为HashiCorp产品提供一流的 Kubernetes 支持

OCT 23 2018 ANTHONY DAVANZO

As a follow-up to the HashiCorp Consul plus Kubernetes blog series, this blog highlights our recent work to provide first-class support for Kubernetes across HashiCorp product line.

In addition to making our products easier and more natural to use within Kubernetes, these integrations allow users to better work in environments shared with non-Kubernetes workloads. While it is easy to start a pure-Kubernetes environment, most deployments have to interact with external services running in cloud computing environments, on-premises data centers, and more. HashiCorp products such as Consul are designed for these heterogeneous environments enabling non-Kubernetes applications to seamlessly interact with Kubernetes applications.

HashiCorp Consul with Kubernetes
Consul recently released a new set of features to support first-class integration with Kubernetes. The official Helm Chart simplifies the deployment of Consul on Kubernetes. The auto-join and service catalog sync capabilities solve important cross-cluster challenges between both multiple Kubernetes clusters and non-Kubernetes services interacting with Kubernetes services. The sidecar injection and native proxy integration with Envoy can automatically enable secure pod communication via the Consul Connect capability.

In addition to enhanced features, the integration extends the scalability and simplicity of Consul to Kubernetes. Consul is a universal service mesh that can securely connect services within and beyond Kubernetes, creating a seamless experience.

HashiCorp Terraform with Kubernetes
HashiCorp Terraform has an official Kubernetes provider, which supports a broad and growing set of Kubernetes features. HashiCorp has recently taken over maintaining the Terraform Kubernetes provider, and are rapidly iterating with plans for improvements in the near future. We also recently made the Terraform Helm provider official, which can be used for deploying software packages to Kubernetes clusters.

We are also focused on improving integrations with native and managed deployments on public cloud environments. We recently announced launch-day support for Amazon’s EKS Elastic Container Service for Kubernetes (see here for EKS provider and getting started guide) and we had launch-day support for Azure’s managed Kubernetes AKS service (see here for the AKS provider).

We’re excited to see the community embracing our support— the Terraform Kubernetes Provider has been downloaded over 500,000 times since its release, with over 100,000 downloads in the last month alone. The Getting Started guide for the Kubernetes provider can be found here.

HashiCorp Vault with Kubernetes
HashiCorp Vault protects secrets used by Kubernetes systems and allows Kubernetes-based applications to perform common security and cryptography workflows using Vault. The Kubernetes Auth Method allows Kubernetes-based applications to authenticate against Vault, thereby allowing applications running on those pods to freely use Vault to manage secrets, provision dynamic access, and perform cryptographic operations.

HashiCorp Nomad and Kubernetes
HashiCorp Nomad and Kubernetes have some overlapping functionality, but also have opportunities to be used together in environments. While Nomad provides the workload orchestration and scheduling component for the HashiCorp product suite, Kubernetes takes more of a platform-like approach. Circumstances typically dictate which approach makes sense for a given organization. Nomad powers critical production workloads for many large financial and other organizations today. These organizations typically benefit from Nomad‘s native integrations with Consul and Vault as well as the operational similarity across the HashiCorp runtime tools. Together, these characteristics enable them to easily insert Nomad into their existing operational architectures. Nomad users also tend to benefit from key differentiators including:

Native support for legacy and non-containerized workloads
Native container scheduling that composes with other infrastructure
High performance batch processing
A number of organizations have chosen to run Nomad side-by-side with Kubernetes to leverage the differentiating characteristics of both tools.

Conclusion
Kubernetes is an important platform that is being widely adopted across the industry. At HashiConf, we‘re showing our commitment to supporting our customers make the most out of their investment in new approaches, like Kubernetes, as well as their legacy, non-containerized infrastructure and systems. Watch for additional Kubernetes support from our product suite in the weeks and months following HashiConf.

原文地址:http://blog.51cto.com/13883466/2310078

时间: 2024-10-08 21:11:14

为HashiCorp产品提供一流的 Kubernetes 支持的相关文章

免费超大量邮件发送服务Amazon SES和Mailgun提供SMTP和API支持

一般来说网站注册.论坛消息.新闻推送.广告宣传等都会有发送邮件服务,大量的邮件发送服务如果用PHP来发送,一是会消耗主机资源,二是容易被各大邮箱判定为垃圾邮件而被拒收.用第三方的邮局服务发送邮件,可以保证邮件到达率,同时适合超大量的邮件发送服务. 与部落之前介绍的腾讯企业邮箱.新浪企业邮箱等发送邮件服务不同,Amazon SES和Mailgun是专业级别的邮件发送服务,能够满足企业或者个人每天超大量邮件发送服务,并且保证邮件足够的到达率,如果你愿意付费的话,可以极低价格发送每天上万封的邮件. A

