(upbeat music) >> Hello, and welcome back to AWS Startup Showcase, I'm John Furrier, your host. This is the Hero panel, the AWS Heroes. These are folks that have a lot of experience in Open Source, having fun building great projects and commercializing the value and best practices of Open Source innovation. We've got some great guests here. Liz Rice, Chief Open Source Officer, Isovalent. CUBE alumni, great to see you. Brian LeRoux, who is the Co-founder and CTO of begin.com. Erica Windisch who's an Architect for Developer Experience. AWS Hero, also CUBE alumni. Casey Lee, CTO Gaggle. Doing some great stuff in ed tech. Great collection of experts and experienced folks doing some fun stuff, welcome to this conversation this CUBE panel. >> Hi. >> Thanks for having us. >> Hello. >> Let's go down the line. >> I don't normally do this, but since we're remote and we have such great guests, go down the line and talk about why Open Source is important to you guys. What projects are you currently working on? And what's the coolest thing going on there? Liz we'll start with you. >> Okay, so I am very involved in the world of Cloud Native. I'm the chair of the technical oversight committee for the Cloud Native Computing Foundation. So that means I get to see a lot of what's going on across a very broad range of Cloud Native projects. More specifically, Isovalent. I focus on Cilium, which is it's based on a technology called EBPF. That is to me, probably the most exciting technology right now. And then finally, I'm also involved in an organization called OpenUK, which is really pushing for more use of open technologies here in the United Kingdom. So spread around lots of different projects. And I'm in a really fortunate position, I think, to see what's happening with lots of projects and also the commercialization of lots of projects. >> Awesome, Brian what project are you working on? >> Working project these days called Architect. It's a Open Source project built on top of AWSM. It adds a lot of sugar and terseness to the SM experience and just makes it a lot easier to work with and get started. AWS can be a little bit intimidating to people at times. And the Open Source community is stepping up to make some of that bond ramp a little bit easier. And I'm also an Apache member. And so I keep a hairy eyeball on what's going on in that reality all the time. And I've been doing this open-source thing for quite a while, and yeah, I love it. It's a great thing. It's real science. We get to verify each other's work and we get to expand and build on human knowledge. So that's a huge honor to just even be able to do that and I feel stoked to be here so thanks for having me. >> Awesome, yeah, and totally great. Erica, what's your current situation going on here? What's happening? >> Sure, so I am currently working on developer experience of a number of Open Source STKS and CLI components from my current employer. And previously, recently I left New Relic where I was working on integrating with OpenTelemetry, as well as a number of other things. Before that I was a maintainer of Docker and of OpenStack. So I've been in this game for a while as well. And I tend to just put my fingers in a lot of little pies anywhere from DVD players 20 years ago to a lot of this open telemetry and monitoring and various STKs and developer tools is where like Docker and OpenStack and the STKs that I work on now, all very much focusing on developer as the user. >> Yeah, you're always on the wave, Erica great stuff. Casey, what's going on? Do you got some great ed techs happening? What's happening with you? >> Yeah, sure. The primary Open Source project that I'm contributing to right now is ACT. This is a tool I created a couple of years back when GitHub Actions first came out, and my motivation there was I'm just impatient. And that whole commit, push, wait time where you're testing out your pipelines is painful. And so I wanted to build a tool that allowed developers to test out their GitHub Actions workflows locally. And so this tool uses Docker containers to emulate, to get up action environment and gives you fast feedback on those workflows that you're building. Lot of innovation happening at GitHub. And so we're just trying to keep up and continue to replicate those new features functionalities in the local runner. And the biggest challenge I've had with this project is just keeping up with the community. We just passed 20,000 stars, and it'd be it's a normal week to get like 10 PRs. So super excited to announce just yesterday, actually I invited four of the most active contributors to help me with maintaining the project. And so this is like a big deal for me, letting the project go and bringing other people in to help lead it. So, yeah, huge shout out to those folks that have been helping with driving that project. So looking forward to what's next for it. >> Great, we'll make sure the SiliconANGLE riders catch that quote there. Great call out. Let's start, Brian, you made me realize when you mentioned Apache and then you've been watching all the stuff going on, it brings up the question of the evolution of Open Source, and the commercialization trends have been very interesting these days. You're seeing