(gentle music) >> Hello, and welcome to theCUBE's coverage of International Women's Day. I'm John Furrier, host of theCUBE. I've got a great guest here, CUBE alumni and very impressive, inspiring, Rachel Mushahwar Skaff, who's a managing director and general manager at AWS. Rachel, great to see you. Thanks for coming on. >> Thank you so much. It's always a pleasure to be here. You all make such a tremendous impact with reporting out what's happening in the tech space, and frankly, investing in topics like this, so thank you. >> It's our pleasure. Your career has been really impressive. You worked at Intel for almost a decade, and that company is very tech, very focused on Moore's law, cadence of technology power in the industry. Now at AWS, powering next-generation cloud. What inspired you to get into tech? How did you get here and how have you approached your career journey, because it's quite a track record? >> Wow, how long do we have? (Rachel and John laugh) >> John: We can go as long as you want. (laughs) It's great. >> You know, all joking aside, I think at the end of the day, it's about this simple statement. If you don't get goosebumps every single morning that you're waking up to do your job, it's not good enough. And that's a bit about how I've made all of the different career transitions that I have. You know, everything from building out data centers around the world, to leading network and engineering teams, to leading applications teams, to going and working for, you know, the largest semiconductor in the world, and now at AWS, every single one of those opportunities gave me goosebumps. And I was really focused on how do I surround myself with humans that are better than I am, smarter than I am, companies that plan in decades, but live in moments, companies that invest in their employees and create like artists? And frankly, for me, being part of a company where people know that life is finite, but they want to make an infinite impact, that's a bit about my career journey in a nutshell. >> Yeah. What's interesting is that, you know, over the years, a lot's changed, and a theme that we're hearing from leaders now that are heading up large teams and running companies, they have, you know, they have 20-plus years of experience under their belt and they look back and they say, "Wow, "things have changed and it's changing faster now, "hopefully faster to get change." But they all talk about confidence and they talk about curiosity and building. When did you know that this was going to be something that you got the goosebumps? And were there blockers in your way and how did you handle that? (Rachel laughs) >> There's always blockers in our way, and I think a lot of people don't actually talk about the blockers. I think they make it sound like, hey, I had this plan from day one, and every decision I've made has been perfect. And for me, I'll tell you, right, there are moments in your life that mark a differentiation and those moments that you realize nothing will be the same. And time is kind of divided into two parts, right, before this moment and after this moment. And that's everything from, before I had kids, that's a pretty big moment in people's lives, to after I had kids, and how do you work through some of those opportunities? Before I got married, before I got divorced. Before I went to this company, after I left this company. And I think the key for all of those is just having an insatiable curiosity around how do you continue to do better, create better and make better? And I'll tell you, those blockers, they exist. Coming back from maternity leave, hard. Coming back from a medical leave, hard. Coming back from caring for a sick parent or a sick friend, hard. But all of those things start to help craft who you are as a human being, not as a leader, but as a human being, and allows you to have some empathy with the people that you surround yourself with, right? And for me, it's, (sighs) you can think about these blockers in one of two ways. You can think about it as, you know, every single time that you're tempted to react in the same way to a blocker, you can be a prisoner of your past, or you can change how you react and be a pioneer of the future. It's not a blocker when you think about it in those terms. >> Mindset matters, and that's really a great point. You brought up something that's interesting, I want to bring this up. Some of the challenges in different stages of our lives. You know, one thing that's come out of this set of interviews, this, of day and in conversations is, that I haven't heard before, is the result of COVID, working at home brought empathy about people's personal lives to the table. That came up in a couple interviews. What's your reaction to that? Because that highlights that we're human, to your point of view. >> It does. It does. And I'm so thankful that you don't ask about balance because that is a pet peeve of mine, because there is no such thing as balance. If you're in perfect balance, you are not moving and you're not changing. But when you think about, you know, the impact of COVID and how the world has changed since that, it has allowed all of us to really think about, you know, what do we want to do versus what do we have to do? And I think so many times, in both our professional lives and our personal lives, we get caught up in doing what we think we have to do to get ahead versus taking a step back and saying, "Hey, what do I want to do? "And how do I become a, you know, "a better human?" And many times, John, I'm asked, "Hey, "how do you define success or achievement?" And, you know, my answer is really, for me, the greatest results that I've achieved, both personally and professionally, is when I eliminate the word success and balance from my vocabulary, and replace them with two words: What's my contribution and what's my impact? Those things make a difference, regardless of gender. And I'll tell you, none of it is easy, ever. I think all of us have been broken, we've been stretched, we've been burnt out. But I also think what we have to talk about as leaders in the industry is how we've also found endurance and resilience. And when we felt unsteady, we've continued to go forward, right? When we can't decide, the best answer is do what's uncomfortable. And all of those things really stemmed from a part of what happened with COVID. >> Yeah, yeah, I love the uncomfortable and the balance highlight. You mentioned being off balance. That means you're growing, you're not standing still. I want to get your thoughts on this because one thing that has come out again this year, and last year as well, is having a team with you when you do it. So if you're off balance and you're going to stretch, if you have a good team with you, that's where people help each other. Not just pick them up, but like maybe get 'em back on track again. So, but if you're solo, you fall, (laughs) you fall harder. So what's your reaction to that? 'Cause this has come up, and this comes up in team building, workforce formation, goal setting, contribution. What's your reaction to that? >> So my reaction to that that is pretty simple. Nobody gets there on their own at all, right? Passion and ambition can only take you so far. You've got to have people and teams that are supporting you. And here's the funny thing about people, and frankly, about being a leader that I think is really important: People don't follow for you. People follow for who you help them become. Think about that for a second. And when you think about all the amazing things that companies and teams are able to do, it's because of those people. And it's because you have leaders that are out there, inspiring them to take what they believe is impossible and turn it into the possible. That's the power of teams. >> Can you give an example of your approach on how you do that? How do you build your teams? How do you grow them? How do you lead them effectively and also make 'em inclusive, diverse and equitable? >> Whew. I'll give you a great example of some work that we're doing at AWS. This year at re:Invent, for the first time in its history, we've launched an initiative with theCUBE called Women of the Cloud. And part of Women of the Cloud is highlighting the business impact that so many of our partners, our customers and our employees have had on the social, on the economic and on the financials of many companies. They just haven't had the opportunity to tell their story. And at Amazon, right, it is absolutely integral to us to highlight those examples and continue to extend that ethos to our partners and our customers. And I think one of the things that I shared with you at re:Invent was, you know, as U2's Bono put it, (John laughs) "We'll build it better than we did before "and we are the people "that we've been waiting for." So if we're not out there, advocating and highlighting all the amazing things that other women are doing in the ecosystem, who will? >> Well, I've got to say, I want to give you props for that program. Not only was it groundbreaking, it's still running strong. And I saw some things on LinkedIn that were really impressive in its network effect. And I met at least half a dozen new people I never would have met before through some of that content interaction and engagement. And this is like the power of the current world. I mean, getting the voices out there creates momentum. And it's good for Amazon. It's not just personal brand building for my next job or whatever, you know, reason. It's sharing and it's attracting others, and it's causing people to connect and meet each other in that world. So it's still going strong. (laughs) And this program we did last year was part of Rachel Thornton, who's now at MessageBird, and Mary Camarata. They were the sponsors for this International Women's Day. They're not there anymore, so we decided we're going to do it again because the impact is so significant. We had the Amazon Education group on. It's amazing and it's free, and we've got to get the word out. I mean, talk about leveling up fast. You get in and you get trained and get certified, and there's a zillion jobs out (laughs) there in cloud, right, and partners. So this kind of leadership is really important. What was the key learnings that you've taken away and how do you extend this opportunity to nurture the talent out there in the field? Because when you throw the content out there from great leaders and practitioners and developers, it attracts other people. >> It does. It does. So look, I think there's two types of people, people that are focused on being and people who are focused on doing. And let me give you an example, right? When we think about labels of, hey, Rachel's a female executive who launched Women of the Cloud, that label really limits me. I'd rather just be a great executive. Or, hey, there's a great entrepreneur. Let's not be a great entrepreneur. Just go build something and sell it. And that's part of this whole Women of the cloud, is I don't want people focused on what their label is. I want people sharing their stories about what they're doing, and that's where the lasting impact happens, right? I think about something that my grandmother used to tell me, and she used to tell me, "Rachel, how successful "you are, doesn't matter. "The lasting impact that you have "is your legacy in this very finite time "that you have on Earth. "Leave a legacy." And that's what Women of the Cloud is about. So that people can start to say, "Oh, geez, "I didn't know that that was possible. "I didn't think about my career in that way." And, you know, all of those different types of stories that you're hearing out there. >> And I want to highlight something you said. We had another Amazonian on the program for this day earlier and she coined a term, 'cause inside Amazon, you have common language. One of them is bar raising. Raise the bar, that's an Amazonian (Rachel laughs) term. It means contribute and improve and raise the bar of capability. She said, "Bar raising is gender neutral. "The bar is a bar." And I'm like, wow, that was amazing. Now, that means your contribution angle there highlights that. What's the biggest challenge to get that mindset set in culture, in these- >> Oh. >> 'Cause it's that simple, contribution is neutral. >> It absolutely is neutral, but it's like I said earlier, I think so many times, people are focused on success and being a great leader versus what's the contribution I'm making and how am I doing as a leader, you know? And when it comes to a lot of the leadership principles that Amazon has, including bar raising, which means insisting on the highest standards, and then those standards continue to raise every single time. And what that is all about is having all of our employees figure out, how do I get better every single day, right? That's what it's about. It's not about being better than the peer next to you. It's about how do I become a better leader, a better human being than I was yesterday? >> Awesome. >> You know, I read this really cute quote and I think it really resonates. "You meditate to upgrade your software "and you work out to upgrade your hardware." And while it's important that we're all ourselves at work, we can't deny that a lot of times, ourselves still need that meditation or that workout. >> Well, I hope I don't have any zero days in my software out there, so, but I'm going to definitely work on that. I love that quote. I'm going to use that. Thank you very much. That was awesome. I got to ask you, I know you're really passionate about, and we've talked about this, around, so you're a great leader but you're also focused on what's behind you in the generation, pipelining women leaders, okay? Seats at the table, mentoring and sponsorship. What can we do to build a strong pipeline of leaders in technology and business? And where do you see the biggest opportunity to nurture the talent in these fields? >> Hmm, you know, that's great, great question. And, you know, I just read a "Forbes" article by another Amazonian, Tanuja Randery, who talked about, you know, some really interesting stats. And one of the stats that she shared was, you know, by 2030, less than 25% of tech specialists will be female, less than 25%. That's only a 6% growth from where we are in 2023, so in seven years. That's alarming. So we've really got to figure out what are the kinds of things that we're going to go do from an Amazon perspective to impact that? And one of the obvious starting points is showcasing tech careers to girls and young women, and talking openly about what a technology career looks like. So specifically at Amazon, we've got an AWS Git IT program that helps schools and educators bring in tech role models to show them what potential careers look like in tech. I think that's one great way that we can help build the pipeline, but once we get the pipeline, we also have to figure out how we don't let that pipeline leak. Meaning how do we keep women and, you know, young women on their tech career? And I think big part of that, John, is really talking about how hard it is, but it's also greater than you can ever imagine. And letting them see executives that are very authentic and will talk about, geez, you know, the challenges of COVID were a time of crisis and accelerated change, and here's what it meant to me personally and here's what we were able to solve professionally. These younger generations are all about social impact, they're about economic impact and they're about financial impact. And if we're not talking about all three of those, both from how AWS is leading from the front, but how its executives are also taking that into their personal lives, they're not going to want to go into tech. >> Yeah, and I think one of the things you mentioned there about getting people that get IT, good call out there, but also, Amazon's going to train 30 million people, put hundreds of millions of dollars into education. And not only are they making it easier to get in to get trained, but once you're in, even savvy folks that are in there still have to accelerate. And there's more ways to level up, more things are happening, but there's a big trend around people changing careers either in their late 20s, early 30s, or even those moments you talk about, where it's before and after, even later in the careers, 40s, 50s. Leaders like, well, good experience, good training, who were in another discipline who re-skilled. So you have, you know, more certifications coming in. So there's still other pivot points in the pipeline. It's not just down here. And that, I find that interesting. Are you seeing that same leadership opportunities coming in where someone can come into tech older? >> Absolutely. You know, we've got some amazing programs, like Amazon Returnity, that really focuses on how do we get other, you know, how do we get women that have taken some time off of work to get back into the workforce? And here's the other thing about switching careers. If I look back on my career, I started out as a civil engineer, heavy highway construction. And now I lead a sales team at the largest cloud company in the world. And there were, you know, twists and turns around there. I've always focused on how do we change and how do we continue to evolve? So it's not just focused on, you know, young women in the pipeline. It's focused on all gender and all diverse types throughout their career, and making sure that we're providing an inclusive environment for them to bring in their unique skillsets. >> Yeah, a building has good steel. It's well structured. Roads have great foundations. You know, you got the builder in you there. >> Yes. >> So I have to ask you, what's on your mind as a tech athlete, as an executive at AWS? You know, you got your huge team, big goals, the economy's got a little bit of a headwind, but still, cloud's transforming, edge is exploding. What's your outlook as you look out in the tech landscape these days and how are you thinking about it? What your plans? Can you share a little bit about what's on your mind? >> Sure. So, geez, there's so many trends that are top of mind right now. Everything from zero trust to artificial intelligence to security. We have more access to data now than ever before. So the opportunities are limitless when we think about how we can apply technology to solve some really difficult customer problems, right? Innovation sometimes feels like it's happening at a rapid pace. And I also say, you know, there are years when nothing happens, and then there's years when centuries happen. And I feel like we're kind of in those years where centuries are happening. Cloud technologies are refining sports as we know them now. There's a surge of innovation in smart energy. Everyone's supply chain is looking to transform. Custom silicon is going mainstream. And frankly, AWS's customers and partners are expecting us to come to them with a point of view on trends and on opportunities. And that's what differentiates us. (John laughs) That's what gives me goosebumps- >> I was just going to ask you that. Does that give you goosebumps? How could you not love technology with that excitement? I mean, AI, throw in AI, too. I just talked to Swami, who heads up the AI and database, and we just talked about the past 24 months, the change. And that is a century moment happening. The large language models, computer vision, more compute. Compute's booming than ever before. Who thought that was going to happen, is still happening? Massive change. So, I mean, if you're in tech, how can you not love tech? >> I know, even if you're not in tech, I think you've got to start to love tech because it gives you access to things you've never had before. And frankly, right, change is the only constant. And if you don't like change, you're going to like being irrelevant even less than you like change. So we've got to be nimble, we've got to adapt. And here's the great thing, once we figure it out, it changes all over again. And it's not something that's easy for any of us to operate. It's hard, right? It's hard learning new technology, it's hard figuring out what do I do next? But here's the secret. I think it's hard because we're doing it right. It's not hard because we're doing it wrong. It's just hard to be human and it's hard to figure out how we apply all this different technology in a way that positively impacts us, you know, economically, financially, environmentally and socially. >> And everyone's different, too. So you got to live those (mumbles). I want to get one more question in before we, my last question, which is about you and your impact. When you talk to your team, your sales, you got a large sales team, North America. And Tanuja, who you mentioned, is in EMEA, we're going to speak with her as well. You guys lead the front lines, helping customers, but also delivering the revenue to the company, which has been fantastic, by the way. So what's your message to the troops and the team out there? When you say, "Take that hill," like what is the motivational pitch, in a few sentences? What's the main North Star message in today's marketplace when you're doing that big team meeting? >> I don't know if it's just limited to a team meeting. I think this is a universal message, and the universal message for me is find your edge, whatever that may be. Whether it is the edge of what you know about artificial intelligence and neural networks or it's the edge of how do we migrate our applications to the cloud more quickly. Or it's the edge of, oh, my gosh, how do I be a better parent and still be great at work, right? Find your edge, and then sharpen it. Go to the brink of what you think is possible, and then force yourself to jump. Get involved. The world is run by the people that show up, professionally and personally. (John laughs) So show up and get started. >> Yeah as Steve Jobs once said, "The future "that everyone looks at was created "by people no smarter than you." And I love that quote. That's really there. Final question for you. I know we're tight on time, but I want to get this in. When you think about your impact on your company, AWS, and the industry, what's something you want people to remember? >> Oh, geez. I think what I want people to remember the most is it's not about what you've said, and this is a Maya Angelou quote. "It's not about what you've said to people "or what you've done, "it's about how you've made them feel." And we can all think back on leaders or we can all think back on personal moments in our lives where we felt like we belonged, where we felt like we did something amazing, where we felt loved. And those are the moments that sit with us for the rest of our lives. I want people to remember how they felt when they were part of something bigger. I want people to belong. It shouldn't be uncommon to talk about feelings at work. So I want people to feel. >> Rachel, thank you for your time. I know you're really busy and we stretched you a little bit there. Thank you so much for contributing to this wonderful day of great leaders sharing their stories. And you're an inspiration. Thanks for everything you do. We appreciate you. >> Thank you. And let's go do some more Women of the Cloud videos. >> We (laughs) got more coming. Bring those stories on. Back up the story truck. We're ready to go. Thanks so much. >> That's good. >> Thank you. >> Okay, this is theCUBE's coverage of International Women's Day. It's not just going to be March 8th. That's the big celebration day. It's going to be every quarter, more stories coming. Stay tuned at siliconangle.com and thecube.net here, with bringing all the stories. I'm John Furrier, your host. Thanks for watching. (gentle music)

