{"id":23451,"date":"2017-05-03T15:38:46","date_gmt":"2017-05-03T12:38:46","guid":{"rendered":"https:\/\/www.altoros.com\/blog\/?p=23451"},"modified":"2018-05-15T15:52:40","modified_gmt":"2018-05-15T12:52:40","slug":"securing-multi-datacenter-cloud-foundry-with-vault-and-concourse","status":"publish","type":"post","link":"https:\/\/www.altoros.com\/blog\/securing-multi-datacenter-cloud-foundry-with-vault-and-concourse\/","title":{"rendered":"Managing Secure Multi-Datacenter Cloud Foundry with Vault and Concourse"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_82_2 counter-hierarchy ez-toc-counter ez-toc-transparent ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"Toggle Table of Content\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #999;color:#999\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #999;color:#999\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/www.altoros.com\/blog\/securing-multi-datacenter-cloud-foundry-with-vault-and-concourse\/#Managing_distributed_environments\" >Managing distributed environments<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/www.altoros.com\/blog\/securing-multi-datacenter-cloud-foundry-with-vault-and-concourse\/#What_is_Vault\" >What is Vault?<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/www.altoros.com\/blog\/securing-multi-datacenter-cloud-foundry-with-vault-and-concourse\/#The_layers_comprising_the_solution\" >The layers comprising the solution<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/www.altoros.com\/blog\/securing-multi-datacenter-cloud-foundry-with-vault-and-concourse\/#Related_video\" >Related video<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/www.altoros.com\/blog\/securing-multi-datacenter-cloud-foundry-with-vault-and-concourse\/#Related_reading\" >Related reading<\/a><\/li><\/ul><\/nav><\/div>\n<h3><span class=\"ez-toc-section\" id=\"Managing_distributed_environments\"><\/span>Managing distributed environments<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>Let\u2019s be honest: Cloud Foundry is widely used by enterprises across different industries that care about accessibility to their services a lot. Furthermore, such companies often have affiliated departments distributed geographically all over the world. This all calls for  enabling multiple Cloud Foundry deployments distributed across several data centers.<\/p>\n<p>In order to cope with the complexity of managing such deployment, Altoros comes with an architecture that is based on the state-of-the-art tools available in open source. This system allows for creating repeatable and secure Cloud Foundry deployments across multiple data centers with related services and simplifying deployment management.<\/p>\n<p>With our <a href=\"https:\/\/www.altoros.com\/research-papers\/reference-architecture-multi-datacenter-cloud-foundry-with-concourse-and-vault\/\">new reference architecture<\/a>, we describe deployment management using <a href=\"https:\/\/www.altoros.com\/blog\/8-pro-tips-for-using-concourse-ci-with-cloud-foundry\/\">Concourse<\/a>, BOSH, and Vault at a high level. Concourse and BOSH were specifically designed for deploying, managing, and updating the Cloud Foundry PaaS with related services. In this blog post, we provide excerpts from the reference architecture, highlighting the layers of <em>active-active Cloud Foundry deployment<\/em>, what they are responsible for, and how they are interrelated.<\/p>\n<p>&nbsp;<\/p>\n<h3><span class=\"ez-toc-section\" id=\"What_is_Vault\"><\/span>What is Vault?<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p><img decoding=\"async\" src=\"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2017\/05\/vault-icon.png\" alt=\"vault-icon\" width=\"200\" class=\"alignright size-full wp-image-23461\" \/><\/p>\n<p><a href=\"https:\/\/www.vaultproject.io\/\" target=\"_blank\">Vault<\/a> is a tool for storing and managing secrets, such as API keys, passwords, certificates, etc. In addition, all the configuration properties are also stored in Vault: services\u2019 IP addresses, connection properties, etc. The tool provides a unified interface to any secret, while granting tight access control and recording a detailed audit log. Vault is also responsible for secrets encryption on a hard drive and safe delivery of secrets to final recipients.