(lively music) >> Welcome back to our coverage of Cloud Native Security Con. I'm Dave Vellante, here in our Boston studio. We're connecting today, throughout the day, with Palo Alto on the ground in Seattle. And right now I'm here with Michael Foster with Red Hat. He's on the ground in Seattle. We're going to discuss the trends and containers and security and everything that's going on at the show in Seattle. Michael, good to see you, thanks for coming on. >> Good to see you, thanks for having me on. >> Lot of market momentum for Red Hat. The IBM earnings call the other day, announced OpenShift is a billion-dollar ARR. So it's quite a milestone, and it's not often, you know. It's hard enough to become a billion-dollar software company and then to have actually a billion-dollar product alongside. So congratulations on that. And let's start with the event. What's the buzz at the event? People talking about shift left, obviously supply chain security is a big topic. We've heard a little bit about or quite a bit about AI. What are you hearing on the ground? >> Yeah, so the last event I was at that I got to see you at was three months ago, with CubeCon and the talk was supply chain security. Nothing has really changed on that front, although I do think that the conversation, let's say with the tech companies versus what customers are actually looking at, is slightly different just based on the market. And, like you said, thank you for the shout-out to a billion-dollar OpenShift, and ACS is certainly excited to be part of that. We are seeing more of a consolidation, I think, especially in security. The money's still flowing into security, but people want to know what they're running. We've allowed, had some tremendous growth in the last couple years and now it's okay. Let's get a hold of the containers, the clusters that we're running, let's make sure everything's configured. They want to start implementing policies effectively and really get a feel for what's going on across all their workloads, especially with the bigger companies. I think bigger companies allow some flexibility in the security applications that they can deploy. They can have different groups that manage different ones, but in the mid to low market, you're seeing a lot of consolidation, a lot of companies that want basically one security tool to manage them all, so to speak. And I think that the features need to somewhat accommodate that. We talk supply chain, I think most people continue to care about network security, vulnerability management, shifting left and enabling developers. That's the general trend I see. Still really need to get some hands on demos and see some people that I haven't seen in a while. >> So a couple things on, 'cause, I mean, we talk about the macroeconomic climate all the time. We do a lot of survey data with our partners at ETR, and their recent data shows that in terms of cost savings, for those who are actually cutting their budgets, they're looking to consolidate redundant vendors. So, that's one form of consolidation. The other theme, of course, is there's so many tools out in the security market that consolidating tools is something that can help simplify, but then at the same time, you see opportunities open up, like IOT security. And so, you have companies that are starting up to just do that. So, there's like these countervailing trends. I often wonder, Michael, will this ever end? It's like the universe growing and tooling, what are your thoughts? >> I mean, I completely agree. It's hard to balance trying to grow the company in a time like this, at the same time while trying to secure it all, right? So you're seeing the consolidation but some of these applications and platforms need to make some promises to say, "Hey, we're going to move into this space." Right, so when you have like Red Hat who wants to come out with edge devices and help manage the IOT devices, well then, you have a security platform that can help you do that, that's built in. Then the messaging's easy. When you're trying to do that across different cloud providers and move into IOT, it becomes a little bit more challenging. And so I think that, and don't take my word for this, some of those IOT startups, you might see some purchasing in the next couple years in order to facilitate those cloud platforms to be able to expand into that area. To me it makes sense, but I don't want to hypothesize too much from the start. >> But I do, we just did our predictions post and as a security we put up the chart of candidates, and there's like dozens, and dozens, and dozens. Some that are very well funded, but I mean, you've seen some down, I mean, down rounds everywhere, but these many companies have raised over a billion dollars and it's like uh-oh, okay, so they're probably okay, maybe. But a lot of smaller firms, I mean there's just, there's too many tools in the marketplace, but it seems like there is misalignment there, you know, kind of a mismatch between, you know, what customers would like to have happen and what actually happens in the marketplace. And that just underscores, I think, the complexities in security. So I guess my question is, you know, how do you look at Cloud Native Security, and what's different from traditional security approaches? >> Okay, I mean, that's a great question, and it's something that we've been talking to customers for the last five years about. And, really, it's just a change in mindset. Containers are supposed to unleash developer speed, and if you don't have a security tool to help do that, then you're basically going to inhibit developers in some form or another. I think managing that, while also giving your security teams the ability to tell the message of we are being more secure. You know, we're limiting vulnerabilities in our cluster. We are seeing progress because containers, you know, have a shorter life cycle and there is security and speed. Having that conversation with the C-suites is a little different, especially when how they might be used to virtual machines and managing it through that. I mean, if it works, it works from a developer's standpoint. You're not taking advantage of those containers and the developer's speed, so that's the difference. Now doing that and then first challenge is making that pitch. The second challenge is making that pitch to then scale it, so you can get onboard your developers and get your containers up and running, but then as you bring in new groups, as you move over to Kubernetes or you get into more container workloads, how do you onboard your teams? How do you scale? And I tend to see a general trend of a big investment needed for about two years to make that container shift. And then the security tools come in and really blossom because once that core separation of responsibilities happens in the organization, then the security tools are able to accelerate the developer workflow and not inhibit it. >> You know, I'm glad you mentioned, you know, separation of responsibilities. We go to a lot of shows, as you know, with theCUBE, and many of them are cloud shows. And in the one hand, Cloud has, you know, obviously made the world, you know, more interesting and better in so many different ways and even security, but it's like new layers are forming. You got the cloud, you got the shared responsibility model, so the cloud is like the first line of defense. And then you got the CISO who is relying heavily on devs to, you know, the whole shift left thing. So we're asking developers to do a lot and then you're kind of behind them. I guess you have audit is like the last line of defense, but my question to you is how can software developers really ensure that cloud native tools that they're using are secure? What steps can they take to improve security and specifically what's Red Hat doing in that area? >> Yeah, well I think there's, I would actually move away from that being the developer responsibility. I think the job is the operators' and the security people. The tools to give them the ability to see. The vulnerabilities they're introducing. Let's say signing their images, actually verifying that the images that's thrown in the cloud, are the ones that they built, that can all be done and it can be done open source. So we have a DevSecOps validated pattern that Red Hat's pushed out, and it's all open source tools in the cloud native space. And you can sign your builds and verify them at runtime and make sure that you're doing that all for free as one option. But in general, I would say that the hope is that you give the developer the information to make responsible choices and that there's a dialogue between your security and operations and developer teams but security, we should not be pushing that on developer. And so I think with ACS and our tool, the goal is to get in and say, "Let's set some reasonable policies, have a conversation, let's get a security liaison." Let's say in the developer team so that we can make some changes over time. And the more we can automate that and the more we can build and have that conversation, the better that you'll, I don't say the more security clusters but I think that the more you're on your path of securing your environment. >> How much talk is there at the event about kind of recent high profile incidents? We heard, you know, Log4j, of course, was mentioned in the Keynote. Somebody, you know, I think yelled out from the audience, "We're still dealing with that." But when you think about these, you know, incidents when looking back, what lessons do you think we've learned from these events? >> Oh, I mean, I think that I would say, if you have an approach where you're managing your containers, managing the age and using containers to accelerate, so let's say no images that are older than 90 days, for example, you're going to avoid a lot of these issues. And so I think people that are still dealing with that aspect haven't set up the proper, let's say, disclosure between teams and update strategy and so on. So I don't want to, I think the Log4j, if it's still around, you know, something's missing there but in general you want to be able to respond quickly and to do that and need the tools and policies to be able to tell people how to fix that issue. I mean, the Log4j fix was seven days after, so your developers should have been well aware of that. Your security team should have been sending the messages out. And I remember even fielding all the calls, all the fires that we had to put out when that happened. But yeah. >> I thought Brian Behlendorf's, you know, talk this morning was interesting 'cause he was making an attempt to say, "Hey, here's some things that you might not be thinking about that are likely to occur." And I wonder if you could, you know, comment on them and give us your thoughts as to how the industry generally, maybe Red Hat specifically, are thinking about dealing with them. He mentioned ChatGPT or other GPT to automate Spear phishing. He said the identity problem is still not fixed. Then he talked about free riders sniffing repos essentially for known vulnerabilities that are slow to fix. He talked about regulations that might restrict shipping code. So these are things that, you know, essentially, we can, they're on the radar, but you know, we're kind of putting out, you know, yesterday's fire. What are your thoughts on those sort of potential issues that we're facing and how are you guys thinking about it? >> Yeah, that's a great question, and I think it's twofold. One, it's brought up in front of a lot of security leaders in the space for them to be aware of it because security, it's a constant battle, constant war that's being fought. ChatGPT lowers the barrier of entry for a lot of them, say, would-be hackers or people like that to understand systems and create, let's say, simple manifests to leverage Kubernetes or leverage a misconfiguration. So as the barrier drops, we as a security team in security, let's say group organization, need to be able to respond and have our own tools to be able to combat that, and we do. So a lot of it is just making sure that we shore up our barriers and that people are aware of these threats. The harder part I think is educating the public and that's why you tend to see maybe the supply chain trend be a little bit ahead of the implementation. I think they're still, for example, like S-bombs and signing an attestation. I think that's still, you know, a year, two years, away from becoming, let's say commonplace, especially in something like a production environment. Again, so, you know, stay bleeding edge, and then make sure that you're aware of these issues and we'll be constantly coming to these calls and filling you in on what we're doing and make sure that we're up to speed. >> Yeah, so I'm hearing from folks like yourself that the, you know, you think of the future of Cloud Native Security. We're going to see continued emphasis on, you know, better integration of security into the DevSecOps. You're pointing out it's really, you know, the ops piece, that runtime that we really need to shore up. You can't just put it on the shoulders of the devs. And, you know, using security focused tools and best practices. Of course you hear a lot about that and the continued drive toward automation. My question is, you know, automation, machine learning, how, where are we in that maturity cycle? How much of that is being adopted? Sometimes folks are, you know, they embrace automation but it brings, you know, unknown, unintended consequences. Are folks embracing that heavily? Are there risks associated around that, or are we kind of through that knothole in your view? >> Yeah, that's a great question. I would compare it to something like a smart home. You know, we sort of hit a wall. You can automate so much, but it has to actually be useful to your teams. So when we're going and deploying ACS and using a cloud service, like one, you know, you want something that's a service that you can easily set up. And then the other thing is you want to start in inform mode. So you can't just automate everything, even if you're doing runtime enforcement, you need to make sure that's very, very targeted to exactly what you want and then you have to be checking it because people start new workloads and people get onboarded every week or month. So it's finding that balance between policies where you can inform the developer and the operations teams and that they give them the information to act. And that worst case you can step in as a security team to stop it, you know, during the onboarding of our ACS cloud service. We have an early access program and I get on-calls, and it's not even security team, it's the operations team. It starts with the security product, you know, and sometimes it's just, "Hey, how do I, you know, set this policy so my developers will find this vulnerability like a Log4Shell and I just want to send 'em an email, right?" And these are, you know, they have the tools and they can do that. And so it's nice to see the operations take on some security. They can automate it because maybe you have a NetSec security team that doesn't know Kubernetes or containers as well. So that shared responsibility is really useful. And then just again, making that automation targeted, even though runtime enforcement is a constant thing that we talk about, the amount that we see it in the wild where people are properly setting up admission controllers and it's acting. It's, again, very targeted. Databases, cubits x, things that are basically we all know is a no-go in production. >> Thank you for that. My last question, I want to go to the, you know, the hardest part and 'cause you're talking to customers all the time and you guys are working on the hardest problems in the world. What is the hardest aspect of securing, I'm going to come back to the software supply chain, hardest aspect of securing the software supply chain from the perspective of a security pro, software engineer, developer, DevSecOps Pro, and then this part b of that is, is how are you attacking that specifically as Red Hat? >> Sure, so as a developer, it's managing vulnerabilities with updates. As an operations team, it's keeping all the cluster, because you have a bunch of different teams working in the same environment, let's say, from a security team. It's getting people to listen to you because there are a lot of things that need to be secured. And just communicating that and getting it actionable data to the people to make the decisions as hard from a C-suite. It's getting the buy-in because it's really hard to justify the dollars and cents of security when security is constantly having to have these conversations with developers. So for ACS, you know, we want to be able to give the developer those tools. We also want to build the dashboards and reporting so that people can see their vulnerabilities drop down over time. And also that they're able to respond to it quickly because really that's where the dollars and cents are made in the product. It's that a Log4Shell comes out. You get immediately notified when the feeds are updated and you have a policy in action that you can respond to it. So I can go to my CISOs and say, "Hey look, we're limiting vulnerabilities." And when this came out, the developers stopped it in production and we were able to update it with the next release. Right, like that's your bread and butter. That's the story that you want to tell. Again, it's a harder story to tell, but it's easy when you have the information to be able to justify the money that you're spending on your security tools. Hopefully that answered your question. >> It does. That was awesome. I mean, you got data, you got communication, you got the people, obviously there's skillsets, you have of course, tooling and technology is a big part of that. Michael, really appreciate you coming on the program, sharing what's happening on the ground in Seattle and can't wait to have you back. >> Yeah. Awesome. Thanks again for having me. >> Yeah, our pleasure. All right. Thanks for watching our coverage of the Cloud Native Security Con. I'm Dave Vellante. I'm in our Boston studio. We're connecting to Palo Alto. We're connecting on the ground in Seattle. Keep it right there for more coverage. Be right back. (lively music)

(upbeat music) >> Hey guys, welcome back to the show floor of KubeCon + CloudNativeCon '22 North America from Detroit, Michigan. Lisa Martin here with John Furrier. This is day one, John at theCUBE's coverage. >> CUBE's coverage. >> theCUBE's coverage of KubeCon. Try saying that five times fast. Day one, we have three wall-to-wall days. We've been talking about Kubernetes, containers, adoption, cloud adoption, app modernization all morning. We can't talk about those things without addressing security. >> Yeah, this segment we're going to hear container and Kubernetes security for modern application 'cause the enterprise are moving there. And this segment with Red Hat's going to be important because they are the leader in the enterprise when it comes to open source in Linux. So this is going to be a very fun segment. >> Very fun segment. Two guests from Red Hat join us. Please welcome Doron Caspin, Senior Principal Product Manager at Red Hat. Michael Foster joins us as well, Principal Product Marketing Manager and StackRox Community Lead at Red Hat. Guys, great to have you on the program. >> Thanks for having us. >> Thank you for having us. >> It's awesome. So Michael StackRox acquisition's been about a year. You got some news? >> Yeah, 18 months. >> Unpack that for us. >> It's been 18 months, yeah. So StackRox in 2017, originally we shifted to be the Kubernetes-native security platform. That was our goal, that was our vision. Red Hat obviously saw a lot of powerful, let's say, mission statement in that, and they bought us in 2021. Pre-acquisition we were looking to create a cloud service. Originally we ran on Kubernetes platforms, we had an operator and things like that. Now we are looking to basically bring customers in into our service preview for ACS as a cloud service. That's very exciting. Security conversation is top notch right now. It's an all time high. You can't go with anywhere without talking about security. And specifically in the code, we were talking before we came on camera, the software supply chain is real. It's not just about verification. Where do you guys see the challenges right now? Containers having, even scanning them is not good enough. First of all, you got to scan them and that may not be good enough. Where's the security challenges and where's the opportunity? >> I think a little bit of it is a new way of thinking. The speed of security is actually does make you secure. We want to keep our images up and fresh and updated and we also want to make sure that we're keeping the open source and the different images that we're bringing in secure. Doron, I know you have some things to say about that too. He's been working tirelessly on the cloud service. >> Yeah, I think that one thing, you need to trust your sources. Even if in the open source world, you don't want to copy paste libraries from the web. And most of our customers using third party vendors and getting images from different location, we need to trust our sources and we have a really good, even if you have really good scanning solution, you not always can trust it. You need to have a good solution for that. >> And you guys are having news, you're announcing the Red Hat Advanced Cluster Security Cloud Service. >> Yes. >> What is that? >> So we took StackRox and we took the opportunity to make it as a cloud services so customer can consume the product as a cloud services as a start offering and customer can buy it through for Amazon Marketplace and in the future Azure Marketplace. So customer can use it for the AKS and EKS and AKS and also of course OpenShift. So we are not specifically for OpenShift. We're not just OpenShift. We also provide support for EKS and AKS. So we provided the capability to secure the whole cloud posture. We know customer are not only OpenShift or not only EKS. We have both. We have free cloud or full cloud. So we have open. >> So it's not just OpenShift, it's Kubernetes, environments, all together. >> Doron: All together, yeah. >> Lisa: Meeting customers where they are. >> Yeah, exactly. And we focus on, we are not trying to boil the ocean or solve the whole cloud security posture. We try to solve the Kubernetes security cluster. It's very unique and very need unique solution for that. It's not just added value in our cloud security solution. We think it's something special for Kubernetes and this is what Red that is aiming to. To solve this issue. >> And the ACS platform really doesn't change at all. It's just how they're consuming it. It's a lot quicker in the cloud. Time to value is right there. As soon as you start up a Kubernetes cluster, you can get started with ACS cloud service and get going really quickly. >> I'm going to ask you guys a very simple question, but I heard it in the bar in the lobby last night. Practitioners talking and they were excited about the Red Hat opportunity. They actually asked a question, where do I go and get some free Red Hat to test some Kubernetes out and run helm or whatever. They want to play around. And do you guys have a program for someone to get start for free? >> Yeah, so the cloud service specifically, we're going to service preview. So if people sign up, they'll be able to test it out and give us feedback. That's what we're looking for. >> John: Is that a Sandbox or is that going to be in the cloud? >> They can run it in their own environment. So they can sign up. >> John: Free. >> Doron: Yeah, free. >> For the service preview. All we're asking for is for customer feedback. And I know it's actually getting busy there. It's starting December. So the quicker people are, the better. >> So my friend at the lobby I was talking to, I told you it was free. I gave you the sandbox, but check out your cloud too. >> And we also have the open source version so you can download it and use it. >> Yeah, people want to know how to get involved. I'm getting a lot more folks coming to Red Hat from the open source side that want to get their feet wet. That's been a lot of people rarely interested. That's a real testament to the product leadership. Congratulations. >> Yeah, thank you. >> So what are the key challenges that you have on your roadmap right now? You got the products out there, what's the current stake? Can you scope the adoption? Can you share where we're at? What people are doing specifically and the real challenges? >> I think one of the biggest challenges is talking with customers with a slightly, I don't want to say outdated, but an older approach to security. You hear things like malware pop up and it's like, well, really what we should be doing is keeping things into low and medium vulnerabilities, looking at the configuration, managing risk accordingly. Having disparate security tools or different teams doing various things, it's really hard to get a security picture of what's going on in the cluster. That's some of the biggest challenges that we talk with customers about. >> And in terms of resolving those challenges, you mentioned malware, we talk about ransomware. It's a household word these days. It's no longer, are we going to get hit? It's when? It's what's the severity? It's how often? How are you guys helping customers to dial down some of the risk that's inherent and only growing these days? >> Yeah, risk, it's a tough word to generalize, but our whole goal is to give you as much security information in a way that's consumable so that you can evaluate your risk, set policies, and then enforce them early on in the cluster or early on in the development pipeline so that your developers get the security information they need, hopefully asynchronously. That's the best way to do it. It's nice and quick, but yeah. I don't know if Doron you want to add to that? >> Yeah, so I think, yeah, we know that ransomware, again, it's a big world for everyone and we understand the area of the boundaries where we want to, what we want to protect. And we think it's about policies and where we enforce it. So, and if you can enforce it on, we know that as we discussed before that you can scan the image, but we never know what is in it until you really run it. So one of the thing that we we provide is runtime scanning. So you can scan and you can have policy in runtime. So enforce things in runtime. But even if one image got in a way and get to your cluster and run on somewhere, we can stop it in runtime. >> Yeah. And even with the runtime enforcement, the biggest thing we have to educate customers on is that's the last-ditch effort. We want to get these security controls as early as possible. That's where the value's going to be. So we don't want to be blocking things from getting to staging six weeks after developers have been working on a project. >> I want to get you guys thoughts on developer productivity. Had Docker CEO on earlier and since then I had a couple people messaging me. Love the vision of Docker, but Docker Hub has some legacy and it might not, has does something kind of adoption that some people think it does. Are people moving 'cause there times they want to have these their own places? No one place or maybe there is, or how do you guys see the movement of say Docker Hub to just using containers? I don't need to be Docker Hub. What's the vis-a-vis competition? >> I mean working with open source with Red Hat, you have to meet the developers where they are. If your tool isn't cutting it for developers, they're going to find a new tool and really they're the engine, the growth engine of a lot of these technologies. So again, if Docker, I don't want to speak about Docker or what they're doing specifically, but I know that they pretty much kicked off the container revolution and got this whole thing started. >> A lot of people are using your environment too. We're hearing a lot of uptake on the Red Hat side too. So, this is open source help, it all sorts stuff out in the end, like you said, but you guys are getting a lot of traction there. Can you share what's happening there? >> I think one of the biggest things from a developer experience that I've seen is the universal base image that people are using. I can speak from a security standpoint, it's awesome that you have a base image where you can make one change or one issue and it can impact a lot of different applications. That's one of the big benefits that I see in adoption. >> What are some of the business, I'm curious what some of the business outcomes are. You talked about faster time to value obviously being able to get security shifted left and from a control perspective. but what are some of the, if I'm a business, if I'm a telco or a healthcare organization or a financial organization, what are some of the top line benefits that this can bubble up to impact? >> I mean for me, with those two providers, compliance is a massive one. And just having an overall look at what's going on in your clusters, in your environments so that when audit time comes, you're prepared. You can get through that extremely quickly. And then as well, when something inevitably does happen, you can get a good image of all of like, let's say a Log4Shell happens, you know exactly what clusters are affected. The triage time is a lot quicker. Developers can get back to developing and then yeah, you can get through it. >> One thing that we see that customers compliance is huge. >> Yes. And we don't want to, the old way was that, okay, I will provision a cluster and I will do scans and find things, but I need to do for PCI DSS for example. Today the customer want to provision in advance a PCI DSS cluster. So you need to do the compliance before you provision the cluster and make all the configuration already baked for PCI DSS or HIPAA compliance or FedRAMP. And this is where we try to use our compliance, we have tools for compliance today on OpenShift and other clusters and other distribution, but you can do this in advance before you even provision the cluster. And we also have tools to enforce it after that, after your provision, but you have to do it again before and after to make it more feasible. >> Advanced cluster management and the compliance operator really help with that. That's why OpenShift Platform Plus as a bundle is so popular. Just being able to know that when a cluster gets provision, it's going to be in compliance with whatever the healthcare provider is using. And then you can automatically have ACS as well pop up so you know exactly what applications are running, you know it's in compliance. I mean that's the speed. >> You mentioned the word operator, I get triggering word now for me because operator role is changing significantly on this next wave coming because of the automation. They're operating, but they're also devs too. They're developing and composing. It's almost like a dashboard, Lego blocks. The operator's not just manually racking and stacking like the old days, I'm oversimplifying it, but the new operators running stuff, they got observability, they got coding, their servicing policy. There's a lot going on. There's a lot of knobs. Is it going to get simpler? How do you guys see the org structures changing to fill the gap on what should be a very simple, turn some knobs, operate at scale? >> Well, when StackRox originally got acquired, one of the first things we did was put ACS into an operator and it actually made the application life cycle so much easier. It was very easy in the console to go and say, Hey yeah, I want ACS my cluster, click it. It would get provisioned. New clusters would get provisioned automatically. So underneath it might get more complicated. But in terms of the application lifecycle, operators make things so much easier. >> And of course I saw, I was lucky enough with Lisa to see Project Wisdom in AnsibleFest. You going to say, Hey, Red Hat, spin up the clusters and just magically will be voice activated. Starting to see AI come in. So again, operations operator is got to dev vibe and an SRE vibe, but it's not that direct. Something's happening there. We're trying to put our finger on. What do you guys think is happening? What's the real? What's the action? What's transforming? >> That's a good question. I think in general, things just move to the developers all the time. I mean, we talk about shift left security, everything's always going that way. Developers how they're handing everything. I'm not sure exactly. Doron, do you have any thoughts on that. >> Doron, what's your reaction? You can just, it's okay, say what you want. >> So I spoke with one of our customers yesterday and they say that in the last years, we developed tons of code just to operate their infrastructure. That if developers, so five or six years ago when a developer wanted VM, it will take him a week to get a VM because they need all their approval and someone need to actually provision this VM on VMware. And today they automate all the way end-to-end and it take two minutes to get a VM for developer. So operators are becoming developers as you said, and they develop code and they make the infrastructure as code and infrastructure as operator to make it more easy for the business to run. >> And then also if you add in DataOps, AIOps, DataOps, Security Ops, that's the new IT. It seems to be the new IT is the stuff that's scaling, a lot of data's coming in, you got security. So all that's got to be brought in. How do you guys view that into the equation? >> Oh, I mean you become big generalists. I think there's a reason why those cloud security or cloud professional certificates are becoming so popular. You have to know a lot about all the different applications, be able to code it, automate it, like you said, hopefully everything as code. And then it also makes it easy for security tools to come in and look and examine where the vulnerabilities are when those things are as code. So because you're going and developing all this automation, you do become, let's say a generalist. >> We've been hearing on theCUBE here and we've been hearing the industry, burnout, associated with security professionals and some DataOps because the tsunami of data, tsunami of breaches, a lot of engineers getting called in the middle of the night. So that's not automated. So this got to get solved quickly, scaled up quickly. >> Yes. There's two part question there. I think in terms of the burnout aspect, you better send some love to your security team because they only get called when things get broken and when they're doing a great job you never hear about them. So I think that's one of the things, it's a thankless profession. From the second part, if you have the right tools in place so that when something does hit the fan and does break, then you can make an automated or a specific decision upstream to change that, then things become easy. It's when the tools aren't in place and you have desperate environments so that when a Log4Shell or something like that comes in, you're scrambling trying to figure out what clusters are where and where you're impacted. >> Point of attack, remediate fast. That seems to be the new move. >> Yeah. And you do need to know exactly what's going on in your clusters and how to remediate it quickly, how to get the most impact with one change. >> And that makes sense. The service area is expanding. More things are being pushed. So things will, whether it's a zero day vulnerability or just attack. >> Just mix, yeah. Customer automate their all of things, but it's good and bad. Some customer told us they, I think Spotify lost the whole a full zone because of one mistake of a customer because they automate everything and you make one mistake. >> It scale the failure really. >> Exactly. Scaled the failure really fast. >> That was actually few contact I think four years ago. They talked about it. It was a great learning experience. >> It worked double edge sword there. >> Yeah. So definitely we need to, again, scale automation, test automation way too, you need to hold the drills around data. >> Yeah, you have to know the impact. There's a lot of talk in the security space about what you can and can't automate. And by default when you install ACS, everything is non-enforced. You have to have an admission control. >> How are you guys seeing your customers? Obviously Red Hat's got a great customer base. How are they adopting to the managed service wave that's coming? People are liking the managed services now because they maybe have skills gap issues. So managed service is becoming a big part of the portfolio. What's your guys' take on the managed services piece? >> It's just time to value. You're developing a new application, you need to get it out there quick. If somebody, your competitor gets out there a month before you do, that's a huge market advantage. >> So you care how you got there. >> Exactly. And so we've had so much Kubernetes expertise over the last 10 or so, 10 plus year or well, Kubernetes for seven plus years at Red Hat, that why wouldn't you leverage that knowledge internally so you can get your application. >> Why change your toolchain and your workflows go faster and take advantage of the managed service because it's just about getting from point A to point B. >> Exactly. >> Well, in time to value is, you mentioned that it's not a trivial term, it's not a marketing term. There's a lot of impact that can be made. Organizations that can move faster, that can iterate faster, develop what their customers are looking for so that they have that competitive advantage. It's definitely not something that's trivial. >> Yeah. And working in marketing, whenever you get that new feature out and I can go and chat about it online, it's always awesome. You always get customers interests. >> Pushing new code, being secure. What's next for you guys? What's on the agenda? What's around the corner? We'll see a lot of Red Hat at re:Invent. Obviously your relationship with AWS as strong as a company. Multi-cloud is here. Supercloud as we've been saying. Supercloud is a thing. What's next for you guys? >> So we launch the cloud services and the idea that we will get feedback from customers. We are not going GA. We're not going to sell it for now. We want to get customers, we want to get feedback to make the product as best what we can sell and best we can give for our customers and get feedback. And when we go GA and we start selling this product, we will get the best product in the market. So this is our goal. We want to get the customer in the loop and get as much as feedback as we can. And also we working very closely with our customers, our existing customers to announce the product to add more and more features what the customer needs. It's all about supply chain. I don't like it, but we have to say, it's all about making things more automated and make things more easy for our customer to use to have security in the Kubernetes environment. >> So where can your customers go? Clearly, you've made a big impact on our viewers with your conversation today. Where are they going to be able to go to get their hands on the release? >> So you can find it on online. We have a website to sign up for this program. It's on my blog. We have a blog out there for ACS cloud services. You can just go there, sign up, and we will contact the customer. >> Yeah. And there's another way, if you ever want to get your hands on it and you can do it for free, Open Source StackRox. The product is open source completely. And I would love feedback in Slack channel. It's one of the, we also get a ton of feedback from people who aren't actually paying customers and they contribute upstream. So that's an awesome way to get started. But like you said, you go to, if you search ACS cloud service and service preview. Don't have to be a Red Hat customer. Just if you're running a CNCF compliant Kubernetes version. we'd love to hear from you. >> All open source, all out in the open. >> Yep. >> Getting it available to the customers, the non-customers, they hopefully pending customers. Guys, thank you so much for joining John and me talking about the new release, the evolution of StackRox in the last season of 18 months. Lot of good stuff here. I think you've done a great job of getting the audience excited about what you're releasing. Thank you for your time. >> Thank you. >> Thank you. >> For our guest and for John Furrier, Lisa Martin here in Detroit, KubeCon + CloudNativeCon North America. Coming to you live, we'll be back with our next guest in just a minute. (gentle music)

>>Hey everyone. Welcome to this cube conversation. I'm your host, Lisa Martin Rajko same joins me now the chief product officer at elation. Raj. Great to have you on the cube. Welcome. >>It's great to be here, Lisa. And I've been a fan for a while and excited to have a chance to talk with you live. >>And we've got some exciting stuff to talk about elation in terms of the success in the enterprise market. I see more than 25% of the fortune 100 doing great. There is customers elation and snowflake. Before we get into your exciting news. Talk to me a little bit about the evolution of the partnership. >>Yeah, no, absolutely. So, you know, we've always been a, a close partner and integrator with snowflake and last year snowflake became an investor in elation and they participated in our series D round. And the thing I'm most excited about beyond that is we were announced in the snowflake summit back in June to be their data governance partner of the year for the second year running. And so we've always had a closer relationship with snowflake, both at the go to market level and at the product level. And you know, the stuff that we're about to talk about is a Testament to that. >>Absolutely. It is. So talk to us before we get into the announcement. What you're seeing in the market as organizations are really becoming much more serious about being data driven and building a data culture. What are you seeing with respect to enterprises as well as those smaller folks? >>Yeah, no, it, it, it's, it's a great question. I mean, you, you hear the T tropes data is the new oil data is like water it's essential. And we're seeing that very consistently across every customer, every segment, every geo that we, that we talk to, I, I think the challenges that organizations are seeing that are leading to the amazing growth that we've seen at elation are there's so much data. They don't know where it resides. You've got silos or islands of knowledge that exist across the, the enterprise. And they need a data intelligence platform to bring it all together, to help them make sense of it and ultimately build a data culture that, you know, it lets their employees make data driven decisions as opposed to relying on gut. And so those are some of the macro trends that we're seeing and with the migration of data to the cloud and in particular snowflake, it seemed like a huge opportunity for us to partner even more closely with, with snowflake. And we're, we're excited about the progress that we've seen with them thus far. >>All right, let's get right into it. So first of all, define a data culture and then talk to us about how elation and snowflake are helping organizations to really achieve that. >>Yeah. You know, it, it's interesting. The, the company vision that we have at elation is to empower a curious and rational world. And you know, what that really means is we want to deliver solutions that drive curiosity and drive rational behavior. So making, making decisions based on data and insights, as opposed to gut, or, you know, the, the highest paid, you know, person's opinion or what have you. And so delivering a data culture, building a data culture, which is something we hear from all the CDOs that we talk to is, Hey, elation, help us drive data literacy across the organization, provide that single source of reference. So if anybody has a question about, do we have data that answers this, or, you know, what kind of performance are we seeing in this product area? Give me a starting point for my data exploration journey. And that's really where elation and our data intelligence solutions kind of come into the play. >>So unpack elation cloud service for snowflake. Talk to us about what it is, why you're doing it, what the significance of this partnership and this solution is delivering. >>Absolutely. So the elation cloud service for snowflake is a brand new offering that we just brought to market. And the intent really was, you know, we've had massive success in the global 2000. You mentioned the, the progress that we've had with fortune 100 customers, we see the need for data, culture, and data literacy and governance in organizations, you know, that are massive global multinational enterprises all the way down to divisions of an organization, or even, you know, mid-market and SMB companies. And so we thought there was a huge opportunity to really drive data culture for those organizations that are adopting snowflake, but still need that data intelligence overlay across the, the data that's in the snowflake cloud. And so what we did is we launched the elation cloud service for snowflake as a free trial, and then, you know, low cost purchase solution that, you know, can be adopted for less than a hundred thousand dollars a year. >>Got it. So tar from a target market perspective that lower end of the market for, of course, you know, these days, Raj, as we talk about every company, regardless of size, regardless of industry and location has to be a data company getting there and, and, and, and really defining and going on a journey to get there is really complex. So you're going now down market to meet those customers where they are, how will elation cloud service for snowflake help those customers, those smaller customers really become data driven and, and, and adopt a data culture. >>Yeah. Yeah. It's, it's a great question. I, I think the biggest goal that we had was making it really simple and easy for them to begin this journey. So, you know, we are now live in the snowflake partner connect portal. And if someone wants to experience the power of elation cloud service for snowflake, they just need to go to that portal, click the elation tile. And literally within less than two minutes, a brand new instance of elation is spun up. Their snowflake data is automatically being cataloged as part of this trial. And they have 14 days to go through this experience and, and get a sense of the power of elation to give them insights into what's in their snowflake platform, what governance options they can layer on top of their snowflake data cloud and how the data is transforming across their organization. >>So talk to me about who you're talking to within a customer. I was looking at some data that elation provided to me, and I see that according to Gartner data culture is priority number one for chief data officers, but for those smaller organizations, do they have chief data officers? Is that responsibility line still with the CIO? Who are you engaging with? >>Yeah, it's very, very, really great question. I, I think the larger organizations that we sell to definitely have a, a CDO and, you know, CDO sometimes is the chief data and analytics officer in smaller organizations, or even in divisions of big companies that, that, you know, might be target customers for ACS, for snowflake could be a, a VP of analytics could be head of marketing. Operations could be a data engineering function, so that might roll up into the it. And so I think that's, what's interesting is we, we wanted to take the friction out of the, the experience process and the trial process, and whoever is responsible for the snowflake instance and, and leveraging snowflake for, for data and analytics, they can explore and understand what the, a power elation layered on top of snowflake can provide for them. >>Okay. So another, another thing that I uncovered in researching for this segment is McKenzie says data, culture is decision culture. I thought that was a really profound statement, but it's also such a challenge to get there is organizations of all sizes are on various points in their journey to become data driven. What does that mean? How, how well, how do elation and help customers really achieve that data culture so that they can really have that decision culture so they can make faster, better data based decisions? >>Yeah, it, so I, I think a huge part of it, like if we think about our, our, our big area of focus, how do we enable users to find, understand trust, govern, and use data within snowflake in this instance? And so step one to drive data culture is how, how do you provide a single source of reference a, a, a search box, frankly, you know, Google for your, for your data environment, so that you can actually find data, then how do you understand it? You know, what's in there. What does it mean? What are the relationships between these data objects? Can I trust this? Is this sandbox data, or is this production data that can be used for reporting and analytics? How do I govern the data? So I know who's using it, who should use it, what policies are there. And so if, if we go through the set of features that we've built into ation cloud service for snowflake, it enables us to deliver on that promise result at the very end, resulting in the ability to explore the data that exists in the snowflake platform as well. >>Let's go ahead and unpack that. Now, talk to me about some of the key capabilities of the solution and what it's enabling organizations to achieve. >>Yeah, so, you know, it starts with cataloging the data itself. You know, we, we, we are the data catalog company. We basically define that category. And so step one is how do we connect to snowflake and automatically ingest all the metadata that exists within that snowflake cloud, as well as extract the lineage relationships between tables. So you can understand how the data is transforming within the snowflake data cloud. And so that provides visibility to, to begin that fine journey. You know, how, how do I actually discover data on the understand and trust front? I think where things get really interesting is we've integrated deeply with Snowflake's new data governance features. So they've got data policies that provide things like row level security and, and data masking. We integrate directly with those policies, extract them, ingest them into elation so that they can be discovered, can be easily applied or added to other data sets within snowflake directly from the elation UI. >>So now you've got policies layered on top of your data environment. Snowflake's introduced, tagging and classification capabilities. We automatically extract and ingest those tags. They're surfaced in inhalation. So if somebody looks for a data set that they're not familiar with, they can see, oh, here are the policies that this data set is applied to. Here are the tags that are applied. And so snow elation actually becomes almost like a user interface to the data that exists within that snowflake platform. And then maybe just two other things with the lineage that we extract. One of the most important things that you can deliver for users is impact analysis. Hey, if I'm gonna deprecate this table, or if I'm gonna make a change to what this table definition is, what are the downstream objects and users that should know about that? So, Hey, if this table's going away and my Tableau report over here is gonna stop working, boy, it'd be great to be able to get visibility into that before that change is made, we can do that automatically within the elation UI and, and really just make it easier for somebody to govern and manage the data that exists within the snowflake data cloud. >>So easier to govern and manage the data. Let's go up a level or two. Sure. Talk to me about some of the business outcomes that this solution is gonna help organizations to achieve. We talked about every company these days has to be a data company. Consumers expect this very personalized, relevant experience. What are you thinking? Some of the outcomes are gonna be that this technology and this partnership is gonna unlock. >>Yeah, no, I, I, I think step one, and this has always been a huge area of focus for us is just simply driving business productivity. So, you know, the, the data that we see in talking to CDOs and CDOs is the onboarding and, and getting productive the time it takes to onboard and, and get a data analyst productive. It, it can be nine to 12 months. And, you know, we all know the battle for talent these days is significant. And so if we can provide a solution, and this is exactly what we do that enables an organization to get a data analyst productive in weeks instead of months, or, or, you know, potentially even a year, the value that that analyst can deliver to the organization goes up dramatically because they're spending less time looking for data and figuring out who knows what about the data. >>They can go to elation, get those insights and start answering business questions, as opposed to trying to wrangle or figure out does the data exist. And, and, and where does it exist? So that's, that's one key dimension. I'd say the other one that, that I'd highlight is just being able to have a governance program that is monitored managed and well understood. So that, you know, whether it's dealing with CCPA or GDPR, you know, some of the regulatory regimes, the, the ability for an organization to feel like they have control over their data, and they understand where it is who's using it and how it's being used. Those are hugely important business outcomes that CIOs and CDOs tell us they need. And that's why we built the lation cloud service for snowflake >>On the first front. One of the things that popped into my mind in terms of really enabling workforce productivity, workforce efficiency, getting analysts ramped up dramatically faster also seems to me to be something that your customers can leverage from a talent attraction and retention perspective, which in today's market is critical. >>I, I so glad you mentioned that that's, that's actually one of the key pillars that we highlight as well is like, if you give great tools to employees, they're gonna be happier. And, and you'll be a, a preferred employer and people are gonna feel like, oh, this is an organization that I wanna work at because they're making my job easier and they're making it easier for me to deliver value and be productive to the organization. And that's, it's absolutely critical this, this, this war for talent that everybody talks about. It's real and great self-service tools that are empowering to employees are the things that are gonna differentiate companies and allow them to, to unleash the power of data, >>Unleash the power of data, really use it to the competitive advantage that it can and should be used for. When we look at, when you look at customers that are on that journey, that data catalog journey, they, you probably see such a variety of, of locations about where they are in that journey. Do you see a common thread when you're in customer conversations? Is there kind of a common denominator that you, you speak to where you, you really know elation and snowflake here is absolutely the right thing. >>Yeah, no, it, it, it's a good question. I would actually say the fact that a customer is on snowflake. I they're already, you know, a step up on that maturity curve. You know, one of the big use cases that we see with customers that is, is leading to the need for data intelligence solutions that, you know, like that elation can deliver is digital transformation and, and, and cloud migration, you know, we've got legacy data. On-prem, we know we need to move to the cloud to get better agility, better scaling, you know, perhaps, you know, reduced costs, et cetera. And so I think step one, on that, that qualification criteria or that maturity journey is, Hey, if you're already in snowflake, that's a great sign because you're, you're recognizing the power of a data cloud platform and, and, and warehouse like snowflake. And so that's a, a, a great signal to us that this is a customer that wants to, you know, really better understand how they can get value out of, out of their solution. I think the next step on that journey is a recognition that they're not utilizing the data that they have as effectively as they can and should be, and they're not, and, and their employees are still struggling with, you know, where does the data exist? Can I trust it? It, you know, it, who do I know tends to be more important than do I have a tool that will help me understand the data. And so customers that are asking those sorts of questions are ideal customers for the elation cloud service for snowflake solution. >>So enabling those customers to get their hands on it, there's a free trial. Talk to us about that. And where can the audience go to actually click and try? >>Absolutely. So, you know, we'll, we'll be doing our usual marketing and, and promotion of this, but what I'm super excited about, you know, again, I mentioned earlier, you know, this is part of our, our cloud native multi 10 and architecture. We are live in the snowflake partner connect portal. And so if you are logged into snowflake and are an admin, you can go to the partner connect portal and you will see a tile. I think it's alphabetically, sorted and elation starts with a so pretty easy to find. I don't think you'll have to do too much searching. And literally all you have to do is click on that tile, answer a couple quick questions. And in the background in about two minutes, your elation instance will get spun up. We'll we will have sample data sets in there. There's some guided tours that you can walk through to kind of get a feel for the power of snowflake. >>So policy center lineage, you know, tags, our intelligent SQL tool that allows you to smartly query the snowflake data cloud and publish queries, share queries with others, collaborate on them for, for greater insights. And there's, you know, as you would expect with any, you know, online free trial, you know, we've got a built in chat bot. So if you have a question, wanna get a better sense of how a particular feature works or curious about how elation might work. In other areas, you can, you know, ask a question to the chat bot and we've got product specialists on the back end that can answer questions. So we really wanna make that journey as, as seamless and easy as, as possible. And hopefully that results in enough interests that the customer wants to, to, or the, the trial user wants to become a customer. And, and that's where our great sales organization will kind of take the Baton from there. >>And there's the, there's the objective there, and I'm sure Raj folks can find out about the free trial and access it. You, you mentioned through the marketplace, more information on elian.com. I imagine they can go there to access it as well, >>A hundred percent elation.com. We're on Twitter, we're on LinkedIn, but yeah, if you have any questions, you know, you can just search for elation cloud service for snowflake, or just go to the elation.com website. Absolutely. >>All right. Elation cloud service for snowflake. Congratulations on the launch to you and the entire elation team. We look forward to hearing customer success stories and really seeing those business outcomes realize in the next few months, Raj, thanks so much for your time. >>Thank you so much, Lisa. It's great to talk to you. >>Likewise, Raj gin. I'm Lisa Martin. Thank you for watching this cube conversation. Stay right here for more great action on the cube, the leader in live tech coverage.

