HashiCorp Consul-Terraform-Sync (CTS) is now in beta. CTS enables operations to achieve Network Infrastructure Automation leveraging Terraform’s robust provider ecosystem.
We are pleased to announce that HashiCorp Consul-Terraform-Sync (CTS) is now available in beta. This release marks the continued maturity of a larger solution we are calling “Network Infrastructure Automation” (NIA). Its focus is on automating day-2 networking tasks and reducing the burden on operators caused by manual ticketing systems
We introduced CTS last October at HashiConf and have been working closely with partners and customers to develop a robust solution that leverages both the power of Terraform’s provider ecosystem and Consul’s service networking capabilities. Operators define a set of
tasks for CTS to execute whenever a new service is registered or deregistered with Consul.
tasks consist of common networking practices including applying firewall policies, updating load balancer member pools, and more. The
task functionality also allows users to build and execute custom configuration whenever a new service is registered or deregistered with Consul. CTS then uses the specified Terraform provider to execute these
tasks without any additional operator intervention. In the beta release of CTS we are introducing additional enhancements for a better operator experience.
The core of CTS is built around the
task functionality. This is how CTS is able to provide Terraform with the necessary configurations to execute the updates whenever a new service is registered or deregistered with Consul. But the
task function itself is a separate process from service registration and something that users may want to have control over. The beta release has added the ability to start/stop tasks as part of any ongoing changes or maintenance to the environment along with capabilities to get the ‘task’ status and the overall CTS status for smoother operations. Enabling this richer management and operations of tasks opens the door for future enhancements and more complex automation of the network.
Our goal with CTS is to enable organizations to manage their entire network infrastructure footprint with Consul and Terraform. To achieve this, we understand that many enterprises have very expansive network architectures and will require a tool that can scale to the size of their deployments. We are gathering information from partners and customers in order to test CTS at larger scales to determine the number of simultaneous devices and service requests that CTS can support. The goal is to ensure that CTS is able to support not just individual operators, but entire teams and enterprises as well. Any system that utilizes credentials to manage network infrastructure devices, has to do so in a secure fashion. CTS supports securely passing sensitive information including TLS certificates, passwords, tokens from a secret management solution, HashiCorp Vault, for the supported configuration.
We’ve worked closely with a number of partners to bring Consul-Terraform-Sync to beta. These partners have helped us create modules for their individual Terraform providers, enabling users to start automating common tasks today. We’ll continue working with these partners to grow our CTS module library and provide additional capabilities. A special thank you to our launch partners: A10, Checkpoint, Cisco, F5, and Palo Alto Networks. We plan to grow our ecosystem of partners for CTS, so please check the Terraform registry for new and existing modules.
The Consul-Terraform-Sync beta works with both Consul OSS and Consul Enterprise and is now available for organizations to download. One quick note, at launch Consul-Terraform-Sync only works with Terraform OSS. We will continue to explore future integrations with Terraform Enterprise and Terraform Cloud. To get started, please refer to our documentation or HashiCorp Learn guides. Feel free to try out the CTS beta and give us feedback in the issue tracker. You can also stay up to date on CTS by checking the changelog. For more information about Consul, please visit our product page.
Introducing a more efficient, streamlined way of managing policy as code workflows in Terraform Cloud.
Terraform’s dynamic provider credentials enable secure, short-lived authentication for HashiCorp Vault and cloud providers.
Terraform 1.4 is now generally available, featuring enhanced run output in Terraform Cloud, support for OPA policy results in the CLI, and a native replacement for the null resource.