CloudScale really impact also with the growth of code. And Liz, if you remember, the Linux Foundation keeps making projections and they keep blowing past them every year on more and more code and more and more entrance coming in, not just individuals, corporations. So you starting to see Netflix donates something, you got Lyft donate some stuff, becomes a project company forms around it. There's a lot of entrepreneurial activity that's creating this new abstraction layers, new platforms, not just tools. So you start to see a new kickup trajectory with Open Source. You guys want to comment on this because this is going to impact how fast the enterprise will see value here. >> I think a really great example of that is a project called Backstage that's just come out of Spotify. And it's going through the incubation process at the CNCF. And that's why it's front of mind for me right now, 'cause I've been working on the due diligence for that. And the reason why I thought it was interesting in relation to your question is it's spun out of Spotify. It's fully Open Source. They have a ton of different enterprises using it as this developer portal, but they're starting to see some startups emerging offering like a hosted managed version of Backstage or offering services around Backstage or offering commercial plugins into Backstage. And I think it's really fascinating to see those ecosystems building up around a project and different ways that people can. I'm a big believer. You cannot sell the Open Source code, but you can sell other things that create value around Open Source projects. So that's really exciting to see. >> Great point. Anyone else want to weigh in and react to that? Because it's the new model. It's not the old way. I mean, I remember when I was in college, we had the Pirate software. Open Source wasn't around. So you had to deal under the table. Now it's free. But I mean the old way was you had to convince the enterprise, like you've got a hard knit, it builds the community and the community manage the quality of the code. And then you had to build the company to make sure they could support it. Now the companies are actually involved in it, right? And then new startups are forming faster. And the proof points are shorter and highly accelerated for that. I mean, it's a whole new- >> It's a Cambrian explosion, and it's great. It's one of those things that it's challenging for the new developers because they come in and they're like, "Whoa, what is all this stuff that I'm supposed to figure out?" And there's no right answer and there's no wrong answer. There's just tons of it. And I think that there's a desire for us to have one sort of well-known trot and happy path, that audience we're a lot better with a more diverse community, with lots of options, with lots of ways to approach these problems. And I think it's just great. A challenge that we have with all these options and all these Cambrian explosion of projects and all these competing ideas, right now, the sustainability, it's a bit of a tricky question to answer. We know that there's a commercialization aspect that helps us fund these projects, but how we compose the open versus the commercial source is still a bit of a tricky question and a tough one for a lot of folks. >> Erica, would you chime in on that for a second. I want to get your angle on that, this experience and all this code, and I'm a new person, I'm an existing person. Do I get like a blue check mark and verify? I mean, these are questions like, well, how do you navigate? >> Yeah, I think this has been something happening for a while. I mean, back in the early OpenStack days, 2010, for instance, Rackspace Open Sourcing, OpenStack and ANSU Labs and so forth, and then trying, having all these companies forming in creating startups around this. I started at a company called Cloudccaling back in late 2010, and we had some competitors such as Piston and so forth where a lot of the ANSUL Labs people went. But then, the real winners, I think from OpenStack ended up being the enterprises that jumped in. We had Red Hat in particular, as well as HP and IBM jumping in and investing in OpenStack, and really proving out a lot of... not that it was the first time, but this is when we started seeing billions of dollars pouring into Open Source projects and Open Source Foundations, such as the OpenStack Foundation, which proceeded a lot of the things that we now see with the Linux Foundation, which was then created a little bit later. And at the same time, I'm also reflecting a little bit what Brian said because there are projects that don't get funded, that don't get the same attention, but they're also getting used quite significantly. Things like Log4j really bringing this to the spotlight in terms of projects that are used everywhere by everything with significant outsized impacts on the industry that are not getting funded, that aren't flashy enough, that aren't exciting enough because it's just logging, but a vulnerability in it brings every everything and everybody down and has possibly billions of dollars of impact to our industry because nobody wanted to fund this project. >> I think that brings up the commercialization point about maybe bringing a venture