4) Multi-cloud#
The overwhelming majority of cloud-native enterprises are using multiple cloud providers. Now what multi-cloud actually means in practice is beyond the scope of this piece (how diversified do you need to be?), but suffice it to say that large enterprises are using products from multiple cloud providers. That means multiple UIs and CLIs to manage this stuff, multiple billing portals, etc. This is not fun.
Hashicorp is a layer on top of your infrastructure#
This is where Hashicorp comes in. You can think of them as a layer on top of your infrastructure, cloud or otherwise (like I literally just said in the headline), agnostic to who you’re actually using – Amazon, Google, both of them, on-prem, whatever. And they help developers create and manage that infrastructure in a simple, scale-friendly way.
“Infrastructure” can mean a lot of different things – a lot of people would call Hashicorp itself part of infrastructure. For the purposes of this post, think of it as anything you’d run an application on: a virtual machine, a Docker container, or any combination of those sorts of things.
We’ll start by running (jogging?) through some high level descriptions of Hashicorp’s core products, and then dive deeper into their most popular one, called Terraform. And unlike AWS, the good people over at Hashicorp seem to be actually able to name their products nicely, which we love.
Feel free to skip through this section if it’s too in detail – there’s a lot here. Just keep in mind that Hashicorp’s goal is to be the one-stop-shop for filling in the gaps in your infrastructure – anything that AWS and co. don’t do, plus making them all work together.
Infrastructure#
These products help you manage your infrastructure primitives.
- Terraform – create, manage, and destroy infrastructure from any provider with an easy programmatic interface.
- Packer – service for building images that you can place on virtual machines.
- Vagrant – sort of a Docker alternative. Hashicorp’s first product, back in 2010.
Security#
These products help you manage your credentials and access controls.
- Vault – create and manage access to secrets (API Keys, access tokens, etc).
- Boundary – system for managing remote access (like SSH Keys or a VPN).
Networking#
Consul is a server / service for running your networking infrastructure – think a centralized registry of all of your different infrastructure, and policies for how they can connect to each other.
Applications#
These products help teams deploy their apps on existing infrastructure setups.
- Nomad – sort of a Kubernetes alternative. Lets you deploy apps on a pool of infrastructure, containerized or otherwise.
- Waypoint – Automates deploying your app on any infrastructure, like Kubernetes or EC2.
---
All of the above products are open source. But Hashicorp does make at least some money, and they do that by packaging a couple of these services into a cloud-based offering, mostly for enterprises (on-prem). The big two are Terraform and Vault, which generated over 88% of their revenue in 2024.
Their HashiCorp Cloud Platform (HCP) now offers Terraform, Boundary, Consul, Vault, and Waypoint as fully managed services — meaning you don't need to run your own HashiCorp servers. This cloud business is growing, generating $76.1 million in revenue for fiscal 2024 (about 13% of their total revenue).
To get a better sense of what you’d be doing with these products, let’s dive a bit deeper into Terraform. It’s the piece of Hashicorp that you’ll see discussed most often on the web. Terraform helps you manage infrastructure primitives – things like virtual machines, Docker containers, databases, really anything.
You might use Terraform if:
- You’re on a platform team and need to build an interface for other engineers at the company to work with your infrastructure securely
- You want a simpler way to work with the AWS API
- You need an easy way to create / manage / destroy infrastructure from multiple providers at the same time
The product is pretty broad, so you’ll find users on smaller and larger teams (and companies) alike.
Core concepts#
You can use Terraform to create, manage, and destroy infrastructure.
- Create – spin up new virtual machines, Docker containers, Kubernetes clusters, etc.
- Manage – change machine sizes, regions, rollover clusters, etc.
- Destroy – you can guess what this one means
Terraform’s secret sauce (or at least some of it) is the concept of state. The product keeps a running log of exactly what your active infrastructure looks like at a given point in time – that helps developers debug and make changes without breaking things. You can even store that state remotely, which is part of why folks pay for Terraform Cloud.
Quick example#
Everything in Terraform starts with a provider. You can use Hashicorp official ones, like the AWS provider, but there are hundreds built by the community themselves. Everything is available via their Registry site.
For our example, the provider we need is AWS. So we’d get started by declaring the provider and resources we’d want to use:
terraform {
required_providers {
aws = {
source = "hashicorp/aws"
version = "~> 2.70"
}
}
}
Then we might add a resource that we want our fellow developers (or ourselves) at the company to be using:
resource "aws_instance" "example" {
ami = "ami-830c94e3"
instance_type = "t2.micro"
}
These properties (AMI and Instance Type) are infinitely configurable, and there are hundreds to choose from based on your provider. The power of Terraform is that once you define them here, you can have users spin up new ones based on existing configurations.
If later on we wanted to update the machine image that this little resource is based on, Terraform gives us a nice change management utility:
resource "aws_instance" "example" {
ami = "ami-830c94e3"
This is a tiny piece of what you can do – read more in the docs here.
