>> From our studios in the heart of Silicon Valley. HOLLOWAY ALTO, California It is a cube conversation. >> Welcome to the special. Keep conversation here in Palo Alto, California. I'm John for a co host of the Cube. Were Arsenal was a C I S O. C. So for Microsoft also corporate vice President, Chief information security. Thanks for joining me today. >> Thank you. >> Appreciate it. Thanks. So you have a really big job. You're a warrior in the industry, security is the hardest job on the planet. >> And hang in sight >> of every skirt. Officer is so hard. Tell us about the role of Microsoft. You have overlooked the entire thing. You report to the board, give us an overview of what >> happens. Yeah. I >> mean, it's you know, obviously we're pretty busy. Ah, in this world we have today with a lot of adversaries going on, an operational issues happening. And so I have responsibility. Accountability for obviously protecting Microsoft assets are customer assets. And then ah, And for me, with the trend also responsibility for business continuity Disaster recovery company >> on the sea. So job has been evolving. We're talking before the camera came on that it's coming to CEO CF roll years ago involved to a business leader. Where is the sea? So roll now in your industry is our is a formal title is it establishes their clear lines of reporting. How's it evolved? What's the current state of the market in terms of the sea? So it's roll? >> Yeah, the role is involved. A lot. Like you said, I think like the CIA or twenty years ago, you know, start from the back room of the front room and I think the, you know, one of things I look at in the role is it's really made it before things. There's technical architecture, there's business enablement. There's operational expert excellence. And then there's risk management and the older ah, what does find the right word? But the early see so model was really about the technical architecture. Today. It's really a blend of those four things. How do you enable your business to move forward? How do you take calculated risks or manage risks? And then how do you do it really effectively and efficiently, which is really a new suit and you look at them. You'LL see people evolving to those four functions. >> And who's your boss? Would you report to >> I report to a gentleman by the name of a curtain. Little Benny on DH. He is the chief digital officer, which would be a combination of Seo did officer and transformation as well as all of Microsoft corporate strategy >> and this broad board visibility, actually in security. >> Yeah, you >> guys, how is Microsoft evolved? You've been with the company for a long time >> in the >> old days ahead perimeters, and we talk about on the Cube all the time. When a criminalist environment. Now there's no perimeter. Yeah, the world's changed. How is Microsoft evolved? Its its view on security Has it evolved from central groups to decentralize? How is it how how was it managed? What's the what's the current state of the art for security organization? >> Well, I think that, you know, you raise a good point, though things have changed. And so in this idea, where there is this, you know, perimeter and you demanded everything through the network that was great. But in a client to cloak cloud world, we have today with mobile devices and proliferation or cloud services, and I ot the model just doesn't work anymore. So we sort of simplified it down into Well, we should go with this, you know, people calls your trust, I refer to It is just don't talk to strangers. But the idea being is this really so simplified, which is you've got to have a good identity, strong identity to participate. You have to have managed in healthy device to participate, to talk to, ah, Microsoft Asset. And then you have to have data in telemetry that surrounds that all the time. And so you basically have a trust, trust and then verify model between those three things. And that's really the fundamental. It's really that simple. >> David Lava as Pascal senior with twenty twelve when he was M. C before he was the C E O. V M. Where he said, You know his security do over and he was like, Yes, it's going to be a do over its opportunity. What's your thoughts on that perspective? Has there been a do over? Is it to do over our people looking at security and a whole new way? What's your thoughts? >> Yeah, I mean, I've been around security for a long time, and it's there's obviously changes in Massa nations that happened obviously, at Microsoft. At one point we had a security division. I was the CTO in that division, and we really thought the better way to do it was make security baked in all the products that we do. Everything has security baked in. And so we step back and really change the way we thought about it. To make it easier for developers for end users for admin, that is just a holistic part of the experience. So again, the technology really should disappear. If you really want to be affected, I think >> don't make it a happy thought. Make it baked in from Day one on new product development and new opportunity. >> Yeah, basically, shift the whole thing left. Put it right in from the beginning. And so then, therefore, it's a better experience for everyone using it. >> So one of things we've observed over the past ten years of doing the Cube when do first rolled up with scene, you know, big data role of date has been critical, and I think one of the things that's interesting is, as you get data into the system, you can use day that contextually and look at the contextual behavioral data. It's really is create some visibility into things you, Meyer may not have seen before. Your thoughts and reaction to the concept of leveraging data because you guys get a lot of data. How do you leverage the data? What's the view of data? New data will make things different. Different perspectives creates more visibility. Is that the right view? What's your thoughts on the role of Data World Data plays? >> Well, they're gonna say, You know, we had this idea. There's identity, there's device. And then there's the data telemetry. That platform becomes everything we do, what there's just security and are anomalous behavior like you were talking about. It is how do we improve the user experience all the way through? And so we use it to the service health indicator as well. I think the one thing we've learned, though, is I was building where the biggest data repositories your head for some time. Like we look at about a six point five trillion different security events a day in any given day, and so sort of. How do you filter through that? Manage? That's pretty amazing, says six point five trillion >> per day >> events per day as >> coming into Microsoft's >> that we run through the >> ecosystem your systems. Your computers? >> Yeah. About thirty five hundred people. Reason over that. So you can Certainly the math. You need us. Um, pretty good. Pretty good technology to make it work effectively for you and efficiently >> at RC A Heard a quote on the floor and on the q kind of echoing the same sentiment is you can't hire your way to success in this market is just not enough people qualified and jobs available to handle the volume and the velocity of the data coming in. Automation plays a critical role. Your reaction to that comment thoughts on? >> Well, I think I think the cure there, John, those when you talk about the volume of the data because there's what we used to call speeds and feeds, right? How big is it? And I used to get great network data so I can share a little because we've talked, like from the nineties or whatever period that were there. Like the network was everything, but it turns out much like a diverse workforce creates the best products. It turns out diverse data is more important than speeds and feeds. So, for example, authentication data map to, you know, email data map to end point data map. TEO SERVICE DATA Soon you're hosting, you know, the number of customers. We are like financial sector data vs Healthcare Data. And so it's the ability Teo actually do correlation across that diverse set of data that really differentiates it. So X is an example. We update one point two billion devices every single month. We do six hundred thirty billion authentications every single month. And so the ability to start correlating those things and movement give us a set of insights to protect people like we never had before. >> That's interesting telemetry you're getting in the marketplace. Plus, you have the systems to bring it in >> a pressure pressure coming just realized. And this all with this consent we don't do without consent, we would never do without consent. >> Of course, you guys have the terms of service. You guys do a good job on that, But I think the point that I'm seeing there is that you guys are Microsoft. Microsoft got a lot of access. Get a lot of stuff out there. How does an enterprise move to that divers model because they will have email, obviously. But they have devices. So you guys are kind of operating? I would say tear one of the level of that environment cause you're Microsoft. I'm sure the big scale players to that. I'm just an enterprising I'm a bank or I'm an insurance company or I'm in oil and gas, Whatever the vertical. Maybe. What do I do if I'm the sea? So they're So what does that mean, Diversity? How should they? >> Well, I think they have a diverse set of data as well. Also, if they participate, you know, even in our platform today, we you know, we have this thing called the security graph, which is an FBI people can tap into and tap into the same graph that I use and so they can use that same graph particular for them. They can use our security experts to help them with that if they don't have the all the resource and staff to go do that. So we provide both both models for that to happen, and I think that's why a unique perspective I should think should remind myself of which is we should have these three things. We have a really good security operations group we have. I think that makes us pretty unique that people can leverage. We build this stuff into the product, which I think is good. But then the partnership, the other partners who play in the graph, it's not just us. So there's lots of people who play on that as well. >> So like to ask you two lines of questions. Wanting on the internal complex is that organizations will have on the external complexity and realities of threats and coming in. How do they? How do you balance that out? What's your vision on that? Because, you know, actually, there's technology, his culture and people, you know in those gaps and capabilities on on all three. Yeah, internally just getting the culture right and then dealing with the external. How does a C so about his company's balance? Those realities? >> Well, I think you raised a really good point, which is how do you move the culture for? That's a big conversation We always have. And that was sort of, you know, it's interesting because the the one side we have thirty five hundred people who have security title in their job, But there's over one hundred thousand people who every day part of their job is doing security, making sure they'LL understand that and know that is a key part we should reinforce everyday on DSO. But I think balancing it is, is for me. It's actually simplifying just a set of priorities because there's no shortage of, you know, vendors who play in the space. There's no shortage of things you can read about. And so for us it was just simplifying it down and getting it. That simplifies simplified view of these are the three things we're going to go do we build onerous platform to prioritize relative to threat, and then and then we ensure we're building quality products. Those five things make it happen. >> I'd like to get your thoughts on common You have again Before I came on camera around how you guys view simplification terminal. You know, you guys have a lot of countries, the board level, and then also you made a common around trust of security and you an analogy around putting that drops in a bucket. So first talk about the simplification, how you guys simplifying it and why? Why is that important? >> You think we supply two things one was just supplying the message to people understood the identity of the device and making sure everything is emitting the right telemetry. The second part that was like for us but a Z to be illustrative security passwords like we started with this technology thing and we're going to do to FAA. We had cards and we had readers and oh, my God, we go talk to a user. We say we're going to put two FAA everywhere and you could just see recoil and please, >> no. And then >> just a simple change of being vision letters. And how about this? We're just going to get rid of passwords then People loved like they're super excited about it. And so, you know, we moved to this idea of, you know, we always said this know something, know something new, how something have something like a card And they said, What about just be something and be done with it? And so, you know, we built a lot of the capability natively into the product into windows, obviously, but I supported energies environment. So I you know, I support a lot of Mac clinics and IOS and Android as well So you've read it. Both models you could use by or you could use your device. >> That's that. That's that seems to be a trend. Actually, See that with phones as well as this. Who you are is the password and why is the support? Because Is it because of these abuses? Just easy to program? What's the thought process? >> I think there's two things that make it super helpful for us. One is when you do the biometric model. Well, first of all, to your point, the the user experience is so much better. Like we walk up to a device and it just comes on. So there's no typing this in No miss typing my password. And, you know, we talked earlier, and that was the most popular passwords in Seattle with Seahawks two thousand seventeen. You can guess why, but it would meet the complexity requirements. And so the idea is, just eliminate all that altogether. You walk up machine, recognize you, and you're often running s o. The user experience is great, but plus it's Actually the entropy is harder in the biometric, which makes it harder for people to break it, but also more importantly, it's bound locally to the device. You can't run it from somewhere else. And that's the big thing that I think people misunderstanding that scenario, which is you have to be local to that. To me, that's a >> great example of rethinking the security paradigm. Exactly. Let's talk about trust and security. You you have an opinion on this. I want to get your thoughts, the difference between trust and security so they go hand in hand at the same time. They could be confused. Your thoughts on this >> well being. You can have great trust. You can, so you can have great security. But you generally and you would hope that would equate like a direct correlation to trust. But it's not. You need to you build trust. I think our CEO said it best a long time ago. You put one bucket of water, one bucket. Sorry, one truffle water in the bucket every time. And that's how you build trust. Over time, my teenager will tell you that, and then you kick it over and you put it on the floor. So you have to. It's always this ratcheting up bar that builds trust. >> They doing great you got a bucket of water, you got a lot of trust, that one breach. It's over right, >> and you've got to go rebuild it and you've got to start all over again. And so key, obviously, is not to have that happen. But then, that's why we make sure you have operational rigor and >> great example that just totally is looking Facebook. Great. They have massive great security. What really went down this past week, but still the trust factor on just some of the other or societal questions? >> Yeah, >> and that something Do it. >> Security. Yeah, I think that's a large part of making sure you know you're being true. That's what I said before about, you know, we make sure we have consent. We're transparent about how we do the things we do, and that's probably the best ways to build trust. >> Okay, so you guys have been successful in Microsoft, just kind of tight the company for second to your role. It's pretty well documented that the stock prices at an all time high. So if Donatella Cube alumni, by the way, has been on the cue before he he took over and clear he didn't pivot. He just said we'd go in the cloud. And so the great moves, he don't eat a lot of great stuff. Open source from open compute to over the source. And this ship has turned and everything's going great. But that cheering the cloud has been great for the company. So I gotta ask you, as you guys move to the cloud, the impact to your businesses multi fold one products, ecosystem suppliers. All these things are changing. How has security role in the sea? So position been impact that what have you guys done? How does that impact security in general? Thoughts? >> Yeah, I think we obviously were like any other enterprise we had thousands of online are thousands of line of business applications, and we did a transformation, and we took a method logical approach with risk management. And we said, Okay, well, this thirty percent we should just get rid of and decommission these. We should, you know, optimize and just lifting shifting application. That cloud was okay, but it turns out there's massive benefit there, like for elasticity. Think of things that quarterly reporting or and you'll surveys or things like that where you could just dynamically grow and shrink your platform, which was awesome linear scale that we never had Cause those events I talk about would require re architectures. Separate function now becomes linear. And so I think there is a lot of things from a security perspective I could do in a much more efficient must wear a fish. In fact, they're then I had to have done it before, but also much more effective. I just have compute capability. Didn't have I have signal I didn't have. And so we had to wrap her head around that right and and figure out how to really leverage that. And to be honest, get the point. We're exploited because you were the MySpace. I have disaster and continent and business. This is processed stuff. And so, you know, everyone build dark fiber, big data centers, storage, active, active. And now when you use a platform is a service like on that kind of azure. You could just click a Bach and say, I want this thing to replicate. It also feeds your >> most diverse data and getting the data into the system that you throw a bunch of computer at that scale. So What diverse data? How does that impact the good guys and the bad guys? That doesn't tip the scales? Because if you have divers date and you have his ability, it's a race for who has the most data because more data diversity increases the aperture and our visibility into events. >> Yeah, I you >> know, I should be careful. I feel like I always This's a job. You always feel like you're treading water and trying to trying to stay ahead. But I think that, um, I think for the first time in my tenure do this. I feel there's an asymmetry that benefits. They're good guys in this case because of the fact that your ability to reason over large sets of data like that and is computed data intensive and it will be much harder for them like they could generally use encryption were effectively than some organization because the one the many relationship that happens in that scenario. But in the data center you can't. So at least for now, I feel like there's a tip This. The scales have tipped a bit for the >> guy that you're right on that one. I think it's good observation I think that industry inside look at the activity around, from new fund adventures to overall activity on the analytics side. Clearly, the data edge is going to be an advantage. I think that's a great point. Okay, that's how about the explosion of devices we're seeing now. An explosion of pipe enabled devices, Internet of things to the edge. Operational technologies are out there that in factory floors, everything being I P enables, kind of reminds me of the old days. Were Internet population you'd never uses on the Internet is growing, and >> that costs a lot >> of change in value, creation and opportunities devices. Air coming on both physical and software enabled at a massive rate is causing a lot of change in the industry. Certainly from a security posture standpoint, you have more surface area, but they're still in opportunity to either help on the do over, but also create value your thoughts on this exploding device a landscape, >> I think your Boston background. So Metcalfe's law was the value the net because the number of the nodes on the network squared right, and so it was a tense to still be true, and it continues to grow. I think there's a huge value and the device is there. I mean, if you look at the things we could do today, whether it's this watch or you know your smartphone or your smart home or whatever it is, it's just it's pretty unprecedented the capabilities and not just in those, but even in emerging markets where you see the things people are doing with, you know, with phones and Lauren phones that you just didn't have access to from information, you know, democratization of information and analysis. I think it's fantastic. I do think, though, on the devices there's a set of devices that don't have the same capabilities as some of the more markets, so they don't have encryption capability. They don't have some of those things. And, you know, one of Microsoft's responses to that was everything. Has an M see you in it, right? And so we, you know, without your spirit, we created our own emcee. That did give you the ability to update it, to secure, to run it and manage it. And I think that's one of the things we're doing to try to help, which is to start making these I, O. T or Smart devices, but at a very low cost point that still gives you the ability because the farm would not be healed Update, which we learn an O. T. Is that over time new techniques happen And you I can't update the system >> from That's getting down to the product level with security and also having the data great threats. So final final talk Tracking one today with you on this, your warrior in the industry, I said earlier. See, so is a hard job you're constantly dealing with compliance to, you know, current attacks, new vector, new strains of malware. And it's all over the map. You got it. You got got the inbound coming in and you got to deal with all that the blocking and tackling of the organization. >> What do you What do >> you finding as best practice? What's the what if some of the things on the cso's checklist that you're constantly worried about and or investing in what some of >> the yeah, >> the day to day take us through the day to day life >> of visited a lot? Yeah, it >> starts with not a Leslie. That's the first thing you have to get used to, but I think the you know again, like I said, there's risk Manager. Just prioritize your center. This is different for every company like for us. You know, hackers don't break and they just log in. And so identity still is one of the top things. People have to go work on him. You know, get rid of passwords is good for the user, but good for the system. We see a lot in supply chain going on right now. Obviously, you mentioned in the Cambridge Analytical Analytics where we had that issue. It's just down the supply chain. And when you look at not just third party but forthe party fifth party supply and just the time it takes to respond is longer. So that's something that we need to continue to work on. And then I think you know that those are some of the other big thing that was again about this. How do you become effective and efficient and how you managed that supply chain like, You know, I've been on a mission for three years to reduce my number of suppliers by about fifty percent, and there's still lots of work to do there, but it's just getting better leverage from the supplier I have, as well as taking on new capability or things that we maybe providing natively. But at the end of the day, if you have one system that could do what four systems going Teo going back to the war for talent, having people, no forces and versus one system, it's just way better for official use of talent. And and obviously, simplicity is the is the friend of security. Where is entropy is not, >> and also you mentioned quality data diversity it is you're into. But also there's also quality date of you have quality and diverse data. You could have a nice, nice mechanism to get machine learning going well, but that's kind of complex, because in the thie modes of security breaches, you got pre breached in breech post breach. All have different data characteristics all flowing together, so you can't just throw that answer across as a prism across the problem sets correct. This is super important, kind of fundamentally, >> yeah, but I think I >> would I would. The way I would characterize those is it's honestly, well, better lessons. I think I learned was living how to understand. Talk with CFO, and I really think we're just two things. There's technical debt that we're all working on. Everybody has. And then there's future proofing the company. And so we have a set of efforts that go onto like Red Team. Another actually think like bad people break them before they break you, you know, break it yourself and then go work on it. And so we're always balancing how much we're spending on the technical, that cleanup, you know, modernizing systems and things that are more capable. And then also the future proofing. If you're seeing things coming around the corner like cryptography and and other other element >> by chain blockchain, my supply chain is another good, great mechanism. So you constantly testing and R and D also practical mechanisms. >> And there in the red team's, which are the teams that attacking pen everything, which is again, break yourself first on this super super helpful for us >> well bred. You've seen a lot of ways of innovation have been involved in multiple ways computer industry client server all through the through the days, so feel. No, I feel good about this you know, because it reminds me and put me for broken the business together. But this is the interesting point I want to get to is there's a lot of younger Si SOS coming in, and a lot of young talent is being attractive. Security has kind of a game revived to it. You know, most people, my friends, at a security expert, they're all gamers. They love game, and now the thrill of it. It's exciting, but it's also challenging. Young people coming might not have experience. You have lessons you've learned. Share some thoughts over the years that scar either scar tissue or best practices share some advice. Some of the younger folks coming in breaking into the business of, you know, current situation. What you learned over the years it's Apple Apple. But now the industry. >> Yeah, sadly, I'd probably say it's no different than a lot of the general advice I would have in the space, which is there's you value experience. But it turns out I value enthusiasm and passion more here so you can teach about anybody whose passion enthusiastic and smart anything they want. So we get great data people and make them great security people, and we have people of a passion like you know, this person. It's his mission is to limit all passwords everywhere and like that passion. Take your passion and driver wherever you need to go do. And I >> think the nice >> thing about security is it is something that is technically complex. Human sociology complex, right? Like you said, changing culture. And it affects everything we do, whether it's enterprise, small, medium business, large international, it's actually a pretty It's a fasten, if you like hard problem. If you're a puzzle person, it's a great It's a great profession >> to me. I like how you said Puzzle. That's I think that's exactly it. They also bring up a good point. I want to get your thoughts on quickly. Is the talent gap is is really not about getting just computer science majors? It's bigger than that. In fact, I've heard many experts say, and you don't have to be a computer scientist. You could be a lot of cross disciplines. So is there a formula or industry or profession, a college degree? Or is it doesn't matter. It's just smart person >> again. It depends if your job's a hundred percent. Security is one thing, but like what we're trying to do is make not we don't have security for developers you want have developed to understand oppa security and what they build is an example on DSO. Same with administrators and other components. I do think again I would say the passion thing is a key piece for us, but But there's all aspects of the profession, like the risk managers air, you know, on the actuarial side. Then there's math people I had one of my favorite people was working on his phD and maladaptive behavior, and he was super valuable for helping us understand what actually makes things stick when you're trying to train their educate people. And what doesn't make that stick anthropologist or super helpful in this field like anthropologist, Really? Yeah, anthropologist are great in this field. So yeah, >> and sociology, too, you mentioned. That would think that's a big fact because you've got human aspect interests, human piece of it. You have society impact, so that's really not really one thing. It's really cross section, depending upon where you want to sit in the spectrum of opportunity, >> knowing it gives us a chance to really hire like we hire a big thing for us has been hard earlier in career and building time because it's just not all available. But then also you, well, you know, hire from military from law enforcement from people returning back. It's been actually, it's been a really fascinating thing from a management perspective that I didn't expect when I did. The role on has been fantastic. >> The mission. Personal question. Final question. What's getting you excited these days? I mean, honestly, you had a very challenging job and you have got attend all the big board meetings, but the risk management compliance. There's a lot of stuff going on, but it's a lot >> of >> technology fund in here to a lot of hard problems to solve. What's getting you excited? What what trends or things in the industry gets you excited? >> Well, I'm hopeful we're making progress on the bad guys, which I think is exciting. But honestly, this idea the you know, a long history of studying safety when I did this and I would love to see security become the air bags of the technology industry, right? It's just always there on new president. But you don't even know it's there until you need it. And I think that getting to that vision would be awesome. >> And then really kind of helping move the trust equation to a whole other level reputation. New data sets so data, bits of data business. >> It's total data business >> breath. Thanks for coming on the Q. Appreciate your insights, but also no see. So the chief information security officer at Microsoft, also corporate vice president here inside the Cuban Palo Alto. This is cute conversations. I'm John Career. Thanks for watching. >> Thank you.

>> Live from Barcelona, Spain, it's theCUBE. Covering Cisco Live! Europe. Brought to you by Cisco and its ecosystem partners. >> Welcome back to Cisco Live! in Barcelona. I'm Dave Vellante with my cohost, Stu Miniman. You're watching theCUBE, the leader in live tech coverage. This is day one of a three day segments that we're doing here at Cisco Live Barcelona. Bret Hartman is here as the CTO of Cisco Security Group. And we think of CUBE alone from way back, Bret. >> Way back, way back. >> Great to see you again. >> You bet. >> Thanks for coming on. So we're here to talk about Workload Security. >> Yep. >> What is that? What is Workload Security? >> What is Workload Security? So it's really the whole idea of how people secure applications today because applications aren't built the way they used to be. It's not the idea that you have an application that's just sitting running on a server anymore. Applications are actually built out of lots and lots of components. Those components may run in a typical data center, they may run in a cloud, they may be part of a SaaS solution, so you got all these different components that need to be plugged together. So the question is how do you possibly secure that when you have all these pieces, containers, and virtualized workloads all working together? That's the big question. >> Written oftentimes by different people with different skillsets. >> Different people, different services, yeah, open source, right. So all that somehow has to come together and you have to figure out how to secure it. That's question. >> And so what did you used to do with applications security? You used to just kind of figure it out at the end and bolt it on, is that? >> Pretty much, I mean, historically, people would do their best to secure their application. It would be kind of monolithic or three-tier, the web tier, app tier, database and that sort of thing. And then you'd also depend a lot on the infrastructure. You'd depend on firewalls, you'd depend on things on the edge to protect the application. The problem is there's not so much of an edge anymore when in that world I described you can't really rely so much on that infrastructure anymore. That's the shift of the world we know of. >> So what's the prescription today? How do you solve that problem? >> You know, there's a lot of ad hoc work. And so this whole notion, a lot of people talk about devsecops these days or sometimes it's devopssec, or there's all these different versions of that. But the whole idea of the devops world, the way people build applications today, and the security world, the security ops world are either coming together or colliding or crashing, right. And so it's getting those things to work. So right now, the way devops and secops works today is not particularly well. Lot of manual work, a lot of kind ad hoc scripts. But I will say probably over the last year, there's a lot more awareness that we need to figure this out to be able to merge these two things together. That's kind of the next stage. >> Bret, bring us inside that a little bit because if you listen to the devops people it's we got to do CICD. >> Yep. >> We need to move fast. And there was the myth out there, oh well, am I fast or am I secure? >> Right. >> I was reading some research recently and they said actually that's false trade off. Actually you can move fast and be more secure. But you raised a risk because you said if these are two separate things, and they're not working in lob step and it's not secure every step of the way in that part of your methodology then you're definitely going to break security. >> That's exactly right, and there's a basic question of how much of a responsibility the developers have to provide security anyway? I mean, historically, we don't really necessarily trust developers to care that much about security. Now as to your point, these days without the way people develop software today, they need to care more about 'em. But typically, it was the security operations folks. That was their responsibility. The developers could do whatever they wanted and the security folks kept them safe. Well, again, as you said you can't do that anymore. So the developers have to pull security into their development processes. >> Yeah, when I go to some of the container shows or the serverless shows, the people in the security space are like chanting up on stage, security is everyone's responsibility. >> Right. >> Which hasn't traditionally been the case. >> It has not, and so it's really what companies are working on now is how do the security operations people fit into that development process? And what are the tools? And again, it's a long, complicated set of infrastructure and other sorts of tools, but that's sort of the point. At Cisco, we're really working on evolving the security products and technology, so exactly it fits into that process, that's the goal. >> So I'm sure there's a maturity model, or a spectrum >> Yeah >> When you go out and talk to customers. Maybe we could poke at that a little bit. >> Sure. >> Describe that. So you're really talking about a world where it's team a sport. The regime is everybody's got to be involved. But oftentimes they're working for different people. >> Yep. >> Some are working for the CIO maybe some the CTO, some the CSO, maybe some other line of business. >> Different companies, contractors, providers, all that. >> Yeah. Right, partners. So what does that spectrum look like, and how are you helping customers take that journey? >> Yeah, so not surprisingly, companies that are born in the cloud, they're like this is old news. It's like this how they deal with it every day. A lot of those companies have the lower risk deployments anyway. The organizations that are really early days on this are the ones that have lots of existing investment in all that data center stuff. And they're trying to figure out how this is going to work. You talk to a typical bank, for example, their core business processes of how they protect money, they're not going to move to the cloud, right? So how did they evolve? And they, by the way, they have to deal with compliance requirements on all this other stuff. They can't play too fast and loose. So that's an example of something that's early days. But they are also working a lot in terms of evolving, moving to the cloud and having to be able to support that too. >> So when you engage with clients, I presume you try to assess kind of where they're at. >> Yep. >> And then figure out where they want to go and then how to best get 'em there. So what is Cisco's role in helping them get there? >> And so first of all, of course I represent the business group that builds the security products, right. So a lot of this and the reason why my group is so interested in this, and our security group at Cisco is so interested, is this really represents the future of security. This idea of having it much more embedded into the applications as opposed to purely being in the infrastructure. So what we're seeing for typical customers, like if I roll the clock back a year ago, and we talked about things like devsecops, they were like yeah, kind of an interesting problem, the one we just talked about, but it's like not quite ready for it. Now this is, I think every CSO, Chief Security Office, I talked to, very aware, have active engagements about how they're working with their devops groups. And are actively seeking for tools and technology to support them. So to me that's a good sign that it's... The world is moving in this direction. And as a security vendor, we need to evolve too. So that means things like evolving the way firewalls work, for example. It's not just about firewalls sitting at the edge. It means distributing firewall functionality. It means moving functionality into the pubic cloud, like AWS, and Google, and Azure. It means moving security up into the application itself. So it's a very different world than just a box sitting on the edge. That's the journey, and we're on that journey, too. And the industry is. I mean, it's not a solved problem for exactly how to do that. >> If we go back the early days, we were talking about that when theCUBE started in 2010, security really wasn't a board level topic back then. >> True. Or at least not for every company. There was certainly some companies >> Yeah, for sure. >> But now it's like you're right, every company cares about it. >> Right, and it comes up at every quarterly meeting, certainly every annual meeting. So what should ... How should the technical C side, the CIO, CTO, if they're invited into the board meeting, how should they be communicating to the board about security? >> That's a tough one. >> What should be the key messages? >> And to your point, I mean typically these days for most major corporations in the world, the Chief Security Officer is often presenting at every board meeting because cyber risk is such a big, big part of that risk. And this is a challenge, right, because to try to communicate all the tech required to manage that risk to a board, not so easy, right. It's like trying count how many malware threats stopped. It's like what'll they do with that? If you talk to our Chief Security Officer, Steve Martino here at Cisco, I mean, he talks a lot about first of all, having visibility. Being able to show how much visibility. How much can we see? And then how much can we control and show that the organization is making more and more progress in terms of just seeing what's out there so you don't have broke devices, and then putting controls in place. So you need some pretty big animal pictures, communication of being able to manage that, but you can never come in and say, yep guaranteed, we're secure. Or give it a number, it kind of has no meaning. >> But strategy, visibility, response mechanisms, preparedness, what the response protocol is that's the level of, it sounds like >> It's showing maturity of the >> level of communications. >> processes, really, and the ability to take that on as opposed to getting into the weeds of all the metrics that, it just don't. >> So, Bret, we've had multi vendors for a long time and even in the network space there's a lot of different pieces of the environment. How is multi cloud different from a security standpoint? >> Yeah, so the issue there, and kind of what I was hinting at, we talk about the way people build applications is that all those vendors, they all do security differently. Every one does security differently. It's all good, I mean. And for example, Amazon, Google, Microsoft, they're all making massive investments to secure their own clouds, which is awesome, but they're all also different. And then you have the SaaS vendors. You talk to Salesforce, Dropbox and Box, they have different security mechanisms. And then, of course, you have different ones in the enterprise. So from a Chief Security Officer's standpoint, reporting to the board, they want one policy. We want to protect sensitive corporate data. And then you have maybe 100 different security policies across all this mess. That's why it's different. Trying to manage the complexity and get the policies to work and get, of course all those platforms, you can't force it all to be the same. So a lot of what we're working on are really tools to do that. So you can, fitting back into that devops process, you can define high-level policies of how do you control that data and then map it to all those different platforms. That's the goal, that's how we get there, make progress. >> So you had a picture up in the keynotes today. It had users, devices kind of on one side of the network. And then applications and data on the other side of the network. And then the network in the middle and all those pieces fitting in. How does that affect how you think about security? We've talked a lot about applications, securing the applications. Are you thinking similarly about the data, or the devices, or even the users? Bad user behavior will trump great security every time. Where do those other pieces fit into the context? >> Well, of course, that's a big reason why we just acquired Duo Security. >> Yikes. >> Very significant acquisition there, which is exactly around trust of human beings as well as the devices. A key component that Cisco didn't have before that and fits in exactly to that point. I was a key strategic piece of that, of trust, defining trust. And yeah, that fits in. Obviously we already do lots on the device side. We do things like the Identity Service Engine to enforce access with the network. We have more and more on the applications side. Not so much in the data side yet. I mean, but as we move up the stack into the application it'll be around data too. But the network is a natural conversions point there. And the whole idea of having security embedded right into that network is of course why I'm at Cisco, right. That security is a critical thing that needs to be embedded in everything that Cisco does. >> Well, you've got an advantage in that you can do the ePacket inspection, you're in the network. I mean, that's fundamental. >> Security is really all about visibility. You don't have visibility, you have nothing. And Cisco has this incredible footprint, incredible telemetry across the world. I mean, all the statistics around Talos you probably seen. It's huge, right. And that's a big advantage that we have to really provide security. >> Awesome. Well, Brent, thank you for coming back on theCUBE. It's great to see you again. >> My pleasure. >> 'Preciate the update. >> Glad to see you again. >> All right, keep it right there everybody. Stu Miniman and Dave Vellante. You're watching theCUBE from Cisco Live! Barcelona. Stay right there, we'll be right back. (upbeat music)

>> Live from Barcelona, Spain. It's the cue covering Sisqo, Live Europe. Brought to you by Cisco and its ecosystem partners. >> Welcome back to Sisqo. Live in Barcelona, Day Volant with my co host to Mina and you're watching the Cube, the leader in live coverage of Day one of a three day segments that we're doing here at Cisco Live. Barcelona Bread Hartmann is here is the CTO of Cisco Security Group and we think a Cube alum from way back, way, back way back. Great to see you again. Thanks for coming on. So we're gonna talk about workload security? What's that? What is working? What >> is workload security? So it's really the whole idea of how people secure applications today because applications aren't built the way they used to be. You know, it's not the idea that you have an application that's just sitting running on a server anymore. Applications are actually built out of lots of lots of components. Those components may run in a typical data center. They may run in the cloud. It may be part of a sass solution. So you got all these different components that need to be plugged together. So questions How do you possibly secure that when you have all these pieces? Containers, virtualized, workloads, all working together? That's the big question >> written often times by different people. >> Different people's services. Yeah, Matt Open source. Right. So all that somehow has to come together and you have to figure out how to secure. That's the question. >> So what did you used to do with applications? Securities Just kind of figured out the end and bolted on. >> Pretty much. I mean, yeah, historically, people would do their best to secure their application. It would be kind of monolithic, you know, or, you know, three tier yet of, you know, the Web here after your database, that sort of thing. And then you'd also depend a lot on the infrastructure. Depend on firewalls. You depend on thing's on the edge to protect the application. The problem is, there's not so much of an edge anymore. When in that world I described you can't really relies so much on that infrastructure anymore. That's the shift of the world. We know. >> Also, what's the prescription today? How do you solve that problem? >> You know, there's a lot of ad hoc work, and so this whole notion. A lot of people talk about Deb set cops these days, or sometimes it's, you know, Deb Opsec girl. But you know, there's always different versions of that. But the whole idea of the de bop swirl the way people build applications today and the security world, its security ops world are coming, either coming together are colliding or crashing, right? And so it's it's getting those things to work. So right now, the way Deb ops and SEC cops works today is not particularly well, a lot of manual work. Ah, a lot of kind of ad hoc scripts, but I will say probably over the last year, there's a lot more awareness than we need to figure this out. To be able to merge these two things together. That's kind of the next day. >> Print one. Wanna bring us inside that a little bit because if you, you know, listen to the Dev ops people. It's you know, we've got a new C i. C. We need to move fast. And there was the myth out there. Oh, well do and my faster or am I secure? And, you know, I was reading some research recently. And they said, Actually, that's a false tradeoff. Actually, you can move fast and be more secure. But you raised a risk because you said if these are two separate things and they're not working in lob stacked and it's not secure every step of the way in that part of your methodology, then you're definitely >> going to security exactly right. And there's a basic question of how much of a responsibility that developers have to provide security anyway. I mean, historically, we don't really necessarily trust developers to care that much about security. Now, as to your point these days, without, you know the way people develop software today, they need to care more about it. But typically it was the security operations. Folks that was their responsibility of developers could do whatever they wanted, and the security folks kept them safe. Well, again, as you said, you can't do that anymore. So the developers have to pull security into their development processes. >> Yeah, when I go to some of the container shows or the surveillance shows, the people in the security space are like chanting up on state security is everyone's responsibility. It hasn't traditionally been the >> case it has not. And so it's really work. What companies are working on now is how to the security operations people fit into that development process and what are the tools? And again, it's a long, complicated set of infrastructure and other sorts of tools. But that's sort of the point that Cisco we're really working on on evolving the security products and technologies. So exactly it fits into that process. That's the goal. >> So I'm sure there's a maturity Mahler or a spectrum. When you talk to customers, maybe we could poke it that a little bit sort of described that. So you're really just really talking about a world where it's team sport. The regime is everybody's gotta gotta be involved. But but oftentimes that, working for different people, someone working for the C e O. Maybe some the CTO from the sea so different companies contract, there's >> providers all >> that right partners. So so what is that spectrum look like? And how are you helping customers, you know, take that journey. >> So not surprisingly, companies that are born in the cloud they're like, This is old news. It's like, This is how they, how they deal with it every day. They A lot of those companies have lower risk deployments. Anyway, the organizations that are really early days on this, or the ones that have lots of existing investment and all that data center stuff, and they're trying to figure out how this is gonna work. You know, you talk to a typical bank, for example, you know, their core business processes of how they protect money. They're not going to move to the cloud, right? So how did they evolve? And they, by the way, they have to do with compliance requirements on all this other stuff they can't They can't play too fast and loose, so that's an example of something that's early days. But they are also working a lot in terms of Ah, evolving, moving to the cloud and having TTO be able to support that, too. >> So when you engage with with Cline, I presume you're tryingto assess kind of where they're at and then figure out where they want to go, and then how to best get him there. So, yeah, what is Cisco's role in helping him get? >> And so first of all, of course, I represent, you know, the business group that builds the security products, right? So a lot of this, and the reason why my group is so interested in this and and our security Francisco so interested is this really represents the future of security. This idea of having a much more embedded into the applications is supposed to purely being in the infrastructure. So what we're seeing for typical customers, like, if I roll the clock back a year ago and we talked about things like Deb set cops, they're like, Yeah, kind of an interesting problem. The one we just talked about what it's like, not quite ready for it now. This is, I think, every C so you know, chief security officer, I talked to very aware, have active engagements about how they're working with their nabobs groups and are actively seeking for tools and technology to support them. So to me, that's a good sign that it's you know, the world is moving in this direction, and as a security vendor, we need to evolve, too. So that means things like evolving the way firewalls work. For example, it's not just about firewall sitting at the edge. It means distributing firewall functionality. It means moving functionality into the public cloud like a Ws and Google and Azure. It means moving security up into the application itself. So it's a very different world than just a box sitting on the edge. That's that's the journey. And we're on that journey, too. And the industry is I mean, it's not a solve problem for exactly how to do >> that. If we go back to the early days were talking about, you know, that when the Cube started twenty ten, Security really wasn't a board level topic back then. >> It's at least not for every company. There's certainly company. Yeah, but not now. It's like you're right. Every company cares about it, >> right, and it comes up. But every quarterly knowing, you know, certainly every every annual meeting. Um, so So what? Should Sasha, the technical Seaside CEO CTO. If they're invited into the board meeting, how should they be communicating to the board about security, what >> it's run its? And and to your point, I mean typically these days for most major corporations in the world, the chief security officer is often presenting at every board meeting because cyber risk it's such a big, big part of that risk. And this is a challenge, right? Because to try to communicate all the tech required to manage that risk to aboard Not so easy, right? It's like, yeah, China count. How many now, where threats stopped. It's like, what do they do with that? If you talk to our our chief security officer, Steve Martino here, it's Cisco. I mean, he talks a lot about, first of all, having visibility, you know, being able to show how much visibility, how much can we see? And then how much can we control and show that the organization is making more and more progress in terms of just seeing what's out there so you don't know broke devices and then putting controls in place? So you need some pretty. You know, the big animal pictures communication of being able to manage that. But you can never come in and say, Yep, guaranteed. We're secure, you know, are given a number. It kind of has no meaning >> but strategy. Visibility, response. You know, mechanisms preparedness. What? The response. You know, protocol is that that's the level of it sounds like >> showing, you know, maturity of the process is really on the ability to take that on a supposed to getting into the weeds of, you know, all the metrics that stone. >> So we've had multi vendor for a long time, and even then, the network space, there's a lot of different pieces of the environment. How is multi cloud different from a security >> standpoint? Yeah, so the issue there and kind of what I was hinting that we talk about the way people build applications, is that all those vendors, they all do security differently. Everyone that scary differently s'all good, I mean and for example, Amazon, Google, Microsoft. They're all making massive investments to secure their own clouds, which is awesome, but they're always also different. And then you have the SAS vendors. You talked to sales force drop box in box. They have different security mechanisms. And then, of course, you have different ones in the enterprise. So from a chief security officer standpoint reporting to the board, they want one policy. You know, we want to protect sensitive corporate data, and then you have maybe one hundred different security policies across all these, All this mess. That's why it's different trying to manage the complexity and get the policies, toe work and get enforced across all those platforms. You can't force it all to be the same. So a lot of what we're working on, a really tools to do that so you can fitting back into that develops process. You, Khun, define high level policies of how do you control that data and then map it? Toe all those different platforms? That's that's the gold. That's how we that's how we get there. Make progress. >> She had a picture up in the keynotes today. It had users. Device is kind of on one side of the network and then applications in data on the other side of the network and then the network in the middle right and all those pieces fitting in. How does that affect how you think about security? We've talked a lot about application securing the application. Are you thinking similarly about the data or the devices, or even the users? You know bad user behavior will trump great security every time. Where do those other pieces fit into the context? >> Of course, that's a big reason why we just acquired duo security. You know, very significant acquisition there, which is exactly around trust of human beings as well as the device, is a key component that Sisko didn't have before that and fits in exactly to that point. I was a key strategic piece of that of trust, defining trust, and you know that it's in. Obviously, we already do lots on the device side. You know, we do things like identity service engine to enforce access. You know, with the network, we have more and more on the application side. Not so much in the data side yet, I mean, but as we move up the sack and of the application, it'll be around data, too. But the network is a natural convergence point there, and the whole idea of having security embedded right into that network is, of course, you know why. Why Francisco, right, that's security is a critical thing that needs to be embedded and everything that Cisco does. >> Well, you've got an advantage and that you could do the deep packet inspection you hear in the network. I mean, that's what >> visit bill I mean, Maturity is is really all about visibility. Don't visibility of nothing. And Cisco has this incredible foot print. Incredible telemetry across the world. I mean, all the statistics around Talos you probably seen it's a huge right and that's that's. Ah, that's a big advantage that we have to really provide security. >> Right? Awesome. Well, Bret, thanks for for coming back on The Cube was great to see you. My pleasure, tuk. Alright, alright. Keep right there, Everybody Stupid Open day! Volante, You're watching the cue from Cisco Live, Barcelona! Stay right there. We'LL be right back.