<\/p>\n<p>The main problem in a data center deployment is application data synchronization. In order to achieve application data accessibility across all data centers, we use the so called <em>active-active deployments<\/em> of data services, such as MariaDB and MongoDB. Since Cloud Foundry is used as a stateless application runtime, we provide each data center with its own Cloud Foundry installation and synchronize them through CI built upon Concourse.<\/p>\n<p>Such Cloud Foundry deployments are commonly referred to as <em>active-active deployments<\/em>, having a load balancer in front of them as a single entry point for user traffic. The main benefit of these deployments is improved availability: a system like that can easily survive outage of at least one data center.<\/p>\n<p>Using Vault allows for easily sharing secrets and configuration data between environments and enables smooth deployment of <em>active-active data services<\/em>. It also aids engineers in creating and synchronizing Cloud Foundry deployments as a part of a single system. Running system upgrades also becomes more convenient. This approach can be simplified by using Vault and Concourse pipelines.<\/p>\n<p><center><a href=\"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2017\/05\/pipeline-dependencies-multi-datacenter-cloud-foundry-reference-architecture-using-vault-and-concourse.jpg\"><img decoding=\"async\" src=\"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2017\/05\/pipeline-dependencies-multi-datacenter-cloud-foundry-reference-architecture-using-vault-and-concourse.jpg\" alt=\"pipeline-dependencies-multi-datacenter-cloud-foundry-reference-architecture-using-vault-and-concourse\" width=\"640\" class=\"aligncenter size-full wp-image-23468\" \/><\/a><small>Pipeline dependencies<\/small><\/center><\/p>\n<p>&nbsp;<\/p>\n<h3><span class=\"ez-toc-section\" id=\"The_layers_comprising_the_solution\"><\/span>The layers comprising the solution<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>The described system can be divided into a number of isolated layers. You can see an example of such division of an active-active Cloud Foundry deployment on the diagram below. The picture demonstrates a deployment in two data centers running vSphere. Each of the layers has its own responsibility, supporting other layers:<\/p>\n<ol>\n<li style=\"margin-bottom: 6px;\"><b>The supervisor layer<\/b> is represented by the control plane components and is used to create and manage all the other layers. <b>A control plane<\/b> (or a management plane) is a set of components used to create and manage components in different environments. It is built upon the tools mentioned above: BOSH, Concourse, and Vault. A control plane is usually deployed in a distinct data center or a physical server to make it independent and fail-proof. The detailed description of this layer can be found in <a href=\"https:\/\/www.altoros.com\/research-papers\/reference-architecture-multi-datacenter-cloud-foundry-with-concourse-and-vault\/\">the full document<\/a> (pages 7\u20138).<\/li>\n<li style=\"margin-bottom: 6px;\"><b>The virtualization layer<\/b> is responsible for spinning up a new infrastructure, with any kind of virtualization supported by BOSH: AWS, vSphere, Google Compute Engine, Microsoft Azure, OpenStack, SoftLayer, RackHD, VMware Photon, etc.<\/li>\n<li style=\"margin-bottom: 6px;\"><b>The Ops tools layer.<\/b> This one usually contains the components used to maintain an environment. An operator has an access to this layer only through the control plane.<\/li>\n<li style=\"margin-bottom: 6px;\"><b>The data services layer<\/b> is responsible for storing and sharing state data used by application instances. In order to provide high availability, we deploy active-active clusters of MariaDB and MongoDB to environments in several different data centres.<\/li>\n<li><b>The runtime layer<\/b> is served by Cloud Foundry itself to run applications and bind them with data storage services. Since applications deployed to Cloud Foundry are stateless and share data only through active-active clusters of data services, application data is always up-to-date and accessible.