Come find out how this best-in-class IaC tool is quickly becoming the best-in-class tool for not just managing Kubernetes clusters but also configuring and managing your workloads inside those Kubernetes clusters. This session will present the projects that are making this happen, both from HashiCorp and from the community, and some of the best practices for using them. It will also take a brief look at the Terraform operator, which enables management of your IaC from within Kubernetes.
Come and learn about where the Terraform products are today and what is coming in the future. We will also talk about some great work in the Terraform language space that we are excited to get our community involved in.
This talk describes the evolution of the Vault Agent. We will start with the initial core capabilities of the agent, then discuss recent enhancements, and conclude with future evolution thoughts. We will also show, using slides and demos, how customers use the Agent to manage secrets and scale applications.
Join us as we talk through recent product updates in Consul. We will take a journey with “Space Odysseys,” a mythical Space Exploration company as they go from a startup to being in the Fortune 500. Through this journey, they experience many networking and security challenges. We will describe how the Consul product suite provides unified workflows for improved application delivery and consistent security while extending connectivity to applications everywhere.
This talk describes a new approach for using Vault as the secret backend for Consul for deployments in Kubernetes. The talk provides a high-level overview of a new integration where Vault is used as the primary secrets management platform for the service mesh. They will describe how Vault is used to bootstrap Consul using the Kubernetes auth method and also describe and demo a “day two” workflow for rotating secrets in Consul on Kubernetes.
Consul-Terraform-Sync (CTS) introduces network infrastructure automation to Consul and integrates directly with Terraform Cloud. CTS monitors changes to the L7 network layer and uses Terraform to dynamically update infrastructure. This talk demonstrates CTS in action and how Terraform Cloud provides insight into automation.
Learn about the latest capabilities and integrations in Vault for Secrets Management, Key Management, Encryption, and Data Security. Get an overview of the vision and roadmap for Vault.
Last year, we announced HashiCorp Boundary for just-in-time secure access management. This session showcases what is new in Boundary with a demo of key capabilities of identity-based access, integrated secrets management with Vault, dynamic host catalogs, and more. Join this session to learn more about how you can leverage Boundary to streamline human-to-machine access.
Deploying to Kubernetes can be a complicated process, especially as application integrations grow. The complexity grows even faster as multiple applications need to be deployed in coordination. This session will show how to use Waypoint to deploy a moderately complex application on Kubernetes. It will highlight real-world usage, including integration with Terraform Cloud for service access information, building container images within the Kubernetes cluster, and monitoring the resources.
Packer is used by hundreds of thousands of practitioners to create identical machine images for multiple platforms from a single source configuration. HashiCorp will offer a Packer registry on the HashiCorp Cloud Platform, enabling entire teams to track how images are used across deployments. Watch a demo of the HCP Packer registry beta, and learn more about the future of the product.
Now that IaC is a thing, you need to be responsible for its care and feeding, and that includes maintenance and upgrades. Terraform has several distinct areas that need attention. There is the Terraform version itself (0.x through 1.x.x), Terraform provider versions (depends on the provider in use), and the transition between them; not least of which may involve module version changes (which the user is in complete control). This talk seeks to add some context and promote good practices.
AWS Cloud Control API introduced a set of common APIs that enable developers to adopt the latest AWS innovation faster. As Cloud Control API is up-to-date with new AWS resource launches, Terraform’s integration with Cloud Control API now allows customers to use the latest AWS features and services, typically on the day of launch. In this session, we will introduce how customers can use the new Terraform AWS Cloud Control provider, leverage its benefits, and understand when to use the new provider versus the existing AWS provider.
In a traditional on-premises virtualized environment patching virtual machines costs time and money. We are able to reduce the cost of updating stateless on-premises virtual machines via automated redeployment. Instead of patching these systems, they can be replaced with a new instance from a more up-to-date template using a combination of Packer, Terraform, and Private Terraform Enterprise.
Identity and account access is one of the first things you set up in the cloud. It is easy to get started but as organizations grow it can quickly become an unwieldy burden to users, security, and compliance. Learn how Red Ventures implemented a custom Terraform solution to automate access management, meeting the requirements of various compliance frameworks while enabling self-service and solving disparate usage patterns across several different industry groups.
Find out how Target manages and maintains its enterprise deployment of HashiCorp Vault -- everything from unattended builds, automated maintenance activities, and client onboardings.
In this talk, Stripe's Service Networking Team talks about their multi-region service networking tech stack built on Consul, its history, the overall topology across AWS accounts and regions, federated multi-region clusters, how this works on Kubernetes, and finally the challenges they faced.
The Infrastructure Engineering team at Workday implemented a global network fabric using Consul and Vault, allowing developers and customers to seamlessly deploy and use services across multiple cloud providers and on-prem data centers. This talk will explain why they did it, the challenges faced in the process, and how the fabric allows internal service teams to autonomously set up secure connections across data centers between workloads running on heterogeneous platforms.
If you are running multiple Terraform workspaces on Terraform Cloud, you have likely come across the challenge of managing workspace settings separately and the scaling complexity that comes with it. Would it not be amazing if that could be managed using Terraform? This talk will focus on the Terraform provider for TFE, which is solving exactly that and enables you to use the same approach for Terraform Cloud configuration as you have been using for the rest of the infrastructure deployment.
