Alibaba Cloud Container Service for Kubernetes (ACK)

Alibaba Cloud Container Service for Kubernetes (ACK) is a managed Kubernetes service. Use the standard Kubernetes install procedure to deploy Prisma Cloud to Alibaba ACK, but specify an Alibaba Cloud-specific StorageClass when configuring the deployment.
This procedure shows you how to use Helm charts to install Prisma Cloud, but all other install methods are supported.
  • You have provisioned an ACK cluster.
  1. Go to Releases, and copy the link to current recommended release.
  2. Download the release tarball to the system where you administer your cluster (where you run your kubectl commands).
  3. Unpack the Prisma Cloud release tarball.
    $ mkdir twistlock $ tar xvzf twistlock_<VERSION>.tar.gz -C prisma_cloud/
  4. Create a Helm chart for Prisma Cloud Console.
    $ <PLATFORM>/twistcli console export kubernetes \ --storage-class alicloud-disk-available \ --service-type LoadBalancer \ --helm
  5. Install Console.
    $ helm install twistlock-console \ --namespace twistlock \ ./twistlock-console-helm.tar.gz
  6. Change the PersistentVolumeClaim’s reclaimPolicy.
    $ kubectl get pv $ kubectl patch pv <pvc-name> -p '{"spec":{"persistentVolumeReclaimPolicy":"Retain"}}'
  7. Get the public endpoint address for Console. When the service is fully up, the LoadBalancer’s IP address is shown.
    $ kubectl get service -w -n twistlock
  8. Open a browser window, and navigate to Console. By default, Console is served on HTTPS on port 8083 of the LoadBalancer:
  9. Continue with the rest of the install here.

Recommended For You