HashiQube is a VM with a Docker daemon inside. It runs all HashiCorp products. Vault, Terraform, Nomad, Consul, Vagrant, Packer and Sentinel. It also runs a host of other popular Open Source DevOps / DevSecOps applications showcasing how simple integration with HashiCorp products can result in tangible learnings and benefits for all its users Once the Qube is up an internet connection is no longer needed meaning sales pitches and demos for potential and existing customers is greatly aided.
HashiQube has been created to enable anyone who is interested in secure automation pipelines the ability to run a suite of ‘best in class’ tools their local machines at the cost of a small amount of system resources. The Qube gives all interested parties the empowerment to deploy these tools in a way covers multiple use cases effectively providing a ‘concept to completion’ test bed using open source HashiCorp products. The original use case was born the desire to demystify DevSecOps utilising Terraform, Vault, Consul, Sentinel and Nomad as well as some other well know open source CI/CD tools by providing a ‘hands-on’ environment that demonstrates the value of secret and credential management in standard software development pipeline.
Thanks to the flexibility of the HashiCorp products there is no need wonder how to achieve the goals of bringing software to market in a more secure and timely fashion, just Vagrant up!
- Please download Virtualbox from https://www.virtualbox.org/wiki/Downloads and Vagrant from https://www.vagrantup.com/downloads.html and install
- Using
git- clone this repogit clone $repo .What is Git? - Inside the local repo folder, do
vagrant up --provision- This will setup, Vault, Nomad, Consul, Terraform, Localstack and Docker as well as giving you access the docsify website at http://localhost:3333 - To run a specific service you want to use run the declarative command for it, for example,
vagrant up --provision-with minikube - Open in your browser http://localhost:3333 for Documentation
- 10GB of disk space
- 4GB RAM
- Admin rights / sudo (you will be asked to update ETC Host file)
- Virtualbox
- Vagrant
vagrant up --provision
This repository is designed to provide you with a stack that demonstrates the power of HashiCorp's product suite with non-enterprise editions of the following software;
- Vagrant - Development Environments Made Easy
- Vault - Manage Secrets and Protect Sensitive Data
- Consul - Secure Service Networking
- Nomad - Deploy and Manage Any Containerized, Legacy, or Batch Application
- Terraform - Use Infrastructure as Code to provision and manage any cloud, infrastructure, or service
- Packer - Build Automated Machine Images
- Sentinel - Sentinel is an embedded policy-as-code framework
- Fabio - Fabio is an HTTP and TCP reverse proxy that configures itself with data from Consul
- Docker - Securely build, share and run any application, anywhere
- Localstack - A fully functional local AWS cloud stack
- Ansible - Automation for everyone
- LDAP - Lightweight Directory Access Protocol
- Jenkins - The leading open source automation server
- Snyk - Develop fast, Stay secure
- Sonarqube - Code Quality and Security
- Oracle MySQL - MySQL is an open-source relational database management system (RDBMS)
- Microsoft MSSQL - Microsoft SQL Server is a relational database management system developed by Microsoft
- Portainer - Making Docker management easy
- Minikube - Run Kubernetes locally
- Istio - Connect, secure, control, and observe services
- Docsify - A magical documentation site generator
- Mermaid - Generation of diagram and flowchart from text in a similar manner as markdown
- Prometheus - Open-source monitoring system with dimensional data model, flexible query language, efficient time series database & modern alerting
- Grafana - Grafana is the open source analytics & monitoring solution for every database
- Elasticsearch - Elasticsearch is a search engine based on the Lucene library
- Kibana - Kibana is an open source data visualization dashboard for Elasticsearch
- Cerebro - Cerebro is the evolution of the previous Elasticsearch plugin Elasticsearch kopf
- Blast-Radius - Blast Radius is a tool for reasoning about Terraform dependency graphs with interactive visualizations
- Ansible-Tower - Red Hat Ansible Tower
- Snyk - Develop fast. Stay secure
- Gitlab - GitLab is a complete DevOps platform, delivered as a single application
- Nginx - Nginx (pronounced "engine-x") is an open source reverse proxy server for HTTP, HTTPS, SMTP, POP3, and IMAP protocols and a web server (origin server)
Once the stack is up you will have a large number of services running and available on localhost
For Documentation please open http://localhost:3333 in your browser
- Vault http://localhost:8200
- Nomad http://localhost:4646
- Consul http://localhost:8500
- Localstack http://localhost:8080
- Terraform Enterprise (enterprise needs a licence) http://localhost:8800
- LDAP can be accessed on ldap://localhost:389
- Localstack web http://localhost:8080
- Ansible provisioning Apache2 http://localhost:8888
- Jenkins http://localhost:8088
- SonarQube http://localhost:9000
- Elasticsearch http://localhost:9200
- Kibana http://localhost:5601
- Cerebro http://localhost:5602
- Oracle MySQL localhost:3306
- Microsoft SQL localhost:1433
- Portainer http://localhost:9333
- Minikube http://10.9.99.10:10888/api/v1/namespaces/kubernetes-dashboard/services/http:kubernetes-dashboard:/proxy/#/overview?namespace=default
- vagrant up --provision OR vagrant up --provision-with bootstrap|nomad|consul|vault|docker|ldap
- vagrant global-status # to see which VMs are active
- vagrant global-status --prune # to remove stale VMs from Vagrant cache
- vagrant status # vagrant status
- vagrant reload
- vagrant up
- vagrant destroy
- vagrant provision
- vagrant plugin list
- docker image ls
- docker ps
- docker stop
==> user.local.dev: [vagrant-hostsupdater] Checking for host entries
==> user.local.dev: [vagrant-hostsupdater] found entry for: 10.9.99.10 user.local.dev
==> user.local.dev: [vagrant-hostsupdater] found entry for: 10.9.99.10 user.local.dev
==> user.local.dev: [vagrant-hostsupdater] found entry for: 10.9.99.10 consul-user.local.dev
==> user.local.dev: [vagrant-hostsupdater] found entry for: 10.9.99.10 vault-user.local.dev
==> user.local.dev: [vagrant-hostsupdater] found entry for: 10.9.99.10 nomad-user.local.dev
==> user.local.dev: Setting hostname...
Gatling: (load testing) https://gatling.io/open-source
Spinnaker for multi-cloud / multi swim lane CD tool: https://www.spinnaker.io/concepts/
Build agent showing code clean and dirty.
Java
Python
JavaScript
Hygiea dashboard: https://github.com/Hygieia/Hygieia
Prometheus and Grafana for monitoring and logging: https://prometheus.io/docs/visualization/grafana/
Alerting will be handled by a local docker messaging server such as Gotify: https://github.com/gotify/server
Gloo: https://docs.solo.io/gloo/latest/introduction/
For suggestions, feedback and queries please branch or and submit a Pull Request or directly contact the architects of the HashiQube via email:
Lead Automation Architect riaan.nolan@servian.com
A Very special mention to HashiQube's contributors, Thank You All for your help, suggestions and contributions no matter how small <3
- Konstantin Vanyushov
- Tristan Morgan
HashiQube is available as open-source under the terms of the MIT License.