Long, long ago... traditional Vault deployments began with running Consul as the storage backend. However, since the introduction of Integrated Storage in Vault 1.4, HashiCorp has continued to pack in the features to make Integrated a viable option for production workloads. In this session, we will talk about everything Integrated Storage has to offer, how to safely migrate your storage backend, and how to simplify operations, reduce cost, and minimize administrative overhead for Vault clusters.
After a long, difficult, and ultimately abandoned journey with AWS AppMesh, Tide adopted Consul this year within six weeks, across both ECS-EC2 and ECS-Fargate. This is the story of how they did it with no downtime and no big-bang migration. Along the way, they found ways to make it easy for the engineers to define their own intentions and configure their upstreams in code, solved issues with misaligned health checks, and explored options for developer-ingress to the mesh.
Combine the powers of Vault and Waypoint to generate on-demand credentials that exist only for the duration of your application deployments! By leveraging Vault Dynamic Secrets Engine for GCP, Waypoint to manage your deployments, and bringing in the Vault agent, we will demonstrate how an application can be deployed across platforms and generate the required credentials that will exist only as long as the application itself does. This demo will also incorporate Terraform into the mix.
ShopStyle used Terraform with HCL heavily, and was one of CDK for Terraform’s earliest adopters. They have been using Python to manage ShopStyle’s AWS infrastructure - with all the strengths and flexibility of a fully-functional programming language, including reusable code, tests, and automation. This talk describes why ShopStyle chose CDK for Terraform, describes the operational experience, and shows a live demo of using CDK for Terraform with Python.
As infrastructure is moving to the cloud, observability and secrets management are a key part of service delivery. This talk will start by reviewing how secrets were important in this new observability infrastructure and how Vault enables us to deliver a self-service observability platform internally. Next, the talk will look at how observability and Vault come together to automate secret management, with a result of improving SLOs and reducing manual efforts by hundreds of human-days a year.
Wayfair is an e-commerce furniture and home-goods company that sells via a digital platform with 14 million items from more than 11,000 global suppliers, and they use most of the HashiCorp Stack to achieve this. Join HashiCorp's Co-Founder and CTO Armon Dadgar as he sits down with Wayfair's Associate Director of Developer Platforms, Jeff Dillon, and Senior Manager of Configuration Management, Travis Cosgrave, for a fireside chat.
To close out this year’s HashiConf Global, HashiCorp Co-Founder Mitchell Hashimoto will switch seats and be interviewed by HashiCorp’s Nic Jackson and Anubhav Mishra.
Learn how to run any workload in any cloud or on-premises environment, whether that is a virtual machine on an AWS EC2 instance >> Java jars on bare metal >> machine learning algorithms on GPUs. Nomad can do a lot more than just containers and one cluster.
You can simplify repeatable tasks on Terraform Workspaces, Variables, and Modules at scale using a PowerShell API wrapper, like upgrading the version of Terraform on hundreds of workspaces with a single command. https://github.com/pkelly808/Terraform
Lufthansa Systems created a vending machine that allows teams to consume prefab, pre-approved cloud components in a consistent, self-service, and on-demand way. Terraform Cloud and HCP Vault are used in a GitOps-style approach for provisioning cloud services, like tenants, multi-cloud networking services, and Kubernetes clusters across Azure and Google Cloud. In this talk, you will see how the vending machine works, and dive into additional features like cost estimation and audit logging.
Despite the rapid rise of service, it is still challenging to balance central oversight in IT operations and enable autonomy between the teams they support. Multiple environments, such as service mesh and K8s, exacerbate this operational complexity. In this talk, you will learn about a new multi-tenancy feature in Consul Enterprise 1.11 which helps organizations eliminate service mesh sprawl and more effectively manage service mesh at scale.
ADB started its journey to infrastructure automation from sratch using Terraform OSS and CI/CD to build our cloud datacenter. Using Terraform Enterprise, they built other infrastructure tools like Ansible Tower and used Packer, Vault, and Sentinel to scale innovation without compromising security and resiliency.
OneMount Group built their system based on Vault, Packer, Terraform, etc. This session will describe why and how they use them in their Microservice Architecture system.
Lisa will share PETRONAS' modernization journey over the past two years, where her teams have implemented DevSecOps and agile practices - towards enabling a fast but stable and reliable software development culture. Ahmad will talk about Terraform, and how this has recently been introduced to transform the way engineers perform infrastructure management.
Join HashiCorp Co-Founder Mitchell Hashimoto, Co-Founder and CTO Armon Dadgar, and CEO Dave McJannet as they kick off HashiConf Global with the Opening Keynote, where you will hear the product updates and announcements that we have in store for you.
Join HashiCorp Co-Founder and CTO Armon Dadgar for the Day Two Opening Keynote at HashiConf Global.
HashiCorp User Groups (HUGs) are the cornerstone of our community: regular meetups held by local, volunteer organizers passionate about HashiCorp tools and knowledge sharing. Join your local HUG chapter at hashi.co/hugs.