busterarm

Hashicorp isn't going to budge here. The same argument that you've made about Terraform being the underpinnings and needing to be open-sourced can be applied to their other important products like Vault, Consul and Nomad as well. The ecosystem of those three is plainly a direct competitor to Kubernetes which is open-source.

There's really no move for them to make here. It's unfortunate.

fishpen0

Tons of organizations run vault and consul as part of their k8s ecosystem so they don't directly compete. The vault CSI driver might be the single most installed CSI driver across all the orgs I've worked for

busterarm

You're completely missing it.

If you are running Nomad as your orchestrator, because of the tight integrations you are almost certainly running vault for secrets and consul for service discovery/service mesh. The ecosystem of the three is the competitor to K8s.

s/ someone who runs both ecosystems at scale.

twunde

While the Nomad stack is a direct competitor to k8s, Consul and Vault are both heavily used alongside k8s. In fact, Consul had features that were only for k8s the last time I checked

busterarm

While these facts are true, that's totally not the fucking point and has nothing to do with the argument. I say again.

You can have software that both supports and competes with the k8s ecosystem. That's even the same type of problem all of these companies have with Hashicorp software now under the BSL.

Gruntwork builds tools that everyone using Terraform uses but they also offer services that Hashicorp would prefer that you pay them for instead.

You telling me "but people running K8s also use vault/consul" is like telling me that Gruntwork makes terragrunt which terraform users use. It doesn't mean that Hashicorp doesn't view them as a threat.

hdaz0017

There is a big difference though Terraform is the out and out winner in its market.

All their other products are at best small x% share of a crowded market or dominated by another product.

ghshephard

Genuinely curious - other than Vault - what other product is there for secret management in the cloud infrastructure space. I get that CyberArk Conjur is big in the enterprise space, but I thought cloud users, even with k8s, mostly went with vault.

hdaz0017
HashiCorp Vault - is big in Secrets management but its not the Terraform of Secrets management it's just too easy to make another product.

AWS Secrets Manager

AWS Systems Manager Parameter Store

AWS KMS

Google Cloud KMS - Cloud Key Management System

Azure Key Vault

confidant - https://lyft.github.io/confidant

keywhiz - https://github.com/square/keywhiz

knox - https://github.com/pinterest/knox

strongboxsafe - https://strongboxsafe.com

conjur - https://www.conjur.org

+ many more

Ansible Vault - probably not competing directly

I am pretty sure companies like netflix, facebook, uber, tesla and others are probably using their own in house creations.