added the Agent to your cluster, you’ll see the dashboard populate in about a minute.
The RBAC permissions granted to Insights depend on the set of plugins you choose to install.
Most plugins require read-only access (get , list)to common resources, like Deployments and Namespaces. The only plugin with create or delete permission is Goldilocks, which is able to create and delete VerticalPodAutoscaler objects.
You can review the permissions for each plugin in the . Permissions are listed under rbac.yaml in each plugin’s directory.
No. The Fairwinds Insights Agent, which runs in your cluster, only needs to be able to reach insights.fairwinds.com. Our servers never send requests to your cluster.
The Fairwinds Insights Agent runs every hour by default. However, the schedule for each report is configurable, and can be run as frequently as every minute.
For more information on configuring the Fairwinds Insights Agent, please see our GitHub page: https://github.com/FairwindsOps/charts/tree/master/stable/insights-agent
Fairwinds Insights stores the raw output of each of the auditing tools you’ve chosen to enable. This includes some high-level information about controller configuration (such as the existence of liveness and readiness probes or image pull policy), container performance (such as memory and CPU usage), and network vulnerabilities. The only identifiable information sent back is the names of containers, controllers, and namespaces.
Fairwinds Insights does NOT gather environment variables, secrets, config maps, or other sensitive information. Email us at if you’d like samples of each report type.
Fairwinds Insights currently supports the following open-source reporting tools. Each tool is represented as a ‘plugin’:
Great question! All of the open source tools used in Fairwinds Insights can be setup and run on their own using instructions from their respective GitHub reps.
However, if you’re looking to operationalize these tools on a regular basis, and provide visibility across multiple clusters you may be managing, then Fairwinds Insights may help you avoid the work of scripting, aggregating, normalizing, and prioritizing findings. Fairwinds Insights also provides lifecycle management of every finding, so you can track when it was first seen, last seen, when it was last reviewed, and who is assigned to take action.