>>The cube presents, Coon and cloud native con Europe, 2022. Brought to you by red hat, the cloud native computing foundation and its ecosystem partners. >>Welcome to Valencia Spain and cuon cloud native con 20 Europe, 2022. I'm your host Keith towns alongside a new hope en Rico, senior reti, senior editor. I'm sorry, senior it analyst at <inaudible> Enrique. Welcome to the program. >>Thank you very much. And thank you for having me. It's exciting. >>So thoughts, high level thoughts of CU con first time in person again in couple years? >>Well, this is amazing for several reasons. And one of the reasons is that yeah, I had the chance to meet, uh, with, uh, you know, people like you again. I mean, we, we met several times over the internet over zoom calls. I, I started to eat these zoom codes. <laugh> because they're really impersonal in the end. And like last night we, we are together group of friends, industry folks. It's just amazing. And a part of that, I mean, the event is, uh, is a really cool, it's really cool. There are a lot from people interviews and, you know, real people doing real stuff, not just, uh, you know, again, in personal calls, you don't even know if they're telling the truth, but when you can, you know, look in their eyes, what they're doing, I, I think that's makes a difference. >>So speaking about real people, meeting people for the first time, new jobs, new roles, Greg Moscarella, enterprise container management and general manager at SUSE. Welcome to the show, welcome back clue belong. >>Thank you very much. It's awesome to be here. It's awesome to be back in person. And I completely agree with you. Like there's a certain fidelity to the conversation and a certain, uh, ability to get to know people a lot more. So it's absolutely fantastic to be here. >>So Greg, tell us about your new role and what SUSE has gone on at KU coupon. >>Sure. So I joined SA about three months ago to lead the rancher business unit, right? So our container management pieces and, you know, it's a, it's a fantastic time. Cause if you look at the transition from virtual machines to containers and to moving to microservices, right alongside that transition from on-prem to cloud, like this is a very exciting time to be in this industry. And rancher has been setting the stage. And again, I'm go back to being here. Rancher's all about the community, right? So this is a very open, independent, uh, community driven product and project. And so this, this is kinda like being back to our people, right. And being able to reconnect here. And so, you know, doing it, digital is great, but, but being here is changes the game for us. So we, we feed off that community. We feed off the energy. So, uh, and again, going back to the space and what's happening in it, great time to be in this space. And you guys have seen the transitions you've seen, I mean, we've seen just massive adoption, uh, of containers and Kubernetes overall and ranchers been been right there with some amazing companies doing really interesting things that I'd never thought of before. Uh, so I'm, I'm still learning on this, but, um, but it's been great so far. >>Yeah. And you know, when we talk about strategy about Kubernetes today, we are talking about very broad strategies. I mean, not just the data center or the cloud with, you know, maybe smaller organization adopting Kubernetes in the cloud, but actually large organization thinking guide and more and more the edge. So what's your opinion on this, you know, expansion of Kubernetes towards the edge. >>So I think you're, I think you're exactly right. And that's actually a lot of meetings I've been having here right now is these are some of these interesting use cases. So people who, uh, whether it be, you know, ones that are easy to understand in the telco space, right? Especially the adoption of 5g and you have all these space stations, new towers, and they have not only the core radio functions or network functions that they're trying to do there, but they have other applications that wanna run on that same environment. Uh, I spoke recently with some of our, our good friends at a major automotive manufacturer, doing things in their factories, right. That can't take the latency of being somewhere else. Right. So they have robots on the factory floor, the latency that they would experience if they tried to run things in the cloud meant that robot would've moved 10 centimeters. >>By the time, you know, the signal got back, it may not seem like a lot to you, but if, if, if you're an employee, you know, there, you know, uh, a big 2000 pound robot being 10 centimeters closer to you may not be what you, you really want. Um, there's, there's just a tremendous amount of activity happening out there on the retail side as well. So it's, it's amazing how people are deploying containers in retail outlets. You know, whether it be fast food and predicting, what, what, how many French fries you need to have going at this time of day with this sort of weather. Right. So you can make sure those queues are actually moving through. It's, it's, it's really exciting and interesting to look at all the different applications that are happening. So yes, on the edge for sure, in the public cloud, for sure. In the data center and we're finding is people want a common platform across those as well. Right? So for the management piece too, but also for security and for policies around these things. So, uh, it really is going everywhere. >>So talk