Polaris runs a variety of checks to ensure your Kubernetes deployments are configured using best practices. It presents a built-in dashboard that scores your cluster’s health and provides detailed reports for each individual workload. This measures cluster performance vs industry Kubernetes standards, and helps your team debug problems when they arise. Polaris manages your deployment infrastructure so you can do what you do best: build great products.
Polaris puts security first and checks to ensure your pods are configured with recommended Security Context, Security Capabilities, and Privileges. Polaris will verify that pods are not running as root and are not running as privileged, as well as several other checks. As with all other Polaris checks, these are fully configurable
One of the defining characteristics of Polaris is the Validating Webhook, which can help you ensure that the configurations being pushed conform to your organization’s standards. If you choose to run the webhook server, anytime someone runs
kubectl apply , Polaris will reject any configuration that triggers an error.
Organizations come in all shapes and sizes. It’s possible that the default set of best practices we’ve selected don’t work well for your team - they might be too strict or too lenient, depending on the context. To address this, you can disable any Polaris check, change its severity, or configure its parameters (for example, you may want to raise the maximum amount of memory a workload can request). Use Polaris to define your own organization’s standards for Kubernetes best practices.