>> Live from Washington DC, it's theCUBE. Covering the AWS Public Sector Summit 2018. Brought to you by Amazon Web Services and its ecosystem partners. >> Welcome back to to the home of the Stanley Cup Champion Washington Capitals. You're watching theCUBE's exclusive coverage of AWS Public Sector Summit 2018. I'm Stu Miniman, and my co-host John Furrier. Welcome to the program. Bret Dennis who's the head of product management with Helio campus. >> Thank you. >> Thanks so much for joining us. >> Go caps, thank you very much, appreciate it. >> Really bringing that [Inaudible] of having won the cup, lots of celebration, and there's a lot of energy here at this show. So we're heading into day two, what's your ... How do you feel about the show so far? >> It's good, it's been good. I did the Edstart program earlier in the week, and we did a sales pitch competition for startup Edtechs, so it's been really exciting, lot's of fun things going on. >> We've loved talking to startups here on theCUBE. I've talked to a number of companies, cyber-security, it's like, "Oh, okay, wait, which agency did you come out of." because of the NSA and the like. You have a similar story coming out of the University of Maryland >> Right. >> Give us a little bit of background on Helio campus. >> So we were spun out in 2016 from the University college. The Maryland board of regents had recognized the value that we'd brought to the University, over about six years of development in terms of the technology platform and the services we were bringing to the University and decided this would be really useful to other Universities, so let's spin it out into a company and go to market, and that's what we've been doing for the last two years. So it's been very exciting. >> Tell me about the product? What does it do? I mean obviously you guys incubate it in the college, so there's equity arrangements, you got a grant. Tell the story about the funding and then now, as you expand, what's that plan look like and how does Amazon fit into the whole mess? >> So we had an initial grant from the board of regions from the state of Maryland, and the idea was to assist colleges and Universities, to help them ask and answer their most pressing questions, but using data, and in order to effectively do that we wanted to bring a full solution that included platform technology as well as a services approach. So we're using Amazon Web Services and the Redshift database and platform to collect data from Universities, and then we have a services team that works with Tableau dashboards to not only help visualize data in meaningful ways, but also to explore how different data sets can be cross-seeded together across the student life cycle. >> Whose the user for you guys? Obviously big data analyst is awesome, we're seeing that clearly as one of those things where it's completely changing businesses >> Sure. And getting these kinds of insights that are actionable and different. Sometimes new questions can be answered. Who's the buyer, who's the user, how is that working? >> So institutional research is a key stakeholder for us. They are traditionally seen as the data owners of Universities and colleges, do most of the research, do most of the numbers crunching, but our idea is that we want to really democratize access to data to enrollment managers, to admissions managers, even to financial managers that want to have their own power to explore and interrogate the data, but do it in such a way that's a very intuitive process, so they don't have to be SQL query writers or really hardcore database developers. We're trying to get to those functional types of users to give the access to data >> So business users basically who don't have to be a data scientist to know Python and wrangle data, you're thinking about more of like turning them into analysts on the fly. >> We want them to be able to ask and answer their own questions without needing the technical skills. Now that's precisely why we bring the services in, so if they decide I really want to use a predictive, algorithmic approach to forecasting, or to admissions modeling, and we have data scientists available to provide that services level on top of the platform. >> Wondering if you might be able to give us an example, either generically, or if you can mention a specific company, just to help illustrate how they're transforming the use of data. >> So we work with the system at the system level for the University of North Carolina. So they had a need where they had done a lot of work on building up base data extracts of their own, but they needed a way to get that data out to campuses in a more effective way using rich visualizations. So we won an RFP with them and were able to help them, not only at the system level, but also at the campuses to make sure that the campuses and the board of regents and the board of governors are getting the data that they need, to again, understand what are my patterns and trends for success. What are specific student populations that we want to help, and we want to use data to help get to those insights. So that's been a real success story for us. >> Talk about the public sector impact of Amazon, obviously Amazon's well known in the startup community, you can spin up a server, that kind of changed the whole provisioning of a data center, now they got large enterprises doing all kinds of stuff, taking databases from big Oracle systems. But public sector, certainly education, we've seen community colleges, all the way up to premier institutions like the University of Maryland, this is now a game changer. So how are you seeing that evolve in other universities? What are your peers doing? What's their mindset? Where are they on the progress bar using cloud, if you will, cloud native, are they thinking microservices, are they thinking about [Inaudible], are they thinking about containers, where are they on the evolution? >> Yeah it is a game changer, and it is because scalability and security are probably two themes that I would bring up. So regardless of the amount of data that you want to use as part of the analysis, there's no limit in terms of using AWS and performance, from a performance perspective, if we want to bring in a new data set, test it, see if there is correlation, see if it's useful in helping answer their key questions, we can do that. But also it goes with out saying, the security, so we don't really have to do a lot of selling in terms of the security of AWS because the level of approvals and the level of certifications at AWS far exceeds beyond what any University could get on their own, or what any vendor individually could do on their own. So that's a natural benefit that comes with a platform. >> What other features or services in AWS are important for what you build, obviously, scalability, security, kind of a given when you talk about AWS. >> The Redshift platform has been really useful to us. The way that we architect our model is that we use Tableau on the front-end for BI, but also any user could have access at the database level and go into Redshift, now we supply security models so that only authorized users can get to that. So it's very helpful to have the security model on top of it, but the Redshift data structure really enables us to provide that experience at any level depending on what the need is of each user. So not many functional users would be going to that level, but Redshift really enables us to have the technical users and the traditional SQL query writers, and the ones that are doing the cross-seeding of the data to have access at that level. >> It's interesting you have a services model built in because it kind of makes sense because one of the benefits of the cloud, obviously, is speed. You get performance, just raw performance, but also speed to value, so you don't have to do a lot of heavy lifting to kind of understand where the value points are. So how does that change the services speed because Amazon's constantly introducing new services, how are you seeing that evolve? Because you can do some heavy lifting, okay here's a data set, is that the way the services are? How is the services changing with cloud? >> So our services model is really to hire individuals from Universities that have the subject matter expertise. So we have x directors of institutional research, x admission officers, so from our perspective we want to leave the technical, the platform, the architecture, the security services to the experts in that realm, that's not what our Universities are asking us for. They want to know how can you bring us subject matter expertise in the functional areas where we're struggling, we want to not have to worry about the technical piece at all. So I think that's where, from a cloud perspective, we're able to rely on the expertise at AWS and Amazon where, again, we're not having to worry about that and we can focus squarely on what the institutional needs are. >> So you're more efficient? >> I think so, yeah. >> You don't spend your time doing a lot wrangling of tech, standing up anything, just pretty much turnkey on the cloud side, focused on getting the users up and running with the tools that you guys have. >> Exactly, and we've had instenses where institutions have asked, "Oh, we want to do this research project, we need additional space." We can turn that up instantly through the value of the services provided through Amazon, which if we were to do that on our own it would be very expensive and a manual process. >> You can actually deliver services that values to the customer. I got to ask you a question, now looking forward, where's the head room? If you look at your business and how it's evolving, what's the head room that you see coming down the road that you're going towards, that you're going to bring to you customer base. >> Right, so with evolving technologies that we all know the buzzwords about, AI and machine learning, sort of taking the data science to the next level. I think that's what eventually we'll be asked to do, is to look at, "Well how can these be brought into education in a meaningful way? How can they provide us insight in ways that we're not doing today, again, more efficiently. We also value time or accelerating time to value, so again, I think right now we're moving data around and we're shifting data, and sometimes it can take a bit of time to do that. I think in the future we'll be able to turn up customers and start delivering that time to value in a much more accelerated way. >> So you said you attended some startup activity here at the show >> Yes. and also seen quite a few Universities here, so it sounds like you're learning to help build your business as well as from the customer standpoint, why don't you give us a little bit of insight as to the value that you get out of a show like this. >> Absolutely. So when the Universities attend we have meetings and we get an understandings of where they are now, what kinds of questions are they having, that's really what we want to get to, analytics is really nothing unless you understand what problem are you trying to solve. So being able to have those meaningful conversations in this type of environment is very helpful to us to understand, again, where are you now, what is your vision for where you want to go, how can we meet that at their point of need. >> What's the low-hanging fruit for these Universities use case wise? What are they using you guys for the most, if you had to look at the patterns? >> It can be arranged, so it can be I am not able to provide my stakeholders meaningful visualizations and insights and have them use data in a more meaningful way. So instead of giving you a table of lines and numbers, I can give you something that's actually actionable. That's really where we start at the dashboard level, the more advanced institutions, and everyone we work with has smart people on their teams but they may have other projects, they may not have time, they may not have the ability to hire expensive data scientists. So from that perspective on the advanced analytic side we can help with that advanced piece with our services team. >> They can get up to speed faster. Sometimes these projects can take months to stand up. >> It is, it's the acceleration that's huge. >> Great, what's the show vibe here? If you had to describe it for the folks that didn't make it. >> Yeah. >> What's the show about this year in your mind? What's the main big story here this year? >> It' a lot like last year for me, it is understanding, and I look at it from a data perspective of course, and it really is all about new technologies, and new vendors, and how we can understand, again, how these technologies can not only make us more efficient from a time perspective and cost perspective, but again, how can we more meaningfully answer the important questions that we have. >> Alright final question. Because you're a startup kind of within a cool environment at the University, which has got a lot of resources and access to some real use case data, what's the biggest thing you've learned over the past few years? Looking at the cloud, you're right in the middle of it, cloud native is super hot, there's people born in the cloud, people migrating the cloud, all kind of different levels of cloudifying businesses, some PurePlay cloud. What is the things that you learn the most? Looking back and saying, "Okay, these are the top three things that we learned." >> So I've worked for a foreign institution as well as for a number of different vendors in this space and I think the theme that I see is I want to go buy technology, "Oh I heard I need predictive analytics, Oh I heard that I need to have machine learning", well that's great that you know that, but have you really refined what your challenges and what you're trying to solve, and that goes for any technology whether it's cloud or a new server or a new application, really need to understand what is that core challenge and that's where we always start. Like any good product manager as we spoke about earlier, you've got to start with what problem you're trying to solve and then apply your solution in a meaningful way. So I think that would be my answer for that. >> Bret, thank for coming on theCUBE, thanks for sharing your story >> Thank you. Appreciate it, alright >> It was a pleasure. >> Bret Dennis here, spin out from University of Maryland, great startup doing big data analyst, obviously the clouds perfect for that and obviously creating more value. It's theCUBE bringing you the action here live in Washington D.C. I'm John Furrier and Stu Miniman. We'll be back with more coverage after this short break. (light electronic music)

>> Live, from San Francisco, it's The Cube! Covering DockerCon '18. Brought to you by Docker and its ecosystem partners. >> Hey, welcome back to The Cube. We are live at DockerCon 2018 on a beautiful day in San Francisco. We're glad you're not playing hooky though if you're in the city because it's important to be here watching John Troyer and myself, Lisa Martin, talk to some awesome, inspiring guests. We're excited to welcome two Docker captains, that's right, to The Cube. We've got Nirmal Mehta, you are the chief technologist of Booz Allen. Welcome back to The Cube. And, we've got Bret Fisher, the author of Docker Mastery. Both of you, Docker captains. Can't wait to dig into that. But you're both speakers here at the fifth annual DockerCon. So Bret, let's talk, you just came off the stage basically. So, thank you for carving out some time for us. Talk to us about your session. What did you talk about? What was some of the interaction with the attendees? >> Well the focus is on Docker Swarm and I'm a assist admin at heart so I focus on ops more than developer but I spend my life helping developers get their stuff into production. And so, that talk centers around the challenges of going in and doing real work that's for a business with containers and how do you get what seems like an incredible amount of new stuff into production all at the same time on a container ecosystem. So, kind of helping them build the tools they need, and what we call a stack, a stack of tools, that ultimately create a full production solution. >> What were some of the commentary you heard from attendees in terms of... Were these mostly community members, were there users of container technology, what was sort of the dynamic like? >> Well you have, there's all sorts of dynamics, right? I mean you have startups, I think I took a survey in the room because it was packed and like 20% of the people in the room about were a solo DevOps admin. So they were the only person responsible for their infrastructure and their needs are way different than a team that has 20 or 30 people all serving that responsibility. So, the talk was a little bit about how do they handle their job and do this stuff. You know, all this latest technology without being overwhelmed and, then, how does it grow in complexity to a larger team and how do they sustain that. So, yeah. >> Bret, it's nice that the technology is mature enough now that people are in production, but what are some of the barriers that people hit when they try to go into production the first time? >> Yeah, great question. I think the biggest barrier is trying to do too much new at the same time. And, I don't know why we keep relearning this lesson in IT, right? We've had that problem for decades of projects being over cost, over budget, over timed, and I think with so much exciting new stuff in containers it's susceptible to that level of, we need all these new things, but you actually don't, right? You can actually get by with very small amounts of change, incrementally. So, we try to teach that pattern of growing over time, and, yeah. >> You mentioned like the one person team versus the multi-person team kind of DevOps organization. Does that same problem of boiling the ocean, do you see that in both groups? >> Yeah, I mean you have fundamentally the same needs, the same problem that you have to solve, but different levels of complexity is really all it has to do with and different levels of budget, obviously, right? So, usually the solo admin doesn't have the million dollar budget for all the tools and bells and whistles, so they might have to do more on their own, but, then, they also have less time so it's a tough row to hoe, you know, to deal with, because you've got those two different fundamental problems of time and money and people are using the most expensive thing. So, no matter what the tool is you're trying to buy, it's usually your time that's the most valuable thing. So how do we get more of our time back? And that's really what containers were all about originally was just getting more of our time back out of it and so we can put back into the business instead of focusing on the tech itself. >> Nirmal, your talk tomorrow is on empathy. >> Yes. >> Very provocative, dig into that for us. >> Sure, so it was actually inspired by a conversation I had with John a couple years ago on Geek Whisperers podcast and he asked the folks on that show, yourself included, asked if there was an event in my past that I kind of regret or taught me a lot. And it was about basically neglecting someone on my team and just kind of shoving them away. And, that moment was a big change in how I felt about the IT industry. And, what I had done was pushed someone who probably needed that help and built up a lot of courage to talk to me and I kind of just dismissed him too quickly. And, from there, I was thinking more and more about game theory and behavioral economics and seeing a lot of our clients and organizations struggle to go through a digital transformation, a DevOps transformation, a cultural transformation. So, to me, culture is kind of the core of what's happening in the industry. And so, the idea of my talk is a little bit of behavioral economics, a little bit of game theory, to kind of set the stage for where your IT organization is probably kind of is right now and how to use empathy to get your organization to that DevOps and to a more efficient place and resolve those conflicts that happen inherently. And, somehow tie that all together with Docker. So, that's kind of what my talk is all about. >> Nice, I mean what's interesting to me, Lisa, is that we do Cubes and there are many Cubes actually all across the country during conference season, right? And we talk to CEOs and VPs of very large companies and even today, at DockerCon, the word 'culture' and the talking about culture and process and people has come up every single interview. So, it's not just from the techies up that this conversation is going... this DevOps and empathy conversation is going on, it seems to be from the top down as well. Everyone seems to recognize that, if you really are going to get this productivity gain, it's not just about the tech, you gotta have culture. >> Absolutely, a successful transformation of an organization is both grassroots and top down. Can't have it without either. And, I think we inherently want to have a... Like, we want to take a pill to solve that problem and there's lots of pills: Docker or cloud or CICD or something. But, those tools are the foundational safety net for a cultural transformation, that's all that it is. So, if you're implementing Docker or Jenkins or some CICD pipeline or automation, that's a safety blanket for providing trust in an organization to allow that change in the culture to happen. But, you still need that cultural change. Just adopting Docker isn't going to make you automatically a more effective organization. Sorry, but it's just one piece and it's an important piece but you have to have that top down understanding of where you are now as an organization and where you want to be in the future. And understanding that this kind of legacy, siloed team mindset is no longer how you can achieve that. >> You talked about trust earlier from a thematic perspective as something that comes up. You know we were at SAP Sapphire last week and trust came up a lot as really paramount. And that was in the context of a vendor/customer relationship. But, to your point, it's imperative that it's actually coming from within organizations. We talk a lot about, well stuff today: multi-cloud--multi-cloud, silos-- but, there's also silos with people and without that cultural shift and probably that empathy, how successful, how big of an impact can a technology make? Are you talking with folks that are at the executive level as well as the developer level in terms of how they each have a stake and need to contribute to this empathy? >> Yeah, absolutely. So, the talk I'm doing is basically the ammunition a lower level person would need to go up to management and say, hey, you know this is where the organization is, this is what the IT department kind of looks like, these are the conflicts, and we have to change in order to succeed. And a lot of folks don't. They see the technology changes that they need. You know, adopting the new javascript framework or the new UX pattern. But, they might not have the ammunition to understand the business strategy, the organizational issues. But, they still need that evidence to actually convince a CTO or a CEO or a COO for the need to change. So, I've talked to both groups. From the C-level side, I think it comes from the inherent speed of the industry, the competitive landscape, those are all the pressures that they see and the disruptions that they are tackling. Maybe it's incumbent disruption or new startups that they may have to compete with in the future. The need for constant innovation is kind of the driver. And, IT is kind of where all that is, these days. >> That's great. Building on the concept of trust and this morning at the keynote, Matt Mckesson where they talked about trusting Docker, trusting Docker the company, trusting Docker the technology. Almost the very first words out of Steve Singh's mouth this morning were about community. And, I think community is one of the big reasons people do trust Docker and one of the things that brings them along. You guys are both Docker captains, part of a program of advocacy, community programs. I don't know, Bret, can you tell us a little bit about the program and what's involved in it? >> Yeah, sure. So, it's been around over two years now and it actually spawned out of Docker's pre-existing programs were focusing on speakers and bloggers and supporting them as well as community leaders that run meetups. And they kind of figured out that a key set of people were kind of doing two or three of those things all at once. And so, they were sort of deciding how do we make like super-groups of these people and they came up with the term Docker captain It really just means you know something about Docker, you share it constantly, something about a Docker toolset, something about the container tools. And that you're sort of... And you don't work for Docker. You're a community person that is, maybe you're working for someone that is a partner of Docker or maybe you're just a meetup volunteer that also blogs a lot about patterns and practices of Docker or new Docker features. And so, they kind of use the engineering teams at Docker to kind of pick through people on the internet and the people they see in the community that are sort of rising out of all the noise out there. And they ask them to be a part of the program and then, of course, we get nice jackets and lots of training. And, it's really just a great group of people, we're about 70 people now around the world. >> And yeah, this is global as well, right? >> Oh yeah, yep. It's one of my favorite aspects is the international aspect. I work for Booz Allen which is a more US government focused and I don't get to interact with the global community much. But, through the Docker captain program got friendships and connections almost on every continent and a lot of locations. I just saw a post of a Docker meetup in like, I think it was like Tunisia. Very, very out there kind of places. There was a Cuban one, recently, in Havana. The best connections to a global community that I've ever seen. I think one of the biggest drivers is the rapid adoption and kind of industry trend of containerization and the Docker brand and what it is basically gave rise to a ton of folks just beginners, just wanting to know what it's all about. And, we've been identified as folks that are approachable and have kind of a mandate to be people that can help answer those initial questions, help align folks that have questions with the right resources, and also just make it like a soft, warm, fuzzy kind of introduction to the community. And engage on all kinds of levels, advanced to beginner levels. >> It was interesting, again, this morning, I think about half the people raised their hands to the question, "is it their first year?" So, it still seems like the Docker, the inbound people interested in Docker is still growing and millions of developers all over the world, right? I don't know, Bret, you have a course, Docker Mastery, you also do meetups, and so I'm curious like what is the common pathway or drivers for new folks coming in, that you see and talk with? >> Yeah, what's the pathways? >> Yeah, the pathway, what's driving them? What are they trying to do? Again, are they these solo folks? >> Yeah, it's sort of a little bit of everything. We're very lucky in the course. We actually just crossed 55,000 students worldwide, 161 countries on a course that is only a year old. So, it kind of speaks to the volume of people around the world that really want to learn containers and all the tools around them. I think that the common theme there is I think we had the early adopters, right, and that was the first three or four years of Docker was people that were Silicon Valley, startups, people who were already on the bleeding edge of technology, whether it was hobbyist or enterprise. It was all people, but it was sort of the Linux people. Now, what we're getting is the true enterprise admins and developers, right. And that means, Microsoft, IBM mainframes, .Net, Java, you're getting all of these sort of traditional enterprise technologies but they all have the same passion, they're just coming in a few years later. So, what's funny is, you're meetups don't really change. They're just growing. Like what you see worldwide, the trend is we're still on the up-climb of all the groups, we have over 200 meetups worldwide now that meet once a month about Docker. It's just a crazy time right now. Everything's growing and it's like you wonder if it's ever going to stop, right How big are we gonna get, gonna take over the world with containers? >> Yeah, about 60% or more of all our meetups are completely new to Docker. And, it ranges from, you know, my boss told me about it so I gotta learn it or I found it and I want to convince other people in my organization to use it so I need to learn it more so I can make that case or, it's immediately solving a problem but I don't know how to take it to the next level, don't know where it's going, all that. It's a lot of new people. >> I get students a lot, college students that want to be more aggressive when they get in the marketplace and they hear the word 'DevOps' a lot and they think DevOps is a thing I need to learn in order to get a job. They don't really know what that is. And, of course, we don't even. At this point, it's so watered down, I don't know if anyone really knows what it is. But eventually, they search that and they come up with sort of key terms and I think one of those the come up right away is Docker. And they don't know what that is. But, I get asked the question a lot, If I go to this workshop or if I go the meetup or whatever, can I put that on my resume so I can get my first job out of school? They're always looking for something else beyond their schooling to make them a better first resume. So, it's cool to see even the people just stepping into the job market getting their feet wet with Docker even when they don't even know why they need it. >> It sounds like a symbiotic thought leadership community that you guys are part of and it sounds like the momentum we heard this morning in the general session is really carried out through the Docker captains and the communities. So, Nirmal, Bret, thanks so much for stopping by bringing your snazzy sweatshirts and sharing what you guys are doing as Docker captains. We appreciate your time. >> Thank you. >> Thank you. >> We want to thank you for watching The Cube. I'm Lisa Martin with John Troyer. We're live at DockerCon 2018. Stick around, John and I will be right back with our next guest.

>> Announcer: Live, from Las Vegas, it's the Cube. Covering I.B.M. Think 2018. Brought to you by I.B.M. >> Welcome back to the Cube. We are live at I.B.M. Think 2018, our inaugural event. I'm Lisa Martin with Dave Vellante. We're joined by another Vegas veteran, as we all are. First time guest to the Cube, Bret Greenstein, the V.P. of Watson I.o.T. Offerings. Bret, welcome to the Cube. >> Thank you very much, exciting to be here. >> This is the inaugural Think 2018 event. >> Yes. >> 40,000 plus attendees, expected over 10 keynotes, lots of cool stuff. Speaking of cool stuff, I.o.T. What is happening in I.o.T. this year? >> Yeah, so we've been here in Vegas several times over the last several years talking about the Internet of Things, but what's really pivoted, what's really changed, is people talking about applied I.o.T. How are they using it to get business outcomes. Something different happening. And I think when we all started with the Internet of Things we talked a lot about, connecting stuff and devices. But really, it was always about the data and the effect that data had on changing business, changing user engagement, changing outcomes. And so here, on stage, you're going to see people talking about how their businesses have been changed, how their customers are changing as a result of I.o.T. >> Yeah so, I've always felt like I.o.T. is the intersection of devices, data, and machine intelligence. >> Bret: Yeah. >> How are those sort of three things coming together and what's the data model look like? >> Data model is every type of data. I think what people really didn't expect was it wasn't just machine data coming off sensors, temperatures, vibrations. It's all this unstructured data coming in from connected things that are everywhere in our lives. So sensors with cameras for example, being able to see. It's not just recorded images, but it's information. Tons of information that you need A.I. systems and other systems to interpret. So we're able to take all that data, structured data, numeric stuff coming off of devices and sensors, but images and sound and vibration. Even emotional content in people's dialogue. All of that is relevant to the Internet of Things. >> What's the conversation like with customers? For example, when we say, what physical assets do we have that we can instrument. >> Bret: Right. >> Parking meters or whatever, okay. >> Bret: Right. >> What physical assets don't we have that we should have? How can we leverage our existing data? What's the conversation like in terms of transformations that are going on? >> I think the conversations have shifted a lot. Over the couple years people were talking about we want to connect our thing, whatever the thing is, whether it's an elevator or car or whatever. We want to connect it, what does that mean? And that's shifted very quickly to customers who are coming in talking about information data and insights and they want to know, what should I do to get more of those insights? So I'm seeing customers now with Chief Data Officers or heads of digital transformation. Totally new roles that didn't exist before. And they're coming in with a data centric view. They're saying, we're going to be a digital business. We need to understand all of these live data about our customers and our things and our business process. Help us do that. And so that's much more than just instrumenting the individual devices now. And I find that conversation is really, really focused on the value of the data. >> What about the industry impact in this context? Do you see, does I.B.M.'s perspective, is I.o.T., it's certainly transformative. >> Bret: Right. >> But is it disruptive or it is sort of the guys with infrastructure are going to evolve to it? Is it more evolutionary, is it more disruptive? How do you see it? >> I think there's room for both. Obviously traditional players are going to instrument their business process. They're bringing in connected cars and all that. But you could also look at those same industries and say there's new players emerging who are coming in with software defined products that are digital by design. And they can come in and suddenly become leaders in their field. I don't think people would've expected companies like Tesla to be so disruptive in automotive, but coming in as electric changes the game without having to build on a hundred years of mechanical design. You're building on some new principles. And now we see some new players coming in to automotive who've never built cars at all before. Like Dyson for example, that recently announced they were working on electric cars. So I think a digital platform, a digital way of thinking, also creates opportunities for new entrance in every market. >> I think automobiles is a great example because it's an industry that hasn't been largely disrupted. But then you use an example of Tesla which is extremely innovative, you could actually pretend disruptions coming out. And you see whole ecosystems form around that. >> Right, right. And I think what was so powerful about the effect they had was it's a software defined product. The software in it is upgraded constantly. Sometimes you buy the car, the next day you get a new feature you didn't even expect. And this is the way we've come to appreciate, experience through mobile and everything else. Software that continues to improve products that get more valuable over time. Not less valuable over time. >> So let's talk about Watson and I.o.T. I'd also love to maybe take a slice on how I.B.M. is helping customers that maybe have been around maybe the flip side of a Tesla. They've been around a long time. How are they leveraging Watson and I.o.T. to transform their businesses? So kind of start with, what's new with Watson and I.o.T. >> Sure, so I mentioned before that there's a whole part of many data types now that previously were very hard to interpret through traditional analytics. But A.I. and machine learning give you the ability to absorb and consume some of that data. Unstructured sound, images, video, vibration, all of that stuff is now able to become part of a business process. So even traditional companies that have been around a long time can start to look at the data coming off of cameras, visual inspection in manufacturing, sound and voice for example. We work with Jefferson Hospital where they brought Watson into patients rooms so you could ask questions like visiting hours, or set the temperature. Put the patients in control of their experience in a hospital. That takes a traditional experience, like a hospital recovery room, and turns it into something A.I. driven, I.o.T. powered and puts the patient at the center. So very big changes can occur when you do that. >> How far do you see us being able to take A.I. in this whole world of I.o.T.? How far should we take it? >> I think we have to start become more appreciative of the power of machine learning to drive outcomes that are not as easily prescribed with code. So all of us, all of our business processes, all of our businesses will be enhanced with A.I. And we shouldn't look at that in any other way as a better tool to understand data in a way that's different than the way you interpret data. And so it wasn't long ago when big data just meant writing an algorithm across large volumes of data. And now we literally have algorithms whose job is to find patterns. Whose job is to understand data from training. And deliver an outcome that you couldn't have prescribed before. And so those type of problems, it just opens up a class of problems we can all solve now that we couldn't before. >> You're seeing a whole set of digital services emerge. The lingua franca is changing. It's sense, hear, see, respond. >> Bret: Right. >> Optimize. >> Right. >> Fix. (chuckles) >> And all that comes from comprehending. So having a system that can look. For example, I have a camera outside the window of my house and every once in a while I feed the images into Watson to see what it sees. When I first did it, it would say truck. But later, as we make Watson better, now it says FedEx truck or U.P.S. truck. It can read the writing, it can see the patterns. Every camera should know what it sees. Whether it's in a car or a home or somewhere else. Because it's much more valuable than just taking a picture and letting a human being interpret it later. So cameras should know what they see. Machines should know what they hear. Machines should tell us when they're about to break based on vibration or sound. And so this is possible with machine learning. >> So you're saying machines actually take on a whole new set of human-like activities. Digital twins is an example. >> Bret: Okay. >> What's your perspective on, let's start there, digital twins? >> Digital twins, for me, represents sort of the evolution of I.o.T. and that it's digitalizing things. And so, a thing that has no connectivity and very few sensors, is just a thing, it's just a box, it's a block. But as you start to put sensors on it and start to understand it's behavior, it's motion, it's vibration, it's location. Any of the mechanisms, the angels, all this stuff. Then you add a virtual representation of that thing. And if you can do that with all the things in your business, you can start to look for patterns. You can start to assess what's working and what's not working. So I think it just represents a true digitization of a business, of a class of objects in your business. >> Does I.o.T. make security a do-over in your opinion? >> No, but it certainly raises the bar. And so, when we all started connecting our computers to the internet, I remember everyone being panicked. It you put a disc in your machine, you might get a virus. Then we connected them to the internet, we all panicked, but the tools evolved and we start to get things that can help detect zero day problems. In the case of I.o.T. we've got these software defined products that are connected. That are inherently vulnerable cause they're in the real world. They can be touched by other things. So it raises the bar in the expectation of monitoring normal behavior for things. Monitoring all kinds of different threats and stuff, So companies like I.B.M. they focus so much on security and security services, we build that right into our platform so we can keep an eye on that. And also, when things occur, be able to push out new software that is protected. So for more updates, keeping the products live and current is a huge security protection. >> Bret, how would you describe the ecosystem. I.B.M.'s point of view on the ecosystem that you've got to form and catalog in order to succeed in I.o.T.? What does that look like? >> Yeah so, there are so many things for people to do in the world of I.o.T. That I.B.M. doesn't prescribe to do all of them, at all. There's certain things that we're really, really good at. We're certainly good at our cloud infrastructure and analytics and the platforms that enable this and deep industry knowledge. But the ability to apply that in businesses, to take on machine learning algorithms and make it work on the thousands of classes of machines in manufacturing, requires a huge partner ecosystem. So we work very openly on contributions to standards and open source. We certainly work with partners to build a lot of value around our stuff. So for example, on stage this week, we have several partners who are going to be up there. One of them is Harmen, who builds all kinds of things that's including info-tainment units in cars and the professional equipment that goes into hotels and buildings. So we work with them to build great innovative value together and they do things that they're experts in and we do what we're experts in. >> So, from an I.o.T. perspective, what are some of the cool things that are here at I.B.M. Think 2018, that those that are attending are going to get to see and feel and touch and smell? >> Well there are some things I can talk about, things that I can't. Tomorrow we have some very exciting announcements coming up. Going to talk a lot more about Watson and I.o.T. coming together, that's all I can say about that. You'll also see physical representations of things. There's a Jaguar Land Rover out here on the floor. To look at where we have contributed significantly to the engineering and the software development inside these kinds of products like J.L.R. So they're going to be up on stage talking about some of the things we're doing together. You'll hear A.B.B. here talking about some of the work we're doing around manufacturing techniques and helping manage wind turbines. So all kinds of really cool, industrial use cases. It's really exciting and I think working in I.o.T. is great because not only do you get to talk about the technology and the analytics and the data, but you actually get to see things. So it makes all of this feel very real when you walk up to and see a thing that's infused with I.o.T. and made better because of I.B.M. >> What inning are we in? >> What's that? >> What inning are we in? >> Oh it's still early, still early. Third inning still, mostly because so much of the market is still working to figure out how to take advantage of the data and the insights about this to transform their business. I think if you thought of the dot com era and how long it took for companies to emerge to be truly digital e-businesses, on demand businesses. The I.o.T. businesses, the A.I. driven businesses of the future, still very early. Some of them, you probably don't even know their names yet. But they're going to be the leaders that's coming. >> Do you think it'll happen faster because there is an internet? Or not so much because of the physical infrastructure that has to get built out? >> The infrastructure is actually not the gate at all. >> Dave: Okay. >> The real gate is the cultural difference of having people who are data driven, data thinkers. Having a leadership role in our clients. If you can think about it, mechanical things have dominated for a hundred years. Software engineers are still not even the most senior people in most of the companies that build physical things. But to have the data scientists, have the data leaders have a strong enough role to define business process. It's really the readiness and maturity of those data leaders. >> Yeah so the culture of a mechanical engineering culture that says "don't touch my things," >> Right. >> I'm not going to let a software engineer come in and mess with it because it works, it's secure, I trust it. >> Right. >> So that's the cultural one of the cultural dimensions. >> It's to look at what the data might mean. Just understand how your users use your things or if you want to understand what they're doing with those things somewhere else. Or even with the value of your insights of your users are and building entirely new ecosystems of the data of I.o.T. >> Alright, so we're in the third inning. We'll say the top of the third. >> Okay. >> But one of the things that you shared with us is that you're excited about is this is about applied I.o.T. To get business outcomes. >> Yes. >> Shared some examples that attendees of the event are going to hear from A.B.B., you mentioned, you mentioned the >> Bret: J.L.R. >> Land Rover that's here. Harman as well. And maybe some best practices for how to advise companies to get through some of those cultural hurdles, we'll say, to start embracing the opportunities that are within the I.o.T. space. >> I think the best thing people could do is to start to really, I'm going to say it again, put value on data science. It doesn't mean everyone has to be a data geek. But it does mean you have to have a certain value on the skills and the insights that come from a data driven business. What does it mean to make decisions in real time based on your customers? For a hundred years when companies shipped a washing machine it went into someone's house and sat for 10 years and they never heard from the person ever again until they bought another one 10 years later. But now when you ship a washing machine, you want people to connect it to the wi-fi. You want to know the features that are used. Suddenly as a manufacturer of things, you have to respect the data coming off those things because they inform you on how to design better. How to deliver better service and value. Which means those engineers who were the experts in washing machines, now have to be the experts in the data of washing machines and the data of their users. So, I would say, focus on the education, the recruitment, the enablement, the empowerment of people who are data centric by nature and who are looking for the transformation of a digital business from a physical business. >> Awesome, Bret thank you so much for stopping by the Cube and sharing your insights. >> You're very welcome. >> Good luck tomorrow with your presentations and we are going to be waiting on the edge of our seats for those lots of I.o.T. announcements. >> Very exciting. >> Very exciting. >> Okay. >> Alright you heard it here. >> Thank you so much. >> You can watch all of our good stuff on thecube.net live, of course, as we are now as well as the interviews that we've already done and those that we'll be doing for the next two days as our coverage continues of I.B.M. Think 2018. Also check out siliconangle.com our media site for all of your real time coverage of this event and others. For Dave Vellante and Bret, two Vegas Veterans, I'm Lisa Martin. Stick around, Dave and I are going to be right back after a short break. (upbeat music)

