Table of Contents

Redeploy Defenders

When you redeploy the Prisma Cloud Console, the client and server certificates change. That certificate change requires that you redeploy your Defenders. Once redeployed, the Defenders can connect to the new console without certificate issues.
  1. You can
    Defenders from under
    Manage > Defenders > Auto-defend > DaemonSets
    on the UI.
    To redeploy Defenders using twistcli, generate a new `DaemonSet`configuration file:
    $ <PLATFORM>./twistcli defender export kubernetes \ --address <> \ --user <ADMIN_USER> \ --cluster-address <Prisma Cloud Console address> \ --container-runtime <value>
    --container-runtime: Container runtime the node uses, either of: crio, containerd, or docker.
  2. Delete the old Defenders using your old daemonset config file:
    $kubectl delete -f <old-daemonset>.yaml
  3. To create new Defenders, apply the in-place updates to your Defender resources.
    $ kubectl apply -f <new-daemonset>.yaml

Recommended For You