HashiCorp and KubeCon Europe Virtual

Update: Our three deep dive presentations from KubeCon EU 2020 are now available on YouTube via this playlist

HashiCorp is a sponsor at KubeCon + CloudNativeCon Europe Virtual this week, and we have our team of technical experts on-hand at our digital booth to answer questions, and to do product demos for those interested. In addition, we are providing this blog to give you the most up-to-date information about how the HashiCorp product set fits into the CNCF ecosystem with projects such as Kubernetes, and the ways you can interact with our team at the event to gain the technical information you need.

For a bit of background, HashiCorp joined the CNCF in March. Our goal in doing so was to continue advancing HashiCorp product integrations with CNCF projects and to work more closely with its broad community of cloud engineers. As part of the CNCF, we can have an expanded presence in the CNCF community both digitally and in-person (when appropriate), including at CNCF events such as KubeCon Europe, making our technical experts available to help users of CNCF technologies to become successful with HashiCorp multi-cloud tools. To understand how our core products, HashiCorp Terraform, Vault, Consul, and Nomad fit into the CNCF landscape, see this diagram.

»HashiCorp Community Live Streams at KubeCon Europe

Our first live stream of the week covered Terraform and can be found here. Catch us on YouTube live Tuesday at 7pm CET for our Consul live stream and again Wednesday at 7pm for Vault. Please be sure to bring your questions.

»The HashiCorp Portfolio + CNCF Projects

HashiCorp’s portfolio of products integrates with many CNCF projects, including Kubernetes, Spinnaker, Helm, CNI, Envoy, Prometheus, gRPC, Jaeger, and Open Tracing, with new integrations in the works.

HashiCorp is committed to strengthen the value delivered by Terraform, Vault, and Consul to the Kubernetes community. This is particularly reflected in the recent product announcements that strengthen our product interaction with Kubernetes as a platform. We detail several of these integrations below.

»HashiCorp Vault and Kubernetes

We have made significant progress in supporting Kubernetes with Vault, as we built out new functionality, added enterprise support, and are working towards improving the overall experience to make it as seamless as possible for Vault users running Kubernetes.

First, we made it possible to inject Vault Secrets into Kubernetes Pods via a Sidecar. This is a Kubernetes integration that enables applications with no native HashiCorp Vault logic built-in to leverage static and dynamic secrets sourced from Vault. This is powered by a new tool called vault-k8s, which leverages the Kubernetes Mutating Admission Webhook to intercept and augment specifically annotated pod configuration for secrets injection using Init and Sidecar containers.

We also released the kubernetes auth method that can be used to authenticate with Vault using a Kubernetes Service Account Token. This method of authentication makes it easy to introduce a Vault token into a Kubernetes Pod.

Finally, we released the official HashiCorp Vault Helm Chart a year ago. The Vault Helm chart is the recommended way to install and configure Vault on Kubernetes. In addition to running Vault itself, the Helm chart is the primary method for installing and configuring Vault to integrate with other services such as Consul for High Availability (HA) deployments.

»HashiCorp Terraform: Kubernetes and Helm Providers

Terraform has expanded support for the Kubernetes ecosystem with several providers and tools. The new Kubernetes provider, currently released as an alpha, allows operators the ability to manage CustomResourceDefinitions and custom objects that are external to Kubernetes.

The updated Helm provider enhances the ability to manage the different capabilities for the Kubernetes resources Helm creates. The latest release is the HashiCorp Terraform Operator for Kubernetes. This operator provides the ability to define and create infrastructure as code natively in Kubernetes simply by making some calls to Terraform Cloud.

»HashiCorp Consul: Helping Organizations on the Journey to Service Mesh

HashiCorp is a leader in the evolving service mesh space, and Consul is our most widely adopted product. We’ve taken a “workflows not technologies” approach with HashiCorp Consul — a solution for cloud networking automation — that differentiates it from other service mesh offerings. Consul offers a comprehensive multi-platform solution which is helping organizations bridge the gap between existing environments and cloud native solutions.

Consul continues to expand and improve its capabilities for service discovery and service mesh. With Consul 1.8, we delivered modern application networking that is application-centric, ensuring organizations are able to bring old and new applications together.

The updates to Consul focus on something that’s unique in the service mesh market — connecting services regardless of the platform or environment, whether that’s between VMs, bare metal, Kubernetes, on-premises, public cloud, greenfield, or other existing environments.

»HashiCorp Nomad: Expanded Ecosystem and Multi-Cluster Federated Deployment

Nomad is a simple and flexible orchestrator to deploy and manage containers and non-containerized applications across on-premises and cloud environments at scale. Some customers choose to go all-in with Nomad because it offers the features and capabilities — and simplicity — they require. We have many other customers who are using Nomad alongside Kubernetes, because each compliments one another, offering unique benefits, and makes sense in specific use cases.

With the release of Nomad 0.12, we introduced a Container Networking Interface (CNI), integration (CNI is a CNCF project to standardize container networking). We also introduced a new feature, Multi-Cluster Deployment, which makes Nomad the first and only orchestrator with complete and fully supported federation capabilities. This enables organizations to uniquely deploy workloads across multiple datacenters as part of a single configuration and run. This greatly reduces the complexity of deploying highly available applications across large, distributed infrastructures.

The addition of the CNI integration expands Nomad’s portfolio of CNCF integrations. Nomad can also export telemetry data to Prometheus, making it easier to maintain cluster health and monitor performance. Nomad 0.12 introduced new CNCF container solutions like Containerd and Podman task drivers, which enable organizations to evolve and run applications on Nomad using runtimes beyond Docker.

Our team looks forward to interacting with you at KubeCon + CloudNativeCon Europe Virtual to discuss how our products can help you in your cloud native journey.