<\/li>\n<\/ol>\n<p><center><a href=\"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2017\/05\/multi-data-center-cloud-foundry-reference-architecture-using-concourse-vault-bosh-layers-of-an-active-active-deployment-v11.jpg\"><img decoding=\"async\" src=\"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2017\/05\/multi-data-center-cloud-foundry-reference-architecture-using-concourse-vault-bosh-layers-of-an-active-active-deployment-v11.jpg\" alt=\"multi-data-center-cloud-foundry-reference-architecture-using-concourse-vault-bosh-layers-of-an-active-active-deployment-v11\" width=\"640\" class=\"aligncenter size-full wp-image-23459\" \/><\/a><small>Layers of an active-active Cloud Foundry deployment<\/small><\/center><\/p>\n<p>The architecture involving a control plane\u2014built upon BOSH, Concourse, and Vault\u2014enables predictable, repeatable, and configurable Cloud Foundry environments in multiple data centers. Furthermore, this approach allows for protecting sensitive data and sharing it across active-active deployments to multiple clouds. It also makes designing active-active and hybrid architectures easier.<\/p>\n<p>To learn more about the deployment process of the described architecture, check out <a href=\"https:\/\/www.altoros.com\/research-papers\/reference-architecture-multi-datacenter-cloud-foundry-with-concourse-and-vault\/\">the full guide<\/a>.<\/p>\n<p>&nbsp;<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Related_video\"><\/span>Related video<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p><center><iframe loading=\"lazy\" width=\"640\" height=\"360\" src=\"https:\/\/www.youtube.com\/embed\/zeoLI-bN4mY\" frameborder=\"0\" allowfullscreen><\/iframe><\/center><\/p>\n<p>&nbsp;<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Related_reading\"><\/span>Related reading<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<ul>\n<li><a href=\"https:\/\/www.altoros.com\/blog\/8-pro-tips-for-using-concourse-ci-with-cloud-foundry\/\">8 Pro Tips for Using Concourse CI with Cloud Foundry<\/a><\/li>\n<li><a href=\"https:\/\/www.altoros.com\/blog\/operating-cloud-foundry-across-multiple-data-centers-single-bosh-installation\/\">Operating Cloud Foundry Across Multiple Data Centers with a Single BOSH Installation<\/a><\/li>\n<li><a href=\"https:\/\/www.altoros.com\/blog\/multi-data-center-as-a-cloud-foundry-deployment-pattern\/\">Multi-Datacenter as a Cloud Foundry Deployment Pattern<\/a><\/li>\n<li><a href=\"https:\/\/www.altoros.com\/blog\/credhub-discussed-at-the-initial-cloud-foundry-extensions-meeting\/\">Discussing CredHub for Centralized Credential Management in Cloud Foundry<\/a><\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>Managing distributed environments<\/p>\n<p>Let\u2019s be honest: Cloud Foundry is widely used by enterprises across different industries that care about accessibility to their services a lot. Furthermore, such companies often have affiliated departments distributed geographically all over the world. This all calls for  enabling multiple Cloud Foundry deployments distributed across several [&#8230;]<\/p>\n","protected":false},"author":35,"featured_media":23557,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"content-type":"","footnotes":"","_links_to":"","_links_to_target":""},"categories":[214],"tags":[873,206],"class_list":["post-23451","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-tutorials","tag-cloud-native","tag-oss-cloud-foundry"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.4 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Managing Secure Multi-Datacenter Cloud Foundry with Vault and Concourse | Altoros<\/title>\n<meta name=\"description\" content=\"How to create repeatable and secure Cloud Foundry deployments across multiple data centers with related services and simplify deployment management?\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.altoros.com\/blog\/securing-multi-datacenter-cloud-foundry-with-vault-and-concourse\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Managing Secure Multi-Datacenter Cloud Foundry with Vault and Concourse | Altoros\" \/>\n<meta property=\"og:description\" content=\"Managing distributed environments Let\u2019s be honest: Cloud Foundry is widely used by enterprises across different industries that care about accessibility to their services a lot. Furthermore, such companies often have affiliated departments distributed geographically all over the world. This all calls for enabling multiple Cloud Foundry deployments distributed across several [...]