>>The cube presents, Coon and cloud native con Europe, 2022, brought to you by red hat, the cloud native computing foundation and its ecosystem partners. >>Welcome to Valencia Spain in Coon cloud native con 2022 Europe. I'm Keith Townsend, along with my cohot on Rico senior, Etti senior it analyst at gig home. We are talking to amazing people, creators people contributing to all these open source projects. Speaking of open source on Rico. Talk to me about the flavor of this show versus a traditional like vendor show of all these open source projects and open source based companies. >>Well, first of all, I think that the real difference is that this is a real conference. Hmm. So real people talking about, you know, projects about, so the, the open source stuff, the experiences are, you know, on stage and there are not really too many product pitches. It's, it's about, it's about the people. It's about the projects. It's about the, the challenges they had, how they, you know, overcome some of them. And, uh, that's the main difference. I mean, it's very educative informative and the kind of people is different. I mean, developers, you know, SREs, you know, you find ends on people. I mean, people that really do stuff that that's a real difference. I mean, uh, quite challenginghow discussing with them, but really, I mean, because they're really opinionated, but >>So we're gonna get talked to, to a company that has boosts on the ground doing open source since the, almost the start mm-hmm <affirmative> Kirsten newcomer, director of hybrid platform security at red hat and, uh, Connor Gorman, senior principal software engineer at red hat. So Kirsten, we're gonna start with you security and Kubernetes, you know, is Kubernetes. It's a, it's a race car. If I wanted security, I'd drive a minivan. <laugh> >>That's, that's a great frame. I think, I think though, if we stick with your, your car analogy, right, we have seen cars in cars and safety in cars evolve over the years to the point where you have airbags, even in, you know, souped up cars that somebody's driving on the street, a race car, race cars have safety built into, right. They do their best to protect those drivers. So I think while Kubernetes, you know, started as something that was largely, you know, used by Google in their environment, you know, had some perimeter based security as Kubernetes has become adopted throughout enterprises, as people. And especially, you know, we've seen the adoption accelerate during the pandemic, the move to both public cloud, but also private cloud is really accelerated. Security becomes even more important. You can't use Kubernetes in banking without security. You can't use it, uh, in automotive without security telco. >>And Kubernetes is, you know, Telco's adoption, Telco's deploying 5g on Kubernetes on open shift. Um, and, and this is just so the security capabilities have evolved over time to meet the customers and the adopters really red hat because of our enterprise customer base, we've been investing in security capabilities and we make those contributions upstream. We've been doing that really from the beginning of our adoption of Kubernetes, Kubernetes 1.0, and we continue to expand the security capabilities that we provide. And which is one of the reasons, you know, the acquisition of stack rocks was, was so important to us. >>And, and actually we are talking about security at different levels. I mean, so yeah, and different locations. So you are securing an edge location differently than a data center or, or, or maybe, you know, the cloud. So there are application level security. So there are so many angles to take this. >>Yeah. And, and you're right. I mean, I, there are the layers of the stack, which starts, you know, can start at the hardware level, right. And then the operating system, the Kubernetes orchestration all the services, you need to have a complete Kubernetes solution and application platform and then the services themselves. And you're absolutely right. That an edge deployment is different than a deployment, uh, on, you know, uh, AWS or in a private da data center. Um, and, and yet, because there is this, if you, if you're leveraging the heart of Kubernetes, the declarative nature of Kubernetes, you can do Kubernetes security in a way that can be consistent across these environments with the need to do some additions at the edge, right? You may, physical security is more important at the edge hardware based encryption, for example, whereas in a, in a cloud provider, your encryption might be at the cloud provider storage layer rather than hardware. >>So how do you orchestrate, because we are talking about orchestration all day and how do you orchestrate all these security? >>Yep. So one of the things, one of the evolutions that we've seen in our customer base in the last few years is we used to have, um, a small number of large clusters that our customers deployed and they used in a multi-tenant fashion, right? Multiple teams from within the organization. We're now starting to see a larger number of smaller clusters. And those clusters are in different locations. They might be, uh, customers are both deploying in public cloud, as well as private, you know, on premises, um, edge deployments, as you mentioned. And so we've invested in, uh, multi cluster management and, or, you know, sort of that orchestration for orchestrators, right? The, and because again of the declarative nature of Kubernetes, so we offer, uh, advanced cluster management, red hat, advanced cluster management, which we open sourced as the multi cluster engine CE. Um, so that component is now also freely available, open source. We do that with everything. So if you need a way to ensure that you have managed the configuration appropriately across all of these clusters in a declarative fashion, right. It's still YAML, it's written in YAML use ACM use CE in combination with a get ops approach, right. To manage that, uh, to ensure that you've got that environment consistent. And, and then, but then you have to monitor, right. You have to, I'm wearing >>All of these stack rocks >>Fits in. I mean, yeah, sure. >>Yeah. And so, um, you know, we took a Kubernetes native approach to securing all of this. Right. And there's kind of, uh, we have to say, there's like three major life cycles. You have the build life cycle, right. You're building these imutable images to go deployed to production. Right. That should never change that are, you know, locked at a point in time. And so you can do vulnerability scanning, you can do compliance checks at that point right. In the build phase. But then you put those in a registry, then those go and be deployed on top of Kubernetes. And you have the configuration of your application, you know, including any vulnerabilities that may exist in those images, you have the R back permissions, right. How much access does it have to the cluster? Is it exposed on the internet? Right. What can you do there? >>And then finally you have, the runtime perspective of is my pod is my container actually doing what I think it's supposed to do. Is it accessing all the right things? Is it running all the right processes? And then even taking that runtime information and influencing the configuration through things like network policies, where we have a feature called process baselining that you can say exactly what processes are supposed to run in this pod. Um, and then influencing configuration in that way to kind of be like, yeah, this is what it's doing. And let's go stamp this, you know, declaratively so that when you deploy it the next time you already have security built in at the Kubernetes level. >>So as we've talked about a couple of different topics, the abstraction layers, I have security around DevOps. So, you know, I have multi tendency, I have to deal with, think about how am I going to secure the, the, the Kubernetes infrastructure itself. Then I have what seems like you've been talking about here, Connor, which is dev SecOps mm-hmm <affirmative> and the practice of securing the application through policy. Right. Are customers really getting what's under the hood of dev SecOps? >>Do you wanna start or yeah. >>I mean, I think yes and no. I think, um, you know, we've, some organizations are definitely getting it right. And they have teams that are helping build things like network policies, which provide network segmentation. I think this is huge for compliance and multi-tenancy right. Just like containers, you know, one of the main benefits of containers, it provides this isolation between your applications, right? And then everyone's familiar with the network firewall, which is providing network segmentation, but now in between your applications inside Kubernetes, you can create, uh, network segmentation. Right. And so we have some folks that are super, super far along that path and, and creating those. And we have some folks who have no network policies except the ones that get installed with our products. Right. And then we say, okay, how can we help you guys start leveraging these things and, and creating maybe just basic name, space isolation, or things like that. And then trying to push that back into more the declarative approach. >>So some of what I think we hear from, from what Connor just te teed up is that real DevSecOps requires breaking down silos between developers, operations and security, including network security teams. And so the Kubernetes paradigm requires, uh, involvement actually, in some ways, it, it forces involvement of developers in things like network policy for the SDN layer, right? You need to, you know, the application developer knows which, what kinds of communication he or she, his app or her app needs to function. So they need to define, they need to figure out those network policies. Now, some network security teams, they're not familiar with YAML, they're not necessary familiar with software development, software defined networking. So there's this whole kind of, how do we do the network security in collaboration with the engineering team? And when people, one of the things I worry about, so DevSecOps it's technology, but it's people in process too. >>Right. And one of the things I think people are very comfortable adopting vulnerability scanning early on, but they haven't yet started to think about the network security angle. This is one area that not only do we have the ability in ACS stack rocks today to recommend a network policy based on a running deployment, and then make it easy to deploy that. But we're also working to shift that left so that you can actually analyze app deployment data prior to it being deployed, generate a network policy, tested out in staging and, and kind of go from the beginning. But again, people do vulnerability analysis shift left, but they kind of tend to stop there and you need to add app config analysis, network communication analysis, and then we need appropriate security gates at deployment time. We need the right automation that helps inform the developers. Not all developers have security expertise, not all security people understand a C I C D pipeline. Right. So, so how, you know, we need the right set of information to the right people in the place they're used to working in order to really do that infinity loop. >>Do you see this as a natural progression for developers? Do they really hit a wall before, you know, uh, finding out that they need to progress in, in this, uh, methodology? Or I know >>What else? Yeah. So I think, I think initially there's like a period of transition, right? Where there's sometimes there's opinion, oh, I, I ship my application. That's what I get paid for. That's what I do. Right. <laugh> um, and, and, but since, uh, Kubernetes has basically increased the velocity of developers on top, you know, of the platform in order to just deploy their own code. And, you know, we have every, some people have commits going to production, you know, every commitment on the repo goes to production. Right. Um, and so security is even more at the forefront there. So I think initially you hit a little bit of a wall security scans in CI. You could get some failures and some pushback, but as long as these are very informative and actionable, right. Then developers always wanna do the right thing. Right. I mean, we all want to ship secure code. >>Um, and so if you can inform you, Hey, this is why we do this. Or, or here's the information about this? I think it's really important because I'm like, right, okay. Now when I'm sending my next commits, I'm like, okay, these are some constraints that I'm thinking about, and it's sort of like a mindset shift, but I think through the tooling that we like know and love, and we use on top of Kubernetes, that's the best way to kind of convey that information of, you know, honestly significantly smaller security teams than the number of developers that are really pushing all of this code. >>So let's scale out what, talk to me about the larger landscape projects like prime cube, Litner, OPPI different areas of investment in, in, in security. Talk to me about where customers are making investments. >>You wanna start with coup linter. >>Sure. So coup linter was a open source project, uh, when we were still, uh, a private company and it was really around taking some of our functionality on our product and just making it available to everyone, to basically check configuration, um, both bridging DevOps and SecOps, right? There's some things around, uh, privileged containers, right? You usually don't wanna deploy those into your environment unless you really need to, but there's other things around, okay, do I have anti affinity rules, right. Am I running, you know, you can run 10 replicas of a pod on the same node, and now your failure domain is a single node. Now you want them on different nodes, right. And so you can do a bunch of checks just around the configuration DevOps best practices. And so we've actually seen quite a bit of adoption. I think we have like almost 2000 stars on, uh, and super happy to see people just really adopt that and integrate it into their pipelines. It's a single binary. So it's been super easy for people to take it into their C I C D and just, and start running three things through it and get, uh, you know, valuable insights into, to what configurations they should change. Right. >>And then if you're, if you were asking about things like, uh, OPPA, open policy agent and OPPA gatekeeper, so one of the things happening in the community about OPPA has been around for a while. Uh, they added, you know, the OPPA gatekeeper as an admission controller for Cobe. There's also veno another open source project that is doing, uh, admission as the Kubernetes community has, uh, kind of is decided to deprecate pod security policies, um, which had a level of complexity, but is one of the key security capabilities and gates built into Kubernetes itself. Um, OpenShift is gonna continue to have security context constraints, very similar, but it prevents by default on an OpenShift cluster. Uh, not a regular user cannot deploy a privileged pod or a pod that has access to the host network. Um, and there's se Linux configuration on by default also protects against container escapes to the file system or mitigates them. >>So pod security policies were one way to ensure that kind of constraint on what the developer did. Developers might not have had awareness of what was important in terms of the level of security. And so again, the cube and tools like that can help to inform the developer in the tools they use, and then a solution like OPPA, gatekeeper, or SCCs. That's something that runs on the cluster. So if something got through the pipeline or somebody's not using one of these tools, those gates can be leveraged to ensure that the security posture of the deployment is what the organization wants and OPPA gatekeeper. You can do very complex policies with that. And >>Lastly, talk to me about Falco and Claire, about what Falco >>Falco and yep, absolutely. So, um, Falco, great runtime analysis have been and something that stack rocks leveraged early on. So >>Yeah, so yeah, we leveraged, um, some libraries from Falco. Uh, we use either an EB P F pro or a kernel module to detect runtime events. Right. And we, we primarily focus on network and process activity as, um, as angles there. And then for Claire, um, it's, it's now within red hat again, <laugh>, uh, through the acquisition of cores, but, uh, we've forked in added a bunch of things around language vulnerabilities and, and different aspects that we wanted. And, uh, and you know, we're really interested in, I think, you know, the code bases have diversion a little bit Claire's on V4. We, we were based off V2, but I think we've both added a ton of really great features. And so I'm really looking forward to actually combining all of those features and kind of building, um, you know, we have two best of best of breed scanners right now. And I'm like, okay, what can we do when we put them together? And so that's something that, uh, I'm really excited about. >>So you, you somehow are aiming at, you know, your roadmap here now putting everything together. And again, orchestrated well integrated yeah. To, to get, you know, also a simplified experience, because that could be the >>Point. Yeah. And, and as you mentioned, you know, it's sort of that, that orchestration of orchestrators, like leveraging the Kubernetes operator principle to, to deliver an app, an opinionated Kubernetes platform has, has been one of the key things we've done. And we're doing that as well for security out of the box security policies, principles based on best practices with stack rocks that can be leveraged in the community or with red hat, advanced cluster security, combining our two scanners into one clear based scanner, contributing back, contributing back to Falco all of these things. >>Well, that speaks to the complexity of open source projects. There's a lot of overlap in reconciling. That is a very difficult thing. Kirsten Connor, thank you for joining the cube Connor. You're now a cube alone. Welcome to main elite group. Great. From Valencia Spain, I'm Keith Townsend, along with en Rico senior, and you're watching the cue, the leader in high tech coverage.

(upbeat music) >> Welcome back. We're winding down theCUBE's coverage of Red Hat Summit 2022. We're here at the Seaport in Boston. It's been two days of a little different Red Hat Summit. We're used to eight, 9,000 people. It's much smaller event this year, fewer developers or actually in terms of the mix, a lot more suits this year, which is kind of interesting to see that evolution and a big virtual audience. And I love the way, the keynotes we've noticed are a lot tighter. They're pithy, on time, they're not keeping us in the hall for three hours. So we appreciate that kind of catering to the virtual audience. Dave Vellante here with my co-host, Paul Gillin. As to say things are winding down, there was an analyst event here today, that's ended, but luckily we have Jim Mercer here as a research director at IDC. He's going to share maybe some of the learnings from that event today and this event overall, we're going to talk about DevSecOps. And Kirsten Newcomer is director of security, product management and hybrid platforms at Red Hat. Folks, welcome. >> Thank you. >> Thank you. >> Great to see you. >> Great to be here. >> Security's everywhere, right? You and I have spoken about the supply chain hacks, we've done some sort of interesting work around that and reporting around that. I feel like SolarWinds created a new awareness. You see these moments, it's Stuxnet, or WannaCry and now is SolarWinds very insidious, but security, Red Hat, it's everywhere in your portfolio. Maybe talk about the strategy. >> Sure, absolutely. We feel strongly that it's really important that security be something that is managed in a holistic way present throughout the application stack, starting with the operating system and also throughout the life cycle, which is partly where DevSecOps comes in. So Red Hat has kind of had a long history here, right? Think SELinux and Red Hat Enterprise Linux for mandatory access control. That's been a key component of securing containers in a Kubernetes environment. SELinux has demonstrated the ability to prevent or mitigate container escapes to the file system. And we just have continued to work up the stack as we go, our acquisition of stack rocks a little over a year ago, now known as Red Hat Advanced Cluster Security, gives us the opportunity to really deliver on that DevSecOps component. So Kubernetes native security solution with the ability to both help shift security left for the developers by integrating in the supply chain, but also providing a SecOps perspective for the operations and the security team and feeding information between the two to really try and do that closed infinity loop and then an additional investment more recently in sigstore and some technologies. >> Interesting. >> Yeah, is interesting. >> Go ahead. >> But Shift Left, explain to people what you mean by Shift Left for people might not be familiar with that term. >> Fair enough. For many, many years, right, IT security has been something that's largely been part of an operations environment and not something that developers tended to need to be engaged in with the exception of say source code static analysis tools. We started to see vulnerability management tools get added, but even then they tend to come after the application has been built. And I even ran a few years ago, I ran into a customer who said my security team won't let me get this information early. So Shift Left is all about making sure that there are security gates in the app dev process and information provided to the developer as early as possible. In fact, even in the IDE, Red Hat code ready dependency analytics does that, so that the developers are part of the solution and don't have to wait and get their apps stalled just before it's ready to go into deployment. >> Thank you. You've also been advocating for supply chain security, software supply chain. First of all, explain what a software supply chain is and then, what is unique about the security needs of that environment? >> Sure. And the SolarWinds example, as Dave said, really kind of has raised awareness around this. So just like we use the term supply chain, most people given kind of what's been happening with the pandemic, they've started hearing that term a lot more than they used to, right? So there's a supply chain to get your groceries, to the grocery store, food to the grocery store. There's a supply chain for manufacturing, where do the parts come for the laptops that we're all using, right? And where do they get assembled? Software has a supply chain also, right? So for years and even more so now, developers have been including open source components into the applications they build. So some of the supplies for the applications, the components of those applications, they can come from anywhere in the world. They can come from a wide range of open source projects. Developers are adding their custom code to that. All of this needs to be built together, delivered together and so when we think about a supply chain and the SolarWinds hack, right, there are a couple of elements of supply chain security that are particularly key. The executive order from May of last year, I think was partly in direct response to the SolarWinds hack. And it calls out that we need a software bill of materials. Now again, in manufacturing that's something folks are used to, I actually had the opportunity to contribute to the software package data exchange format, SPDX when it was first started, I've lost track of when that was. But an S-bomb is all about saying, what are all of those components that I'm delivering in my solution? It might be an application layer. It might be the host operating system layer, but at every layer. And if I know what's in what I'm delivering, I have the opportunity to learn more information about those components to track where does Log4Shell, right? When the Log4j or Spring4Shell, which followed shortly thereafter. When those hit, how do I find out which solutions that I'm running have the vulnerable components in them and where are they? The software bill of materials helps with that but you also have to know where, right. And that's the Ops side. I feel like I missed a piece of your question. >> No, it's not a silver bullet though, to your point and Log4j very widely used, but let's bring Jim into the conversation. So Jim, we've been talking about some of these trends, what's your focus area of research? What are you seeing as some of the mega trends in this space? >> I mean, I focus in DevOps and DevSecOps and it's interesting just talking about trends. Kirsten was mentioning the open source and if you look back five, six, seven years ago and you went to any major financial institution, you asked them if they use an open source. Oh, no. >> True. >> We don't use that, right. We wrote it all here. It's all from our developers-- >> Witchcraft. >> Yeah, right, exactly. But the reality is, they probably use a little open source back then but they didn't realize it. >> It's exactly true. >> However, today, not only are they not on versed to open source, they're seeking it out, right. So we have survey data that kind of indicates... A survey that was run kind of in late 2021 that shows that 70% of those who responded said that within the next two years 90% of their applications will be made up of open source. In other words, the content of an application, 10% will be written by themselves and 90% will come from other sources. So we're seeing these more kind of composite applications. Not, everybody's kind of, if you will, at that 90%, but applications are much more composite than they were before. So I'm pulling in pieces, but I'm taking the innovation of the community. So I not only have the innovation of my developers, but I can expand that. I can take the innovation to the community and bring that in and do things much quicker. I can also not have my developers worry about things that, maybe just kind of common stuff that's out there that might have already been written. In other words, just focus on the business logic, don't focus on, how to get orders or how to move widgets and those types of things that everybody does 'cause that's out there in open source. I'll just take that, right. I'll take it, somebody's perfected it, better than I'll ever do. I'll take that in and then I'll just focus and build my business logic on top of that. So open source has been a boom for growth. And I think we've heard a little bit of that (Kirsten laughs) in the last two days-- >> In the Keynotes. >> From Red Hat, right. But talking about the software bill of materials, and then you think about now I taking all that stuff in, I have my first level open source that I took in, it's called it component A. But behind component A is all these transitive dependencies. In other words, open source also uses open source, right? So there's this kind of this, if you will, web or nest, if you want to call it that, of transitive dependencies that need to be understood. And if I have five, six layers deep, I have a vulnerability in another component and I'm over here. Well, guess what? I picked up that vulnerability, right. Even though I didn't explicitly go for that component. So that's where understanding that software bill of materials is really important. I like to explain it as, during the pandemic, we've all experienced, there was all this contact tracing. It was a term where all came to mind. The software bill of materials is like the contact tracing for your open source, right. >> Good analogy. >> Anything that I've come in contact with, just because I came in contact with it, even though I didn't explicitly go looking for COVID, if you will, I got it, right. So in the same regard, that's how I do the contact tracing for my software. >> That 90% figure is really striking. 90% open source use is really striking, considering that it wasn't that long ago that one of the wraps on open source was it's insecure because anybody can see the code, therefore anybody can see the vulnerabilities. What changed? >> I'll say that, what changed is kind of first, the understanding that I can leapfrog and innovate with open source, right? There's more open source content out there. So as organizations had to digitally transform themselves and we've all heard the terminology around, well, hey, with the pandemic, we've leapfrog up five years of digital transformation or something along those lines, right? Open source is part of what helps those teams to do that type of leapfrog and do that type of innovation. You had to develop all of that natively, it just takes too long, or you might not have the talent to do it, right. And to find that talent to do it. So it kind of gives you that benefit. The interesting thing about what you mentioned there was, now we're hearing about all these vulnerabilities, right, in open source, that we need to contend with because the bad guys realize that I'm taking a lot of open source and they're saying, geez, that's a great way to get myself into applications. If I get myself into this one open source component, I'll get into thousands or more applications. So it's a fast path into the supply chain. And that's why it's so important that you understand where your vulnerabilities are in the software-- >> I think the visibility cuts two ways though. So when people say, it's insecure because it's visible. In fact, actually the visibility helps with security. The reality that I can go see the code, that there is a community working on finding and fixing vulnerabilities in that code. Whereas in code that is not open source it's a little bit more security by obscurity, which isn't really security. And there could well be vulnerabilities that a good hacker is going to find, but are not disclosed. So one of the other things we feel strongly about at Red Hat, frankly, is if there is a CVE that affects our code, we disclose that publicly, we have a public CVE database. And it's actually really important to us that we share that, we think we share way more information about issues in our code than most other users or consumers of open source and we work that through the broad community as well. And then also for our enterprise customers, if an issue needs to be fixed, we don't just fix it in the most recent version of the open source. We will backport that fix. And one of the challenges, if you're only addressing the most recent version, that may not be well tested, it might have other bugs, it might have other issues. When we backport a security vulnerability fix, we're able to do that to a stable version, give the customers the benefit of all the testing and use that's gone on while also fixing. >> Kirsten, can you talk about the announcements 'cause everybody's wondering, okay, now what do I do about this? What technology is there to help me? Obviously this framework, you got to follow the right processes, skill sets, all that, not to dismiss that, that's the most important part, but the announcements that you made at Red Hat Summit and how does the StackRox acquisition fit into those? >> Sure. So in particular, if we stick with DevSecOps a minute, but again, I'll do. Again for me, DevSecOps is the full life cycle and many people think of it as just that Shift Left piece. But for me, it's the whole thing. So StackRox ACS has had the ability to integrate into the CI/CD pipeline before we bought them. That continues. They don't just assess for vulnerabilities, but also for application misconfigurations, excess proof requests and helm charts, deployment YAML. So kind of the big, there are two sort of major things in the DevSecOps angle of the announcement or the supply chain angle of the announcement, which is the investment that we've been making in sigstore, signing, getting integrity of the components, the elements you're deploying is important. I have been asked for years about the ability to sign container images. The reality is that the signing technology and Red Hat signs everything we ship and always have, but the signing technology wasn't designed to be used in a CI/CD pipeline and sigstore is explicitly designed for that use case to make it easy for developers, as well as you can back it with full CO, you can back it with an OIDC based signing, keyless signing, throw away the key. Or if you want that enterprise CA, you can have that backing there too. >> And you can establish that as a protocol where you must. >> You can, right. So our pattern-- >> So that would've helped with SolarWinds. >> Absolutely. >> Because they were putting in malware and then taking it out, seeing what happened. My question was, could sigstore help? I always evaluate now everything and I'm not a security expert, but would this have helped with SolarWinds? A lot of times the answer is no. >> It's a combination. So a combination of sigstore integrated with Tekton Chains. So we ship Tekton, which is a Kubernetes supply chain pipeline. As OpenShift pipelines, we added chains to that. Chains allows you to attest every step in your pipeline. And you're doing that attestation by signing those steps so that you can validate that those steps have not changed. And in fact, the folks at SolarWinds are using Tekton Chains. They did a great talk in October at KubeCon North America on the changes they've made to their supply chain. So they're using both Tekton Chains and sigstore as part of their updated pipeline. Our pattern will allow our customers to deploy OpenShift, advanced cluster manager, advanced cluster security and Quay with security gates in place. And that include a pipeline built on Tekton with Tekton Chains there to sign those steps in the pipeline to enable signing of the code that's moving through that pipeline to store that signature in Quay and to validate the image signature upon deployment with advanced cluster security. >> So Jim, your perspective on this, Red Hat's, I mean, you care about security, security's everywhere, but you're not a security company. You follow security companies. There's like far too many of them. CISOs all say my number one challenge is lack of talent, but I have all these tools to deal with. You see new emerging companies that are doing pretty well. And then you see a company that's highly respected, like an Okta screw up the communications on a pretty benign hack. Actually, when you peel the onion on that, it's just this mess (chuckles) and it doesn't seem like it's going to get any simpler. Maybe the answer is companies like Red Hat kind of absorbing that and taking care of it. What do you see there? I mean, maybe it's great for business 'cause you've got so many companies. >> There's a lot of companies and there's certainly a lot of innovation out there and unique ways to make security easier, right. I mean, one of the keys here is to be able to make security easier for developers, right. One of the challenges with adopting DevSecOps is if DevSecOps creates a lot of friction in the process, it's hard to really... I can do it once, but I can't keep doing that and get the same kind of velocity. So I need to take the friction out of the process. And one of the challenges a lot of organizations have, and I've heard this from the development side, but I've also heard it from the InfoSec side, right. Because I take inquiry for people on InfoSec, and they're like, how do I get these developers to do what I want? And part of the challenge they have is like, I got these teams using these tools. I got those teams using those tools. And it's a similar challenge that we saw on DevOps where there's just too many, if you will, too many dang tools, right. So that is a challenge for organizations is, they're trying to kind of normalize the tools. Interestingly, we did a survey, I think around last August or something. And one of the questions was around, where do you want your security? Where do you want to get your DevSecOps security from, do you want to get it from individual vendors? Or do you want to get it from like, your platforms that you're using and deploying changes in Kubernetes. >> Great question. What did they say? >> The majority of them, they're hoping they can get it built into the platform. That's really what they want. And you see a lot of the security vendors are trying to build security platforms. Like we're not just assess tool, we're desk, we're this, whatever. And they're building platforms to kind of be that end-to-end security platform, trying to solve that problem, right, to make it easier to kind of consume the product overall, without a bunch of individual tools along the way. But certainly tool sprawl is definitely a challenge out there. Just one other point around the sigstore stuff which I love. Because that goes back to the supply chain and talking about digital providence, right. Understanding where things... How do I validate that what I gave you is what you thought it was, right. And what I like about it with Tekton Chains is because there's a couple things. Well, first of all, I don't want to just sign things after I built the binary. Well, I mean, I do want to sign it, but I want to just sign things once, right. Because all through the process, I think of it as a manufacturing plant, right. I'm making automobiles. If I check the quality of the automobile at one stage and I don't check it to the other, things have changed, right. How do I know that I did something wasn't compromised, right. So with sigstore kind of tied in with Tekton Chains, kind of gives me that view. And the other aspect I like it about is, this kind of transparency in the log, right-- >> The report component. >> Exactly. So I can see what was going on. So there is some this kind of like public scrutiny, like if something bad happened, you could go back and see what happened there and it wasn't as you were expected. >> As with most discussions on this topic, we could go for an hour because it's really important. And thank you guys for coming on and sharing your perspectives, the data. >> Our pleasure. >> And keep up the good work. Kirsten, it's on you. >> Thanks so much. >> The IDC survey said it, they want it in platforms. You're up. >> (laughs) That's right. >> All right. Good luck to both you. >> Thank you both so much. >> All right. And thank you for watching. We're back to wrap right after this short break. This is Dave Vellante for Paul Gill. You're watching theCUBE. (upbeat music)

>> From around the globe, it's theCUBE, with coverage of KubeCon and CloudNativeCon Europe 2021 Virtual. Brought to you by Red Hat, the Cloud Native Computing Foundation and ecosystem partners. >> Hello, welcome back to theCUBE's coverage of KubeCon 2021 CloudNativeCon Europe Virtual, I'm John Furrier your host, preview with Brian Gracely from Red Hat Senior Director Product Strategy Cloud Business Unit Brian Gracely great to see you. Former CUBE host CUBE alumni, big time strategist at Red Hat, great to see you, always great. And also the founder of Cloudcast which is an amazing podcast on cloud, part of the cloud (indistinct), great to see you Brian. Hope's all well. >> Great to see you too, you know for years, theCUBE was always sort of the ESPN of tech, I feel like, you know ESPN has become nothing but highlights. This is where all the good conversation is. It's theCUBE has become sort of the the clubhouse of tech, if you will. I know that's that's an area you're focused on, so yeah I'm excited to be back on and good to talk to you. >> It's funny you know, with all the events going away loved going out extracting the signal from the noise, you know, game day kind of vibe. CUBE Virtual has really expanded, so it's been so much more fun because we can get more people easy to dial in. So we're going to keep that feature post COVID. You're going to hear more about theCUBE Virtual hybrid events are going to be a big part of it, which is great because as you know and we've talked about communities and ecosystems are huge advantage right now it's been a big part of the Red Hat story. Now part of IBM bringing that mojo to the table the role of ecosystems with hybrid cloud is so critical. Can you share your thoughts on this? Because I know you study it, you have podcasts you've had one for many years, you understand that democratization and this new direct to audience kind of concept. Share your thoughts on this new ecosystem. >> Yeah, I think so, you know, we're sort of putting this in the context of what we all sort of familiarly call KubeCon but you know, if we think about it, it started as KubeCon it was sort of about this one technology but it's always been CloudNativeCon and we've sort of downplayed the cloud native part of it. But even if we think about it now, you know Kubernetes to a certain extent has kind of, you know there's this feeling around the community that, that piece of the puzzle is kind of boring. You know, it's 21 releases in, and there's lots of different offerings that you can get access to. There's still, you know, a lot of innovation but the rest of the ecosystem has just exploded. So it's, you know, there are ecosystem partners and companies that are working on edge and miniaturization. You know, we're seeing things like Kubernetes now getting into outer space and it's in the space station. We're seeing, you know, Linux get on Mars. But we're also seeing, you know, stuff on the other side of the spectrum. We're sort of seeing, you know awesome people doing database work and streaming and AI and ML on top of Kubernetes. So, you know, the ecosystem is doing what you'd expect it to do once one part of it gets stable. The innovation sort of builds on top of it. And, you know, even though we're virtual, we're still seeing just tons and tons of contributions, different companies different people stepping up and leading. So it's been really cool to watch the last few years. >> Yes, interesting point about the CloudNativeCon. That's an interesting insight, and I totally agree with you. And I think it's worth double clicking on. Let me just ask you, because when you look at like, say Kubernetes, okay, it's enabled a lot. Okay, it's been called the dial tone of Cloud native. I think Pat Gelsinger of VMware used that term. We call it the kind of the interoperability layer it enables more large scale deployments. So you're seeing a lot more Kubernetes enablement on clusters. Which is causing more hybrid cloud which means more Cloud native. So it actually is creating a network effect in and of itself with more Cloud native components and it's changing the development cycle. So the question I want to ask you is one how does a customer deal with that? Because people are saying, I like hybrid. I agree, Multicloud is coming around the corner. And of course, Multicloud is just a subsystem of resource underneath hybrid. How do I connect it all? Now I have multiple vendors, I have multiple clusters. I'm cross-cloud, I'm connecting multiple clouds multiple services, Kubernetes clusters, some get stood up some gets to down, it's very dynamic. >> Yeah, it's very dynamic. It's actually, you know, just coincidentally, you know, our lead architect, a guy named Clayton Coleman, who was one of the Kubernetes founders, is going to give a talk on sort of Kubernetes is this hybrid control plane. So we're already starting to see the tentacles come out of it. So you know how we do cross cloud networking how we do cross cloud provisioning of services. So like, how do I go discover what's in other clouds? You know and I think like you said, it took people a few years to figure out, like how do I use this new thing, this Kubernetes thing. How do I harness it. And, but the demand has since become "I have to do multi-cloud." And that means, you know, hey our company acquires companies, so you know, we don't necessarily know where that next company we acquire is going to run. Are they going to run on AWS? Are they going to, you know, run on Azure I've got to be able to run in multiple places. You know, we're seeing banking industries say, "hey, look cloud's now a viable target for you to put your applications, but you have to treat multiple clouds as if they're your backup domains." And so we're, you know, we're seeing both, you know the way business operates whether it's acquisitions or new things driving it. We're seeing regulations driving hybrid and multi-cloud and, even you know, even if the stalwart were to you know, set for a long time, well the world's only going to be public cloud and sort of you know, legacy data centers even those folks are now coming around to "I've got to bring hybrid to, to these places." So it's been more than just technology. It's been, you know, industries pushing it regulations pushing it, a lot of stuff. So, but like I said, we're going to be talking about kind of our future, our vision on that, our future on that. And, you know Red Hat everything we end up doing is a community activity. So we expect a lot of people will get on board with it >> You know, for all the old timers out there they can relate to this. But I remember in the 80's the OSI Open Systems Interconnect, and I was chatting with Paul Cormier about this because we were kind of grew up through that generation. That disrupted network protocols that were proprietary and that opened the door for massive, massive growth massive innovation around just getting that interoperability with TCP/IP, and then everything else happened. So Kubernetes does that, that's a phenomenal impact. So Cloud native to me is at that stage where it's totally next-gen and it's happening really fast. And a lot of people getting caught off guard, Brian. So you know, I got to to ask you as a product strategist, what's your, how would you give them the navigation of where that North star is? If I'm a customer, okay, I got to figure out where I got to navigate now. I know it's super volatile, changing super fast. What's your advice? >> I think it's a couple of pieces, you know we're seeing more and more that, you know, the technology decisions don't get driven out of sort of central IT as much anymore right? We sort of talk all the time that every business opportunity, every business project has a technology component to it. And I think what we're seeing is the companies that tend to be successful with it have built up the muscle, built up the skill set to say, okay, when this line of business says, I need to do something new and innovative I've got the capabilities to sort of stand behind that. They're not out trying to learn it new they're not chasing it. So that's a big piece of it, is letting the business drive your technology decisions as opposed to what happened for a long time which was we built out technology, we hope they would come. You know, the other piece of it is I think because we're seeing so much push from different directions. So we're seeing, you know people put technology out at the edge. We're able to do some, you know unique scalable things, you know in the cloud and so forth That, you know more and more companies are having to say, "hey, look, I'm not, I'm not in the pharmaceutical business. I'm not in the automotive business, I'm in software." And so, you know the companies that realize that faster, and then, you know once they sort of come to those realizations they realize, that's my new normal, those are the ones that are investing in software skills. And they're not afraid to say, look, you know even if my existing staff is, you know, 30 years of sort of history, I'm not afraid to bring in some folks that that'll break a few eggs and, you know, and use them as a lighthouse within their organization to retrain and sort of reset, you know, what's possible. So it's the business doesn't move. That's the the thing that drives all of them. And it's, if you embrace it, we see a lot of success. It's the ones that, that push back on it really hard. And, you know the market tends to sort of push back on them as well. >> Well we're previewing KubeCon CloudNativeCon. We'll amplify that it's CloudNativeCon as well. You guys bought StackRox, okay, so interesting company, not an open source company they have soon to be, I'm assuring, but Advanced Cluster Security, ACS, as it's known it's really been a key part of Red Hat. Can you give us the strategy behind that deal? What does that product, how does it fit in that's a lot of people are really talking about this acquisition. >> Yeah so here's the way we looked at it, is we've learned a couple of things over the last say five years that we've been really head down in Kubernetes, right? One is, we've always embedded a lot of security capabilities in the platform. So OpenShift being our core Kubernetes platform. And then what's happened over time is customers have said to us, "that's great, you've made the platform very secure" but the reality is, you know, our software supply chain. So the way that we build applications that, you know we need to secure that better. We need to deal with these more dynamic environments. And then once the applications are deployed they interact with various types of networks. I need to better secure those environments too. So we realized that we needed to expand our functionality beyond the core platform of OpenShift. And then the second thing that we've learned over the last number of years is to be successful in this space, it's really hard to take technology that wasn't designed for containers, or it wasn't designed for Kubernetes and kind of retrofit it back into that. And so when we were looking at potential acquisition targets, we really narrowed down to companies whose fundamental technologies were you know, Kubernetes-centric, you know having had to modify something to get to Kubernetes, and StackRox was really the leader in that space. They really, you know have been the leader in enterprise Kubernetes security. And the great thing about them was, you know not only did they have this Kubernetes expertise but on top of that, probably half of their customers were already OpenShift customers. And about 3/4 of their customers were using you know, native Kubernetes services and other clouds. So, you know, when we went and talked to them and said, "Hey we believe in Kubernetes, we believe in multi-cloud. We believe in open source," they said, "yeah, those are all the foundational things for us." And to your point about it, you know, maybe not being an open source company, they actually had a number of sort of ancillary projects that were open source. So they weren't unfamiliar to it. And then now that the acquisition's closed, we will do what we do with every piece of Red Hat technology. We'll make sure that within a reasonable period of time that it's made open source. And so you know, it's good for the community. It allows them to keep focusing on their innovation. >> Yeah you've got to get that code out there cool. Brian, I'm hearing about Platform Plus what is that about? Take us through that. >> Yeah, so you know, one of the things that our customers, you know, have come to us over time is it's you know, it's like, I've been saying kind of throughout this discussion, right? Kubernetes is foundational, but it's become pretty stable. The things that people are solving for now are like, you highlighted lots and lots of clusters, they're all over the place. That was something that our advanced cluster management capabilities were able to solve for people. Once you start getting into lots of places you've got to be able to secure things everywhere you go. And so OpenShift for us really allows us to bundle together, you know, sort of the complete set of the portfolio. So the platform, security management, and it also gives us the foundational pieces or it allows our customers to buy the foundational pieces that are going to help them do multi and hybrid cloud. And, you know, when we bundle that we can save them probably 25% in terms of sort of product acquisition. And then obviously the integration work we do you know, saves a ton on the operational side. So it's a new way for us to, to not only bundle the platform and the technologies but it gets customers in a mindset that says, "hey we've moved past sort of single environments to hybrid and multi-cloud environments. >> Awesome, well thanks for the update on that, appreciate it. One of the things going into KubeCon, and that we're watching closely is this Cloud native developer action. Certainly end users want to get that in a separate section with you but the end user contribution, which is like exploding. But on the developer side there's a real trend towards adding stronger consistency programmability support for more use cases okay. Where it's becoming more of a data platform as a requirement. >> Brian: Right. >> So how, so that's a trend so I'm kind of thinking, there's no disagreement on that. >> Brian: No, absolutely. >> What does that mean? Like I'm a customer, that sounds good. How do I make that happen? 