(upbeat music) >> Hi everyone. Welcome back to this Cube conversation here in Palo Alto, California. I'm John Furrier, host of "theCUBE." Got a great conversation around Cloud Native, Cloud Native Journey, how enterprises are looking at Cloud Native and putting it all together. And it comes down to operations, developer productivity, and security. It's the hottest topic in technology. We got Chris Jones here in the studio, director of Product Management for Platform9. Chris, thanks for coming in. >> Hey, thanks. >> So when we always chat about, when we're at KubeCon. KubeConEU is coming up and in a few, in a few months, the number one conversation is developer productivity. And the developers are driving all the standards. It's interesting to see how they just throw everything out there and whatever gets adopted ends up becoming the standard, not the old school way of kind of getting stuff done. So that's cool. Security Kubernetes and Containers are all kind of now that next level. So you're starting to see the early adopters moving to the mainstream. Enterprises, a variety of different approaches. You guys are at the center of this. We've had a couple conversations with your CEO and your tech team over there. What are you seeing? You're building the products. What's the core product focus right now for Platform9? What are you guys aiming for? >> The core is that blend of enabling your infrastructure and PlatformOps or DevOps teams to be able to go fast and run in a stable environment, but at the same time enable developers. We don't want people going back to what I've been calling Shadow IT 2.0. It's, hey, I've been told to do something. I kicked off this Container initiative. I need to run my software somewhere. I'm just going to go figure it out. We want to keep those people productive. At the same time we want to enable velocity for our operations teams, be it PlatformOps or DevOps. >> Take us through in your mind and how you see the industry rolling out this Cloud Native journey. Where do you see customers out there? Because DevOps have been around, DevSecOps is rocking, you're seeing AI, hot trend now. Developers are still in charge. Is there a change to the infrastructure of how developers get their coding done and the infrastructure, setting up the DevOps is key, but when you add the Cloud Native journey for an enterprise, what changes? What is the, what is the, I guess what is the Cloud Native journey for an enterprise these days? >> The Cloud Native journey or the change? When- >> Let's start with the, let's start with what they want to do. What's the goal and then how does that happen? >> I think the goal is that promise land. Increased resiliency, better scalability, and overall reduced costs. I've gone from physical to virtual that gave me a higher level of density, packing of resources. I'm moving to Containers. I'm removing that OS layer again. I'm getting a better density again, but all of a sudden I'm running Kubernetes. What does that, what does that fundamentally do to my operations? Does it magically give me scalability and resiliency? Or do I need to change what I'm running and how it's running so it fits that infrastructure? And that's the reality, is you can't just take a Container and drop it into Kubernetes and say, hey, I'm now Cloud Native. I've got reduced cost, or I've got better resiliency. There's things that your engineering teams need to do to make sure that application is a Cloud Native. And then there's what I think is one of the largest shifts of virtual machines to containers. When I was in the world of application performance monitoring, we would see customers saying, well, my engineering team have this Java app, and they said it needs a VM with 12 gig of RAM and eight cores, and that's what we gave it. But it's running slow. I'm working with the application team and you can see it's running slow. And they're like, well, it's got all of its resources. One of those nice features of virtualization is over provisioning. So the infrastructure team would say, well, we gave it, we gave it all a RAM it needed. And what's wrong with that being over provisioned? It's like, well, Java expects that RAM to be there. Now all of a sudden, when you move to the world of containers, what we've got is that's not a set resource limit, really is like it used to be in a VM, right? When you set it for a container, your application teams really need to be paying attention to your resource limits and constraints within the world of Kubernetes. So instead of just being able to say, hey, I'm throwing over the fence and now it's just going to run on a VM, and that VMs got everything it needs. It's now really running on more, much more of a shared infrastructure where limits and constraints are going to impact the neighbors. They are going to impact who's making that decision around resourcing. Because that Kubernetes concept of over provisioning and the virtualization concept of over provisioning are not the same. So when I look at this problem, it's like, well, what changed? Well, I'll do my scale tests as an application developer and tester, and I'd see what resources it needs. I asked for that in the VM, that sets the high watermark, job's done. Well, Kubernetes, it's no longer a VM, it's a Kubernetes manifest. And well, who owns that? Who's writing it? Who's setting those limits? To me, that should be the application team. But then when it goes into operations world, they're like, well, that's now us. Can we change those? So it's that amalgamation of the two that is saying, I'm a developer. I used to pay attention, but now I need to pay attention. And an infrastructure person saying, I used to just give 'em what they wanted, but now I really need to know what they've wanted, because it's going to potentially have a catastrophic impact on what I'm running. >> So what's the impact for the developer? Because, infrastructure's code is what everybody wants. The developer just wants to get the code going and they got to pay attention to all these things, or don't they? Is that where you guys come in? How do you guys see the problem? Actually scope the problem that you guys solve? 'Cause I think you're getting at I think the core issue here, which is, I've got Kubernetes, I've got containers, I've got developer productivity that I want to focus on. What's the problem that you guys solve? >> Platform operation teams that are adopting Cloud Native in their environment, they've got that steep learning curve of Kubernetes plus this fundamental change of how an app runs. What we're doing is taking away the burden of needing to operate and run Kubernetes and giving them the choice of the flexibility of infrastructure and location. Be that an air gap environment like a, let's say a telco provider that needs to run a containerized network function and containerized workloads for 5G. That's one thing that we can deploy and achieve in a completely inaccessible environment all the way through to Platform9 running traditionally as SaaS, as we were born, that's remotely managing and controlling your Kubernetes environments on-premise AWS. That hybrid cloud experience that could be also Bare Metal, but it's our platform running your environments with our support there, 24 by seven, that's proactively reaching out. So it's removing a lot of that burden and the complications that come along with operating the environment and standing it up, which means all of a sudden your DevOps and platform operations teams can go and work with your engineers and application developers and say, hey, let's get, let's focus on the stuff that, that we need to be focused on, which is running our business and providing a service to our customers. Not figuring out how to upgrade a Kubernetes cluster, add new nodes, and configure all of the low level. >> I mean there are, that's operations that just needs to work. And sounds like as they get into the Cloud Native kind of ops, there's a lot of stuff that kind of goes wrong. Or you go, oops, what do we buy into? Because the CIOs, let's go, let's go Cloud Native. We want to, we got to get set up for the future. We're going to be Cloud Native, not just lift and shift and we're going to actually build it out right. Okay, that sounds good. And when we have to actually get done. >> Chris: Yeah. >> You got to spin things up and stand up the infrastructure. What specifically use case do you guys see that emerges for Platform9 when people call you up and you go talk to customers and prospects? What's the one thing or use case or cases that you guys see that you guys solve the best? >> So I think one of the, one of the, I guess new use cases that are coming up now, everyone's talking about economic pressures. I think the, the tap blows open, just get it done. CIO is saying let's modernize, let's use the cloud. Now all of a sudden they're recognizing, well wait, we're spending a lot of money now. We've opened that tap all the way, what do we do? So now they're looking at ways to control that spend. So we're seeing that as a big emerging trend. What we're also sort of seeing is people looking at their data centers and saying, well, I've got this huge legacy environment that's running a hypervisor. It's running VMs. Can we still actually do what we need to do? Can we modernize? Can we start this Cloud Native journey without leaving our data centers, our co-locations? Or if I do want to reduce costs, is that that thing that says maybe I'm repatriating or doing a reverse migration? Do I have to go back to my data center or are there other alternatives? And we're seeing that trend a lot. And our roadmap and what we have in the product today was specifically built to handle those, those occurrences. So we brought in KubeVirt in terms of virtualization. We have a long legacy doing OpenStack and private clouds. And we've worked with a lot of those users and customers that we have and asked the questions, what's important? And today, when we look at the world of Cloud Native, you can run virtualization within Kubernetes. So you can, instead of running two separate platforms, you can have one. So all of a sudden, if you're looking to modernize, you can start on that new infrastructure stack that can run anywhere, Kubernetes, and you can start bringing VMs over there as you are containerizing at the same time. So now you can keep your application operations in one environment. And this also helps if you're trying to reduce costs. If you really are saying, we put that Dev environment in AWS, we've got a huge amount of velocity out of it now, can we do that elsewhere? Is there a co-location we can go to? Is there a provider that we can go to where we can run that infrastructure or run the Kubernetes, but not have to run the infrastructure? >> It's going to be interesting too, when you see the Edge come online, you start, we've got Mobile World Congress coming up, KubeCon events we're going to be at, the conversation is not just about public cloud. And you guys obviously solve a lot of do-it-yourself implementation hassles that emerge when people try to kind of stand up their own environment. And we hear from developers consistency between code, managing new updates, making sure everything is all solid so they can go fast. That's the goal. And that, and then people can get standardized on that. But as you get public cloud and do it yourself, kind of brings up like, okay, there's some gaps there as the architecture changes to be more distributed computing, Edge, on-premises cloud, it's cloud operations. So that's cool for DevOps and Cloud Native. How do you guys differentiate from say, some the public cloud opportunities and the folks who are doing it themselves? How do you guys fit in that world and what's the pitch or what's the story? >> The fit that we look at is that third alternative. Let's get your team focused on what's high value to your business and let us deliver that public cloud experience on your infrastructure or in the public cloud, which gives you that ability to still be flexible if you want to make choices to run consistently for your developers in two different locations. So as I touched on earlier, instead of saying go figure out Kubernetes, how do you upgrade a hundred worker nodes in place upgrade. We've solved that problem. That's what we do every single day of the week. Don't go and try to figure out how to upgrade a cluster and then upgrade all of the, what I call Kubernetes friends, your core DNSs, your metrics server, your Kubernetes dashboard. These are all things that we package, we test, we version. So when you click upgrade, we've already handled that entire process. So it's saying don't have your team focused on that lower level piece of work. Get them focused on what is important, which is your business services. >> Yeah, the infrastructure and getting that stood up. I mean, I think the thing that's interesting, if you look at the market right now, you mentioned cost savings and recovery, obviously kind of a recession. I mean, people are tightening their belts for sure. I don't think the digital transformation and Cloud Native spend is going to plummet. It's going to probably be on hold and be squeezed a little bit. But to your point, people are refactoring looking at how to get the best out of what they got. It's not just open the tap of spend the cash like it used to be. Yeah, a couple months, even a couple years ago. So okay, I get that. But then you look at the what's coming, AI. You're seeing all the new data infrastructure that's coming. The containers, Kubernetes stuff, got to get stood up pretty quickly and it's got to be reliable. So to your point, the teams need to get done with this and move on to the next thing. >> Chris: Yeah, yeah, yeah. >> 'Cause there's more coming. I mean, there's a lot coming for the apps that are building in Data Native, AI-Native, Cloud Native. So it seems that this Kubernetes thing needs to get solved. Is that kind of what you guys are focused on right now? >> So, I mean to use a customer, we have a customer that's in AI/ML and they run their platform at customer sites and that's hardware bound. You can't run AI machine learning on anything anywhere. Well, with Platform9 they can. So we're enabling them to deliver services into their customers that's running their AI/ML platform in their customer's data centers anywhere in the world on hardware that is purpose-built for running that workload. They're not Kubernetes experts. That's what we are. We're bringing them that ability to focus on what's important and just delivering their business services whilst they're enabling our team. And our 24 by seven proactive management are always on assurance to keep that up and running for them. So when something goes bump at the night at 2:00am, our guys get woken up. They're the ones that are reaching out to the customer saying, your environments have a problem, we're taking these actions to fix it. Obviously sometimes, especially if it is running on Bare Metal, there's things you can't do remotely. So you might need someone to go and do that. But even when that happens, you're not by yourself. You're not sitting there like I did when I worked for a bank in one of my first jobs, three o'clock in the morning saying, wow, our end of day processing is stuck. Who else am I waking up? Right? >> Exactly, yeah. Got to get that cash going. But this is a great use case. I want to get to the customer. What do some of the successful customers say to you for the folks watching that aren't yet a customer of Platform9, what are some of the accolades and comments or anecdotes that you guys hear from customers that you have? >> It just works, which I think is probably one of the best ones you can get. Customers coming back and being able to show to their business that they've delivered growth, like business growth and productivity growth and keeping their organization size the same. So we started on our containerization journey. We went to Kubernetes. We've deployed all these new workloads and our operations team is still six people. We're doing way more with growth less, and I think that's also talking to the strength that we're bringing, 'cause we're, we're augmenting that team. They're spending less time on the really low level stuff and automating a lot of the growth activity that's involved. So when it comes to being able to grow their business, they can just focus on that, not- >> Well you guys do the heavy lifting, keep on top of the Kubernetes, make sure that all the versions are all done. Everything's stable and consistent so they can go on and do the build out and provide their services. That seems to be what you guys are best at. >> Correct, correct. >> And so what's on the roadmap? You have the product, direct product management, you get the keys to the kingdom. What is, what is the focus? What's your focus right now? Obviously Kubernetes is growing up, Containers. We've been hearing a lot at the last KubeCon about the security containers is getting better. You've seen verification, a lot more standards around some things. What are you focused on right now for at a product over there? >> Edge is a really big focus for us. And I think in Edge you can look at it in two ways. The mantra that I drive is Edge must be remote. If you can't do something remotely at the Edge, you are using a human being, that's not Edge. Our Edge management capabilities and being in the market for over two years are a hundred percent remote. You want to stand up a store, you just ship the server in there, it gets racked, the rest of it's remote. Imagine a store manager in, I don't know, KFC, just plugging in the server, putting in the ethernet cable, pressing the power button. The rest of all that provisioning for that Cloud Native stack, Kubernetes, KubeVirt for virtualization is done remotely. So we're continuing to focus on that. The next piece that is related to that is allowing people to run Platform9 SaaS in their data centers. So we do ag app today and we've had a really strong focus on telecommunications and the containerized network functions that come along with that. So this next piece is saying, we're bringing what we run as SaaS into your data center, so then you can run it. 'Cause there are many people out there that are saying, we want these capabilities and we want everything that the Platform9 control plane brings and simplifies. But unfortunately, regulatory compliance reasons means that we can't leverage SaaS. So they might be using a cloud, but they're saying that's still our infrastructure. We're still closed that network down, or they're still on-prem. So they're two big priorities for us this year. And that on-premise experiences is paramount, even to the point that we will be delivering a way that when you run an on-premise, you can still say, wait a second, well I can send outbound alerts to Platform9. So their support team can still be proactively helping me as much as they could, even though I'm running Platform9s control plane. So it's sort of giving that blend of two experiences. They're big, they're big priorities. And the third pillar is all around virtualization. It's saying if you have economic pressures, then I think it's important to look at what you're spending today and realistically say, can that be reduced? And I think hypervisors and virtualization is something that should be looked at, because if you can actually reduce that spend, you can bring in some modernization at the same time. Let's take some of those nos that exist that are two years into their five year hardware life cycle. Let's turn that into a Cloud Native environment, which is enabling your modernization in place. It's giving your engineers and application developers the new toys, the new experiences, and then you can start running some of those virtualized workloads with KubeVirt, there. So you're reducing cost and you're modernizing at the same time with your existing infrastructure. >> You know Chris, the topic of this content series that we're doing with you guys is finding the right path, trusting the right path to Cloud Native. What does that mean? I mean, if you had to kind of summarize that phrase, trusting the right path to Cloud Native, what does that mean? It mean in terms of architecture, is it deployment? Is it operations? What's the underlying main theme of that quote? What's the, what's? How would you talk to a customer and say, what does that mean if someone said, "Hey, what does that right path mean?" >> I think the right path means focusing on what you should be focusing on. I know I've said it a hundred times, but if your entire operations team is trying to figure out the nuts and bolts of Kubernetes and getting three months into a journey and discovering, ah, I need Metrics Server to make something function. I want to use Horizontal Pod Autoscaler or Vertical Pod Autoscaler and I need this other thing, now I need to manage that. That's not the right path. That's literally learning what other people have been learning for the last five, seven years that have been focused on Kubernetes solely. So the why- >> There's been a lot of grind. People have been grinding it out. I mean, that's what you're talking about here. They've been standing up the, when Kubernetes started, it was all the promise. >> Chris: Yep. >> And essentially manually kind of getting in in the weeds and configuring it. Now it's matured up. They want stability. >> Chris: Yeah. >> Not everyone can get down and dirty with Kubernetes. It's not something that people want to generally do unless you're totally into it, right? Like I mean, I mean ops teams, I mean, yeah. You know what I mean? It's not like it's heavy lifting. Yeah, it's important. Just got to get it going. >> Yeah, I mean if you're deploying with Platform9, your Ops teams can tinker to their hearts content. We're completely compliant upstream Kubernetes. You can go and change an API server flag, let's go and mess with the scheduler, because we want to. You can still do that, but don't, don't have your team investing in all this time to figure it out. It's been figured out. >> John: Got it. >> Get them focused on enabling velocity for your business. >> So it's not build, but run. >> Chris: Correct? >> Or run Kubernetes, not necessarily figure out how to kind of get it all, consume it out. >> You know we've talked to a lot of customers out there that are saying, "I want to be able to deliver a service to my users." Our response is, "Cool, let us run it. You consume it, therefore deliver it." And we're solving that in one hit versus figuring out how to first run it, then operate it, then turn that into a consumable service. >> So the alternative Platform9 is what? They got to do it themselves or use the Cloud or what's the, what's the alternative for the customer for not using Platform9? Hiring more people to kind of work on it? What's the? >> People, building that kind of PaaS experience? Something that I've been very passionate about for the past year is looking at that world of sort of GitOps and what that means. And if you go out there and you sort of start asking the question what's happening? Just generally with Kubernetes as well and GitOps in that scope, then you'll hear some people saying, well, I'm making it PaaS, because Kubernetes is too complicated for my developers and we need to give them something. There's some great material out there from the likes of Intuit and Adobe where for two big contributors to Argo and the Argo projects, they almost have, well they do have, different experiences. One is saying, we went down the PaaS route and it failed. The other one is saying, well we've built a really stable PaaS and it's working. What are they trying to do? They're trying to deliver an outcome to make it easy to use and consume Kubernetes. So you could go out there and say, hey, I'm going to build a Kubernetes cluster. Sounds like Argo CD is a great way to expose that to my developers so they can use Kubernetes without having to use Kubernetes and start automating things. That is an approach, but you're going to be going completely open source and you're going to have to bring in all the individual components, or you could just lay that, lay it down, and consume it as a service and not have to- >> And mentioned to it. They were the ones who kind of brought that into the open. >> They did. Inuit is the primary contributor to the Argo set of products. >> How has that been received in the market? I mean, they had the event at the Computer History Museum last fall. What's the momentum there? What's the big takeaway from that project? >> Growth. To me, growth. I mean go and track the stars on that one. It's just, it's growth. It's unlocking machine learning. Argo workflows can do more than just make things happen. Argo CD I think the approach they're taking is, hey let's make this simple to use, which I think can be lost. And I think credit where credit's due, they're really pushing to bring in a lot of capabilities to make it easier to work with applications and microservices on Kubernetes. It's not just that, hey, here's a GitOps tool. It can take something from a Git repo and deploy it and maybe prioritize it and help you scale your operations from that perspective. It's taking a step back and saying, well how did we get to production in the first place? And what can be done down there to help as well? I think it's growth expansion of features. They had a huge release just come out in, I think it was 2.6, that brought in things that as a product manager that I don't often look at like really deep technical things and say wow, that's powerful. But they have, they've got some great features in that release that really do solve real problems. >> And as the product, as the product person, who's the target buyer for you? Who's the customer? Who's making that? And you got decision maker, influencer, and recommender. Take us through the customer persona for you guys. >> So that Platform Ops, DevOps space, right, the people that need to be delivering Containers as a service out to their organization. But then it's also important to say, well who else are our primary users? And that's developers, engineers, right? They shouldn't have to say, oh well I have access to a Kubernetes cluster. Do I have to use kubectl or do I need to go find some other tool? No, they can just log to Platform9. It's integrated with your enterprise id. >> They're the end customer at the end of the day, they're the user. >> Yeah, yeah. They can log in. And they can see the clusters you've given them access to as a Platform Ops Administrator. >> So job well done for you guys. And your mind is the developers are moving 'em fast, coding and happy. >> Chris: Yeah, yeah. >> And and from a customer standpoint, you reduce the maintenance cost, because you keep the Ops smoother, so you got efficiency and maintenance costs kind of reduced or is that kind of the benefits? >> Yeah, yep, yeah. And at two o'clock in the morning when things go inevitably wrong, they're not there by themselves, and we're proactively working with them. >> And that's the uptime issue. >> That is the uptime issue. And Cloud doesn't solve that, right? Everyone experienced that Clouds can go down, entire regions can go offline. That's happened to all Cloud providers. And what do you do then? Kubernetes isn't your recovery plan. It's part of it, right, but it's that piece. >> You know Chris, to wrap up this interview, I will say that "theCUBE" is 12 years old now. We've been to OpenStack early days. We had you guys on when we were covering OpenStack and now Cloud has just been booming. You got AI around the corner, AI Ops, now you got all this new data infrastructure, it's just amazing Cloud growth, Cloud Native, Security Native, Cloud Native, Data Native, AI Native. It's going to be all, this is the new app environment, but there's also existing infrastructure. So going back to OpenStack, rolling our own cloud, building your own cloud, building infrastructure cloud, in a cloud way, is what the pioneers have done. I mean this is what we're at. Now we're at this scale next level, abstracted away and make it operational. It seems to be the key focus. We look at CNCF at KubeCon and what they're doing with the cloud SecurityCon, it's all about operations. >> Chris: Yep, right. >> Ops and you know, that's going to sound counterintuitive 'cause it's a developer open source environment, but you're starting to see that Ops focus in a good way. >> Chris: Yeah, yeah, yeah. >> Infrastructure as code way. >> Chris: Yep. >> What's your reaction to that? How would you summarize where we are in the industry relative to, am I getting, am I getting it right there? Is that the right view? What am I missing? What's the current state of the next level, NextGen infrastructure? >> It's a good question. When I think back to sort of late 2019, I sort of had this aha moment as I saw what really truly is delivering infrastructure as code happening at Platform9. There's an open source project Ironic, which is now also available within Kubernetes that is Metal Kubed that automates Bare Metal as code, which means you can go from an empty server, lay down your operating system, lay down Kubernetes, and you've just done everything delivered to your customer as code with a Cloud Native platform. That to me was sort of the biggest realization that I had as I was moving into this industry was, wait, it's there. This can be done. And the evolution of tooling and operations is getting to the point where that can be achieved and it's focused on by a number of different open source projects. Not just Ironic and and Metal Kubed, but that's a huge win. That is truly getting your infrastructure. >> John: That's an inflection point, really. >> Yeah. >> If you think about it, 'cause that's one of the problems. We had with the Bare Metal piece was the automation and also making it Cloud Ops, cloud operations. >> Right, yeah. I mean, one of the things that I think Ironic did really well was saying let's just treat that piece of Bare Metal like a Cloud VM or an instance. If you got a problem with it, just give the person using it or whatever's using it, a new one and reimage it. Just tell it to reimage itself and it'll just (snaps fingers) go. You can do self-service with it. In Platform9, if you log in to our SaaS Ironic, you can go and say, I want that physical server to myself, because I've got a giant workload, or let's turn it into a Kubernetes cluster. That whole thing is automated. To me that's infrastructure as code. I think one of the other important things that's happening at the same time is we're seeing GitOps, we're seeing things like Terraform. I think it's important for organizations to look at what they have and ask, am I using tools that are fit for tomorrow or am I using tools that are yesterday's tools to solve tomorrow's problems? And when especially it comes to modernizing infrastructure as code, I think that's a big piece to look at. >> Do you see Terraform as old or new? >> I see Terraform as old. It's a fantastic tool, capable of many great things and it can work with basically every single provider out there on the planet. It is able to do things. Is it best fit to run in a GitOps methodology? I don't think it is quite at that point. In fact, if you went and looked at Flux, Flux has ways that make Terraform GitOps compliant, which is absolutely fantastic. It's using two tools, the best of breeds, which is solving that tomorrow problem with tomorrow solutions. >> Is the new solutions old versus new. I like this old way, new way. I mean, Terraform is not that old and it's been around for about eight years or so, whatever. But HashiCorp is doing a great job with that. I mean, so okay with Terraform, what's the new address? Is it more complex environments? Because Terraform made sense when you had basic DevOps, but now it sounds like there's a whole another level of complexity. >> I got to say. >> New tools. >> That kind of amalgamation of that application into infrastructure. Now my app team is paying way more attention to that manifest file, which is what GitOps is trying to solve. Let's templatize things. Let's version control our manifest, be it helm, customize, or just a straight up Kubernetes manifest file, plain and boring. Let's get that version controlled. Let's make sure that we know what is there, why it was changed. Let's get some auditability and things like that. And then let's get that deployment all automated. So that's predicated on the cluster existing. Well why can't we do the same thing with the cluster, the inception problem. So even if you're in public cloud, the question is like, well what's calling that API to call that thing to happen? Where is that file living? How well can I manage that in a large team? Oh my God, something just changed. Who changed it? Where is that file? And I think that's one of big, the big pieces to be sold. >> Yeah, and you talk about Edge too and on-premises. I think one of the things I'm observing and certainly when DevOps was rocking and rolling and infrastructures code was like the real push, it was pretty much the public cloud, right? >> Chris: Yep. >> And you did Cloud Native and you had stuff on-premises. Yeah you did some lifting and shifting in the cloud, but the cool stuff was going in the public cloud and you ran DevOps. Okay, now you got on-premise cloud operation and Edge. Is that the new DevOps? I mean 'cause what you're kind of getting at with old new, old new Terraform example is an interesting point, because you're pointing out potentially that that was good DevOps back in the day or it still is. >> Chris: It is, I was going to say. >> But depending on how you define what DevOps is. So if you say, I got the new DevOps with public on-premise and Edge, that's just not all public cloud, that's essentially distributed Cloud Native. >> Correct. Is that the new DevOps in your mind or is that? How would you, or is that oversimplifying it? >> Or is that that term where everyone's saying Platform Ops, right? Has it shifted? >> Well you bring up a good point about Terraform. I mean Terraform is well proven. People love it. It's got great use cases and now there seems to be new things happening. We call things like super cloud emerging, which is multicloud and abstraction layers. So you're starting to see stuff being abstracted away for the benefits of moving to the next level, so teams don't get stuck doing the same old thing. They can move on. Like what you guys are doing with Platform9 is providing a service so that teams don't have to do it. >> Correct, yeah. >> That makes a lot of sense, So you just, now it's running and then they move on to the next thing. >> Chris: Yeah, right. >> So what is that next thing? >> I think Edge is a big part of that next thing. The propensity for someone to put up with a delay, I think it's gone. For some reason, we've all become fairly short-tempered, Short fused. You know, I click the button, it should happen now, type people. And for better or worse, hopefully it gets better and we all become a bit more patient. But how do I get more effective and efficient at delivering that to that really demanding- >> I think you bring up a great point. I mean, it's not just people are getting short-tempered. I think it's more of applications are being deployed faster, security is more exposed if they don't see things quicker. You got data now infrastructure scaling up massively. So, there's a double-edged swords to scale. >> Chris: Yeah, yeah. I mean, maintenance, downtime, uptime, security. So yeah, I think there's a tension around, and one hand enthusiasm around pushing a lot of code and new apps. But is the confidence truly there? It's interesting one little, (snaps finger) supply chain software, look at Container Security for instance. >> Yeah, yeah. It's big. I mean it was codified. >> Do you agree that people, that's kind of an issue right now. >> Yeah, and it was, I mean even the supply chain has been codified by the US federal government saying there's things we need to improve. We don't want to see software being a point of vulnerability, and software includes that whole process of getting it to a running point. >> It's funny you mentioned remote and one of the thing things that you're passionate about, certainly Edge has to be remote. You don't want to roll a truck or labor at the Edge. But I was doing a conversation with, at Rebars last year about space. It's hard to do brake fix on space. It's hard to do a, to roll a someone to configure satellite, right? Right? >> Chris: Yeah. >> So Kubernetes is in space. We're seeing a lot of Cloud Native stuff in apps, in space, so just an example. This highlights the fact that it's got to be automated. Is there a machine learning AI angle with all this ChatGPT talk going on? You see all the AI going the next level. Some pretty cool stuff and it's only, I know it's the beginning, but I've heard people using some of the new machine learning, large language models, large foundational models in areas I've never heard of. Machine learning and data centers, machine learning and configuration management, a lot of different ways. How do you see as the product person, you incorporating the AI piece into the products for Platform9? >> I think that's a lot about looking at the telemetry and the information that we get back and to use one of those like old idle terms, that continuous improvement loop to feed it back in. And I think that's really where machine learning to start with comes into effect. As we run across all these customers, our system that helps at two o'clock in the morning has that telemetry, it's got that data. We can see what's changing and what's happening. So it's writing the right algorithms, creating the right machine learning to- >> So training will work for you guys. You have enough data and the telemetry to do get that training data. >> Yeah, obviously there's a lot of investment required to get there, but that is something that ultimately that could be achieved with what we see in operating people's environments. >> Great. Chris, great to have you here in the studio. Going wide ranging conversation on Kubernetes and Platform9. I guess my final question would be how do you look at the next five years out there? Because you got to run the product management, you got to have that 20 mile steer, you got to look at the customers, you got to look at what's going on in the engineering and you got to kind of have that arc. This is the right path kind of view. What's the five year arc look like for you guys? How do you see this playing out? 'Cause KubeCon is coming up and we're you seeing Kubernetes kind of break away with security? They had, they didn't call it KubeCon Security, they call it CloudNativeSecurityCon, they just had in Seattle inaugural events seemed to go well. So security is kind of breaking out and you got Kubernetes. It's getting bigger. Certainly not going away, but what's your five year arc of of how Platform9 and Kubernetes and Ops evolve? >> It's to stay on that theme, it's focusing on what is most important to our users and getting them to a point where they can just consume it, so they're not having to operate it. So it's finding those big items and bringing that into our platform. It's something that's consumable, that's just taken care of, that's tested with each release. So it's simplifying operations more and more. We've always said freedom in cloud computing. Well we started on, we started on OpenStack and made that simple. Stable, easy, you just have it, it works. We're doing that with Kubernetes. We're expanding out that user, right, we're saying bring your developers in, they can download their Kube conflict. They can see those Containers that are running there. They can access the events, the log files. They can log in and build a VM using KubeVirt. They're self servicing. So it's alleviating pressures off of the Ops team, removing the help desk systems that people still seem to rely on. So it's like what comes into that field that is the next biggest issue? Is it things like CI/CD? Is it simplifying GitOps? Is it bringing in security capabilities to talk to that? Or is that a piece that is a best of breed? Is there a reason that it's been spun out to its own conference? Is this something that deserves a focus that should be a specialized capability instead of tooling and vendors that we work with, that we partner with, that could be brought in as a service. I think it's looking at those trends and making sure that what we bring in has the biggest impact to our users. >> That's awesome. Thanks for coming in. I'll give you the last word. Put a plug in for Platform9 for the people who are watching. What should they know about Platform9 that they might not know about it or what should? When should they call you guys and when should they engage? Take a take a minute to give the plug. >> The plug. I think it's, if your operations team is focused on building Kubernetes, stop. That shouldn't be the cloud. That shouldn't be in the Edge, that shouldn't be at the data center. They should be consuming it. If your engineering teams are all trying different ways and doing different things to use and consume Cloud Native services and Kubernetes, they shouldn't be. You want consistency. That's how you get economies of scale. Provide them with a simple platform that's integrated with all of your enterprise identity where they can just start consuming instead of having to solve these problems themselves. It's those, it's those two personas, right? Where the problems manifest. What are my operations teams doing, and are they delivering to my company or are they building infrastructure again? And are my engineers sprinting or crawling? 'Cause if they're not sprinting, you should be asked the question, do I have the right Cloud Native tooling in my environment and how can I get them back? >> I think it's developer productivity, uptime, security are the tell signs. You get that done. That's the goal of what you guys are doing, your mission. >> Chris: Yep. >> Great to have you on, Chris. Thanks for coming on. Appreciate it. >> Chris: Thanks very much. 0 Okay, this is "theCUBE" here, finding the right path to Cloud Native. I'm John Furrier, host of "theCUBE." Thanks for watching. (upbeat music)

(upbeat music) >> Today's organizations are overwhelmed by the number of different assets connected to their networks, which now include not only IT devices and assets, but also a lot of unmanaged assets, like cloud, IoT, building management systems, industrial control systems, medical devices, and more. That's not just it, there's more. We're seeing massive volume of threats, and a surge of severe vulnerabilities that put these assets at risk. This is happening every day. And many, including me, think it's only going to get worse. The scale of the problem will accelerate. Security and IT teams are struggling to manage all these vulnerabilities at scale. With the time it takes to exploit a new vulnerability, combined with the lack of visibility into the asset attack surface area, companies are having a hard time addressing the vulnerabilities as quickly as they need. This is today's special CUBE program, where we're going to talk about these problems and how they're solved. Hello, everyone. I'm John Furrier, host of theCUBE. This is a special program called Managing Risk Across Your Extended Attack Surface Area with Armis, new asset intelligence platform. To start things off, let's bring in the co-founder and CTO of Armis, Nadir Izrael. Nadir, great to have you on the program. >> Yeah, thanks for having me. >> Great success with Armis. I want to just roll back and just zoom out and look at, what's the big picture? What are you guys focused on? What's the holy grail? What's the secret sauce? >> So Armis' mission, if you will, is to solve to your point literally one of the holy grails of security teams for the past decade or so, which is, what if you could actually have a complete, unified, authoritative asset inventory of everything, and stressing that word, everything. IT, OT, IoT, everything on kind of the physical space of things, data centers, virtualization, applications, cloud. What if you could have everything mapped out for you so that you can actually operate your organization on top of essentially a map? I like to equate this in a way to organizations and security teams everywhere seem to be running, basically running the battlefield, if you will, of their organization, without an actual map of what's going on, with charts and graphs. So we are here to provide that map in every aspect of the environment, and be able to build on top of that business processes, products, and features that would assist security teams in managing that battlefield. >> So this category, basically, is a cyber asset attack surface management kind of focus, but it really is defined by this extended asset attack surface area. What is that? Can you explain that? >> Yeah, it's a mouthful. I think the CAASM, for short, and Gartner do love their acronyms there, but CAASM, in short, is a way to describe a bit of what I mentioned before, or a slice out of it. It's the whole part around a unified view of the attack surface, where I think where we see things, and kind of where Armis extends to that is really with the extended attack surface. That basically means that idea of, what if you could have it all? What if you could have both a unified view of your environment, but also of every single thing that you have, with a strong emphasis on the completeness of that picture? If I take the map analogy slightly more to the extreme, a map of some of your environment isn't nearly as useful as a map of everything. If you had to, in your own kind of map application, you know, chart a path from New York to whichever your favorite surrounding city, but it only takes you so far, and then you sort of need to do the rest of it on your own, not nearly as effective, and in security terms, I think it really boils down into you can't secure what you can't see. And so from an Armis perspective, it's about seeing everything in order to protect everything. And not only do we discover every connected asset that you have, we provide a risk rating to every single one of them, we provide a criticality rating, and the ability to take action on top of these things. >> Having a map is huge. Everyone wants to know what's in their inventory, right, from a risk management standpoint, also from a vulnerability perspective. So I totally see that, and I can see that being the holy grail, but on the vulnerability side, you got to see everything, and you guys have new stuff around vulnerability management. What's this all about? What kind of gaps are you seeing that you're filling in the vulnerability side, because, okay, I can see everything. Now I got to watch out for threat vectors. >> Yeah, and I'd say a different way of asking this is, okay, vulnerability management has been around for a while. What the hell are you bringing into the mix that's so new and novel and great? So I would say that vulnerability scanners of different sorts have existed for over a decade. And I think that ultimately what Armis brings into the mix today is how do we fill in the gaps in a world where critical infrastructure is in danger of being attacked by nation states these days, where ransomware is an everyday occurrence, and where I think credible, up-to-the-minute, and contextualize vulnerability and risk information is essential. Scanners, or how we've been doing things for the last decade, just aren't enough. I think the three things that Armis excels at and completes the security staff today on the vulnerability management side are scale, reach, and context. Scale, meaning ultimately, and I think this is of no news to any enterprise, environments are huge. They are beyond huge. When most of the solutions that enterprises use today were built, they were built for thousands, or tens of thousands of assets. These days, we measure enterprises in the billions, billions of different assets, especially if you include how applications are structured, containers, cloud, all that, billions and billions of different assets, and I think that, ultimately, when the latest and greatest in catastrophic new vulnerabilities come out, and sadly, that's a monthly occurrence these days. You can't just now wait around for things to kind of scan through the environment, and figure out what's going on there. Real time images of vulnerabilities, real time understanding of what the risk is across that entire massive footprint is essential to be able to do things, and if you don't, then lots and lots of teams of people are tasked with doing this day in, day out, in order to accomplish the task. The second thing, I think, is the reach. Scanners can't go everywhere. They don't really deal well with environments that are a mixed IT/OT, for instance, like some of our clients deal with. They can't really deal with areas that aren't classic IT. And in general, these days over 70% of assets are in fact of the unmanaged variety, if you will. So combining different approaches from an Armis standpoint of both passive and active, we reach a tremendous scale, I think, within the environment, and ability to provide or reach that is complete. What if you could have vulnerability management, cover a hundred percent of your environment, and in a very effective manner, and in a very scalable manner? And the last thing really is context. And that's a big deal here. I think that most vulnerability management programs hinge on asset context, on the ability to understand, what are the assets I'm dealing with? And more importantly, what is the criticality of these assets, so I can better prioritize and manage the entire process along the way? So with these things in mind, that's what Armis has basically pulled out is a vulnerability management process. What if we could collect all the vulnerability information from your entire environment, and give you a map of that, on top of that map of assets? Connect every single vulnerability and finding to the relevant assets, and give you a real way to manage that automatically, and in a way that prevents teams of people from having to do a lot of grunt work in the process. >> Yeah, it's like building a search engine, almost. You got the behavioral, contextual. You got to understand what's going on in the environment, and then you got to have the context to what it means relative to the environment. And this is the criticality piece you mentioned, this is a huge differentiator in my mind. I want to unpack that. Understanding what's going on, and then what to pay attention to, it's a data problem. You got that kind of search and cataloging of the assets, and then you got the contextualization of it, but then what alarms do I pay attention to? What is the vulnerability? This is the context. This is a huge deal, because your businesses, your operation's going to have some important pieces, but also it changes on agility. So how do you guys do that? That's, I think, a key piece. >> Yeah, that's a really good question. So asset criticality is a key piece in being able to prioritize the operation. The reason is really simple, and I'll take an example we're all very, very familiar with, and it's been beaten to death, but it's still a good example, which is Log4j, or Log4Shell. When that came out, hundreds of people in large organizations started mapping the entire environment on which applications have what aspect of Log4j. Now, one of the key things there is that when you're doing that exercise for the first time, there are literally millions of systems in a typical enterprise that have Log4j in them, but asset criticality and the application and business context are key here, because some of these different assets that have Log4j are part of your critical business function and your critical business applications, and they deserve immediate attention. Some of them, or some Git server of some developer somewhere, don't warrant quite the same attention or criticality as others. Armis helps by providing the underlying asset map as a built-in aspect of the process. It maps the relationships and dependencies for you. It pulls together and clusters together. What applications does each asset serve? So I might be looking at a server and saying, okay, this server, it supports my ERP system. It supports my production applications to be able to serve my customers. It serves maybe my .com website. Understanding what applications each asset serves and every dependency along the way, meaning that endpoint, that server, but also the load balancers are supported, and the firewalls, and every aspect along the way, that's the bread and butter of the relationship mapping that Armis puts into place to be able to do that, and we also allow users to tweak, add information, connect us with their CMDB or anywhere else where they put this in, but once the information is in, that can serve vulnerability management. It can serve other security functions as well. But in the context of vulnerability management, it creates a much more streamlined process for being able to do the basics. Some critical applications, I want to know exactly what all the critical vulnerabilities that apply to them are. Some business applications, I just want to be able to put SLAs on, that this must be solved within a week, this must be solved within a month, and be able to actually automatically track all of these in a world that is very, very complex inside of an operation or an enterprise. >> We're going to hear from some of your customers later, but I want to just get your thoughts on, anecdotally, what do you hear from? You're the CTO, co-founder, you're actually going into the big accounts. When you roll this out, what are they saying to you? What are some of the comments? Oh my God, this is amazing. Thank you so much. >> Well, of course. Of course. >> Share some of the comments. >> Well, first of all, of course, that's what they're saying. They're saying we're great. Of course, always, but more specifically, I think this solves a huge gap for them. They are used to tools coming in and discovering vulnerabilities for them, but really close to nothing being able to streamline the truly complex and scalable process of being able to manage vulnerabilities within the environment. Not only that, the integration-led, designer-led deployment and the fact that we are a completely agent-less SaaS platform are extremely important for them. These are times where if something isn't easily deployable for an enterprise, its value is next to nothing. I think that enterprises have come to realize that if something isn't a one click deployment across the environment, it's almost not worth the effort these days, because environments are so complex that you can't fully realize the value any other way. So from an Armis standpoint, the fact that we can deploy with a few clicks, the fact that we immediately provide that value, the fact that we're agent-less, in the sense that we don't need to go around installing a footprint within the environment, and for clients who already have Armis, the fact that it's a flip of a switch, just turn it on, are extreme. I think that the fact, in particular, that Armis can be deployed. the vulnerability management can be deployed on top of the existing vulnerability scanner with a simple one-click integration is huge for them. And I think all of these together are what contribute to them saying how great this is. But yeah, that's it. >> The agent listing is huge. What's the alternative? What does it look like if they're going to go the other route, slow to deploy, have meetings, launch it in the environment? What's it look like? >> I think anything these days that touches an endpoint with an agent goes through a huge round of approvals before anything goes into an environment. Same goes, by the way, for additional scanners. No one wants to hear about additional scanners. They've already gone through the effort with some of the biggest tools out there to punch holes through firewalls, to install scanners in different ways. They don't want yet another scanner, or yet another agent. Armis rides on top of the existing infrastructure, the existing agents, the existing scanners. You don't need to do a thing. It just deploys on top of it, and that's really what makes this so easy and seamless. >> Talk about Armis research. Can you talk about, what's that about? What's going on there? What are you guys doing? How do you guys stay relevant for your customers? >> For sure. So one of the, I've made a lot of bold claims throughout, I think, the entire Q and A here, but one of the biggest magic components, if you will, to Armis that kind of help explain what all these magic components are, are really something that we call our collective asset knowledge base. And it's really the source of our power. Think of it as a giant collective intelligent that keeps learning from all of the different environments combined that Armis is deployed at. Essentially, if we see something in one environment, we can translate it immediately into all environments. So anyone who joins this or uses the product joins this collective intelligence in essence. What does that mean? It means that Armis learns about vulnerabilities from other environments. A new Log4j comes out, for instance. It's enough that, in some environments, Armis is able to see it from scanners, or from agents, or from SBOMs, or anything that basically provides information about Log4j, and Armis immediately infers or creates enrichment rules that act across the entire tenant base, or the entire client base of Armis. So very quick response to industry events, whenever something comes out, again, the results are immediate, very up to the minute, very up to the hour, but also I'd say that Armis does its own proactive asset research. We have a huge data set at our disposal, a lot of willing and able clients, and also a lot of partners within the industry that Armis leverages, but our own research is into interesting aspects within the environment. We do our own proactive research into things like TLStorm, which is kind of a bit of a bridging research and vulnerabilities between cyber physical aspect. So on the one hand, the cyber space and kind of virtual environments, but on the other hand, the actual physical space, vulnerabilities, and things like UPSs, or industrial equipment, or things like that. But I will say that also, Armis targets its research along different paths that we feel are underserved. We started a few years back research into firmwares, different types of real time operating systems. We came out with things like URGENT/11, which was research into, on the one hand, operating systems that run on two billion different devices worldwide, on the other hand, in the 40 years it existed, only 13 vulnerabilities were ever exposed or revealed about that operating system. Either it's the most secure operating system in the world, or it's just not gone through enough rigor and enough research in doing this. The type of active research we do is to complement a lot of the research going on in the industry, serve our clients better, but also provide kind of inroads, I think, for the industry to be better at what they do. >> Awesome, Nadir, thanks for sharing the insights. Great to see the research. You got to be at the cutting edge. You got to investigate, be ready for a moment's notice on all aspects of the operating environment, down to the hardware, down to the packet level, down to the any vulnerability, be ready for it. Great job. Thanks for sharing. Appreciate it. >> Absolutely. >> In a moment, Tim Everson's going to join us. He's the CSO of Kalahari Resorts and Conventions. He'll be joining me next. You're watching theCUBE, the leader in high tech coverage. I'm John Furrier. Thanks for watching. (upbeat music)