capital model in saying, "Hey, that boring little logging thing could be a key ingredient for say solving some observability problems so I think let's put some cash." Again then we'd never seen that before. Now you're starting to see that kind of a real smart investment thesis going into Open Source projects. I mean, Promethease, Crafter, these are projects that turned off companies. This is turning up companies. >> A decade ago, there was no money in Dev tools that I think that's been fully debunked now. They used to be a concept that the venture community believed, but there's just too much evidence to the contrary, the companies like Cash Court, Datadog, the list goes on and on. I think the challenge for the Open Source (indistinct) comes back to foundations and working (indistinct) these developers make this code safe and secure. >> Casey, what's your reaction to all of this? You've got, so a project has gained some traction, got some momentum. There's a lot of mission critical. I won't say white spaces, but the opportunities in the big cloud game happening. And there's a lot of, I won't say too many entrepreneurial, but there's a lot of community action happening that's precommercialization that's getting traction. How does this all develop naturally and then vector in quickly when it hits? >> Yeah, I want to go back to the Log4j topic real quick. I think that it's a great example of an area that we need to do better at. And there was a cool article that Rob Pike wrote describing how to quantify the criticality. I think that's sort of quantifying criticality was the article he wrote on how to use metrics, to determine how valuable, how important a piece of Open Source is to the community. And we really need to highlight that more. We need a way to make it more clear how important this software is, how many people depend on it and how many people are contributing to it. And because right now we all do that. Like if I'm going to evaluate an Open Source software, sure, I'll look at how many stars it has and how many contributors it has. But I got to go through and do all that work myself and come up with. It would be really great if we had an agreed upon method for ranking the criticality of software, but then also the risk, hey, that this is used by a ton of people, but nobody's contributing to it anymore. That's a concern. And that would be great to potential users of that to signal whether or not it makes sense. The Open Source Security Foundation, just getting off the ground, they're doing some work in this space, and I'm really excited to see where they go with that looking at ways to stop score critically. >> Well, this brings up a good point while we've got everyone here, let's take a plug and plug a project you think that's not getting the visibility it needs. Let's go through each of you, point out a project that you think people should be looking at and talking about that might get some free visibility here. Anyone want to highlight projects they think should be focused more on, or that needs a little bit of love? >> I think, I mean, particularly if we're talking about these sort of vulnerability issues, there's a ton of work going on, like in the Secure Software Foundation, other foundations, I think there's work going on in Apache somewhere as well around the bill of material, the software bill of materials, the Secure Software supply chain security, even enumerating your dependencies is not trivial today. So I think there's going to be a ton of people doing really good work on that, as well as the criticality aspect. It's all like that. There's a really great xkcd cartoon with your software project and some really big monolithic lumps. And then, this tiny little piece in a very important point that's maintained by somebody in his bedroom in Montana or something and if you called it out. >> Yeah, you just opened where the next lightening and a bottle comes from. And this is I think the beauty of Open Source is that you get a little collaboration, you get three feet in a cloud of dust going and you get some momentum, and if it's relevant, it rises to the top. I think that's the collective intelligence of Open Source. The question I want to ask that the panel here is when you go into an enterprise, and now that the game is changing with a much more collaborative and involved, what's the story if they say, hey, what's in it for me, how do I manage the Open Source? What's the current best practice? Because there's no doubt I can't ignore it. It's in everything we do. How do I organize around it? How do I build around it to be more efficient and more productive and reduce the risk on vulnerabilities to managing staff, making sure the right teams in place, the right agility and all those things? >> You called it, they got to get skin in the game. They need to be active and involved and donating to a sustainable Open Source project is a great way to start. But if you really want to be active, then you should be committing. You should have a goal for your organization to be contributing back to that project. Maybe not committing code, it could be committing resources into the darks or in the tests, or even tweeting about an Open Source project is contributing to it. And