The core Hashicorp product: simplifying cloud
You can think of Hashicorp as a layer on top of your infrastructure, cloud or otherwise, agnostic to who you’re actually using – Amazon, Google, both of them, on-prem, whatever. And they help developers create and manage that infrastructure in a simple, scale-friendly way. They have products across several categories – cloud, security, networking, and apps – that abstract the lower level details and make it easier for developers to focus on just building their apps.
Why infrastructure needs managing
To understand Hashicorp, we’ll first need to get a view of what it’s like to manage cloud infrastructure, especially for larger companies. Let’s put on our x-ray goggles and venture into the desk clump by the wall that gets no light where they put the software engineers.
If you’re running your app(s) on cloud infrastructure today (and this also applies somewhat to home-grown stuff), your team runs up against 4 major problems. Well, more than that, but 4 for the purposes of this post.
1) Product overload
AWS has literally hundreds of products, and it’s not at all uncommon for companies to use 10 or even 20 of them at once. To quote from the original Technically post on AWS:
Even medium sized startups will often be using 10+ AWS services from the get go, and more established businesses can easily go past 100. Let’s imagine we’re a startup that sells technical literacy and education software to tech businesses (let’s imagine). We’ve got a basic web application, and a little data warehouse for our Growth Lead to report basic company metrics. We might be using:EC2 to deploy our web app in a few Docker containersLambda to process form submissions on the marketing siteEBS for block storage connected to our EC2 instance(s)S3 to store backups and files for the app and marketing siteRoute53 to connect our domain name to our AWS serversRDS (Postgres) as our managed database for our web appCloudfront as our CDN for serving assets quicklyVPC to isolate our resources into a private, secure networkBackup to back up our data across servicesRedshift to store analytics data as our data warehouseThese are just the AWS products that you’ll be using - but there are other parts of the ecosystem that help support this product usage; sort of like the glue that keeps things together.
As you might imagine, working with all of these products can get a bit hairy. It’s hard to understand what’s running, what state it’s in, and what you should use for spinning up new apps or services.
2) Configuration hell
Each infrastructure product has different configurations. What region should your EC2 instance be in? What’s the timeout for your Lambda function? What size is your EBS instance?
These configurations are essential to an efficient infrastructure setup, but creating and maintaining them is understandably complex. It doesn’t help that the AWS console is notoriously difficult to work with.
3) Permissions
When you’re a small shop with a few developers, it’s OK for everyone to have master access to your infrastructure. But as the team grows, it can get dangerous to be loose with access controls – you’ll want to start giving different developer groups different permission levels. Maybe your platform team has access to adjusting existing configurations, while your application team can only create new instances.
AWS – and other cloud providers – offer internal IAM (Identity & Access Management) utilities, but they, too, aren’t particularly smooth or easy to use.