(upbeat music) >> Today's organizations are overwhelmed by the number of different assets connected to their networks, which now include not only IT devices and assets, but also a lot of unmanaged assets, like cloud, IoT, building management systems, industrial control systems, medical devices, and more. That's not just it, there's more. We're seeing massive volume of threats, and a surge of severe vulnerabilities that put these assets at risk. This is happening every day. And many, including me, think it's only going to get worse. The scale of the problem will accelerate. Security and IT teams are struggling to manage all these vulnerabilities at scale. With the time it takes to exploit a new vulnerability, combined with the lack of visibility into the asset attack surface area, companies are having a hard time addressing the vulnerabilities as quickly as they need. This is today's special CUBE program, where we're going to talk about these problems and how they're solved. Hello, everyone. I'm John Furrier, host of theCUBE. This is a special program called Managing Risk Across Your Extended Attack Surface Area with Armis, new asset intelligence platform. To start things off, let's bring in the co-founder and CTO of Armis, Nadir Izrael. Nadir, great to have you on the program. >> Yeah, thanks for having me. >> Great success with Armis. I want to just roll back and just zoom out and look at, what's the big picture? What are you guys focused on? What's the holy grail? What's the secret sauce? >> So Armis' mission, if you will, is to solve to your point literally one of the holy grails of security teams for the past decade or so, which is, what if you could actually have a complete, unified, authoritative asset inventory of everything, and stressing that word, everything. IT, OT, IoT, everything on kind of the physical space of things, data centers, virtualization, applications, cloud. What if you could have everything mapped out for you so that you can actually operate your organization on top of essentially a map? I like to equate this in a way to organizations and security teams everywhere seem to be running, basically running the battlefield, if you will, of their organization, without an actual map of what's going on, with charts and graphs. So we are here to provide that map in every aspect of the environment, and be able to build on top of that business processes, products, and features that would assist security teams in managing that battlefield. >> So this category, basically, is a cyber asset attack surface management kind of focus, but it really is defined by this extended asset attack surface area. What is that? Can you explain that? >> Yeah, it's a mouthful. I think the CAASM, for short, and Gartner do love their acronyms there, but CAASM, in short, is a way to describe a bit of what I mentioned before, or a slice out of it. It's the whole part around a unified view of the attack surface, where I think where we see things, and kind of where Armis extends to that is really with the extended attack surface. That basically means that idea of, what if you could have it all? What if you could have both a unified view of your environment, but also of every single thing that you have, with a strong emphasis on the completeness of that picture? If I take the map analogy slightly more to the extreme, a map of some of your environment isn't nearly as useful as a map of everything. If you had to, in your own kind of map application, you know, chart a path from New York to whichever your favorite surrounding city, but it only takes you so far, and then you sort of need to do the rest of it on your own, not nearly as effective, and in security terms, I think it really boils down into you can't secure what you can't see. And so from an Armis perspective, it's about seeing everything in order to protect everything. And not only do we discover every connected asset that you have, we provide a risk rating to every single one of them, we provide a criticality rating, and the ability to take action on top of these things. >> Having a map is huge. Everyone wants to know what's in their inventory, right, from a risk management standpoint, also from a vulnerability perspective. So I totally see that, and I can see that being the holy grail, but on the vulnerability side, you got to see everything, and you guys have new stuff around vulnerability management. What's this all about? What kind of gaps are you seeing that you're filling in the vulnerability side, because, okay, I can see everything. Now I got to watch out for threat vectors. >> Yeah, and I'd say a different way of asking this is, okay, vulnerability management has been around for a while. What the hell are you bringing into the mix that's so new and novel and great? So I would say that vulnerability scanners of different sorts have existed for over a decade. And I think that ultimately what Armis brings into the mix today is how do we fill in the gaps in a world where critical infrastructure is in danger of being attacked by nation states these days, where ransomware is an everyday occurrence, and where I think credible, up-to-the-minute, and contextualize vulnerability and risk information is essential. Scanners, or how we've been doing things for the last decade, just aren't enough. I think the three things that Armis excels at and completes the security staff today on the vulnerability management side are scale, reach, and context. Scale, meaning ultimately, and I think this is of no news to any enterprise, environments are huge. They are beyond huge. When most of the solutions that enterprises use today were built, they were built for thousands, or tens of thousands of assets. These days, we measure enterprises in the billions, billions of different assets, especially if you include how applications are structured, containers, cloud, all that, billions and billions of different assets, and I think that, ultimately, when the latest and greatest in catastrophic new vulnerabilities come out, and sadly, that's a monthly occurrence these days. You can't just now wait around for things to kind of scan through the environment, and figure out what's going on there. Real time images of vulnerabilities, real time understanding of what the risk is across that entire massive footprint is essential to be able to do things, and if you don't, then lots and lots of teams of people are tasked with doing this day in, day out, in order to accomplish the task. The second thing, I think, is the reach. Scanners can't go everywhere. They don't really deal well with environments that are a mixed IT/OT, for instance, like some of our clients deal with. They can't really deal with areas that aren't classic IT. And in general, these days over 70% of assets are in fact of the unmanaged variety, if you will. So combining different approaches from an Armis standpoint of both passive and active, we reach a tremendous scale, I think, within the environment, and ability to provide or reach that is complete. What if you could have vulnerability management, cover a hundred percent of your environment, and in a very effective manner, and in a very scalable manner? And the last thing really is context. And that's a big deal here. I think that most vulnerability management programs hinge on asset context, on the ability to understand, what are the assets I'm dealing with? And more importantly, what is the criticality of these assets, so I can better prioritize and manage the entire process along the way? So with these things in mind, that's what Armis has basically pulled out is a vulnerability management process. What if we could collect all the vulnerability information from your entire environment, and give you a map of that, on top of that map of assets? Connect every single vulnerability and finding to the relevant assets, and give you a real way to manage that automatically, and in a way that prevents teams of people from having to do a lot of grunt work in the process. >> Yeah, it's like building a search engine, almost. You got the behavioral, contextual. You got to understand what's going on in the environment, and then you got to have the context to what it means relative to the environment. And this is the criticality piece you mentioned, this is a huge differentiator in my mind. I want to unpack that. Understanding what's going on, and then what to pay attention to, it's a data problem. You got that kind of search and cataloging of the assets, and then you got the contextualization of it, but then what alarms do I pay attention to? What is the vulnerability? This is the context. This is a huge deal, because your businesses, your operation's going to have some important pieces, but also it changes on agility. So how do you guys do that? That's, I think, a key piece. >> Yeah, that's a really good question. So asset criticality is a key piece in being able to prioritize the operation. The reason is really simple, and I'll take an example we're all very, very familiar with, and it's been beaten to death, but it's still a good example, which is Log4j, or Log4Shell. When that came out, hundreds of people in large organizations started mapping the entire environment on which applications have what aspect of Log4j. Now, one of the key things there is that when you're doing that exercise for the first time, there are literally millions of systems in a typical enterprise that have Log4j in them, but asset criticality and the application and business context are key here, because some of these different assets that have Log4j are part of your critical business function and your critical business applications, and they deserve immediate attention. Some of them, or some Git server of some developer somewhere, don't warrant quite the same attention or criticality as others. Armis helps by providing the underlying asset map as a built-in aspect of the process. It maps the relationships and dependencies for you. It pulls together and clusters together. What applications does each asset serve? So I might be looking at a server and saying, okay, this server, it supports my ERP system. It supports my production applications to be able to serve my customers. It serves maybe my .com website. Understanding what applications each asset serves and every dependency along the way, meaning that endpoint, that server, but also the load balancers are supported, and the firewalls, and every aspect along the way, that's the bread and butter of the relationship mapping that Armis puts into place to be able to do that, and we also allow users to tweak, add information, connect us with their CMDB or anywhere else where they put this in, but once the information is in, that can serve vulnerability management. It can serve other security functions as well. But in the context of vulnerability management, it creates a much more streamlined process for being able to do the basics. Some critical applications, I want to know exactly what all the critical vulnerabilities that apply to them are. Some business applications, I just want to be able to put SLAs on, that this must be solved within a week, this must be solved within a month, and be able to actually automatically track all of these in a world that is very, very complex inside of an operation or an enterprise. >> We're going to hear from some of your customers later, but I want to just get your thoughts on, anecdotally, what do you hear from? You're the CTO, co-founder, you're actually going into the big accounts. When you roll this out, what are they saying to you? What are some of the comments? Oh my God, this is amazing. Thank you so much. >> Well, of course. Of course. >> Share some of the comments. >> Well, first of all, of course, that's what they're saying. They're saying we're great. Of course, always, but more specifically, I think this solves a huge gap for them. They are used to tools coming in and discovering vulnerabilities for them, but really close to nothing being able to streamline the truly complex and scalable process of being able to manage vulnerabilities within the environment. Not only that, the integration-led, designer-led deployment and the fact that we are a completely agent-less SaaS platform are extremely important for them. These are times where if something isn't easily deployable for an enterprise, its value is next to nothing. I think that enterprises have come to realize that if something isn't a one click deployment across the environment, it's almost not worth the effort these days, because environments are so complex that you can't fully realize the value any other way. So from an Armis standpoint, the fact that we can deploy with a few clicks, the fact that we immediately provide that value, the fact that we're agent-less, in the sense that we don't need to go around installing a footprint within the environment, and for clients who already have Armis, the fact that it's a flip of a switch, just turn it on, are extreme. I think that the fact, in particular, that Armis can be deployed. the vulnerability management can be deployed on top of the existing vulnerability scanner with a simple one-click integration is huge for them. And I think all of these together are what contribute to them saying how great this is. But yeah, that's it. >> The agent listing is huge. What's the alternative? What does it look like if they're going to go the other route, slow to deploy, have meetings, launch it in the environment? What's it look like? >> I think anything these days that touches an endpoint with an agent goes through a huge round of approvals before anything goes into an environment. Same goes, by the way, for additional scanners. No one wants to hear about additional scanners. They've already gone through the effort with some of the biggest tools out there to punch holes through firewalls, to install scanners in different ways. They don't want yet another scanner, or yet another agent. Armis rides on top of the existing infrastructure, the existing agents, the existing scanners. You don't need to do a thing. It just deploys on top of it, and that's really what makes this so easy and seamless. >> Talk about Armis research. Can you talk about, what's that about? What's going on there? What are you guys doing? How do you guys stay relevant for your customers? >> For sure. So one of the, I've made a lot of bold claims throughout, I think, the entire Q and A here, but one of the biggest magic components, if you will, to Armis that kind of help explain what all these magic components are, are really something that we call our collective asset knowledge base. And it's really the source of our power. Think of it as a giant collective intelligent that keeps learning from all of the different environments combined that Armis is deployed at. Essentially, if we see something in one environment, we can translate it immediately into all environments. So anyone who joins this or uses the product joins this collective intelligence in essence. What does that mean? It means that Armis learns about vulnerabilities from other environments. A new Log4j comes out, for instance. It's enough that, in some environments, Armis is able to see it from scanners, or from agents, or from SBOMs, or anything that basically provides information about Log4j, and Armis immediately infers or creates enrichment rules that act across the entire tenant base, or the entire client base of Armis. So very quick response to industry events, whenever something comes out, again, the results are immediate, very up to the minute, very up to the hour, but also I'd say that Armis does its own proactive asset research. We have a huge data set at our disposal, a lot of willing and able clients, and also a lot of partners within the industry that Armis leverages, but our own research is into interesting aspects within the environment. We do our own proactive research into things like TLStorm, which is kind of a bit of a bridging research and vulnerabilities between cyber physical aspect. So on the one hand, the cyber space and kind of virtual environments, but on the other hand, the actual physical space, vulnerabilities, and things like UPSs, or industrial equipment, or things like that. But I will say that also, Armis targets its research along different paths that we feel are underserved. We started a few years back research into firmwares, different types of real time operating systems. We came out with things like URGENT/11, which was research into, on the one hand, operating systems that run on two billion different devices worldwide, on the other hand, in the 40 years it existed, only 13 vulnerabilities were ever exposed or revealed about that operating system. Either it's the most secure operating system in the world, or it's just not gone through enough rigor and enough research in doing this. The type of active research we do is to complement a lot of the research going on in the industry, serve our clients better, but also provide kind of inroads, I think, for the industry to be better at what they do. >> Awesome, Nadir, thanks for sharing the insights. Great to see the research. You got to be at the cutting edge. You got to investigate, be ready for a moment's notice on all aspects of the operating environment, down to the hardware, down to the packet level, down to the any vulnerability, be ready for it. Great job. Thanks for sharing. Appreciate it. >> Absolutely. >> In a moment, Tim Everson's going to join us. He's the CSO of Kalahari Resorts and Conventions. He'll be joining me next. You're watching theCUBE, the leader in high tech coverage. I'm John Furrier. Thanks for watching. (upbeat music)

>> We're back at the Big Apple, theCUBE's coverage of MongoDB World 2022. Sahir Azam is here, he's the Chief Product Officer of MongoDB, and Guillermo Rauch who's the CEO of Vercel. Hot off the keynotes from this morning guys, good job. >> Thank you. >> Thank you. >> Thank you for joining us here. Thanks for having us. Guillermo when it comes to modern web development, you know the back-end, the cloud guys got to it kind of sewn up, >> you know- >> Guillermo: Forget about it. >> But all the action's in the front end, and that's where you are. Explain Vercel. >> Yeah so Vercel is the company that pioneers front-end development as serverless infrastructure. So we built Next.js which is the most popular React framework in the world. This is what front-end engineers choose to build innovative UI's, beautiful websites. Companies like Dior and GitHub and TikTok and Twitch, which we mentioned in the keynote, are powering their entire dot-coms or all of their new parts of their dot-coms with Next.js. And Vercel is the serverless platform where you can deploy frameworks like in Next.js and others like Svelte and Vue to create really fast experiences on the web. >> So I hear, so serverless, I hear that's the hot trend. You guys made some announcements today. I mean when you look at the, we have spending data with our friends at ETR right down the street. I mean it's just off the charts, whether it's Amazon, Google, Azure Functions, I mean it's just exploding. >> Sahir: Yeah, it's I think in many ways, it's a natural trend. You know, we talk a lot about, whether it be today's keynote or another industry talks you see around our industry that developers are constantly looking for ways to focus on innovation and the business logic that defines their application and as opposed to managing the plumbing, and management of infrastructure. And we've seen this happen over and over again across every layer of the stack. And so for us, you know MongoDB, we have a bit of, you know sort of a lens of a broad spectrum of the market. We certainly have you know, large enterprises that are modernizing existing kind of core systems, then we have developers all over the world who are building the next big best thing. And that's what led us to partner with Vercel is just the bleeding edge of developers building in a new way, in a much more efficient way. And we wanted to make sure we provide a data platform that fits naturally in the way they want to work. >> So explain to our audience the trade-offs of serverless, and I want to get into sort of how you've resolved that. And then I want to hear from Guillermo, what that means for developers. >> Sahir: Yeah in our case, we don't view it as an either or, there are certain workloads and definitely certain companies that will gravitate towards a more traditional database infrastructure where they're choosing the configuration of their cluster. They want full control over it. And that provides, you know, certain benefits around cost predictability or isolation or perceived benefits at least of those things. And customers will gravitate towards that. Now on the flip side, if you're building a new application or you want the ability to scale seamlessly and not have to worry about any of the plumbing, serverless is clearly the easier model. So over the long term, we certainly expect to see as a mix of things, more and more serverless workloads being built on our platform and just generally in the industry, which is why we leaned in so heavily on investing in Atlas serverless. But the flexibility to not be forced into a particular model, but to get the same database experience across your application and even switch between them is an important characteristic for us as we build going forward. >> And you stressed the cost efficiency, and not having to worry about, you know, starting cold. You've architected around that, and what does that mean for a developer? >> Guillermo: For a developer it means that you kind of get the best of both worlds, right? Like you get the best possible performance. Front-end developers are extremely sensitive to this. That's why us pioneering this concept, serverless front-end, has put us in a very privileged position because we have to deliver that really quick time to first buy, that really quick paint. So any of the old trade-offs of serverless are not accepted by the market. You have to be extremely fast. You have to be instant to deliver that front-end content. So what we talked about today for example, with the Vercel Edge network, we're removing all of the cost of that like first hit. That cold start doesn't really exist. And now we're seeing it all across the board, going into the back-end where Mongo has also gotten rid of it. >> Dave: How do you guys collaborate? What's the focus of integration specifically from, you know, an engineering resource standpoint? >> Yeah the main idea is, idea to global app in seconds, right? You have your idea. We give you the framework. We don't give you infrastructure primitives. We give you all the necessary tools to start your application. In practice this means you host it in a Git repo. You import it onto Vercel. You install the Mongo integration. Now your front-end and your data back-end are connected. And then your application just goes global in seconds. >> So, okay. So you've abstracted away the complexity of those primitives, is that correct? >> Guillermo: Absolutely. >> Do do developers ever say, "That's awesome but I'd like to get to them every now and then." Or do you not allow that? >> Definitely. We expose all the underlying APIs, and the key thing we hear is that, especially with the push for usage-based billing models, observability is of the essence. So at any time you have to be able to query, in real time, every data point that the platform is observing. We give you performance analytics in real time to see how your front-end is performing. We give you statistics about how often you're querying your back-end and so on, and your cache hit ratios. So what I talked about today in the keynote is, it's not just about throwing more compute at the problem, but the ability to use the edge to your advantage to memoize computation and reuse it across different visits. >> When we think of mission critical historically, you know, you think about going to the ATM, right? I mean a financial transaction. But Mongo is positioning for mission critical applications across a variety of industries. Do we need to rethink what mission critical means? >> I think it's all in the eye of the beholder so to speak. If you're a new business starting up, your software and your application is your entire business. So if you have a cold start latency or God forbid something actually goes down, you don't have a business. So it's just as mission critical to that founder of a new business and new technology as it is, you know, an established enterprise that's running sort of a more, you know, day-to-day application that we may all interact with. So we treat all of those scenarios with equal fervor and importance right? And many times, it's a lot of those new experiences that the become the day-to-day experiences for us globally, and are super important. And we power all of those, whether it be an established enterprise all the way to the next big startup. >> I often talk about COVID as the forced march to digital. >> Sahir: Mm-Hmm. >> Which was obviously a little bit rushed, but if you weren't in digital business, you were out of business. And so now you're seeing people step back and say, "All right, let's be more thoughtful about our digital transformation. We've got some time, we've obviously learned some things made some mistakes." It's all about the customer experience though. And that becomes mission critical right? What are you seeing Guillermo, in terms of the patterns in digital transformation now that we're sort of exiting the isolation economy? >> One thing that comes to mind is, we're seeing that it's not always predictable how fast you're going to grow in this digital economy. So we have customers in the ecommerce space, they do a drop and they're piggybacking on serverless to give them that ability to instantly scale. And they couldn't even prepare for some of these events. We see that a lot with the Web3 space and NFT drops, where they're building in such a way that they're not sensitive to this massive fluctuations in traffic. They're taking it for granted. We've put in so much work together behind the scenes to support it. But the digital native creator just, "Oh things are scaling from one second to the next like I'm hitting like 20,000 requests per second, no problem Vercel is handling it." But the amount of infrastructural work that's gone behind the scenes in support has been incredible. >> We see that in gaming all the time, you know it's really hard for a gaming company to necessarily predict where in the globe a game's going to be particularly hot. Games get super popular super fast if they're successful, it's really hard to predict. It's another vertical that's got a similar dynamic. >> So gaming, crypto, so you're saying that you're able to assist your customers in architecting so that the website doesn't crash. >> Guillermo: Absolutely. >> But at the same time, if the the business dynamic changes, they can dial down. >> Yeah. >> Right and in many ways, slow is the new down, right? And if somebody has a slow experience they're going to leave your site just as much as if it's- >> I'm out of here- >> You were down. So you know, it's really maintaining that really fast performance, that amazing customer experience. Because this is all measured, it's scientific. Like anytime there's friction in the process, you're going to lose customers. >> So obviously people are excited about your keynote, but what have they been saying? Any specific comments you can share, or questions that you got that were really interesting or? >> I'm already getting links to the apps that people are deploying. So the whole idea- >> Come on! >> All over the world. Yeah so it's already working I'm excited. >> So they were show they were showing off, "Look what I did" Really? >> Yeah on Twitter. >> That's amazing. >> I think from my standpoint, I got a question earlier, we were with a bunch of financial analysts and investors, and they said they've been talking to a lot of the customers in the halls. And just to see, you know, from the last time we were all in person, the number of our customers that are using multiple capabilities across this idea of a developer data platform, you know, certainly MongoDB's been a popular core database open source for a long time. But the new capabilities around search, analytics, mobile being adopted much more broadly to power these experiences is the most exciting thing from our side. >> So from 2019 to now, you're saying substantial uptick in adoption for these features? >> Yeah. And many of them are new. >> Time series as well, that's pretty new, so yeah. >> Yeah and you know, our philosophy of development at MongoDB is to get capabilities in the hands of customers early. Get that feedback to enrich and drive that product-market fit. And over the last three years especially, we've been transitioning from a single product kind of core, you know, non relational modern database to a data platform, a developer data platform that adds more and more capabilities to power these modern applications. And a lot of those were released during the pandemic. Certainly we talked about them in our virtual conferences and all the zoom meetings we had over the years. But to actually go talk to all these customers, this is the largest conference we've ever put on, and to get a sense of, wow all the amazing things they're doing with them, it's definitely a different feeling when we're all together. >> So that's interesting, when you have such a hot product, product-led growth which is what Mongo has been in, and you add these new features. They're coming from the developers who are saying, "Hey, we need this." >> Yip. >> Okay so you have a pretty high degree of confidence, but how do you know when you have product-market fit? I mean, is it adoption, usage, renewals? What's your metric? >> Yeah I think it's a mix of quantitative measures that you know, around conversion rates, the size of your funnel, the retention rate, NPS which obviously can be measured, but also just qualitative. You know when you're talking to a developer or a technology executive around what their needs are, and then you see how they actually apply it to solve a problem, it's that balance between the qualitative and the quantitative measurement of things. And you can just sort of, frankly you can feel it. You can see it in the numbers sure, but you can kind of feel that excitement, you can see that adoption and what it empowers people to do. And so to me, as a product leader, it's always a blend of those things. If you get too obsessed with purely the metrics, you can always over optimize something for the wrong reason. So you have to bring in that qualitative feedback to balance yourself out. >> Right. >> Guillermo, what's next? What do you not have that you want from Sahir and Mongo? >> So the natural next step for serverless computing is, is the Edge. So we have to auto-scale, we have to tolerate fares. We have to be avail. We have to be easy, but we have to be global. And right now we've been doing this by using a lot of techniques like caching and replication and things like this. But the future's about personalizing even more to each visitor depending on where they are. So if I'm in New York, I want to get the latest offers for New York on demand, just for me, and using AI to continue to personalize that experience. So giving the developer these tools in a way where it feels natural to build an application like this. It doesn't feel like, "Oh I'm going to do this year 10 if I make it, I'm going to do it since the very beginning." >> Dave: Okay interesting. So that says to me that I'm not going to make a round trip to the cloud necessarily for that experience. So I'm going to have some kind, Apple today, at the Worldwide Developer Conference announced the M2, right. I've been looking at the M1 Ultra, and I'm going wow look at that! And so- >> Sahir: You were talking about that new one backstage. >> I mean it's this amazing pace of Silicon development and they're focusing on the NPU and you look at what Tesla's doing. I mean it's just incredible. So you're going to have some new hardware architecture that emerges. Most of the AI that's done today is modeling in the cloud. You're going to have a real time inferencing at the Edge. So that's not going to do the round trip. There's going to be a data store there, I think it has to be. You're going to persist some of the data, maybe not all of it. So it's a whole new architecture- >> Sahir: Absolutely. >> That's developing. That sounds very disruptive. >> Sahir: Yeah. >> How do you think about that, and how does Mongo play there? Guillermo first. >> What I spent a lot of time thinking about is obviously the developer experience, giving the programmer a programming model that is natural, intuitive, and produces its great results. So if they have to think about data that's local because of regulatory reasons for example, how can we let the framework guide them to success? I'm just writing an application I deployed to the cloud and then everything else is figured out. >> Yeah or speed of light is another challenge. (Sahir and Guillermo laugh) >> How can we overcome the speed of light is our next task for sure. >> Well you're working on that aren't you? You've got the best engineers on that one. (Sahir and Guillermo laugh) >> We can solve a lot of problems, I'm not sure of that one. >> So Mongo plays in that scenario or? >> Yeah so I think, absolutely you know, we've been focused heavily on becoming the globally distributed cloud data layer. The back-end data layer that allows you to persist data to align with performance and move data where it needs to be globally or deal with data sovereignty, data nationalism that's starting to rise, but absolutely there is more data being pushed out to the Edge, to your point around processing or inference happening at the Edge. And there's going to be a globally distributed front-end layer as well, whether data and processing takes apart. And so we're focused on one, making sure the data connectivity and the layer is all connected into one unified architecture. We do that in combination with technologies that we have that do with mobility or edge distribution and synchronization of data with realm. And we do it with partnerships. We have edge partnerships with AWS and Verizon. We have partnerships with a lot of CVM players who are building out that Edge platform and making sure that MongoDB is either connected to it or just driving that synchronization back and forth. >> I call that unified experience super cloud, Robbie Belson from Verizon the cloud continuum, but that consistent experience for developers whether you're on Prim, whether you're in you know, Azure, Google, AWS, and ultimately the Edge. That's the big- >> That's where it's going. >> White space right now I'm hearing, Guillermo, right? >> I think it'll define the next generation of how software is built. And we're seeing this almost like a coalition course between some of the ideas that the Web3 developers are excited about, which is like decentralization almost to the extreme. But the Web2 also needs more decentralization, because we're seeing it with like, the data needs to be local to me, I need more privacy. I was looking at the latest encryption features in Mongo, like I think both Web2 need to incorporate more of the ideas of Web3 and vice versa to create the best possible consumer experience. Privacy matters more than ever before. Latency for conversion matters more than ever before. And regulations are changing. >> Sahir: Yeah. >> And you talked about Web3 earlier, talked about new protocols, a new distributed you know, decentralized system emerging, new hardware architectures. I really believe we really think that new economics are going to bleed back into the data center, and yeah every 15 years or so this industry gets disrupted. >> Sahir: Yeah. >> Guillermo: Absolutely. >> You know you ain't see nothing yet guys. >> We all talked about hardware becoming commoditized 10, 15 years ago- >> Yeah of course. >> We get the virtualization, and it's like nope not at all. It's actually a lot of invention happening. >> The lower the price the more the consumption. So guys thanks so much. Great conversation. >> Thank you. >> Really appreciate your time. >> Really appreciate it I enjoyed the conversation. >> All right and thanks for watching. Keep it right there. We'll be back with our next segment right after this short break. Dave Vellante for theCUBE's coverage of MongoDB World 2022. >> Man Offscreen: Clear. (clapping) >> All right wow. Don't get up. >> Sahir: Okay. >> Is that a Moonwatch? >> Sahir: It is a Speedmaster but it's that the-