I think a lot of these enterprises could benefit a lot from getting more active with the Open Source Foundations that are out there. >> Liz, you've been actively involved. I know we've talked personally when the CNCF started, which had a great commercial uptake from companies. What do you think the current state-of-the-art kind of equation is has it changed a little bit? Or is it the game still the same? >> Yeah, and in the early days of the CNCF, it was very much dominated by vendors behind the project. And now we're seeing more and more membership from end-user companies, the kind of enterprises that are building their businesses on Cloud Native, but their business is not in itself. That's not there. The infrastructure is not their business. And I think seeing those companies, putting money in, putting time in, as Brian says contributing resources quite often, there's enough money, but finding the talent to do the work and finding people who are prepared to actually chop the wood and carry the water, >> Exactly. >> that it's hard. >> And if enterprises can find peoples to spend time on Open Source projects, help with those chores, it's hugely valuable. And it's one of those the rising tide floats all the boats. We can raise security, we can reduce the amount of dependency on maintain projects collectively. >> I think the business models there, I think one of the things I'll react to and then get your guys' comments is remember which CubeCon it was, it was one of the early ones. And I remember seeing Apple having a booth, but nobody was manning. It was just an Apple booth. They weren't doing anything, but they were recruiting. And I think you saw the transition of a business model where the worry about a big vendor taking over a project and having undue influence over it goes away because I think this idea of participation is also talent, but also committing that talent back into the communities as a model, as a business model, like, okay, hire some great people, but listen, don't screw up the Open Source piece of it 'cause that's a critical. >> Also hire a channel, right? They can use those contributions to source that talent and build the reputation in the communities that they depend on. And so there's really a lot of benefit to the larger organizations that can do this. They'll have a huge pipeline of really qualified engineers right out the gate without having to resort to cheesy whiteboard interviews, which is pretty great. >> Yeah, I agree with a lot of this. One of my concerns is that a lot of these corporations tend to focus very narrowly on certain projects, which they feel that they depend greatly, they'll invest in OpenStack, they'll invest in Docker, they'll invest in some of the CNCF projects. And then these other projects get ignored. Something that I've been a proponent of for a little bit for a while is observability of your dependencies. And I don't think there's quite enough projects and solutions to this. And it sounds maybe from lists, there are some projects that I don't know about, but I also know that there's some startups like Snyk and so forth that help with a little bit of this problem, but I think we need more focus on some of these edges. And I think companies need to do better, both in providing, having some sort of solution for observability of the dependencies, as well as understanding those dependencies and managing them. I've seen companies for instance, depending on software that they actively don't want to use based on a certain criteria that they already set projects, like they'll set a requirement that any project that they use has a code of conduct, but they'll then use projects that don't have codes of conduct. And if they don't have a code of conduct, then employees are prohibited from working on those projects. So you've locked yourself into a place where you're depending on software that you have instructed, your employees are not allowed to contribute to, for certain legal and other reasons. So you need to draw a line in the sand and then recognize that those projects are ones that you don't want to consume, and then not use them, and have observability around these things. >> That's a great point. I think we have 10 minutes left. I want to just shift to a topic that I think is relevant. And that is as Open Source software, software, people develop software, you see under the hood kind of software, SREs developing very quickly in the CloudScale, but also you've got your classic software developers who were writing code. So you have supply chain, software supply chain challenges. You mentioned developer experience around how to code. You have now automation in place. So you've got the development of all these things that are happening. Like I just want to write software. Some people want to get and do infrastructure as code so DevSecOps is here. So how does that look like going forward? How has the future of Open Source going to make the developers just want to code quickly? And the folks who want to tweak the infrastructure a bit more efficient, any views on that? >> At Gaggle, we're using AWS' CDK, exclusively for our infrastructure as code. And it's a great transition for developers instead of writing Yammel or Jason, or even