Boston, MA – Fairwinds, the leading provider of Kubernetes governance software, today announced it has added automated remediation to Polaris, the leading Kubernetes configuration validation open source project. This new feature, called mutations, allows users to modify YAML files or Kubernetes objects to get them to comply with best practices. Mutations can be run on Infrastructure-as-Code files, so the changes can be checked into a repository, or be run as a mutating webhook, modifying resources as they enter a Kubernetes cluster.
“For quite some time, Polaris has allowed Kubernetes users to audit their clusters and infrastructure-as-code for best practices. But fixing the issues that Polaris finds can be tedious and creates a steady stream of manual work for DevOps teams,” said Robert Brennan, vice president of product development at Fairwinds. “The automated remediation feature we have built into Polaris speeds this process by specifying precisely what needs to be done to a piece of code to get it to conform to best practices.”
A mutating admission controller can be used for a number of practical use cases, including:
Guaranteeing best practices – Polaris has been able to alert engineers making a pull request when they have not set the correct image pull policy. Now, a mutating admission controller can guarantee the desired image pull policy, even if the change is not made;
Applying labels for cost allocation – labels are how cost allocation solutions like Fairwinds Insights report the cost of workloads. A mutating admission controller can ensure the right label is applied, ensuring a better understanding of Kubernetes costs;
Mitigating security threats – Polaris already reports on workloads that are over-permissioned or running with insecure configurations. A mutation policy can be created to automatically set workloads to run as a non-root user, which helps mitigate vulnerabilities such as CVE-2021-25741.
Polaris has more than 75,000 users spanning all industries. Users interested in managing Polaris across a fleet of clusters, collaborating across teams, or tracking findings over time, can look to Fairwinds Insights, the company’s complete Kubernetes governance platform.
Polaris users are invited to join the Fairwinds OSS User Group.
Resources