to me, how do, how are we managing that as we think about pushing stuff out of the data center, out of the cloud cloud, closer to the edge security and life cycle management becomes like top of mind thought as, as challenges, how is rancher and sushi addressing >>That? Yeah. So I, I think you're, again, spot on. So it's, it starts off with the think of it as simple, but it's, it's not simple. It's the provisioning piece. How do we just get it installed and running right then to what you just asked the management piece of it, everything from your firmware to your operating system, to the, the cluster, uh, the Kubernetes cluster, that's running on that. And then the workloads on top of that. So with rancher, uh, and with the rest of SUSE, we're actually tacking all those parts of the problems from bare metal on up. Uh, and so we have lots of ways for deploying that operating system. We have operating systems that are, uh, optimized for the edge, very secure and ephemeral container images that you can build on top of. And then we have rancher itself, which is not only managing your ES cluster, but can actually start to manage the operating system components, uh, as well as the workload components. >>So all from your single interface, um, we mentioned policy and security. So we, yeah, we'll probably talk about it more, um, uh, in a little bit, but, but new vector, right? So we acquired a company called new vector, just open sourced, uh, that here in January, that ability to run that level of, of security software everywhere again, is really important. Right? So again, whether I'm running it on, whatever my favorite public cloud providers, uh, managed Kubernetes is, or out at the edge, you still have to have security, you know, in there. And, and you want some consistency across that. If you have to have a different platform for each of your environments, that's just upping the complexity and the opportunity for error. So we really like to eliminate that and simplify our operators and developers' lives as much as possible. >>Yeah. From this point of view, are you implying that even you, you are matching, you know, self, uh, let's say managed clusters at the, at the very edge now with, with, you know, added security, because these are the two big problems lately, you know, so having something that is autonomous somehow easier to manage, especially if you are deploying hundreds of these that's micro clusters. And on the other hand, you need to know a policy based security that is strong enough to be sure again, if you have these huge robots moving too close to you, because somebody act the, the, the class that is managing them, that is, could be a huge problem. So are you, you know, approaching this kind of problems? I mean, is it, uh, the technology that you are acquired, you know, ready to, to do this? >>Yeah. I, I mean, it, it really is. I mean, there's still a lot of innovation happening. Don't, don't get me wrong. We're gonna see a lot of, a lot more, not just from, from SA and ranch here, but from the community, right. There's a lot happening there, but we've come a long way and we solved a lot of problems. Uh, if I think about, you know, how do you have this distributed environment? Uh, well, some of it comes down to not just, you know, all the different environments, but it's also the applications, you know, with microservices, you have very dynamic environment now just with your application space as well. So when we think about security, we really have to evolve from a fairly static policy where like, you might even be able to set an IP address and a port and some configuration on that. >>It's like, well, your workload's now dynamically moving. So not only do you have to have that security capability, like the ability to like, look at a process or look at a network connection and stop it, you have to have that, uh, manageability, right? You can't expect an operator or someone to like go in and manually configure a YAML file, right? Because things are changing too fast. It needs to be that combination of convenient, easy to manage with full function and ability to protect your, your, uh, your resources. And I think that's really one of the key things that new vector really brings is because we have so much intelligence about what's going on there. Like the configuration is pretty high level, and then it just runs, right? So it's used to this dynamic environment. It can actually protect your workloads wherever it's going from pod to pod. Uh, and it's that, that combination, again, that manageability with that high functionality, um, that, that is what's making it so popular. And what brings that security to those edge locations or cloud locations or your data center. >>So one of the challenges you're kind of, uh, touching on is this abstraction on, upon abstraction. When I, I ran my data center, I could put, uh, say this IP address, can't talk to this IP address on this port. Then I got next generation firewalls where I could actually do, uh, some analysis. Where are you seeing the ball moving to when it comes to customers, thinking about all these layers of abstraction IP address doesn't mean anything anymore in cloud native it's yes, I need one, but I'm not, I'm not protecting based on IP address. How are customers approaching security from the name space perspective? >>Well, so it's, you're absolutely right. In fact, even when you go to IPV six, like, I don't even recognize IP addresses anymore. <laugh> yeah. >>That