HCL for their infrastructure code, now they're writing code in the language that they're used to Python or JavaScript, and what that's providing is an easier transition for developers into that Infrastructure as code at Gaggle here, but it's also providing an opportunity to provide reusable constructs that some Devs can build on. So if we've got a very opinionated way to deploy a serverless app in a database and do auto-scaling behind and all stuff, we can present that to a developer as a library, and they can just consume it as it is. Maybe that's as deep as they want to go and they're happy with that. But then they want to go deeper into it, they can either use some of the lower level constructs or create PRs to the platform team to have those constructs changed to fit their needs. So it provides a nice on-ramp developers to use the tools and languages they're used to, and then also go deeper as they need. >> That's awesome. Does that mean they're not full stack developers anymore that they're half stack developers they're taking care of for them? >> I don't know either. >> We'll in. >> No, only kidding. Anyway, any other reactions to this whole? I just want to code, make it easy for me, and some people want to get down and dirty under the hood. >> So I think that for me, Docker was always a key part of this. I don't know when DevSecOps was coined exactly, but I was talking with people about it back in 2012. And when I joined Docker, it was a part of that vision for me, was that Docker was applying these security principles by default for your application. It wasn't, I mean, yes, everybody adopted because of the portability and the acceleration of development, but it was for me, the fact that it was limiting what you could do from a security angle by default, and then giving you these tuna balls that you can control it further. You asked about a project that may not get enough recognition is something called DockerSlim, which is designed to optimize your containers and will make them smaller, but it also constraints the security footprint, and we'll remove capabilities from the container. It will help you build security profiles for app armor and the Red Hat one. SELinux. >> SELinux. >> Yeah, and this is something that I think a lot of developers, it's kind of outside of the realm of things that they're really thinking about. So the more that we can automate those processes and make it easier out of the box for users or for... when I say users, I mean, developers, so that it's straightforward and automatic and also giving them the capability of refining it and tuning it as needed, or simply choosing platforms like serverless offerings, which have these security constraints built in out of the box and sometimes maybe less tuneable, but very strong by default. And I think that's a good place for us to be is where we just enforced these things and make you do things in a secure way. >> Yeah, I'm a huge fan of Kubernetes, but it's not the right hammer for every nail. And there are absolutely tons of applications that are better served by something like Lambda where a lot more of that security surface is taken care of for the developer. And I think we will see better tooling around security profiling and making it easier to shrink wrap your applications that there are plenty of products out there that can help you with this in a cloud native environment. But I think for the smaller developer let's say, or an earlier stage company, yeah, it needs to be so much more straightforward. Really does. >> Really an interesting time, 10 years ago, when I was working at Adobe, we used to requisition all these analysts to tell us how many developers there were for the market. And we thought there was about 20 million developers. If GitHub's to be believed, we think there is now around 80 million developers. So both these groups are probably wrong in their numbers, but the takeaway here for me is that we've got a lot of new developers and a lot of these new developers are really struck by a paradox of choice. And they're typically starting on the front end. And so there's a lot of movement in the stack moved towards the front end. We saw that at re:Invent when Amazon was really pushing Amplify 'cause they're seeing this too. It's interesting because this is where folks start. And so a lot of the obstructions are moving in that direction, but maybe not always necessarily totally appropriate. And so finding the right balance for folks is still a work in progress. Like Lambda is a great example. It lets me focus totally on just business logic. I don't have to think about infrastructure pretty much at all. And if I'm newer to the industry, that makes a lot of sense to me. As use cases expand, all of a sudden, reality intervenes, and it might not be appropriate for everything. And so figuring out what those edges are, is still the challenge, I think. >> All right, thank you very much for coming on the CUBE here panel. AWS Heroes, thanks everyone for coming. I really appreciate it, thank you. >> Thank you. >> Thank you. >> Okay. >> Thanks for having me. >> Okay, that's a wrap here back to the program and the awesome startups. Thanks for watching. (upbeat music)