>>and hello, we're back. I've got my panel and we are doing things real time here. So sorry for the delay a few minutes late. So the way let's talk about things, the reason we're here and we're going around the room and introduce everybody. Got three special guests here. I got my evil or my john and the normal And we're going to talk about get ops I called it future office just because I want to think about what's the next thing for that at the end, we're gonna talk about what our ideas for what's next for getups, right? Um, because we're all starting to just get into get ups now. But of course a lot of us are always thinking about what's next? What's better? How can we make this thing better? So we're going to take your questions. That's the reason we're here, is to take your questions and answer them. Or at least the best we can for the next hour. And all right, so let's go around the room and introduce yourself. My name is Brett. I am streaming from Brett from that. From Brett. From Virginia Beach in Virginia beach, Virginia, United States. Um, and I talk about things on the internet, I sell courses on you, to me that talk about Docker and kubernetes Ive or introduce yourself. >>How's it going? Everyone, I'm a software engineer at axel Springer, currently based in Berlin and I happen to be Brett Brett's teaching assistant. >>All right, that's right. We're in, we're in our courses together almost every day. Mm john >>hey everyone, my name is john Harris, I used to work at Dhaka um, I now work at VM ware is a star field engineer. Um, so yeah, >>and normal >>awesome by the way, you are streaming from Brett Brett, >>I answered from breath to breath. >>Um I'm normal method. I'm a distinguished engineer with booz allen and I'm also a doctor captain and it's good to see either in person and it's good to see you again john it's been a little while. >>It has the pre covid times, right? You're up here in Seattle. >>Yeah. It feels, it feels like an eternity ago. >>Yeah, john shirt looks red and reminds me of the Austin T shirt. So I was like, yeah, so we all, we all have like this old limited edition doctor on E. >>T. That's a, that's a classic. >>Yeah, I scored that one last year. Sometimes with these old conference church, you have to like go into people's closets. I'm not saying I did that. Um, but you know, you have to go steal stuff, you to find ways to get the swag >>post post covid. If you ever come to my place, I'm going to have to lock the closets. That >>that's right, That's right. >>So the second I think it was the second floor of the doctor HQ in SAn Francisco was where they kept all the T shirts, just boxes and boxes and boxes floor to ceiling. So every time I went to HQ you just you just as many as you can fit in your luggage. I think I have about 10 of these. You >>bring an extra piece of luggage just for your your shirt shirt grab. Um All right, so I'm going to start scanning questions uh so that you don't have to you can you help you all are welcome to do that. And I'm going to start us off with the topic. Um So let's just define the parameters. Like we can talk about anything devops and here we can go down and plenty of rabbit holes. But the kind of, the goal here is to talk about get ups and get ups if you haven't heard about it is essentially uh using versioning systems like get like we've all been getting used to as developers to track your infrastructure changes, not just your code changes and then automate that with a bunch of tooling so that the robots take over. And essentially you have get as a central source of truth and then get log as a central source of history and then there's a bunch of magic little bits in the middle and then supposedly everything is wonderful. It's all automatic. The reality is is what it's often quite messy, quite tricky to get everything working. And uh the edges of this are not perfect. Um so it is a relatively new thing. It's probably three, maybe four years old as an official thing from. We've uh so we're gonna get into it and I'll let's go around the room and the same word we did before and um not to push on that, put you on the spot or anything. But what is, what is one of the things you either like or either hate about getups um that you've enjoyed either using it or you know, whatever for me. I really, I really love that I can point people to a repo that basically is hopefully if they look at the log a tracking, simplistic tracking of what might have changed in that part of the world or the environment. I remember many years past where, you know, I've had executive or some mid level manager wants to see what the changes were or someone outside my team went to see what we just changed. It was okay, they need access to this system into that dashboard and that spreadsheet and then this thing and it was always so complicated and now in a world where if we're using get up orbit bucket or whatever where you can just say, hey go look at that repo if there was three commits today, probably three changes happened. That's I love that particular part about it. Of course it's always more complicated than that. But um Ive or I know you've been getting into this stuff recently. So um any thoughts? Yeah, I think >>my favorite part about get ops is >>reproducibility. Um >>you know the ability to just test something and get it up and running >>and then just tear it down. >>Uh not >>being worried that how did I configure it the first time? I think that's my favorite part about >>it. I'm changing your background as we do this. >>I was going to say, did you just do it get ups pushed to like change his >>background, just a dialogue that different for that green screen equals false? Uh Change the background. Yeah, I mean, um and I mean I think last year was really my first year of actually using it on anything significant, like a real project. Um so I'm still, I still feel like I'm very new to john you anything. >>Yeah, it's weird getups is that thing which kind of crystallizes maybe better than anything else, the grizzled veteran life cycle of emotions with the technology because I think it's easy to get super excited about something new. And when I first looked into get up, so I think this is even before it was probably called getups, we were looking at like how to use guest source of truth, like everything sounds great, right? You're like, wait, get everyone knows, get gets the source of truth, There's a load of robust tooling. This just makes a sense. If everything dies, we can just apply the get again, that would be great. Um and then you go through like the trough of despair, right? We're like, oh no, none of this works. The application is super stateless if this doesn't work and what do we do with secrets and how do we do this? Like how do we get people access in the right place and then you realize everything is terrible again and then everything it equalizes and you're kind of, I think, you know, it sounds great on paper and they were absolutely fantastic things about it, but I think just having that measured approach to it, like it's, you know, I think when you put it best in the beginning where you do a and then there's a magic and then you get C. Right, like it's the magic, which is >>the magic is the mystery, >>right? >>Magic can be good and bad and in text so >>very much so yeah, so um concurrence with with john and ever uh in terms of what I like about it is the potential to apply it to moving security to left and getting closer to a more stable infrastructures code with respect to the whole entire environment. Um And uh and that reconciliation loop, it reminds me of what, what is old is new again? Right? Well, quote unquote old um in terms of like chef and puppet and that the reconciliation loop applied in a in a more uh in a cleaner interface and and into the infrastructure that we're kind of used to already, once you start really digging into kubernetes what I don't like and just this is in concurrence with the other Panelist is it's relatively new. It has um, so it has a learning curve and it's still being, you know, it's a very active um environment and community and that means that things are changing and constantly and there's like new ways and new patterns as people are exploring how to use it. And I think that trough of despair is typically figuring out incrementally what it actually is doing for you and what it's not going to solve for you, right, john, so like that's that trough of despair for a bit and then you realize, okay, this is where it fits potentially in my architecture and like anything, you have to make that trade off and you have to make that decision and accept the trade offs for that. But I think it has a lot of promise for, for compliance and security and all that good stuff. >>Yeah. It's like it's like the potentials, there's still a lot more potential than there is uh reality right now. I think it's like I feel like we're very early days and the idea of especially when you start getting into tooling that doesn't appreciate getups like you're using to get up to and use something else and that tool has no awareness of the concept so it doesn't flow well with all of the things you're trying to do and get um uh things that aren't state based and all that. So this is going to lead me to our first question from Camden asking dumb questions by the way. No dumb questions here. Um How is get apps? Not just another name for C. D. Anybody want to take that as an answer as a question. How is get up is not just another name for C. D. I have things but we can talk about it. I >>feel like we need victor foster kids. Yeah, sure you would have opinions. Yeah, >>I think it's a very yeah. One person replied said it's a very specific it's an opinionated version of cd. That's a great that's a great answer like that. Yeah. >>It's like an implement. Its it's an implementation of deployment if you want it if you want to use it for that. All right. I realize now it's kind of hard in terms of a physical panel and a virtual panel to figure out who on the panel is gonna, you know, ready to jump in to answer a question. But I'll take it. So um I'll um I'll do my best inner victor and say, you know, it's it's an implementation of C. D. And it's it's a choice right? It's one can just still do docker build and darker pushes and doctor pulls and that's fine. Or use other technologies to deploy containers and pods and change your, your kubernetes infrastructure. But get apps is a different implementation, a different method of doing that same thing at the end of the day. Yeah, >>I like it. I like >>it and I think that goes back to your point about, you know, it's kind of early days still, I think to me what I like about getups in that respect is it's nice to see kubernetes become a platform where people are experimenting with different ways of doing things, right? And so I think that encourages like lots of different patterns and overall that's going to be a good thing for the community because then more, you know, and not everything needs to settle in terms of only one way of doing things, but a lot of different ways of doing things helps people fit, you know, the tooling to their needs, or helps fit kubernetes to their needs, etcetera. Yeah, >>um I agree with that, the, so I'm gonna, since we're getting a load of good questions, so um one of the, one of the, one of the, I want to add to that real quick that one of the uh from the, we've people themselves, because I've had some on the show and one of things that I look at it is distinguishing is with continuous deployment tools, I sort of think that it's almost like previous generation and uh continuous deployment tools can be anything like we would consider Jenkins cd, right, if you if you had an association to a server and do a doctor pull and you know, dr up or dr composed up rather, or if it did a cube control apply uh from you know inside an ssh tunnel or something like that was considered considered C. D. Well get ops is much more rigid I think in terms of um you you need to apply, you have a specific repo that's all about your deployments and because of what tool you're using and that one your commit to a specific repo or in a specific branch that repo depends on how you're setting it up. That is what kicks off a workflow. And then secondly there's an understanding of state. So a lot of these tools now I have uh reconciliation where they they look at the cluster and if things are changing they will actually go back and to get and the robots will take over and will commit that. Hey this thing has changed um and you maybe you human didn't change it, something else might have changed it. So I think that's where getups is approaching it, is that ah we we need to we need to consider more than just a couple of commands that be runnin in a script. Like there needs to be more than that for a getups repo to happen anyway, that's just kind of the the take back to take away I took from a previous conversation with some people um >>we've I don't think that lost, its the last piece is really important, right? I think like for me, C d like Ci cd, they're more philosophical ideas, write a set of principles, right? Like getting an idea or a code change to environments promoting it. It's very kind of pipeline driven um and it's very imperative driven, right? Like our existing CD tools are a lot of the ways that people think about Cd, it would be triggered by an event, maybe a code push and then these other things are happening in sequence until they either fail or pass, right? And then we're done. Getups is very much sitting on the, you know, the reconciliation side, it's changing to a pull based model of reconciliation, right? Like it's very declarative, it's just looking at the state and it's automatically pulling changes when they happen, rather than this imperative trigger driven model. That's not to say that there aren't city tools which we're doing pull based or you can do pull based or get ups is doing anything creatively revolutionary here, but I think that's one of the main things that the ideas that are being introduced into those, like existing C kind of tools and pipelines, um certainly the pull based model and the reconciliation model, which, you know, has a lot in common with kubernetes and how those kind of controllers work, but I think that's the key idea. Yeah. >>Um This is a pretty specific one Tory asks, does anyone have opinions about get ops in a mono repo this is like this is getting into religion a little bit. How many repos are too many repose? How um any thoughts on that? Anyone before I rant, >>go >>for it, go for it? >>Yeah. How I'm using it right now in a monitor repo uh So I'm using GIT hub. Right, so you have what? The workflow and then inside a workflow? Yeah, mo file, I'll >>track the >>actual changes to the workflow itself, as well as a folder, which is basically some sort of service in Amman Arepa, so if any of those things changes, it'll trigger the actual pipeline to run. So that's like the simplest thing that I could figure out how to, you know, get it set up using um get hubs, uh workflow path future. Yeah. And it's worked for me for writing, you know? That's Yeah. >>Yeah, the a lot of these things too, like the mono repo discussion will, it's very tool specific. Each tool has various levels of support for branch branching and different repos and subdirectories are are looking at the defense and to see if there's changes in that specific directory. Yeah. Sorry, um john you're going to say something, >>I was just going to say, I've never really done it, but I imagine the same kind of downsides of mono repo to multiple report would exist there. I mean, you've got the blast radius issues, you've got, you know, how big is the mono repo? Do we have to pull does the tool have to pull that or cashier every time it needs to determine def so what is the support for being able to just look at directories versus you know, I think we can get way down into a deeper conversation. Maybe we'll save it for later on in the conversation about what we're doing. Get up, how do we structure our get reposed? We have super granular repo per environment, Perper out reaper, per cluster repo per whatever or do we have directories per environment or branches per environment? How how is everything organized? I think it's you know, it's going to be one of those, there's never one size fits all. I'll give the class of consultant like it depends answer. Right? >>Yeah, for sure. It's very similar to the code struggle because it depends. >>Right? >>Uh Yeah, it's similar to the to the code problem of teams trying to figure out how many repose for their code. Should they micro service, should they? Semi micro service, macro service. Like I mean, you know because too many repose means you're doing a bunch of repo management, a bunch of changes on your local system, you're constantly get pulling all these different things and uh but if you have one big repo then it's it's a it's a huge monolithic thing that you usually have to deal with. Path based issues of tools that only need to look at a specific directory and um yeah, it's a it's a culture, I feel like yeah, like I keep going back to this, it's a culture thing. Does your what is your team prefer? What do you like? What um what's painful for everyone and who's what's the loudest pain that you need to deal with? Is it is it repo management? That's the pain um or is it uh you know, is that that everyone's in one place and it's really hard to keep too many cooks out of the kitchen, which is a mono repo problem, you know? Um How do we handle security? So this is a great one from Tory again. Another great question back to back. And that's the first time we've done that um security as it pertains to get up to anyone who can commit can change the infrastructure. Yes. >>Yes. So the tooling that you have for your GIT repo and the authentication, authorization and permissions that you apply to the GIT repo using a get server like GIT hub or get lab or whatever your flavor of the day is is going to be how security is handled with respect to changes in your get ups configuration repository. So um that is completely specific to your implementation of that or ones implementation of of how they're handling that. Get repositories that the get ups tooling is looking at. To reconcile changes with respect to the permissions of the for lack of better term robot itself. Right? They get up tooling like flux or Argosy. D Um one kid would would create a user or a service account or uh other kind of authentication measures to limit the permissions for that service account that the Gaddafi's tooling needs to be able to read the repose and and send commits etcetera. So that is well within the realm of what you have already for your for your get your get um repo. Yeah. >>Yeah. A related question is from a g what they like about get apps if done nicely for a newbie it's you can get stuff done easily if you what they dislike about it is when you have too many get repose it becomes just too complicated and I agree. Um was making a joke with a team the other week that you know the developer used to just make one commit and they would pass pass it on to a QA team that would then eventually emerging in the master. But they made the commits to these feature branches or whatever. But now they make a commit, they make a pR there for their code then they go make a PR in the helm chart to update the thing to do that and then they go make a PR in the get ups repeal for Argo. And so we talked about that they're probably like four or five P. R. Is just to get their code in the production. But we were talking about the negative of that but the reality was It's just five or 4 or five prs like it wasn't five different systems that had five different methodologies and tooling and that. So I looked at it I was like well yeah that's kind of a pain in the get sense but you're also dealing with one type. It's a repetitive action but it's it's the one thing I don't have to go to five different systems with five different ways of doing it. And once in the web and one's on the client wants a command line that I don't remember. Um Yeah so it's got pros and cons I think when you >>I think when you get to the scale where those kind of issues are a problem then you're probably at the scale where you can afford to invest some time into automation into that. Right? Like what I've when I've seen this in larger customers or larger organizations if there ever at that stage where okay apps are coming up all the time. You know, there's a 10 X 100 X developer to operations folks who may be creating get repose setting up permissions then that stuff gets automated, right? Like, you know, maybe ticket based systems or whatever. Developers say I need a new app. It templates things or more often using the same model, right of reconciliation and operators and the horrific abuse of cogs that we're seeing in the communities community right now. Um You know, developers can create a crd which just says, hey, I'm creating a new app is called app A and then a controller will pick up that app a definition. It will go create a get a repo Programmatically it will add the right definitely will look up and held up the developers and the permissions that need to be able to get to that repo it will create and template automatically some name space and the clusters that it needs in the environments that it needs, depending on, you know, some metadata it might read. So I think, you know, those are definite problems and they're definitely like a teething, growing pain thing. But once you get to that scale, you kind of need to step back and say, well look, we just need to invest in time into the operational aspect of this and automating this pain away, I think. Yeah, >>yeah. And that ultimately ends in Yeah. Custom tooling, which it's hard to avoid it at scale. I mean, there's there's two, there's almost two conversations here, right. There is what I call the Solo admin Solo devops, I bought that domain Solo devops dot com because, you know, whenever I'm talking to dr khan in the real world, it's like I asked people to raise hands, I don't know how we can raise hands here, but I would ask people to raise hands and see how many of you here are. The sole person responsible for deploying the app that your team makes and like a quarter of the room would raise their hand. So I call that solo devops like those, that person can't make all the custom tooling in the world. So they really need dr like solutions where it's opinionated, the workflow is sort of built in and they don't have to wrangle things together with a bunch of glue, you know, in other words bash. Um and so this kind of comes to a conversation uh starting this question from lee he's asking how do you combine get ops with ci cd, especially the continuous bit. How do you avoid having a human uh sort of the complaint the team I was working with has, how do you avoid a human editing and get committing for every single deploy? They've settled on customized templates and a script for routine updates. So as a seed for this conference, this question I'm gonna ask you all uh instead of that specific question cause it's a little open ended. Um Tell me whether you agree with this. I I kind of look at the image, the image artifact because the doctor image or container image in general is an artifact that I I view it that way and that thing going into the registry with the right label or right part of the label. Um That tag rather not the label but the tag that to me is like one of the great demarche points of, we're kind of done with Ci and we're now into the deployment phase and it doesn't necessarily mean the tooling is a clear cut there, but that artifact being shipped in a specific way or promoted as we sometimes say. Um what do you think? Does anyone have opinions on that? I don't even know if that's the right opinion to have so mhm. >>So um I think what you're, what you're getting at is that get ups, models can trigger off of different events um to trigger the reconciliation loop. And one way to do that is if the image, if it notices a image change in the registry, the other is if there's a commit event on a specific rebo and branch and it's up to, you are up to the person that's implementing their get ups model, what event to trigger there, that reconciliation loop off of, You can do both, you can do one or the other. It also depends on the Templeton engine that you're using on top of um on top of kubernetes, such as helm or um you know, the other ones that are out there or if you're not even doing that, then, you know straight. Yeah, mo um so it kind of just depends, but those are the typically the two options one has and a combination of of those to trigger that event. You can also just trigger it manually, right? You can go into the command line and force a a, you know, a really like a scan or a new reconciliation loop to occur. So it kind of just, I don't want to say this, but it depends on what you're trying to do and what makes sense in your pipeline. Right? So if you're if you're set up where you are tag, if you're doing it based off of image tags, then you probably want to use get ups in a way that you're using the image tags. Right. And the pattern that you've established there, if you're not really doing that and you're more around, like, different branches are mapped to different environments, then triggered off of the correct branch. And that's where the permissions also come into play. Where if you don't want someone to touch production and you've got your getups for your production cluster based off of like uh you know, a main branch, then whoever can push a change to that main branch has the authority to push that change to production. Right? So that's your authentication and permissions um system same for the registry itself. Right. So >>Yeah. Yeah. Sorry, anyone else have any thoughts on that? I was about to go to the next topic, >>I was going to say. I think certain tools dictate the approach, like, if you're using Argosy d it's I think I'm correct me if I'm wrong, but I think the only way to use it right now is just through image modification. Like, the manifest changes, it looks at a specific directory and anything changes then it will do its thing. And uh Synchronize the cost there with whatever's and get >>Yeah, flux has both. Yeah, and flux has both. So it it kind of depends. I think you can make our go do that too, but uh this is back to what we were saying in the beginning, uh you know, these things are changing, right? So that might be what it is right now in terms of triggering the reconciliation loops and get ups, tooling, but there might be other events in the future that might trigger it, and it's not completely stand alone because you still need you're tooling to do any kind of testing or whatever you have in terms of like the specific pipeline. So oftentimes you're bolting in getups into some other part of broader Cfd solution. That makes sense. Yeah, >>we've got a lot of questions about secrets or people that are asking about secrets. >>So my my tongue and cheek answered the secrets question was, what's the best practices for kubernetes? Secrets? That's the same thing for secrets with good apps? Uh getups is not last time I checked and last time I was running this stuff get ups is not has nothing to do with secrets in that sense. It's just there to get your stuff running on communities. So, um there's probably a really good session on secrets at dr concept. I >>would agree with you, I agree with you. Yeah, I mean, get off stools, I mean every every project of mine handles secrets differently. Uh huh. And I think I'm not sure if it was even when I was talking to but talking to someone recently that I'm very bullish on get up actions, I love get up actions, it's not great for deployments yet, but we do have this new thing and get hub environments, I think it's called. So it allows me at least the store secrets per environment, which it didn't have the concept of that before, which you know, if you if any of you running kubernetes out there, you typically end up when you start running kubernetes, you end up with more than one kubernetes, like you're going to end up with a lot of clusters at some point, at least many multiple, more than two. Um and so if you're trying to store secret somewhere, you do have and there's a discussion happening in chat right now where people are talking about um sealed secrets which if you haven't heard of that, go look that up and just be versed on what sealed secrets is because it's a it's a fantastic concept for how to store secrets in the public. Um I love it because I'm a big P. K. I nerd but um it's not the only way and it doesn't fit all models. So I have clients that use A W. S. Secrets because they're in A W. S. And then they just have to use the kubernetes external secret. But again like like like normal sand, you know, it's that doesn't really affect get ops, get ops is just applying whatever helm charts or jahmal or images that you're, you're you're deploying, get off. It was more about the approach of when the changes happen and whether it's a push or pull model like we're talking about and you know, >>I would say there's a bunch of prerequisites to get ups secrets being one of them because the risk of you putting a secret into your git repo if you haven't figured out your community secrets architecture and start diving into getups is high and removing secrets from get repose is you know, could be its own industry, right. It's >>a thing, >>how do >>I hide this? How do I obscure this commit that's already now on a dozen machines. >>So there are some prerequisites in terms of when you're ready to adopt get up. So I think is the right way of saying the answer to that secrets being one of them. >>I think the secrets was the thing that made me, you know, like two or three years ago made me kind of see the ah ha moment when it came to get ups which, which was that the premier thing that everyone used to say about get up about why it was great. Was its the single source of truth. There's no state anywhere else. You just need to look at git. Um and then secrets may be realized along with a bunch of other things down the line that is not true and will never be true. So as soon as you can lose the dogmatism about everything is going to be and get it's fantastic. As long as you've understood everything is not going to get. There are things which will absolutely never be and get some tools just don't deal with that. They need to earn their own state, especially in communities, some controls on their own state. You know, cuz sealed secrets and and other projects like SOps and I think there are two or three others. That's a great way of dealing with secrets if you want to keep them in get. But you know, projects like vault more kind of like what I would say, production grade secret strategies. Right? And if you're in AWS or a cloud, you're more likely to be using their secrets. Your secret policy is maybe not dictated by you in large organizations might be dictated by CSO or security or Great. Like I think once if you, if you're trying to adopt getups or you're thinking about it, get the dogmatism of get as a single point of truth out of your mind and think about getups more as a philosophy and a set of best practice principles, then you will be in much better stead, >>right? Yeah. >>People are asking more questions in chat like infrastructure as code plus C d essentially get ups or C I rather, um, these are all great questions and a part of the debate, I'm actually just going to throw up on screen. I'm gonna put this in chat, but this is, this is to me the source, Right? So we worked with when they coined the term. We, a lot of us have been trying to get, if we talk about the history for a minute and then tell me if I'm getting this right. Um, a lot of us were trying to automate all these different parts of the puzzle, but a lot of them, they, some things might have been infrastructure as code. Some things weren't, some things were sort of like settings is coded, like you're going to Jenkins and type in secrets and settings or type in a certain thing in the settings of Jenkins and then that it wasn't really in get and so what we was trying to go for was a way to have almost like eventually a two way state understanding where get might change your infrastructure but then your infrastructure might also change and needs to be reflected in the get if the get is trying to be the single source of truth. Um and like you're saying the reality is that you're never gonna have one repo that has all of your infrastructure in it, like you would have to have, you have to have all your terra form, anything else you're spinning up. Right. Um but anyway, I'm gonna put this link in chat. So this guide actually, uh one of things they talk about is what it's not, so it's, it's kind of great to read through the different requirements and like what I was saying well ago um mhm. Having having ci having infrastructure as code and then trying a little bit of continuous deployment out, it's probably a prerequisite. Forget ops so it's hard to just jump into that when you don't already have infrastructure as code because a machine doing stuff on your behalf, it means that you have to have things documented and somewhere and get repo but let me put this in the in the >>chitty chat, I would like to know if the other panelists agree, but I think get apps is a okay. I would say it's a moderate level, it's not a beginner level communities thing, it's like a moderate level advanced, a little bit more advanced level. Um One can start off using it but you definitely have to have some pre recs in place or some understanding of like a pattern in place. Um So what do the other folks think about that opinion? >>I think if you're if you're trying to use get out before, you know what problem you have, you're probably gonna be in trouble. Right. It's like having a solution to it probably don't have yet. Mhm. Right. I mean if if you're just evil or and you're just typing, keep control apply, you're one person right, Get off. It doesn't seem like a big a big jump, like, I mean it doesn't like why would I do that? I'm just, I'm just gonna inside, it's the type of get commit right, I'm typing Q control apply. But I think one of the rules from we've is none of your developers and none of your admins can have cute control access to the cluster because if you can't, if you do have access and you can just apply something, then that's just infrastructure as code. That's just continuous deployment, that's, that's not really get ops um, getups implies that the only way things get into the cluster is through the get up, get automation that you're using with, you know, flux Argo, we haven't talked about, what's the other one that Victor Farsi talks about, by the way people are asking about victor, because victor would love to talk about this stuff, but he's in my next life, so come back in an hour and a half or whatever and victor is going to be talking about sys, admin list with me. Um >>you gotta ask him nothing but get up questions in the next, >>confuse them, confuse them. But anyway, that, that, that's um, it's hard, it's hard to understand and without having tried it, I think conceptually it's a little challenging >>one thing with getups, especially based off the we've works blog post that you just put up on there. It's an opinionated way of doing something. Uh you know, it's an opinionated way of of delivering changes to an environment to your kubernetes environment. So it's opinionated were often not used to seeing things that are very opinionated in this sense, in the in the ecosystem, but get apps is a opinionated thing. It's it's one way of doing it. Um there are ways to change it and like there are options um like what we were talking about in terms of the events that trigger, but the way that it's structured is an opinion opinionated way both from like a tooling perspective, like using get etcetera, but also from a devops cultural perspective, right? Like you were talking about not having anyone access cube control and changing the cluster directly. That's a philosophical opinion that get ups forces you to adopt otherwise. It kind of breaks the model and um I just I want everyone to just understand that. That is very opinion, anything in that sense. Yeah, >>polygamy is another thing. Infrastructure as code. Um someone's mentioning plummy and chat, I just had actually my life show self plug bread that live go there. I'm on Youtube every week. I did the same thing. These these are my friends um and had palami on two weeks ago uh last week, remember uh and it was in the last couple of weeks and we talked about their infrastructure as code solution. Were actually writing code instead of um oh that's an interesting take on uh developer team sort of owning coding the infrastructure through code rather than Yamil as a data language. I don't really have an opinion on it yet because I haven't used it in production or anything in the real real world, but um, I'm not sure how much they are applying trying to go towards the get up stuff. I will do a plug for Solomon hikes. Who has a, the beginning of the day, it's already happened so you can go back and watch it. It's a, it's a, what's it called? Q. Rethinking application delivery with Q. And build kit. So go look this up. This is the found co founder of Dr and former CTO Solomon hikes at the beginning of the day. He has a tool called dagger. I'm not sure why the title of the talk is delivering with Q. And built it, but the tool is showing off in there for an hour is called dagger. And it's, it's an interesting idea on how to apply a lot of this opinionated automated stuff to uh, to deployment and it's get off space and you use Q language. It's a graph language. I watched most of it and it was a really interesting take. I'm excited to see if that takes off and if they try that because it's another way that you can get a little bit more advanced with your you're get deployments and without having to just stick everything in Yemen, which is kind of what we're in today with helm charts and what not. All right. More questions about secrets, I think. I think we're not going to have a whole lot of more, a lot more about secrets basically. Uh put secrets in your cluster to start with and kubernetes in encrypted, you know, thing. And then, you know, as it gets harder, then you have to find another solution when you have five clusters, you don't wanna have to do it five times. That's when you have to go for Walton A W. S secrets and all >>that. Right? I'm gonna post it note. Yeah. Crm into the cluster. Just kidding. >>Yes, there are recordings of this. Yes, they will be later. Uh, because we're that these are all gonna be on youtube later. Um, yeah, detects secrets cushion saying detect secrets or get Guardian are absolute requirements. I think it's in reference to your secrets comment earlier. Um, Camels asking about Cuban is dropping support for Docker that this is not the place to ask for that, but it, it is uh, basically it's a Nonevent Marantz has actually just created that same plug in available in a different repos. So if you want to keep using Docker and kubernetes, you know, you can do it like it's no big deal. Most of us aren't using doctor in our communities anyway, so we're using like container D or whatever is provided to us by our provider. Um yeah, thank you so much for all these comments. These are great people helping each other and chat. I feel like we're just here to make sure the chats available so people can help each other. >>I feel like I want to pick up on something when you mentioned pollux me, I think there's a um we're talking about getups but I think in the original like the origination of that I guess was deploying applications to clusters right, picking up deployment manifest. But I think with the gloomy and I obviously terra form and things have been around a long time, folks are starting to apply this I think I found one earlier which was like um kub stack the Terror Forms get ups framework. Um but also with the advent of things like cluster A. P. I. Um in the Cuban at the space where you can declare actively build the infrastructure for your clusters and build the cluster right? We're not just talking about deploying applications, the cluster A. P. I will talk to a W. S. Spin up, VPc spin up machines, you know, we'll do the same kind of things that terra form does and and those other tools do I think applying getups principles to the infrastructure spin up right, the proper infrastructure as code stuff, constantly applying Terror form um you know, plans and whatever, constantly applying cluster Api resources spinning up stuff in those clouds. That's a super interesting. Um you know, extension of this area, I'd be curious to see if what the folks think about that. >>Yeah, that's why I picked this topic is one of my three. Uh I got I got to pick the topics. I was like the three things that there like the most bleeding edge exciting. Most people haven't, we haven't basically we haven't figured all this out yet. We as an industry, so um it's I think we're gonna see more ideas on it. Um what's the one with the popsicle as the as the icon victor talks about all the time? It's not it's another getups like tool, but it's um it's getups for you use this kubernetes limit and then we have to look it up, >>You're talking about cross plane. >>So >>my >>wife is over here with the sound effects and the first sound effect of the day that she chooses to use is one. >>All right, can we pick it? Let's let's find another question bret >>I'm searching >>so many of them. All right, so uh I think one really quick one is getups only for kubernetes, I think the main to tooling to tools that we're talking about, our Argosy D and flux and they're mostly geared toward kubernetes deployments but there's a, it seems like they're organized in a way that there's a clean abstraction in with respect to the agent that's doing the deployment and the tooling that that can interact with. So I would imagine that in the future and this might be true already right now that get ups could be applied to other types of deployments at some point in the future. But right now it's mostly focused and treats kubernetes as a first class citizen or the tooling on top of kubernetes, let's say something like how as a first class citizen? Yeah, to Brett, >>to me the field, back to you bret the thing I was looking for is cross plane. So that's another tool. Um Victor has been uh sharing a lot about it in Youtube cross plane and that is basically runs inside a kubernetes, but it handles your other infrastructure besides your app. It allows you to like get ops, you're a W. S stuff by using the kubernetes state engine as a, as a way to manage that. And I have not used it yet, but he does some really great demos on Youtube. So people are liking this idea of get off, so they're trying to figure out how do we, how do we manage state? How do we uh because the probably terra form is that, well, there's many problems, but it's always a lot of problems, but in the get outs world it's not quite the right fit yet, It might be, but you still, it's still largely as expected for people to, you know, like type the command, um, and it keeps state locally the ss, clouds and all that. And but the other thing is I'm I'm now realizing that when I saw the demo from Solomon, I'm going back to the Solomon hikes thing. He was using the demo and he was showing it apply deploying something on S three buckets, employing internet wifi and deploying it on google other things beyond kubernetes and saying that it's all getups approach. So I think we're just at the very beginning of seeing because it all started with kubernetes and now there's a swarm one, you can look up swarm, get office and there's a swarm, I can't take the name of it. Swarm sink I think is what's called swarm sink on git hub, which allows you to do swarm based getups like things. And now we're seeing these other tools coming out. They're saying we're going to try to do the get ups concepts, but not for kubernetes specifically and that's I think, you know, infrastructure as code started with certain areas of the world and then now then now we all just assume that you're going to have an infrastructure as code way of doing whatever that is and I think get off is going to have that same approach where pretty soon, you know, we'll have get apps for all the clouds stuff and it won't just be flexor Argo. And then that's the weird thing is will flex and Argo support all those things or will it just be focused on kubernetes apps? You know, community stuff? >>There's also, I think this is what you're alluding to. There is a trend of using um kubernetes and see rDS to provision and control things that are outside of communities like the cloud service providers services as if they were first class entities within kubernetes so that you can use the kubernetes um focus tooling for things that are not communities through the kubernetes interface communities. Yeah, >>yeah, even criticism. >>Yeah, yeah, I'm just going to say that sounds like cross plane. >>Yeah, yeah, I mean, I think that's that's uh there were, you know, for the last couple of years, it's been flux and are going back and forth. Um they're like frenemies, you know, and they've been going back and forth with iterating on these ideas of how do we manage this complicated thing? That is many kubernetes clusters? Um because like Argo, I don't know if the flux V two can do this, but Argo can manage multiple clusters now from one cluster, so your, you can manage other clusters, technically external things from a single entity. Um Originally flux couldn't do that, but I'm going to say that V two can, I don't actually >>know. Um I think all that is gonna, I think that's going to consolidate in the future. All right. In terms of like the common feature set, what Iver and john what do you think? >>I mean, I think it's already begun, right, I think haven't, didn't they collaborate on a common engine? I don't know whether it's finished yet, but I think they're working towards a common getups engine and then they're just going to layer on features on top. But I think, I mean, I think that's interesting, right, because where it runs and where it interacts with, if we're talking about a pull based model, it shouldn't, it's decentralized to a certain extent, right? We need get and we need the agent which is pulling if we're saying there's something else which is orchestrating something that we start to like fuzzy the model even right. Like is this state living somewhere else, then I think that's just interesting as well. I thought flux was completely decentralized, but I know you install our go somewhere like the cargo has a server as well, but it's been a while since I've looked in depth at them. But I think the, you know, does that muddy the agent only pull model? >>I'm reading a >>Yeah, I would say that there's like a process of natural selection going on as as the C. N. C. F. Landscape evolves and grows bigger and a lot of divide and conquer right now. But I think as certain things kind of get more prominent >>and popular, I think >>it starts to trend and it inspires other things and then it starts to aggregate and you know, kind of get back into like a unified kind of like core. Maybe like for instance, cross plane, I feel like it shouldn't even really exist. It should be, it like it's a communities add on, but it should be built in, it should be built into kubernetes, like why doesn't this exist already >>for like controlling a cloud? >>Yeah, like just, you know, having this interface with the cloud provider and be able to Yeah, >>exactly. Yeah, and it kinda, you're right. That kinda happens because you do, I mean when you start talking about storage providers and networking providers was very specific implementations of operators or just individual controllers that do operate and control other resources in the cloud, but certainly not universally right. Not every feature of AWS is available to kubernetes out of the box. Um and you know, it, one of the challenges across plane is you gotta have kubernetes before you can deploy kubernetes. Like there's a chicken and egg issue there where if you're going to use, if you're going to use our cross plane for your other infrastructure, but it's gotta, but it has to run on kubernetes who creates that first kubernetes in order for you to put that on there. And victor talks about one of his videos, the same problem with flux and Argo where like Argo, you can't deploy Argo itself with getups. There has to be that initial, I did a thing with, I'm a human and I typed in some commands on a server and things happened but they don't really have an easy deployment method for getting our go up and running using simply nothing but a get push to an existing system. There's something like that. So it's a it's an interesting problem of day one infrastructure which is again only day one, I think data is way more interesting and hard, but um how can we spend these things up if they're all depending on each other and who is the first one to get started? >>I mean it's true of everything though, I mean at the end of that you need some kind of big bang kind of function too, you know, I started running start everything I >>think without going over that, sorry, without going off on a tangent. I was, I was gonna say there's a, if folks have heard of kind which is kubernetes and Docker, which is a mini kubernetes cluster, you can run in a Docker container or each container will run as a as a node. Um you know, that's been a really good way to spin up things like clusters. KPI because they boot strap a local kind, install the manifests, it will go and spin up a fully sized cluster, it will transfer its resources over there and then it will die itself. Right? So that, that's kind of bootstrapping itself. And I think a couple of folks in the community, Jason to Tiberius, I think he works for Quinyx metal um has, has experimented with like an even more minimal just Api server, so we're really just leveraging the kubernetes ideas of like a reconciliation loop and a controller. We just need something to bootstrap with those C R D s and get something going and then go away again. So I think that's gonna be a pattern that comes up kind of more and more >>Yeah, for sure. Um, and uh, the next, next quick answer to the question, Angel asked what your thoughts on getups being a niche to get or versus others vcs tools? Well, if I knew anyone who is using anything other than get, I would say no, you know, get ops is a horrible name. It should just be CVS office, but that doesn't or vcs ops or whatever like that, but that doesn't roll off the tongue. So someone had to come up with the get ups phrase. Um but absolutely, it's all about version control solutions used for infrastructure, not code. Um might get doctor asks a great question, we're not gonna have time for it, but maybe people can reply and chat with what they think but about infrastructure and code, the lines being blurred and that do develop, how much of infrastructure does developer do developers need to know? Essentially, they're having to know all the things. Um so unfortunately we've had way more questions like every panel here today with all the great community, we've got way more questions we can handle in this time. So we're gonna have to wrap it up and say goodbye. Go to the next live panel. I believe the next one is um on developer, developer specific setups that's gonna be peter running that panel. Something about development in containers and I'm sure it's gonna be great. Just like this one. So let's go around the room where can people find you on the internet? I'm at Brett fisher on twitter. That's where you can usually find me most days you are? >>Yeah, I'm on twitter to um, I'll put it in the chat. It's kind of confusing because the TSR seven. >>Okay. Yeah, that's right. You can't just say it. You can also look at the blow of the video and like our faces are there and if you click on them, it tells you our twitter in Arlington and stuff, john >>John Harris 85, pretty much everywhere. Get hub Twitter slack, etc. >>Yeah >>and normal, normal faults or just, you know, living on Youtube live with Brett. >>Yeah, we're all on the twitter so go check us out there and thank you so much for joining. Uh thank you so much to you all for being here. I really appreciate you taking time in your busy schedule to join me for a little chit chat. Um Yes, all the, all the cheers, yes. >>And I think this kid apps loop has been declarative lee reconciled. >>Yeah, there we go. And with that ladies and gentlemen, uh bid you would do, we will see you in the next, next round coming up next with Peter >>bye.

