<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=521127644762074&amp;ev=PageView&amp;noscript=1">
 

Polaris by Fairwinds

Open source tool to validate and enforce Kubernetes deployments

Identify Kubernetes misconfigurations

Polaris is an open source project that identifies Kubernetes deployment configuration errors. Polaris runs over a dozen different checks to help users discover Kubernetes misconfigurations that frequently cause security vulnerabilities, outages, scaling limitations and more. Using Polaris, you can avoid problems and ensure you’re using Kubernetes best practices.

Polaris is available as open source on GitHub.

If you like Polaris, you'll love Fairwinds Insights.

Polaris improves Kubernetes deployments

Security
Health Checks
Networking
Resources
Images
Security

Your Kubernetes security goal should be to ensure containers are running with minimal privileges - avoiding privilege escalation, not running containers with a root user, and using read only file systems wherever possible.

Where configuration is available at both a pod and container level, Polaris validates both.

Learn more on GitHub
Health Checks

Readiness and liveness probes can help maintain the health of applications running inside Kubernetes. By default, Kubernetes only knows whether or not a process is running, not if it's healthy. Properly configured readiness and liveness probes ensure the health of an application. 

Polaris validates the presence of readiness and liveness probes in pods.

Learn more on GitHub
Networking

Although Kubernetes allows you to deploy a pod with access to the host network namespace, it's rarely a good idea. Polaris checks hostNetwork and hostPort so you can ensure your pods aren’t asking for excessive permissions.

Learn more on GitHub
Resources

Configuring resource requests and limits for containers is an important Kubernetes best practice. Setting appropriate resource requests will ensure that all your applications have sufficient compute resources, and limits will keep them from consuming too many resources.

Polaris runs checks to ensure CPU and Memory requests and limits are in place. 

Learn more on GitHub
Images

Docker's latest tag is applied by default to images where a tag hasn't been specified. Not specifying a specific version of an image can lead to a wide variety of problems, including breaking your application.

Polaris will identify when an image tag is either not specified or latest and when an image pull policy is not Always.

Learn more on GitHub

Operationalize Polaris with Fairwinds Insights

 
Fairwinds has combined Polaris with other trusted open source tools, toolchain integrations, and SRE expertise based on hundreds of successful Kubernetes deployments to deliver Fairwinds Insights, a configuration validation platform.
 
Fairwinds Insights operationalizes Polaris checks by providing not only the findings, but also keeping a historical record of the results across all your clusters and offering remediation guidance. Fairwinds Insights allows you to track and prioritize security, efficiency and reliability issues, collaborate across teams, and apply best practices as applications move from development to production. Fairwinds Insights will help you improve your security posture, reduce costs, save time and improve workload reliability.
 
Learn more about Fairwinds Insights

Fairwinds Polaris

Features

Fairwinds Insights

Features

Security Privileges
Health Checks
Networking Checks
Resource Request
Image Tag Checks
CI/CD Integration
Open Policy Agent (OPA) Support
Admission Controller
Multi-cluster Visibility
Container Security Image Scanning
Cluster Security Scanning
RBAC Auditing
Workload Optimization
Remediation Advice
Technical Support
Add-on Monitoring
Multi-users
Team Management
Learn how Fairwinds Insights can help your team
Free Trial Read the FAQ Documentation
Browse our case studies
Other
“In 2012, two computer science professors launched zyBooks with the goal of helping STEM (Science, Technology, Engineering and Math) students...
Read More
Media
“We present exceptional, hand-picked films to a community of film lovers and makers connected by meaningful and entertaining cinematic experiences.”...
Read More
Other
“icitizen is an award-winning polling platform that connects people and decision-makers to make their community a better place through online...
Read More
Software
“Park Assist is a price sensitive manufacturer and provider of parking guidance system technology that competes with ultrasonic and other...
Read More
Retail
“Boxed was founded in 2013 by an experienced group of tech pioneers with a simple idea: make shopping for bulk...
Read More
Software
"Sparkcentral delivers amazing, fast, and meaningful digital customer service that delights and cultivates relationships with our user-friendly customer engagement platform."
Read More
Retail
"Framebridge makes it easy and affordable to custom frame the art, photos, and memorable moments you love. Every piece is hand built in the USA by our team of expert designers & craftspeople using the highest-quality materials."
Read More
Software
"Zonar is the leader in smart fleet management technology providing verified inspection reporting, GPS tracking and ELD-ready solutions for all fleet sizes."
Read More
Retail
"With Fairwinds Insights, we now have a configuration validation tool that runs automatically and presents aggregated data in one place."
Read More
Software
“With Fairwinds’ expertise, we now have a scalable, low latency and high availability Kubernetes infrastructure platform in place. The patterns provide insights into, and control of how, our applications are running to help inform our daily business decisions.”
Read More
See all retail icon Retail cloud monitor icon Software media icon Media Other