>> Narrator: From around the globe, it's theCUBE with coverage of KubeCon and CloudNativeCon Europe 2021 virtual. Brought to you by Red Hat, The Cloud Native Computing Foundation, and ecosystem partners. >> Hey, welcome back to theCUBE's coverage of KubeCon 2021 CloudNativeCon Europe. Part of the CNCF and ongoing, could be in there from the beginning, love this community, theCUBE's proud to support and continue to cover it. We're virtual this year again because of the pandemic but it looks like we'll be right around the corner for a physical event, hopefully for the next one, fingers crossed. Got a great guest here from Red Hat. Siamak Sadeghianfar, a Senior Principal Product Manager. Welcome to theCUBE. Thanks for coming in. >> Thank you for having me. >> So, this topic's about GitOps, Pipelines, code. Obviously Infrastructure as Code has been the ethos since I can remember going back to 2008 and the original cloutaroti vision. And we were always talking about that. Now it's mainstream. Now it's DevSecOps. So, it's now, day two operations, shifting left with security. OpenShift is continuing to get, take ground. Congratulations on that. So my first question is you guys announced the general availability of OpenShift Pipelines and GitOps at KubeCon. What are, what's this about? And what's the benefits for the customer. Let's get into the news >> Thanks for, to begin with for the Congress and this, this is definitely a hot topic around the DevSecOps. And the different variations of that year about some versions that during in, in FinTech and other verticals as well. The idea is here really is that CI/CD has been around for a long time, continuous integration and continuous delivery, as one of the core practices of the DevOps movement. DevOps movement is quite widespread, now. You, you see reports of above 90% of organizations are in the process of adoption in their journey. And this is one of the main practices but something that has become quite apparent is that many of these organizations that are investing more and more in Cloud Native apps and adopting Cloud Native ways of building applications the tooling and technology that they use for CI/CD since CI/CD is nothing new is from 10 years old, five years old pre Kubernetes era which is not quite Cloud Native. So there is always a clash of how do I build Cloud Natives application using these technologies that are not really built for Cloud Native space and an OpenShift Pipelines OpenShift GitOps is really an opening in this direction and bring more Cloud Native ways of continuous integration and continuous delivery to customers on OpenShift. >> Got it, so I got to ask you, so a couple of questions on this topic, I really want to dig into. Can you describe the Cloud Native CI/CD process versus traditional CI/CD? >> Sure, so traditional when we think about CI/CD there is usually this monolithic solutions that are running on a virtual machine on a type of infrastructure that they use to deploy applications as well. 'Cause you, you need reliability and you have to be making an assumption about an infrastructure that you're running on. And when you come to Cloud Native infrastructure you have a much more dynamic infrastructure. We have a lot less assumptions. You might be running on a public cloud or on premise infrastructure or different types of public cloud. So these environments are often also containerized. So there are, there's a high chance you're running on a container platform, regardless if it's a public or on premises. And with the whole containers, you, you have different types of disciplines and principals to think in, about your infrastructure. So in the Cloud Native ways of CI/CD, you're running most likely in a container platform. You don't have dedicated infrastructure. You are running mostly on demand. You scale when there is a demand for running CI/CD, for example, rather than dedicated infrastructure to it. And also from the mode of operation from organization perspective, they are more adapted to this decentralized ways of ownership. As a part of the DevOps culture, this comes really with that movement, that more and more development teams are getting ownership of some portion of the delivery of their applications. And it's cognitive CS/CD solutions, they focus on supporting these models that you go away from that central model of control to decentralize and have more ownership, more capabilities within the development teams for delivering application. >> Okay, so I then have to ask you the next question. It's like you, like a resource, you'd say: Hey Siri, what is, what is GitOps? What is GitOps? 'Cause that's the topic that's been getting a lot of traction, everyone's talking about it. I mean we know DevOps. So what is the GitOps model? Can you define that? And is that what a, it that what comes after DevOps? Is it DevOps 2.0, what is the GitOps model? >> That's a very good question. GitOps is nothing really new. It's rather a more descriptive way of DevOps principles. DevOps talks about the cultural changes and mindset and ways of working. And when it comes to the, to the concrete work flow it is quite open for interpretation. So GitOps is one, a specific interpretation of how you, you do continuous integration and continuous delivery, how we implement DevOps. And the concept have been around for a couple of years. But just recently, it's got a lot of traction within the Cloud Native space. >> So how does GitOps fit into Kubernetes then? 