Polaris

Polaris validates Kubernetes configurations against security, efficiency, and reliability best practices. It provides a dashboard and CLI tool for scanning and fixing configuration issues.

What is Polaris?

Polaris checks for:

• Security - Security context, capabilities, image pull policies
• Efficiency - Resource requests and limits
• Reliability - Health checks, pod disruption budgets

Installing Polaris

Using Binary

curl -L https://github.com/FairwindsOps/polaris/releases/latest/download/polaris_linux_amd64.tar.gz | tar -xz
sudo mv polaris /usr/local/bin/

Using Helm

helm repo add fairwinds-stable https://charts.fairwinds.com/stable
helm install polaris fairwinds-stable/polaris

Scanning

Scan Current Context

polaris audit

Scan Files

polaris audit --audit-path /path/to/manifests

Web Dashboard

polaris dashboard

Best Practices

1. Use dashboard - Visual interface for understanding issues
2. Fix incrementally - Address issues one category at a time
3. Customize checks - Adjust checks for your environment
4. CI/CD integration - Scan in pipelines

See Also

• Security Scanning Tools - Overview of scanning tools
• Workload Hardening - Security hardening