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.altoros.com\/blog\/securing-multi-datacenter-cloud-foundry-with-vault-and-concourse\/\" \/>\n<meta property=\"og:site_name\" content=\"Altoros\" \/>\n<meta property=\"article:published_time\" content=\"2017-05-03T12:38:46+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2018-05-15T12:52:40+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2017\/05\/securing-multi-data-center-cloud-foundry-with-vault-and-concourse-v111.gif\" \/>\n\t<meta property=\"og:image:width\" content=\"640\" \/>\n\t<meta property=\"og:image:height\" content=\"360\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/gif\" \/>\n<meta name=\"author\" content=\"Alexander Lomov\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Alexander Lomov\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.altoros.com\\\/blog\\\/securing-multi-datacenter-cloud-foundry-with-vault-and-concourse\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.altoros.com\\\/blog\\\/securing-multi-datacenter-cloud-foundry-with-vault-and-concourse\\\/\"},\"author\":{\"name\":\"Alexander Lomov\",\"@id\":\"https:\\\/\\\/www.altoros.com\\\/blog\\\/#\\\/schema\\\/person\\\/32bad30d8a66fbba345c09f5ce9503a6\"},\"headline\":\"Managing Secure Multi-Datacenter Cloud Foundry with Vault and Concourse\",\"datePublished\":\"2017-05-03T12:38:46+00:00\",\"dateModified\":\"2018-05-15T12:52:40+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.altoros.com\\\/blog\\\/securing-multi-datacenter-cloud-foundry-with-vault-and-concourse\\\/\"},\"wordCount\":831,\"commentCount\":0,\"image\":{\"@id\":\"https:\\\/\\\/www.altoros.com\\\/blog\\\/securing-multi-datacenter-cloud-foundry-with-vault-and-concourse\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.altoros.com\\\/blog\\\/wp-content\\\/uploads\\\/2017\\\/05\\\/securing-multi-data-center-cloud-foundry-with-vault-and-concourse-v111.gif\",\"keywords\":[\"Cloud-Native\",\"OSS Cloud Foundry\"],\"articleSection\":[\"Tutorials\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.altoros.com\\\/blog\\\/securing-multi-datacenter-cloud-foundry-with-vault-and-concourse\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.altoros.com\\\/blog\\\/securing-multi-datacenter-cloud-foundry-with-vault-and-concourse\\\/\",\"url\":\"https:\\\/\\\/www.altoros.com\\\/blog\\\/securing-multi-datacenter-cloud-foundry-with-vault-and-concourse\\\/\",\"name\":\"Managing Secure Multi-Datacenter Cloud Foundry with Vault and Concourse | Altoros\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.altoros.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.altoros.com\\\/blog\\\/securing-multi-datacenter-cloud-foundry-with-vault-and-concourse\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.altoros.com\\\/blog\\\/securing-multi-datacenter-cloud-foundry-with-vault-and-concourse\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.altoros.com\\\/blog\\\/wp-content\\\/uploads\\\/2017\\\/05\\\/securing-multi-data-center-cloud-foundry-with-vault-and-concourse-v111.gif\",\"datePublished\":\"2017-05-03T12:38:46+00:00\",\"dateModified\":\"2018-05-15T12:52:40+00:00\",\"author\":{\"@id\":\"https:\\\/\\\/www.altoros.com\\\/blog\\\/#\\\/schema\\\/person\\\/32bad30d8a66fbba345c09f5ce9503a6\"},\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.altoros.com\\\/blog\\\/securing-multi-datacenter-cloud-foundry-with-vault-and-concourse\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.altoros.com\\\/blog\\\/securing-multi-datacenter-cloud-foundry-with-vault-and-concourse\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.altoros.com\\\/blog\\\/securing-multi-datacenter-cloud-foundry-with-vault-and-concourse\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.altoros.com\\\/blog\\\/wp-content\\\/uploads\\\/2017\\\/05\\\/securing-multi-data-center-cloud-foundry-with-vault-and-concourse-v111.gif\",\"contentUrl\":\"https:\\\/\\\/www.altoros.com\\\/blog\\\/wp-content\\\/uploads\\\/2017\\\/05\\\/securing-multi-data-center-cloud-foundry-with-vault-and-concourse-v111.gif\",\"width\":640,\"height\":360},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.altoros.com\\\/blog\\\/securing-multi-datacenter-cloud-foundry-with-vault-and-concourse\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.altoros.