As Kubernetes use has grown, so to has the need to record the details and automate the deployment of complex, multi-service container deployments. Helm Charts, aka “the package manager for Kubernetes,” are an increasingly popular method for defining and managing applications in that environment. The relatively simple format of Helm Charts is suitable for storage in version control systems, in-line with the infrastructure-as-code practices that have proliferated in the cloud-native space, while simultaneously offering powerful features for interacting with Kubernetes’ service modeling abstractions. This combination of simplicity and functionality has inspired the rapid growth of the Helm ecosystem, with hundreds of charts now available in the official Github repository for that project.
Twistlock has supported Kubernetes since the initial release of our product. Twistlock offers multiple installation methods for installing the Console and Defender containers within the orchestrator, including methods for exporting the native markup that defines the services, allowing individuals to analyze and store our definitions as they would with any other application that runs within Kubernetes. However, the rise of Helm Charts has been accompanied by occasional requests for a Helm-driven install routine for our software. As a customer-focused company, we’ve noted those requests and created a Console Installation Helm Chart that is now available in our sample-code Github repository.
Usage instructions are available in the README that is located in the chart directory. In addition to the Console install chart, a script has been provided that can assist with the deployment of the Defender containers in a Kubernetes cluster. As referenced in the README file, users of the chart will need to install both the Helm client and Tiller server components. See the Helm documentation for information on configuring a service account in an RBAC-enabled Kubernetes cluster.
Follow us on Twitter
Follow us on Twitter for real time updates on the cloud native ecosystem, Twistlock product, and cloud native security threats.
How to Lock Down the Kernel to Secure the Container HostRead the Blog
One Chapter Ends, Another BeginsRead the Blog
The Greatest Security Risks Lurking in Your CI/CD PipelineRead the Blog
Cloud Platform Radar: Powerful Cloud Asset IdentificationRead the Blog
Securing Serverless Functions: Visibility with Serverless RadarRead the Blog