>> Man Offscreen: Standby. Dave is coming you in 5, 4, 3, 2. >> We're back at the Big Apple, theCUBE's coverage of MongoDB World 2022. Sahir Azam is here, he's the Chief Product Officer of MongoDB, and Guillermo Rauch who's the CEO of Vercel. Hot off the keynotes from this morning guys, good job. >> Thank you. >> Thank you. >> Thank you for joining us here. Thanks for having us. Guillermo when it comes to modern web development, you know the back-end, the cloud guys got to it kind of sewn up, >> you know- >> Guillermo: Forget about it. >> But all the action's in the front end, and that's where you are. Explain Vercel. >> Yeah so Vercel is the company that pioneers front-end development as serverless infrastructure. So we built Next.js which is the most popular React framework in the world. This is what front-end engineers choose to build innovative UI's, beautiful websites. Companies like Dior and GitHub and TikTok and Twitch, which we mentioned in the keynote, are powering their entire dot-coms or all of their new parts of their dot-coms with Next.js. And Vercel is the serverless platform where you can deploy frameworks like in Next.js and others like Svelte and Vue to create really fast experiences on the web. >> So I hear, so serverless, I hear that's the hot trend. You guys made some announcements today. I mean when you look at the, we have spending data with our friends at ETR right down the street. I mean it's just off the charts, whether it's Amazon, Google, Azure Functions, I mean it's just exploding. >> Sahir: Yeah, it's I think in many ways, it's a natural trend. You know, we talk a lot about, whether it be today's keynote or another industry talks you see around our industry that developers are constantly looking for ways to focus on innovation and the business logic that defines their application and as opposed to managing the plumbing, and management of infrastructure. And we've seen this happen over and over again across every layer of the stack. And so for us, you know MongoDB, we have a bit of, you know sort of a lens of a broad spectrum of the market. We certainly have you know, large enterprises that are modernizing existing kind of core systems, then we have developers all over the world who are building the next big best thing. And that's what led us to partner with Vercel is just the bleeding edge of developers building in a new way, in a much more efficient way. And we wanted to make sure we provide a data platform that fits naturally in the way they want to work. >> So explain to our audience the trade-offs of serverless, and I want to get into sort of how you've resolved that. And then I want to hear from Guillermo, what that means for developers. >> Sahir: Yeah in our case, we don't view it as an either or, there are certain workloads and definitely certain companies that will gravitate towards a more traditional database infrastructure where they're choosing the configuration of their cluster. They want full control over it. And that provides, you know, certain benefits around cost predictability or isolation or perceived benefits at least of those things. And customers will gravitate towards that. Now on the flip side, if you're building a new application or you want the ability to scale seamlessly and not have to worry about any of the plumbing, serverless is clearly the easier model. So over the long term, we certainly expect to see as a mix of things, more and more serverless workloads being built on our platform and just generally in the industry, which is why we leaned in so heavily on investing in Atlas serverless. But the flexibility to not be forced into a particular model, but to get the same database experience across your application and even switch between them is an important characteristic for us as we build going forward. >> And you stressed the cost efficiency, and not having to worry about, you know, starting cold. You've architected around that, and what does that mean for a developer? >> Guillermo: For a developer it means that you kind of get the best of both worlds, right? Like you get the best possible performance. Front-end developers are extremely sensitive to this. That's why us pioneering this concept, serverless front-end, has put us in a very privileged position because we have to deliver that really quick time to first buy, that really quick paint. So any of the old trade-offs of serverless are not accepted by the market. You have to be extremely fast. You have to be instant to deliver that front-end content. So what we talked about today for example, with the Vercel Edge network, we're removing all of the cost of that like first hit. That cold start doesn't really exist. And now we're seeing it all across the board, going into the back-end where Mongo has also gotten rid of it. >> Dave: How do you guys collaborate? What's the focus of integration specifically from, you know, an engineering resource standpoint? >> Yeah the main idea is, idea to global app in seconds, right? You have your idea. We give you the framework. We don't give you infrastructure primitives. We give you all the necessary tools to start your application. In practice this means you host it in a Git repo. You import it onto Vercel. You install the Mongo integration. Now your front-end and your data back-end are connected. And then your application just goes global in seconds. >> So, okay. So you've abstracted away the complexity of those primitives, is that correct? >> Guillermo: Absolutely. >> Do do developers ever say, "That's awesome but I'd like to get to them every now and then." Or do you not allow that? >> Definitely. We expose all the underlying APIs, and the key thing we hear is that, especially with the push for usage-based billing models, observability is of the essence. So at any time you have to be able to query, in real time, every data point that the platform is observing. We give you performance analytics in real time to see how your front-end is performing. We give you statistics about how often you're querying your back-end and so on, and your cache hit ratios. So what I talked about today in the keynote is, it's not just about throwing more compute at the problem, but the ability to use the edge to your advantage to memoize computation and reuse it across different visits. >> When we think of mission critical historically, you know, you think about going to the ATM, right? I mean a financial transaction. But Mongo is positioning for mission critical applications across a variety of industries. Do we need to rethink what mission critical means? >> I think it's all in the eye of the beholder so to speak. If you're a new business starting up, your software and your application is your entire business. So if you have a cold start latency or God forbid something actually goes down, you don't have a business. So it's just as mission critical to that founder of a new business and new technology as it is, you know, an established enterprise that's running sort of a more, you know, day-to-day application that we may all interact with. So we treat all of those scenarios with equal fervor and importance right? And many times, it's a lot of those new experiences that the become the day-to-day experiences for us globally, and are super important. And we power all of those, whether it be an established enterprise all the way to the next big startup. >> I often talk about COVID as the forced march to digital. >> Sahir: Mm-Hmm. >> Which was obviously a little bit rushed, but if you weren't in digital business, you were out of business. And so now you're seeing people step back and say, "All right, let's be more thoughtful about our digital transformation. We've got some time, we've obviously learned some things made some mistakes." It's all about the customer experience though. And that becomes mission critical right? What are you seeing Guillermo, in terms of the patterns in digital transformation now that we're sort of exiting the isolation economy? >> One thing that comes to mind is, we're seeing that it's not always predictable how fast you're going to grow in this digital economy. So we have customers in the ecommerce space, they do a drop and they're piggybacking on serverless to give them that ability to instantly scale. And they couldn't even prepare for some of these events. We see that a lot with the Web3 space and NFT drops, where they're building in such a way that they're not sensitive to this massive fluctuations in traffic. They're taking it for granted. We've put in so much work together behind the scenes to support it. But the digital native creator just, "Oh things are scaling from one second to the next like I'm hitting like 20,000 requests per second, no problem Vercel is handling it." But the amount of infrastructural work that's gone behind the scenes in support has been incredible. >> We see that in gaming all the time, you know it's really hard for a gaming company to necessarily predict where in the globe a game's going to be particularly hot. Games get super popular super fast if they're successful, it's really hard to predict. It's another vertical that's got a similar dynamic. >> So gaming, crypto, so you're saying that you're able to assist your customers in architecting so that the website doesn't crash. >> Guillermo: Absolutely. >> But at the same time, if the the business dynamic changes, they can dial down. >> Yeah. >> Right and in many ways, slow is the new down, right? And if somebody has a slow experience they're going to leave your site just as much as if it's- >> I'm out of here- >> You were down. So you know, it's really maintaining that really fast performance, that amazing customer experience. Because this is all measured, it's scientific. Like anytime there's friction in the process, you're going to lose customers. >> So obviously people are excited about your keynote, but what have they been saying? Any specific comments you can share, or questions that you got that were really interesting or? >> I'm already getting links to the apps that people are deploying. So the whole idea- >> Come on! >> All over the world. Yeah so it's already working I'm excited. >> So they were show they were showing off, "Look what I did" Really? >> Yeah on Twitter. >> That's amazing. >> I think from my standpoint, I got a question earlier, we were with a bunch of financial analysts and investors, and they said they've been talking to a lot of the customers in the halls. And just to see, you know, from the last time we were all in person, the number of our customers that are using multiple capabilities across this idea of a developer data platform, you know, certainly MongoDB's been a popular core database open source for a long time. But the new capabilities around search, analytics, mobile being adopted much more broadly to power these experiences is the most exciting thing from our side. >> So from 2019 to now, you're saying substantial uptick in adoption for these features? >> Yeah. And many of them are new. >> Time series as well, that's pretty new, so yeah. >> Yeah and you know, our philosophy of development at MongoDB is to get capabilities in the hands of customers early. Get that feedback to enrich and drive that product-market fit. And over the last three years especially, we've been transitioning from a single product kind of core, you know, non relational modern database to a data platform, a developer data platform that adds more and more capabilities to power these modern applications. And a lot of those were released during the pandemic. Certainly we talked about them in our virtual conferences and all the zoom meetings we had over the years. But to actually go talk to all these customers, this is the largest conference we've ever put on, and to get a sense of, wow all the amazing things they're doing with them, it's definitely a different feeling when we're all together. >> So that's interesting, when you have such a hot product, product-led growth which is what Mongo has been in, and you add these new features. They're coming from the developers who are saying, "Hey, we need this." >> Yip. >> Okay so you have a pretty high degree of confidence, but how do you know when you have product-market fit? I mean, is it adoption, usage, renewals? What's your metric? >> Yeah I think it's a mix of quantitative measures that you know, around conversion rates, the size of your funnel, the retention rate, NPS which obviously can be measured, but also just qualitative. You know when you're talking to a developer or a technology executive around what their needs are, and then you see how they actually apply it to solve a problem, it's that balance between the qualitative and the quantitative measurement of things. And you can just sort of, frankly you can feel it. You can see it in the numbers sure, but you can kind of feel that excitement, you can see that adoption and what it empowers people to do. And so to me, as a product leader, it's always a blend of those things. If you get too obsessed with purely the metrics, you can always over optimize something for the wrong reason. So you have to bring in that qualitative feedback to balance yourself out. >> Right. >> Guillermo, what's next? What do you not have that you want from Sahir and Mongo? >> So the natural next step for serverless computing is, is the Edge. So we have to auto-scale, we have to tolerate fares. We have to be avail. We have to be easy, but we have to be global. And right now we've been doing this by using a lot of techniques like caching and replication and things like this. But the future's about personalizing even more to each visitor depending on where they are. So if I'm in New York, I want to get the latest offers for New York on demand, just for me, and using AI to continue to personalize that experience. So giving the developer these tools in a way where it feels natural to build an application like this. It doesn't feel like, "Oh I'm going to do this year 10 if I make it, I'm going to do it since the very beginning." >> Dave: Okay interesting. So that says to me that I'm not going to make a round trip to the cloud necessarily for that experience. So I'm going to have some kind, Apple today, at the Worldwide Developer Conference announced the M2, right. I've been looking at the M1 Ultra, and I'm going wow look at that! And so- >> Sahir: You were talking about that new one backstage. >> I mean it's this amazing pace of Silicon development and they're focusing on the NPU and you look at what Tesla's doing. I mean it's just incredible. So you're going to have some new hardware architecture that emerges. Most of the AI that's done today is modeling in the cloud. You're going to have a real time inferencing at the Edge. So that's not going to do the round trip. There's going to be a data store there, I think it has to be. You're going to persist some of the data, maybe not all of it. So it's a whole new architecture- >> Sahir: Absolutely. >> That's developing. That sounds very disruptive. >> Sahir: Yeah. >> How do you think about that, and how does Mongo play there? Guillermo first. >> What I spent a lot of time thinking about is obviously the developer experience, giving the programmer a programming model that is natural, intuitive, and produces its great results. So if they have to think about data that's local because of regulatory reasons for example, how can we let the framework guide them to success? I'm just writing an application I deployed to the cloud and then everything else is figured out. >> Yeah or speed of light is another challenge. (Sahir and Guillermo laugh) >> How can we overcome the speed of light is our next task for sure. >> Well you're working on that aren't you? You've got the best engineers on that one. (Sahir and Guillermo laugh) >> We can solve a lot of problems, I'm not sure of that one. >> So Mongo plays in that scenario or? >> Yeah so I think, absolutely you know, we've been focused heavily on becoming the globally distributed cloud data layer. The back-end data layer that allows you to persist data to align with performance and move data where it needs to be globally or deal with data sovereignty, data nationalism that's starting to rise, but absolutely there is more data being pushed out to the Edge, to your point around processing or inference happening at the Edge. And there's going to be a globally distributed front-end layer as well, whether data and processing takes apart. And so we're focused on one, making sure the data connectivity and the layer is all connected into one unified architecture. We do that in combination with technologies that we have that do with mobility or edge distribution and synchronization of data with realm. And we do it with partnerships. We have edge partnerships with AWS and Verizon. We have partnerships with a lot of CVM players who are building out that Edge platform and making sure that MongoDB is either connected to it or just driving that synchronization back and forth. >> I call that unified experience super cloud, Robbie Belson from Verizon the cloud continuum, but that consistent experience for developers whether you're on Prim, whether you're in you know, Azure, Google, AWS, and ultimately the Edge. That's the big- >> That's where it's going. >> White space right now I'm hearing, Guillermo, right? >> I think it'll define the next generation of how software is built. And we're seeing this almost like a coalition course between some of the ideas that the Web3 developers are excited about, which is like decentralization almost to the extreme. But the Web2 also needs more decentralization, because we're seeing it with like, the data needs to be local to me, I need more privacy. I was looking at the latest encryption features in Mongo, like I think both Web2 need to incorporate more of the ideas of Web3 and vice versa to create the best possible consumer experience. Privacy matters more than ever before. Latency for conversion matters more than ever before. And regulations are changing. >> Sahir: Yeah. >> And you talked about Web3 earlier, talked about new protocols, a new distributed you know, decentralized system emerging, new hardware architectures. I really believe we really think that new economics are going to bleed back into the data center, and yeah every 15 years or so this industry gets disrupted. >> Sahir: Yeah. >> Guillermo: Absolutely. >> You know you ain't see nothing yet guys. >> We all talked about hardware becoming commoditized 10, 15 years ago- >> Yeah of course. >> We get the virtualization, and it's like nope not at all. It's actually a lot of invention happening. >> The lower the price the more the consumption. So guys thanks so much. Great conversation. >> Thank you. >> Really appreciate your time. >> Really appreciate it I enjoyed the conversation. >> All right and thanks for watching. Keep it right there. We'll be back with our next segment right after this short break. Dave Vellante for theCUBE's coverage of MongoDB World 2022. >> Man Offscreen: Clear. (clapping) >> All right wow. Don't get up. >> Sahir: Okay. >> Is that a Moonwatch? >> Sahir: It is a Speedmaster but it's that the-

>> Narrator: TheCUBE presents Kubecon and Cloudnativecon Europe, 2022. Brought to you by Red Hat, the cloud native computing foundation and its ecosystem partners. >> Welcome to Valencia, Spain in Kubecon, Cloudnativecon Europe, 2022. I'm Keith Townsend and we are in a beautiful locale. The city itself is not that big, 100,000, I mean, sorry, about 800,000 people. And we got out, got to see a little bit of the sites. It is an amazing city. I'm from the US, it's hard to put in context how a city of 800,000 people can be so beautiful. I'm here with Anish Dhar and Ganesh Datta, Co-founder and CTO of Cortex. Anish you're CEO of Cortex. We were having a conversation. One of the things that I asked my client is what is good. And you're claiming to answer the question about what is quality when it comes to measuring microservices? What is quality? >> Yeah, I think it really depends on the company and I think that's really the philosophy we have. When we built Cortex, is that we understood that different companies have different definitions of quality, but they need to be able to be represented in really objective ways. I think what ends up happening in most engineering organizations is that quality lives in people's heads. The engineers who write the services they're often the ones who understand all the intricacies with the service. What are the downstream dependencies, who's on call for this service? Where does the documentation live? All of these things I think impact the quality of the service. And as these engineers leave the company or they switch teams, they often take that tribal knowledge with them. And so I think quality really comes down to being able to objectively codify your best practices in some way and have that distributed to all engineers in the company. >> And to add to that, I think very concrete examples for an organization that's already modern like their idea of quality might be uptime incidents. For somebody that's like going through a modernization strategy, they're trying to get to the 21st century, they're trying to get to Kubernetes. For them, quality means where are we in that journey? Are you on our latest platforms? Are you running CI, are you doing continuous delivery? Like quality can mean a lot of things and so our perspective is how do we give you the tools to say as an organization, here's what quality means to us. >> So at first, my mind was going through when you said quality, Anish, you started out the conversation about having this kind of non-codified set of measurements, historical knowledge, et cetera. I was thinking observability, measuring how much time does it take to have a transaction. But Ganesh you're introducing this new thing. I'm working with this project where we're migrating a monolith application to a set of microservices. And you're telling me Cortex helps me measure the quality of what I'm doing in my project? >> Ganesh: Absolutely. >> How is that? >> Yeah, it's a great question. So I think when you think about observability, you think about uptime and latency and transactions and throughput and all this stuff. And I think that's very high level and I think that's one perspective of what quality is, but as you're going through this journey, you might say like the fact that we're tracking that stuff, the fact that you're using APM, you're using distributed tracing, that is one element of service quality. Maybe service quality means you're doing CICD, you're running vulnerability scans. You're using Docker. Like what that means to us can be very different. So observability is just one aspect of are you doing things the right way? Good to us means you're using SLOs. You are tracking those metrics. You're reporting that somewhere. And so that's like one component for our organization of what quality can mean. >> I'm kind of taken back by this because I've not seen someone kind of give the idea. And I think later on, this is the perfect segment to introduce theCUBE clock in which I'm going to give you a minute to kind of like give me the elevator pitch, but we're going to have the deep conversation right now. When you go in and you... What's the first process you do when you engage in a customer? Does a customer go and get this off of repository, install it, the open source version, and then what? I mean, what's the experience? >> Yeah, absolutely. So we have both a smart and on-prem version of Cortex. It's really straightforward. Basically we have a service discovery onboarding flow where customers can connect to different sets of source for their services. It could be Kubernetes, ECS, Git Repos, APM tools, and then we'll actually automatically map all of that service data with all of the integration data in the company. So we'll take that service and map it to its on call rotation to the JIRA tickets that have the service tag associated with it, to the data algo SLOs. And what that ends ends up producing is this service catalog that has all the information you need to understand your service. Almost like a single pane of glass to work with the service. And then once you have all of that data inside Cortex, then you can start writing scorecards, which grade the quality of those services across those different verticals Ganesh was talking about. Like whether it's a monolith, a microservice transition, whether it's production readiness or security standards, you can really start tracking that. And then engineers start understanding where the areas of risk with my service across reliability or security or operation maturity. I think it gives us in insane visibility into what's actually being built and the quality of that compared to your standards. >> So, okay, I have a standards for SLO that is usually something that is, it might not even be measured. So how do you help me understand that I'm lacking a measurable system for tracking SLO and what's the next step for helping me get that system? >> Yeah, I think our perspective is very much how do we help you create a culture where developers understand what's expected of them? So if SLOs are part of what we consider observability or reliability, then Cortex's perspective is, hey, we want to help your organization adopt SLOs. And so that service cataloging concept, the service catalog says, hey, here's my API integration. Then a scorecard, the organization goes in and says, we want every service owner to define their SLOs, we want you to define your thresholds. We want you to be tracking them, are you passing your SLOs? And so we're not being prescriptive about here's what we think your SLOs should be, ours is more around, hey, we're going to help you like if you care about SLOs, we're going to tell the service owners saying, hey, you need to have at least two SLOs for your service and you got to be tracking them. And the service catalog that data flows from a service catalog into those scorecards. And so we're helping them adopt that mindset of, hey, SLOs are important. It is a component of like a holistic service reliability excellence metric that we care about. >> So what happens when I already have systems for like SLO, how do I integrate that system with Cortex? >> That's one of the coolest things. So the service catalog can be pretty smart about it. So let's say you've sucked in your services from your GitHub. And so now your services are in Cortex. What we can do is we can actually discover from your APM tools, you can say like, hey, for this service, we have guessed that this is the corresponding APM in Datadog. And so from Datadog, here are your SLOs, here are your monitors. And so we can start mapping all the different parts of your world into the Cortex. And that's the power of the service catalog. The service catalog says, given a service, here's everything about that service. Here's the vulnerability scans. Here's the APM, the monitors, the SLOs, the JIRA ticket is like all that stuff comes into a single place. And then our scorecards product can go back out and say, hey, Datadog, tell me about this SLOs for the service. And so we're going to get that information live and then score your services against that. And so we're like integrating with all of your third party tools and integrations to create that single pan of glass. >> Yeah, and to add to that, I think one of the most interesting use cases with scorecards is, okay, which teams have actually adopted SLOs in the first place? I think a lot of companies struggle with how do we make sure engineers defined SLOs are passing them actually care about them. And scorecards can be used to one, which teams are actually meeting these guidelines? And then two, let's get those teams adopted on SLOs. Let's track that, you can do all of that in Cortex, which is I think a really interesting use case that we've seen. >> So let's talk about kind of my use case in the end to end process for integrating Cortex into migrations. So I have this monolithic application, I want to break it into microservices and then I want to ensure that I'm delivering if not, you know what, let's leave it a little bit more open ended. How do I know that I'm better at the end of I was in a monolith before, how do I measure that now that I'm in microservices and on cloud native, that I'm better? >> That's a good question. I think it comes down to, and we talk about this all the time for our customers that are going through that process. You can't define better if you don't define a baseline, like what does good mean to us? And so you need to start by saying, why are we moving to microservices? Is it because we want teams to move faster? Is it because we care about reliability up time? Like what is the core metric that we're tracking? And so you start by defining that as an organization. And that is kind of like a hand wavy thing. Why are we doing microservices? Once you have that, then you define this scorecard. And that's like our golden path. Once we're done doing this microservice migration, can we say like, yes, we have been successful and those metrics that we care about are being tracked. And so where Cortex fits in is from the very first step of creating a service, you can use Cortex to define templates. Like one click, you go in, it spins up a microservice for you that follows all your best practices. And so from there, ideally you're meeting 80% of your standards already. And then you can use scorecards to track historical progress. So you can say, are we meeting our golden path standards? Like if it's uptime, you can track uptime metrics and scorecards. If it's around velocity, you can track velocity metrics. Is it just around modernization? Are you doing CICD and vulnerability scans, like moving faster as a team? You can track that. And so you can start seeing like trends at a per team level, at a per department level, at a per product level saying, hey, we are seeing consistent progress in the metrics that we care about. And this microservice journey is helping us with that. So I think that's the kind of phased progress that we see with Cortex. >> So I'm going to give you kind of a hand wavy thing. We're told that cloud native helps me to do things faster with less defects so that I can do new opportunities. Let's stretch into kind of this non-tech, this new opportunities perspective. I want to be able to move my microservices. I want to be able to move my architecture to microservices, so I reduce call wait time on my customer service calls. So I can easily see how I can measure are we iterating faster? Are we putting out more updates quicker? That's pretty easy to measure. The number of defects, easy to measure. I can imagine a scorecard, but what about this wait time? I don't necessarily manage the call center system, but I get the data. How do I measure that the microservice migration was successful from a business process perspective? >> Yeah, that's a good question. I think it comes down to two things. One, the flexibility of scorecard means you can pipe in that data to Cortex. And what we recommend customers is track the outcome metrics and track the input metrics as well. And so what is the input metric to call wait time? Like maybe it's the fact that if something goes wrong, we have the run books to quickly roll back to an older version that we know is running. That way MTTR is faster. Or when something happens, we know the owner for that service and we can go back to them and say like, hey, we're going to ping you as an incident commander. Those are kind of the input metrics to, if we do these things, then we know our call wait time is going to drop because we're able to respond faster to incidents. And so you want to track those input metrics. And then you want to track the output metrics as well. And so if you have those metrics coming in from your Prometheus or your Datadogs or whatever, you can pipe that into Cortex and say, hey, we're going to look at both of these things holistically. So we want to see is there a correlation between those input metrics like are we doing things the right way, versus are we seeing the value that we want to come out of that? And so I think that's the value of Cortex is not so much around, hey, we're going to be prescriptive about it. It's here's this framework that will let you track all of that and say, are we doing things the right way and is it giving us the value that we want? And being able to report that update to engineer leadership and say, hey, maybe these services are not doing like we're not improving call wait time. Okay, why is that? Are these services behind on the actual input metrics that we care about? And so being able to see that I think is super valuable. >> Yeah, absolutely, I think just to touch on the reporting, I think that's one of the most value add things Cortex can provide. If you think about it, the service is atomic unit of your software. It represents everything that's being built and that bubbles up into teams, products, business units, and Cortex lets you represent that. So now I can, as a CTO, come in and say, hey, these product lines are they actually meeting our standards? Where are the areas of risk? Where should I be investing more resources? I think Cortex is almost like the best way to get the actual health of your engineering organization. >> All right Anish and Ganesh. We're going to go into the speed round here. >> Ganesh: It's time for the Q clock? >> Time for the Q clock. Start the Q clock. (upbeat music) Let's go on. >> Ganesh: Let's do it. >> Anish: Let's do it. >> Let's go on. You're you're 10 seconds in. >> Oh, we can start talking. Okay, well I would say, Anish was just touching on this. For a CTO, their question is how do I know if engineering quality is good? And they don't care about the microservice level. They care about as a business, is my engineering team actually producing. >> Keith: Follow the green, not the dream. (Ganesh laughs) >> And so the question is, well, how do we codify service quality? We don't want this to be a hand wavy thing that says like, oh, my team is good, my team is bad. We want to come in and define here's what service quality means. And we want that to be a number. You want that to be something that can- >> A goal without a timeline is just a dream. >> And CTO comes in and they say, here's what we care about. Here's how we're tracking it. Here are the teams that are doing well. We're going to reward the winners. We're going to move towards a world where every single team is doing service quality. And that's where Cortex can provide. We can give you that visibility that you never have before. >> For that five seconds. >> And hey, your SRE can't be the one handling all this. So let Cortex- >> Shoot the bad guy. >> Shot that, we're done. From Valencia Spain, I'm Keith Townsend. And you're watching theCube. The leader in high tech coverage. (soft music) (soft music) >> Narrator: TheCube presents Kubecon and Cloudnativecon Europe, 2022 brought to you by Red Hat, the cloud native computing foundation and its ecosystem partners. >> Welcome to Valencia, Spain in Kubecon, Cloudnativecon Europe, 2022. I'm Keith Townsend. And we are in a beautiful locale. The city itself is not that big 100,000, I mean, sorry, about 800,000 people. And we got out, got to see a little bit of the sites. It is an amazing city. I'm from the US, it's hard to put in context how a city of 800,000 people can be so beautiful. I'm here with Anish Dhar and Ganesh Datta, Co-founder and CTO of Cortex. Anish you're CEO of Cortex. We were having a conversation. One of the things that I asked my client is what is good. And you're claiming to answer the question about what is quality when it comes to measuring microservices? What is quality? >> Yeah, I think it really depends on the company. And I think that's really the philosophy we have when we build Cortex is that we understood that different companies have different definitions of quality, but they need to be able to be represented in really objective ways. I think what ends up happening in most engineering organizations is that quality lives in people's heads. Engineers who write the services, they're often the ones who understand all the intricacies with the service. What are the downstream I dependencies, who's on call for this service, where does the documentation live? All of these things, I think impact the quality of the service. And as these engineers leave the company or they switch teams, they often take that tribal knowledge with them. And so I think quality really comes down to being able to objectively like codify your best practices in some way, and have that distributed to all engineers in the company. >> And to add to that, I think like very concrete examples for an organization that's already modern their idea of quality might be uptime incidents. For somebody that's like going through a modernization strategy, they're trying to get to the 21st century. They're trying to get to Kubernetes. For them quality means like, where are we in that journey? Are you on our latest platforms? Are you running CI? Are you doing continuous delivery? Like quality can mean a lot of things. And so our perspective is how do we give you the tools to say as an organization here's what quality means to us. >> So at first my mind was going through when you said quality and as you started out the conversation about having this kind of non codified set of measurements, historical knowledge, et cetera. I was thinking observability measuring how much time does it take to have a transaction? But Ganesh you're introducing this new thing. I'm working with this project where we're migrating a monolith application to a set of microservices. And you're telling me Cortex helps me measure the quality of what I'm doing in my project? >> Ganesh: Absolutely. >> How is that? >> Yeah, it's a great question. So I think when you think about observability, you think about uptime and latency and transactions and throughput and all this stuff and I think that's very high level. And I think that's one perspective of what quality is. But as you're going through this journey, you might say like the fact that we're tracking that stuff, the fact that you're using APM, you're using distributed tracing, that is one element of service quality. Maybe service quality means you're doing CICD, you're running vulnerability scans. You're using Docker. Like what that means to us can be very different. So observability is just one aspect of, are you doing things the right way? Good to us means you're using SLOs. You are tracking those metrics. You're reporting that somewhere. And so that's like one component for our organization of what quality can mean. >> Wow, I'm kind of taken me back by this because I've not seen someone kind of give the idea. And I think later on, this is the perfect segment to introduce theCube clock in which I'm going to give you a minute to kind of like give me the elevator pitch, but we're going to have the deep conversation right now. When you go in and you... what's the first process you do when you engage in a customer? Does a customer go and get this off of repository, install it, the open source version and then what, I mean, what's the experience? >> Yeah, absolutely. So we have both a smart and on-prem version of Cortex. It's really straightforward. Basically we have a service discovery onboarding flow where customers can connect to different set of source for their services. It could be Kubernetes, ECS, Git Repos, APM tools, and then we'll actually automatically map all of that service data with all of the integration data in the company. So we'll take that service and map it to its on call rotation to the JIRA tickets that have the service tag associated with it, to the data algo SLOs. And what that ends up producing is this service catalog that has all the information you need to understand your service. Almost like a single pane of glass to work with the service. And then once you have all of that data inside Cortex, then you can start writing scorecards, which grade the quality of those services across those different verticals Ganesh was talking about. like whether it's a monolith, a microservice transition, whether it's production readiness or security standards, you can really start tracking that. And then engineers start understanding where are the areas of risk with my service across reliability or security or operation maturity. I think it gives us insane visibility into what's actually being built and the quality of that compared to your standards. >> So, okay, I have a standard for SLO. That is usually something that is, it might not even be measured. So how do you help me understand that I'm lacking a measurable system for tracking SLO and what's the next step for helping me get that system? >> Yeah, I think our perspective is very much how do we help you create a culture where developers understand what's expected of them? So if SLOs are part of what we consider observability and reliability, then Cortex's perspective is, hey, we want to help your organization adopt SLOs. And so that service cataloging concept, the service catalog says, hey, here's my APM integration. Then a scorecard, the organization goes in and says, we want every service owner to define their SLOs. We want to define your thresholds. We want you to be tracking them. Are you passing your SLOs? And so we're not being prescriptive about here's what we think your SLOs should be. Ours is more around, hey, we're going to help you like if you care about SLOs, we're going to tell the service owners saying, hey, you need to have at least two SLOs for your service and you've got to be tracking them. And the service catalog that data flows from the service catalog into those scorecards. And so we're helping them adopt that mindset of, hey, SLOs are important. It is a component of like a holistic service reliability excellence metric that we care about. >> So what happens when I already have systems for like SLO, how do I integrate that system with Cortex? >> That's one of the coolest things. So the service catalog can be pretty smart about it. So let's say you've sucked in your services from your GitHub. And so now your services are in Cortex. What we can do is we can actually discover from your APM tools, we can say like, hey, for this service we have guessed that this is the corresponding APM in Datadog. And so from Datadog, here are your SLOs, here are your monitors. And so we can start mapping all the different parts of your world into the Cortex. And that's the power of the service catalog. The service catalog says, given a service, here's everything about that service. Here's the vulnerability scans, here's the APM, the monitor, the SLOs, the JIRA ticket, like all that stuff comes into a single place. And then our scorecard product can go back out and say, hey, Datadog, tell me about this SLOs for the service. And so we're going to get that information live and then score your services against that. And so we're like integrating with all of your third party tools and integrations to create that single pan of glass. >> Yeah and to add to that, I think one of the most interesting use cases with scorecards is, okay, which teams have actually adopted SLOs in the first place? I think a lot of companies struggle with how do we make sure engineers defined SLOs are passing them actually care about them? And scorecards can be used to one, which teams are actually meeting these guidelines? And then two let's get those teams adopted on SLOs. Let's track that. You can do all of that in Cortex, which is, I think a really interesting use case that we've seen. >> So let's talk about kind of my use case in the end to end process for integrating Cortex into migrations. So I have this monolithic application, I want to break it into microservices and then I want to ensure that I'm delivering you know what, let's leave it a little bit more open ended. How do I know that I'm better at the end of I was in a monolith before, how do I measure that now that I'm in microservices and on cloud native, that I'm better? >> That's a good question. I think it comes down to, and we talk about this all the time for our customers that are going through that process. You can't define better if you don't define a baseline, like what does good mean to us? And so you need to start by saying, why are we moving to microservices? Is it because we want teams to move faster? Is it because we care about reliability up time? Like what is the core metric that we're tracking? And so you start by defining that as an organization. And that is kind of like a hand wavy thing. Why are we doing microservices? Once you have that, then you define the scorecard and that's like our golden path. Once we're done doing this microservice migration, can we say like, yes, we have been successful. And like those metrics that we care about are being tracked. And so where Cortex fits in is from the very first step of creating a service. You can use Cortex to define templates. Like one click, you go in, it spins up a microservice for you that follows all your best practices. And so from there, ideally you're meeting 80% of your standards already. And then you can use scorecards to track historical progress. So you can say, are we meeting our golden path standards? Like if it's uptime, you can track uptime metrics and scorecards. If it's around velocity, you can track velocity metrics. Is it just around modernization? Are you doing CICD and vulnerability scans, like moving faster as a team? You can track that. And so you can start seeing like trends at a per team level, at a per department level, at a per product level. Saying, hey, we are seeing consistent progress in the metrics that we care about. And this microservice journey is helping us with that. So I think that's the kind of phased progress that we see with Cortex. >> So I'm going to give you kind of a hand wavy thing. We're told that cloud native helps me to do things faster with less defects so that I can do new opportunities. Let's stretch into kind of this non-tech, this new opportunities perspective. I want to be able to move my microservices. I want to be able to move my architecture to microservices so I reduce call wait time on my customer service calls. So, I could easily see how I can measure are we iterating faster? Are we putting out more updates quicker? That's pretty easy to measure. The number of defects, easy to measure. I can imagine a scorecard. But what about this wait time? I don't necessarily manage the call center system, but I get the data. How do I measure that the microservice migration was successful from a business process perspective? >> Yeah, that's a good question. I think it comes down to two things. One, the flexibility of scorecard means you can pipe in that data to Cortex. And what we recommend customers is track the outcome metrics and track the input metrics as well. And so what is the input metric to call wait time? Like maybe it's the fact that if something goes wrong, we have the run book to quickly roll back to an older version that we know is running that way MTTR is faster. Or when something happens, we know the owner for that service and we can go back to them and say like, hey, we're going to ping you as an incident commander. Those are kind the input metrics to, if we do these things, then we know our call wait time is going to drop because we're able to respond faster to incidents. And so you want to track those input metrics and then you want to track the output metrics as well. And so if you have those metrics coming in from your Prometheus or your Datadogs or whatever, you can pipe that into Cortex and say, hey, we're going to look at both of these things holistically. So we want to see is there a correlation between those input metrics? Are we doing things the right way versus are we seeing the value that we want to come out of that? And so I think that's the value of Cortex is not so much around, hey, we're going to be prescriptive about it. It's here's this framework that will let you track all of that and say, are we doing things the right way and is it giving us the value that we want? And being able to report that update to engineer leadership and say, hey, maybe these services are not doing like we're not improving call wait time. Okay, why is that? Are these services behind on like the actual input metrics that we care about? And so being able to see that I think is super valuable. >> Yeah, absolutely. I think just to touch on the reporting, I think that's one of the most value add things Cortex can provide. If you think about it, the service is atomic unit of your software. It represents everything that's being built and that bubbles up into teams, products, business units, and Cortex lets you represent that. So now I can, as a CTO, come in and say, hey, these product lines are they actually meeting our standards? Where are the areas of risk? Where should I be investing more resources? I think Cortex is almost like the best way to get the actual health of your engineering organization. >> All right, Anish and Ganesh. We're going to go into the speed round here. >> Ganesh: It's time for the Q clock >> Time for the Q clock. Start the Q clock. (upbeat music) >> Let's go on. >> Ganesh: Let's do it. >> Anish: Let's do it. >> Let's go on, you're 10 seconds in. >> Oh, we can start talking. Okay, well I would say, Anish was just touching on this, for a CTO, their question is how do I know if engineering quality is good? And they don't care about the microservice level. They care about as a business, is my enduring team actually producing- >> Keith: Follow the green, not the dream. (Ganesh laughs) >> And so the question is, well, how do we codify service quality? We don't want this to be a hand wavy thing that says like, oh, my team is good, my team is bad. We want to come in and define here's what service quality means. And we want that to be a number. You want that to be something that you can- >> A goal without a timeline is just a dream. >> And a CTO comes in and they say, here's what we care about, here's how we're tracking it. Here are the teams that are doing well. We're going to reward the winners. We're going to move towards a world where every single team is doing service quality. And that's what Cortex can provide. We can give you that visibility that you never had before. >> For that five seconds. >> And hey, your SRE can't be the one handling all this. So let Cortex- >> Shoot the bad guy. >> Shot that, we're done. From Valencia Spain, I'm Keith Townsend. And you're watching theCube, the leader in high tech coverage. (soft music)

