Slide 1

Slide 1 text

Copyright © 2017 HashiCorp Brave New World:
 Infrastructure Automation

Slide 2

Slide 2 text

Armon Dadgar Founder and CTO @armon

Slide 3

Slide 3 text

Copyright © 2017 HashiCorp CONNECT Infrastructure & applications RUN SECURE PROVISION Applications Infrastructure & applications Infrastructure OSS TOOL SUITE PRODUCT SUITE Consul Nomad Terraform Vault Consul Enterprise Nomad Enterprise Vault Enterprise Terraform Enterprise FOR TEAMS FOR INDIVIDUALS Provision, secure, connect, and run any infrastructure 3 Copyright © 2017 HashiCorp

Slide 4

Slide 4 text

Copyright © 2017 HashiCorp Market Trends

Slide 5

Slide 5 text

Tractor Company or Software Company?

Slide 6

Slide 6 text

Copyright © 2017 HashiCorp ▪ Applications shifting from Back office to Front office ▪ Traditional Companies being Disrupted by Software ▪ Pressure to Deliver Applications Faster Applications Front and Center 6

Slide 7

Slide 7 text

No content

Slide 8

Slide 8 text

Copyright © 2017 HashiCorp ▪ AWS, Azure, GCP, Oracle Cloud, IBM Cloud, Alibaba, Huawei ▪ Doing $XXB in revenue ▪ Growing at 100%+ YOY ▪ Avoid CapEx for new projects, enable experimentation ▪ Elastic capacity for scaling ▪ Outsource specialized know how Public Clouds set Sail 8

Slide 9

Slide 9 text

HVAC: Security Risk?

Slide 10

Slide 10 text

Copyright © 2017 HashiCorp ▪ Security has been elevated into a critical business risk ▪ Target compromised through an HVAC system ▪ Google compromised by splicing dark fiber ▪ Regulation changing the landscape (GDPR, CSL) Security is a Board topic 10

Slide 11

Slide 11 text

s Copyright © 2017 HashiCorp 11 Rethinking Entire Application Delivery Lifecycle

Slide 12

Slide 12 text

Copyright © 2017 HashiCorp ▪ Natural Tension of Goals ▪ Deliver Applications Faster ▪ Reduce Complexity and Manage Risk ▪ Principles, Process, and Tools all matter Application Delivery Goals 12

Slide 13

Slide 13 text

Copyright © 2017 HashiCorp Essential Application Delivery Steps 13 CONNECT RUN SECURE PROVISION Infrastructure & applications Applications Infrastructure & applications Infrastructure Register and monitor the application and its components Push the application into the environment Secure distributed environment to which applications will be deployed Develop & test the application CONNECT DEPLOY SECURE BUILD / TEST

Slide 14

Slide 14 text

Copyright © 2017 HashiCorp 14 CONNECT RUN SECURE PROVISION Infrastructure & applications Applications Infrastructure & applications Infrastructure Register and monitor the application and its components Push the application into the environment Secure distributed environment to which applications will be deployed Create core infrastructure to run applications Create environment-appropriate version of the application Develop & test the application CONNECT DEPLOY SECURE PROVISION PACKAGE BUILD / TEST Essential Application Delivery Steps

Slide 15

Slide 15 text

Copyright © 2017 HashiCorp 15 CONNECT RUN SECURE PROVISION Infrastructure & applications Applications Infrastructure & applications Infrastructure Register and monitor the application and its components Push the application into the environment Secure distributed environment to which applications will be deployed Create core infrastructure to run applications Create environment-appropriate version of the application Develop & test the application CONNECT DEPLOY SECURE PROVISION PACKAGE BUILD / TEST Essential Application Delivery Steps

Slide 16

Slide 16 text

Copyright © 2017 HashiCorp 16 CONNECT RUN SECURE PROVISION Infrastructure & applications Applications Infrastructure & applications Infrastructure Register and monitor the application and its components Push the application into the environment Secure distributed environment to which applications will be deployed Create core infrastructure to run applications Create environment-appropriate version of the application Develop & test the application CONNECT DEPLOY & RUN SECURE PROVISION PACKAGE BUILD / TEST Essential Application Delivery Steps

Slide 17

Slide 17 text

Copyright © 2017 HashiCorp 17 CONNECT RUN SECURE PROVISION Infrastructure & applications Applications Infrastructure & applications Infrastructure Register and monitor the application and its components Push the application into the environment Secure distributed environment to which applications will be deployed Create core infrastructure to run applications Create environment-appropriate version of the application Develop & test the application CONNECT DEPLOY & RUN SECURE PROVISION PACKAGE BUILD / TEST Essential Application Delivery Steps

Slide 18

Slide 18 text

Copyright © 2017 HashiCorp Provision 18 Providing a common workflow to provision infrastructure and application resources across private cloud, public cloud, and external services. Multi-Cloud Provisioning Operations Provision Any Infrastructure For Any Application Copyright © 2017 HashiCorp

Slide 19

Slide 19 text

Copyright © 2017 HashiCorp The shift to hybrid infrastructure 19 TRADITIONAL
 DATACENTER TRADITIONAL
 DATACENTER

Slide 20

Slide 20 text

Copyright © 2017 HashiCorp The shift to hybrid infrastructure 20 AWS Azure GCP Private cloud HYBRID DATACENTER TRADITIONAL
 DATACENTER TRADITIONAL
 DATACENTER

Slide 21

Slide 21 text

Copyright © 2017 HashiCorp The shift to hybrid infrastructure 21 AWS Azure GCP Private cloud Application Platform Core Infrastructure Security HYBRID DATACENTER TRADITIONAL
 DATACENTER