>>Hey, welcome to the live panel. My name is Brett. I am your host, and indeed we are live. In fact, if you're curious about that, if you don't believe us, um, let's just show a little bit of the browser real quick to see. Yup. There you go. We're live. So, all right. So how this is going to work is I'm going to bring in some guests and, uh, in one second, and we're going to basically take your questions on the topic designer of the day, that continuous integration testing. Uh, thank you so much to my guests welcoming into the panel. I've got Carlos, Nico and Mandy. Hello everyone. >>Hello? All right, >>Let's go. Let's go around the room and all pretend we don't know each other and that the internet didn't read below the video who we are. Uh, hi, my name is Brett. I am a Docker captain, which means I'm supposed to know something about Docker. I'm coming from Virginia Beach. I'm streaming here from Virginia Beach, Virginia, and, uh, I make videos on the internet and courses on you to me, Carlos. Hey, >>Hey, what's up? I'm Carlos Nunez. I am a solutions architect, VMware. I do solution things with computers. It's fun. I live in Dallas when I'm moving to Houston in a month, which is where I'm currently streaming. I've been all over the Northeast this whole week. So, um, it's been fun and I'm excited to meet with all of you and talk about CIA and Docker. Sure. >>Yeah. Hey everyone. Uh, Nico, Khobar here. I'm a solution engineer at HashiCorp. Uh, I am streaming to you from, uh, the beautiful Austin, Texas. Uh, ignore, ignore the golden gate bridge here. This is from my old apartment in San Francisco. Uh, just, uh, you know, keeping that, to remember all the good days, um, that that lived at. But, uh, anyway, I work at Patrick Corp and I work on all things, automation, um, and cloud and dev ops. Um, and I'm excited to be here and Mandy, >>Hi. Yeah, Mandy Hubbard. I am streaming from Austin, Texas. I am, uh, currently a DX engineer at ship engine. Um, I've worked in QA and that's kind of where I got my, uh, my Docker experience and, um, uh, moving into DX to try and help developers better understand and use our products and be an advocate for them. >>Nice. Well, thank you all for joining me. Uh, I really appreciate you taking the time out of your busy schedule to be here. And so for those of you in chat, the reason we're doing this live, because it's always harder to do things live. The reason we're here is to answer a question. So we didn't come with a bunch of slides and demos or anything like that. We're here to talk amongst ourselves about ideas and really here for you. So we've, we obviously, this is about easy CII, so we're, we're going to try to keep the conversation around testing and continuous integration and all the things that that entails with containers. But we may, we may go down rabbit holes. We may go veer off and start talking about other things, and that's totally fine if it's in the realm of dev ops and containers and developer and ops workflows, like, Hey, it's, it's kinda game. >>And, uh, these people have a wide variety of expertise. They haven't done just testing, right? We, we live in a world where you all kind of have to wear many hats. So feel free to, um, ask what you think is on the top of your mind. And we'll do our best to answer. It may, might not be the best answer or the correct answer, but we're going to do our best. Um, well, let's get it start off. Uh, let's, let's get a couple of topics to start off with. Uh, th the, the easy CGI was my, one of my three ideas. Cause he's the, one of the things that I'm most excited about is the innovation we're seeing around easier testing, faster testing, automated testing, uh, because as much as we've all been doing this stuff for, you know, 15 years, since 20 years since the sort of Jenkins early days, um, it it's, it seems like it's still really hard and it's still a lot of work. >>So, um, let's go around the room real quick, and everybody can just kind of talk for a minute about like your experience with testing and maybe some of your pain points, like what you don't like about our testing world. Um, and we can talk about some pains, cause I think that will lead us to kind of talk about what, what are the things we're seeing now that might be better, uh, ideas about how to do this. I know for me, uh, testing, obviously there's the code part, but just getting it automated, but mostly getting it in the hands of developers so that they can control their own testing. And don't have to go talk to a person to run that test again, or the mysterious Jenkins platform somewhere. I keep mentioning Jenkins cause it's, it is still the dominant player out there. Um, so for me, I'm, I'm, I, I don't like it when I'm walking into a room and there's, there's only one or two people that know how the testing works or know how to make the new tests go into the testing platform and stuff like that. So I'm always trying to free those things so that any of the developers are enabled and empowered to do that stuff. So someone else, Carlos, anybody, um, >>Oh, I have a lot of opinions on that. Having been a QA engineer for most of my career. Um, the shift that we're saying is everyone is dev ops and everyone is QA. Th the issue I see is no one asked developers if they wanted to be QA. Um, and so being the former QA on the team, when there's a problem, even though I'm a developer and we're all running QA, they always tend to come to the one of the former QA engineers. And they're not really owning that responsibility and, um, and digging in. So that's kind of what I'm saying is that we're all expected to test now. And some people, well, some people don't know how it's, uh, for me it was kind of an intuitive skill. It just kind of fit with my personality, but not knowing what to look for, not knowing what to automate, not even understanding how your API end points are used by your front end to know what to test when a change is made. It's really overwhelming for developers. And, um, we're going to need to streamline that and, and hold their hands a little bit until they get their feet wet with also being QA. >>Right. Right. So, um, uh, Carlos, >>Yeah, uh, testing is like, Tesla is one of my favorite subjects to talk about when I'm baring with developers. And a lot of it is because of what Mandy said, right? Like a lot of developers now who used to write a test and say, Hey, QA, go. Um, I wrote my unit tests. Now write the rest of the test. Essentially. Now developers are expected to be able to understand how testing, uh, testing methodologies work, um, in their local environments, right? Like they're supposed to understand how to write an integration tasks federate into and tasks, a component test. And of course, how to write unit tests that aren't just, you know, assert true is true, right? Like more comprehensive, more comprehensive, um, more high touch unit tests, which include things like mocking and stubbing and spine and all that stuff. And, you know, it's not so much getting those tests. Well, I've had a lot of challenges with developers getting those tests to run in Docker because of usually because of dependency hell, but, um, getting developers to understand how to write tests that matter and mean something. Um, it's, it's, it can be difficult, but it's also where I find a lot of the enjoyment of my work comes into play. So yeah. I mean, that's the difficulty I've seen around testing. Um, big subject though. Lots to talk about there. >>Yeah. We've got, we've already got so many questions coming in. You already got an hour's worth of stuff. So, uh, Nico 81st thoughts on that? >>Yeah, I think I definitely agree with, with other folks here on the panel, I think from a, um, the shift from a skillset perspective that's needed to adopt the new technologies, but I think from even from, uh, aside from the organizational, um, and kind of key responsibilities that, that the new developers have to kinda adapt to and, and kind of inherit now, um, there's also from a technical perspective as there's, you know, um, more developers are owning the full stack, including the infrastructure piece. So that adds a lot more to the plate in Tim's oaf, also testing that component that they were not even, uh, responsible for before. Um, and, um, also the second challenge that, you know, I'm seeing is that on, you know, the long list of added, um, uh, tooling and, you know, there's new tool every other day. Um, and, um, that kind of requires more customization to the testing, uh, that each individual team, um, any individual developer Y by extension has to learn. Uh, so the customization, uh, as well as the, kind of the scope that had, uh, you know, now in conferences, the infrastructure piece, um, uh, both of act to the, to the challenges that we're seeing right now for, um, for CGI and overall testing, um, uh, the developers are saying, uh, in, in the market today. >>Yeah. We've got a lot of questions, um, about all the, all the different parts of this. So, uh, let me just go straight to them. Cause that's why we're here is for the people, uh, a lot of people asking about your favorite tools and in one of this is one of the challenges with integration, right? Is, um, there is no, there are dominant players, but there, there is such a variety. I mean, every one of my customers seems like they're using a different workflow and a different set of tools. So, and Hey, we're all here to just talk about what we're, what we're using, uh, you know, whether your favorite tools. So like a lot of the repeated questions are, what are your favorite tools? Like if you could create it from scratch, uh, what would you use? Pierre's asking, you know, GitHub actions sounds like they're a fan of GitHub actions, uh, w you know, mentioning, pushing the ECR and Docker hub and, uh, using vs code pipeline, I guess there may be talking about Azure pipelines. Um, what, what's your preferred way? So, does anyone have any, uh, thoughts on that anyone want to throw out there? Their preferred pipeline of tooling? >>Well, I have to throw out mine. I might as Jenkins, um, like kind of a honorary cloud be at this point, having spoken a couple of times there, um, all of the plugins just make the functionality. I don't love the UI, but I love that it's been around so long. It has so much community support, and there are so many plugins so that if you want to do something, you don't have to write the code it's already been tested. Um, unfortunately I haven't been able to use Jenkins in, uh, since I joined ship engine, we, most of our, um, our, our monolithic core application is, is team city. It's a dotnet application and TeamCity plays really well with.net. Um, didn't love it, uh, Ms. Jenkins. And I'm just, we're just starting some new initiatives that are using GitHub actions, and I'm really excited to learn, to learn those. I think they have a lot of the same functionality that you're looking for, but, um, much more simplified in is right there and get hubs. So, um, the integration is a lot more seamless, but I do have to go on record that my favorite CICT tools Jenkins. >>All right. You heard it here first people. All right. Anyone else? You're muted? I'm muted. Carlin says muted. Oh, Carla says, guest has muted themselves to Carlos. You got to unmute. >>Yes. I did mute myself because I was typing a lot, trying to, you know, try to answer stuff in the chat. And there's a lot of really dark stuff in there. That's okay. Two more times today. So yeah, it's fine. Yeah, no problem. So totally. And it's the best way to start a play more. So I'm just going to go ahead and light it up. Um, for enterprise environments, I actually am a huge fan of Jenkins. Um, it's a tool that people really understand. Um, it has stood the test of time, right? I mean, people were using Hudson, but 15 years ago, maybe longer. And, you know, the way it works, hasn't really changed very much. I mean, Jenkins X is a little different, but, um, the UI and the way it works internally is pretty familiar to a lot of enterprise environments, which is great. >>And also in me, the plugin ecosystem is amazing. There's so many plugins for everything, and you can make your own if you know, Java groovy. I'm sure there's a perfect Kotlin in there, but I haven't tried myself, but it's really great. It's also really easy to write, um, CIS code, which is something I'm a big fan of. So Jenkins files have been, have worked really well for me. I, I know that I can get a little bit more complex as you start to build your own models and such, but, you know, for enterprise enterprise CIO CD, if you want, especially if you want to roll your own or own it yourself, um, Jenkins is the bellwether and for very good reason now for my personal projects. And I see a lot on the chat here, I think y'all, y'all been agreed with me get hub actions 100%, my favorite tool right now. >>Um, I love GitHub actions. It's, it's customizable, it's modular. There's a lot of plugins already. I started using getting that back maybe a week after when GA and there was no documentation or anything. And I still, it was still my favorite CIA tool even then. Um, and you know, the API is really great. There's a lot to love about GitHub actions and, um, and I, and I use it as much as I can from my personal project. So I still have a soft spot for Travis CAI. Um, you know, they got acquired and they're a little different now trying to see, I, I can't, I can't let it go. I just love it. But, um, yeah, I mean, when it comes to Seattle, those are my tools. So light me up in the comments I will respond. Yeah. >>I mean, I, I feel with you on the Travis, the, I think, cause I think that was my first time experiencing, you know, early days get hub open source and like a free CIA tool that I could describe. I think it was the ammo back then. I don't actually remember, but yeah, it was kind of an exciting time from my experience. There was like, oh, this is, this is just there as a service. And I could just use it. It doesn't, it's like get hub it's free from my open source stuff. And so it does have a soft spot in my heart too. So yeah. >>All right. We've got questions around, um, cam, so I'm going to ask some questions. We don't have to have these answers because sometimes they're going to be specific, but I want to call them out because people in chat may have missed that question. And there's probably, you know, that we have smart people in chat too. So there's probably someone that knows the answer to these things. If, if it's not us, um, they're asking about building Docker images in Kubernetes, which to me is always a sore spot because it's Kubernetes does not build images by default. It's not meant for that out of the gate. And, uh, what is the best way to do this without having to use privileged containers, which privileged containers just implying that yeah, you, you, it probably has more privileges than by default as a container in Kubernetes. And that is a hard thing because, uh, I don't, I think Docker doesn't lie to do that out of the gate. So I don't know if anyone has an immediate answer to that. That's a pretty technical one, but if you, if you know the answer to that in chat, call it out. >>Um, >>I had done this, uh, but I'm pretty sure I had to use a privileged, um, container and install the Docker Damon on the Kubernetes cluster. And I CA I can't give you a better solution. Um, I've done the same. So, >>Yeah, uh, Chavonne asks, um, back to the Jenkins thing, what's the easiest way to integrate Docker into a Jenkins CICB pipeline. And that's one of the challenges I find with Jenkins because I don't claim to be the expert on Jenkins. Is there are so many plugins because of this, of this such a huge ecosystem. Um, when you go searching for Docker, there's a lot that comes back, right. So I, I don't actually have a preferred way because every team I find uses it differently. Um, I don't know, is there a, do you know if there's a Jenkins preferred, a default plugin? I don't even know for Docker. Oh, go ahead. Yeah. Sorry for Docker. And jacon sorry, Docker plugins for Jenkins. Uh, as someone's asking like the preferred or easy way to do that. Um, and I don't, I don't know the back into Jenkins that well, so, >>Well, th the new, the new way that they're doing, uh, Docker builds with the pipeline, which is more declarative versus the groovy. It's really simple, and their documentation is really good. They, um, they make it really easy to say, run this in this image. So you can pull down, you know, public images and add your own layers. Um, so I don't know the name of that plugin, uh, but I can certainly take a minute after this session and going and get that. Um, but if you really are overwhelmed by the plugins, you can just write your, you know, your shell command in Jenkins. You could just by, you know, doing everything in bash, calling the Docker, um, Damon directly, and then getting it working just to see that end to end, and then start browsing for plugins to see if you even want to use those. >>The plugins will allow more integration from end to end. Some of the things that you input might be available later on in the process for having to manage that yourself. But, you know, you don't have to use any of the plugins. You can literally just, you know, do a block where you write your shell command and get it working, and then decide if, for plugins for you. Um, I think it's always under important to understand what is going on under the hood before you, before you adopt the magic of a plugin, because, um, once you have a problem, if you're, if it's all a lockbox to you, it's going to be more difficult to troubleshoot. It's kind of like learning, get command line versus like get cracking or something. Once, once you get in a bind, if you don't understand the underlying steps, it's really hard to get yourself out of a bind, versus if you understand what the plugin or the app is doing, then, um, you can get out of situations a lot easier. That's a good place. That's, that's where I'd start. >>Yeah. Thank you. Um, Camden asks better to build test environment images, every commit in CII. So this is like one of those opinions of we're all gonna have some different, uh, or build on build images on every commit, leveraging the cash, or build them once outside the test pile pipeline. Um, what say you people? >>Uh, well, I I've seen both and generally speaking, my preference is, um, I guess the ant, the it's a consultant answer, right? I think it depends on what you're trying to do, right. So if you have a lot of small changes that are being made and you're creating images for each of those commits, you're going to have a lot of images in your, in your registry, right? And on top of that, if you're building those images, uh, through CAI frequently, if you're using Docker hub or something like that, you might run into rate limiting issues because of Docker's new rate, limiting, uh, rate limits that they put in place. Um, but that might be beneficial if the, if being able to roll back between those small changes while you're testing is important to you. Uh, however, if all you care about is being able to use Docker images, um, or being able to correlate versions to your Docker images, or if you're the type of team that doesn't even use him, uh, does he even use, uh, virgins in your image tags? Then I would think that that might be a little, much you might want to just have in your CIO. You might want to have a stage that builds your Docker images and Docker image and pushes it into your registry, being done first particular branches instead of having to be done on every commit regardless of branch. But again, it really depends on the team. It really depends on what you're building. It really depends on your workflow. It can depend on a number of things like a curse sometimes too. Yeah. Yeah. >>Once had two points here, you know, I've seen, you know, the pattern has been at every, with every, uh, uh, commit, assuming that you have the right set of tests that would kind of, uh, you would benefit from actually seeing, um, the, the, the, the testing workflow go through and can detect any issue within, within the build or whatever you're trying to test against. But if you're just a building without the appropriate set of tests, then you're just basically consuming almond, adding time, as well as all the, the image, uh, stories associated with it without treaty reaping the benefit of, of, of this pattern. Uh, and the second point is, again, I think if you're, if you're going to end up doing a per commit, uh, definitely recommend having some type of, uh, uh, image purging, um, uh, and, and, and garbage collection process to ensure that you're not just wasting, um, all the stories needed and also, um, uh, optimizing your, your bill process, because that will end up being the most time-consuming, um, um, you know, within, within your pipeline. So this is my 2 cents on this. >>Yeah, that's good stuff. I mean, those are both of those are conversations that could lead us into the rabbit hole for the rest of the day on storage management, uh, you know, CP CPU minutes for, uh, you know, your build stuff. I mean, if you're in any size team, more than one or two people, you immediately run into headaches with cost of CIA, because we have now the problem of tools, right? We have so many tools. We can have the CIS system burning CPU cycles all day, every day, if we really wanted to. And so you re very quickly, I think, especially if you're on every commit on every branch, like that gets you into a world of cost mitigation, and you probably are going to have to settle somewhere in the middle on, uh, between the budget, people that are saying you're spending way too much money on the CII platform, uh, because of all these CPU cycles, and then the developers who would love to have everything now, you know, as fast as possible and the biggest, biggest CPU's, and the biggest servers, and have the bills, because the bills can never go fast enough, right. >>There's no end to optimizing your build workflow. Um, we have another question on that. This is another topic that we'll all probably have different takes on is, uh, basically, uh, version tags, right? So on images, we, we have a very established workflow in get for how we make commits. We have commit shots. We have, uh, you know, we know get tags and there's all these things there. And then we go into images and it's just this whole new world that's opened up. Like there's no real consensus. Um, so what, what are your thoughts on the strategy for teams in their image tag? Again, another, another culture thing. Um, commander, >>I mean, I'm a fan of silver when we have no other option. Um, it's just clean and I like the timestamp, you know, exactly when it was built. Um, I don't really see any reason to use another, uh, there's just normal, incremental, um, you know, numbering, but I love the fact that you can pull any tag and know exactly when it was created. So I'm a big fan of bar, if you can make that work for your organization. >>Yep. People are mentioned that in chat, >>So I like as well. Uh, I'm a big fan of it. I think it's easy to be able to just be as easy to be able to signify what a major changes versus a minor change versus just a hot fix or, you know, some or some kind of a bad fix. The problem that I've found with having teams adopt San Bernardo becomes answering these questions and being able to really define what is a major change, what is a minor change? What is a patch, right? And this becomes a bit of an overhead or not so much of an overhead, but, uh, uh, uh, a large concern for teams who have never done versioning before, or they never been responsible for their own versioning. Um, in fact, you know, I'm running into that right now, uh, with, with a client that I'm working with, where a lot, I'm working with a lot of teams, helping them move their applications from a legacy production environment into a new one. >>And in doing so, uh, versioning comes up because Docker images, uh, have tags and usually the tax correlate to versions, but some teams over there, some teams that I'm working with are only maintaining a script and others are maintaining a fully fledged JAK, three tier application, you know, with lots of dependencies. So telling the script, telling the team that maintains a script, Hey, you know, you should use somber and you should start thinking about, you know, what's major, what's my number what's patch. That might be a lot for them. And for someone or a team like that, I might just suggest using commit shots as your versions until you figure that out, or maybe using, um, dates as your version, but for the more for the team, with the larger application, they probably already know the answers to those questions. In which case they're either already using Sember or they, um, or they may be using some other version of the strategy and might be in December, might suit them better. So, um, you're going to hear me say, it depends a lot, and I'm just going to say here, it depends. Cause it really does. Carlos. >>I think you hit on something interesting beyond just how to version, but, um, when to consider it a major release and who makes those decisions, and if you leave it to engineers to version, you're kind of pushing business decisions down the pipe. Um, I think when it's a minor or a major should be a business decision and someone else needs to make that call someone closer to the business should be making that call as to when we want to call it major. >>That's a really good point. And I add some, I actually agree. Um, I absolutely agree with that. And again, it really depends on the team that on the team and the scope of it, it depends on the scope that they're maintaining, right? And so it's a business application. Of course, you're going to have a product manager and you're going to have, you're going to have a product manager who's going to want to make that call because that version is going to be out in marketing. People are going to use it. They're going to refer to and support calls. They're going to need to make those decisions. Sember again, works really, really well for that. Um, but for a team that's maintaining the scripts, you know, I don't know, having them say, okay, you must tell me what a major version is. It's >>A lot, but >>If they want it to use some birds great too, which is why I think going back to what you originally said, Sember in the absence of other options. I think that's a good strategy. >>Yeah. There's a, there's a, um, catching up on chat. I'm not sure if I'm ever going to catch up, but there's a lot of people commenting on their favorite CII systems and it's, and it, it just goes to show for the, the testing and deployment community. Like how many tools there are out there, how many tools there are to support the tools that you're using. Like, uh, it can be a crazy wilderness. And I think that's, that's part of the art of it, uh, is that these things are allowing us to build our workflows to the team's culture. Um, and, uh, but I do think that, you know, getting into like maybe what we hope to be at what's next is I do hope that we get to, to try to figure out some of these harder problems of consistency. Uh, one of the things that led me to Docker at the beginning to begin with was the fact that it wa it created a consistent packaging solution for me to get my code, you know, off of, off of my site of my local system, really, and into the server. >>And that whole workflow would at least the thing that I was making at each step was going to be the same thing used. Right. And that, that was huge. Uh, it was also, it also took us a long time to get there. Right. We all had to, like Docker was one of those ones that decade kind of ideas of let's solidify the, enter, get the consensus of the community around this idea. And we, and it's not perfect. Uh, you know, the Docker Docker file is not the most perfect way to describe how to make your app, but it is there and we're all using it. And now I'm looking for that next piece, right. Then hopefully the next step in that, um, that where we can all arrive at a consensus so that once you hop teams, you know, okay. We all knew Docker. We now, now we're all starting to get to know the manifests, but then there's this big gap in the middle where it's like, it might be one of a dozen things. Um, you know, so >>Yeah, yeah. To that, to that, Brett, um, you know, uh, just maybe more of a shameless plug here and wanting to kind of talk about one of the things that I'm on. So excited, but I work, I work at Tasha Corp. I don't know anyone, or I don't know if many people have heard of, um, you know, we tend to focus a lot on workflows versus technologies, right. Because, you know, as you can see, even just looking at the chat, there's, you know, ton of opinions on the different tooling, right. And, uh, imagine having, you know, I'm working with clients that have 10,000 developers. So imagine taking the folks in the chat and being partnered with one organization or one company and having to make decisions on how to build software. Um, but there's no way you can conversion one or, or one way or one tool, uh, and that's where we're facing in the industry. >>So one of the things that, uh, I'm pretty excited about, and I don't know if it's getting as much traction as you know, we've been focused on it. This is way point, which is a project, an open source project. I believe we got at least, uh, last year, um, which is, it's more of, uh, it's, it is aim to address that really, uh, uh, Brad set on, you know, to come to tool to, uh, make it extremely easy and simple. And, you know, to describe how you want to build, uh, deploy or release your application, uh, in, in a consistent way, regardless of the tools. So similar to how you can think of Terraform and having that pluggability to say Terraform apply or plan against any cloud infrastructure, uh, without really having to know exactly the details of how to do it, uh, this is what wave one is doing. Um, and it can be applied with, you know, for the CIA, uh, framework. So, you know, task plugability into, uh, you know, circle CEI tests to Docker helm, uh, Kubernetes. So that's the, you know, it's, it's a hard problem to solve, but, um, I'm hopeful that that's the path that we're, you know, we'll, we'll eventually get to. So, um, hope, you know, you can, you can, uh, see some of the, you know, information, data on it, on, on HashiCorp site, but I mean, I'm personally excited about it. >>Yeah. Uh I'm to gonna have to check that out. And, um, I told you on my live show, man, we'll talk about it, but talk about it for a whole hour. Uh, so there's another question here around, uh, this, this is actually a little bit more detailed, but it is one that I think a lot of people deal with and I deal with a lot too, is essentially the question is from Cameron, uh, D essentially, do you use compose in your CIO or not Docker compose? Uh, because yes I do. Yeah. Cause it, it, it, it solves so many problems am and not every CGI can, I don't know, there's some problems with a CIO is trying to do it for me. So there are pros and cons and I feel like I'm still on the fence about it because I use it all the time, but also it's not perfect. It's not always meant for CIA. And CIA sometimes tries to do things for you, like starting things up before you start other parts and having that whole order, uh, ordering problem of things anyway. W thoughts and when have thoughts. >>Yes. I love compose. It's one of my favorite tools of all time. Um, and the reason why it's, because what I often find I'm working with teams trying to actually let me walk that back, because Jack on the chat asked a really interesting question about what, what, what the hardest thing about CIS for a lot of teams. And in my experience, the hardest thing is getting teams to build an app that is the same app as what's built in production. A lot of CGI does things that are totally different than what you would do in your local, in your local dev. And as a result of that, you get, you got this application that either doesn't work locally, or it does work, but it's a completely different animal than what you would get in production. Right? So what I've found in trying to get teams to bridge that gap by basically taking their CGI, shifting the CII left, I hate the shift left turn, but I'll use it. >>I'm shifting the CIO left to your local development is trying to say, okay, how do we build an app? How do we, how do we build mot dependencies of that app so that we can build so that we can test our app? How do we run tests, right? How do we build, how do we get test data? And what I found is that trying to get teams to do all this in Docker, which is normally a first for a lot of teams that I'm working with, trying to get them all to do all of this. And Docker means you're running Docker, build a lot running Docker, run a lot. You're running Docker, RM a lot. You ran a lot of Docker, disparate Docker commands. And then on top of that, trying to bridge all of those containers together into a single network can be challenging without compose. >>So I like using a, to be able to really easily categorize and compartmentalize a lot of the things that are going to be done in CII, like building a Docker image, running tests, which is you're, you're going to do it in CII anyway. So running tests, building the image, pushing it to the registry. Well, I wouldn't say pushing it to the registry, but doing all the things that you would do in local dev, but in the same network that you might have a mock database or a mock S3 instance or some of something else. Um, so it's just easy to take all those Docker compose commands and move them into your Yammel file using the hub actions or your dankest Bob using Jenkins, or what have you. Right. It's really, it's really portable that way, but it doesn't work for every team. You know, for example, if you're just a team that, you know, going back to my script example, if it's a really simple script that does one thing on a somewhat routine basis, then that might be a lot of overhead. Um, in that case, you know, you can get away with just Docker commands. It's not a big deal, but the way I looked at it is if I'm, if I'm building, if I build something that's similar to a make bile or rate file, or what have you, then I'm probably gonna want to use Docker compose. If I'm working with Docker, that's, that's a philosophy of values, right? >>So I'm also a fan of Docker compose. And, um, you know, to your point, Carlos, the whole, I mean, I'm also a fan of shifting CEI lift and testing lift, but if you put all that logic in your CTI, um, it changes the L the local development experience from the CGI experience. Versus if you put everything in a compose file so that what you build locally is the same as what you build in CGI. Um, you're going to have a better experience because you're going to be testing something more, that's closer to what you're going to be releasing. And it's also very easy to look at a compose file and kind of, um, understand what the dependencies are and what's happening is very readable. And once you move that stuff to CGI, I think a lot of developers, you know, they're going to be intimidated by the CGI, um, whatever the scripting language is, it's going to be something they're going to have to wrap their head around. >>Um, but they're not gonna be able to use it locally. You're going to have to have another local solution. So I love the idea of a composed file use locally, um, especially if he can Mount the local workspace so that they can do real time development and see their changes in the exact same way as it's going to be built and tested in CGI. It gives developers a high level of confidence. And then, you know, you're less likely to have issues because of discrepancies between how it was built in your local test environment versus how it's built in NCI. And so Docker compose really lets you do all of that in a way that makes your solution more portable, portable between local dev and CGI and reduces the number of CGI cycles to get, you know, the test, the test data that you need. So that's why I like it for really, for local dev. >>It'll be interesting. Um, I don't know if you all were able to see the keynote, but there was a, there was a little bit, not a whole lot, but a little bit talk of the Docker, compose V two, which has now built into the Docker command line. And so now we're shifting from the Python built compose, which was a separate package. You could that one of the challenges was getting it into your CA solution because if you don't have PIP and you got down on the binary and the binary wasn't available for every platform and, uh, it was a PI installer. It gets a little nerdy into how that works, but, uh, and the team is now getting, be able to get unified with it. Now that it's in Golang and it's, and it's plugged right into the Docker command line, it hopefully will be easier to distribute, easier to, to use. >>And you won't have to necessarily have dependencies inside of where you're running it because there'll be a statically compiled binary. Um, so I've been playing with that, uh, this year. And so like training myself to do Docker going from Docker dash compose to Docker space, compose. It is a thing I I'm almost to the point of having to write a shell replacement. Yeah. Alias that thing. Um, but, um, I'm excited to see what that's going, cause there's already new features in it. And it, these built kit by default, like there's all these things. And I, I love build kit. We could make a whole session on build kit. Um, in fact there's actually, um, maybe going on right now, or right around this time, there is a session on, uh, from Solomon hikes, the seat, uh, co-founder of Docker, former CTO, uh, on build kit using, uh, using some other tool on top of build kit or whatever. >>So that, that would be interesting for those of you that are not watching that one. Cause you're here, uh, to do a check that one out later. Um, all right. So another good question was caching. So another one, another area where there is no wrong answers probably, and everyone has a different story. So the question is, what are your thoughts on CII build caching? There's often a debate between security. This is from Quentin. Thank you for this great question. There's often a debate between security reproducibility and build speeds. I haven't found a good answer so far. I will just throw my hat in the ring and say that the more times you want to build, like if you're trying to build every commit or every commit, if you're building many times a day, the more caching you need. So like the more times you're building, the more caching you're gonna likely want. And in most cases caching doesn't bite you in the butt, but that could be, yeah, we, can we get the bit about that? So, yeah. Yeah. >>I'm going to quote Carlos again and say, it depends on, on, you know, how you're talking, you know, what you're trying to build and I'm quoting your colors. Um, yeah, it's, it's got, it's gonna depend because, you know, there are some instances where you definitely want to use, you know, depends on the frequency that you're building and how you're building. Um, it's you would want to actually take advantage of cashing functionalities, um, for the build, uh, itself. Um, but if, um, you know, as you mentioned, there could be some instances where you would want to disable, um, any caching because you actually want to either pull a new packages or, um, you know, there could be some security, um, uh, disadvantages related to security aspects that would, you know, you know, using a cache version of, uh, image layer, for example, could be a problem. And you, you know, if you have a fleet of build, uh, engines, you don't have a good grasp of where they're being cashed. We would have to, um, disable caching in that, in that, um, in those instances. So it, it would depend. >>Yeah, it's, it's funny you have that problem on both sides of cashing. Like there are things that, especially in Docker world, they will cash automatically. And, and then, and then you maybe don't realize that some of that caching could be bad. It's, it's actually using old, uh, old assets, old artifacts, and then there's times where you would expect it to cash, that it doesn't cash. And then you have to do something extra to enable that caching, especially when you're dealing with that cluster of, of CIS servers. Right. And the cloud, the whole clustering problem with caching is even more complex, but yeah, >>But that's, that's when, >>Uh, you know, ever since I asked you to start using build kits and able to build kit, you know, between it's it's it's reader of Boston in, in detecting word, you know, where in, in the bill process needs to cash, as well as, uh, the, the, um, you know, the process. I don't think I've seen any other, uh, approach there that comes close to how efficient, uh, that process can become how much time it can actually save. Uh, but again, I think, I think that's, for me that had been my default approach, unless I actually need something that I would intentionally to disable caching for that purpose, but the benefits, at least for me, the benefits of, um, how bill kit actually been processing my bills, um, from the builds as well as, you know, using the cash up until, you know, how it detects the, the difference in, in, in the assets within the Docker file had been, um, you know, uh, pretty, you know, outweigh the disadvantages that it brings in. So it, you know, take it each case by case. And based on that, determine if you want to use it, but definitely recommend those enabling >>In the absence of a reason not to, um, I definitely think that it's a good approach in terms of speed. Um, yeah, I say you cash until you have a good reason not to personally >>Catch by default. There you go. I think you catch by default. Yeah. Yeah. And, uh, the trick is, well, one, it's not always enabled by default, especially when you're talking about cross server. So that's a, that's a complexity for your SIS admins, or if you're on the cloud, you know, it's usually just an option. Um, I think it also is this, this veers into a little bit of, uh, the more you cash the in a lot of cases with Docker, like the, from like, if you're from images and checked every single time, if you're not pinning every single thing, if you're not painting your app version, you're at your MPN versions to the exact lock file definition. Like there's a lot of these things where I'm I get, I get sort of, I get very grouchy with teams that sort of let it, just let it all be like, yeah, we'll just build two images and they're totally going to have different dependencies because someone happened to update that thing and after whatever or MPM or, or, and so I get grouchy about that, cause I want to lock it all down, but I also know that that's going to create administrative burden. >>Like the team is now going to have to manage versions in a very much more granular way. Like, do we need to version two? Do we need to care about curl? You know, all that stuff. Um, so that's, that's kind of tricky, but when you get to, when you get to certain version problems, uh, sorry, uh, cashing problems, you, you, you don't want those set those caches to happen because it, if you're from image changes and you're not constantly checking for a new image, and if you're not pinning that V that version, then now you, you don't know whether you're getting the latest version of Davion or whatever. Um, so I think that there's, there's an art form to the more you pen, the less you have, the less, you have to be worried about things changing, but the more you pen, the, uh, all your versions of everything all the way down the stack, the more administrative stuff, because you're gonna have to manually change every one of those. >>So I think it's a balancing act for teams. And as you mature, I to find teams, they tend to pin more until they get to a point of being more comfortable with their testing. So the other side of this argument is if you trust your testing, then you, and you have better testing to me, the less likely to the subtle little differences in versions have to be penned because you can get away with those minor or patch level version changes. If you're thoroughly testing your app, because you're trusting your testing. And this gets us into a whole nother rant, but, uh, yeah, but talking >>About penny versions, if you've got a lot of dependencies isn't that when you would want to use the cash the most and not have to rebuild all those layers. Yeah. >>But if you're not, but if you're not painting to the exact patch version and you are caching, then you're not technically getting the latest versions because it's not checking for all the time. It's a weird, there's a lot of this subtle nuance that people don't realize until it's a problem. And that's part of the, the tricky part of allow this stuff, is it, sometimes the Docker can be almost so much magic out of the box that you, you, you get this all and it all works. And then day two happens and you built it a second time and you've got a new version of open SSL in there and suddenly it doesn't work. Um, so anyway, uh, that was a great question. I've done the question on this, on, uh, from heavy. What do you put, where do you put testing in your pipeline? Like, so testing the code cause there's lots of types of testing, uh, because this pipeline gets longer and longer and Docker building images as part of it. And so he says, um, before staging or after staging, but before production, where do you put it? >>Oh man. Okay. So, um, my, my main thought on this is, and of course this is kind of religious flame bait, so sure. You know, people are going to go into the compensation wrong. Carlos, the boy is how I like to think about it. So pretty much in every stage or every environment that you're going to be deploying your app into, or that your application is going to touch. My idea is that there should be a build of a Docker image that has all your applications coded in, along with its dependencies, there's testing that tests your application, and then there's a deployment that happens into whatever infrastructure there is. Right. So the testing, they can get tricky though. And the type of testing you do, I think depends on the environment that you're in. So if you're, let's say for example, your team and you have, you have a main branch and then you have feature branches that merged into the main branch. >>You don't have like a pre-production branch or anything like that. So in those feature branches, whenever I'm doing CGI that way, I know when I freak, when I cut my poll request, that I'm going to merge into main and everything's going to work in my feature branches, I'm going to want to probably just run unit tests and maybe some component tests, which really, which are just, you know, testing that your app can talk to another component or another part, another dependency, like maybe a database doing tests like that, that don't take a lot of time that are fascinating and right. A lot of would be done at the beach branch level and in my opinion, but when you're going to merge that beach branch into main, as part of a release in that activity, you're going to want to be able to do an integration tasks, to make sure that your app can actually talk to all the other dependencies that it talked to. >>You're going to want to do an end to end test or a smoke test, just to make sure that, you know, someone that actually touches the application, if it's like a website can actually use the website as intended and it meets the business cases and all that, and you might even have testing like performance testing, low performance load testing, or security testing, compliance testing that would want to happen in my opinion, when you're about to go into production with a release, because those are gonna take a long time. Those are very expensive. You're going to have to cut new infrastructure, run those tests, and it can become quite arduous. And you're not going to want to run those all the time. You'll have the resources, uh, builds will be slower. Uh, release will be slower. It will just become a mess. So I would want to save those for when I'm about to go into production. Instead of doing those every time I make a commit or every time I'm merging a feature ranch into a non main branch, that's the way I look at it, but everything does a different, um, there's other philosophies around it. Yeah. >>Well, I don't disagree with your build test deploy. I think if you're going to deploy the code, it needs to be tested. Um, at some level, I mean less the same. You've got, I hate the term smoke tests, cause it gives a false sense of security, but you have some mental minimum minimal amount of tests. And I would expect the developer on the feature branch to add new tests that tested that feature. And that would be part of the PR why those tests would need to pass before you can merge it, merge it to master. So I agree that there are tests that you, you want to run at different stages, but the earlier you can run the test before going to production. Um, the fewer issues you have, the easier it is to troubleshoot it. And I kind of agree with what you said, Carlos, about the longer running tests like performance tests and things like that, waiting to the end. >>The only problem is when you wait until the end to run those performance tests, you kind of end up deploying with whatever performance you have. It's, it's almost just an information gathering. So if you don't run your performance test early on, um, and I don't want to go down a rabbit hole, but performance tests can be really useless if you don't have a goal where it's just information gap, uh, this is, this is the performance. Well, what did you expect it to be? Is it good? Is it bad? They can get really nebulous. So if performance is really important, um, you you're gonna need to come up with some expectations, preferably, you know, set up the business level, like what our SLA is, what our response times and have something to shoot for. And then before you're getting to production. If you have targets, you can test before staging and you can tweak the code before staging and move that performance initiative. Sorry, Carlos, a little to the left. Um, but if you don't have a performance targets, then it's just a check box. So those are my thoughts. I like to test before every deployment. Right? >>Yeah. And you know what, I'm glad that you, I'm glad that you brought, I'm glad that you brought up Escalades and performance because, and you know, the definition of performance says to me, because one of the things that I've seen when I work with teams is that oftentimes another team runs a P and L tests and they ended, and the development team doesn't really have too much insight into what's going on there. And usually when I go to the performance team and say, Hey, how do you run your performance test? It's usually just a generic solution for every single application that they support, which may or may not be applicable to the application team that I'm working with specifically. So I think it's a good, I'm not going to dig into it. I'm not going to dig into the rabbit hole SRE, but it is a good bridge into SRE when you start trying to define what does reliability mean, right? >>Because the reason why you test performance, it's test reliability to make sure that when you cut that release, that customers would go to your site or use your application. Aren't going to see regressions in performance and are not going to either go to another website or, you know, lodge in SLA violation or something like that. Um, it does, it does bridge really well with defining reliability and what SRE means. And when you have, when you start talking about that, that's when you started talking about how often do I run? How often do I test my reliability, the reliability of my application, right? Like, do I have nightly tasks in CGI that ensure that my main branch or, you know, some important branch I does not mean is meeting SLA is meeting SLR. So service level objectives, um, or, you know, do I run tasks that ensure that my SLA is being met in production? >>Like whenever, like do I use, do I do things like game days where I test, Hey, if I turn something off or, you know, if I deploy this small broken code to production and like what happens to my performance? What happens to my security and compliance? Um, you can, that you can go really deep into and take creating, um, into creating really robust tests that cover a lot of different domains. But I liked just using build test deploy is the overall answer to that because I find that you're going to have to build your application first. You're going to have to test it out there and build it, and then you're going to want to deploy it after you test it. And that order generally ensures that you're releasing software. That works. >>Right. Right. Um, I was going to ask one last question. Um, it's going to have to be like a sentence answer though, for each one of you. Uh, this is, uh, do you lint? And if you lint, do you lent all the things, if you do, do you fail the linters during your testing? Yes or no? I think it's going to depend on the culture. I really do. Sorry about it. If we >>Have a, you know, a hook, uh, you know, on the get commit, then theoretically the developer can't get code there without running Melinta anyway, >>So, right, right. True. Anyone else? Anyone thoughts on that? Linting >>Nice. I saw an additional question online thing. And in the chat, if you would introduce it in a multi-stage build, um, you know, I was wondering also what others think about that, like typically I've seen, you know, with multi-stage it's the most common use case is just to produce the final, like to minimize the, the, the, the, the, the image size and produce a final, you know, thin, uh, layout or thin, uh, image. Uh, so if it's not for that, like, I, I don't, I haven't seen a lot of, you know, um, teams or individuals who are actually within a multi-stage build. There's nothing really against that, but they think the number one purpose of doing multi-stage had been just producing the minimalist image. Um, so just wanted to kind of combine those two answers in one, uh, for sure. >>Yeah, yeah, sure. Um, and with that, um, thank you all for the great questions. We are going to have to wrap this up and we could go for another hour if we all had the time. And if Dr. Khan was a 24 hour long event and it didn't sadly, it's not. So we've got to make room for the next live panel, which will be Peter coming on and talking about security with some developer ex security experts. And I wanted to thank again, thank you all three of you for being here real quick, go around the room. Um, uh, where can people reach out to you? I am, uh, at Bret Fisher on Twitter. You can find me there. Carlos. >>I'm at dev Mandy with a Y D E N D Y that's me, um, >>Easiest name ever on Twitter, Carlos and DFW on LinkedIn. And I also have a LinkedIn learning course. So if you check me out on my LinkedIn learning, >>Yeah. I'm at Nicola Quebec. Um, one word, I'll put it in the chat as well on, on LinkedIn, as well as, uh, uh, as well as Twitter. Thanks for having us, Brett. Yeah. Thanks for being here. >>Um, and, and you all stay around. So if you're in the room with us chatting, you're gonna, you're gonna, if you want to go to see the next live panel, I've got to go back to the beginning and do that whole thing, uh, and find the next, because this one will end, but we'll still be in chat for a few minutes. I think the chat keeps going. I don't actually know. I haven't tried it yet. So we'll find out here in a minute. Um, but thanks you all for being here, I will be back a little bit later, but, uh, coming up next on the live stuff is Peter Wood security. Ciao. Bye.