doesn't mean anything like, oh, just a bunch of, yeah. Those are numbers, alpha Ric >>And colons. Right. You know, it's like, I don't even know anymore. Right. So, um, yeah, so it's, it comes back to that, moving from a static, you know, it's the pets versus cattle thing. Right? So this static thing that I can sort of know and, and love and touch and kind of protect to this almost living, breathing thing, which is moving all around, it's a swarm of, you know, pods moving all over the place. And so, uh, it, it is, I mean, that's what Kubernetes has done for the workload side of it is like, how do you get away from, from that, that pet to a declarative approach to, you know, identifying your workload and the components of that workload and what it should be doing. And so if we go on the security side some more like, yeah, it's actually not even namespace namespace. >>Isn't good enough if we wanna get, if we wanna get to zero trust, it's like, just cuz you're running in my namespace doesn't mean I trust you. Right. So, and that's one of the really cool things about new vectors because of the, you know, we're looking at protocol level stuff within the network. So it's pod to pod, every single connection we can look at and it's at the protocol layer. So if you say you're on my SQL database and I have a mye request going into it, I can confirm that that's actually a mye protocol being spoken and it's well formed. Right. And I know that this endpoint, you know, which is a, uh, container image or a pod name or some, or a label, even if it's in the same name, space is allowed to talk to and use this protocol to this other pod that's running in my same name space. >>Right. So I can either allow or deny. And if I can, I can look into the content that request and make sure it's well formed. So I'll give you an example is, um, do you guys remember the log four J challenges from not too long ago, right. It was a huge deal. So if I'm doing something that's IP and port based and name space based, so what are my protections? What are my options for something that's got logged four J embedded in like, I either run the risk of it running or I shut it down. Those are my options. Like those neither one of those are very good. So we can do, because again, we're at the protocol layer. It's like, ah, I can identify any log for J protocol. I can look at whether it's well formed, you know, or if it's malicious and it's malicious, I can block it. If it's well formed, I can let it go through. So I can actually look at those, those, um, those vulnerabilities. I don't have to take my service down. I can run and still be protected. And so that, that extra level, that ability to kind of peek into things and also go pod to pod, you know, not just same space level is one of the key differences. So I talk about the evolution or how we're evolving with, um, with the security. Like we've grown a lot, we've got a lot more coming. >>So let's talk about that a lot more coming what's in the pipeline for SUSE. >>Well, probably before I get to that, we just announced new vector five. So maybe I can catch us up on what was released last week. Uh, and then we can talk a little bit about going, going forward. So new vector five, introduce something called um, well, several things, but one of the things I can talk in more detail about is something called zero drift. So I've been talking about the network security, but we also have run time security, right? So any, any container that's running within your environment has processes that are running that container. What we can do is actually comes back to that manageability and configuration. We can look at the root level of trust of any process that's running. And as long as it has an inheritance, we can let that process run without any extra configuration. If it doesn't have a root level of trust, like it didn't spawn from whatever the, a knit, um, function was in that container. We're not gonna let it run. Uh, so the, the configuration that you have to put in there is, is a lot simpler. Um, so that's something that's in, in new vector five, um, the web application firewall. So this layer seven security inspection has gotten a lot more granular now. So it's that pod Topo security, um, both for ingress egress and internal on the cluster. Right. >>So before we get to what's in the pipeline, one question around new vector, how is that consumed and deployed? >>How is new vector consumed, >>Deployed? And yeah, >>Yeah, yeah. So, uh, again with new vector five and, and also rancher 2 65, which just were released, there's actually some nice integration between them. So if I'm a rancher customer and I'm using 2 65, I can actually deploy that new vector with a couple clicks of the button in our, uh, in our marketplace. And we're actually tied into our role-based access control. So an administrator who has that has the rights can just click they're now in a new vector interface and they can start setting those policies and deploying those things out very easily. Of course, if you aren't using, uh, rancher, you're using some other, uh, container management platform, new vector still works. Awesome. You can deploy it there still in a few clicks. Um, you're just gonna get into, you have to log into your new vector, uh, interface and, and use it from there. >>So that's how it's deployed. It's, it's very, it's very simple to use. Um, I think what's actually really exciting about that too, is we've opensourced it? Um, so it's available for anyone to go download and try, and I would encourage people to give it a go. Uh, and I think there's some compelling reasons to do that now. Right? So we have pause security policies, you know, depreciated and going away, um, pretty soon in, in Kubernetes. And so there's a few things you might look at to make sure you're still able to run a secure environment within Kubernetes. So I think it's a great time to look at what's coming next, uh, for your security within your Kubernetes. >>So Paul, we appreciate chief stopping by from ity of Spain, from Spain, I'm Keith Townsend, along with en Rico Sinte. Thank you. And you're watching the, the leader in high tech coverage.