Docker战略结盟Rancher,提供企业级落地技术支持

2013年3月,Docker公司发布第一代Docker Hub--发布和使用Docker容器镜像的官方平台:2014年6月,Docker 1.0正式发布:而今天,Docker容器镜像拉取数已超20亿次,这是IT发展历程中从未有过的某一技术的爆炸式发展与增长.一次编码.处处运行,Docker容器技术为云计算领域带来了巨大改变,为IT服务交付的方式带去新的模式与可能. 然而,技术繁荣之后,业界开始冷静地思考:Docker容器使应用程序开发变得更容易,但在生产中部署容器可能会很难.如何让新技术在企业落

Swift对面向对象提供了良好的支持,下面介绍几个其独有的特性。

懒加载属性 Swift在语言层面上提供了类中懒加载属性的支持,使用lazy作为关键字: class Renderer { lazy var loader = Loader() var data = [String]() var render() { // Do something... } } let renderer = Renderer() renderer.data.append("## Hello") renderer.data.append("## Hello Ag

产品 线上 保持 和 支持 服务 (Support and maintenance solutions)

Maintenance and support are the key factors for the smooth functioning of ERP solutions. ERP maintenance and support solutions provided by Exforsys are not only efficient but also affordable. Our company’s ERP consultants provide you the best solutio

使用web api2来提供winfrom的接口支持

1.首先新建一个web api项目,写一个业务接口,写的比较简单,仅适用于测试哦. 2.再新建一个winfrom项目,在下面我首先封装了一个调用post的方法,上面点击事件就是我此次需要测试的,当然对应的web api 接口地址一定要填对. 3.运行web api 挂载iis接口,下一步,我直接运行winfrom窗体 可以看到结果,执行成功了. 本文知识记录一下将会用到的一个demo. 原文地址:https://www.cnblogs.com/tian-yi/p/10517671.html

黑客可借App漏洞攻击手机银行客户端,爱加密为移动支付App提供安全防护!

安卓系统安全问题一直以来被业界所诟病.近日有安全报告指出,安卓手机系统漏洞严重威胁网民支付安全.利用安卓系统漏洞,黑客可以对手机银行客户端实施注入攻击,截获用户银行账号密码,造成财产损失.进行测试的16款手机银行客户端均未能防御此类攻击.    据中国互联网络信息中心(cnnic)的数据显示,由于中国手机支付用户规模成倍增长(同比增长126.9%),截止2013年12月已达1.25亿,移动支付成为大趋势.而伴随这一趋势产生的移动支付安全问题也"水涨船高".近年来,由于遭受木马.恶意插件

手机银行App安全性整体堪忧、爱加密为移动支付App提供安全加密

随着移动支付的普及,手机银行客户端越来越被用户所认可,很多人觉得,既然是银行的客户端,应该是非常安全的.报告针对工商银行.建设银行.招商银行.交通银行.中国银行.农业银行等中国16家主流银行的安卓手机客户端展开一次最全面的安全性评测. 原标题:黑客瞄上手机银行 随着移动支付的普及,手机银行客户端越来越被用户所认可,很多人觉得,既然是银行的客户端,应该是非常安全的.然而,事实并非如此.据了解,少数手机银行客户端存在加密机制不完整.不校验服务器身份等安全隐患.不仅如此,我们一直认为最安全的"随机键盘

ThoughtWorks 2017技术雷达

前言: ThoughtWorks人酷爱技术.我们对技术进行构建.研究. 测试.开源.记述,并始终致力于对其进行改进-以求造福 大众.我们的使命是支持卓越软件并掀起IT革命.我们创建 并分享ThoughtWorks技术雷达就是为了支持这一使命.由 ThoughtWorks中一群资深技术领导组成的ThoughtWorks 技术顾问委员会(TAB)创建了该雷达.他们定期开会讨论 Thoughtworks的全球技术战略以及对行业有重大影响的 技术趋势. 这个雷达以独特的形式记录技术顾问委员会的讨论结果,

CSDN头版头条 《近匠》 Wijmo 5 CTO:从Web到移动,我的25年编程生涯

现年52岁的Bernardo Castilho先生是GrapeCity(中文名为葡萄城)ComponentOne公司的CTO,在与他的对话过程中.充满风趣严谨和厚重的历史感. 当作为年轻人的我们崇拜着各式娱乐男神女神时,他的偶像却是这个世界上最为杰出的科学家.从少年时代開始.编程成了他的兴趣爱好.并终于成为了他许以一生的职业.作为Wijmo 5开发团队的Leader之中的一个,他是HTML5.JavaScript等众多技术的行家里手,在採訪他之前,笔者特地在CSDN论坛上发起了一个问题征集的活动