>>mhm. Hello and welcome to the cubes Ducker con coverage. I'm John Ferry, host of the Cube. We've got a great segment here with slim dot AI CEO John Amaral. Stealth mode, SAS Company. Start up in the devops space with tools today and open source around. Supply chain security with containers closed beta with developers. John, Thanks for coming on. Congratulations for being platinum sponsor here, Dr Khan. Thanks for coming on The Cube. >>Thanks so much on my pleasure. >>You know, container analysis, management optimisation. You know, that's super important. But security is at the centre of all the action we're seeing with containers. We've been talking shift left on a lot of cube conversations. What that means? Is it an outcome? Is that the product software supply chain? You seek them? A secure where malware. All these things are part of now the new normal in cloud Native. You guys at the centre of this, the surface areas change. All these things are important. Take a minute to explain what you guys are doing as a as a tools and open source. Some of the things you're doing, I know you got a stealth mode product. You probably can't talk about. But you gotta close, Beta. Can you give us a little bit of a teaser? What slim dot ai about >>sure. So someday I is about helping developers build secure containers fast, and that really plays to a few trends in the marketplace that are really apparent and important right now in a federal mandate and a bunch of really highly publicised breaches that have all been caused by software supply, chain risks and security and software supply, chain security has become a really top of mind concept for people who secure things and people who develop software and runs. SAS so slim that AI has built a bunch of capabilities and tools that allow software developers at their desks to better understand and build secure containers that really reduce software supply. Chain risk as you think about containers being run in production. And we do three things to help developers one, as we help them know everything about their software. It's a kind of a core concept of suffering supply chain security. Just know what software is in your containers to. Another core concept is only ship to production. What you need to run. That's all about risk surface and the ability for you to easily make a container small that has as much a software reduction in it as possible. And three, it's removed as many vulnerabilities as possible to Slim Toolset. Both are open source and our SAS data platform make that easy for developers to do >>so. Basically, you have a nice, clean, secure environment. Know what's in there. Don't only put in production was needed and make sure it's tight and it's trimmed down perfectly. So you're kind of teasing out this concept of slimming, which is in the name of the company. But it really is about surface area of attack around containers and super important as it becomes more and more prominent in the environment these days. What is container slimming and why is it important for supply chain security? >>Sure. So in the in the in the realm of software supply chain security, best practises right, there are three core concepts. One is the idea of an S bahn that you should know the inventory of all the software that runs in your world to its security posture, signing containers, making sure that the authenticity of the software that you use and production is well understood. And the third is, well, managing exactly what shopper you ship. The first two things I said are simply just inventory and basics about knowing what software you have. But no one answers the question. What software do I need? So I run a container and say, It's a gig and it's got all these packages in. It comes from the operating system from note, etcetera. It's got all this stuff in it. I know the parts that I write my code to. But all that other stuff, what is it? Why is it there? What's the risk in it? That slimming part is all about managing the list of things you actually shipped to the absolute minimum and with confidence that you know that that code will actually work when it gets production but be as small as possible. That's what slimming is all about, and it really reduces supply chain risk by lowering the attack surface in your container, but also trimming your supply chain to only the minimum pieces you need, which really causes a lot of improvements in in the operational overhead of having software supply chain security >>It's interesting as you get more more volume and velocity around containers, uh, and automation kicks in. Sometimes things are turning on and off you don't even know. And shift left has been a great trend for getting in the CI CD pipeline for developer productivity. Really cool. What are some of the consequences that's going on with this? Because then you start to get into some of these areas like some stuff happens that the developers have to come shift back and can take care of stuff. So, you know, C. Tus and CSOs are really worried about this container dynamic. What's the What's the new thing that's causing the problems here? What's the issue around the management that CDOs and CDOs care about? >>Sure. And I'll talk about the shift left implications as well for that exact point. So as you start to worry about software supply, chain security and get a handle on all the software you ship to prod well, part of that is knowledge is power. But it's also, um, risk and work as soon as I know about problems with my containers or the risk surface, and I got to do something about it so we're really getting into the age where everyone has to know about the software they ship. As soon as you know about that, say there's a vulnerability or a package that's a little risky or some surface area you don't really understand. The only place that can be evaded is by going back to the developers and asking them. What is that? How do I remove it? Please do that work. So the software supply chain security knowledge turns into developer security work. Now the problem is, is that historically, the knowledge was imperfect, and the developer, you know, involvement in that was, I'd say, at Hawk, meaning that developers had best practises that did the best they could. But the scrutiny we have now on minimising this kind of risk is really high. The beautiful part about containers is their portable, and it's an easily transferrable piece of software. So you have a lot of producers and a lot of consumers of containers. Consumers of containers that care about supply chain risk are now starting to push back on, producers saying, Take those vulnerabilities out, move those packages, make this thing more secure, lower the risk profile this works its way all the way back to the developers who don't really have the tools, capabilities and automation is to do the work I just described easily, and that's an opportunity that Slim is really addressing, making it easy for developers to remove risk. >>And that's really the consequences of shifting left without having the slimming. Because what you're saying is your shift left and that's kind of annulled out because you've got to go back and fix it. The work comes, >>that's right. And yeah, and it's not an easy task for a developer to understand the code that they didn't intentionally put in the container. It's like, Okay, there's a package in that operating system. What does it do? I don't know. Do I even use it? I don't know. So there's like tonnes of analytic and I would say even optimisation questions and work to be done, but they're just not equipped to, because the tooling for that is really immature Slims on a mission to make that really easy for them and do it automatically so they don't have to think about it. We just automatically remove stuff you don't use and voila! You've got this like perfectly pre optimised capability. >>You know, this suffer supply chain is huge, and I remember when open source started when I remember when I was breaking into the business. Now it's such a height in such an escalation of new developers. This it's a real issue that that's going to be resolved. It has to be because supply chain is part of open source, right? As more code comes in, you got to verify. You gotta make sure it's it's slimming where it needs to be slim and optimised. There needs to be optimised, huge trend. Um and so I just love this area. I think it's really innovative and needed. So congratulations on that, you know, have one more question for you before we get into to close out. Um, you guys are part of the Docker Extensions launch and your partner, >>Why >>is this important to participate in this programme and and what do you guys hope to hope it does for slim dot ai, >>First of all, doctors, the ubiquitous platform, their hub has millions and millions of containers. We've got millions and millions of developers using Docker desktop to actually build and work on containers. It's like literally the sandbox for all local work for building containers. It's a fair statement. So inclusion in Dr Khan and the relationship we're building with Docker is really important for developers and that we're bringing these capabilities to the place where developers work and live every day. It's where all the containers live in the world. So we want to have our technology be easy to use with docker tools. We want to keep developers workflows and systems and and tools of record be the same. We just want to help them use those tools better and optimist outputs. From that we've we've worked since our inception to make our tools really, really friendly for darker and darker environments to, um, we are building a doctor extension. Uh, they have, uh, in this darker con. They're launching their doctor extensions programme to the worldwide audience. We have been one of the lucky Cos that's been selected to build one of the early Dr desktop plug ins. It's derived from our capabilities and our Saas platform and an open source, and it's it's effectively an MRI machine, an awesome analytic tool that allows any developer to really understand the composition, security and profile of any container they work with. So it's giving the sight to the blind, so to speak, that it's this new tool to make container analysis easy. >>Well, John, you guys got a great opportunity. Container analysis, management, optimisation key to security, enabling it and maintaining and sustaining it. And it's changing. I know you guys. Your co founder also did a doctor Slim. So you guys are deep in the open source. I Congratulations on that. We'll see a Q. Khan for the remaining time. We have give a plug for the company, obviously in stealth mode price going to come out later this year. You got a developer preview? What's What's the company all about? What's the most important story here? Dr. Khan? >>Sure, just to playback. So we help developers do three important things. Know everything about the software in their containers to only ship stuff to production that you need, and and and three remove as many vulnerabilities as possible. That's really about managing and understanding the risk surface. It ties right back to software supply chain security, and any developer can use these tools today to emit and build containers that are more secure and better production grade containers, and it's easy to do. We have an open source project called Dioxin. Go check it out. Uh, it's not. It's on git Hub. It's easy to find if you go to w w w dot slim that ai you can find access to that. We have tens of thousands of developers, 500,000 plus downloads. We have developers everywhere using those tools today and open source to do the objectives. I just said You can also easily sign up for our data for our Saas platform, you can use the doctor extension, go ahead and do that and really get on your journey to make those outcomes reality for you. And really kind of make those SEC ops people downstream not have to shift anything left. It's super easy for you to be a great participant in software slash insecurity. >>All right. John Amaral, CEO slim dot ai Stealth. Most thanks for coming The Cube Cube coverage of Dr Khan. Thanks for watching. I'm John Kerry hosted the Cube back to more Dr Khan after the short break. Mhm mhm

(upbeat music) >> Hello, everyone and welcome to theCUBE presentation of the AWS startup showcase, data as code. This is season two, episode two of the ongoing series covering the exciting startups from the AWS ecosystem. Here we're talking about operationalizing the data lake. I'm your host, John Furrier, and my guest here is Mark Lyons, VP of product management at Dremio. Great to see you, Mark. Thanks for coming on. >> Hey John, nice to see you again. Thanks for having me. >> Yeah, we were talking before we came on camera here on this showcase we're going to spend the next 20 minutes talking about the new architectures of data lakes and how they expand and scale. But we kind of were reminiscing by the old big data days, and how this really changed. There's a lot of hangovers from (mumbles) kind of fall through, Cloud took over, now we're in a new era and the theme here is data as code. Really highlights that data is now in the developer cycles of operations. So infrastructure is code-led DevOps movement for Cloud programmable infrastructure. Now you got data as code, which is really accelerating DataOps, MLOps, DatabaseOps, and more developer focus. So this is a big part of it. You guys at Dremio have a Cloud platform, query engine and a data tier innovation. Take us through the positioning of Dremio right now. What's the current state of the offering? >> Yeah, sure, so happy to, and thanks for kind of introing into the space that we're headed. I think the world is changing, and databases are changing. So today, Dremio is a full database platform, data lakehouse platform on the Cloud. So we're all about keeping your data in open formats in your Cloud storage, but bringing that full functionality that you would want to access the data, as well as manage the data. All the functionality folks would be used to from NC SQL compatibility, inserts updates, deletes on that data, keeping that data in Parquet files in the iceberg table format, another level of abstraction so that people can access the data in a very efficient way. And going even further than that, what we announced with Dremio Arctic which is in public preview on our Cloud platform, is a full get like experience for the data. So just like you said, data as code, right? We went through waves and source code and infrastructure as code. And now we can treat the data as code, which is amazing. You can have development branches, you can have staging branches, ETL branches, which are separate from production. Developers can do experiments. You can make changes, you can test those changes before you merge back to production and let the consumers see that data. Lots of innovation on the platform, super fast velocity of delivery, and lots of customers adopting it in just in the first month here since we announced Dremio Cloud generally available where the adoption's been amazing. >> Yeah, and I think we're going to dig into the a lot of the architecture, but I want to highlight your point you made about the branching off and taking a branch of Git. This is what developers do, right? The developers use GitHub, Git, they bake branches from code. They build on top of other code. That's open source. This is what's been around for generations. Now for the first time we're seeing data sets being taken out of production to be worked on and coded and tested and even doing look backs or even forward looking analysis. This is data being programmed. This is data as code. This is really, you couldn't get any closer to data as code. >> Yeah. It's all done through metadata by the way. So there's no actual copying of these data sets 'cause in these big data systems, Cloud data lakes and stuff, and these tables are billions of records, trillions of records, super wide, hundreds of columns wide, thousands of columns wide. You have to do this all through metadata operations so you can control what version of the data basically a individual's working with and which version of the data the production systems are seeing because these data sets are too big. You don't want to be moving them. You can't be moving them. You can't be copying them. It's all metadata and manifest files and pointers to basically keep track of what's going on. >> I think this is the most important trend we've seen in a long time, because if you think about what Agile did for developers, okay, speed, DevOps, Cloud scale, now you've got agility in the data side of it where you're basically breaking down the old proprietary, old ways of doing data warehousing, but not killing the functionality of what data warehouses did. Just doing more volume data warehouses where proprietary, not open. They were different use cases. They were single application developers when used data warehouse query, not a lot of volume. But as you get volume, these things are inadequate. And now you've got the new open Agile. Is this Agile data engineering at play here? >> Yeah, I think it totally is. It's bringing it as far forward in as possible. We're talking about making the data engineering process easier and more productive for the data engineer, which ultimately makes the consumers of that data much happier as well as way more experiments can happen. Way more use cases can be tried. If it's not a burden and it doesn't require building a whole new pipeline and defining a schema and adding columns and data types and all this stuff, you can do a lot more with your data much faster. So it's really going to be super impactful to all these businesses out there trying to be data driven, especially when you're looking at data as a code and branching, a branch off, you can de-risk your changes. You're not worried about messing up the production system, messing up that data, having it seen by end user. Some businesses data is their business so that data would be going all the way to a consumer, a third party. And then it gets really scary. There's a lot of risk if you show the wrong credit score to a consumer or you do something like that. So it's really de-risking... >> Even updating machine learning algorithms. So for instance, if the data sets change, you can always be iterating on things like machine learning or learning algorithms. This is kind of new. This is awesome, right? >> I think it's going to change the world because this stuff was so painful to do. The data sets had gotten so much bigger as you know, but we were still doing it in the old way, which was typically moving data around for everyone. It was copying data down, sampling data, moving data, and now we're just basically saying, hey, don't do that anymore. We got to stop moving the data. It doesn't make any sense. >> So I got to ask you Mark, data lakes are growing in popularity. I was originally down on data lakes. I called them data swamps. I didn't think they were going to be as popular because at that time, distributed file systems like Hadoop, and object store in the Cloud were really cool. So what happened between that promise of distributed file systems and object store and data lakes? What made data lakes popular? What made that work in your opinion? >> Yeah, it really comes down to the metadata, which I already mentioned once. But we went through these waves. John you saw we did the EDWs to the data lakes and then the Cloud data warehouses. I think we're at the start of a cycle back to the data lake. And it's because the data lakes this time around with the Apache iceberg table format, with project (mumbles) and what Dremio's working on around metadata, these things aren't going to become data swamps anymore. They're actually going to be functional systems that do inserts updates into leads. You can see all the commits. You can time travel them. And all the files are actually managed and optimized so you have to partition the data. You have to merge small files into larger files. Oh, by the way, this is stuff that all the warehouses have done behind the scenes and all the housekeeping they do, but people weren't really aware of it. And the data lakes the first time around didn't solve all these problems so that those files landing in a distributed file system does become a mess. If you just land JSON, Avro or Parquet files, CSV files into the HDFS, or in S3 compatible, object store doesn't matter, if you're just parking files and you're going to deal with it as schema and read instead of schema and write, you're going to have a mess. If you don't know which tool changed the files, which user deleted a file, updated a file, you will end up with a mess really quickly. So to take care of that, you have to put a table format so everyone's looking at Apache iceberg or the data bricks Delta format, which is an interesting conversation similar to the Parquet and org file format that we saw play out. And then you track the metadata. So you have those manifest files. You know which files change when, which engine, which commit. And you can actually make a functional system that's not going to become a swamp. >> Another trend that's extending on beyond the data lake is other data sources, right? So you have a lot of other data, not just in data lakes so you have to kind of work with that. How do you guys answer the question around some of the mission critical BI dashboards out there on the latency side? A lot of people have been complaining that these mission critical BI dashboards aren't getting the kind of performance as they add more data sources and they try to do more. >> Yeah, that's a great question. Dremio does actually a bunch of interesting things to bring the performance of these systems up because at the end of the day, people want to access their data really quickly. They want the response times of these dashboards to be interactive. Otherwise the data's not interesting if it takes too long to get it. To answer a question, yeah, a couple of things. First of all, from a data source's side, Dremio is very proficient with our Parquet files in an object store, like we just talked about, but it also can access data in other relational systems. So whether that's a Postgres system, whether that's a Teradata system or an Oracle system. That's really useful if you have dimensional data, customer data, not the largest data set in the world, not the fastest moving data set in the world, but you don't want to move it. We can query that where it resides. Bringing in new sources is definitely, we all know that's a key to getting better insights. It's in your data, is joining sources together. And then from a query speed standpoint, there's a lot of things going on here. Everything from kind of Apache, the Apache Avro project, which is in memory format of Parquet and not kind of serialize and de-serialize the data back and forth. As well as what we call reflection, which is basically a re-indexing or pre-computing of the data, but we leave it in Parquet format, in a open format in the customer's account so that you can have aggregates and other things that are really popular in these dashboards pre-computed. So millisecond response, lightning fast, like tricks that a warehouse would do that the warehouses have been doing forever. Right? >> Yeah, more deals coming in. And obviously the architecture we'll get into that now has to handle the growth. And as your customers and practitioners see the volume and the variety and the velocity of the data coming in, how are they adjusting their data strategies to respond to this? Again, Cloud is clearly the answer, not the data warehouse, but what are they doing? What's the strategy adjustment? >> It's interesting when we start talking to folks, I think sometimes it's a really big shift in thinking about data architectures and data strategies when you look at the Dremio approach. It's very different than what most people are doing today around ETL pipelines and then bringing stuff into a warehouse and oh, the warehouse is too overloaded so let's build some cubes and extracts into the next tier of tools to speed up those dashboards for those tools. And Dremio has totally flipped this on a sentence and said, no, let's not do all those things. That's time consuming. It's brittle, it breaks. And actually your agility and the scope of what you can do with your data decreases. You go from all your data and all your data sources to smaller and smaller. We actually call it the perimeter doom and a lot of people look at this and say, yeah, that kind of looks like how we're doing things today. So from a Dremio perspective, it's really about no copy, try to keep as much data in one place, keep it in one open format and less data movement. And that's a very different approach for people. I think they don't realize how much you can accomplish that way. And your latency shrinks down too. Your actual latency from data created to insight is much shorter. And it's not because of the query response time, that latency is mostly because of data movement and copy and all these things. So you really want to shrink your time to insight. It's not about getting a faster query from a few seconds down, it's about changing the architecture. >> The data drift as they say, interesting there. I got to ask you on the personnel side, team side, you got the technical side, you got the non-technical consumers of the data, you got the data science or data engineering is ramping up. We mentioned earlier data engineering being Agile, is a key innovation here. As you got to blend the two personas of technical and non-technical people playing with data, coding with data, we're the bottlenecks in this process today. How can data teams overcome these bottlenecks? >> I think we see a lot of bottlenecks in the process today, a lot of data movement, a lot of change requests, update this dashboard. Oh, well, that dashboard update requires an ETL pipeline update, requires a column to be added to this warehouse. So then you've got these personas, like you said, some more technical, less technical, the data consumers, the data engineers. Well, the data engineers are getting totally overloaded with requests and work. And it's not even super value-add work to the business. It's not really driving big changes in their culture and insights and new new use cases for data. It's turning through kind of small changes, but it's taking too much time. It's taking days, if not weeks for these organizations to manage small changes. And then the data consumers, the less technical folks, they can't get the answers that they want. They're waiting and waiting and waiting and they don't understand why things are so challenging, how things could take so much time. So from a Dremio perspective, it's amazing to watch these organizations unleash their data. Get the data engineers, their productivity up. Stop dealing with some of the last mile ETL and small changes to the data. And Dremio actually says, hey, data consumers, here's a really nice gooey. You don't need to be a SQL expert, well, the tool will write the joints for you. You can click on a column and say, hey, I want to calculate a new field and calculate that field. And it's all done virtually so it's not changing the physical data sets. The actual data engineering team doesn't even really need to care at that point. So you get happier data consumers at the end of the day. They're doing things more self-service. They're learning about the data and the data engineering teams can go do value-add things. They can re-architecture the platform for the future. They can do POCs to test out new technologies that could support new use cases and bring those into the organization. Things that really add value, instead of just churning through backlogs of, hey, can we get a column added or we change... Everyone's doing app development, AB testing, and those developers are king. Those pipelines stream all this data down when the JSON files change. You need agility. And if you don't have that agility, you just get this endless backlog that you never... >> This is data as code in action. You're committing data back into the main brand that's been tested. That's what developers do. So this is really kind of the next step function. I got to put the customer hat on for a second and ask you kind of the pessimist question. Okay, we've had data lakes, I've got data lakes, it's been data lakes around, I got query engines here and there, they're all over the place, what's missing? What's been missing from the architecture to fully realize the potential of a data lakehouse? >> Yeah, I think that's a great question. The customers say exactly that John. They say, "I've got 22 databases, you got to be kidding me. You showed up with another database." Or, hey, let's talk about a Cloud data lake or a data lake. Again, I did the data lake thing. I had a data lake and it wasn't everything I thought it was going to be. >> It was bad. It was data swamp. >> Yeah, so customers really think this way, and you say, well, what's different this time around? Well, the Cloud in the original data lake world, and I'm just going to focus on data lakes, so the original data lake worlds, everything was still direct attached storage, so you had to scale your storage and compute out together. And we built these huge systems. Thousands of thousands of HDFS nodes and stuff. Well, the Cloud brought the separated compute and storage, but data lakes have never seen separated compute and storage until now. We went from the data lake with directed tap storage to the Cloud data warehouse with separated compute and storage. So the Cloud architecture and getting compute and storage separated is a huge shift in the data lake world. And that agility of like, well, I'm only going to apply it, the compute that I need for this question, for this answer right now, and not get 5,000 servers of compute sitting around at some peak moment. Or just 5,000 compute servers because I have five petabytes or 50 petabytes of data that need to be stored in the discs that are attached to them. So I think the Cloud architecture and separating compute and storage is the first thing that's different this time around about data lakes. But then more importantly than that is the metadata tier. Is the data tier and having sufficient metadata to have the functionality that people need on the data lake. Whether that's for governance and compliance standpoints, to actually be able to do a delete on your data lake, or that's for productivity and treating that data as code, like we're talking about today, and being able to time travel it, version it, branch it. And now these data lakes, the data lakes back in the original days were getting to 50 petabytes. Now think about how big these Cloud data lakes could be. Even larger and you can't move that data around so we have to be really intelligent and really smart about the data operations and versioning all that data, knowing which engine touch the data, which person was the last commit and being able to track all that, is ultimately what's going to make this successful. Because if you don't have the governance in place these days with data, the projects are going to fail. >> Yeah, and I think separating the query layer or SQL layer and the data tier is another innovation that you guys have. Also it's a managed Cloud service, Dremio Cloud now. And you got the open source angle too, which is also going to open up more standardization around some of these awesome features like you mentioned the joints, and I think you guys built on top of Parquet and some other cool things. And you got a community developing, so you get the Cloud and community kind of coming together. So it's the real world that is coming to light saying, hey, I need real world applications, not the theory of old school. So what use cases do you see suited for this kind of new way, new architecture, new community, new programability? >> Yeah, I see people doing all sorts of interesting things and I'm sure with what we've introduced with Dremio Arctic and the data is code is going to open up a whole new world of things that we don't even know about today. But generally speaking, we have customers doing very interesting things, very data application things. Like building really high performance data into use cases whether that's a supply chain and manufacturing use case, whether that's a pharma or biotech use case, a banking use case, and really unleashing that data right into an application. We also see a lot of traditional data analytics use cases more in the traditional business intelligence or dashboarding use cases. That stuff is totally achievable, no problems there. But I think the most interesting stuff is companies are really figuring out how to bring that data. When we offer the flexibility that we're talking about, and the agility that we're talking about, you can really start to bring that data back into the apps, into the work streams, into the places where the business gets more value out of it. Not in a dashboard that some person might have access to, or a set of people have access to. So even in the Dremio Cloud announcement, the press release, there was a customer, they're in Europe, it's called Garvis AI and they do AI for supply chains. It's an intelligent application and it's showing customers transparently how they're getting to these predictions. And they stood this all up in a very short period of time, because it's a Cloud product. They don't have to deal with provisioning, management, upgrades. I think they had their stuff going in like 30 minutes or something, like super quick, which is amazing. The data was already there, and a lot of organizations, their data's already in these Cloud storages. And if that's the case... >> If they have data, they're a use case. This is agility. This is agility coming to the data engineering field, making data programmable, enabling the data applications, the data ops for everybody, for coding... >> For everybody. And for so many more use cases at these companies. These data engineering teams, these data platform teams, whether they're in marketing or ad tech or Fiserv or Telco, they have a list. There's a list about a roadmap of use cases that they're waiting to get to. And if they're drowning underwater in the current tooling and barely keeping that alive, and oh, by the way, John, you can't go higher 30 new data engineers tomorrow and bring on the team to get capacity. You have to innovate at the architecture level, to unlock more data use cases because you're not going to go triple your team. That's not possible. >> It's going to unlock a tsunami of value. Because everyone's clogged in the system and it's painful. Right? >> Yeah. >> They've got delays, you've got bottlenecks. you've got people complaining it's hard, scar tissue. So now I think this brings ease of use and speed to the table. >> Yeah. >> I think that's what we're all about, is making the data super easy for everyone. This should be fun and easy, not really painful and really hard and risky. In a lot of these old ways of doing things, there's a lot of risk. You start changing your ETL pipeline. You add a column to the table. All of a sudden, you've got potential risk that things are going to break and you don't even know what's going to break. >> Proprietary, not a lot of volume and usage, and on-premises, open, Cloud, Agile. (John chuckles) Come on, which path? The curtain or the box, what are you going to take? It's a no brainer. >> Which way do you want to go? >> Mark, thanks for coming on theCUBE. Really appreciate it for being part of the AWS startup showcase data as code, great conversation. Data as code is going to enable a next wave of innovation and impact the future of data analytics. Thanks for coming on theCUBE. >> Yeah, thanks John and thanks to the AWS team. A great partnership between AWS and Dremio too. Talk to you soon. >> Keep it right there, more action here on theCUBE. As part of the showcase, stay with us. This is theCUBE, your leader in tech coverage. I'm John Furrier, your host, thanks for watching. (downbeat music)

