Jan 12 2018 Armon Dadgar
Why Policy as Code?
HashiCorp advocates for "infrastructure as code" approaches to managing infrastructure. We have talked about it publicly and published about it in our Tao of HashiCorp. At HashiConf 2017, we announced Sentinel, a framework for "policy as code". The same coding practices that are applied to infrastructure can be very effective in enforcing and managing policies. Codifying policy removes the need for ticketing queues, without sacrificing enforcement.
Jan 10 2018 Nic Jackson
Functions as a Service with Nomad and OpenFaaS
OpenFaaS (or Functions as a Service) is a framework for building serverless functions but with containers. With OpenFaaS you can package any process or container as a serverless function for either Linux or Windows - just bring your Nomad cluster. The project focuses on ease of use through its UI and CLI which can be used to test and monitor functions in tandem with Prometheus enabling auto-scaling.
Jan 04 2018 Armon Dadgar
Brokering Cloud Identity
As organizations adopt one or more public clouds they are faced with the challenge of securely providing access to secret material, such as usernames and passwords, API tokens, encryption keys, and TLS certificates. This problem is known as secret management, and there are several primary challenges including authentication, authorization, auditing, and supporting a diverse set of environments, clients, and end systems.
Dec 27 2017 Armon Dadgar
2017 Year in Review
As we close out the year, we wanted to reflect on our amazing progress this year. In just the last year, we’ve gone from around 60 people with a majority in engineering, to over 160 across all groups. We’ve shipped more open source releases than in any previous years, delivered four commercial products, raised a $40M Series C, announced major partnerships, and added over a hundred new customers. And this list is only a subset of the last year!
Dec 19 2017 Burzin Patel
Deprecating the Microsoft Azure (legacy ASM) Terraform Provider
We're announcing the immediate deprecation of the Terraform provider for Azure ASM (Azure Service Management) in favor of the newer Azure Resource Manager (ARM) provider. The Azure ARM provider will be renamed to "Azure".
Dec 19 2017 Anubhav Mishra
Smart Networking with Consul and Service Meshes
Over the past year, service mesh technologies have gained significant interest. Even though the idea of a service mesh isn’t new, the implementation details are new to some people. At HashiCorp we build Consul, a free and open source tool that provides service discovery, health checking, load balancing, and a globally distributed key-value store. These features make Consul ideal as a control plane for a service mesh. This post discusses a few first principles around adopting service meshes and how Consul can be used as a control plane for projects like Istio, Linkerd, and Envoy.
Dec 12 2017 Maciej Skierkowski
HashiCorp Terraform Enterprise General Availability
We’re pleased to announce the general availability (GA) of the new HashiCorp Terraform Enterprise. Terraform Enterprise enables teams and organizations to safely use Terraform together with collaboration and governance features.
Dec 11 2017 Chris Marchesi
A (Re)-Introduction to the Terraform vSphere Provider
Since the release of HashiCorp Terraform 0.10, HashiCorp has been working hard to improve the features in our VMware vSphere provider for Terraform. At the start of December, we reached a major milestone for the vSphere provider with the release of version 1.0.
Nov 28 2017 Burzin Patel
AWS re:Invent 2017: HashiCorp Booth, Demos, Announcements, and more
We are excited to be part of AWS re:Invent again this year in Las Vegas, Nevada. The event is a great place to connect face-to-face with community and customers, a great showcase of our ongoing work with AWS, and a perfect location to announce day-1 support for one of their newly released services.
Nov 27 2017 Seth Vargo
Load Balancing Strategies for Consul
Consul is a free and open source tool that provides service discovery, health checking, load balancing, and a globally distributed key-value store. In microservice architectures, applications often run across many IP addresses and bind to a variety of ports. Service discovery aids in the process of finding these different services, regardless of where they are located. This post discusses a few common strategies for load balancing microservices with Consul.
Nov 21 2017 Pavel Klushin
Spotinst and HashiCorp Nomad to Reduce EC2 Costs for Users
Guest post from Pavel Klushin, Solutions Architect at Spotinst.
Utilizing capacity in the cloud can save a lot of money, but taking advantage of those savings requires a lot of work. Spotinst, is a platform for running and managing elastic cloud compute and enables companies to reduce their compute infrastructure costs by 60-80%. HashiCorp Nomad provides easy-to-use and flexible cluster management and container scheduling. Nomad and Spotinst Elastigroup together allow you to efficiently deploy containerized workloads and easily manage clusters at any scale for a fraction of the cost.
Nov 14 2017 Andy Manoske
HashiCorp Vault 0.9
We are excited to announce the release of HashiCorp Vault 0.9. Vault is an infrastructure automation security product that provides secrets management, encryption as a service, and privileged access management. The 0.9 release of Vault is focused on new functionality that improves Vault’s governance and data security capabilities across globally-distributed, multi-cloud environments.
Nov 02 2017 Ryan Uber
Sentinel and Terraform Enterprise: Applying policy as code to infrastructure provisioning
Infrastructure as code with HashiCorp Terraform enables operators to automate provisioning at scale. This comes with risks, as every action can have larger effects. Sentinel policy as code places guardrails to protect users from creating infrastructure changes that fall outside of business and/or regulatory policies.
Nov 01 2017 Rob Genova
HashiCorp Nomad 0.7
We are pleased to announce the release of HashiCorp Nomad 0.7. Nomad is HashiCorp's lightweight and flexible cluster scheduler designed to easily integrate into your existing workflows. Nomad can run both microservice and batch workloads, and has first-class support for Docker as well as non-containerized applications.
Nov 01 2017 Seth Vargo
Transparent Data Encryption in the Modern Datacenter
Transparent Data Encryption (TDE) is a technology coined by Microsoft, IBM, and Oracle to encrypt databases on the filesystem. TDE attempts to solve the problem of protecting data at rest, encrypting databases both on the hard drive and consequently on backup media. It does not protect data in transit, nor data in use. Organizations often employ TDE to solve compliance issues which require the protection of data at rest.
Oct 31 2017 Seth Vargo
Building a Vault Token Helper
Vault is an open source tool for managing secrets. Earlier we showcased how Vault provides Encryption as a Service and how to build custom Vault plugins. This post explores a lesser-known feature of Vault Open Source and Vault Enterprise: token helpers.
Oct 30 2017 Seth Vargo
Building a Vault Secure Plugin
Vault is an open source tool for managing secrets. Earlier we showcased how Vault provides Encryption as a Service and how New Relic trusts HashiCorp Vault for their platform. This post explores extending Vault even further by writing custom auth plugins that work for both Vault Open Source and Vault Enterprise.
Oct 26 2017 Seth Vargo
Managing Google Calendar with Terraform
Terraform is an open source tool for managing Infrastructure as Code. Earlier this year, we showcased how Terraform pushes the boundaries on the traditional definition of "infrastructure", enabling users to Manage GitHub Teams and Permissions with Terraform. This post explores extending Terraform even further by writing our own custom extension for managing events on Google Calendar.
Oct 19 2017 Maciej Skierkowski
Announcing the Terraform Recommended Practices Guide
Organizations of all sizes are adopting cloud-based services for application workloads. Using cloud-based services enables development teams to operate with a much greater degree of independence from the underlying operational constraints of infrastructure. For most organizations, this means navigating the transition from a relatively static pool of homogeneous infrastructure in dedicated data centers to a distributed fleet of servers spanning one or more cloud providers. We believe the best way to provision cloud-based infrastructure for these organizations is to take a collaborative approach, where teams of operators can all use infrastructure as code to create and manage the infrastructure.