Sign in

Written By: Kendall Miller

It’s time to make your first big spend commit to the cloud of your choosing, or you’re getting ready to renew a commit and need all the details to get things right. Before you sign on a dotted line for loads of money, you want to make sure that the details of what you’re signing up for are right, and aligned to what you’ll actually spend. There’s no discount for commit spend if you don’t use it all. In fact, it ends up costing you more. So knowing WHAT to commit to matters.

Rightsizing and Optimizing

To make your cloud or renewal commit…

Written By: Andy Suderman

At Fairwinds, we’ve spent the last few years managing hundreds of clusters for dozens of organizations, which gives us considerable knowledge about and insight into the problems most organizations encounter in their Kubernetes environments. We see the same issues repeatedly, most of them related to getting resource requests and limits just right, so we created Goldilocks to help identify a baseline for setting resource requests and limits. The experience we gained building and using Goldilocks allowed us to build features for Fairwinds Insights that provide even more resource optimization.

Goldilocks and Setting Resource Configurations

There are two types of resource configurations you can set on…

Written By: Dakoda Wogan

In August we’ve been fixing bugs and adding new team management capabilities in our Fairwinds Insights latest releases. The updates in 5.2.0, 5.3.0, and 5.4.0 include new updates related to Kubernetes security, policy, and governance. Our recent updates to team management helps you limit access to sensitive information and get the right information to the right people. Learn more about the new features and additional functionality in our releases.

If you need continuous Kubernetes security monitoring, policy enforcement, and the ability to govern compliance and optimize costs, try Insights.

Fairwinds Insights 5.4.0 Release

Fixed Action Items Bug

We fixed a bug that used “last seen” instead of “first…

Written By: Bill Ledingham

Kubernetes is central to how many enterprises are transforming their businesses, and the de facto standard for automating deployment, scaling, and management of containerized applications. At the same time, these are still early days for Kubernetes. It’s a relatively young technology, and many organizations struggle with the complexities of starting Kubernetes adoption initiatives. These challenges take time and patience to overcome, but are well worth the effort, because Kubernetes can be the driving force that powers your digital and business transformation initiatives.

We’ve seen a lot of technical evolution that transforms business quite a bit over the past few decades…

Written By: Andrew Suderman

When we open sourced Goldilocks in October 2019, our goal was to provide a dashboard utility that helps you identify a baseline for setting Kubernetes resource requests and limits. We continue to refine Goldilocks, because getting resource requests and limits just right is an ongoing challenge for most organizations.

Why Set Resource Configurations?

You can set two types of resource configurations on each container in a pod: requests and limits. A resource request defines the minimum resources that containers need. A limit defines the maximum amount of resources the container can use. Setting these helps to stop you from over-committing resources, while also protecting…

Written By: Rachel Sweeney

Earlier this month, the NSA released a number of recommendations for hardening Kubernetes clusters. The guide outlines a really strong defense-in-depth approach to ensure that when an attacker compromises your cluster, the blast radius will be as small as possible. The NSA Kubernetes hardening guide includes the following recommendations:

  1. Scan containers and Pods for vulnerabilities or misconfigurations.
  2. Run containers and Pods with the least privileges possible.
  3. Use network separation to control the amount of damage a compromise can cause.
  4. Use firewalls to limit unneeded network connectivity and encryption to protect confidentiality.
  5. Use strong authentication and authorization to limit user and…

Written By: Robert Brennan

If you’re using Kubernetes in production, it’s critical that you’re validating the configuration for each of your workloads. The smallest changes or omissions can lead to downtime, cost overruns, or worse, a security breach. So what do you need to be looking for when it comes to Kubernetes configuration validation?

Specifically, you should be checking for, at minimum:

  • For security issues, including over permissioned containers and Common Vulnerabilities and Exposures (CVEs)
  • For efficiency issues, such as not setting CPU limits or requesting excessive amounts of memory
  • For reliability issues, for example, not setting liveness and readiness probes

But it’s not…

Written By: Danielle Cook

Since Kubernetes is still relatively new, there’s often not a lot of expertise within organizations. That means in many organizations, there are a lot of questions about implementing, securing, and optimizing Kubernetes. Recently, we ran a webinar to discuss how to run K8s securely and efficiently, and we had some great questions that we answered at the end. Often, the questions we get in our webinars are ones that many others have as well, so we’re sharing the top five questions we had during our webinar here.

1) Are there any good tools for estimating or measuring reasonable resource limits in Kubernetes?

We actually have an open source project called Goldilocks that helps with that…

Written By: Danielle Cook

The Fairwinds team developed the Kubernetes Maturity Model over a year ago, and we continue to update and refine it to reflect the five stages you go through in your journey to Kubernetes maturity. If the Kubernetes Maturity Model is new to you, this is a helpful introduction and guide on how to use it.

Before you do anything, consider what a cloud native journey means to you and your organization. Kubernetes isn’t right for everyone, so make sure you understand where to start, who to trust, and how to prove value by embracing Kubernetes.

  1. Phase one of the maturity…

Written By: Dakoda Wogan

In June and July we were hard at work on our Fairwinds Insights 5.0.0 release. The 5.0.0 release includes new updates related to Kubernetes security, policy, and governance. We also added great new capabilities in 4.4.0 in June, which I’m including in this post. Other recent updates include a vulnerabilities UI, the ability to create tickets in Jira, and more! Learn more about the new features and additional functionality in our releases.

If you need continuous Kubernetes security monitoring, policy enforcement, and the ability to govern compliance and optimize costs, try Insights.

Fairwinds Insights 5.0.0 Release

SAML Capabilities — Beta

We are happy to announce that Insights now…


Fairwinds — The Kubernetes Enablement Company | Editor of uptime 99

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store