Workload Identities

A workload in Cisco Panoptica is an application, or an individual micro-service in an application. In a K8s context, a workload is an individual pod. This represents a unique, individual piece of functionality.

Panoptica Identity

Panoptica generates a unique identity for workloads in the CD stage, before they are deployed in a host or cluster. Panoptica registers images that are built in your CI/CD pipeline, or pulled from external registries, are registered in an artifact repository (such as Artifactory), from where they can be deployed to your environments using your CD tools. Panoptica generates the identity when they are registered in this repository.

This identity is cryptographically strong, is based on the following attributes of the workload:

  • the name of the image in the workload
  • the image version
  • image labels
  • the "pod template" for the workload. For K8S environments, these are details of how the pod (running the workload) will be deployed in the cluster, the image in the pod, and metadata.

Panoptica uses the identity to manage the activities of these workloads in your environments.