We use cookies to enhance your browsing experience, serve personalized ads or content, and analyze our traffic. By clicking "Accept all", you consent to our use of cookies. Cookie Policy
Coverage for additional repositories can be requested
Upgrade Copilot > Upgrade Assessments
Rapid, context-aware reports that surface all upgrade blockers, risks, and version recommendations for your cluster, add-ons and OSS projects.
K8s API Validator
Detects resources using deprecated / removed K8s APIs
PDB Validator
Flags resources using Misconfigured PDBs
Rapid Upgrade Recommender
Upgrade guardrails for EOL policies, compatibility maps, and release staleness (i) Detects whether or not an OSS Project needs an upgrade Recommends Rapid Source-grounded Next Versions Tags Required vs Optional Upgrades
Action: Export Markdown
(i) Export the assessment for a Jira ticket, Wikis, Pull Requests or Coding Agents
Action: Export PDF
(i) Export the assessment as a PDF for attaching on tickets or sharing over emails
Actions: Leave Comments
Chat with Team Members Leave Comment for Chkk (i) Enables teams to collaborate within the context of a step in the workflow.
Actions: Customize Assessment
Add / Delete / Edit Steps (i) Allows inclusion of steps in the workflow containing logic that is custom to your upgrade process
Action: Archive Assessment
Archive older Assessments that are not needed anymore
Activity Log
(i) Logs all actions taken on steps of an Assessment.
Artifact Register
Curated, Classified and Enriched Inventory For Your Fleet. Covers 100s of Open Source Software Project Versions, Packages, Package Components, Deployment Systems, and Images.
Included
Included
Included
Cluster Inventory
Version-first Inventory of Clusters & Nodes (i) Includes all Covered Cloud & K8s Distributions. Shows cluster Version, Environment, Region and Provider. Overlays EOL and Extended Support / LTS information for each cluster
Project Inventory
Version-first inventory of all OSS Projects running as add-ons, application services, or operators (i) Shows versions of Images, Project Releases, Project Components
Shows inventory of Cloud Accounts hosting clusters (i) A minimal-permission, read-only IAM role reads cloud account metadata to enable cross-layer risk detection and automated pre/postflight checks
EOL Watchdog
Notifies 90d before any OSS Project hits EOL. Overlays EOL information on each Project version. (i) Flags components approaching end-of-life or running known-bad versions the moment upstream publishes them
Compatibility Watchdog
Notifies instantly if a Project or Node is incompatible with K8s. (i) Flags any Project that is incompatible with the running K8s version. Flags version skew for Nodes and kubelets. Flags incompatibilities across Projects--e.g. Istio<>Envoy, Containerd<>CNI, etc
Cost Spike Monitor
Notifies of upcoming 6x cost spike for clusters approaching EKS/GKE Extended Support or AKS Long Term Support (LTS) (i) Notifies 90d earlier that clusters coming close to EKS/GKE Extended Support or AKS LTS will incur 500% more surcharges. Also reminds 1wk before the deadline.
Share inventory summaries with compliance teams (i) Share near-real-time reports with compliance teams that the platform software isn't running any EOL software
Proxy Filter
Redacts any configuration line from processing (i) Fine-granular control over your entire configuration tree so you can redact any part of the tree that should not be processed by Chkk
Risk Ledger
Scans the Kubernetes configuration for at-risk components
Proactively surfaces hidden misconfigurations, version incompatibilities, end-of-life risks, and known defects.
Risk Signatures scan your infrastructure, identify issues that need attention, and prescribe mitigation and remediation workflows.
Included
Included
Included
Defects
Detects Opertional Risks that have caused breakages or disruptions for other teams (i) Scans the Kubernetes configuration for at-risk components. All Defects have an associated KBA which provides: Affected Resources Severity (Critical, High, Medium, Low) Impact assessment Trigger conditions that activate the risk Mitigation (or short-term workaround) Remediation (or long-term fix) Code snippets for remediations and mitigations, when applicable
EOL Versions
Shows EOL Watchdog's output in a component-first view (i) All EOL risks have an associated KBA with external sources and affected resources
Incompatibilities
Shows Compatibility Watchdog's output in a component-first view (i) All Compatibility risks have an associated KBA with external sources and affected resources
Misconfigurations
Shows misconfigurations that can cause breakages or block upgrades. (i) All Misconfigurations have an associated KBA which provides: Affected Resources Severity (Critical, High, Medium, Low) Impact assessment Trigger conditions that activate the risk Mitigation (or short-term workaround) Remediation (or long-term fix) Code snippets for remediations and mitigations, when applicable
Deprecations
Shows output of K8s API Validator and deprecated CRDs and operator-specific APIs in OSS Projects. (i) All Deprecations have an associated KBA which provides: Affected Resources Severity (Critical, High, Medium, Low) Impact assessment Trigger conditions that activate the risk Mitigation (or short-term workaround) Remediation (or long-term fix) Code snippets for remediations and mitigations, when applicable
Guardrails
Shows rules, policies and best practices from a cloud provider, add-on vendor, kubernetes distribution, or the open source community. (i) All Guardrails have an associated KBA which provides: Affected Resources Severity (Critical, High, Medium, Low) Impact assessment Trigger conditions that activate the risk Mitigation (or short-term workaround) Remediation (or long-term fix) Code snippets for remediations and mitigations, when applicable
Action: Ignore Risk
Stops detection and notification of acceptable risks (i) Risks can be ignored on a per-cluster or per-resource level, from the KBA page or through IaC annotations
Action: Mark Risk
Marks risks with additional context--comments for team, won't fix (by design, dev/test clusters, etc.)
