Introduction to HCP Packer
HTML-код
- Опубликовано: 30 июл 2024
- Keeping track of base images can be challenging. In this whiteboard video, HashiCorp Co-Founder and CTO Armon Dadgar explains how HCP Packer forms the core of a multi-cloud golden image pipeline. Learn more → cloud.hashicorp.com/products/...
HashiCorp Packer allows you to codify and automate build pipelines for machine images in multiple formats. But how do you make these images discoverable and ensure only the correct versions are deployed to production?
HCP Packer, part of the HashiCorp Cloud Platform, provides a registry that tracks your image metadata and presents it to downstream processes through an API. Together with the Packer data source in the HCP provider for Terraform, this forms the foundation of a multi-cloud golden image pipeline to automate the lifecycle of images from build through deployment.
0:00 - Intro
0:10 - What is Packer?
1:54 - Publish image metadata to the HCP Packer registry
4:14 - Multi-layer image pipelines
6:12 - Integrate with Terraform for deployment
7:29 - Image versioning and revocation
11:46 - Identify preferred versions with release channels
More of our whiteboard videos can be found here → • HashiCorp Explains
Subscribe to our RUclips Channel → ruclips.net/user/HashiCorp?s...
For hands-on interactive labs, visit HashiCorp Learn → learn.hashicorp.com/
HashiCorp provides infrastructure automation software for multi-cloud environments, enabling enterprises to unlock a common cloud operating model to provision, secure, connect, and run any application on any infrastructure. HashiCorp open source tools Vagrant, Packer, Terraform, Vault, Consul, Nomad, Boundary, and Waypoint allow organizations to deliver applications faster by helping enterprises transition from manual processes and ITIL practices to self-service automation and DevOps practices.
For more information → hashicorp.com
Twitter → / hashicorp
LinkedIn → / hashicorp
Facebook → / hashicorp
#Packer #InfrastructureAsCode #Terraform Наука
Armon, This is an ingenious thought process by you. Going after the build process which is the root of the security vulnerability at the kernel level and hardening it is a master stroke. Secondly, in this Cloud self-service world we can automate this pipeline of version control and release channels and revocation of base image via the registry is masterful. That gives us control at the metadata level and tightens our provisioning security policy.
I do want to see something similar around DNS vulnerabilities and how we can harden those entry points from an attacker getting access. Thats a different problem to solve.
Very informative, thanks
Nice, thanks!
OMG i am goin to write a blog on packer soon
@@steve-at-yt sure steve
@@deckardshaw483 where is the blog post? I want to read it :)