>>Live from Las Vegas. That's the Q covering splunk.com 19 brought to you by Splunk. >>Hey, welcome back. Every once the Q's live coverage here in Las Vegas for Splunk's dot com 2019 it's Splunk's 10th year having the events, the cubes coverage seven years, the cube independent media company breaking down, extracting the signal from the noise dot on the top people, top experts, tell them the stories that matter. We're here with Mike EG, director of applied research for coming red Canary. Mike, thanks for coming on. I appreciate it. Thank you. So red Canary is a company doing here. What's the focus? What does it company do? Take a minute to explain red County area and why you're here at.com. Sure, thank you. So we are a managed endpoint detection and response organization. We partner with organizations of all sizes to help them eradicate evil, for instance. So we help them with monitoring their environment. We investigate, respond and act on threats or so on the notes here, you guys have a topic session finding titled finding evil is never an accident, how to hunt in bots. >>So using bots, hunting down evil, you guys are out there doing this as a business. What does it mean? What does he, what if, first of all, what is evil and how do you hunt it down? Take us through that Sarah. So the talk is based around the boss of the SOC data set that was released by Splunk. They have version two, version one and version three will be coming out soon and they just released version four here. And so the talks all focused on how to find evil within bots. The three are actually V forum, sorry, the one that just came out. And so what we do as an organization is we help businesses get through their data, kind of like your guys' mission as well. Like get through them all the haystack, find the bad things and present that to our customers in a really fast way. >>So that's kind of where we are today. Archives to find the good content. Great experts like yourself tell about your role. You're like a researcher, but it's not like you're sitting back there applied research we applied means it's not like just making it up, you know the next moonshot, you guys are applied specifically to hunting down evil. That's your role. What does that entail? You guys have to sit back, zoom back, look at the data that the Splunk's providing some benefits with their, they're exposing their data. What does it mean to hunt down? What's, what's the requirements? How do you set that up? What are you looking at you going through day? Those are the dashboards. What are the what? What, what do you deal with and your job? >> Yeah, so like a day to day or like kind of what our team does is we focus on like what's going on previously, what are we seeing in the wild? >>Like what campaigns are happening and then my role within my team is focused on what's coming. So what are, what are red team's working on? What are pen testers looking into? Take that information, begin testing and begin building proof of concepts. Put that back into our products so that whether it's two weeks, six months, two years, we have coverage for it, no matter what. So a of us, a lot of our time is generating proof of concepts on what may be coming. So there's a lot of very unique things that may be in the wild today. And then there's some things that we may never see that are just very novel and kind of once, once, once a time kind of thing. Right? >> So you know, we love talking about data that we've been covering data since 2010 the thing that's interesting and I want to get your thoughts on this because you know, eval has arbitrage built into it. >>They know where to hide. And so the question is, is that what are you looking at matters, right? So the so, so, so there's a lot of exposure. But the question I have for you is, what is the problem that you're solving? Why do you guys exist? Was it because evil was better to adversaries? Were better at hiding? Is it automation can solve patterns they haven't seen yet? Because if you automate something you haven't seen yet, so is it new things? So why, what's the problem statement that you guys are attacking? Yeah. So hit it. It's a lot. There's a lot, there's a lot to inbox. Um, so like in particular in this instance, seeing something that happened yesterday and then what's happening today is actors are working to break process lineage within what's happening on the employee. Because actors know that everything's happening on an employment. >>Yes, there's traffic coming in, but there's execution going on in a single place on that box. So their whole tactic now is to try to break that lineage. So it's not Microsoft word spawning something. It's now Microsoft word opens and as spawns over there off another process, right? So we're here to monitor those types of behaviors. And that's pretty much like the core of red Canary. We've always focused on the end points. We only do emblem implant based products. We don't like monitor networks. We don't monitor firewalls or anything like that. We're very focused, uh, hyper focus on employee behaviors. And so, and that, that's the cool part about our job is we get to see all the really new things that are happening. And if you look at it, these breaches in the past, it's happening on the endpoint and that's probably where we are. >>And actually day the Canary in the coal mines all expression, everyone knows that or if older might know that. But you know, identifying and being that early warning detection system really kind of was the whole purpose of the Canary in the coal mine, red Canary red teams. I'm kind of putting it together. What are some of the things that you've seen that, that as an example of why you exist? Because it, is it new things, is it that, you know, Hey, our known thing or balls, what are some of the examples that you can point to that, that point of why you guys exist? Yeah, sure. Um, a good example is kind of like the looking forward stuff where red team's going, where actor's going. So a lot of them are moving to C sharp and.net Tradecraft, which is very native to the operating system. >>And windows. Um, so if they're doing that, they're moving away from what they're always, what they've been used to the last few years, which is PowerShell. So our sales kind of dead then now we're going to C sharp and.net. So a lot of our focus today is how can we better detect those? And vendors are moving that way too. They're, they're starting to see that they have to evolve their products to the next level order to detect these behaviors. Cause I mean that's, that's the whole reason why a lot of these EDR vendors are here. Right? And, and it's all data like you said. And so feeding it into a Sam or with a Splunk in particular, you're able to correlate those behaviors and look at very specific things and find it real well know. One of the things that a lot of security practitioners and experts and advisors have been looking at over years is data. >>So it's not, it's no secret data and critical. But one of the things that's interesting is that data availability has always been an issue. Sharing data. And then the message here@splunk.com for the 19 is interesting. You've got data diversity now exposure to the fabric search concept there they got accelerated and realtime times too. We've always had that. But as it kind of comes together, they're looking to get more diverse aperture to data. Yup. Is that still an ongoing challenge and what are, cause if you have a blind spot, you only, this is where the potential danger. How do you guys talk about that? What's the narrative around diverse data sets? How to deal with them effectively and then if blind spots exist, what do they look like or how do you figure that out? Yeah, we, so I, I've been with red Canary for over three years, about three years now. >>And one of the things I started at was a technical account manager incident handler. And so I helped a lot of our customers go from, we bought you red Canary to monitor points, but what should we do next? And so we, our incident handling team will come in and assist a customer with, you guys should start going down this road. Like, how are you bringing everything together? How are you analyzing your data down to just operationalizing like some use cases and playbooks within their data. Like you got EDR. Now let's look at your firewalls. How, how rich of that data can be helped enrich what the EDR information like here's the IP address and carbon black response. Where's it going this way on your firewall or your appliance is going out and you know, and things like that. So we have a whole team dedicated to it and that's like the focus of the. >>We took a poll in our, we have a, you know, this acumen operate for 10 years. It's our seventh year squad, Dave and I took a poll of our cube community, um, but 5,000 alumni and we asked them about cloud security, which vendors are the best and Splunk is clearly number one in third party data management. I got him out, he's got a category but cloud security. How should the cloud vendors provide security, Google, AWS and Azure. But outside of the core cloud providers, Splunk's number one, clearly across the board. How is Splunk doing in your mind? How do you guys work with Splunk? What's the dynamic? What's your relationship with Splunk and where Splunk position in your mind? Because as cloud becomes more prevalent with cloud native, born in the cloud and with hybrid there's a unification, not just with data. They have infrastructure operations. >>Yup. So Splunk role and then their future prospects share. Um, so red Canary uses Splunk too. So we, we process I think like 30 terabytes plus of data a day coming to our engine that we built. And that's the kind of like proprietary piece of red Canary. 30 terabytes of data flows through. We use a like a DSL, like a language that sits on top of it, that queries they're looking for those behaviors. We send those tip offs as we call to Splunk and we actually track a lot of the efficiencies of our detectors that way. So we look for how low detectors doing, is it triggering, is that false positives? How many false positives over time. And then also how much time our analysts are spending on those detectors. You know, they get a detector or a in event and they review that event and they're spending 2030 minutes on it and well what's wrong with it? >>Is there something going on here? Do we need to cut something back and fix it? So we use Splunk a lot of, for like the analytics piece of just how our operation works. It's awesome. It's really neat to see >> him for, one of the things that I've been proud of with covering Splunk is we showed them early when they were just started, then they went public. Yeah. Just watching how they've grown. That did a lot of great things. But now the theme is applications on top of Splunk. They're an enabling platform. They had a couple of key pillars. I want you to talk about where you guys fit and where you see the upside. So swamp has the developer area, which is, they have all these deck, new developers, security and compliance and fraud, um, foundations and platform stuff. And then the it ops does this analytics, AI ops, they've got signal FX, cloud native. >>So those are the kind of the four key areas around their apps, their app strategy. Do you guys cut across all those? You are you guys developing? Are you doing all, what's the, what's the red Canary fit into that? Yeah, it seems like you've probably our cross section. Yeah, probably most likely fitting into a few areas within Ed's. My team has developed a couple apps for Splunk, so we've published those. We have like a app that we pushed out. We have a carbon black response app, which we co-developed many years ago. Those things are all out there. We've helped other people with their apps and, but yeah, it's, it's a little mix of everything. And I think the big core thing that we're all looking to today is like how can we use more of the machine learning toolkit with Splunk, um, for our customers and for us internally. >>Like how can we predict things better with it? So there's, there's a lot of little bit of focus of that same thing. In your opinion, B2B out in the field, you mean the front lines, now you're in research, you got that holistic view, you're looking down at the, on the field, the battlefield, if you will, the adversaries will evil out there. What do you look for? I mean, what's the, what's the triggering event for you? How do you know when you need to jump in and get full ready, alert and really kind of sound off that, you know, that Canary alarm saying, Hey, you know, let's take action here or let's kind of like look at that and take us through some of those priorities. What's the, some of the workflow you go through? Yeah, so um, we'll end up either sending a detection to a customer and either they'll trigger like, Hey, can you give us more context around this event that happened? >>Or it will be, we had a pen test, red team, bad thing happen. Can someone else investigate further? And so I'll come in might from my perspective, I'll come in kind of like a, almost like a tier three in a way. We'll come in, we'll do the additional research beyond what our detectors already caught looking for. Many things, you know, did, was there something we missed that we can do better at detecting next time? Is there any new behaviors involved with something drop that you know, that the actor had left within the environment that may have gone by antivirus prevention controls, anything like that. Um, and then also just understanding their trade craft. Right? So we track a lot of teams and disturbed behaviors and we're able to kind of explore and you know, build those you gotta you gotta be on everything. Basically you gotta survey the entire landscape. >>Yep. You come in post event. Yeah. Do the collateral damage analysis and the dead map. That's a really cool thing about like the Splunk boss's a sock data set. Right. And that's where my talks a lot about is it's a very like, basic talk, but it focuses on how to go from beginning to end investigating this big incident that happened. You know, cause when you get an a detection from like in organization you might just find that it was delivered to a word doc, a couple of things executed. But was there something else that happened? Right? And there's like your Canadian Nicole mind piece, right. You know, finding other things that occurred within the organization and helping ideally your data essentially is the foundation for essentially preventative side. So it's, yes, it's kind of a closed loop kind of life cycle of yep. Leverage operating leverage data standpoint. >>Yeah, it's a solid point. We, I coined the term like three years ago called driving, driving prevention with detection. So take all your detection logic and understanding and things you see with products, even EDR Avi, and use that to drive your prevention. So it's just a way that if you're just alerting on everything, take that data and put it into your preventative preventative controls. So Michael got asked you, how is cloud, how is cloud changing the security formulas? Because obviously scale and data are big themes we hear all the time. I mean has been around is not a new thing. But the constant theme that I see in all my cube interviews we've done over the years and this year is the Nord scale comes up, is unprecedented scale, both in data volume, surface area needs for things like red Canary teams to be in there. What do you see with the impact the cloud is it really should change the game in any way? >>He has it's speed as new cloud. It's the speed of new cloud technology that seems to constantly be coming out. Like one day it's Docker, next day it's Coobernetti's and then there's going to be something tomorrow. Right? Like it just constantly changes. So how can vendors keep up with logging, making sure it's the right type of logging and being able to write detection on it or even detect anything out of it. Right. One, the diversity too is a great point. I want to know. Firstly, blogs are great. Yeah, you got tracing. So you have, so there's now different signaling. Yeah. So this app now a new thing that you got to stay on top. Oh, totally. Like look at any, any MSSP, they have thousands of data sources coming in. And now I want you to monitor my Coubernetties cluster that scales horizontally from 100 to 5,000 all day, every day like Netflix or something. >>Right? And I want you to find the bad things in that. It's a lot going on. And this is where machine learning and automation come into play because the observability you need the machine learning. They've got to categorize this. Okay. Again, humans do all this. No, yeah, it takes a machine. I'm using machines with human intelligence in a way, right? So have a human driving the machine to pull out those indicators, those notables. Michael, thanks for coming on. Great insight. Great signal from the noise. You're still distracting there. Great stuff. Final question for that to end the segment. In your opinion, what's the top story in the security industry that needs to be continually told and covered and reported on? >> Ooh, that's, that's a good one. Um, you hear any threats, platform development, new stacks developing. Is there like a one area that you think deep that's the high order bit in terms of like impact? Yeah. I think focus on, I'm going to say point cause that's where everything's executing and everything's happening. Um, and that's the biggest thing that it's only gonna get more challenging with IOT edge and industrial IOT. Yes. The edge is the end point. End points are changing. The definition is changing at exact right stuff coming on from red Canary here in the queue, the Canary in the coal mine. That's the cube. Brand-new. The signal here from.com 19. I'm John furrier back with more after this short break.

(bright music) >> Hi, everyone. Welcome to the CUBE's presentation of the AWS Startup Showcase around open cloud innovations. It's the season two episode one of the ongoing series covering exciting startups from the AWS ecosystem and talking about open source and innovation. I'm John Furrier, your host. Today, we're joined by two great guests. Dan Garfield, chief open source officer and co-founder of Codefresh IO, and Raziel Tabib, CEO and co-founder. Two co-founders in the middle of all the innovation. Gentlemen thanks for coming on. >> Thank you. >> So you guys have a great platform and as cloud native goes mainstream in the enterprise and for developers, the big topic is unification, end-to-end, horizontally scalable, leveraging data. All these things around agile that I call agile cloud next level. This is kind of what we're seeing. The CNCF is growing. You've seen KubeCon every year is more about these kinds of things. Words like orchestration, Kubernetes, container, security. All of those complexities are now at the center of making things easier for developers. This is a key value proposition and you guys at Codefresh are offering really the first enterprise delivery solution powered by Argo, which is an open source project. Again, open source driving really big changes. So let's get into it. And first of all, congratulations, and thanks for working on this project. What's so special about- >> Thank you for that. >> Argo the project, and why have you guys decided to build a platform on it, and where is this coming together? Take us through why this is so important. >> I think Argo has been a very fast growing open source project for multiple reasons. A, it has been built for the new way of building and deploying an application. It's cloud native. You mentioned Kubernetes becoming kind of the de facto way of running application. It's the de facto way to run automation and pipeline. But also Argo has been built from the ground up to the latest practices of how we deploy software. We deploy software now differently. We deploy it using a GitOps practice. We're deploying it using canary blue-green progressive deployment. And Argo has been built around these practices, around these technologies, and has been very much widely adopted by the community. In the past, the KubeCon you've mentioned, Argo was all over the place. And we were very glad to be working with the community to talk about what the next steps with Argo. >> Yeah, it's a really good point. I would like to just follow up on that because you see this being talked about. It always comes up, where is open source really outside of a pure contributors matter? And when you have corporations contributing, you seeing this has been the trend. You saw it with Lyft, with Envoy, companies doing more and more open source. This is part of a big collaboration. And again, this comes back down to this whole why it's relevant and why it's so special with Argo. Continue to talk about relationship because it's not just you guys, it's now community. >> Yeah, I can speak to that. The Argo project is something that we maintain in partnership with several other companies and really our relationship with it is that this is something that we're actively contributing to. This is something that we're helping build the roadmap on and planning the events around and all those kinds of things. And we're doing that because we really believe in this technology and we've built our platform on it. So when you deploy Codefresh, you're deploying technology that's built directly on Argo and is designed specifically to solve that problem that you spoke to at the top of the hour. We all want to deliver software faster. We all want to have fewer regressions. We want to have fewer breaking changes. We want software to be super reliable. We want to be comfortable with what we're doing. That's really why we picked Argo because that technology that we have it is to Raziel's point delivered in this new way. It's delivered using GitOps. And that's a whole revolution and change in the way that people build and deploy software. And bringing cohesion into that experience is so critical to building the confidence that lets you actually deploy often and frequently and more. >> Dan, if you don't mind just expanding on that one point about the problem you solve, because to me, this has been kind of that evolution. It's almost like, yeah, there's been problems, plural, and opportunities that you saw with those in growing markets like this with DevOps and DevSecOps and now cloud native. What is the catalyst behind all of this? What was the epiphany behind it? How did it get so much momentum? What was it really doing under the covers? >> Well, it's a very simple and easy to use set of tools. And that's one of the big things is that if you look at the ideas of GitOps and there's actually a foundation around this that were part of called open GitOps to GitOps working group under the CNCF. And those principles of, I want to, yes, do my software defined as code. I want to do my infrastructure defined as code and I need something monitoring by production run times and making sure that the declared desired state is always matching the actual state. Those principles have actually been around for a number of years. And with Kubernetes, we really unlocked an API that allowed us to start doing GitOps and this is why we bring in Argo and you see the rise of Argo CD and other workflows and what we've been doing is really because that technology has been unlocked now. So the ability to define how your software is supposed to run and now your entire software delivery stack should run, all defined and then monitored and then kept in check using the GitOps operator. That critical unlock is what's really driving the massive adoption. And like Raziel said, Argo is the fastest growing and most popular open source project for delivering software. And it's not even close. >> Yeah, this is really great point. And I want to get into that 'cause I want to know why, what you guys do on your platform versus the open source and get that relationship settled? Before we get there, though, I want to get your reaction to some of the commentary in the industry 'cause GitOps trend has been exploding into new directions. I mean, it used to be a term about 10 years ago called big data. And at the beginning where data was all big data. Now it was DevOps revolution around data as well. But now you're hearing people talk about big code. Like, I mean, the code bases are becoming so huge. So as a developer, you're leveraging large open source code. This idea of the software delivery with existing code and new code just adds to more code. There's more code being developed every day. >> There is more code delivered every day. And I think that organization realize today, almost in every industry that they have to pace up how fast and how frequent they update their software delivery. We're living in a world in which every aspect of our life has been disrupted by software and organization realize that they have to keep up and figure out how to deploy software more frequent and more lively. And I think, you mentioned that really Kubernetes, the cloud native became the de facto way of running application. I think most of organization has made that decision to move into cloud native. The second question is after, is okay, now we have all applications running, how fast and how more frequent we can deploy applications to the cloud native? And that's the stage in which we're super excited about Argo and our up platform because that's basically streamline the building application for these cloud native, deploying applications for the cloud native, and so on. >> Yeah, and I think that highlights the business value. You getting a lot of the conversations with businesses that say they want the modern application on the cloud scale. And at the end of the day, it comes down to speed and security. So how fast can I get the app out? How well does it work? Does it run performance? And does it have security? And I don't want a slow. >> Exactly. Exactly. It kind of oversimplifies it, but that's kind of the net net. So when you look at Argo open source, what's that's done and kind of where you guys are taking it. Can you talk about the differences between your enterprise version and the open source version and the interplay there, the relationship, the business model health customers can play on both sides or understand the difference? >> Sure. >> Go ahead. >> Go ahead, Raziel. Okay, so I think Argo, as you mentioned, is probably the most advanced technology today to both run pipelines. They're like events to trigger pipelines and Argo work for the one that pipelines, the Argo CD for GitOps and Rollout, for Canary blue-green strategies. And the adoption is really exploding. Just as an Advocate that we had in December, we have worked with the community and organized ArgoCon events in which we had initially kind of thought about 500 attendees. And so we have more than 4,000 registrants and majority of them are coming from enterprise. Now as we have talked to the community during this conference and figure out, okay, so what are the things that you're still missing? And that will help you take the benefit that you get from Argo to the next level. The few things that came up. One is Argo is a great technology. However, Argo now is fragmented into four projects. There is an advance. There is workflow. There is Argo CD. And there is Argo Rollout. And there is a need to bring them all together into a solid platform, solid one run time that can be easily installed, monitor all of these in a single UI, in a single control plane. That's one aspect. The second is the scalability. Really being able to manage it centrally across multiple clusters, not in one cluster. And what we bring in with the new one, we're so excited about this platform, is we're bringing that big. The first to get all of these four projects in one runtime, and one control plane, but also allow the community to run it across multiple cluster from one place getting into the solution, not just as a technology. >> If I may add to that, the value of bringing these projects together, it provides so many insights. So when you're trying to figure out, there's some breaking change that has been made, but you don't necessarily know where it is because you have a lot of microservices that are out there. You have a lot of teams working on it. By bringing all of these things together, we're able to look at all of the commits, all of the deployments, all of the Jira issues. All of these components combined together, so you really get a single view where you can see everything that's going on. And this is another element where when you're trying to deploy software at scale, you're trying to deliver it faster. People are getting a little bit overwhelmed because there are so many updates and so many different services and so many teams working that they're starting to miss that visibility. So this is what we want to bring into the ecosystem is we really want them that visibility to be super clear. And by bringing all of the Argo components, the Argo tools together, we're able to do that in a single dashboard. >> Yeah, so if I get this right, let me just double click on that because it sounds like, yeah, Argo's great. It's been organically growing, a lot of different components to it, but when you start getting into pushing code in an organization, you have, I call the old-school version control kind of vibe going on where it's like you don't know what's out there and how that affects the system as it's a distributed system, which cloud is. There are consequences when stuff breaks. So we all know that. Is that kind of where you guys are getting at? The challenge is actually the opportunity at the same time where it's all goodness, but then when you start looking at scale and the system impact, is that kind of where the open source and you guys pick up, is that right? >> This is one aspect. I think the second one is that again, when you look at each individual component of Argo, each provide a lot of value by itself. But when you sum it, the value of the sum is greater than the value of the individual. So when you're taking, really the events and workflow, Argo CD and Argo Rollout, and you bring them all together into single runtime. The value of its time is really automation all the way from code to cloud. It's not breaking into, there is like an automation for CI, there's an automation for CD, there's information for progressive delivery. It's actually automated all the way from the Git commit through the GitOps through the deployment strategy, and so on. And being able to monitor it and scale it in the enterprise scale. So, of course, it's helping enterprise and make Argo to some level more crucial for enterprise, if I may say, but second is really bringing all of these components together and get the outcome be greater than the individual parts. >> Yeah, that's a good point. Yeah, make it make a commercial grade, if you will, for enterprise who wants to have support and consistency and whatnot. What other problems are you solving? Dan, can you chime in on the whole, how you guys resolve some of these challenges for the enterprise? Because, again, some stability is key as well, but also the business benefit has got to be there for the development teams. >> Yeah. So there's several. One aspect is that the way that most people operate today is they essentially do a bunch of commands and engage with systems. And then hopefully at the end, they write those things to Git. And this is a little bit backwards if you think about it because there's a situation where you can end up with things in production that were never checked in, or maybe somebody is operating and they're making a change. If we look at most of the downtime that's occurred over the last two years, it's because people have flubbed a key when they were typing in a command or something like that. The way that this system works is that we provide an interface, both the CLI and the GUI, where those operations interactions actually end with a Git commit. So rather than doing an operation and then hopefully committing to Git, most of the operations are actually done first in Git, or if there is something that can't be done first in Git, it's maybe bootstrapped and then committed to Git as part of a single command. So this means you have end-to-end traceability. It also means your auditability is way better. And then the second, the other component that we're adding is that security and scale layer. So we are securing these things, we're building in single sign-on, and all those robust security things you would expect to have across all these instances. So many organizations, when they're building their software delivery tools, they have to deploy instances in many locations. And so this is how you end up with companies that have 5,000 instances that are all out of date and insecure. Well with Codefresh, if you need to deploy a component onto this end cluster or something like that, you may have thousands of them. All of those are monitored and taken care of in a centralized way, so I can do all of my updates at once. I can make sure they're all up to date. I'm not running with a bunch of known CVEs or something like that and it's clear. The components are also designed in an architectural way. So that only the information that is needed is ever passed out. So I can have a cluster that is remotely managed, that checks out code, that the control plane never has access to. So this hybrid model has been really popular with our customers. We have customers in healthcare, we have customers in defense and in financial services, all these regulated industries. The flow of information is really critical. So this hybrid model allows you to deploy something that has the ease of a SaaS solution, but has the security of an on-prem solution while being centrally managed and easy to take care of. >> Yeah, it's a platform. It's what it is. It's not a tool. It's not a tool anymore. It's a platform. >> Exactly. >> I think the foundational aspect of this is critical. And you mentioned automation before. If you're going to go end-to-end automation, you have some stuff in the system that whether it hasn't been checked in yet. I mean, we know what this leads to. Disaster or a lot of troubleshooting and disruption. That's what it seems to solve. Am I getting that right? Is that right? >> Yeah. >> Go ahead. >> Yeah, it helps automate the whole process. But as you say, it's really like identify what needs not to be going all the way to production and really kind of avoid vulnerabilities or any flaws in the software. So it automates everything, but in a way that the automation can identify issues and avoid them from coming into the production. >> Well, great stuff here. I've got to ask you guys now that you've got that settled. It's really, I see the value there, how you guys are letting it grow organically and with Argo and then building that platform for businesses and developers. It's really cool. And I see the foundational value there. It just only gets better. How you guys contributing back to open source and helping the wider GitOps and Argo communities? Because this is, again, the rising tide that's bringing all the boats into the harbor, so to speak. So this is a good trend and people will acknowledge that. So how's this going to work as you guys work back into the open source community? >> So we work closely with both myself and the other maintainers worked closely with the community on the roadmap and making sure that we're addressing issues. I think if you look in the last quarter, we probably have upwards of 40 or 50 different issues that we've solved in terms of fixing a bug or adding features or things like that. So making sure that these tools, which are really the undergirding components of our platform, they have to be really robust. They have to be really strong. And so we're contributing those things back. And then when it comes to the scalability side, these are things that we can build into the platform. So the value should be really clear. I can deploy this, I can manage it myself, I can build tools on top of it. And if I want to start doing it at scale, maybe I want support. That's when I really am going to go to Codefresh and start saying, let's get the enterprise little platform. >> Awesome. GitOps, a lot of people like some naysayers may say, Hey, it's the latest fad. Is it here to stay? We were talking about big code earlier. GitOps, obviously seeing open source. Just every year, just get better and better and growth. I mean, I remember when I was breaking into the business, you have to sell under the table. Now it's all free and open and getting better every year. Just the growth of code. Is GitOps a fad? How do you talk to people who say that? I mean, besides slapping around saying wake up. I mean, how do you guys address that when people say it's just the latest fad? >> So if I may comment here and Dan feel free to chime in, I think that the GitOps is a continuation of a trend that everything is a source code. As a developer, many years ago myself and still writing code, always both code and code was the source of tool that's where we write the code. But now code actually is also describing how our application is running in production. And we've already seen kind of where it's get next. We also hear about infrastructure as a code. So now actually we storing the code the way the infrastructure should be. And I think that the benefit of storing all this configuration in a source code, which has been built to track changes, to be enabled to roll back, that is just going to be here to stay. And I think that's the new way of doing things. >> All right, gentlemen, great. Closing statements. Please share an update on the company. What it's all about? What event you got coming? I know you got a big launch. Can you take us through? Take us home. >> Join on February 1st, we're going to be launching the Codefresh software delivery platform. Raziel and I will be hosting the event. We've got a number of customers, a number of members of the community who are going to be joining us to show off that platform. So you're going to be able to see it in action, see how the features work, and understand the value of it. And you'll see how it works with GitOps. You'll see how it helps you deliver software at scale. That's February 1st. You can get information at codefresh.io. >> Raziel, Dan, thanks for coming on. >> Thank you. >> Pretty good showcase. Thanks for sharing. Congratulations. Great venture. Loved the approach. Love the growth in cloud native and you guys sure on the cutting edge. Fresh code, people love fresh code, codefresh.io. Thanks for coming on. >> Thank you. Thank you. >> Okay, this is the AWS Startup Showcase Open Cloud Innovations. Cloud scale, software, data. That's the future of modern applications being developed, changing the game to the next level. This is the CUBE's coverage season two episode one of the ongoing AWS Startup series here in theCUBE.

