Skip to content
KubeBuddy CLI Works with KubeBuddy Radar

Kubernetes says your cluster is healthy. It’s probably not.

Scan any Kubernetes cluster from your terminal, CI, or Docker — no agents, no in-cluster install. Get actionable HTML and JSON output fast.

Start with the CLI Open Radar ↗ See Radar Integration
100+
Checks
AKS + GKE
Cloud Coverage
No Agents
Run Anywhere
HTML + JSON
Reports & Automation

The Tools

KubeBuddy CLI

Start here. Scan any cluster with no agents.

Run from your terminal, Docker, CI, or jump host and get HTML and JSON output in one pass.

  • 100+ health, security, RBAC, and best-practice checks
  • AKS & GKE cloud coverage
CLI Docs PowerShell
KubeBuddy Radar

Optional: add history and release tracking.

Follow CNCF ecosystem releases and upload scan results when you want history, compare, and team workflow.

  • Track projects, releases, and changes
  • Compare scan runs over time across clusters
Open Radar ↗ Radar Docs

What it checks

🖥️ Node & Pod Health 🔒 Security & RBAC 🔗 Networking, Storage, AKS & GKE

Catch crash loops, risky RBAC, and provider-specific issues in one run — without touching the cluster.

How it works

  1. Run a scan from your terminal, Docker, CI, or jump host
  2. Review the report in HTML for people or JSON for automation
  3. Fix or track what changed locally, or use Radar for history and compare
Get Started with the CLI →

The KubeBuddy Tools

KubeBuddy CLI

Start here. Run scans locally, in Docker, on a jump host, or in CI to generate HTML, JSON, and terminal output without agents.

  • 100+ health, security, RBAC, and best-practice checks.
  • AKS and GKE cloud coverage.
  • No agents or in-cluster install required.
CLI Docs PowerShell

KubeBuddy Radar

Optional: add release tracking, scan history, and compare views when you want more workflow around the CLI.

  • Track projects, releases, and changes across the cloud-native ecosystem.
  • Compare scan runs over time across clusters.
  • Use it only when you want more history and coordination.
Open Radar ↗ Radar Docs

Why Teams Use KubeBuddy

CLI First

Run the scan where your cluster already lives.

Use PowerShell or Docker to scan Kubernetes and AKS without installing agents, Helm charts, or in-cluster components.

  • Generate HTML, JSON, and terminal output from the same run.
  • Pull Prometheus metrics when available for richer diagnostics.
  • Run locally, in CI, in Docker, or from a jump host.
Built For Action

Get findings you can actually work with.

KubeBuddy is designed to move from detection to action fast, with clear reports and consistent checks across clusters.

  • Catch node, pod, workload, RBAC, network, and storage issues in one pass.
  • Run AKS best-practice checks when you need provider-specific coverage.
  • Keep the cluster untouched while you inspect it from outside.

What KubeBuddy Checks

Node And Pod Health

Find crash loops, failing workloads, noisy nodes, broken probes, and cluster drift before they become outages.

Security And RBAC

Catch risky RBAC, exposed privileges, insecure defaults, weak registries, and config mistakes that stay hidden in dashboards.

Networking, Storage, And AKS

Inspect services, PVCs, policies, cluster config, and Microsoft-guided AKS checks from the same workflow.

🤖

Clear Guidance, Not Just Raw Findings

Use the CLI to surface the findings fast, then review the HTML and JSON reports to decide what changed, what matters, and what to fix first.

Optional KubeBuddy Radar Workflow

Radar Integration

Bring scan history into the same place you track releases.

Upload KubeBuddy JSON reports into KubeBuddy Radar when you want score history, compare views, saved scan profiles, and one place to manage both releases and scan results.

  • Compare runs over time and across clusters.
  • Manage encrypted scan profiles and generated commands.
  • Keep scans local while Radar handles release tracking, history, and coordination.
Use It When Needed

KubeBuddy still works fully on its own.

You do not need Radar to run scans, generate reports, or work through findings. Radar is the optional control plane for teams that want more history and compare.

  • CLI-only workflow stays simple and self-contained.
  • Radar adds run history, compare, and config management.
  • Choose the level of workflow you need.

How The KubeBuddy Workflow Fits Together

⚙️

Run A Scan

Run KubeBuddy from your terminal, jump box, CI job, or Docker container using your existing kubeconfig and provider access.

CLI first
🔎

Review The Report

Use the HTML output for investigation and the JSON output for automation, pipelines, or integration into the rest of your workflow.

HTML + JSON
📈

Fix Or Track What Changed

Work through the findings locally, or use Radar when you want score history, compare views, and a shared place to track scan results over time.

Radar optional
Read the CLI Docs