>>From around the globe covering Google cloud next. >>Hi, I'm Stu middleman and this is the cube coverage of Google cloud. Next, happy to welcome back to the program. One of our cube alumni, Clayton Coleman, he's the architect for Kubernetes and OpenShift with red hat Clayton. Thanks for joining us again. Great to see you. Good to see you. All right. So of course, one of the challenges in 2020 is we love to be able to get unity together. And while we can't do it physically, we do get to do it through all of the virtual events and online forum. Of course, you know, we had the cubit red hat summit cube con, uh, for the European show and now Google cloud. So, you know, give us kind of your, your state of the state 2020 Kubernetes. Of course it was Google, uh, taking the technology from Borg, a few people working on it, and, you know, just that this project that has just had massive impact on it. So, you know, where are with the community in Kubernetes today? >>So, uh, you know, 2020 has been a crazy year for a lot of folks. Um, a lot of what I've been spending my time on is, um, you know, taking feedback from people who, you know, in this time of, you know, change and concern and worry and huge shift to the cloud, um, working with them to make sure that we have a really good, um, you know, foundation in Kubernetes and that the ecosystem is healthy and the things are moving forward there. So there's a ton of exciting projects. I will say, you know, the, the pandemics had a, an impact on, um, you know, the community. And so in many places we've reacted by slowing down our schedules or focusing more on the things that people are really worried about, like quality and bugs and making sure that the stuff just works. Uh, I will say this year has been a really interesting one and open source. >>There's been much more focus, I think, on how we start to tie this stuff together. Um, and new use cases and new challenges coming into, um, what maybe, you know, the original Kubernetes was very focused on helping you bring stuff together, bring your applications together and giving you common abstractions for working with them. Um, we went through a phase where we made it easy to extend Kubernetes, which brought a whole bunch of new abstractions. And, and I think now we're starting to see the challenges and the needs of organizations and companies and individuals that are getting out of, um, not just in Kubernetes, but across multiple locations across placement edge has been huge in the last few years. And so the projects in and around Kubernetes are kind of reacting to that. They're starting to, um, bridge, um, many of these, um, you know, disparate locations, different clouds, multicloud hybrid cloud, um, connecting enterprises to data centers are connecting data centers to the cloud, helping workloads be a little bit more portable in of themselves, but helping workloads move. >>And then I think, you know, we're, we're really starting to ask those next big questions about what comes, what comes next for making applications really come alive in the cloud, um, where you're not as focused on the hardware. You're not focused on the details, which are focused on abstractions, like, um, you know, reliability and availability, not just in one cluster, but in multiple. So that's been a really exciting, uh, transition in many of the projects that I've been following. You know, certainly projects like Istio I've been dealing with, um, spanning clusters and connecting existing workloads in and, uh, you know, each step along the way, I see people sort of broaden their scope about what they want, uh, open source to help themselves. >>Yeah, I it's, it's, it's been fascinating to watch just the, the breadth of the projects that can tie in and leverage Kubernetes. Uh, you brought up edge computing and want to get into some of the future pieces, but before we do, you know, let's look at Kubernetes itself. Uh, one dot 19 is kind of where we are at. Uh, um, I already see some, some red stalking about one dot 20. Can you just talk about the, the, the base project itself contributions to it, how the upstream, uh, works and you know, how, how should customers think about, you know, their Kubernetes environment, obviously, you know, red hat with open shifts had a very strong position. You've got thousands of customers now using it, all of the cloud providers have their, uh, Kubernetes flavor, but also you partner with them. So walk us through a little bit about, you know, the open source, the project and those dynamics. >>The project is really healthy. I think we've got through a couple of big transitions over the last few years. We've moved from the original, um, you know, I was on the bootstrap steering committee trying to help the governance model. The full bootstrap committee