November 2019 Summaries
11 posts from HashiCorp
Filter
Month:
Year:
Post Summaries
Back to Blog
The post discusses approaches to feature toggling, blue-green deployment, and canary testing of Terraform resources to mitigate impact on production infrastructure. It highlights the use of feature toggles with conditional expressions in Terraform, allowing for isolated testing of infrastructure resources without fully recreating the system in a staging environment. The post also explains how to deploy infrastructure in a blue-green approach, which involves creating duplicate sets of resources with new configurations for initial testing in production. Canary tests are used to confirm proper configuration before increasing traffic to new resources. These approaches help mitigate change impact, highlight dependencies, and reduce development environment costs.
Nov 26, 2019
1,685 words in the original blog post.
HashiCorp's all-day virtual event, HashiTalks, will return on February 20, 2020, featuring presentations from the community on how they use HashiCorp tools in their workflows. The event is an annual virtual gathering produced and facilitated by the HashiCorp Community team, which has hosted over 2,000 attendees in previous years. The call for proposals is now open, inviting speakers to share unique use cases, technical talks, culture talks, and demos highlighting HashiCorp's tools and open source and enterprise tooling. The event provides a platform for growth as speakers share their knowledge from the comfort of their own space, with past sessions available on HashiCorp's resources page. Registration is now open for HashiTalks, and attendees can also join 30,000 HashiCorp Users in the HUG program to get involved with local chapters or start their own.
Nov 25, 2019
430 words in the original blog post.
The HashiCorp Vault team has released additional hands-on guides to help developers learn and integrate Vault as their secrets management solution. The new guides cover various topics, including the Active Directory service account check-out feature, HSM integration with entropy augmentation, troubleshooting Vault, and codifying management of Vault using Terraform. These guides provide step-by-step instructions and demonstrations to help users effectively manage their secrets and improve their overall experience with Vault.
Nov 20, 2019
538 words in the original blog post.
HashiCorp Consul is a comprehensive networking platform that bolsters zero trust networking, works well with Kubernetes, and is remarkably easy to use. It provides native capabilities for service discovery, service registration, and service mesh for Kubernetes and non-Kubernetes environments. Consul can be used as a central service registry, help secure and facilitate service-to-service communication, and enhance observability over network and service health. It supports both standalone Kubernetes and managed Kubernetes environments in various ways, making it easier to start incorporating Kubernetes into existing infrastructure. Consul integrates with popular tools like Helm and Shipyard to make getting started simpler. The platform also offers a series of guides on its Learn page for those looking to get started with running Consul on Kubernetes. Additionally, Consul provides service discovery and network middleware automation capabilities through integrations with F5 BIG-IP and HAProxy. It leverages Envoy Proxy for L4 and L7 communication proxying in production and has recently launched an integration with Datawire's Ambassador API gateway. Furthermore, Consul enables distributed tracing with APM solutions like Datadog, AppDynamics, and SignalFX. The Consul ecosystem continues to grow, and HashiCorp offers sessions at KubeCon for those interested in learning more about Consul.
Nov 18, 2019
1,749 words in the original blog post.
Vault 1.3` has been released, offering various improvements and new features to enhance its capabilities in managing secrets, data encryption, identity management, and credential management for infrastructure and applications. The new release focuses on improving Vault's ability to serve as a platform for credential management workloads, such as Active Directory and Kubernetes, and support global multi-cloud operations with high performance and compliance-regulated workloads. Key features include `Entropy Augmentation` that allows Vault Enterprise to supplement its system entropy with external sources, `Improved Integrated Storage (Beta)` which improves the performance and stability of integrated storage, `Active Directory Check In / Check Out` for managing AD credentials, `Vault Debug` for gathering health metrics, `Path Filters` for controlling secret replication, `Oracle Cloud Infrastructure (OCI) Integration` for supporting Oracle Cloud workloads, and other new features such as improved KMIP support, Stackdriver metrics sync, and P384 and AES128-GCM 96 encryption/decryption support. The release also includes significant upgrades and improvements to various components of Vault, making it a more robust and feature-rich tool for managing secrets and infrastructure.
