Radar OSS or Radar Cloud? An Honest Take on When to Use Each

The most common question in our GitHub issues is some variant of "do I need the Cloud version?"

Here's the honest answer: most people don't.

Radar OSS launched in January. Radar Cloud launched a month later. Since then, we've watched people agonize over the choice in ways that don't match how we actually think about it internally. This post is our attempt to stop that agonizing.

What they share

Radar OSS and Radar Cloud are the same tool for most of what you do day to day. Same UI conventions, same keyboard shortcuts, same views: Resources, Topology, Timeline, Helm, GitOps, Traffic, Cluster audit, MCP. Same SharedInformer foundation under the hood. The React frontend is literally the same codebase, with fleet-scoped views layered on top for Cloud.

If you've used one, you already know the other. There is no relearning tax.

The thing that changes between them isn't the tool, it's the shape of your work. Are you one person poking at one cluster, or are you a team keeping an eye on many? That's the whole question.

The five questions that decide it

Forget feature matrices for a minute. These five questions predict the right answer better than anything else:

1. Are you working alone, or with a team? If two or more engineers need to look at the same cluster state during the same incident, something hosted starts to earn its keep.
2. Do you need shared, persistent identity? OSS auth is whatever your kubeconfig grants. If you want SSO, an audit log of who did what, and per-user RoleBindings managed centrally, that's Cloud.
3. Do you want notifications when a cluster goes dark while nobody's looking? OSS is a tool you open. Cloud sends you a Slack or webhook ping when a cluster disconnects, a payment fails, or a teammate joins your org.
4. Do you need more than one person to have scoped access? If "Alice can read prod, Bob can edit staging" matters, you want SSO-driven access mapped to standard K8s RBAC, not a pile of kubeconfigs.
5. Are you running one cluster, or six? Fleet views only start paying for themselves once "which cluster is that pod in?" becomes a real question you ask weekly.

The more your answers trend toward team and multi-cluster, the more Cloud earns its place. If you're answering "alone, one cluster, I just want to look" to all five - stay on OSS. That's what it's for.

When Radar OSS is the right answer

OSS isn't a stepping stone. For a large slice of users, it's the final answer.

• Solo engineers debugging a single cluster from their laptop. You don't need a fleet view of one thing.
• Air-gapped or regulated environments where outbound traffic to a hosted vendor isn't allowed. OSS runs entirely on your machine with your kubeconfig. No data leaves.
• "I want to poke around for an hour" moments. You inherited a cluster and want to understand it before touching anything. radar and you're in. No account, no token, no onboarding wizard.
• Contributors and developers who want to read the source, fork it, or build on top of it. Apache 2.0, single Go binary, React UI embedded via go:embed.
• Teams deploying Radar in-cluster as a read-only internal dashboard via the Helm chart. If you're fine with shared view and your own OIDC or proxy auth in front of it, that works.

Where OSS is a bad fit: a 12-person team trying to coordinate during a production incident at 2am. Everyone running their own local Radar against their own kubeconfig is not incident response, it's a conference call. That's the point where you want one URL everyone shares.

When Cloud earns its price

Cloud starts making sense when your answers to the five questions flip.

• Teams of 3+ engineers who all need shared context. One URL, one cluster everyone sees through the same RBAC, one place changes are audited.
• Fleets of 5+ clusters. Fleet views exist because alt-tabbing between five browser tabs of Radar OSS is not a workflow.
• On-call rotations. Cloud notifies on the events the control plane actually owns - cluster disconnect and reconnect, billing, member invites - over Slack, webhook, or in-app. Conservative on purpose.
• Compliance-driven audit needs. If you need a record of who clicked what, when, against which cluster, audit logs ship on Free (7-day retention), Team (30 days), and Enterprise (365 days). SOC 2 Type II across the board.
• You're tired of kubeconfig-based access control. Cloud roles map to standard K8s RBAC via impersonation; full SAML / OIDC SSO (Okta, Entra ID, Google Workspace, OneLogin, any spec-compliant provider) is on every plan, including Free.

Where Cloud is a bad fit: an engineer who will use Radar twice a week to check one cluster. There's no reason to pay for that. Use OSS.

The hybrid pattern

A lot of teams end up using both, and we think that's correct.

Local laptop debugging? OSS. You're on a train, you've got kubeconfig, you want to check why a pod is CrashLooping. radar is faster than opening a browser tab and loading a web app.