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Managing Secure Multi-Datacenter Cloud Foundry with Vault and Concourse\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.altoros.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.altoros.com\\\/blog\\\/\",\"name\":\"Altoros\",\"description\":\"Insight\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.altoros.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.altoros.com\\\/blog\\\/#\\\/schema\\\/person\\\/32bad30d8a66fbba345c09f5ce9503a6\",\"name\":\"Alexander Lomov\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.altoros.com\\\/blog\\\/wp-content\\\/uploads\\\/2016\\\/12\\\/Alexander-Lomov-150x150.jpg\",\"url\":\"https:\\\/\\\/www.altoros.com\\\/blog\\\/wp-content\\\/uploads\\\/2016\\\/12\\\/Alexander-Lomov-150x150.jpg\",\"contentUrl\":\"https:\\\/\\\/www.altoros.com\\\/blog\\\/wp-content\\\/uploads\\\/2016\\\/12\\\/Alexander-Lomov-150x150.jpg\",\"caption\":\"Alexander Lomov\"},\"description\":\"Alexander Lomov is a Cloud Foundry Engineer at Altoros. With extensive experience in Ruby, Go, and Python, he was involved in development of BOSH CPIs and other Cloud Foundry-related projects for Canonical, IBM, and other companies. Alexander is a frequent speaker at various events\\\/meetups, mostly sharing his experience with Cloud Foundry. You may also know him as the author of several blog posts about Cloud Foundry internals.\",\"sameAs\":[\"http:\\\/\\\/altoros.com\"],\"url\":\"https:\\\/\\\/www.altoros.com\\\/blog\\\/author\\\/alexander-lomov\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Managing Secure Multi-Datacenter Cloud Foundry with Vault and Concourse | Altoros","description":"How to create repeatable and secure Cloud Foundry deployments across multiple data centers with related services and simplify deployment management?","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.altoros.com\/blog\/securing-multi-datacenter-cloud-foundry-with-vault-and-concourse\/","og_locale":"en_US","og_type":"article","og_title":"Managing Secure Multi-Datacenter Cloud Foundry with Vault and Concourse | Altoros","og_description":"Managing distributed environments Let\u2019s be honest: Cloud Foundry is widely used by enterprises across different industries that care about accessibility to their services a lot. Furthermore, such companies often have affiliated departments distributed geographically all over the world. This all calls for enabling multiple Cloud Foundry deployments distributed across several [...]","og_url":"https:\/\/www.altoros.com\/blog\/securing-multi-datacenter-cloud-foundry-with-vault-and-concourse\/","og_site_name":"Altoros","article_published_time":"2017-05-03T12:38:46+00:00","article_modified_time":"2018-05-15T12:52:40+00:00","og_image":[{"width":640,"height":360,"url":"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2017\/05\/securing-multi-data-center-cloud-foundry-with-vault-and-concourse-v111.gif","type":"image\/gif"}],"author":"Alexander Lomov","twitter_misc":{"Written by":"Alexander Lomov","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.altoros.com\/blog\/securing-multi-datacenter-cloud-foundry-with-vault-and-concourse\/#article","isPartOf":{"@id":"https:\/\/www.altoros.com\/blog\/securing-multi-datacenter-cloud-foundry-with-vault-and-concourse\/"},"author":{"name":"Alexander Lomov","@id":"https:\/\/www.altoros.com\/blog\/#\/schema\/person\/32bad30d8a66fbba345c09f5ce9503a6"},"headline":"Managing Secure Multi-Datacenter Cloud Foundry with Vault and Concourse","datePublished":"2017-05-03T12:38:46+00:00","dateModified":"2018-05-15T12:52:40+00:00","mainEntityOfPage":{"@id":"https:\/\/www.altoros.com\/blog\/securing-multi-datacenter-cloud-foundry-with-vault-and-concourse\/"},"wordCount":831,"commentCount":0,"image":{"@id":"https:\/\/www.altoros.com\/blog\/securing-multi-datacenter-cloud-foundry-with-vault-and-concourse\/#primaryimage"},"thumbnailUrl":"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2017\/05\/securing-multi-data-center-cloud-foundry-with-vault-and-concourse-v111.gif","keywords":["Cloud-Native","OSS Cloud Foundry"],"articleSection":["Tutorials"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.altoros.com\/blog\/securing-multi-datacenter-cloud-foundry-with-vault-and-concourse\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.altoros.com\/blog\/securing-multi-datacenter-cloud-foundry-with-vault-and-concourse\/","url":"https:\/\/www.altoros.com\/blog\/securing-multi-datacenter-cloud-foundry-with-vault-and-concourse\/","name":"Managing Secure Multi-Datacenter Cloud Foundry with Vault and Concourse | Altoros","isPartOf":{"@id":"https:\/\/www.altoros.