I had the chance to work with Armon as a contractor at HashiCorp when I was in college. Armon was absolutely one of the most down-to-earth leaders I've ever seen. Even though he was technically brilliant and I was only an undergrad, he never made me feel like I was stupid or inexperienced, but rather patiently guided me towards the best solutions, so I was able to gain a lot of confidence and grow a lot along the way.
If you are an aspiring distributed systems engineer (as I was), I highly recommend applying to HashiCorp. They are solving some of the most fun challenges in distributed systems and they have a great engineering culture, not to mention that they are remote-friendly.
One time quite a while ago, I randomly hung out with the Kiip team one day when there were like 6 of them. Mitchell struck me as a super nice guy, and at some point he randomly dropped the fact at some point that he wrote Vagrant.
I went to college with Armon and highly enjoyed working with him. I've never been associated with Hashicorp and can't speak to his leadership there, but as a human being he's fantastic. And it seems like Hashicorp is doing well.
Series E have never been a good indicator for success, especially with the stock market behavior of late, and I don't see how HashiCorp's enterprise offerings are worth a 5.1B valuation. They've continuously struggled to find a good fit for their "enterprise only" features, and the amount of money they charge for these features is nothing short of extortion. Vault seems to be the only runway they have, and I see that area ripe for competition (or even AWS Vault like they did with MongoDB). Also, based on the company's glassdoor reviews, it seems the exec team are a bunch of jerks, which is an interesting contrast to Armon/Mitchell.
Unlike some of the other comments, I see HashiCorp as a textbook example of poor execution for converting customers. They clearly have the things people want, but they have always struggled to give people a reason to pay for them. They've created a community that would easily raze the goodwill they've floated on if they started to heavily monetize their products, so they're in a lose/lose situation to me.
I see them being acquired, but I can't think of any cloud provider that would pay for them. Maybe Oracle? :)
I know of orgs who are writing 7 figure checks to Hashicorp without batting an eye. They are seeing rapid adoption in large enterprises who are willing to pay for it
It seems like you don't think the value is there, and I supposed for some use cases that may be true, but I assure you they're getting paid for the value they're delivering (which is substantial).
Disclaimer: I am not associated with Hashicorp, just a satisfied user of their products who freely teaches Terraform and Vault usage and pays my own way to go to Hashiconf.
My viewpoint is based on the products they're competing against:
- Their OSS offerings
- Other OSS offerings like Istio, Ansible, Conjour, and Kubernetes
- Hybrid cloud solutions like Outpost and Anthos
Additionally, I think HashiCorp not embracing kubernetes and trying to push Nomad was a huge miscalculation. None of their products have particularly noteworthy integrations with it, with the community picking up the slack (almost like internally they don't care).
As soon as you're working with more than a few people at a time, or in an environment that has compliance, governance, or auditing requirements, you're moving up to Terraform Enterprise (either SaaS or on-prem). I admit you can get pretty far on their OSS offerings, but most folks who need the enterprise features are going to pay for them (SAML/SSO, audit log emissions, private datacenter/on-prem installs, etc). Small shops, startups, and the like? Probably not, but they don't have that much cash anyway; the benefit of marketing to them is a) if they do get big, you're already in the door to sell to them or b) they don't get big, but they grow the ecosystem with engineers knowing and using the products. Those engineers might either end up working for Hashicorp, or landing a gig at a job where they can evangelize the tools and advocate paying for them. Very similar to GitHub's model, and I'd argue it works for everyone; people who can pay, do, people who can't or won't still get value they otherwise wouldn't.
IMHO, configuration management compliments Packer and Terraform, it doesn't compete against it (based on my experience using Ansible and Packer for VMs of all sorts). Kubernetes is a beast in itself; the firms who implement Nomad are not the same as those who would go all in on k8s. Personally, I think Kubernetes is overly complex and prefer Nomad as a scheduler, YMMV (my jobs are more batch in nature, less services).
> Additionally, I think HashiCorp not embracing kubernetes and trying to push Nomad was a huge miscalculation.
Nah, embracing kubernetes is the miscalculation that every other company is making. It's a dead end. This part they're doing right. (Not saying I'm fond of nomad, but kube is absurd.)
Lol, that is why it took HashiCorp 6 months to write a broken Ansible playbook for Vault that takes an hour to deploy (they couldn't even do it with Terraform) when it takes less than 30 seconds to deploy on Kubernetes natively.
Thanks. Too bad Ansible playbooks are not public. To be clear I'm not defending Hashicorp, as I have played quite a bit with their tools (only opensource versions) and getting deployments production ready, can be painful, especially setting up security correctly, with so many moving parts.
I know about Helm chart for Vault (btw also created and maintained by Hashicorp). It's quite handy for quick deployments, but getting it to production will require changes, as most security things are disabled. All Helm chart does, it gets Vault up and running, unsealing has to be done either manually or via third party (cool thing, if your use-case allows storing such secret on third party HW). Not to mention, that if you want to use Consul as storage backend, you will have to deal with that using separate chart.