Action: Create Ticket
Opens Jira tickets from an Operational Risk's KBA page
Risk API
Vends Operational Risks on an API see more (i) Allows filtering by risks, clusters and resources. Enables risk routing to platform and application teams.
As many as you need for 3 fleetwide Upgrade Cycles Additional Upgrade Cycles can be purchased separately
Includes Cluster Upgrade Templates and Add-on Upgrade Templates
Read FAQ about what comprises an Upgrade Cycle
As many as you need for your fleet's upgrades
Deep Upgrade Analyzer
Provides Verified Next Version Recommendations, Change Reasoning, Safety Checks, and Upgrade Instructions (i) Recommends and preverifies on a Digital Twin the safest next version on a Digital Twin Detects whether an upgrade involves single or multiple hops Tags required vs optional upgrades based on change reasoning Links to authoritative upstream notes for every recommendation
Upgrade Blueprints
In-place, Blue-Green, Rolling
Custom Blueprints
Breaking Changes & Upgrade Considerations
For Control Planes, Worker Nodes, Images (AMIs, COS, Node Images), all Covered OSS Projects (i) Curated from Changelogs, Upgrade Guides / Notes, and Official Blogs. Contextualized for your environment
Upgrade Advisories
Issues and considerations discovered during Preverification (i) AI agents find issues not mentioned in Changelogs via deep research and by executing the recommended upgrade path on a Digital Twin
Notable Features & Critical Bug Fixes
For the recommended upgrade path
Guardrails
Shows rules, policies and best practices from a cloud provider, add-on vendor, kubernetes distribution, or the open source community. (i) All Guardrails have an associated KBA which provides: Affected Resources Severity (Critical, High, Medium, Low) Impact assessment Trigger conditions that activate the risk Mitigation (or short-term workaround) Remediation (or long-term fix) Code snippets for remediations and mitigations, when applicable
K8s API Validator
Detects resources using deprecated / removed K8s APIs
PDB Validator
Flags resources using Misconfigured PDBs
Upgrade Readiness Insights
Pulls upgrade readiness insights from AWS Upgrade Insights, GKE Recommender, Azure Advisor / Diagnosis (i) Shows information provided by cloud providers about deprecated/removed API usage, control plane EOL, version skew (nodes, kubelet, kube-proxy, etc.)
Helm, Kustomize, Manifest Diffs
Provides ready-to-apply IaC diffs for Terraform, Helm and Kustomize (i) Inline, annotated diffs show exactly what will change in Helm values, Kustomize overlays, Argo-CD app-sets, or raw YAML, eliminating manual side-by-side reviews and silent drift
RBAC Diffs
Shows newly introduced privileges or deprecated fields across all environments (i) Audits RBAC additions or removals so required permissions evolve with every upgrade.
CRD Diffs
Surfaces changes in CRDs and their associated CRs to prevent breaking API contracts (i) Compares old vs. new CRD schemas and every stored Custom Resource, guiding safe migrations and avoiding validation errors.
Actions: Customize Template / Plan
Add / Delete / Edit Steps (i) Allows inclusion of steps in the workflow containing logic that is custom to your upgrade process
Actions: Leave Comments
Chat with Team Members Leave Comment for Chkk (i) Enables teams to collaborate within the context of a step in the workflow.
Action: Mark Plan / Template
Mark a Template as Approved (for use in Plans), Cluster Completed, Environment Upgraded, Canceled
Activity Log
(i) Logs all actions taken on steps of an Assessment.