>>Oh, well, the back to the cubes coverage of ADA bus reinvent, 2021 executive seminar, I'm John ferry hosts of the cube. We've got a great segment here on the modernization. We were ringing in the success with Amazon web services, Vodafone digital in the UK, an example of modern engineering examples using Amazon, the cloud, looking at where we're cloud native is actually changing the game two great guests, Ben Collie, head, head of digital engineering, Vodafone UK, and Maynard Williams, managing director of center. Gentlemen, thank you for coming on the cube and sharing the story. >>Thanks, John. Appreciate it. So >>I gotta, I gotta ask you guys one of the main themes that we've been covering all year and even even pre pandemic, we, we saw the cloud native wave coming pretty hard containers. Great for modernization sets the table. You seeing things like Kubernetes and now serverless changing the game on all aspects of how modernization is happening. And everyone's talking about application modernization shift left all great for business, but you have to, you have to kind of take care of things under the, under the covers a little bit, the infrastructure, making sure the engineering teams are all set. So this has been a top topic. This is kind of what you guys are doing. Can you guys explain to me the needs that Vodafone has, um, that brought about this transformation? >>Yeah, sure. Um, so we we've been on this transformation for around four years, but you're absolutely right. The, uh, the pandemic has been a real catalyst for, for all kinds of organizations like ours around the world. Uh, so we were really driving a digital first agenda for quite a long time. Uh, and that, that came as, as you just said, John, it, it really did start with the, uh, the cloud hosted, uh, and then, uh, and then moving and realizing the difference between that and become native to the, to the cloud and really leveraging the services, uh, like AWS, um, in order to really drive pace, uh, and, and the outcomes that we needed for the business. Uh, we've seen a huge change over the last, uh, purely over the last 18 months, really. Um, our daily traffic, uh, these days is as it was on our highest ever, uh, uh, like an iPhone launch day, for example, um, before the pandemic, is I a daily traffic these days. And so that scalability and flexibility and that leveraging those services has been absolutely fundamental to supporting the, the changing needs and expectations of our customers. >>You know, back in the old days, uh, Maynard, you know, it's oh yeah, black Friday surge, you need the cloud to scale up and be flexible. Agile elastic, you know, scale is definitely now table stakes. And if you're not dealing with scale and some sort of either SRE fashion or whatever, you, you really ain't going to be behind the curve, but the next level that's being discussed is how do you leverage the scale for not just customer experience and business value, but we're talking about system architecture, kind of thinking there's kind of, this is our system design is now a big part of it. Can you talk about how this kind of threads together? Because we always talk about consumer experience, customer experience CX, but now there's a new system was mindset out there. Can you kind of share your vision on that >>Thing that stands out for me is if I look at digital, we've designed it to a point where the scale is just as you say, it's the table stakes, and only for launch with something that two years ago needed to be planned and thought about. And it's now absolutely routine. We think about the business side of it, but a big increase in scale really is seamless. But if I look at the full stack, we're still connected into some of the older backend systems, um, where any production, uh, they were on prime actually tasks. This is on AWS now, which is a big step forward, but when you've got to manage scaling in a way that translates from backend systems that are on premises on prime, and therefore we can't lastingly scale through to the front tab where we have to be able to scale up very seamlessly and balancing that across with, uh, an architecture that supports that level of scale and makes it so seamless on something like, as you say, iPhone launches or back Friday, any product coming out is actually key to the way we've architected that. >>So you're saying that essentially AWS combined with Vodafone worked on this solution that was more of a cloud native solutions that the innovation here, can you just summarize and unpack a little bit of what is the innovation, what problems did you solve together with essentially those and Vodafone? What was the core challenge? Yes. >>I think that the core is actually, how do you get to the point where, um, at the scaling is seamless, where you can move from being on the cloud to cloud native has been, just touched on what the same time you're actually connected into an enterprise state where the production systems are all on prem and don't have that ability to scale in the same fraction. So you can't, for example, push you to load into, uh, an on-prem backend system and, and simply expected to scale in the same fashion. So between our three organizations architecting something that is robust scales, we usable and takes away a load of pieces that actually were quite complex two years ago. And turns them into just routine has been a big step forward. >>And I want to get your reaction to this because, you know, you're, you're the you're on the, on the front line saying, Hey, be more agile at Basel saying, be agile, do different left, take that hill. Um, it's, it's easier said than done. Talk about what goes on when you have to implement and the stakes involved. Again, there's always the old way, new way. Can you just kind of give some color on what's going on? What's your perspective showing? >>And as I just said, that the real benefits and the story behind this was the ability to launch an iPhone. For example, as a event for Vodafone previously was weeks and months of preparation and design and testing and confidence building. And now it really is, it just happens. Uh, and we watched things scale and, and, and then down again, gracefully, um, and really do celebrate the, the another level up, if you like the leveling up of us as an organization, allowing our commercial colleagues to, to launch propositions or to launch campaigns without needing us to be involved anymore, because they're confident, we're all that things will, will flex like that. But you're absolutely right, that, that the changes and the demands of us as a, as a team, but also the, the expectations of our stakeholders, uh, have been changing for quite a long time now. Uh, and we're really excited now to be able to meet them by leveraging the services that we're discussing. >>Yeah. So the guys say said launched the iPhone, no big deal routine, hit the pub. Everyone's happy having a good day. >>Uh, >>Let's get into the solution, how it works. Talk about what's going on with the covers. How does this all work? Can you take us through, what's the state of the art of the, of the solution? Sure. >>Well, uh, as you mentioned earlier, we were very much inclined to serverless these days. So we rolled out fire gate, um, a few, uh, uh, started about 18 months ago. Um, and that really has, um, freed us up in, into all kinds of, um, uh, scalability, uh, measures, but also really about, about reusing and applying this across much more than just the, the engineering or the digital part of Vodafone, where we, where we began. So that's been a really big part of our agenda, uh, and that's, that's informed all kinds of things, the ability to scale and flex like that, and the architecture beneath us, um, and the containerization and orchestration that that goes along with that has really enabled us to, um, to flex that, uh, ability to, to reuse it across other areas. And because of that, now it's driven our hiring policy or tooling and, uh, technical, uh, our procedural approaches, uh, it all now leverages that ability to move a patient, to be able to scale, uh, not just in, um, uh, infrastructure or ability to serve customers, but in ability to deliver for the business commercially as well. Uh, and this is all now informed on our direction. I think, as an organization, >>It's interesting, you mentioned far you far gate than a trigger of events happens. People get excited, opens up new doors of opportunities as a chain reaction from that. Um, talk about the impact to the staff and the operations, because you almost, it's motivating at some level you get new things happening, but you're actually making things go better and faster, cheaper. >>Yeah. Uh, well, the, the impact is one, uh, because we're on a journey at Vodafone of this transformation, really becoming a technology business first and foremost, rather than a telco classically like our competitors, uh, we're able to really drive cultural change as well. So the impact on our people is a really, it's been particularly engaging. One with, we've also been part of, uh, a real recruitment drive. We've just announced 7,000 new, uh, roles, uh, joining our team across Europe and that these are engineering roles, um, driving more of the same, uh, behaviors and principles of a modern software engineering business like ours. Uh, and that really is fueled by our, our ability to experiment and try, but become cloud native and, and, uh, employ these services in the way that they're designed to be >>Maynard. I'd like to get your take on this and, and, and shift to a topic around how, what this all means. Um, if you zoom out and you say, okay, with the pandemic, it's become a mobile virtual hybrid. Now world around work play, all those lines are kind of blurring. It's not as clean as it used to be. Oh, the network segmented over here. This is over here. These legacy systems were built around the notion of things when nicely segmented. Um, now you have this whole kind of mashup, if you will, of how you just want to work, right. There's mobilization is a huge thing. So access identity, these are things that we're all kind of set up nicely before the pandemic, or at least, you know, not as, uh, stable, maybe not scalable, but what's your take on this? What's the big picture what's all happening. >>I think, I mean, the pandemic has accelerated a set of changes that were already happening anyway. And I'd say the other particles is under the covers. A lot of the work's been done has been to create the microservices that stitch together to produce those journeys, but, you know, running the containers. And so that, that opens up an omni-channel future that starts to move away from saying actually businesses are organized around the environment in which they're serving. Is it a retail store? Is it, is it online that additional and so on, and actually into much more of a space where you're building the best journeys and those journeys come and are served through digital or through a call center or through a store and so on. And that makes a huge difference because the focus on improving the customer's experience has been enormous. And I think that's one of the other parts that come out of the whole cloud native setup. >>And the ability to experiment has been iteratively and endlessly improving the experience for the customer. And that's, that's a, that's a massive step forward. So we can talk about the fact that we deploy a huge number of times more frequently than we did even a year ago, uh, or the, you know, our quality has improved by a massive percentage and so on. And I think the thing that's really interesting is the improvement in the experience and the endless improvement and iteration of that, because we can make lots and lots of small changes and do every day. That's a big one, >>You know, what's interesting Ben, and let's get your reaction on this. And if you don't mind to just add a little color to this, this is just another example of reports that we've been talking with folks on where it's not about just replatforming to the cloud. It's refactoring the business, uh, with, with the engineering, the modernization. And so there's two things that go on one, you see the efficiencies and new doors open up new things are happening. People are getting excited, good, some good Mo morale boosting things are becoming clear, but then there's actually new business, new business value being created or new propositions engineering propositions. Can you share from a digital standpoint, because this seems to be the new role of the digital person, whether it's engineering or on the business side, make things run faster, cheaper, and better, and then create new opportunities, new propositions, what's your >>Absolutely. Yeah. Yeah. It's fundamentally around pace of delivery. Uh, being able to, as, as may not says, uh, moving from a world, uh, two or three years ago where we were deploying once every two or three months, uh, this is a website once every two or three months where we were, uh, to now it's happening all the time every day. Uh, it's, it's, it's a skill that we've given us as an organization that we couldn't have leveraged before. And what we're able to do with that now is experiment our way and iterate our way to new value streams, as you say, but also trial and error. What we already know, uh, or expects to be true with our customers much, much more easily and much, much more frequently, very little a barrier to production or friction between us and the customer these days, and the almost instant response and feedback we get from customers. Um, we, we learn constantly about because of that. And it's, uh, it's become much less of a stab in the dark with large business cases where they work well, they worked and are much more experimental initiative. Uh, we, most of the propositions we know about, but also to the experiments, um, and unknowns in our future. Um, that also now unlocked, >>That's a great point. You mentioned about the whole timing of, you know, the old way, months, weeks, just for website stuff, uh, Maynard. And if you guys can share this new world order is actually pretty exciting, but also daunting if you're not like in the water, so to speak, right? So, you know, some people are actually, you know, putting their toe in the water, they're experimenting, but it's a game changer. I mean, a significant step up of value. What's your advice about solutions and they're not easy. I mean, you just got to get your hands around the sensor. You guys have been doing a lot more of these projects is seeing more and more of these, these kinds of partnerships, uh, and the value is there. Can you guys share your, your, uh, opinion and advice to folks out there watching saying, how do I do this and is it going to be worth it? Is that bridge to the future there? >>I mean, I think there's a mechanical piece. How do I enable this? And we can talk about dev ops and moving to cloud native, and actually some of the, some of the process side of as an organization, how do I get really comfortable with deploying very frequently and it being low risk and routine. And so the other part for me, which we sort of haven't touched on is as much as we talk about experimentation, it's about the data and the analytics and the knowledge that we create of that. So the, the, the small changes we're making are highly scientific. And when we think about actually understanding how we're optimizing experiences, that's all about the whole set of data points that I'm pinning up. And so I'll take two parts is know the, the journey we've been on here is, is about enablement. It's about moving the architecture. It's about moving the ways of working so that a lot of things that were hard or required thinking about two years ago on that quality team. But the other part of it is understanding the data and having the analytics capability and being able to make a very scientific experiment where you can see the result in the day-to-day >>Ben, what's your reaction advice to folks watching as they modernize exciting, challenging. It's a lot of hard work, but what's it look, it's the end game, >>All of those things, yes. I'd say it's, um, more than anything, it's a necessity these days we have to embark on this journey. It is, it is daunting. And, and of course, a lot of large organizations like ours, we were successful for doing things in a particular way, uh, have built up a lot of, uh, protection mechanisms for doing, for making sure we protect that. And so to come at it from a new angle is, is obviously daunting. And it's very challenging as well. There is an immune system in all of our organizations that is real, but I'll deal with it. Um, but the, the real, um, success behind, uh, the real, I think the reasons behind a lot of our success has been beat by being able to quickly prove value to quickly prove that outcomes are deliverable and achievable. Um, and then to build on those and iterate on it. And as, as I said, it's, it's about being able to move at pace for us in Vodafone. It's about leveraging our scale. We're a huge organization. Um, and we're, we're now coming together as one to really make sure that we do just lean on that scale more than we have them. Yeah, that's really about iterating, as I said, and, and, um, finding things that work, keep doing it, finding things that hold you back and get rid of them as quickly as you can, uh, is what I would say for us. >>It's interesting. You mentioned the scale. The thing about the cloud is when I hear the common pattern is it takes advantage of the strengths of your environment. You know, so every environment is a bit different, but you guys have the scale. I have to ask you while you're here. What are some of the anecdotal comments that kind of, you hear from folks that make you happy? When about the results? I think saying, Hey man, I'm not even seeing this anymore, or, wow. This is faster. What's some of the sound bites that you guys take as proof points of the success of this project. >>Yeah. It's, uh, I'd say it's mainly an R there's two things I would say, uh, the ability to rely less on it delivery if you like. So empowering our commercial business to make changes for themselves in a safe and secure manner. So providing these self-service capabilities, we've started to see a real pace about our commercial business, as well as our technology business. Uh, but also the, the time it takes to get things out is probably one of the biggest, uh, really tangible results and outcomes for us at the moment. Um, just the sheer amount of things we can release to production, uh, in, in sorts of short space, space of time really does bring to life, our ability to now trial and error, to AB test a Canary deploy. Things like that is really, um, it's been a real superpower for our, um, transformation, I think yes. >>Kind of kidding about can't make time to go to the pub, but in reality, it's free time freeing up people from doing those tasks that were slower shifting that value. >>Yeah. Whereas as you mentioned, Johnny, it really is much more than a technical journey. This is a cultural one as well for a lot of organizations and, um, by being more connected, by being more connected to the outcomes or the value that you add into production, uh, it really does drive a new culture and engagement across our teams. You know, if it's six months between writing a line of code and seeing it in production by up no sense of ownership or pride in what I've done there, but if I can deploy code immediately see an impact good or bad, um, then, uh, I really do feel connected to the outcomes and the value that I'm driving to, to the business and to our customers. So there really is a great cultural, >>Yeah. I remember Andy Jassy last year when he was a sea of AWS on stage and talked about that dynamic of the teamwork, people rowing in the right direction. Um, feeling part of it may know this is a cultural shift on how companies do business. I know center I've covered probably a dozen or so killer projects that have just been awesomely new and kind of different, but successful built on the cloud. So a lot of replatforming refactoring you're in the front lines, working with, uh, companies that essentially what's the pattern that you see that's that's happening right now. What's the, what's your view of the current market? >>Um, I mean, I think there's a huge shift to this, that this journey too has been part of the move from being on the cloud to being proud nature. I'm really getting that value because there's a, um, a kind of, almost a example. I see there's a light bulb moment where ownership of what you put in production means that you move away from a model of we change code because either the business tell us too, because they have a functional requirement or because something's broken. When we get into the model of that, I want to improve the thing that I feel ownership of. That's not leave. And you suddenly see how much difference that makes to the experience of it, the quality of it, the stability, all of those things improving. And so if, if I look more generally that cultural shift is it is an evolution that organizations go through and it starts with actually delivering it in a more agile way. At some large scale, you see agility moving up into kind of business agility and starting to affect things like budgeting cycles and the kind of corporate functions. If you like that tend to sit around, uh, you know, supporting Pete pieces of delivery. And there's a lot more of that happening at the moment, a load with more organizations pushing into being properly cloud native and transforming rather than the kind of first wave, which was the shift onto the cloud. Now it's actually, that's really leveraged what we've got with the, >>Yeah. And you guys essentially have been riding on the wave of AWS and the cloud for many, many years. We've been covering it. Ben great success story. Thanks for coming on the cube, a head of digital engineering, Vodafone UK, great example of modern engineering at work using AWS in Europe. Uh, thanks for coming on the Cuban, sharing your story. Maynor thank you for also coming on and the work you're doing at Accenture and AWS. Thank you. Thanks John. The cube coverage of AWS reinvent 2021 executive summit. I'm John furry, your host. Thanks for watching.

>>From around the globe. It's the queue with digital coverage of dev ops virtual forum brought to you by Broadcom. >>Hi, Lisa Martin here covering the Broadcom dev ops virtual forum. I'm very pleased to be joined today by a cube alumni, Jeffrey Hammond, the vice president and principal analyst serving CIO is at Forester. Jeffrey. Nice to talk with you today. >>Good morning. It's good to be here. Yeah. >>So a virtual forum, great opportunity to engage with our audiences so much has changed in the last it's an understatement, right? Or it's an overstated thing, but it's an obvious, so much has changed when we think of dev ops. One of the things that we think of is speed, you know, enabling organizations to be able to better serve customers or adapt to changing markets like we're in now, speaking of the need to adapt, talk to us about what you're seeing with respect to dev ops and agile in the age of COVID, what are things looking like? >>Yeah, I think that, um, for most organizations, we're in a, uh, a period of adjustment, uh, when we initially started, it was essentially a sprint, you know, you run as hard as you can for as fast as you can for as long as you can and you just kind of power through it. And, and that's actually what, um, the folks that get hub saw in may when they ran an analysis of how developers, uh, commit times and a level of work that they were committing and how they were working, uh, in the first couple of months of COVID was, was progressing. They found that developers, at least in the Pacific time zone were actually increasing their work volume, maybe because they didn't have two hour commutes or maybe because they were stuck away in their homes, but for whatever reason, they were doing more work. >>And it's almost like, you know, if you've ever run a marathon the first mile or two in the marathon, you feel great and you just want to run and you want to power through it and you want to go hard. And if you do that by the time you get to mile 18 or 19, you're going to be gassed. It's sucking for wind. Uh, and, and that's, I think where we're starting to hit. So as we start to, um, gear our development chops out for the reality that most of us won't be returning into an office until 2021 at the earliest and many organizations will, will be fundamentally changing, uh, their remote workforce, uh, policies. We have to make sure that the agile processes that we use and the dev ops processes and tools that we use to support these teams are essentially aligned to help developers run that marathon instead of just kind of power through. >>So, um, let me give you a couple of specifics for many organizations, they have been in an environment where they will, um, tolerate Rover remote work and what I would call remote work around the edges like developers can be remote, but product managers and, um, you know, essentially scrum masters and all the administrators that are running the, uh, uh, the SCM repositories and, and the dev ops pipelines are all in the office. And it's essentially centralized work. That's not, we are anymore. We're moving from remote workers at the edge to remote workers at the center of what we do. And so one of the implications of that is that, um, we have to think about all the activities that you need to do from a dev ops perspective or from an agile perspective, they have to be remote people. One of the things I found with some of the organizations I talked to early on was there were things that administrators had to do that required them to go into the office to reboot the SCM server as an example, or to make sure that the final approvals for production, uh, were made. >>And so the code could be moved into the production environment. And so it actually was a little bit difficult because they had to get specific approval from the HR organizations to actually be allowed to go into the office in some States. And so one of the, the results of that is that while we've traditionally said, you know, tools are important, but they're not as important as culture as structure as organization as process. I think we have to rethink that a little bit because to the extent that tools enable us to be more digitally organized and to hiring, you know, achieve higher levels of digitization in our processes and be able to support the idea of remote workers in the center. They're now on an equal footing with so many of the other levers, uh, that, that, um, uh, that organizations have at their disposal. Um, I'll give you another example for years. >>We've said that the key to success with agile at the team level is cross-functional co located teams that are working together physically co located. It's the easiest way to show agile success. We can't do that anymore. We can't be physically located at least for the foreseeable future. So, you know, how do you take the low hanging fruits of an agile transformation and apply it in, in, in, in the time of COVID? Well, I think what you have to do is that you have to look at what physical co-location has enabled in the past and understand that it's not so much the fact that we're together looking at each other across the table. It's the fact that we're able to get into a shared mindspace, uh, from, um, uh, from a measurement perspective, we can have shared purpose. We can engage in high bandwidth communications. It's the spiritual aspect of that physical co-location that is actually important. So one of the biggest things that organizations need to start to ask themselves is how do we achieve spiritual colocation with our agile teams? Because we don't have the, the ease of physical co-location available to us anymore? >>Well, the spiritual co-location is such an interesting kind of provocative phrase there, but something that probably was a challenge here, we are seven, eight months in for many organizations, as you say, going from, you know, physical workspaces, co-location being able to collaborate face to face to a, a light switch flip overnight. And this undefined period of time where all we were living with with was uncertainty, how does spiritual, what do you, when you talk about spiritual co-location in terms of collaboration and processes and technology help us unpack that, and how are you seeing organizations adopted? >>Yeah, it's, it's, um, it's a great question. And, and I think it goes to the very root of how organizations are trying to transform themselves to be more agile and to embrace dev ops. Um, if you go all the way back to the, to the original, uh, agile manifesto, you know, there were four principles that were espoused individuals and interactions over processes and tools. That's still important. Individuals and interactions are at the core of software development, processes and tools that support those individual and interact. Uh, those individuals in those interactions are more important than ever working software over comprehensive documentation. Working software is still more important, but when you are trying to onboard employees and they can't come into the office and they can't do the two day training session and kind of understand how things work and they can't just holler over the cube, uh, to ask a question, you may need to invest a little bit more in documentation to help that onboarding process be successful in a remote context, uh, customer collaboration over contract negotiation. >>Absolutely still important, but employee collaboration is equally as important if you want to be spiritually, spiritually co-located. And if you want to have a shared purpose and then, um, responding to change over following a plan. I think one of the things that's happened in a lot of organizations is we have focused so much of our dev ops effort around velocity getting faster. We need to run as fast as we can like that sprinter. Okay. You know, trying to just power through it as quickly as possible. But as we shift to, to the, to the marathon way of thinking, um, velocity is still important, but agility becomes even more important. So when you have to create an application in three weeks to do track and trace for your employees, agility is more important. Um, and then just flat out velocity. Um, and so changing some of the ways that we think about dev ops practices, um, is, is important to make sure that that agility is there for one thing, you have to defer decisions as far down the chain to the team level as possible. >>So those teams have to be empowered to make decisions because you can't have a program level meeting of six or seven teams and one large hall and say, here's the lay of the land. Here's what we're going to do here are our processes. And here are our guardrails. Those teams have to make decisions much more quickly that developers are actually developing code in smaller chunks of flow. They have to be able to take two hours here or 50 minutes there and do something useful. And so the tools that support us have to become tolerant of the reality of, of, of, of how we're working. So if they work in a way that it allows the team together to take as much autonomy as they can handle, um, to, uh, allow them to communicate in a way that, that, that delivers shared purpose and allows them to adapt and master new technologies, then they're in the zone in their spiritual, they'll get spiritually connected. I hope that makes sense. >>It does. I think we all could use some of that, but, you know, you talked about in the beginning and I've, I've talked to numerous companies during the pandemic on the cube about the productivity, or rather the number of hours of work has gone way up for many roles, you know, and, and, and times that they normally late at night on the weekends. So, but it's a cultural, it's a mind shift to your point about dev ops focused on velocity, sprints, sprints, sprints, and now we have to, so that cultural shift is not an easy one for developers. And even at this folks to flip so quickly, what have you seen in terms of the velocity at which businesses are able to get more of that balance between the velocity, the sprint and the agility? >>I think, I think at the core, this really comes down to management sensitivity. Um, when everybody was in the office, you could kind of see the mental health of development teams by, by watching how they work. You know, you call it management by walking around, right. We can't do that. Managers have to, um, to, to be more aware of what their teams are doing, because they're not going to see that, that developer doing a check-in at 9:00 PM on a Friday, uh, because that's what they had to do, uh, to meet the objectives. And, um, and, and they're going to have to, to, um, to find new ways to measure engagement and also potential burnout. Um, friend of mine once had, uh, had a great metric that he called the parking lot metric. It was helpful as the parking lot at nine. And how full was it at five? >>And that gives you an indication of how engaged your developers are. Um, what's the digital equivalent equivalent to the parking lot metric in the time of COVID it's commit stats, it's commit rates. It's, um, you know, the, uh, the turn rate, uh, that we have in our code. So we have this information, we may not be collecting it, but then the next question becomes, how do we use that information? Do we use that information to say, well, this team isn't delivering as at the same level of productivity as another team, do we weaponize that data or do we use that data to identify impedances in the process? Um, why isn't a team working effectively? Is it because they have higher levels of family obligations and they've got kids that, that are at home? Um, is it because they're working with, um, you know, hardware technology, and guess what, they, it's not easy to get the hardware technology into their home office because it's in the lab at the, uh, at the corporate office, uh, or they're trying to communicate, uh, you know, halfway around the world. >>And, uh, they're communicating with a, with an office lab that is also shut down and, and, and the bandwidth just doesn't enable the, the level of high bandwidth communications. So from a dev ops perspective, managers have to get much more sensitive to the, the exhaust that the dev ops tools are throwing off, but also how they're going to use that in a constructive way to, to prevent burnout. And then they also need to, if they're not already managing or monitoring or measuring the level of developer engagement, they have, they really need to start whether that's surveys around developer satisfaction, um, whether it's, you know, more regular social events, uh, where developers can kind of just get together and drink a beer and talk about what's going on in the project, uh, and monitoring who checks in and who doesn't, uh, they have to, to, um, work harder, I think, than they ever have before. >>Well, and you mentioned burnout, and that's something that I think we've all faced in this time at varying levels and it changes. And it's a real, there's a tension in the air, regardless of where you are. There's a challenge, as you mentioned, people having, you know, coworker, their kids as coworkers and fighting for bandwidth, because everyone is forced in this situation. I'd love to get your perspective on some businesses that are, that have done this well, this adaptation, what can you share in terms of some real-world examples that might inspire the audience? >>Yeah. Uh, I'll start with, uh, stack overflow. Uh, they recently published a piece in the journal of the ACM around some of the things that they had discovered. Um, you know, first of all, just a cultural philosophy. If one person is remote, everybody is remote. And you just think that way from an executive level, um, social spaces. One of the things that they talk about doing is leaving a video conference room open at a team level all day long, and the team members, you know, we'll go on mute, you know, so that they don't have to, that they don't necessarily have to be there with somebody else listening to them. But if they have a question, they can just pop off mute really quickly and ask the question. And if anybody else knows the answer, it's kind of like being in that virtual pod. Uh, if you, uh, if you will, um, even here at Forrester, one of the things that we've done is we've invested in social ceremonies. >>We've actually moved our to our team meetings on, on my analyst team from, from once every two weeks to weekly. And we have built more time in for social Ajay socialization, just so we can see, uh, how, how, how we're doing. Um, I think Microsoft has really made some good, uh, information available in how they've managed things like the onboarding process. I think I'm Amanda silver over there mentioned that a couple of weeks ago when, uh, uh, a presentation they did that, uh, uh, Microsoft onboarded over 150,000 people since the start of COVID, if you don't have good remote onboarding processes, that's going to be a disaster. Now they're not all developers, but if you think about it, um, everything from how you do the interviewing process, uh, to how you get people, their badges, to how they get their equipment. Um, security is a, is another issue that they called out typically, uh, it security, um, the security of, of developers machines ends at, at, at the corporate desktop. >>But, you know, since we're increasingly using our own machines, our own hardware, um, security organizations kind of have to extend their security policies to cover, uh, employee devices, and that's caused them to scramble a little bit. Uh, so, so the examples are out there. It's not a lot of, like, we have to do everything completely differently, but it's a lot of subtle changes that, that have to be made. Um, I'll give you another example. Um, one of the things that, that we are seeing is that, um, more and more organizations to deal with the challenges around agility, with respect to delivering software, embracing low-code tools. In fact, uh, we see about 50% of firms are using low-code tools right now. We predict it's going to be 75% by the end of next year. So figuring out how your dev ops processes support an organization that might be using Mendix or OutSystems, or, you know, the power platform building the front end of an application, like a track and trace application really, really quickly, but then hooking it up to your backend infrastructure. Does that happen completely outside the dev ops investments that you're making and the agile processes that you're making, or do you adapt your organization? Um, our hybrid teams now teams that not just have professional developers, but also have business users that are doing some development with a low-code tool. Those are the kinds of things that we have to be, um, willing to, um, to entertain in order to shift the focus a little bit more toward the agility side, I think >>Lot of obstacles, but also a lot of opportunities for businesses to really learn, pay attention here, pivot and grow, and hopefully some good opportunities for the developers and the business folks to just get better at what they're doing and learning to embrace spiritual co-location Jeffrey, thank you so much for joining us on the program today. Very insightful conversation. >>My pleasure. It's it's, it's an important thing. Just remember if you're going to run that marathon, break it into 26, 10 minute runs, take a walk break in between each and you'll find that you'll get there. >>Digestible components, wise advice. Jeffery Hammond. Thank you so much for joining for Jeffrey I'm Lisa Martin, you're watching Broadcom's dev ops virtual forum >>From around the globe. It's the queue with digital coverage of dev ops virtual forum brought to you by Broadcom, >>Continuing our conversations here at Broadcom's dev ops virtual forum. Lisa Martin here, please. To welcome back to the program, Serge Lucio, the general manager of the enterprise software division at Broadcom. Hey, Serge. Welcome. Thank you. Good to be here. So I know you were just, uh, participating with the biz ops manifesto that just happened recently. I just had the chance to talk with Jeffrey Hammond and he unlocked this really interesting concept, but I wanted to get your thoughts on spiritual co-location as really a necessity for biz ops to succeed in this unusual time in which we're living. What are your thoughts on spiritual colocation in terms of cultural change versus adoption of technologies? >>Yeah, it's a, it's, it's quite interesting, right? When we, when we think about the major impediments for, uh, for dev ops implementation, it's all about culture, right? And swore over the last 20 years, we've been talking about silos. We'd be talking about the paradox for these teams to when it went to align in many ways, it's not so much about these teams aligning, but about being in the same car in the same books, right? It's really about fusing those teams around kind of the common purpose, a common objective. So to me, the, this, this is really about kind of changing this culture where people start to look at a kind of OKR is instead of the key objective, um, that, that drives the entire team. Now, what it means in practice is really that's, uh, we need to change a lot of behaviors, right? It's not about the Yarki, it's not about roles. It's about, you know, who can do what and when, and, uh, you know, driving a bias towards action. It also means that we need, I mean, especially in this school times, it becomes very difficult, right? To drive kind of a kind of collaboration between these teams. And so I think there there's a significant role that especially tools can play in terms of providing this complex feedback from teams to, uh, to be in that preface spiritual qualification. >>Well, and it talked