(upbeat music) >> Welcome everyone to theCUBE's presentation of the AWS Startup Showcase Open Cloud Innovations. This is season two of the ongoing series. We're covering exciting start startups in the AWS ecosystem to talk about open source community stuff. I'm your host, Dave Nicholson. And I'm delighted today to have two guests from Weaveworks. Steve George, COO of Weaveworks, and Steve Waterworth, technical marketing engineer from Weaveworks. Welcome, gentlemen, how are you? >> Very well, thanks. >> Very well, thanks very much. >> So, Steve G., what's the relationship with AWS? This is the AWS Startup Showcase. How do Weaveworks and AWS interact? >> Yeah sure. So, AWS is a investor in Weaveworks. And we, actually, collaborate really closely around EKS and some specific EKS tooling. So, in the early days of Kubernetes when AWS was working on EKS, the Elastic Kubernetes Service, we started working on the command line interface for EKS itself. And due to that partnership, we've been working closely with the EKS team for a long period of time, helping them to build the CLI and make sure that users in the community find EKS really easy to use. And so that brought us together with the AWS team, working on GitOps and thinking about how to deploy applications and clusters using this GitOps approach. And we've built that into the EKS CLI, which is an open source tool, is a project on GitHub. So, everybody can get involved with that, use it, contribute to it. We love hearing user feedback about how to help teams take advantage of the elastic nature of Kubernetes as simply and easily as possible. >> Well, it's great to have you. Before we get into the specifics around what Weaveworks is doing in this area that we're about to discuss, let's talk about this concept of GitOps. Some of us may have gotten too deep into a Netflix series, and we didn't realize that we've moved on from the world of DevOps or DevSecOps and the like. Explain where GitOps fits into this evolution. >> Yeah, sure. So, really GitOps is an instantiation, a version of DevOps. And it fits within the idea that, particularly in the Kubernetes world, we have a model in Kubernetes, which tells us exactly what we want to deploy. And so what we're talking about is using Git as a way of recording what we want to be in the runtime environment, and then telling Kubernetes from the configuration that is stored in Git exactly what we want to deploy. So, in a sense, it's very much aligned with DevOps, because we know we want to bring teams together, help them to deploy their applications, their clusters, their environments. And really with GitOps, we have a specific set of tools that we can use. And obviously what's nice about Git is it's a very developer tool, or lots and lots of developers use it, the vast majority. And so what we're trying to do is bring those operational processes into the way that developers work. So, really bringing DevOps to that generation through that specific tooling. >> So Steve G., let's continue down this thread a little bit. Why is it necessary then this sort of added wrinkle? If right now in my organization we have developers, who consider themselves to be DevOps folks, and we give them Amazon gift cards each month. And we say, "Hey, it's a world of serverless, "no code, low code lights out data centers. "Go out and deploy your code. "Everything should be fine." What's the problem with that model, and how does GitOps come in and address that? >> Right. I think there's a couple of things. So, for individual developers, one of the big challenges is that, when you watch development teams, like deploying applications and running them, you watch them switching between all those different tabs, and services, and systems that they're using. So, GitOps has a real advantage to developers, because they're already sat in Git, they're already using their familiar tooling. And so by bringing operations within that developer tooling, you're giving them that familiarity. So, it's one advantage for developers. And then for operations staff, one of the things that it does is it centralizes where all of this configuration is kept. And then you can use things like templating and some other things that we're going to be talking about today to make sure that you automate and go quickly, but you also do that in a way which is reliable, and secure, and stable. So, it's really helping to bring that run fast, but don't break things kind of ethos to how we can deploy and run applications in the cloud. >> So, Steve W., let's start talking about where Weaveworks comes into the picture, and what's your perspective. >> So, yeah, Weaveworks has an engine, a set of software, that enables this to happen. So, think of it as a constant reconciliation engine. So, you've got your declared state, your desired state is declared in Git. So, this is where all your YAML for all your Kubernetes hangs out. And then you have an agent that's running inside Kubernetes, that's the Weaveworks GitOps agent. And it's constantly comparing the desired state in Git with the actual state, which is what's running in Kubernetes. So, then as a developer, you want to make a change, or an operator, you want to make a change. You push a change into Git. The reconciliation loop runs and says, "All right, what we've got in Git does not match "what we've got in Kubernetes. "Therefore, I will create story resource, whatever." But it also works the other way. So, if someone does directly access Kubernetes and make a change, then the next time that reconciliation loop runs, it's automatically reverted back to that single source of truth in Git. So, your Kubernetes cluster, you don't get any configuration drift. It's always configured as you desire it to be configured. And as Steve George has already said, from a developer or engineer point of view, it's easy to use. They're just using Git just as they always have done and continue to do. There's nothing new to learn. No change to working practices. I just push code into Git, magic happens. >> So, Steve W., little deeper dive on that. When we hear Ops, a lot of us start thinking about, specifically in terms of infrastructure, and especially since infrastructure when deployed and left out there, even though it's really idle, you're paying for it. So, anytime there's an Ops component to the discussion, cost and resource management come into play. You mentioned this idea of not letting things drift from a template. What are those templates based on? Are they based on... Is this primarily an infrastructure discussion, or are we talking about the code itself that is outside of the infrastructure discussion? >> It's predominantly around the infrastructure. So, what you're managing in Git, as far as Kubernetes is concerned, is always deployment files, and services, and horizontal pod autoscalers, all those Kubernetes entities. Typically, the source code for your application, be it in Java, Node.js, whatever it is you happen to be writing it in, that's, typically, in a separate repository. You, typically, don't combine the two. So, you've got one set of repository, basically, for building your containers, and your CLI will run off that, and ultimately push a container into a registry somewhere. Then you have a separate repo, which is your config. repo, which declares what version of the containers you're going to run, how many you're going to run, how the services are bound to those containers, et cetera. >> Yeah, that makes sense. Steve G., talk to us about this concept of trusted application delivery with GitOps, and frankly, it's what led to the sort of prior question. When you think about trusted application delivery, where is that intertwinement between what we think of as the application code versus the code that is creating the infrastructure? So, what is trusted application delivery? >> Sure, so, with GitOps, we have the ability to deploy the infrastructure components. And then we also define what the application containers are, that would go to be deployed into that environment. And so, this is a really interesting question, because some teams will associate all of the services that an application needs within an application team. And sometimes teams will deploy sort of horizontal infrastructure, which then all application teams services take advantage of. Either way, you can define that within your configuration, within your GitOps configuration. Now, when you start deploying speed, particularly when you have multiple different teams doing these sorts of deployments, one of the questions that starts to come up will be from the security team, or someone who's thinking about, well, what happens if we make a deployment, which is accidentally incorrect, or if there is a security issue in one of those dependencies, and we need to get a new version deployed as quickly as possible? And so, in the GitOps pipeline, one of the things that we can do is to put in various checkpoints to check that the policy is being followed correctly. So, are we deploying the right number of applications, the right configuration of an application? Does that application follow certain standards that the enterprise has set down? And that's what we talk about when we talk about trusted policy and trusted delivery. Because really what we're thinking about here is enabling the development teams to go as quickly as possible with their new deployments, but protecting them with automated guard rails. So, making sure that they can go fast, but they are not going to do anything which destroys the reliability of the application platform. >> Yeah, you've mentioned reliability and kind of alluded to scalability in the application environment. What about looking at this from the security perspective? There've been some recently, pretty well publicized breaches. Not a lot of senior executives in enterprises understand that a very high percentage of code that their businesses are running on is coming out of the open source community, where developers and maintainers are, to a certain degree, what they would consider to be volunteers. That can be a scary thing. So, talk about why an enterprise struggles today with security, policy, and governance. And I toss this out to Steve W. Or Steve George. Answer appropriately. >> I'll try that in a high level, and Steve W. can give more of the technical detail. I mean, I'll say that when I talk to enterprise customers, there's two areas of concern. One area of concern is that, we're in an environment with DevOps where we started this conversation of trying to help teams to go as quickly as possible. But there's many instances where teams accidentally do things, but, nonetheless, that is a security issue. They deploy something manually into an environment, they forget about it, and that's something which is wrong. So, helping with this kind of policy as code pipeline, ensuring that everything goes through a set of standards could really help teams. And that's why we call it developer guard rails, because this is about helping the development team by providing automation around the outside, that helps them to go faster and relieves them from that mental concern of have they made any mistakes or errors. So, that's one form. And then the other form is the form, where you are going, David, which is really around security dependencies within software, a whole supply chain of concern. And what we can do there, by, again, having a set of standard scanners and policy checking, which ensures that everything is checked before it goes into the environment. That really helps to make sure that there are no security issues in the runtime deployment. Steve W., anything that I missed there? >> Yeah, well, I'll just say, I'll just go a little deeper on the technology bit. So, essentially, we have a library of policies, which get you started. Of course, you can modify those policies, write your own. The library is there just to get you going. So, as a change is made, typically, via, say, a GitHub action, the policy engine then kicks in and checks all those deployment files, all those YAML for Kubernetes, and looks for things that then are outside of policy. And if that's the case, then the action will fail, and that'll show up on the pull request. So, things like, are your containers coming from trusted sources? You're not just pulling in some random container from a public registry. You're actually using a trusted registry. Things like, are containers running as route, or are they running in privileged mode, which, again, it could be a security? But it's not just about security, it can also be about coding standards. Are the containers correctly annotated? Is the deployment correctly annotated? Does it have the annotation fields that we require for our coding standards? And it can also be about reliability. Does the deployment script have the health checks defined? Does it have a suitable replica account? So, a rolling update. We'll actually do a rolling update. You can't do a rolling update with only one replica. So, you can have all these sorts of checks and guards in there. And then finally, there's an admission controller that runs inside Kubernetes. So, if someone does try and squeeze through, and do something a little naughty, and go directly to the cluster, it's not going to happen, 'cause that admission controller is going to say, "Hey, no, that's a policy violation. "I'm not letting that in." So, it really just stops. It stops developers making mistakes. I know, I know, I've done development, and I've deployed things into Kubernetes, and haven't got the conflict quite right, and then it falls flat on its face. And you're sitting there scratching your head. And with the policy checks, then that wouldn't happen. 'Cause you would try and put something in that has a slightly iffy configuration, and it would spit it straight back out at you. >> So, obviously you have some sort of policy engine that you're you're relying on. But what is the user experience like? I mean, is this a screen that is reminiscent of the matrix with non-readable characters streaming down that only another machine can understand? What does this look like to the operator? >> Yeah, sure, so, we have a console, a web console, where developers and operators can use a set of predefined policies. And so that's the starting point. And we have a set of recommendations there and policies that you can just attach to your deployments. So, set of recommendations about different AWS resources, deployment types, EKS deployment types, different sets of standards that your enterprise might be following along with. So, that's one way of doing it. And then you can take those policies and start customizing them to your needs. And by using GitOps, what we're aiming for here is to bring both the application configuration, the environment configuration. We talked about this earlier, all of this being within Git. We're adding these policies within Git as well. So, for advanced users, they'll have everything that they need together in a single unit of change, your application, your definitions of how you want to run this application service, and the policies that you want it to follow, all together in Git. And then when there is some sort of policy violation on the other end of the pipeline, people can see where this policy is being violated, how it was violated. And then for a set of those, we try and automate by showing a pull request for the user about how they can fix this policy violation. So, try and make it as simple as possible. Because in many of these sorts of violations, if you're a busy developer, there'll be minor configuration details going against the configuration, and you just want to fix those really quickly. >> So Steve W., is that what the Mega Leaks policy engine is? >> Yes, that's the Mega Leaks policy engine. So, yes, it's a SaaS-based service that holds the actual policy engine and your library of policies. So, when your GitHub action runs, it goes and essentially makes a call across with the configuration and does the check and spits out any violation errors, if there are any. >> So, folks in this community really like to try things before they deploy them. Is there an opportunity for people to get a demo of this, get their hands on it? what's the best way to do that? >> The best way to do it is have a play with it. As an engineer, I just love getting my hands dirty with these sorts of things. So, yeah, you can go to the Mega Leaks website and get a 30-day free trial. You can spin yourself up a little, test cluster, and have a play. >> So, what's coming next? We had DevOps, and then DevSecOps, and now GitOps. What's next? Are we going to go back to all infrastructure on premises all the time, back to waterfall? Back to waterfall, "Hot Tub Time Machine?" What's the prediction? >> Well, I think the thing that you set out right at the start, actually, is the prediction. The difference between infrastructure and applications is steadily going away, as we try and be more dynamic in the way that we deploy. And for us with GitOps, I think we're... When we talk about operations, there's a lots of depth to what we mean about operations. So, I think there's lots of areas to explore how to bring operations into developer tooling with GitOps. So, that's, I think, certainly where Weaveworks will be focusing. >> Well, as an old infrastructure guy myself, I see this as vindication. Because infrastructure still matters, kids. And we need sophisticated ways to make sure that the proper infrastructure is applied. People are shocked to learn that even serverless application environments involve servers. So, I tell my 14-year-old son this regularly, he doesn't believe it, but it is what it is. Steve W., any final thoughts on this whole move towards GitOps and, specifically, the Weaveworks secret sauce and superpower. >> Yeah. It's all about (indistinct)... It's all about going as quickly as possible, but without tripping up. Being able to run fast, but without tripping over your shoe laces, which you forgot to tie up. And that's what the automation brings. It allows you to go quickly, does lots of things for you, and yeah, we try and stop you shooting yourself in the foot as you're going. >> Well, it's been fantastic talking to both of you today. For the audience's sake, I'm in California, and we have a gentleman in France, and a gentlemen in the UK. It's just the wonders of modern technology never cease. Thanks, again, Steve Waterworth, Steve George from Weaveworks. Thanks for coming on theCUBE for the AWS Startup Showcase. And to the rest of us, keep it right here for more action on theCUBE, your leader in tech coverage. (upbeat music)

(bright music) >> Hi, everyone. Welcome to the CUBE's presentation of the AWS Startup Showcase around open cloud innovations. It's the season two episode one of the ongoing series covering exciting startups from the AWS ecosystem and talking about open source and innovation. I'm John Furrier, your host. Today, we're joined by two great guests. Dan Garfield, chief open source officer and co-founder of Codefresh IO, and Raziel Tabib, CEO and co-founder. Two co-founders in the middle of all the innovation. Gentlemen thanks for coming on. >> Thank you. >> So you guys have a great platform and as cloud native goes mainstream in the enterprise and for developers, the big topic is unification, end-to-end, horizontally scalable, leveraging data. All these things around agile that I call agile cloud next level. This is kind of what we're seeing. The CNCF is growing. You've seen KubeCon every year is more about these kinds of things. Words like orchestration, Kubernetes, container, security. All of those complexities are now at the center of making things easier for developers. This is a key value proposition and you guys at Codefresh are offering really the first enterprise delivery solution powered by Argo, which is an open source project. Again, open source driving really big changes. So let's get into it. And first of all, congratulations, and thanks for working on this project. What's so special about- >> Thank you for that. >> Argo the project, and why have you guys decided to build a platform on it, and where is this coming together? Take us through why this is so important. >> I think Argo has been a very fast growing open source project for multiple reasons. A, it has been built for the new way of building and deploying an application. It's cloud native. You mentioned Kubernetes becoming kind of the de facto way of running application. It's the de facto way to run automation and pipeline. But also Argo has been built from the ground up to the latest practices of how we deploy software. We deploy software now differently. We deploy it using a GitOps practice. We're deploying it using canary blue-green progressive deployment. And Argo has been built around these practices, around these technologies, and has been very much widely adopted by the community. In the past, the KubeCon you've mentioned, Argo was all over the place. And we were very glad to be working with the community to talk about what the next steps with Argo. >> Yeah, it's a really good point. I would like to just follow up on that because you see this being talked about. It always comes up, where is open source really outside of a pure contributors matter? And when you have corporations contributing, you seeing this has been the trend. You saw it with Lyft, with Envoy, companies doing more and more open source. This is part of a big collaboration. And again, this comes back down to this whole why it's relevant and why it's so special with Argo. Continue to talk about relationship because it's not just you guys, it's now community. >> Yeah, I can speak to that. The Argo project is something that we maintain in partnership with several other companies and really our relationship with it is that this is something that we're actively contributing to. This is something that we're helping build the roadmap on and planning the events around and all those kinds of things. And we're doing that because we really believe in this technology and we've built our platform on it. So when you deploy Codefresh, you're deploying technology that's built directly on Argo and is designed specifically to solve that problem that you spoke to at the top of the hour. We all want to deliver software faster. We all want to have fewer regressions. We want to have fewer breaking changes. We want software to be super reliable. We want to be comfortable with what we're doing. That's really why we picked Argo because that technology that we have it is to Raziel's point delivered in this new way. It's delivered using GitOps. And that's a whole revolution and change in the way that people build and deploy software. And bringing cohesion into that experience is so critical to building the confidence that lets you actually deploy often and frequently and more. >> Dan, if you don't mind just expanding on that one point about the problem you solve, because to me, this has been kind of that evolution. It's almost like, yeah, there's been problems, plural, and opportunities that you saw with those in growing markets like this with DevOps and DevSecOps and now cloud native. What is the catalyst behind all of this? What was the epiphany behind it? How did it get so much momentum? What was it really doing under the covers? >> Well, it's a very simple and easy to use set of tools. And that's one of the big things is that if you look at the ideas of GitOps and there's actually a foundation around this that were part of called open GitOps to GitOps working group under the CNCF. And those principles of, I want to, yes, do my software defined as code. I want to do my infrastructure defined as code and I need something monitoring by production run times and making sure that the declared desired state is always matching the actual state. Those principles have actually been around for a number of years. And with Kubernetes, we really unlocked an API that allowed us to start doing GitOps and this is why we bring in Argo and you see the rise of Argo CD and other workflows and what we've been doing is really because that technology has been unlocked now. So the ability to define how your software is supposed to run and now your entire software delivery stack should run, all defined and then monitored and then kept in check using the GitOps operator. That critical unlock is what's really driving the massive adoption. And like Raziel said, Argo is the fastest growing and most popular open source project for delivering software. And it's not even close. >> Yeah, this is really great point. And I want to get into that 'cause I want to know why, what you guys do on your platform versus the open source and get that relationship settled? Before we get there, though, I want to get your reaction to some of the commentary in the industry 'cause GitOps trend has been exploding into new directions. I mean, it used to be a term about 10 years ago called big data. And at the beginning where data was all big data. Now it was DevOps revolution around data as well. But now you're hearing people talk about big code. Like, I mean, the code bases are becoming so huge. So as a developer, you're leveraging large open source code. This idea of the software delivery with existing code and new code just adds to more code. There's more code being developed every day. >> There is more code delivered every day. And I think that organization realize today, almost in every industry that they have to pace up how fast and how frequent they update their software delivery. We're living in a world in which every aspect of our life has been disrupted by software and organization realize that they have to keep up and figure out how to deploy software more frequent and more lively. And I think, you mentioned that really Kubernetes, the cloud native became the de facto way of running application. I think most of organization has made that decision to move into cloud native. The second question is after, is okay, now we have all applications running, how fast and how more frequent we can deploy applications to the cloud native? And that's the stage in which we're super excited about Argo and our up platform because that's basically streamline the building application for these cloud native, deploying applications for the cloud native, and so on. >> Yeah, and I think that highlights the business value. You getting a lot of the conversations with businesses that say they want the modern application on the cloud scale. And at the end of the day, it comes down to speed and security. So how fast can I get the app out? How well does it work? Does it run performance? And does it have security? And I don't want a slow. >> Exactly. Exactly. It kind of oversimplifies it, but that's kind of the net net. So when you look at Argo open source, what's that's done and kind of where you guys are taking it. Can you talk about the differences between your enterprise version and the open source version and the interplay there, the relationship, the business model health customers can play on both sides or understand the difference? >> Sure. >> Go ahead. >> Go ahead, Raziel. Okay, so I think Argo, as you mentioned, is probably the most advanced technology today to both run pipelines. They're like events to trigger pipelines and Argo work for the one that pipelines, the Argo CD for GitOps and Rollout, for Canary blue-green strategies. And the adoption is really exploding. Just as an Advocate that we had in December, we have worked with the community and organized ArgoCon events in which we had initially kind of thought about 500 attendees. And so we have more than 4,000 registrants and majority of them are coming from enterprise. Now as we have talked to the community during this conference and figure out, okay, so what are the things that you're still missing? And that will help you take the benefit that you get from Argo to the next level. The few things that came up. One is Argo is a great technology. However, Argo now is fragmented into four projects. There is an advance. There is workflow. There is Argo CD. And there is Argo Rollout. And there is a need to bring them all together into a solid platform, solid one run time that can be easily installed, monitor all of these in a single UI, in a single control plane. That's one aspect. The second is the scalability. Really being able to manage it centrally across multiple clusters, not in one cluster. And what we bring in with the new one, we're so excited about this platform, is we're bringing that big. The first to get all of these four projects in one runtime, and one control plane, but also allow the community to run it across multiple cluster from one place getting into the solution, not just as a technology. >> If I may add to that, the value of bringing these projects together, it provides so many insights. So when you're trying to figure out, there's some breaking change that has been made, but you don't necessarily know where it is because you have a lot of microservices that are out there. You have a lot of teams working on it. By bringing all of these things together, we're able to look at all of the commits, all of the deployments, all of the Jira issues. All of these components combined together, so you really get a single view where you can see everything that's going on. And this is another element where when you're trying to deploy software at scale, you're trying to deliver it faster. People are getting a little bit overwhelmed because there are so many updates and so many different services and so many teams working that they're starting to miss that visibility. So this is what we want to bring into the ecosystem is we really want them that visibility to be super clear. And by bringing all of the Argo components, the Argo tools together, we're able to do that in a single dashboard. >> Yeah, so if I get this right, let me just double click on that because it sounds like, yeah, Argo's great. It's been organically growing, a lot of different components to it, but when you start getting into pushing code in an organization, you have, I call the old-school version control kind of vibe going on where it's like you don't know what's out there and how that affects the system as it's a distributed system, which cloud is. There are consequences when stuff breaks. So we all know that. Is that kind of where you guys are getting at? The challenge is actually the opportunity at the same time where it's all goodness, but then when you start looking at scale and the system impact, is that kind of where the open source and you guys pick up, is that right? >> This is one aspect. I think the second one is that again, when you look at each individual component of Argo, each provide a lot of value by itself. But when you sum it, the value of the sum is greater than the value of the individual. So when you're taking, really the events and workflow, Argo CD and Argo Rollout, and you bring them all together into single runtime. The value of its time is really automation all the way from code to cloud. It's not breaking into, there is like an automation for CI, there's an automation for CD, there's information for progressive delivery. It's actually automated all the way from the Git commit through the GitOps through the deployment strategy, and so on. And being able to monitor it and scale it in the enterprise scale. So, of course, it's helping enterprise and make Argo to some level more crucial for enterprise, if I may say, but second is really bringing all of these components together and get the outcome be greater than the individual parts. >> Yeah, that's a good point. Yeah, make it make a commercial grade, if you will, for enterprise who wants to have support and consistency and whatnot. What other problems are you solving? Dan, can you chime in on the whole, how you guys resolve some of these challenges for the enterprise? Because, again, some stability is key as well, but also the business benefit has got to be there for the development teams. >> Yeah. So there's several. One aspect is that the way that most people operate today is they essentially do a bunch of commands and engage with systems. And then hopefully at the end, they write those things to Git. And this is a little bit backwards if you think about it because there's a situation where you can end up with things in production that were never checked in, or maybe somebody is operating and they're making a change. If we look at most of the downtime that's occurred over the last two years, it's because people have flubbed a key when they were typing in a command or something like that. The way that this system works is that we provide an interface, both the CLI and the GUI, where those operations interactions actually end with a Git commit. So rather than doing an operation and then hopefully committing to Git, most of the operations are actually done first in Git, or if there is something that can't be done first in Git, it's maybe bootstrapped and then committed to Git as part of a single command. So this means you have end-to-end traceability. It also means your auditability is way better. And then the second, the other component that we're adding is that security and scale layer. So we are securing these things, we're building in single sign-on, and all those robust security things you would expect to have across all these instances. So many organizations, when they're building their software delivery tools, they have to deploy instances in many locations. And so this is how you end up with companies that have 5,000 instances that are all out of date and insecure. Well with Codefresh, if you need to deploy a component onto this end cluster or something like that, you may have thousands of them. All of those are monitored and taken care of in a centralized way, so I can do all of my updates at once. I can make sure they're all up to date. I'm not running with a bunch of known CVEs or something like that and it's clear. The components are also designed in an architectural way. So that only the information that is needed is ever passed out. So I can have a cluster that is remotely managed, that checks out code, that the control plane never has access to. So this hybrid model has been really popular with our customers. We have customers in healthcare, we have customers in defense and in financial services, all these regulated industries. The flow of information is really critical. So this hybrid model allows you to deploy something that has the ease of a SaaS solution, but has the security of an on-prem solution while being centrally managed and easy to take care of. >> Yeah, it's a platform. It's what it is. It's not a tool. It's not a tool anymore. It's a platform. >> Exactly. >> I think the foundational aspect of this is critical. And you mentioned automation before. If you're going to go end-to-end automation, you have some stuff in the system that whether it hasn't been checked in yet. I mean, we know what this leads to. Disaster or a lot of troubleshooting and disruption. That's what it seems to solve. Am I getting that right? Is that right? >> Yeah. >> Go ahead. >> Yeah, it helps automate the whole process. But as you say, it's really like identify what needs not to be going all the way to production and really kind of avoid vulnerabilities or any flaws in the software. So it automates everything, but in a way that the automation can identify issues and avoid them from coming into the production. >> Well, great stuff here. I've got to ask you guys now that you've got that settled. It's really, I see the value there, how you guys are letting it grow organically and with Argo and then building that platform for businesses and developers. It's really cool. And I see the foundational value there. It just only gets better. How you guys contributing back to open source and helping the wider GitOps and Argo communities? Because this is, again, the rising tide that's bringing all the boats into the harbor, so to speak. So this is a good trend and people will acknowledge that. So how's this going to work as you guys work back into the open source community? >> So we work closely with both myself and the other maintainers worked closely with the community on the roadmap and making sure that we're addressing issues. I think if you look in the last quarter, we probably have upwards of 40 or 50 different issues that we've solved in terms of fixing a bug or adding features or things like that. So making sure that these tools, which are really the undergirding components of our platform, they have to be really robust. They have to be really strong. And so we're contributing those things back. And then when it comes to the scalability side, these are things that we can build into the platform. So the value should be really clear. I can deploy this, I can manage it myself, I can build tools on top of it. And if I want to start doing it at scale, maybe I want support. That's when I really am going to go to Codefresh and start saying, let's get the enterprise little platform. >> Awesome. GitOps, a lot of people like some naysayers may say, Hey, it's the latest fad. Is it here to stay? We were talking about big code earlier. GitOps, obviously seeing open source. Just every year, just get better and better and growth. I mean, I remember when I was breaking into the business, you have to sell under the table. Now it's all free and open and getting better every year. Just the growth of code. Is GitOps a fad? How do you talk to people who say that? I mean, besides slapping around saying wake up. I mean, how do you guys address that when people say it's just the latest fad? >> So if I may comment here and Dan feel free to chime in, I think that the GitOps is a continuation of a trend that everything is a source code. As a developer, many years ago myself and still writing code, always both code and code was the source of tool that's where we write the code. But now code actually is also describing how our application is running in production. And we've already seen kind of where it's get next. We also hear about infrastructure as a code. So now actually we storing the code the way the infrastructure should be. And I think that the benefit of storing all this configuration in a source code, which has been built to track changes, to be enabled to roll back, that is just going to be here to stay. And I think that's the new way of doing things. >> All right, gentlemen, great. Closing statements. Please share an update on the company. What it's all about? What event you got coming? I know you got a big launch. Can you take us through? Take us home. >> Join on February 1st, we're going to be launching the Codefresh software delivery platform. Raziel and I will be hosting the event. We've got a number of customers, a number of members of the community who are going to be joining us to show off that platform. So you're going to be able to see it in action, see how the features work, and understand the value of it. And you'll see how it works with GitOps. You'll see how it helps you deliver software at scale. That's February 1st. You can get information at codefresh.io. >> Raziel, Dan, thanks for coming on. >> Thank you. >> Pretty good showcase. Thanks for sharing. Congratulations. Great venture. Loved the approach. Love the growth in cloud native and you guys sure on the cutting edge. Fresh code, people love fresh code, codefresh.io. Thanks for coming on. >> Thank you. Thank you. >> Okay, this is the AWS Startup Showcase Open Cloud Innovations. Cloud scale, software, data. That's the future of modern applications being developed, changing the game to the next level. This is the CUBE's coverage season two episode one of the ongoing AWS Startup series here in theCUBE.

