HashiCorp Deepens Integrations with Kubernetes and CNCF Projects
HashiCorp has officially joined the Cloud Native Computing Foundation (CNCF), in order to deepen community engagement and provide official support for project integrations.
HashiCorp has been building open source tools to enable cloud infrastructure automation since 2012. During that time, we’ve released major projects like Vagrant, Packer, Consul, Terraform, Vault, and Nomad. These are used by millions of IT practitioners on a daily basis. We’ve also published Tao of HashiCorp, which is our design ethos behind the tools and a guide to how we think about building new tools and evolving them over time.
Two of the most important principles that we lay out in that document are our focus on workflows, along with enabling the technology ecosystem to be pluggable and composable. With infrastructure tooling especially, we live in a rich and ever-growing ecosystem of solutions that are always changing. Our approach has enabled our users to adopt new technologies quickly, without having to change their workflows.
Some of the most important infrastructure technologies in the last few years have been open source projects that are part of the CNCF, including Kubernetes, Prometheus, Envoy, and Helm. As these tools have gained broad adoption, HashiCorp users and customers have been eager to use them with our portfolio of tools.
Across our portfolio, we have integrated with CNCF projects. Some examples:
- Native Terraform Providers for Kubernetes and Helm. Terraform’s Kubernetes provider has dozens of resources, ranging from the high-level cluster setup to enabling services to be easily specified and deployed. The Terraform Helm provider allows users to use existing Helm charts to deploy services to their Kubernetes cluster, without needing to fragment their workflow.
- Service Mesh with Consul. Consul integrates with Kubernetes at multiple levels to enable modern service networking. This includes network automation of traditional load balancers, firewalls, and API gateways to connect traditional infrastructure to Kubernetes. Modern service mesh technology enables service-to-service communications to be highly dynamic and secured, without deploying traditional middleware devices.
- Native Envoy integrations with Consul. Consul provides native integration with Envoy as well. This can be used both within a Kubernetes environment or with traditional infrastructure. Envoy can be used as a sidecar proxy for a service mesh, a traditional API gateway or ingress layer, or a mesh gateway to enable multi-datacenter networking.
- Secrets Management with Vault. Vault provides platform integrations with Kubernetes to enable storing static credentials, generating dynamic credentials such as API keys and certificates, or protecting application data by encrypting data and offloading key management and cryptography. The identity-based approach to security that Vault uses enables Kubernetes applications to be highly dynamic, without being blocked on traditional security teams with static rules and approvals.
- Helm charts to deploy. We provide supported Helm charts to deploy both Vault servers and Consul agents and servers. This makes it easier for users to get started and manage our tools in a Kubernetes-native way.
- Prometheus integrations for metrics. Many of our projects such as Vault, Consul, and Nomad integrate with Prometheus to enable health checking and exporting of metrics information.
- Container Native Networking. The CNI project allows a rich ecosystem of networking vendors to integrate using a standardized interface. Nomad integrates with CNI to support the broader container networking ecosystem.
There are even more integrations we’ve done across the portfolio, but this gives a sense of our efforts with various CNCF projects.
For several years now, we’ve been a part of these communities unofficially. I’ve personally spoken at KubeCon, as have multiple developer advocates from HashiCorp. We’ve also had a presence at many of the global events, with our engineering and developer advocacy teams.
Major users and customers of our tools have mission-critical dependencies on our integrations with CNCF projects, and have asked for a clear message on our intentions for future support. I’m excited to announce that HashiCorp has officially joined the CNCF to do just that. While we have always been a supporter of many of the tools and provided integrations, we intend to work closely with the community to expand those integrations.
What does this change? Firstly, expect to see HashiCorp to be more present in the CNCF community. We plan to be at more KubeCon events online and around the world, with an expanded presence. Our booth at events has often been overwhelmed with users asking questions, and we will have more folks ready to support the community.
Next, expect to see us working on deeper and broader integrations. I’ve highlighted some of the work we’ve done, but we are committed to making sure Kubernetes is a first-class experience across all of our products. Across other CNCF projects, we want to collaborate on making sure there are seamless integrations, much as we already have with Envoy and Prometheus.
Lastly, we want to hear from the community on where we can do better. This is a large ecosystem and we want to know about opportunities for us to improve, including which sharp edges we can sand down. We encourage people to engage with our teams on GitHub, our Discuss forum, or other community events.