>>Hello everyone. This is Dave Volante, and I want to welcome you to the cubes presentation of accelerating automation with Devon it in this special program, we're going to explore how to accelerate digital transformation and how the global pandemic is changing the way we work and the kinds of work that we do, the cube has pulled together experts from Cisco dev net. Now dev net is essentially Cisco as code. I've said many times in the cube that in my opinion, it's the most impressive initiative coming out of any established enterprise infrastructure company. What Cisco has done brilliantly with dev net is to create an API economy by leveraging its large infrastructure portfolio and its ecosystem. But the linchpin of dev net is the army of trained Cisco engineers, including those with the elite CC I E designation. Now dev net was conceived to train people on how to code infrastructure and develop applications in integrations. >>It's a platform to create new value and automation is a key to that creativity. So today you're going to hear from a number of experts. For example, TK key Anini is a distinguished engineer and a security pro. He's going to join us, his colleagues, Thomas Scheiber and Joe Vaccaro. They're going to help us understand how to apply automation to your data center networks, cloud, and security journeys. Cisco's Eric nip and Coon Jacobs will also be here with a look into Cisco's marketplace shifts. We'll also hear from dev net partners. Now let's kick things off with the architect of dev net, senior vice president and general manager of Cisco's dev net and CX ecosystem success. Susie, we roam around the globe. It's the cube presenting >>Decelerating automation with damnit >>Brought to you by Cisco. >>Hello and welcome to the cube. I'm Sean for a year host. We've got a great conversation, a virtual event, accelerating automation with dev net, Cisco dev net. And of course we got the Cisco brain trust here, our cube alumni, Susie wee vice president, senior vice president GM, and also CTO of Cisco dev net and ecosystem success CX, all that great stuff. Any Wade Lee, who's the director, a senior director of dev net certifications, Eric field, director of developer advocacy, Susie Mandy, Eric. Great to see you. Thanks for coming on. Great to see you, John. So we're not in first, then we don't, can't be at the dev net zone. We can't be on site doing dev net, create all the great stuff we've been doing over the past few years. We're virtual the cube virtual. Thanks for coming on. Uh, Susie, I got to ask you because you know, we've been talking years ago when you started this mission and just the success you had has been awesome, but dev net create has brought on a whole nother connective tissue to the dev net community. This is what this ties into the theme, accelerating automation with dev net, because you said to me, I think four years ago, everything should be a service or X, a AAS as it's called and automation plays a critical role. Um, could you please share your vision because this is really important and still only five to 10% of the enterprises have containerized things. So there's a huge growth curve coming with developing and programmability. What's your, what's your vision? >>Yeah, absolutely. I mean, what we know is that as more and more businesses are coming online as well, I mean, they're all online, but as they're growing into the cloud is they're growing in new areas. As we're dealing with security is everyone's dealing with the pandemic. There's so many things going on, but what happens is there's an infrastructure that all of this is built on and that infrastructure has networking. It has security, it has all of your compute and everything that's in there. And what matters is how can you take a business application and tie it to that infrastructure? How can you take, you know, customer data? How can you take business applications? How can you connect up the world securely and then be able to, you know, really satisfy everything that businesses need. And in order to do that, you know, the whole new tool that we've always talked about is that the network is programmable. The infrastructure is programmable and you don't need just apps writing on top, but now they get to use all of that power of the infrastructure to perform even better. And in order to get there, what you need to do is automate everything. You can't configure networks manually. You can't be manually figuring out policies, but you want to use that agile infrastructure in which you can really use automation. You can rise to higher level business processes and tie all of that up and down the staff by leveraging automation. >>You know, I remember a few years ago when dev net created for started, I interviewed Todd Nightingale and we were talking about Meraki, you know, not to get in the weeds, but you know, switches and hubs and wireless. But if you look at what we were talking about, then this is kind of what's going on now. And we were just recently, I think our last physical event was a Cisco, um, uh, Europe in Barcelona before all the covert hit. And you had this massive cloud surgeon scale happening going on, right when the pandemic hit. And even now more than ever the cloud scale, the modern apps, the momentum hasn't stopped because there's more pressure now to continue addressing more innovation at scale because the pressure to do that, um, cause the business to stay alive and to get your thoughts on, um, what's going on in your world because you were there in person now we're six months in scale is huge. >>We are. Yeah, absolutely. And what happened is as all of our customers, as businesses around the world, as we ourselves all dealt with, how do we run a business from home? You know, how do we keep people safe? How do we keep people at home and how do we work? And then it turns out, you know, business keeps rolling, but we've had to automate even more because you have to go home and then figure out how from home, can I make sure that my it infrastructure is automated out from home? Can I make sure that every employee is out there working safely and securely, you know, things like call center workers, which had to go into physical locations and be in kind of, you know, just, you know, uh, blocked off rooms to really be secure with their company's information. They had to work from home. >>So we had to extend business applications to people's homes, uh, in countries like, you know, well around the world, but also in India where it was actually not, you know, not, they wouldn't let, they didn't have rules to let people work from home in these areas. So then what we had to do was automate everything and make sure that we could administer, you know, all of our customers could administer these systems from home. So that put extra stress on automation. It put extra stress on our customer's digital transformation and it just forced them to, you know, automate digitally, transform quicker. And they had to, because you couldn't just go into a server room and tweak your servers, you had to figure out how to automate all of that. And we're still all in that environment today. >>You know, one of the hottest trends before the pandemic was observability, uh, Coobernetti's serve, uh, microservices. So those things, again, all dev ops and you know, you guys got some acquisitions youth about thousand eyes. Um, um, you got a new one you just bought, um, recently port shift to raise the game and security, Kubernetes, all these microservices. So observability super hot, but then people go work at home. As you mentioned, how do you observe, what are you observing? The network is under a huge pressure. I mean, it's crashing on people's zooms and WebExes and, uh, education, huge amount of network pressure. How are people adapting to this and the app side? How are you guys looking at the what's being programmed? What are some of the things that you're seeing with use cases around this program? Ability, challenge and observability challenges. It's a huge deal. >>Yeah, absolutely. And, um, you know, going back to Todd Nightingale, right. You know, back when we talked to Todd before he had Meraki and he had designed this simplicity, this ease of use this cloud managed, you know, doing everything from one central place. And now he has Cisco's entire enterprise and cloud business. So he is now applying that at that bigger, at that bigger scale for Cisco and for our customers. And he is building in the observability and the dashboards and the automation of the API APIs into all of it. Um, but when we take a look at what our customers needed is again, they had to build it all in. Um, they had to build it. And what happened was how your network was doing, how secure your infrastructure was, how well you could enable people to work from home and how well you could reach customers. >>All of that used to be an it conversation. It became a CEO and a board level conversation. So all of a sudden CEOs were actually, you know, calling on the heads of it and the CIO and saying, you know, how's our VPN connectivity is everybody working from home, how many people are connected and able to work and what's their productivity. So all of a sudden, all these things that were really infrastructure, it stuff became a board level conversation. And, you know, once again, at first everybody was panicked and just figuring out how to get people. But now what we've seen in all of our customers is that they are now building in automation and digital transformation and these architectures, and that gives them a chance to build in that observability, you know, looking for those events, the dashboards, you know, so it really has, has been fantastic to see what our customers are doing and what our partners are doing to really rise to that next level. >>I know you got to go, but real quick, um, describe what accelerating automation with dev net means. >>Well, you've been following, you know, we've been working together on dev net and the vision of the infrastructure programmability and everything for quite some time. And the thing that's really happened is yes, you need to automate, but yes, it takes people to do that and you need the right skill sets and the programmability. So a networker can't be a networker. A networker has to be a network automation developer. And so it is about people and it is about bringing infrastructure expertise together with software expertise and letting people run things are definite community has risen to this challenge. Um, people have jumped in, they've gotten their certifications. We have thousands of people getting certified. Uh, you know, we have, you know, Cisco getting certified. We have individuals, we have partners, you know, they're just really rising to the occasion. So accelerate, accelerating automation while it is about going digital. It's also about people rising to the level of, you know, being able to put infrastructure and software expertise together to enable this next chapter of business applications of, you know, cloud directed businesses and cloud growth. So it actually is about people just as much as it is about automation and technology. >>And we got dev net created right around the corner of virtual unfortunate. Won't be in person, but we'll be virtual. Susie. Thank you for your time. We're going to dig into those people, challenges with Mandy and Eric. Thank you for coming on. I know you got to go, but stay with us. We're going to dig in with Mandy and Eric. Thanks. >>Thank you so much. Have fun. Thanks John. >>Okay. Mandy, you heard Susie is about people. And one of the things that's close to your heart you've been driving is a senior director of dev net certifications, um, is getting people leveled up. I mean the demand for skills, cybersecurity network, programmability automation, network design solution architect, cloud multi-cloud design. These are new skills that are needed. Can you give us the update on what you're doing to help people get into the acceleration of automation game? >>Oh yes, absolutely. The, you know, what we've been seeing is a lot of those business drivers that Susie was mentioning, those are, what's accelerating a lot of the technology changes and that's creating new job roles or new needs on existing job roles where they need new skills. We are seeing customers, partners, people in our community really starting to look at, you know, things like DevSecOps engineer, network, automation, engineer, network automation, which Susie >>Mentioned, and looking at how these fit into their organization, the problems that they solve in their organization. And then how do people build the skills to be able to take on these new job roles or add that job role to their current scope and broaden out and take on new challenges. >>Eric, I want to go to you for a quick second on this, um, um, piece of getting the certifications. Um, first, before you get started, describe what your role is as director of developer advocacy, because that's always changing and evolving. What's the state of it now because with COVID people are working at home, they have more time to contact, switch and get some certifications and that they can code more. What's your, what's your role? >>Absolutely. So it's interesting. It definitely is changing a lot. A lot of our historically a lot of focus for my team has been on those outward events. So going to the Devin that creates the Cisco lives and helping the community connect and to help share tech mountain technical information with them, um, doing hands on workshops and really getting people into how do you really start solving these problems? Um, so that's had to pivot quite a bit. Um, obviously Cisco live us. We committed very quickly to a virtual event when, when conditions changed and we're able to actually connect as we found out with a much larger audience. So, you know, as opposed to in person where you're bound by the parameters of, you know, how big the convention center is, uh, we were actually able to reach a worldwide audience with our, uh, our definite date that was kind of attached on to Cisco live. >>And we got great feedback from the audience that now we're actually able to get that same enablement out to so many more people that otherwise might not have been able to make it. Um, but to your broader question of, you know, what my team does. So that's one piece of it is getting that information out to the community. So as part of that, there's a lot of other things we do as well. We were always helping out build new sandboxes and your learning labs, things like that, that they can come and get whenever they're looking for it out on the dev net site. And then my team also looks after community, such as the Cisco learning network where this there's a huge community that has historically been there to support people working on their Cisco certifications. And we've seen a huge shift now in that group that all of the people that have been there for years are now looking at the domain certifications and helping other people that are trying to get on board with programmability. They're taking a lot of those same community enablement skills and propping up the community with, you know, helping you answer questions, helping provide content. They've moved now into the dev net space as well, and are helping people with that servicer. So it's great seeing the community come along and really see that >>I got to ask you on the trends around automation, what skills and what developer patterns are you seeing with automation? Are, is there anything in particular, obviously network automation has been around for a long time. Cisco has been leader in that, but as you move up, the stack as modern applications are building, do you see any patterns or trends around what is accelerating automation? What are people learning? Yeah, absolutely. >>So you mentioned, uh, observability was big before COVID and we actually really saw that amplified during COVID. So a lot of people have come to us looking for insights. How can I get that better observability, uh, now that we needed? Well, we're virtual. Um, so that's actually been a huge uptake and we've seen a lot of people that weren't necessarily out looking for things before that are now figuring out how can I do this at scale? And I think one good example that, uh, Susie was talking about the VPN example, and we actually had a number of SES in the Cisco community that had customers dealing with that very thing where they very quickly had to ramp up. And one in particular actually wrote a bunch of automation to go out and measure all of the different parameters that it departments might care about, about their firewalls, things that you do normally look at me all days, you would size your firewalls based on, you know, assuming a certain number of people working from home. >>And when that number went to a hundred percent things like licensing started coming into play, where they needed to make sure they had the right capacity in their platforms that they weren't necessarily designed for. So one of the STDs actually wrote a bunch of code to go out, use some open source tooling, to monitor and alert on these things and then published it. So the whole community could go out and get a copy of it, try it out their own environment. And we saw a lot of interest around that and trying to figure out, okay, now I can take that and I can adapt it to what I need to see for my observability. >>That's great. Mandy. I want to get your thoughts on this too, because as automation continues to scale, it's going to be a focus and people are at home and you guys had a lot of content online for you recorded every session that didn't the dev Ned zone learnings going on, sometimes linearly. And nonlinearly you got the certifications, which is great. That's key, key, great success there. People are interested, but what are the learnings? Are you seeing? What are people doing? What's the top top trends. >>Yeah. So what we're seeing is like you said, people are at home, they've got time. They want to advance their skillset. And just like any kind of learning people want choice because they want to be able to choose what's matches their time that's available and their learning style. So we're seeing some people who want to dive into full online study groups with mentors, leading them through a study plan. And we have two new, uh, expert led study groups like that. We're also seeing whole teams at different companies who want to do, uh, an immersive learning experience together, uh, with projects and office hours and things like that. And we have a new, um, offer that we've been putting together for people who want those kinds of team experiences called automation boot camp. And then we're also seeing individuals who want to be able to, you know, dive into a topic, do a hands on lab, get some skills, go to the rest of the day of do their work and then come back the next day. >>And so we have really modular self-driven hands on learning through the dev net fundamentals course, which is available through dev net. And then there's also people who are saying, I just want to use the technology. I like to experiment and then go, you know, read the instructions, read the manual, do the deeper learning. And so they're, they're spending a lot of time in our dev net sandbox, trying out different technologies, Cisco technologies with open source technologies, getting hands on and building things. And three areas where we're seeing a lot of interest in specific technologies. One is around SD wan. There's a huge interest in people skilling up there because of all the reasons that we've been talking about security is a focus area where people are dealing with new scale, new kinds of threats, having to deal with them in new ways and then automating their data center, using infrastructure as code type principles. So those are three areas where we're seeing a lot of interest and you'll be hearing some more about that at dev net create >>Awesome. Eric and Mandy, if you guys can wrap up, um, this accelerated automation with dev net package and a virtual event here, um, and also tee up dev net create because dev net create has been a very kind of grassroots, organically building momentum over the years. Again, it's super important cause it's now the app world coming together with networking, you know, end to end programmability and with everything as a service that you guys are doing everything with API APIs, um, only can imagine the enablement that's gonna name, uh, create, can you share the summary real quick on accelerating automation with, at and T up dev net create Mandy we'll start. Yeah. >>Yes. I'll go first. And then Eric can close this out. Um, so just like we've been talking about with you at every definite event over the past years, you know, that's bringing APIs across our whole portfolio and up and down the stack and accelerating, uh, automation with dev net. Susie mentioned the people aspect of that. The people skilling up and how that transformed teams, transforms teams. And I think that it's all connected in how businesses are being pushed on their transformation because of current events. That's also a great opportunity for people to advance their careers and take advantage of some of that quickly changing landscape. And so what I think about accelerating automation with dev net, it's about the dev community. It's about people getting those new skills and all the creativity and problem solving that will be unleashed by that community. With those new skills. >>Eric take us home. He accelerating automation, dev net and dev net create a lot of developer action going on in cloud native right now, your thoughts? >>Absolutely. I think it's exciting. I mentioned the transition to virtual for Devin that day, this year for Cisco live. And we're seeing, we're able to leverage it even further with creative this year. So, whereas it used to be, you know, confined by the walls that we were within for the event. Now we're actually able to do things like we're adding the start now track for people that want to be there. They want to be a developer, a network automation developer, for instance, we've now got attract just for them where they can get started and start learning. Some of the skills they'll need, even if some of the other technical sessions were a little bit deeper than what they were ready for. Um, so I love that we're able to bring that together with the experienced community that we usually do from across the industry, bringing us all kinds of innovative talks, talking about ways that they're leveraging technology, leveraging the cloud, to do new and interesting things to solve their business challenges. >>So I'm really excited to bring that whole mix together, as well as getting some of our business units together too, and talk straight from their engineering departments. What are they doing? What are they seeing? What are they thinking about when they're building new APIs into their platforms? What are the, what problems are they hoping that customers will be able to solve with them? So I think together seeing all of that and then bringing the community together from all of our usual channels. So like I said, Cisco learning network, we've got a ton of community coming together, sharing their ideas and helping each other grow those skills. I see nothing but acceleration ahead of us for automation. >>Awesome. Thanks so much, God, man, you can add, add one more thing. >>I'm just going to say the other really exciting thing about create this year with the virtual nature of it is it it's happening in three regions and um, you know, we're so excited to see the people joining from all the different regions and uh, content and speakers and the region stepping up to have things personalized to their area, to their community. And so that's a whole new experience for them that create that's going to be fantastic this year. Yeah. >>I was just gonna close out and just put the final bow on that by saying that you guys have always been successful with great content focused on the people in the community. I think now during what this virtual dev net virtual dev net create virtual, the cube virtual, I think we're learning new things. People working in teams and groups and sharing content, we're going to learn new things. We're going to try new things and ultimately people will rise up and we'll be resilient. I think when you have this kind of opportunity, it's really fun. And we'll, we'll, we'll ride the wave with you guys. So thank you so much for taking the time to come on the cube and talk about your awesome accelerating automation and dev net. Great. Looking forward to it. Thank you. >>Yeah. >>The cube virtual here in Palo Alto studios doing the remote content amendment say virtual until we're face to face. Thank you so much for watching and we'll see you at dev net create thanks for watching Jeffrey here with the cube. Uh, we have our ongoing coverage of the Cisco dev net event. It's really accelerating with automation and programmability in the new normal, and we know the new normal is definitely continuing to go. We've been doing this since the middle of March and now we're in October. So we're excited to have our next guest he's Thomas Sheba. He is the vice president of product management for data center for Cisco Thomas. Great to see you. >>Hey, good to see you too. Yeah. Yeah. Everybody can see on our background. >>Exactly, exactly. So, I mean, I'm curious, we've talked to a lot of people. We talked to a lot of leaders, you know, especially like back in March and April with this light moment, which was, >>You know, no time to prep and suddenly everybody has to work from home. Teachers got to teach from home. And so you've got the kids home, you've got the spouse home, everybody's home trying to get on the network and do their zoom calls and their classes. I'm curious from your perspective, you guys are right there on the, on the network you're right in the infrastructure. What did you hear and see kind of from your customers when suddenly, you know, March 16th hit and everybody had to go home? >>Well, good point, Hey, I do think we all appreciate the network much more than we used to do before. Uh, and then the only other difference is I'm really more on WebEx calls to zoom calls, but you know, otherwise, uh, yes. Um, what, what I do see actually is that as I said, network becomes much more obvious as a critical piece. And so before we really talked a lot about, uh, agility and flexibility these days, we talk much more about resiliency quite frankly. Uh, and what do I need to have in place with respect to network to get my things from left to right. And you know, it was 2000, he still West, as we say on the data center. Uh, and that just is for most of my customers, a very, very important topic at this point. Right. >>You know, it's, it's amazing to think, you know, had this happened, you know, five years ago, 10 years ago, you know, the ability for so many people in, in, in the information industry to be able to actually make that transition relatively seamlessly, uh, is, is actually pretty amazing. I'm sure there was some, some excitement and some kudos in terms of, you know, it, it is all based on the network and it is kind of this quiet thing in the background that nobody pays attention to. It's like a ref in the football game until they make a bad play. So, you know, it is pretty fascinating that you and your colleagues have put this infrastructure and that enabled us to really make that move with, with, with really no prep, no planning and actually have a whole lot of services delivered into our homes that we're used to getting at the office are used to getting at school. >>Yeah. And I mean, to your point, I mean, some of us did some planning. Can we clearly talking about some of these, these trends in the way I look at this trends as being distributed data centers and, um, having the ability to move your, your workloads and access for users to wherever you want to be. And so I think that clearly went on for a while. And so in a sense, we, we, we prep was, are normal, but we're prepping for it. Um, but as I said, resiliency just became so much more important than, you know, one of the things I actually do a little plot, a little, little, uh, Bret before a block I put out end of August around resiliency. Uh, you, you, if you didn't, if you didn't put this in place, you better put it in place. Because I think as we all know, we saw her March. This is like maybe two or three months, we're now in October. Um, and I sing, this is the new normal for some time being. >>Yeah, I think so. So let's stick on that theme in terms of trends, right? The other great trend as public cloud, um, and cloud and multi cloud, there's all types of variants on that theme you had in that blog post about, uh, resiliency in data center, cloud networking, data center cloud, you know, some people think, wait, it's, it's kind of an either, or I either got my data center or I've got my stuff in the cloud and I've got public cloud. And then as I said, hybrid cloud, you're talking really specifically about enabling, um, both inner inner data center resiliency within multi data centers within the same enterprise, as well as connecting to the cloud. That's probably counterintuitive for some people to think that that's something that Cisco is excited about and supporting. So I wonder if you can share, you know, kind of how the market is changing, how you guys are reacting and really putting the things in place to deliver customer choice. >>Yeah, no, it's actually, to me it's really not a counterintuitive because in the end was what, uh, I'm focusing on. And the company is focusing on is what our customers want to do and need to do. Uh, and that's really, um, would, you know, most people call hybrid cloud or multi-cloud, uh, in, in the end, what it is, what it is, is really the ability to have the flexibility to move your workloads where you want them to be. And there are different reasons why you want to place them, right? You might've placed them for security reasons. You might've played some clients reasons, depending on which customer segment you after, if you're in the United States or in Europe or in Asia, there are a lot of different reasons where you're going to put your things. And so I think in the end, what, uh, an enterprise looks for is that agility, flexibility, and resiliency. >>And so really what you want to put in place is what we call like the cloud on ramp, right? You need to have an ability to move sings as needed, but the logic context section, which we see in the, um, last couple of months, accelerating is really this whole seam around digital transformation, uh, which goes hand in hand then was, uh, the requirement on the at T side really do. And I T operations transformation, right. How it operates. Uh, and I think that's really exciting to see, and this is excellent. Well, a lot of my discussions, I was customers, uh, what does it actually mean with respect to the it organization and what are the operational changes? This a lot of our customers are going through quite frankly, accelerated right. Going through, >>Right. And, and automation is in the title of the event. So automation is, you know, is an increasingly important thing, you know, as the, as we know, and we hear all the time, you know, the flows of data, the complexity of the data, either on the security or the way the network's moving, or as you said, shifting workloads around, based on the dynamic situations, whether that's business security, et cetera, in a software defined networking has been around for a while. How are you seeing kind of this evolution in adding more automation, you know, to more and more processes to free up those, those, um, no kind of limited resources in terms of really skilled people to focus on the things that they should be focusing and not stuff that, that hopefully you can, you know, get a machine to run with some level of automation. Yeah. >>Yeah. That's a good point. And it said the tech line, I have, you know, sometimes when my mind is really going from a cloud ready, which has in most of the infrastructure is today to cloud native. And so let me a little expand on those, right? There's like the cloud ready is basically what we have put in place over the last five to six years, all the infrastructure that all our customers have, network infrastructure, all the nexus 9,000, they're all cloud ready. Right. And what this really means, do you have API APIs everywhere, right? Whether this is on the box, whether it's on the controller, whether this is on the operations tools, all of these are API enabled and that's just a foundation for automation, right? You have to have that. Now, the next step really is what do you do with that capability? Right? >>And this is the integration with a lot of automation tools. Uh, and that's a whole range, right? This is where the it operation transformation kicks in different customers at different speed, right? Some just, you know, I use these API APIs and use normal tools that they have in a network world just to pull information. Some customers go for it further and saying, I want to integrate this with like some CMDB tools. Some go even further and saying, this is like the cloud native pieces saying, Oh, I want to use, let's say red hat Ansible. I want to use, uh, how she called Terraform and use those things to actually drive how I manage my infrastructure. And so that's really the combination of the automation capability. Plus the integration was relevant cloud native enabling tools that really is happening at this point. We're seeing customers accelerating that, that motion, which really then drives us how they run their it operations. Right. And so that's a pretty exciting, exciting area to see, uh, giving us, I said, we have the infrastructure in place. There's no need for customers to actually do change something. Most of them have already the infrastructures that can do this is just no doing the operational change. The process changes to actually get there. >>Right. And it's funny, we, we recently covered, you know, PagerDuty and, and they highlight what you just talked about, the cloud native, which is, you know, all of these applications now are so interdependent on all these different API APIs, you know, pulling data from all these applications. So a, when they work great, it's terrific. But if there's a problem, you know, there's a whole lot of potential throats to choke out there and find, find those issues. And it's all being connected via the network. So, you know, it's even more critically important, not only for the application, but for all these little tiny components within the application to deliver, you know, ultimately a customer experience within a very small units of time, uh, so that you don't lose that customer or you, you complete that transaction. They, they check out of their shopping cart. You know, all these, these things that are now created with cloud native applications that just couldn't really do before. >>No, you're absolutely right. And that's, this is like, just to say, sit, I'm actually very excited because it opens up a lot of abilities for our customers, how they to actually structure the operation. Right. One of the nice things around this or automation plus a tool integration to an integration is you actually opened us up, not a sole automation train, not just to the network operations personnel. Right. You also open it up and can use this for the SecOps person or for the dev ops person or for the cloud ops engineering team. Right. Because the way it's structured, the way we built this, um, it's literally as an API interface and you can now decide, what is your process do you want to have? And what traditional process you have a request network, operation teams executes the request using these tools and then hand it back over. >>Or do you say, Hey, maybe some of these security things I gotta hand over the sec ups team and they can directly call, uh, these, these API is right, or even one step further. You can have the opportunity that the dev ops or the application team actually says, Hey, I got to write a whole infrastructure as code kind of a script or template, and I just execute. Right. And it's really just using what the infrastructure provides. And so that whole range of different user roles and our customer base, what they can do with the automation capability that's available. It's just very, very exciting way because it's literally unleashes a lot of flexibility, how they want to structure and how they want to rebuild the it operations processes. >>Interesting. You know, cause the, you know, the DevOps culture has taken over a lot, right. Obviously changed software programming for the last 20 years. And, and I think, you know, there's a, there's a lot of just kind of the concept of dev ops versus necessarily, you know, the actual things that you do to execute that technique. And I don't think most people would think of, you know, network ops or, you know, net ops, you know, whatever the equivalent is in the networking world to have, you know, kind of a fast changing dynamic, uh, kind of point of view versus a, you know, stick it in, you know, spec it, stick it in, lock it down. So I wonder if you can, you can share how, you know, kind of that dev ops, um, attitude point of view, workflow, whatever the right verb is, has impacted, you know, things at Cisco and the way you guys think about networking and flexibility within the networking world. >>Yeah, literally, absolutely. And again, it's all customer driven, right? There's none of those, none of this is really actually, you know, a little bit of credit, maybe some of us where we have a vision, but a lot of it's just customer driven feedback. Uh, and yeah, we, we do have network operations teams comes from saying, Hey, we use Ansible heavily on the compute side, we might use this for alpha seven. We want to use the same for networking. And so we made available all these integrations, uh, with sobriety as a state, whether these are the switches, whether these are ACI dcnm controller or our multi-site orchestration capabilities, all of these has Ansible integration the way to the right, the other one, as I mentioned, that how she from Turco Terraform, we have integrations available and they see the requests for these tools to use that. >>Uh, and so that is the emotion we're in for all the, you know, and, uh, another block actually does out there, we just posted saying all set what you can do and then a Palo to this, right. Just making the integration available. We also have a very, very heavy focus on definite and enablement and training, uh, and you know, a little clock. And I know, uh, probably, uh, part of the segment, the whole definite community that Cisco has is very, very vibrant. Uh, and the beauty of this is right. If you look at those, whether you're a net ops person or a dev ops person or a SecOps person, it doesn't really matter. It has a lot of like capability available to just help you get going or go from one level to the next level. Right? And there's simple things like sandbox environments where you can, we know what's out stress, try sinks out snippets of code are there, you can do all of these things. And so we do see it's a kind of a push and pull a tremendous amount of interest and a tremendous, uh, uh, time people spend to learn quite frankly, then that's another site product of, of, you know, the situation where, and people said, Oh man, and say, okay, online learning is the thing. So these, these, these tools are used very, very heavily, right? >>That's awesome. Cause you know, we've, we've had Susie Lee on a number of times and I know he and Mandy and the team really built this dev net thing. And it really follows along this other theme that we see consistently across other pieces of tech, which is democratization, right democratization of the access tool, taking it out of, of just a mahogany row with, again, a really limited number of people that know how to make it work and it can make the changes and then opening it up to a software defined world where now that the, you know, the it's as application centric, point of view, where the people that are building the apps to go create competitive advantage. Now don't have to wait for, you know, the one network person to help them out in and out of these environments. Really interesting. And I wonder if, you know, when you look at what's happened with public cloud and how they kind of change the buying parameter, how they kind of change the degree of difficulty to get project started, you know, how you guys have kind of integrated that, that type of thought process to make it easier for app developers to get their job done. >>Yeah. I mean, again, it's, it's, uh, I typically look at this more from a, from a customer lens, right? It's the transformation process and it always starts as I want agility. I want flexibility. I want to resiliency, right? This is where we talk to a business owner, what they're looking for. And then that translates into, into an I, to operations process, right? Your strategy needs to map then how you actually do this. Uh, and that just drives then what tools do you want to have available to actually enable this? Right? And the enablement again is for different roles, right? There is you need to give sync services to the app developer and, uh, the, the platform team and the security team, right. To your point. So the network, uh, can act at the same speed, but you also give to us to the network operations teams because they need to adjust. >>Then they have the ability to react to, uh, to some of these requirements. Right. And it's just automation. I think we, we, we focused on that, but there's also to your point, the, the need, how do I extend between data centers? You know, just, just for backup and recovery and how do I extend into, into public clouds, right? Uh, and in the end, that's a, that's a network connectivity problem. Uh, and we have soft as, uh, we have made as available. We have integrations into, uh, AWS. We have integrations into a joy to actually make this very easy from a, from a network perspective to extend your private domains, private networks into which have private networks on these public clouds. So from an app development perspective, now it looks like he's on the same network. It's a protective enterprise network. Some of it might sit here. >>Some of it might sit here, but it's really looking the same. And that's really in the enticing. What, what a business looks at, right? They don't necessarily want to say, I need to have something separate for this deployment was a separate for that deployment. What they want is I need to deploy something. I need to do this resilient. And the resilient way in an agile way gives me the tools. And so that's really where we focused, um, and what we're driving, right? It's that combination of automation consistently, and then definite tools, uh, available that we support. Uh, but they're all open. Uh, they're all standard tools as the ones I mentioned, right. That everybody's using. So I'm not getting into this, Oh, this is specific to Cisco, right. Uh, it's really democratization. I actually liked your term. Yeah. >>It's a great terminate. And it's, it's really interesting, especially with, with the API APIs and the way everything is so tied together that everyone kind of has to enable this because that's what the customer is demanding. Um, and it is all about the applications and the workloads and where those things are moving, but they don't really want to manage that. They just want to, you know, deliver business benefit to their customers and respond to, uh, you know, competitive threats in the marketplace, et cetera. So it's really an interesting time for the infrastructure, you know, to really support kind of this app first point of view, uh, versus the other way around is kind of what it used to be and, and enable this hyper fast development hyper fast, uh, change in the competitive landscape or else you will be left behind. Um, so super important stuff. >>Yeah, no, I totally agree. And as I said, I mean, it's, it's kind of interesting because we, we started on a Cisco data center. So we started this probably six or seven years ago. Uh, when we, when we named the application centric, uh, clearly a lot of these concepts evolve, uh, but in a sense it is that reversal of the role from the network provides something and you use to, uh, this is what I want to do. And I need a service, uh, thinking on a networking side to expose. So as that can be consumed. And so that clearly is playing out. Um, and as I said, automation is a key key foundation that we put in place, uh, and our customers, most of our customers at this point, uh, on, on these products, >>They have all the capabilities there. They can literally take advantage. There's really nothing that stops them >>Good times for you, because I'm sure you've seen all the memes and social media, right? What what's driving your digital transformation. Is it the CEO, the CMO or COVID, and we all know the answer to the question. So I don't think the, the pace of change is going to slow down anytime soon. So keeping the network up and enabling us all to get done, what we have to get done and all the little magic that happens behind the scenes. >>Yeah. No thanks. Thanks for having me. And again, yeah. If you're listening and you're wondering, how do I get started Cisco? Definitely just the place to go. It's fantastic. Fantastic. And I highly recommend everybody roll up your sleeves, you know, the best reasons you can have. >>Yeah. And we know once the physical events come back, we've been to dev net create a bunch of times, and it's a super vibrant, super excited, but really engaged community sharing. Lots of information is kind of, it's still kind of that early vibe, you know, where everyone is still really enthusiastic and really about learning and sharing information. So I say Susie and the team are really built a great thing, and we're a, we're happy to continue to cover it. And eventually we'll be back, uh, face to face. >>Okay. I look forward to that as well. >>All right, thanks. Uh, he's Thomas I'm Jeff, you're watching continuing coverage of Cisco dev net accelerating with automation and programmability >>TK Kia. Nini is here. He's a distinguished engineer at Cisco TK, my friend. Good to see you again. How are you? Good. I mean, you and I were in Barcelona in January and, you know, we knew we saw this thing coming, but we didn't see it coming this way. Did we know that no one did, but yeah, that was right before everything happened. Well, it's weird. Right? I mean, we were, you know, we, we, it was in the back of our minds in January, we sort of had Barcelona's hasn't really been hit yet. It looked like it was really isolated in China, but, uh, but wow, what a change and I guess, I guess I'd say I'd start with the, we're seeing really a secular change in your space and security identity, access management, cloud security, endpoint security. I mean, all of a sudden these things explode as the work from home pivot has occurred. >>Uh, and it feels like these changes are permanent or semi-permanent, what are you seeing out there? Yeah, I don't, I don't think anybody thinks the world's going to go back the way it was. Um, to some degree it's, it's changed forever. Um, you know, I, I, I do a lot of my work remotely. Um, and, and so, you know, being a remote worker, isn't such a big deal for me, but for some, it was a huge impact. And like I said, you know, um, remote work, remote education, you know, everybody's on the opposite side, a computer. And so the digital infrastructure has just become a lot more important to protect. And the integrity of it essentially is almost our own integrity these days. >>Yeah. And when you see that, you know, that work from home pivot, I mean, you know, our estimates are along with a partner DTR about 16% of the workforce was at home working from home prior to COVID and now it's, you know, North of 70% plus, and that's going to come down maybe a little bit over the next six months. We'll see what happens with the fall surge, but, but people essentially accept, expect that to at least double that 16%, you know, going forward indefinitely. So how, what is that, what kind of pressure does that put on the security infrastructure and how, how organizations are approaching security? >>Yeah, I just think, uh, from a mindset standpoint, you know, what was optional, uh, maybe, um, last year, uh, is no longer optional and I don't think it's going to go back. Um, I think, I think a lot of people, uh, have changed the way, you know, they live and the way they work. Um, and they're doing it in ways, hopefully that in some cases, uh, yield more productivity, um, again, um, you know, usually with technology that's severely effective, it doesn't pick sides. So the security slant to it is it frankly works just as well for the bad guys. And so that's, that's the balance we need to keep, which is we need to be extra diligent, uh, on how we go about securing infrastructure, uh, how we go about securing even our social channels, because remember all our social channels now are digital. So that's, that's become the new norm. >>You know, you've helped me understand over the years. I remember a line you shared with me in the cube one time is that the adversary is highly capable, is sort of the phrase that you used. And essentially the way you describe it, as you know, your job as a security practitioner is to decrease the bad guy's return on investment, you know, increase their costs, increase the numerator, but as, as work shifts from home, yeah, I'm in my house, you know, my wifi in my, you know, router with my dog's name is the password. You know, it's much, much harder for me to, to increase that denominator at home. So how can you help? >>Yeah. I mean, it's, it is, it is truly, um, when you think, when you get into the mind of the adversary and, and, uh, you know, the cyber crime out there, they're honestly just like any other business they're trying to operate with high margin. And so if you can get there, if you can get in there and erode their margin, frankly go find something else to do. Um, and, and again, you know, you know, the shift we experienced day to day is it's not just our kids are online in school and, uh, our work is online, but all the groceries we order, um, uh, you know, this Thanksgiving and holiday season, uh, a lot more online shopping is going to take place. So, you know, everything's gone digital. And so the question is, you know, how, how do we up our game there so that we can go about our business, uh, effectively and make it very expensive for the adversary to operate, uh, and take care of their business? Cause it's nasty stuff. >>I want to ask you about automation generally, and then specifically how it applies to security. So we, I mean, we certainly saw the ascendancy of the hyperscalers and of course they really attacked the it labor problem. We learned a lot from that and an it organizations have applied much of that thinking. And the it's critical at scale. I mean, you just can't scale humans at the pace, the technology scales today, how does that apply to security and specifically, how is automation affecting security? >>Yeah, it's, it's, it's the topic these days. Um, you know, businesses, I think, realize that they can't continue to grow at human scale. And so the reason why automation and things like AI and machine learning have a lot of value is because everyone's trying to expand, uh, and operate at machine scale. Now, I mean that for, for businesses, I mean that for education and everything else now, so are the adversaries, right? So it's expensive for them to operate at Cuban scale and they are going to machine scale, going to machine scale, uh, a necessity is that you're going to have to harness some level of automation, have the machines, uh, work on your behalf, have the machines carry your intent. Um, and when you do that, um, you can do it safely or you could do it dangerously. And that that's really kind of your choice. Um, you know, just because you can automate something doesn't mean you should, um, you, you wanna make sure that frankly, the adversary can't get in there and use that automation on their behalf. So it's, it's a tricky thing because, you know, if when you take the phrase, you know, how do we, how do we automate security? Well, you actually have, uh, take care of, of securing the automation first. >>Yeah. We talked about this in Barcelona, where you were explaining that, you know, the bad guys, the adversaries are essentially, you know, weaponizing using your own tooling, which makes them appear safe because it's, they're hiding in plain sight. Right? >>Well, there's, they're clever, uh, give them that, um, you know, there's this phrase that they, they always talk about called living off the land. Um, there's no sense in them coming into your network and bringing their tools and, uh, and being detective, you know, if they can use the tools that's already there, then, uh, they have a higher degree of, of evading, uh, your protection. If they can pose as Alice or Bob, who's already been credentialed and move around your network, then they're moving around the network as Alice or Bob. They're not marked as the adversary. So again, you know, having the detection methods available to find their behavior anomalies and things like that become a paramount, but also, you know, having the automation to contain them, to eradicate them, to, you know, minimize their effectiveness, um, without it, I mean, ideally without human interaction, cause you, you just, can you move faster, you move quicker. Um, and I see that with an asterisk because, um, if done wrong, frankly, um, you're just making their job more effective. >>I wonder if we could talk about the market a little bit, uh, it's I'm in the security space, cybersecurity 80 plus billion, which by the way, is just a little infant testable component of our GDP. So we're not spending nearly enough to protect that, that massive, uh, GDP, but guys, I wonder if you could bring up the chart because when you talk to CSOs and you ask them, what's your, what's your biggest challenge? They'll say lack of talent. And, and so what this chart shows is from ETR, our, or our survey partner, and on the vertical axis is net score. And that's an indication of spending momentum on the horizontal axis is market share, which is a measure of presence, a pervasiveness, if you will, inside the datasets. And so there's a couple of key points here. I wanted to put forth to our audience and then get your reactions. >>So you can see Cisco, I highlighted in red, Cisco is business and security is very, very strong. We see it every quarter. It's a growth area that Chuck Robbins talks about on the, on the conference call. And so you can see on the horizontal axis, you've got a big presence in the data set. I mean, Microsoft is out there, but they're everywhere, but you're right there, uh, in that, in that dataset. And then you've got for such a large presence, you've got a lot of momentum in the marketplace, so that's very impressive. But the other point here is you've got this huge buffet of options. There's just a zillion vendors here. And that just adds to the complexity. This is of course only a subset of what's in the security space. You know, the people who answered for the survey. So my question is how can Cisco help, you know, simplify this picture? Is it automation? Is it, you know, you guys have done some really interesting tuck in acquisitions and you're bringing that integration together. Can you talk about that a little bit? >>Yeah. I mean, that's an impressive chart. I mean, when you look to the left there it's, um, I had a customer tell me once that, you know, I came to this trade show, looking for transportation and these people are trying to sell me car parts. Um, that's the frustration customers have, you know, and I think what Cisco has done really well is to really focus on outcomes. Um, what is the customer outcome? Cause ultimately that's, that is what the customer wants. You know, there might be a few steps to get to that outcome, but the closest closer you can get to delivering outcomes for the customer, the better you are. And I think, I think security in general has just year over year have been just written with, um, you need to be an expert. Um, you need to buy all these parts and put it together yourself. And, and I think, I think those days are behind us, but particularly as, as security becomes more pervasive and we're, you know, we're selling to the business, we're not selling to the, you know, t-shirt wearing hacker anymore. >>Yeah. So, well, well how does cloud fit in here? Because I think there's a lot of misconceptions about cloud people that God put my data in the cloud I'm safe, but you know, of course we know it's a shared responsibility model. So I'm interested in your, your thoughts on that. Is it really, is it a sense of complacency? A lot of the cloud vendors, by the way, say, Oh, the state of security is great in the cloud. Whereas many of us out there saying, wow, it's, it's not so great. Uh, so what are your thoughts on that, that whole narrative and what Cisco's play in cloud? >>I think cloud, um, when you look at the services that are delivered via the cloud, you see that exact pattern, which is you see customers paying for the outcome or as close to the outcome as possible. Um, you know, no, no data center required, no disk drive required, you just get storage, you know, it's, it's, it's all of those things that are again, closer to the outcome. I think the thing that interests me about cloud two is it's really been, it's really punctuated the way we go about building systems. Um, again at machine scale. So, you know, before, when I write code and I think about, Oh, what computers are gonna run on or, you know, what servers are going to is you're going to run on those. Those thoughts never crossed my mind anymore. You know, I'm modeling the intent of what the service should do and the machines then figure it out. So, you know, for instance, on Tuesday, if the entire internet shows up, uh, the, the system works without fail. And if on Wednesday, if only North America shows up, you know, so, but, but there's no way you could staff that, right. There's just no human scale approach that gets you there. And that's, that's the beauty of all of this cloud stuff is, um, it really is, uh, the next level of how we do computer science. >>So you're talking about infrastructure as code and that applies to security as code. That's what dev net is really all about. I've said many times, I think Cisco of the large established enterprise companies is one of the few, if not the only, that really has figured out, you know, that developer angle, because it's practical. What are you doing? You're not trying to force your way into developers, but, you know, I wonder if you could, you could talk a little bit about that trend and where you see it going. >>Yeah, no, that is, that is truly the trend. Every time I walk into dev net, um, the big halls at Cisco live, it is Cisco as code. Um, everything about Cisco is being presented through an API. It is automation ready. And frankly, that is, um, that is the, the love language of the cloud. Um, it's it's machines is the machines talking to machines in very effective ways. So, you know, it is the, the, uh, I, I think, I think necessary, maybe not sufficient but necessary for, um, you know, doing all the machine scale stuff. What what's also necessary, uh, is to, um, to secure if infrastructure is code therefore, um, what, what secure, uh, what security methodologies do we have today that we use to secure code? While we have automated testing, we have threat modeling, right? Those things actually have to be now applied to infrastructure. So then when I, when I talk about how do you do, uh, automation securely, you do it the same way you secure your code, you test it, you, you threat model, you, you, you say, you know, Ken, my adversary, uh, exhibit something here that drives the automation in a way that I didn't intend it to go. Um, so all of those practices apply. It's just, everything has code these days. >>I've often said that security and privacy are sort of two sides of the same coin. And I want to ask you a question and it's really, you know, to me, it's not necessarily Cisco and company like companies like Cisco's responsibility, but I wonder if there's a way in which you can help. And of course, there's this Netflix documentary circling around the social dilemma. I don't know if you have a chance to see it, but basically dramatizes the way in which companies are appropriating our data to sell us ads and, you know, creating our own little set of facts, et cetera. And that comes down to sort of how we think about privacy and admin. It's good from the standpoint of awareness, you know, you may or may not care if you're a social media user. I love tick-tock, I don't care, but, but, but they, they sort of laid out. This is pretty scary scenario with a lot of the inventors of those technologies. You have any thoughts on that and you'll consist go play a role there in terms of protecting our privacy. I mean, beyond GDPR and California, consumer privacy act, um, what do you think? >>Yeah. Um, uh, I'll give you my, you know, my humble opinion is you, you fix social problems with social tools, you fixed technology problems with technology tools. Um, I think there is a social problem, um, that needs to be rectified the, you know, um, we, we, weren't built as, um, human beings to live and interact with an environment that agrees with us all the time. It's just pretty wrong. So yeah, that, that, that, um, that series that really kind of wake up a lot of people it is, is, you know, it's probably every day I hear somebody asked me if I, I saw, um, but I do think it also, you know, with that level of awareness, I think we, we overcome it or we compensate by what number one, just being aware that it's happening. Um, number two, you know, how you go about solving it, I think maybe come down to an individual or even a communities, um, solution and what might be right for one community might be, you know, not the same for the other. So you have to be respectful in that manner. >>Yeah. So it's, it's, it's almost, I think if I could play back, what I heard is, is yeah. Technology, you know, maybe got us into this problem, but technology alone is not going to get us out of the problem. It's not like some magic AI bot is going to solve this. It's got to be, you know, society has to really, really take this on as your premise. >>That's a good point. When I, when I first started playing online games, I'm going back to the text-based adventure stuff, like muds and moves. I did a talk at, at MIT one time, and I'm this old curmudgeon in the back of the room. Um, we were talking about democracy and we were talking about, you know, the social processes that we had modeled in our game and this and that. And this guy just gave us the SmackDown. He basically walked up to the front of the room and said, you know, all you techies, you judge efficiency by how long it takes. He says, democracy is a completely the opposite, which is you need to sleep on it. In fact, you should be scared if somebody can decide in a minute, what is good for the community? It, two weeks later, they probably have a better idea of what's good for the community. So it almost has the opposite. And that was super interesting to me. >>That's really interesting, you know, you read the, like the, the Lincoln historians and he was criticized in the day for having taken so long, you know, to make certain decisions, but ultimately when he acted acted with, with confidence. Um, so to that point, but, um, so what, what else are you working on these days that, uh, that are, that is interesting that maybe you want to share with our audience? Anything that's really super exciting for you or you, >>Yeah. You know, generally speaking, I'm trying to try and make it a little harder for the bad guys to operate. I guess that's a general theme making it simpler for the common person to use, uh, tools. Um, again, you know, all of these security tools, no matter how fancy it is, it's not that we're losing the complexity, it's that we're moving the complexity away from the user so that they can thrive at human scale. And we can do things at machine scale and kind of working those two together is sort of the, the magic recipe. Um, it's, it's not easy, but, um, but it is, it is fun. So that's, that's what keeps me engaged. >>I'm definitely seeing, I wonder if you see it just sort of a, obviously a heightened organization awareness, but I'm also seeing shifts in the organizational structures. You know, the, you know, it used to be a sec ops team and an Island. Okay, it's your problem? You know, the, the, the CSO cannot report into the, to the CIO because that's like the Fox in the hen house, a lot of those structures are, are, are changing. It seems it'd be becoming this responsibility is coming much more ubiquitous across the organization. What are you seeing there and what are you putting on? >>And it's so familiar to me because, you know, um, I, I started out as a musician. So, you know, bands bands are a great analogy. You know, you play bass, I big guitar. You know, somebody else plays drums, everybody knows their role and you create something that's larger than, you know, the sum of all parts. And so that, that analogy I think, is coming to, you know, we, we saw it sort of with dev ops where, you know, the developer, doesn't just throw their coat over the wall and it's somebody else's problem. They move together as a band. And, and that's what I think, um, organizations are seeing is that, you know, why, why stop there? Why not include marketing? Why not include sales? Why don't we move together as a business? Not just here's the product and here's the rest of the business. That's, that's, that's pretty awesome. Um, I think, uh, we see a lot of those patterns, uh, particularly for the highly high-performance businesses. >>No, in fact, it's interesting you for great analogy, by the way. And you actually see in that within Cisco, you're seeing sort of a, and I know sometimes you guys don't like to talk about the plumbing, but I think it matters. I mean, you got a leadership structure now. I I've talked to many of them. They seem to really be more focused on how they're connect, connecting, you know, across organizations. And it's increasingly critical in this world of, you know, of silo busters, isn't it? Yeah, no, I mean, you almost, as, as you move further and further away, you know, you can see how ridiculous it was before it would be like acquiring the band and say, okay, all you can talk later is go over here. All your bass players go over there. I'm like, what happened to the band? >>That's what I'm talking about is, you know, moving all of those disciplines, moving together and servicing the same backlog and achieving the same successes together is just so awesome. Well, I always, I always feel better after talking to you. You know, I remember I remember art. Coviello used to put out his, his letter every year and I was reading. I'd get depressed. We spend all this money now we're less secure. But when I talked to you TK, I feel like much more optimistic. So I really appreciate the time you spend on the cube. It's awesome to have you as a guest. I love these, I love these sessions. So thanks. Thanks for inviting me. And I miss you. I, you know, hopefully, you know, next year we can get together at some of the Cisco shows or other shows, but be well and stay weird. Like the sign says doing my part to get Kenny, thanks so much for coming to the cube. We, uh, we really appreciate it. And thank you for watching everybody. This is Dave Volante. We've right back with our next guest. This short break, >>Come back to the cubes coverage, just to keep virtuals coverage of dev net create virtual will not face to face the cubes. Been there with dev net and dev net create. Since the beginning, dev net create was really a part of the dev net community. Looking out at the external market outside of Cisco, which essentially is the cloud native world, which is going mainstream. We've got a great guest here. Who's who's been the company's been on the cube. Many times. We've been talking to them recently acquired by Cisco thousand eyes. We have Joe Vaccaro is BC vice president of product, Joe, welcome