Manage your infrastructure lifecycle with new Terraform, Packer, Waypoint, and Nomad features

Today at HashiDays in London, we are excited to announce new capabilities across our Infrastructure Lifecycle Management (ILM) portfolio, including HashiCorp Terraform, Packer, Nomad, and Waypoint, to help customers build, deploy, and manage infrastructure.

New announcements today include:

• HCP Terraform in Europe (limited availability) to help meet European data compliance requirements
• HCP Terraform agent enhancements (limited availability) for private VCS access and private policy enforcement
• HCP Waypoint actions (public beta available soon) will expose Day 2 operations and CI/CD golden workflows to developers

Our ILM offerings help teams build the images and architectures required for their applications, deploy them automatically and consistently, and manage the health and performance of these environments from creation through end-of-life.

(Learn more about ILM and its role in The Infrastructure Cloud — a unified platform for your entire digital estate that lets you manage the full lifecycle of your infrastructure and security resources — in these two blog posts: Standardize your cloud approach with Infrastructure Lifecycle Management and Introducing the Infrastructure Cloud.)

ILM delivered via the HashiCorp Cloud Platform (HCP) is designed to address challenges in each stage of the infrastructure lifecycle — Day 0 (build), Day 1 (deploy), and Day 2+ (manage). This blog post looks at the announcements across the entire infrastructure lifecycle journey:

»Day 0: Build and publish infrastructure as code to drive standardization

Day 0, as organizations plan and define the requirements of their services, is the time to lay a strong foundation for Infrastructure Lifecycle Management. Organizations need a programmatic approach to defining and provisioning application environments quickly and securely. They must account for security vulnerabilities in the software supply chain, including their base images and build artifacts, and avoid complicated, manual processes for their image lifecycle management workflows.

»HCP Packer improves workflows and visibility

HCP Packer version and plugin version tracking gives users even more visibility into artifact creation letting them see which versions of Packer Community Edition and builder plugins were used to create each of their artifacts. With version/plugin information stored directly in the HCP Packer artifact registry, this enhancement sets the foundation for a secure build pipeline and helps organizations ensure they are leveraging the latest Packer features.

HCP Packer webhooks let organizations tie their image-related workflows into their existing automation pipelines. Webhooks can be used to trigger custom automation in response to image events such as creation, assignment to a channel, and revocation to help accelerate image lifecycle management efforts.

HashiCorp Packer predictable plugin loading, generally available in version 1.11, standardizes the plugin loading system to load only binaries with accompanying SHA256SUM files from specified directories. This approach ensures Packer consistently uses the intended plugins, enhancing stability and streamlining the installation and update processes for users.

»Day 1: Deploy resources fast and securely to support application workloads

On Day 1, when developers are ready to provision the infrastructure needed to deploy an application, they want to use functions and the newest services quickly. They don’t want to waste valuable time repeating complex workarounds.

»Terraform simplifies quickly using functions and the newest services

The AWS Cloud Control (AWSCC) provider gives developers near-launch-day support for new AWS services. A complementary provider to the standard AWS provider, the AWSCC provider is generated based on the Cloud Control API published by AWS. This approach gives practitioners an extensive catalog of resources and access to resources not yet available in the standard AWS provider, including AWS Billing Conductor, AWS Chatbot, Amazon Personalize, Amazon Q, and so on. With its ability to automatically support new features and services, the AWSCC provider increases the resource coverage and significantly reduces the time it takes to support new capabilities (To learn more, read our blog post: Terraform AWS Cloud Control API provider now generally available).

Provider-defined functions in HashiCorp Terraform 1.8 bring new flexibility for anyone in the community and HashiCorp’s partner ecosystem to extend the capabilities of Terraform. These provider-defined functions expose custom logic beyond Terraform’s built-in functions, simplifying configurations and boosting developer velocity.

»Terraform deployment flexibility without sacrificing security

Organizations with strict security and compliance requirements often need to operate a private version control system (VCS) and self-manage Terraform Enterprise because they don’t want to make their VCS accessible over the public internet. Similar challenges arise for customers attempting to integrate HashiCorp Sentinel and Open Policy Agent (OPA) policy enforcement with internal systems and data sources. These connectivity limitations can prevent organizations from adopting fully managed HCP Terraform and taking advantage of the newest features as soon as they become available.

Today, we’re announcing enhanced agent capabilities including private VCS access and private policy enforcement (currently in limited availability) so HCP Terraform customers don’t have to compromise on their security and compliance efforts. VCS and policy operations can now be proxied through a self-hosted HCP Terraform agent — all in a secure and performant manner — within the customer's private environment.

