1. Overview

Onebox provides a quick, simple way to install both Console and Defender onto a single host. It provides a fully functional, self-contained environment that is suitable for evaluating Prisma Cloud.

2. Install Prisma Cloud

Install Onebox with the twistlock.sh install script.

Prerequisites:

  • Your host meets the minimum system requirements.

  • You have a license key.

  • Port 8083 is open. Port 8083 (HTTPS) serves the Console UI. You can configure alternative ports in twistlock.cfg before installing.

  • Port 8084 is open. Console and Defender communicate with each other on this port.

  1. Download the latest Prisma Cloud release to the host where you’ll install Onebox.

  2. Extract the tarball. All files must be in the same directory when you run the install.

    $ mkdir twistlock
    $ tar -xzf prisma_cloud_compute_<VERSION>.tar.gz -C twistlock/
  3. Configure Prisma Cloud for your environment.

    Open twistlock.cfg and review the default settings. The default settings are acceptable for most environments.

    If your Docker socket is in a custom location, update twistlock.cfg before continuing. By default, Prisma Cloud expects to find the Docker socket in /var/run/docker.sock. If it’s not located there on your host, open twistlock.cfg in an editor, find the DOCKER_SOCKET variable, and update the path.
  4. Install Prisma Cloud.

    $ sudo ./twistlock.sh -s onebox
    -s

    Agree to EULA.

    -z

    (Optional) Print additional debug messages. Useful for troubleshooting install issues.

    onebox

    Install both Console and Defender on the same host, which is the recommended configuration. Specify console to install just Console.

  5. Verify that Prisma Cloud is installed and running:

    $ docker ps --format "table {{.ID}}\t{{.Status}}\t{{.Names}}"
    CONTAINER ID        STATUS              NAMES
    764ecb72207e        Up 5 minutes        twistlock_defender_<VERSION>
    be5e385fea32        Up 5 minutes        twistlock_console

3. Configure Console

Create your first admin user and enter your license key.

  1. Open Prisma Cloud Console. In a browser window, navigate to 'https://<CONSOLE>:8083', where <CONSOLE> is the IP address or DNS name of the host where Console runs.

  2. Create your first admin user.

    Consider using admin as the username. It’s a convenient choice because admin is the default user for many of Prisma Cloud’s utilities, including twistcli.

  3. Enter your license key.

4. Uninstall

Use the twistlock.sh script to uninstall Prisma Cloud from your host. The script stops and removes all Prisma Cloud containers, removes all Prisma Cloud images, and deletes the /var/lib/twistlock directory, which contains your logs, certificates, and database.

  1. Uninstall Prisma Cloud.

    $ sudo ./twistlock.sh -u
  2. Verify that all Prisma Cloud containers have been stopped and removed from your host.

    $ docker ps -a
  3. Verify that all Prisma Cloud images have been removed from your host.

    $ docker images

5. What’s next?

Install Defender on each additonal host you want to protect.