committee has handed off responsibility to, um, new participants. There's been a lot of growth in the project governance and community governance. Um, I think there's huge credit to the folks on the steering committee today. Folks, part of contributor experience and standardizing and formalizing Kubernetes as its own thing. I think we've really moved into being a community managed project. Um, we've developed a lot of maturity around that and Kubernetes and the folks involved in helping Kubernetes be successful, have actually been able to help others within the CNCF ecosystem and other open source projects outside of CNCF be successful. So that angle is going phenomenally well. >>Uh, contribution is up. I think one of the tension points that we've talked about is, um, Kubernetes is maturing one 19, spent a lot of time on stability. And while there's definitely lots of interesting new things in a few areas like storage, and we have fee to an ingress fee too, coming up on the horizon dual stack, support's been hotly anticipated by a lot of on premise folks looking to make the transition to IPV six. I think we've been a little bit less focused on chasing features and more focused on just making sure that Kubernetes is maturing responsibly. Now that we have a really successful ecosystem of integrators and vendors and, um, you know, unification, the conformance efforts in Kubernetes. Um, there've been some great work. I happened to be involved in the, um, in the architecture conformance definition group, and there's been some amazing participation from, um, uh, from that group of people who've made real strides in growing the testing efforts so that, you know, not only can you look at, um, two different Kubernetes vendors, but you can compare them in meaningful ways. >>That's actually helped us with our test coverage and Kubernetes, there's been a lot of focus on, um, really spending time on making sure that upgrades work well, that we've reduced the flakiness of our test suites and that when a contributor comes into Kubernetes, they're not presented with a confusing, massive instructions, but they have a really clear path to make their first contribution and their next contribution. And then the one after that. So from a project maturity standpoint, I think 2020 has been a great great year for the project. And I want to see that continue. >>Yeah. One of the things we talked quite a bit about, uh, at both red hat summit, as well as, uh, the CubeCon cloud native con Europe, uh, was operators. And, you know, maybe I believe there was some updates also about how operators can work with Google cloud. So can you give us that update? >>Sure. There's been a lot of, um, there's been a lot of growth in both the client tooling and the libraries and the frameworks that make it easy to integrate with Kubernetes. Um, and those integrations are about patterns that, um, make operations teams more productive, but it takes time to develop the domain expertise in, uh, operationalizing large groups of software. So over the last year, um, know the controller runtime project, uh, which is an outgrowth of the Kubernetes Siggy lb machinery. So it's kind of a, an outshoot that's intended to standardize and make it easier to write integrations to Kubernetes that next step of, um, you know, going then pass that red hat's worked, uh, with, um, others in the community around, um, the operator SDK, uh, which unifying that project and trying to get it aligned with others in the ecosystem. Um, almost all of the cloud providers, um, have written operators. >>Google has been an early adopter of the controller and operator pattern, uh, and have continued to put time and effort into helping make the community be successful. And, um, we're really appreciative of everyone who's come together to take some of those ideas from Kubernetes to extend them into, um, whether it's running databases and service on top of Kubernetes or whether it's integrating directly with cloud. Um, most of that work or almost all of that work benefits everybody in the ecosystem. Um, I think there's some future work that we'd like to see around, um, you know, uh, folks, uh, from, um, a number of places have gone even further and tried to boil Kubernetes down into simpler mechanisms, um, that you can integrate with. So a little bit more of a, a beginner's approach or a simplification, a domain specific, uh, operator kind of idea that, um, actually really does accelerate people getting up to speed with, um, you know, building these sorts of integrations, but at the end of the day, um, one of the things that I really see is the increasing integration between the public clouds and their Kubernetes on top of those clouds through capabilities that make everybody better off. >>So whether you're using a managed service, um, you know, on a particular cloud or whether you're running, um, the elements of that managed open source software using an open source operator on top of Kubernetes, um, there's a lot of abstractions that are really productive for admins. You might use the managed service for your production instances, but you want to use, um, throw away, um, database instances for developers. Um, and there's a lot of experimentation going on. So it's almost, it's almost really difficult to say what the most interesting part is. Um, operators is really more of an enabling technology. I'm really excited to see that increasing glue that makes automation and makes, um, you know, dev ops