to the cube. Thanks for coming on. Great. And thanks for having me. You have the keys to the kingdom, you, the vice president of product, which means you get to look inside and you get to look outside, figure it all out, uh, make everything run on thousand eyes. >>You guys have been finding common language, uh, across multiple layers of network intelligence, external services. This is the heart of what we're seeing in innovation with multicloud microservices, cloud native. This is really a hot area. It's converging multiple theaters in technology. Super important. I want to get into that with you. But first thousand nine was recently acquired by Cisco, um, big acquisition, uh, super important new CEO of Cisco, very clear API, everything we're seeing that come out. That's a big theme at dev net create the ecosystem of Cisco's going outside their own, you know, their, their walls outside of the Cisco network operators, network engineers. We're talking to developers talk programmability. This is the big theme. What's it like at Cisco? Tell us, honestly, the COVID hits. You get acquired by Cisco, tell us what's happening. >>Yeah, surely been an exciting six months, 4,000 eyes on the entire team and our customers, you know, as we all kind of shifted to the new normal of working from home. And I think, you know, that change alone really kind of amplified. Even some of the fundamental beliefs that we have as a company that you know, cloud is becoming the new data center or customers that Indra internet has become the new network and the new enterprise network backbone. And that SAS has really become the new application stack. And as you think about these last six months, those fundamental truths have never been more evident as we rely upon the cloud to be able to, to work as we rely upon our own home networks and the internet in order to be productive. And as we access more sized applications on a daily basis. And as you think about those fundamental truths, what's common across all of them is that you rely upon them now more than ever, not only to run your business, but to any of your employees would be productive, but you don't own them. And if you don't own them, then you lack the ability in a traditional way to be able to understand that digital experience. And I think that's ultimately what, what thousand eyes is trying to solve for. And I think it's really being amplified in really these last six months. >>Talk about the COVID dynamic because I think it highlighted and certainly accelerated digital transformation, but specifically exposes opportunities, challenges, weaknesses, I've talked to many CXOs CSOs. Uh, sec security is huge. Um, home of the conference book talk track, we'll get to in a second, but exposes what's worth doubling down on what to abandon from a project standpoint, as people start to look at their priorities, they're going, Hey, we got to have a connected experience. We got to have security. People are working at home. No one has VPNs at home VPNs or passe, maybe it's way. And maybe it's something else they're on a backbone. They're connecting to the internet, a lot of different diversity in connections. At the same time, you got a ton of modern apps running along for these networks. This is a huge issue. COVID is exposed us at scale. What's your view on this? And what does thousand eyes thinking about this? >>You know, if you think about the kind of legacy application delivery, it went from largely users in an office connected over, say a dedicated corporate network, largely to traditional say internal hosted applications. And that was early simple connectivity bath. And as you mentioned, we've seen amplifications in terms of the diversity from the users. So users are not in the office. Now they're connected in distributed disparate locations that are dynamically changing. When you think that how they're getting to that application, they're going across a really complex service chain of different network services that are working together across as public internet backbone will totally to land them on an application. And then those applications themselves are becoming now, as you mentioned, distributed largely based upon a microservices architecture and increasing their own dependence upon third party sample size applications to fulfill say key functions of that application, those three things together. >>Ultimately you're creating that level of level of complex service chain that really makes it difficult to understand the digital experience. And ultimately the it organization it's really chartered with not just delivering the infrastructure, but delivering the right experience. And you have to then have a way to be able to see, to gain that visibility, that experience, you know, to measure it and understand, and to provide that intelligence and then ultimately to act on it, be able to ensure that your employees, as well as your customers are getting the right overall, um, approach to being able to leverage those assets. >>It's funny, you know, I was getting to some of these high scale environments, a lot of these concepts are converging. You know, we had terms like automation, self healing networks. Um, you mentioned microservices early, you mentioned data out of the clouds, the new data center, uh, or when's the new land. However, we're gonna look at it. It's a whole different architecture. So I want to get your thoughts on, on the automation piece of networking and internet outages, for instance, um, because when you, you know, there's so many outages going up and down, it is like, uh, catching, looking for a needle in a haystack, right. So, um, we've had this conversation with you guys on the cube before, how does automation occur when you guys look at those kinds of things? Uh, what's important to look at, can you comment on and react to, you know, the internet outages and how you find resolve those? >>Yeah. It's um, it was really great. And as you mentioned, automation really in a place that a key, when you think about the, just a broad problem that it is trying to drive and, you know, from our lens, we look at it in really three ways. You're first off is you have to be able to gain the level of visibility from where it matters and be able to, to test and be able to provide that level of active measurements across the, the type of ways you want to be able to inspect the network. But then also from the right vantage points, you want to inspect it. But what we talk about right aside, you know, data alone, doesn't solve that problem. As you mentioned, that needle in the haystack, you know, data just provides the raw metrics that are screaming across the screen, and you have to then enable that data to provide meeting. >>You need to enable that data become intelligent. And that intelligence comes through the automation of being able to process that data very quickly, allow you to be able to see the unseen, allow you to be able to quickly understand the issues that are happening across this digital supply chain to identify issues that are even happening outside of your own control across the public internet. And then the last step of automation really comes in the, of the action, right? How do you enable that intelligence to be put, to use? How do you enable that intelligence to then drive across the rest of your it workflow as well as to be able to be used as a signaling engine, to be able to then make the fundamental changes back at the network fabric, whether that is a dressing or modifying your BGB pairing, that we see happen with our customers using thousand eyes data, to be able to route around major internet outages that we've seen over the past six months, or to be able to then use that data, to be able to optimize the ultimate experience that they're delivering to both our customers, as well as their employees, >>Classic policy based activities. And you take it to a whole nother level. I got to get your thoughts on the employees working at home. Okay. Because, um, you know, most it people like, Oh yeah, we're going to forecast in cases of disruption or a hurricane or a flood or hurricane Sandy, but now with COVID, everyone's working at home. So who would have forecasted a hundred percent, um, you know, work from home, which puts a lot of pressure on him, everything. So I gotta ask you, now that employees are working at home, how do you tie network visibility to the actual user experience? >>Yeah, that's a great question. As you, you know, we saw within our own customer base, you know, when COVID head and we saw this rise of work from home, it teams are really scrambling and said, okay, I have to light up this, say VPN infrastructure, or I need to now be able to support my users in a work from home situation where I don't control the corporate network. In essence, now you have essentially thousands. Every employee is acting across their own corporate network and people were then using thousand eyes in different ways to be able to monitor their safety VPN infrastructure across, uh, back into the corporate network, as well as in using our thousand eyes end point agents that runs on a local, a user's laptop or machine in their home to help you to be able to gain that visibility down to that last mile of connectivity. >>Because when a user calls up support and says, I'm having trouble say accessing my application, whether that's Salesforce or something else, what ultimately might be causing that issue might not necessarily be a Salesforce issue, right? It could be the device and the device performance in terms of CPU, memory utilization. It could be the wifi and the signal quality within your wifi network. It could be your access point. It could be your raw, local home router. It can be your local ISP. It could be the path that you're taking ultimately to your corporate network or that application. There's so many places that could go wrong that are now difficult to be able to see, unless you have the ability to see comprehensively from the user to the application, and to be able to understand that full end to end path, >>You know, it teams have also been disrupted. They've been on offsite prop off property as well, but you got the cloud. How is your technology help the it teams? Can you give some examples there? Um, >>Yeah, great way is, you know, how people use thousand eyes as part of that data sharing ecosystem. Again, that notion of how do you go from visibility to intelligence action and we're in the past, you might be able as an it administrator to walk over to their network team and say, Hey, can you take a look at what I'm seeing now? That's no longer available. So how do you be able to work efficiently as the United organization? You know, we think a thousand eyes in how our customers are using us a thousand times becomes a common operating language that allows them to be able to analyze across from the application down into the underlying infrastructure, through those different layers of the network what's happening. And where do you need to focus your attention? And then furthermore, with 10,000 eyes in terms of a need nibbling, that data sharing ecosystem, leveraging our share link capability really gives them the ability to say, you know, here's what I'm seeing and be able to send that to anybody within the it organization, but it goes even further and many times in recent times, as well as over the course of people using thousand eyes, they take those share links and actually send them to their external providers because they're not just looking to resolve issues within their own it organization. >>They're having to work collaboratively with the different ISP that they're appearing with with their cloud providers that they're appearing, uh, they're leveraging, or the SAS applications that are part of that core dependency of how they deliver their experience. >>I asked you the question when you think about levels of visibility and making the lives easier for it, teams, um, and see a lot of benefits with thousand eyes. You pointed out a few of them. It's got to ask you the question. So if I'm an it person I'm in the trenches, are you guys have, uh, an aspirin or a vitamin or both? Can you give an example because there's a lot of pain point out there. So yeah. Give me a cup, a couple Advils and aspirins, but also you're an enabler to the new things are evolving. You pointed out some use case. You talked about the difference between where you're helping people pain points and also enabling them be successful for it teams. >>Yeah, that's a great analogy. You're thinking it, like you said, it definitely sits on both sides of that spectrum, you know, thousand eyes is the trusted tool, the source of truth for it. Organizations when issues are happening as their alarm bells are ringing, as they are generating the, um, the different, uh, on call, uh, to be able to jump into a worm situation thousand eyes is that trusted source of truth. Allow them to focus, to be able to resolve the issue in the heat of the moment. But that was a nice also when we think about baselining, your experience, what's important is not understanding that experience at that moment in time, but also how that's deviated over time. And so by leveraging thousand eyes on a continuous basis, it gives you the ability to see the history of that experience, to understand how your network is changing is as you mentioned, networks are constantly evolving, right? >>The internet itself is constantly changing. It's an organic system, and you need to be able to understand not only what are the metrics that are moving out of your balance, but then what is potentially the cause of that as a network has evolved. And then furthermore, you can be begin to use that as you mentioned, in terms of your vitamin type of an analogy, to be able to understand the health of your system over time on a baseline basis so that you can begin to be able to ensure its success in a great way to really kind of bring that to light. As people using say, thousand eyes as part of the same SC land-based rollout, where you're looking to seek benchmark and confidence as you look to scale out in either, you know, benchmarking different ISP within that, I feel like connectivity for as you look to ensure a level of success with a single branch to give you that competence, to then scale out to the rest of your organization. >>That's great insights, the classic financial model ROI, you get baseline and upside, right? You got handle the baseline as you pointed out, and the upside music experience connectivity, you know, application performance, which drives revenue, et cetera. So great point. Great insight, Joe. Thank you so much for that insight. It's got a final question for you. I want to just riff a little bit with you on the industry. A lot of us have been having debates about automation. I mean, who doesn't, who doesn't love automation. Automation is awesome, right? Automate things. But as the trend starts going on, as everything is a service or X, a S as it's called, certainly Cisco's going down that road. Talk about your view about the difference between automation and everything is a service because at the end of the day, everything will be a service, but without automation, you really can't have services, right? So, you know, automation, automation, automation, great, great drum to bang all day long, but then also you got the same business side saying as a service, as a service, pushing that into the products means not trivial. Talk about, talk about how you'd look at automation and everything as a service and the relationship and interplay between those two concepts. >>Yeah. Ultimately I think about in terms of what is the problem that the business is trying to solve in ultimately, what is the value that they're trying to face? And in many ways, right, they're being exploded with increase of data that needs, they need to be able to not only processing gather, but then be able to then make use of, and then from that, as we mentioned, once you've processed that data and you'd say, gather the insights from it. You need to be able to then act on that data. And automation plays a key role of allowing you to be able to then put that through your workflow. Because again, as that, it experience becomes even more complex as more and more services get put into that digital supply chain. As you adopt say increased complexity within your infrastructure, by moving to a multicloud architecture where you look to increase the number of say, network services that you're leveraging across that digital experience. >>Ultimately you need the level of automation. You'd be able to see outside of your own vantage point. You need to be able to look at the problem from as broad of a, a broad of a way as possible. And you know, data and automation allows you to be able to do what is fundamentally to do from a very narrow point of view, in terms of the visibility you gather intelligence you generate, and then ultimately, how do you act on that data as quick as possible to be able to provide the value of what you're looking to solve. >>It's like a feature it's under the hood. The feature of everything comes to the surface is automation, data, machine learning, all the goodness in the software. I mean, that's really kind of what we're talking about here. Isn't it a final question for you as we wrap up, uh, dev net create really, again, is going beyond Cisco's dev net community going into the industry ecosystem where developers are there. Um, these are folks that want infrastructure as code. They want network as code. So network programmability, huge topic. We've been having that conversation, uh, with Cisco and others throughout the industry for the past three years. What's your message to developers out there that are watching this who say, Hey, I just want to develop code. Like I want, you know, you guys got that. That was nice. Thanks so much. You know, you take care of that. I just want to write code. What's your message to those folks out there who want to tap some of these new services, these new automation, these new capabilities, what's your message. >>You know, ultimately I think, you know, when you look at thousand eyes, um, you know, from a product perspective, you know, we try to build our product in an API first model to allow you to be able to then shift left of how you think about that overall experience. And from a developer standpoint, you know, what I'd say is, is that while you're developing in your silo, you're going to be part of a larger ultimate system. In your experience you deliver within your application is now going to be dependent upon not only the infrastructure it's running upon, but the network gets connected to, and then ultimately the user and the stance of that user, if I leveraging a thousand eyes and being able to then integrate that into how you think closely on that experience, that's going to help ensure that ultimately the application experience that the is looking to deliver meets that objective. And I think what I would say is, you know, while you need to focus on your, uh, your role as a developer, having the understanding of how you fit into the larger ecosystem and what the reality of the, of how your users will access that application is critical. >>Awesome, Joe, thank you so much. Again, trust is everything letting people understand that what's going on underneath is going to be, you know, viable and capable. You guys got a great product and congratulations on the acquisition that Cisco made of your company. And we've been following you guys for a long time and a great technology chops, great market traction, congratulations to everyone, 1,009. Thanks for coming on today. >>I appreciate it. Thanks for having me >>Vice president of product here with thousand eyes. Now, part of Cisco, John, for your host of the cube cube virtual for dev net, create virtual. Thanks for watching. >>Even prior to the pandemic, there was a mandate to automate the hyperscale cloud companies. They've shown us that to scale. >>You really have to automate your human labor. It just can't keep up with the pace of technology. Now, post COVID that automation mandate is even more pressing. Now what about the marketplace? What are S E seeing on the horizon? The cubes Jeff Frick speaks with Cisco engineers to gather their insights and explore the definite specialized partner program. We've got >>Coon Jacobs. He's the director of systems engineering for Cisco. Good to see Kuhn, >>Thank you for having me >>And joining him as Eric nappy is the VP of system systems engineering for Cisco. Good to see Eric. Good to be here. Thank you. Pleasure. So before we jump into kind of what's going on now in this new great world of programmability and, and control, I want to kind of go back to the future for a minute, because when I was doing some research for this interview, it was Coon. I saw an old presentation that you were giving from 2006 about the changing evolution of the, uh, the changing evolution of networking and moving from. I think the theme was a human centered human centered network. And you were just starting to touch a little bit on video and online video. Oh my goodness, how far we have come, but, but I would love to get kind of a historical perspective because we've been talking a lot and I know Eric son plays football about the football analogy of the network is kind of like an offensive lineman where if they're doing a good job, you don't hear much about them, but they're really important to everything. >>And the only time you hear about them is when a flag gets thrown. So if you look back with the historical perspective, the load and the numbers and the evolution of the network, as we've moved to this modern time, and, you know, thank goodness cause of COVID hit five years ago, 10 years ago, 15 years ago, you know, all of us in the information space would not have been able to make this transition. So I just, I just love to get some historical perspective cause you've been kind of charting this and mapping this for a very long time. >>Yeah, we absolutely have. I think, you know, what you're referring to was back in the day, the human network campaign, and to your point, the load, the number of hosts that traffic, the just overall the intelligence of the network has just evolved tremendously over these last decade and a half, uh, 15 years or so. And you look at where we are now in terms of the programmable nature of the network and what that enables in terms of new degrees of relevance that we can create for the customers. Um, and how, you know, the role of it has changed entirely again, especially during this pandemic, you know, the fact that it's now as a service and elastic, uh, is, is absolutely fundamental to being able to ensure, uh, on an ongoing basis, a great customer experience. And so, uh, it's been, it's been, uh, a very interesting ride. >>Yeah. And then, and then just to close the loop, the, one of your more later interviews talking to Sylvia, your question is, are you a developer or an engineer? So it was, and, and your whole advice to all these network engineers is just, just don't jump in and start doing some coding and learning. So, you know, the focus and really the emphasis and where the opportunity to differentiate as a company is completely shifting gears over to the S you know, really software defined side. >>Oh, absolutely. So, I mean, you look at how the software world and the network has come together and how we're applying now, you know, basically the same construct of CICB pipeline to network, uh, infrastructure, look at network really as code and get all of the benefits from that. And the familiarity of it, the way that our engineers have had to evolve. And that is just, you know, quite, quite significant in, in, in like the skill set. And the best thing is jump in, right. Um, you know, dip your toe in the water, but continue to evolve that skill set. And, uh, you know, don't, don't be shy. It's, it's a leap of faith for some of us who've been in the industry a bit longer. Uh, you know, we like to look at ourselves as the craftsman of the network, but now it's definitely a software centricity and programmability, right? >>So Eric, you've got some digital exhaust out there too, that I was able to dig up going back to 2002 752 page book, and the very back corner of a dark dirty dusty Amazon warehouse is managing Cisco network security, 752 pages. Wow. How has security changed from a time where before I could just read a book, a big book and, you know, throw some protocols in and probably block a bunch of ports to the world that we live in today, where everything is connected. Everything is API driven, everything is software defined. You've got pieces of workloads spread out all over the place and Oh, by the way, you need to bake security in at every single level of the application stack. >>Yeah, no I'm so, wow. Cocoon is that you, you found that book on the I'm really impressed. There was a thank you a little street, correct. So, uh, I want to hit on something that you, you talked about. Cause I think it's very important to, to this overall conversation. If we think about the scale of the network and Coon hit on it briefly, you talked about it as well. We're seeing a massive explosion of devices by the I, you know, it's estimated by the end of this year, there's going to be about 27 billion devices on the global internet. That's about 3.7 devices for every man, woman and child life. And if we extrapolate that out over the course of the next decade on the growth trajectory we're on. And if you look at some of the published research on this, it's estimated there could be upwards of 500 billion devices accessing the global internet on a, on a daily basis. >>And primarily that, that, that is a IOT devices. That's digitally connected devices. Anything that can be connected will be connected, but then introduces a really interesting security challenge because every one of those devices that is accessing the global internet is within a company's infrastructure or accessing pieces of corporate data is a potential attack factor. So we really need to, and I think the right for this is we need to reimagine security because security is, as you said, not about perimeters. You know, I wrote that book back in 2002, I was talking about firewalls and a cutting edge technology was intrusion prevention and intrusion detection. Now we need to look at security really in the, in the guise of, or under the, under the, under the realm of really two aspects, the identity who is accessing the data in the context, what data is being accessed. >>And that is going to require a level of intelligence, a level of automation and the technologies like machine learning and automated intelligence are going to be our artificial intelligence rather are going to be table stakes because the sheer scale of what we're trying to secure is going to be untenable, undercurrent, you know, just current security practices. I mean, the network is going to have to be incredibly intelligent and leverage again, a lot of that, uh, that AI type of data to match patterns of potential attacks and ideally shut them down before they ever cause any type of damage. >>Really interesting. I mean, one thing that COVID has done a bunk many things is kind of retaught us all about the power of exponential curves and how extremely large those things are and how fast they grow. We had Dave runs and on a Google cloud a couple of years ago. And I remember him talking about early days of Google when they were starting to map out kind of, as you described kind of map out their growth curves, and they just figured out they could not hire if they hired everybody, they couldn't hire enough people to deal with it. Right. So really kind of rethinking automation and rethinking about the way that you manage these things and the level, right. The old, is it a pet or is it, or is it, um, uh, part of a herd? And I think it's interesting what you talked about, uh, can really the human powered internet and being driven by a lot of this video, but to what you just said, Eric, the next big wave, right. >>Is IOT and five G. And I think, you know, you talk about 3.7 million devices per person. That's nothing compared to right. All these sensors and all these devices and all these factories, cause five G is really targeted to machine the machines, which there's a lot of them and they trade a lot of information really, really quickly. So, you know, I want to go back to you Coon thinking about this next great wave in a five G IOT kind of driven world where it's kind of like when voice kind of fell off compared to IP traffic on the network. I think you're going to see the same thing, kind of human generated data relative to machine generated data is also going to fall off dramatically as a machine generated data, just skyrocket through the roof. >>Yeah, no, absolutely. And I think too, also what Eric touched on the visibility on that, and they'd be able to process that data at the edge. That's going to catalyze cloud adoption even further, and it's going to know, make the role of the network, the connectivity of it all and the security within that crucially important. And then you look at the role of programmability within that. We're seeing the evolution going so fast. You look at the element of the software defined network in an IOT speed space. We see that we have hosts there that are not necessarily, um, you know, behaving like other hosts would, uh, on a network, for example, manufacturing floor, uh, production robot, or a security camera. And what we're seeing is we're seeing partners and customers employing program ability to make sure that we overcome some of the shortcomings, uh, in terms of where the network is at, but then how do you customize it in terms of the relevance that it can provide, uh, bringing on board, uh, those, uh, those hosts in a very transparent way, and then, you know, keep, keep the agility of it and keep the speed of innovation going. >>Right. >>Right. So Eric, I want to come back to you and shift gears kind of back to the people will leave the IOT and the machines along, along for a minute, but I'm curious about what does beat the boss. I mean, I go to your LinkedIn profile and it's just filled with congratulatory statements, but everyone's talking about beating the boss. You know, it's, it's a really, you know, kind of interesting and different way to, to motivate people, to build this new skillset in terms of getting software certifications, uh, within the Cisco world. And I just thought it was really cute the way that you clearly got people motivated, cause there's posts all over the place and they've all got their, their nice big badge or their certification, but, you know, at a higher level, it is a different motivation to be a developer versus an engineer and a technician. And it's kind of a different point of view. And I just wonder if you could share, you know, some of the ways that you're, you're kind of encouraging, you know, kind of this transformation within your own workforce, as well as the partners, et cetera, and really adopting kind of almost a software first and this program kind of point of view versus, you know, I'm just wiring stuff up. >>Apparently a lot of people like to beat me. So of itself was a, was a, it was a great success, but you know, if we think we take a step back, you know, what is Cisco about as an organization? Um, I mean obviously if you look back to the very early days of our vision, right, it was, it was to change the way the world worked, played, live and learn. And that you think about, and you hit on this when we were, you know, you were discussion with co with Kuhn in the early days of COVID. We really saw that play out as so much shifted from, you know, in-person type of interactions to virtual interactions in the network that, uh, that our, our customers, our partners, our employees built over the course of the last several, the last three decades really helped the world continue to, um, to, to do business for students to continue to go to school or clinicians, to connect with patients. >>If I think about that mission to meet programmability is just the next iteration of that mission, continuing to enable the world to communicate, continuing, to enable customers, employees, uh, partners, uh, to essentially leverage the network for more than just connectivity now to leverage it for critical insight. Again, if we look at some of the, uh, some of the use cases that we're seeing for social distancing and contact tracing and network has a really important place to play there because we can pull insight from it, but it isn't necessarily an out of the box type of integration. So I look at programmability and in what we're doing with, with dev net to give relevance to the network for those types of really critical conversations that every organization is having right now, it's a way to extrapolate. It's a way to pull critical data so that I can make a decision. >>And if that decision is automated, or if that decision requires some type of a manual intervention, regardless, we're still about connecting. And in this case, we're connecting insight with the people who need it most, right. The debit challenge we ran is really in respect for how critical this new skill set is going to be. It's not enough. Like I said, just to connect the world anymore. We need to leverage that network, the network for that critical insight. And when we drove, we were, we created the beat, the boss challenge. It was really simple. Hey guys, I think this is important and I am going to go out and I'm going to achieve the certification myself, because I want to continue to be very relevant. I want to continue to be able to provide that insight for my customers and partners. So therefore I'm going for it. Anybody that can get there before me, maybe there's a little incentive tied to the incentive. Although it's funny, we interviewed a lot of, a lot of our team who, uh, who achieved it when incentive was secondary. They just wanted to have the bragging rights, like, yeah, I beat Eric, right. >>You know, putting your money where your mouth is, right. If it's important, then why, you know, you should do it too. And, and you know, the whole, you're not asking people to do what you wouldn't do yourself. So I think there's a lot of good leadership, uh, leadership lessons there as well. But I want to extend kind of the conversation on the covert impact, right? Cause I'm sure you've seen all the social media meme, you know, who's driving your digital transformation, the CEO, the CMO or COVID. And we all know the answer to the question, but you know, you guys have already been dealing with kind of an increased complexity around enterprise infrastructure world in terms of cloud and public cloud and hybrid cloud and multi cloud. And people are trying to move stuff all, all the way around now suddenly had this COVID moment right in, in March, which is really a light switch moment. >>People didn't have time to plan or prepare for suddenly everybody working from home. And it's not only you, but your spouse and your kids and everybody else. So, but now we're six months plus into this thing. And I would just love to get your perspective and kind of the change from, Oh my goodness, we have to react to the light switch moment. What do we do to make sure people can, can get, get what they need when they need it from where they are. Uh, but, but then really moving from this is a, an emergency situation, a stop gap situation to, Hmm, this is going to extend for some period of time. And even when it's the acute crisis is over, you know, this is going to drive a real change in the way that people communicate in the way that people, where they sit and their jobs and, and kind of how customers are responding accordingly as the, you know, kind of the narrative has changed from an emergency stop gap to this is the new normal that we really need to plan for. >>So, uh, I think, I think you said it very well. I think anything that could be digitized, any, any interaction that could be driven virtually was, and what's interesting is we, as you said, we went from that light switch moment where I believe the stat is this, and I'll probably get the number wrong, but like in the United States here at the beginning, at the end of February, about 2% of the knowledge worker population was virtual, you know, working from home or in a remote work environment. And over the course of about 11 days, that number went from 2% to 70%. Wow. Interesting that it worked, you know, there was a lot of hiccups along the way, and there was a lot of organizations making really quick decisions on how do I enable VPN scale of mass? How do I, you know, leverage, uh, you know, things like WebEx for virtual meetings and virtual connectivity, uh, much faster now that as you said, that we kinda gotten out of the fog of war or frog fog of battle organizations are looking at what they accomplished. >>And it was nothing short of Herculean and looking at this now from a transition to, Oh my gosh, we need to change too. We have an opportunity to change. And we're looking, we see a lot of organizations specifically around, uh, financial services, healthcare, uh, the, uh, the K through 20, uh, educational environment, all looking at how can they do more virtually for a couple of reasons. Obviously there is a significant safety factor. And again, we're still in that we're still on the height of this pandemic. They want to make sure their employees, their customers, students, patients remain safe. But second, um, we've found in, in discussions with a lot of senior it executives that are customers that people are happier working from home. People are more productive working from home. And that, again, the network that's been built over the course of the last few decades has been resilient enough to allow that to happen. >>And then third, there is a potential cost savings here outside of people. The next most expensive resource that organizations are paying for is real estate. If they can shrink that real estate footprint while providing a better user experience at the locations that they're maintaining, again, leveraging things like location services, leveraging things like a unified collaboration. That's very personalized to the end user's experience. They're going to do that. And again, they're going to save money. They're going to have happier employees and ultimately they're going to make their, uh, their employees and their customers a lot safer. So we see, we believe that there is in some parts of the economy, a shift that is going to be more permanent in some estimates, put it as high as 15% of the current workforce is going to >>Stay in a virtual or a semi virtual working environment for the foreseeable future. >>Interesting. And I, and I, and I would say, I'd say 15% is low, especially if you, if you qualify it with, you know, part-time right. I, there was a great interview we were doing and talking about working from home, we used to work from home as the exception, right? Cause the cable person was coming, are you getting a new washing machine or something where now that's probably getting, you know, in many cases we'll shift to the other where I'm generally going to work from home, unless, you know, somebody is in town or having an important meeting or there's some special collaboration, uh, that drives me to be in. But you know, I want to go back to you Kuhn and, and really doubled down on, you know, I think most people spent too much time focusing, especially, we'll just say within the virtual events space where we play on the things you can't do virtually, we can't meet in the hall. >>We can't grab a quick coffee and a drink instead of focusing on the positive things like we're accomplishing right here, you're in Belgium, right. Eric is in Ohio, we're in California. Um, and you know, we didn't take three days to travel and, and check into a hotel and, and all that stuff to get together, uh, for this period of time. So there's a lot of stuff that digital enables. And I think, you know, people need to focus more on that versus continuing to focus on the two or three things that, that it doesn't replace and it doesn't replace those. So let's just get that off the table and move on with our lives. Cause those aren't coming back anytime soon. >>No, totally. I think it's the balance of those things. It's guarding the fact that you're not necessarily working for home. I think the trick there is you could be sleeping at the office, but I think the positives are way, way more outspoken. Um, I, you know, I look at myself, I got much more exercise time in these last couple of months than I usually do because you don't travel. You don't have the jet lag and the connection. And then you talked about those face to face moments. I think a lot of people are in a way, um, wanting to go back to the office part-time as, as Eric also explain, but a lot of it you can do virtually we have virtual coffees with team, or, you know, even here in Belgium, our local general manager has a virtual effort, TIF every Friday, obviously skip the one this week. But, uh, you know, there's, there's ways to be very creative with the technology and the quality of the technology that enables, um, you know, to, to get the best of both worlds. Right? >>So I just, we're going to wrap the segment. I want to give you guys both the last word you both been at Cisco for a while and, you know, Susie, we, and the team on dev net has really grown this thing. I think we were there at the very beginning couple of four or five, six years ago. I can't keep track of time anymore, but it has really, really grown. And, you know, the timing is terrific to get into this more software defined world, which is where we are. I wonder if you could just, you know, kind of share a couple of thoughts as you know, with a little bit of perspective and you know, what you're excited about today and kind of what you see coming down the road since you guys have been there for a while you've been in this space, uh, let's start with Yukon. >>I think the possibility it creates, I think really programmability software defined is really >>About the art of the possible it's what you can dream up and then go code. Um, Eric talked about the relevance of it and how it maximizes the relevance on a customer basis. Um, you know, and then it is the evolution of the teams in terms of the creativity that they can bring to us. We've seen really people dive into that and customers co-creating with us. And I think that's where we're going in terms of the evolution of the value proposition there in terms of what technology can provide, but also how it impacts people as we discussed and redefines process >>That the art of the possible, which is a lot harder to execute in a, in hardware than software certainly takes a lot longer. I'd love to get your, uh, your thoughts. >>Absolutely. So I started my career at Cisco, uh, turning, uh, putting IP phones onto the network. And back then, you know, it was, you know, 2001, 2002, when, uh, the idea of putting telephones onto the network was such a, um, just such an objectionable idea. And so many purists were telling us all the reasons it wouldn't work. Now, if we go forward again, 19 years, the idea of not having them plugging into the network is a ridiculous idea. So we have a, we're looking at an inflection point in this industry and it's really, it's not about programming. It's not necessarily about programming. It's about doing it smarter. It's about being more efficient. It's about driving automation, but again, it's, it's about unlocking the value of what the network is. We've moved so far past. What can, you know, just connectivity, the network touches everything and there's more workload moves to the cloud is more workload moves to things like containers. >>Um, the network is the really, the only common element that ties all of these things together. The network needs to take its rightful place in the end, the it lexicon as being that critical or that critical insight provider, um, for, for how users are interacting with the network, how users are interacting with applications, how applications are interacting with one, another program ability is a way to do that more efficiently, uh, with greater a greater degree of certainty with much greater relevance into the overall delivery of it services and digitization. So to me, I think we're going to look back 20 years from now, probably even 10 and say, man, we used to configure things manually. What was that like? I think, I think really this is, this is the future. And I think we want to be aligned with where we're going versus where we've been. Right. >>Well, Coon, Eric, thank you for sharing your perspective. You know, it's, it's really nice to have, you know, some historical reference, uh, and it's also nice to be living in a new age where you can, you can, you know, stay at the same company and still refresh, you know, new challenges, new opportunities and grow this thing. Cause as you said, I remember those IP first IP phone days and I thought, well, my bell must be happy because the old mother's problem is finally solved. And when we don't have to have a dedicated connection between every mother and every child in the middle of may. So good news. So thank you very much for sharing your, uh, your insights and really, uh, really enjoyed the conversation. >>Thank you. >>We've been covering dev net create for a number of years. I think since the very first show and Susie, we and the team really built, uh, a practice built a company, built a lot of momentum around software in the Cisco ecosystem and in getting devs really to start to build applications and drive kind of the whole software defined networking thing forward. And a big part of that is partners and working with partners and, and developing solutions and, you know, using brain power. That's outside of the four walls of Cisco. So we're excited to have, uh, our next guest, uh, partner for someone is Brad Hoss. He is the engineering director for dev ops at Presidio, Brad. Great to see you. >>Hey Jeff, great to be here. >>And joining him is Chuck Stickney. Chuck is the business development architect for Cisco DevNet partners and he has been driving a whole lot of partner activity for a very long period of time. Chuck, great to see you. >>Thanks Jeff. Great to be here and looking forward to this conversation. >>So let's, let's start with you Chuck, because I think, um, you know, you're leading this kind of partner effort and, and you know, software defined, networking has been talked about for a long time and you know, it's really seems to be maturing and, and software defined everything right. Has been taking over, especially with, with virtualization and moving the flexibility and the customer program ability customability in software and Mo and taking some of that off the hardware. Talk about, you know, the programs that you guys are putting together and how important it is to have partners to kind of move this whole thing forward, versus just worrying about people that have Cisco badges. >>Yeah, Jeff, absolutely. So along this whole journey of dev net where we're, we're trying to leverage that customization and innovation built on top of our Cisco platforms, most of Cisco's business is transacted through partners. And what we hear from our customers and our partners is they want to, our customers want a way to be able to identify, does this partner have the capabilities and the skills necessary to help me go down this automation journey I'm trying to do, do a new implementation. I want to automate that. How can I find a partner to, to get there? And then we have some of our partners that have been building these practices going along this step, in that journey with us for the last six years, they really want to say, Hey, how can I differentiate myself against my competitors and give an edge to my customers to show them that, yes, I have these capabilities. I've built a business practice. I have technology, I have technologists that really understand this capability and they have the dub net certifications to prove it helped me be able to differentiate myself throughout our ecosystem. So that's really what our Danette partner specialization is all about. Right. >>That's great. And Brad, you're certainly one of those partners and I want to get your perspective because partners are oftentimes a little bit closer to the customer cause you've got your kind of own set of customers that you're building solutions and just reflect on, we know what happened, uh, back in March 15th, when basically everybody was told to go home and you can't go to work. So, you know, there's all the memes and social media about who, you know, who pushed forward your digital transformation, the CEO, the CMO, or COVID. And we all know what the answer is, whatever you can share some information as to what happened then, and really for your business and your customers, and then reflect now we're six months into it, six months plus, and, and you know, this new normal is going to continue for a while. How's the customer attitudes kind of changed now that they're kind of buckled down past the light switch moment and really we need to put in place some foundation to carry forward for a very long time potentially. >>Yeah, it's really quite interesting actually, you know, when code first hit, we got a lot of requests to help with automation of provisioning our customers and in the whole, you know, digital transformation got really put on hold for a little bit there and I'd say it became more of, of the workplace transformation. So we were quickly, uh, you know, migrating customers to, you know, new typologies where instead of the, the, you know, users sitting in those offices, they were sitting at home and we had to get them connected rapidly in a, we, we didn't have a lot of success there in those beginning months with, you know, using automation and programmability, um, building, you know, provisioning portals for our customers to get up and running really fast. Um, and that, that, that was what it looked like in those early days. And then over time, I'd say that the asks from our customers has started to transition a little bit. >>You know, now they're asking, you know, how can I take advantage of the technology to, you know, look at my offices in a different way, you know, for example, you know, how many people are coming in and out of those locations, you know, what's the usage of my conference rooms. Um, are there, uh, are there, um, situations where I can use that information? Like how many people are in the building and at a certain point in time and make real estate decisions on that, you know, like, do I even need this office anymore? So, so the conversations have really changed in, in ways that you couldn't have imagined before March. >>Right. And I wonder with, with you Chuck, in terms of the Cisco point of view, I mean, the network is amazing. It had had, COVID struck five years ago, 10 years ago, 15 years ago, you know, clearly there's a lot of industries that are suffering badly entertainment, um, restaurant, business, transportation, they, you know, hospitality, but for those of us in kind of the information industry, the switch was pretty easy. Um, you know, and, and the network enables the whole thing. And so I wonder if, you know, kind of from your perspective as, as suddenly, you know, the importance of the network, the importance of security and the ability now to move to this new normal very quickly from a networking perspective. And then on top of that, having, you know, dev net with, with the software defined on top, you guys were pretty much in a good space as good as space as you could be given this new challenge thrown at you. >>Yeah, Jeff, we completely agree with that. Uh, Cisco has always pushed the idea that the network is transformational. The network is the foundation, and as our customers have really adopted that message, it is enabled that idea for the knowledge workers to be able to continue on. So for myself, I've, I've worked for home the entire time I've been at Cisco. So the last 13 years, this is, you know, the, the change to the normalcy is I never get on a plane anymore, but my day to day functions are still the same. And it's built because of the capabilities we have with the network. I think the transition that we've seen in the industry, as far as kind of moving to that application type of economy, as we go to microservices, as we go to a higher dependency upon cloud, those things have really enabled the world really to be able to better respond to this, to this COVID situation. And I think it's helped to, to justify the investments that's that our customers have made as well as what our partners have been, being able to do to deliver on that multicloud capability, to take those applications, get them closer to the end user instead of sitting in a common data center and then making it more applicable to, to users wherever they may be, not just inside of that traditional four walls. >>Right, right. That's interesting. And Brad, you, you made a comment on another interview. I was watching getting ready for this one in terms of, uh, applications now being first class citizens was, was what you said. And it's kind of interesting coming from an infrastructure point of view, where before it was, you know, what do I have and what can I build on it now, I really it's the infrastructure that responds back to the application. And even though you guys are both in the business of, of networking and infrastructure, it's still this recognition that apps first is the way to go, because that gives people the competitive advantage that it gives them the ability to react in the marketplace and to innovate and move faster. So, you know, it's, it's a really interesting twist to be able to support an application first, by having a software defined in a more programmable infrastructure stack. >>Yeah, no doubt. And, you know, I think that the whole push to cloud was really interesting in the early days, it was like, Hey, we're going to change our applications to be cloud first. You know? And then I think the terminology changed over time, um, to more cloud native. So when we, when we look at what cloud has done over the past five years with customers moving, you know, their, their assets into the cloud in the early days that we were all looking at it just >>Like another data center, but what it's really become is a place to host your applications. So when we talk about cloud migrations with our customers now, we're, we're no longer talking about, you know, the assets per se, we're talking about the applications and what, what did those applications look like? And even what defines an application right now, especially with the whole move to cloud native and microservices in the automation that helps make that all happen with infrastructure as code. You're now able to bundle the infrastructure with those applications together as a single unit. So when you define that application, as infrastructure, as code the application in the definition of what those software assets for the infrastructure are, all are wrapped together and you've got change control, version control, um, and it's all automated, you know, it's, it's a beautiful thing. And I think it's something that we've all kind of hoped would happen. >>You know, when I look back at the early definitions of software defined networking, I think everybody was trying to figure it out and they didn't really fully understand what that meant now that we can actually define what that network infrastructure could look like as it's, as it's wrapped around that application in a code template, maybe that's Terraform or Ansible, whatever that might be, whatever method or tool that you're using to, to bring it all together. It's, it's, you know, it's really interesting now, I think, I think we've gotten to the point where it's starting to make a lot more sense than, you know, those early days of SDN, uh we're out, you know, it was a, was it a controller or is it a new version of SNMP? You know, now it makes sense. It's actually something tangible. Right, >>Right. But still check, as you said, right. There's still a lot of API APIs and there's still a lot of component pieces to these applications that are all run off the network that all have to fit, uh, that had to fit together. You know, we cover PagerDuty summit and you know, their whole thing is trying to find out where the, where the problems are within the very few microseconds that you have before the customer abandons their shopping cart or whatever the particular application. So again, the network infrastructure and the program ability super important. But I wonder if you could speak to the automation because there's just too much stuff going on for individual people to keep track of, and they shouldn't be keeping track of it because they need to be focusing on the important stuff, not this increasing amount of bandwidth and traffic going through the network. >>Yeah, absolutely. Jeff said the bandwidth that's necessary in order to support everybody working from home to support this video conference. I mean, we, we used to do this sitting face to face. Now we're doing this over the internet. The amount of people necessary to, to be able to facilitate that type of traffic. If we're doing it the way we did 10 years ago, we would not >>Scale it's automation. That makes that possible. That allows us to look higher up the ability to do that automatic provisional provisioning. Now that we're in microservices now that everything is cloud native, we have the ability to, to better, to better adjust to and adapt to changes that happen with the infrastructure below hand. So if something goes wrong, we can very quickly spend something up to take that load off where traditionally it was open up a ticket. Let me get someone in there, let me fix it. Now it's instantaneously identify the solution, go to my playbook, figure out exactly what solution I need to deploy and put that out there. And the network engineering team, the infrastructure engineering team, they just simply need to get notified that this happened. And as long as there's traceability and a point that Brad made, as far as you being able to go through here doing the automation of the documentation side of it. >>I know when I was a network engineer, one of the last things we ever did was documentation. But now that we have the API is from the infrastructure. And then the ability to tie that into other systems like an IP address management or a change control, or a trouble ticketing system, that whole idea of I made an infrastructure change. And now I can automatically do that documentation update and record. I know who did it. I know when they did it and I know what they did, and I know what the test results were even five years ago, that was fantasy land. Now, today that's just the new normal, that's just how we all operate. >>Right. Right, right. So I want to get your take on the other trend, which is cloud multicloud, public cloud. You know, as, as I think you said Brad, when public cloud first came out, there was kind of this, this rush into, we're going to throw everything in there then for, for, for different reasons. People decided maybe that's not the best, the best solution, but really it's horses for courses. Right. And, and I think it was pretty interesting that, that you guys are all supporting the customers that are trying to figure out where they're going to put their workloads. And Oh, by the way, that might not be a static place, right. It might be moving around based on, you know, maybe I do my initial dev and, and, and Amazon. And then when I go into production, maybe I want to move it into my data center. >>And then maybe I'm having a big promotion or something I want to flex capability. So from, from your perspective and helping customers work through this, because still there's a lot of opinions about what is multicloud, what is hybrid cloud and, you know, it's horses for courses. How are you helping people navigate that? And what does having programmable infrastructure enable you to do for helping customers kind of sort through, you know, everybody talks about their journey. I think there's still kind of bumbling down, bumbling down paths, trying to find new things, what works, what doesn't work. And I think it's still really early days and trying to mesh all this stuff together. Yeah, >>Yeah. No doubt. It is still early days. And you know, I, I, I go back to it being application centric because, you know, being able to understand that application, when you move to the cloud, it may not look like, what did he still look like when you, when you move it over there, you may be breaking parts off of it. Some of them might be running on a platform as a service while other pieces of it are running as infrastructure as a service. >>And some of it might still be in your data center. Those applications are becoming much more complex than they used to be because we're breaking them apart into different services. Those services could live all over the place. So with automation, we really gain the power of being able to combine those things. As I mentioned earlier, those resources, wherever they are, can be defined in that infrastructure as code and automation. But you know, the side from provisioning, I think we focus a lot about provisioning. When we talk about automation, we also have these amazing capabilities on, on the side of operations too. Like we've got streaming telemetry in the ability to, to gain insights into what's going on in ways that we didn't have before, or at least in the, in, you know, in the early days of monitoring software, right. You knew exactly what that device was, where it was. >>It probably had a friendly name, like maybe it was, uh, something from the Hobbit right now. You've got things coming up and spinning and spinning up and spinning down, moving all over the place. And that thing you used to know what that was. Now, you have to quickly figure out where it went. So the observability factor is a huge thing that I think everybody should be paying attention to attention, to moving forward with regards to when you're moving things to the cloud or even to other data centers or, you know, in your premise, um, breaking that into microservices, you really need to understand what's going on in the, you know, programmability and API APIs and, you know, yang models are tied into streaming telemetry. Now there's just so many great things coming out of this, you know, and it's all like a data structure that, that people who are going down this path and the dev net path, they're learning these data structures and being able to rationalize and make sense of them. And once you understand that, then all of these things come together, whether it's cloud or a router or switch, um, Amazon, you know, it doesn't matter. You're, you're all speaking a common language, which is that data structure. >>That's great. Chuck, I want to shift gears a little bit, cause there was something that you said in another interview when I was getting ready for this one about, about Deb, not really opening up a whole different class of partners for Cisco, um, as, as really more of a software, a software lead versus kind of the traditional networking lead. I wonder if you can put a little more color on that. Um, because clearly as you said, partners are super important. It's your primary go to market and, and Presidios, I'm sure the best partner that you have in the whole world that's and you know, you said there's some, there's some non traditional people that would not ever be a Cisco partner that suddenly you guys are playing with because of really software lead. >>Yeah. Jeff that's exactly right. So as we've been talking to folks with dev nets and whether it'd be at one of the Cisco live events in the dev net zone or at the prior dev net create events, we'll have, we'll have people come up to us who Cisco today views us as a customer because they're not in our partner ecosystem. They want to be able to deliver these capabilities to our customers, but they have no interest in being in the resell market. This what we're doing with the dev that specialization gives us the ability to bring those partners into the ecosystem, share them with our extremely large dev net community so they can get access to those, to those potential customers. But also it allows us to do partner to partner type of integration. So Brad and Presidio, they built a fantastic networking. They always have the fantastic networking business, but they built this fantastic automation business that's there, but they may come into, into a scenario where it's working with their vertical and working with the technology piece, that they may not have an automation practice for. >>We can leverage some of these software specific partners to come in there and do a joint, go to markets where, so they can go where that traditional channel partner can leverage their deep Cisco knowledge in those customer relationships that they have and bring in that software partner almost as a subcontractor to help them deliver that additional business value on top of that traditional stack, that brings us to this business outcomes. If the customers are looking for and a much faster fashion and a much more collaborative fashion, that's terrific. Well, again, it's a, it's, it's unfortunate that we can't be in person. I mean, the, the Cisco dev net shows, you know, they're still small, they're still intimate. There's still a lot of, uh, information sharing and, you know, great to see you. And like I said, we've been at the computer museum, I think the last couple of years and in, in San Francisco. So I look forward to a time that we can actually be together, uh, maybe, maybe for next year's event, but, uh, thank you very much for stopping by and sharing the information. Really appreciate it. It happens happy to be here >>From around the globe. It's the cube presenting, accelerating automation with dev net brought to you by Cisco. What I'm Sean for the cube, your host for accelerating automation with dev net with Cisco. And we're here to close out the virtual event with Mindy Whaley, senior director, Mandy, take it away. >>Thank you, John. It's been great to be here at this virtual event, hearing all these different automation stories from our different technology groups, from customers and partners. And what I'd like to take a minute now is to let people know how they can continue this experience at dev net create, which is our free virtual event happening globally. On October 13th, there's going to be some really fun stuff. We're going to have our annual demo jam, which is kind of like an open for demos where the community gets to show what they've been building. We're also going to be, um, giving out and recognizing our dev net creator award winners for this year, which is a really great time where we recognize our community contributors who have been giving back to the community throughout the year. And then we find really interesting channels. We have our creators channels, which is full of technical talks, lightening talks. >>This is where our community, external Cisco people come in share what they've been working on, what they've been working learning during the year. We also have a channel called API action, which is where you can go deep into IOT or collaboration or data center automation and get demos talks from engineers on how to do certain use cases. And also a new segment called straight from engineering, where you get to hear from the engineers, building those products as well. And we have a start now for those people just getting started, who may need to dive into some basics around coding, API APIs and get that's a whole channel dedicated to getting them started so that they can start to participate in some of the fun challenges that we're going to have during the event. And we're going to have a few fun things. Like we have some definite, um, advocate team members who are awesome, musically talented. They're going to share some performances with us. So, um, we encourage everyone to join us there. Pick your favorite channel, uh, join us in whichever time zone you live in. Cause we'll be in three different time zones. And, um, we would love for you to be there and to hear from you during the event. >>That's awesome. Very innovative, multiple time zones, accelerating automation with dev net. Thank you so much for watching and we'll see you at dev net create thanks for watching.

