As our customers mature in their usage of containers and they adopt orchestration tools to scale, they inevitably want clarity on how Twistlock work with the orchestrators they’re using. Some popular orchestrators our customers use include Kubernetes (and derivatives OpenShift and Tectonic), Swarm, and DC/OS.
The short answer is: We specifically designed Twistlock to be agnostic to your organization’s orchestrator, so that no matter what orchestration tools you’re using, you can take advantage of the native capabilities that tool provides.
Here’s the longer answer packaged as a customer example…
One of our largest customers runs on Google Container Engine, and they have several hundred nodes they run in that environment. They want to make sure that every time they add a new node to their environment they also put a Twistlock Defender on it. So instead of them having to go and manually install the Defender or create some sort of shell script to achieve this, they’re able to leverage a daemon set functionality that Kubernetes has natively to make sure the Kubernetes cluster will always automatically deploy so it can fit into every new host. We have very similar capabilities with Global Services, Docker Swarm and DC/OS, as well.
The main message to take away from this post is that Twistlock enables your you to leverage orchestrators in two ways:
- To provide high availability to our console (which is a set of containers that makes up your database and our API endpoint) to ensure that console is always available and deployed into a host that is running and live
- To access capabilities of those platforms to automate the deployment of the Defender each one hosts in your cluster
I also recently posted a video on this subject that you can watch here:
Want more tips like this? Subscribe to our newsletter for more regular updates on container security news and tips, or contact us for a demo today.
Follow us on Twitter
Keep up to date with the latest news from TwistlockLabs and TwistlockTeam.
Twistlock Releases Serverless Runtime Defense
A few months ago, we wrote a piece on “The Continuum of Cloud Native...
Why DevSecOps is No Longer Optional
DevSecOps has been a hot topic within tech conversations for a few yea...
Better Together: Announcing The Twistlock Advantage Program
It’s been about three years since we exited stealth with the first g...
My Security Toolset Today Vs 10 Years Ago
It can be easy to forget how sophisticated IT security tools are today...
How to crash the Linux Kernel with a CDROM interaction – CVE-2018-11506
I’ve recently discovered and reported a buffer overflow vulnerabilit...