'Cause that's the critical discussion right now in the DevOps, DevSecOps day, two operations. What you want to call it. This is the number one concern for developers and that solution architect, consistency, programmability more use cases with data as a platform. >> Yeah, I think, you know the way I kind of frame this up was you know, for any for any organization, the last thing you want to to do is sort of keep investing in lots of platforms, right? So platforms are great on their surface but once you're having to manage five and six and, you know 10 or however many you're managing, the economies of scale go away. And so what's been really interesting to watch with Kubernetes is, you know when we first got started everything was Cloud native application but that really was sort of, you know shorthand for stateless applications. We quickly saw a move to, you know, people that said, "Hey I can modernize something, you know, a Stateful application and we add that into Kubernetes, right? The community added the ability to do Stateful applications and that got people a certain amount of the way. And they sort of started saying, okay maybe Kubernetes can help me peel off some things of an existing platform. So I can peel off, you know Java workloads or I can peel off, what's been this explosion is the data community, if you will. So, you know, the TensorFlows the PItorches, you know, the Apache community with things like Couchbase and Kafka, TensorFlow, all these things that, you know maybe in the past didn't necessarily, had their own sort of underlying system are now defaulting to Kubernetes. And what we see because of that is, you know people now can say, okay, these data workloads these AI and ML workloads are so important to my business, right? Like I can directly point to cost savings. I can point to, you know, driving innovation and because Kubernetes is now their default sort of way of running, you know we're seeing just sort of what used to be, you know small islands of clusters become these enormous footprints whether they're in the cloud or in their data center. And that's almost become, you know, the most prevalent most widely used use case. And again, it makes total sense. It's exactly the trends that we've seen in our industry, even before Kubernetes. And now people are saying, okay, I can consolidate a lot of stuff on Kubernetes. I can get away from all those silos. So, you know, that's been a huge thing over the last probably year plus. And the cool thing is we've also seen, you know the hardware vendors. So whether it's Intel or Nvidia, especially around GPUs, really getting on board and trying to make that simpler. So it's not just the software ecosystem. It's also the hardware ecosystem, really getting on board. >> Awesome, Brian let me get your thoughts on the cloud versus the power dynamics between the cloud players and the open source software vendors. So what's the Red Hat relationship with the cloud players with the hybrid architecture, 'cause you want to set up the modern day developer environment, we get that right. And it's hybrid, what's the relationship with the cloud players? >> You know, I think so we we've always had two philosophies that haven't really changed. One is, we believe in open source and open licensing. So you haven't seen us look at the cloud as, a competitive threat, right? We didn't want to make our business, and the way we compete in business, you know change our philosophy in software. So we've always sort of maintained open licenses permissive licenses, but the second piece is you know, we've looked at the cloud providers as very much partners. And mostly because our customers look at them as partners. So, you know, if Delta Airlines or Deutsche Bank or somebody says, "hey that cloud provider is going to be our partner and we want you to be part of that journey, we need to be partners with that cloud as well." And you've seen that sort of manifest itself in terms of, you know, we haven't gone and set up new SaaS offerings that are Red Hat offerings. We've actually taken a different approach than a lot of the open source companies. And we've said we're going to embed our capabilities, especially, you know OpenShift into AWS, into Azure into IBM cloud working with Google cloud. So we'd look at them very much as a partner. I think it aligns to how Red Hat's done things in the past. And you know, we think, you know even though it maybe easy to sort of see a way of monetizing things you know, changing licensing, we've always found that, you've got to allow the ecosystem to compete. You've got to allow customers to go where they want to go. And we try and be there in the most consumable way possible. So that's worked out really well for us. >> So I got to bring up the end user participation component. That's a big theme here at KubeCon going into it and around the event is, and we've seen this trend happen. I mean, Envoy, Lyft the laying examples are out there. But they're more end-use enterprises coming in. So the enterprise class I call classic enterprise end user participation is at an all time high in opensource. You guys have the biggest portfolio of enterprises in the business. What's the trend that you're seeing because it used to be limited to the hyperscalers the Lyfts and the Facebooks and the big guys. Now you have, you know enterprises coming in the business model is working, can you just share your thoughts on CloudNativeCons participation for end users? >> Yeah, I think we're definitely seeing a blurring of lines between what used to be the Silicon Valley companies were the ones that would create innovation. So like you mentioned Lyft, or, you know LinkedIn doing Kafka or Twitter doing you know, whatever. But as we've seen more and more especially enterprises look at themselves as software companies right. So, you know if you talk about, you know, Ford or Volkswagen they think of themselves as a software company, almost more than they think about themselves as a car company, right. They're a sort of mobile transportation company you know, something like that. And so they look at themselves as I've got to I've got to have software as an expertise. I've got to compete for the best talent, no matter where that talent is, right? So it doesn't have to be in Detroit or in Germany or wherever I can go get that anywhere. And I think what they really, they look for us to do is you know, they've got great technology chops but they don't always understand kind of the the nuances and the dynamics of open-source right. They're used to having their own proprietary internal stuff. And so a lot of times they'll come to us, not you know, "Hey how do we work with the project?" But you know like here's new technology. But they'll come to us and they'll say "how do we be good, good stewards in this community? How do we make sure that we can set up our own internal open source office and have that group, work with communities?" And so the dynamics have really changed. I think a lot of them have, you know they've looked at Silicon Valley for years and now they're modeling it, but it's, you know, for us it's great because now we're talking the same language, you know we're able to share sort of experiences we're able to share best practices. So it is really, really interesting in terms of, you know, how far that whole sort of software is eating the world thing is materialized in sort of every industry. >> Yeah and it's the workloads of expanding Cloud native everywhere edge is blowing up big time. Brian, final question for you before we break. >> You bet. >> Thanks for coming on and always great to chat with you. It's always riffing and getting the data out too. What's your expectation for KubeCon CloudNativeCon this year? What are you expecting to see? What highlights do you expect will come out of CloudNativeCon KubeCon this year? >> Yeah, I think, you know like I said, I think it's going to be much more on the Cloud native side, you know we're seeing a ton of new communities come out. I think that's going to be the big headline is the number of new communities that are, you know have sort of built up a following. So whether it's Crossplane or whether it's, you know get-ops or whether it's, you know expanding around the work that's going on in operators we're going to see a whole bunch of projects around, you know, developer sort of frameworks and developer experience and so forth. So I think the big thing we're going to see is sort of this next stage of, you know a thousand flowers are blooming and we're going to see probably a half dozen or so new communities come out of this one really strong and you know the trends around those are going to accelerate. So I think that'll probably be the biggest takeaway. And then I think just the fact that the community is going to come out stronger after the pandemic than maybe it did before, because we're learning you know, new ways to work remotely, and that, that brings in a ton of new companies and contributors. So I think those two big things will be the headlines. And, you know, the state of the community is strong as they, as they like to say >> Yeah, love the ecosystem, I think the values are going to be network effect, ecosystems, integration standards evolving very quickly out in the open. Great to see Brian Gracely Senior Director Product Strategy at Red Hat for the cloud business unit, also podcasts are over a million episode downloads for the cloud cast podcast, thecloudcast.net. What's it Brian, what's the stats now. >> Yeah, I think we've, we've done over 500 shows. We're you know, about a million and a half listeners a year. So it's, you know again, it's great to have community followings and, you know, and meet people from around the world. So, you know, so many of these things intersect it's a real pleasure to work with everybody >> You're going to create a culture, well done. We're all been there, done that great job. >> Thank you >> Check out the cloud cast, of course, Red Hat's got the great OpenShift mojo going on into KubeCon. Brian, thanks for coming on. >> Thanks John. >> Okay so CUBE coverage of KubeCon, CloudNativeCon Europe 2021 Virtual, I'm John Furrier with theCUBE virtual. Thanks for watching. (upbeat music)

>> Narrator: From theCUBE Studios in Palo Alto in Boston, connecting with thought leaders all around the world, this is a CUBE conversation. >> Hi, I'm Stu Miniman, the host of Cloud Native Insights. And when we kicked off this program, Cloud Native Insights, we wanted to talk about the innovation and agility that's happening, not just Cloud as a location. We're going to draw down a little bit into one of the very important pieces of a company and that's their websites and their applications, that live in that environment. And of course, that comes from a lot of changes over the years. Any of us that have been in tech for a couple of decades have worked from the early days, to of course today's multimedia globally distributed environment and everyone during the global pandemic, of course, has been (indistinct) straining their use of the internet. So really excited to welcome to the program the two co-founders of Netlify. I have Matt Biilmann, who is the CEO, and his co-founder Christian Bach, who is the president both of Netlify really the company behind Jamstack, which we're going to explain and talk about a bit. Matt and Chris, thank you so much for joining us. >> Thanks for having us. >> Thank you for having us >> All right so, let's start with just some of the basics. I expect that some of our audience is not familiar with Jamstack. You do a quick Google search and it's JavaScript, its APIs, its markup. And you say, okay, I understand what a bunch of that means. But, yeah, if you could give us kind of a compare contrast to what web development was before and how Jamstack's really helping to revolutionize what's happening in this space. >> Yes, so for many years, we built websites and web applications with an application based architecture, where every website or every application would be this monolithic application with typically like a load balancer, a set of web servers, application servers, and that database and every request through a page would go through this whole stack it would pass through the application layer, talk to the database, fetch template, merge data and template, build HTML on the fly and send it back to the user. And basically what we saw happening and what's been happening with the Jamstack is this decoupling of the actual front-end presentation layer of the websites and web applications and then the back-end layer. And the advantages there is that if you can really pre-build the front-end application layer, you can take the actual HTML, or an application shell and distribute it across a globally distributed network, you can get it into the hands of the user's browser very quickly. And then the back end, what we've seen happening there is that it's split up to all these different APIs and services you no longer have your one monolithic back end you have all these different services. Where some of your own but a lot of them are other people's services like Stripe or Twilio or Algolia or Contentful. So we've seen this shift to this architecture, where we're considered in a way that the stack has moved up a little from the old tooling where something like the LAMP stack would be common in really naming the programming language, the specific web server, the Linux server, the operating system, and so on right? And then up to a level where it's really about getting an application into the browser, using JavaScript as the runtime and talking to this whole new economy of APIs and services. >> Yeah, Chris I wonder if you could bring us inside your customers and the companies that you talk to. I think about for the longest time it was, maybe I just outsource my web development, but website is one of those key components that I share my value, I share what's going on, I want to be able to change it pretty often and there's so much more that I can do today than I could have done 10 years ago. We've watched that mark. So, help us understand, what skill sets do people need to have? what type of companies are using Jamstack? And, bring in if you can, Netlify. How is this a business and not just, an open source standards movement, that's helping to revolutionize what's happening? >> Absolutely, I mean, First of all, people using this and companies use this is extremely wide. Wide vertical, right? Its very horizontal. This is anyone with a digital property basically, right? I think what we've seen all the time is that, that we have a lot more channels than we used to have, right? So we started off just maybe having the one dot com, right? With limited functionality. And today, you have a multiple channels, right? You have the landing pages, you have the domains, you have lots of activities online. You have mobile apps and commerce is often a big part of it, and I would say especially the last few months, there's a lot of people that had the digital convergence points as one of many. And now it's the only ones, right? So I think it's become extremely important. I also think that when you look at your web infrastructure in general, it has been very complex, right? And you need a lot of different people, right? And you need to maintain staging environments, production lines, development environments. You need to, have a wide set of skills to maintain these things, right? And if a web developer wanted to do a lot of things, right? They have to go and tap DevOps and so on on the shoulder, right? And I think what the Jamstack is about saying, hey, you can get so much further as a web developer. Now, if you take the modern built tools, you can take the Git workflows, and you wrap around the browser that has become a full-fledged operating system and the API economy as Matt was just talking about. You have these workflows, or you potentially have these workflows, where you can get so much further, right? And that's very much Netlify submission. So Netlify saw this opportunity of decoupling the front end from the back end of the building from the hosting of creating an approach to making websites that would be many times faster, 'cause you have multiple points of origin and you don't feel fredurous. It's many times safer. There's not that huge surface area of attack. It's much more scalable, and so on. It was sort of a win-win-win. But the problem was, there was no viable workflow. If you take a traditional CDN, and you put it in, it doesn't matter really, if it's one or the other. As good as they (indistinct) services, they're all meant to sit in front of an origin, right? They're meant to buffer something. And if you have the gems, there's no origin in that way, right? The network in itself has to be an origin so it has to be architectured quite differently. And then there's a lot of things around CDCI and how you server lists and so on. That all had to be sort of re-merged . And Netlify is that glue, it is that platform that takes you from local development all the way out to edge nodes. But allows you to mix and match any tool. So it's not program independent. So you can say, well, we use a build tool, and that's PHP or Ruby or JavaScript, the react or Next or whatever it might be, right? And we use these APIs for this server, for this property. Over here we have a commerce site. Over here, we have a dotcom, that needs a huge enterprise CMS with tons of stakeholders. But the thing is that all of those now becomes something that plugs into your website. Rather than have to drive the website itself. And that's sort of frees up the silos. So when we see people using Netlify, we have companies using Netlify. Big Fitness Company, for example, that own fitness company that uses us for developer documentation, or their marketing sites, but also for their dotcom. But even if you go to the equipment that people have at home, and you log in, that's actually using some very nifty identity and remote based access control for Netlify and if you watch the video there, it's also going through a Netlify player, all right? We have fast food chains that has their dotcom and their marketing sites, but also the kiosks down in the store like the menus, the screens there. Rather than being an old Windows NT server running some .NET application in a dusty corner, why not have it like that? And so, both the category but also Netlify sort of brings in a solution and because it's decoupled from all those architectural choices, that means that you can now use the solution in a much, much wider setting. And we were sort of first to market doing this. They get serverless approach where you just push your serverless functions to get better Netlify. First Feature Deploy Previews Were invented by us and so on. So the Jamstack is an extremely wide fundamental architectural approach that matches basically anyone that wants to build web properties. Netlify is the segnostic wide platform that just makes it possible. >> Yeah, good Chris actually, I saw the Peloton use case up on the website and you're right, a very different experience rather than I bring my device, is it synced? Does it work with it? Really integrates those solutions. And you just brought up serverless, which is actually how I got connected to talk in Netlify. So, Matt, sorry, I think you wanted to jump in there but I was wondering if you could help us. I've looked at serverless and what the promise of serverless of course, is that I don't need to think about that underlying infrastructure. I just like developers build our applications. Well, feels like that's really the same mission that you have. And they're serverless is a piece of your story. So, maybe explain (indistinct) that out a little for us. >> Absolutely, I think it ties in, right? Basically, what we saw just from a architectural perspective was this approach of really decoupling front end and back end and so on and working in a new way that gave a lot of benefits to the inducers in performance and security and so on right? But on the other hand, early on, what we saw was that to adopt that approach, like developers had to deal with lot of different moving pieces like CICD, CDN. What to do about the API endpoints that didn't need to be dynamic, and so on. And as Netlify, what we saw was that we could give one intro and workflow for all of this and make it extremely easy for developers to work with this thing. And serverless plays a really important piece there, right? Because when Amazon pioneered AWS Lambda and took it to the world, right? I think the promise also for the front-end web developers of being able to simply write code and then not have to worry at all about where is it actually running? How are we scaling it? How are we operating it and so on, right? That's a really powerful promise, right? But at the same time, in the same way, what we saw earlier on was that for a front-end team to actually adopt serverless functions as part of the Jamstack, it introduced another level of complexity of now having to manage your serverless functions independent from your front end figuring out API Gateway endpoints for every one of them. And how about deployment pipeline for your functions layer versus deployment pipelines for the actual front end layer that's supposed to talk to those front ends. How about staging environments versus to production environments? How do you manage all that, right? So we saw that there was this inherent incredible potential, but also a lot of complexity, right? And as Netlify we saw that if we could give front end developers a web developers in general, an ene-to-end workflow, where they can work both with the front-end framework, write the code that will get deployed into the browser, but also just have a folder where they can write this serverless functions and then know that Netlify will take care of all of the wiring, right? When you open a pull request and get with new function we'll give you a URL on our globally distributed CDN where you can view both the whole front end, but also the function and sidestep sort of all of the complexities of linking together API Gateways, to functions of managing CICD pipelines and test environments and so on. And in the end, the serverless functions starts becoming a really important part of this Jamstack approach, right? Because you have this world where you have a front end that's often talking to many different APIs and services where again, some of your own and some other people's services. But really often you need some place to glue those together or to build your own custom API endpoint that talks to a couple of them and it has access to server site secrets and so on, right? And this idea of not having to suddenly operate and manage a whole set of servers and infrastructure just for that part of it, but simply just writing the code and then knowing, that you don't have to worry about the operation scalability or anything around that code. That's a really powerful paradigm. >> Yeah, that's one of the real challenges of the Cloud as you talk about the Paradox of Choice. There's so many ways to do things. Not necessarily... It's simple anybody... I was a blogger for many years and it was like, well, I'll just use the self-hosted WordPress, because I don't want to have to worry about that piece of it. Matt, I watched it you did a presentation talking about if I wanted to do WordPress hosted in a AWS that absolutely is not simple. I heard a podcast from one of your board members, Tom Preston Werner, talking about we need to be more opinionated. We need to be able to give more guidance to developers, maybe Chris if you could, how are we when the proliferation of choice, keeps increasing, making sure that people can... How do I make that decision tree? And how do we try to keep it simple? >> Absolutely, I mean, and I actually think that, that's a super relevant question, because you have a lot of choice as a web developer today. Front-end developers used to cut out Photoshop files and turn them into HTML, right? Now with the new advanced markup, and they have all these frameworks and flavors of JavaScript to choose between and there's these powerful build tools, And all those workflows and the browser can do everything you can imagine, right? And so yeah, there is a lot of choice out there, right? And I think, for Netlify what's extremely important is that we are opinionated in the right places. And so when it comes to, for example, a front-end tool and built tools and these things that web developers often face with having to choose between. Our role is to make it as simple as possible to use any of them. But also give you the opportunity of saying, well, this new paradigm allows you to actually mix and match, right? It allows you to use this tool for this property and this tool for this property and gives you a ton of flexibility. But still, come under one roof of a platform like Netlify. And I think that is very powerful. And so we also don't want to choose for you, we want to inform your choices and we want to make it as easy as possible to go and say, hey, these are my needs, what direction should I be going? And of course, we work with enterprise clients, so on migration services, and so on, right? And where we help them a lot with that. But if we locked down on a single flavor, or a single bill tool or a single front end framework, then we also limit the application of what we bring to market and we want to remain a little more open-ended there. But I think there's a lot complexity, a platform like Netlify is all about simplification. So all that wiring that Matt just mentioned, that at least goes, right? You don't spend hours configuring bondage caching and trying to find those edge cases, it just works. And that's a huge game changer for a lot of people, right? But there's definitely parts of the ecosystem that has a lot of choice. And we do our best to inform. And I think, under hand holding part, adjacent to that is the story of, well, do we then start using content management systems? Is this a whole new? Is it out with the old and in with the new? And I would say, you still have a lot of those needs, right? You still have non-technical people, for example, that needs to be able to update and create moves and content, and so on, right? And create content. And so you very often will need and an E-commerce solution or content management systems and so on. But what we're seeing there, is that we're speaking basically with every single major CMS out there. That are saying we're working on a headless system, or we already have a headless version, or we just gone full headless, that means that we work decoupled. So we don't no longer need to build the site. But we just provide like an independent source of content. And then it plugs into a platform like Netlify. So that can bring a lot of simplicity. And now you just have to maintain your content, but you don't have to worry about all the different environments and what is up to date and how does some of the infrastructure look like you press a button that commits to get a default preview, and it looks the same everywhere. >> I'm curious, what impact the current global pandemic has had on Netlify, and your customers. I saw you've got a COVID tracking project that you've done. But also now just there's different considerations when I think about what services I need to access from the web and what kind of connectivity the ultimate end user would have. So, what learnings have you had? What's involved there? >> In, obviously we, it depends a lot on, as Chris mentioned, right? The game circus is adopted horizontally across all kinds of areas and businesses and so on, right? So, we've of course seen businesses in sectors that are having a hard time and on the other hand, we've seen businesses and sectors that are exploding, right? We did immediately when the lockdown started happening and the pandemic started happening we set aside like a free plan for projects working in the space of tackling the information sharing around COVID and finding solutions and so on. And that was really interesting to see you mention the COVID tracking project, right? Which was a project like built a short time by small group of distributed incredibly talented front end developers and scientists and so on, right? And I think it was interesting to see that, how the Jamstack and our tooling and so on also really made it possible for them to build as a small distributed team the set of data information and tooling to a global audience, right? Seeing huge traffic peaks at time and just knowing that their architecture and our infrastructure could handle it for them. >> All right. Chris, I've got one, a little bit off to the side here. When I look at what Netlify is doing, you talk about having an open and independent web. And while we are fully supportive of that, we're a little concerned sometimes. If you look at what's happening across the globe, there's a lot of discussions. Will the internet actually fragment? Will certain countries wall off certain environments? Any concerns there? What do you look at? What are you hearing from your customers when you talk about that mission? >> It's one of the big challenges of all time, right? I think we all maybe took for given the Internet as the standard it became right? The way that you can publish without permission is pretty magnificent, right? And it would be indescribably painful for civilization if we lost that, right? And I think fragmentation is something that we all have to sort of worry around. From the way we see it, is that the web, the traditional monolithic approach, right? To which led to as a web that wasn't secure enough and wasn't scalable enough and wasn't performing enough and that's, for example, what opened the door for mobile applications, right? Where it just didn't make sense to pull in the UI every time you turn the page. So we ended up with a form that's it. We prebuilt the application, you download it, and then you speak to service for anything then atmosphere come up with it, right. And that makes perfect sense. That's basically the same architecture that we're bringing to the web a very large scale. Of course, the problem is that now there are gatekeepers there, right? There people, you have to ask for permission to publish and so on. And, and there are other attempts to say, "Hey, we need a performing web." And there's a very big players out there that say, "Let's come over and just..." Do we even need to call it the Internet? Can we just call it our company website? I'm not going to name any names here, right? But leading down, it's what we've called walled gardens, that are great for absolutely no one except for the company. And what we believe is that if you have a web that is secure and is scalable, and it's performant enough to justify at least the architecture maintaining and not having to run into any walled gardens and still say no, you don't need to use a handful of commercial platforms if you want to be heard rather than have your own web properties on your own custom domains, right? I think that's the part of the open independent viable web that we're fighting for. Basically, one that adopts and keeps adopting an architecture that is something that levels the playing field. And then they would also say, why Netlify? I mean, a few years before we started, like, try configuring your own CDN. And like that was reserved for the very, very large tech players. Now you can comment, you can literally click a button on Netlify, you get custom domain and ACS post process site that's globally distributed, automatically integrated into get. And that's on the premium plan. And so as a startup, you can level set together with everyone else and be available widely across the globe without performance issues, immediately. And so in that way, I'm also seeing that's a democrat sensation of performance, right? That means that, that's great. And for places where you see developing economies, where you often have brownouts, where you often can't depend on having viable services and is locally and so on, this idea of having he cover that and having something that's just automatically, you know what, don't even worry about it, because it's already ready to go in all these packets all around the world. That's a huge game changer. That's actually what we see a lot of adoption of the gems they can never find in those places as well. Guess that's just such a promise to the architecture. So, I hear what you're saying and I'm also very concerned about a fragmented web for political reasons as well across the globe. And from our angle, the way we fight for this is to make sure that it retains using an architecture that makes it accessible for me. >> Yeah, I heard many years ago, a friend of mine said, if you're a technologist it means that in general you are a technology optimist, which I definitely try to be. So, I love Chris how you've just brought in some of the potential opportunity Matt, I want to give you just... People out there they hear like oh, 5G is coming, it's going to completely change the world. Anything that you're seeing on your side as to real opportunities that we will see, just a step function in what your company is using. Jamstack, partnering with Netlify in your ecosystem. What are some of the early things that you see that are exciting you down the line for this? >> Part of it is simply like the whole ecosystem around the gem stalk growing up and the tooling, the APIs, the frameworks available around it, and the level of innovation that's triggered. And especially how it's triggering in... Especially how we're seeing like the potential for small, distributed teams to work together and build things with a global impact in a short time. And I remember a couple of years ago, we did a hackathon with together with freeCodeCamp. And of course, like since it was with freeCodeCamp, it was mostly like teams were mostly fairly new to programming and so on, right? It was pretty amazing to see what over a weekend with this architecture and with this tooling, with the vendors that were present there and helping out and so on, what the small teams could actually get done in a weekend, right? Like I remember the winning team had an app where the whole room would see an image on the main stage screen and then on their phone, try to place that image on the map and you would real time see how people ranked, how close they got and get a winner and so on, right? And that was all just from combining APIs and tooling, like history, like Netlify, like Honor Bee, like Google Maps, and so on, right? And I think, in some way we shouldn't forget just how much this kind of ecosystem of readily available APIs and services around this front end stake. It's allowing people to build things that years ago would have taken a very big team probably like a year to build, and suddenly you can have a relatively small group of relatively new programmers built something really impressive, right? So I think that's a trend we'll see continue accelerating And me and Chris are personally involved in advising and helping out a lot of these new startups in the space that are trying to bring new tooling to the world that makes more and more of these things possible and accessible. >> Well, Chris and Matt, I really appreciate you both joining such an exciting space. Talk about the cloud, agility and innovation, such a robust ecosystem. Thank you so much for joining. >> Thanks for having us. >> Thanks for having us. >> And I'm Stu Miniman. Thank you for joining and look forward to hearing more about your CUBE insight. (soft music)

from around the globe it's the cube with digital coverage of Red Hat summit 2020 brought to you by Red Hat last year in 2019 IBM made the biggest M&A move of the year with a 34 billion dollar acquisition of red hat it positioned IBM for the next decade after what was a very tumultuous tenure by CEO Ginni Rometty who had to shrink in order to grow unfortunately she didn't have enough time to do the grille part that has now gone toward Arvind Krishna the new CEO of IBM this is Dave Volante and I'm here with Stu minimun and this is our Red Hat keynote analysis is our 7th year doing the Red Hat summit and we're very excited to be here this is our first year doing Stu the Red Hat summit post IVM acquisition we've also got IBM think next week so what we want to do for you today is review what's going on at the Red Hat summits do you've been wall-to-wall with the interviews we're gonna break down the announcements IBM had just announced its quarter so we get some glimpse as to what's happening in the business and then we're gonna talk about going forward what the prognosis is for both IBM and Red Hat well and Dave of course our audience understands there's a reason why we're sitting farther apart than normal in our studio and you know why we're not in San Francisco where the show is supposed to be this year last year it's in Boston Red Hat summit goes coast-to-coast every year it's our seventh year doing the show first year doing it all digital of course our community is always online but you know real focus you know we're gonna talk about Dave you know you listen to the keynote speeches it's not the as we sit in our preview it's not the hoopla we had a preview with pork or mayor ahead of the event where they're not making big announcements most of the product pieces we're all out front it's open source anyway we know when it's coming for the most part some big partnership news of course strong customer momentum but a different tenor and the customers that Red Hat's lined up for me their interview all talking you know essential services like medical your your energy services your communication services so you know real focus I think Dave both IBM and right making sure that they are setting the appropriate tone in these challenging times yeah I mean everybody who we talked to says look at the employees and safety comes first once we get them working from home and we know that they're safe and healthy we want to get productive and so you've seen as we've reported that that shift to the work from home infrastructure and investments in that and so now it's all about how do we get closer to clients how do we stay close to clients and be there for them and I actually have you know business going forward you know the good news for IBM is it's got strong cash flow it's got a strong balance sheet despite you know the acquisition I mean it's just you know raise some more you know low low cost debt which you know gives them some dry powder going forward so I think IBM is gonna be fine it's just there's a lot of uncertainty but let's go back to your takeaways from the Red Hat Summit you've done you know dozens of interviews you got a good take on the company what are you top three takeaways - yeah so first of all Dave you know the focus everybody has is you know what does Red Hat do for the cloud story for IBM OpenShift especially is absolutely a highlight over 2,000 customers now from some really large ones you know last year I interviewed you know Delta you've got you know forward and Verizon up on stage for the keynote strong partnership with Microsoft talking about what they're doing so OpenShift has really strong momentum if you talk about you know where is the leadership in this whole kubernetes space Red Hat absolutely needs to be in that discussion not only are they you know other than Google the top contributor really there but from a customer standpoint the experience what they've built there but what I really liked from Red Hat standpoint is it's not just an infrastructure discussion it's not OPM's and containers and there's things we want to talk about about VMs and containers and even server lists from Red Hat standpoint but Red Hat at its core what it is it they started out as an operating system company rel Red Hat Enterprise Linux what's the tie between the OS and the application oh my god they've got decades of experience how do you build applications everything from how they're modernizing Java with a project called Korkis through how their really helping customers through this digital transformation I hear a similar message from Red Hat and their customers that I hear from Satya Nadella at Microsoft is we're building lots of applications we need to modernize what they're doing in Red Hat well positioned across the stack to not only be the platform for it but to help all of the pieces to help me modernize my applications build new ones modernize some of the existing ones so OpenShift a big piece of it you know automation has been a critical thing for a while we did the cube last year at ansible fest for the first time from Red Hat took that acquisition has helped accelerate that community in growth and they're really Dave pulling all the pieces together so it's what you hear from Stephanie shirasu ironically enough came over from IBM to run that business inside a Red Hat well you know now she's running it inside Red Hat and there's places that this product proliferate into the IBM portfolio next week when we get where it I didn't think I'm sure we'll hear a lot about IBM cloud packs and look at what's underneath IBM cloud packs there's open shift there's rel all those pieces so you know I know one of the things we want to talk about Davis you know what does that dynamic of Red Hat and IBM mean so you know open shift automation the full integration both of the Red Hat portfolio and how it ties in with IBM would be my top three well red hat is now IBM I mean it's a clearly part of the company it's there's a company strategy going forward the CEO Arvind Krishna is the architect of the Red Hat acquisition and so you know that it's all in on Red Hat Dave I mean just the nuance there of course is the the thing you hear over and over from the Red Hatters is Red Hat remains Red Hat that cultural shift is something I'd love to discuss because you know Jim Whitehurst now he's no longer a Red Hat employee he's an IBM employee so you've got Red Hat employees IBM employees they are keeping that you know separation wall but obviously there's flowing in technology and come on so come on in tech you look at it's not even close to what VMware is VMware is a separate public company has separate reporting Red Hat doesn't I mean yes I hear you yo you got the Red Hat culture and that's good but it's a far cry from you know a separate entity with full transparency the financials and and so I I hear you but I'm not fully buying it but let's let's get into it let's take a look at at the quarter because that I think will give us an indication as to how much we actually can understand about RedHat and and again my belief is it's really about IBM and RedHat together I think that is their opportunity so Alex if you wouldn't mind pulling up the first slide these are highlights from IBM's q1 and you know we won't spend much time on the the the IBM side of the business although we wanted to bring some of that in but hit the key here as you see red hat at 20% revenue growth so still solid revenue growth you know maybe a little less robust than it was you know sequentially last quarter but still very very strong and that really is IBM's opportunity here 2,200 clients using red hat and an IBM container platforms the key here is when Ginni Rometty announced this acquisition along with Arvind Krishna and Jim Whitehurst she said this is going to be this is going to be cash flow free cash flow accretive in year one they've already achieved that they said it's gonna be EPS accretive by year two they are well on their way to achieving that why we talked about this do it's because iBM has a huge services organization that it can plug open shift right into and begin to modernize applications that are out there I think they cited on the call that they had a hundred ongoing projects and that is driving immediate revenue and allows IBM to from a financial standpoint to get an immediate return so the numbers are pretty solid yeah absolutely Dave and you know talking about that there is a little bit of the blurring a line between the companies one of the product pieces that came out at the show is IBM has had for a couple of years think you know MCM multi cloud management there was announced that there were actually some of the personnel and some of the products from IBM has cut have come into Retta of course Red Hat doing what they always do they're making it open source and they're it's advanced cluster