Without knowledge what Ansible playbook does, it's hard to compare the two. If ansible is configuring host OS from scratch (updates/tools installation etc) then yes, it might take much longer, then deploying to fully managed K8s cluster.
True, I think the nice thing about Vault Helm chart (and Consul) is that you can swap in the enterprise image. You can customize the image to your liking as well. It is lightweight and easy to scale comparably. There is definitely extra work involved, but the Ansible playbook is just sequential tasks that could be baked into the container and make it a lot faster.
I'm a big fan of Kubernetes and Helm/Kustomize as a whole, though there are times where Terraform and Ansible makes sense too.
Fortune 500 companies represent two-thirds of the U.S. GDP with $13.7 trillion in revenues, $1.1 trillion in profits, $22.6 trillion in market value, so there's money to be had in helping them accommodate cloud agnostic best practices through tooling.
There are lots of companies that aren't tech companies, but who still need tech (insert the caveat "software eating the world", "all companies are tech companies", and so on).
They are a giant part of the US economy, however they don't represent 2/3 of US GDP, their sales are equivalent to that figure. These are global corporations that in many cases do business in nearly every country.
Many of the largest S&P 500 companies have 2/3, 3/4 or more of their business overseas. They're typically under-represented in the US domestic economy, as the US is ~22% of global GDP, and these are typically among the largest corporations in their segments.
So instead of being “locked in to the cloud”, you’re “locked in to Hashicorp”. Meet the new boss....
But the idea that you’re not de facto locked into your cloud provider once you are at any type of scale is a fantasy. To paraphrase Cory Quinn (?) “Infrastructure has weight”. Its a major undertaking fraught with regressions and unexpected costs to migrate from one provider to another and the benefits are usually not worth it.
Public market valuations for tech companies are generally 10x-100x forward earnings or higher (often much much higher. Zoom is over 1000 at the moment).
So a $550M annual run rate would mean the VCs make money at a 10x valuation in a normal market.
At 100x it is $55M.
Microsoft trades at 27, Atlassian at 127, Zoom at 1100 (!)
(I assume you realise that VC money isn't a loan and you don't "payback" the money you take. They expect a return when the company has a liquidity event, ie floats or is bought)
$175 is round E, not the valuation nor the total money raised. 10x forward earnings would mean a $500M run rate to just equal this valuation and breakeven to these latest investors.
EDIT: Since you've changed your comment, I'll re-ask my original question: How many checks will it take to get to $500M run rate? It's a high goal for infrastructure companies.
What is the purpose of Vault if you’re already on AWS?
Even though I prefer CloudFormation, Terraform is quite popular. As far as Consul and Nomad, they are both nice for on prem infrastructure - I’ve used both - but once you’re on either AWS or Azure, the native solutions are a lot less of a hassle and Nomsd (sadly) will never get the mindshare of k8s.
You don't want to pay $1/month to store a single secret. You want a nicer workflow for creating ephemeral users and tokens than AWS themselves have. You want to do on-the-fly encryption of all sorts of things. You want a real PKI without every bit of know-how.
It’s 0.25 cent per month to use the Secrets Manager and you can store multiple key/value pairs per secret. If you’re not using the automatic key rotation, you can store a “SecretString” in parameter store for free for low volume usage or for higher volume It’s close to free.
Besides with vault you now need to set up a cluster for HA. But is your time worth nothing?
As far as users and tokens. That’s what Cognito is for for external users or associating your AD with IAM roles for internal users.
Then call my Fortune 100 bank rare. Everything we do is going with a multi-cloud strategy where it makes sense, especially around secrets management and infrastructure as code.
Once you’re at any scale, you’re already de facto locked in. “Infrastructure has weight”. It’s a major undertaking to migrate infrastructure once you e spent time creating data, setting up a hybrid network infrastructure, training, going through compliance, DNS entries, configuration, load balancers, validation and regression testing, etc.
The typical large corporation depends on so much third party software and so many services, it’s a pain and costly to migrate from any of them.
You can’t imagine how much coupling companies can do to something as simple as WorkDay.
I wish all of the idealists who want to maintain “cloud independence” would do a thought experiment and set up a realistic project plan and budget to migrate their infrastructure to another platform even if they didn’t use any proprietary offerings.
And then take that plan to their CTO and see where he wouid place it on the list of priorities for their company and do a realistic cost/benefit and risk analysis.
It’s the “native” solution. All of AWS’s examples and getting started guides use CF. Also you can find examples for anything for CF on places like
Github.
You have access to the “easy button”. AWS business support if there is something you just don’t get.
SAM, CodeStar,Elastic Beanstalk, etc all use CF and you can modify the templates.
I have a major treat for you both if you haven't already listened to this A16Z episode with the CEOs of both companies - https://overcast.fm/+BlzGXPbI0
Databricks is easily the best spent money in my stack.
I also love Hashicorp's products, but unfortunately I'm not paying them anything. Before Terraform Cloud their enterprise offerings were quite bad IMO (no SaaS, had to talk with Sales, provision infrastructure yourself, high initial commitment, etc...).
I will probably start using Terraform Cloud in a near future thought, just waiting for some key features to be released so I can integrate it to my pipe (Gitlab Groups integration, more flexible module layout).
