As organizations move from manual IT operations to codifying their infrastructure, networking challenges arise. Container-based workloads change quickly, and IP addresses are short-lived. An application-first approach to networking can solve many of these problems.
Manually provisioning, configuring, and managing infrastructure can quickly become a bottleneck in today’s application-centric world. Manual IT operations don’t scale, and the human factor introduces the risk of misconfiguration and inconsistency across environments. As workloads evolve, move to the cloud, and become more dynamic and ephemeral, requirements also change quickly. No longer is the ability to spin up or spin down workloads based on application load a nice to have; it’s often a need. Availability matters, and organizations often have no patience for downtime. IT, and by extension, infrastructure, exist to serve the applications and the organization’s needs.
Infrastructure as Code is the next generation of IT management. By codifying infrastructure, organizations gain the benefits of software like versioning, repeatability, and the ability to automate. Automation can significantly increase an IT team’s operational efficiency and frees them up to spend time on other business-value-adding projects. More importantly, though, it brings more resiliency and scalability to applications.
Connecting Applications Across Clouds and Runtimes
At Cloud Field Day 8, HashiCorp gave a quick overview of the HashiCorp product portfolio and deep-dived into Consul, its service mesh solution.
Consul connects applications across clouds and runtimes like Kubernetes or virtual machines. Consul offers myriad features, including health checks, load balancing, service discovery, and network traffic encryption. Consul deploys as three nodes for high-availability and runs on-premises or is available as-a-Service in Azure or HashiCorp Cloud Platform.
Moving Beyond Centralized Hardware to Distributed Software
Consul moves naming, routing, and authorization from middleware such as Web Application Firewalls (WAFs), Identity Detection Systems (IDS), and Identity Prevention Systems (IPS) to proxies at the software-based edge. Proxies get deployed alongside all services, including API, web, and database servers. Proxies act as communication brokers and ensure all communications use TLS. An outgoing proxy handles routing, whereas the incoming proxy might handle authorization. For any external systems that can’t be brought into the mesh, Consul can deploy terminating gateways to front them.
Consul’s technology-agnostic nature makes it ideal for federating Consul clusters and stitching together heterogeneous workloads such as Google Kubernetes Engine (GKE), Amazon Elastic Kubernetes Service (EKS), Nomad workloads, or even virtual machines. Nomad is an agnostic application deployment platform also offered by HashiCorp. HashiCorp highlighted Consul’s network automation ability during a demo by dynamically updating IP address in config files using Nomad jobs. A Nomad job can be scheduled to kick off whenever a service changed.
If you are interested in running your own demo of Consul on your local machine or home lab, HashiCorp also spotlighted Shipyard at Cloud Field Day 8. Shipyard, built by Developer Advocates at HashiCorp, contains blueprints for standing up Consul, Nomad, and Kubernetes clusters locally. This makes it an easy-to-deploy platform.
Now, for the wrap-up. Consul can add network automation and meet organizations where they are on their DevOps journey by unifying disparate workloads into a single service mesh or federating multiple service meshes.
Built on the pillars of multi-runtime support, multi-cluster, and workflows over technologies, Consul integrates with other platforms and doesn’t require the entire HashiCorp suite of products to realize its benefits. HashiCorp has chosen to focus on the workflows that organizations demand, not the technologies.
To learn more about Consul, check out HashiCorp’s presentation from Cloud Field Day 8 videos.