management really from my viewpoint this is an answer to what we've seen in the kubernetes community for the last year there is not one kubernetes distribution to rule them all I'm going to use what my platforms have and therefore how do I manage across my various cloud environments so Red Hat for years is OpenShift lives everywhere it sits on top of VMware virtualization environments it's on top of AWS Azure in Google or it just lives in your Linux farms but ACM now is how do I manage my kubernetes environment of course you know super optimized to work with OpenShift and the roadmap as to how it can manage with Azure kubernetes and some of the other environments so you know you now have some former IBM RS that are there and as you said Dave some good acceleration in the growth from the Red Hat numbers we'd seen like right around the time that the acquisition happened Red Hat had a little bit of a down quarter so you know absolutely the services and the the scale that IBM can bring should help to bring new logos of course right now Dave with the current global situation it's a little bit tough to go and be going after new business yeah and we'll talk about that a little bit but but I want to come back to sort of when I was pressing you before on the trip the true independence of Red Hat by the way I don't think that's necessarily a wrong thing I'll give an example look at Dell right now why is Dell relevant and cloud well okay but if Dell goes to market says we're relevant in cloud because of VMware well then why am I talking to you why don't I talk to VMware and so so my point is that that in some regards you know having that integration is there is a real advantage no you know you were that you know EMC and the time when they were sort of flip-flopping back and forth between integrated and not and separate and not it's obviously worked out for them but it's not necessarily clear-cut and I would say in the case of IBM I think it's the right move why is that every Krista talked about three enduring platforms that IBM has developed one is mainframe that's you know gonna here to stay the second was middleware and the third is services and he's saying that hybrid cloud is now the fourth and during platform that they want to build well how do they gonna build that what are they gonna build that on they're gonna build that an open shift they they're there other challenges to kind of retool their entire middleware portfolio around OpenShift not unlike what Oracle did with with Fusion when it when it bought Sun part of the reason - pod Sun was for Java so these are these are key levers not necessarily in and of themselves you know huge revenue drivers but they lead to awesome revenue opportunities so that's why I actually think it's the right move that what IBM is doing keep the Red Hat to the brand and culture but integrate as fast as possible to get cash flow or creative we've achieved that and get EPS accretive that to me makes a lot of sense yeah Dave I've heard you talk often you know if you're not a leader in a position or you know here John Chambers from Cisco when he was running it you know if I'm not number one or number two why am I in it how many places did IBM have a leadership position Red Hat's a really interesting company because they have a leadership position in Linux obviously they have a leadership position now in kubernetes Red Hat culturally of course isn't one to jump up and down and talk about you know how they're number one in all of these spaces because it's about open source it's about community and you know that does require a little bit of a cultural shift as IBM works with them but interesting times and yeah Red Hat is quietly an important piece of the ecosystem let me let me bring in some meteor data Alex if you pull up that that's that second slide well and I've shown this before in braking analysis and what this slide shows in the vertical axis shows net score net score is a measure of spending momentum spending velocity the the horizontal axis is is is called market share it's really not market share it's it's really a measure of pervasiveness the the mentions in the data set we're talking about 899 responses here out of over 1200 in the April survey and this is a multi cloud landscape so what I did here Stu I pulled on containers container platforms of container management and cloud and we positioned the companies on this sort of XY axis and you can see here you obviously have in the upper right you've got Azure in AWS why do I include AWS and the multi cloud landscape you answered that question before but yesterday because Dave even though Amazon might not allow you to even use the word multi cloud you can't have a discussion of multi cloud without having Amazon in that discussion and they've shifted on hybrid expect them to adjust their position on multi-cloud in the future yeah now coming back to this this this data you see kubernetes is on the kubernetes I know is another company but ETR actually tracks kubernetes you can see how hot it is in terms of its net score and spending momentum yeah I mean Dave do you know the thing the the obvious thing to look at there is if you see how strong kubernetes is if IBM plus red hat can keep that leadership in kubernetes they should do much better in that space than they would have on with just their products alone and that's really the lead of this chart that really cuts to the chase do is you see you see red Red Hat openshift has really strong spending momentum although I will say if you back up back up to say April July October 18 19 it actually was a little higher so it's been pushed down remember this is the April survey that what's ran from mid-march to mid April so we're talking right in the middle of the pandemic okay so everybody's down but nonetheless you can see the opportunity is for IBM and Red Hat to kind of meet in the middle leverage IBM's massive install base in its in its services presence in its market presence its pervasiveness so AKA market share in this rubric and then use Red Hat's momentum and kind of meet in the middle and that's the kind of point that we have here with IBM's opportunity and that really is why IBM is a leader in at least a favorite in my view in multi cloud well Dave if you'd look two years ago and you said what was the competitive landscape Red Hat was an early leader in the kubernetes you know multi-cloud discussion today if you ask everybody well who's doing great and kubernetes you have to talk about all the different options that amazon has Amazon still has their own container management with ACS of course IKS is doing strong and well and Amazon whatever they do they we know they're going to be competitive Microsoft's there but it's not all about competition in this space Dave because you know we see Red Hat partnering across these environments they do have a partnership with AWS they do have you know partnership with you know Microsoft up on stage there so where it was really interesting Dave you know one of the things I was coming into this show looking is what is Red Hat's answer to what VMware is really starting to do in this space so vSphere 7 rolled out and that is the ga of project Pacific so taking virtualization in containers and putting them together Red Hat of course has had virtualization for a long time with KVM they have a different answer of how they're doing openshift virtualization and it rather than saying here's my virtual environment and i can also do kubernetes on it they're saying containers are the future and where you want to go and we can bring your VMs into containers really shift them the way you have really kind of a lift and shift but then modernize them Dave customers are good you know you want to meet customers where they are you want to help them move forward virtualization in general has been a you don't want to touch your applications you want to just you know let it ride forever but the real the real driver for companies today is I've got to build new apps I need to modernize on my environment and you know Red Hat is positioning and you know I like what I'm hearing from them I like what I'm hearing from my dad's customers on how they're helping take both the physical the virtual the containers in the cloud and bring them all into this modern era yeah and and you know IBM made an early bet on on kubernetes and obviously around Red Hat you could see actually on that earlier slide we showed you IBM we didn't really talk about it they said they had 23% growth in cloud which is that they're a twenty two billion dollar business for IBM you're smiling yeah look good for IBM they're gonna redefine cloud you know let AWS you know kick and scream they're gonna say hey here's how we define cloud we include our own pram we include Cano portions of our consulting business I mean I honestly have no idea what's in the 22 billion and how if they're growing 22 billion at 23% wow that's pretty awesome I'm not sure I think they're kind of mixing apples and oranges there but it makes for a good slide yeah you would say wait shouldn't that be four billion you added he only added two or three billion you know numbers can tell a story but you can also manipulate but the point is the point is I've always said this near term the to get you know return on this deal it's about plugging OpenShift into services and modernizing applications long term it's about maintaining IBM and red-hats relevance in the hybrid cloud world which is I don't know how big it is it's a probably a trillion-dollar opportunity that really is critical from a strategy standpoint do I want to ask you about the announcements what about any announcements that you saw coming from Red Hat are relevant what do we need to know there yeah so you know one of the bigger ones we already talked about that you know multi cloud manager what Red Hat has the advanced cluster management or ACM absolutely is an era an area we should look VMware Tong's ooh Azure Ark Google anthos and now ACM from Red Hat in partnership with IBM is an area still really early Dave I talked to some of the executives in the space and say you know are we going to learn from the mistakes of multi vendor management Dave you know you think about the CA and BMC you know exactly of the past will we have learned for those is this the right way to do it it is early but Red Hat obviously has a position here and they're doing it um did hear plenty about how Red Hat is plugging into all the IBM environments Dave Z power you know the cloud solutions and of course you know IBM solutions across the board my point of getting a little blue wash but hey it's got to happen I think that's a smart move right you know we talked about you know really modernizing the applications in the environments I talked a bit about the virtualization piece the other one if you say okay how do I pull the virtualization forward what about the future so openshift serverless is the other one it's really a tech preview at this point it's built off of the K native project which is part of the CNC F which is basically how do I still have you know containers and kubernetes underneath can that plug into server list order server let's get it rid of it everything so IBM Oracle Red Hat and others really been pushing hard on this Kay native solution it is matured a lot there's an ecosystem growing as how it can connect to Asher how it can connect to AWS so definitely something from that appdev piece to watch and Dave that's where I had some really good discussions with customers as well as the the Red Hat execs and their partners that boundary between the infrastructure team and the app dev team they're hoping to pull them together and some of the tooling actually helps ansible is a great example of that in the past but you know others in the portfolio and lastly if you want to talk a huge opportunity for Red Hat IBM and it's a jump ball for everyone is edge computing so Red Hat I've talked to them for years about what they were doing in the opened stack community with network function virtualization or NFV Verizon was up on stage I've got an interview for Red Hat summit with Vodafone idea which has 300 million subscribers in India and you know the Red Hat portfolio really helping a lot of the customers there so it's the telco edge is where we see a strong push there it's definitely something we've been watching from the you know the big cloud players and those partnerships Dave so you know last year Satya Nadella was up on the main stage with Red Hat this year Scott Guthrie you know there he's at every Microsoft show and he's not the red head show so it is still ironic for those of us that have watched this industry and you say okay where are some of the important partnerships for Red Hat its Microsoft I mean you know we all remember when you know open-source was the you know evil enemy for from Microsoft and of course Satya Nadella has changed things a lot it's interesting to watch I'm sure we'll talk more at think Dave you know Arvind Krishna the culture he will bring in with the support of Jim Whitehurst comes over from IBM compared to what Satya has successfully done at Microsoft well let's talk about that let's let's talk about let's bring it home with the sort of near-term midterm and really I want to talk about the long term strategic aspects of IBM and Red Hat's future so near-term IBM is suspended guidance like everybody okay they don't have great visibility some some some things to watch by the way a lot of people are saying no just you know kind of draw draw a red line through this quarter you just generally ignore it I disagree look at cash flow look balance sheets look at what companies are doing and how they're positioning that's very important right now and will give us some clues and so there's a couple of things that we're watching with IBM one is their software business crashed in March and software deals usually come in big deals come in at the end of the quarter people were too distracted they they stopped spending so that's a concern Jim Cavanaugh on the call talked about how they're really paying attention to those services contracts to see how they're going are they continuing what's the average price of those so that's something that you got to watch you know near-term okay fine again as I said I think IBM will get through this what really I want to talk about to do is the the prospects going forward I'm really excited about the choice that IBM made the board putting Arvind Krishna in charge and the move that he made in terms of promoting you know Jim Whitehurst to IBM so let's talk about that for a minute Arvind is a technical visionary and it's it's high time that I VM got back to it being a technology company first because that's what IBM is and and I mean Lou Gerstner you know arguably save the company they pivoted to services Sam Palmisano continue that when Ginny came in you know she had a services heritage she did the PWC deal and IBM really became a services company first in my view Arvind is saying explicitly we want to lead with technology and I think that's the right move of course iBM is going to deliver outcomes that's what high-beams heritage has been for the last 20 years but they are a technology company and having a technology visionary at the lead is very important why because IBM essentially is the leader prior to Red Hat and one thing mainframes IBM used to lead in database that used to lead in storage they used to lead in the semiconductors on and on and on servers now they lead in mainframes and and now switch to look at Red Hat Red Hat's a leader you know they got the best product out there so I want you to talk about how you see that shift to more of a sort of technical and and product focus preserving obviously but your thoughts on the move the culture you're putting Jim as the president I love it I think it was actually absolutely brilliant yeah did Dave absolutely I know we were excited because we you know personally we know both of those leaders they are strong leaders they are strong technically Dave when I think about all the companies we look at I challenge anybody to find a more consistent and reliable pair of companies than IBM and Red Hat you know for years it was you know red hat being an open-source company and you know the way their business model said it it's not the you know Evan flow of product releases we know what the product is going to be the roadmaps are all online and they're gonna consistently grow what we've seen Red Hat go from kind of traditional software models to the subscription model and there are some of the product things we didn't get into too much as to things that they have built into you know Red Hat Enterprise Linux and expanding really their cloud and SAS offerings to enhance those environments and that that's where IBM is pushing to so you know there's been some retooling for the modern era they are well positioned to help customers through that you know digital transformation and as you said Dave you and I we both read the open organization by Jim lighters you know he came in to Red Hat you know really gave some strong leadership the culture is strong they they have maintained you know really strong morale and I talked to people inside you know was their concern inside when IBM was making the acquisition of course there was we've all seen some acquisitions that have gone great when IBM has blue washed them they're trying to make really strong that Red Hat stays Red Hat to your point you know Dave we've already seen some IBM people go in and some of the leadership now is on the IBM side so you know can they improve the product include though improve those customer outcomes and can Red Hat's culture actually help move IBM forward you know company with over a hundred years and over 200,000 employees you'd normally look and say can a 12,000 person company change that well with a new CEO with his wing and you know being whitehurst driving that there's a possibility so it's an interesting one to watch you know absolutely current situations are challenging you know red hats growth is really about adding new logos and that will be challenged in the short term yeah Dave I I love you shouldn't let people off the hook for q2 maybe they need to go like our kids this semester is a pass/fail rather than a grid then and then a letter grade yeah yeah and I guess my point is that there's information and you got to squint through it and I think that look at to me you know this is like Arvin's timing couldn't be better not that he orchestrated it but I mean you know when Ginny took over I mean was over a hundred million a hundred billion I said many times that I beams got a shrink to grow she just ran out of time for the Gro part that's now on Arvind and I think that so he's got the cove in mulligan first of all you know the stocks been been pressured down so you know his tenure he's got a great opportunity to do with IBM in a way what such an adela did is doing at Microsoft you think about it they're both deep technologists you know Arvind hardcore you know computer scientist Indian Institute of Technology Indian Institute of Technology different school than Satya went to but still steeped in in a technical understanding a technical visionary who can really Drive you know product greatness you know in a I would with with Watson we've talked a lot about hybrid cloud quantum is something that IBM is really investing heavily in and that's a super exciting area things like blockchain some of these new areas that I think IBM can lead and it's all running on the cloud you know look IBM generally has been pretty good with acquisitions they yes they fumbled a few but I've always made the point they are in the cloud game IBM and Oracle yeah they're behind from a you know market share standpoint but they're in the game and they have their software estate in their pass a state to insulate them from the race to the bottom so I really like their prospects and I like the the organizational structure that they put in place in it by the way it's not just Arvind Jim you mentioned Paul Cormier you know Rob Thomas has been been elevated to senior VP really important in the data analytic space so a lot of good things going on there yeah and Dave one of the questions you've been asking and we've been all talking to leaders in the industry you know what changes permanently after the this current situation you know automation you know more adoption of cloud the importance of developers are there's even more of a spotlight on those environments and Red Hat has strong positioning in that space a lot of experience that they help their customers and being open source you know very transparent there I both IBM and Red Hat are doing a lot to try to help the community they've got contests going online to you know help get you know open source and hackers and people working on things and you know strong leadership to help lead through these stormy weathers so Stuart's gonna be really interesting decade and the cube will be here to cover it hopefully hopefully events will come back until they do will be socially responsible and and socially distant but Stu thanks for helping us break down the the red hat and sort of tipping our toe into IBM more coverage and IBM think and next week this is Dave alotta for Stu minimun you're watching the cube and our continuous coverage of the Red Hat summit keep it right there be back after this short break you [Music]

>> Narrator: Live, from New Orleans, Louisiana, it's theCube, covering .NEXT conference 2018. Brought to you by Nutanix. >> It's not the critic who counts. Not the man who points out how the strong man stumbles. Or where the doer of deeds, could have done them better. The credit belongs to the man who is actually in the arena. Whose face is marked by dust, and sweat and blood. Who strives valiantly, who errors, who comes short again and again, because there is no effort without error in shortcoming. But who does actually strive to do the deeds? Who knows great enthusiasms, the great devotions, who spends himself in a worthy cause. Who, at the best, knows in the end of the triumph of high achievement, and who at the worst, if he fails, at least fails while daring greatly. So that his place shall never be with those cold and timid souls who neither know victory nor defeat. Those words by Theodore Roosevelt were in this morning's keynote by Dr. Brene Brown. Welcome to theCube's coverage of Nutanix.NEXT 2018. I'm Stu Miniman, with Keith Townsend here to break down, give our critiques as well as understand that Nutanix, while they are a public company, been striving and succeeding greatly. 5500 people here at this conference, very enthusiastic, great party last night, so Keith, we talked about it, our show opened yesterday, been your first show, got to talk to a bunch of customers, talked to a bunch of partners. Give us impressions and overall experience. >> So you know, you can't go to a show like this and not get hero numbers. 70,000 people in the Nutanix community program. 61,000 certified individuals. Customers making statements such as, Nutanix, humble company, Nutanix, not feeling entitled to the sale. Needing to work for the dollar. Customers extremely excited about the announcements, the direction of the company for key core areas I saw from a technology perspective, in which they made some really aggressive announcements and bets. So you know what, this has been a very high energy conference. >> Yeah, absolutely, talk about, from a financial standpoint, they're doin' well. Wall Street's been rewarding them greatly for the move to move to software only. Company's over nine billion dollars in market cap. Amazing. Had to go for a thousand customers a quarter. Very good for the space that they're playing in. Things like their file system, AFS, their fastest growing products. Building on that base infrastructure, but then yes, as you said, bold direction, they've got the kind of three axises that they're trying to build on. Build out HyperVage's support, build out cloud support. They're going to talk about how we think, where Nutanix fits in this cloud world. Building out their software portfolio. Where do they have IP, where are they growing? They've done four acquisitions so far in the software space. Some of those are starting to show through. We did interviews with the former CEO of Minjar and it NetSill, and- >> Bot Metric. >> Yeah, yeah that's the Netsill Bot Metric piece there. So products that are now, some of them are shipping. And as well as getting some vision. They had their first SAS product in Beam. Really interesting, something that really was targeted at AWS and Azure. Not the data center, but they're trying to make that hybrid-hybrid message as well as giving some of the vision. Nutanix Era is a big directional piece. Project Sherlock. Of course the big brains here working on that. Really interested in Edge and IOT. So a lot of pieces there, what's your take? >> You know what? I think I'm a bit overwhelmed actually. Which is a great thing, you look at COM was over the past couple of months, their Com platform was evened out by adding micro-segmentation. Which, against their biggest competitor VMware was a essential piece. They've been unabashful with going after it. You know what, AHV can now compete head-to-head with VMware just as long as you don't need memory over commit, and metro clustering that AHV, the term that they use in "game on." So Nutanix is, you know we talked to Duraj, a couple of years on theCube, asked him, you know what, is Nutanix a platform company? He say, you know what, no, (mumbles) too humble to accept that mantle of being a platform company, there's a lot of work to do. You look out onto the show floor, 80 partners and sponsors, who are all offering solutions tied to AHV. Which we talked about a little bit. A lot of adoption, but it doesn't seem like there's much VMware. Market penetration and stealing customers from VMware as much as HyperV. There're a lot of customers we talked to we said, you know we tried HyperV on Nutanix, not so much so we went to AHV. >> Quick point, and I felt a few years ago, the conversation wasn't about HyperV when you talked about Microsoft. It wasn't the, for years it was, when will it catch up to what VMware's doing? VMware's still dominant in the space, customers here, and lots of 'em are usin' Vmware. Yes, there's that tension between Vmware and Nutanix, but Nutanix, do they poke and prod a little bit at some things? Yes, but at the show, very much focusing on what they're doing, and focusing on their customers, not sending pot shots or anything like that. But when it comes to Microsoft, you're right Keith, there were a number of customers I talked to that were like, well in a Microsoft shop, and we know what applications used to live on VMware. Number one thing was always Microsoft. Many of them, I tried HyperV, didn't really like the experience. And therefore it was a smooth path to go over to AHV. Lot's of customers that are doing both VMware and AHV and sorting that out. And it's like oh, well over time, if Nutanix becomes 80, 90, even some of them gettin' towards 100% of heir deployment, AHV becomes a bigger piece of the portfolio. >> And you know, we thought that this whole multi-HyperVisor argument was over. Like, you know what, just go to one HyperVisor. A lot of Nutanix customers are showing that multi-HyperVisor is a legit way to go that we haven't ran with anyone who said, No, we're having management pains, running AHV side-by-side with VM or Vspare. >> I would like to see from Nutanix, more partnerships with Microsoft though. You talk Azure, absolutely huge growth, number two out there. Yes, they support it, but you know, of course they have much more showing at the Amazon show. They've got a strong partnership with Google. Got to highlight that with the Brian Stevens interview. And know that later this year, as Zai really starts to roll out, that we will see much more of that. But Azure, not only in the public cloud piece, but Azure's stack is starting to grow. I've been talking to Lenovo, HP, Adele, Cisco, all of them have pent-up demands, service writers that are starting to roll at Azure's stack. And while Azure's stack really is kind of a closed ecosystem there, I think there is opportunity for Nutanix to play in there, I expect them to hear from the customers who'd love them to do more with Microsoft. We heard from customers that they'd actually love to hear Nutanix do more with Redhat, and in general be a deletega system, yes, show floor, it's growing, it's vibrant but absolutely, it's always, what more? >> OF course, we always, and I think we get our friends at Nutanix always pokes us about staying positive. But it is a positive, they're a software company now. And as a software company, you have to integrate with other software company services. The Azure stack thing, while it's mainly a hardware play for companies like Dale, Lenovo, Fujitsu, there has to be software integration. The folks with the Google and Nutanix partnership, did a really great job of doing push-button, at least showin' us on stage, push-button deployments of VM's, from Zai to Nutanix instances in the cloud. This is Nutanix in the cloud. That won't probably play with Azure and Azure Stack. So Nutanix really needs to figure out a way to get into that relationship with Microsoft. >> Yeah, true simplicity takes genius, is a quote that I had out of this show in the early years. And Nutanix will make a bold claim. Oh, database migration, we're going to make that really easy. Well, show me (laughs) Anybody that's worked with databases- >> That's like sayin' DR is easy. Yeah, gettin' the stores from one point to another one is easy. Processes, not so much. >> Some of that Project Sherlock, oh yeah all that tensor flow, cumbrineties, functions of the service, we're going to make it push-button easy so that we'll make that invisible. How much is a distraction, what's in the weeds? You know, the networking, there's so many pieces in there that love the vision. Of course customers want it simplified, but we want to talk to the customers, and understand what works, what still needs to be tweaked, where do they have to build out some services, partnerships, even more than they've done today to go further, what have you been seeing and hearing? >> So, Nutanix, the enterprise cloud company. I've poked at the whole cloud marketing term. Matter of fact, on Twitter, one of the, I'll read this. Cloud really, no AI, no databases or severs. No server-less, does that even, doesn't even have a presence at Cubrineties events. Fake cloud story for IT, ah! So you know what, let's pick that apart a little bit. DV as a service, they announced basically yesterday, that's there. AI, Satium Gatupum said a really nice story with Sherlock there, absolutely looking at it. Cubrineties integration, ACS, 2.0 will come out the gate as a Cubrineties manage distribution. They announced Zai integration with Cubrineties and push-button. Now you may pick on the cloud part. Nutanix still very much talks to the infrastructure group. Their customers are the infrastructure group, and you can't talk cloud without having a relationship with application developers. So I think the next step as Nutanix matures, these offerings on, their cloud offerings, is that they have to start to have a deeper relationship. They have to go side-by-side with their IT sponsors and organizations to start to have conversations with application developers. >> Yeah, and I love the online, the cloud-eraderie if you will, out there. Well, we understand, this is the architecture of the future. Where it should go, I love hangin' out with the cloud native crew. But for me, it goes back to talking to their customers. And when the customers, if they're like here's what we've done, here's the proof as to how I get faster time to market, how I'm accelerating my development teams insight. I'm creating, one of the interviews we did, IT as business, is how we run things. These are real digital transformation stories. Impressive stuff, and it's cloud. And it's not virtualization with a little layer on top. It's real change inside customers, and Nutanix, I'll say, as a platform to help us get from where I've been, to where I'm going. >> Yeah, absolutely. Obviously, Nutanix customers are not listening to the cloud-eraderie. They absolutely love the platform. You know Stu, I don't think I've run into a negative customer at the show. I haven't run into a customer that says, you know what, Nutanix isn't meeting my need in X or Y area. Home Depot won the innovation award at the show. Then Home Depot is a forward thinking customer, truly embracing parts of the platform. I'm sure there's some cloud native pieces. >> They're a big Google cloud platform customer. One of Pivotal's big one on GCP. So absolutely, and we have, I've talked to a number of customers big on Amazon, developer shops, absolutely public cloud to piece of it. Yeah, if the criticism I should have, I always look and say, if I said public cloud and private cloud, where's your center of gravity? Of course Nutanix is going to go, leaning a little bit more towards the data centers, hosted service providers. That's where they live today. But they're not blind to it, they're embracing it. They have a full SAS product, they're going to be expanding that. They are software at their core, distributed architectures where they're going. >> You know Stu, one of our favorite comments is that, company X likes to move, moves at the pace of the CIO. I think it's safe to say, Nutanix is a little bit faster than the CIO. And they're enabling the old stuff. You know what, let's make that push-button easy, and as we're looking, have a eye to the future, looking at the new stuff, let's see how we can get there, push-button easy. There's a lot of work to do. But I think they're making some really interesting and probably the right moves for their customer base. >> Aright well, Keith, first of all, I want to thank you for all of your help here this week. The CTO advisor, always great to dig in with customers. Really get in, it's been exciting to watch you kind of get to know a little bit more about this. I've had the pleasure of tracking Nutanix in the really early days, been at every one of these shows. It is a great community, kudos to Nutanix. Thank you for sponsoring us, and if not familiar, if you look at the bottom of the videos we're playin' right now, we mention who sponsors, we're tryin' to be transparent. Keith and I though, we're out here in the field. If you have questions for us, or you know, want us to ask something, or question what we're doing, hit us up, we're really easy to reach on Twitter. Always happy for feedback from the community. And as always, check out thecube.net for all the upcoming shows, everywhere we're going. For Keith Townsend, I'm Stu Miniman, thank you so much for watchin' theCube's presentation from Nutanix.NEXT 2018 in New Orleans, and see you at lots more shows. (futuristic music)

(upbeat music) >> Announcer: Live from New Orleans, Louisiana, it's theCUBE. Covering .NExT's conference 2018 brought to you by Nutanix. >> Welcome back to theCUBE, I'm Stu Miniman with my cohost Keith Townsend, and this is Nutanix .NEXT conference in New Orleans. Happy to welcome to the program, first time guest, Vijay Luthra, who's the Senior Vice President, global head of technology infrastructure services at Northern Trust. Vijay, great note on the keynote this morning. A lot of cool technologies that you're digging into, thanks for joining us. >> Well, thanks for having me. >> All right, so luckily it's easy, Northern Trust, understand finance, but tell us a little bit about you know, your organization and kind of give us a high level, what are some of the biggest challenges that you're facing? >> Yep, yep, absolutely. So again, Northern Trust, a global financial services firm, primarily in the asset servicing, asset management, wealth management business. Again, 128 year history, built on some very sound principles around service, integrity, and expertise. Some of the challenges we're facing is around growth. The firm is growing. Revenues are growing at a very, very healthy pace, especially when you compare that to our peers and competitors. And the challenge, number one, is how do we scale the business while managing the overall operating expenses, right? So we want to create some leverage in the business and we want the growth to be healthy growth. So that's challenge number one, and we recently, our CEO recently launched a value for spend program where we grow let's make sure we're spending and we're getting the value for the spend. >> Yeah, Vijay, can you just sketch out for us, you talk about growth and scale. You know, how many locations, how many users, they're emanating that you have to like wrap into this stuff? >> Yeah absolutely, so Northern Trust, about 18,200 employees, I would say 50, 60 plus locations. I would say well distributed across the different regions between US, Asia PAC, and EMEA. Yeah, at high level those are kind of the how we're kind of geographically dispersed. >> Okay great, and cloud. What does that mean to your organization? How does that fit in your role and across the company? >> So cloud, we've been on the cloud journey for several years now. We had a very mature virtualization strategy, which transitioned well into our private cloud strategy. We have enough scale internally where we said if we built an efficient private cloud, which by the way, if you heard on the keynote, was built 100% on converged, hyperconverged technologies. We were actually in the forefront when we adopted these technologies back in 2013, 2014. The goal back then was how do we get efficiencies and scale from the private cloud by leveraging automation, you know converged stacks are highly reliable because, for example, the patching is a lot more well tested by the vendors. So on our journey to the cloud that was essentially the first phase, when we transitioned from virtualization to private clouds, and since then we've actually built more value added layers on top of that. Because the goal is not just to cater to traditional applications that leverage infrastructure as a service, but also to cater to some of the more contemporary cloud native applications that we're building or even some of the containerized workloads. So we've built on top of that with PaaS and KaaS and software-defined components like SDN, and we are closely measuring the outcomes and the benefits. >> So Vijay, let's talk a little bit about that initial investment and decision. Northern Trust, well known for being conservative amongst the most conservative of investment firms. I'm from Chicago so I have an affinity for Northern Trust in general. Back in 2013 there was not as simple to look back it's simple to look back now and say oh yeah, right choice. Easy decision. But 2013 OpenStack was, you know, all the rave, building clouds based on these open source and available technologies was kind of the way to go. What made you guys take a look at hyperconverged and say, you know what, we're going to buck the trend and we're going to go with hyperconverged. Not many of your peers made that choice. >> Yes, that's a great question. So at Northern Trust we are heavily focused on outcome-based investment decisions. So within technology infrastructure our mission is pretty straightforward, which is as we scale infrastructure, how do we continue to reduce total cost of ownership, improve time to market, improve client experience, which is a very essential part of our decision-making process, and while we're doing that, not to lose site of reliability, stability, security. So with that kind of as our guiding principles, as we make major investments we take them through these lenders, and Nutanix hit all of them. So it was fairly straightforward. And again, some of the benefits, as you probably heard on stage, were phenomenal. We were able to increase capacity without increasing staff. We were able to reduce some of our automation, sorry bill teams, significantly. Reliability, stability improved drastically. For example, our virtual desktop infrastructure, the number of incidents, client generated incidents, internal client generated incidents, went down by 80, 90%. So again, to answer your question, outcome driven, have key metrics and measures on what you expect the outcomes to be, and then partner with the right firms to make sure you get the outcomes. >> So as we look at the next phase, you know, infrastructure's a service, you guys seem to have that down, mature virtualization practice, you lay it on top of that infrastructures and service. Now we look into the next phase, KaaS, PaaS type solutions. What are some of the major decision points and what's guiding your decisions? >> So clearly on everybody, all head of infrastructures or any organizations' mind today is how do we build a hybrid cloud strategy that is safe, secure, does not lock you into a specific vendor. It's the right application, the right type of workload, and that's where we're focused on now. We've got a few applications. Nothing that's production client centric is in a public cloud from an IaaS perspective. But we think we've invested in the right components to allow us to now orchestrate safely and securely across multi clouds. So that's what we're focused on now. >> Can you talk a little bit more about containerization? What's the experience like been working with Nutanix for those type of solutions? >> Yeah, so we were early adapters of containers with partnering with Docker built on the Nutanix platform. We've been working with them since the last couple years, and more recently since they announced the Kubernetes integration, we are factoring that into the Docker environment. The goal with containerization is, again, back to kind of those guiding principles, right? Lower costs of ownership, improved time to market, reliability, stability, we see an opportunity to consolidate Linux Windows based workloads because of the efficiencies that containers bring, as well as extend devops like functionality to app teams that might not be looking to refactor in a cloud native PaaS like format. They could take advantage of containers to get a devops like experience. We're enhancing security as we move to containers. There are several things we're doing there. So point being, we're looking at it through kind of the same lenses. >> So you threw out a couple things. I heard devops in there. In your keynote one of the things that you talked about a team going from 45 people (mumbles) to something to 12. Maybe explain a little bit about ops in your company, what happened to all those other 33 people. >> Okay quick questions, two parts. On the infrastructure as a service side, a few years ago we had a build team, mostly contractor driven, where we would use them to build servers, deploy applications, extremely manual. With converged technologies and all the automation that we had deployed, that team is down to 14, 15 people. Because a lot of the work has gone away, and our goal is to continue to fine tune that. So that's infrastructure as a service. Devops wise what we did was we carved out a team of four or five of what Gartner calls versatilists, multiskilled, multidisciplinary resources, senior engineers that focused on building out our devops practice on top of our platform as a service, and that has gone extremely well. You know the team has very successfully onboarded hundreds of microservices as we rearchitect some of our applications. So Vijay, talk us about the decision and the capability of being able to take monolithic applications, that are not going to be refactored and going to containers, there's a lot of debate on whether or not that's worth the trouble. But beyond that debate, talk to us about the importance and the reliance on the capability that Nutanix will be bringing in with ACS 2.0, are you guys looking to deploy that or are you looking to manage Kubernetes and that capability of managing these traditional applications inside of Kubernetes? >> Yeah, so we're a few steps ahead of Nutanix. In one of my conversations with Sunil I was saying man I wish this feature was available six months ago. So we are watching that development very closely. We are very interested in it. But because we have an existing Docker footprint, that's what we're leveraging for Kubernetes for now. >> Great, can you speak about Nutanix, the relationship you have with them, and their ecosystem. Things like secondary storage, you know how do you look at Nutanix as a partner and what do you see the maturity of their ecosystem? Any solutions you'd want to highlight there? >> Yeah, I mean, clearly what Nutanix did to the primary storage market, there's an emerging market on the secondary storage side, and we're working with a couple different companies to help us in that space. But just the Nutanix ecosystem itself, just because we are a few steps ahead and we've got some Nutanix components, we've got some third party components as part of Nutanix, I think the fact that Nutanix is becoming a one-stop shop as you can see with some of the announcements today, from a total cost of ownership perspective it becomes very interesting for someone like myself to say if I took out a few vendors or focused on the Nutanix stack, what does that mean? At what point is it usable? When can we start migrating, and those are the types of things we're going to focus on now. >> So have you gotten into a situation, especially considering that you're at least six months or so ahead of Nutanix when it comes to container orchestration, has the infrastructure gotten in your way at all? Have they done anything, because Nutanix can be opinionated in how they manage infrastructure. As that opinionation, has that opinion rather, gotten in your way as you look to go down your KaaS route? >> No, so far I would say no. I think a lot of their tooling is very intuitive, very easy to use. The engineers, with very minimal training, in fact, some of our engineers that retrained themselves on Nutanix happened over such a small duration and had to do with how simple to use Nutanix stack was. >> One of the lines I love from your presentation, you said you run IP as a business. What advice do you give to your peers out there, learnings you've had, staying a little bit ahead of some of the general marketplace. >> Yeah, I think the key is, back to kind of my initial comment, how do you build scale with an infrastructure? Meaning, how do you take on more workloads, new technologies, while managing your operating expenses tightly? We have essentially done that extremely well over the last few years where we have added to capacity, absorbed a lot of growth, introduced a lot of new technologies while keeping a very close eye on operating expenses. So I would say, if anything, when you run IT as a business, you take into account not just all the net adds, you have a program to consider optimizations. For example, we use a technology that helps us reduce physical VMWare based footprint. It helps us optimize and says here's where you have some debt capacity. You, as leaders and somebody in my position, should be willing and able to take out costs as well while taking on new technologies, I would say that's the key. So you're saying you guys are running IT as a business. What have been some of the KPIs and showing success in that transformation? >> Okay, we closely watch our operating expenses and we measure that as a percentage of total company operating expenses, what percentage are we of that? We closely watch time to market. How soon are we providing environments to ab dev teams. We closely watch stability off the underlying platforms, op time of those platforms. So I think those have direct impact on our internal clients as well as end clients. And then as a business, who are your competitors? >> As Northern Trust? >> No as you run IT as a business? >> Yeah, that's a great question. I would say cloud providers are competitors. But to be honest I shouldn't say that. I mean in a new model I want the team to think about cloud as just another endpoint, and we need to be able to safely and securely deploy the right app in the right cloud kind of the end state that we want to be in. So I wouldn't say they're competitors. I think we as a firm, or any firm should get comfortable with being able to orchestrate and move the right workloads in the right data centers to say. >> All right, Vijay, want to give you the final word. You're out there looking at some of the new technologies. What's exciting you, what's on your wishlist from the vendor community, maybe you can share. Personally I'm very excited about AI in ops. I know people talk about AI in financial services and the other industries. But I think the application of machine learning and AI within data center operations is relevant. And there's many things we're doing in that space in terms of a client facing chatbot that integrates with Link. Or certain add-ons onto Splunk that help you with machine learning and analyzing logs. Or bots that help you classify tickets and put them in the right cues at the right time. So we're looking at how to take advantage of those. Again, to build scale, to lower cost ownership, improve experience, etc., etc., so again, I think that's something I'm personally very, very excited about. >> All right, well Vijay Luthra, really appreciate sharing your story. Great success and look forward to catching up with you-- >> All right thank you. >> In the future. For Keith Townsend I'm Stu Miniman. Lots more coverage here from New Orleans Convention Center .NEXT, Nutanix's conference 2018. Thanks for watching theCUBE. (techno music)