>>from >>around the >>globe. It's the Cube with digital coverage of pager duty. Summit 2020. Brought to you by pager duty. Hey, welcome back to Brady. Jeffrey here with the Cube in Palo Alto studios today. And we're talking about an upcoming event. It's one of our favorites. This will be the fourth year that we've been doing it. And it's pager duty summit. And we're excited to have from the pager duty team. She's Caroline Gus, the VP of corporate marketing from pager duty. Caroline, Great to see you. >>Hi, Jeff. Great to see you again. >>Absolutely. So, you know, I was thinking before we turn on the cameras we've been doing pager duty for I think this will be like, say, our fourth year that first year was in the cool, um, cruise ship terminal pier. I gotta written appear 27 which was which was nice. And then the last two years, you've been in the, you know, historic Westin ST Francis in downtown San Francisco, which is a cool old venue, but oh, my goodness. You guys were busting at the seams last year. So this year, year to go virtual. There's a whole bunch of new things that that you could do in virtual that you couldn't do in physical space. At least when you're busting out of the seems so First off, Welcome and >>talk a little >>bit about planning for virtual versus planning for a physical event from, you know, head of marketing perspective. >>Absolutely. I mean, the first thing that's changed for us is the number of people that can come. It's five x the number of people that were able to join us, the Western last year. So we have, uh, we we expect to have 10,000 people registered on attending age duty summit. The second thing is thea share number of sessions that we can put on. Last year, I think we had around 25 sessions. This year we have between 40 and 50 on again. That's because we're not constrained by space and physical meeting rooms, so it's being a really exciting process for us. We've built a fantastic agenda on. It's very much personalized, you know, developers come to our event. They love our event for the opportunity to learn mixed with their peers, get best practices and hands on experience. So we have many more of those types of sessions when we have done previously, and that things like labs and Bird of Feather Sessions and Emma's. But we've also built a whole new track of content this year for executives. Page Julie has, um, many of the Fortune 500 on 4100 customers. We work very closely with CEO CTO, so we have built sessions that are really designed specifically for that audience on I think for us it's really opened up. The potential of this event made it so much broader and more appealing than we were able to do when we were, As you say, you know, somewhat confined by the location in downtown San Francisco. >>I think it's such an interesting point. Um, because before you were constrained, right, If you have X number of rooms over a couple of days, you know you've got to make hard decisions on breakouts and what could go in and what can't go in. And, you know, will there be enough demand for these for this session versus another session? Or from the perspective of an attendee, you know, do they have to make hard tradeoffs? I could only attend one session at one oclock on Tuesday and I got to make hard decisions. But this is, you said really opens up the opportunities. I think you said you doubled. You doubled your sessions on and you got five X a number of registrations. So I think, you know, way too many people think about what doesn't happen in digital vs talking about the things that you can do that are impossible in physical. >>Yeah, I think at the very beginning. Well, first of all, we held our Amir summit events in London in July. So that was great because we got Thio go through this experience once already. And what we learned was the rial removal of hurdles in this process. So, to your point about missing the session because you're attending another session, we were calling this sort of the Pelton version of events where you have live sessions. It's great to be there, live participate in the live Q and A, but equally you have an entire on demand library. So if you weren't able to go because there was something else at the same time, this is available on demand for you. So we are actually repeating live sessions on two consecutive day. So on the Monday we're on everything on the Tuesday I ask because show up again for life Q and A at the end of their sessions. But after that it's available forever on an on demand library. So for us, it was really removing hurdles in terms of the amount of content, the scheduling of the content on also the number of people that content in attend, no geographical boundaries anymore. It used to be that a customer of ours would think, Well, I'll send one or two people to the page duty summit. They could learn all the great innovation from page duty, and they'll bring it back to the team that's completely changed. You know, we have tens of 20 signing up on. All of them are able to get that experience firsthand. >>That's really interesting. I didn't didn't even think about, you know, kind of whole teams being able to attend down instead of just certain individuals because of budget constraints, or you can't send your whole team, you know, a way for a conference in a particular area. But the piece to that you're supporting that were over and over is that the net new registrants goes up so dramatically in terms of the names and and and who those individuals are because a lot of people just couldn't attend for for various reasons, whether it's cost, whether it's, uh, geography, whether it's they just can't take time off from from from leaving their primary job. So it's a really interesting opportunity to open up, um, the participation to such a much bigger like you said five x five X, and increase in the registration. That's pretty good number. >>That's right. Yeah. I mean, that crossed boundaries gone away. This event is free on DWhite. That's actually meant is, as I say, you know, larger teams from the same company are attending. Uh, In addition, we have a number of attendees who are not actually paid to duty customers right now to previously. This was very much a community event for, you know, our page duty users on now we actually have a large number of I asked, interested future customers that will be coming to the event. So that's really important for us. And also, I think, for our sponsor partners as well, because it's bordering out the audience for both of us. So let's >>talk about sponsors for a minute, because, um, one of the big things in virtual events that people are talking about quite often is. Okay, I can do the keynotes, and I could do the sessions. And now I have all these breakout sessions for, um, you know, training and certification and customer stories, etcetera. But when it comes to sponsors, right sponsors used, you know, go to events to set up a booth and hand out swag and wander badge. Right? And it really was feeding kind of a top level down funnel. That was really important. Well, now those have gone away. Physical events. So from the sponsor perspective, you know, what can they expect? What? What do you know the sponsor experience at pager duty Summit. Since I don't have a little tiny booth at the Westin ST Francis given out swag this year. >>Yeah. So one important thing is the agenda and how we're involving our sponsors in our agenda this time, something that we learned is we used to have very long keynotes. You know, the keynote could be an hour long on involved multiple components and people would stay in that room for a now er on did really stay and watch sessions all day. So we learned in the virtual format that we need to be shorter and more precise in our sessions on that opened up the opportunity to bring in more of our partners, our sponsorship partners. So zendesk Salesforce, Microsoft some examples. So they actually get to have their piece of both of our keynote sessions and of our technical product sessions. I'm really explain both the partnership with pager duty, but also they're called technology and the value that they provide customers. So I think that the presence of sponsors in content is much higher than it was before on we are still repeating the Expo format, so we actually do have on Expo Hall that any time there's breaking between sessions, you could go over to the Expo ball, and it actually runs throughout as well, and you can go in and you can talk to the teams. You can see product demos, so it's very much a virtual version of the Expo Hall where you went and you want around and you picked up a bit of swag, >>so you mentioned keynotes and and Jennifer and and the team has always had a fantastic keynotes. I mean, I just saw Jennifer being interviewed with Frank's Luqman and and Eric Juan from Zoom By by Curry, which was pretty amazing. I felt kind of jealous that I didn't get to do that. But, um, talk tell us a little bit about some of the speakers I know there'll be some some, you know, kind of big rally moment speakers as well as some that are more down to technical track or another track. Give us some highlights on on some of the people. I will be sharing the stage with Jennifer. >>Absolutely, I said. I think what's really unique about Page duty Summit is that we designed types of content for different types of attendees. So if you're a developer, your practitioner, we have something like this from Jones of Honeycombs, who's talking about who builds the tools that we all rely on today, and how do they collaborate to build them together in this virtual world? Or we have J. Paul Reed from Netflix talking about how to handle the stress of being involved in incidents, So that's really sessions for our core audience of developers who are part of our community and pager duty really helps them day to day with with that job. And then we have the more aspirational senior level speakers who could really learn from a ZA leader. So Bret Taylor, president and CEO of Salesforce, will be joining us on the main stage. You'll be talking about innovation and trust in today's world on. Then we have Derrick Johnson. He is president of N A A. C P, and he'll be talking about community engagement and particularly voter engagement, which is such an important topic for us right now. Aan den. We have leaders from within our customers who are really talking about the way they use pager duty thio drive change in their organization. So an example would be porches, bro. He runs digital for Fox on, and he's gonna be talking about digital acceleration. How large organization like Fox can really accelerate for this digital first world that we find ourselves living in right now, >>right? Well, you guys have such a developer focus because pager duty, the product of solution, has to integrate with so many other, um, infrastructure, you know, monitoring and, uh, and all of all those different systems because you guys were basically at the front line, you know, sending them the signals that go into those systems. So you have such a broad, you know, kind of ecosystem of technology partners. I don't know if people are familiar with all the integrations that you guys have built over the years, which is such a key piece of your go to market. >>That's right. I mean, we we like to say we're at the center of the digital ecosystem. We have 203 170 integrations on. That's important because we want anyone to be able to use page duty no matter what is in their technology stack technology stacks today are more complex than they've ever been before, particularly with businesses having to shift to this digital first model since we all began shelter in place, you know, we all are living through digital on working and learning through digital on DSO. The technology stacks that power that are more complicated than ever before. So by having 370 integrations, we really know that we conserve pretty much any set of services that your business. It's using. >>Yeah, we've all seen all the means right about who's who's pushing your digital transformation. You know, the CEO, the CEO or or covert. And we all know the answer to toe what's accelerated that whole process. So okay, but so before I let you go, I don't even think we've mentioned the date. So it's coming up Monday, September, September 21st through Thursday, September 24th not at the West End Online and again. What air? What are you hoping? You're kind of the key takeaways for the attendees after they come to the summit? >>Yeah, a couple of things. I mean, first of all, I think will be a sense of belonging. Three attendees, the uses, a pager duty. They are really the teams that are at the forefront of keeping our digital services working on. But what that means is responding to incidents we've actually seen. Ah, 38% increase in the volume of incidents on our platform since covert and shelter in place began. Wait 30 >>38% increase in incidents since mid March. >>That's correct. Since the beginning of on bear in mind incidents. Prior to that in the six months prior, they were pretty flat. There wasn't instant growth. But what we've also seen is a 20% improvement in the time that it takes to resolve an incident from five minutes down to four minutes. So what that really means is that the pager duty community is working really hard. They're improving their practices. Hopefully our platform, our platform is a key part of how, but these are some people under pressure, so I hope that people can come and they can experience a sense of belonging. They can learn from each other about experiences. How do you manage the stress of that situation on what are some of the great innovations that make your job easier in the year ahead? The second thing that we don't for that community is that we are offering certification for P. D. You page due to university for free this year. It's of course, with a value of $7500. Last year, you would attend page duty summit on you would sit through your sessions and you would learn and you would get certified. So this year it's offered for free. You take the course during summit. But you can also carry on if you miss anything for 30 days after. So we're really feeling that, you know, we're giving back there, offering a great program for certification and improved skills completely free to help our community in this in this time of pressure, >>right? Right. Well, it is a very passionate community, and, you know, we go to so many events and you can you can really tell it's palatable, you know, kind of what the where the tight communities are and where people are excited to see each other and where they help each other, not necessarily only at the event, but you know, throughout the year. And I think you know a huge shout out to Jennifer on the culture that she's built there because it is very warm. It's very inclusive, is very positive. And and that energy, you know, kind of goes throughout the whole company and ice the teaser. You know this in something that's built around a device that most of the kids today don't even know what a pager is, and just the whole concept of carrying a pager and being on call right and being responsible. It's a very different way to kind of look at the world when you're the one that has that thing on your hip and it's buzzing and someone's expecting, Ah, return call and you gotta fix something So you know, a huge shout out to keep a positive and you're smiling nice and big culture in a job where you're basically fixing broken things most of the time. >>Yeah, absolutely. I mean, there's, I think, a joke that we make you know these things only break on Friday night or your wedding anniversary or Thanksgiving. But one of the announcements we're most excited about this year is the level of automation on artificial intelligence that we're building into our platform that is really going to reduce the number of interruptions that developers get when they are uncle. >>Yeah, I look forward to more conversations because we're gonna be doing a bunch of Cube interviews like Normal and, uh, you know, applied artificial intelligence, I think, is where all the excitement is. It's not a generic thing. It's where you applied in a specific application to get great business outcomes. So I look forward to that conversation and hopefully we'll be able to talk again and good luck to you and the team in the last few weeks of preparation. >>Thanks so much, Jeff. I've enjoyed talking to you. Thanks for having me. >>Alright. You too. And we'll see you later. Alright. She is Caroline. I'm Jeff. You're watching the Cube. Thanks for watching. We'll see you next time.

(water running) (upbeat music) (electric buzzing) >> Fuel up! (upbeat music) (audience clapping) (upbeat music) >> Announcer: From around the globe. It's the queue with digital coverage of DockerCon live 2020, brought to you by Docker and its ecosystem partners. >> Hello everyone, welcome to DockerCon 2020. I'm John Furrier with theCUBE I'm in our Palo Alto studios with our quarantine crew. We have a great lineup here for DockerCon 2020. Virtual event, normally it was in person face to face. I'll be with you throughout the day from an amazing lineup of content, over 50 different sessions, cube tracks, keynotes, and we've got two great co-hosts here with Docker, Jenny Burcio and Bret Fisher. We'll be with you all day today, taking you through the program, helping you navigate the sessions. I'm so excited. Jenny, this is a virtual event. We talk about this. Can you believe it? Maybe the internet gods be with us today and hope everyone's having-- >> Yes. >> Easy time getting in. Jenny, Bret, thank you for-- >> Hello. >> Being here. >> Hey. >> Hi everyone, so great to see everyone chatting and telling us where they're from. Welcome to the Docker community. We have a great day planned for you. >> Guys great job getting this all together. I know how hard it is. These virtual events are hard to pull off. I'm blown away by the community at Docker. The amount of sessions that are coming in the sponsor support has been amazing. Just the overall excitement around the brand and the opportunities given this tough times where we're in. It's super exciting again, made the internet gods be with us throughout the day, but there's plenty of content. Bret's got an amazing all day marathon group of people coming in and chatting. Jenny, this has been an amazing journey and it's a great opportunity. Tell us about the virtual event. Why DockerCon virtual. Obviously everyone's canceling their events, but this is special to you guys. Talk about DockerCon virtual this year. >> The Docker community shows up at DockerCon every year, and even though we didn't have the opportunity to do an in person event this year, we didn't want to lose the time that we all come together at DockerCon. The conversations, the amazing content and learning opportunities. So we decided back in December to make DockerCon a virtual event. And of course when we did that, there was no quarantine we didn't expect, you know, I certainly didn't expect to be delivering it from my living room, but we were just, I mean we were completely blown away. There's nearly 70,000 people across the globe that have registered for DockerCon today. And when you look at DockerCon of past right live events, really and we're learning are just the tip of the iceberg and so thrilled to be able to deliver a more inclusive global event today. And we have so much planned I think. Bret, you want to tell us some of the things that you have planned? >> Well, I'm sure I'm going to forget something 'cause there's a lot going on. But, we've obviously got interviews all day today on this channel with John and the crew. Jenny has put together an amazing set of all these speakers, and then you have the captain's on deck, which is essentially the YouTube live hangout where we just basically talk shop. It's all engineers, all day long. Captains and special guests. And we're going to be in chat talking to you about answering your questions. Maybe we'll dig into some stuff based on the problems you're having or the questions you have. Maybe there'll be some random demos, but it's basically not scripted, it's an all day long unscripted event. So I'm sure it's going to be a lot of fun hanging out in there. >> Well guys, I want to just say it's been amazing how you structured this so everyone has a chance to ask questions, whether it's informal laid back in the captain's channel or in the sessions, where the speakers will be there with their presentations. But Jenny, I want to get your thoughts because we have a site out there that's structured a certain way for the folks watching. If you're on your desktop, there's a main stage hero. There's then tracks and Bret's running the captain's tracks. You can click on that link and jump into his session all day long. He's got an amazing set of line of sleet, leaning back, having a good time. And then each of the tracks, you can jump into those sessions. It's on a clock, it'll be available on demand. All that content is available if you're on your desktop. If you're on your mobile, it's the same thing. Look at the calendar, find the session that you want. If you're interested in it, you could watch it live and chat with the participants in real time or watch it on demand. So there's plenty of content to navigate through. We do have it on a clock and we'll be streaming sessions as they happen. So you're in the moment and that's a great time to chat in real time. But there's more, Jenny, getting more out of this event. You guys try to bring together the stimulation of community. How does the participants get more out of the the event besides just consuming some of the content all day today? >> Yes, so first set up your profile, put your picture next to your chat handle and then chat. John said we have various setups today to help you get the most out of your experience are breakout sessions. The content is prerecorded, so you get quality content and the speakers and chat so you can ask questions the whole time. If you're looking for the hallway track, then definitely check out the captain's on deck channel. And then we have some great interviews all day on the queue. So set up your profile, join the conversation and be kind, right? This is a community event. Code of conduct is linked on every page at the top, and just have a great day. >> And Bret, you guys have an amazing lineup on the captain, so you have a great YouTube channel that you have your stream on. So the folks who were familiar with that can get that either on YouTube or on the site. The chat is integrated in, So you're set up, what do you got going on? Give us the highlights. What are you excited about throughout your day? Take us through your program on the captains. That's going to be probably pretty dynamic in the chat too. >> Yeah, so I'm sure we're going to have lots of, stuff going on in chat. So no cLancaerns there about, having crickets in the chat. But we're going to be basically starting the day with two of my good Docker captain friends, (murmurs) and Laura Taco. And we're going to basically start you out and at the end of this keynote, at the end of this hour and we're going to get you going and then you can maybe jump out and go to take some sessions. Maybe there's some stuff you want to check out and other sessions that you want to chat and talk with the instructors, the speakers there, and then you're going to come back to us, right? Or go over, check out the interviews. So the idea is you're hopping back and forth and throughout the day we're basically changing out every hour. We're not just changing out the guests basically, but we're also changing out the topics that we can cover because different guests will have different expertise. We're going to have some special guests in from Microsoft, talk about some of the cool stuff going on there, and basically it's captains all day long. And if you've been on my YouTube live show you've watched that, you've seen a lot of the guests we have on there. I'm lucky to just hang out with all these really awesome people around the world, so it's going to be fun. >> Awesome and the content again has been preserved. You guys had a great session on call for paper sessions. Jenny, this is good stuff. What other things can people do to make it interesting? Obviously we're looking for suggestions. Feel free to chirp on Twitter about ideas that can be new. But you guys got some surprises. There's some selfies, what else? What's going on? Any secret, surprises throughout the day. >> There are secret surprises throughout the day. You'll need to pay attention to the keynotes. Bret will have giveaways. I know our wonderful sponsors have giveaways planned as well in their sessions. Hopefully right you feel conflicted about what you're going to attend. So do know that everything is recorded and will be available on demand afterwards so you can catch anything that you miss. Most of them will be available right after they stream the initial time. >> All right, great stuff, so they've got the Docker selfie. So the Docker selfies, the hashtag is just DockerCon hashtag DockerCon. If you feel like you want to add some of the hashtag no problem, check out the sessions. You can pop in and out of the captains is kind of the cool kids are going to be hanging out with Bret and then all they'll knowledge and learning. Don't miss the keynote, the keynote should be solid. We've got chain Governor from red monk delivering a keynote. I'll be interviewing him live after his keynote. So stay with us. And again, check out the interactive calendar. All you got to do is look at the calendar and click on the session you want. You'll jump right in. Hop around, give us feedback. We're doing our best. Bret, any final thoughts on what you want to share to the community around, what you got going on the virtual event, just random thoughts? >> Yeah, so sorry we can't all be together in the same physical place. But the coolest thing about as business online, is that we actually get to involve everyone, so as long as you have a computer and internet, you can actually attend DockerCon if you've never been to one before. So we're trying to recreate that experience online. Like Jenny said, the code of conduct is important. So, we're all in this together with the chat, so try to be nice in there. These are all real humans that, have feelings just like me. So let's try to keep it cool. And, over in the Catherine's channel we'll be taking your questions and maybe playing some music, playing some games, giving away some free stuff, while you're, in between sessions learning, oh yeah. >> And I got to say props to your rig. You've got an amazing setup there, Bret. I love what your show, you do. It's really bad ass and kick ass. So great stuff. Jenny sponsors ecosystem response to this event has been phenomenal. The attendance 67,000. We're seeing a surge of people hitting the site now. So if you're not getting in, just, Wade's going, we're going to crank through the queue, but the sponsors on the ecosystem really delivered on the content side and also the sport. You want to share a few shout outs on the sponsors who really kind of helped make this happen. >> Yeah, so definitely make sure you check out the sponsor pages and you go, each page is the actual content that they will be delivering. So they are delivering great content to you. So you can learn and a huge thank you to our platinum and gold authors. >> Awesome, well I got to say, I'm super impressed. I'm looking forward to the Microsoft Amazon sessions, which are going to be good. And there's a couple of great customer sessions there. I tweeted this out last night and let them get you guys' reaction to this because there's been a lot of talk around the COVID crisis that we're in, but there's also a positive upshot to this is Cambridge and explosion of developers that are going to be building new apps. And I said, you know, apps aren't going to just change the world, they're going to save the world. So a lot of the theme here is the impact that developers are having right now in the current situation. If we get the goodness of compose and all the things going on in Docker and the relationships, this real impact happening with the developer community. And it's pretty evident in the program and some of the talks and some of the examples. how containers and microservices are certainly changing the world and helping save the world, your thoughts. >> Like you said, a number of sessions and interviews in the program today that really dive into that. And even particularly around COVID, Clement Beyondo is sharing his company's experience, from being able to continue operations in Italy when they were completely shut down beginning of March. We have also in theCUBE channel several interviews about from the national Institute of health and precision cancer medicine at the end of the day. And you just can really see how containerization and developers are moving in industry and really humanity forward because of what they're able to build and create, with advances in technology. >> Yeah and the first responders and these days is developers. Bret compose is getting a lot of traction on Twitter. I can see some buzz already building up. There's huge traction with compose, just the ease of use and almost a call for arms for integrating into all the system language libraries, I mean, what's going on with compose? I mean, what's the captain say about this? I mean, it seems to be really tracking in terms of demand and interest. >> I think we're over 700,000 composed files on GitHub. So it's definitely beyond just the standard Docker run commands. It's definitely the next tool that people use to run containers. Just by having that we just buy, and that's not even counting. I mean that's just counting the files that are named Docker compose YAML. So I'm sure a lot of you out there have created a YAML file to manage your local containers or even on a server with Docker compose. And the nice thing is is Docker is doubling down on that. So we've gotten some news recently, from them about what they want to do with opening the spec up, getting more companies involved because compose is already gathered so much interest from the community. You know, AWS has importers, there's Kubernetes importers for it. So there's more stuff coming and we might just see something here in a few minutes. >> All right, well let's get into the keynote guys, jump into the keynote. If you missing anything, come back to the stream, check out the sessions, check out the calendar. Let's go, let's have a great time. Have some fun, thanks and enjoy the rest of the day we'll see you soon. (upbeat music) (upbeat music) >> Okay, what is the name of that Whale? >> Molly. >> And what is the name of this Whale? >> Mobby. >> That's right, dad's got to go, thanks bud. >> Bye. >> Bye. Hi, I'm Scott Johnson, CEO of Docker and welcome to DockerCon 2020. This year DockerCon is an all virtual event with more than 60,000 members of the Docker Community joining from around the world. And with the global shelter in place policies, we're excited to offer a unifying, inclusive virtual community event in which anyone and everyone can participate from their home. As a company, Docker has been through a lot of changes since our last DockerCon last year. The most important starting last November, is our refocusing 100% on developers and development teams. As part of that refocusing, one of the big challenges we've been working on, is how to help development teams quickly and efficiently get their app from code to cloud And wouldn't it be cool, if developers could quickly deploy to the cloud right from their local environment with the commands and workflow they already know. We're excited to give you a sneak preview of what we've been working on. And rather than slides, we thought we jumped right into the product. And joining me demonstrate some of these cool new features, is enclave your DACA. One of our engineers here at Docker working on Docker compose. Hello Lanca. >> Hello. >> We're going to show how an application development team collaborates using Docker desktop and Docker hub. And then deploys the app directly from the Docker command line to the clouds in just two commands. A development team would use this to quickly share functional changes of their app with the product management team, with beta testers or other development teams. Let's go ahead and take a look at our app. Now, this is a web app, that randomly pulls words from the database, and assembles them into sentences. You can see it's a pretty typical three tier application with each tier implemented in its own container. We have a front end web service, a middle tier, which implements the logic to randomly pull the words from the database and assemble them and a backend database. And here you can see the database uses the Postgres official image from Docker hub. Now let's first run the app locally using Docker command line and the Docker engine in Docker desktop. We'll do a Doc compose up and you can see that it's pulling the containers from our Docker organization account. Wordsmith, inc. Now that it's up. Let's go ahead and look at local host and we'll confirm that the application is functioning as desired. So there's one sentence, let's pull and now you and you can indeed see that we are pulling random words and assembling into sentences. Now you can also see though that the look and feel is a bit dated. And so Lanca is going to show us how easy it is to make changes and share them with the rest of the team. Lanca, over to you. >> Thank you, so I have, the source code of our application on my machine and I have updated it with the latest team from DockerCon 2020. So before committing the code, I'm going to build the application locally and run it, to verify that indeed the changes are good. So I'm going to build with Docker compose the image for the web service. Now that the image has been built, I'm going to deploy it locally. Wait to compose up. We can now check the dashboard in a Docker desktop that indeed our containers are up and running, and we can access, we can open in the web browser, the end point for the web service. So as we can see, we have the latest changes in for our application. So as you can see, the application has been updated successfully. So now, I'm going to push the image that I have just built to my organization's shared repository on Docker hub. So I can do this with Docker compose push web. Now that the image has been updated in the Docker hub repository, or my teammates can access it and check the changes. >> Excellent, well, thank you Lanca. Now of course, in these times, video conferencing is the new normal, and as great as it is, video conferencing does not allow users to actually test the application. And so, to allow us to have our app be accessible by others outside organizations such as beta testers or others, let's go ahead and deploy to the cloud. >> Sure we, can do this by employing a context. A Docker context, is a mechanism that we can use to target different platforms for deploying containers. The context we hold, information as the endpoint for the platform, and also how to authenticate to it. So I'm going to list the context that I have set locally. As you can see, I'm currently using the default context that is pointing to my local Docker engine. So all the commands that I have issued so far, we're targeting my local engine. Now, in order to deploy the application on a cloud. I have an account in the Azure Cloud, where I have no resource running currently, and I have created for this account, dedicated context that will hold the information on how to connect it to it. So now all I need to do, is to switch to this context, with Docker context use, and the name of my cloud context. So all the commands that I'm going to run, from now on, are going to target the cloud platform. So we can also check very, more simpler, in a simpler way we can check the running containers with Docker PS. So as we see no container is running in my cloud account. Now to deploy the application, all I need to do is to run a Docker compose up. And this will trigger the deployment of my application. >> Thanks Lanca. Now notice that Lanca did not have to move the composed file from Docker desktop to Azure. Notice you have to make any changes to the Docker compose file, and nor did she change any of the containers that she and I were using locally in our local environments. So the same composed file, same images, run locally and upon Azure without changes. While the app is deploying to Azure, let's highlight some of the features in Docker hub that helps teams with remote first collaboration. So first, here's our team's account where it (murmurs) and you can see the updated container sentences web that Lanca just pushed a couple of minutes ago. As far as collaboration, we can add members using their Docker ID or their email, and then we can organize them into different teams depending on their role in the application development process. So and then Lancae they're organized into different teams, we can assign them permissions, so that teams can work in parallel without stepping on each other's changes accidentally. For example, we'll give the engineering team full read, write access, whereas the product management team will go ahead and just give read only access. So this role based access controls, is just one of the many features in Docker hub that allows teams to collaboratively and quickly develop applications. Okay Lanca, how's our app doing? >> Our app has been successfully deployed to the cloud. So, we can easily check either the Azure portal to verify the containers running for it or simpler we can run a Docker PS again to get the list with the containers that have been deployed for it. In the output from the Docker PS, we can see an end point that we can use to access our application in the web browser. So we can see the application running in clouds. It's really up to date and now we can take this particular endpoint and share it within our organization such that anybody can have a look at it. >> That's cool Onka. We showed how we can deploy an app to the cloud in minutes and just two commands, and using commands that Docker users already know, thanks so much. In that sneak preview, you saw a team developing an app collaboratively, with a tool chain that includes Docker desktop and Docker hub. And simply by switching Docker context from their local environment to the cloud, deploy that app to the cloud, to Azure without leaving the command line using Docker commands they already know. And in doing so, really simplifying for development team, getting their app from code to cloud. And just as important, what you did not see, was a lot of complexity. You did not see cloud specific interfaces, user management or security. You did not see us having to provision and configure compute networking and storage resources in the cloud. And you did not see infrastructure specific application changes to either the composed file or the Docker images. And by simplifying a way that complexity, these new features help application DevOps teams, quickly iterate and get their ideas, their apps from code to cloud, and helping development teams, build share and run great applications, is what Docker is all about. A Docker is able to simplify for development teams getting their app from code to cloud quickly as a result of standards, products and ecosystem partners. It starts with open standards for applications and application artifacts, and active open source communities around those standards to ensure portability and choice. Then as you saw in the demo, the Docker experience delivered by Docker desktop and Docker hub, simplifies a team's collaborative development of applications, and together with ecosystem partners provides every stage of an application development tool chain. For example, deploying applications to the cloud in two commands. What you saw on the demo, well that's an extension of our strategic partnership with Microsoft, which we announced yesterday. And you can learn more about our partnership from Amanda Silver from Microsoft later today, right here at DockerCon. Another tool chain stage, the capability to scan applications for security and vulnerabilities, as a result of our partnership with Sneak, which we announced last week. You can learn more about that partnership from Peter McKay, CEO Sneak, again later today, right here at DockerCon. A third example, development team can automate the build of container images upon a simple get push, as a result of Docker hub integrations with GitHub and Alaska and Bitbucket. As a final example of Docker and the ecosystem helping teams quickly build applications, together with our ISV partners. We offer in Docker hub over 500 official and verified publisher images of ready to run Dockerized application components such as databases, load balancers, programming languages, and much more. Of course, none of this happens without people. And I would like to take a moment to thank four groups of people in particular. First, the Docker team, past and present. We've had a challenging 12 months including a restructuring and then a global pandemic, and yet their support for each other, and their passion for the product, this community and our customers has never been stronger. We think our community, Docker wouldn't be Docker without you, and whether you're one of the 50 Docker captains, they're almost 400 meetup organizers, the thousands of contributors and maintainers. Every day you show up, you give back, you teach new support. We thank our users, more than six and a half million developers who have built more than 7 million applications and are then sharing those applications through Docker hub at a rate of more than one and a half billion poles per week. Those apps are then run, are more than 44 million Docker engines. And finally, we thank our customers, the over 18,000 docker subscribers, both individual developers and development teams from startups to large organizations, 60% of which are outside the United States. And they spend every industry vertical, from media, to entertainment to manufacturing. healthcare and much more. Thank you. Now looking forward, given these unprecedented times, we would like to offer a challenge. While it would be easy to feel helpless and miss this global pandemic, the challenge is for us as individuals and as a community to instead see and grasp the tremendous opportunities before us to be forces for good. For starters, look no further than the pandemic itself, in the fight against this global disaster, applications and data are playing a critical role, and the Docker Community quickly recognize this and rose to the challenge. There are over 600 COVID-19 related publicly available projects on Docker hub today, from data processing to genome analytics to data visualization folding at home. The distributed computing project for simulating protein dynamics, is also available on Docker hub, and it uses spirit compute capacity to analyze COVID-19 proteins to aid in the design of new therapies. And right here at DockerCon, you can hear how Clemente Biondo and his company engineering in Gagne area Informatica are using Docker in the fight with COVID-19 in Italy every day. Now, in addition to fighting the pandemic directly, as a community, we also have an opportunity to bridge the disruption the pandemic is wreaking. It's impacting us at work and at home in every country around the world and every aspect of our lives. For example, many of you have a student at home, whose world is going to be very different when they returned to school. As employees, all of us have experienced the stresses from working from home as well as many of the benefits and in fact 75% of us say that going forward, we're going to continue to work from home at least occasionally. And of course one of the biggest disruptions has been job losses, over 35 million in the United States alone. And we know that's affected many of you. And yet your skills are in such demand and so important now more than ever. And that's why here at DockerCon, we want to try to do our part to help, and we're promoting this hashtag on Twitter, hashtag DockerCon jobs, where job seekers and those offering jobs can reach out to one another and connect. Now, pandemics disruption is accelerating the shift of more and more of our time, our priorities, our dollars from offline to online to hybrid, and even online only ways of living. We need to find new ways to collaborate, new approaches to engage customers, new modes for education and much more. And what is going to fill the needs created by this acceleration from offline, online? New applications. And it's this need, this demand for all these new applications that represents a great opportunity for the Docker community of developers. The world needs us, needs you developers now more than ever. So let's seize this moment. Let us in our teams, go build share and run great new applications. Thank you for joining today. And let's have a great DockerCon. >> Okay, welcome back to the DockerCon studio headquarters in your hosts, Jenny Burcio and myself John Furrier. u@farrier on Twitter. If you want to tweet me anything @DockerCon as well, share what you're thinking. Great keynote there from Scott CEO. Jenny, demo DockerCon jobs, some highlights there from Scott. Yeah, I love the intro. It's okay I'm about to do the keynote. The little green room comes on, makes it human. We're all trying to survive-- >> Let me answer the reality of what we are all doing with right now. I had to ask my kids to leave though or they would crash the whole stream but yes, we have a great community, a large community gather gathered here today, and we do want to take the opportunity for those that are looking for jobs, are hiring, to share with the hashtag DockerCon jobs. In addition, we want to support direct health care workers, and Bret Fisher and the captains will be running a all day charity stream on the captain's channel. Go there and you'll get the link to donate to directrelief.org which is a California based nonprofit, delivering and aid and supporting health care workers globally response to the COVID-19 crisis. >> Okay, if you jumping into the stream, I'm John Farrie with Jenny Webby, your hosts all day today throughout DockerCon. It's a packed house of great content. You have a main stream, theCUBE which is the mainstream that we'll be promoting a lot of cube interviews. But check out the 40 plus sessions underneath in the interactive calendar on dockercon.com site. Check it out, they're going to be live on a clock. So if you want to participate in real time in the chat, jump into your session on the track of your choice and participate with the folks in there chatting. If you miss it, it's going to go right on demand right after sort of all content will be immediately be available. So make sure you check it out. Docker selfie is a hashtag. Take a selfie, share it. Docker hashtag Docker jobs. If you're looking for a job or have openings, please share with the community and of course give us feedback on what you can do. We got James Governor, the keynote coming up next. He's with Red monk. Not afraid to share his opinion on open source on what companies should be doing, and also the evolution of this Cambrin explosion of apps that are going to be coming as we come out of this post pandemic world. A lot of people are thinking about this, the crisis and following through. So stay with us for more and more coverage. Jenny, favorite sessions on your mind for people to pay attention to that they should (murmurs)? >> I just want to address a few things that continue to come up in the chat sessions, especially breakout sessions after they play live and the speakers in chat with you, those go on demand, they are recorded, you will be able to access them. Also, if the screen is too small, there is the button to expand full screen, and different quality levels for the video that you can choose on your end. All the breakout sessions also have closed captioning, so please if you would like to read along, turn