Aug 16 2017 Andy Manoske
HashiCorp Vault 0.8.1
We are proud to announce the release of HashiCorp Vault 0.8.1, which includes a number of exciting new features, improvements, and bug fixes.
In addition to a number of bug fixes and minor enhancements, Vault 0.8.1 contains new functionality including Google Cloud Platform IAM Authentication Backend support, Oracle Database Secret Backend support, and much more.
Aug 11 2017 Nic Jackson
Continuous Deployment with Nomad and Terraform
This post explores how to use the Nomad Terraform provider to control the lifecycle of a Nomad service.
Both HashiCorp Nomad and Terraform allow you to declaratively define infrastructure as code, but they serve different functions in the organization. Nomad schedules and monitors applications, making sure the application stays running and automatically reconciles any failure. Nomad supports rolling deploys to deliver safer convergence. Nomad also integrates with Consul for service discovery and Vault for secrets management. Terraform, on the other hand, is a lifecycle management and provisioning tool. It creates, updates, and destroys the underlying infrastructure which Nomad will use to run applications. But Terraform is much more than a infrastructure tool - Terraform can also manage the process of submitting, updating, and deleting Nomad applications, which will allows modeling your entire infrastructure as code.
The Nomad Terraform provider is perfect for continuous delivery for your applications, and in this post we will look at how these tools work seamlessly together to enable this workflow.
Nomad provider for HashiCorp Terraform to run jobs with HashiCorp Nomad.
Aug 10 2017 Jay Christopherson
Spaceflight uses HashiCorp Consul for Service Discovery and Runtime Configuration in their Hub-and-Spoke Network Architecture
This is a guest post by Jay Christopherson, principal engineer, DevOps, at Spaceflight Industries. Spaceflight is revolutionizing the business of space flight by delivering a new model for accessing space. A comprehensive launch service and mission management provider, the company provides a straightforward and cost-effective suite of products and services including state-of-the-art satellite infrastructure, rideshare launch offerings, and global communications networks that enable commercial and government entities to achieve their mission goals, on time and on budget. A service offering of Spaceflight Industries in Seattle Washington, Spaceflight provides its services through a global network of partners, ground stations, and launch vehicle providers.
We had two main challenges facing us as we determined how to design the computing infrastructure to support our business applications: how we should handle distributed runtime changes and service discovery. We need distributed changes as we deploy remote satellite communications ground stations (spokes) around the world, but which are all managed from a central location (hub). Changes made from a central location need to be distributed out to one or more remote ground stations in an automated fashion. As for service discovery, we build and deploy quite often and we needed to make sure that changes to services in our infrastructure are detected and updated as quickly as possible without any manual updates. These are the reasons we looked at HashiCorp Consul.
Aug 09 2017 Andy Manoske
HashiCorp Vault 0.8
We are proud to announce the release of HashiCorp Vault 0.8. Vault is an infrastructure automation security product that provides secrets management, encryption as a service, and privileged access management.
The 0.8 release of Vault is focused on bringing major, new functionality to Vault and includes additional new features, secure workflow enhancements, general improvements, and bug fixes. Highlights include:
Disaster Recovery (Vault Enterprise)
Mount Filters for Replication (Vault Enterprise)
Entities and Multi-Factor Authentication (Vault Enterprise)
Aug 02 2017 Clint Shryock
HashiCorp Terraform 0.10
We're happy to announce the release of HashiCorp Terraform 0.10. Terraform is a tool to safely and efficiently build, combine, and launch any infrastructure. This release includes many new features and improvements.
Since our last major Terraform release, we’ve had 11 minor releases, adding 6 new Providers, 24 new Data Sources, and over 60 new Resources! In addition to all this, the Terraform project has now received contributions from over 1,100 contributors.
Terraform 0.10 adds major new functionality to Terraform. Highlights include:
Terraform Core and Providers are now split
Numerous Provider improvements
State Environments are now Workspaces
Jul 26 2017 Alex Dadgar
HashiCorp Nomad 0.6
We are pleased to announce the release of HashiCorp Nomad 0.6. Nomad is a distributed, scalable, and highly available cluster manager and scheduler designed for both microservice and batch workloads.
Nomad 0.6 includes a number of new features focused on improving job management and configuration as well as many improvements and bug fixes. Highlights include:
Job history and ability to revert to older versions
Dynamic environment variables
Automatic advertisement of container IP addresses with HashiCorp Consul
We are also pleased to announce that the Nomad ecosystem now includes a version of Apache Spark that natively integrates Nomad as a Spark cluster manager and scheduler. See our Running Apache Spark on Nomad blog post for additional details.
Jul 25 2017 Rob Genova
Running Apache Spark on HashiCorp Nomad
Apache Spark is a popular data processing engine/framework that has been architected to use third-party schedulers. The schedulers that are available, however, involve a level of complexity that can be undesirable for many potential Spark users. To help fill this gap, we are pleased to announce that the HashiCorp Nomad ecosystem now includes a version of Apache Spark that natively integrates Nomad as a Spark cluster manager and scheduler.
Jul 20 2017 James Phillips
HashiCorp Consul 0.9
Today we are releasing Consul 0.9 which includes a number of improvements, bug fixes, and features. There are some important backward incompatibilities in this release that are easy to adjust for as you deploy, so please be sure to read the 0.9 upgrade guide for details before you upgrade.
Jul 11 2017 Nic Jackson
Auto-bootstrapping a Nomad Cluster
In a previous post, we explored how HashiCorp Consul discovers other agents using cloud metadata to bootstrap a cluster. This post looks at HashiCorp Nomad's auto-joining functionality and how we can use Terraform to create an autoscaled cluster.