(digital chime) (camera shutter) (bright pop music) >> Announcer: Live from New Orleans, Louisiana, it's theCUBE, covering .NEXT Conference 2018, brought to you by Nutanix. >> This is SiliconANGLE Media's production of theCUBE, live in New Orleans, Louisiana, I'm Stu Miniman, with my cohost Keith Townsend, happy to welcome back to the program, fresh off the keynote stage, marching band, you know, floats coming in, Mardi Gras atmosphere, and a slew of new products and updates. Sunil Potti, Chief Product & Development Officer at Nutanix. Sunil, thanks for joining us. >> Yeah, likewise Stu, anytime. >> Alright, so a lot that you covered in, so let's get into it, start with, you know, some of the broad company updates. We've been talking about this journey for making everything invisible. I'm waiting, the next time you're going to have the invisible man. Is a... no, no, no, you're putting the IT person forward. >> Yeah, you know we talk about that continuum between all the way from mainframes to like, whatever, HCI to now we've got cloud instance, hyper-converge, then cloud, and then there's functions. Then eventually we'll have NaaS, which is nothing as a service. Right, something like that, but I mean our journey I think of invisible infrastructure started off at hyper-convergence, so computing storage, and essentially it's just increased layers of convergence is how we see it, so if you can converge the networking stack, we converge the automation aspects, then we go in invisible data centers, and then eventually if you hyper-converge the cloud, CapEx and OpEx, public cloud, private clouds, distributed clouds, then you get an invisible cloud. So it's essentially, I think that's really how we've sort of professed this conference is invisible infrastructure evolving to invisible data centers to evolving to invisible clouds. >> You know, so Sunill, one of the things, if we've been talking to your customers, the question is, "Who is the Nutanix customer?" So, when we talked about kind of HCI, even before it was HCI, let's get ourselves out of the silos, you were working with the administrators and the architects. You've built some of these things, you know, you've got a new SaaS offering, you've got micro-segmentation. You're touching more of the business, and sometimes going up the stack too. >> Yeah, yeah, yeah, yeah. >> Who do you see as the primary customers? >> Yeah, I mean, I think for us, you know, if we just stayed as a broad HCI platform play, then we would probably be slowly making up our way of, between the server guys and the storage guys and maybe the director of infrastructure and so forth. And a lot of it has been groundswell movement for Nutanix over the last six, seven years, right? But, you know, this is what I talk about it to our customers, like when you actually go to cloud on AWS or GCP, there is no storage admin, there is no server admin, there's no one. There's only a cloud architect, and so I think that's what we've seen over the last few years is this evolution to this one single org called the cloud org within enterprises, and then you heard me say this before about this, you know eventually as we move up, our value up the stack, as we go from invisible infrastructure to clouds, our relevancy is also growing to the CIO, because the CIO can now be the CAO, which is the Chief Amazon Officer, or the Chief Alphabet, or the Chief Azure Officer, essentially the Chief Cloud Officer, where we can help them blur the lines between AWS inside, which is Nutanix, and then AWS outside. >> Yeah, I love that, because when we talk to customers, it's not "I'm building out "my multicloud, hybrid cloud, composite," whatever you want to call it, it's "We're "figuring out our digital transformation, "and we've got applications, we've got stuff we're SaaSifying, "there's cool things I've built, you know, "in the public cloud, and I've got, you know, "my data center and the transformation that "I'm going through there." So, the question I have for you is, what is Nutanix's position in the cloud? I didn't hear you going up on stage saying you're going to put five to 10 billion dollars a year into building out data centers and availability zones, and all those things there. Sometimes people misconstrue some of the journey and things like Zy, and they're like, "Oh, it rhymes with what Amazon's doing," or even many times, you know, similar services to an Amazon there, but partnerships with the public cloud providers, and you know, please help us set the record straight, that you're not standing up a public cloud. >> Yeah, I think look, we think increasingly the world, of the world of clouds is a dispersed world, right? I mean, you had to say that we think this construct called the core cloud, which is essentially both, you know, a private version and a public version that's harmonized together into this one enterprise core cloud, but then increasingly we are seeing cloud-like architecture in a remote office branch office or in a retail store, so we call that the distributed cloud, and then it's also with IOT especially, it's getting extended all the way to the edge, whether it be a one-node Nutanix deployment talking to a data center of clusters talking to GCP for machine learning. So we think that the world of clouds is going to emerge as the de facto standard, and public cloud just happens to be a big percentage of that. Private cloud will also be a decent percentage of that. So will these other clouds, so what we need is, I guess, one OS to bind them all, right? And that's the end goal for what we're embarking on, so one of the things that we've recognized is that one of different kinds of clouds is an extended enterprise cloud, where instead of having two primary data centers and two secondary data centers, and then having five cloud availability zones, why even be in the secondary business? What if the secondary data centers were subsumed into a cloud as a service, but you retained the same operational tooling as your primary data center? And that's really where Zy's footprint comes in is, it's to augment what a customer is going through's journey of private cloud or public cloud to this distributed cloud environment, that there will be some news cases that need to be fulfilled using the same cloud architecture. >> So Sunil, let's talk about the customer journey alongside Nutanix's journey. You guys are walking, term I heard a lot so far in the conference is, Nutanix is our partner, our partner in this journey in digital transformation. However, the customer today is very much infrastructure customers. You guys talk to developers, internal customers of your customers. What has been that story, and what has been that conversation? What have, what have you guys learned, and what have you taught your customers along the way? >> I mean I think it's, look we generally know, as I've mentioned on stage today, that we're in another decades worth of journey, as we go from invisible infrastructure to invisible clouds. That's not going to happen in six six months or so, but what we're finding is that, in the last, I would say four to five years, the view of what cloud can be used for, the "why" of cloud has changed. Initially, there used to be, "Oh, I need to get past IT," by developers, then it eventually became, "Oh, no, no, no, I need to use it as a way to, you know, to deliver a better IT." Now it's being used as a way to actually drive my business. And that's why we use the word digital transformation, just because it's a direct connotation to driving the top line, right? So, when you look at our customers and the journey that we're on, we also want to set expectations of what we are versus what we are not, right? So we're not about enabling the applications to be built, in the sense that, you know, we're not application software companies, but at the end of the day though, if we can abstract out all the, if I can call it, issues below an app and allow IT or the business to focus on a new org that we're calling, you know, the CIO and the CTO merged to be the CDO, right, the Chief Digital Officer, that becomes one org, and that's what we're seeing with many of our large customers is, many of our customers are, their orgs, either they were in the CIO organization, or the infrastructure organization, or the cloud organization, they're all now being merged into the CDO org, and the goal then becomes for it to power a digital transformation through various apps, but with our, essentially leveraging infrastructure as a boat anchor, right? It's more of an accelerator at that point. >> So, there's debate on where that ends, like you know, we can talk about with edge computing, like where does edge start and the core begin. The same thing with infrastructure. You guys made a really interesting announcement around your capability with databases today and being able to, I don't even know the term but, to put a prism-like experience to databases. Talk about those areas around what we've considered traditionally infrastructure, storage network compute, going to this middleware layer, where do you think you can help customers simplify their journey? >> I mean, I think just to recap, some of the ways that we've, you know, approached this year is, look we think about it as three layers of the cloud stack, which is we had computer storage virtualization and we sort of completed the IA stack with our Flow product, which delivers one-click secure networks. And then for the first time, even though our stack is good for running third-party workloads, just like the public cloud runs a lot of PaaS services, increasingly in enterprises, customers are asking for an opinionated view of a PaaS service. So we do have third-party partnerships with Cloudera, Hortonworks, a whole bunch of other third-party providers, but the core database workload, especially with Oracle being such a complex beast, but it's mainstream, the customer has said, "Look, "can you provide a one plus one "equals three kind of solution "for the world of database?" And that's what Nutanix Era is, and that sort of becomes sort of cornerstone of our first PaaS service, where we're trying to simplify database operations, including things like Oracle RAC, and that's what we demonstrated was to actually provision Oracle RAC in minutes, make clones, create dev instances, and democratize databases for the rest of developers using APIs. So that's the sort of evolution of the stack for us with Nutanix Era, and then we didn't stop there. We also sort of innovated with our first Nutanix SaaS service, with this product called Beam with the acquisition of Minjar, which essentially says, look multi-cloud needs to start with stability, and then obviously you enable control and then you add operational automation, and then visibility and so forth, right? So, with Beam there, it's sort of, sort of sets the stage for the fact that we can now add more to the multi-cloud portfolio. >> Sinil, Beam's an interesting one. Your first SaaS offering. Keith and I were talking before this. There are lots of companies out there that are trying to tackle this challenge. >> Sunil: Yeah, yeah, yeah, yeah, absolutely. >> With that have, you know, every single platform company out there is trying to tackle this, and then there's lot of independents. There's a lot that goes into, you know, maintaining, advising, you know, the whole consultancy world has spent decades doing this. How do you balance product development efforts there versus, you know, your core platform? You know, should this be an indication that you're going to build out a SaaS portfolio in the future? >> Got it, got it, got it. I know, that's a great question. So, so I think, just to take a step back, Minjar was an interesting company, because Netsil, the other acquisition, is also a bought in the cloud SaaS service that will integrate for hybrid, you know, visibility and networking, but also stand-alone application operations. But Minjar had this interesting history where it was originally a high-end advisory service for AWS. >> Stu: Right. >> It was in the top-five service partners for AWS, and they actually had dozens of customers that they still operate and manage and provide, you know, get a lot of learnings from helping customers, sort of, they are like the Navy SEALS of AWS and so forth, right? And when they built this product, which is now called as Beam, what we think about it is that, look that particular capability is a feature of a platform. It's not a stand-alone product category. What people are going to be looking forward to is a multi-cloud operational fabric, that has an app store and a marketplace, where I can go in and consume services, whether it be on prem or off prem, have a single pane of glass for visibility, again on prem or off prem, and then do one-click automation or orchestration, right? And so the fact that this single pane of glass has to cut over on prem as well as public cloud is the reason why we believe Nutanix has a play here to kind of make it a core feature, because we at least own one pillar of it, which is the on-prem stack, and to the extent that we can do an honest job of extending it to a deep job on AWS and DCP and others, then I think there's value added. >> How do you get closer to the application? When I look at this space, Oracle, IBM, and Microsoft have all been talking some similar messages on this, and that, the cloud strategies that they've gone through have that operational model, and you know, they own these applications, so you know, why Nutanix? >> Yeah, I mean I think it's another interesting question. So look, I think the world of apps, and I would say that power shift is happening obviously. We know that with IBM, but even with Oracle, as a mainstream enterprise app, if you really look at, say a public cloud conference, especially AWS's conference, if anything, the only vendor that they take potshots at is Oracle, because they see it as long-hanging fruit in the enterprise from a complexity side, right? And I think with the advent of cloud, the first time the customers have seen a real alternative to move away from this SQL engine on Oracle to potential Postgres or other alternatives. But to do that, you need abstractions. I need to be able to simplify my current environment of Oracle. At the same time, do it in a way that I can actually harmonize the API so that, oh, at some point, can I actually create another instance, but it's on Postgres, right? And the more I can provide that abstracted APIs, the more, you know, flexibility that's there for the customers to actually move from this legacy apps to the next generation apps. So I think, I guess the simple answer to your question is, look for us, even if you're not in the app business, if anything it's an asset than a liability, because then we can be completely neutral to the transformation from the old to the new. We have no skin in the game of keeping you in the old architecture, so if a customer says, "Look, I need to manage "my old, but I need an accelerated "way to get to the new cloud-native apps," then we are all for it. >> So Sinil, one of the, I think I would call this one of the first principles of Nutanix is this ideal of want-quick provisioning, the ability to simplify really complex, really hard things. You guys did it with HCI. The database management piece is another example. You're talking about it now, with ACS and the cloud. Let's talk about the, what happens when you zig when you should have zagged. In the case of going with Docker, the leading solution at the time, >> Sure, sure. >> Seemed like the right approach to go, now you guys are zagging. What makes Nutanix capable of making such a quick change and providing the consistent layer, like as customers go along with you on this journey, 6they count on APIs, they count on integrations, they count on just to, that basic capability and that it's stable. What gives customers the comfort level, that you know what, the complex stuff, Nutanix will take care of, if there needs to be a course correction from a culture and development platform perspective, they can right the ship? >> Yeah, no I think to your first question there Keith, I think, look, in this era now, it doesn't matter which business you're in, the time to succeed obviously is accelerated, but the time to fail is also accelerated, right? We just have to internalize that in our DNA. I would say of any high-growth company is to just be honest about failing fast. And I, yeah I mean I think Docker was a thing a year and a half ago, and we were early to market, and in fact, I would say it was our ACs and a couple of guys in Europe who actually recognized that, look why are we focusing on all this, when every customer that I talk to is testing out Kubernetes. And sure, we were sitting in Silicon Valley and Kubernetes was just coming up and so forth, and so I think it's two things, one their internalization that look, we have to fail fast in a high-growth business like ours. And then two, having the sensors that give us indications of, are we in the right course or not is also important. And so, the other thing that I would say that has worked well with this company than my prior companies is the fact that it, while it is hierarchical for scale, it is one inch to end from a communications perspective. Things like Slack, things like the communication mechanism, allow us to have that real-time touch with the front guys that focus on the customers and so forth. So, so for example, once the clarity was there around ACS to kind of zag on Kubernetes, the whole system was able to lean in, because the "why" of doing that was clear. The "what" and the "how" follow, right? I mean that's really what, how we will keep it going. >> Alright Sunil, before we let you you go, I want to bring back to the infrastructure side. You've had a few of the solutions that are growing really fast. I know you've highlighted the AFS, the Acropolis File Services. I've got the new object service that just got announced. At core platform, what are the areas that are catching wildfire for your customers? >> That's a great question, so on the core platform, which is still our bread and butter to some extent, our core focus has been about it becoming like the OS for the enterprise, period, right? And there's no workloads left as an island. And right now if I can, you know, three years ago we were talking about workloads that we're good for. Nowadays, I talk about workloads that we're not good for. So if I'm a scale-up database that requires certification, I can tell you about some of those that we are short of getting certified, but once that happens, there should be no workload that we're not good far. And that's where AFS comes in, that's where object services come in is, these are all requirements in the core OS that are needed to solve for those kinds of workloads. And, one thing though, to Keith's earlier point, that we have tried to keep honest, and that's why some of these take longer to come out, is that they still have to hold the bar of instant upgrades. Start small, start quickly, pay as you grow. They all have to follow the same ground rules, right? And that is what is keeping us honest frankly, in the overall desire. >> Okay, want to give you the final word, as Keith said, your customers consider Nutanix a partner. As they leave Nutanix .NEXT 2018, how should they be considering Nutanix? >> Yeah, no I think leaving Nutanix, they should recognize us as a company that obviously needs to be hungry, that needs to have a bold vision. We, you know, in our core values, we will make mistakes, we are vulnerable. But we are, you know, hopefully transparent about it, so that that's the, at the end of the day, the core essence of a partnership is that level of transparency between two people, right? And that's what we are hoping that customers will take away from the conference. >> Alright, well Sunil, it's always been a pleasure to document everything going at, since the inaugural .NEXT back in Miami, and we'll look forward to seeing you at the next show, where we'll make sure to pin you on, you know, how we've gone first. >> Sounds good. >> Sunil Potti and Keith Townsend. I'm Stu Miniman, be back with lots more coverage. Thanks for watching theCUBE. (techno music)

>> PA Announcer: Off the plastic tab, and we'll turn on the colors. Welcome to New Orleans. ♪ This is it ♪ ♪ The part when I say I don't want ya ♪ ♪ I'm stronger than I've been before ♪ ♪ This is the part when I set your free ♪ (New Orleans jazz music) ("When the Saints Go Marching In") (rock music) >> PA Announcer: Ladies and gentleman, would you please welcome state of Louisiana chief design officer Matthew Vince and Choice Hotels director of infrastructure services Stacy Nigh. (rock music) >> Well good morning New Orleans, and welcome to my home state. My name is Matt Vince. I'm the chief design office for state of Louisiana. And it's my pleasure to welcome you all to .Next 2018. State of Louisiana is currently re-architecting our cloud infrastructure and Nutanix is the first domino to fall in our strategy to deliver better services to our citizens. >> And I'd like to second that warm welcome. I'm Stacy Nigh director of infrastructure services for Choice Hotels International. Now you may think you know Choice, but we don't own hotels. We're a technology company. And Nutanix is helping us innovate the way we operate to support our franchisees. This is my first visit to New Orleans and my first .Next. >> Well Stacy, you're in for a treat. New Orleans is known for its fabulous food and its marvelous music, but most importantly the free spirit. >> Well I can't wait, and speaking of free, it's my pleasure to introduce the Nutanix Freedom video, enjoy. ♪ I lose everything, so I can sing ♪ ♪ Hallelujah I'm free ♪ ♪ Ah, ah, ♪ ♪ Ah, ah, ♪ ♪ I lose everything, so I can sing ♪ ♪ Hallelujah I'm free ♪ ♪ I lose everything, so I can sing ♪ ♪ Hallelujah I'm free ♪ ♪ I'm free, I'm free, I'm free, I'm free ♪ ♪ Gritting your teeth, you hold onto me ♪ ♪ It's never enough, I'm never complete ♪ ♪ Tell me to prove, expect me to lose ♪ ♪ I push it away, I'm trying to move ♪ ♪ I'm desperate to run, I'm desperate to leave ♪ ♪ If I lose it all, at least I'll be free ♪ ♪ Ah, ah ♪ ♪ Ah, ah ♪ ♪ Hallelujah, I'm free ♪ >> PA Announcer: Ladies and gentlemen, please welcome chief marketing officer Ben Gibson ♪ Ah, ah ♪ ♪ Ah, ah ♪ ♪ Hallelujah, I'm free ♪ >> Welcome, good morning. >> Audience: Good morning. >> And welcome to .Next 2018. There's no better way to open up a .Next conference than by hearing from two of our great customers. And Matthew, thank you for welcoming us to this beautiful, your beautiful state and city. And Stacy, this is your first .Next, and I know she's not alone because guess what It's my first .Next too. And I come properly attired. In the front row, you can see my Nutanix socks, and I think my Nutanix blue suit. And I know I'm not alone. I think over 5,000 people in attendance here today are also first timers at .Next. And if you are here for the first time, it's in the morning, let's get moving. I want you to stand up, so we can officially welcome you into the fold. Everyone stand up, first time. All right, welcome. (audience clapping) So you are all joining not just a conference here. This is truly a community. This is a community of the best and brightest in our industry I will humbly say that are coming together to share best ideas, to learn what's happening next, and in particular it's about forwarding not only your projects and your priorities but your careers. There's so much change happening in this industry. It's an opportunity to learn what's coming down the road and learn how you can best position yourself for this whole new world that's happening around cloud computing and modernizing data center environments. And this is not just a community, this is a movement. And it's a movement that started quite awhile ago, but the first .Next conference was in the quiet little town of Miami, and there was about 800 of you in attendance or so. So who in this hall here were at that first .Next conference in Miami? Let me hear from you. (audience members cheering) Yep, well to all of you grizzled veterans of the .Next experience, welcome back. You have started a movement that has grown and this year across many different .Next conferences all over the world, over 20,000 of your community members have come together. And we like to do it in distributed architecture fashion just like here in Nutanix. And so we've spread this movement all over the world with .Next conferences. And this is surging. We're also seeing just today the current count 61,000 certifications and climbing. Our Next community, close to 70,000 active members of our online community because .Next is about this big moment, and it's about every other day and every other week of the year, how we come together and explore. And my favorite stat of all. Here today in this hall amongst the record 5,500 registrations to .Next 2018 representing 71 countries in whole. So it's a global movement. Everyone, welcome. And you know when I got in Sunday night, I was looking at the tweets and the excitement was starting to build and started to see people like Adile coming from Casablanca. Adile wherever you are, welcome buddy. That's a long trip. Thank you so much for coming and being here with us today. I saw other folks coming from Geneva, from Denmark, from Japan, all over the world coming together for this moment. And we are accomplishing phenomenal things together. Because of your trust in us, and because of some early risk candidly that we have all taken together, we've created a movement in the market around modernizing data center environments, radically simplifying how we operate in the services we deliver to our businesses everyday. And this is a movement that we don't just know about this, but the industry is really taking notice. I love this chart. This is Gartner's inaugural hyperconvergence infrastructure magic quadrant chart. And I think if you see where Nutanix is positioned on there, I think you can agree that's a rout, that's a homerun, that's a mic drop so to speak. What do you guys think? (audience clapping) But here's the thing. It says Nutanix up there. We can honestly say this is a win for this hall here. Because, again, without your trust in us and what we've accomplished together and your partnership with us, we're not there. But we are there, and it is thanks to everyone in this hall. Together we have created, expanded, and truly made this market. Congratulations. And you know what, I think we're just getting started. The same innovation, the same catalyst that we drove into the market to converge storage network compute, the next horizon is around multi-cloud. The next horizon is around whether by accident or on purpose the strong move with different workloads moving into public cloud, some into private cloud moving back and forth, the promise of application mobility, the right workload on the right cloud platform with the right economics. Economics is key here. If any of you have a teenager out there, and they have a hold of your credit card, and they're doing something online or the like. You get some surprises at the end of the month. And that surprise comes in the form of spiraling public cloud costs. And this isn't to say we're not going to see a lot of workloads born and running in public cloud, but the opportunity is for us to take a path that regains control over infrastructure, regain control over workloads and where they're run. And the way I look at it for everyone in this hall, it's a journey we're on. It starts with modernizing those data center environments, continues with embracing the full cloud stack and the compelling opportunity to deliver that consumer experience to rapidly offer up enterprise compute services to your internal clients, lines of businesses and then out into the market. It's then about how you standardize across an enterprise cloud environment, that you're not just the infrastructure but the management, the automation, the control, and running any tier one application. I hear this everyday, and I've heard this a lot already this week about customers who are all in with this approach and running those tier one applications on Nutanix. And then it's the promise of not only hyperconverging infrastructure but hyperconverging multiple clouds. And if we do that, this journey the way we see it what we are doing is building your enterprise cloud. And your enterprise cloud is about the private cloud. It's about expanding and managing and taking back control of how you determine what workload to run where, and to make sure there's strong governance and control. And you're radically simplifying what could be an awfully complicated scenario if you don't reclaim and put your arms around that opportunity. Now how do we do this different than anyone else? And this is going to be a big theme that you're going to see from my good friend Sunil and his good friends on the product team. What are we doing together? We're taking all of that legacy complexity, that friction, that inability to be able to move fast because you're chained to old legacy environments. I'm talking to folks that have applications that are 40 years old, and they are concerned to touch them because they're not sure if they can react if their infrastructure can meet the demands of a new, modernized workload. We're making all that complexity invisible. And if all of that is invisible, it allows you to focus on what's next. And that indeed is the spirit of this conference. So if the what is enterprise cloud, and the how we do it different is by making infrastructure invisible, data centers, clouds, then why are we all here today? What is the binding principle that spiritually, that emotionally brings us all together? And we think it's a very simple, powerful word, and that word is freedom. And when we think about freedom, we think about as we work together the freedom to build the data center that you've always wanted to build. It's about freedom to run the applications where you choose based on the information and the context that wasn't available before. It's about the freedom of choice to choose the right cloud platform for the right application, and again to avoid a lot of these spiraling costs in unanticipated surprises whether it be around security, whether it be around economics or governance that come to the forefront. It's about the freedom to invent. It's why we got into this industry in the first place. We want to create. We want to build things not keep the lights on, not be chained to mundane tasks day by day. And it's about the freedom to play. And I hear this time and time again. My favorite tweet from a Nutanix customer to this day is just updated a lot of nodes at 38,000 feed on United Wifi, on my way to spend vacation with my family. Freedom to play. This to me is emotionally what brings us all together and what you saw with the Freedom video earlier, and what you see here is this new story because we want to go out and spread the word and not only talk about the enterprise cloud, not only talk about how we do it better, but talk about why it's so compelling to be a part of this hall here today. Now just one note of housekeeping for everyone out there in case I don't want anyone to take a wrong turn as they come to this beautiful convention center here today. A lot of freedom going on in this convention center. As luck may have it, there's another conference going on a little bit down that way based on another high growth, disruptive industry. Now MJBizCon Next, and by coincidence it's also called next. And I have to admire the creativity. I have to admire that we do share a, hey, high growth business model here. And in case you're not quite sure what this conference is about. I'm the head of marketing here. I have to show the tagline of this. And I read the tagline from license to launch and beyond, the future of the, now if I can replace that blank with our industry, I don't know, to me it sounds like a new, cool Sunil product launch. Maybe launching a new subscription service or the like. Stay tuned, you never know. I think they're going to have a good time over there. I know we're going to have a wonderful week here both to learn as well as have a lot of fun particularly in our customer appreciation event tonight. I want to spend a very few important moments on .Heart. .Heart is Nutanix's initiative to promote diversity in the technology arena. In particular, we have a focus on advancing the careers of women and young girls that we want to encourage to move into STEM and high tech careers. You have the opportunity to engage this week with this important initiative. Please role the video, and let's learn more about how you can do so. >> Video Plays (electronic music) >> So all of you have received these .Heart tokens. You have the freedom to go and choose which of the four deserving charities can receive donations to really advance our cause. So I thank you for your engagement there. And this community is behind .Heart. And it's a very important one. So thank you for that. .Next is not the community, the moment it is without our wonderful partners. These are our amazing sponsors. Yes, it's about sponsorship. It's also about how we integrate together, how we innovate together, and we're about an open community. And so I want to thank all of these names up here for your wonderful sponsorship of this event. I encourage everyone here in this room to spend time, get acquainted, get reacquainted, learn how we can make wonderful music happen together, wonderful music here in New Orleans happen together. .Next isn't .Next with a few cool surprises. Surprise number one, we have a contest. This is a still shot from the Freedom video you saw right before I came on. We have strategically placed a lucky seven Nutanix Easter eggs in this video. And if you go to Nutanix.com/freedom, watch the video. You may have to use the little scrubbing feature to slow down 'cause some of these happen quickly. You're going to find some fun, clever Easter eggs. List all seven, tweet that out, or as many as you can, tweet that out with hashtag nextconf, C, O, N, F, and we'll have a random drawing for an all expenses paid free trip to .Next 2019. And just to make sure everyone understands Easter egg concept. There's an eighth one here that's actually someone that's quite famous in our circles. If you see on this still shot, there's someone in the back there with a red jacket on. That's not just anyone. We're targeting in here. That is our very own Julie O'Brien, our senior vice president of corporate marketing. And you're going to hear from Julie later on here at .Next. But Julie and her team are the engine and the creativity behind not only our new Freedom campaign but more importantly everything that you experience here this week. Julie and her team are amazing, and we can't wait for you to experience what they've pulled together for you. Another surprise, if you go and visit our Freedom booths and share your stories. So they're like video booths, you share your success stories, your partnerships, your journey that I talked about, you will be entered to win a beautiful Nutanix brand compliant, look at those beautiful colors, bicycle. And it's not just any bicycle. It's a beautiful bicycle made by our beautiful customer Trek. I actually have a Trek bike. I love cycling. Unfortunately, I'm not eligible, but all of you are. So please share your stories in the Freedom Nutanix's booths and put yourself in the running, or in the cycling to get this prize. One more thing I wanted to share here. Yesterday we had a great time. We had our inaugural Nutanix hackathon. This hackathon brought together folks that were in devops practices, many of you that are in this room. We sold out. We thought maybe we'd get four or five teams. We had to shutdown at 14 teams that were paired together with a Nutanix mentor, and you coded. You used our REST APIs. You built new apps that integrated in with Prism and Clam. And it was wonderful to see this. Everyone I talked to had a great time on this. We had three winners. In third place, we had team Copper or team bronze, but team Copper. Silver, Not That Special, they're very humble kind of like one of our key mission statements. And the grand prize winner was We Did It All for the Cookies. And you saw them coming in on our Mardi Gras float here. We Did It All for Cookies, they did this very creative job. They leveraged an Apple Watch. They were lighting up VMs at a moments notice utilizing a lot of their coding skills. Congratulations to all three, first, second, and third all receive $2,500. And then each of them, then were able to choose a charity to deliver another $2,500 including Ronald McDonald House for the winner, we did it all for the McDonald Land cookies, I suppose, to move forward. So look for us to do more of these kinds of events because we want to bring together infrastructure and application development, and this is a great, I think, start for us in this community to be able to do so. With that, who's ready to hear form Dheeraj? You ready to hear from Dheeraj? (audience clapping) I'm ready to hear from Dheeraj, and not just 'cause I work for him. It is my distinct pleasure to welcome on the stage our CEO, cofounder and chairman Dheeraj Pandey. ("Free" by Broods) ♪ Hallelujah, I'm free ♪ >> Thank you Ben and good morning everyone. >> Audience: Good morning. >> Thank you so much for being here. It's just such an elation when I'm thinking about the Mardi Gras crowd that came here, the partners, the customers, the NTCs. I mean there's some great NTCs up there I could relate to because they're on Slack as well. How many of you are in Slack Nutanix internal Slack channel? Probably 5%, would love to actually see this community grow from here 'cause this is not the only even we would love to meet you. We would love to actually do this in a real time bite size communication on our own internal Slack channel itself. Now today, we're going to talk about a lot of things, but a lot of hard things, a lot of things that take time to build and have evolved as the industry itself has evolved. And one of the hard things that I want to talk about is multi-cloud. Multi-cloud is a really hard problem 'cause it's full of paradoxes. It's really about doing things that you believe are opposites of each other. It's about frictionless, but it's also about governance. It's about being simple, and it's also about being secure at the same time. It's about delight, it's about reducing waste, it's about owning, and renting, and finally it's also about core and edge. How do you really make this big at a core data center whether it's public or private? Or how do you really shrink it down to one or two nodes at the edge because that's where your machines are, that's where your people are? So this is a really hard problem. And as you hear from Sunil and the gang there, you'll realize how we've actually evolved our solutions to really cater to some of these. One of the approaches that we have used to really solve some of these hard problems is to have machines do more, and I said a lot of things in those four words, have machines do more. Because if you double-click on that sentence, it really means we're letting design be at the core of this. And how do you really design data centers, how do you really design products for the data center that hush all the escalations, the details, the complexities, use machine-learning and AI and you know figure our anomaly detection and correlations and patter matching? There's a ton of things that you need to do to really have machines do more. But along the way, the important lesson is to make machines invisible because when machines become invisible, it actually makes something else visible. It makes you visible. It makes governance visible. It makes applications visible, and it makes services visible. A lot of things, it makes teams visible, careers visible. So while we're really talking about invisibility of machines, we're talking about visibility of people. And that's how we really brought all of you together in this conference as well because it makes all of us shine including our products, and your careers, and your teams as well. And I try to define the word customer success. You know it's one of the favorite words that I'm actually using. We've just hired a great leader in customer success recently who's really going to focus on this relatively hard problem, yet another hard problem of customer success. We think that customer success, true customer success is possible when we have machines tend towards invisibility. But along the way when we do that, make humans tend towards freedom. So that's the real connection, the yin-yang of machines and humans that Nutanix is really all about. And that's why design is at the core of this company. And when I say design, I mean reducing friction. And it's really about reducing friction. And everything we do, the most mundane of things which could be about migrating applications, spinning up VMs, self-service portals, automatic upgrades, and automatic scale out, and all the things we do is about reducing friction which really makes machines become invisible and humans gain freedom. Now one of the other convictions we have is how all of us are really tied at the hip. You know our success is tied to your success. If we make you successful, and when I say you, I really mean Main Street. Main Street being customers, and partners, and employees. If we make all of you successful, then we automatically become successful. And very coincidentally, Main Street and Wall Street are also tied in that very same relation as well. If we do a great job at Main Street, I think the Wall Street customer, i.e. the investor, will take care of itself. You'll have you know taken care of their success if we took care of Main Street success itself. And that's the narrative that our CFO Dustin Williams actually went and painted to our Wall Street investors two months ago at our investor day conference. We talked about a $3 billion number. We said look as a company, as a software company, we can go and achieve $3 billion in billings three years from now. And it was a telling moment for the company. It was really about talking about where we could be three years from now. But it was not based on a hunch. It was based on what we thought was customer success. Now realize that $3 billion in pure software. There's only 10 to 15 companies in the world that actually have that kind of software billings number itself. But at the core of this confidence was customer success, was the fact that we were doing a really good job of not over promising and under delivering but under promising starting with small systems and growing the trust of the customers over time. And this is one of the statistics we actually talk about is repeat business. The first dollar that a Global 2000 customer spends in Nutanix, and if we go and increase their trust 15 times by year six, and we hope to actually get 17 1/2 and 19 times more trust in the years seven and eight. It's very similar numbers for non Global 2000 as well. Again, we go and really hustle for customer success, start small, have you not worry about paying millions of dollars upfront. You know start with systems that pay as they grow, you pay as they grow, and that's the way we gain trust. We have the same non Global 2000 pay $6 1/2 for the first dollar they've actually spent on us. And with this, I think the most telling moment was when Dustin concluded. And this is key to this audience here as well. Is how the current cohorts which is this audience here and many of them were not here will actually carry the weight of $3 billion, more than 50% of it if we did a great job of customer success. If we were humble and honest and we really figured out what it meant to take care of you, and if we really understood what starting small was and having to gain the trust with you over time, we think that more than 50% of that billings will actually come from this audience here without even looking at new logos outside. So that's the trust of customer success for us, and it takes care of pretty much every customer not just the Main Street customer. It takes care of Wall Street customer. It takes care of employees. It takes care of partners as well. Now before I talk about technology and products, I want to take a step back 'cause many of you are new in this audience. And I think that it behooves us to really talk about the history of this company. Like we've done a lot of things that started out as science projects. In fact, I see some tweets out there and people actually laugh at Nutanix cloud. And this is where we were in 2012. So if you take a step back and think about where the company was almost seven, eight years ago, we were up against giants. There was a $30 billion industry around network attached storage, and storage area networks and blade servers, and hypervisors, and systems management software and so on. So what did we start out with? Very simple premise that we will collapse the architecture of the data center because three tier is wasteful and three tier is not delightful. It was a very simple hunch, we said we'll take rack mount servers, we'll put a layer of software on top of it, and that layer of software back then only did storage. It didn't do networks and security, and it ran on top of a well known hypervisor from VMware. And we said there's one non negotiable thing. The fact that the design must change. The control plane for this data center cannot be the old control plane. It has to be rethought through, and that's why Prism came about. Now we went and hustled hard to add more things to it. We said we need to make this diverse because it can't just be for one application. We need to make it CPU heavy, and memory heavy, and storage heavy, and flash heavy and so on. And we built a highly configurable HCI. Now all of them are actually configurable as you know of today. And this was not just innovation in technologies, it was innovation in business and sizing, capacity planning, quote to cash business processes. A lot of stuff that we had to do to make this highly configurable, so you can really scale capacity and performance independent of each other. Then in 2014, we did something that was very counterintuitive, but we've done this on, and on, and on again. People said why are you disrupting yourself? You know you've been doing a good job of shipping appliances, but we also had the conviction that HCI was not about hardware. It was about a form factor, but it was really about an operating system. And we started to compete with ourselves when we said you know what we'll do arm's length distribution, we'll do arm's length delivery of products when we give our software to our Dell partner, to Dell as a partner, a loyal partner. But at the same time, it was actually seen with a lot of skepticism. You know these guys are wondering how to really make themselves vanish because they're competing with themselves. But we also knew that if we didn't compete with ourselves someone else will. Now one of the most controversial decisions was really going and doing yet another hypervisor. In the year 2015, it was really preposterous to build yet another hypervisor. It was a very mature market. This was coming probably 15 years too late to the market, or at least 10 years too late to market. And most people said it shouldn't be done because hypervisor is a commodity. And that's the word we latched on to. That this commodity should not have to be paid for. It shouldn't have a team of people managing it. It should actually be part of your overall stack, but it should be invisible. Just like storage needs to be invisible, virtualization needs to be invisible. But it