Over the past year, we’ve seen some significant shifts in the technologies customers are choosing for their container stacks, particularly around their choice of orchestrators. A year ago, I would have told you that we had about a quarter of our customers on Swarm, about a quarter on DC/OS (using Marathon), about a quarter on Kubernetes (or it’s derivatives like OpenShift and Tectonic), and about a quarter using no orchestrator or something more esoteric. Over the course of 2017, though, this has shifted dramatically and we’ve seen Kubernetes really become the dominant choice amongst our customers. This creates a virtuous cycle where ecosystem players like us can focus more time and energy on the platform customers are choosing, so customers get better tools, and the platform becomes even more valuable.
Thus, we were really excited that Amazon launched the Amazon Elastic Container Service for Kubernetes (Amazon EKS) today at re:Invent. A literal majority of our customers run at least some of their environment in Amazon, so having a first party managed Kubernetes offering will make it even easier for them to deploy and run containers in EC2. Just as important is the fact that Amazon is using standard, free range, open source Kubernetes so everything you’re used to in Kubernetes will just work – including Twistlock!
As a refresher, remember that Twistlock supports running Console and Defenders in Kubernetes clusters using native Kubernetes principles like Replication Controllers and Daemon Sets. You can run Console as a Replication Controller and rely on Kubernetes to provide automatic and effortless high availability for it. Defenders are deployed cluster wide to all Kubernetes nodes using Daemon Sets. Daemon Sets make Defender deployment simple and automatic, regardless of how large your cluster or how frequently you add nodes to it. One of our customers uses Daemon Sets to deploy Defender to a cluster with >600 nodes and it typically takes less than 30 seconds!
The great thing about EKS is that because it’s just Kubernetes, everything we do already Just Works ©. The only difference between deploying Twistlock on EKS and deploying on any other Kubernetes deployment is that on EKS, you’d typically set an EBS volume as your Persistent Volume. Other than that, it looks, feels, and performs just the same!
Of course, just because AWS has a great solution for managed Kubernetes now doesn’t mean we’re deprecating any of our existing support for other AWS technologies like the EC2 Container Service (ECS) and the new AWS Fargate service, for which we participated in a pre-launch partner preview. Customers now just have even more choice for how they want to run containers on AWS and can know that Twistlock is there to protect them across all of them.
Follow us on Twitter
Keep up to date with the latest news from TwistlockLabs and TwistlockTeam.
What Service Meshes Mean for Enterprise Security
Service meshes: Heard of them? By now, you may have. Service meshes ar...
The Business Value of Cloud Native Cybersecurity
“Software is eating the world,” Marc Andreessen wrote in 2011. Fiv...
How To Operationalize DevSecOps Practices
DevSecOps is not as much about the tools as it is about the people and...
Enhanced Visibility: Container Vulnerability Management from Build to Runtime
Earlier this year, I was at a large industry event and ended up speaki...
How Serverless Changes the Security Paradigm
Serverless architectures are quickly becoming a major technology withi...