Hashicorp: Delivering the Tao of DevOps

Transcript

1. Hashicorp Ramit Surana @ramitsurana /in/ramitsurana Delivering the Tao of devops

   …

2. Agenda • Introduction to Hashicorp • Why Hashicorp • Hashicorp

   projects • Vagrant • Packer • Serf • Vault • Consul • Terraform • Consul

3. Who am I? • Open source guy. • Foodie, traveler,Explorer

   • Join me on my network, I promise I won't bite :) • Twitter: @ramitsurana • Github: @ramitsurana • Linkedin: /in/ramitsurana • Mail: [email protected]

4. Who is Hashicorp ? • Hashicorp is a Devops tools

   and product building company. • Using Hashicorp tools we can automate & redesign the company's infrastructure. • Its open-source.

5. The Tao of Hashicorp • The tao represents • The

   foundation that guides the vision, roadmap, and product design. • Workflows • Immutability • Simple, Modular, Composable

6. Why Hashicorp ?

7. Hashicorp Navratan • Vagrant • Packer • Consul • Serf

   • Atlas • Otto • Nomad • Terraform • Vault

8. Vagrant

9. Vagrant • Tool for building complete development environments. • Machines

   are provisioned on top of VirtualBox, VMware, AWS, or any other provider.

10. Vagrantfiles • Used to describe the type of machine required

    for a project, and how to configure and provision these machines. • Vagrantfiles are portable across every platform Vagrant supports. • Vagrant is meant to run with one Vagrantfile per project.

11. Packer

12. Packer • Tool for creating identical machine images for multiple

    platforms from a single source configuration. • Packer is lightweight, runs on every major operating system, and is highly performant, creating machine images for multiple platforms in parallel.

13. Platforms Supported • Amazon EC2 • DigitalOcean • Docker •

    Google Compute Engine • OpenStack • Parallels • QEMU • VirtualBox • VMware(OVF)

14. Consul

15. Consul • Tool for discovering and configuring services in your

    infrastructure. • Consul makes it simple for services to register themselves and to discover other services via a DNS or HTTP interface.

16. Consul Architecture

17. Jespen Testing • A Jepsen test runs as a Clojure

    program on a control node. • Jepsen has been used to verify everything from eventually-consistent commutative databases to linearizable coordination systems to distributed task schedulers. • Check out more info on it at https://github.com/aphyr/jepsen.

18. Serf

19. Serf • It is a tool for cluster membership, failure

    detection, and orchestration that is decentralized, fault-tolerant and highly available. • It relies on an efficient and lightweight gossip protocol to communicate with nodes.

20. Gossip Protocol • It is a tool for cluster membership,

    failure detection, and orchestration that is decentralized, fault-tolerant and highly available. • Modern distributed systems often use gossip protocols to solve problems that might be difficult to solve in other ways, either because the underlying network has an inconvenient structure, is extremely large, or because gossip solutions are the most efficient ones available.

21. Otto

22. Otto • Otto automatically builds an infrastructure and deploys your

    application using industry standard tooling and best practices. • Otto automatically fetches dependencies, detects conflicts, and installs and configures these dependencies for development and deployment.

23. Appfile • The file that Otto uses as a source

    of configuration for an application. • Otto takes this file and compiles it to an internal representation that is used by all the Otto subcommands.

24. Terraform

25. Terraform • Tool for building, changing, and versioning infrastructure safely

    and efficiently. • It can manage existing and popular service providers as well as custom in-house solutions. • The manage includes low-level components such as compute instances, storage, and networking, as well as high-level components such as DNS entries, SaaS features, etc.

26. Resource Graph • It builds a dependency graph from the

    Terraform configurations, and walks this graph to generate plans, refresh state, and more. • To walk the graph, a standard depth-first traversal is done.

27. Resource Addressing • It is a string that references a

    specific resource in a larger infrastructure. • It is made up of two parts: • Module path: • A module path addresses a module within the tree of modules. • Resource spec: • A resource spec addresses a specific resource in the config.

28. Vault

29. Vault • It secures, stores, and tightly controls access to

    tokens, passwords, certificates, API keys, and other secrets in modern computing. • Vault encrypts and provides access to any secrets. • Every secret in Vault is associated with a lease. Clients must renew their secret within the lease period, or request a new secret.

30. Vault Architecture

31. Shamir's Secret Sharing • It is a form of secret

    sharing, where a secret is divided into parts, giving each participant its own unique part. • The parts or all of them are needed in order to reconstruct the secret.

32. 2 man rule • Control mechanism designed to achieve a

    high level of security for especially critical material or operations. • Under this rule all access and actions requires the presence of two authorized people at all times. How I remember it. P.S: Must Watch Show

33. Nomad

34. Nomad • Tool for managing a cluster of machines and

    running applications on them. • It abstracts away machines and the location of applications, and instead enables users to declare what they want to run and Nomad handles where they should run and how to run them.

35. Nomad Architecture

36. Consensus Protocol • It is related to CAP Theorem. •

    Built using go-raft library. • Consists of 3 Roles : - The Leader - The Follower - The Candidate

37. Atlas

38. Atlas • Atlas deeply integrates HashiCorp open source tools to

    provide an enterprise delivery pipeline. • Atlas deeply integrates HashiCorp open source tools to provide an enterprise delivery pipeline.

39. Atlas Architecture

40. How atlas looks like ?

41. Get Innvolved Github.com/hashicorp

42. Customers

43. Got Questions ?

44. HashiConf • Started in 2015 • Must attend for Hashicorp

    fans • Feel free to join me for the next time I go :)

45. Thank You Check out some of the cool hashicorp stuff

    !!