'Cause that's going to be the next dot that we want to connect. What is that, what is, how, how. How does GitOps fit into Kubernetes? >> So GitOps is really the, the core principle of GitOps is that you, you, you think about everything in your infrastructure and application in a declarative manner. So everything needs to be declared in, in, in a number of gate repositories and you drive your operations through Git Workflows. Which if you think about it is quite similar to how Kubernetes operates. The, the reason Kubernetes became so popular is because of this declarative way of thinking about your infrastructure. You declare what you expect and Kubernetes actualizes that on, on some sort of infrastructure. So GitOps is, is, is exact same concept, but the, but applied not to the infrastructure itself, but to the operations of that infrastructure, operations of those applications. It becomes a really nice fit together. It's the same mindset really applied in different place. >> It's like Kubernetes is like the linchpin or the enabler for GitOps. Just a whole nother level of, I mean, I think GitOps essentially DevOps 2.0 in my opinion because it takes this whole nother level above that for the developer modern developer because it allows them to do more. So it's been around for a while. We've been talking about this, it's got a new name but GitOps is kind of concept has been around. Why is the increase adoption happening now in your opinion or do you have any data on or any facts or opinion on why it's such an increase in, in conversation and adoption? >> You had the, you had like very accurate point there that Kubernetes has been a great enabler for, for DevOps and later the same applies to GitOps as well because of that, that great fit. It has been, GitOps the concept has been there but implementation of that has been quite difficult before Kubernetes and also for non-containerized environments. Kubernetes is, is a very potent platform for this kind of operation because the the mindset and the ways of working is really native to how Kubernetes thinks. But there is also another driver that has been influential in, in the rise of GitOps in the last year or two. And this is an observation we see at a lot of our customers, that the number of clusters that organizations are deploying, Kubernetes clusters increasing. As their maturity increases they get more comfortable with Cloud Native way of working and transfer the workflows to become Cloud Native, they are, they are having, they move more and more of their infrastructure to Kubernetes clusters. So a new challenge rises with this. And now that I have a larger number of clusters how do I ensure consistency across all these, all these clusters? So before I had to deploy an application to production environment, perhaps, which meant two clusters across two geographical zones. Now I have to deploy to 20 clusters. And these 20 clusters also change over time. So this week is a different 20 clusters then three weeks from now. So this, this dynamic ways of working and the customers maturing in, in dealing with Kubernetes operating communities has increased really the pace of adoption of GitOps because it addresses a lot of those challenges that customers are dealing with in this space. >> Yeah, you bring up a really good challenge there. And I think that's worth calling out, this idea of expansion. And I won't say sprawl because it's not a sprawl of cluster. It's more a state provisioning and standing up clusters. And you said they they're changing because the environment has needs and the workloads might have requirements. This makes total sense in a DevOps kind of GitOps way. So I get that and I see that definitely happening. So this brings up the question, if I'm a customer, what I'm worried about is I don't want to have that Hadoop factor where I build a cluster and it takes too long to manage it, or I can't measure it, or understand the data, or have any observability. So I want to have an ease of provisioning and standing up and I want to have consistency that my apps who are using it, don't have to be, you know mangled with or coded with. So, you know, this combination of ease of deploying, ease of integrating, ease of consuming the clusters becomes a service model. Can you share your thoughts on how that gets solved? >> Yeah, absolutely. So that, that's a great point because as, as this is happening, there is also heterogenesis in this, this type of Kubernetes infrastructure window. Like, they're all Kubernetes but this problem also has multiple facets as customers running on multiple public clouds and, and combination of that with their on-premise Kubernetes clusters. And that is, they may as well be OpenShift across all this, all this infrastructure. But the, the problem that GitOps helps its customers advise that they can have the exact same operational model across all these apps and infrastructure, regardless of what kind of application it is. And regardless of where OpenShift is installed or if you're using that combined