I recently encountered a puzzling issue with a Nomad job, where a crucial environment variable was missing a # character.
After some investigation, I finally uncovered the root cause.
A while ago, Nomad introduced the concept of Workload Identity to authenticate to Vault and obtain a Vault ACL token specific to the task. This way, Nomad jobs only have access to "their" own secrets, which provides an additional layer of security.
When setting up our first version of our internal Nomad cluster 6 years ago, we quickly realized that we also needed a secrets management solution. Vault, being another product from Hashicorp, was the natural fit for our needs.
Hashicorp Nomad is a simple and flexible scheduler and orchestrator that helps organizations reduce operational overhead and maximize infrastructure usage. We've been using Nomad to run our internal workloads since about 2018.
HashiCorp Boundary provides access to applications and critical systems with fine-grained authorizations without managing credentials or exposing your network internals.
Yesterday, I've attended my second in-person HashiDays event. As last year, I chose to attend HashiDays in Munich again. This time, it was a different venue, and I liked it a lot more than last year's venue.