Prisma Cloud supports installation on Docker Swarm using Swarm-native features. You deploy Console as a service with the number of replicas limited to 1 and rely on Swarm to provide built-in high availability. You also deploy Defender as a global service. The global service guarantees that Defender is automatically deployed to each worker node in the cluster.
The diagram below illustrates a basic Prisma Cloud deployment on Docker Swarm:
You’ll use the twistcli tool provided in the install package to install Console, which will push the console image to your registry. Console uses Swarm’s routing mesh networking, so the Console service is available on the target port on every node. More detail on installing Console in Swarm can be found here.