Guided Preflight, Inflight, Postflight Checks
Provides ready-to-execute safety, health and readiness checks for each Kubernetes and add-on version (i) Covers smoke tests, API readiness checks, and end-to-end checks, streams results into the Template workflow.
Preview
SHARC: Automated Safety, Health & Readiness Checks
Provides contrainerized, end-to-end safety checks, reports results in Upgrade Plans Action: Can be triggered from Upgrade Plans or from CI/CD jobs (i) Containerized, contextualized checks that can be seamlessly integrated with Upgrade Plans or run in CI/CD jobs.
Preview
Change Management Artifacts
Provides context on what, why and how of every single change. Ready for use in Change Management Tickets, PRs, Slack threads. (i) Markdown-formatted context on the rationale of what change is proposed, why the change is required, and how the change reduces blast radious and improves safety. Used by QA and compliance teams with extended stability guarantees--e.g. financials, healthcare, etc.
Live Workflow
Assigns owners, tracks lifecycle of the upgrade, preserves a full audit trail (i) Assigns owners, sets actions, tracks lifecycle of each workflow step (completed, in-progress, skipped), manages lifecycle of the upgrade across all clusters in an environment (% completed)
Upgrade System of Record
Stores all actions, customizations, and learnings. (i) Eliminates any additional work required to log these aspects in wikis or docs post upgrades.
Vends Operational Risks on an MCP Server (i) Allows filtering by risks, clusters and resources. Enables risk routing to platform and application teams
Preview
PR Creator with Upgrade Context MCP Server
Vends Environment-aware Upgrade Context for 100s of Open Source Projects to your AI coding agent Works with: Cursor, Claude Code, CodeX, Gemini CLI, GitHub Copilot Creates PRs for: Helm, Terraform, Kustomize, Libsonnet and more
Integrations
Slack
Notifies of risks and upgrade lifecycle events on Slack channels
Jira
Opens tickets for Operational Risk resolution or upgrade tasks
GitHub
Reads IaC code and enables Chkk Coding Assistant to open PRs
Custom Integrations
SSO
Okta, PingIdentity
Contracts
Custom contracts, Multi year contracts
Contractual uptime guarantee
Support
Basic
Business Hours: 0500-1700 Mon-Fri (GMT-8), 24x7 for P0 Response Time: P0: 1 hour, P1: 4 business hours, P2: 1 business day, P3: 2 business days Channels: Community Slack, Docs, Knowledge Base
A node is a physical or virtual server/machine. We don’t charge you per-node. We only charge in slabs of 100 nodes (1-100, 101-200, …)
What is the difference between Business and Enterprise?
Chkk Enterprise Plan is tailored for organizations that need additional support and customization. It includes all features of the Business Plan plus single sign-on (SSO), multi-organization support, custom integrations, premium support with response SLAs, and contractual uptime guarantees, making it ideal for enterprises with strict compliance requirements.
What comprises an upgrade cycle?
A Kubernetes upgrade cycle upgrades all clusters across all environments from a current Kubernetes version to a target version. For example, in a fleet with three environments (dev, staging, prod), an upgrade cycle from k8s v1.30 to v1.31 typically begins with dev clusters upgraded to v1.31 for early validation, followed by staging for integration testing, and concludes with prod upgrades once confidence is established. Chkk deems an upgrade cycle complete only when every cluster in all three environments is running the target version.
Do you offer volume discounts?
Yes, we offer volume discounts as the number of nodes and Upgrade Templates increases. Contact us to discuss your use case.
What happens if my nodes auto-scale?
You are not charged for infrequent bursts of autoscaled nodes as Chkk uses the average number of nodes in every monthly measurement cycle. We compute this average node count based on a monthly measurement cycle that spans from the first day to the last day of every month. To compute average node count across the fleet, at the end of each measurement cycle, we take the sum of all node count measurements taken across all the clusters and divide it by the total number of measurements.
What if I exceed the nodes included in my subscription?
Chkk has a true-up forward policy, meaning that we don’t carry out chargebacks for scenarios where the consumption in a monthly measurement cycle exceeds the licensed count. If the new, steady-state number of nodes is expected to be higher, our customer success team will discuss the situation with you, and take steps to adjust your subscription for the next measurement cycles.
Don’t pay 500% surcharge for running outdated versions
Upgrade your outdated versions
Chkk helps you upgrade safely and quickly, saving you time and money
How a Fortune 1000 Enterprise Standardized Multi-Cloud (EKS & GKE) Upgrades for 30+ Add-Ons, Avoided 6x Costs, and Achieved an 80% Reduction in Prep Time
.png)
.png)
.png)
.png)
.png)
.jpg)
