Tech Blog.

Thoughts, stories, ideas.

A Consistent Approach to Easily Provision, Secure, Connect, and Run Any Infrastructure for Any Application with HashiCorp

27. March 2019

The Cloud Operating Model and Modern Infrastructure

Until recently, an organization’s data center followed a static model with dedicated infrastructure. Now, organizations of all sizes are adopting the cloud operating model for their application workloads. Whether to optimize the costs of running and managing their data centers or to enable development teams to build tomorrow’s applications efficiently, most organizations are interested in the benefits of the cloud model. While early cloud adoption was largely about building new applications on Amazon Web Services (AWS), today it is clear that the cloud model is not just one cloud but the ability to embrace multiple clouds. Multi-cloud allows application workloads to be serviced with different cloud providers, avoid vendor lock-in, and scale effectively. This shift from static and consolidated to dynamic and distributed infrastructure introduces new challenges for the key people that manage infrastructure across operations, security, networking, and development.


HashiCorp Leads the Industry to Workflows over Technologies

HashiCorp Co-Founder and Co-CTO, Armon Dadgar, will discuss what the modern-day cloud operating model looks like along with how the HashiCorp toolset fits in at this year’s LEC (formerly SITB / Swiss IT Business) in Geneva during his presentation on 10 April 2019 at 10:30am. Get your ticket here.

Mitchell Hashimoto and Armon Dadgar founded HashiCorp in 2012 with the goal of revolutionizing the way applications are delivered. Headquartered in San Francisco, HashiCorp has grown into the cloud infrastructure automation company that enables organizations to adopt consistent workflows to provision, secure, connect, and run any infrastructure for any application. Each of their six open source products addresses a focused concern for the technical and organizational challenges of infrastructure automation. This means products can be adopted one at a time or all together. HashiCorp does this by enabling consistent workflows—not technologies. This also enables customers to follow the same approach across their private data centers and their cloud environments.

Consistent Workflows to Provision, Secure, Connect, and Run Any Infrastructure For Any Application

It is important for organizations to be able to quickly and efficiently run applications and infrastructure on the cloud best suited for their needs. Ultimately the reason for this shift to cloud is to accelerate the application delivery process. This is the fundamental purpose of the HashiCorp suite—to provide teams with the infrastructure automation capabilities they need as they move to cloud. By providing a common cloud foundation, the operations, security, networking, and development teams can be confident their requirements are met for any new application without constraining the deployment process. The “lego piece” approach of HashiCorp software allows organizations to incrementally adopt the tooling they need and integrate with their existing systems.



From Startups to Global 2000

The HashiCorp open source toolset includes Vagrant, Packer, Terraform, Vault, Consul, and Nomad, which are downloaded over 50 million times a year collectively. Enterprise versions of Terraform, Vault, Consul, and Nomad enhance the open source tools with features that promote collaboration, governance, auditing, and multi-datacenter functionality. Their enterprise tools are being adopted broadly by the Global 2000 including Adobe, Barclays, Citadel, Credit Karma, Cruise Automation, Deluxe Entertainment, Equinix, Hulu,, Pandora, Petco, Proofpoint, Ripple, SAP Ariba, Segment, and Spaceflight.

One Workflow to Provision, Secure, Govern, and Audit Any Infrastructure

HashiCorp Terraform safely and efficiently provisions any infrastructure for developers to run their applications. The traditional model relied on a static fleet of standardized infrastructure, provisioned for long periods of time, with dedicated users. Today, heterogeneous infrastructure is frequently provisioned, short-lived, and leverages automated provisioning on-demand.

HashiCorp Terraform solves provisioning across a multi-cloud infrastructure fleet. The Terraform approach introduces Infrastructure as Code (IaC) and focuses on building a set of consistent workflows; enabling application delivery to be quicker by removing the traditional approach of submitting a ticket and instead leveraging self-service infrastructure. This means users can easily provision infrastructure on-demand with a library of approved infrastructure.

Key use cases for Terraform include:

  • Infrastructure as Code: Codification enables version control and automation, reducing human error and increasing productivity.
  • Multi-Cloud Management: Provision and manage public cloud, private infrastructure, and cloud services with one workflow to learn, secure, govern, and audit.
  • Self-Service Infrastructure: Enable users to easily provision infrastructure on-demand with a library of approved infrastructure.

Manage Secrets and Protect Sensitive Data

HashiCorp Vault enables organizations to secure any application and any infrastructure. The traditional data center had a clear, ‘four walls and a pipe’ network perimeter. Firewalls served as bulkheads between frontend, user-facing applications and backend databases. Anyone inside the network was assumed to be authorized to access the infrastructure. IP addresses were generally static, which allowed security professionals to provide additional constraints on application interactions based on IP addresses. This shift is extremely disruptive to traditional security models.

For organizations embracing cloud, the dynamic nature of cloud infrastructure means you no longer own the network. Additionally, the surface area that security teams are now concerned with expands exponentially. HashiCorp Vault addresses these new security challenges through acknowledging low-trust networks in public clouds and the lack of network perimeters across clouds.

Vault tightly controls access to secrets and encryption keys by authenticating against trusted sources of identity such as Active Directory, LDAP, Kubernetes, CloudFoundry, and cloud platforms. Vault enables team members to request secrets for any system through one consistent, audited, and secure workflow. Vault supports public clouds and private datacenters, and a broad range of endpoint systems including databases, cloud platforms, messaging queues, SSH, and more.

Key use cases for Vault include:

  • Secrets Management: Centrally store, access, and distribute dynamic secrets such as tokens, passwords, certificates, and encryption keys.
  • Data Encryption: Keep application data secure with centralized key management and simple APIs for data encryption.


Connect & Run

HashiCorp Consul makes service mesh easy with a distributed service networking layer to connect, secure, and configure applications across dynamic, distributed infrastructure. Organizations leverage Consul for service discovery, service segmentation, and service configuration.

HashiCorp Nomad is the top layer in the HashiCorp stack. Nomad is an easy-to-use and flexible workload orchestrator that enables organizations to automate the deployment of any applications on any infrastructure at any scale across multiple clouds. In addition to running Docker containers, Nomad can also run non-containerized, legacy applications on both Linux and Windows servers.


Succeeding at digital transformation means building sustainable practices for delivering software at high velocity and scale. The HashiCorp product suite enables enterprises to deliver on the agility and scalability of the cloud operating model by establishing shared centers of excellence for infrastructure, applications, networking, and security.