(upbeat music) >> Welcome back everyone to theCUBE's continuous coverage of AWS re:Invent 2021. I'm John Furrier, your host of theCUBE. We're here with James Watters, CTO of Modern Applications at VMware here to talk about the big Tanzu cloud native application wave, the modernization's here. James, great to see you. Thanks for coming on. >> Hey John, great to have you back on. And really excited about re:Invent this year. And I've been watching your coverage of it. There's lots of exciting stuff going on in this space. >> Awesome. Well, James, you've been riding the wave of, I would call cloud 1.0, 2.0 what do you want to call it, the initial wave of cloud where the advent of replatforming is there. You know all these benefits and things are moving fast. Things are being developed. A lot of endeavors, things are tracking. Some are kicking, Kubernetes kicks in, and now the big story is over the past year and a half. Certainly the pandemic highlighted is this big wave that's hitting now, which is the real, the modernization of the enterprise, the modernization of software development. And even Amazon was saying that in one of our talks that the sovereign life cycles over it should be completely put away to bed. And that DevOps is truly here. And you add security, you got DevSecOps. So an entirely new, large scale, heavy use of data, new methodologies are all hitting right now. And if you're not on that wave your driftwood, what's your take? >> Oh, I think you're dead right, John, and you know, kind of the first 10 years of working on this for sort of proving that the microservices, the container, the declared of automation, the DevOps patterns were the future. And I think everyone's agreed now. And I think DevSecOps and the trends around app modernization are really around bringing that to scale for enterprises. So the conversations I tend to be having are, Hey, you've done a little Kubernetes. You've done some modern apps and APIs, but how do you really scale this across your enterprise? That's what I think is exciting today. And that's what we're talking about. Some of the tools we're bringing to Amazon to help people achieve faster, consumption, better scale, more security. >> You know, one of the things about VMware that's been impressive over the years is that on the wave of IT, they already had great operational install base. They did a deal with Amazon Ragu did that. I think 2016, that kind of cleared the air. They're not going to do their own cloud or they have cloud efforts kind of solidifies that. And then incomes, Kubernetes, and then you saw a completely different cloud native wave coming in with the Tanzu, the Heptio acquisition. And since then a lot's been done. Can you just take us through the Tanzu evolution because I think this is a cornerstone of what's happening right now. >> Yeah, that's a great question, John. I think that the emergence of Kubernetes as a common set of APIs that every cloud and almost every infrastructure agrees on was a huge one. And the way I talked to our clients about is that VMware is doing a couple of things in this space. The first is that we're recognizing that as an infrastructure or baking Kubernetes into every vSphere, be it vSphere on-prem, be it VMC on Amazon. You're just going to find Kubernetes is a big part of each year. So that's kind of a big step one, but it's in some ways the same way that Amazon is doing with EKS and Azure is doing with AKS, but like every infrastructure provider is bringing Kubernetes everywhere. And then that kind of unleashes this really exciting moment where you've got this global control plane that you can program to be your DevSecOps platform. And Kubernetes has this incredible model of extensibility where you can add CRDs and program, right against the Kubernetes APIs with your additional features and functions you want your DevSecOps pipeline. And so it's created this opportunity for Tanzu to kind of have then a global control plane, which we call Tanzu Mission Control to bring all of those Kubernetes running on different clouds together. And then the last thing that we'll talk about a little bit more is this Tanzu Application Platform, which is bringing a developer experience to Kubernetes. So that you're not always starting with what I like to say, like, oh, I have Git, I have Kubernetes, am I done? There's a lot more to the story than that. >> I want to get to this Tanzu Application Platform on EKS. I think that's a big story at VMware. We've seen that, but before we do that for the folks out there watching who are like, I'm now seeing this, whether they're young, new to the industry or enterprises who have replatforming or refactoring, trying to understand what is a modern application. So give us the definition in your words, what is a modern application? >> You know, John, it's a great question. And I tend to start with why and like, hey, how did we get here? And you, you and I both, I think, used to work for the bigger iron vendors back in the day. And we've seen the age of the big box Silicon Valley. I don't know, I worked at Sun just across the aisle here and basically we'd sell you a big box and then once or twice a year, you'd change the software on it. And so in a sense, like there was no chance to do user-oriented design or any of these things. Like you kind of got what you got and you hope to scale it. And then modern applications have been much more of the age of like what you might say, like Instagram or some of these modern apps that are very user-oriented and how you're changing that user interface that user design might change every week based on user feedback. And you're constantly using big data to adjust that modern app experience. And so modern apps to me are inherently iterative and inherently scalable and amenable to change. And that's where the 12 factor application manifesto was written, a blog was written a decade ago, basically saying here's how you can start to design apps to be constantly upgradable. So to me, modern apps, 12 of factors, one of them Kubernetes compatible, but the real point is that they should be flexible to be constantly iterated on maybe at least once a week at a minimum and designed and engineered to do that. And that takes them away from the old vertically scaled apps that kind of ran on 172 processors that you would infrequently update in the past. Those are what you might call like cloud apps. Is that helpful? >> Yeah, totally helpful. And by the way, those old iron vendors, they're now called the on-premise vendors and, you know, HPE, Dell and whatnot, IBM. But the thing about the cloud is, is that you have the true infrastructure as code happening. It's happened, it's happening, but faster and better and greater the goodness there. So you got DevSecOps, which is just DevOps with security. So DevSecOps is the standard now that everyone's shooting for. So what that means is I'm a developer, I just want to write code, the infrastructure got to work for me. So things like Lambda functions are all great things. So assuming that there's going to be this now programmable layer for developers just to do stuff. What is, in context to that need, what is the Tanzu Application Platform about and how does it work? >> Yeah, that's a great question, John. So once you have Kubernetes, you have this abundance of programmable, inner infrastructure resources. You can do almost anything with it, right? Like you can run machine learning workflows, you can run microservices, you can build APIs, you can import legacy apps to it, but it doesn't come out of the box with a set of application patterns and a set of controllers that are built for just, you know, modern apps. It comes with sort of a lot of flexibility and it expects you to understand a pretty broad surface area of APIs. So what we're doing is we're following in the footsteps of companies like Netflix and Uber, et cetera, all of which built kind of a developer platform on top of their Kubernetes infrastructure to say, here's your more templatized path to production. So you don't have to configure everything. You're just changing the right parts of the application. And we kind of go through three steps. The first is an application template that says, here's how to build a streaming app on Kubernetes, click here, and you'll get in your version control and we'll build a Kubernetes manifest for it. Two, is an automated containerization, which is we'll take your app and auto create a container for it so that we know it's secure and you can't make a mistake. And then three is that it will auto detect your application and build a Kubernetes deployment for it so that you can deploy it to Kubernetes in a reliable way. We're basically trying to reduce the burden on the developer from having to understand everything about Kubernetes, to really understanding their domain of the application. Does that make sense? >> Yeah, and this kind of is inline, you mentioned Netflix early on. They were one of the pioneers in inside AWS, but they had the full hyperscaler developers. They had those early hardcore devs that are like unicorns. No, you can't hire these people. They're just not many enough in the world. So the world's becoming, I won't say democratization, that's an overused word, but what we're getting to is if I get this right, you're saying you're going to eliminate the heavy lifting, the boring mundane stuff. >> Yeah, even at Netflix as is great of a developers they have, they still built kind of a microservices or an application platform on top of AWS. And I think that's true of Kubernetes today, which if you go to a Kubernetes conference, you'll often see, don't expose Kubernetes to developers. So tons of application platforms starts to really solve that question. What do you expose to a developer when they want to consume Kubernetes? >> So let's ask you, I know you do a lot of customer visits, that's one of the jobs that make you go out in the field which you like doing and working backwards on the customers has been in the DNA of VMware for years. What is the big narrative with the customers? What's their pain point? How else has the pandemics shown them projects that are working and not working, and they want to come out of it with a growth strategy. VMware is now an independent company. You guys got the platform, what are the customers doing with it? >> Well, I'll give you one example. You know, I went out and I was chatting with the retailer, had seen their online sales goes from one billion to like three billion during the pandemic. And they had been using kind of packaged shopping cart software before like a basic online store that they bought and configured. And they realized they needed to get great at modern apps to keep up with customer demand. And so I would say in general, we've seen the drive, the need for modern apps and digital transformation is just really skyrocketing and everyone's paying attention to it. And then I think they're looking for a trusted partner and they're debating, do we build it all in-house or do we turn to a partner that can help us build this above the cloud? And I think for the people that want an enterprise trusted brand, they'll have a lot of engineering talent behind it. There's been strong interest in Tanzu. And I think the big message we're trying to get out is that Tanzu can not only help you in your on-prem infrastructure, but it can also really help you on public cloud. And I think people are surprised by just how much. >> It's just in the common thread. I see that it's that point is right on is that these companies that don't digitize their business and build an application for their customer are going to get taken away by a startup. I mean, we've seen, it's so easy if you don't have an app for that, you're out of business. I mean, this is like, no, no, it's not like maybe we should do the cloud, let's get proactive. Pretty much it's critical path now for companies. So I'm sure you agree with that, but what's the progress of most of the enterprises? What percentage do you think are having this realization? >> I would say at least 70, 80%, if not more, are there now, and 10 years ago, I used to kind of have to tell stories, like, you know, some startups going to come along and they might disrupt you and people kind of give you that like, yeah, yeah, yeah. You know, I get it. And now it's sort of like, hey, someone's already in our market with an API. Tell me how to build API first apps we need to compete. And that's the difference in the strategic conversation kind of post pandemic and post, you know, the last 10 years. >> All right, final question for you 'cause this is right great thread. I've seen having a web interface it's not good enough, to your point. You got to have an application that they're engaging with, with all the modern capabilities, because the needs there, the expectation for the customers there. What new things are you seeing beyond mobile that are coming around the pike for enterprises, obviously web to mobile, mobile to what? What's next? >> I think the thing that's interesting is there is a bigger push to say more and more of what we do should be an API both internally, like, hey, other teams might want to consume some of these services as a well-formed API. I call it kind of like Stripe MB. Like you look at all these companies, they're like, Hey, stripes worth a hundred billion dollars now because they built a great API. What about us? And so I've seen a lot of industries from automotive to of course financial services and others that are saying, what if we gave our developers internally great APIs? And what if we also expose those APIs externally, we could get a lot, a more rat, fast moving business than the traditional model we might've had in the past. >> It's interesting, you know, commoditizing and automating a way infrastructure or software or capable workflows is actually normal. And if you can unify that in a way that's just better I mean, you have a lower cost structure, but the value doesn't go away, right? So I think a lot of this comes down to, beauty's in the eye of the beholder. I mean, that's how DevSecOps works. I mean, it's agile, it's faster, but you still have to achieve the value of the net is lower cost. What's your take on that? >> Well, I think you're dead right, John. And I think this is what was surprising about Stripe is it was possible before Stripe to go out as a developer and kind of pulled together a backend that did payments, but boy, it was hard. And I think that's the same thing with kind of this tons of application platform and the developer experience focus is people are realizing they can't hire enough developers. So this is the other thing that's happened during the pandemic and the great resignation, if you will, the war for talent is on. And you know, when I talked to a customer, like we might be able to help you, even 30% with your developer productivity, there's like one out of four developers. You might not have to be able to have to recruit they're all in. And so I think that API first model and the developer experience model are the same thing, which is like, it doesn't have to just be possible. It should be excellent. >> Well, great insight learning a lot. Of course, we should move to theCube API and we'll plug into your applications. We're here in the studio with our API, James. Great to have you on. Final word, what's your take this, the big story for re:Invent. If you had to summarize this year's re:Invent going in to 2022, what would you say is happening in this industry right now? >> You know, I'm just super excited about the EKS market and how fast it's growing. We're seeing EKS in a lot of places. We're super excited about helping EKS customers scale. And I think it's great to see Amazon adopting that standard API from Kubernetes. And I think that's going to be, just awesome to watch the creativity the industry is going to have around it. >> Well, great insight, thanks for coming on. And again, we'll work on that Cube API for you. The virtualization of theCUBE is here. We're virtual, which we could be in-person and hope to see you in-person soon. Thanks for coming on. >> You too John, thank you. >> Okay, Cube's coverage of alias re:Invent 2021. I'm John Furrier, your host. Thanks for watching. (upbeat music)

in the beginning there were mainframes a highly centralized secure command and control environment open systems brought a spate of innovation innovations that were powered by machines servers storage arrays networks that had to be configured deployed and managed by specialists virtualization that made that simpler but it was still a machine centric world the cloud devops and importantly containers created an inflection point in the industry where no longer do developers have to do a handoff to an infrastructure guru to deploy and often reconfigure systems which could cause other problems containers essentially codified the infrastructure to the point where developers could now be responsible for the full stack with consistency that allows stretching if you will of applications between on-prem to the cloud across clouds and out to the edge kubernetes in particular has enabled organizations to host applications and containers with automation so you can now deploy as many instances of your application as required and communicate between different services used by those applications in a consistent manner manner what this does is enables rolling updates security patches in a run anywhere environment that is changing how organizations build and manage their applications hello and welcome to this cube conversation and preview to kubecon cloud nativecon north america 2021 i'm pleased to welcome my friend and guest stu miniman director of market insights for cloud platforms at red hat stu man great to see you so good to see you dave thanks for having me you're very welcome so you heard my little spiel up front a little narrative what are the big trends that you're seeing that you're watching that you think people should know about they're important yeah well well dave i'm so glad you started out talking about the application because dave i mean you know my background your background very much too is started in infrastructure and for so long we talked about well let's dig different increments that we talk about the infrastructure but there was that huge divide between the people that run the infrastructure and the people that build and own the applications and when agile and devops came out we talked about not throwing things over the wall but when we look at containers and kubernetes really what it is is an application to build our application to modernize our application to run our application as you said they they have to be more that that right once go anywhere has been something we've wanted for a while and from a developer viewpoint i haven't wanted to think about the infrastructure so we want to enable that we want developers to be able to do their thing what we've done at red hat is try to have that consistency in every environment because kubernetes is only a single a very thin layer there's lots that needs to be done on top of that but one of the biggest trends is from an application standpoint the same thing that we've seen in other environments dave when you say okay well what apps did you have well you know it's great to say i have the cool micro service new stuff but what about older applications what about modernizing things can i lift things over can i have a broader spectrum of applications and yes that's where we are with kubernetes we don't just have stateless applications that are you know written in this new modern way we have a broad spectrum and there's another word that i really keyed off of in your intro talking about automation dave if you talk about scale and you talk about automation that's what container was built for if you look at what you know the the predecessor kubernetes was borg at google and if you think about just building things at scale and building things for with automation at their core that's what we've done and that's where this ecosystem is building towards so not saying everybody needs to be google but when you start talking about ai applications when you start talking about different ways to really have automation built into your environment this is where containers and kubernetes really shines because you know that's where we've really gone beyond human scale dave and we've gone to that machine scale so we need to make sure not just to remove humans to remove errors but to be able to have that agility and flexibility and scale which is what offers in this space so all the cool kids of course they want to develop in the cloud but i feel like for every app that's developed in the cloud there's like 10 on prem that are screaming to be modernized and we have a we have a chart on this but so what kind of applications are you seeing going in to containers and kubernetes yeah so so two two charts here for the survey we actually did for kubecon europe leading up to it the one on the left talks about the data is it stateless applications is it stateful applications well what do you know dave it's a mix of both of those right you'll remember dave in the virtualization days it took us about a decade to solve those storage and networking things how do we make sure that things really run at the virtual machine layer how do we have things like moving all over the place and still not break the connection that we had there that was a lot of hard work that we as an industry did well you know here we are six seven years into kubernetes we've solved a lot of those same issues so storage and networking work much better today in kubernetes environments than it did in the early days it started out oh stateless applications but if you look at the data on the second side what kind of applications are there the answer dave is yes you want your cool new modern databases absolutely ai and ml absolutely uh you know through kind of your isv you know more traditional applications the the answer is yes so customers are doing a whole lot of it when i'm meeting with customers one of the first questions we always have dave we've worked on silo busting for for many decades in this industry but if you talk to the infrastructure team and you ask them well what apps are you putting on there if they don't have a good answer the first thing we do is hey you really need to get the developers in the room you really need to understand this because if you stand up a platform just because kubernetes is cool and it's great it helps you build your resume you're not going to have success down the road you want to make sure they're involved up front understand what the requirements so you know kubernetes uh that one of the joke is you know containers and kubernetes add some magic and you know yippee you win it's like well there's a little bit more to that uh to actually have it work you mentioned it took decade plus to actually you know kind of work it out in the virtualization days i mean you remember the api you know stuff and we have the scars from their revenues right exactly but it's interesting when i look at this chart that you know because like you said it started off it's kind of stateless database yes all kinds of applications but database is number one and so you've got a lot of stateful applications enterprise apps security sensitive i mean everything's security sensitive today but hyper security sensitive so do you feel like that time frame relative to you know two decades ago is going to be compressed yes it seems like it's compressing quite rapidly absolutely the cncf always puts out a survey around the event as to where adoption is it's a little bit of a self-selecting for the community but containers and kubernetes broad adoption we've really not only crossed the chasm we're into the you know solid majority of of adoption here and yeah the the databases i mean dave you've covered things like the postgres uh world uh companies like crunchy data uh and some of these modern databases are really built for this type of environment and as you said they shouldn't have to think as much about okay i'm in a cloud or i'm in a different cloud this containerized platform that for applications can live in a lot of different places and that goes to kind of what we're seeing changing in the in the infrastructure world uh over the last couple years i'm glad to mention that a database i was interviewing josh uh at the postgres event and he was explaining to me how far kubernetes has actually come and and how much you know more trustworthy it is today still still some gaps but much different than even two or three years ago yeah i guess one of the highlights interesting at the kubecon europe uh there was the general availability of both the pipelines project and the get ops project it was it's argo cd is the project for for get ops and when that went ga for red hat we actually have that built into openshift at ga and not only was it ready to go we actually had a few customers that were ready to say hey we're using this and we're using the production so we had xa insurance one of the largest payers in the globe and the largest bank in turkey uh were two of the ones that we had saying hey we're using this for the audience if you're not familiar with git ops it's everything we use github as the repository of records so that this is kind of if you think about the old days we had the gold cd or the gold server well we do that for our entire stack that whole infrastructure's code that we've been talking about so many years but it will manage that for us so i patch it at the github level and it will enforce what i have in my environment so if somebody oh wait let me make a change no it's constantly validating things at github so it keeps it rather regimented so we've had uh as i mentioned a couple of customers we've seen a lot of interest in the public sector space because of course dave they're very concerned around security and patching and access and we want to keep that least access necessary so if we can keep that at the github level that's one of the things that will help your environment it really ties into the whole kind of git ops ai ops modern environment so it really ties all of it together as to kind of the the culture of the application and the infrastructure so your files your config files your policies same api same console that is how you get the scale yeah absolutely it's we we don't want the people to have to manage that as much you can let them focus on where they're going to add value to the business so let's talk about cloud cloud the definition of cloud is changing the cloud is expanding it's going on-prem there's hybrid connections to to a cloud or multiple clouds across clouds now as seems to be becoming more real we could talk about that and then maybe eventually out to the edge they're all real in their own right but how much is actually being connected together is something that i'm interested in but what are you seeing there what role is kubernetes playing yeah so first you talked about where applications live the latest data i've seen from kind of the the industry watchers is what are we dave 20 25 of applications are in the cloud that means there's a lot still in the data center if i look at open shift customers yes do we have a lot of them in the data center but then they are also using the public cloud so we have deep partnerships with amazon and azure to do public services in the cloud and our value is we give consistency across all of those environments so are using data center yes most customers still have data center do you have one or more clouds absolutely you know i used to love the andy jassy line um you know multi-cloud doesn't mean that you spread evenly across all the clouds most customers i talk to they have a primary provider that they partner with but things change over time we've seen plenty of customers go two or three years in and say well i have a strategic initiative sometimes they make an acquisition and they'll do another cloud or you know there's lots of factors why i might be doing more than one cloud there's certain industries where basically you have to have relationships with multiple vendors or there's there's regulations that you need to be concerned about so the answer is yes what we've been talking about more than a decade at red hat is open hybrid cloud and what does that mean today you might have not have planned it out but you're hybrid today and what are you going to be in the next decade you're going to be even more hybrid so edge if we talk about it everyone is talking about one of the biggest trends here is how does kubernetes go out to the edge even more that consistency message that i talked about where does openshift live openshift lives anywhere that red hat enterprise linux lives so rel am i going to have linux out of these small environments without a lot of resources what else are you going to have other than linux that's going to be the foundation of what you have so if i can have management and consistency that push out to all of those environments and we've been building out a portfolio something that you'll see us talking about more at kubecon in la is single node openshift so this is a really small footprint openshift but still have the consistency to work across all these environments and we've had different footprints basically to be able to do edge and remote offices whether you're talking from a service provider out to a full customer premise data center but there's there's a lot going on in the edge space we actually have we already have a public use case with verizon who's doing some of the ai use cases i'm sure you can picture with verizon being such a large telco the touch points that they have not only at the service provider but to their customer environments and openshift is the platform for enabling that innovation i mean if i had a big application portfolio on-prem you know legacy company with you know 100-year history obviously i'm going to be doing some stuff in the cloud i would be building some kind of abstraction layer that would could obviously modernize my on-premise state i would want to i would probably start with amazon i'd want to take advantage of aws cloud native tooling but i would absolutely be doing the same thing in azure and google and i would want to build my own cloud right and and and service my customers or or my company have people log into that cloud hide the underlying complexity of the technology and just simplify everything up level it and build a stack around that and probably build it on on openshift why not and of course kubernetes but there are alternatives there's there's eks anywhere for example which presumably is a competitor what do you how is that impacting the marketplace yeah so so dave as you said everybody is kind of extending beyond where they live so microsoft azure has their arc offering google has anthos and amazon was the last one i mean dave you'll remember this when we talked about hybrid and multi-cloud for a bunch of years it was like amazon doesn't talk about hybrid or multi-cloud and you know back when i sat on the analyst side i was like well you can't talk about hybrid and multi-cloud without talking about amazon so they've now uh eks anywhere something they announced back at re invent it just went generally available recently and so they have a distribution of kubernetes that you can use on your own so you could have completely disconnected in your data center running only on vmware is the only way that they support it today and they have in beta there's something called an eks connector so if you want it to be managed from the cloud and have someone more of that consistency they have the way to do that they've had eks which is their kubernetes service in amazon for a bunch of years but as a friend of the program corey quinn says there's actually 17 different ways to run containers in amazon today that's supported by amazon and you laugh at it but you know dave it's it's no different you know remember the storage world okay how many different storage products did emc have do you know how many compute and storage products amazon have they have a lot growing so one of those offerings that they have natively in the console is red hat openshift service for aws so is eksd a competitor well if you're an amazon customer and you want everything amazon and you want to use their environment in a hybrid environment yes you can do that part of the strategy for amazon is outpost we've got on our roadmap to be able to support openshift on outposts so you know we look at our our positioning is we are much more than kubernetes if you talk about the stack of tooling that we build on top of it we've done a real lot to make sure that developers have the tooling that they need from an amazon environment it's just the kubernetes piece it's a in the cloud it's a managed control plane in your own data center it's here's a kubernetes distribution good luck with it if you want monitoring and observability if you want more security if you want all these other pieces you need to build them on top of that as opposed to openshift gives you a full application development platform you know forrester wave we were you know far and away the top and to the right on on that uh spectrum with the leading position for both developers and operators so you know great to see amazon you know i i i hate to say they're like validating something that we do but look everybody's going to do it's true this is true i know that's the marketing line but and and i hate to do the the marketing line but um it's you will you see everyone rolls out their pieces and you say what is the game that they are playing it's amazon wants you to consume as much of their services as you can from a red hat standpoint it's well everywhere that rel can go we can go so openshift can live a lot of places we are going to give you the best experience in your data center in amazon in azure in google in your hosted in the edge we're going to work in all of those environments and we've got years of experience with thousands of production employments like in the data center eks anywhere sitting on top of vsphere as far as i know we have at red hat the most production kubernetes deployments on vmware are openshift actually at vmworld i'll be talking about i'm i'm on a panel talking about openshift on vsphere with vmware so long deep partnership that we've had there no one can speak to the breadth and depth of uh what we've done there uh what's the little line amazon always says there's no compression algorithm for experience well i like it okay but that's why i like your edge strategy because i've said many times the edge is going to be won by developers it's not going to be won by taking a you know x86 box throwing it over the fence and saying okay we got edge and i think you know that's tongue-in-cheek i think that the traditional enterprise hardware vendors are understanding that but they're not in a great position with developers you know maybe cisco a little bit with devnet but generally speaking you know vmware obviously uh it always has been struggling the edge is you know the challenge with the edge is you always have to look through it as to what your perspective is so we have a long and deep relationship with a lot of the telecommunications providers uh people will disparage openstack some but that's actually the solutions that we've sold the most into are network function virtualization for the telco and a lot of them have followed what they worked with us on openstack and continued that into openshift and verizon being one of those proof points you've seen my etr data and i tell you openstack keeps popping up and when you dig into it it's oh that's telco there may not be maybe there's not a region there and it's telcos developing their own cloud essentially and you know they're monetizing it so let's talk about um a cncf the ecosystem uh it's we have another slide on this if you guys wouldn't mind bringing it up i mean it's a complicated matter right you got here's the picture i mean it's like you can't read it because there's just so many people that wants to stop this from becoming you know kind of openstack too yeah that's a great question so chris wright our cto i thought really boiled it down really well one of the big problems with openstack is we were building a complete stack so when they said oh there's all these projects it's like okay well we're going to create a big tent and under that big tent you have to have all of these pieces and they all need to work together and while they were modular projects i needed to have that full stack validated and managing and maintaining that was a nightmare what is the cncf landscape it is you know what doesn't hundred more projects that are independent of what they had so yes kubernetes is the one that gets the most attention but takes something like service mesh service mesh has been around for a few years it's hot we're still early on the adoption trend service mesh works with kubernetes but it isn't limited to kubernetes it's one of those venn diagram it works with it but you can also work with my virtual environment it works in other places and that's true of a lot of these projects often they are complementary to kubernetes but i can adopt them standalone so the challenge is it is that paradox of choice when you go out there there are some people that want to go to the grocery store and buy all of their various pieces and put it all together well other people will come to us and say hey i just want my developers to get working i don't want them to spend all their time fighting over what they had and at red hat we say great we're going to have an opinionated platform and if you come down later and say oh there's a piece of it i don't want to use or i have some other tool i can have its batters are included they're optional and they're swappable so that's what's nice in this developer environment so you know we also work with you know companies like hashicorp a lot of our customers use vault for their secrets uh you know git lab is is another pure var in this industry that have a lot of developer tools they're not a kubernetes provider they usually sit higher up in the stack than we do so there's a lot of players there's a lot of room for activity and innovation yes we've seen a cambrian explosion of projects there and there has been some consolidation that's part of the job of the cncf is in the observability world they took uh i can't remember there were two projects that were kind of similar and they got them in a room and got them to agree to put them into a single project and put those together so we do see some consolidation over time but there's still room for a lot of growth standards are good but so is optionality i think is your point there so the event is october 11th to the 15th it's actually an in-person event you're planning on being there so i i am it's it's hybrid i know a lot of people will be online the other thing i'd point out there are a lot of day zero events so these are really awesome there's a git ops day there's security day there's so many different pieces i'll actually be for the day zero i'll be emceeing the openshift commons where we get a bunch of end users to just tell their stories projects they're working on deployments that they have have some good partner ecosystem discussion there it's usually a lot of fun we hope a bunch of people come to those in purses and then you know the day itself uh the the three days of the show itself are always hopping and lots of learning to be done uh whether you're there in person or online fantastic so i'm glad you pointed out it is a hybrid event that's kind of the nature of these things these days and i think we'll be for for some time i think potentially indefinitely i think people are realizing hey you know what as much of a pain in the neck as virtual events are we can reach a lot more people and it's a good on-demand experience so have at it stu thanks so much for for coming into the cube studios we miss you glad to see you're thriving and uh good luck at the show and uh we'll see you around the block thanks dave i know i'll be seeing john on the cube there too absolutely okay thanks for watching everybody this is dave vellante we'll see you next time you

(upbeat music) >> The Cloud essentially turned the data center into an API and ushered in the era of programmable infrastructure, no longer do we think about deploying infrastructure in rigid silos with a hardened, outer shell, rather infrastructure has to facilitate digital business strategies. And what this means is putting data at the core of your organization, irrespective of its physical location. It also means infrastructure generally and storage specifically must be accessed as sets of services that can be discovered, deployed, managed, secured, and governed in a DevOps model or OpsDev, if you prefer. Now, this has specific implications as to how vendor product strategies will evolve and how they'll meet modern data requirements. Welcome to this Cube conversation, everybody. This is Dave Vellante. And with me to discuss these sea changes is Ajay Singh, the Chief Product Officer of Pure Storage, Ajay welcome. >> Thank you, David, gald to be on. >> Yeah, great to have you, so let's talk about your role at Pure. I think you're the first CPO, what's the vision there? >> That's right, I just joined up Pure about eight months ago from VMware as the chief product officer and you're right, I'm the first our chief product officer at Pure. And at VMware I ran the Cloud management business unit, which was a lot about automation and infrastructure as code. And it's just great to join Pure, which has a phenomenal all flash product set. I kind of call it the iPhone or flash story super easy to use. And how do we take that same ease of use, which is a heart of a Cloud operating principle, and how do we actually take it up to really deliver a modern data experience, which includes infrastructure and storage as code, but then even more beyond that and how do you do modern operations and then modern data services. So super excited to be at Pure. And the vision, if you may, at the end of the day, is to provide, leveraging this moderate experience, a connected and effortless experience data experience, which allows customers to ultimately focus on what matters for them, their business, and by really leveraging and managing and winning with their data, because ultimately data is the new oil, if you may, and if you can mine it, get insights from it and really drive a competitive edge in the digital transformation in your head, and that's what be intended to help our customers to. >> So you joined earlier this year kind of, I guess, middle of the pandemic really I'm interested in kind of your first 100 days, what that was like, what key milestones you set and now you're into your second a 100 plus days. How's that all going? What can you share with us in and that's interesting timing because the effects of the pandemic you came in in a kind of post that, so you had experience from VMware and then you had to apply that to the product organization. So tell us about that sort of first a 100 days and the sort of mission now. >> Absolutely, so as we talked about the vision, around the modern data experience, kind of have three components to it, modernizing the infrastructure and really it's kudos to the team out of the work we've been doing, a ton of work in modernizing the infrastructure, I'll briefly talk to that, then modernizing the data, much more than modernizing the operations. I'll talk to that as well. And then of course, down the pike, modernizing data services. So if you think about it from modernizing the infrastructure, if you think about Pure for a minute, Pure is the first company that took flash to mainstream, essentially bringing what we call consumer simplicity to enterprise storage. The manual for the products with the front and back of a business card, that's it, you plug it in, boom, it's up and running, and then you get proactive AI driven support, right? So that was kind of the heart of Pure. Now you think about Pure again, what's unique about Pure has been a lot of our competition, has dealt with flash at the SSD level, hey, because guess what? All this software was built for hard drive. And so if I can treat NAND as a solid state drive SSD, then my software would easily work on it. But with Pure, because we started with flash, we released went straight to the NAND level, and as opposed to kind of the SSD layer, and what that does is it gives you greater efficiency, greater reliability and create a performance compared to an SSD, because you can optimize at the chip level as opposed to at the SSD module level. That's one big advantage that Pure has going for itself. And if you look at the physics, in the industry for a minute, there's recent data put out by Wikibon early this year, effectively showing that by the year 2026, flash on a dollar per terabyte basis, just the economics of the semiconductor versus the hard disk is going to be cheaper than hard disk. So this big inflection point is slowly but surely coming that's going to disrupt the hardest industry, already the high end has been taken over by flash, but hybrid is next and then even the long tail is coming up over there. And so to end to that extent our lead, if you may, the introduction of QLC NAND, QLC NAND powerful competition is barely introducing, we've been at it for a while. We just recently this year in my first a 100 days, we introduced the flasher AC, C40 and C60 drives, which really start to open up our ability to go after the hybrid story market in a big way. It opens up a big new market for us. So great work there by the team,. Also at the heart of it. If you think about it in the NAND side, we have our flash array, which is a scale-up latency centric architecture and FlashBlade which is a scale-out throughput architecture, all operating with NAND. And what that does is it allows us to cover both structured data, unstructured data, tier one apps and tier two apps. So pretty broad data coverage in that journey to the all flash data center, slowly but surely we're heading over there to the all flash data center based on demand economics that we just talked about, and we've done a bunch of releases. And then the team has done a bunch of things around introducing and NVME or fabric, the kind of thing that you expect them to do. A lot of recognition in the industry for the team or from the likes of TrustRadius, Gartner, named FlashRay, the Carton Peer Insights, the customer choice award and primary storage in the MQ. We were the leader. So a lot of kudos and recognition coming to the team as a result, Flash Blade just hit a billion dollars in cumulative revenue, kind of a leader by far in kind of the unstructured data, fast file an object marketplace. And then of course, all the work we're doing around what we say, ESG, environmental, social and governance, around reducing carbon footprint, reducing waste, our whole notion of evergreen and non-disruptive upgrades. We also kind of did a lot of work in that where we actually announced that over 2,700 customers have actually done non-disruptive upgrades over the technology. >> Yeah a lot to unpack there. And a lot of this sometimes you people say, oh, it's the plumbing, but the plumbing is actually very important too. 'Cause we're in a major inflection point, when we went from spinning disk to NAND. And it's all about volumes, you're seeing this all over the industry now, you see your old boss, Pat Gelsinger, is dealing with this at Intel. And it's all about consumer volumes in my view anyway, because thanks to Steve Jobs, NAND volumes are enormous and what two hard disk drive makers left in the planet. I don't know, maybe there's two and a half, but so those volumes drive costs down. And so you're on that curve and you can debate as to when it's going to happen, but it's not an if it's a when. Let me, shift gears a little bit. Because Cloud, as I was saying, it's ushered in this API economy, this as a service model, a lot of infrastructure companies have responded. How are you thinking at Pure about the as a service model for your customers? What's the strategy? How is it evolving and how does it differentiate from the competition? >> Absolutely, a great question. It's kind of segues into the second part of the moderate experience, which is how do you modernize the operations? And that's where automation as a service, because ultimately, the Cloud has validated and the address of this model, right? People are looking for outcomes. They care less about how you get there. They just want the outcome. And the as a service model actually delivers these outcomes. And this whole notion of infrastructure as code is kind of the start of it. Imagine if my infrastructure for a developer is just a line of code, in a Git repository in a program that goes through a CICD process and automatically kind of is configured and set up, fits in with the Terraform, the Ansibles, all that different automation frameworks. And so what we've done is we've gone down the path of really building out what I think is modern operations with this ability to have storage as code, disability, in addition modern operations is not just storage scored, but also we've got recently introduced some comprehensive ransomware protection, that's part of modern operations. There's all the threat you hear in the news or ransomware. We introduced what we call safe mode snapshots that allow you to recover in literally seconds. When you have a ransomware attack, we also have in the modern operations Pure one, which is maybe the leader in AI driven support to prevent downtime. We actually call you 80% of the time and fix the problems without you knowing about it. That's what modern operations is all about. And then also Martin operations says, okay, you've got flash on your on-prem side, but even maybe using flash in the public Cloud, how can I have seamless multi-Cloud experience in our Cloud block store we've introduced around Amazon, AWS and Azure allows one to do that. And then finally, for modern applications, if you think about it, this whole notion of infrastructure's code, as a service, software driven storage, the Kubernetes infrastructure enables one to really deliver a great automation framework that enables to reduce the labor required to manage the storage infrastructure and deliver it as code. And we have, kudos to Charlie and the Pure storage team before my time with the acquisition of Portworx, Portworx today is truly delivers true storage as code orchestrated entirely through Kubernetes and in a multi-Cloud hybrid situation. So it can run on EKS, GKE, OpenShift rancher, Tansu, recently announced as the leader by giggle home for enterprise Kubernetes storage. We were really proud about that asset. And then finally, the last piece are Pure as a service. That's also all outcome oriented, SLS. What matters is you sign up for SLS, and then you get those SLS, very different from our competition, right? Our competition tends to be a lot more around financial engineering, hey, you can buy it OPEX versus CapEx. And, but you get the same thing with a lot of professional services, we've really got, I'd say a couple of years and lead on, actually delivering and managing with SRE engineers for the SLA. So a lot of great work there. We recently also introduced Cisco FlashStack, again, flash stack as a service, again, as a service, a validation of that. And then finally, we also recently did a announcement with Aquaponics, with their bare metal as a service where we are a key part of their bare metal as a service offering, again, pushing the kind of the added service strategy. So yes, big for us, that's where the buck is skating, half the enterprises, even on prem, wanting to consume things in the Cloud operating model. And so that's where we're putting it lot. >> I see, so your contention is, it's not just this CapEx to OPEX, that's kind of the, during the economic downturn of 2007, 2008, the economic crisis, that was the big thing for CFOs. So that's kind of yesterday's news. What you're saying is you're creating a Cloud, like operating model, as I was saying upfront, irrespective of physical location. And I see that as your challenge, the industry's challenge, be, if I'm going to effect the digital transformation, I don't want to deal with the Cloud primitives. I want you to hide the underlying complexity of that Cloud. I want to deal with higher level problems, but so that brings me to digital transformation, which is kind of the now initiative, or I even sometimes call it the mandate. There's not a one size fits all for digital transformation, but I'm interested in your thoughts on the must take steps, universal steps that everybody needs to think about in a digital transformation journey. >> Yeah, so ultimately the digital transformation is all about how companies are gain a competitive edge in this new digital world or that the company are, and the competition are changing the game on, right? So you want to make sure that you can rapidly try new things, fail fast, innovate and invest, but speed is of the essence, agility and the Cloud operating model enables that agility. And so what we're also doing is not only are we driving agility in a multicloud kind of data, infrastructure, data operation fashion, but we also taking it a step further. We were also on the journey to deliver modern data services. Imagine on a Pure on-prem infrastructure, along with your different public Clouds that you're working on with the Kubernetes infrastructures, you could, with a few clicks run Kakfa as a service, TensorFlow as a service, Mongo as a service. So me as a technology team can truly become a service provider and not just an on-prem service provider, but a multi-Cloud service provider. Such that these services can be used to analyze the data that you have, not only your data, your partner data, third party public data, and how you can marry those different data sets, analyze it to deliver new insights that ultimately give you a competitive edge in the digital transformation. So you can see data plays a big role there. The data is what generates those insights. Your ability to match that data with partner data, public data, your data, the analysis on it services ready to go, as you get the digital, as you can do the insights. You can really start to separate yourself from your competition and get on the leaderboard a decade from now when this digital transformation settles down. >> All right, so bring us home, Ajay, summarize what does a modern data strategy look like and how does it fit into a digital business or a digital organization? >> So look, at the end of the day, data and analysis, both of them play a big role in the digital transformation. And it really comes down to how do I leverage this data, my data, partner data, public data, to really get that edge. And that links back to a vision. How do we provide that connected and effortless, modern data experience that allows our customers to focus on their business? How do I get the edge in the digital transformation? But easily leveraging, managing and winning with their data. And that's the heart of where Pure is headed. >> Ajay Singh, thanks so much for coming inside theCube and sharing your vision. >> Thank you, Dave, it was a real pleasure. >> And thank you for watching this Cube conversation. This is Dave Vellante and we'll see you next time. (upbeat music)

