Evaluation of more than 100,000 workloads shows that Kubernetes misconfiguration is rampant; causes risk, wasted resources and downtime
BOSTON, MA – Fairwinds, the leading provider of Kubernetes governance and security software, today announced the Kubernetes Configuration Benchmark Report 2021. The report was created based on results from more than 100,000 workloads and hundreds of organizations using the Fairwinds Insights platform. Divided into three sections – reliability, security and efficiency – the Kubernetes Configuration Benchmark Report 2021 was designed to help organizations better understand how their container configurations compare to their peers in the cloud native landscape.
Proper Kubernetes configuration is critical to successful cloud native adoption. Without it, practitioners have no way to improve the reliability, security and efficiency of their applications. As the organization grows, DevOps teams, along with platform and security leaders, require visibility into what is happening in each cluster.
“Despite its dominance as the de facto container orchestration platform, Kubernetes is still new technology and configuration errors happen regularly. You can’t improve application reliability, security or efficiency without configuring Kubernetes clusters correctly, and we wanted to give organizations something to measure against so they could improve over time,” said Bill Ledingham, CEO of Fairwinds. “The most important takeaway from the Benchmark Report is that misconfiguration is quite common and can have an adverse impact to cloud native success. Organizations need to keep benchmarking and improving as Kubernetes adoption continues to grow.”
Key findings based on organizational workload evaluations include:
Half have at least 50% of their workloads affected by suboptimal pull policy, with nearly a third (29%) making a point of enforcing this policy for the majority of their workloads
More than two thirds (70%) are running 11% or more of their workloads as allowing root access, a dangerous practice given the recent increase in Kubernetes CVEs
Sixty percent are running some images with vulnerabilities in production
A full third (33%) have at least half of their workloads running with outdated Helm charts
Almost two-thirds (60%) are not setting memory limits or memory requests for their workloads
More than half (53%) of workloads have memory limits set too high, resulting in wasted/unnecessary resource
Seventy percent have memory requests set too low on at least 10% of their workloads
“Fairwinds continues to lead the pack in Kubernetes education with a Maturity Model that helps organizations better understand the full scope of their journey. They have created a Benchmark Report to assist organizations in accurately gauging how the efficacy of their Kubernetes ownership compares to that of their peer companies,” said Chris Steffen, research director, information security at Enterprise Management Associates (EMA). “As Kubernetes continues to gain residence inside a wider number of organizations, it will become increasingly important for businesses to learn from others how to keep their clusters secure, reliable and efficient.”
Fairwinds Insights is one platform that continuously scans multiple clusters against out of the box and customized policies. Users gain visibility into their Kubernetes workloads security, cost usage and reliability. The all in one platform helps DevOps team simplify Kubernetes and enable developer self-service to achieve production-readiness faster.
To read the full Kubernetes Configuration Benchmark Report 2021, please visit https://www.fairwinds.com/kubernetes-config-benchmark-report.