with a public cloud managed a Kubernetes stats, is the exact same process because you're relying on, on the Gits Workflows, right? And even beyond that, this standard workflow has the benefit of something that many organizations are already familiar with. So if you think about what GitOps operations mean it is essentially what developers have been always using for developing applications. So this standardizes the operations of both application and infrastructure as solvers. >> Listen to me, I got to ask you as the product manager on the whole pipelining in Kubernetes deployments. In your opinion, share your perspective on, real quick, on Kubernetes, where we're at? Because just the accelerated adoption has been phenomenal. We've seen it mature this year at KubeCon. And certainly when KubeCon North America happens, you're going to see more and more end user participation. You're going to see much more end-user use cases. You mentioned clusters are growing. What's the state of Kubernetes from your perspective, from a developer mindset? >> So Kubernetes, I think it has moved from a place that it was seen as only a, a type of infrastructure for Cloud Native applications because of the capability that it provides to a type of infrastructure for any type of application, any type of workload. I think what we have seen over the last two years is, is a shift to expansion of the use cases. And if, if you are, you talked about head open if you are a data scientist, or if you are an AIML type of developer or any type of workload really, see use cases that are coming to the Kubernetes platform as the targets type of infrastructure. So that's really where we see Kubernetes at right now is the really, the preferred infrastructure for any type of workload. And I believe this trend going to to keep continuing to address any of the challenge that exists that prevents maybe part of the, a particular type of workload to address that within the platform and opens that to add to, to developers. Which means for the developers now, once you learn the platform you are really proficient in a, you have this skills for any type of application or any type of infrastructure because they're all standardized, regardless of what type of application or workloads or technology you're specialized in. They're all going to the exact same platform. So it's very standardized type of skills across organizations, different type of teams that they have. >> Awesome, great, thanks for sharing that insight and definition. You're like a walking dictionary today for our CUBE audience. Thank you for all this good stuff. Appreciate it. Final question for you is, what does it mean for developers that are using Jenkins or other cloud-based CI solutions like GitHub Actions? What, what's the impact to them with all this from a working standpoint? 'Cause obviously you've got to make it workable. >> Right, so it's CI/CD also like it's, it's it's great to see like with DevOps adoption, there are many organizations that already have processes in place. They have, they're already using a CI tool or a CD tool. They might be using Jenkins. A lot of organizations really use, use Jenkins even though it comes with challenges and you might be using public cloud services or cloud-based CI tools, like you have Actions, you have pipelines and so on. So we are very well aware of the existing investment that many organizational teams have made. And we make sure that OpenShift as a platform works really well alongside all these different types of CI and CD technology that exists. We want to make sure that for developers starting on OpenShift, they, they have a really solid Cloud Native foundation for CI/CD. They have of strategies included but replaceable type of strategies. So they, they have a supportive platform that is Cloud Native, that gives them capability that matches the type of Cloud Native workloads that they have on the platform but also integrate well with existing tooling that exists around CI/CD. So that they can match and choose if they want to replace a piece of that with an existing investment that they have done, integrated with the rest of the platform. >> Awesome, well, great to have you on. Having the principal product manager is awesome, to talk about the two new announcements here. OpenShift pipe, Pipelines, and OpenShift GitOps. Final, final question, bumper sticker this for the audience. What's the bottom line with OpenShift Pipelines and GitOps? What's the, what's the bottom line benefit for customers? >> It's a, so OpenShift Pipeline and OpenShift GitOps makes it really simple for customers to create Cloud Native Pipelines and GitOps model for delivering application. And also making cluster changes across a large range of clusters that they have, make it really simple to grow from that point to many, many clusters and still manage the complexity of this complex infrastructure that it will be growing into. >> All right, Siamak Sadeghianfar, Senior Principal Product Manager at Red Hat. Here for the KubeCon + CloudNativeCon, Europe. CUBE conversation, thanks for coming on, appreciate it. >> Thanks John, thanks for having me. Okay, CUBE coverage continues. I'm John Farrow with theCUBE. Thanks for watching. (upbeat music)