about culture being, it's something that, you know, we're so used to talking about dev ops with respect to velocity, all about speed here. But of course this time everything changed so quickly, but going from the physical spaces to everybody being remote really does take it. It's very different than you can't replicate it digitally, but there are collaboration tools that can kind of really be essential to help that cultural shift. Right? >>Yeah. So 2020, we, we touch to talk about collaboration in a very mundane way. Like, of course we can use zoom. We can all get into, into the same room. But the point when I think when Jeff says spiritual, co-location, it's really about, we all share the same objective. Do we, do we have a niece who, for instance, our pipeline, right? When you talk about dev ops, probably we all started thinking about this continuous delivery pipeline that basically drives the automation, the orchestration across the team, but just thinking about a pipeline, right, at the end of the day, it's all about what is the meantime to beat back to these teams. If I'm a developer and a commit code, I don't, does it take where, you know, that code to be processed through pipeline pushy? Can I get feedback if I am a finance person who is funding a product or a project, what is my meantime to beat back? >>And so a lot of, kind of a, when we think about the pipeline, I think what's been really inspiring to me in the last year or so is that there is much more of an adoption of the Dora metrics. There is way more of a focus around value stream management. And to me, this is really when we talk about collaboration, it's really a balance. How do you provide the feedback to the different stakeholders across the life cycle in a very timely matter? And that's what we would need to get to in terms of kind of this, this notion of collaboration. It's not so much about people being in the same physical space. It's about, you know, when I checked in code, you know, to do I guess the system to automatically identify what I'm going to break. If I'm about to release some allegation, how can the system help me reduce my change pillar rates? Because it's, it's able to predict that some issue was introduced in the outpatient or work product. Um, so I think there's, there's a great role of technology and AI candidate Lynch to, to actually provide that new level of collaboration. >>So we'll get to AI in a second, but I'm curious, what are some of the, of the metrics you think that really matter right now is organizations are still in some form of transformation to this new almost 100% remote workforce. >>So I'll just say first, I'm not a big fan of metrics. Um, and the reason being that, you know, you can look at a change killer rate, right, or a lead time or cycle time. And those are, those are interesting metrics, right? The trend on metric is absolutely critical, but what's more important is you get to the root cause what is taught to you lean to that metric to degrade or improve or time. And so I'm much more interested and we, you know, fruit for Broadcom. Are we more interested in understanding what are the patterns that contribute to this? So I'll give you a very mundane example. You know, we know that cycle time is heavily influenced by, um, organizational boundaries. So, you know, we talk a lot about silos, but, uh, we we've worked with many of our customers doing value stream mapping. And oftentimes what you see is that really the boundaries of your organization creates a lot of idle time, right? So to me, it's less about the metrics. I think the door metrics are a pretty, you know, valid set metrics, but what's way more important is to understand what are the antiperspirants, what are the things that we can detect through the data that actually are affecting those metrics. And, uh, I mean, over the last 10, 20 years, we've learned a lot about kind of what are, what are the antiperspirants within our large enterprise customers. And there are plenty of them. >>What are some of the things that you're seeing now with respect to patterns that have developed over the last seven to eight months? >>So I think the two areas which clearly are evolving very quickly are on kind of the front end of the life cycle, where DevOps is more and more embracing value stream management value stream mapping. Um, and I think what's interesting is that in many ways the product is becoming the new silo. Uh, the notion of a product is very difficult by itself to actually define people are starting to recognize that a value stream is not its own little kind of Island. That in reality, when I define a product, this product, oftentimes as dependencies on our products and that in fact, you're looking at kind of a network of value streams, if you will. So, so even on that, and there is clearly kind of a new sets, if you will, of anti-patterns where products are being defined as a set of OTRs, they have interdependencies and you have have a new set of silos on the operands, uh, the Abra key movement to Israel and the SRE space where, um, I think there is a cultural clash while the dev ops side is very much embracing this notion of OTRs and value stream mapping and Belgium management. >>On the other end, you have the it operations teams. We still think business services, right? For them, they think about configure items, think about infrastructure. And so, you know, it's not uncommon to see, you know, teams where, you know, the operations team is still thinking about hundreds of thousands, tens of thousands of business services. And so the, the, there is there's this boundary where, um, I think, well, SRE is being put in place. And there's lots of thinking about what kind of metrics can be fined. I think, you know, going back to culture, I think there's a lot of cultural evolution that's still required for true operations team. >>And that's a hard thing. Cultural transformation in any industry pandemic or not is a challenging thing. You talked about, uh, AI and automation of minutes ago. How do you think those technologies can be leveraged by DevOps leaders to influence their successes and their ability to collaborate, maybe see eye to eye with the SRS? >>Yeah. Um, so th you're kind of too. So even for myself, as a leader of a, you know, 1500 people organization, there's a number of things I don't see right. On a daily basis. And, um, I think the, the, the, the technologies that we have at our disposal today from the AI are able to mind a lot of data and expose a lot of, uh, issues that's as leaders we may not be aware of. And some of the, some of these are pretty kind of easy to understand, right? We all think we're agile. And yet when you, when you start to understand, for instance, uh, what is the, what is the working progress right to during the sprint? Um, when you start to analyze the data you can detect, for instance, that maybe the teams are over committed, that there is too much work in progress. >>You can start to identify kind of, interdepencies either from a technology, from a people point of view, which were hidden, uh, you can start to understand maybe the change filler rates he's he is dragging. So I believe that there is a, there's a fundamental role to be played by the tools to, to expose again, these anti parents, to, to make these things visible to the teams, to be able to even compare teams. Right. One of the things that's, that's, uh, that's amazing is now we have access to tons of data, not just from a given customer, but across a large number of customers. And so we start to compare all of these teams kind of operate, and what's working, what's not working >>Thoughts on AI and automation as, as a facilitator of spiritual co-location. >>Yeah, absolutely. Absolutely. It's um, you know, th there's, uh, the problem we all face is the unknown, right? The, the law city, but volume variety of the data, uh, everyday we don't really necessarily completely appreciate what is the impact of our actions, right? And so, um, AI can really act as a safety net that enables us to, to understand what is the impact of our actions. Um, and so, yeah, in many ways, the ability to be informed in a timely matter to be able to interact with people on the basis of data, um, and collaborate on the data. And the actual matter, I think is, is a, is a very powerful enabler, uh, on, in that respect. I mean, I, I've seen, um, I've seen countless of times that, uh, for instance, at the SRE boundary, um, to basically show that we'll turn the quality attributes, so an incoming release, right. And exposing that to, uh, an operations person and a sorry person, and enabling that collaboration dialogue through data is a very, very powerful tool. >>Do you have any recommendations for how teams can use, you know, the SRE folks, the dev ops says can use AI and automation in the right ways to be successful rather than some ways that aren't going to be nonproductive. >>Yeah. So to me, the th there, there's a part of the question really is when, when we talk about data, there are there different ways you can use data, right? Um, so you can, you can do a lot of an analytics, predictive analytics. So I think there is a, there's a tendency, uh, to look at, let's say a, um, a specific KPI, like a, an availability KPI, or change filler rate, and to basically do a regression analysis and projecting all these things, going to happen in the future. To me, that that's, that's a, that's a bad approach. The reason why I fundamentally think it's a better approach is because we are systems. The way we develop software is, is a, is a non-leader kind of system, right? Software development is not linear nature. And so I think there's a D this is probably the worst approach is to actually focus on metrics on the other end. >>Um, if you, if you start to actually understand at a more granular level, what har, uh, which are the things which are contributing to this, right? So if you start to understand, for instance, that whenever maybe, you know, you affect a specific part of the application that translates into production issues. So we, we have, I've actually, uh, a customer who, uh, identified that, uh, over 50% of their unplanned outages were related to specific components in your architecture. And whenever these components were changed, this resulted in these plant outages. So if you start to be able to basically establish causality, right, cause an effect between kind of data across the last cycle. I think, I think this is the right way to, uh, to, to use AI. And so pharma to be, I think it's way more God could have a classification problem. What are the classes of problems that do exist and affect things as opposed to analytics, predictive, which I don't think is as powerful. >>So I mentioned in the beginning of our conversation, that just came off the biz ops manifesto. You're one of the authors of that. I want to get your thoughts on dev ops and biz ops overlapping, complimenting each other, what, from a, the biz ops perspective, what does it mean to the future of dev ops? >>Yeah, so, so it's interesting, right? If you think about DevOps, um, there's no felony document, right? Can we, we can refer to the Phoenix project. I mean, there are a set of documents which have been written, but in many ways, there's no clear definition of what dev ops is. Uh, if you go to the dev ops Institute today, you'll see that they are specific, um, trainings for instance, on value management on SRE. And so in many ways, the problem we have as an industry is that, um, there are set practices between agile dev ops, SRE Valley should management. I told, right. And we all basically talk about the same things, right. We all talk about essentially, um, accelerating in the meantime fee to feedback, but yet we don't have the common framework to talk about that. The other key thing is that we add to wait, uh, for, uh, for jeans, Jean Kim's Lascaux, um, to, uh, to really start to get into the business aspect, right? >>And for value stream mapping to start to emerge for us to start as an industry, right. It, to start to think about what is our connection with the business aspect, what's our purpose, right? And ultimately it's all about driving these business outcomes. And so to me, these ops is really about kind of, uh, putting a lens on this critical element that it's not business and it, that we in fact need to fuse business 19 that I need needs to transform itself to recognize that it's, it's this value generator, right. It's not a cost center. And so the relationship to me, it's more than BizOps provides kind of this Oliver or kind of framework, if you will. That set the context for what is the reason, uh, for it to exist. What's part of the core values and principles that it needs to embrace to, again, change from a cost center to a value center. And then we need to start to use this as a way to start to unify some of the, again, the core practices, whether it's agile, DevOps value, stream mapping SRE. Um, so, so I think over time, my hope is that we start to optimize a lot of our practices, language, um, and, uh, and cultural elements. >>Last question surgeon, the last few seconds we have here talking about this, the relation between biz ops and dev ops, um, what do you think as DevOps evolves? And as you talked to circle some of your insights, what should our audience keep their eyes on in the next six to 12 months? >>So to me, the key, the key, um, challenge for, for the industry is really around. So we were seeing a very rapid shift towards kind of, uh, product to product, right. Which we don't want to do is to recreate kind of these new silos, these hard silos. Um, so that, that's one of the big changes, uh, that I think we need to be, uh, to be really careful about, um, because it is ultimately, it is about culture. It's not about, uh, it's not about, um, kind of how we segment the work, right. And, uh, any true culture that we can overcome kind of silos. So back to, I guess, with Jeffrey's concept of, um, kind of the spiritual co-location, I think it's, it's really about that too. It's really about kind of, uh, uh, focusing on the business outcomes on kind of aligning on driving engagement across the teams, but, but not for create a, kind of a new set of silos, which instead of being vertical are going to be these horizontal products >>Crazy by surge that looking at culture as kind of a way of really, uh, uh, addressing and helping to, uh, re re reduce, replace challenges. We thank you so much for sharing your insights and your time at today's DevOps virtual forum. >>Thank you. Thanks for your time. >>I'll be right back >>From around the globe it's the cube with digital coverage of devops virtual forum brought to you by Broadcom. >>Welcome to Broadcom's DevOps virtual forum, I'm Lisa Martin, and I'm joined by another Martin, very socially distanced from me all the way coming from Birmingham, England is Glynn Martin, the head of QA transformation at BT. Glynn, it's great to have you on the program. Thank you, Lisa. I'm looking forward to it. As we said before, we went live to Martins for the person one in one segment. So this is going to be an interesting segment guys, what we're going to do is Glynn's going to give us a really kind of deep inside out view of devops from an evolution perspective. So Glynn, let's start. Transformation is at the heart of what you do. It's obviously been a very transformative year. How have the events of this year affected the >> transformation that you are still responsible for driving? Yeah. Thank you, Lisa. I mean, yeah, it has been a difficult year. >>Um, and although working for BT, which is a global telecommunications company, um, I'm relatively resilient, I suppose, as a, an industry, um, through COVID obviously still has been affected and has got its challenges. And if anything, it's actually caused us to accelerate our transformation journey. Um, you know, we had to do some great things during this time around, um, you know, in the UK for our emergency and, um, health workers give them unlimited data and for vulnerable people to support them. And that's spent that we've had to deliver changes quickly. Um, but what we want to be able to do is deliver those kinds of changes quickly, but sustainably for everything that we do, not just because there's an emergency. Um, so we were already on the kind of journey to agile, but ever more important now that we are, we are able to do those, that kind of work, do it more quickly. >>Um, and that it works because the, the implications of it not working is, can be terrible in terms of you know, we've been supporting testing centers,  new hospitals to treat COVID patients. So we need to get it right. And then therefore the coverage of what we do, the quality of what we do and how quickly we do it really has taken on a new scale and what was already a very competitive market within the telco industry within the UK. Um, you know, what I would say is that, you know, we are under pressure to deliver more value, but we have small cost challenges. We have to obviously, um, deal with the fact that, you know, COVID 19 has hit most industries kind of revenues and profits. So we've got this kind of paradox between having less costs, but having to deliver more value quicker and  to higher quality. So yeah, certainly the finances is, um, on our minds and that's why we need flexible models, cost models that allow us to kind of do growth, but we get that growth by showing that we're delivering value. Um, especially in these times when there are financial challenges on companies. So one of the things that I want to ask you about, I'm again, looking at DevOps from the inside >>Out and the evolution that you've seen, you talked about the speed of things really accelerating in this last nine months or so. When we think dev ops, we think speed. But one of the things I'd love to get your perspective on is we've talked about in a number of the segments that we've done for this event is cultural change. What are some of the things that you've seen there as, as needing to get, as you said, get things right, but done so quickly to support essential businesses, essential workers. How have you seen that cultural shift? >>Yeah, I think, you know, before test teams for themselves at this part of the software delivery cycle, um, and actually now really our customers are expecting that quality and to deliver for our customers what they want, quality has to be ingrained throughout the life cycle. Obviously, you know, there's lots of buzzwords like shift left. Um, how do we do shift left testing? Um, but for me, that's really instilling quality and given capabilities shared capabilities throughout the life cycle that drive automation, drive improvements. I always say that, you know, you're only as good as your lowest common denominator. And one thing that we were finding on our dev ops journey was that we  would be trying to do certain things quick, we had automated build, automated tests. But if we were taking a weeks to create test scripts, or we were taking weeks to manually craft data, and even then when we had taken so long to do it, that the coverage was quite poor and that led to lots of defects later on in the life cycle, or even in our production environment, we just couldn't afford to do that. >>And actually, focusing on continuous testing over the last nine to 12 months has really given us the ability to deliver quickly across the whole life cycle. And therefore actually go from doing a kind of semi agile kind of thing, where we did the user stories, we did a few of the kind of agile ceremonies, but we weren't really deploying any quicker into production because our stakeholders were scared that we didn't have the same control that we had when we had more waterfall releases. And, you know, when we didn't think of ourselves. So we've done a lot of work on every aspect, um, especially from a testing point of view, every aspect of every activity, rather than just looking at automated tests, you know, whether it is actually creating the test in the first place, whether it's doing security testing earlier in the lot and performance testing in the life cycle, et cetera. So, yeah,  it's been a real key thing that for CT, for us to drive DevOps, >>Talk to me a little bit about your team. What are some of the shifts in terms of expectations that you're experiencing and how your team interacts with the internal folks from pipeline through life cycle? >>Yeah, we've done a lot of work on this. Um, you know, there's a thing that I think people will probably call it a customer experience gap, and it reminds me of a Gilbert cartoon, where we start with the requirements here and you're almost like a Chinese whisper effects and what we deliver is completely different. So we think the testing team or the delivery teams, um, know in our teeth has done a great job. This is what it said in the acceptance criteria, but then our customers are saying, well, actually that's not working this isn't working and there's this kind of gap. Um, we had a great launch this year of agile requirements, it's one of the Broadcom tools. And that was the first time in, ever since I remember actually working within BT, I had customers saying to me, wow, you know, we want more of this. >>We want more projects to have extra requirements design on it because it allowed us to actually work with the business collaboratively. I mean, we talk about collaboration, but how do we actually, you know, do that and have something that both the business and technical people can understand. And we've actually been working with the business , using agile requirements designer to really look at what the requirements are, tease out requirements we hadn't even thought of and making sure that we've got high levels of test coverage. And what we actually deliver at the end of it, not only have we been able to generate tests more quickly, but we've got much higher test coverage and also can more smartly, using the kind of AI within the tool and then some of the other kinds of pipeline tools, actually deliver to choose the right tasks, and actually doing a risk based testing approach. So that's been a great launch this year, but just the start of many kinds of things that we're doing >>Well, what I hear in that, Glynn is a lot of positives that have come out of a very challenging situation. Talk to me about it. And I liked that perspective. This is a very challenging time for everybody in the world, but it sounds like from a collaboration perspective you're right, we talk about that a lot critical with devops. But those challenges there, you guys were able to overcome those pretty quickly. What other challenges did you face and figure out quickly enough to be able to pivot so fast? >>I mean, you talked about culture. You know, BT is like most companies  So it's very siloed. You know we're still trying to work to become closer as a company. So I think there's a lot of challenges around how would you integrate with other tools? How would you integrate with the various different technologies. And BT, we have 58 different IT stacks. That's not systems, that's stacks, all of those stacks can have hundreds of systems. And we're trying to, we've got a drive at the moment, a simplified program where we're trying to you know, reduce that number to 14 stacks. And even then there'll be complexity behind the scenes that we will be challenged more and more as we go forward. How do we actually highlight that to our users? And as an it organization, how do we make ourselves leaner, so that even when we've still got some of that legacy, and we'll never fully get rid of it and that's the kind of trade off that we have to make, how do we actually deal with that and hide that from our users and drive those programs, so we can, as I say, accelerate change,  reduce that kind of waste and that kind of legacy costs out of our business. You know, the other thing as well, I'm sure telecoms is probably no different to insurance or finance. When you take the number of products that we do, and then you combine them, the permutations are tens and hundreds of thousands of products. So we, as a business are trying to simplify, we are trying to do that in an agile way. >>And haven't tried to do agile in the proper way and really actually work at pace, really deliver value. So I think what we're looking more and more at the moment is actually  more value focused. Before we used to deliver changes sometimes into production. Someone had a great idea, or it was a great idea nine months ago or 12 months ago, but actually then we ended up deploying it and then we'd look at the users, the usage of that product or that application or whatever it is, and it's not being used for six months. So we haven't got, you know, the cost of the last 12 months. We certainly haven't gotten room for that kind of waste and, you know, for not really understanding the value of changes that we are doing. So I think that's the most important thing of the moment, it's really taking that waste out. You know, there's lots of focus on things like flow management, what bits of our process are actually taking too long. And we've started on that journey, but we've got a hell of a long way to go. But that involves looking at every aspect of the software delivery cycle. >> Going from, what 58 IT stacks down to 14 or whatever it's going to be, simplifying sounds magical to everybody. It's a big challenge. What are some of the core technology capabilities that you see really as kind of essential for enabling that with this new way that you're working? >>Yeah. I mean, I think we were started on a continuous testing journey, and I think that's just the start. I mean as I say, looking at every aspect of, you know, from a QA point of view is every aspect of what we do. And it's also looking at, you know, we've started to branch into more like AI, uh, AI ops and, you know, really the full life cycle. Um, and you know, that's just a stepping stone to, you know, I think autonomics is the way forward, right. You know, all of this kind of stuff that happens, um, you know, monitoring, uh, you know, watching the systems what's happening in production, how do we feed that back? How'd you get to a point where actually we think about change and then suddenly it's in production safely, or if it's not going to safety, it's automatically backing out. So, you know, it's a very, very long journey, but if we want to, you know, in a world where the pace is in ever-increasing and the demands for the team, and, you know, with the pressures on, at the moment where we're being asked to do things, uh, you know, more efficiently and as lean as possible, we need to be thinking about every part of the process and how we put the kind of stepping stones in place to lead us to a more automated kind of, um, you know, um, the future. >>Do you feel that that planned outcomes are starting to align with what's delivered, given this massive shift that you're experiencing? >>I think it's starting to, and I think, you know, as I say, as we look at more of a value based approach, um, and, um, you know, as I say, print, this was a kind of flow management. I think that that will become ever, uh, ever more important. So, um, I think it starting to people certainly realize that, you know, teams need to work together, you know, the kind of the cousin between business and it, especially as we go to more kind of SAS based solutions, low code solutions, you know, there's not such a gap anymore, actually, some of our business partners that expense to be much more tech savvy. Um, so I think, you know, this is what we have to kind of appreciate what is its role, how do we give the capabilities, um, become more of a centers of excellence rather than actually doing mounds amounts of work. And for me, and from a testing point of view, you know, mounds and mounds of testing, actually, how do we automate that? How do we actually generate that instead of, um, create it? I think that's the kind of challenge going forward. >>What are some, as we look forward, what are some of the things that you would like to see implemented or deployed in the next, say six to 12 months as we hopefully round a corner with this pandemic? >>Yeah, I think, um, you know, certainly for, for where we are as a company from a QA perspective, we are, um, you let's start in bits that we do well, you know, we've started creating, um, continuous delivery and DevOps pipelines. Um, there's still manual aspects of that. So, you know, certainly for me, I I've challenged my team with saying how do we do an automated journey? So if I put a requirement in JIRA or rally or wherever it is and why then click a button and, you know, with either zero touch for one such, then put that into production and have confidence that, that has been done safely and that it works and what happens if it doesn't work. So, you know, that's, that's the next, um, the next few months, that's what our concentration, um, is, is about. But it's also about decision-making, you know, how do you actually understand those value judgments? >>And I think there's lots of the things dev ops, AI ops, kind of that always ask aspects of business operations. I think it's about having the information in one place to make those kinds of decisions. How does it all try and tie it together? As I say, even still with kind of dev ops, we've still got elements within my company where we've got lots of different organizations doing some, doing similar kinds of things, but they're all kind of working in silos. So I think having AI ops as it comes more and more to the fore as we go to cloud, and that's what we need to, you know, we're still very early on in our cloud journey, you know, so we need to make sure the technologies work with cloud as well as you can have, um, legacy systems, but it's about bringing that all together and having a full, visible pipeline, um, that everybody can see and make decisions. >>You said the word confidence, which jumped out at me right away, because absolutely you've got to have be able to have confidence in what your team is delivering and how it's impacting the business and those customers. Last question then for you is how would you advise your peers in a similar situation to leverage technology automation, for example, dev ops, to be able to gain the confidence that they're making the right decisions for their business? >>I think the, the, the, the, the approach that we've taken actually is not started with technology. Um, we've actually taken a human centered design, uh, as a core principle of what we do, um, within the it part of BT. So by using human centered design, that means we talk to our customers, we understand their pain points, we map out their current processes. Um, and then when we mapped out what this process does, it also understand their aspirations as well, you know? Um, and where do they want to be in six months? You know, do they want it to be, um, more agile and, you know, or do they want to, you know, is, is this a part of their business that they want to do one better? We actually then looked at why that's not running well, and then see what, what solutions are out there. >>We've been lucky that, you know, with our partnership, with Broadcom within the payer line, lots of the tools and the PLA have directly answered some of the business's problems. But I think by having those conversations and actually engaging with the business, um, you know, especially if the business hold the purse strings, which in, in, uh, you know, in some companies include not as they do there is that kind of, you know, almost by understanding their, their pain points and then starting, this is how we can solve your problem. Um, is we've, we've tended to be much more successful than trying to impose something and say, well, here's the technology that they don't quite understand. It doesn't really understand how it kind of resonates with their problems. So I think that's the heart of it. It's really about, you know, getting, looking at the data, looking at the processes, looking at where the kind of waste is. >>And then actually then looking at the right solutions. Then, as I say, continuous testing is massive for us. We've also got a good relationship with Apple towards looking at visual AI. And actually there's a common theme through that. And I mean, AI is becoming more and more prevalent. And I know, you know, sometimes what is AI and people have kind of this semantics of, is it true AI or not, but it's certainly, you know, AI machine learning is becoming more and more prevalent in the way that we work. And it's allowing us to be much more effective, be quicker in what we do and be more accurate. And, you know, whether it's finding defects running the right tests or, um, you know, being able to anticipate problems before they're happening in a production environment. >>Well, thank you so much for giving us this sort of insight outlook at dev ops sharing the successes that you're having, taking those challenges, converting them to opportunities and forgiving folks who might be in your shoes, or maybe slightly behind advice enter. They appreciate it. We appreciate your time. >>Well, it's been an absolute pleasure, really. Thank you for inviting me. I have a extremely enjoyed it. So thank you ever so much. >>Excellent. Me too. I've learned a lot for Glenn Martin. I'm Lisa Martin. You're watching the cube >>Driving revenue today means getting better, more valuable software features into the hands of your customers. If you don't do it quickly, your competitors as well, but going faster without quality creates risks that can damage your brand destroy customer loyalty and cost millions to fix dev ops from Broadcom is a complete solution for balancing speed and risk, allowing you to accelerate the flow of value while minimizing the risk and severity of critical issues with Broadcom quality becomes integrated across the entire DevOps pipeline from planning to production, actionable insights, including our unique readiness score, provide a three 60 degree view of software quality giving you visibility into potential issues before they become disasters. Dev ops leaders can manage these risks with tools like Canary deployments tested on a small subset of users, or immediately roll back to limit the impact of defects for subsequent cycles. Dev ops from Broadcom makes innovation improvement easier with integrated planning and continuous testing tools that accelerate the flow of value product requirements are used to automatically generate tests to ensure complete quality coverage and tests are easily updated. >>As requirements change developers can perform unit testing without ever leaving their preferred environment, improving efficiency and productivity for the ultimate in shift left testing the platform also integrates virtual services and test data on demand. Eliminating two common roadblocks to fast and complete continuous testing. When software is ready for the CIC CD pipeline, only DevOps from Broadcom uses AI to prioritize the most critical and relevant tests dramatically improving feedback speed with no decrease in quality. This release is ready to go wherever you are in your DevOps journey. Broadcom helps maximize innovation velocity while managing risk. So you can deploy ideas into production faster and release with more confidence from around the globe. It's the queue with digital coverage of dev ops virtual forum brought to you by Broadcom. >>Hi guys. Welcome back. So we have discussed the current state and the near future state of dev ops and how it's going to evolve from three unique perspectives. In this last segment, we're going to open up the floor and see if we can come to a shared understanding of where dev ops needs to go in order to be successful next year. So our guests today are, you've seen them all before Jeffrey Hammond is here. The VP and principal analyst serving CIO is at Forester. We've also Serge Lucio, the GM of Broadcom's enterprise software division and Glenn Martin, the head of QA transformation at BT guys. Welcome back. Great to have you all three together >>To be here. >>All right. So we're very, we're all very socially distanced as we've talked about before. Great to have this conversation. So let's, let's start with one of the topics that we kicked off the forum with Jeff. We're going to start with you spiritual co-location that's a really interesting topic that we've we've uncovered, but how much of the challenge is truly cultural and what can we solve through technology? Jeff, we'll start with you then search then Glen Jeff, take it away. >>Yeah, I think fundamentally you can have all the technology in the world and if you don't make the right investments in the cultural practices in your development organization, you still won't be effective. Um, almost 10 years ago, I wrote a piece, um, where I did a bunch of research around what made high-performance teams, software delivery teams, high performance. And one of the things that came out as part of that was that these teams have a high level of autonomy. And that's one of the things that you see coming out of the agile manifesto. Let's take that to today where developers are on their own in their own offices. If you've got teams where the team itself had a high level of autonomy, um, and they know how to work, they can make decisions. They can move forward. They're not waiting for management to tell them what to do. >>And so what we have seen is that organizations that embraced autonomy, uh, and got their teams in the right place and their teams had the information that they needed to make the right decisions have actually been able to operate pretty well, even as they've been remote. And it's turned out to be things like, well, how do we actually push the software that we've created into production that would become the challenge is not, are we writing the right software? And that's why I think the term spiritual co-location is so important because even though we may be physically distant, we're on the same plane, we're connected from a, from, from a, a shared purpose. Um, you know, surgeon, I worked together a long, long time ago. So it's been what almost 15, 16 years since we were at the same place. And yet I would say there's probably still a certain level of spiritual co-location between us, uh, because of the shared purposes that we've had in the past and what we've seen in the industry. And that's a really powerful tool, uh, to build on. So what do tools play as part of that, to the extent that tools make information available, to build shared purpose on to the extent that they enable communication so that we can build that spiritual co-location to the extent that they reinforce the culture that we want to put in place, they can be incredibly valuable, especially when, when we don't have the luxury of physical locate physical co-location. Okay. That makes sense. >>It does. I shouldn't have introduced us. This last segment is we're all spiritually co-located or it's a surge, clearly you're still spiritually co located with jump. Talk to me about what your thoughts are about spiritual of co-location the cultural impact and how technology can move it forward. >>Yeah. So I think, well, I'm going to sound very similar to Jeff in that respect. I think, you know, it starts with kind of a shared purpose and the other understanding, Oh, individuals teams, uh, contributed to kind of a business outcome, what is our shared goal or shared vision? What's what is it we're trying to achieve collectively and keeping it kind of aligned to that? Um, and so, so it's really starts with that now, now the big challenge, always these over the last 20 years, especially in large organization, there's been specialization of roles and functions. And so we, we all that started to basically measure which we do, uh, on a daily basis using metrics, which oftentimes are completely disconnected from kind of a business outcome or purpose. We, we kind of reverted back to, okay, what is my database all the time? What is my cycle time? >>Right. And, and I think, you know, which we can do or where we really should be focused as an industry is to start to basically provide a lens or these different stakeholders to look at what they're doing in the context of kind of these business outcomes. So, um, you know, probably one of my, um, favorites experience was to actually weakness at one of a large financial institution. Um, you know, Tuesday Golder's unquote development and operations staring at the same data, right. Which was related to, you know, in calming changes, um, test execution results, you know, Coverity coverage, um, official liabilities and all the all ran. It could have a direction level links. And that's when you start to put these things in context and represent that to you in a way that these different stakeholders can, can look at from their different lens. And, uh, and it can start to basically communicate and, and understand have they joined our company to, uh, to, to that kind of common view or objective. >>And Glen, we talked a lot about transformation with you last time. What are your thoughts on spiritual colocation and the cultural part, the technology impact? >>Yeah, I mean, I agree with Jeffrey that, you know, um, the people and culture, the most important thing, actually, that's why it's really important when you're transforming to have partners who have the same vision as you, um, who, who you can work with, have the same end goal in mind. And w I've certainly found that with our, um, you know, continuing relationship with Broadcom, what it also does though, is although, you know, tools can accelerate what you're doing and can join consistency. You know, we've seen within simplify, which is BTS flagship transformation program, where we're trying to, as it can, it says simplify the number of systems stacks that we have, the number of products that we have actually at the moment, we've got different value streams within that program