Kubeadapt

Best Practices

Overview

Best Practices continuously scans your cluster for configuration issues across:

  • 9 Check Categories - Resources, Health Checks, Labels, Networking, Storage, HA, Image Management, Workload Config
  • Severity Levels - Critical, High, Medium, Low classification
  • Automated Scanning - Runs every 10 minutes
  • Remediation Guidance - Step-by-step fix instructions with YAML examples
  • Compliance Tracking - Monitor improvement over time with health score
  • Philosophy: Catch configuration mistakes before they cause production incidents

Kubeadapt helps you follow Kubernetes best practices for both production and non-production environments, supporting reliable and cost-optimized operations. The recommendations provided here are designed to help you minimize potential performance or security issues during scaling, and to continuously improve your cluster configuration. Our approach is to encourage adherence to industry-standard Kubernetes best practices, empowering you to maintain stability and efficiency without requiring significant or disruptive changes to your existing infrastructure.

Access: Select cluster (Clusters page or sidebar dropdown) → Best Practices

Dashboard Overview

Cluster Health Score: Visual indicator showing overall configuration quality

Issue Summary:

  • Critical: Issues requiring immediate attention
  • High: Important issues to address soon
  • Medium: Recommended improvements
  • Low: Minor optimizations

Key Check Categories

Security (24 issues):

  • Containers running as root (Critical)
  • Privileged containers (High)
  • Missing security context (High)
  • Image pull policies (Medium)

Resources (31 issues):

  • Missing memory limits (Critical)
  • Missing CPU limits (High)
  • No resource requests (High)
  • QoS class issues (Medium)

Health Checks (22 issues):

  • Missing liveness probes (High)
  • Missing readiness probes (High)
  • Startup probe not configured (Medium)

High Availability (16 issues):

  • Single replica deployments in production (High)
  • No Pod Disruption Budget (High)
  • No anti-affinity rules (Medium)

Image Management (12 issues):

  • Using 'latest' tag (Critical)
  • No image pull secret (High)
  • Large base images (Medium)

Features

Automated Scanning:

  • Scans between regular intervals
  • Monitors new deployments automatically
  • Configurable scope (all namespaces, production only, custom filter)

Filter & Search:

  • Filter by severity, category, namespace, workload type
  • Search by workload name
  • Status tracking (Open, Dismissed, Fixed)

Remediation Tracking:

  • Track issues fixed over time
  • Monthly progress reports
  • Health score trend analysis
Back to Docs
Edit this page