Slide 22

Slide 22 text

Copyright © 2017 HashiCorp 22 AWS Azure GCP Private cloud HYBRID DATACENTER TRADITIONAL
 DATACENTER The shift to hybrid infrastructure Application Platform Core Infrastructure Security

Slide 23

Slide 23 text

Copyright © 2017 HashiCorp ▪ Public Cloud is forcing Multi-Cloud Architecture ▪ Provisioning of Core Infrastructure is Heterogenous ▪ API driven clouds, no API standardization ▪ Usage is Elastic ▪ Scale is orders of magnitude larger Provisioning Challenges 23

Slide 24

Slide 24 text

Copyright © 2017 HashiCorp ▪ Infrastructure as Code ▪ Versioning, Automation, Sharing, Modularity, Peer Review ▪ Point-and-Click does not scale, error prone ▪ Embrace Heterogeneity, Provide Common Workflows ▪ Extensibility Critical ▪ Incorporate new technologies without retooling Next-Generation Provisioning 24

Slide 25

Slide 25 text

Copyright © 2017 HashiCorp Secure 25 Centrally secure, store, and tightly control access to secrets across hybrid infrastructure and applications. Application-Centric Security Security Secure Any Infrastructure For Any Application Copyright © 2017 HashiCorp

Slide 26

Slide 26 text

No content

Slide 27

Slide 27 text

Copyright © 2017 HashiCorp ▪ Networks were hard on the outside, soft on the inside ▪ Deployed network middleware at ingress/egress ▪ Physical networking constrained traffic flow ▪ Complex topologies very difficult to model and secure ▪ Applications assumed confidential and privileged network Castle & Moat Security 27

Slide 28

Slide 28 text

Copyright © 2017 HashiCorp ▪ Assume “Zero Trust”, network is already compromised ▪ Application-Centric ▪ Authentication required on private networks ▪ Application to Application authorizations ▪ Data Encrypted in transit and at rest Next-Generation Security 28

Slide 29

Slide 29 text

Copyright © 2017 HashiCorp Run 29 Cluster managers and schedulers for self-service deployment and lifecycle management of applications on any infrastructure. Self-Service Deployment Deployment Run Any Application Across Any Infrastructure Copyright © 2017 HashiCorp

Slide 30

Slide 30 text

Copyright © 2017 HashiCorp ▪ Operators coupled to Developers tightly (1:8) ▪ Low velocity of deployment ▪ Limited diversity of middleware ▪ Open Source gaining traction in Enterprise ▪ Specialized Middleware (Caches, NoSQL, Big Data, Messaging) ▪ Multi-Cloud Support Traditional Operations 30

Slide 31

Slide 31 text

Copyright © 2017 HashiCorp 31 AWS Azure GCP Private cloud HYBRID DATACENTER TRADITIONAL
 DATACENTER The shift to hybrid infrastructure Application Platform Core Infrastructure Security

Slide 32

Slide 32 text

Copyright © 2017 HashiCorp ▪ Empower Developers to Deploy, Decouple Operators ▪ Provide Higher Level Abstractions ▪ Support highly diverse applications and middleware ▪ Cluster Managers and Schedulers provide self-service, decoupling, higher density ▪ Nomad, Kubernetes, Mesos, etc Next-Generation Deployment 32

Slide 33

Slide 33 text

Copyright © 2017 HashiCorp Connect 33 Service discovery, runtime configuration, and orchestration needed for micro service based applications to operate. Enabling Services Service Catalog Connect Any Application Across Any Infrastructure Copyright © 2017 HashiCorp

Slide 34

Slide 34 text

Copyright © 2017 HashiCorp ▪ Monolithic applications ▪ Low churn ▪ Limited scale out ▪ Load balancers Monolith Connectivity 34

Slide 35

Slide 35 text

Copyright © 2017 HashiCorp ▪ Service Oriented Architecture ~= Microservices ▪ N-Tier applications ▪ Public Cloud and Containers increasing churn ▪ Applications being updated more frequently ▪ 10-100x traditional scale SOA strikes Back 35

Slide 36

Slide 36 text

Copyright © 2017 HashiCorp ▪ Dynamic Service Catalog ▪ Services “Publish” availability ▪ Clients can “Discover” location services at runtime ▪ Handle high rate of change ▪ Route around failures ▪ Mix Mainframes, VMs, Containers, Serverless, etc ▪ Network is the connectivity layer Service Discovery 36

Slide 37

Slide 37 text

Copyright © 2017 HashiCorp ▪ Dynamic CMDB ▪ Service level abstraction ▪ Platform Agnostic (Public/Private Cloud, VM/Container) ▪ Resilient to Cloud reliability / Container churn ▪ Provides visibility into global state ▪ Enforce service level security policy Next-Generation Connectivity 37

Slide 38

Slide 38 text

s Copyright © 2017 HashiCorp 38 Paradox of Automation

Slide 39

Slide 39 text

No content

Slide 40

Slide 40 text

Copyright © 2017 HashiCorp ▪ Automation enables a change to be repeatable and fast ▪ Gives developers and operators enormous leverage ▪ Does not imply every change is desirable! ▪ Physical world made mistakes more obvious ▪ Did you really mean to order 5000 servers? ▪ Did you really mean to rewire traffic around the firewall? Automation Challenges 40

Slide 41

Slide 41 text

Copyright © 2017 HashiCorp ▪ Infrastructure as Code ▪ Codified and Versioned Infrastructure ▪ Policy as Code ▪ Codified and Versioned Policies ▪ Policy ensures incremental changes are safe ▪ Prevent automation avalanche ▪ Automation with Guardrails! Next-Generation Automation 41

Slide 42

Slide 42 text

Thank you. [email protected] www.hashicorp.com