that on so you can, stay with the sessions. We have some great sessions, kicking off right at 10:00 a.m, getting started with Docker. We have a full track really in the how to enhance on that you should check out devs in action, hear what other people are doing and then of course our sponsors are delivering great content to you all day long. >> Tons of content. It's all available. They'll always be up always on at large scale. Thanks for watching. Now we got James Governor, the keynote. He's with Red Monk, the analyst firm and has been tracking open source for many generations. He's been doing amazing work. Watch his great keynote. I'm going to be interviewing him live right after. So stay with us and enjoy the rest of the day. We'll see you back shortly. (upbeat music) >> Hi, I'm James Governor, one of the co-founders of a company called RedMonk. We're an industry research firm focusing on developer led technology adoption. So that's I guess why Docker invited me to DockerCon 2020 to talk about some trends that we're seeing in the world of work and software development. So Monk Chips, that's who I am. I spent a lot of time on Twitter. It's a great research tool. It's a great way to find out what's going on with keep track of, as I say, there's people that we value so highly software developers, engineers and practitioners. So when I started talking to Docker about this event and it was pre Rhona, should we say, the idea of a crowd wasn't a scary thing, but today you see something like this, it makes you feel uncomfortable. This is not a place that I want to be. I'm pretty sure it's a place you don't want to be. And you know, to that end, I think it's interesting quote by Ellen Powell, she says, "Work from home is now just work" And we're going to see more and more of that. Organizations aren't feeling the same way they did about work before. Who all these people? Who is my cLancaern? So GitHub says has 50 million developers right on its network. Now, one of the things I think is most interesting, it's not that it has 50 million developers. Perhaps that's a proxy for number of developers worldwide. But quite frankly, a lot of those accounts, there's all kinds of people there. They're just Selena's. There are data engineers, there are data scientists, there are product managers, there were tech marketers. It's a big, big community and it goes way beyond just software developers itself. Frankly for me, I'd probably be saying there's more like 20 to 25 million developers worldwide, but GitHub knows a lot about the world of code. So what else do they know? One of the things they know is that world of code software and opensource, is becoming increasingly global. I get so excited about this stuff. The idea that there are these different software communities around the planet where we're seeing massive expansions in terms of things like open source. Great example is Nigeria. So Nigeria more than 200 million people, right? The energy there in terms of events, in terms of learning, in terms of teaching, in terms of the desire to code, the desire to launch businesses, desire to be part of a global software community is just so exciting. And you know, these, this sort of energy is not just in Nigeria, it's in other countries in Africa, it's happening in Egypt. It's happening around the world. This energy is something that's super interesting to me. We need to think about that. We've got global that we need to solve. And software is going to be a big part of that. At the moment, we can talk about other countries, but what about frankly the gender gap, the gender issue that, you know, from 1984 onwards, the number of women taking computer science degrees began to, not track but to create in comparison to what men were doing. The tech industry is way too male focused, there are men that are dominant, it's not welcoming, we haven't found ways to have those pathways and frankly to drive inclusion. And the women I know in tech, have to deal with the massively disproportionate amount of stress and things like online networks. But talking about online networks and talking about a better way of living, I was really excited by get up satellite recently, was a fantastic demo by Alison McMillan and she did a demo of a code spaces. So code spaces is Microsoft online ID, new platform that they've built. And online IDs, we're never quite sure, you know, plenty of people still out there just using the max. But, visual studio code has been a big success. And so this idea of moving to one online IDE, it's been around that for awhile. What they did was just make really tight integration. So you're in your GitHub repo and just be able to create a development environment with effectively one click, getting rid of all of the act shaving, making it super easy. And what I loved was it the demo, what Ali's like, yeah cause this is great. One of my kids are having a nap, I can just start (murmurs) and I don't have to sort out all the rest of it. And to me that was amazing. It was like productivity as inclusion. I'm here was a senior director at GitHub. They're doing this amazing work and then making this clear statement about being a parent. And I think that was fantastic. Because that's what, to me, importantly just working from home, which has been so challenging for so many of us, began to open up new possibilities, and frankly exciting possibilities. So Alley's also got a podcast parent-driven development, which I think is super important. Because this is about men and women rule in this together show parenting is a team sport, same as software development. And the idea that we should be thinking about, how to be more productive, is super important to me. So I want to talk a bit about developer culture and how it led to social media. Because you know, your social media, we're in this ad bomb stage now. It's TikTok, it's like exercise, people doing incredible back flips and stuff like that. Doing a bunch of dancing. We've had the world of sharing cat gifts, Facebook, we sort of see social media is I think a phenomenon in its own right. Whereas the me, I think it's interesting because it's its progenitors, where did it come from? So here's (murmurs) So 1971, one of the features in the emergency management information system, that he built, which it's topical, it was for medical tracking medical information as well, medical emergencies, included a bulletin board system. So that it could keep track of what people were doing on a team and make sure that they were collaborating effectively, boom! That was the start of something big, obviously. Another day I think is worth looking at 1983, Sorania Pullman, spanning tree protocol. So at DEC, they were very good at distributed systems. And the idea was that you can have a distributed system and so much of the internet working that we do today was based on radius work. And then it showed that basically, you could span out a huge network so that everyone could collaborate. That is incredibly exciting in terms of the trends, that I'm talking about. So then let's look at 1988, you've got IRC. IRC what developer has not used IRC, right. Well, I guess maybe some of the other ones might not have. But I don't know if we're post IRC yet, but (murmurs) at a finished university, really nailed it with IRC as a platform that people could communicate effectively with. And then we go into like 1991. So we've had IRC, we've had finished universities, doing a lot of really fantastic work about collaboration. And I don't think it was necessarily an accident that this is where the line is twofold, announced Linux. So Linux was a wonderfully packaged, idea in terms of we're going to take this Unix thing. And when I say package, what a package was the idea that we could collaborate on software. So, it may have just been the work of one person, but clearly what made it important, made it interesting, was finding a social networking pattern, for software development so that everybody could work on something at scale. That was really, I think, fundamental and foundational. Now I think it's important, We're going to talk about Linus, to talk about some things that are not good about software culture, not good about open source culture, not good about hacker culture. And that's where I'm going to talk about code of conduct. We have not been welcoming to new people. We got the acronyms, JFTI, We call people news, that's super unhelpful. We've got to find ways to be more welcoming and more self-sustaining in our communities, because otherwise communities will fail. And I'd like to thank everyone that has a code of conduct and has encouraged others to have codes of conduct. We need to have codes of conduct that are enforced to ensure that we have better diversity at our events. And that's what women, underrepresented minorities, all different kinds of people need to be well looked off to and be in safe and inclusive spaces. And that's the online events. But of course it's also for all of our activities offline. So Linus, as I say, I'm not the most charming of characters at all time, but he has done some amazing technology. So we got to like 2005 the creation of GIT. Not necessarily the distributed version control system that would win. But there was some interesting principles there, and they'd come out of the work that he had done in terms of trying to build and sustain the Linux code base. So it was very much based on experience. He had an itch that he needed to scratch and there was a community that was this building, this thing. So what was going to be the option, came up with Git foundational to another huge wave of social change, frankly get to logical awesome. April 20 April, 2008 GitHub, right? GiHub comes up, they've looked at Git, they've packaged it up, they found a way to make it consumable so the teams could use it and really begin to take advantage of the power of that distributed version control model. Now, ironically enough, of course they centralized the service in doing so. So we have a single point of failure on GitHub. But on the other hand, the notion of the poll request, the primitives that they established and made usable by people, that changed everything in terms of software development. I think another one that I'd really like to look at is Slack. So Slack is a huge success used by all different kinds of businesses. But it began specifically as a pivot from a company called Glitch. It was a game company and they still wanted, a tool internally that was better than IRC. So they built out something that later became Slack. So Slack 2014, is established as a company and basically it was this Slack fit software engineering. The focus on automation, the conversational aspects, the asynchronous aspects. It really pulled things together in a way that was interesting to software developers. And I think we've seen this pattern in the world, frankly, of the last few years. Software developers are influences. So Slack first used by the engineering teams, later used by everybody. And arguably you could say the same thing actually happened with Apple. Apple was mainstreamed by developers adopting that platform. Get to 2013, boom again, Solomon Hikes, Docker, right? So Docker was, I mean containers were not new, they were just super hard to use. People found it difficult technology, it was Easter Terek. It wasn't something that they could fully understand. Solomon did an incredible job of understanding how containers could fit into modern developer workflows. So if we think about immutable images, if we think about the ability to have everything required in the package where you are, it really tied into what people were trying to do with CICD, tied into microservices. And certainly the notion of sort of display usability Docker nailed that, and I guess from this conference, at least the rest is history. So I want to talk a little bit about, scratching the itch. And particularly what has become, I call it the developer authentic. So let's go into dark mode now. I've talked about developers laying out these foundations and frameworks that, the mainstream, frankly now my son, he's 14, he (murmurs) at me if I don't have dark mode on in an application. And it's this notion that developers, they have an aesthetic, it does get adopted I mean it's quite often jokey. One of the things we've seen in the really successful platforms like GitHub, Docker, NPM, let's look at GitHub. Let's look at over that Playfulness. I think was really interesting. And that changes the world of work, right? So we've got the world of work which can be buttoned up, which can be somewhat tight. I think both of those companies were really influential, in thinking that software development, which is a profession, it's also something that can and is fun. And I think about how can we make it more fun? How can we develop better applications together? Takes me to, if we think about Docker talking about build, share and run, for me the key word is share, because development has to be a team sport. It needs to be sharing. It needs to be kind and it needs to bring together people to do more effective work. Because that's what it's all about, doing effective work. If you think about zoom, it's a proxy for collaboration in terms of its value. So we've got all of these airlines and frankly, add up that their share that add up their total value. It's currently less than Zoom. So video conferencing has become so much of how we live now on a consumer basis. But certainly from a business to business perspective. I want to talk about how we live now. I want to think about like, what will come out all of this traumatic and it is incredibly traumatic time? I'd like to say I'm very privileged. I can work from home. So thank you to all the frontline workers that are out there that they're not in that position. But overall what I'm really thinking about, there's some things that will come out of this that will benefit us as a culture. Looking at cities like Paris, Milan, London, New York, putting a new cycling infrastructure, so that people can social distance and travel outside because they don't feel comfortable on public transport. I think sort of amazing widening pavements or we can't do that. All these cities have done it literally overnight. This sort of changes is exciting. And what does come off that like, oh there are some positive aspects of the current issues that we face. So I've got a conference or I've got a community that may and some of those, I've been working on. So Katie from HashiCorp and Carla from container solutions basically about, look, what will the world look like in developer relations? Can we have developer relations without the air miles? 'Cause developer advocates, they do too much travel ends up, you know, burning them out, develop relations. People don't like to say no. They may have bosses that say, you know, I was like, Oh that corporates went great. Now we're going to roll it out worldwide to 47 cities. That's stuff is terrible. It's terrible from a personal perspective, it's really terrible from an environmental perspective. We need to travel less. Virtual events are crushing it. Microsoft just at build, right? Normally that'd be just over 10,000 people, they had 245,000 plus registrations. 40,000 of them in the last day, right? Red Hat summit, 80,000 people, IBM think 90,000 people, GitHub Crushed it as well. Like this is a more inclusive way people can dip in. They can be from all around the world. I mentioned Nigeria and how fantastic it is. Very often Nigerian developers and advocates find it hard to get visas. Why should they be shut out of events? Events are going to start to become remote first because frankly, look at it, if you're turning in those kinds of numbers, and Microsoft was already doing great online events, but they absolutely nailed it. They're going to have to ask some serious questions about why everybody should get back on a plane again. So if you're going to do remote, you've got to be intentional about it. It's one thing I've learned some exciting about GitLab. GitLab's culture is amazing. Everything is documented, everything is public, everything is transparent. Think that really clear and if you look at their principles, everything, you can't have implicit collaboration models. Everything needs to be documented and explicit, so that anyone can work anywhere and they can still be part of the team. Remote first is where we're at now, Coinbase, Shopify, even Barkley says the not going to go back to having everybody in offices in the way they used to. This is a fundamental shift. And I think it's got significant implications for all industries, but definitely for software development. Here's the thing, the last 20 years were about distributed computing, microservices, the cloud, we've got pretty good at that. The next 20 years will be about distributed work. We can't have everybody living in San Francisco and London and Berlin. The talent is distributed, the talent is elsewhere. So how are we going to build tools? Who is going to scratch that itch to build tools to make them more effective? Who's building the next generation of apps, you are, thanks.

>> announcer: From around the globe. It's the theCUBE with digital coverage of DockerCon live 2020. Brought to you by Docker and its ecosystem partners. >> Welcome back to theCUBE coverage here at the DockerCon virtual headquarters, anchor desks here in the Palo Alto Studios were quarantined in this virtual event of DockerCon. I'm John Furrier, host along with Jenny Bertuccio, John Kreisa, Peter McKee, other folks who are moderating and weaving in and out of the sessions. But here we have a live sessions with Justin Graham, Vice President of the Products group at Docker. Justin, thanks for coming in DockerCon virtual '20. >> Absolutely, happy to be here from my home office in Seattle, Washington where it is almost sunny. >> You had a great backdrop traveler saying in the chat you got a bandwidth, a lot of bandwidth there. Looking good, some island. What a day for Docker global event. 77,000 people registered. It's just been an awesome party. >> It's been great, I could hardly sleep last night. I was up at 5:00 this morning. I was telling my son about it at breakfast. I interrupted his Zoom school. And he talked a little bit about it, so it's been awesome. I've been waiting for this interview slot for the most of the day. >> So yeah, I got to tell the kids to get off, download those gigabytes of new game updates and get off Netflix, I hear you. But you got good bandwidth. Let's get into it, I love your position. VP of Product at a company that's super technical, a lot of software, a lot of cloud. You've got a good view of the landscape of what the current situation is relative to the product, the deals that are going on with this new announced here, sneak Microsoft expansion, multiple clouds as well as the roadmap and community interaction. So you got a lot going on, you've got your fingers in all the action. When you get the keys to the kingdom, as we say in the product side of things, what's the story today from your perspective around DockerCon? What's the most important thing people should know about of what's going on with this new Docker? Obviously, ease of use, we've heard a lot about. What's going on? >> So I'll start with people. We are hyper focused on helping developers and development teams build and ship applications. That's what we're focused on. That's what we wake up every day thinking about. And we double click on that a minute in terms of what that means. If you think about where source control ends and having a running application on some production compute in the Cloud on the other end, there's a whole lot that needs to happen in the middle of those two things. And we hear from our development community and we see from those folks, there's a lot of complexity and choices and options and things in the middle there. And we really want to help streamline the creation of those pipelines to get those apps moving to production as fastly, as quickly as possible. >> And you can see it in some of the results and some of the sessions, one session coming up at around four, around how pipelining with Docker help increase the problem solving around curing cancer, really solving, saving people's lives to the front lines with COVID 19 to business value. So you seeing, again Docker coming back into the fold relative to the simple value proposition of making things super easy for developers, but on top of the mega trend of microservices. So, outside of some of these awesome sessions with his learning, the hardcore sessions here at DockerCon around microservices from monitoring, you name it, not a trivial thing cause you've got stateless and state, all kinds of new things are going on with multiple clouds. So not an easy-- >> No. >> road to kind of grok or understand you have to manage that. What are people paying attention to? What is happening? I think, first off I'll say, one of the things that I'm super passionate about is increasing access to technology, so the greatest and best ideas can get bubbled up to the top and expose no matter where they come from, whom they come from, et cetera. And I think one of the things that makes that harder, that makes that complex is just how much developers need to understand or even emerging developers need to understand. Just to even get started. Languages, IDEs, packaging, building where do you ship to? If you pick a certain powder end point, you have to understand networking and storage and identity models are just so much you have to absorb. So we're hyper focused on how can we make that complex super easy. And these are all the things that we get asked questions on. And we get interacted with on our public roadmap in other places to help with. So that's the biggest things that you're going to see coming out of Docker starting now and moving forward. We'll be serving that end. >> Let's talk about some of the new execution successes you guys had. Honestly, Snyk is security shifting left, that's a major, I think a killer win for Snyk. Obviously, getting access to millions of developers use Docker and vice versa. Into the shifting left, you get to security in that workflow piece. Microsoft expanding relationship's interesting as well because Microsoft's got a robust tech developer ecosystem. They have their own tools. So, you see these symbiotic relationship with Docker, again, coming into the fold where there's a lot of working together going on. Explain that meaning, what does that mean? >> So you're on the back of the refocus Docker in our hyperfocus on developers and development teams, one of the core tenants of the how. So before that was the what. This is the how we're going to go do it. Is by partnering with the ecosystem as much as possible and bringing the best of breed in front of developers in a way that they can most easily consume. So if you take the Snyk partnership that was just a match, a match made in developer dopamine as a Sean Connolly, would say. We're hyper focused on developers and development teams and Snyk is also hyperfocused on making it as easy as possible for developers and development teams to stay secure ship, fast and stay secure. So it really just matched up super well. And then if you think, "Well, how do we even get there in the first place?" Well, we launched our public roadmap a few months ago, which was a first that Docker has ever done. And one of the first things that comes onto that public roadmap is image vulnerability scanning. For Docker, at that time it was really just focused on Docker Hub in terms of how it came through the roadmap. It got up voted a bunch, there has been some interaction and then we thought, "Well, why just like checking that box isn't enough," right? It's just checking the box. What can we do that really brings sort of the promise of the Docker experience to something like this? And Sneak was an immediate thought, in that respect. And we just really got in touch with them and we just saw eye to eye almost immediately. And then off off the rest went. The second piece of it was really around, well why just do it in Docker Hub? What about Docker Desktop? It's downloaded 80,000 times a week and it's got 2.2 million active installations on a weekly basis. What about those folks? So we decided to raise the bar again and say, "Hey, let's make sure that this partnership includes "not only Docker Hub but Docker Desktop, so you'll be able, when we launch this, to scan your images locally on Docker Desktop. >> Awesome, I see getting some phone calls and then you got to hit this, hit the end button real quick. I saw that in there. I've got an interesting chat I want to just kind of lighten things up a little bit from Brian Stevenson. He says, "Justin, what glasses are those?" (Justin laughing) So he wants to know what kind of glasses you're wearing. >> They're glasses that I think signal that I turned 40 last year. >> (laughs) I'd say it's for your gaming environments, the blue light glasses. >> But I'm not going to say where they came from because it's probably not going to engender a bunch of positive good. But they're nice glasses. They help me see the computer screen and make sure that I'm not a bad fingering my CLI commands >> Well as old guys need the glasses, certainly I do. Speaking of old and young, this brought up a conversation since that came up, I'll just quickly riff into this cause I think it's interesting, Kelsey Hightower, during the innovation panel talked about how the developers and people want to just do applications, someone to get under the hood, up and down the stack. I was riffing with John Chrysler, around kind of the new generation, the kids coming in, the young guns, they all this goodness at their disposal. They didn't have to load Linux on a desktop and Rack and Stack servers all that good stuff. So it's so much more capable today. And so this speaks to the modern era and the expansion overall of opensource and the expansion of the people involved, new expectations and new experiences are required. So as a product person, how do you think about that? Because you don't want to just build for the old, you got to build for the new as well as the experience changes and expectations are different. What's your thoughts around that? >> Yeah, I think about sort of my start in this industry as a really good answer to that. I mean, I remember as a kid, I think I asked for a computer for every birthday and Christmas from when I was six, until I got one given to me by a friend's parents in 1994, on my way off to boarding school. And so it took that long just for me to get a computer into my hands. And then when I was in school there wasn't any role sort of Computer Science or coding courses until my senior year. And then I had to go to an Engineering School at Rensselaer city to sort of get that experience at the time. I mean, just to even get into this industry and learn how to code was just, I mean, so many things had to go my way. And then Microsoft hired me out of college. Another thing that sort of fell my way. So this work that we're doing is just so important because I worked hard, but I had a lot of luck. But not everybody's going to have some of that, right? Have that luck. So how can we make it just as easy as possible for folks to get started wherever you are. If you have a family and you're working another full time job, can you spend a few hours at night learning Docker? We can help you with that. Download Docker Desktop. We have tutorials, we have great docs, we have great captains who teach courses. So everything we're doing is sort of in service of that vision and that democratization of getting into the ideas. And I love what Kelsey, said in terms of, let's stop talking about the tech and let's stop talking about what folks can do with the tech. And that's very, very poignant. So we're really working on like, we'll take care of all the complexity behind the scenes and all of the VMs and the launching of containers and the network. We'll try to help take care of all that complexity behind the curtain so that you can just focus on getting your idea built as a developer. >> Yeah, and you mentioned Kelsey, again. He got a great story about his daughter and Serverless and I was joking on Twitter that his daughter convinced them that Serverless is great. Of course we know that Kelsey already loves Serverless. But he's pointing out this developer dopamine. He didn't say that's Shawn's word, but that's really what his daughter wanted to do is show her friends a website that she built, not get into, "Hey look, I just did a Kubernetes cluster." I mean it's not like... But pick your swim lane. This is what it's all about now. >> Yeah, I hope my son never has to understand what a service mesh is or proxy is. Right? >> Yeah. >> I just hope he just learn the language and just learns how to bring an idea to life and all the rest of it is just behind me here. >> When he said I had a parenting moment, I thought he's going to say something like that. Like, "Oh my kid did it." No, I had to describe whether it's a low level data structure or (laughs) just use Serverless. Shifting gears on the product roadmap for Docker, can you share how folks can learn about it and can you give some commentary on what you're thinking right now? I know you guys put on GitHub. Is there a link available-- >> Absolutely, available. Github.com/docker/roadmap. We tried to be very, very poignant about how we named that. So it was as easy as possible. We launched it a few months ago. It was a first in terms of Docker publicly sharing it's roadmap and what we're thinking and what we're working on. And you'll find very clear instructions of how to post issues and get started. What our code of conduct is. And then you can just get started and we even have a template for you to get started and submit an issue and talk to us about it. And internally my team and to many of our engineers as well, we triaged what we see changing and coming into the public roadmap two to three times a week. So for a half an hour to 45 minutes at a time. And then we're on Slack, batting around ideas that are coming in and saying how we can improve those. So for everyone out there, we really do pay attention to this very frequently. And we iterate on it and the image vulnerability scannings one of those great examples you can see some other things that we're working on up there. So I will say this though, there has been some continual asks for our Lennox version of Docker Desktop. So I will commit that, if we get 500 up votes, that we will triage and figure out how to get that done over a period of time. >> You heard 500 up votes to triage-- >> 500 >> You as get that. And is there a shipping date on that if they get the 500 up votes? >> No, no, (John laughs) you went to a shipping date yet, but it's on the public roadmap. So you'll know when we're working on it and when we're getting there. >> I want before I get into your session you had with the capital, which is a very geeky session getting under the hood, I'm more on the business side. The tail wind obviously for Docker is the micro services trend. What containers has enabled is just going to continue to get more awesome and complex but also a lot of value and agility and all the things you guys are talking about. So that obviously is going to be a tailwind for you. But as you guys look at that piece of it, specifically the business value, how is Docker positioned? Because a of the use cases are, no one really starts out microservices from a clean sheet of paper that we heard some talks here DockerCon where the financial services company said, "Hey, it's simple stack," and then it became feature creep, which became a monolith. And then they had to move that technical debt into a much more polyglot system where you have multiple tools and there's a lot of things going on, that seems to be the trend that also speaks to the legacy environment that most enterprises have. Could you share your view on how Docker fits into those worlds? Because you're either coming from a simple stack that more often and got successful and you're going to go microservice or you have legacy, then you want to decouple and make it highly cohesive. So your thoughts. >> So the simple answer is, Docker can help on both ends. So I think as these new technologies sort of gain momentum and get talked about a bunch and sort of get rapid adoption and rapid hype, then they're almost conceived to be this wall that builds up where people start to think, "Well, maybe my thing isn't modern enough," or, "Maybe my team's not modern enough," or, "Maybe I'm not moderate enough to use this." So there's too much of a hurdle to get over. And that we don't see that at all. There's always a way to get started. Even thinking about the other thing, and I'd say, one we can help, let us know, ping us, we'll be happy to chat with you, but start small, right? If you're in a large enterprise and you have a long legacy stack and a bunch of legacy apps, think about the smallest thing that you can start with, then you can begin to break off of that. And as a proof of concept even by just downloading Docker Desktop and visual studio code and just getting started with breaking off a small piece, and improve the model. And I think that's where Docker can be really helpful introducing you to this paradigm and pattern shift of containers and containerized packaging and microservices and production run time. >> And certainly any company coming out of his post pandemic is going to need to have a growth strategy that's going to be based on apps that's going to be based on the projects that they're currently working, double down on those and kind of sunset the ones that aren't or fix the legacy seems to be a major Taylor. >> The second bit is, as a company, you're going to also have to start something new or many new things to innovate for your customers and keep up with the times and the latest technology. So start to think about how you can ensure that the new things that you're doing are starting off in a containerized way using Docker to help you get there. If the legacy pieces may not be able to move as quickly or there's more required there, just think about the new things you're going to do and start new in that respect. >> Well, let's bring some customer scenarios to the table. Pretend I'm a customer, we're talking, "Hey Justin, you're looking good. "Hey, I love Docker. I love the polyglot, blah, blah, blah." Hey, you know what? And I want to get your response to this. And I say, "DevOps won't work here where we are, "it's just not a good fit." What do you say when you hear things like that? >> See my previous comment about the wall that builds up. So the answer is, and I remember hearing this by the way, about Agile years ago, when Agile development and Agile processes began to come in and take hold and take over for sort of waterfall processes, right? What I hear customers really saying is, "Man, this is really hard, this is super hard. "I don't know where to start, it's very hard. "How can you help? "Help me figure out where to start." And that is one of the things that we're very very very clearly working on. So first off we just, our docs team who do great work, just made an unbelievable update to the Docker documentation homepage, docs.docker.com. Before you were sort of met with a wall of text in a long left navigation that if you didn't know what you were doing, I would know where to go. Now you can go there and there's six very clear paths for you to follow. Do you want to get started? Are you looking for a product manual, et cetera. So if you're just looking for where to get started, just click on that. That'll give you a great start. when you download Docker Desktop, there's now an onboarding tutorial that will walk you through getting your first application started. So there are ways for you to help and get started. And then we have a great group of Docker captains Bret Fisher, many others who are also instructors, we can absolutely put you in touch with them or some online coursework that they deliver as well. So there's many resources available to you. Let us help you just get over the hump of getting started. >> And Jenny, and on the community side and Peter McKee, we're talking about some libraries are coming out, some educational stuff's coming around the corner as well. So we'll keep an eye out for that. Question for you, a personal question, can you share a proud devOps Docker moment that you could share with the audience? >> Oh wow, so many to go through. So I think a few things come to mind over the past few weeks. So for everyone that has no... we launched some exciting new pricing plans last week for Docker. So you can now get quite a bit of value for $7 a month in our pro plan. But the amount of work that the team had to do to get there was just an incredible thing. And just watching how the team have a team operated and how the team got there and just how they were turning on a dime with decisions that were being made. And I'm seeing the same thing through some of our teams that are building the image vulnerability scanning feature. I won't quote the number, but there's a very small number of people working on that feature that are creating an incredible thing for customers. So it's just how we think every day. Because we're actually almost trying to productize how we work, right? And bring that to the customer. >> Awesome, and your take on DockerCon virtual, obviously, we're all in this situation. The content's been rich on the site. You would just on the captains program earlier in the day. >> Yes. >> Doctor kept Brett's captain taught like a marathon session. Did they grill you hard or what was your experience on the captain's feed? >> I love the captain's feed. We did a run of that for the Docker birthday a few months ago with my co-worker Justin Cormack. So yes, there are two Justin's that work at Docker. I got the internal Justin Slack handle. He got the external, the community Slack Justin handle. So we split the goods there. But lots of questions about how to get started. I mean, I think there was one really good question there. Someone was saying asking for advice on just how to get started as someone who wants to be a new engineer or get into coding. And I think we're seeing a lot of this. I even have a good friend whose wife was a very successful and still is a very successful person in the marketing field. And is learning how to code and wants to do a career switch. Right? >> Yeah. >> So it's really exciting. >> DockerCon is virtual. We heard Kelsey Hightower, we heard James Governor, talk about events going to be more about group conventions getting together, whether they're small, medium, or large. What's your take on DockerCon virtual, or in general, what makes a great conference these days? Cause we'll soon get back to the physical space. But I think the genie's out of the bottle, that digital space has no boundaries. It's limitless and creativity. We're just scratching the surface. What makes a great event in your mind? >> I think so, I go back to thinking, I've probably flown 600,000 miles in the past three years. Lots of time away from my family, lots of time away from my son. And now that we're all in this situation together in terms of being sheltered in place in the global pandemic and we're executing an event that has 10 times more participation from attendees than we had in our in person event. And I sat back in my chair this morning and I was thinking, "Did I really need to fly that 600,000 miles "in the past three years?" And I think James Governor, brought it up earlier. I really think the world has changed underneath us. It's just going to be really hard to... This will all be over eventually. Hopefully we'll get to a vaccine really soon. And then folks will start to feel like world's a little bit more back to "normal" but man, I'm going to really have to ask myself like, "Do I really need to get on this airplane "and fly wherever it is? "Why can't I just do it from my home office "and give my son breakfast and take them to school, "and then see them in the evening?" Plus second, like I mentioned before in terms of access, no in person event will be able to compete ever with the type of access that this type of a platform provides. There just aren't like fairly or unfairly, lots of people just cannot travel to certain places. For lots of different reasons, monetary probably being primary. And it's not their job to figure out how to get to the thing. It's our job to figure out how to get the tech and the access and the learning to them. Right? >> Yeah (murmurs) >> So I'm super committed to that and I'll be asking the question continually. I think my internal colleagues are probably laughing now because I've been beating the drum of like, "Why do we ever have to do anything in person anymore?" Like, "Let's expand the access." >> Yeah, expand the access. And what's great too is the CEO was in multiple chat streams. So you could literally, it's almost beam in there like Star Trek. And just you can be more places that doesn't require that spatial limitations. >> Yeah. >> I think face to face will be good intimate more a party-like environment, more bonding or where social face to face is more impactful. >> We do have to figure out how to have the attendee party virtually. So, we have to figure out how to get some great electronic, or band, or something to play a virtual show, and like what the ship everybody a beverage, I don't now. >> We'll co-create with Dopper theCUBE pub and have beer for everybody if need they at some point (laughs). Justin, great insight. Thank you for coming on and sharing the roadmap update on the product and your insights into the tech as well as events. Appreciate it, thank you. >> Absolutely, thank you so much. And thanks everyone for attending. >> Congratulations, on all the work on the products Docker going to the next level. Microservices is a tailwind, but it's about productivity, simplicity. Justin, the product, head of the product for Docker, VP of product on here theCUBE, DockerCon 2020. I'm John Furrier. Stay with us for more continuous coverage on theCUBE track we're on now, we're streaming live. These sessions are immediately on demand. Check out the calendar. There's 43 sessions submitted by the community. Jump in there, there are own container of content. Get in there, pun intended, and chat, and meet people, and learn. Thanks for watching. Stay with us for more after this break. (upbeat music)

>> We'll come back here ready. Geoffrey here with the Cube were at San Francisco International Airport, Gate fifty four d. If you want to stop by for getting ready to go on a little Alaska flight because it's an exciting day, they took advantage of the opportunity after the Virgin merger to kind of rebrand everything. We look at the technology of everything from the seats to the WiFi, everything in between. We're excited at the guy who's responsible for everything. He's Brett Catlin, the managing director >> of alliances and product. Bret, great to see you. >> Thanks for having my job. I really appreciate it. >> So first off, congratulations. You're a whole lot of work. Went into this day absolutely the >> team effort over the past few years, and we're just thrilled to see it all come together to deliver a better experience for our guests. >> So it's pretty interesting because I think you know, you guys are obviously thinking about this. I don't know if people are is aware that when you think of the total experience, the engagement that I have, when I'm taking a flight from San Francisco to Seattle, it's a lot more than just the air miles with my butt in a seat and moving down down the road. You guys really think that >> whole experience absolutely. Look at the entire journey from when you arrive at the airport to your lounge experience. When you walk on board, what's the Jet Jeffords feel like? The lighting, the music. When you enter the aircraft, the configuration, the seats, comfort and then ultimately, a big thing crosses food and beverage. So making sure that it's healthy local speaks to the West Coast values that we're so proud of. >> And how do you how do you kind of get input from the customers >> is toe, You know, these are things that you guys spend a lot of time on, and there are a lot of little things that add up to a total experience. How where customers are, kind of are they get in, Or do they suddenly like, Wow, you know, I feel a little bit more arrested because of a particular type of sound or a particular type of configuration on the seat. >> How do you get feedback >> on all these different things? >> Absolutely great questions on the front end. We obviously quite a bit of guest research, both kind of online quantitative studies, but then also in person with focus groups. Now that we have a lot of product and market, our focus is kind of elevating and improving. What we have and how we get that feedback is every guest receives a survey after every flight. And so we look. >> Every guest receives a survey after every flight. >> Exactly. And so we have hundreds of thousands of response as every year, which allows us to make small tweaks around the margin, but also more material changes. >> That's pretty wild. So I'm just curious some of the more crazy things that have come come through that either good things that you could actually execute on that maybe never thought about or just just funny things to make put a smile on your face and tell you it really is a mixture >> of to tell you the truth, and a lot of things are items that we want action. So certain health restrictions where maybe we didn't realize a certain kind of food wasn't hitting the mark with a wide section of our guests. We could make tweets there, but also, when you think about maybe our in flight entertainment. Do we have the right content? Are the movies that people watch resonating? So we look at all that data to say, Well, look, this kind of movie. It does really well in flight. So people love thrillers when you think about movies and flight, for whatever reason. So we try and put more thrillers onboard. >> I thought they go, Mort. The romantic comedies in the airplane. I don't know that. What a swell. But the suspense people love, right? Right. And it really goes to this bigger question of this total experience. An engagement with the airline. So I wonder you can speak to about technology in the role of technology and how you guys are using that across all these various product. Absolutely. So being >> a West Coast airline technologies critically important for us, one of the things we're focused on is offering high spider highspeed WiFi and offer a mainline aircraft. We have about a dozen done right now, by the end of twenty nineteen will have one hundred twenty five. And so the key there is you'll be all the stream entertainment on board our aircraft. Your outlook for your core, Primo will be zippy, The real basics. When you're flying coast to coast or to Hawaii, You're super excited about that. Then we look at a couple other things as well. Mobile order and one great example. So before you board your flight, you can reserve your meal in first class with the main cabin to make sure you get exactly what you want. So there's some basics like that. Then we're also looking longer term. How do we improve the technology experience in our lounge is to maybe being ableto order a barista beverage while you're still approaching the AARP point. >> Pretty thing. And a lot of that's got to be through your mobile app, right? Absolutely. Has this very significant point of contact between you and your customers? >> That's exactly right. >> Excellent. Well, thanks for taking a few minutes of your time. Way. Looked forward to drop it on the plane and get to experience some of this. And again, congratulations on the Integrative X when it's my pleasure. Thank you, Jeffrey. Really appreciate it. All right. >> He's Brad. I'm Jeff. You're watching the Cube. Where at San Francisco International Gave fifty four b. Thanks for watching. We'll catch you next time.