The Unsung Hero of the Hybrid Cloud: Nomad's Quiet Revolution In the ever-evolving world of container orchestration, Kubernetes often dominates the conversation. Its robust ecosystem, fervent community, and backing from major tech players have solidified its position as a leading solution. However, a different orchestrator, one often overshadowed but no less powerful, is quietly carving its own niche: HashiCorp Nomad. While Kubernetes excels in its complexity and feature-richness, Nomad distinguishes itself through its simplicity and flexibility. It operates with a smaller footprint and requires fewer moving parts, making it easier to deploy and manage, especially in resource-constrained environments. This fundamental difference opens doors to use cases where Kubernetes might prove cumbersome or overkill. One of Nomad's strongest suits is its ability to orchestrate workloads beyond just containers. Unlike Kubernetes, which primarily focuses on containerized applications, Nom...

So the story goes like this: You have container workloads running in production (nomad). You are on a bare metal environment. Multiple container networking software solutions are in use in different data-centers - contiv and flannel. The perimeter is secured for the cluster (firewalls, WAF). Service to service communication within the cluster is non-secure (the journey started before service mesh concepts was in place). Customer insists that service to service communication is over https within the cluster when it crosses machine boundaries within the perimeter too. Incremental approach for migration service by service is mandatory. Options Introduce a full-fledged service mesh A complete networking and software stack upgrade is impossible without a downtime. Replace the existing container networking with one that supports encryption Do we have one such solution which is usable in production? Solution “Introduce a light weight sidecar proxy that can do this job” Details Nginx as a side...