See the results of the HashiCraft Holiday Hackathon.
We will be organizing a HashiCraft Holidays Hackstravaganza where you and your fellow tinkerers can use your creativity to showcase one or more of our products in creative and unexpected ways.
Vault 1.4 Enterprise introduced a new secrets engine called Transform. This post shows you how to implement Transform secrets into a simple API; source code is provided for both the Java and Go programming languages.
In this blog post, we will look at how the Vault integration for Kubernetes allows an operator or developer to use metadata annotations to inject dynamically generated database secrets into a Kubernetes pod. The integration automatically handles all the authentication with Vault and the management of the secrets, the application just reads the secrets from the filesystem.
Today at KubeCon EU in Barcelona, Microsoft introduced a new specification the Service Mesh Interface (SMI) for implementing service mesh providers into Kubernetes environments. This blog explains how Consul fits into this new specification and how it can be used for Kubernetes environments.
Network segmentation is a highly effective strategy to limit the impact of network intrusion. However, in modern environments such as a cluster scheduler, applications are started and restarted often without operator intervention. This dynamic provisioning results in constantly changing IP addresses, and application ingress ports. Segmenting these dynamic environments using traditional methods of firewalls and routing can be very technically challenging. In this post, we look at this complexity and how a service mesh is a potential solution for secure network traffic in modern dynamic environments.