who have got organizational silos. We were trying to rewrite, rewrite the wheel, um, who are still doing things manually. >>So in order to try and bring that consistency, we need the right tools that actually are at an enterprise grade, which can be flexible to work with in BT, which is such a complex and very dev, uh, different environments, depending on what area of BT you're in, whether it's a consumer, whether it's a mobile area, whether it's large global or government organizations, you know, we found that we need tools that can, um, drive that consistency, but also flex to Greenfield brownfield kind of technologies as well. So it's really important that as I say, for a number of different aspects, that you have the right partner, um, to drive the right culture, I've got the same vision, but also who have the tool sets to help you accelerate. They can't do that on their own, but they can help accelerate what it is you're trying to do in it. >>And a really good example of that is we're trying to shift left, which is probably a, quite a bit of a buzz phrase in their kind of testing world at the moment. But, you know, I could talk about things like continuous delivery direct to when a ball comes tools and it has many different features to it, but very simply on its own, it allows us to give the visibility of what the teams are doing. And once we have that visibility, then we can talk to the teams, um, around, you know, could they be doing better component testing? Could they be using some virtualized services here or there? And that's not even the main purpose of continuous delivery director, but it's just a reason that tools themselves can just give greater visibility of have much more intuitive and insightful conversations with other teams and reduce those organizational silos. >>Thanks, Ben. So we'd kind of sum it up, autonomy collaboration tools that facilitate that. So let's talk now about metrics from your perspectives. What are the metrics that matter? Jeff, >>I'm going to go right back to what Glenn said about data that provides visibility that enables us to, to make decisions, um, with shared purpose. And so business value has to be one of the first things that we look at. Um, how do we assess whether we have built something that is valuable, you know, that could be sales revenue, it could be net promoter score. Uh, if you're not selling what you've built, it could even be what the level of reuse is within your organization or other teams picking up the services, uh, that you've created. Um, one of the things that I've begun to see organizations do is to align value streams with customer journeys and then to align teams with those value streams. So that's one of the ways that you get to a shared purpose, cause we're all trying to deliver around that customer journey, the value with it. >>And we're all measured on that. Um, there are flow metrics which are really important. How long does it take us to get a new feature out from the time that we conceive it to the time that we can run our first experiments with it? There are quality metrics, um, you know, some of the classics or maybe things like defect, density, or meantime to response. Um, one of my favorites came from a, um, a company called ultimate software where they looked at the ratio of defects found in production to defects found in pre production and their developers were in fact measured on that ratio. It told them that guess what quality is your job to not just the test, uh, departments, a group, the fourth level that I think is really important, uh, in, in the current, uh, situation that we're in is the level of engagement in your development organization. >>We used to joke that we measured this with the parking lot metric helpful was the parking lot at nine. And how full was it at five o'clock. I can't do that anymore since we're not physically co-located, but what you can do is you can look at how folks are delivering. You can look at your metrics in your SCM environment. You can look at, uh, the relative rates of churn. Uh, you can look at things like, well, are our developers delivering, uh, during longer periods earlier in the morning, later in the evening, are they delivering, uh, you know, on the weekends as well? Are those signs that we might be heading toward a burnout because folks are still running at sprint levels instead of marathon levels. Uh, so all of those in combination, uh, business value, uh, flow engagement in quality, I think form the backbone of any sort of, of metrics, uh, a program. >>The second thing that I think you need to look at is what are we going to do with the data and the philosophy behind the data is critical. Um, unfortunately I see organizations where they weaponize the data and that's completely the wrong way to look at it. What you need to do is you need to say, you need to say, how is this data helping us to identify the blockers? The things that aren't allowing us to provide the right context for people to do the right thing. And then what do we do to remove those blockers, uh, to make sure that we're giving these autonomous teams the context that they need to do their job, uh, in a way that creates the most value for the customers. >>Great advice stuff, Glenn, over to your metrics that matter to you that really make a big impact. And, and, and also how do you measure quality kind of following onto the advice that Jeff provided? >>That's some great advice. Actually, he talks about value. He talks about flow. Both of those things are very much on my mind at the moment. Um, but there was this, I listened to a speaker, uh, called me Kirsten a couple of months ago. It taught very much around how important flow management is and removing, you know, and using that to remove waste, to understand in terms of, you know, making software changes, um, what is it that's causing us to do it longer than we need to. So where are those areas where it takes long? So I think that's a very important thing for us. It's even more basic than that at the moment, we're on a journey from moving from kind of a waterfall to agile. Um, and the problem with moving from waterfall to agile is with waterfall, the, the business had a kind of comfort that, you know, everything was tested together and therefore it's safer. >>Um, and with agile, there's that kind of, you know, how do we make sure that, you know, if we're doing things quick and we're getting stuff out the door that we give that confidence, um, that that's ready to go, or if there's a risk that we're able to truly articulate what that risk is. So there's a bit about release confidence, um, and some of the metrics around that and how, how healthy those releases are, and actually saying, you know, we spend a lot of money, um, um, an investment setting up our teams, training our teams, are we actually seeing them deliver more quickly and are we actually seeing them deliver more value quickly? So yeah, those are the two main things for me at the moment, but I think it's also about, you know, generally bringing it all together, the dev ops, you know, we've got the kind of value ops AI ops, how do we actually bring that together to so we can make quick decisions and making sure that we are, um, delivering the biggest bang for our buck, absolutely biggest bang for the buck, surge, your thoughts. >>Yeah. So I think we all agree, right? It starts with business metrics, flow metrics. Um, these are kind of the most important metrics. And ultimately, I mean, one of the things that's very common across a highly functional teams is engagements, right? When, when you see a team that's highly functioning, that's agile, that practices DevOps every day, they are highly engaged. Um, that that's, that's definitely true. Now the, you know, back to, I think, uh, Jeff's point on weaponization of metrics. One of the key challenges we see is that, um, organizations traditionally have been kind of, uh, you know, setting up benchmarks, right? So what is a good cycle time? What is a good lead time? What is a good meantime to repair? The, the problem is that this is very contextual, right? It varies. It's going to vary quite a bit, depending on the nature of application and system. >>And so one of the things that we really need to evolve, um, as an industry is to understand that it's not so much about those flow metrics is about our, these four metrics ultimately contribute to the business metric to the business outcome. So that's one thing. The second aspect, I think that's oftentimes misunderstood is that, you know, when you have a bad cycle time or, or, or what you perceive as being a buy cycle time or better quality, the problem is oftentimes like all, do you go and explore why, right. What is the root cause of this? And I think one of the key challenges is that we tend to focus a lot of time on metrics and not on the eye type patterns, which are pretty common across the industry. Um, you know, if you look at, for instance, things like lead time, for instance, it's very common that, uh, organizational boundaries are going to be a key contributor to badly time. >>And so I think that there is, you know, the only the metrics there is, I think a lot of work that we need to do in terms of classifying, descend type patterns, um, you know, back to you, Jeff, I think you're one of the cool offers of waterscrumfall as a, as, as a key pattern, the industry or anti-spatter. Um, but waterscrumfall right is a key one, right? And you will detect that through kind of a defect arrival rates. That's where that looks like an S-curve. And so I think it's beyond kind of the, the metrics is what do you do with those metrics? >>Right? I'll tell you a search. One of the things that is really interesting to me in that space is I think those of us had been in industry for a long time. We know the anti-patterns cause we've seen them in our career maybe in multiple times. And one of the things that I think you could see tooling do is perhaps provide some notification of anti-patterns based on the telemetry that comes in. I think it would be a really interesting place to apply, uh, machine learning and reinforcement learning techniques. Um, so hopefully something that we'd see in the future with dev ops tools, because, you know, as a manager that, that, you know, may be only a 10 year veteran or 15 year veteran, you may be seeing these anti-patterns for the first time. And it would sure be nice to know what to do, uh, when they start to pop up, >>That would right. Insight, always helpful. All right, guys, I would like to get your final thoughts on this. The one thing that you believe our audience really needs to be on the lookout for and to put on our agendas for the next 12 months, Jeff will go back to you. Okay. >>I would say look for the opportunities that this disruption presents. And there are a couple that I see, first of all, uh, as we shift to remote central working, uh, we're unlocking new pools of talent, uh, we're, it's possible to implement, uh, more geographic diversity. So, so look to that as part of your strategy. Number two, look for new types of tools. We've seen a lot of interest in usage of low-code tools to very quickly develop applications. That's potentially part of a mainstream strategy as we go into 2021. Finally, make sure that you embrace this idea that you are supporting creative workers that agile and dev ops are the peanut butter and chocolate to support creative, uh, workers with algorithmic capabilities, >>Peanut butter and chocolate Glen, where do we go from there? What are, what's the one silver bullet that you think folks to be on the lookout for now? I, I certainly agree that, um, low, low code is, uh, next year. We'll see much more low code we'd already started going, moving towards a more of a SAS based world, but low code also. Um, I think as well for me, um, we've still got one foot in the kind of cow camp. Um, you know, we'll be fully trying to explore what that means going into the next year and exploiting the capabilities of cloud. But I think the last, um, the last thing for me is how do you really instill quality throughout the kind of, um, the, the life cycle, um, where, when I heard the word scrum fall, it kind of made me shut it because I know that's a problem. That's where we're at with some of our things at the moment we need to get beyond that. We need >>To be releasing, um, changes more frequently into production and actually being a bit more brave and having the confidence to actually do more testing in production and go straight to production itself. So expect to see much more of that next year. Um, yeah. Thank you. I haven't got any food analogies. Unfortunately we all need some peanut butter and chocolate. All right. It starts to take us home. That's what's that nugget you think everyone needs to have on their agendas? >>That's interesting. Right. So a couple of days ago we had kind of a latest state of the DevOps report, right? And if you read through the report, it's all about the lost city, but it's all about sweet. We still are receiving DevOps as being all about speed. And so to me, the key advice is in order to create kind of a spiritual collocation in order to foster engagement, we have to go back to what is it we're trying to do collectively. We have to go back to tie everything to the business outcome. And so for me, it's absolutely imperative for organizations to start to plot their value streams, to understand how they're delivering value into aligning everything they do from a metrics to deliver it, to flow to those metrics. And only with that, I think, are we going to be able to actually start to really start to align kind of all these roles across the organizations and drive, not just speed, but business outcomes, >>All about business outcomes. I think you guys, the three of you could write a book together. So I'll give you that as food for thought. Thank you all so much for joining me today and our guests. I think this was an incredibly valuable fruitful conversation, and we appreciate all of you taking the time to spiritually co-located with us today, guys. Thank you. Thank you, Lisa. Thank you. Thank you for Jeff Hammond serves Lucio and Glen Martin. I'm Lisa Martin. Thank you for watching the broad cops Broadcom dev ops virtual forum.

(upbeat electronic music) >> Narrator: From theCUBE studios in Palo Alto and Boston, connecting with thought leaders all around the world, this is a CUBE conversation. >> Okay, hello everyone. I'm John Furrier with theCUBE. We're here with Meet the Analysts segment Sunday morning. We've got everyone around the world here to discuss a bit of the news around the EU killing the privacy deal, striking it down, among other topics around, you know, data privacy and global commerce. We got great guests here, Ray Wang, CEO of Constellation Research. Bill Mew, founder and CEO of Cyber Crisis Management from the Firm Crisis Team. And JD, CEO of Spearhead Management. JD, I can let you say your name because I really can't pronounce it. How do I (laughs) pronounce it, doctor? >> I wouldn't even try it unless you are Dutch, otherwise it will seriously hurt your throat. (Ray laughing) So, JD works perfect for me. >> Doctor Drooghaag. >> And Sarbjeet Johal, who's obviously an influencer, a cloud awesome native expert. Great, guys. Great to have you on, appreciate it, thanks for comin' on. And Bill, thank you for initiating this, I appreciate all your tweets. >> Happy Sunday. (Bill laughing) >> You guys have been really tweeting up a storm, I want to get everyone together, kind of as an analyst, Meet the Analyst segment. Let's go through with it. The news is the EU and U.S. Privacy Shield for data struck down by the court, that's the BBC headline. Variety of news, different perspectives, you've got an American perspective and you've got an international perspective. Bill, we'll start with you. What does this news mean? I mean, basically half the people in the world probably don't know what the Privacy Shield means, so why is this ruling so important, and why should it be discussed? >> Well, thanks to sharing between Europe and America, it's based on a two-way promise that when data goes from Europe to America, the Americans promise to respect our privacy, and when data goes form America to Europe, the Europeans promise to respect the American privacy. Unfortunately, there are big cultural differences between the two blocks. The Europeans have a massive orientation around privacy as a human right. And in the U.S., there's somewhat more of a prioritization on national security, and therefore for some time there's been a mismatch here, and it could be argued that the Americans haven't been living up to their promise because they've had various different laws, and look how much talk about FISA and the Cloud Act that actually contravene European privacy and are incompatible with the promise Americans have given. That promise, first of all, was in the form of a treaty called Safe Harbor. This went to court and was struck down. It was replaced by Privacy Shield, which was pretty much the same thing really, and that has recently been to the court as well, and that has been struck down. There now is no other means of legally sharing data between Europe and America other than what are being called standard contractual clauses. This isn't a broad treaty between two nations, these are drawn by each individual country. But also in the ruling, they said that standard contractual clauses could not be used by any companies that were subject to mass surveillance. And actually in the U.S., the FISA courts enforce a level of mass surveillance through all of the major IT firms, of all major U.S. telcos, cloud firms, or indeed, social media firms. So, this means that for all of the companies out there and their clients, business should be carrying on as usual apart from if you're one of those major U.S. IT firms, or one of their clients. >> So, why did this come about? Was there like a major incident? Why now, was it in the court, stuck in the courts? Were people bitchin' and moanin' about it? Why did this go down, what's the real issue? >> For those of us who have been following this attentively, things have been getting more and more precarious for a number of years now. We've had a situation where there are different measures being taken in the U.S., that have continued to erode the different protections that there were for Europeans. FISA is an example that I've given, and that is the sort of secret courts and secret warrants that are issued to seize data without anyone's knowledge. There's the Cloud Act, which is a sort of extrajudicial law that means that warrants can be served in America to U.S. organizations, and they have to hand over data wherever that data resides, anywhere in the world. So, data could exist on a European server, if it was under the control of an American company, they'd have to hand that over. So, whilst FISA is in direct conflict with the promises that the Americans made, things like the Cloud Act are not only in controversion with the promise they've made, there's conflicting law here, because if you're a U.S. subsidiary of a big U.S. firm, and you're based in Europe, who do you obey, the European law that says you can't hand it over because of GDPR, or the American laws that says they've got extrajudicial control, and that you've got to hand it over. So, it's made things a complete mess. And to say has this stuff, hasn't really happened? No, there's been a gradual erosion, and this has been going through the courts for a number of years. And many of us have seen it coming, and now it just hit us. >> So, if I get you right in what you're saying, it's basically all this mishmash of different laws, and there's no coherency, and consistency, is that the core issue? >> On the European side you could argue there's quite a lot of consistency, because we uphold people's privacy, in theory. But there have been incidents which we could talk about with that, but in theory, we hold your rights dear, and also the rights of Europeans, so everyone's data should be safe here from the sort of mass surveillance we're seeing. In the U.S., there's more of a direct conflict between everything, including there's been a, in his first week in the White House, Donald Trump signed an executive order saying that the Privacy Act in the U.S., which had been the main protection for people in the U.S., no longer applied to non-U.S. citizens. Which was, if you wanted try and cause a storm, and if you wanted to try and undermine the treaty, there's no better way of doing it than that. >> A lot of ways, Ray, I mean simplify this for me, because I'm a startup, I'm hustlin', or I'm a big company, I don't even know who runs the servers anymore, and I've got data stored in multiple clouds, I got in regions, and Oracle just announced more regions, you got Amazon, a gazillion regions, I could be on-premise. I mean bottom line, what is this about? I mean, and -- >> Bill's right, I mean when Max Schrems, the Austrian. Bill's right, when Max Schrems the Austrian activist actually filed his case against Facebook for where data was being stored, data residency wasn't as popular. And you know, what it means for companies that are in the cloud is that you have to make sure your data's being stored in the region, and following those specific region rules, you can't skirt those rules anymore. And I think the cloud companies know that this has been coming for some time, and that's why there's been announced in a lot of regions, a lot of areas that are actually happening, so I think that's the important part. But going back to Bill's earlier point, which is important, is America is basically the Canary Islands of privacy, right? Privacy is there, but it isn't there in a very, very explicit sense, and I think we've been skirting the rules for quite some time, because a lot of our economy depends on that data, and the marketing of the data. And so we often confuse privacy with consent, and also with value exchange, and I think that's part of the problem of what's going on here. Companies that have been building their business models on free data, free private data, free personally identifiable data information are the ones that are at risk! And I think that's what's going on here. >> It's the classic Facebook issue, you're the product, and the data is your product. Well, I want to get into what this means, 'cause my personal take away, not knowing the specifics, and just following say, cyber security for instance, one of the tenets there is that data sharing is an invaluable, important ethos in the community. Now, everyone has their own privacy, or security data, they don't want to let everyone know about their exploits but, but it's well known in the security world that sharing data with each other, different companies and countries is actually a good thing. So, the question that comes in my mind, is this really about data sharing or data privacy, or both? >> I think it's about both. And actually what the ruling is saying here is, all we're asking from the European side is please stop spying on us and please give us a level of equal protection that you give to your own citizens. Because data comes from America to Europe, whatever that data belongs to, a U.S. citizen or a European citizen, it's given equal protection. It is only if data goes in the other direction, where you have secret courts, secret warrants, seizure of data on this massive scale, and also a level of lack of equivalence that has been imposed. And we're just asking that once you've sorted out a few of those things, we'd say everything's back on the table, away we go again! >> Why don't we merge the EU with the United States? Wouldn't that solve the problem? (Bill laughing) >> We just left Europe! (laughs heartily) >> Actually I always -- >> A hostile takeover of the UK maybe, the 52nd state. (Bill laughing loudly) >> I always pick on Bill, like Bill, you got all screaming loud and clear about all these concerns, but UKs trying to get out of that economic union. It is a union at the end of the day, and I think the problem is the institutional mismatch between the EU and U.S., U.S. is old democracy, bigger country, population wise, bigger economy. Whereas Europe is several countries trying to put together, band together as one entity, and the institutions are new, like you know, they're 15 years old, right? They're maturing. I think that's where the big mismatch is and -- >> Well, Ray, I want to get your thoughts on this, Ray wrote a book, I forget what year it was, this digital disruption, basically it was digital transformation before it was actually a trend. I mean to me it's like, do you do the process first and then figure out where the value extraction is, and this may be a Silicon Valley or an American thing, but go create value, then figure out how to create process or understand regulations. So, if data and entrepreneurship is going to be a new modern era of value, why wouldn't we want to create a rule based system that's open and enabling, and not restrictive? >> So, that's a great point, right? And the innovation culture means you go do it first, and you figure out the rules later, and that's been a very American way of getting things done, and very Silicon Valley in our perspective, not everyone, but I think in general that's kind of the trend. I think the challenge here is that we are trading privacy for security, privacy for convenience, privacy for personalization, right? And on the security level, it's a very different conversation than what it is on the consumer end, you know, personalization side. On the security side I think most Americans are okay with a little bit of "spying," at least on your own side, you know, to keep the country safe. We're not okay with a China level type of spying, which we're not sure exactly what that means or what's enforceable in the courts. We look like China to the Europeans in the way we treat privacy, and I think that's the perspective we need to understand because Europeans are very explicit about how privacy is being protected. And so this really comes back to a point where we actually have to get to a consent model on privacy, as to knowing what data is being shared, you have the right to say no, and when you have the right to say no. And then if you have a value exchange on that data, then it's really like sometimes it's monetary, sometimes it's non-monetary, sometimes there's other areas around consensus where you can actually put that into place. And I think that's what's missing at this point, saying, you know, "Do we pay for your data? Do we explicitly get your consent first before we use it?" And we haven't had that in place, and I think that's where we're headed towards. And you know sometimes we actually say privacy should be a human right, it is in the UN Charter, but we haven't figured out how to enforce it or talk about it in the digital age. And so I think that's the challenge. >> Okay, people, until they lose it, they don't really understand what it means. I mean, look at Americans. I have to say that we're idiots on this front, (Bill chuckling) but you know, the thing is most people don't even understand how much value's getting sucked out of their digital exhaust. Like, our kids, TikTok and whatnot. So I mean, I get that, I think there's some, there's going to be blow back for America for sure. I just worry it's going to increase the cost of doing business, and take away from the innovation for citizen value, the people, because at the end of the day, it's for the people right? I mean, at the end of the day it's like, what's my privacy mean if I lose value? >> Even before we start talking about the value of the data and the innovation that we can do through data use, you have to understand the European perspective here. For the European there's a level of double standards and an erosion of trust. There's double standards in the fact that in California you have new privacy regulations that are slightly different to GDPR, but they're very much GDPR like. And if the boot was on the other foot, to say if we were spying on Californians and looking at their personal data, and contravening CCPA, the Californians would be up in arms! Likewise if we having promised to have a level of equality, had enacted a local rule in Europe that said that when data from America's over here, actually the privacy of Americans counts for nothing, we're only going to prioritize the privacy of Europeans. Again, the Americans would be up in arms! And therefore you can see that there are real double standards here that are a massive issue, and until those addressed, we're not going to trust the Americans. And likewise, the very fact that on a number of occasions Americans have signed up to treaties and promised to protect our data as they did with Safe Harbor, as they did with Privacy Shield, and then have blatantly, blatantly failed to do so means that actually to get back to even a level playing field, where we were, you have a great deal of trust to overcome! And the thing from the perspective of the big IT firms, they've seen this coming for a long time, as Ray was saying, and they sought to try and have a presence in Europe and other things. But the way this ruling has gone is that, I'm sorry, that isn't going to be sufficient! These big IT firms based in the U.S. that have been happy to hand over data, well some of them maybe more happy than others, but they all need to hand over data to the NSA or the CIA. They've been doing this for some time now without actually respecting this data privacy agreement that has existed between the two trading blocks. And now they've been called out, and the position now is that the U.S. is no longer trusted, and neither are any of these large American technology firms. And until the snooping stops and equality is introduced, they can now no longer, even from their European operations, they can no longer use standard contractual clauses to transfer data, which is going to be a massive restriction on their business. And if they had any sense, they'd be lobbying very, very hard right now to the Senate, to the House, to try and persuade U.S. lawmakers actually to stick to some these treaties! To stop introducing really mad laws that ride roughshod over other people's privacy, and have a certain amount of respect. >> Let's let JD weigh in, 'cause he just got in, sorry on the video, I made him back on a host 'cause he dropped off. Just, Bill, real quick, I mean I think it's like when, you know, I go to Europe there's the line for Americans, there's the line for EU. Or EU and everybody else. I mean we might be there, but ultimately this has to be solved. So, JD, I want to let you weigh in, Germany has been at the beginning forefront of privacy, and they've been hardcore, and how's this all playing out in your perspective? >> Well, the first thing that we have to understand is that in Germany, there is a very strong law for regulation. Germans panic as soon as they know regulation, so they need to understand what am I allowed to do, and what am I not allowed to do. And they expect the same from the others. For the record I'm not German, but I live in Germany for some 20 years, so I got a bit of a feeling for them. And that sense of need for regulation has spread very fast throughout the European Union, because most of the European member states of the European Union consider this, that it makes sense, and then we found that Britain had already a very good framework for privacy, so GDPR itself is very largely based on what the United Kingdom already had in place with their privacy act. Moving forward, we try to find agreement and consensus with other countries, especially the United States because that's where most of the tech providers are, only to find out, and that is where it started to go really, really bad, 2014, when the mass production by Edward Snowden came out, to find out it's not data from citizens, it's surveillance programs which include companies. I joined a purchasing conference a few weeks ago where the purchase of a large European multinational, where the purchasing director explicitly stated that usage of U.S. based tech providers for sensitive data is prohibited as a result of them finding out that they have been under surveillance. So, it's not just the citizens, there's mass -- >> There you have it, guys! We did trust you! We did have agreements there that you could have abided by, but you chose not to, you chose to abuse our trust! And you're now in a position where you are no longer trusted, and unless you can lobby your own elected representatives to actually recreate a level playing field, we're not going to continue trusting you. >> So, I think really I -- >> Well I mean that, you know, innovation has to come from somewhere, and you know, has to come from America if that's the case, you guys have to get on board, right? Is that what it -- >> Innovation without trust? >> Is that the perspective? >> I don't think it's a country thing, I mean like, it's not you or them, I think everybody -- >> I'm just bustin' Bill's chops there. >> No, but I think everybody, everybody is looking for what the privacy rules are, and that's important. And you can have that innovation with consent, and I think that's really where we're going to get to. And this is why I keep pushing that issue. I mean, privacy should be a fundamental right, and how you get paid for that privacy is interesting, or how you get compensated for that privacy if you know what the explicit value exchange is. What you're talking about here is the surveillance that's going on by companies, which shouldn't be happening, right? That shouldn't be happening at the company level. At the government level I can understand that that is happening, and I think those are treaties that the governments have to agree upon as to how much they're going to impinge on our personal privacy for the trade off for security, and I don't think they've had those discussions either. Or they decided and didn't tell any of their citizens, and I think that's probably more likely the case. >> I mean, I think what's happening here, Bill, you guys were pointing out, and Ray, you articulated there on the other side, and my kind of colorful joke aside, is that we're living a first generation modern sociology problem. I mean, this is a policy challenge that extends across multiple industries, cyber security, citizen's rights, geopolitical. I mean when would look, and even when we were doing CUBE events overseas in Europe, in North American companies we'd call it abroad, we'd just recycle the American program, and we found there's so much localization value. So, Ray, this is the digital disruption, it's the virtualization of physical for digital worlds, and it's a lot of network theory, which is computer science, a lot of sociology. This is a modern challenge, and I don't think it so much has a silver bullet, it's just that we need smart people working on this. That's my take away! >> I think we can describe the ideal endpoint being somewhere we have meaningful protection alongside the maximization of economic and social value through innovation. So, that should be what we would all agree would be the ideal endpoint. But we need both, we need meaningful protection, and we need the maximization of economic and social value through innovation! >> Can I add another axis? Another axis, security as well. >> Well, I could -- >> I put meaningful protection as becoming both security and privacy. >> Well, I'll speak for the American perspective here, and I won't speak, 'cause I'm not the President of the United States, but I will say as someone who's been from Silicon Valley and the east coast as a technical person, not a political person, our lawmakers are idiots when it comes to tech, just generally. (Ray laughing) They're not really -- (Bill laughing loudly) >> They really don't understand. They really don't understand the tech at all! >> So, the problem is -- >> I'm not claiming ours are a great deal better. (laughs) >> Well, this is why I think this is a modern problem. Like, the young people I talk to are like, "Why do we have this rules?" They're all lawyers that got into these positions of Congress on the American side, and so with the American JEDI Contract you guys have been following very closely is, it's been like the old school Oracle, IBM, and then Amazon is leading with an innovative solution, and Microsoft has come in and re-pivoted. And so what you have is a fight for the digital future of citizenship! And I think what's happening is that we're in a massive societal transition, where the people in charge don't know what the hell they're talkin' about, technically. And they don't know who to tap to solve the problems, or even shape or frame the problems. Now, there's pockets of people that are workin' on it, but to me as someone who looks at this saying, it's a pretty simple solution, no one's ever seen this before. So, there's a metaphor you can draw, but it's a completely different problem space because it's, this is all digital, data's involved. >> We've got a lobbyists out there, and we've got some tech firms spending an enormous amount of lobbying. If those lobbyists aren't trying to steer their representatives in the right direction to come up with law that aren't going to massively undermine trade and data sharing between Europe and America, then they're making a big mistake, because we got here through some really dumb lawmaking in the U.S., I mean, there are none of the laws in Europe that are a problem here. 