As our customers mature in their usage of containers and they adopt orchestration tools to scale, they inevitably want clarity on how Twistlock work with the orchestrators they’re using. Some popular orchestrators our customers use include Kubernetes (and derivatives OpenShift and Tectonic), Swarm, and DC/OS.
The short answer is: We specifically designed Twistlock to be agnostic to your organization’s orchestrator, so that no matter what orchestration tools you’re using, you can take advantage of the native capabilities that tool provides.
Here’s the longer answer packaged as a customer example…
One of our largest customers runs on Google Container Engine, and they have several hundred nodes they run in that environment. They want to make sure that every time they add a new node to their environment they also put a Twistlock Defender on it. So instead of them having to go and manually install the Defender or create some sort of shell script to achieve this, they’re able to leverage a daemon set functionality that Kubernetes has natively to make sure the Kubernetes cluster will always automatically deploy so it can fit into every new host. We have very similar capabilities with Global Services, Docker Swarm and DC/OS security, as well.
The main message to take away from this post is that Twistlock enables your you to leverage orchestrators in two ways:
- To provide high availability to our console (which is a set of containers that makes up your database and our API endpoint) to ensure that console is always available and deployed into a host that is running and live
- To access capabilities of those platforms to automate the deployment of the Defender each one hosts in your cluster
I also recently posted a video on this subject that you can watch here:
Want more tips like this? Subscribe to our newsletter for more regular updates on container security news and tips, or contact us for a demo today.
Follow us on Twitter
Follow us on Twitter for real time updates on the cloud native ecosystem, Twistlock product, and cloud native security threats.
How to Lock Down the Kernel to Secure the Container HostRead the Blog
One Chapter Ends, Another BeginsRead the Blog
The Greatest Security Risks Lurking in Your CI/CD PipelineRead the Blog
Cloud Platform Radar: Powerful Cloud Asset IdentificationRead the Blog
Securing Serverless Functions: Visibility with Serverless RadarRead the Blog