was a bold step, and I think you know at least when we look at our current numbers, 1/3rd of our customers are actually using AHV. At least every quarter that we look at it, our new deployments, at least 35% of it is actually being used on AHV itself. And again, a very preposterous thing to have said five years ago, four years ago to where we've actually come. Thank you so much for all of you who've believed in the fact that virtualization software must be invisible and therefore we should actually try out something that is called AHV today. Now we went and added Lenovo to our OEM mix, started to become even more of a software company in the year 2016. Went and added HP and Cisco in some of very large deals that we talk about in earnings call, our HP deals and Cisco deals. And some very large customers who have procured ELAs from us, enterprise license agreements from us where they want to mix and match hardware. They want to mix Dell hardware with HP hardware but have common standard Nutanix entitlements. And finally, I think this was another one of those moments where we say why should HCI be only limited to X86. You know this operating systems deserves to run on a non X86 architecture as well. And that gave birth to this idea of HCI and Power Systems from IBM. And we've done a great job of really innovating with them in the last three, four quarters. Some amazing innovation that has come out where you can now run AIX 7.x on Nutanix. And for the first time in the history of data center, you can actually have a single software not just a data plane but a control plane where you can manage an IBM farm, an Power farm, and open Power farm and an X86 farm from the same control plane and have you know the IBM farm feed storage to an Intel compute farm and vice versa. So really good things that we've actually done. Now along the way, something else was going on while we were really busy building the private cloud, we knew there was a new consumption model on computing itself. People were renting computing using credit cards. This is the era of the millennials. They were like really want to bypass people because at the end of the day, you know why can't computing be consumed the way like eCommerce is? And that devops movement made us realize that we need to add to our stack. That stack will now have other computing clouds that is AWS and Azure and GCP now. So similar to the way we did Prism. You know Prism was really about going and making hypervisors invisible. You know we went ahead and said we'll add Calm to our portfolio because Calm is now going to be what Prism was to us back when we were really dealing with multi hypervisor world. Now it's going to be multi-cloud world. You know it's one of those things we had a gut around, and we really come to expect a lot of feedback and real innovation. I mean yesterday when we had the hackathon. The center, the epicenter of the discussion was Calm, was how do you automate on multiple clouds without having to write a single line of code? So we've come a long way since the acquisition of Calm two years ago. I think it's going to be a strong pillar in our overall product portfolio itself. Now the word multi-cloud is going to be used and over used. In fact, it's going to be blurring its lines with the idea of hyperconvergence of clouds, you know what does it mean. We just hope that hyperconvergence, the way it's called today will morph to become hyperconverged clouds not just hyperconverged boxes which is a software defined infrastructure definition itself. But let's focus on the why of multi-cloud. Why do we think it can't all go into a public cloud itself? The one big reason is just laws of the land. There's data sovereignty and computing sovereignty, regulations and compliance because of which you need to be in where the government with the regulations where the compliance rules want you to be. And by the way, that's just one reason why the cloud will have to disperse itself. It can't just be 10, 20 large data centers around the world itself because you have 200 plus countries and half of computing actually gets done outside the US itself. So it's a really important, very relevant point about the why of multi-cloud. The second one is just simple laws of physics. You know if there're machines at the edge, and they're producing so much data, you can't bring all the data to the compute. You have to take the compute which is stateless, it's an app. You take the app to where the data is because the network is the enemy. The network has always been the enemy. And when we thought we've made fatter networks, you've just produced more data as well. So this just goes without saying that you take something that's stateless that's without gravity, that's lightweight which is compute and the application and push it close to where the data itself is. And the third one which is related is just latency reasons you know? And it's not just about machine latency and electrons transferring over the speed light, and you can't defy the speed of light. It's also about human latency. It's also about multiple teams saying we need to federate and delegate, and we need to push things down to where the teams are as opposed to having to expect everybody to come to a very large computing power itself. So all the ways, the way they are, there will be at least three different ways of looking at multi-cloud itself. There's a centralized core cloud. We all go and relate to this because we've seen large data centers and so on. And that's the back office workhorse. It will crunch numbers. It will do processing. It will do a ton of things that will go and produce results for you know how we run our businesses, but there's also the dispersal of the cloud, so ROBO cloud. And this is the front office server that's really serving. It's a cloud that's going to serve people. It's going to be closer to people, and that's what a ROBO cloud is. We have a ton of customers out here who actually use Nutanix and the ROBO environments themselves as one node, two node, three node, five node servers, and it just collapses the entire server closet room in these ROBOs into something really, really small and minuscule. And finally, there's going to be another dispersed edge cloud because that's where the machines are, that's where the data is. And there's going to be an IOT machine fog because we need to miniaturize computing to something even smaller, maybe something that can really land in the palm in a mini server which is a PC like server, but you need to run everything that's enterprise grade. You should be able to go and upgrade them and monitor them and analyze them. You know do enough computing up there, maybe event-based processing that can actually happen. In fact, there's some great innovation that we've done at the edge with IOTs that I'd love for all of you to actually attend some sessions around as well. So with that being said, we have a hole in the stack. And that hole is probably one of the hardest problems that we've been trying to solve for the last two years. And Sunil will talk a lot about that. This idea of hybrid. The hybrid of multi-cloud is one of the hardest problems. Why? Because we're talking about really blurring the lines with owning and renting where you have a single-tenant environment which is your data center, and a multi-tenant environment which is the service providers data center, and the two must look like the same. And the two must look like the same is that hard a problem not just for burst out capacity, not just for security, not just for identity but also for networks. Like how do you blur the lines between networks? How do you blur the lines for storage? How do you really blur the lines for a single pane of glass where you can think of availability zones that look highly symmetric even though they're not because one of 'em is owned by you, and it's single-tenant. The other one is not owned by you, that's multi-tenant itself. So there's some really hard problems in hybrid that you'll hear Sunil talk about and the team. And some great strides that we've actually made in the last 12 months of really working on Xi itself. And that completes the picture now in terms of how we believe the state of computing will be going forward. So what are the must haves of a multi-cloud operating system? We talked about marketplace which is catalogs and automation. There's a ton of orchestration that needs to be done for multi-cloud to come together because now you have a self-service portal which is providing an eCommerce view. It's really about you know getting to do a lot of requests and workflows without having people come in the way, without even having tickets. There's no need for tickets if you can really start to think like a self-service portal as if you're just transacting eCommerce with machines and portals themselves. Obviously the next one is networking security. You need to blur the lines between on-prem and off-prem itself. These two play a huge role. And there's going to be a ton of details that you'll see Sunil talk about. But finally, what I want to focus on the rest of the talk itself here is what governance and compliance. This is a hard problem, and it's a hard problem because things have evolved. So I'm going to take a step back. Last 30 years of computing, how have consumption models changed? So think about it. 30 years ago, we were making decisions for 10 plus years, you know? Mainframe, at least 10 years, probably 20 plus years worth of decisions. These were decisions that were extremely waterfall-ish. Make 10s of millions of dollars worth of investment for a device that we'd buy for at least 10 to 20 years. Now as we moved to client-server, that thing actually shrunk. Now you're talking about five years worth of decisions, and these things were smaller. So there's a little bit more velocity in our decisions. We were not making as waterfall-ish decision as we used to with mainframes. But still five years, talk about virtualized, three tier, maybe three to five year decisions. You know they're still relatively big decisions that we were making with computer and storage and SAN fabrics and virtualization software and systems management software and so on. And here comes Nutanix, and we said no, no. We need to make it smaller. It has to become smaller because you know we need to make more agile decisions. We need to add machines every week, every month as opposed to adding you know machines every three to five years. And we need to be able to upgrade them, you know any point in time. You can do the upgrades every month if you had to, every week if you had to and so on. So really about more agility. And yet, we were not complete because there's another evolution going on, off-prem in the public cloud where people are going and doing reserved instances. But more than that, they were doing on demand stuff which no the decision was days to weeks. Some of these things that unitive compute was being rented for days to weeks, not years. And if you needed something more, you'd shift a little to the left and use reserved instances. And then spot pricing, you could do spot pricing for hours and finally lambda functions. Now you could to function as a service where things could actually be running only for minutes not even hours. So as you can see, there's a wide spectrum where when you move to the right, you get more elasticity, and when you move to the left, you're talking about predictable decision making. And in fact, it goes from minutes on one side to 10s of years on the other itself. And we hope to actually go and blur the lines between where NTNX is today where you see Nutanix right now to where we really want to be with reserved instances and on demand. And that's the real ask of Nutanix. How do you take care of this discontinuity? Because when you're owning things, you actually end up here, and when you're renting things, you end up here. What does it mean to really blur the lines between these two because people do want to make decisions that are better than reserved instance in the public cloud. We'll talk about why reserved instances which looks like a proxy for Nutanix it's still very, very wasteful even though you might think it's delightful, it's very, very wasteful. So what does it mean for on-prem and off-prem? You know you talk about cost governance, there's security compliance. These high velocity decisions we're actually making you know where sometimes you could be right with cost but wrong on security, but sometimes you could be right in security but wrong on cost. We need to really figure out how machines make some of these decisions for us, how software helps us decide do we have the right balance between cost, governance, and security compliance itself? And to get it right, we have introduced our first SAS service called Beam. And to talk more about Beam, I want to introduce Vijay Rayapati who's the general manager of Beam engineering to come up on stage and talk about Beam itself. Thank you Vijay. (rock music) So you've been here a couple of months now? >> Yes. >> At the same time, you spent the last seven, eight years really handling AWS. Tell us more about it. >> Yeah so we spent a lot of time trying to understand the last five years at Minjar you know how customers are really consuming in this new world for their workloads. So essentially what we tried to do is understand the consumption models, workload patterns, and also build algorithms and apply intelligence to say how can we lower this cost and you know improve compliance of their workloads.? And now with Nutanix what we're trying to do is how can we converge this consumption, right? Because what happens here is most customers start with on demand kind of consumption thinking it's really easy, but the total cost of ownership is so high as the workload elasticity increases, people go towards spot or a scaling, but then you need a lot more automation that something like Calm can help them. But predictability of the workload increases, then you need to move towards reserved instances, right to lower costs. >> And those are some of the things that you go and advise with some of the software that you folks have actually written. >> But there's a lot of waste even in the reserved instances because what happens it while customers make these commitments for a year or three years, what we see across, like we track a billion dollars in public cloud consumption you know as a Beam, and customers use 20%, 25% of utilization of their commitments, right? So how can you really apply, take the data of consumption you know apply intelligence to essentially reduce their you know overall cost of ownership. >> You said something that's very telling. You said reserved instances even though they're supposed to save are still only 20%, 25% utilized. >> Yes, because the workloads are very dynamic. And the next thing is you can't do hot add CPU or hot add memory because you're buying them for peak capacity. There is no convergence of scaling that apart from the scaling as another node. >> So you actually sized it for peak, but then using 20%, 30%, you're still paying for the peak. >> That's right. >> Dheeraj: That can actually add up. >> That's what we're trying to say. How can we deliver visibility across clouds? You know how can we deliver optimization across clouds and consumption models and bring the control while retaining that agility and demand elasticity? >> That's great. So you want to show us something? >> Yeah absolutely. So this is Beam as just Dheeraj outlined, our first SAS service. And this is my first .Next. And you know glad to be here. So what you see here is a global consumption you know for a business across different clouds. Whether that's in a public cloud like Amazon, or Azure, or Nutanix. We kind of bring the consumption together for the month, the recent month across your accounts and services and apply intelligence to say you know what is your spent efficiency across these clouds? Essentially there's a lot of intelligence that goes in to detect your workloads and consumption model to say if you're spending $100, how efficiently are you spending? How can you increase that? >> So you have a centralized view where you're looking at multiple clouds, and you know you talk about maybe you can take an example of an account and start looking at it? >> Yes, let's go into a cloud provider like you know for this business, let's go and take a loot at what's happening inside an Amazon cloud. Here we get into the deeper details of what's happening with the consumption of a specific services as well as the utilization of both on demand and RI. You know what can you do to lower your cost and detect your spend efficiency of a dollar to see you know are there resources that are provisioned by teams for applications that are not being used, or are there resources that we should go and rightsize because you know we have all this monitoring data, configuration data that we crunch through to basically detect this? >> You think there's billions of events that you look at everyday. You're already looking at a billon dollars worth of AWS spend. >> Right, right. >> So billions of events, billing, metering events every year to really figure out and optimize for them. >> So what we have here is a very popular international government organization. >> Dheeraj: Wow, so it looks like Russians are everywhere, the cloud is everywhere actually. >> Yes, it's quite popular. So when you bring your master account into Beam, we kind of detect all the linked accounts you know under that. Then you can go and take a look at not just at the organization level within it an account level. >> So these are child objects, you know. >> That's right. >> You can think of them as ephemeral accounts that you create because you don't want to be on the record when you're doing spams on Facebook for example. >> Right, let's go and take a look at what's happening inside a Facebook ad spend account. So we have you know consumption of the services. Let's go deeper into compute consumption, and you kind of see a trendline. You can do a lot of computing. As you see, looks like one campaign has ended. They started another campaign. >> Dheeraj: It looks like they're not stopping yet, man. There's a lot of money being made in Facebook right now. (Vijay laughing) >> So not only just get visibility at you know compute as a service inside a cloud provider, you can go deeper inside compute and say you know what is a service that I'm really consuming inside compute along with the CPUs n'stuff, right? What is my data transfer? You know what is my network? What is my load blancers? So essentially you get a very deeper visibility you know as a service right. Because we have three goals for Beam. How can we deliver visibility across clouds? How can we deliver visibility across services? And how can we deliver, then optimization? >> Well I think one thing that I just want to point out is how this SAS application was an extremely teachable moment for me to learn about the different resources that people could use about the public cloud. So all of you who actually have not gone deep enough into the idea of public cloud. This could be a great app for you to learn about things, the resources, you know things that you could do to save and security and things of that nature. >> Yeah. And we really believe in creating the single pane view you know to mange your optimization of a public cloud. You know as Ben spoke about as a business, you need to have freedom to use any cloud. And that's what Beam delivers. How can you make the right decision for the right workload to use any of the cloud of your choice? >> Dheeraj: How 'about databases? You talked about compute as well but are there other things we could look at? >> Vijay: Yes, let's go and take a look at database consumption. What you see here is they're using inside Facebook ad spending, they're using all databases except Oracle. >> Dheeraj: Wow, looks like Oracle sales folks have been active in Russia as well. (Vijay laughing) >> So what we're seeing here is a global view of you know what is your spend efficiency and which is kind of a scorecard for your business for the dollars that you're spending. And the great thing is Beam kind of brings together you know through its intelligence and algorithms to detect you know how can you rightsize resources and how can you eliminate things that you're not using? And we deliver and one click fix, right? Let's go and take a look at resources that are maybe provisioned for storage and not being used. We deliver the seamless one-click philosophy that Nutanix has to eliminate it. >> So one click, you can actually just pick some of these wasteful things that might be looking delightful because using public cloud, using credit cards, you can go in and just say click fix, and it takes care of things. >> Yeah, and not only remove the resources that are unused, but it can go and rightsize resources across your compute databases, load balancers, even past services, right? And this is where the power of it kind of comes for a business whether you're using on-prem and off-prem. You know how can you really converge that consumption across both? >> Dheeraj: So do you have something for Nutanix too? >> Vijay: Yes, so we have basically been working on Nutanix with something that we're going to deliver you know later this year. As you can see here, we're bringing together the consumption for the Nutanix, you know the services that you're using, the licensing and capacity that is available. And how can you also go and optimize within Nutanix environments >> That's great. >> for the next workload. Now let me quickly show you what we have on the compliance side. This is an extremely powerful thing that we've been working on for many years. What we deliver here just like in cost governance, a global view of your compliance across cloud providers. And the most powerful thing is you can go into a cloud provider, get the next level of visibility across cloud regimes for hundreds of policies. Not just policies but those policies across different regulatory compliances like HIPA, PCI, CAS. And that's very powerful because-- >> So you're saying a lot of what you folks have done is codified these compliance checks in software to make sure that people can sleep better at night knowing that it's PCI, and HIPA, and all that compliance actually comes together? >> And you can build this not just by cloud accounts, you can build them across cloud accounts which is what we call security centers. Essentially you can go and take a deeper look at you know the things. We do a whole full body scan for your cloud infrastructure whether it's AWS Amazon or Azure, and you can go and now, again, click to fix things. You know that had been probably provisioned that are violating the security compliance rules that should be there. Again, we have the same one-click philosophy to say how can you really remove things. >> So again, similar to save, you're saying you can go and fix some of these security issues by just doing one click. >> Absolutely. So the idea is how can we give our people the freedom to get visibility and use the right cloud and take the decisions instantly through one click. That's what Beam delivers you know today. And you know get really excited, and it's available at beam.nutanix.com. >> Our first SAS service, ladies and gentleman. Thank you so much for doing this, Vijay. It looks like there's going to be a talk here at 10:30. You'll talk more about the midterm elections there probably? >> Yes, so you can go and write your own security compliances as well. You know within Beam, and a lot of powerful things you can do. >> Awesome, thank you so much, Vijay. I really appreciate it. (audience clapping) So as you see, there's a lot of work that we're doing to really make multi-cloud which is a hard problem. You know think about working the whole body of it and what about cost governance? What about security compliance? Obviously what about hybrid networks, and security, and storage, you know compute, many of the things that you've actually heard from us, but we're taking it to a level where the business users can now understand the implications. A CFO's office can understand the implications of waste and delight. So what does customer success mean to us? You know again, my favorite word in a long, long time is really go and figure out how do you make you, the customer, become operationally efficient. You know there's a lot of stuff that we deliver through software that's completely uncovered. It's so latent, you don't even know you have it, but you've paid for it. So you've got to figure out what does it mean for you to really become operationally efficient, organizationally proficient. And it's really important for training, education, stuff that you know you're people might think it's so awkward to do in Nutanix, but it could've been way simpler if you just told you a place where you can go and read about it. Of course, I can just use one click here as opposed to doing things the old way. But most importantly to make it financially accountable. So the end in all this is, again, one of the things that I think about all the time in building this company because obviously there's a lot of stuff that we want to do to create orphans, you know things above the line and top line and everything else. There's also a bottom line. Delight and waste are two sides of the same coin. You know when we're talking about developers who seek delight with public cloud at the same time you're looking at IT folks who're trying to figure out governance. They're like look you know the CFOs office, the CIOs office, they're trying to figure out how to curb waste. These two things have to go hand in hand in this era of multi-cloud where we're talking about frictionless consumption but also governance that looks invisible. So I think, at the end of the day, this company will do a lot of stuff around one-click delight but also go and figure out how do you reduce waste because there's so much waste including folks there who actually own Nutanix. There's so much software entitlement. There's so much waste in the public cloud itself that if we don't go and put our arms around, it will not lead to customer success. So to talk more about this, the idea of delight and the idea of waste, I'd like to bring on board a person who I think you know many of you actually have talked about it have delightful hair but probably wasted jokes. But I think has wasted hair and delightful jokes. So ladies and gentlemen, you make the call. You're the jury. Sunil R.M.J. Potti. ("Free" by Broods) >> So that was the first time I came out from the bottom of a screen on a stage. I actually now know what it feels to be like a gopher. Who's that laughing loudly at the back? Okay, do we have the... Let's see. Okay, great. We're about 15 minutes late, so that means we're running right on time. That's normally how we roll at this conference. And we have about three customers and four demos. Like I think there's about three plus six, about nine folks coming onstage. So we'll have our own version of the parade as well on the main stage for the next 70 minutes. So let's just jump right into it. I think we've been pretty consistent in terms of our longterm plans since we started the company. And it's become a lot more clearer over the last few years about our plans to essentially make computing invisible as Dheeraj mentioned. We're doing this across multiple acts. We started with HCI. We call it making infrastructure invisible. We extended that to making data centers invisible. And then now we're in this mode of essentially extending it to converging clouds so that you can actually converge your consumption models. And so today's conference and essentially the theme that you're going to be seeing throughout the breakout sessions is about a journey towards invisible clouds, but make sure that you internalize the fact that we're investing heavily in each of the three phases. It's just not about the hybrid cloud with Nutanix, it's about actually finishing the job about making infrastructure invisible, expanding that to kind of go after the full data center, and then of course embark on some real meaningful things around invisible clouds, okay? And to start the session, I think you know the part that I wanted to make sure that we are all on the same page because most of us in the room are still probably in this phase of the journey which is about invisible infrastructure. And there the three key products and especially two of them that most of you guys know are Acropolis and Prism. And they're sort of like the bedrock of our company. You know especially Acropolis which is about the web scale architecture. Prism is about consumer grade design. And with Acropolis now being really mature. It's in the seventh year of innovation. We still have more than half of our company in terms of R and D spend still on Acropolis and Prism. So our core product is still sort of where we think we have a significant differentiation on. We're not going to let our foot off the peddle there. You know every time somebody comes to me and says look there's a new HCI render popping out or an existing HCI render out there, I ask a simple question to our customers saying show me 100 customers with 100 node deployments, and it will be very hard to find any other render out there that does the same thing. And that's the power of Acropolis the code platform. And then it's you know the fact that the velocity associated with Acropolis continues to be on a fast pace. We came out with various new capabilities in 5.5 and 5.6, and one of the most complicated things to get right was the fact to shrink our three node cluster to a one node, two node deployment. Most of you actually had requirements on remote office, branch office, or the edge that actually allowed us to kind of give us you know sort of like the impetus to kind of go design some new capabilities into our core OS to get this out. And associated with Acropolis and expanding into Prism, as you will see, the first couple of years of Prism was all about refactoring the user interface, doing a good job with automation. But more and more of the investments around Prism is going to be based on machine learning. And you've seen some variants of that over the last 12 months, and I can tell you that in the next 12 to 24 months, most of our investments around infrastructure operations are going to be driven by AI techniques starting with most of our R and D spend also going into machine-learning algorithms. So when you talk about all the enhancements that have come on with Prism whether it be formed by you know the management console changing to become much more automated, whether now we give you automatic rightsizing, anomaly detection, or a series of functionality that have gone into it, the real core sort of capabilities that we're putting into Prism and Acropolis are probably best served by looking at the quality of the product. You probably have seen this slide before. We started showing the number of nodes shipped by Nutanix two years ago at this conference. It was about 35,000 plus nodes at that time. And since then, obviously we've you know continued to grow. And we would draw this line which was about enterprise class quality. That for the number of bugs found as a percentage of nodes shipped, there's a certain line that's drawn. World class companies do about probably 2% to 3%, number of CFDs per node shipped. And we were just broken that number two years ago. And to give you guys an idea of how that curve has shown up, it's now currently at .95%. And so along with velocity, you know this focus on being true to our roots of reliability and stability continues to be, you know it's an internal challenge, but it's also some of the things that we keep a real focus on. And so between Acropolis and Prism, that's sort of like our core focus areas to sort of give us the confidence that look we have this really high bar that we're sort of keeping ourselves accountable to which is about being the most advanced enterprise cloud OS on the planet. And we will keep it this way for the next 10 years. And to complement that, over a period of time of course, we've added a series of services. So these are services not just for VMs but also for files, blocks, containers, but all being delivered in that single one-click operations fashion. And to really talk more about it, and actually probably to show you the real deal there it's my great pleasure to call our own version of Moses inside the company, most of you guys know him as Steve Poitras. Come on up, Steve. (audience clapping) (rock music) >> Thanks Sunil. >> You barely fit in that door, man. Okay, so what are we going to talk about today, Steve? >> Absolutely. So when we think about when Nutanix first got started, it was really focused around VDI deployments, smaller workloads. However over time as we've evolved the product, added additional capabilities and features, that's grown from VDI to business critical applications as well as cloud native apps. So let's go ahead and take a look. >> Sunil: And we'll start with like Oracle? >> Yeah, that's one of the key ones. So here we can see our Prism central user interface, and we can see our Thor cluster obviously speaking to the Avengers theme here. We can see this is doing right around 400,000 IOPs at around 360 microseconds latency. Now obviously Prism central allows you to mange all of your Nutanix deployments, but this is just running on one single Nutanix cluster. So if we hop over here to our explore tab, we can see we have a few categories. We have some Kubernetes, some AFS, some Xen desktop as well as Oracle RAC. Now if we hope over to Oracle RAC, we're running a SLOB workload here. So obviously with Oracle enterprise applications performance, consistency, and extremely low latency are very critical. So with this SLOB workload, we're running right around 300 microseconds of latency. >> Sunil: So this is what, how many node Oracle RAC cluster is this? >> Steve: This is a six node Oracle RAC deployment. >> Sunil: Got it. And so what has gone into the product in recent releases to kind of make this happen? >> Yeah so obviously on the hardware front, there's been a lot of evolutions in storage mediums. So with the introduction of NVME, persistent memory technologies like 3D XPoint, that's meant storage media has become a lot faster. Now to allow you to full take advantage of that, that's where we've had to do a lot of optimizations within the storage stack. So with AHV, we have what we call AHV turbo mode which allows you to full take advantage of those faster storage mediums at that much lower latency. And then obviously on the networking front, technologies such as RDMA can be leveraged to optimize that network stack. >> Got it. So that was Oracle RAC running on a you know Nutanix cluster. It used to be a big deal a couple of years ago. Now we've got many customers doing that. On the same environment though, we're going to show you is the advent of actually putting file services in the same scale out environment. And you know many of you in the audience probably know about AFS. We released it about 12 to 14 months ago. It's been one of our most popular new products of all time within Nutanix's history. And we had SMB support was for user file shares, VDI deployments, and it took awhile to bake, to get to scale and reliability. And then in the last release, in the recent release that we just shipped, we now added NFS for support so that we can no go after the full scale file server consolidation. So let's take a look at some of that stuff. >> Yep, let's do it. So hopping back over to Prism, we can see our four cluster here. Overall cluster-wide latency right around 360 microseconds. Now we'll hop down to our file server section. So here we can see we have our Next A File Server hosting right about 16.2 million files. Now if you look at our shares and exports, we can see we have a mix of different shares. So one of the shares that you see there is home directories. This is an SMB share which is actually mapped and being leveraged by our VDI desktops for home folders, user profiles, things of that nature. We can also see this Oracle backup share here which is exposed to our rack host via NFS. So RMAN is actually leveraging this to provide native database backups. >> Got it. So Oracle VMs, backup using files, or for any other file share requirements with AFS. Do we have the cluster also showing, I know, so I saw some Kubernetes as well on it. Let's talk about what we're thinking of doing there. >> Yep, let's do it. So if we think about cloud, cloud's obviously a big buzz word, so is containers in Kubernetes. So with ACS 1.0 what we did is we introduced native support for Docker integration. >> And pause there. And we screwed up. (laughing) So just like the market took a left turn on Kubernetes, obviously we realized that, and now we're working on ACS 2.0 which is what we're going to talk about, right? >> Exactly. So with ACS 2.0, we've introduced native Kubernetes support. Now when I think about Kubernetes, there's really two core areas that come to mind. The first one is around native integration. So with that, we have our Kubernetes volume integration, we're obviously doing a lot of work on the networking front, and we'll continue to push there from an integration point of view. Now the other piece is around the actual deployment of Kubernetes. When we think about a lot of Nutanix administrators or IT admins, they may have never deployed Kubernetes before, so this could be a very daunting task. And true to the Nutanix nature, we not only want to make our platform simple and intuitive, we also want to do this for any ecosystem products. So with ACS 2.0, we've simplified the full Kubernetes deployment and switching over to our ACS two interface, we can see this create cluster button. Now this actually pops up a full wizard. This wizard will actually walk you through the full deployment process, gather the necessary inputs for you, and in a matter of a few clicks and a few minutes, we have a full Kubernetes deployment fully provisioned, the masters, the workers, all the networking fully done for you, very simple and intuitive. Now if we hop back over to Prism, we can see we have this ACS2 Kubernetes category. Clicking on that, we can see we have eight instances of virtual machines. And here are Kubernetes virtual machines which have actually been deployed as part of this ACS2 installer. Now one of the nice things is it makes the IT administrator's job very simple and easy to do. The deployment straightforward monitoring and management very straightforward and simple. Now for the developer, the application architect, or engineers, they interface and interact with Kubernetes just like they would traditionally on any platform. >> Got it. So the goal of ACS is to ensure that the developer ecosystem still uses whatever tools that they are you know preferring while at that same time allowing this consolidation of containers along with VMs all on that same, single runtime, right? So that's ACS. And then if you think about where the OS is going, there's still some open space at the end. And open space has always been look if you just look at a public cloud, you look at blocks, files, containers, the most obvious sort of storage function that's left is objects. And that's the last horizon for us in completing the storage stack. And we're going to show you for the first time a preview of an upcoming product called the Acropolis Object Storage Services Stack. So let's talk a little bit about it and then maybe show the demo. >> Yeah, so just like we provided file services with AFS, block services with ABS, with OSS or Object Storage Services, we provide native object storage, compatibility and capability within the Nutanix platform. Now this provides a very simply common S3 API. So any integrations you've done with S3 especially Kubernetes, you can actually leverage that out of the box when you've deployed this. Now if we hop back over to Prism, I'll go here to my object stores menu. And here we can see we have two existing object storage instances which are running. So you can deploy however many of these as you wanted to. Now just like the Kubernetes deployment, deploying a new object instance is very simple and easy to do. So here I'll actually name this instance Thor's Hammer. >> You do know he loses it, right? He hasn't seen the movies yet. >> Yeah, I don't want any spoilers yet. So once we specified the name, we can choose our capacity. So here we'll just specify a large instance or type. Obviously this could be any amount or storage. So if you have a 200 node Nutanix cluster with petabytes worth of data, you could do that as well. Once we've selected that, we'll select our expected performance. And this is going to be the number of concurrent gets and puts. So essentially how many operations per second we want this instance to be able to facilitate. Once we've done that, the platform will actually automatically determine how many virtual machines it needs to deploy as well as the resources and specs for those. And once we've done that, we'll go ahead and click save. Now here we can see it's actually going through doing the deployment of the virtual machines, applying any necessary configuration, and in the matter of a few clicks and a few seconds, we actually have this Thor's Hammer object storage instance which is up and running. Now if we hop over to one of our existing object storage instances, we can see this has three buckets. So one for Kafka-queue, I'm actually using this for my Kafka cluster where I have right around 62 million objects all storing ProtoBus. The second one there is Spark. So I actually have a Spark cluster running on our Kubernetes deployed instance via ACS 2.0. Now this is doing analytics on top of this data using S3 as a storage backend. Now for these objects, we support native versioning, native object encryption as well as worm compliancy. So if you want to have expiry periods, retention intervals, that sort of thing, we can do all that. >> Got it. So essentially what we've just shown you is with upcoming objects as well that the same OS can now support VMs, files, objects, containers, all on the same one click operational fabric. And so that's in some way the real power of Nutanix is to still keep that consistency, scalability in place as we're covering each and every workload inside the enterprise. So before Steve gets off stage though, I wanted to talk to you guys a little bit about something that you know how many of you been to our Nutanix headquarters in San Jose, California? A few. I know there's like, I don't know, 4,000 or 5,000 people here. If you do come to the office, you know when you land in San Jose Airport on the way to longterm parking, you'll pass our office. It's that close. And if you come to the fourth floor, you know one of the cubes that's where I sit. In the cube beside me is Steve. Steve sits in the cube beside me. And when I first joined the company, three or four years ago, and Steve's if you go to his cube, it no longer looks like this, but it used to have a lot of this stuff. It was like big containers of this. I remember the first time. Since I started joking about it, he started reducing it. And then Steve eventually got married much to our surprise. (audience laughing) Much to his wife's surprise. And then he also had a baby as a bigger surprise. And if you come over to our office, and we welcome you, and you come to the fourth floor, find my cube or you'll find Steve's Cube, it now looks like this. Okay, so thanks a lot, my man. >> Cool, thank you. >> Thanks so much. (audience clapping) >> So single OS, any workload. And like Steve who's been with us for awhile, it's my great pleasure to invite one of our favorite customers, CSC Karen who's also been with us for three to four years. And I'll share some fond memories about how she's been with the company for awhile, how as partners we've really done a lot together. So without any further ado, let me bring up Karen. Come on up, Karen. (rock music) >> Thank you for having me. >> Yeah, thank you. So I remember, so how many of you guys were with Nutanix first .Next in Miami? I know there was a question like that asked last time. Not too many. You missed it. We wished we could go back to that. We wouldn't fit 3/4s of this crowd. But Karen was our first customer in the keynote in 2015. And we had just talked about that story at that time where you're just become a customer. Do you want to give us some recap of that? >> Sure. So when we made the decision to move to hyperconverged infrastructure and chose Nutanix as our partner, we rapidly started to deploy. And what I mean by that is Sunil and some of the Nutanix executives had come out to visit with us and talk about their product on a Tuesday. And on a Wednesday after making the decision, I picked up the phone and said you know what I've got to deploy for my VDI cluster. So four nodes showed up on Thursday. And from the time it was plugged in to moving over 300 VDIs and 50 terabytes of storage and turning it over for the business for use was less than three days. So it was really excellent testament to how simple it is to start, and deploy, and utilize the Nutanix infrastructure. Now part of that was the delight that we experienced from our customers after that deployment. So we got phone calls where people were saying this report it used to take so long that I'd got out and get a cup of coffee and come back, and read an article, and do some email, and then finally it would finish. Those reports are running in milliseconds now. It's one click. It's very, very simple, and we've delighted our customers. Now across that journey, we have gone from the simple workloads like VDIs to the much more complex workloads around Splunk and Hadoop. And what's really interesting about our Splunk deployment is we're handling over a billion events being logged everyday. And the deployment is smaller than what we had with a three tiered infrastructure. So when you hear people talk about waste and getting that out and getting to an invisible environment where you're just able to run it, that's what we were able to achieve both with everything that we're running from our public facing websites to the back office operations that we're using which include Splunk and even most recently our Cloudera and Hadoop infrastructure. What it does is it's got 30 crawlers that go out on the internet and start bringing data back. So it comes back with over two terabytes of data everyday. And then that environment, ingests that data, does work against it, and responds to the business. And that again is something that's smaller than what we had on traditional infrastructure, and it's faster and more stable. >> Got it. And it covers a lot of use cases as well. You want to speak a few words on that? >> So the use cases, we're 90%, 95% deployed on Nutanix, and we're covering all of our use cases. So whether that's a customer facing app or a back office application. And what are business is doing is it's handling large portfolios of data for fortune 500 companies and law firms. And these applications are all running with improved stability, reliability, and performance on the Nutanix infrastructure. >> And the plan going forward? >> So the plan going forward, you actually asked me that in Miami, and it's go global. So when we started in Miami and that first deployment, we had four nodes. We now have 283 nodes around the world, and we started with about 50 terabytes of data. We've now got 3.8 petabytes of data. And we're deployed across four data centers and six remote offices. And people ask me often what is the value that we achieved? So simplification. It's all just easier, and it's all less expensive. Being able to scale with the business. So our Cloudera environment ended up with one day where it spiked to 1,000 times more load, 1,000 times, and it just responded. We had rally cries around improved productivity by six times. So 600% improved productivity, and we were able to actually achieve that. The numbers you just saw on the slide that was very, very fast was we calculated a 40% reduction in total cost of ownership. We've exceeded that. And when we talk about waste, that other number on the board there is when I saved the company one hour of maintenance activity or unplanned downtime in a month which we're now able to do the majority of our maintenance activities without disrupting any of our business solutions, I'm saving $750,000 each time I save that one hour. >> Wow. All right, Karen from CSE. Thank you so much. That was great. Thank you. I mean you know some of these data points frankly as I started talking to Karen as