I tried Terraform Cloud and went back to open source. I felt like it was a step backwards from Terragrunt. I'm only using it in the context of AWS though. I might try it again for a future project.
That seems unlikely to be true (I haven’t measured but worked there). Perhaps it’s true of Terraform where testing is verbose anyway, but it’s almost certainly not of Packer, for example.
Why not? Testing packer would mean specifying a large number of machine configurations, building them, and verifying the output images. Why would that be smaller than the actual code?
I just cloned Packer from the master branch, and via a (very) crude mechanism looked at the number of lines of code in `_test.go` files vs the number of lines of code in `.go` files which do not have the `test` build tag, excluding vendored libraries.
There are approximately 60,000 lines of test code, vs 149000 lines of non-test code.
Other HashiCorp products have a much higher test to production code ratio, but it is by no means uniformly 10:1.
Recall that VCs are all about finding the greater fool - actual value may or may not relate. One of my favourite videos on the subject (Chamath Palihapitiya):
What’s it like? To be so cynical that it makes you so blindingly wrong? Terraform, packer, consul, and vault are all ground up products that solve very interesting problems. Nomad is a solid product. They’re all written from the ground up.
How many third party companies do you think get pre-release access to AWS, Azure, and GCE and many others so that their software (in this case terraform) supports it the day of announcement?
Yeah.
Do you know major financial and government institutions are using vault? Do you know how long it takes those organizations to use security software as core parts of their business? Vault is barely 3 years old and is extensively used by them.
That's not even true of Docker. Their business might have been poorly run but Docker containers as a universal package format and easily accessible over HTTP is a major innovation over what we had before.
Fast, easy and standardized product suite with a CLI, runtime and registry that led to massive industry-wide cross-platform usage and spin-off projects like Kubernetes compared to basically nothing for the decade before.
You don't have to invent new tech. Better UX counts as innovation, enough to be worth billions. Your reply reminds of the infamous Dropbox HN comment that said it was nothing more than FTP with SVN.
Not quite- Kubernetes was an open source "spin-off" of Borg, which has been in use at Google since 2003.
However, Docker did quickly become the de facto standard for containerization on k8s, due in part to its prevalence and ease of use as you mentioned above.
I've only used Terraform out of their set of tools and loved every minute of using it. By far the most intuitive and the clear leader out of the Infrastructure as Code tools. Fingers crossed they can live up to this massive valuation.
If they either turn Nomad into a full blown hypervisor stack or roll that into its own product, they could seriously put a dent in some extremely entrenched companies like VMware.
I'm talking storage, networking, virtualization... They'd make bank.
Congratulations. I have always had a love-hate relationship with Hashicorp's tools. In the end, though, the product that they provide freely to us all is absolutely phenomenal. I also have a lot of respect for Mitchell Hashimoto and really appreciate his humility. Great to see this positive news for Mitchell and the team.
Even if it were the release, there is a lot of cash that needs somewhere to go right now. The market has volatility without the returns, whereas you can get nX yield for the same perceived risk in venture funds. This could be a very good time to be in VC or doing a startup.
Liquid capital needs productive assets, and fed-backed crazy town might not be the place for it.
Hashicorp also has awesome and sticky products, and they have earned whatever they got. With Vault, they got people to adopt their defacto HSM, without the friction of selling hardware, and all the benefits of being the root of trust in each enterprise. Everything about that company is f'ing brilliant, imo.
I wonder why HashiCorp needs to raise more money as they seem fairly profitable and in a very good position in the market? Why dilute your stocks and ownership of the company?
No idea about their profitability, but doing a big raise before a recession to try and tide you through with minimal layoffs is probably not a bad idea. (Yeah, I'm sure this has been in the works for a while before the coronavirus hit the fan, but the signs of recession have been brewing for a while, bulls notwithstanding.)
I'm playing with it. I don't like the "middleware" plugins, but after more research, since it's all Ruby, I managed to put a tweak into my Vagrantfile to force my order of execution (plugins vs. provisioners).
The startup of the vagrant CLI is sooo damn slow! It takes seconds to print help... That's my major problem with it.
I'd rather see something more lightweight, but this gets the job done quickly.
A bunch of my friend group (average 5 years of experience each) just went through job searches, and all of us applied to hashicorp. Among us, we had big data experience, distributed systems experience, frontend, backend, etc. Very wide gamut.
None of us even received a reply, and from what I've heard this isn't unusual. I'm always a bit flummoxed as to what companies like this want when they somehow even develop a reputation for ghosting.
Vault is cool though I guess. Maybe they just get that many applicants.
Didn't receive a reply after interviewing, or didn't receive a reply after applying? Not getting a reply after applying is pretty common. It could mean a lot of things, including that they might want to keep your resume on file for a future availability.
I don't mind it, personally. It's the ghosting after interviewing that I find annoying.
If you are an aspiring distributed systems engineer (as I was), I highly recommend applying to HashiCorp. They are solving some of the most fun challenges in distributed systems and they have a great engineering culture, not to mention that they are remote-friendly.