'Cause GDPR isn't a great difference, a great deal different from some of the laws that we have already in California and elsewhere. >> Bill, Bill. >> The laws that are at issue here -- >> Bill, Bill! You have to like, back up a little bit from that rhetoric that EU is perfect and U.S. is not, that's not true actually. >> I'm not saying we're perfect! >> No, no, you say that all the time. >> But I'm saying there's a massive lack of innovation. Yeah, yeah. >> I don't, I've never said it! >> Arm wrestle! >> Yes, yes. >> When I'm being critical of some of the dumb laws in the U.S, (Sarbjeet laughing) I'm not saying Europe is perfect. What we're trying to say is that in this particular instance, I said there was an equal balance here between meaningful protection and the maximization of economic and social value. On the meaningful protection side, America's got it very wrong in terms of the meaningful protection it provides to civil European data. On the maximization of economic and social value, I think Europe's got it wrong. I think there are a lot of things we could do in Europe to actually have far more innovation. >> Yeah. >> It's a cultural issue. The Germans want rules, that's what they crave for. America's the other way, we don't want rules, I mean, pretty much is a rebel society. And that's kind of the ethos of most tech companies. But I think you know, to me the media, there's two things that go on with this tech business. The company's themselves have to be checked by say, government, and I believe in not a lot of regulation, but enough to check the power of bad actors. Media so called "checking power", both of these major roles, they don't really know what they're talking about, and this is back to the education piece. The people who are in the media so called "checking power" and the government checking power assume that the companies are bad. Right, so yeah, because eight out of ten companies like Amazon, actually try to do good things. If you don't know what good is, you don't really, (laughs) you know, you're in the wrong game. So, I think media and government have a huge education opportunity to look at this because they don't even know what they're measuring. >> I support the level of innovation -- >> I think we're unreeling from the globalization. Like, we are undoing the globalization, and that these are the side effects, these conflicts are a side effect of that. >> Yeah, so all I'm saying is I support the focus on innovation in America, and that has driven an enormous amount of wealth and value. What I'm questioning here is do you really need to spy on us, your allies, in order to help that innovation? And I'm starting to, I mean, do you need mass surveillance of your allies? I mean, I can see you may want to have some surveillance of people who are a threat to you, but wait, guys, we're meant to be on your side, and you haven't been treating our privacy with a great deal of respect! >> You know, Saudi Arabia was our ally. You know, 9/11 happened because of them, their people, right? There is no ally here, and there is no enemy, in a way. We don't know where the rogue actors are sitting, like they don't know, they can be within the walls -- >> It's well understood I think, I agree, sorry. it's well understood that nation states are enabling terrorist groups to take out cyber attacks. That's well known, the source enables it. So, I think there's the privacy versus -- >> I'm not sure it's true in your case that it's Europeans that's doing this though. >> No, no, well you know, they share -- >> I'm a former officer in the Royal Navy, I've stood shoulder to shoulder with my U.S. counterparts. I put my life on the line on NATO exercises in real war zones, and I'm now a disabled ex-serviceman as a result of that. I mean, if I put my line on the line shoulder to shoulder with Americans, why is my privacy not respected? >> Hold on -- >> I feel it's, I was going to say actually that it's not that, like even the U.S., right? Part of the spying internally is we have internal actors that are behaving poorly. >> Yeah. >> Right, we have Marxist organizations posing as, you know, whatever it is, I'll leave it at that. But my point being is we've got a lot of that, every country has that, every country has actors and citizens and people in the system that are destined to try to overthrow the system. And I think that's what that surveillance is about. The question is, we don't have treaties, or we didn't have your explicit agreements. And that's why I'm pushing really hard here, like, they're separating privacy versus security, which is the national security, and privacy versus us as citizens in terms of our data being basically taken over for free, being used for free. >> John: I agree with that. >> That I think we have some agreement on. I just think that our governments haven't really had that conversation about what surveillance means. Maybe someone agreed and said, "Okay, that's fine. You guys can go do that, we won't tell anybody." And that's what it feels like. And I don't think we deliberately are saying, "Hey, we wanted to spy on your citizens." I think someone said, "Hey, there's a benefit here too." Otherwise I don't think the EU would have let this happen for that long unless Max had made that case and started this ball rolling, so, and Edward Snowden and other folks. >> Yeah, and I totally support the need for security. >> I want to enter the -- >> I mean we need to, where there are domestic terrorists, we need to stop them, and we need to have local action in UK to stop it happening here, and in America to stop it happening there. But if we're doing that, there is absolutely no need for the Americans to be spying on us. And there's absolutely no need for the Americans to say that privacy applies to U.S. citizens only, and not to Europeans, these are daft, it's just daft! >> That's a fair point. I'm sure GCHQ and everyone else has this covered, I mean I'm sure they do. (laughs) >> Oh, Bill, I know, I've been involved, I've been involved, and I know for a fact the U.S. and the UK are discussing I know a company called IronNet, which is run by General Keith Alexander, funded by C5 Capital. There's a lot of collaboration, because again, they're tryin' to get their arms around how to frame it. And they all agree that sharing data for the security side is super important, right? And I think IronNet has this thing called Iron Dome, which is essentially like they're saying, hey, we'll just consistency around the rules of shared data, and we can both, everyone can have their own little data. So, I think there's recognition at the highest levels of some smart people on both countries. (laughs) "Hey, let's work together!" The issue I have is just policy, and I think there's a lot of clustering going on. Clustered here around just getting out of their own way. That's my take on that. >> Are we a PG show? Wait, are we a PG show? I just got to remember that. (laughs) (Bill laughing) >> It's the internet, there's no regulation, there's no rules! >> There's no regulation! >> The European rules or is it the American rules? (Ray laughing) >> I would like to jump back quickly to the purpose of the surveillance, and especially when mass surveillance is done under the cover of national security and terror prevention. I worked with five clients in the past decade who all have been targeted under mass surveillance, which was revealed by Edward Snowden, and when they did their own investigation, and partially was confirmed by Edward Snowden in person, they found out that their purchasing department, their engineering department, big parts of their pricing data was targeted in mass surveillance. There's no way that anyone can explain me that that has anything to do with preventing terror attacks, or finding the bad guys. That is economical espionage, you cannot call it in any other way. And that was authorized by the same legislation that authorizes the surveillance for the right purposes. I'm all for fighting terror, and anything that can help us prevent terror from happening, I would be the first person to welcome it. But I do not welcome when that regulation is abused for a lot of other things under the cover of national interest. I understand -- >> Back to the lawmakers again. And again, America's been victim to the Chinese some of the individual properties, well documented, well known in tech circles. >> Yeah, but just 'cause the Chinese have targeted you doesn't give you free right to target us. >> I'm not saying that, but its abuse of power -- >> If the U.S. can sort out a little bit of reform, in the Senate and the House, I think that would go a long way to solving the issues that Europeans have right now, and a long way to sort of reaching a far better place from which we can all innovate and cooperate. >> Here's the challenge that I see. If you want to be instrumenting everything, you need a closed society, because if you have a free country like America and the UK, a democracy, you're open. If you're open, you can't stop everything, right? So, there has to be a trust, to your point, Bill. As to me that I'm just, I just can't get my arms around that idea of complete lockdown and data surveillance because I don't think it's gettable in the United States, like it's a free world, it's like, open. It should be open. But here we've got the grids, and we've got the critical infrastructure that should be protected. So, that's one hand. I just can't get around that, 'cause once you start getting to locking down stuff and measuring everything, that's just a series of walled gardens. >> So, to JD's point on the procurement data and pricing data, I have been involved in some of those kind of operations, and I think it's financial espionage that they're looking at, financial security, trying to figure out a way to track down capital flows and what was purchased. I hope that was it in your client's case, but I think it's trying to figure out where the money flow is going, more so than trying to understand the pricing data from competitive purposes. If it is the latter, where they're stealing the competitive information on pricing, and data's getting back to a competitor, that is definitely a no-no! But if it's really to figure out where the money trail went, which is what I think most of those financial analysts are doing, especially in the CIA, or in the FBI, that's really what that probably would have been. >> Yeah, I don't think that the CIA is selling the data to your competitors, as a company, to Microsoft or to Google, they're not selling it to each other, right? They're not giving it to each other, right? So, I think the one big problem I studied with FISA is that they get the data, but how long they can keep the data and how long they can mine the data. So, they should use that data as exhaust. Means like, they use it and just throw it away. But they don't, they keep mining that data at a later date, and FISA is only good for five years. Like, I learned that every five years we revisit that, and that's what happened this time, that we renewed it for six years this time, not five, for some reason one extra year. So, I think we revisit all these laws -- >> Could be an election cycle. >> Huh? >> Could be an election cycle maybe. (laughs) >> Yes, exactly! So, we revisit all these laws with Congress and Senate here periodically just to make sure that they are up to date, and that they're not infringing on human rights, or citizen's rights, or stuff like that. >> When you say you update to check they're not conflicting with anything, did you not support that it was conflicting with Privacy Shield and some of the promises you made to Europeans? At what point did that fail to become obvious? >> It does, because there's heightened urgency. Every big incident happens, 9/11 caused a lot of new sort of like regulations and laws coming into the picture. And then the last time, that the Russian interference in our election, that created some sort of heightened urgency. Like, "We need to do something guys here, like if some country can topple our elections, right, that's not acceptable." So, yeah -- >> And what was it that your allies did that caused you to spy on us and to downgrade our privacy? >> I'm not expert on the political systems here. I think our allies are, okay, loose on their, okay, I call it village politics. Like, world is like a village. Like it's so only few countries, it's not millions of countries, right? That's how I see it, a city versus a village, and that's how I see the countries, like village politics. Like there are two camps, like there's Russia and China camp, and then there's U.S. camp on the other side. Like, we used to have Russia and U.S., two forces, big guys, and they managed the whole world balance somehow, right? Like some people with one camp, the other with the other, right? That's how they used to work. Now that Russia has gone, hold on, let me finish, let me finish. >> Yeah. >> Russia's gone, there's this void, right? And China's trying to fill the void. Chinese are not like, acting diplomatic enough to fill that void, and there's, it's all like we're on this imbalance, I believe. And then Russia becomes a rogue actor kind of in a way, that's how I see it, and then they are funding all these bad people. You see that all along, like what happened in the Middle East and all that stuff. >> You said there are different camps. We thought we were in your camp! We didn't expect to be spied on by you, or to have our rights downgraded by you. >> No, I understand but -- >> We thought we were on your side! >> But, but you have to guys to trust us also, like in a village. Let me tell you, I come from a village, that's why I use the villager as a hashtag in my twitter also. Like in village, there are usually one or two families which keep the village intact, that's our roles. >> Right. >> Like, I don't know if you have lived in a village or not -- >> Well, Bill, you're making some great statements. Where's the evidence on the surveillance, where can people find more information on this? Can you share? >> I think there's plenty of evidence, and I can send some stuff on, and I'm a little bit shocked given the awareness of the FISA Act, the Cloud Act, the fact that these things are in existence and they're not exactly unknown. And many people have been complaining about them for years. I mean, we've had Safe Harbor overturned, we've had Privacy Shield overturned, and these weren't just on a whim! >> Yeah, what does JD have in his hand? I want to know. >> The Edward Snowden book! (laughs) >> By Edward Snowden, which gives you plenty. But it wasn't enough, and it's something that we have to keep in mind, because we can always claim that whatever Edward Snowden wrote, that he made it up. Every publication by Edward Snowden is an avalanche of technical confirmation. One of the things that he described about the Cisco switches, which Bill prefers to quote every time, which is a proven case, there were bundles of researchers saying, "I told you guys!" Nobody paid attention to those researchers, and Edward Snowden was smart enough to get the mass media representation in there. But there's one thing, a question I have for Sabjeet, because in the two parties strategy, it is interesting that you always take out the European Union as part. And the European Union is a big player, and it will continue to grow. It has a growing amount of trade agreements with a growing amount of countries, and I still hope, and I think think Bill -- >> Well, I think the number of countries is reducing, you've just lost one! >> Only one. (Bill laughing loudly) Actually though, those are four countries under one kingdom, but that's another point. (Bill chortling heartily) >> Guys, final topic, 5G impact, 'cause you mentioned Cisco, couldn't help think about -- >> Let me finish please my question, John. >> Okay, go ahead. How would you the United States respond if the European Union would now legalize to spy on everybody and every company, and every governmental institution within the United States and say, "No, no, it's our privilege, we need that." How would the United States respond? >> You can try that and see economically what happens to you, that's how the village politics work, you have to listen to the mightier than you, and we are economically mightier, that's the fact. Actually it's hard to swallow fact for, even for anybody else. >> If you guys built a great app, I would use it, and surveil all you want. >> Yeah, but so this is going to be driven by the economics. (John laughing) But the -- >> That's exactly what John said. >> This is going to be driven by the economics here. The big U.S. cloud firms are got to find this ruling enormously difficult for them, and they are inevitably going to lobby for a level of reform. And I think a level of a reform is needed. Nobody on your side is actually arguing very vociferously that the Cloud Act and the discrimination against Europeans is actually a particularly good idea. The problem is that once you've done the reform, are we going to believe you when you say, "Oh, it's all good now, we've stopped it!" Because with Crypto AG scandal in Switzerland you weren't exactly honest about what you were doing. With the FISA courts, so I mean FISA secret courts, the secret warrants, how do we know and what proof can we have that you've stopped doing all these bad things? And I think one of the challenges, A, going to be the reform, and then B, got to be able to show that you actually got your act together and you're now clean. And until you can solve those two, many of your big tech companies are going to be at a competitive disadvantage, and they're going to be screaming for this reform. >> Well, I think that, you know, General Mattis said in his book about Trump and the United states, is that you need alliances, and I think your point about trust and executing together, without alliances, it really doesn't work. So, unless there's some sort of real alliance, (laughs) like understanding that there's going to be some teamwork here, (Bill laughing) I don't think it's going to go anywhere. So, otherwise it'll continue to be siloed and network based, right? So to the village point, if TikTok can become a massively successful app, and they're surveilling, so and then we have to decide that we're going to put up with that, I mean, that's not my decision, but that's what's goin' on here. It's like, what is TikTok, is it good or bad? Amazon sent out an email, and they've retracted it, that's because it went public. I guarantee you that they're talkin' about that at Amazon, like, "Why would we want infiltration by the Chinese?" And I'm speculating, I have no data, I'm just saying, you know. They email those out, then they pull it back, "Oh, we didn't mean to send that." Really, hmm? (laughs) You know, so this kind of -- >> But the TRA Balin's good, you always want to get TRA Balin out there. >> Yeah, exactly. There's some spying going on! So, this is the reality. >> So, John, you were talking about 5G, and I think you know, the role of 5G, you know, the battle between Cisco and Huawei, you just have to look at it this way, would you rather have the U.S. spy on you, or would you rather have China? And that's really your binary choice at this moment. And you know both is happening, and so the question is which one is better. Like, the one that you're in alliance with? The one that you're not in alliance with, the one that wants to bury you, and decimate your country, and steal all your secrets and then commercialize 'em? Or the one kind of does it, but doesn't really do it explicitly? So, you've got to choose. (laughs) >> It's supposed to be -- >> Or you can say no, we're going to create our own standard for 5G and kick both out, that's an option. >> It's probably not as straightforward a question as, or an answer to that question as you say, because if we were to fast-forward 50 years, I would argue that China is going to be the largest trading nation in the world. I believe that China is going to have the upper hand on many of these technologies, and therefore why would we not want to use some of their innovation, some of their technology, why would we not actually be more orientated around trading with them than we might be with the U.S.? I think the U.S. is throwing its weight around at this moment in time, but if we were to fast-forward I think looking in the longterm, if I had to put my money on Huawei or some of its competitors, I think given its level of investments in research and whatever, I think the better longterm bet is Huawei. >> No, no, actually you guys need to pick a camp. It's a village again. You have to pick a camp, you can't be with both guys. >> Global village. >> Oh, right, so we have to go with the guys that have been spying on us? >> How do you know the Chinese haven't been spying on you? (Ray and John laughing loudly) >> I think I'm very happy, you find a backdoor in the Huawei equipment and you show it to us, we'll take them to task on it. But don't start bullying us into making decisions based on what-ifs. >> I don't think I'm, I'm not qualified to represent the U.S., but what we would want to say is that if you look at the dynamics of what's going on, China, we've been studying that as well in terms of the geopolitical aspects of what happens in technology, they have to do what they're doing right now. Because in 20 years our population dynamics go like this, right? You've got the one child policy, and they won't have the ability to go out and fight for those same resources where they are, so what they're doing makes sense from a country perspective and country policy. But I think they're going to look like Japan in 20 years, right? Because the xenophobia, the lack of immigration, the lack of inside stuff coming in, an aging population. I mean, those are all factors that slow down your economy in the long run. And the lack of bringing new people in for ideas, I mean that's part of it, they're a closed system. And so I think the longterm dynamics of every closed system is that they tend to fail versus open systems. So, I'm not sure, they may have better technology along the way. But I think a lot of us are probably in the camp now thinking that we're not going to aid and abet them, in that sense to get there. >> You're competing a country with a company, I didn't say that China had necessarily everything rosy in its future, it'll be a bigger economy, and it'll be a bigger trading partner, but it's got its problems, the one child policy and the repercussions of that. But that is not one of the things, Huawei, I think Huawei's a massively unlimited company that has got a massive lead, certainly in 5G technology, and may continue to maintain a lead into 6G and beyond. >> Oh yeah, yeah, Huawei's done a great job on the 5G side, and I don't disagree with that. And they're ahead in many aspects compared to the U.S., and they're already working on the 6G technologies as well, and the roll outs have been further ahead. So, that's definitely -- >> And they've got a great backer too, the financer, the country China. Okay guys, (Ray laughing) let's wrap up the segment. Thanks for everyone's time. Final thoughts, just each of you on this core issue of the news that we discussed and the impact that was the conversation. What's the core issue? What should people think about? What's your solution? What's your opinion of how this plays out? Just final statements. We'll start with Bill, Ray, Sarbjeet and JD. >> All I'm going to ask you is stop spying on us, treat us equally, treat us like the allies that we are, and then I think we've got to a bright future together! >> John: Ray? >> I would say that Bill's right in that aspect in terms of how security agreements work, I think that we've needed to be more explicit about those. I can't represent the U.S. government, but I think the larger issue is really how do we view privacy, and how we do trade offs between security and convenience, and you know, what's required for personalization, and companies that are built on data. So, the sooner we get to those kind of rules, an understanding of what's possible, what's a consensus between different countries and companies, I think the better off we will all be a society. >> Yeah, I believe the most important kind of independence is the economic independence. Like, economically sound parties dictate the terms, that's what U.S. is doing. And the smaller countries have to live with it or pick the other bigger player, number two in this case is China. John said earlier, I think, also what JD said is the fine balance between national security and the privacy. You can't have, you have to strike that balance, because the rogue actors are sitting in your country, and across the boundaries of the countries, right? So, it's not that FISA is being fought by Europeans only. Our internal people are fighting that too, like how when you are mining our data, like what are you using it for? Like, I get concerned too, when you can use that data against me, that you have some data against me, right? So, I think it's the fine balance between security and privacy, we have to strike that. Awesome. JD? I'll include a little fake check, fact check, at the moment China is the largest economy, the European Union is the second largest economy, followed directly by the USA, it's a very small difference, and I recommend that these two big parties behind the largest economy start to collaborate and start to do that eye to eye, because if you want to balance the economical and manufacturing power of China, you cannot do that as being number two and number three. You have to join up forces, and that starts with sticking with the treaties that you signed, and that has not happened in the past, almost four years. So, let's go back to the table, let's work on rules where from both sides the rights and the privileges are properly reflected, and then do the most important thing, stick to them! >> Yep, I think that's awesome. I think I would say that these young kids in high school and college, they need to come up and solve the problems, this is going to be a new generational shift where the geopolitical landscape will change radically, you mentioned the top three there. And new alliances, new kinds of re-imagination has to be there, and from America's standpoint I'll just say that I'd like to see lawmakers have, instead of a LinkedIn handle, a GitHub handle. You know, when they all go out on campaign talk about what code they've written. So, I think having a technical background or some sort of knowledge of computer science and how the internet works with sociology and societal impact will be critical for our citizenships to advance. So, you know rather a lawyer, right so? (laughs) Maybe get some law involved in that, I mean the critical lawyers, but today most people are lawyers in American politics, but show me a GitHub handle of that congressman, that senator, I'd be impressed. So, that's what we need. >> Thanks, good night! >> Ray, you want to say something? >> I wanted to say something, because I thought the U.S. economy was 21 trillion, the EU is sittin' at about 16, and China was sitting about 14, but okay, I don't know. >> You need to do math man. >> Hey, we went over our 30 minutes time, we can do an hour with you guys, so you're still good. (laughs) >> Can't take anymore. >> No go on, get in there, go at it when you've got something to say. >> I don't think it's immaterial the exact size of the economy, I think that we're better off collaborating on even and fair terms, we are -- >> We're all better off collaborating. >> Yeah. >> Gentlemen -- >> But the collaboration has to be on equal and fair terms, you know. (laughs) >> How do you define fair, good point. Fair and balanced, you know, we've got the new -- >> We did define fair, we struck a treaty! We absolutely defined it, absolutely! >> Yeah. >> And then one side didn't stick to it. >> We will leave it right there, and we'll follow up (Bill laughing) in a later conversation. Gentlemen, you guys are good. Thank you. (relaxing electronic music)

>> Announcer: From around the globe, it's theCUBE with digital coverage of DockerCon Live 2020. Brought to you by Docker and its ecosystem partners. >> Okay Jenny, great to see you again. >> Good to see you. >> James Governor, nail on the Keynote there. Chat was phenomenal. That was pre-recorded but James is also in the chat stream. A lot of good conversations. That hit home for me that keynote. One, because memory lane was going down right into the 80s when it was a revolution. And we got him in the green room here. James Governor, welcome. >> James is here, hi James. >> Here we go. >> Fresh off the keynote. >> It's always a revolution. (John laughs) >> Well, in the 80s, I used to love your talk. A couple of key points I want to share and get your thoughts on was just to some highlights for the crowd is one, you walk through. Some of the key inflection points that I think were instrumental and probably some other ones depending on your perspective of where you were in the industry at that time. Whether you were a systems programmer or a networking guy, there was a proprietary world and it was a revolution back then. And UNIX was owned by AT&T if no one remembers. You couldn't even use the word. You had to trade market. So we actually had to call it XINU which is UNIX spelled backwards in all the text and whatnot. And even open source software freeware was kind of illegal. MIT did some work, Northeastern and Berkeley and other schools. It was radical back then so-- >> Yeah, we've come a long way for sure. I think that for me that was one of the things that I wanted to really point to in the keynote was that yes we have definitely come a long way and development culture is about open culture. >> I think the thing that I like to point out especially hate to sound like I'm old but I am. But I lived through that and the younger generation coming and have all these new tools. And I got to say not that I walked through to school in the snow with no shoes on but it's a pretty cool developer environment now. But remember things were proprietary back then. If you start to see the tea leaves now, I look at the world, you see these silos. You see silos that's kind of, they're not nestle proprietary but they might necessarily be open. So you kind of have a glimpse of open source on these projects and these companies. Whether they're tech companies, it feels open but it might not be. It could be walled garden. It could be data being hoarded. So as data opens up, this is interesting to me because I want to get your thoughts on this because in a way it feels proprietary but technically it's not proprietary. What's your thoughts on this? Because this is going to be the next 20 years of evolution. What's your thoughts? >> I think the productivity wins. Whoever packages technology in a way that makes it most productive for people. That's what wins. And open source, what's productive. It is very accessible. It enabled new waves. Get installed and you've got a package from... You got access to just a world of open-source. A world of software that was a big revolution. And I guess the cloud sort of came next and I think that's been one of the big shifts. You talk about proprietary. What matters is how easy you make things to people to do their work. And in that regard, obviously Amazon is in fact a bigger distribution network. Makes technology super consumable by so many people. I guess I would say that open is good and important but it's not the only thing. As you say, data is a lock-in and it's right and people are choosing services that make them productive. Nobody worries about whether Amazon Lambda is proprietary. They just know that they can build companies or businesses or business processes on it. >> You know it's interesting back in the day just to kind of segue with the next topic. We were fighting proprietary operating systems, UNIX and others. We're also fighting for proprietary Network protocol stacks. SNA was owned by IBM. DECnet was digital, the number one network. And then TCP/IP and OpenSan's interconnect came out. That's the OSI model for us old ones. That set the table. That changed the face of everything. It really enabled a lot. So when I see containers, what Docker did early on the pioneering phases of Docker containers, it unleashed a new reality of coolness and scale and capabilities. And then in comes Kubernetes and in comes micro services. So this path is showing some real strength for new kinds of capabilities. So how does a developer navigate all this because data lock-in does it a data plane seems to be a control point. What are we fighting now in your opinion? shouldn't say we're fighting but what are we trying to avoid if operating systems was for closing opportunities and network protocol stacks before closing in the past? What do you see as barriers that need to be broken down in the open source world around going down this great path of micro services, decomposed applications, highly cohesive architectures? >> Honestly there's enough work to be getting on with without like fighting someone in that regard. I mean we're fighting against technical debt. I just don't think that people are serrated about fighting against proprietary anymore. I think that's less than a concern. Open-source technology is great. It's how most work gets done in our industry today. So you mentioned Kubernetes and certainly Docker. Though we did a phenomenal job of packaging up and experience that map to see CICD. That map to the developer workplace people like do. Phenomenal job and I think that for me at least when I look at where we are as an industry, it's all about productivity. So there are plenty of interesting new platforms. I think in my keynote, that's my question. I'm less interested in microservices than I am in distributed work. I'm interested in one of the tools that are going to enable us to become more productive, solve more problems, build more applications and get better at building software. So I think that's my sort of focus. There will always be lock-in. And I think you will also have technologies mitigate against that. I mean clear messages today from Docker about supporting multiple clouds. For a while at least multiclouds seem like something only the kind waivers were interested in but increasingly we're seeing organizations where that is definitely part of how they're using the cloud. And again I think very often it's within specific areas. And so we see organizations that are using particular clouds for different things. And we'll see more of that. >> And the productivity. I love the passion, love that in the keynote. That was loud and clear. Two key points I want to get your reaction on that. You mentioned one was inclusion. Including more people, not seeing news. It's kind of imperative. And also virtual work environments, virtual events. You kind of made a highlight there. So again people are distributed remote first. It's an opportunity to be productive. Can you share your thoughts on those two points? One is, as we're distributed, that's going to open the aperture of more engagement. More people coming in. So code of conduct not as a file you must read or some rule. Culturally embracing a code of conduct. And then also, virtual events, virtual groups convening like we're doing here. >> Yeah I mean for me at least Allison McMillan from github and she just gave such a great demo at the recent sunlight event where she finished and she was like, it was all about, I want to be able to put the kids to bed for a nap and then go code. And I think that's sort of thinking people band around the phrase ruling this together but I mean certainly parenting is a team sport. But I think it's interesting we're not welcome. It was interesting that was looking at the chat, going through, I was being accused of being woke. I was being accused of being a social justice warrior. But look at the math. The graph is pretty clear. Women are not welcomed in tech. And that means we're wasting 50% of available resource to us. And we're treating people like shit. So I thought I underplayed that in the talk actually. Something like, "Oh, why is he complaining about Linus?" Well, the fact is that Linus himself admitted he needed to change his persona in order to just be more modern and welcoming in terms of building software and building communities. So look we've got people from around the world. Different cultural norms. All of the women I know who work in tech suffer so much from effectively daily harassment. Their bonafides are challenged. These are things that we need to change because women are brilliant. I'm not letting you signaling or maybe I am. The fact is that women are amazing at software and we do a terrible job of supporting them. So women of other nationalities, we're not going to be traveling as much. I think you can also grow. No we can't keep flying around as much. Make an industry where single parents can participate more effectively. Where we could take advantage of that. There're 200 million people in Nigeria. That hunger to engage. We won't even give them a visa and then we may not be treating them right. I just think we need an industry reset. I think from a we need to travel less. We need to do better work. And we need to be more welcoming in order that that could be the case. >> Yeah, there's no doubt a reset is here and you look at the COVID crisis is forcing that function there because one, people are resetting and reinventing and trying to figure out a growth strategy. Whether it's a business or teams. And what's interesting is new roles and new responsibilities is going to emerge and I think you're right about the women in tech. I completely agree and have evidence myself and reported on it ad nauseam. But the thing is data trumps opinion. And the data is clear on this issue. So if anyone will call you a social justice warrior I just say pound sand and tell them that go on their way. And just look at the data and clear. And also the field is getting wider. When I was in computer science major back in the day, it was male-dominated yes but it was very narrow. Wasn't as broad as it is now. You can do things so much more and in fact in Kelsey Hightower's talk, he talks to persona developers. The ones that love to learn and ones that don't want to learn anything. Just want to code and do their thing. And ones that care about just app development and ones that just want to get in and sling k-8 around like it's nobody's business or work with APIs, work with infrastructure. Some just want to write code. So there's more and more surface area in computer science and coding. Or not even computer science, it's just coding, developing. >> Well, I mean it's a bigger industry. We've got clearly all sorts of challenges that need to be solved. And the services that we've got available are incredible. I mean if you look at the work of companies like Netlify in terms of developer experience. You look at the emergence of JamStack and the productivity that we're seeing there, it's a really exciting time in the industry. >> No doubt about that. >> And as I say I mean it's an exciting time. It's a scary time. But I think that we're moving to a world of more distributed work. And that's my point about open source and working on code bases from different places and what the CapCloud can enable. We can work in a different way and we don't all need to be in San Francisco, London, or Berlin as I said in the Keynote. >> I love the vision there and the passion. I totally agree with it. I think that's a whole another distributed paradigm that's going to move up the stack if you will and software. I think it's going to be codified in cloud native and cloud scale creates new services. I mean it's the virtual world. You mentioned virtual events. Groups convening like the 67,000 people coming together virtually here at DockerCon. Large, small one-on-ones group dynamics are a piece of it. So share your thoughts on virtual events and certainly it's people are now just kicking the tires, learning. You do a zoom, you do a livestream. You do some chat. It's going to evolve and I think it's going to look more like a CICD pipeline and anything else. As you start to bring media together, we get 43 sessions here. Why not make it a hundred sessions? So I think this is going to be one of those learning environments where it's not linear, it's different. What's your vision of all this if you had to give advice for the folks out there? Not event plans, with people who want to gather groups and be productive. What's your thinking on this? >> Well, it sort of has to happen. I mean there are a lot of people doing good work in this regard. Patrick Dubois, founder of DevOps days. He's doing some brilliant work delineating. Just what are all the different platforms? What does the streaming platform look like that you can use? Obviously you've got one here with theCUBE. Yeah, I mean I think the numbers are pretty clear. I mean Microsoft Build had 245,000 registered attendees and I think something that might have been to begin. The patterns are slightly different. It's not like they're going to be there the whole time but the opportunity to meet people where they are, I think is something that we shouldn't ignore. Particularly in a world not everyone again has the privilege of being able to travel. You're in a different country or as I say perhaps your life circumstances mean you can't travel. From an accessibility perspective, clearly virtual events offer an opportunity that we haven't fully nailed. I think Microsoft performance in this regard has been super interesting. They were already moving that way and Kobe just slammed it up to another level. What they did with Build recently was actually, I mean they're a media company, right? But certainly developed a focused media company. So I think you'll be okay. You're about the business of software John. Don't worry Microsoft don't give you some space there. (John and James laughing) We're under the radar at theCUBE 365 for the folks who are watching this. This is our site that we built with our software. So we're open and Docker was instrumental and I think the Docker captains were also very instrumental and trying to help us figure out the best way to preserve the content value. I personally think we're in this early stage of, content and community are clearly go hand in hand and I think as you look at the chat, some of the names that are on there. Some of the comments, really there's a new flywheel of production and this to me is the ultimate collaboration when you have these distinct groups coming together. And I think it's going to just be a data dream where people aren't the product, they're actually a contributor. And I think this open source framework that you're talking about is going to be certainly just going to evolve rapidly. I think it's just not even scratching the surface. I just think this is going to be pretty massive. And services whatever you want to define that. It could be an API to anything. It's going to be essentially the scale point. I mean why have a monolith piece of software running something. Something Microsoft teams will work well here. Zoom will work well there but ultimately what's in it for me the person? This is the key question. Developers just want to develop. You're going to hear that throughout the day. Kelsey Hightower brings up some great points in his session and Amanda silver at Microsoft, she had a quote on one of her videos. She said, "App developers are the first responders "in this crisis." And that's the first time I've heard someone say that out loud and that hits home for me because it's true. And right now app developers are one of the front lines. They're providing the app support. They're providing to the practitioners in the field. This is something that's not really written about in the press. What's your reaction to app developers are the first responders in this crisis. >> Well I mean first I think it's important to pay tribute to people that actually are first responders. Writing code can make us responsive but let's not forget there are people that are lacking PPE and they are on the frontline. So not precise manner but I might frame it slightly differently. But certainly what the current situation has shown us is productivity is super important. Target has made huge investments in building out its own software development capabilities. So they used to be like 70% external 30% internal and they turn that round to like 80% internal 20 external. And they've been turning on a dime and well there's so much going on at the moment. I'm like talking about target then I'm remembering what's happening in Minneapolis today. But anyway we'll talk about that. But yeah organizations are responding quickly. Look at the numbers that Shopify is happening because all sorts of business is something like we need to be an online business. What's the quickest way to do that. And Shopify was able to package something up in a way that they they could respond to challenges. Huge social challenges. I'm a big believer the future's unwritten at this point and I think there's a lot of problems out there you point out and the first responders are there I agree. I'm just thinking that there's got to be a better path for all of us. And this brings up the whole new roles and responsibilities around this new environment and I know you're doing a lot of research. Can you share some thoughts on what you're kind of working on now James? That's important, I'll see what's trending here at DockerCon is. Compose the relationship with Microsoft, we've got security, Dockers now, multicloud approach, making it easier, that's their bread and butter. That's what they're known for. They kind of going back to that roots of why they pioneered in the first place. So as that continues ease-of-use, what's your focus area right now that you're researching that you could share with the audience? >> Well, I mean I'd say this year for me I've got probably three key areas. One is what's called GitOps. So it's the notion that you're using Git as a system of record. So that started off randomly making changes, you have an audit trail. You begin to have some sort of sense of compliance in software changes. I think the idea of everything has to be by a sort of a pull request. That automation model is super thing to me. So