Jul 10 2017 George Kontridze
Bugsnag Uses HashiCorp Terraform to Quickly Provision and Safely Maintain Their Infrastructure
This guest blog is by George Kontridze, Production Engineer at Bugsnag. Bugsnag is an automated production error monitoring tool, supporting over 50 different platforms. Bugsnag provides open-source libraries for most popular programming languages which make it very easy for customers to integrate Bugsnag into their workflow. Once integrated, Bugsnag automatically detects application exceptions and provides the data and tooling to prioritize and fix errors with the greatest user impact.
At Bugsnag part of the challenge we face is the fast pace of iteration; be it external, connecting with an API to make a new integration available to our customers, or internally to regularly provisioning and scale a cluster of machines to run our services as our system’s performance characteristics evolve.
As our product evolves, it becomes incredibly important to put the tools in place to help us evolve the infrastructure that runs our services. The time and effort we invest in these tools are also quite valuable to us, so we need to choose wisely.
On the infrastructure side of things, we need to be able to ship configuration changes in production. We do configuration changes for existing resources or to add new resources. Regardless, we need to be able to do this with ease and high visibility. This is where the HashiCorp toolset comes into play.
Jul 07 2017 Chris Kent
Recap and Videos from HashiDays London
HashiCorp hosted HashiDays in London on June 12, the second event from our new series created as one-day, single-track, deeply technical, and community-focused events. HashiDays brings together customers, practitioners, as well as HashiCorp employees to explore and discuss different areas around infrastructure and cloud adoption, with topics ranging from customer stories and use cases, to technical product exploration.
Jul 06 2017 Jon Currey
Making Gossip More Robust with Lifeguard
Today we are proud to announce our first publication by HashiCorp Research, titled "Lifeguard: SWIM-ing with Situational Awareness". The paper details a number of novel improvements we have introduced to Serf, Consul, and Nomad to make their underlying gossip protocol more robust. Collectively called Lifeguard, these extensions reduce by 50x the false positives produced by the failure detector and allow us to detect true failures faster.
Distributed systems such as BitTorrent, Apache Cassandra, Microsoft Orleans, and HashiCorp Consul commonly use Gossip protocols. They are typically embedded to provide features such as cluster membership (who is in the cluster), failure detection (which members are alive), and event broadcast. Their peer to peer nature often makes them much more scalable and reliable than centralized approaches to solving the same problem. However, the reduced amount of communication makes them sensitive to slow processing of their messages.
Many of our tools leverage work from the academic community, and with HashiCorp Research we hope to contribute back. Our focus is on novel work and whitepapers about the algorithms and system designs we are using in practice. Lifeguard is our first published work, and our users operating the tools in production environments drive the focus of these improvements.
Read on to learn more about Lifeguard.
Jun 28 2017 Paddy Foran
Introducing the HashiBot GitHub Bot
At HashiCorp, we take pride in our community and community contributions. As the quantity and adoption of our open source projects increases, it introduces more complexity in daily maintenance and triage. To help scale the community management of our GitHub repos, we are introducing “HashiBot” on GitHub.
Jun 22 2017 Chris Kent
Recap and Videos From Our First HashiDays in New York City
HashiCorp hosted the very first HashiDays on May 15 in New York. HashiDays is a new series created as one-day, single-track, deeply technical, and community-focused events. HashiDays brings together customers, practitioners, as well as HashiCorp employees to explore and discuss different areas and topics ranging from customer stories and use cases, to technical product exploration.
Jun 21 2017 Matthew Lapworth
HashiCorp Vault helps New Relic manage secrets for their digital intelligence platform
This is a guest post by Matthew Lapworth, Senior Application Security Engineer at New Relic. New Relic is a leading digital intelligence company, delivering full-stack visibility and analytics with more than 14,000 paid business accounts. The New Relic Digital Intelligence Platform provides actionable insights to drive digital business results. Companies of all sizes trust New Relic to monitor application and infrastructure performance so they can quickly resolve issues, and improve digital customer experiences.
At New Relic, our systems and infrastructure had grown, and we were facing challenges with securely storing and managing credentials. HashiCorp Vault has provided us with a consistent approach to manage secrets and credentials.
Jun 17 2017 Rani Osnat
Aqua Security helps enterprises to securely manage secrets in containers with Vault
This is a guest post by Rani Osnat, VP Marketing at Aqua Security. Aqua is a HashiCorp technology partner and focuses on securing container-based applications from development to production, on any platform.
Aqua Security, founded in 2015, focuses on securing applications that are developed and run using virtual containers, e.g. using Docker. We provide automated security controls for the entire lifecycle of containers, starting from development and all the way to protecting container workloads in production. We work with large enterprises that already use containers or are migrating to containers, and have security and regulatory requirements to ensure their applications are protected and monitored.
We chose to integrate with HashiCorp Vault after learning of a customer need for secrets management in containers. Vault is the leading product for secrets management in the enterprise, is widely used by large enterprises, and is easy to integrate with.
Jun 14 2017 Chris Kent
How Vault Encrypts Application Data During Transit and at Rest
Companies today are adopting the cloud and looking for ways to accelerate application delivery. Migrations can often times create challenges around data privacy and secrets management, since distributed applications and infrastructure need to share and transmit data between different components and layers. HashiCorp Vault Encryption as a Service focuses on keeping application data secure across distributed infrastructure.
Jun 09 2017 Seth Vargo
Upcoming Provider Changes in Terraform 0.10
Since 2014, Terraform provider growth has been explosive. At Terraform's initial launch, there were less than ten providers. Today, there are nearly 70 builtin providers that ship with Terraform and countless more are distributed as plugins by the community. Community is and will continue to be the core of Terraform's adoption and success. We are excited to share our future plans for the Terraform provider ecosystem, starting with Terraform 0.10.