HashiCorp
Unlocking the cloud operating model for enterprises
HashiCorp
Infrastructure Automation
Infrastructure as code for provisioning, compliance, and management of any cloud, infrastructure, and service.
The Challenge
Relies on static fleet of standardized infrastructure, provisioned for long periods of time, and dedicated to users.
TRADITIONAL APPROACH
- Manual Provisioning
- Fixed set of resources
- Workflow requires ticketing & queues
The Solution
Security Automation
Secure, store and tightly control access to tokens, passwords, certificates, encryption keys for protecting secrets and other sensitive data using a UI, CLI, or HTTP API.
Static Infrastructure
Networking Automation
A platform to discover, automate and secure service networking across any cloud or runtime.
Static Infrastructure
Private datacenters with static IPs, primarily north-south traffic, protected by perimeter security and coarse-grained network segments.
TRADITIONAL APPROACH
- Static connectivity between services
- A fleet of load balancers to route traffic
- Ticket driven processes to update network middleware
- Firewall rule sprawl to constrict access and insecure flat network zones
Dynamic Infrastructure
Multiple clouds and private datacenters with dynamic IPs, ephemeral containers, dominated by east-west traffic, no clear network perimeters.
CONSUL APPROACH
- Centralized registry to locate any service
- Services discovered and connected with centralized policies
- Network automated in service of applications
- Zero trust network enforced by identity-based security policies
Application Automation
Nomad is a simple, flexible, and production-grade workload orchestrator that enables organizations to deploy, manage, and scale any application, containerized, legacy or batch jobs, across multiple regions, on private and public clouds.
Static Infrastructure
Infrastructure is managed on a per application basis.
TRADITIONAL APPROACH
- Dedicated servers
- Manual and inconsistent deployment workflows
- Low resource utilization
Dynamic Infrastructure
Cloud Infrastructure Automation
Infrastructure as code for provisioning, compliance, and management of any cloud, infrastructure, and service.
The Challenge
Relies on static fleet of standardized infrastructure, provisioned for long periods of time, and dedicated to users.
TRADITIONAL APPROACH
- Manual Provisioning
- Fixed set of resources
- Workflow requires ticketing & queues
The Solution
Manage Secrets and Protect Sensitive Data
Secure, store and tightly control access to tokens, passwords, certificates, encryption keys for protecting secrets and other sensitive data using a UI, CLI, or HTTP API.
Static Infrastructure
Service Networking Across Any Cloud
A platform to discover, automate and secure service networking across any cloud or runtime.
Static Infrastructure
Private datacenters with static IPs, primarily north-south traffic, protected by perimeter security and coarse-grained network segments.
TRADITIONAL APPROACH
- Static connectivity between services
- A fleet of load balancers to route traffic
- Ticket driven processes to update network middleware
- Firewall rule sprawl to constrict access and insecure flat network zones
Dynamic Infrastructure
Multiple clouds and private datacenters with dynamic IPs, ephemeral containers, dominated by east-west traffic, no clear network perimeters.
CONSUL APPROACH
- Centralized registry to locate any service
- Services discovered and connected with centralized policies
- Network automated in service of applications
- Zero trust network enforced by identity-based security policies
Deploy and Manage Any Application on Any Infrastructure with Ease
Nomad is a simple, flexible, and production-grade workload orchestrator that enables organizations to deploy, manage, and scale any application, containerized, legacy or batch jobs, across multiple regions, on private and public clouds.
Static Infrastructure
Infrastructure is managed on a per application basis.
TRADITIONAL APPROACH
- Dedicated servers
- Manual and inconsistent deployment workflows
- Low resource utilization
Dynamic Infrastructure
Development Environments Made Easy
Simple and Powerful
HashiCorp Vagrant provides the same, easy workflow regardless of your role as a developer, operator, or designer. It leverages a declarative configuration file which describes all your software requirements, packages, operating system configuration, users, and more.
Production Parity
The cost of fixing a bug exponentially increases the closer it gets to production. Vagrant aims to mirror production environments by providing the same operating system, packages, users, and configurations, all while giving users the flexibility to use their favorite editor, IDE, and browser. Vagrant also integrates with your existing configuration management tooling like Ansible, Chef, Docker, Puppet or Salt, so you can use the same scripts to configure Vagrant as production.
Works where you work
Vagrant works on Mac, Linux, Windows, and more. Remote development environments force users to give up their favorite editors and programs. Vagrant works on your local system with the tools you're already familiar with. Easily code in your favorite text editor, edit images in your favorite manipulation program, and debug using your favorite tools, all from the comfort of your local laptop.
Build automated machine images
Create identical machine images for multiple platforms from a single source configuration.
Why Packer?
Rapid Infrastructure Deployment
Use Terraform to launch completely provisioned and configured machine instances with Packer images in seconds.
Multi-provider Portability
Identical images allow you to run dev, staging, and production environments across platforms.
Improved Stability
By provisioning instances from stable images installed and configured by Packer, you can ensure buggy software does not get deployed.
Increased Dev / Production Parity
Keep dev, staging, and production environments as similar as possible by generating images for multiple platforms at the same time.
Reliable Continuous Delivery
Generate new machine images for multiple platforms, launch and test, and verify the infrastructure changes work; then, use Terraform to put your images in production.
Appliance Demo Creation
Create software appliances and disposable product demos quickly, even with software that changes continuously.
Build. Deploy. Release.
Waypoint provides a modern workflow to build, deploy, and release across platforms.
Waypoint uses a single configuration file and common workflow to manage and observe deployments across platforms such as Kubernetes, Nomad, EC2, Google Cloud Run, and more.
Build
Waypoint builds applications for any language or framework. You can use Buildpacks for automatically building common frameworks or custom Dockerfiles or other build tools for more fine-grained control.
The build step is where your application and assets are compiled, validated, and an artifact is created.
This artifact can be published to a remote registry or simply passed to the deploy step.
Deploy
Waypoint deploys artifacts created by the build step to a variety of platforms, from Kubernetes to EC2 to static site hosts.
It configures your target platform and prepares the new application version to be publicly accessible. Deployments are accessible via a preview URL prior to release.
Release
Waypoint releases your staged deployments and makes them accessible to the public. This works by updating load balancers, configuring DNS, etc. The exact behavior depends on your target platform.
The release step is pluggable, enabling you to drop in custom release logic such as blue/green, service mesh usage, and more.
Simple and secure remote access
Secure access to hosts and services
Traditional approaches like SSH bastion hosts or VPNs require distributing and managing credentials, configuring network controls like firewalls, and exposing the private network. Boundary provides a secure way to access hosts and critical systems without having to manage credentials or expose your network, and is entirely open source.
Authenticate
Authenticate with any trusted identity provider you are already using. No need to distribute new credentials and manage them.
Authorize
Authorize access based on logical roles and services, instead of physical IP addresses. Manage dynamic infrastructure and integrate service registries so hosts and service catalogs are kept up-to-date.
Access
Automate credential injection to securely access services and hosts with HashiCorp Vault. Reduce risk of leaking credentials with dynamic secrets and just-in-time credentials.
More about HashiCorp
Allowing operations, security, and development teams to work in parallel
DevOps using HashiCorp
