Guest post by Sarah Geisenger, Sales Engineer at Fairwinds

One of the main benefits known about Kubernetes is the platform’s ability to increase the speed of development. By using microservices and containers, development happens faster. This is all good news and most certainly a huge benefit. But when you increase development velocity, one major drawback emerges: the cost to repair defects. 

The Capers Jones graph below shows the percentage of defects introduced during each phase of the development life cycle. More importantly, it demonstrates how  the cost to repair said defect goes from 1x when coding to more than 640x in production. 

The Capers Jones graph

Kubernetes misconfiguration can be expensive to fix.

Just as problems with code are  expensive to fix, so too are Kubernete misconfigurations. When spinning up clusters in support of an application, there are configurations that just need to be done and run. You need to:

Most companies run Kubernetes without configuration best practices in mind, creating security and reliability issues that add to technical debt and can be very expensive to repair. 

Cost to Repair Kubernetes Misconfigured Clusters

The Kubernetes Configuration Benchmark report gives us average findings per cluster and workloads: 

Now consider these numbers based on the cost for a DevOps engineer: 

Let’s just read that again: $15,903!!!!!! 

When considering how you are configuring Kubernetes, you MUST consider getting it right in your pre-production environments. You NEED to ensure misconfiguration cannot bleed into production in the first place. 

How to Identify Kubernetes Misconfiguration Early

Kubernetes users need to check configurations earlier in the dev process to reduce the cost to fix. Doing so, will help to reduce the cost to fix by the 640x as mentioned by  Capers Jones. Better yet, use Kubernetes governance solutions to scan your development environments, alert developers to misconfigurations AND show them how to fix the problem—a 5 minute task at the cost of $8.33! 

By using a solution with an Admission Controllers, you can reject any Kubernetes resources from entering your cluster if they don’t conform to your organization’s policies. Once again, helping to reduce your production environment cost to repair from $15k down to $8-25.00. 

Don’t lose the benefits of Kubernetes by not configuring it correctly. 


Fairwinds offers Fairwinds Insights, Kubernetes governance and security software, to help DevOps reduce the cost to repair by shifting the fix left.