As a follow-up to the HashiCorp Consul plus Kubernetes blog series, this blog highlights our recent work to provide first-class support for Kubernetes across HashiCorp product line.
In addition to making our products easier and more natural to use within Kubernetes, these integrations allow users to better work in environments shared with non-Kubernetes workloads. While it is easy to start a pure-Kubernetes environment, most deployments have to interact with external services running in cloud computing environments, on-premises data centers, and more. HashiCorp products such as Consul are designed for these heterogeneous environments enabling non-Kubernetes applications to seamlessly interact with Kubernetes applications.
Consul recently released a new set of features to support first-class integration with Kubernetes. The official Helm Chart simplifies the deployment of Consul on Kubernetes. The auto-join and service catalog sync capabilities solve important cross-cluster challenges between both multiple Kubernetes clusters and non-Kubernetes services interacting with Kubernetes services. The sidecar injection and native proxy integration with Envoy can automatically enable secure pod communication via the Consul Connect capability.
In addition to enhanced features, the integration extends the scalability and simplicity of Consul to Kubernetes. Consul is a universal service mesh that can securely connect services within and beyond Kubernetes, creating a seamless experience.
HashiCorp Terraform has an official Kubernetes provider, which supports a broad and growing set of Kubernetes features. HashiCorp has recently taken over maintaining the Terraform Kubernetes provider, and are rapidly iterating with plans for improvements in the near future. We also recently made the Terraform Helm provider official, which can be used for deploying software packages to Kubernetes clusters.
We are also focused on improving integrations with native and managed deployments on public cloud environments. We recently announced launch-day support for Amazon’s EKS Elastic Container Service for Kubernetes (see here for EKS provider and getting started guide) and we had launch-day support for Azure’s managed Kubernetes AKS service (see here for the AKS provider).
We’re excited to see the community embracing our support— the Terraform Kubernetes Provider has been downloaded over 500,000 times since its release, with over 100,000 downloads in the last month alone. The Getting Started guide for the Kubernetes provider can be found here.
HashiCorp Vault protects secrets used by Kubernetes systems and allows Kubernetes-based applications to perform common security and cryptography workflows using Vault. The Kubernetes Auth Method allows Kubernetes-based applications to authenticate against Vault, thereby allowing applications running on those pods to freely use Vault to manage secrets, provision dynamic access, and perform cryptographic operations.
HashiCorp Nomad and Kubernetes have some overlapping functionality, but also have opportunities to be used together in environments. While Nomad provides the workload orchestration and scheduling component for the HashiCorp product suite, Kubernetes takes more of a platform-like approach. Circumstances typically dictate which approach makes sense for a given organization. Nomad powers critical production workloads for many large financial and other organizations today. These organizations typically benefit from Nomad's native integrations with Consul and Vault as well as the operational similarity across the HashiCorp runtime tools. Together, these characteristics enable them to easily insert Nomad into their existing operational architectures. Nomad users also tend to benefit from key differentiators including:
A number of organizations have chosen to run Nomad side-by-side with Kubernetes to leverage the differentiating characteristics of both tools.
Kubernetes is an important platform that is being widely adopted across the industry. At HashiConf, we're showing our commitment to supporting our customers make the most out of their investment in new approaches, like Kubernetes, as well as their legacy, non-containerized infrastructure and systems. Watch for additional Kubernetes support from our product suite in the weeks and months following HashiConf.
In this blog post, we’ll look at practical public key certificate management in HashiCorp Vault using dynamic secrets rotation.
Consul is now supported in Google Cloud’s GKE Autopilot partner program, enabling deployment of Consul to GKE Autopilot.
Discover how HashiCorp Developer Advocate Rosemary Wang uses HashiCorp Boundary on live streams to automate access to servers and record commands to build into future automation.