I've been looking at that. A lot of development teams are using those approaches. Observability is a huge trend. We're moving to the idea of testing and production. The kind of stuff that's been evangelized so successfully by charity majors honeycomb. It's super exciting to me and it's true because in effect, you're always testing in production, your dev environment. I mean we used to have this idea that you'd have a Dev and a Dev stage. You're have a staging environment. The only environment that really matters is where the rubber meets the road. And that is deployment. So I think that having having better tools for that is one of the areas I'm looking at. So how are tools innovating that area? And it won't be the thing that this is my own personal thing. I've been talking about progressive delivery which is asking a question about reducing risk by really understanding the blast radius of the service to be able to roll it out to specific use of populations first. Understanding who they are and enrolling it up so it's the idea that like maybe you brought something out to your employees first. Maybe you are in California and you roll something out in Tokyo knowing that not many people are using that service. It is a live environment but people are not going to be adversely affected if it happens. So Canary's Blue-Green deployments and also experimentation. This is sort of one of the areas I'm being sort of pulled towards. It's sort of product management and how that's really converging with software development. I feel like that's one of the things I haven't fully, I mean I think it's when they have research focused but you have to respond to new information. Anyhow, I'm spending a lot of time thinking about the world of product management. It's those companies to be most respect in terms of companies that are crushing it in the digital economy. They have such a strong product management focused. Everything is driven by product managers that understand technology and that's an exciting shift. The one that I'm paying greater attention. >> You do some great work and I love the focus on productivity software development. Getting those app developers out there and it's interesting. I just think that it's such an exciting time. It's almost intoxicating. Some people drinking on Twitter online and having beers because they're in different time zone. But if you look up and down the action that's going on, you got at the application developers side, all the things you were mentioning services. But when you look at the cloud side, you got almost this operating system reset. It's a systems architecture. So you have the hall and that's up and down. The middle of the stack to the bottom, you have this operating systems thinking and evolution. And then you got at the top, the pure software developers. And this is again to me the big aha moment. For the industry there's a true opportunity to scale that in unbelievable ways. And you don't have to pick a side. You can do a top of the stack bottom stack. So I think kubernetes and micro services really bring this whole enablement piece to the table. And that fascinates me and I think that's going to change what the apps will look like. It'll give more productivity and then making the internet programmable unit, that's new systems. So that seems to be the trend. You're a systems guy, your girl or you're a developer. How do you see that evolving? Do you get to that level? >> Developer experience is not necessarily the key value of Kubernetes. It's supremely flexible sort of system. It does offer you that portability. But I think what I'm seeing now is how people are taking Kubernetes and kind of thinking, so you've got VMware, acquires Heptio, brings Pivotal into the fold, starting about what that platform looks like. I think Pivotal with cloud foundry did a great job of thinking through operator experience. Operator experience is not the same as developer experience. I think we're going to see a bit more specialization of roles. Meanwhile at that point, you've got the cloud players all doing pretty awesome job supporting Kubernetes. But it gives that portability promise. So I think for me, one of the things is not expecting everyone to do everything. It's like Kelsey said, some people just want to come into work and do their job and they're super important. And so VMware I think a history of certification of application environments. So of them it's sort of quite--and certification of humans. It's quite natural that they would be somebody that would think about how do we make Kurbenetes more consumable and packaged in a way that more people take advantage of it. Docker was such a phenomenon and now seeing how that sort of evolving into that promise of portability is beginning to be realized. So I think the specialization, the pendulum is going to swing back just a little bit. >> I think it's just great timing and congratulations on all the work and thanks for taking the time for participating in DockerCon with the Keynote. Taking time out of your day and coming in and doing this live interview. The chat looks good. Hit some great, get some fans in there. It's a great opportunity and I think Docker as the pioneers, pivoting in a new direction, it's all about developer productivity and James you've been on it. @monkchips is his Twitter handle, follow him, hit him up. I'm John Furrier here in the studio for DockerCon 2020. Ginebra CEO and you got Brett Fisher on the captain's channel. If you go to the site, you'll see the calendar. Jump into any session you want. They'll be live on the time or on-demand instantly. TheCUBE track has a series of enemies. You've got Amazon, we got Microsoft, get some great guests, great practitioners that are literally having an impact on society. So thanks for watching. James, thanks for spending the time. >> Thank you very much John. >> Okay James Governor, founder of Monkchips, great firm, great person-- >> RedMonk, RedMonk is the company. Monkchips is the Twitter. >> Redmonk, Monkchips. RedMonk, RedMonk. >> RedMonk is the company. >> RedMonk, RedMonk. >> @monkchips is his Twitter handle and RedMonk is the firm, thank you for the correction. Okay more coverage DockerCon after this short break. Stay with us. The next segment is coming up. Stay with us here at theCUBE DockerCon. (gentle music)

(upbeat music) >> From around the globe, it's theCUBE with coverage of SUSECON Digital. Brought to you by SUSE. >> Welcome back. I'm Stuart Miniman coming to you from our Boston area studio and this is theCUBE coverage of SUSECON Digital 20. Happy to welcome to the program two of the keynote present presenters. First of all, we have Dr. Thomas Giacomo. He is the President of Engineering and innovation and joining him his co presenter from Makino state, Daniel Nelson, who is the Vice President of Product Solutions, both of you with SUSE. Gentlemen, thanks so much for joining us. >> Thank you. >> Thank you for having us. >> All right. So, Dr. T, Let's start out, innovation, open source, give us a little bit of the message for our audience that you and Daniel were talking about on stage. We've been watching for decades, the growth in the proliferation of open source communities, so give us the update there. >> Yeah. And then it's not stopping, it's actually growing even more and more and more and more innovations coming from open source. The way we look at it is that our customers there, they have their business problems, they have their business reality. And so we, we have to curate, and prepare and filter all the open source innovation that they can benefit from, because that takes time to understand how that can match your needs and fix problems. So at SUSE, we've always done that, since 27 plus years. So, working in the open source projects, innovating there but with customers in mind, and what is pretty clear in 2020 is that large enterprises, more startups, everybody's doing software, everybody's is doing IT and they all have the same type of needs in a way they need to simplify their landscape, because they've been accumulating investments all the way or infrastructure or software, different solutions, different platforms from different vendors. They need to simplify that. They need to modernize, and they need to accelerate their business stay relevant and competitive in their own industries. And that's what we are focusing on. >> Yeah, it's interesting, I completely agree when you say simplify thing, you know, Daniel, I go back in the opportunities about 20 years. And in those days, we were talking about the operating Linux was helping to go past the proprietary Unix platform, Microsoft, the big enemy. And you were talking about operating system, server storage, the application that on, it was a relatively simple environment in there compared to today's multi cloud, AI, container based architecture, applications going through this radical Information broke, though, gives a little bit of insight as to the impact this is having on ecosystems and, of course SUSE now has a broad portfolio that at all? >> It's a great question and I totally get where you're coming from, like, if you look 20 years ago, the landscape is completely different, the technologies we're using are completely different, the problems we're trying to solve with technology are more and more sophisticated. At the same time, though, there's kind of nothing new under the sun. Every company, every technology, every modality goes through this expansion of capabilities and the collapse around simplification as the capabilities become more and more complex and more manageable. So there's this continuous tension between capabilities, ease of use consume ability. What we see with open source is that, that kind of dynamic still exists, but it's more online of like developers want, easy to use technologies, but they want the cutting edge. They want the latest things. They want those things within their packages. And then if you look at operations groups or people that are trying to consume that technology, they want that technology to be consumable simple, works well with others be able to pick and choose and have one pane of glass to be able to operate within that. And that's where we see this dynamic. And that's kind of what the SUSE portfolio was built upon. It's like, how do we take the thousands and thousands of developers that are working on these really critical projects, whether it's Linux like you mentioned, or Kubernetes, or or Cloud Foundry? And how do we make that then more consumable to the thousands of companies that are trying to do it, who may even be new to open source or may not contribute directly, but when you have all the benefits that are coming to it, and that's where SUSE fits and where SUSE has fits historically, and where we see us continuing to fit long term is taken all those Legos, put into together for companies that want that, and then allow them a lot of autonomy and choice and how those technologies are consumed. >> Right, one of the themes that I heard you both talk about, in the keynote, it was simplifying, modernize, celebrate, really reminded me of the imperatives of the CIO. There's always run the business, they need to help grow the business, and if they have the opportunity, they want to transform the business. I think you said, run improve in scale. Scale absolutely a critical thing that we talk about these days, when I think back to the Cloud Foundry summit, in the keynote stage, it was the old way if I could do faster, better, cheaper, you could do them today. We know Faster, faster, faster is what you want. So give us a little bit of insight as to, you talked about Cloud Foundry and Kubernetes, application, modernization, what are the imperatives that you're hearing from customers and how are we, with all of these tools out there helping, IT, not just be responsive to the business but actually be a driver for that transformation of the business? >> It's a great question. And so when I talk to customers, and Dr. T, feel free to chime in, you talk to as many or more customers than I do. They do have these what are historically competing imperatives. But what we see with the adoption of some of these technologies is that faster is cheaper, faster is safer, creating more opportunities to grow and to innovate betters the business. It's not risk injection, when we change something, it's actually risk mitigation, when we get good at changing. And so it's kind of that modality of moving from, a simplified model or a very kind of like a manufacturing model of software to a much more organic, much more permissimuch more being able to learn within ecosystems model. And so that's how we see companies start to change the way they're adopting this technology. What's interesting about them is that same level of adoption. That same thought of adoption, It's also how open sources is developed. Open Source has developed organically, it's developed with many eyes make shallow bugs, it's developed by like, let me try this and see what happens, right? And be able to do that in smaller and smaller increments just like we look at Red Green deployments or being able to do micro services, or Canary or any of those things. It's like, let's not, do one greatly for what we're used to and waterfall is that's actually really risky. Let's do many, many, many steps forward and be able to transform it iteratively and be able to go faster iteratively and make that just part of what the business is good at. And so you're exactly right. Like those are the three imperatives of the CIO. What I see with customers is the more that they are aligning those three imperatives together and not making them separate, but we have to be better at being faster and being transformative. Those are the companies that are really using IT as a competitive advantage within their reach. >> Yeah, because most of the time they have different starting points. They have a history. They have different business strategy and things they've done in the past. So you need to be able to accommodate all of that and the faster microservice, native development posture for the new apps, but they're also coming from somewhere, and if you don't take care of that together, you can just accelerate if you simplify your existing because otherwise you spend your time making sure that your existing is running. So you have to combine all of that together, and the two, you mentioned Cloud Foundry and Kubernetes and I love those topics because, I mean, everybody knows about Kubernetes. Now it's picking up in terms of adoption, in terms of innovation technology, uilding AI ML framework on top of it. Now, what's very interesting as well is that, Cloud Foundry was designed for fast software development, and cloud native from the beginning that by the factor apps, and several like four or five years ago, right? What we see now is we can extract the value that Cloud Foundry brings to speed up and accelerate our software development cycles, and we can combine that very nicely and very smoothly simple in a simple way, with all the benefits you get from Kubernetes, and not from one Kubernetes. From your Kubernetes running in your public clouds because you have workloads there, you have services that you want to consume from one public clouds. We have a great SUSECON fireside chat with open shot from Microsoft. Asia, we're actually discussing those topics. Or you might have also Kubernetes clusters at the edge that you want to run in your factory or close to your data and workloads in the field. So those things and Daniel mentioned that as well taking care of the IT ops, like simplify, modernize and accelerate for the IT ops and also accelerate for the developers themselves, we benefiting from a combination of open source technologies. And today, there's not one open source technology that can do that. You need to bundle combine them together and best make sure that they are integrated, hat they are certified together, that they are stable together, that the security aspects, all the technology around them are deeply integrated into services as well. >> Well, I'm really glad you brought up some of those Kubernetes that are out there. We've been saying for a couple years on theCUBE, Kubernetes is getting baked in everywhere. SUSE's got partnership with all the cloud providers and you're not fighting them over whether to use a solution that you have versus theirs. I worry a little bit about, how do I manage all those environments? Do I end up with Kubernetes sprawl just like we have with every other technology out there? Help us understand what differentiates SUSE's offerings in this space? And how do you fit in with the rest of that very dynamic and diverse. >> So, let me start with the aspect of combining things together. And Daniel, maybe you can take the management piece. So, first of all, we are making sure at SUSE that we don't force our customers into a SUSE stack. Of course we have a SUSE stack, and we're very happy people use it. But the reality is that the customer knows that they have some investments, they have different needs, they use different technologies from the past, or they want to try different technologies. So you have to make sure that for Kubernetes like for any other part of the stack, the IT stack or the developer stack, your pieces are our modular that you can accommodate different different elements. So typically, at SUSE, we support different types of hypervisors We're not like focused on one but we can support KVM, Xen, Hyper-V, vSphere, all of the nutanix hypervisor, NetApp hypervisors and everything. Same thing with the OS, there's not only one Linux that people are running, and that's exactly the same with kubernetes. There's no one probably that I've seen in our customer base that will just need one vendor for Kubernetes because they have a hybrid cloud needs and strategy and they will benefit from the native Kubernetes they found on AKA, CKA, SDK, Alibaba clouds, you name them and we have cloud vendors in Europe as well doing that. So for us, it's very important that what we bring as SUSE to our customers can be combined with what they have, what they want, even if it's from the so called competition. And so the SUSE Cloud Foundry is running on. I guess, you can find it on the marketplace of public clouds. It could run on any Kubernetes. It doesn't have to be SUSE Kubernetes. But then you end up with a lot of cells, right? So how do we deal with that then? >> So it's a great question. And I'll actually even broaden that out because it's not like we're only running Kubernetes. Yes, we've got lots of clusters, we've got lots of containers, we've got lots of applications that are moving there. But it's not like all the VMs disappeared. It's not like all the beige boxes, like in the data center, like suddenly don't exist. We all bring all the sins and decisions of the past board with us wherever we go. So for us, it's not just that lens of how do we manage the most modern, the most cutting edge? That's definitely a part of it. But how do you do that within the context of all the other things you have to do within your business? How do I manage virtual machines? How do I manage bare metal? How do I manage all those. And so for us, it's about creating a presentation layer. On top of that, where you can look at your clusters, look at your VMs, look at all your deployments, and be able to understand what's actually happening within your environment. We don't take a prescriptive approach. We don't say you have to use one technology or have to use that technology. What we want to do is to be adaptive to the customer's needs. And say you've got these things. Here's some of our offerings. You've got some legacy offerings too. Let's show you how to bring those together. Let's show you how you modernize your viewpoints, how you simplify your operational framework and how you end up accelerating what you can do with the stuff that you've got in place. >> Yeah, I'm just on the management piece. Is there any recommendations from your team? Last year at Microsoft Ignite, there was a launch of Azure Arc, and, we're starting to see a lot of solutions come out there. Our concern is that any of us that live through the multi vendor management days, don't have good memories from those. It is a different discussion if we're just talking about kind of managing multiple Kubernetes. But, how do we learn from the past? And, what, what are you recommending for people in this multi cloud era? >> So my suggestion to customers is you always start with what are your needs, what is strategic problems you're trying to solve. And then choose a vendor that is going to help you solve those strategic problems. So isn't going to take a product centric view. Isn't going to tell you, use this technology and this technology and this technology, but it's going to take the view of like, this is the problem you're going to solve. Let me be your advisor within that and choose people that you're going to trust within that. That being said, you want to have relationships with customers that have been there for a while that have done this that have a breadth of experience in solving enterprise problems. Coz, I mean, everything that we're talking about, is mostly around the new things. But keep in mind that there are nuances about the enterprise, there are things that are that are intrinsically found within the enterprise, that it takes a vendor with a lot of experience to be able to meet customers where they are. I think you've seen that in some of the real growth opportunities within the hyper scalars. They've kind of moved into being more enterprise, view of things, kind of moving away from just an individual bill perspective to enterprise problems. You're seeing that more and more. I think vendors and customers need to choose companies that meet them where they are, that enable their decisions, not prescribe their decision. >> Okay. Oh-- >> Let me just add to that. >> Please go ahead. >> Yeah, sorry. Yeah. I also wanted to add that I would recommend people to look at open source based solutions because that will prevent them to be in a difficult situation potentially, in a few years from now. So there are open source solutions that can do that. And look at viable, sustainable, healthy open source solutions that are not just one vendor, but multi vendor as well, because that leaves doors options open for you in the future as well. So if you need to move for another vendor, or if you need to complement with an additional technology, or you've made a new investment or you go to a new public cloud, if you base your choices on open source, you have a better chance but from a data. >> I think that's a great point, Dr. T, and I would glom on to that by saying, customers need to bring a new perspective on how they adjudicate these solutions. Like it's really important to look at the health of the open source community. Just because it's open source doesn't mean that there's a secret army of gnomes that you know, in the middle of the night go and fix box, like there needs to be a healthy community around that. And that is not just individual contributors. That is also what are the companies that are invested in this? Where are they dedicating resources? Like that's another level of sophistication that a lot of customers need to bring into their own vendor selection process. >> Excellent. Speaking about communities and open ports, want to make sure you have time to tell us a little bit about the AI platform discussed. >> Yeah, it's it's very, very interesting and something I'm super excited about it SUSE. And it's kind of this, we're starting to see AI done and it's really interesting problems to solve. And like, I'll just give you one example, is that we're working with a Formula One team around using AI to help them actually manage in car mechanics and actually manage some of the things that they're doing to get super high performance out of their vehicles. And that is such an interesting problem to solve. And it's such a natural artificial intelligence problem that even then you're talking about cars instead of servers or you're talking about racing stack instead of data centers, you still got a lot of the same problems. And so you need an easy to use AI stack, you need it to be high performance, you need it to be real time, you need to be able to get decisions made really quickly. These are the same kinds of problems. But we're starting to see them in all these really interesting real world scenarios, which is one of the coolest things that I've seen in my career, especially as it turns of IT, is that IT is really everywhere. It's not just grab your sweater and go to the data centre, because it's 43 degrees in there, it's also get on the racetrack, it's also go to the airfield, it's also go to the grocery store and look at some of the problems being addressed and solved there. And that is super fascinating. One of the things that I'm super excited about in our industry in total. >> All right, well, really good discussion here. Daniel, Dr. T, thank you so much for sharing everything from your keynote and been a pleasure watching. >> Thank you. >> All right back with lots more covered from SUSECON Digital 20 I'm Stuart Miniman and as always, thank you for watching theCUBE. (upbeat music)

>>Ply from Barcelona, Spain pits the cube covering Cisco live 2020 Ratu by Cisco and its ecosystem partners. >>Hey, welcome back live to Cisco live in 2020 in Barcelona. We're in Europe, Barcelona. I'm John Ferrara, Dave Alante. We've got a great guest here and the whole theme of the show is not about the infrastructure is about the applications and the applications being powered by an infrastructure powered by Cisco. We've got a great guest, senior vice president, general manager, team collaboration, Shri Travaasa of Cisco. You run all the big products, WebEx on steroids, new announcements. You had a really killer announcements, the pack booth. We'll get into that. Welcome to the cube. Thanks for coming. Thank you for having me. What's the quick news? You're on stage giving the keynote quickly share the news. We can get into it. So we are obviously >>coming out with a set of updates to our great portfolio. We reach out to about 300 million users across the enterprise today who use us for all the way from meetings to team collaboration to calling to powering meeting rooms. So in a sense, what we have as a products that, uh, is either in the meeting room or on the desktop or on a mobile phone. So any one of those methods and mechanisms. And in the past couple of years we've seen massive adoption of video, uh, whether it'd be on the mobile phone, whether it be in your desktop or in a meeting room itself. >>So video is the key. You had an announcement with Mike, uh, Microsoft teams explain that because don't they? Don't they compete with you? >>Yes, we, we, so the best way to describe it as is it's compatibility and competition. So it's competitive to compete, um, for the sake of our end users. So end user choice pretty much drives, uh, the types of integrations we do these days. You can't leave it to an it organization to do that integration. You've got to make sure these products work. So we integrate quite a bit with our competitors, spar, Slack, Microsoft teams, zoom. We do integrate with all of those guys. And the Microsoft teams integration, um, is prefaced on providing the best real time media experience into the Microsoft ecosystem. So if a customer is using office three 65 for document collaboration and chooses us for real time collaboration, they get >>the best experience comes from. So this has been a sleepy space for awhile and then all of a sudden you've mentioned Slack, zoom comes out, big IPOs, high valuations, Microsoft kind of transitioning and gets, it's based to to teams. There's a lot of excitement all of a sudden. And I was thinking in the last year out, geez, I wonder if Cisco is asleep at the wheel, but today you had all these announcements, so obviously not asleep at the wheel. Describe what you see going on in the space and what excites you from a standpoint of what you've just announced. So I think >>over the past two years, rightfully so, there's been a ton of movement in this space and I think it's driven by, it's, it's important to talk about why it's driven by globalization of the workforce. So that globalization of the workforce has, has, has, has gotten caught steam in the past few years and you pretty much see folks being employed across the globe. Whoever has the skill gets employed in a sentence. And what we see within the confines of WebEx is an increase in user engagement. So the same user is using WebEx a lot more and we wonder why we're seeing basically cross time zone meetings go up and team collaboration as we know it is no longer across the table. It's actually across time zones, across geographies, across language boundaries. So you're seeing that happen and the power of team collaboration is not just bringing people together, it's the data in heading to within the conversation becomes the new currency. >>It's the new frontier. And you can do a whole bunch of analytics on that. You can provide information on that. You can basically bring what I would call uninterrupted work streams in the myths, which is, you know, how do you take a conversation, take a part of a set of action items out of it and basically take it all the way so that there's automation, there's least amount of transmission loss and transmission loss in a sense. So that's, that's what's causing, um, this, this industry to wake up because it's a productivity gain in knowledge worker population. >>I don't know why it's off the charts on these systems, you know, low denominator and it's so easy to justify. I mean to me this is the biggest way that people are kind of talking about, but not really specifically addressing it. And to me, I always like to look at the startup world because the startup world is ultimately the Canary in the coal mine. Cody cloud native was before cloud hit, the startups were in there wipe clean sheet of paper, all cloud. Now that's mainstream. I had a conversation with Mitchell, the founder of Hashi Corp and we were talking about the concept of virtual first. And his startup was all virtual. They didn't have an office, they could afford one, but their teams were remote. This is the new dynamic that works. And so I believe that this is going to be an enterprise requirement because this has been validated. >>You seeing people work virtually, development teams, marketing to any team, they're remote, they're at home. So this is a trend. This is real. And designing a product for virtual first versus saying, Oh, if your virtual uses Proctor was designed for this, this is really where it's coming to in my opinion. How are you guys addressing that? Because in that video is not easy. Totally not. You guys been doing video Cisco for a lot them. I know from the cable companies to make a deep packet inspection and managing packets, QoS and mean policy basis, the perfect storm for making video work better. So explain the whole virtual first and the video. Start by sharing a small little secret. I run this business and yet I'm a remote worker. Cisco's based in San, I live in Seattle. >>I live in a small town called mamasan. I'm, I'm a perfect example of who we are. It's all the. So without a doubt, what has also spurred this is the bandwidth to trust the globe, not just in the U S uh, I find that, you know, parts of Asia have very good connectivity. If you go into Korea, Singapore, it's just fantastic, right? If you go into the Western Europe, Scandinavian countries, it's just fabulous. So I think the, the fact of the matter is you, the act of working together across the table and the act of these collaboration tools bringing people together need to be the same. That's pretty much where we are all headed. We're all trying to achieve that Nirvana, making sure there's no dissonance when you bring people across video that's key. That requires not only the ability to see and hear people, but to be able to whiteboard, to be able to have a very rich and immersive conversation on biblical creation so that, you know, using like stickies on a whiteboard for example, how well can you do it? >>So those are the types of things that we are headed towards. Uh, and I w I would pretty much say you guys said it in your question. You have to design for a remote worker for a virtual work environment, which basically is all about optimizing for team collaboration and optimizing for information that's consistent across different communication types. Whether you pick up the phone, whether you are on a meeting in a persistent chat, all that transcription should look and feel the same. This is the convergence really of networking and software because software is where the action is, but the network controls the routes. So, you know, give you an example, we were doing a live broadcast in our studio in Palo Alto had Ken Jennings on from jeopardy and it was, I was so excited. It was a good interview. We had multiple guests on about AI and you know, and he was kind of our celebrity guests and he had terrible bandwidth with his house. >>I don't know, maybe his kids were playing games on it or he was downloading some Netflix, who knows, but he had a horrible visual. We couldn't control that. This is where the network optimization comes in. What are you guys doing there? You guys run the networks, you guys have access to some of the routes and looking for, you know, best route, best quality. So I think without a doubt, you know, the, your lowest common denominator leg in your network kind of decides the quality per se. Uh, but we, we continue to do things like a compression of bits on the wire so that you need the smallest amount of pipe. But at the end of the day for high Raz video, you still need a decent amount of bandwidth. And what ends up happening is it's not just bandwidth, it's uh, you know, understanding what kind of packet loss profile you have on that network. >>So what we are doing across nearly nearly every vendor today is figuring out how we can optimize for these Laci networks. So if you're talking to any collaboration engineer, um, the first interview question will inadvertently be, tell me your experience on Laci networks. What have you done, how many patents do you have? You know, that's kind of the, the discussion per se. So I think without a doubt the advent of 5g and its expansion will lead to Ken Jennings potentially having a much better experience. Right. Can you auto scale, not auto scale, but auto detect? Yes. That cause that's something that could be automated. And we, we automatically, we call it graceful degradation. So we start with aspiring for the 10 ADP. Then we'll bring it down to seven 2360 and no video. And that happens automatically and we let the end user know you're having a network blip and hence, uh, we have, we are degrading it or today's product. Yes. >>So years ago when you, there's video conferencing, you just have to show 15 minutes beforehand just to make sure everybody get on. Okay. So simplicity is another big adoption theme, whether it's one push phone calling or call me or whatever it is. At the same time, you've got to add functionality. You've had a transcription, you've had a translation, you've got the split screen. And when I stand up, the camera follows me. So are those counterpoints simplicity and functionality, how do you integrate those together? >>I think the, the, all of this is done in the quest to simplicity, right? Um, one of the key things we've done across the Cisco WebEx portfolio, we've been known as the stodgy characters. Um, you know guys who don't move fast, which is exactly the opposite, to be honest with you. We worked on making sure we get rid of, I'm going to use the word here, nerd knobs in the product optimized for the simple in a meeting, there are three things that matter. Three big use cases, scheduling, joining in, meeting quality. Those are the only three things matter. The rest doesn't matter, right? So if you look at our devices, if you look at everything, we have this consistent green button that shows up everywhere. Whether you bring up outlook, whether you bring up an iPhone calendar, whether you bring up a desktop in one of our devices, all of those things will have this consistent green bar. We don't, we never want the end user to miss it. See it hit it. It'll show up at the right time. Basically shows up between six minutes and the 40 minute Mark before the meeting. >>And by that in meeting quality, you mean the experience overall, how hard it is to share something or >>actually can you see that person? Can you hear that person, you know, things of that sort of, right. You know, how do you avoid echos in a meeting? Like, what if I turn on both audio multiple times in a particular echo, right. As I mentioned in our last interview, Sri about um, uh, the previous guests around, they want API APIs cause it was like API APIs. It's kind of a trend towards a thin, I won't say thin client cause that's some kind of an old, old word. But um, more efficient source code on the client side, not bloated >>software in the sense of having all these bells and whistles. I mean, I mean at some point you're going to use, right? It could be an advanced version. Maybe you have a tiered thing, but at the base set, how do you create software in this modern error so that you can have really fast software managing front end with the powerful backend. You think about, Hey Siri, you know, there's the front end, there's a back end. So you starting to see this kind of decoupling. How do you guys look at that as it changed the development thesis? Is that something that you guys are thinking about? What's your take on all that? >>Yeah, without a doubt. Right? So we, we, we constantly optimize media is a very different workload than for example, a commanding tool. Right? Yeah. Uh, and I don't mean to trivialize city or any other assistant media is hard when you're doing video. The app needs to have some intelligence to be able to disintegrate audio and video streams and content sharing, right? So these apps tend to have a bigger footprint on the desktop, on the mobile phone than other traditional apps. So there is a constant quest for that additional bit of optimization to reduce, you know, substantially reduce the juice you use out of the laptop. Uh, and with laptops becoming more and more powerful, mobile phones becoming more and more, more powerful, we are only able to bring more, more into that big tree. >>Yes. And the rich media is only getting more and more robust with video. Look at the gaming world. My kids got their rig set up, multiple monitors. I mean, it's a lifestyle experience, consumption of video. It's all, it put more pressure on you guys. It's hard. We know we do it. How, what's the, in your mind, what's your guiding principle for future innovation? Whether you're hiring, designing around video, what do you guys chasing that Nirvana? What is it? Is it the software, the hardware? It's a chips. >>I think it's a combination of them, right? If you look at Cisco, our inherent differentiation is we know, we know how to do software. We know a thing or two about networks. I mean no hardware. How do you bring these three together and there's a four to dimension, I'm going to call it quad. And it's security. You can't ignore security. You know, it's, it's something that you have to intrinsically think about. It's not a check by check box after you don't want somebody peeping Toms in their meeting. For example, everybody is simply >>back in the cams. Jeff Bezos has got hacked on video on his WhatsApp embedded malware. So are all kinds of weird things that come through. You don't know. >>I think it's, it's the amalgamation of all of these things. How do you maximize every single element of the pipe? Um, so we are working with, for example, our own DNA center methods and mechanisms by which we're saying based on our workload, how do we optimize the next look for our workload. When we find an issue within let's say WebEx, how do we automatically self heal the network? That is basically where we are headed. So we want to make sure we are constantly stack up and down the stairs, down the stack. And the other, you know you've talked about simplicity of use case. I'll give you an example. What we're doing with our devices now as it has face recognition, we don't store any, any images in the cloud. So as soon as you walk into a meeting room, we've got an IOT sensor that it recognizes your face. >>It says, Hey, let me pull up your meetings. It starts to track who all have joined your meeting. And then let's assume you forget to join the meeting. It wakes up and it says, would you like to join the meeting? Two of two of your colleagues have joined so you don't even have to hit the button. It is germaphobe friendly. So you don't have to touch. It binds you in basic automation. So that level of automation is coming in. So you're talking about the future. The future is about simplicity. That spans generations. So you're pretty much worn the human to come back and for the tech to fade away in the back of them. If you don't want them to be reliant on this app that you have to learn, right, it should be discernible, relatable, easy to use. >>Works like the movies in history. You're a rock star. I'm great to have you. In fact, now we know you live in Seattle. We're going to have you in our studio remotely and we're gonna make sure that bandwidth and that video is of highest quality., the SVP, senior vice president, general manager of the collaboration group of Cisco. Big part of the future of Cisco. This group is going to be really driving some of those network benefits. The applications are big part of the focus, changing the business models, business outcomes. This is the conversation is the cube coverage from Barcelona. We'll be right back after this short break.