>>Welcome back to the cubes coverage of dr khan 2021. I'm john for your host of the cube. We're here with Amanda Silver, corporate vice president, product developer division at Microsoft. Amanda, Great to see you you were on last year, Dr khan. Great to see you again a full year later were remote. Thanks for coming on. I know you're super busy with build happening this week as well. Thanks for making the time to come on the cube for Dr khan. >>Thank you so much for having me. Yeah, I'm joining you like many developers around the globe from my personal home office, >>developers really didn't skip a beat during the pandemic and again, it was not a good situation but developers, as you talked about last year on the front lines, first responders to creating value quite frankly, looking back you were pretty accurate in your prediction, developers did have an impact this year. They did create the kind of change that really changed the game for people's lives, whether it was developing solutions from a medical standpoint or even keeping systems running from call centres to making sure people got their their their goods or services and checks and and and kept sanity together. So. >>Yeah absolutely. I mean I think I think developers you know get the M. V. P. Award for this year because you know at the end of the day they are the digital first responders to the first responders and the pivot that we've had to make over the past year in terms of supporting remote telehealth, supporting you know online retail, curbside pickup. All of these things were done through developers being the ones pushing the way forward remote learning. You know my kids are learning at home right behind me right now so you might hear them during the interview that's happening because developers made that happen. >>I don't think mom please stop hogging the band with, they've got a gigabit. Stop it. Don't be streaming. My kids are all game anyway, Hey, great to have you on and you have to get the great keynote, exciting to see you guys continue the collaboration with Docker uh with GIT hub and Microsoft, A great combination, it's a 123 power punch of value. You guys are really kind of killing it. We heard from scott and dan has been on the cube. What's your thoughts on the partnership with the developer division team at Microsoft with Doctor, What's it all about this year? What's the next level? >>Well, I mean, I think, I think what's really awesome about this partnership is that we all have, we all are basically sharing a common mission. What we want to do is make sure that we're empowering developers, that we're focused on their productivity and that we're delivering value to them so they can do their job better so that they can help others. So that's really kind of what drives us day in and day out. So what we focus on is developer productivity. And I think that's a lot of what dana was talking about in her session, the developer division. Specifically, we really try to make sure that we're improving the state of the art from modern developers. So we want to make sure that every keystroke that they take, every mouse move that they make, it sounds like a song but every every one of those matter because we want to make sure that every developers writing the code that only they can write and in terms of the partnership and how that's going. You know my team and the darker team have been collaborating a ton on things like dr desktop and the Doctor Cli tool integrations. And one of the things that we do is we think about pain points and various workflows. We want to make sure that we're shaving off the edges of all of the user experience is the developers have to go through to piece all of these applications together. So one of the big pain points that we have heard from developers is that signing into the Azure cloud and especially our sovereign clouds was challenging. So we contributed back to uh back to doctor to actually make it easier to sign into these clouds. And so dr developers can now use dr desktop and the Doctor Cli to actually change the doctor context so that its Azure. So that makes it a lot easier to connect the other. Oh, sorry, go ahead. No, I was just >>going to say, I love the reference of the police song. Every breath you take, every >>mouth moving. Great, >>great line there. Uh, but I want to ask you while you're on this modern cloud um, discussion, what is I mean we have a lot of developers here at dr khan. As you know, you guys know developers in your ecosystem in core competency. From Microsoft, Kublai khan is a very operator like focus developed. This is a developer conference. You guys have build, what is the state of the art for a modern cloud developer? Could you just share your thoughts because this comes up a lot. You know, what's through the art? What's next jan new guard guard? It's his legacy. What is the state of the art for a modern cloud developer? >>Fantastic question. And extraordinarily relevant to this particular conference. You know what I think about often times it's really what is the inner loop and the outer loop look like in terms of cycle times? Because at the end of the day, what matters is the time that it takes for you to make that code change, to be able to see it in your test environment and to be able to deploy it to production and have the confidence that it's delivering the feature set that you need it to. And it's, you know, it's secure, it's reliable, it's performance, that's what a developer cares about at the end of the day. Um, at the same time, we also need to make sure that we're growing our team to meet our demand, which means we're constantly on boarding new developers. And so what I take inspiration from our, some of the tech elite who have been able to invest significant amounts in, in tuning their engineering systems, they've been able to make it so that a new developer can join a team in just a couple of minutes or less that they can actually make a code change, see that be reflected in their application in just a few seconds and deploy with confidence within hours. And so our goal is to actually be able to take that state of the art metric and democratize that actually bring it to as many of our customers as we possibly can. >>You mentioned supply chain earlier in securing that. What are you guys doing with Docker and how to make that partnership better with registries? Is there any update there in terms of the container registry on Azure? >>Yeah, I mean, you know, we, we we have definitely seen recent events and and it almost seems like a never ending attacks that that you know, increasingly are getting more and more focused on developer watering holes is how we think about it. Kind of developers being a primary target um for these malicious hackers. And so what it's more important than ever that every developer um and Microsoft especially uh really take security extraordinarily seriously. Our engineers are working around the clock to make sure that we are responding to every security incident that we hear about and partnering with our customers to make sure that we're supporting them as well. One of the things that we announced earlier this week at Microsoft build is that we've actually taken, get have actions and we've now integrated that into the Azure Security Center. And so what this means is that, you know, we can now do things like scan for vulnerabilities. Um look at things like who is logging in, where things like that and actually have that be tracked in the Azure security center so that not just your developers get that notification but also your I. T. Operations. Um In terms of the partnership with dR you know, this is actually an ongoing partnership to make sure that we can provide more guidance to developers to make sure that they are following best practices like pulling from a private registry like Docker hub or at your container registry. So I expect that as time goes on will continue to more in partnership in this space >>and that's going to give a lot of confidence. Actually, productivity wise is going to be a big help for developers. Great stuff is always good, good progress. They're moving the needle. >>Last time we >>spoke we talked about tools and setting Azure as the doctor context duty tooling updates here at dot com this year. That's notable. >>Yeah, I mean, I think, you know, there's one major thing that we've been working on which has a big dependency on docker is get help. Code space is now one of the biggest pain points that developers have is setting up a new DEV box, which they often have to do when they are on boarding a new employee or when they're starting a new project or even if they're just kicking the tires on a new technology that they want to be able to evaluate and sometimes creating a developer environment can actually take hours um and especially when you're trying to create a developer environment that matches somebody else's developer environment that can take like a half a day and you can spend all of your time just debugging the differences in environment variables, for example, um, containers actually makes that much easier. So what you can do with this, this services, you can actually create death environment spun up in the cloud and you can access it in seconds and you get from there are working coding environment and a runtime environment and this is repeatable via containers. So it means that there's no inadvertent differences introduced by each DEV. And you might be interested to know that underneath this is actually using Docker files and dr composed to orchestrate the debits and the runtime bits for a whole bunch of different stacks. And so this is something that we're actually working on in collaboration with the with the doctor team to have a common the animal format. And in fact this week we actually introduced a couple of app templates so that everybody can see this all in action. So if you check out a ca dot m s forward slash app template, you can see this in action yourself. >>You guys have always had such a strong developer community and one thing I love about cloud as it brings more agility, as we always talk about. But when you start to see the enterprise grow into, the direction is going now, it's almost like the developer communities are emerging, it's no longer about all the Lennox folks here and the dot net folks there, you've got windows, you've got cloud, >>it's almost >>the the the solidification of everyone kind of coming together. Um and visual studio, for instance, last year, I think you were talking about that to having to be interrogated dr composed, et cetera. >>How do you see >>this melting pot emerging? Because at the end of the day, you pick the language you love and you got devops, which is infrastructure as code doesn't matter. So give us your take on where we are with that whole progress of of making that happen. >>Well, I mean I definitely think that, you know, developer environments and and kind of, you know, our approach to them don't need to be as dogmatic as they've been in the past. I really think that, you know, you can pick the right tool and language and stand developer stack for your team, for your experience and you can be productive and that's really our goal. And Microsoft is to make sure that we have tools for every developer and every team so that they can build any app that they want to want to create. Even if that means that they're actually going to end up ultimately deploying that not to our cloud, they're going to end up deploying it to AWS or another another competitive cloud. And so, you know, there's a lot of things that we've been doing to make that really much easier. We have integrated container tools in visual studio and visual studio code and better cli integrations like with the doctor context that we had talked about a little bit earlier. We continue to try to make it easier to build applications that are targeting containers and then once you create those containers it's much easier to take it to another environment. One of the examples of this kind of work is now that we have WsL and the Windows subsystem for Lennox. This makes it a lot easier for developers who prefer a Windows operating system as their environment and maybe some tools like Visual Studio that run on Windows, but they can still target Lennox with as their production environment without any impedance mismatch. They can actually be as productive as they would be if they had a Linux box as their Os >>I noticed on this session, I got to call this out. I want to get your reaction to it interesting. Selection of Microsoft talks, the container based development. Visual studio code is one that's where you're going to show some some some container action going on with note and Visual Studio code. And then you get the machine learning with Azure uh containers in the V. S. Code. Interesting how you got, you know, containers with V. S. And now you've got machine learning. What does that tell the world about where Microsoft's at? Because in a way you got the cutting edge container management on one side with the doctor integration. Now you get the machine learning which everyone's talking about shifting, left more automation. Why are these sessions so important? Why should people attend? And what's the what's the bottom line? >>Well, like I said, like containers basically empower developer productivity. Um that's what creates the reputable environments, that's what allows us to make sure that, you know, we're productive as soon as we possibly can be with any text act that we want to be able to target. Um and so that's kind of almost the ecosystem play. Um it's how every developer can contribute to the success of others and we can amor ties the kinds of work that we do to set up an environment. So that's what I would say about the container based development that we're doing with both visual studio and visual studio code. Um in terms of the machine learning development, uh you know, the number of machine learning developers in the world is relatively small, but it's growing and it's obviously a very important set of developers because to train a machine learning uh to train an ml model, it actually requires a significant amount of compute resources, and so that's a perfect opportunity to bring in the research that are in a public cloud. Um What's actually really interesting about that particular develop developer stack is that it commonly runs on things like python. And for those of you who have developed in python, you know, just how difficult it is to actually set up a python environment with the right interpreter, with the right run time, with the right libraries that can actually get going super quickly, um and you can be productive as a developer. And so it's actually one of the hardest, most challenging developer stacks to actually set up. And so this allows you to become a machine learning developer without having to spend all of your time just setting up the python runtime environment. >>Yeah, it's a nice, nice little call out on python, it's a double edged sword. It's easier to sling code around on one hand, when you start getting working then you gotta it gets complicated can get well. Um Well the great, great call out there on the island, but good, good, good project. Let me get your thoughts on this other tool that you guys are talking about project tie. Uh This is interesting because this is a trend that we're seeing a lot of conversations here on the cube about around more too many control planes. Too many services. You know, I no longer have that monolithic application. I got micro micro applications with microservices. What the hell is going on with my services? >>Yeah, I mean, I think, you know, containers brought an incredible amount of productivity in terms of having repeatable environments, both for dev environments, which we talked about a lot on this interview already, but also obviously in production and test environments. Super important. Um and with that a lot of times comes the microservices architecture that we're also moving to and the way that I view it is the microservices architecture is actually accompanied by businesses being more focused on the value that they can actually deliver to customers. And so they're trying to kind of create separations of concerns in terms of the different services that they're offering, so they can actually version and and kind of, you know, actually improve each of these services independently. But what happens when you start to have many microservices working together in a SAS or in some kind of aggregate um service environment or kind of application environment is it starts to get unwieldy, it's really hard to make it so that one micro service can actually address another micro service. They can pass information back and forth. And you know what used to be maybe easy if you were just building a client server application because, you know, within the server tear all of your code was basically contained in the same runtime environment. That's no longer the case when every microservices actually running inside of its own container. So the question is, how can we improve program ability by making it easier for one micro service that's being used in an application environment, be to be able to access another another service and kind of all of that context. Um and so, you know, you want to be able to access the service is the the api endpoint, the containers, the ingress is everything, make everything work together as though it felt just as easy as as um you know, server application development. Um And so what this means as well is that you also oftentimes need to get all of these different containers running at the same time and that can actually be a challenge in the developer and test loop as well. So what project tie does is it improves the program ability and it actually allows you to just write a command like thai run so that you can actually in stan she ate all of these containers and get them up and running and basically deploy and run your application in that environment and ultimately make the dev testing or loop much faster >>than productivity gain. Right. They're making it simple to stand up. Great, great stuff. Let me ask you a question as we kind of wrap down here for the folks here at Dakar Con, are >>there any >>special things you'd like to talk about the development you think are important for the developers here within this space? It's very dynamic. A lot of change happening in a good way. Um, but >>sometimes it's hard to keep >>track of all the cool stuff happening. Could you take a minute to, to share your thoughts on what you think are the most important develops developments in this space? That that might be interesting to ducker con attendees. >>I think the most important things are to recognize that developer environments are moving to containerized uh, environments themselves so that they can be repeated, they can be shared, the work, configuring them can be amortized across many developers. That's important thing. Number one important thing. Number two is it doesn't matter as much what operating system you're running as your chrome, you know, desktop. What matters is ultimately the production environment that you're targeting. And so I think now we're in a world where all of those things can be mixed and matched together. Um and then I think the next thing is how can we actually improve microservices, uh programming development together um so that it's easier to be able to target multiple micro services that are working in aggregate uh to create a single service experience or a single application. And how do we improve the program ability for that? >>You know, you guys have been great supporters of DACA and the community and open source and software developers as they transform and become quite frankly the superheroes for the transformation, which is re factoring businesses. So this has been a big thing. I'd love to get your thoughts on how this is all coming together inside Microsoft, you've got your division, you get the developer division, you got GIT hub, got Azure. Um, and then just historically, and he put this up last year army of an ecosystem. People who have been contributing encoding with Microsoft and the partners for many, many decades. >>Yes. The >>heart Microsoft now, how's it all working? What's the news? I get Lincoln, Lincoln, but there's no yet developer model there yet, but probably is soon. >>Um Yeah, I mean, I think that's a pretty broad question, but in some ways I think it's interesting to put it in the context of Microsoft's history. You know, I think when I think back to the beginning of my career, it was kind of a one stack shop, you know, we was all about dot net and you know, of course we want to dot net to be the best developer environment that it can possibly be. We still actually want that. We still want that need to be the most productive developer environment. It could we could possibly build. Um but at the same time, I think we have to recognize that not all developers or dot net developers and we want to make sure that Azure is the most productive cloud for developers and so to do that, we have to make sure that we're building fantastic tools and platforms to host java applications, javascript applications, no Js applications, python applications, all of those things, you know, all of these developers in the world, we want to make sure it can be productive on our tools and our platforms and so, you know, I think that's really kind of the key of you know what you're speaking of because you know, when I think about the partnership that I have with the GIT hub team or with the Azure team or with the Azure Machine learning team or the Lincoln team, um A lot of it actually comes down to helping empower developers, improving their productivity, helping them find new developers to collaborate with, um making sure that they can do that securely and confidently and they can basically respond to their customers as quickly as they possibly can. Um and when, when we think about partnering inside of Microsoft with folks like linkedin or office as an example, a lot of our partnership with them actually comes down to improving their colleagues efficiency. We build the developer tools that office and lengthen are built on top of and so every once in a while we will make an improvement that has, you know, 5% here, 3% there and it turns into an incredible amount of impact in terms of operations, costs for running these services. >>It's interesting. You mentioned earlier, I think there's a time now we're living in a time where you don't have to be dogmatic anymore, you can pick what you like and go with it. Also that you also mentioned just now this idea of distributed applications, distributed computing. You know, distributed applications and microservices go really well together. Especially with doctor. >>Can you share >>your thoughts on the framework that you guys released called Dapper? >>Yeah, yeah. We recently released Dapper. It's called D A P R. You can look it up on GIT hub and it's a programming model for common microservices pattern, two common microservices patterns that make it really easy and automatic to create those kinds of microservices. So you can choose to work with your favorite state stores or databases or pub sub components and get things like cloud events for free. You can choose either http or g R B C so that you can get mesh capabilities like service discovery and re tries and you can bring your own secret store and easily be able to call it from any environment variable. It's also like I was talking about earlier, multi lingual. Um so you don't need to embrace dot net, for example, as you're programming language to be able to benefit from Dapper, it actually supports many programming languages and Dapper itself is actually written and go. Um and so, you know, all developers can benefit from something like Dapper to make it easier to create microservices applications. >>I mean, always great to have you on great update. Take a minute to give an update on what's going on with your division. I know you had to build conference this week. V. S has got the new preview title. We just talked about what are the things you want to get to plug in for? Take a minute to get to plug in for what you're working on, your goals, your objectives hiring, give us the update. >>Yeah, sure. I mean, you know, we we built integrated container tools in visual studio uh and the Doctor extension and Visual Studio code and cli extensions. Uh and you know, even in this most recent release of our Visual Studio product, Visual Studio 16 10, we added some features to make it easier to use DR composed better. So one of the examples of this is that you can actually have uh Oftentimes you need to be able to use multiple doctor composed files together so that you can actually configure various different container environments for a single single application. But it's hard sometimes to create the right Yeah. My file so that you can actually invoke it and invoke the the container and the micro services that you need. And so what this allows you to do is to actually have just a menu of the different doctor composed files so that you can select the runtime and test environment that you need for the subset of the portion of the application that you're working on at the end of the day. This is always about developer productivity. You know, like I said, every keystroke matters. Um and we want to make sure that you as a developer can focus on the code that only you can Right. >>Amanda Silver, corporate vice president product development division of Microsoft. Always great to see you and chat with you remotely soon. We'll be back in in real life with real events soon as we come out of the pandemic and thanks for sharing your insight and congratulations on your success this year and and congratulations on your announcement here at Dakar Gone. >>Thank you so much for having me. >>Okay Cube coverage for Dunkirk on 2021. I'm John for your host of the Cube. Thanks for watching. Mhm

>>welcome back everyone. We're back to intermission. I'm hama in case you forgot and hear them with Brett and Peter. So what a great morning afternoon. We've had like we're now in the home stretch and you know, I really want to give a shout out to all of you who are sticking with us, especially if you're in different time zone than pacific. So I then jumped into the community rooms. The spanish won, the Brazilian won the french one. Everybody is just going strong. So again, so much so gratitude for that. Thank you for being so involved and really participating the chat rooms in the community. The chat windows in the community rooms are just going nuts. So it's, it's really good to see that. And as usual, Peter and brat had some great, very interactive panels and that was very exciting to watch. But you know, since they were on the panels, I decided to go and see some other things and I actually attended the last mile of container ization. That was, that was actually a very good session. We had a lot of good interactivity there. Yeah. And then while also talked about the container security in the cloud native world. So that was, I think that was your panel peter. That was, that was very exciting. And um, I want to share with everybody the numbers that we've been seeing for dr khan live. So as, as of, I'm sorry, said we need a drumroll. We do need a drum roll. Can you do a drum roll for me? No, no, no. >>Just a >>symbol. Okay, good. Go. Uh, we're at over 22,000 attendees um, today. So that's amazing. That's great. I love the sound effect. That's a great sound effect. The community rooms continue to be really engaged. We're still seeing hundreds of people in those rooms. So again shout out to everyone who is participating. And I felt again like a kid in a candy store didn't know which sessions to attend. They were all very interesting and you know, we're getting some good feedback on twitter. I want to read out some more tweets that we got and one in particular, I don't know whether to feel happy for this person or sad for this person, but it's uh well the initials are P. W. And he said that he was up at two am to watch the keynotes. So again, I'll let you decide whether you're it's a good thing or not, but we're happy to have you PW is awesome. Um as well. There was someone who said that these features are so needed. The things that dr announced this morning in the keynotes and that doctor has reacted to our pains and I think they mean has addressed their pain. So that was really gratifying to read. Yeah, really wonderful. That's some other countries that I didn't shout out before this just tells you what the breadth and scope of our community is. Indonesia, la paz Bolivia, Greece, Munich, Ukraine, oxford UK Australia Philippines. And there's just more and I'm going to do a special shadow to Montreal because that's where I'm from. So yes, applause for that. It was really great. And so I just want to thank all of you. Um, I want to encourage you when we talked about the power of community. Remember we're doing a fundraiser. So to combat Covid for Covid relief or actually all that money is going to go to UNICEF. Docker is contributing 10,000 and we're doing a go fund me. And the link is there on the screen. So please donate. You know, just $1. 1 person each of you donates $1. We would have raised over $22,000. So please please find it within you to contribute because again, our communities that are, that are the most effective are India and brazil, which are are very active doctor affinity. So please give back. I really appreciate that >>highlighted by the brazil. Yeah. >>You're going to brazil room and get them all to donate. Exactly. Um, also want to encourage, you know, if you're interested in participating in our, in our road map. Our public road map is on GIT hub. So it's get home dot com slash docker slash roadmap. And that's something that you can participate in and vote up features that you want to see. We love to get the community involved and participating in our, in our road map. So make sure to check that out. And I also want to note on that >>Hello can real quick. I'm sorry. Yeah, I talk about our road map all the time, but honestly folks out there are PMS are in their our ceo is in there that we do watch that. That is our roadmap is extremely, extremely important to us. So any features complaints, right, joining the conversation. That's a great way to get uh to interact with Docker in our products. Right. We we really highly valued the road map. Okay, back to your mama, sorry. >>Oh absolutely. And if you want to see us be even more responsive to what you need to participate in that road map discussion. That's really great. Um a couple of things coming up, just want to put the spotlight on. We have at 3 15 what's new with with desktop from our own ue cow. So I highly recommend that you attend that session and of course there's the Woman in tech live panel. So this is very exciting, moderated by yours truly and it has putting a spotlight on our women captains and our women developers. So that's very exciting. But I also hear that we're doing there's a session with jay frog coming up so peter, why don't you talk about that a little bit? >>Yeah, we have a session coming up from our partners from jay frog around devops patterns and anti patterns for continuous software updates. And another one that I'm extremely excited about is uh RM one talk from our very own Tony's from Docker. So if you have an M one and you're interested in multi arc architecture builds, check that out. It's gonna be a great, great talk. Um and then we have melissa McKay also from jay frog, talking about Docker and the container ecosystem and last but definitely not least. We'll check them all out there. Going to be great. But Brett is going to be doing I think the best panel that I'm gonna go watch and he made up a new word, it's called say this. I'm all about the trending new words today about this is gonna be awesome. Yeah. Yeah >>I'm going to have the battle bottle of the panels. >>Yeah. Yeah well mine's before years so we're not competing. So yeah we have we have two excellent panels in a row to finish off the day and just seven list is basically how to run, how can we run containers without managing servers? So it doesn't mean you don't actually have infrastructure just let's not manage service. Um Yeah and we we uh need to wrap it up and >>Uh before we do that I just want to um tell everyone that we actually have a promotion going on. So we um for those that sign up for a pro or team subscription, we're offering a 20% off so there's the U. R. L.. You can check out what the promotion is and this is for a new and returning users so you can use the promo code dr khan 21 all the information is on the website are really encourage you to check that out promotion for 20% off, join us for our panels. And we're doing a wrap up at five p.m. Where we'll have our own Ceo and that wrap up portion. Look forward to seeing there. All right, >>thank you too. All right everyone we'll see you on the next go around coming up next me and some other people awesome and Yeah. Mhm. Mhm. Yeah. >>Yeah. Yeah. Mhm. Is >>a really varied community. There's a lot of people with completely different backgrounds, completely different experience levels and completely different goals about how they want to use Docker. And I think that's really interesting. It's always easy to talk about the technology that I've used for so many years. I really love Doctor and I can find so many ways that it's useful and it's great to use in your day to day work clothes. I've >>used doctor for anything from um tracking airplanes with my son, which was a kind of cool project to more professional projects where we actually Built one of the first database as his services using docker even before it was 10 and I was released and we took it further and we start composing monitoring tools. We really start taking it to the next level. And we got to the point where I was trying to make everything in a container, I love to use >>doctor to make disposable project so I can download the project and it's been that up using Docker compose or something like that in a way that every developer that works in the project doesn't even need to know the underlying technology doesn't just need to run Docker compose up and the whole project is going to be up and running even if >>you're not using doctor and production, there are a lot of other ways that you can use doctor to make your life so much easier. As a developer, you can run your projects on your machine locally. Um as a tester you can actually launch test containers and be able to run um dependencies that your project requires. You can run real life versions so that um you're as close to production as possible. >>I was able to migrate most of the workloads from our on from uh to the cloud. Running complete IEDs inside a docker or running it or using it basically to replace their build scripts or using it to run not web applications but maybe compile c plus plus code or compile um projects that really just require some sort of consistency across their team, >>whether it be a web app or a database, I can control these all the same. That was really the power I saw within Doctors standardization and the portability >>doctor isn't the one that created containers uh and uh but it's the one that made it uh democratically possible, so everyone use it. And this effort has made the technology environment so much better for everyone that uses it, both for developers and for end users. So this >>past year has been quite interesting and I think we're all in the same boat here, so no one has, no one is an exception to this, but what we all learn from it is, you know, the community is very important and to lean on other people for help for assistance. >>Yeah, it's been really challenging of course, but I think the biggest and most obvious thing that I've learned both on a personal and a business perspective is just to be ready to adapt to change and don't be afraid of it either. I think it's worth noting that you should never really take it for granted that the paradigms of, you know, the world or technology or something like that aren't going to shift drastically and very, very quickly. >>I'm looking forward to what is coming down the pipe with doctor. What more are they going to throw our way in order to make our lives easier? >>It's very interesting to see the company grow and adapt the way it has. I mean it as well as the community, it's been very interesting to see, you know, how, you know, the return to develop our focus is now the main focus and I find that's very interesting because, you know, developers are the ones that really boost the doctor to where it is today. And if we keep on encouraging these developer innovation, we'll just see more tools being developed on top of Doctor in the future, and that's what I'm really excited to see with Doctor and the technology in the future.