Shared fleet oversight, alerts, audit trails, on-call? Cloud.

Both have the same mental model. You don't flip between "oh, this is the OSS way of doing it" and "this is the Cloud way of doing it." It's one tool with two deployment shapes. Keep both. The OSS binary is free forever, and the Cloud Free tier covers three clusters for a small team.

What Cloud doesn't try to do

This is the part I want to be very clear about, because it's where trust in OSS tooling tends to break down.

Radar Cloud is not a replacement for Radar OSS. OSS stays Apache 2.0. OSS stays single-binary. OSS stays fully featured for single-cluster work. Resources, Topology, Timeline, Helm, GitOps, Traffic, Cluster audit, MCP - all of it stays in OSS. We are not gating features in OSS to push people toward Cloud.

Cloud adds things OSS can't meaningfully do on its own: multi-cluster aggregation, SSO mapped to standard K8s RBAC, an org-scoped audit log, hub-side notifications when a cluster disconnects, compliance certifications, BYOC for regulated environments. Those are genuinely different surface areas, not artificially withheld capabilities.

We'll never rug-pull OSS. Specifically:

• We won't move existing OSS features into a Cloud-only tier.
• We won't add mandatory telemetry or cloud check-ins to the OSS binary.
• We won't require an account to run radar locally.
• If we ever need to fundamentally change the license, it'll be a visible, discussed fork, not a quiet bait-and-switch shipped in a minor version bump.

We watched Lens do the mandatory-login dance in 2024. We're not doing that. It's why we open-sourced Radar in the first place.

A word about pricing

The Free tier of Radar Cloud exists precisely so a solo engineer at a small team can try the hosted version without pulling out a credit card. 3 clusters, unlimited nodes, unlimited teammates, full SAML / OIDC SSO, the full product UX. If that's enough for you, stay there forever. We're fine with it.

Team is $99 per cluster per month with 30-day audit retention, unlimited nodes, unlimited teammates, full SSO, Slack and webhook notifications, K8s-native RBAC via impersonation, and shareable deep links. That's the tier most teams in the 3-50 engineer range land on.

Enterprise is custom-priced and adds 365-day audit retention, SCIM 2.0 directory sync, BYOC / on-prem deployment of the control plane, US or EU data residency, a 99.9% SLA, and a dedicated CSM. Annual contracts get 20% off the Team list price.

We're not going to push you to a plan you don't need. The Free tier is a real product, not a 14-day trial dressed up.

The side-by-side

Capability	Radar OSS	Cloud Free	Cloud Team	Cloud Enterprise
Clusters	Unlimited (local)	3 included	Unlimited ($99/cluster/mo)	Unlimited (custom)
Timeline	In-memory or SQLite (in-cluster)	Live via reverse-proxy	Live via reverse-proxy	Live via reverse-proxy
Audit logs	-	7 days	30 days	365 days
Auth	kubeconfig	SAML / OIDC SSO	SAML / OIDC SSO	SSO + SCIM
Notifications	-	Slack, webhook, in-app	Slack, webhook, in-app	Slack, webhook, in-app
RBAC	-	K8s impersonation, default roles	K8s impersonation, default roles	+ custom ClusterRole bindings, per-user RoleBindings
SLA	-	-	99.5%	99.9%
BYOC / on-prem	-	-	-	Yes
Fleet views	Single cluster	3 clusters aggregate	All connected	All connected
Data residency	Your laptop	US	US	US, EU, or BYOC
Price	Free (Apache 2.0)	Free	$99 / cluster / month	Contact us

A short decision flow

If you want the three-second version:

• One cluster, one person, ephemeral use? Radar OSS. Done.
• One cluster, small team, want a shared URL and SSO? Cloud Free.
• 2-50 clusters, team of 3+, want notifications and proper access control? Cloud Team.
• Need 365-day audit retention, SCIM, BYOC / on-prem, or a 99.9% SLA? Cloud Enterprise.
• Air-gapped, or allergic to hosted vendors? Radar OSS, deployed in-cluster via Helm.
• Already on OSS and it works? Stay there. Seriously.

The honest summary: if you're happy with Radar OSS, you don't need anything else from us. If you hit one of the walls above - multi-cluster, team coordination, retention, alerting, compliance - Cloud is the tool you should reach for, not because it's more powerful, but because it's shaped for that job.

Both tools are linked from radarhq.io. Pick the one that fits. We'd rather you use the right one than the expensive one.