- HashiCorp announced several updates and new products across its suite of cloud infrastructure automation solutions to help enterprise organizations adopt and leverage cloud.
The updates add and improve the features of HashiCorp products Terraform, Vault, Consul, and Nomad. The changes improve workflows and span across cloud provisioning, security, networking, and application runtime.
The company stated that its latest round of updates aims to support the technology organizations choose to operate, including legacy infrastructure. More organizations are shifting their IT infrastructures from static, on-premises to dynamic, multi-cloud architecture and need a framework for infrastructure automation.
The Terraform Enterprise has new workspace capabilities to assist IT administrators with governance for provisioning infrastructure. Features include access to shared infrastructure while restricting management capability, new UI using Terraform to collaborate on infrastructure changes, change tracking and audit capabilities, and API coverage to integrate with existing tools.
New security updates include Vault 0.8.3, which supports Kubernetes and secure secret management in modern container environments.
Vault capabilities include integration with Kubernetes without additional integration components, and Kubernetes pods can fetch tokens for accessing secrets directly from Vault.
HashiCorp also added more capabilities to Consul for Consul 1.0. Consul 1.0 added improvements to the access control (ACL) system to make bootstrapping and configuring ACLs easier. It also has autopilot upgrades to handle more version upgrade events and network segments to support LAN environments.
The beta release for Nomad added upgraded capabilities for the open source version. The batch scheduler now includes an access control system to limit APIs and jobs, and a web-based user interface to monitor running workloads and application health.
The new Nomad Enterprise collaborates with governance features for larger deployments. It includes namespaces to allow multiple teams to safely use a single, unified multi-data center deployment and resource quotas, which allows administrators to limit the resources by namespace.
HashiCorp also announced the release of Terraform Module Registry, which lets users share templates to leverage cloud infrastructure.
The release also includes an initial set of 32 verified Terraform modules for template access for setting up and running cloud based infrastructure.
“We worked closely with Alibaba, AWS, Google, Microsoft, Oracle, and their communities to seed the Module Registry with an initial set of common infrastructure topologies used by their customers,” HashiCorp explained. “These initial services available today include example modules for compute, compute groups, core networking, databases, and load balancers.”
“HashiCorp also worked with CoreOS to deliver example application-level modules for Kubernetes, and with Gruntwork to build and maintain HashiCorp Consul, Vault, and Nomad modules on AWS, Google Cloud Platform and Microsoft Azure,” the company continued.
There are two categories of modules available in the Module Registry:
- Verified modules. Verified modules have undergone certification and compatibility testing by HashiCorp prior to being accepted and are maintained by the cloud providers and/or designated community participants
- Community modules. Community modules can be contributed by any user, but have not been validated by HashiCorp directly
The update to Terraform Enterprise will provide a private version of the Module Registry, allowing organizations so chare modules internally. This will give organizations access to developed cloud infrastructure frameworks and help improve visibility and management.
In a third announcement, HashiCorp released its policy as code framework for cloud infrastructure automation, Sentinel.
Sentinel is embedded into HashiCorp’s enterprise product suite to provide automated, logic-based policy decisions to support and control different types of infrastructure.
"Infrastructure as code enables codification and automation for the four main components of infrastructure—core infrastructure, security, networking, and the application runtime,” HashiCorp Founder and co-CTO Mitchell Hashimoto said in a statement. “While infrastructure as code empowers more users to create and manage infrastructure, it comes with risks as less experienced users could make significant mistakes that impact business operations.”
Sentinel codifies business regulatory policies to protect infrastructure changes and make the transition to cloud easier.
Sentinel integration is currently available for the newest enterprise releases of Vault, Consul, and Nomad. It will be available for Terraform Enterprise within 30 days.