(lively music) >> Hello, and welcome to this special CUBE conversation. I'm John Furrier, founder of SiliconANGLE Media, co-host of theCUBE. We are here in our Palo Alto Studio to have a conversation around cloud computing, multi-cloud, hybrid cloud, the changes going on in the IT industry and for businesses across the globe as impacted by cloud computing, data, AI. All that's coming together, and a lot of people are trying to figure out how to architect their solution to scale globally but also take care of their businesses, not just cutting costs for information technologies, but delivering services that scale and benefit the businesses and ultimately their customers, the end users. I'm here with a very special guest, Donnie Berkholz, who's the VP of IT services delivery at CWT, Carlson Wagonlit Travel. Also the program chair of the Open Source summit, part of the Linux Foundation, formerly an analyst, a great friend of theCUBE. Donnie, great to see you. Thanks for joining us today. >> Well, thanks for having me on the show. I really appreciate it. >> So we've been having a lot of conversations around, obviously, cloud. We've been there, watching it, from day one. I know you have been covering it as an analyst. Part of that cloud ought to go back to 2007, '08 time frame roughly speaking, you know, even before that with Amazon. Just the massive growth certainly got everyone's attention. IBM once called Amazon irrelevant. Now going full cloud with buying Red Hat for billions and billions of dollars at a 63% premium. Open Source has grown significantly, and now cloud absolutely is the architectural linchpin for companies trying to change how they do business, gather more efficiencies, all built on the ethos of DevOps. That is now kind of going mainstream. So I want to get your thoughts and talk about this across a variety of touchpoints. One is what people are doing in your delivering services, IT services for CWT, and also trying to get positioned for the future. And then Open Source. You're on the Open Source program chair. Open Source driving all these benefits, now with IBM buying Red Hat, you've seen the commercialization of Open Source at a whole nother level which is causing a lot of conversation. So tell us what you're doing and what CWT is about and your role at the company. >> Absolutely, thank you. So CWT, we're in the middle of this journey we call CWT 3.0, which is really one about how do we take the old school green screens that you've seen when you've got travel agents or airline agents booking travel and bring people into the picture and blend together people with technology. So I joined about a year and a half ago to really help push things forward from the perspective of DevOps, because what we came to realize here was we can't deliver quickly and iterate quickly without the underlying platforms that give us the kind of agility that we need without the connections across a lot of our different product groups that led us, again, to iterate on the right things from the perspective of our customers. So I joined a year and a half ago. We've made a lot of strides since then in modernizing many of our technology platforms. The way I think about it here, it's a large enterprise. We've got hundreds of different applications. We've got many, many different product teams, and everything is on a spectrum. We've got some teams that are on the bleeding edge. Not even the leading edge, but I'd say the bleeding edge, trying out the very latest things that come out, experimenting with brand new Open Source tools, with brand new cloud offerings to see, can we incorporate that as quickly as possible so we can innovate faster than our competitors? Whether those are the traditional competitors or some of the new software companies coming into things from that angle. And then on the other end of the spectrum, we've got teams who are taking a much more conservative approach, and saying, "Let's wait and see what sticks "before we pick it up." And the fortunate thing, I think, about a company at the scale we are, is that we can have some of those groups really innovating and pushing the needle, and then other groups who can wait and see which parts stick before we start adopting those at scale. >> And so you've got to manage the production kind of stability versus kind of kicking the tires for the new functionality. So I've got to ask you first. Set up the architecture there. Are you guys on premise with cloud hybrid? Are you in the cloud-native? Do you have multiple clouds? Could you just give a sense of how you're deploying specifically with cloud? >> Yeah, absolutely. I think just like anything else, it's a spectrum of all we see here. There's a lot of different products. Some of them have been built cloud-native. They're using those serverless functions as service technologies from scratch. Brought in some leaders from Amazon to lead some of that drive here. They brought in a lot of good thinking, a lot of good culture, a lot of new perspective to the technologies we're adopting as a company that's not traditionally been a software company. But that is more and more so every day. So we've got some of that going on as completely cloud-native. We've got some going on that's more, I would say, hybrid cloud, where we're spanning between a public cloud environment back to our data centers, and then we've got some that are different applications across multiple different public clouds, because we're not in any one place right now. We're putting things in the best place to do the job. So that's very much the approach that we take, and it's one that, you know, back when I was in my analyst's world, as one of my colleagues called it, the best execution venue. What's the best place? What's the right place to do the right kind of task? We incorporate what are the best technologies we can adopt to help us differentiate more quickly, and where does the data live? What's the data gravity look like? Because we can't be shipping data back and forth. We can't have tons of transactions going back and forth all the time between different public clouds or between a public cloud and one of our data centers. So how do we best account for that when we're architecting what our applications should look like, whether they're brand new ones or whether they're ones we're in the middle of modernizing. >> Great, thanks for sharing, that's great, so yeah, I totally see that same thing. People put, you know, where the best cloud for the app, and if you're Microsoft Shop, you use Azure. If you want to kick the tires on Amazon, there's good roles for that, so we're seeing a lot of those multiple clouds. But while I've got you on the line here, I know you've been an analyst. I want you to just help me define something real quick because there's always kind of confusion between hybrid cloud and multi-cloud. Certainly the multi-cloud, we're getting a lot of hype on that. We're seeing with Kubernetes, with stateful applications versus stateless. You're seeing some conversations there. Certainly on Open Source, that's top of the agenda. Donnie, explain for folks watching the difference between hybrid cloud and multi-cloud, because there's some nuances there, and some people have different definitions. How do you guys look at that? Cause you have multiple clouds, but some aren't necessarily running a workload across clouds yet because of latency issues, so define what hybrid means to you guys and what multi-cloud means to you. >> All right, yeah, I think for us, hybrid cloud would be something where it's about integrating an on-prem workload off a more traditional workload with something in a public cloud environment. It's really, hybrid cloud to me is not two different public clouds working together or even the same application in two different public clouds. That's something a little bit different, and that's where you start to get, I think, into a lot of the questions of what is multi-cloud? We've seen that go through a lot of different transitions over the past decade or so. We've seen a lot of different, you know, vendors, going out there thinking they could sell multi-cloud management that, you know, panned out at different levels of success. I think for at least a decade, we've been talking about ideas like can we do cloud bursting? Has that ever really worked in practice? And I think it's almost as rare as a unicorn. You know, on-prem for the cost efficiencies and then we burst the cloud for the workload. Well, you know, to this day, I've never seen anything that gives you 100% functionality and 100% performance comparability between an on-prem workload and public cloud workload. There always seems to be some kind of difference, and this is a conversation that, I think, Randy Bias has actually been a great proponent of it's not just about the API compatibility. It's not just, you know, can I run Azure in their data centers or in mine? It's about what is the performance difference look like? What does the availability difference look like? Can I support that software in my data center as well as the engineers at Microsoft or at Amazon or at Google or wherever else they're supporting it today? Can I keep it up and running as well? Can I keep it performing as well? Can I find problems as quickly? And that's where it comes to the question of how do we focus on our differentiators and let the experts focus on theirs. >> That's a great point about Randy Bias. Love that great API debate. I was looking at some of that footage we had years ago. But this brings up a good point that I want to get your reaction to, because, you know, a lot of vendors going out there, saying, "Oh, our cloud's this. "We've got all this stuff going on," and there's a lot of hype and a lot of posturing and positioning. The great thing about cloud is that you really can't fake it until you make it. It's got to be working, right? So when you get into the kind of buying into the cloud. You say, "Okay, great, we're going to do some cloud," and maybe you get some cloud architects together. They say, "Okay, here's what it means to us. "In each environment, we'll have to, you know, "understand what that means and then go do it." The reality kind of kicks in, and this is what I'd like to get your reaction to. What is the realities when you say, "Okay, "I want to go to cloud," either for pushing the envelope and/or moving solid workloads that are in production into the cloud. What is the impact on the network, network security, and application performance? Because at the end of the day, those are going to be impacted. Those three areas come up a lot in conversations when all of the glam and all the bloom is off the rose, those are the things that are impacted. What's your thoughts on how practitioners should prepare for those three areas? The network impact, network security impact, and application performance? >> Yeah, I think preparation is exactly the right word there of how do we get the people we have up to speed? And how do we get more and more out of that kind of project mindset and into much more of the product mindset and whether that product is customer-facing or whether that product is some kind of infrastructure or platform product? That's the kind of thinking we're trying to have going into it of how do we get our people, who, you know, may run a Ci Cd pipeline, may run an on-prem container platform, may even be responsible for virtualization, may be responsible for on-prem networks or firewalls or security. How do we get them up to speed and turn them into real software engineers? That's a multi-year journey. That's not something that happens overnight. You can't bring in a team of consultants to fix that problem for you and say, "Oh, well, we came in and implemented it, "and now it's yours, and we walk out the door." It's no longer that, you know, build and operate mindset that you could take a little bit more with on-prem. Because everything is defined as code. And if you don't know how to deal with code, you're going to be in a real rough spot the next time you have to make a change to that stuff that that team of consultants came in and implemented for you. So I think it's turned into a much more long-term approach, which is very, very healthy for technology and for technology companies as a whole of how do we think about this long-term and in a sustainable way, think about scaling up our people. What do those training paths look like? What do those career paths look like? So we can decide, you know, how many people do we want certified? What kind of certifications should they have or equivalent skill sets? I remember hearing not too long ago that I think it was Capital One had over 10,000 people who were AWS certified, which is an enormously large number to think about, but that's the kind of transitions that we've been making as we become more and more cloud-native and cloud by default, is getting the right people. The people we have today trained up in these new kinds of skill sets instead of assuming that's something we can have some team fly in from magic land and implement and then fly away again afterwards. >> That's great, Don, thanks for sharing that insight. I also want to get your thoughts on the Open Source summit, but before we get there, I've got to ask you a question around some of the trends we've been seeing. Early on at DevOps we saw this together of the folks doing the hard work in the early pioneering days, where you saw the developers really getting closer to the front lines. They were becoming part of the business conversation. In the old world of IT, "Okay, here's our strategy. "Consolidate this, load some virtual machines," you know, "Get all this stuff up and running." The business decisions would then trickle down to the tech folks, then with the DevOps revolution, that's now cloud computing and all things, you know, IoT and everything else happening where the developers and the engineering side of it and the applications are on the front lines. They're in more of the business conversations, so I have to ask you. When you're at CWT, what are some of the business drivers and conversations that you guys are having with executive management around choices? Are they business drivers? Do you see an order of preference around agility? The transformation value for either customers or employees, compliance and security, are the top ones that people talk about generally. Of those business drivers, which ones do you guys see the most that are part of iterating through the architecture and ultimately the environment that you deploy? >> Yeah, I think as part of what I mentioned earlier, that we're on this journey we call CWT 3.0, and what's really new about that is bringing in speed and agility into the conversation of if we have something that we imagine as a five year transformation, how do we get to market quickly with new products so that we can start really executing and seeing the outcomes of it? So we've always had the expectations around availability, around security, around all these other factors. Those aren't going away. Instead, we're adding a new one, so we've got new conversations and a new balance to reach at an executive level of we now need a degree of speed that was not the expectation, let's say, a decade ago. It may not even have been the expectation in our industry five years ago, but is today. And so we're now incorporating speed into that balance of maybe we'll decide to very intentionally say, "We're not going to go over quite as many nine's today "so that we can be iterating more quickly on our software." Or, "We're going to invest more "in better release management approaches and tools," right? Like Canary releases, like, you know, Green-Blue releases, all these sorts of new techniques, feature flags, that sort of thing so that we can better deal with speed and better account for the risk and spread it to the smallest surface area possible. >> And you were probably doing those things also to understand the impact and look at kind of what's that's coming in that you're instrumenting in infrastructure because you don't want to have to put it out there and pray and hope that it works. Right, I mean? The old way. >> The product teams that are building it are really great and really quick at understanding about what the user experience looks like. And whether that's their Real User monitoring tools or through, you know, other tools and tricks that we may incorporate to understand what our users are doing on our tools in real time, that's the important part of this, is to shorten the iteration cycle and to understand what things look like in production. You've got to expose that back to the software engineers, to the business analysts, to the product managers who are building it or deciding what should be built in the first place. >> All right, so now that you're on the buyer's side, you've actually got people knocking on your door. "Hey, Donnie, buy my cloud. "Do this, you know, I've got all these solutions. "I've got all these tools. "I've got a toolshed full of," you know, the fool with the tool, as they say. You don't want to be that person, right? So ultimately you've got to pick an environment that's going to scale. When you look at the cloud, how do you evaluate the different clouds? You mentioned gravity or data gravity earlier. All kinds of new criteria is up there now in terms of cloud selection. You mentioned best cloud for the job. I get that. Is there certain things that you look for? Is there a list? Is there criteria on cloud selection that goes through your desk? >> Yeah, I think something that's been really healthy for me coming into the enterprise side from the analyst perspective is you get a couple of new criteria that start to rise up real quickly. You start thinking about things like what's that vendor relationship going to look like? How is the sales force? Are they willing to work with you? Are they willing to adapt to your needs? And then you can adapt back with them so you can build a really strong, healthy relationship with some of your strategic vendors, and to me, a public cloud vendor is absolutely a strategic vendor. That's one where you have to really care a lot and invest in that relationship and make sure things go well when you're sailing together, going in the same direction. And so to me, that's a little bit of a newer factor because it was easy to sit back and come in as the strategic advisor role and say, "Oh, you should go with this cloud. "You should go with that cloud "because of reasons X, Y, or Z," but that doesn't really account for a lot of things that happen behind the scenes, right? What's your sourcing and human department doing? How do they like to work with around contract, right? Will you negotiate a good MSA? All these sorts of things where you don't think about that when you're only thinking about technology and business value. You also have to think about the other, just the day to day, what does it look like? What's the blocking and tackling working with some of those strategic vendors? So you've got that to incorporate in addition to the other criteria around do they have great managed services? You know, self-service managed services that will work for your needs? For example, what do they have around data bases? What do they have around stream processing? What do they have around serverless platforms, right? Whatever it might be that suits the kinds of needs you have. Like for example, you might think about what does our business look like, and it's a graph, right? It's travelers, it's airports, it's planes, it's hotels. It's a bunch of different graphs all intersecting, and so we might imagine looking for a cloud provider that's really well-suited to processing those sorts of workloads. >> In the old days, the networking guys used to run the keys to the kingdom. Hey, you know, I'm going to rack and stack servers. I'm going to do all this stuff, but I've got to go talk to the networking guys, make sure all the routes are provisional and all that's locked down, mainly because that was a perimeter environment then. With cloud now, what's the impact of the networking? What's the role of the network? As we see DevOps notion of infrastructure as code, you've got to compute networking stores as three main pillars of all environments. Compute, check. Stores getting better. Networking, can you imagine Randy Bias? This was a big pet peeve for him. What's the role that cloud does? What's the role of the network with your cloud strategy? >> Yeah, I think something that I've seen following DevOps for the past decade or so has been that, you know, it really started as the ops doing development moved more into the developers and the ops working together and in many cases sharing roles in different ways, then incorporated, you know, QA, and incorporated product, to some extent. Most recently it's really been focused on security and how do we have that whole DevSecOps, SecDevOps thing going on. Something that's been trailing behind a little bit was network, absolutely. I had some very close friends about 10 years ago, maybe, who were getting into that, and they were the only people they knew and they only people they'd ever even heard of thinking beyond the level of using some kind of an expect script to automate your network interaction. But now I think networking as code is really starting to pick up. I mean, you look at what people are doing in public cloud environments. You look at what Open Source projects like Ansible are doing or on the new focus on network functionality. They're not alone in that. Many others are investing in that same kind of area. It's finally really starting to get up. Like for example, we have an internal DevOps Day that we run twice a year, and at the most recent one, guess who one of our speakers was? It was a network engineer talking about the kinds of automation they'd been starting to build against our network environments, not just in public cloud, but also on-premise. And so we're really investing in bringing them into our broader DevOps community, even though Net may not be in the name today. I don't think the name can ever extend to include all possible roles. But it is absolutely a big transition that more and more companies, I think, are going to see rolling along, and one that we've seen happening in public cloud externally for many, many years now. It's been inevitable that the network's going to get engaged in that automation piece. And the network teams are going to be more and more thinking about how do we focus our time in automation and on defining policy, and how do we enable the product teams to work in a self-service way, right? We set up the governance, but governance now means they can move at speed. It doesn't mean wait seven to 30 days for us to verify all of the port openings, match our requirements, and so on and so forth. That's defined up front. >> Yeah, and that's awesome, and I think that's the last leg of the stool in my opinion, and I think you nailed it. Making it operationally automation enabled, and then actually automating it. So, okay, before we get to the Open Source, one final question for you. You know, as you look at plan for the technologies around containers and microservices, what sounds a lot like networking constructs, provisioning, services. The role of stateless applications become a big part of that. As you look at those technologies, what are some of the things you're looking for and evaluating containers and microservices? And what role will that play in your environment and your job? >> I think something that we spend a lot of time focusing on is what is the day two experience going to look like? What is it going to be like? Not just to roll it out initially, but to, you know, operate on an ongoing basis, to make upgrades, to monitor it, to understand what's happening when things are going wrong, to understand, you know, the security stance we're at, right? How well are we locked down? Is everything up-to-date? How do we know that and verify it on a continuous basis instead of the, you know, older school approach of hey, we kind of do a ECI survey or an audit, you know, once a year, and that's the day we're in compliance, and then after that, we're not. Which I was just reading some stories the other day about companies saying, "Hey, there's a large percentage "of the time that you're out of compliance, "but you make sure to fix it just in time "for your quarterly surveys or scans or what have you." And so that's what we spend a lot of our time focusing on is not just the ease of installation, but the ease of ongoing operability and getting really good visibility into the security, into the health, of the underlying platforms that we're running. And in some cases, that may push us to, let's say, a cloud managed service. In some cases, we may say, "Well, that doesn't quite suit our needs." We might have some unique requirements, although I spend a lot of my time personally saying, "In most cases, we are not a snowflake, right?" We should be a snowflake where we differentiate as a company. We should not be a snowflake at the level of our monitoring tools. There's nothing unique we should really be doing in that area. So how can we make sure that we use, whether it's trusted vendors, trusted cloud providers, or trusted Open Source projects with a large and healthy community behind them to run that stuff instead of build it ourselves, 'cause that's not our forte. >> I love that. That's a great conversation I'd love to have with you another time around competitive advantage around IT which is coming back in vogue again. It hasn't been that way in awhile because of all the consolidation and outsourcing. You're seeing people really, really ramp up and say, "Wait a minute, we outsourced our core competency and IT," and now with cloud, there's a competitive advantage, so how do you balance the intellectual property that you need to build for the business and then also use the scale and agility with Open Source? So I want to move to that Open Source conversation. I think this is a good transition. Developers at the end of the day still have to build the apps and services they're going to run on these environments to add value. So Open Source has become, I won't say a professional circuit for developers. It really is become the place for developers because that's where now corporations and projects have been successful, and it's going to a whole nother level. Talk about how Open Source is changing, and specifically around it becoming a common vehicle for one, employees of companies to participate in as part of their job, and two, how it's going to a whole nother level with all this code that's flying around. You can't, you know, go dig without finding out that, you know, new TensorFlow library's been donated for Google, big code bases are being rolled in there, and still the same old success formula for Open Source is continuing to work. You're on the program chair for Open Source summit, which is part of the Linux foundation, which has been very, very successful in this modern era. How has that changed? What's going on in Open Source? And how does that help people who are trying to stand up architecture and build businesses? >> I think Open Source has gone through a lot of transitions over the past decade or so. All right, so it started, and in many ways it was driven by the end users. And now it's come back full circle so that it's again driven more and more by the end users in a way that there was a middle term there where Open Source was really heavily dominated by vendors, and it's started to come back around, and you see a lot of the web companies in particular, right? You're sort of Googles and Amazons and LinkedIns and Facebooks and Twitters, they're open sourcing tools on an almost daily basis, it feels like. I just saw another announcement yesterday, maybe the day before, about a whole set of kernel tools that I think it was Facebook had open sourced. And so you're seeing that pace just going so quickly, and you think back to the days of, for example, the Apache web server, right? Where did that come about from? It didn't come from a software vendor. It came from a coalition of end users all working together to develop the software that they needed because they felt like there's a big gap there and there's an opportunity to cooperate. So it's been really pleasing for me to see that kind of come back around full circle of now, you can hardly turn around and see a company that doesn't have some sort of Open Source program office or something along those lines where they start to develop a much more healthy approach to it. All right, the early 2000's, it was really heavy on that fear and uncertainty and doubt around Open Source. In particular by some vendors, but also a lot of uncertainty because it wasn't that common, or maybe it wasn't that visible inside of these Fortune 500 global 2000 companies. It may have been common, right? What we used to say back when I worked at RedMonk was you turned around, and you asked the database admins, you know, "Are you running MySQL? "Or are you running Postgres?" You asked the infrastructure engineers, "Are you running Linux here?" and you'll get a yes, nine times out of ten, but the CIO was the last to know. Well now, it's started to flip back around because the CIO's are seeing the business value and adopting Open Source and having a really healthy approach to it, and they're trying to kind of normalize the approach to it as a consequence to that, saying, "Look, it's awesome "that we're adopting Open Source. "We have to use this "so that we can get a competitive advantage "because every thousand lines of code we can adopt "is a thousand lines of code we don't have to write, "and we can focus on our own products instead." And then starting to balance that new model of it used to be, you know, is it buy versus built? And then Sass came around, and it's buy versus build versus rent. And now there's Open Source, and it's buy versus build versus rent versus adopt. So every one of these just shifts conversation a little bit of how do you make the right choice at the right time at the right level of the stack? >> Yeah, that's a great observation, and it's awesome insight. It feels like dumping a little bit, a lot of dumping going on in Open Source, and you worry that the flood of vendor-contributed code is the new tactic, but if you look at all the major inflection points from the web, you know, through bitcoin, which is now 10 years old this year, it all started out as organic community projects or conversations on a message board. So there's still a revolution, and I think you're right. Their script is flipping around. I love that comment about the CIO's were last to know about Open Source. I think now that might be flipping around to the CIO's will be last to know about some proprietary advantage that might come out. So it's interesting to see the trend where you're starting to see smart people look at using Open Source but really identifying how they can use their engineering and their intellectual capital to build something proprietary within Open Source for IT advantage. Are you seeing that same trend? Is that on the radar at all? Is that just more of a fantasy on my part? >> I think it's always on the radar, and I think especially with Open Source projects that might be just a little bit below the surface of where a company's line of business is, that's where it will happen the most often. And so, you know, if you were building an analytics product, and you decided to build it on top of, you know, maybe there's the ELK Stack or the Elastic Stack, or maybe there's Graylog. There's a bunch of tools in that space, right? Maybe, you know, Solar, that sort of thing. And you're building an analytics tool or some kind of graph tool or whatever it might be, yeah, you might be inclined to say, "Well, the functionality's not quite there. "Maybe we need to build a new plugin. "Maybe we need to enhance a little bit." And I think this is the same conversation that a lot of the Linux kernel embedded group went through some number of years ago, which is, it's long term a higher burden to maintain a lot of those forks in-house and keep updating them forever than it is to bring some of that functionality back upstream. That's a good, healthy dialogue that hopefully will be happening more and more inside a lot of these companies that are taking Open Source and enhancing it for their own purposes, is taking the right level of those enhancements, deciding what that right level is, and contributing those back upstream and building a really healthy upstream participation regardless of whether you're a software vendor or an adopter of that software that uses it as a really critical part of their product stack. >> Awesome, Donnie, thanks for spending the time chatting with me today. Great to see you, great to connect over our remote here in our studio in Palo Alto. A final question for you. Are you having fun, these days? And what are you most excited about because, again, you've seen. You've been on multiple sides of the table. You've seen what the vendors have. You actually had the realities of doing your job to build value for Carlson Wagonlit Travel, CWT. What are you excited about right now? What's hot for you? What's jazzing you these days? >> Yeah, I think what's hot for me is, you know, to me there's nothing or very little that's revolutionary in technology. A lot of it is evolutionary, right? So you can't say nothing's new. There's always something a little bit different. And so the serverless is another example of something that it's a little bit different. It's a little bit new. It's similar to some previous takes, but you got new angles, specifically around the financials and around, you know, how do you pay? How is it priced? How do you get really almost closer to the metal, right? Get the things you need to happen closer to the way you're paying for them or the way they're running. That's remains a really exciting area for me. I've been going to Serverlessconf for probably since the first or second one now. I haven't been to the most recent one, but you know, there's so much value left in there to be tapped that I'm not yet really on to say, "What's next? What's next?" I've helped myself move out of that analyst world of getting excited about what's next, and for me it's now, "What's ready now?" Where can I leverage some value today or tomorrow or next week? And not think about what's coming down the pipe. So for me, that's, "Well, what went GA?" Right? What can I pick up? What can I scale inside our company so that we can drive the kinds of change we're looking for? So, you know, you asked me what am I the most excited about right now, and it's being here a year and a half and seeing the culture change that I've been driving since day one start to come back. Seeing teams that have never built automation in their lives independently go and learn it and build some automation and save themselves 80 hours a month. That's one example that just came out of our group a couple months back. That's what's valuable for me. That's what I love to see happen. >> Automation's addicting. It's almost an addictive flywheel. We automate something. Oh, that's awesome. I can move on to something else, something better. That was grunt work. Why do I want to do that again? Donnie, thanks so much, and again, thanks for the insight. I appreciate you taking the time and sharing with theCUBE here in our studio. Donnie Berkholz is the VP of IT source of CWT, a great guest. I'm John Furrier here inside theCUBE studio in Palo Alto. Thanks for watching. (lively music)

