Best Practices
Audit your Kubernetes configurations against FinOps best practices and cost governance policies. Get a clear score with specific fixes for resource efficiency, reliability, and security.
How it Works
Three steps from setup to savings
Audit
Kubeadapt scans every workload across all namespaces against 50+ rules covering cost efficiency, reliability, and security posture.
Score
Each cluster receives a 0–100 compliance score (Good / Fair / Needs Work) with per-namespace breakdowns and category-level scoring for fast executive reporting.
Fix
Every finding includes severity, estimated cost and reliability impact, and copy-paste YAML remediation patches.
What's Included
FinOps Best Practices & Cost Governance
Configuration Findings
Container running with root privileges in production namespace
Security
No resource limits defined for deployment api-gateway
Resource Configuration
Pod disruption budget not configured for statefulset redis
Reliability
Configuration Audit
50+ checks covering resource limits, health probes, security contexts, anti-affinity, and PDB configurations.
- Covers resource limits, health probes, security contexts, and PDB configs
- Checks against CIS Kubernetes benchmarks and community best practices
Compliance Summary
Cluster Compliance Score
Get a 0–100 compliance score with category breakdowns across cost efficiency, reliability, scheduling, and security.
- Overall score: 80+ is Good, 60-80 is Fair, below 60 Needs Work. Readable at a glance for any stakeholder.
- Category breakdowns show exactly which of the 7 areas is dragging your score down
Prioritized Fixes
3 containers running as root in production
Fix: Set runAsNonRoot: true
Missing resource limits on api-gateway deployment
Fix: Add resources.limits to pod spec
Prioritized Fixes
Each finding includes severity, estimated impact, and step-by-step remediation instructions.
- Each finding ranked by severity and estimated cost/reliability impact
- Step-by-step remediation instructions with copy-paste YAML patches
Filter Findings
Trend Tracking
Track your score over time to measure improvement and ensure teams maintain configuration quality.
- Historical score graph shows improvement trajectory over weeks and months
- Set score targets and get notified when clusters regress below thresholds
Remediation
apiVersion: v1
kind: Pod
metadata:
name: api-server
spec:
containers:
- name: api
securityContext:
runAsNonRoot: true
readOnlyRootFs: true
Namespace Comparison
Compare best practice scores across namespaces to identify teams that need additional guidance.
- Side-by-side namespace scores to identify teams that need guidance
- Leaderboard view encourages healthy competition across engineering teams
Frequently Asked Questions
Common questions about Best Practices
See What 60% Savings Looks
Like on Your Clusters
Stop overpaying for Kubernetes. See potential savings within 10 minutes.