terraformvaultconsulnomad

Learn From 20 Free Interactive Tutorials As Presented At HashiConf Digital

Instructor-led workshops have always been a popular attraction at HashiConf events. However, those conferences were one of the few opportunities to learn from what was taught there.

So when we transitioned to an exclusively online format for HashiConf events in 2020, it was time to rethink both our goals and our delivery format.

We delivered 20 hands-on projects using an in-browser terminal together with the best instructors and assistants to answer questions and help along the way. And unlike previous conferences, we've now published all of that content for you to learn from for free, at your own pace, at any time.

This post offers a textual step-by-step description of the tutorials, or click the "Show Terminal" button to launch the in-browser terminal with all code installed and services configured for you.

» Consul

Consul has always been a multi-functional tool for your cloud networking needs, but in 2020 it's an even more powerful service networking tool that works with Kubernetes, as a managed service on Azure, and as the first part of the HashiCorp Cloud Platform.

  • Deploy Consul Service Mesh on Kubernetes

    Install and configure Consul service mesh on an existing Kubernetes cluster.

  • Secure Applications with Service Sidecar Proxies

    Deploy two services to Consul's service mesh running on a Kubernetes cluster. The two services will use Consul to discover each other and communicate over mTLS with sidecar proxies.

  • Enforce a Zero-trust Network with Consul Service Mesh

    This tutorial builds on the previous tutorial (or you can start here without completing the previous tutorial). You will define high-level privileges to secure network traffic using Consul intentions within a Kubernetes cluster.

  • Secure Consul with Access Control Lists

    ACLs operate by grouping rules into policies, then associating one or more policies with a token. You will bootstrap the ACL system and then learn how to create tokens with minimum privileges for servers, clients, services, DNS, Consul key/value store, and the Consul UI.

  • Secure Consul Agent Communication with TLS Encryption

    Correctly configuring TLS can be a complex process, especially given the wide range of deployment methodologies. This guide will provide you with a production-ready TLS configuration for RPC and consensus communication.

  • Secure Service Mesh Communication Across Kubernetes Clusters

    It wasn't long ago that connecting and securing communication across multiple Kubernetes clusters was difficult. In this tutorial, you'll use Consul to secure service-to-service communication across multiple Kubernetes clusters with Consul's mesh gateway feature. Mesh gateways enable you to secure cross-datacenter communication that may be sent over the public internet with mTLS.

» Terraform

There are many resources to help you learn to provision cloud infrastructure with Terraform. For HashiConf Digital, we created intermediate and advanced tutorials so you can use Terraform confidently in production environments.

  • Separate Development and Production Environments

    Some Terraform projects start as a monolith. Restructuring your monolith into logical units will make your Terraform configurations less confusing and safer to modify. This was our most popular tutorial at HashiConf and you can experience it now on your own time.

  • Deploy Consul and Vault on Kubernetes with Run Triggers

    This tutorial packs a lot of useful content into a single tutorial. You'll deploy Consul and Vault to a Kubernetes cluster using Terraform Cloud run triggers, a feature where multiple workspaces can be linked together. The Kubernetes cluster starts with three nodes but when expanded to five nodes, it will trigger the Consul and Vault run triggers to deploy Consul and Vault.

  • Enforce Policy with Sentinel

    Sentinel is a language and policy framework in Terraform Cloud, which restricts Terraform actions to defined, allowed behaviors. Policy authors manage Sentinel policies in Terraform Cloud with policy sets which are groups of policies. Organization owners control the scope of policy sets by applying certain policy sets to the entire organization or to select workspaces.

» Vault

Vault is the best solution for encrypting secrets for use by Kubernetes applications. And now with integrated storage and the transform secrets engine, you can do even more.

» Nomad

Run applications with Nomad in a secure and scalable way.

  • Nomad ACL System Fundamentals

    Work with tokens, policies, and capabilities to restrict or enable access in Nomad.

  • Enable Gossip Encryption for Nomad

    Nomad can encrypt all communication between servers, including membership and liveness data. In this tutorial, you'll generate an encryption key and configure your servers to use it.

  • Enable TLS Encryption for Nomad

    Securing Nomad's cluster communication is not only important for security but can even ease operations by preventing mistakes and misconfigurations. In this tutorial you'll learn to create certificates, configure Nomad, switch and existing cluster to use TLS, rotate certificates, and migrate a cluster to TLS.

  • Configure NGINX Reverse Proxy for Nomad's Web UI

    You'll use NGINX to balance load across multiple instances of the Nomad UI. In order to deliver full functionality, you'll configure NGINX to meet Nomad's requirements. Your final setup will be capable of load balancing HTTP and WebSocket traffic.

» Conclusion

We hope you'll find these hands-on tutorials educational and helpful. Please do not forget to leave feedback on the form at the bottom of any tutorial and discover even more at HashiCorp Learn.

Sign up for the latest HashiCorp news