well as some other customers are pretty amazing in terms of the genuine value beyond financial value. Kind of like the emotional sort of benefits that good products deliver to some of our customers. And I think that's one of the core things that we take back into engineering is to keep ourselves honest on either velocity or quality even hiring people and so forth. Is to actually the more we touch customers lives, the more we touch our partner's lives, the more it allows us to ensure that we can put ourselves in their shoes to kind of make sure that we're doing the right thing in terms of the product. So that was the first part, invisible infrastructure. And our goal, as we've always talked about, our true North is to make sure that this single OS can be an exact replica, a truly modern, thoughtful but original design that brings the power of public cloud this AWS or GCP like architectures into your mainstream enterprises. And so when we take that to the next level which is about expanding the scope to go beyond invisible infrastructure to invisible data centers, it starts with a few things. Obviously, it starts with virtualization and a level of intelligent management, extends to automation, and then as we'll talk about, we have to embark on encompassing the network. And that's what we'll talk about with Flow. But to start this, let me again go back to one of our core products which is the bedrock of our you know opinionated design inside this company which is Prism and Acropolis. And Prism provides, I mentioned, comes with a ton of machine-learning based intelligence built into the product in 5.6 we've done a ton of work. In fact, a lot of features are coming out now because now that PC, Prism Central that you know has been decoupled from our mainstream release strain and will continue to release on its own cadence. And the same thing when you actually flip it to AHV on its own train. Now AHV, two years ago it was all about can I use AHV for VDI? Can I use AHV for ROBO? Now I'm pretty clear about where you cannot use AHV. If you need memory overcome it, stay with VMware or something. If you need, you know Metro, stay with another technology, else it's game on, right? And if you really look at the adoption of AHV in the mainstream enterprise, the customers now speak for themselves. These are all examples of large global enterprises with multimillion dollar ELAs in play that have now been switched over. Like I'll give you a simple example here, and there's lots of these that I'm sure many of you who are in the audience that are in this camp, but when you look at the breakout sessions in the pods, you'll get a sense of this. But I'll give you one simple example. If you look at the online payment company. I'm pretty sure everybody's used this at one time or the other. They had the world's largest private cloud on open stack, 21,000 nodes. And they were actually public about it three or four years ago. And in the last year and a half, they put us through a rigorous VOC testing scale, hardening, and it's a full blown AHV only stack. And they've started cutting over. Obviously they're not there yet completely, but they're now literally in hundreds of nodes of deployment of Nutanix with AHV as their primary operating system. So it is primetime from a deployment perspective. And with that as the base, no cloud is complete without actually having self-service provisioning that truly drives one-click automation, and can you do that in this consumer grade design? And Calm was acquired, as you guys know, in 2016. We had a choice of taking Calm. It was reasonably feature complete. It supported multiple clouds. It supported ESX, it supported Brownfield, It supported AHV. I mean they'd already done the integration with Nutanix even before the acquisition. And we had a choice. The choice was go down the path of dynamic ops or some other products where you took it for revenue or for acceleration, you plopped it into the ecosystem and sold it at this power sucking alien on top of our stack, right? Or we took a step back, re-engineered the product, kept some of the core essence like the workflow engine which was good, the automation, the object model and all, but refactored it to make it look like a natural extension of our operating system. And that's what we did with Calm. And we just launched it in December, and it's been one of our most popular new products now that's flying off the shelves. If you saw the number of registrants, I got a notification of this for the breakout sessions, the number one session that has been preregistered with over 500 people, the first two sessions are around Calm. And justifiably so because it just as it lives up to its promise, and it'll take its time to kind of get to all the bells and whistles, all the capabilities that have come through with AHV or Acropolis in the past. But the feature functionality, the product market fit associated with Calm is dead on from what the feedback that we can receive. And so Calm itself is on its own rapid cadence. We had AWS and AHV in the first release. Three or four months later, we now added ESX support. We added GCP support and a whole bunch of other capabilities, and I think the essence of Calm is if you can combine Calm and along with private cloud automation but also extend it to multi-cloud automation, it really sets Nutanix on its first genuine path towards multi-cloud. But then, as I said, if you really fixate on a software defined data center message, we're not complete as a full blown AWS or GCP like IA stack until we do the last horizon of networking. And you probably heard me say this before. You heard Dheeraj and others talk about it before is our problem in networking isn't the same in storage. Because the data plane in networking works. Good L2 switches from Cisco, Arista, and so forth, but the real problem networking is in the control plane. When something goes wrong at a VM level in Nutanix, you're able to identify whether it's a storage problem or a compute problem, but we don't know whether it's a VLAN that's mis-configured, or there've been some packets dropped at the top of the rack. Well that all ends now with Flow. And with Flow, essentially what we've now done is take the work that we've been working on to create built-in visibility, put some network automation so that you can actually provision VLANs when you provision VMs. And then augment it with micro segmentation policies all built in this easy to use, consume fashion. But we didn't stop there because we've been talking about Flow, at least the capabilities, over the last year. We spent significant resources building it. But we realized that we needed an additional thing to augment its value because the world of applications especially discovering application topologies is a heady problem. And if we didn't address that, we wouldn't be fulfilling on this ambition of providing one-click network segmentation. And so that's where Netsil comes in. Netsil might seem on the surface yet another next generation application performance management tool. But the innovations that came from Netsil started off at the research project at the University of Pennsylvania. And in fact, most of the team right now that's at Nutanix is from the U Penn research group. And they took a really original, fresh look at how do you sit in a network in a scale out fashion but still reverse engineer the packets, the flow through you, and then recreate this application topology. And recreate this not just on Nutanix, but do it seamlessly across multiple clouds. And to talk about the power of Flow augmented with Netsil, let's bring Rajiv back on stage, Rajiv. >> How you doing? >> Okay so we're going to start with some Netsil stuff, right? >> Yeah, let's talk about Netsil and some of the amazing capabilities this acquisition's bringing to Nutanix. First of all as you mentioned, Netsil's completely non invasive. So it installs on the network, it does all its magic from there. There're no host agents, non of the complexity and compatibility issues that entails. It's also monitoring the network at layer seven. So it's actually doing a deep packet inspection on all your application data, and can give you insights into services and APIs which is very important for modern applications and the way they behave. To do all this of course performance is key. So Netsil's built around a completely distributed architecture scaled to really large workloads. Very exciting technology. We're going to use it in many different ways at Nutanix. And to give you a flavor of that, let me show you how we're thinking of integrating Flow and Nestil together, so micro segmentation and Netsil. So to do that, we install Netsil in one of our Google accounts. And that's what's up here now. It went out there. It discovered all the VMs we're running on that account. It created a map essentially of all their interactions, and you can see it's like a Google Maps view. I can zoom into it. I can look at various things running. I can see lots of HTTP servers over here, some databases. >> Sunil: And it also has stats, right? You can go, it actually-- >> It does. We can take a look at that for a second. There are some stats you can look at right away here. Things like transactions per second and latencies and so on. But if I wanted to micro segment this application, it's not really clear how to do so. There's no real pattern over here. Taking the Google Maps analogy a little further, this kind of looks like the backstreets of Cairo or something. So let's do this step by step. Let me first filter down to one application. Right now I'm looking at about three or four different applications. And Netsil integrates with the metadata. So this is that the clouds provide. So I can search all the tags that I have. So by doing that, I can zoom in on just the financial application. And when I do this, the view gets a little bit simpler, but there's still no real pattern. It's not clear how to micro segment this, right? And this is where the power of Netsil comes in. This is a fairly naive view. This is what tool operating at layer four just looking at ports and TCP traffic would give you. But by doing deep packet inspection, Netsil can get into the services layer. So instead of grouping these interactions by hostname, let's group them by service. So you go service tier. And now you can see this is a much simpler picture. Now I have some patterns. I have a couple of load balancers, an HA proxy and an Nginx. I have a web application front end. I have some application servers running authentication services, search services, et cetera, a database, and a database replica. I could go ahead and micro segment at this point. It's quite possible to do it at this point. But this is almost too granular a view. We actually don't usually want to micro segment at individual service level. You think more in terms of application tiers, the tiers that different services belong to. So let me go ahead and group this differently. Let me group this by app tier. And when I do that, a really simple picture emerges. I have a load balancing tier talking to a web application front end tier, an API tier, and a database tier. Four tiers in my application. And this is something I can work with. This is something that I can micro segment fairly easily. So let's switch over to-- >> Before we dot that though, do you guys see how he gave himself the pseudonym called Dom Toretto? >> Focus Sunil, focus. >> Yeah, for those guys, you know that's not the Avengers theme, man, that's the Fast and Furious theme. >> Rajiv: I think a year ahead. This is next years theme. >> Got it, okay. So before we cut over from Netsil to Flow, do we want to talk a few words about the power of Flow, and what's available in 5.6? >> Sure so Flow's been around since the 5.6 release. Actually some of the functionality came in before that. So it's got invisibility into the network. It helps you debug problems with WLANs and so on. We had a lot of orchestration with other third party vendors with load balancers, with switches to make publishing much simpler. And then of course with our most recent release, we GA'ed our micro segmentation capabilities. And that of course is the most important feature we have in Flow right now. And if you look at how Flow policy is set up, it looks very similar to what we just saw with Netsil. So we have load blancer talking to a web app, API, database. It's almost identical to what we saw just a moment ago. So while this policy was created manually, it is something that we can automate. And it is something that we will do in future releases. Right now, it's of course not been integrated at that level yet. So this was created manually. So one thing you'll notice over here is that the database tier doesn't get any direct traffic from the internet. All internet traffic goes to the load balancer, only specific services then talk to the database. So this policy right now is in monitoring mode. It's not actually being enforced. So let's see what happens if I try to attack the database, I start a hack against the database. And I have my trusty brute force password script over here. It's trying the most common passwords against the database. And if I happen to choose a dictionary word or left the default passwords on, eventually it will log into the database. And when I go back over here in Flow what happens is it actually detects there's now an ongoing a flow, a flow that's outside of policy that's shown up. And it shows this in yellow. So right alongside the policy, I can visualize all the noncompliant flows. This makes it really easy for me now to make decisions, does this flow should it be part of the policy, should it not? In this particular case, obviously it should not be part of the policy. So let me just switch from monitoring mode to enforcement mode. I'll apply the policy, give it a second to propagate. The flow goes away. And if I go back to my script, you can see now the socket's timing out. I can no longer connect to the database. >> Sunil: Got it. So that's like one click segmentation and play right now? >> Absolutely. It's really, really simple. You can compare it to other products in the space. You can't get simpler than this. >> Got it. Why don't we got back and talk a little bit more about, so that's Flow. It's shipping now in 5.6 obviously. It'll come integrated with Netsil functionality as well as a variety of other enhancements in that next few releases. But Netsil does more than just simple topology discovery, right? >> Absolutely. So Netsil's actually gathering a lot of metrics from your network, from your host, all this goes through a data pipeline. It gets processed over there and then gets captured in a time series database. And then we can slice and dice that in various different ways. It can be used for all kinds of insights. So let's see how our application's behaving. So let me say I want to go into the API layer over here. And I instantly get a variety of metrics on how the application's behaving. I get the most requested endpoints. I get the average latency. It looks reasonably good. I get the average latency of the slowest endpoints. If I was having a performance problem, I would know exactly where to go focus on. Right now, things look very good, so we won't focus on that. But scrolling back up, I notice that we have a fairly high error rate happening. We have like 11.35% of our HTTP requests are generating errors, and that deserves some attention. And if I scroll down again, and I see the top five status codes I'm getting, almost 10% of my requests are generating 500 errors, HTTP 500 errors which are internal server errors. So there's something going on that's wrong with this application. So let's dig a little bit deeper into that. Let me go into my analytics workbench over here. And what I've plotted over here is how my HTTP requests are behaving over time. Let me filter down to just the 500 ones. That will make it easier. And I want the 500s. And I'll also group this by the service tier so that I can see which services are causing the problem. And the better view for this would be a bar graph. Yes, so once I do this, you can see that all the errors, all the 500 errors that we're seeing have been caused by the authentication service. So something's obviously wrong with that part of my application. I can go look at whether Active Directory is misbehaving and so on. So very quickly from a broad problem that I was getting a high HTTP error rate. In fact, usually you will discover there's this customer complaining about a lot of errors happening in your application. You can quickly narrow down to exactly what the cause was. >> Got it. This is what we mean by hyperconvergence of the network which is if you can truly isolate network related problems and associate them with the rest of the hyperconvergence infrastructure, then we've essentially started making real progress towards the next level of hyperconvergence. Anyway, thanks a lot, man. Great job. >> Thanks, man. (audience clapping) >> So to talk about this evolution from invisible infrastructure to invisible data centers is another customer of ours that has embarked on this journey. And you know it's not just using Nutanix but a variety of other tools to actually fulfill sort of like the ambition of a full blown cloud stack within a financial organization. And to talk more about that, let me call Vijay onstage. Come on up, Vijay. (rock music) >> Hey. >> Thank you, sir. So Vijay looks way better in real life than in a picture by the way. >> Except a little bit of gray. >> Unlike me. So tell me a little bit about this cloud initiative. >> Yeah. So we've won the best cloud initiative twice now hosted by Incisive media a large magazine. It's basically they host a bunch of you know various buy side, sell side, and you can submit projects in various categories. So we've won the best cloud twice now, 2015 and 2017. The 2017 award is when you know as part of our private cloud journey we were laying the foundation for our private cloud which is 100% based on hyperconverged infrastructure. So that was that award. And then 2017, we've kind of built on that foundation and built more developer-centric next gen app services like PAS, CAS, SDN, SDS, CICD, et cetera. So we've built a lot of those services on, and the second award was really related to that. >> Got it. And a lot of this was obviously based on an infrastructure strategy with some guiding principles that you guys had about three or four years ago if I remember. >> Yeah, this is a great slide. I use it very often. At the core of our infrastructure strategy is how do we run IT as a business? I talk about this with my teams, they were very familiar with this. That's the mindset that I instill within the teams. The mission, the challenge is the same which is how do we scale infrastructure while reducing total cost of ownership, improving time to market, improving client experience and while we're doing that not lose sight of reliability, stability, and security? That's the mission. Those are some of our guiding principles. Whenever we take on some large technology investments, we take 'em through those lenses. Obviously Nutanix went through those lenses when we invested in you guys many, many years ago. And you guys checked all the boxes. And you know initiatives change year on year, the mission remains the same. And more recently, the last few years, we've been focused on converged platforms, converged teams. We've actually reorganized our teams and aligned them closer to the platforms moving closer to an SRE like concept. >> And then you've built out a full stack now across computer storage, networking, all the way with various use cases in play? >> Yeah, and we're aggressively moving towards PAS, CAS as our method of either developing brand new cloud native applications or even containerizing existing applications. So the stack you know obviously built on Nutanix, SDS for software fine storage, compute and networking we've got SDN turned on. We've got, again, PAS and CAS built on this platform. And then finally, we've hooked our CICD tooling onto this. And again, the big picture was always frictionless infrastructure which we're very close to now. You know 100% of our code deployments into this environment are automated. >> Got it. And so what's the net, net in terms of obviously the business takeaway here? >> Yeah so at Northern we don't do tech for tech. It has to be some business benefits, client benefits. There has to be some outcomes that we measure ourselves against, and these are some great metrics or great ways to look at if we're getting the outcomes from the investments we're making. So for example, infrastructure scale while reducing total cost of ownership. We're very focused on total cost of ownership. We, for example, there was a build team that was very focus on building servers, deploying applications. That team's gone down from I think 40, 45 people to about 15 people as one example, one metric. Another metric for reducing TCO is we've been able to absorb additional capacity without increasing operating expenses. So you're actually building capacity in scale within your operating model. So that's another example. Another example, right here you see on the screen. Faster time to market. We've got various types of applications at any given point that we're deploying. There's a next gen cloud native which go directly on PAS. But then a majority of the applications still need the traditional IS components. The time to market to deploy a complex multi environment, multi data center application, we've taken that down by 60%. So we can deliver server same day, but we can deliver entire environments, you know add it to backup, add it to DNS, and fully compliant within a couple of weeks which is you know something we measure very closely. >> Great job, man. I mean that's a compelling I think results. And in the journey obviously you got promoted a few times. >> Yep. >> All right, congratulations again. >> Thank you. >> Thanks Vijay. >> Hey Vijay, come back here. Actually we forgot our joke. So razzled by his data points there. So you're supposed to wear some shoes, right? >> I know my inner glitch. I was going to wear those sneakers, but I forgot them at the office maybe for the right reasons. But the story behind those florescent sneakers, I see they're focused on my shoes. But I picked those up two years ago at a Next event, and not my style. I took 'em to my office. They've been sitting in my office for the last couple years. >> Who's received shoes like these by the way? I'm sure you guys have received shoes like these. There's some real fans there. >> So again, I'm sure many of you liked them. I had 'em in my office. I've offered it to so many of my engineers. Are you size 11? Do you want these? And they're unclaimed? >> So that's the only feature of Nutanix that you-- >> That's the only thing that hasn't worked, other than that things are going extremely well. >> Good job, man. Thanks a lot. >> Thanks. >> Thanks Vijay. So as we get to the final phase which is obviously as we embark on this multi-cloud journey and the complexity that comes with it which Dheeraj hinted towards in his session. You know we have to take a cautious, thoughtful approach here because we don't want to over set expectations because this will take us five, 10 years to really do a good job like we've done in the first act. And the good news is that the market is also really, really early here. It's just a fact. And so we've taken a tiered approach to it as we'll start the discussion with multi-cloud operations, and we've talked about the stack in the prior session which is about look across new clouds. So it's no longer Nutanix, Dell, Lenova, HP, Cisco as the new quote, unquote platforms. It's Nutanix, Xi, GCP, AWS, Azure as the new platforms. That's how we're designing the fabric going forward. On top of that, you obviously have the hybrid OS both on the data plane side and control plane side. Then what you're seeing with the advent of Calm doing a marketplace and automation as well as Beam doing governance and compliance is the fact that you'll see more and more such capabilities of multi-cloud operations burnt into the platform. And example of that is Calm with the new 5.7 release that they had. Launch supports multiple clouds both inside and outside, but the fundamental premise of Calm in the multi-cloud use case is to enable you to choose the right cloud for the right workload. That's the automation part. On the governance part, and this we kind of went through in the last half an hour with Dheeraj and Vijay on stage is something that's even more, if I can call it, you know first order because you get the provisioning and operations second. The first order is to say look whatever my developers have consumed off public cloud, I just need to first get our arm around to make sure that you know what am I spending, am I secure, and then when I get comfortable, then I am able to actually expand on it. And that's the power of Beam. And both Beam and Calm will be the yin and yang for us in our multi-cloud portfolio. And we'll have new products to complement that down the road, right? But along the way, that's the whole private cloud, public cloud. They're the two ends of the barbell, and over time, and we've been working on Xi for awhile, is this conviction that we've built talking to many customers that there needs to be another type of cloud. And this type of a cloud has to feel like a public cloud. It has to be architected like a public cloud, be consumed like a public cloud, but it needs to be an extension of my data center. It should not require any changes to my tooling. It should not require and changes to my operational infrastructure, and it should not require lift and shift, and that's a super hard problem. And this problem is something that a chunk of our R and D team has been burning the midnight wick on for the last year and a half. Because look this is not about taking our current OS which does a good job of scaling and plopping it into a Equinix or a third party data center and calling it a hybrid cloud. This is about rebuilding things in the OS so that we can deliver a true hybrid cloud, but at the same time, give those functionality back on premises so that even if you don't have a hybrid cloud, if you just have your own data centers, you'll still need new services like DR. And if you think about it, what are we doing? We're building a full blown multi-tenant virtual network designed in a modern way. Think about this SDN 2.0 because we have 10 years worth of looking backwards on how GCP has done it, or how Amazon has done it, and now sort of embodying some of that so that we can actually give it as part of this cloud, but do it in a way that's a seamless extension of the data center, and then at the same time, provide new services that have never been delivered before. Everyone obviously does failover and failback in DR it just takes months to do it. Our goal is to do it in hours or minutes. But even things such as test. Imagine doing a DR test on demand for you business needs in the middle of the day. And that's the real bar that we've set for Xi that we are working towards in early access later this summer with GA later in the year. And to talk more about this, let me invite some of our core architects working on it, Melina and Rajiv. (rock music) Good to see you guys. >> You're messing up the names again. >> Oh Rajiv, Vinny, same thing, man. >> You need to back up your memory from Xi. >> Yeah, we should. Okay, so what are we going to talk about, Vinny? >> Yeah, exactly. So today we're going to talk about how Xi is pushing the envelope and beyond the state of the art as you were saying in the industry. As part of that, there's a whole bunch of things that we have done starting with taking a private cloud, seamlessly extending it to the public cloud, and then creating a hybrid cloud experience with one-click delight. We're going to show that. We've done a whole bunch of engineering work on making sure the operations and the tooling is identical on both sides. When you graduate from a private cloud to a hybrid cloud environment, you don't want the environments to be different. So we've copied the environment for you with zero manual intervention. And finally, building on top of that, we are delivering DR as a service with unprecedented simplicity with one-click failover, one-click failback. We're going to show you one click test today. So Melina, why don't we start with showing how you go from a private cloud, seamlessly extend it to consume Xi. >> Sounds good, thanks Vinny. Right now, you're looking at my Prism interface for my on premises cluster. In one-click, I'm going to be able to extend that to my Xi cloud services account. I'm doing this using my my Nutanix credential and a password manager. >> Vinny: So here as you notice all the Nutanix customers we have today, we have created an account for them in Xi by default. So you don't have to log in somewhere and create an account. It's there by default. >> Melina: And just like that we've gone ahead and extended my data center. But let's go take a look at the Xi side and log in again with my my Nutanix credentials. We'll see what we have over here. We're going to be able to see two availability zones, one for on premises and one for Xi right here. >> Vinny: Yeah as you see, using a log in account that you already knew mynutanix.com and 30 seconds in, you can see that you have a hybrid cloud view already. You have a private cloud availability zone that's your own Prism central data center view, and then a Xi availability zone. >> Sunil: Got it. >> Melina: Exactly. But of course we want to extend my network connection from on premises to my Xi networks as well. So let's take a look at our options there. We have two ways of doing this. Both are one-click experience. With direct connect, you can create a dedicated network connection between both environments, or VPN you can use a public internet and a VPN service. Let's go ahead and enable VPN in this environment. Here we have two options for how we want to enable our VPN. We can bring our own VPN and connect it, or we will deploy a VPN for you on premises. We'll do the option where we deploy the VPN in one-click. >> And this is another small sign or feature that we're building net new as part of Xi, but will be burned into our core Acropolis OS so that we can also be delivering this as a stand alone product for on premises deployment as well, right? So that's one of the other things to note as you guys look at the Xi functionality. The goal is to keep the OS capabilities the same on both sides. So even if I'm building a quote, unquote multi data center cloud, but it's just a private cloud, you'll still get all the benefits of Xi but in house. >> Exactly. And on this second step of the wizard, there's a few inputs around how you want the gateway configured, your VLAN information and routing and protocol configuration details. Let's go ahead and save it. >> Vinny: So right now, you know what's happening is we're taking the private network that our customers have on premises and extending it to a multi-tenant public cloud such that our customers can use their IP addresses, the subnets, and bring their own IP. And that is another step towards making sure the operation and tooling is kept consistent on both sides. >> Melina: Exactly. And just while you guys were talking, the VPN was successfully created on premises. And we can see the details right here. You can track details like the status of the connection, the gateway, as well as bandwidth information right in the same UI. >> Vinny: And networking is just tip of the iceberg of what we've had to work on to make sure that you get a consistent experience on both sides. So Melina, why don't we show some of the other things we've done? >> Melina: Sure, to talk about how we preserve entities from my on-premises to Xi, it's better to use my production environment. And first thing you might notice is the log in screen's a little bit different. But that's because I'm logging in using my ADFS credentials. The first thing we preserved was our users. In production, I'm running AD obviously on-prem. And now we can log in here with the same set of credentials. Let me just refresh this. >> And this is the Active Directory credential that our customers would have. They use it on-premises. And we allow the setting to be set on the Xi cloud services as well, so it's the same set of users that can access both sides. >> Got it. There's always going to be some networking problem onstage. It's meant to happen. >> There you go. >> Just launching it again here. I think it maybe timed out. This is a good sign that we're running on time with this presentation. >> Yeah, yeah, we're running ahead of time. >> Move the demos quicker, then we'll time out. So essentially when you log into Xi, you'll be able to see what are the environment capabilities that we have copied to the Xi environment. So for example, you just saw that the same user is being used to log in. But after the use logs in, you'll be able to see their images, for example, copied to the Xi side. You'll be able to see their policies and categories. You know when you define these policies on premises, you spend a lot of effort and create them. And now when you're extending to the public cloud, you don't want to do it again, right? So we've done a whole lot of syncing mechanisms making sure that the two sides are consistent. >> Got it. And on top of these policies, the next step is to also show capabilities to actually do failover and failback, but also do integrated testing as part of this compatibility. >> So one is you know just the basic job of making the environments consistent on two sides, but then it's also now talking about the data part, and that's what DR is about. So if you have a workload running on premises, we can take the data and replicate it using your policies that we've already synced. Once the data is available on the Xi side, at that point, you have to define a run book. And the run book essentially it's a recovery plan. And that says okay I already have the backups of my VMs in case of disaster. I can take my recovery plan and hit you know either failover or maybe a test. And then my application comes up. First of all, you'll talk about the boot order for your VMs to come up. You'll talk about networking mapping. Like when I'm running on-prem, you're using a particular subnet. You have an option of using the same subnet on the Xi side. >> Melina: There you go. >> What happened? >> Sunil: It's finally working.? >> Melina: Yeah. >> Vinny, you can stop talking. (audience clapping) By the way, this is logging into a live Xi data center. We have two regions West Coat, two data centers East Coast, two data centers. So everything that you're seeing is essentially coming off the mainstream Xi profile. >> Vinny: Melina, why don't we show the recovery plan. That's the most interesting piece here. >> Sure. The recovery plan is set up to help you specify how you want to recover your applications in the event of a failover or a test failover. And it specifies all sorts of details like the boot sequence for the VMs as well as network mappings. Some of the network mappings are things like the production network I have running on premises and how it maps to my production network on Xi or the test network to the test network. What's really cool here though is we're actually automatically creating your subnets on Xi from your on premises subnets. All that's part of the recovery plan. While we're on the screen, take a note of the .100 IP address. That's a floating IP address that I have set up to ensure that I'm going to be able to access my three tier web app that I have protected with this plan after a failover. So I'll be able to access it from the public internet really easily from my phone or check that it's all running. >> Right, so given how we make the environment consistent on both sides, now we're able to create a very simple DR experience including failover in one-click, failback. But we're going to show you test now. So Melina, let's talk about test because that's one of the most common operations you would do. Like some of our customers do it every month. But usually it's very hard. So let's see how the experience looks like in what we built. >> Sure. Test and failover are both one-click experiences as you know and come to expect from Nutanix. You can see it's failing over from my primary location to my recovery location. Now what we're doing right now is we're running a series of validation checks because we want to make sure that you have your network configured properly, and there's other configuration details in place for the test to be successful. Looks like the failover was initiated successfully. Now while that failover's happening though, let's make sure that I'm going to be able to access my three tier web app once it fails over. We'll do that by looking at my network policies that I've configured on my test network. Because I want to access the application from the public internet but only port 80. And if we look here under our policies, you can see I have port 80 open to permit. So that's good. And if I needed to create a new one, I could in one click. But it looks like we're good to go. Let's go back and check the status of my recovery plan. We click in, and what's really cool here is you can actually see the individual tasks as they're being completed from that initial validation test to individual VMs being powered on as part of the recovery plan. >> And to give you guys an idea behind the scenes, the entire recovery plan is actually a set of workflows that are built on Calm's automation engine. So this is an example of where we're taking some of power of workflow and automation that Clam has come to be really strong at and burning that into how we actually operationalize many of these workflows for Xi. >> And so great, while you were explaining that, my three tier web app has restarted here on Xi right in front of you. And you can see here there's a floating IP that I mentioned early that .100 IP address. But let's go ahead and launch the console and make sure the application started up correctly. >> Vinny: Yeah, so that .100 IP address is a floating IP that's a publicly visible IP. So it's listed here, 206.80.146.100. And that's essentially anybody in the audience here can go use your laptop or your cell phone and hit that and start to work. >> Yeah so by the way, just to give you guys an idea while you guys maybe use the IP to kind of hit it, is a real set of VMs that we've just failed over from Nutanix's corporate data center into our West region. >> And this is running live on the Xi cloud. >> Yeah, you guys should all go and vote. I'm a little biased towards Xi, so vote for Xi. But all of them are really good features. >> Scroll up a little bit. Let's see where Xi is. >> Oh Xi's here. I'll scroll down a little bit, but keep the... >> Vinny: Yes. >> Sunil: You guys written a block or something? >> Melina: Oh good, it looks like Xi's winning. >> Sunil: Okay, great job, Melina. Thank you so much. >> Thank you, Melina. >> Melina: Thanks. >> Thank you, great job. Cool and calm under pressure. That's good. So that was Xi. What's something that you know we've been doing around you know in addition to taking say our own extended enterprise public cloud with Xi. You know we do recognize that there are a ton of workloads that are going to be residing on AWS, GCP, Azure. And to sort of really assist in the try and call it transformation of enterprises to choose the right cloud for the right workload. If you guys remember, we actually invested in a tool over last year which became actually quite like one of those products that took off based on you know groundswell movement. Most of you guys started using it. It's essentially extract for VMs. And it was this product that's obviously free. It's a tool. But it enables customers to really save tons of time to actually migrate from legacy environments to Nutanix. So we took that same framework, obviously re-platformed it for the multi-cloud world to kind of solve the problem of migrating from AWS or GCP to Nutanix or vice versa. >> Right, so you know, Sunil as you said, moving from a private cloud to the public cloud is a lift and shift, and it's a hard you know operation. But moving back is not only expensive, it's a very hard problem. None of the cloud vendors provide change block tracking capability. And what that means is when you have to move back from the cloud, you have an extended period of downtime because there's now way of figuring out what's changing while you're moving. So you have to keep it down. So what we've done with our app mobility product is we have made sure that, one, it's extremely simple to move back. Two, that the downtime that you'll have is as small as possible. So let me show you what we've done. >> Got it. >> So here is our app mobility capability. As you can see, on the left hand side we have a source environment and target environment. So I'm calling my AWS environment Asgard. And I can add more environments. It's very simple. I can select AWS and then put in my credentials for AWS. It essentially goes and discovers all the VMs that are running and all the regions that they're running. Target environment, this is my Nutanix environment. I call it Earth. And I can add target environment similarly, IP address and credentials, and we do the rest. Right, okay. Now migration plans. I have Bifrost one as my migration plan, and this is how migration works. First you create a plan and then say start seeding. And what it does is takes a snapshot of what's running in the cloud and starts migrating it to on-prem. Once it is an on-prem and the difference between the two sides is minimal, it says I'm ready to cutover. At that time, you move it. But let me show you how you'd create a new migration plan. So let me name it, Bifrost 2. Okay so what I have to do is select a region, so US West 1, and target Earth as my cluster. This is my storage container there. And very quickly you can see these are the VMs that are running in US West 1 in AWS. I can select SQL server one and two, go to next. Right now it's looking at the target Nutanix environment and seeing it had enough space or not. Once that's good, it gives me an option. And this is the step where it enables the Nutanix service of change block tracking overlaid on top of the cloud. There are two options one is automatic where you'll give us the credentials for your VMs, and we'll inject our capability there. Or manually you could do. You could copy the command either in a windows VM or Linux VM and run it once on the VM. And change block tracking since then in enabled. Everything is seamless after that. Hit next. >> And while Vinny's setting it up, he said a few things there. I don't know if you guys caught it. One of the hardest problems in enabling seamless migration from public cloud to on-prem which makes it harder than the other way around is the fact that public cloud doesn't have things like change block tracking. You can't get delta copies. So one of the core innovations being built in this app mobility product is to provide that overlay capability across multiple clouds. >> Yeah, and the last step here was to select the target network where the VMs will come up on the Nutanix environment, and this is a summary of the migration plan. You can start it or just save it. I'm saving it because it takes time to do the seeding. I have the other plan which I'll actually show the cutover with. Okay so now this is Bifrost 1. It's ready to cutover. We started it four hours ago. And here you can see there's a SQL server 003. Okay, now I would like to show the AWS environment. As you can see, SQL server 003. This VM is actually running in AWS right now. And if you go to the Prism environment, and if my login works, right? So we can go into the virtual machine view, tables, and you see the VM is not there. Okay, so we go back to this, and we can hit cutover. So this is essentially telling our system, okay now it the time. Quiesce the VM running in AWS, take the last bit of changes that you have to the database, ship it to on-prem, and in on-prem now start you know configure the target VM and start bringing it up. So let's go and look at AWS and refresh that screen. And you should see, okay so the SQL server is now stopping. So that means it has quiesced and stopping the VM there. If you go back and look at the migration plan that we had, it says it's completed. So it has actually migrated all the data to the on-prem side. Go here on-prem, you see the production SQL server is running already. I can click launch console, and let's see. The Windows VM is already booting up. >> So essentially what Vinny just showed was a live cutover of an AWS VM to Nutanix on-premises. >> Yeah, and what we have done. (audience clapping) So essentially, this is about making two things possible, making it simple to migrate from cloud to on-prem, and making it painless so that the downtime you have is very minimal. >> Got it, great job, Vinny. I won't forget your name again. So last step. So to really talk about this, one of our favorite partners and customers has been in the cloud environment for a long time. And you know Jason who's the CTO of Cyxtera. And he'll introduce who Cyxtera is. Most of you guys are probably either using their assets or not without knowing their you know the new name. But is someone that was in the cloud before it was called cloud as one of the original founders and technologists behind Terremark, and then later as one of the chief architects of VMware's cloud. And then they started this new company about a year or so ago which I'll let Jason talk about. This journey that he's going to talk about is how a partner, slash customer is working with us to deliver net new transformations around the traditional industry of colo. Okay, to talk more about it, Jason, why don't you come up on stage, man? (rock music) Thank you, sir. All right so Cyxtera obviously a lot of people don't know the name. Maybe just give a 10 second summary of why you're so big already. >> Sure, so Cyxtera was formed, as you said, about a year ago through the acquisition of the CenturyLink data centers. >> Sunil: Which includes Savvis and a whole bunch of other assets. >> Yeah, there's a long history of those data centers, but we have all of them now as well as the software companies owned by Medina capital. So we're like the world's biggest startup now. So we have over 50 data centers around the world, about 3,500 customers, and a portfolio of security and analytics software. >> Sunil: Got it, and so you have this strategy of what we're calling revolutionizing colo deliver a cloud based-- >> Yeah so, colo hasn't really changed a lot in the last 20 years. And to be fair, a lot of what happens in data centers has to have a person physically go and do it. But there are some things that we can simplify and automate. So we want to make things more software driven, so that's what we're doing with the Cyxtera extensible data center or CXD. And to do that, we're deploying software defined networks in our facilities and developing automations so customers can go and provision data center services and the network connectivity through a portal or through REST APIs. >> Got it, and what's different now? I know there's a whole bunch of benefits with the integrated platform that one would not get in the traditional kind of on demand data center environment. >> Sure. So one of the first services we're launching on CXD is compute on demand, and it's powered by Nutanix. And we had to pick an HCI partner to launch with. And we looked at players in the space. And as you mentioned, there's actually a lot of them, more than I thought. And we had a lot of conversations, did a lot of testing in the lab, and Nutanix really stood out as the best choice. You know Nutanix has a lot of focus on things like ease of deployment. So it's very simple for us to automate deploying compute for customers. So we can use foundation APIs to go configure the servers, and then we turn those over to the customer which they can then manage through Prism. And something important to keep in mind here is that you know this isn't a manged service. This isn't infrastructure as a service. The customer has complete control over the Nutanix platform. So we're turning that over to them. It's connected to their network. They're using their IP addresses, you know their tools and processes to operate this. So it was really important for the platform we picked to have a really good self-service story for things like you know lifecycle management. So with one-click upgrade, customers have total