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.altoros.com\/blog\/securing-multi-datacenter-cloud-foundry-with-vault-and-concourse\/#primaryimage"},"image":{"@id":"https:\/\/www.altoros.com\/blog\/securing-multi-datacenter-cloud-foundry-with-vault-and-concourse\/#primaryimage"},"thumbnailUrl":"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2017\/05\/securing-multi-data-center-cloud-foundry-with-vault-and-concourse-v111.gif","datePublished":"2017-05-03T12:38:46+00:00","dateModified":"2018-05-15T12:52:40+00:00","author":{"@id":"https:\/\/www.altoros.com\/blog\/#\/schema\/person\/32bad30d8a66fbba345c09f5ce9503a6"},"breadcrumb":{"@id":"https:\/\/www.altoros.com\/blog\/securing-multi-datacenter-cloud-foundry-with-vault-and-concourse\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.altoros.com\/blog\/securing-multi-datacenter-cloud-foundry-with-vault-and-concourse\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.altoros.com\/blog\/securing-multi-datacenter-cloud-foundry-with-vault-and-concourse\/#primaryimage","url":"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2017\/05\/securing-multi-data-center-cloud-foundry-with-vault-and-concourse-v111.gif","contentUrl":"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2017\/05\/securing-multi-data-center-cloud-foundry-with-vault-and-concourse-v111.gif","width":640,"height":360},{"@type":"BreadcrumbList","@id":"https:\/\/www.altoros.com\/blog\/securing-multi-datacenter-cloud-foundry-with-vault-and-concourse\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.altoros.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Managing Secure Multi-Datacenter Cloud Foundry with Vault and Concourse"}]},{"@type":"WebSite","@id":"https:\/\/www.altoros.com\/blog\/#website","url":"https:\/\/www.altoros.com\/blog\/","name":"Altoros","description":"Insight","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.altoros.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.altoros.com\/blog\/#\/schema\/person\/32bad30d8a66fbba345c09f5ce9503a6","name":"Alexander Lomov","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2016\/12\/Alexander-Lomov-150x150.jpg","url":"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2016\/12\/Alexander-Lomov-150x150.jpg","contentUrl":"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2016\/12\/Alexander-Lomov-150x150.jpg","caption":"Alexander Lomov"},"description":"Alexander Lomov is a Cloud Foundry Engineer at Altoros. With extensive experience in Ruby, Go, and Python, he was involved in development of BOSH CPIs and other Cloud Foundry-related projects for Canonical, IBM, and other companies. Alexander is a frequent speaker at various events\/meetups, mostly sharing his experience with Cloud Foundry. You may also know him as the author of several blog posts about Cloud Foundry internals.","sameAs":["http:\/\/altoros.com"],"url":"https:\/\/www.altoros.com\/blog\/author\/alexander-lomov\/"}]}},"_links":{"self":[{"href":"https:\/\/www.altoros.com\/blog\/wp-json\/wp\/v2\/posts\/23451","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.altoros.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.altoros.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.altoros.com\/blog\/wp-json\/wp\/v2\/users\/35"}],"replies":[{"embeddable":true,"href":"https:\/\/www.altoros.com\/blog\/wp-json\/wp\/v2\/comments?post=23451"}],"version-history":[{"count":29,"href":"https:\/\/www.altoros.com\/blog\/wp-json\/wp\/v2\/posts\/23451\/revisions"}],"predecessor-version":[{"id":33252,"href":"https:\/\/www.altoros.com\/blog\/wp-json\/wp\/v2\/posts\/23451\/revisions\/33252"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.altoros.com\/blog\/wp-json\/wp\/v2\/media\/23557"}],"wp:attachment":[{"href":"https:\/\/www.altoros.com\/blog\/wp-json\/wp\/v2\/media?parent=23451"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.altoros.com\/blog\/wp-json\/wp\/v2\/categories?post=23451"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.altoros.com\/blog\/wp-json\/wp\/v2\/tags?post=23451"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}