Kubernetes is now planted firmly as a standard in the container and cloud native app space, to the point that it’s not a question of if you’re using Kubernetes, but rather what flavor you are using. Pivotal Container Service (PKS), jointly developed by Pivotal, VMWare and Google, is the latest distribution looking to provide operators with a simplified workflow for deployment of enterprise-grade Kubernetes clusters. This new service allows users to deploy, run, and provision clusters on both VMware vSphere and Google Cloud Platform.

Setting up PKS

More information and complete documentation detailing the setup and installation of PKS can be found via Pivotal’s website and official PKS Documentation.

PKS provides on-demand deployment of Kubernetes clusters, which can sometimes be an intricate, over-complicated process, easy with the command line (CLI) and API using BOSH. Also, with constant compatibility with the latest stable version of Kubernetes, dev teams will always have access to the latest features.

How does this work with Twistlock?

Twistlock has supported installation on Kubernetes since the launch of our product, and PKS is no different. We support the deployment of both Console and Defender containers on your PKS nodes today.

The one difference for PKS compared to a normal Kubernetes deployment is the location of the docker socket. A single line change in the Twistlock configuration file to the correct path will allow for installation to proceed using our existing procedure:

That’s it! Twistlock users can utilize the full suite of our security tools, including vulnerability management and runtime defense on PKS. In the screenshot below, you can see several namespaces, including the sock-shop namespace where I’ve deployed the Weaveworks Sock Shop demo app. Twistlock Radar, which offers a live view of my environment with corresponding network connections, is built automatically — just like our deployments on any other platforms.

Additionally, Twistlock surfaces the vulnerability and compliance status of every pod in my environment. For example, clicking onto the front-end microservice instantly shows me that it has several Critical and High Risk security issues.

Finally, you can see an overview of all the images in my environment and their corresponding vulnerability status and risk factors. Twistlock will continually scan my PKS environment any time there is a new image deployed and also identify any change in vulnerability status.

Clicking on any of the above images surface vendor fix status and risk factors specific to that image along with its configuration.


Pivotal Container Service simplifies the deployment and management of Kubernetes clusters, making it an appealing offer to enterprises looking to accelerate adoption of container development. At Twistlock, we look to protect your containers regardless of where you are running or what tools you use to manage them. Since PKS is built on Kubernetes, Twistlock is already compatible and ready to protect your apps throughout your development lifecycle.

← Back to All Posts Next Post →