For European customers bound by regulatory constraints or internal policies, storing data within the European region is critical. We are excited to introduce the limited availability of HCP Terraform in Europe to help organizations expand in Europe. This new expansion is our first European HCP region and it’s designed to help customers meet data compliance requirements by keeping certain Terraform-specific data, such as state files and secrets, within Europe. Thanks to closer physical proximity, customers can also enjoy better Terraform service performance.

»Day 2+: Manage infrastructure over time to optimize for cost, risk, and speed

After deployment, on Day 2 and beyond, organizations need to continuously manage their environments. Without a system of record for all infrastructure, images, workloads, and applications, organizations don’t have the visibility and insights needed to optimize their operations. For example, when organizations scale their cloud environments and DevOps teams with multiple technologies and tools, it can become difficult to keep track of all the data, including module, provider, and Terraform versions. This can lead to teams using deprecated or revoked versions, posing a potential security risk.

»Terraform improvements for additional infrastructure visibility

Early this year, Explorer for HCP Terraform made further improvements to help users ensure their environments are secure, reliable, and compliant. With Explorer’s filter capability, customers can more effectively find, view, and use their important operational data from HCP Terraform as they monitor workspace efficiency, health, and compliance. With the new public Explorer API and CSV downloads, users can automate the integration of their data into visibility and reporting workflows outside of HCP Terraform.

»Waypoint to standardize application patterns

The complexity of application delivery poses additional challenges, such as a lack of standardization, self-service workflows, and cognitive overload for developers due to context switching. Platform teams want to standardize application patterns in their organizations and provide golden workflows to their development teams to get them up and running quickly. HCP Waypoint is an internal developer platform (IDP) that empowers platform teams to define golden patterns and workflows for developers to manage applications at scale.

HCP Waypoint templates abstract and standardize application scaffolding like infrastructure, dependencies, application workflows, and access control — all in one place. Terraform modules underpin templates and let developers create their applications without worrying about the infrastructure details.

HCP Waypoint add-ons let developers easily and seamlessly install infrastructure dependencies into their Waypoint-defined applications. Dependencies are also defined using Terraform. Example dependencies include databases, caches, and queues.

Once an application and associated infrastructure resources are created using templates and add-ons, application owners must perform a set of Day 2 tasks. Specifically, organizations need to expose Day 2 operations such as artifact promotions, rollbacks, and schema migrations to their developers, in an opinionated way.

HCP Waypoint actions (public beta available soon) will provide a push-button experience to enable those Day 2 operations. Platform teams can share pre-configured tasks like build promotions, rollbacks, and modifying feature flags with developers, who can then use those actions to execute their workflows with the push of a button.

To learn more, see our blog post: HCP Waypoint to add actions, enhances golden pattern capabilities, and more.

»Nomad gains first-class runtime support with Consul

Once organizations have built and deployed infrastructure using Packer and Terraform, the next step is to deploy the application itself through HCP Waypoint, then to run and register them as services, exposing those services to the rest of the environment. To address those needs, organizations can use HashiCorp Nomad and Consul. Nomad is part of the Infrastructure Lifecycle Management portfolio and provides a complete solution for scheduling any type of workloads. Consul helps organizations securely connect applications through the use of service-based identities.

The latest Nomad 1.8 release and upcoming Consul 1.19 release enable Consul’s support for Nomad as a first-class runtime alongside Kubernetes. To that extent, most of the features that are available in a Kubernetes environment, including Container Network Interfaces, transparent proxy, admin partitions for multi-tenancy, and API gateways are now also available for Nomad. This tight integration between Consul and Nomad greatly simplifies developer workflows for these use cases.

Nomad also now supports time-based execution and overrides of the tasks it schedules. This gives organizations governance and control over the workloads they plan on deploying to their infrastructure by letting operators schedule when tasks should execute and when they should stop. Lastly, as part of this new release, Long-Term Support (LTS) versions of Consul Enterprise and Nomad Enterprise are now available, as well.

To learn more, see our blog post: Nomad 1.8 adds exec2 task driver, support for Consul API gateway, and transparent proxy.

»Get started today

Trusted by many of our 4,500 customers, our Infrastructure Lifecycle Management portfolio, including HashiCorp Terraform, Packer, Nomad, and Waypoint, enables organizations to embrace a cloud operating model to realize the full benefits of cloud adoption and maximize their infrastructure investments.

You can try many of these new features now. If you are new to our ILM products, sign up for HCP Terraform, HCP Packer and HCP Waypoint to get started for free today. To learn more about Nomad, check out our tutorials. If you are interested in the products currently in limited availability, please contact our sales team.