Nov 14, 2019
1,542 words in the original blog post.
The Vault team has released an updated version of the Helm Chart for Vault, which greatly reduces the complexity of running Vault on Kubernetes and allows for clusters to be up and running in just minutes. The new release includes several requested features, many feature improvements, and bug fixes, such as Load Balancer & Ingress support, configurable ports, Read Only Root FS, and annotations. The updated chart is now available on GitHub, and users can learn more about it by checking the Helm Chart documentation or the documentation on Running Vault on Kubernetes.
Nov 12, 2019
328 words in the original blog post.
Nov 11 2019, Omar Khawaja, discussed the challenges of manually deploying and configuring load balancers in dynamic infrastructure, highlighting the need for automation. Nomad, along with its integration with Consul, automates this process and works seamlessly with popular load balancers such as NGINX, HAProxy, and Traefik. Nomad uses the Consul Template tool to populate values from Consul and Vault, allowing it to automatically configure NGINX's configuration with IP addresses of healthy service instances. Additionally, Nomad has native integrations with HAProxy and Traefik, enabling users to leverage these load balancers' capabilities while maintaining consistency across their infrastructure.
Nov 11, 2019
374 words in the original blog post.
This GitHub Actions workflow automates the testing and validation of Terraform modules, enabling teams to collaborate on modules and push changes with a continuous integration workflow. The workflow includes steps to initialize and validate Terraform modules, as well as run unit tests implemented with Terratest. To ensure the quality of the Terraform modules, the workflow uses GitHub Status Checks, protecting the master branch from merging pull requests with failing checks until the status checks have passed.
Nov 07, 2019
864 words in the original blog post.
The Terraform provider deprecation plan for Terraform 0.11 in new releases of officially maintained providers will begin with AWS, AzureRM, Google, and Kubernetes providers. This move aims to allow faster delivery of new features by utilizing the updated functionality in Terraform's configuration language and communication layer between Terraform and providers. The deprecation process consists of two phases, starting from today and continuing into next year, during which issues related to 0.11 versions will be closed, and running `terraform init` will only download new provider versions if using TF 0.12. Users are advised to upgrade to Terraform 0.12 or pin the version of the provider they use to avoid breaking changes. Those already using 0.12 can continue to work as usual, while pinned providers remain unchanged. If issues arise during deprecation, users should open an issue on their preferred provider repository for assistance.
Nov 07, 2019
488 words in the original blog post.
The `tfrun` import in HashiCorp Sentinel allows policy authors to access context data from the run itself, enabling more flexible and fine-grained enforcement of policies. This includes features such as tag enforcement, where workspace details can be enforced upon resources, fine-grained exceptions that allow for skipping or applying partial policies based on workspace, and enforcing cost controls by limiting budget increases. These new capabilities are now available to all Terraform Cloud and Enterprise customers, expanding the scope of what is possible with Sentinel policies.
Nov 06, 2019
950 words in the original blog post.
HashiCorp has announced support for Azure DevOps Services, allowing users to link their Terraform Cloud and Enterprise workspaces to Azure DevOps-backed VCS repositories. This integration includes the ability to manage configuration files in VCS and an upcoming open-source Azure Marketplace task for invoking Terraform operations. The process of setting up this integration is straightforward, requiring users to configure their Azure DevOps organization and authentication application, then connect it to their Terraform Cloud workspace. Once set up, users can store their Terraform configurations and modules in their repositories, taking advantage of automated infrastructure provisioning. HashiCorp will also be sponsoring Microsoft Ignite 2019, where experts will be available to answer questions about the Azure DevOps and Terraform integrations.
Nov 04, 2019
844 words in the original blog post.