control over patches and upgrades. They don't have to call us to do it. You know they can drive that themselves. >> Got it. Any other final words around like what do you see of the partnership going forward? >> Well you know I think this would be a great platform for Xi, so I think we should probably talk about that. >> Yeah, yeah, we should talk about that separately. Thanks a lot, Jason. >> Thanks. >> All right, man. (audience clapping) So as we look at the full journey now between obviously from invisible infrastructure to invisible clouds, you know there is one thing though to take away beyond many updates that we've had so far. And the fact is that everything that I've talked about so far is about completing a full blown true IA stack from all the way from compute to storage, to vitualization, containers to network services, and so forth. But every public cloud, a true cloud in that sense, has a full blown layer of services that's set on top either for traditional workloads or for new workloads, whether it be machine-learning, whether it be big data, you know name it, right? And in the enterprise, if you think about it, many of these services are being provisioned or provided through a bunch of our partners. Like we have partnerships with Cloudera for big data and so forth. But then based on some customer feedback and a lot of attention from what we've seen in the industry go out, just like AWS, and GCP, and Azure, it's time for Nutanix to have an opinionated view of the past stack. It's time for us to kind of move up the stack with our own offering that obviously adds value but provides some of our core competencies in data and takes it to the next level. And it's in that sense that we're actually launching Nutanix Era to simplify one of the hardest problems in enterprise IT and short of saving you from true Oracle licensing, it solves various other Oracle problems which is about truly simplifying databases much like what RDS did on AWS, imagine enterprise RDS on demand where you can provision, lifecycle manage your database with one-click. And to talk about this powerful new functionality, let me invite Bala and John on stage to give you one final demo. (rock music) Good to see you guys. >> Yep, thank you. >> All right, so we've got lots of folks here. They're all anxious to get to the next level. So this demo, really rock it. So what are we going to talk about? We're going to start with say maybe some database provisioning? Do you want to set it up? >> We have one dream, Sunil, one single dream to pass you off, that is what Nutanix is today for IT apps, we want to recreate that magic for devops and get back those weekends and freedom to DBAs. >> Got it. Let's start with, what, provisioning? >> Bala: Yep, John. >> Yeah, we're going to get in provisioning. So provisioning databases inside the enterprise is a significant undertaking that usually involves a myriad of resources and could take days. It doesn't get any easier after that for the longterm maintence with things like upgrades and environment refreshes and so on. Bala and team have been working on this challenge for quite awhile now. So we've architected Nutanix Era to cater to these enterprise use cases and make it one-click like you said. And Bala and I are so excited to finally show this to the world. We think it's actually Nutanix's best kept secrets. >> Got it, all right man, let's take a look at it. >> So we're going to be provisioning a sales database today. It's a four-step workflow. The first part is choosing our database engine. And since it's our sales database, we want it to be highly available. So we'll do a two node rack configuration. From there, it asks us where we want to land this service. We can either land it on an existing service that's already been provisioned, or if we're starting net new or for whatever reason, we can create a new service for it. The key thing here is we're not asking anybody how to do the work, we're asking what work you want done. And the other key thing here is we've architected this concept called profiles. So you tell us how much resources you need as well as what network type you want and what software revision you want. This is actually controlled by the DBAs. So DBAs, and compute administrators, and network administrators, so they can set their standards without having a DBA. >> Sunil: Got it, okay, let's take a look. >> John: So if we go to the next piece here, it's going to personalize their database. The key thing here, again, is that we're not asking you how many data files you want or anything in that regard. So we're going to be provisioning this to Nutanix's best practices. And the key thing there is just like these past services you don't have to read dozens of pages of best practice guides, it just does what's best for the platform. >> Sunil: Got it. And so these are a multitude of provisioning steps that normally one would take I guess hours if not days to provision and Oracle RAC data. >> John: Yeah, across multiple teams too. So if you think about the lifecycle especially if you have onshore and offshore resources, I mean this might even be longer than days. >> Sunil: Got it. And then there are a few steps here, and we'll lead into potentially the Time Machine construct too? >> John: Yeah, so since this is a critical database, we want data protection. So we're going to be delivering that through a feature called Time Machines. We'll leave this at the defaults for now, but the key thing to not here is we've got SLAs that deliver both continuous data protection as well as telescoping checkpoints for historical recovery. >> Sunil: Got it. So that's provisioning. We've kicked off Oracle, what, two node database and so forth? >> John: Yep, two node database. So we've got a handful of tasks that this is going to automate. We'll check back in in a few minutes. >> Got it. Why don't we talk about the other aspects then, Bala, maybe around, one of the things that, you know and I know many of you guys have seen this, is the fact that if you look at database especially Oracle but in general even SQL and so forth is the fact that look if you really simplified it to a developer, it should be as simple as I copy my production database, and I paste it to create my own dev instance. And whenever I need it, I need to obviously do it the opposite way, right? So that was the goal that we set ahead for us to actually deliver this new past service around Era for our customers. So you want to talk a little bit more about it? >> Sure Sunil. If you look at most of the data management functionality, they're pretty much like flavors of copy paste operations on database entities. But the trouble is the seemingly simple, innocuous operations of our daily lives becomes the most dreaded, complex, long running, error prone operations in data center. So we actually planned to tame this complexity and bring consumer grade simplicity to these operations, also make these clones extremely efficient without compromising the quality of service. And the best part is, the customers can enjoy these services not only for databases running on Nutanix, but also for databases running on third party systems. >> Got it. So let's take a look at this functionality of I guess snapshoting, clone and recovery that you've now built into the product. >> Right. So now if you see the core feature of this whole product is something we call Time Machine. Time Machine lets the database administrators actually capture the database tape to the granularity of seconds and also lets them create clones, refresh them to any point in time, and also recover the databases if the databases are running on the same Nutanix platform. Let's take a look at the demo with the Time Machine. So here is our customer relationship database management database which is about 2.3 terabytes. If you see, the Time Machine has been active about four months, and SLA has been set for continuously code revision of 30 days and then slowly tapers off 30 days of daily backup and weekly backups and so on, so forth. On the right hand side, you will see different colors. The green color is pretty much your continuously code revision, what we call them. That lets you to go back to any point in time to the granularity of seconds within those 30 days. And then the discreet code revision lets you go back to any snapshot of the backup that is maintained there kind of stuff. In a way, you see this Time Machine is pretty much like your modern day car with self driving ability. All you need to do is set the goals, and the Time Machine will do whatever is needed to reach up to the goal kind of stuff. >> Sunil: So why don't we quickly do a snapshot? >> Bala: Yeah, some of these times you need to create a snapshot for backup purposes, Time Machine has manual controls. All you need to do is give it a snapshot name. And then you have the ability to actually persist this snapshot data into a third party or object store so that your durability and that global data access requirements are met kind of stuff. So we kick off a snapshot operation. Let's look at what it is doing. If you see what is the snapshot operation that this is going through, there is a step called quiescing the databases. Basically, we're using application-centric APIs, and here it's actually RMAN of Oracle. We are using the RMan of Oracle to quiesce the database and performing application consistent storage snapshots with Nutanix technology. Basically we are fusing application-centric and then Nutanix platform and quiescing it. Just for a data point, if you have to use traditional technology and create a backup for this kind of size, it takes over four to six hours, whereas on Nutanix it's going to be a matter of seconds. So it almost looks like snapshot is done. This is full sensitive backup. You can pretty much use it for database restore kind of stuff. Maybe we'll do a clone demo and see how it goes. >> John: Yeah, let's go check it out. >> Bala: So for clone, again through the simplicity of command Z command, all you need to do is pick the time of your choice maybe around three o'clock in the morning today. >> John: Yeah, let's go with 3:02. >> Bala: 3:02, okay. >> John: Yeah, why not? >> Bala: You select the time, all you need to do is click on the clone. And most of the inputs that are needed for the clone process will be defaulted intelligently by us, right? And you have to make two choices that is where do you want this clone to be created with a brand new VM database server, or do you want to place that in your existing server? So we'll go with a brand new server, and then all you need to do is just give the password for you new clone database, and then clone it kind of stuff. >> Sunil: And this is an example of personalizing the database so a developer can do that. >> Bala: Right. So here is the clone kicking in. And what this is trying to do is actually it's creating a database VM and then registering the database, restoring the snapshot, and then recoding the logs up to three o'clock in the morning like what we just saw that, and then actually giving back the database to the requester kind of stuff. >> Maybe one finally thing, John. Do you want to show us the provision database that we kicked off? >> Yeah, it looks like it just finished a few seconds ago. So you can see all the tasks that we were talking about here before from creating the virtual infrastructure, and provisioning the database infrastructure, and configuring data protection. So I can go access this database now. >> Again, just to highlight this, guys. What we just showed you is an Oracle two node instance provisioned live in a few minutes on Nutanix. And this is something that even in a public cloud when you go to RDS on AWS or anything like that, you still can't provision Oracle RAC by the way, right? But that's what you've seen now, and that's what the power of Nutanix Era is. Okay, all right? >> Thank you. >> Thanks. (audience clapping) >> And one final thing around, obviously when we're building this, it's built as a past service. It's not meant just for operational benefits. And so one of the core design principles has been around being API first. You want to show that a little bit? >> Absolutely, Sunil, this whole product is built on API fist architecture. Pretty much what we have seen today and all the functionality that we've been able to show today, everything is built on Rest APIs, and you can pretty much integrate with service now architecture and give you your devops experience for your customers. We do have a plan for full fledged self-service portal eventually, and then make it as a proper service. >> Got it, great job, Bala. >> Thank you. >> Thanks, John. Good stuff, man. >> Thanks. >> All right. (audience clapping) So with Nutanix Era being this one-click provisioning, lifecycle management powered by APIs, I think what we're going to see is the fact that a lot of the products that we've talked about so far while you know I've talked about things like Calm, Flow, AHV functionality that have all been released in 5.5, 5.6, a bunch of the other stuff are also coming shortly. So I would strongly encourage you guys to kind of space 'em, you know most of these products that we've talked about, in fact, all of the products that we've talked about are going to be in the breakout sessions. We're going to go deep into them in the demos as well as in the pods. So spend some quality time not just on the stuff that's been shipping but also stuff that's coming out. And so one thing to keep in mind to sort of takeaway is that we're doing this all obviously with freedom as the goal. But from the products side, it has to be driven by choice whether the choice is based on platforms, it's based on hypervisors, whether it's based on consumption models and eventually even though we're starting with the management plane, eventually we'll go with the data plane of how do I actually provide a multi-cloud choice as well. And so when we wrap things up, and we look at the five freedoms that Ben talked about. Don't forget the sixth freedom especially after six to seven p.m. where the whole goal as a Nutanix family and extended family make sure we mix it up. Okay, thank you so much, and we'll see you around. (audience clapping) >> PA Announcer: Ladies and gentlemen, this concludes our morning keynote session. Breakouts will begin in 15 minutes. ♪ To do what I want ♪

>> Announcer: Live from Austin, Texas, It's The Cube. Covering KubeCon 2017 and CloudNativeCon 2017. Brought to you by Red Hat, The Lennox Foundation, and The Cube's ecosystem partners. >> Okay, welcome back everyone. Live here in Austin, Texas, this is The Cube's exclusive coverage of the CNCF CloudNativeCon which was yesterday, and today is KubeCon, for Kubernetes conference, and a little bit tomorrow as well, some sessions. Our next guest is Adrian Cockcroft, VP of Cloud Architecture Strategy at AWS, Amazon Web Services, and my co-host Stu Miniman. Obviously, Adrian, an industry legend on Twitter and the industry, formerly with Netflix, knows a lot about AWS, now VP of Cloud Architecture, thanks for joining us. Appreciate it. >> Thanks very much. >> This is your first time as an AWS employee on The Cube. You've been verified. >> I've been on The Cube before. >> Many times. You've been verified. What's going on now with you guys, obviously coming off a hugely successful reinvent, there's a ton of video of me ranting and raving about how you guys are winning, and there's no second place, in the rear-view mirror, certainly Amazon's doing great. But CloudNative's got the formula, here. This is a cultural shift. What is going on here that's similar to what you guys are doing architecturally, why are you guys here, are you evangelizing, are you recruiting, are you proposing anything? What's the story? >> Yeah, it's really all of those things. We've been doing CloudNative for a long time, and the key thing with AWS, we always listen to our customers, and go wherever they take us. That's a big piece of the way we've always managed to keep on top of everything. And in this case, the whole container industry, there's a whole whole market there, there's a lot of different pieces, we've been working on that for a long time, and we found more and more people interested in CNCF and Kubernetes, and really started to engage. Part of my role is to host the open source team that does outbound engagement with all the different open source communities. So I've hired a few people, I hired Arun Gupta, who's very active in CNCF earlier this year, and internally we were looking at, we need to join CNCF at some point. We got to do that eventually and venture in, let's go make it happen. So last summer we just did all the internal paperwork, and running around talking to people and got everyone on the same page. And then in August we announced, hey, we're joining. So we got that done. I'm on the board of CNCF, Arun's my alternate for the board and technical, running around, and really deeply involved in as much of the technology and everything. And then that was largely so that we could kind of get our contributions from engineering on a clear footing. We were starting to contribute to Kupernetes, like as an outsider to the whole thing. So that's why we're, what's going on here? So getting that in place was like the basis for getting the contributions in place, we start hiring, we get the teams in place, and then getting our ducks in a row, if you like. And then last week at Reinvent, we announced EKS, the EC2 Kubernete's Service. And this week, we all had to be here. Like last week after Reinvent, everyone at AWS wants to go and sleep for a week. But no, we're going to go to Austin, we're going to do this. So we have about 20 people here, we came in, I did a little keynote yesterday. I could talk through the different topics, there, but fundamentally we wanted to be here where we've got the engineering teams here, we've got the engineering managers, they're in full-on hiring mode, because we've got the basic teams in place, but there's a lot more we want to do, and we're just going out and engaging, really getting to know the customers in detail. So that's really what drives it. Customer interactions, little bit of hiring, and just being present in this community. >> Adrian, you're very well known in the open source community, everything that you've done. Netflix, when you were on the VC side, you evangelized a bunch of it, if I can use the term. Amazon, many of us from the outside looked and, trying to understand. Obviously Amazon used lots of open source, Amazon's participated in a number of open source. MXNet got a lot of attention, joining the CNCF is something, I know this community, it's been very positively received, everybody's been waiting for it. What can you tell us about how Amazon, how do they think about open source? Is that something that fits into the strategy, or is it a tactic? Obviously, you're building out your teams, that sends certain signals to market, but can you help clarify for those of us that are watching what Amazon thinks about when it comes to this space? >> I think we've been, so, we didn't really have a team focused on outbound communication of what we were doing in open source until I started building this team a year ago. I think that was the missing link. We were actually doing a lot more than most people realized. I'd summarize it as saying, we were doing more than most people expected, but less than we probably could have been given the scale of what we are, the scale that AWS is at. So part of what we're doing is unlocking some internal demand where engineering teams were going. We'd like to open source something, we don't know how to engage with the communities. We're trying to build trust with these communities, and I've hired a team, I've got several people now, who are mostly from the open source community, we were also was kind of interviewing people like crazy. That was our sourcing for this team. So we get these people in and then we kind of say, all right, we have somebody that understands how to build these communities, how to respond, how to engage with the open source community. It's a little different to a standard customer, enterprise, start up, those are different entities that you'd want to relate to. But from a customer point of view, being customer-obsessed as AWS is, how do we get AWS to listen to an open source community and work with them, and meet all their concerns. So we've been, I think, doing a better job of that now we've pretty much got the team in place. >> That's your point, is customer focus is the ethos there. The communities are your customers in this case. So you're formalizing, you're formalizing that for Amazon, which has been so busy building out, and contributing here and there, so it sounds like there was a lot of activity going on within AWS, it was just kind of like contributing, but so much work on building out cloud ... >> Well there's a lot going on, but if no one was out there telling the story, you didn't know about it. Actually one of the best analogies we have for the EKS is actually our EMR, our Hadoop service, which launched 2010 or something, 2009, we've had it forever. But from the first few years when we did EMR, it was actually in a fork. We kept just sort of building our own version of it to do things, but about three or four years ago, we started upstreaming everything, and it's a completely clean, upstreamed version of all the Hadoop and all the related projects. But you make one API call, a cluster appears. Hey, give me a Hadoop cluster. Voom, and I want Spark and I want all these other things on it. And we're basically taking Kubernetes, it's very similar, we're going to reduce that to a single API call, a cluster appears, and it's a fully upstreamed experience. So that's, in terms of an engineering relationship to open source, we've already got a pretty good success story that nobody really knew about. And we're following a very similar path. >> Adrian, can you help us kind of unpack the Amazon Kubernetes stack a little bit? One of the announcements had a lot of attention, definitely got our attention, Fargate, kind of sits underneath what Kubernetes is doing, my understanding. Where are you sitting with the service measures, kind of bring us through the Amazon stack. What does Amazon do on its own versus the open source, and how those all fit together. >> Yeah, so everyone knows Amazon is a place where you can get virtual machines. It's easy to get me a virtual machine from ten years ago, everyone gets that, right? And then about three years ago, I think it was three years ago, we announced Lambda - was that two or three years ago? I lose track of how many reinvents ago it was. But with Lambda it's like, well, just give me a function. But as a first class entity, there's a, give me a function, here's the code I want you to run. We've now added two new ways that you can deploy to, two things you can deploy to. One of them's bare metal, which is already announced, one of the many, many, many announcements last week that might have slipped by without you noticing, but Bare Metal is a service. People go, 'those machines are really big'. Yes, of course they're really big! You get the whole machine and you can be able to bring your own virtualization or run whatever you want. But you could launch, you could run Kubernetes on that if you wanted, but we don't really care what you run it on. So we had Bare Metal, and then we have container. So Fargate is container as a first class entity that you deploy to. So here's my container registry, point you at it, and run one of these for me. And you don't have to think about deploying the underlying machines it's running on, you don't have to think about what version of Lennox it is, you have to build an AMI, all of the agents and fussing around, and you can get it in much smaller chunks. So you can say you get a CPU and half a gig of ram, and have that as just a small container. So it becomes much more granular, and you can get a broader range of mixes. A lot of our instances are sort of powers of two of a ratio of CPU to memory, and with Fargate you can ask for a much broader ratio. So you can have more CPU, less memory, and go back the other way, as well. 'Cause we can mix it up more easily at the container level. So it gives you a lot more flexibility, and if you buy into this, basically you'll get to do a lot of cost reduction for the sort of smaller scale things that you're running. Maybe test environments, you could shrink them down to just the containers and not have a lot of wasted space where you're trying to, you have too many instances running that you want to put it in. So it's partly the finer grain giving you more ability to say -- >> John: Or consumption choice. >> Yeah, and the other thing that we did recently was move to per-second billing, after the first minute, it's per-second. So the granularity of Cloud is now getting to be extremely fine-grained, and Lambda is per hundred millisecond, so it's just a little bit -- >> $4.03 for your bill, I mean this is the key thing. You guys have simplified the consumption experience. Bare Metal, VM's, containers, and functions. I mean pick one. >> Or pick all of them, it's fine. And when you look at the way Fargate's deployed in ECS it's a mixture. It's not all one or all the other, you deploy a number of instances with your containers on them, plus Fargate to deploy some additional containers that maybe didn't fit those instances. Maybe you've got a fleet of GPU enhanced machines, but you want to run a bit of Logic around it, some other containers in the same execution environment, but these don't need to be on the GPU. That kind of thing, you can mix it up. The other part of the question was, so how does this play into Kubernetes, and the discussions are just that we had to release the thing first, and then we can start talking, okay, how does this fit. Parts of the model fit into Kubernetes, parts don't. So we have to expose some more functionality in Fargate for this to make sense, 'cause we've got a really minimal initial release right now, we're going to expose it and add some more features. And then we possibly have to look at ways that we mutate Kubernetes a little bit for it to fit. So the initial EKS release won't include Fargate, because we're just trying to get it out based on what everyone knows today, we'd rather get that out earlier. But we'll be doing development work in the meantime, so a subsequent release we'll have done the integration work, which will all happen in public, in discussion with the community, and we'll have a debate about, okay, this is the features Fargate needs to properly integrate into Kubernetes, and there are other similar services from other top providers that want to integrate to the same API. So it's all going to be done as a public development, how we architect this. >> I saw a tweet here, I want to hear your comments on, it's from your keynote, someone retweeted, "managing over 100,000 clusters on ACS, hashtag Fargate," integrated into ECS, your hashtag, open, ADM's open. What is that hundred thousand number. Is that the total number, is that an example? On elastic container service, what does that mean? >> So ECS is a very large scale, multi-tenant container operation service that we've had for several years. It's in production, if you compare it to Kubernetes it's running much larger clusters, and it's been running at production-grade for longer. So it's a little bit more robust and secure and all those kinds of things. So I think it's missing some Kubernetes features, and there's a few places where we want to bring in capabilities from Kubernetes and make ECS a better experience for people. Think of Kubernetes as some what optimized for the developer experience, and ECS for more the operations experience, and we're trying to bring all this together. It is operating over a hundred thousand clusters of containers, over a hundred thousand clusters. And I think the other number was hundreds of millions of new containers are launched every week, or something like that. I think it was hundreds of millions a week. So, it's a very large scale system that is already deployed, and we're running some extremely large customers on, like Expedia and Macbook. Macbook ... Mac Box. Some of these people are running tens of thousands of containers in production as a single, we have single clusters in the tens of thousands range. So it's a different beast, right? And it meets a certain need, and we're going to evolve it forwards, and Kubernetes is serving a very different purpose. If you look at our data science space, if you want exactly the same Hadoop thing, you can get that on prem, you can run EMR. But we have Athena and Red Shift and all these other ways that are more native to the way we think, where we can go iterate and build something very specific to AWS, so you blend these two together and it depends on what you're trying to achieve. >> Well Adrian, congratulations on a great opportunity, I think the world is excited to have you in your role, if you could clarify and just put the narrative around, what's actually happening in AWS, what's been happening, and what you guys are going to do forward. I'll give you the last minute to let folks know what your job is, what your objective is, what you're looking for to hire, and your philosophy in the open source for AWS. >> I think there's a couple of other projects, and we've talked, this is really all about containers. The other two key project areas that we've been looking at are deep learning frameworks, since all of the deep learning frameworks are open source. A lot of Kubernetes people are using it to run GPUs and do that kind of stuff. So Apache MXNet is another focus on my team. It went into the incubation phase last January, we're walking it through, helping it on its way. It's something where we're 30, 40% of that project is AWS contribution. So we're not dominating it, but we're one of its main sponsors, and we're working with other companies. There's joint work with, it's lots of open source projects around here. We're working with Microsoft on Gluon, we're working with Facebook and Microsoft on Onyx which is an open URL network exchange. There's a whole lot of things going on here. And I have somebody on my team who hasn't started yet, can't tell you who it is, but they're starting pretty soon, who's going to be focusing on that open source, deep learning AI space. And the final area I think is interesting is IOT, serverless, Edge, that whole space. One announcement recently is free AltOS. So again, we sort of acquired the founder of this thing, this free real-time operating system. Everything you have, you probably personally own hundreds of instances of this without knowing it, it's in everything. Just about every little thing that sits there, that runs itself, every light bulb, probably, in your house that has a processor in it, those are all free AltOS. So it's incredibly pervasive, and we did an open source announcement last week where we switched its license to be a pure MIT license, to be more friendly for the community, and announced an Amazon version of it with better Amazon integration, but also some upgrades to the open source version. So, again, we're pushing an open source platform, strategy, in the embedded and IOT space as well. >> And enabling people to build great software, take the software engineering hassles out for the application developers, while giving the software engineers more engineering opportunities to create some good stuff. Thanks for coming on The Cube and congratulations on your continued success, and looking forward to following up on the Amazon Web Services open source collaboration, contribution, and of course, innovation. The Cube doing it's part here with its open source content, three days of coverage of CloudNativeCon and KubeCon. It's our second day, I'm John Furrier, Stu Miniman, we'll be back with more live coverage in Austin, Texas, after this short break. >> Offscreen: Thank you.

>> Announcer: Live from Manhattan it's the Cube. Covering AWS Summit New York City 2017. Brought to you buy Amazon Web Services. >> Hello and welcome to the Big Apple. AWS Summit kicking off here at the Javits Convention Center New York, New York. Along with Stu Miniman, I'm John Walls, welcome to the Cube as we continue our coverage here. Really I feel like this is ongoing, Stu, as far as what we're doing with AWS (mumbles) public sector summit. AWS from the outside in for a very long time. So tell me what you make of this. I mean regional show, we probably have four or 5,000 folks here, good turnout. What's the vibe you got, what's the feeling? >> It's really interesting 'cause we've covered a few of the regional summits but it's the first one that I've attended. I'm actually already have been starting to plan for AWS reinvent, which is the big show in November. Expecting probably around 50,000 people at that show, but I think four years ago, four and a half years ago when I went to the first (mumbles) summit in Las Vegas, it was about the size of what this show is. So Adrian Cockcroft got up on stage, said there were about 20,000 people registered. Of course registered doesn't mean that they're all here. A lot of people I know watching the live stream as well as it's free to attend so if I'm in New York City, there's just a few people in New York that care about tech probably. So maybe they'll pop in sometime for today, but in the keynote there's definitely a few thousand people. It's a good sized expo hall here. This could be a five or 6,000 person event for the size of the expo hall that they have here, and the Javits center can really hold some big activity here. Impressive at scope because Amazon and the cloud is still in early days. As Jeff (mumbles) says, there is no day two, we're always day one and what's going on. Went through a lot of announcements, a lot of momentum, a lot of revenue in this big cloud thing. >> You talk about Adrian too, we'll get to his keynote comments in a little bit. Talking about revenue growth still in the uptick year to year 42%. So still going there, but then on the other side you do se some writing going on that maybe upticks slowing down just a hair as far as cloud deployment goes. >> Yeah that's a great thing, 'cause we're all staring at the numbers and it's no longer, Amazon right now is not growing 75, 80% as opposed to the companies trying to catch up to them, like Microsoft, is growing at more of that 75 (talking over each other) >> But Amazon if you look at infrastructured service, is the largest out there. What was it, it was a 16 billion dollar run rate looking at the last 12 months looking back. Still over 40% growth rate. So yes is the growth slowing down a little bit, but that's just because they're not at a big number so it's a little tougher, but they keep adding services, they keep adding users. Some big users up on stage, some new services getting announced because the way Andy Jassy puts it, I mean everyday when you wake up, there's another three services from Amazon. So it's not like they had to say, oh geeze, can we hold something off? I go to the typical enterprise show and it's like, oh we're going to have this bundle announcements that we do. Amazon could have one of these every week somewhere and everyday could be like, here's three new services and they're kind of interesting because everyday that's kind of what they have. >> Yeah and I don't mean to paint it like the wolf is at the door, by any means, but the competitors are at the door. So how much of that factors into this space (mumbles) you pointed everybody else has this huge market share. They're not even (mumbles) they're like the elephant and the gorilla in the room, but at the same time, you do, as you're coming on, Google's still out there looking. There's another player as well. >> Well if you talk to the Amazon people, they don't care about the competitors, they care about their customers. So they focus very much on what their customers are doing. They work on really small teams. If we want to talk about a couple of the announcements today, one of the ones that, at least the community I was watching, it's AWS glue, which really helps to get ETL, which is the extract, transform, and load really a lot of the heavy lifting and undifferentiated heavy lifting that data scientists are doing. Matt Wood, who was up on the keynote said 75% of their time is done on this kind of stuff, and here's something that can greatly reduce it. Few people in the Twitter stream were talking about they've used the beta of it. They're really excited. It was one that didn't sound all that exciting, but once you get into it it's like, oh wow, game changer. This is going to free up so much time. Really accelerate that speed of what I'm doing. Adrian Cockcroft talked about speed and flight freeing me from some of the early constraints. I'm an infrastructure guy by background and everything was like, and I've got that boat anchor stuff that I need to move along and the refresh cycles, and what do I have budget for today? And now I can spin things up so much faster. They give an example of, oh I'm going to do this on Hive and it's going to take me five years to do it as opposed to if I do it in the nice AWS service it takes 155 seconds. We've had lots of examples like this. One of the earliest customers I remember talking to over four years ago, Cycle Computing was like, we would build the super computer and it would have taken us two years and millions of dollars to build, and instead we did the entire project in two months and it cost us $10,000. So those are the kind of transformational things that we expect to hear from Amazon. Lots of customers, but getting into the nuance of it's a lot of building new service. Hulu got on stage and it wasn't that, they didn't say we've killed all of our data centers and everything that you do under Hulu is now under AWS. They said, we wanted to do live TV and live TV is very different from what we had built for in our infrastructure, and the streaming services that Amazon had, and the reach, and the CDN, and everything that they can do there makes it so that we could do this much faster and integrate what we were doing before with the live TV. Put those things together, transformational, expand their business model, and helps move forward Hulu so as they're not just a media company, they're a technology company and Amazon and Amazon support as a partner helps them with that transformation. >> So they're changing their mission obviously, and then technologically they have the help to do that. Part of the migration of AWS migration, we talked about that as well, one of those new services that they rolled out today. I think the quote was migration is a journey and we're going to make it a little simpler right now. >> Yeah we've been hearing for the last couple of years the database. So you know whether I've got Oracle databases, whether it was running SQL before. I want to migrate them, and with Amazon now, I have so many different migration tools that this migration hub now is going to allow me to track all of my migrations across AWS. So this is not for the company that's saying, oh yeah I'm tinkering with some stuff and I'm doing some test dev, but the enterprise that has thousands of applications or lots of locations and lots of people, they now need managers of managers to watch this and some partners involved to help with a lot of these services, but really sprawling all of the services that Amazon have every time they put up one of those eye charts with just all of these different boxes. Every one of them, when you tend to dig in it's like, oh machine learning was a category before and now there's dozens of things inside it. You keep drilling down, I feel like it's that Christopher Nolan movie, Inception. We keep going levels deep as to kind of figure it out. We need to move at cloud time, which is really fast as opposed to kind of the old enterprise time. >> We hit on machine learning. We saw a lot of examples that cut across a pretty diverse set of brands and sectors, and really the democratization of machine learning more or less. At least that was the takeaway I got from it. >> And absolutely. When you mention the competition, this is where Google has a strong position in machine learning. Amazon and Microsoft also pushing there. So it is still early days in machine learning and while Amazon has an undisputed lead in overall cloud, machine learning is one of those areas where everybody's starting from kind of the starting point and Amazon's brought in a lot of really good people. They've got a lot of people working on teams and building out new services. The one that was announced at the end of the keynote is Amazon Macie, which is really around my sensitive data in a global context using machine learning to understand when something's being used when it shouldn't and things like that. I was buying my family some subway tickets and you could only buy two metro cards with one credit card because even if I put in all the data, it was like, no we're only going to let you buy two because if somebody got your credit card they could probably get that and do that. So that's the kind of thing that you're trying to act fast with data no matter where you are because malicious people and hackers, data is the new oil, as we said. It's something that we need to watch and be able to manage even better. So Amazon keeps adding tools and services to allow us to use our data, protect our data, and harness the value of data. I've really said, data is the new flywheel for technology going forward. Amazon for years talked about the flywheels of customers. They add new services, more customers come on board that drives new services and now data is really that next flywheel that's going to drive that next bunch of years of innovation to come. >> You've talked a lot about announcements that we just heard about in the keynote. Big announcement fairly recently about the cloud data computing foundation. So all of the sudden they, I'd say not giving the Heisman, if you will, the Kubernetes, but maybe not embracing it, right? Fair enough to say. Different story now. All of the sudden they're platinum level on the board. They have a voice on how Kubernetes is going to be rolled out going forward, or I guess maybe how Kubernetes is going to be working with AWS going forward. >> And my comment, I gave a quote to SiliconANGLE. I'm on the analyst side of the media. This side had written an article and I said, it's a good step. I saw a great headline that was like, Amazon gives $350,000. They're at least contributing with the financial piece, but when you dig in and read, there was a medium blog post written by Adrian Cockcroft. He didn't touch on it at all in the keynote this morning. Which I was a little surprised about, but what he said is, we're contributing, we're greatly involved, and there's all of these things that are happening in the CNCF, but Amazon has not said, and here is our service to enable Kubernetes as a first class citizen in there. They have the AWS container service, which is ACS which doesn't use Kubernetes. Until this recent news, I could layer Kubernetes on top and there are a lot of offerings to do that. What I'd like to be able to hear is, what service is really Amazon going to offer with that. My expectation not knowing any concrete details is by the time we get to the big show in November, they will have that baked out war, probably have some announcements there. Hoping at this show to be able to talk to some people to really find out what's happening inside really that Kubernetes piece, 'cause that helps not only with really migrations. If I'm built with Kubernetes, it's built with containers. Containers are also the underlying component when I'm doing things like serverless, AWS Lambda. So if I can use Kubernetes, I can build one way and use multiple environments. Whether that be public cloud or private clouds. So how much will Amazon embrace that, how much will they use this. as well we're enabling Kubernetes so if you've got a Kubernetes solution, you can now get into another migration service to Amazon or will they open up a little bit more? We've really been watching to see as Amazon builds out their hybrid cloud offering. Which is how do they get into the customer's data center because we've seen that maturation of public cloud only, everything into the public cloud to now Lambda starts to reach out a little bit with the green grass, they've got their snow balls, they've got the partnership with VMware, which we expect to hear lots more about at VMworld at the end of this month. They've got partnerships with Redhat and a whole lot of other companies that they're working at to really expanding how they get all of these wonderful Amazon services that are in the public cloud. How do they reach into the customer's data centers themselves and start leveraging those services? All of those free services of data that are getting added. Lots of companies would want to get access to them. >> Well full lineup of guests, as always. Great lineup of guests, but before we head out, you said you're with Wikibon, you do great analyst work there and you've got that inquiring mind. You're a curious guy. What are you curious about today? What do you kind of want to walk away from here tonight learning a little bit more about? >> So as I mentioned, the whole Kubernetes story absolutely is one that we want to hear about. Going to talk to a lot of the partners. So we've seen a lot of the analytics machine learning type solutions really getting to the public (mumbles) so it's good to get a pulse of really this ecosystem because while Amazon is, we've said it's not only the elephant in the room, Dave Alante, the chief analyst at Wikibon said, they're the cheetah, they move rally fast, they're really nimble. Amazon, not the easiest always to partner with. How's the room feel, how are the customers, how are the partners, how much are they really in on AWS, how many of them are multi cloud and I'm using Google for some of the data solutions and Microsoft apps really have me involved. So Amazon loves to say people that are all in. We had one of the speakers that talked, Zocdoc, which one that allows me to set appointments with doctors much faster using technology. Analytics say rather than 24 days you could do 24 hours. They went from no AWS to fully 100% in on AWS in less than 12 months. So those are really impressive ones. Obviously it's a technology center company but you see large companies. FICO was the other one up on stage. Actually hopping to have FICO on the program today. They are, what was it, over a 60 year old company so obviously they have a lot of legacy, and how AWS fits into their environment. I actually interviewed someone from FICO a couple of years ago at an OpenStack show talking about their embrace of containers and containers allows them to get into public cloud a little bit easier. So I'd love to kind of dig into those pieces. What's the post of the customers, what's the post of the partner ecosystem, and are there chinks in the armor? You mentioned the competitive piece there. Usually when you come to an Amazon show, it's all Amazon all the time. The number one gripe usually is it's kind of pricing, and Amazon's made some moves. We did a bunch of interviews the week of the Google Next event talking about Google cloud and there was a lot of kind of small medium business that said Google was priced better, Google has a clear advantage (mumbles) I'm going away from Amazon. The week after the show, Amazon changed their pricing, talked to some of the same people and they're like, yeah Amazon leveled the playing field. So Amazon listens and moves very fast. So if they're not the first to create an offering, they will spin something up very fast. They can readjust their security, their pricing to make sure that they are listening to their customers and meeting them not necessarily in response to competitors, but getting what the customers need and therefore if the customers are griping a little bit about something that they see that's interesting, or a pain point that they've had. Like we've talked about the AWS Glue wasn't something that a competitor had. It was that this is a pain point that they saw a lot of time is on it, and they are looking to take that pain out. One of the line that always gets poked about Amazon is they say your margin is our opportunity and your pain as a customer is our opportunity too. So Amazon always listening. >> All right, a lot on the plate here this day we have for you at AWS Summit. We'll be back with much more as we continue here on the Cube and AWS Summit 2017 from New York City. (upbeat techno music)