Prisma Cloud Compute Edition Administrator’s Guide
    : Deploy a Single Container Defender using the CLI
    Focus
    Download PDF
    Focus
    1. Home
    2. Prisma
    3. Prisma Cloud
    4. Prisma Cloud Compute Edition Administrator’s Guide
    5. Install
    6. Deploy Prisma Cloud Defenders
    7. Install a Single Container Defender
    8. Deploy a Single Container Defender using the CLI
    Download PDF

    Prisma Cloud Compute Edition Administrator’s Guide

    Deploy a Single Container Defender using the CLI

    Table of Contents

    Deploy a Single Container Defender using the CLI

    Use the twistcli CLI tool to install a single Container Defender on a Linux host.
    Anywhere <CONSOLE> is used, be sure to specify both the address and port number for Console’s API. By default, the port is 8083. For example, https://<CONSOLE>:8083.
    Prerequisites
    :
    • Your system meets all minimum system requirements.
      • You have already installed Console.
      • Port 8083 is open on the host where Console runs. Port 8083 serves the API. Port 8083 is the default setting, but it is customizable when first installing Console. When deploying Defender you can configure it to communicate to Console via a proxy.
      • Port 8084 is open on the host where Console runs. Console and Defender communicate with each other over a web socket on port 8084. Defender initiates the connection. Port 8084 is the default setting, but it is customizable when first installing Console. Defender can also be configured to communicate to Console via a proxy.
    • You have sudo access to the host where you want to deploy the Defender.
    • You’ve created a service account with the Defender Manager role. twistcl uses the service account to access Console.
    1. Verify that the host where you install Defender can connect to the Prisma Cloud console.
      1. Copy the path to the value under
        Path to Console
         from
        Manage > System > Utilities
        .
      2. Complete the following command with copied value.
        curl -sk -D - <PATH-TO-CONSOLE>:8083/api/v1/_ping
      3. Run the command on your host. If curl returns an HTTP response status code of 200, you have connectivity to Console. If you customized the setup when you installed Console, you might need to specify a different port.
    2. SSH to the host where you want to install Defender.
    3. Download twistcli.
      $ curl -k \
  -u <USER> \
  -L \
  -o twistcli \
  https://<CONSOLE>/api/v1/util/twistcli
    4. Make the twistcli binary executable.
      $ chmod a+x ./twistcli
    5. Install Defender.
      $ sudo ./twistcli defender install standalone container-linux \
  --address https://<CONSOLE> \
  --user <USER>
    6. Verify Defender was installed correctly.
      $ sudo docker ps
CONTAINER ID   IMAGE                                  COMMAND                  CREATED          STATUS         PORTS     NAMES
677c9883c4b6   twistlock/private:defender_21_04_333   "/usr/local/bin/defe…"   11 seconds ago   Up 10 seconds            twistlock_defender_21_04_333

    Verify the install

    Verify that Defender is installed and connected to Console.
    Defender can be deployed and run with full functionality when dockerd is configured with SELinux enabled (--selinux-enabled=true). All features will work normally and without any additional configuration steps required. Prisma Cloud automatically detects the SELinux configuration on a per-host basis and self-configures itself as needed. No action is needed from the user.
    1. In the Prisma Cloud console, go to
      Manage > Defenders > Deployed Defenders
      .
      Your new Defender should be listed in the table, and the status box should be green and checked.

    Recommended For You

    © 2023 Palo Alto Networks, Inc. All rights reserved.