Guest post originally published on Fairwinds’s blog by Robert Brennan, Director of Open Source Software at Fairwinds
After working long and hard to establish comprehensive and effective Kubernetes ownership, and getting each of your development teams to properly configure their workloads, have you ever wondered how your container configurations stack up against your peers in the cloud native landscape? Well, wonder no more-because Fairwinds, a partner for Kubernetes governance and security, has just released the Benchmark Report 2021, an industry comparison based on scans of over 100,000 workloads across hundreds of organizations using the Fairwinds Insights platform.
Divided into three sections-reliability, security and efficiency-the Benchmark Report is an excellent tool for Kubernetes users looking to understand how their workloads compare to other businesses. As we know, proper Kubernetes configuration is critical to successful cloud native adoption. Without it, practitioners have no way to improve the reliability, security and efficiency of their applications. As the organization grows, DevOps teams, along with platform and security leaders, require visibility into what is happening in each cluster.
On the positive side, Kubernetes offers customization around configuration, which allows practitioners to understand more about their unique environment. But with this customization comes risk, mostly because misconfigurations can easily lead to security flaws, downtime and wasted resources. Here’s a peek at what’s inside the new report:
Reliability
The Benchmark Report highlights various best practices around Kubernetes success, including missing CPU limits and requests, memory limits, and missing liveness and readiness probes. The key to ensuring scaling actions work right means dialing in your resource limits and requests on each pod so workloads run properly. Setting these parameters correctly is essential to successfully operating applications in Kubernetes clusters.
Did you know?
Security
Find out how many organizations have their workloads running with insecure capabilities, as well as how security settings can control whether a container is able to write into its filesystem. When it comes to container security, teams need to explicitly ensure they utilize the most secure configuration practices possible. In this Benchmark Report, you can drill down into information about writable file systems, privilege escalation, and how running privileged or root affects the security environment.
Did you know?
Efficiency
Almost half of workloads have memory limits set too high, which often results in wasted or unnecessary resources. Are the memory limits for your workload set too low? Too high? To maximize the use of your Kubernetes cluster, it’s important to know how resource limits and requests can be set correctly-set them too high, and you’ll end up wasting resources, too low and your application will crash. To avoid wasting resources through over-allocation, you’ll need to understand more about what workloads require to run efficiently.
If you are looking to learn more about how your organization stacks up against others in the industry, as well as in the model of best practices, read Fairwind’s newest Benchmark Report and get on track for successful Kubernetes ownership!