Today at HashiConf 2017, HashiCorp, a leader in cloud infrastructure automation, announced updates across its suite of open source and enterprise products for cloud infrastructure automation — Terraform, Vault, Consul, and Nomad — with new capabilities to help organizations adopt cloud. The company also released Sentinel, a policy as code framework for infrastructure automation, and delivered the Terraform Module Registry, providing example infrastructure templates to make provisioning across cloud environments easier.
The updates span each of the four critical components of distributed infrastructure — cloud provisioning, security, networking, and application runtime. HashiCorp’s products enable consistent workflows to provision, secure, connect, and run any infrastructure, including in multi-cloud environments.
“Our driving mission is to enable organizations to focus on workflows, not technologies. We want to support any technology that companies choose to operate, including their legacy infrastructure,” said Armon Dadgar, founder and co-CTO of HashiCorp. “As an ever larger number of Global 2000 organizations move from static, on-premises infrastructures to dynamic architectures spanning multiple clouds, we are working to provide the blueprints and infrastructure automation capabilities to help them succeed. We are investing in HashiCorp to support the world’s largest organizations, while continuing to build products practitioners love, for IT operators, security teams, and application developers.”
The HashiCorp product announcements at HashiConf include:
Provision: For Core Infrastructure in On-Premises and Multi-Cloud Environments
To help users successfully provision infrastructure in any cloud, HashiCorp released the HashiCorp Terraform Module Registry (http://ift.tt/2xdJYbW), a public repository of example templates for common infrastructure patterns and popular services. These templates include support for Alibaba Cloud, AWS, Google Cloud Platform, Microsoft Azure, Oracle Cloud, Kubernetes, and the HashiCorp products.
In addition, HashiCorp announced the beta release of HashiCorp Terraform Enterprise with new Workspace capabilities to help enterprise IT operations teams with collaboration and governance for provisioning infrastructure. Workspace capabilities include:
- Ability to provide access to shared infrastructure while restricting management capability
- Version control integration to tie infrastructure definition to a single source of truth and perform automated testing
- New UI that lets teams use Terraform to collaborate on infrastructure changes
- The ability to audit and track all changes across teams
- Full API coverage to integrate with existing tooling
Secure: For Secrets Management of Cloud Infrastructure and Applications
HashiCorp delivered Vault 0.8.3 with support for Kubernetes. Vault integration with Kubernetes extends HashiCorp’s platform-agnostic approach to secrets management and furthers the support of secure secrets management in modern environments and container workflows. New Vault capabilities include:
- Direct Vault integration within Kubernetes without additional integration components
- Kubernetes pods can fetch tokens for accessing secrets directly from Vault
- Kubernetes applications can leverage Vault features such as key management, cryptographic offload, SSL/TLS certificate generation, and dynamic secrets
Connect: For Service Discovery and Networking in Dynamic Environments
For dynamic service discovery and configuration, HashiCorp announced HashiCorp Consul 1.0 for both open source and enterprise. Consul joins Vagrant and Packer as the third HashiCorp product to reach the 1.0 milestone. Consul 1.0 open source enhancements include:
- Improvements to the Access Control List (ACL) system to make bootstrapping and configuring ACLs easier
- Autopilot enhancements to handle more version upgrade scenarios
Consul Enterprise 1.0 feature additions include:
- Network Segments to support segmented LAN environments
Run: For Application Deployment in Hybrid Architectures
HashiCorp announced the beta release for HashiCorp Nomad 0.7, a high performance and flexible service and batch scheduler. New capabilities in the open source version include:
- An access control system which will enable operators to limit access to APIs and jobs
- A web-based user interface to explore running workloads and monitor application health, enabling self-service usage for developers and better visibility for operators
HashiCorp also announced the beta release of the first enterprise version of Nomad. With Nomad Enterprise comes important collaboration and governance features for large enterprises, including:
- Namespaces, which will allow multiple teams to safely use a single, unified multi-data center deployment
- Resource quotas which will allow an administrator to limit resource consumption by namespace
Sentinel Policy as Code Framework
HashiCorp also released Sentinel, a policy as code framework (http://ift.tt/2yarFE0). Sentinel is designed to help enable organizations to define guardrails to safely automate infrastructure operations. Sentinel is integrated across the HashiCorp enterprise products, enabling active policy enforcement.
Read the HashiConf announcement summary blog post on the HashiCorp blog for a complete listing of links to more detailed information about all components of today’s announcement.
The Terraform Module Registry is hosted by HashiCorp and available today at http://ift.tt/2ybxaSI. The beta release of Terraform Enterprise is now available. Vault 0.8.3 with Kubernetes support is generally available today. Beta releases of Nomad 0.7 and Nomad Enterprise 0.7 are available today. Beta releases of Consul 1.0 and Consul Enterprise 1.0 will be available within 7 days. Sentinel will be available with the Premium versions of Vault Enterprise 0.9, Consul Enterprise 1.0, and Nomad Enterprise 0.7. Sentinel will be available with the Premium version of Terraform Enterprise scheduled for release within 30 days.