>> Announcer: From Copenhagen, Denmark, it's the Cube. Covering KubeCon and CloudNativeCon Europe 2018, brought to you by the Cloud Native Computing Foundation, and it's ecosystem partners. >> Hello everyone, welcome back to the Cube's exclusive coverage here in Copenhagen, Denmark for KubeCon 2018, part of the CNCF, the Cloud Native Compute Foundation, part of the Linux Foundation, I'm John Furrier cohost of the Cube, here with my cohost this week Lauren Cooney, the founder of Spark Labs. Got two great guests in the industry here, Lew Tucker, the CTO of Cloud Computing for Cisco Systems and Aparna Sinha who's the group project manager for Google Cloud, thanks for coming on, great to see you guys. >> Great to be here >> Thanks for having us. >> So obviously the two big players, you've got networking, you've got moving up the stack and Google Cloud with all the goodness you have hundreds of people here at this show. Cloud native big, you're cloud native, >> Aparna: Yeah. >> You guys are running the networks a lot of stuff's happening, but the big story's the Kubernetes de facto standard position that's been echoed by many people here, Kubernetes tightly controlled core with a lot of innovation going on around Kubernetes. >> Aparna: Yes. >> When I hear words like de facto standards, it reminds me of the old networking days when the OSI model and the TCPIP was forming. Massive shifts at that point. >> Lew: Yeah, yeah. >> Almost a seminal moment now. >> Yeah but in fact I think in open source it's a different notion than in the old days of standards. Here we've got multiple communities, multiple companies that are working together to create a common platform and that's what I think the success of open source is about. So actually, Kubernetes coming into CNCF has really makes that possible and we just graduated it so we should have a celebration around Kubernetes now has graduated in terms of a CNCF project. >> Yeah and you know one think I would say about de facto standard, I don't take that for granted. Kubernetes is built as a platform that runs anywhere across on premises, data centers, public clouds, runs anywhere but, you know that it will be or is a de facto standard is something that we don't take for granted. We make sure in the community that we're working on increase support for, for example different types of storage with a storage interface standard, different types of networking, with a CNI different types of run times, so establishing those interfaces and establishing those standards is key to making it the platform. But that's certainly the potential of Kubernetes is to be-- >> Yeah I mean it's not the end game, it's the beginning. >> Aparna: It is. >> And the nurturing and making sure that ecosystem with thrive is important. And that's why I want to get your thoughts, 'cause you've got Google and Cisco here so lets talk about first the relationship, you guys are working together. >> Lew: Absolutely, yeah. >> Talk about the relationship between Google and Cisco. >> Sure, I think it came about because we're both recognizing that enterprises for example are incorporating cloud computing as a part of their overall IT strategy. And so they needed to find a way, how can they actually make that happen without companies that are working in both of those areas getting together. So it's very natural I think for the two of us to sort of come together because this way we can take our enterprise customers and using Kubernetes as sort of the foundational platform make it so that they can run applications wherever they want, they can run it in their private data center they can run it in Google Cloud, and we can make this now, to provide a lot of the networking so that you can extend private networks into Google Cloud and vice versa, so I think it's a marriage made in heaven in that way. >> Aparna you're reaction to the partnership. >> Yeah, you know, Google is a very developer friendly, developer focused company, always has been, you know the majority of Google is actually developers so it's a company for developers by developers and you know with Google Cloud actually the irony is we're also a networking company and so there's a nice affinity working with Cisco. Our DNA is very much open source, there's multiple projects that have come out of Google that have been very successful open source projects. I mean Tenser Flow, Kubernetes I think is unique in that we've really created and participated and built a community around it and so with this partnership, we're really excited to have Cisco also be part of the community, certainly with Kubernetes but also the Istio Project. And a lot of the projects in cloud native have come from Google's experience running services at global scale. Kubernetes certainly came that way from the Borg heritage and then Istio also from, from what we call one platform, internally to manage service. >> That's a great point, you brought up scale and it's interesting, it's almost like you have two large scale companies here, you have Cisco with massive scale footprint of enterprises from day one, routers you need to move packets around the internet. You guys have built scale for Google with millions of services out there, millions of users, I mean it's unprecedented. So now as you come into the enterprise, the Cisco relationship is an opportunity to blend the best of Google with the footprint at Cisco, how is that going to work, how's that working and what's the vision? I mean obviously it's a nice match, you've got a great footprint in the enterprise, you've got massive scale with the cloud, bringing that in, moving it out, hybrid cloud obviously, is that the? >> Yeah well we often notice for example as I sort of said, the foundational piece is actually running Kubernetes everywhere and so we just recently announced a Cisco container platform which is based on Kubernetes, that means that enterprises now can develop applications in Google Cloud and then run them in their enterprises or vice verse and then on top of that and we're adding in the networking capabilities, through things such as CSR and things like that to allow us to connect both the enterprise and their public cloud running Kubernetes and then Istio as we're mentioning is this thing on top and I'm, as you know, a big fan of where that really is going to take us because I think one of the things that enterprises want to be able to do is that they want to be able to consume services out of Google Cloud, whether it be in kind of terms of the data services or increasingly AI, intelligence service, Tenser Flow, be able to use as a part of their enterprise applications and so I have within my team for example contributed both in terms of what we're doing in terms of Istio, Kubernetes, I've got people on my team who are bringing for example IPB6 into Kubernetes, that's important because, guess what, service providers also want to move into a container world. And then also Cube Flow and so all of these things are starting to come together so that you can start building applications as an assembly of these services and many other services that I will see coming from the public cloud and Google in particular. >> Aparna, I want to ask you, because this is important to distinguish this Istio trend because we asked a lot of people at the Cube here and in our reporting, okay what's next after Kubernetes? If you have a de facto standard, you have stuff coming around it, an eco system, everyone talks about service mesh and Istio project. >> Aparna: Yeah. >> Now the best thing about infrastructure as code which is dev ops in the cloud is you can make things programmable and automate, so if you look at what Istio's doing, it feels like an application benefit but also an automated networking concept with services. >> Aparna: Sure. >> So you got kind of a new dynamic going on where a lot of dynamic things are happening a lot of services are being provisioned, maybe for the first time. >> Aparna: Yeah, yeah. >> So how do you instrument it? This is going to be a future area of innovation. >> So again going back to that standard, right? That platform that runs everywhere, why is it a standard, why is it becoming a standard and I hear this from our customers, our users, it's because they don't have to train multiple times for multiple different environments, they can really scale their workforce, they can hire people that they trained up in Kubernetes and they can scale that workforce so it applies regardless of where they go and it gives them that mobility and if you think about the eco system around Kubernetes right so Kubernetes is one project, a major big project but then the eco system around Kubernetes has really exploded in the last year it has gone from 4000 projects to 15000 projects and I was looking through those projects and seeing you know, which are the ones that have the most stars and there's actually three projects that stood out as having more than 3000 stars but being new, like in the last year and Istio was at the top of that list and obviously it's very popular in terms of the number of stars but it's only one year old and I don't know how much people know that. >> And I think it's interesting, 'cause I'm going to throw kind of a curve ball here at you and say, you know I'm hearing that the service mesh is actually, people are using it. >> Aparna: Yes. >> But it's actually hasn't been deployed into production, is that the case? >> Aparna: It's starting to be. >> Okay. >> So on GKE, Google Kubernetes Engine we've got customers that are deploying Istio, it's starting. >> Lauren: Okay. >> Again it's a one year old project and then also on premise, using the open source and we've got a program called the EEPE program it's like an early program, they're deploying and using Istio and it tends to be a very nice attach to Kubernetes. >> So what is the use case for that? >> One of the things to understand, it is very new and less than a year old, we're not even at a one dot out yet but the components that go into it, Envoy for example has been battle tested because Istio's made up of, just to get technical, in terms of having proxies that make up the data plane and that's battle testing or whatever. So now we're adding a control plane on top of that, where policy, telemetry, observability, all of that comes to the fore. That's what's new. So bringing that together and so people have and Istio's not the only service mesh, service meshes have actually been made up of these proxies and have you manage them, Istio's just seems to be a better way to the community is agreeing-- >> A proxy can be very inefficient, so I want to just ask a question on that because one of the things that I'm trying to understand is for the average person in tech, not the inside baseball, they're trying to understand why is Istio so powerful. >> Aparna: Yes. >> So is there, what paid points are they solving? >> The easiest way to think about that is we've moved to a microservices architecture and that's so that every development team can focus on their particular area of expertise, they don't want to have to learn networking and everything else, so what we've done is we've offloaded all of the issues around how do you do load balancing, circuit breakers and telemetry off to a service mesh, that allows the developer to dramatically increase their productivity because they're only focused on their one application area and now the operations team brings that together through the networking concept. >> Aparna: Yes. >> So they built a distributed application without having to know very much about the specificity. >> Yes, it's very much that separation of concern and you know Kubernetes has the same principle, it separates you know the infrastructure from the applications and what Istio does, it allows you to manage those applications at scale, visualize them, make them secure and to control them in a scalable way, so you're not writing the service management pieces into the application and the developer is therefor freed from that burden and the application operations team can then manage things like distributing certificates or rotating certificates, right? Those are things you need to do across all of your services. >> So you're bringing us on that system and I know you guys run at scale, hundreds of thousand of services, if not more, I don't know what the number is, millions whatever it is. >> Aparna: Four million containers. >> Tons. >> Aparna: A week! >> So when you talk about that, what I'm hearing and I've talked to the SRE, site reliable engineers before, the roll of the admin is gone to more of an operator and then the operator role is less of an operating, 'cause it's operating only on exception, 'cause if you got policy in the control plane, that seems to be where the action is, is that, am I getting that right? How do you explain that notion of less admin, more operational kind of-- >> There is a change in roles, the administration of the application is not so application specific if you will, right? And I think the best analogy to it is the way we do development at Google, everybody is a developer right? And they write their services but there's a lot of common infrastructure that you do not replicate so for example storage, monitoring, logging, you know publishing your API, you know quotas, rate limiting, chargebacks, billing, all of that is common infrastructure, you write your service, it is immediately using all of that infrastructure, you don't build those things into your application and that has so many benefits, you know you can write your service and it can be global. >> So on time savings, no brainer, automation-- >> And when you change any one of those services that has a monitoring or anything, now you don't have to tell the application development team that that change is happening. >> So this is infrastructure as code, passes the test right? You can program the infrastructure. >> This is services, this is a services world, rather than infrastructure world or an application siloed world, this is the world of services, that's really what we're here for. >> What's the growth in microservices? I'm seeing different stats, can you just give an order of magnitude, just from your own personal experience in looking at the market, how fast is the notion of microservices growing? 'Cause this is really the proxy for the cloud native shift. And you guys are certainly micro services oriented, we talk about this all the time, any data or any anecdotes around growth of microservices? >> Well I mean there's a lot of surveys and most of the surveys point towards, I think containers are a good proxy, you know 88 percent of enterprises are using containers, it's becoming, whether you move to the cloud or not actually containers are basically a way of doing things more repeatedly, giving you efficiency from an infrastructure perspective giving you reliability so that you know you can basically exchange out the hardware and your container environment is still resilient and then giving you that developer productivity, that's becoming something that enterprises are embracing, it seems from these surveys and I think that's the building block for microservices. >> And I think many people are already moved, remember Soho, we've got history here, so we've been trying to move towards this world in which it is a services world and before it was much too heavyweight Ectimel RPC and everything that made it, Soap and everything else, difficult to do these things. Now things have gotten much much easier. So a lot of people are actually doing a services architecture already. And the microservices I think is just a more formal way of doing that at a finer grain and when you get to this finer grain, that's when you need something like a service mesh now to pull things back together again. >> Alright, lets do a plug for the service mesh, people that are watching have got to be intrigued by this conversation, what's the state of the service mesh piece, lot of stars so good good community vibe going on, how do they get involved, what's needed, where's the white space, where's the work being done? >> And I think also John, what skills are needed to actually as a developer, you know we've got a lot of new folks here at that show that are just learning about this and what do they need to know to actually do this and bring this back to their companies. >> If they're, so first of all it's at Istio.io so that's the place to start, there's a lot of very good documentation there, there's very simple examples that can be downloaded so that you can try it out, you can try it out we're using containers so on top of cumulating, you can do it on your laptop, you can do it in the cloud so we're in this wonderful age of the internet in fact that most of the learning is done online and that you can get everything you need online you don't have to walk away from the show with a CD pack or anything else like that. So I would encourage developers to just simply try it out by themselves. Remember then there's Istio developers, people that are actually contributing code into Istio, that's sort of a specialized group of people who are very interested in it. More people, it'll be 10 to one users of Istio than there will be actually of the Istio developer community and the Istio developer community I urge people to get involved 'cause that's where we need to expand the number of use cases and make sure that we're covering the things that are important across the board for variety. >> Yeah, I mean Istio's not that difficult to learn, it's an L7 Proxy. It has a great affinity to Kubernetes project so if you are using Kubernetes or are involved in Kubernetes project then it basically is something that you can deploy into your Kubernetes cluster and you can get started with it. There are a number of trainings and workshops actually at this conference, there were a couple of Istio trainings and there are many tracks and then there's training online, there's a tutorial on the Google site with the GKE and I think on many other companies as well to get started with Istio but it's basically a proxy and in, it's not actually only limited to Kubernetes, you can run it in a VM environment, you can, it basically any service, it is a proxy that intercepts and you know basically can provide load balancing, traffic managing, quotas, all of those things that you expect of a rich proxy and so if you have a networking background it's actually very easy to pick it up. >> That's great, now when you're talking about these kind of, you know, these proxy and things along those lines, I'm sure that there are use cases that are the first ones to pop up, can you talk a little bit about that. >> Yes, I think the first use case of Istio is actually Canary, Canary deployment, so being able to route traffic from one version of your application to another version of your application. Make sure that that, lets say it's an upgrade, you know, make sure that that's running well and then gradually route more of you're traffic. So that's a very developer centric use case that appeals and then of course security. And that's a less developer centric, more control and ops perspective and then observability and again, control, also an ops perspective, those are the three main use cases. >> Okay. >> That's great, that's awesome and you have Cube Flow going on here, you guys had a couple of Google folks on. >> Yes, so I mentioned three projects that are the top projects, Istio number one, number two is Cube Flow, again within the last year, more than 3000 stars and then the last one is Scaffold. >> Great stuff, I love the programmability, automation. >> And one of the things that we mentioned before, because when people hear proxy, they think of the old time, actually when you've used a proxy and a DNS which now it's very high performance and one of the things that you're seeing also, it connects up with other open source projects such as FDIO which is VPP, which is now being used, integrated into envoy which is a proxy, so the data plane itself, I think is going to be more efficient than people trying to do their own network. >> That's a good point Lew, I mean people think proxies are inefficient, it's a hack, a bridge between point A and point B. >> Yes, that was a lot of the initial skepticism around this, so you know, this was about two years ago we were sitting around saying okay, Kubernetes, what's next? And we came up with a open service broker, so you can consume services and then the early start of Istio, starting with Envoy and then building the service mesh around that and that was indeed one of the early concerns as well, will it be too heavy, will it add latency, will there be performance bottle neck, I think a lot of that concern has been addressed and it will continue to be addressed. >> Well we got to wrap up be I want to get some comments from you guys, reaction to the show here in Europe, obviously Google is in big force, Istio is prime time, you predicted that in Austin, it looks like it's tracking beautifully, reactions, what did you walk away with here from this event? What observations, revelations, surprises, share some color for the folks that couldn't make it. >> We were talking earlier about the number of use cases now that we've seen that our customers are coming in and describing how they're using Kubernetes and other of the technologies making up the cloud native world. And that allows people to learn and so that's what I'm always excited, because I can sit there in the audience and you can see everybody else going oh, I'm going to apply that to what I'm trying to do and just the breath now of-- >> John: So you're surprised at the uptake, or you're happy with the uptake, that's your reaction? >> Yeah and I think you would agree too. >> Yeah, I think the reason I come to KubeCon is to meet users, it's a user conference, and with each passing KubeCon, it becomes more and more user-centric so some of the talks here, the takeaways that I had, you know the folks from Spotify talked about how users need to get more involved and the benefits of getting more involved in the community, that was a very inspiring talk. Another talk yesterday talked about how Kubernetes needs to be a platform for everything, not just cloud native, but actually also Legacy and so these are points. And then the third piece, a lot of users talking about multicloud, right and making that a reality, these are things that I'm taking away as you know, users are doing this today. >> John: Multicloud certainly is a path, people have that outcome in mind. >> Yes. >> Doing the work now to get there. Thanks for coming on, Aparna and Lew. >> Thank you. >> Great to have you guys, you're awesome, senior folks in the industry, experienced executives, driving the change here, cloud native, microservices architecture, whole new modern paradigm shift in software architecture, here at KubeCon, Kubernetes, Istio, hot projects, Cube Flow and more here on the Cube, live coverage here in Copenhagen, stay with us for more coverage, after this short break. (upbeat music)

>> Voiceover: Live from Las Vegas, it's theCUBE, covering AWS re:Invent 2017. Presented by AWS, Intel, and our ecosystem of partners. >> Hey, hello everyone. Welcome back to day two of live coverage as theCUBE's exclusive analysis coverage of AWS re:Invent 2017. I'm John Furrier, co-host on set one with Stu Miniman here, analyst at Wikibon. And we got two sets here at Amazon re:Invent The first time we've done two sets, so much content. We have our directors' set with captains' chairs over there getting all the community content. And all the folks doing the innovation here at AWS. Stu, a lot to talk about. We've had companies come through, tell us about their innovation with AWS. But the bottom line is Andy Jassy's keynote just went off. I mean, he's like the energizer bunny. He keeps going and going and going. Announcement after announcement. I broke that Forbes story, laid out what ended up turning out to be the core messaging. Tons of stories on SiliconANGLE.com around Andy Jassy's exclusive interview that we had about a week and a half ago, prior to re:Invent. He's geared up. He's giddy up, as they say, his favorite word. He's taken on the competition. He took Oracle head on and called Oracle a company that abuses their customers. That was hard core, "abuse." He used the word, "abuse." In this culture, he could have just said, "predator." He's that kind of competitive vibe. Microsoft kind of called out Vinder 2 on the chart. Laying out the sets and services. Amazon putting the aggressive we're real stamp out there. What's your thoughts? You got the only analysis. >> So first of all John, this show is always impressive. One of the ones that I look forward to more than almost anything for the entire year. 43,000 people here. I spent the last day and a half in the analyst sessions. There wasn't a single analyst that was like, "Ho-hum." There are so many announcements. You go down the list and the number 73rd announcement on there, you're like, "I'm not sure." "There's this group of customers that's been waiting "for them and is going to transform their business. "It's potentially going to crush certain parts "of the industry." There's so much happening, there's lots of fanboys here. It's tough not to get exuberant about what's going on. Surprised to see Andy punching a little bit of competitors. Sure, he takes jabs at Larry Ellison every year. You know the red stack stuff, you know database. They're making huge piece on the migration. But talking a little bit more about Google and Microsoft, "Well they must be real competitors," a lot of people are saying, "if they're actually putting them up there, "going through the numbers," so many things we want to dig into here, and throughout the next two days. >> Yeah man, and the fact that he talks about the competitors means that it's still on his mind, although they're still full steam ahead. The thing about Jassy though, getting to know him, his style is not just talk, he walks it more than he talks. He'll only talk trash if he's got a solution in his back pocket. And what's different this year is, the bravado has gone up and the rhetoric around Oracle specifically has been really hard core. I mean he called them an abusive partner to their customers. That's a line in the sand. Those are fightin' words but then he goes on stage and essentially rolls out a series of database options. He spent a lot of time talking about databases, Stu, in his keynote. >> John, we got Aurora Serverless totally talking about, "How many companies, how many resources do you have focused "on managing the infrastructure under your database?" So, RDMS, paired with Serverless, absolutely game changer. People are super excited about it. There's so much going on. But I mean, John just take alone, the one thing they put up, it was one of the Gartner slides, and what's Amazon at now, 44% up from 39%? So there's talk about growth rates and everything like that. Amazon chugging along, dominant in their space, and so many pieces. >> That's the one critique I would give Jassy, the one thing I don't like about his keynote, and I don't like in general about Amazon is, they talk new guard, new guard, old guard is bad. They're using Gartner slides, too. I mean, you couldn't old guard then Gartner. Magic Quadrant has nothing to do with the presentation. It was infrastructures of service, didn't include platform as a service, didn't include SAS. I mean, they're using the wrong scoreboard. Now, I think he throws it up there because buyers kinda use Gartner as kind of a bellwether but they're not, they're old guard. He's got to get better stats and I'm pressuring them to get the stats. What is the scoreboard for cloud? >> Well, john, you know one of the things we always look at, there's two days of keynotes. Today is really the enterprise. Enterprise, Andy says, we're in kind of the early part of massive adoption from enterprise. He's talking enterprise-speak and yeah, they go to the Gartner Magic Quadrant, absolutely. John, what's happening in the software world? I mean, that's really where this is is the change of what's happening in the software. Amazon's at the vanguard. There was plenty of things that I'm sure developers will love here, but it wasn't the big focus of today's keynotes. >> To me, the canary in the coalmine is developers. The canary in the coalmine for the big mega trans are also venture capitalists. The canary in the coalmine of the startup entrepreneurs, those alpha entrepreneurs and last night we had a chance. I sat down multiple one on ones with some venture capitalists. We had some here on theCUBE, then we went to the Greylock, Amplify, and then IVP party and haD a chance to talk to some people. The general sentiment is this, we are in a sea change. It's like a tsunami. The whole beach is exposed before the big wave comes in, Stu. The top venture capitalists like Greylock and others, are looking at this going, "the models have changed." The funding model, the dynamics and everyone is going, "holy shit." That's where this renaissance in software development is happening and the top guys on the entrepreneurial side is saying, "the new way to do it is, "take less funding, I need to get in market fast "with a product, I need a partner that's gonna get me." The rest of the market is deer in the headlights, Stu. They're like, "wait a minute, do I compete with Amazon? "Do I partner with Amazon? "Which could do I use?" They get caught rearranging the deck chairs and they're taking their eye off the ball which is software. >> So john, the struggle I've been hearing, you know, you talked to a bunch of Amazon customers already this week. If you're in the enterprise and you're building your strategy, you got to write it on a whiteboard or an etch-a-sketch because things are changing so fast. The thing I was really looking forward to is what were they gonna be in cubernetties and you know, server list, huge promise, what are they delivering? What was the proof point? And I have to say, definitely impressed with what I saw so far. >> What's the top? I mean first of all, you're in the analyst meeting and I heard feedback from the analysts like, "we can't even comprehend all these things." I want you to boil it down for the folks not here and they're gonna be reading some blog posts and still getting a lot of coverage to go through certainly on theCube and SiliconANGLE will keep on. Bottom line, what's the executive summary in your mind, Stu? What should people pay attention to? What's the most important story? >> It is impossible to give one story to everyone but let me start with, Andy lays out, in your interview for Forbes and what he talked about in the keynote, kind of a compute continuum so if you're just using compute instances, there are some new big ones. If you want your AI stuff, your big data, they've got new compute instances. The bare middle offering is basically the fruits of what they have to do to be able to get vmware on AWS to work and they're now making that same instance available for those that want to be able to do other things with it, bring their own hypervisor, things like that. I could tell you, it's a massive... It's like 72 logical cores, huge amounts of memory and it is gonna be wicked expensive because it's not like most of the instances with Amazon, pick between these six versions, it's one. Here's a server and it's a big server, it's gonna be really expensive. We're gonna be digging in with a couple of vmware executives on that piece but the newer stuff, containers. The last year we've been hearing, Amazon's behind on cubernetties, Amazon's behind on cubernetties. They joined the CNCF for a couple months. Now they have EKS so full supporting cubernetties but here's the nuance, I talked to the people that run that group and ECS is not going away. They're there, we've seen all the time is they say, "oh here's the standard and we're gonna fully embrace it, "but our proprietary's version." Cubernetties doesn't scale the way you need, you gotta do our thing. Cubernetties, we can't integrate it with all our services, you know use our services. Andy was like, "hey, we're gonna give you a choice." Underneath that they had farpoint, I'm sorry fargate. Fargate is the underlying level that basically allows me to take rather than, you know, managing at the server level which really I was managing virtualization before. Now I'm managing at the compute level. When containers came out and Docker was buzzing, it was, "this is the new atomic instance "of how we manage things." Fargate really cooled down at that lower level so you have (mumbles) I keep saying fargate at the bottom level, now I've got ECS or cubernetties and I've got things like istio on top of that. You and I are gonna be at the CNCF show next week, CubeCon and everything like that. I'm sure Amazon is gonna suck a lot of the air out of that with what they're doing and gosh, I haven't even talked about serverless yet. >> First of all I mean, it's hard to boil it down like you said. You can't even breathe at this point, it's so exciting but the thing that is a success at Amazon also could be an Achilles heel because it has complexity so I noticed in messaging was everything to everyone or is everything to everything. It's got this vibe going on... >> Stu: Everything is everything. >> Everything is everything. A lot of people have been criticizing the software business on the community side, supplier side of trying to be everything to everyone. But that's what Amazon's doing, right? They're basically saying, "we're gonna give you everything "but it's not mandated that you choose one." So talk about that dynamic because the people critiquing them and saying, "well they're just throwing all this stuff out there, "it's just a feature." Is it viable? >> It's a great point and right, if you look at traditional enterprise vendors, it was, "oh my god look at that catalog "and all these thousands and thousands of skews "that are out there." I believe the number I heard is in the Amazon services, there's like 30,000 services out there and how do you, as a company, manage that? I talked to one global web company and I gave that. How do you keep up with this? How do you know what to do? And he's like, "well, we reach a certain price point. "I've got two TAMs, they help us work through this." There's no way any one person or even any company could be an expert on this. That's where Amazon needs to get consultative. That's where SIs need to come in. I'll tee up, that's where serverless really comes in because there's certain pieces that, as Andy talked about in the keynote, you know lambda is going everywhere. It's getting integrated into the environment. There's certain pieces of the stack that before I needed to choose my compute instance. I needed to figure out how much memory. I have to do all of these kind of things. If I choose a certain layer of integration, Amazon is gonna take care of those things underneath so absolutely they hear loud and clear that they want to simplify things. What was it, last year light sale was one of the big announcements. There's so many things. Spot instances had a huge growth to be able to drive down costs this year. I mean, dozens and dozens of features that Andy talked about this morning. Serverless, John, really massive wave. (mumbles) >> Let's connect the dots. There's a lot to talk about, we've got Werner Vogles keynote tomorrow. That should be really geeky and tech under the hood, but what Jassy is putting out there is a lot of the stuff you're mentioning but also he's got a wireless camera for facial recognition, they've got transcribe recognition, poly, lex, so the sets of services that are new and new guard like and the use cases from this are interesting. A lot of different connective devices so you see a little IOG. They're kind of laying out like this is a landscape. You know, we're gonna do statcast for MLB, NFL. We got edge devices, databases for S3. The programming model, the new assembly model. It's very modular. This is like the building blocks approach. It's not just the lambda and S3. You've got wireless cameras that do facial recognition. >> Right, because John, I talked to a couple customers that are doing serverless and they're working with Amazon and it's like, "oh well, where do you think of serverless functions as a service?" And they're like, "well really I have you know..." One customer was like, "I have a bunch of my own services "and I have APIs I write and now I can just call into "various Amazon services so it makes..." John, the whole API economy that we've been talking about for many years, you know, this is really Amazon having this come to fruition. I should be able to write my own APIs that can program to many of Amazon's APIs. If Dave Vellante was here, I'm sure he'd be talking about API creep because there's so many pieces but you know, Amazon, Andy is saying, "we have everything of the best." I think a lot of he's trying to attack there. Many customers we've talked to, they're going multi-cloud. What does that really mean? It's Amazon the primary. When are they using Google, Microsoft, Oracle, IBM? There's so many pieces. >> Stu, it's impressive to me. I get called a fanboy all the time, but I just call it as I see it and Amazon is crushing everyone else, in my opinion. There's no doubt about it. When we get more data from Microsoft or Google, then we'll compare, you know, and Oracle. They're not even talking so like they're hiding. They're building again. The tsunami is coming. The war is here. No doubt there's a cloud war and Microsoft is in it to win it. Google's hardcore so this is game on. What Amazon is doing is they're integrating new kinds of interactivity. You start to see Twitch more here. You see the NFL demo on stage that Andy did. The actual data that they're getting from the sensors. They're integrating the application so you know Goldman Sachs never goes on stage and does a testimonial. The guy's basically giving a lovefest for Amazon. That's Goldman Sachs. So you have new software models that are coming. This is something I think nobody's seeing. I think you talk to hardcore dudes. The infrastructures now with serverless is enabling creativity and I think this renaissance is for real. >> John, you nailed something. It's Sandy Carter who you know and have had on theCUBE many times, joined Amazon within the last year, talked about how Amazon, not just AWS but Amazon, is helping customers with buzzword digital transformation but how do you innovate? It's not just Amazon Web Services, there's so many things that the broader Amazon portfolio can tie into, you know. Absolutely, it's impressive. Customers always said it used to be like, "oh how can I have a network that's kinda like Google's?" Now it's "how can I innovate like Amazon?" >> Well Stu, we go to all the shows. We didn't go to Oracle Open World this year. Again, they're kind of silent right now because they don't want to talk to the press because they're gearing up. You've got Oracle, Microsoft, certainly very aggressive, more aggressive than Oracle, but Jassy is laying the line in the sand so we're gonna watch the new guard old guard thing play out. Microsoft is absolutely moving the needle. They are coming up to Amazon. There's no doubt that they're in the sights, in the rearview mirror. I think everyone else is really gearing up. You've got Alibaba cloud in China coming to the US. This is going to be exciting. The cloud game has got so much action in it. It's got the geeky under the hood and the sexiness of the application, Stu. I'm really super excited. >> Yeah, there's just so much information, you know. Choose your category. Choose where you're going. There is just no shortage. Everybody is geeking out. The big complaint is like how there's too many people. If you go standby, you go an hour ahead of time and you're still there and it's spread out, you know. The Aria and the MGM, there's all these things there. We're here at the heart of what used to be the one facility and now it's just spread out so much so you really need to kind of choose your focus, dig on in, and you know, we've got so many interviews. >> Stu, we're gonna want to wrap this up by saying the company that's behind us, you can't see or maybe you're able to see in the shot that's winning that no one's talking about much because they're just winning is Intel. They sell more chips. They sell more compute. The compute game is where it's at. You've just Intel kind of quietly under the surface and this growth is only gonna help Moore's law and everything else. >> John, it's just like the old Intel inside, you know. Amazon does more. They're buying more compute, whether that's standard compute, it's containers, or serverless at the end of the day, there's some Intel chips underneath almost all of it today. >> Intel's not putting their strategy up but it's clear to me through observation and talking to them, is that they're targeting the cloud as that new inside moment. They want to power the top clouds. They already are. They're kinda quietly keeping their nose clean and have their head down and power all those clouds. TheCUBE here powering all the data here at AWS re:Invent. I'm John Furrier, Stu Miniman. Day two kickoff, more great coverage. Stay with us, two sets here in Las Vegas. We'll be right back. (digital music)