teams, um, more productive just because they can rely increasingly on open source or managed services offerings from, you know, the large cloud providers to work well together. >>Yeah. You had mentioned that we're seeing all the other projects that are tying into Coobernetti's, we're seeing Kubernetes going into broader use cases, things like edge computing, what, from an architectural standpoint, you know, needs to be done to make sure that, uh, Kubernetes can be used, you know, meets the performance, the simplicity, um, in these various use cases. >>That's a, that's a good question. There's a lot of complexity in some areas of what you might do in a large application deployment that don't make sense in edge deployments, but you get advantages from having a reasonably consistent environment. I think one of the challenges everybody is going through is what is that reasonable consistency? What are the tools? You know, one of the challenges obviously is as we have more and more clusters, a lot of the approaches around edge involve, you know, whether it's a single cluster on a single machine and, um, you know, in a fairly beefy, but, uh, remote, uh, computer, uh, that you still need to keep in sync with your application deployment. Um, you might have a different life cycle for, uh, the types of hardware that you're rolling out, you know, whether it's regional or whether it's tied to, whether someone can go out to that particular site that you've been update the software. Sometimes it's connected, sometimes it isn't. So I think a need that is becoming really clear is there's a lot of abstractions missing above Coopernetties. Uh, and everyone's approaching this differently. We've got a get ops and centralized config management. Um, we have, uh, architectures where, you know, you, you boot up and you go check some remote cloud location for what you should be running. Um, I think there's some, some productive obstructions that are >>That, or haven't been, um, >>It haven't been explored sufficiently yet that over the next couple of years, how do you treat a whole bunch of clusters as a pool of compute where you're not really focused on the details of where a cluster is, or how can you define applications that can easily move from your data center out to the edge or back up to the cloud, but get those benefits of Kubernetes, all those places. And >>That >>This is for so early, that what I see in open source and what I see with people deploying this is everyone is approaching this subtly differently, but you can start to see some of those patterns emerge where, um, you need reproducible bundles of applications, things that help can do REL, or you can do with just very simply with Kubernetes. Um, not every edge location needs, um, uh, an ingress controller or a way to move traffic onto that cluster because their job is to generate traffic and send it somewhere else. But then that puts more pressure on, well, you need those where you're feeding that data to your API APIs, whether that's a cloud or something within your something within a private data center, you need, um, enough of commonalities across those clusters and across your applications that you could reason about what's going on. So >>There's a huge amount >>Out of a space here. And I don't think it's just going to be Kubernetes. In fact, I, I want to say, I think we're starting to move to that phase where Kubernetes is just part of the platform that people are building or need to build. And what can we do to build those tools that help you stitch together computer across a lot of footprints, um, parts of applications across a lot of footprints. And there's, there's a bunch of open source projects that are trying to drive to that today. Um, projects like I guess the O and K natives, um, with the work being done with the venting in K native, and obviously the venting is a hugely, um, you know, we talk about edge, we'd almost be remiss, not talk about moving data. And you talk about moving data. Well, you want streams of data and you want to be reacted to data with compute and K native and Istio are both great examples of technologies within the QB ecosystem that are starting to broaden, um, you know, outside of the, well, this is just about one cube cluster to, um, we really need to stitch together a mindset of development, even if we have a reasonably consistent Kubernetes across all those footprints. >>Yeah. Well, Clayton so important. There's so many technologies out there it's becoming about that technology. And it's just a given, it's an underlying piece of it. You know, we don't talk about the internet. We don't talk, you know, as much about Linux anymore. Cause it's just in the fabric of everything we do. And it sounds like we're saying that's where we're getting with Kubernetes. Uh, I'd love to pull on that thread. You mentioned that you're hearing some patterns starting to emerge out there. So when you're talking to enterprises, especially if you're talking 2020, uh, lots of companies, all of a sudden have to really accelerate, uh, you know, those transformational projects that they were doing so that they can move faster and keep up with the pace of change. Uh, so, you know, what should enterprise be, be working on? What feedback are you hearing from customers, but what are some of those themes that you can share and w what, what should everybody else be getting ready for that? >>The most common pattern I think, is that many people still find a need to build, uh, platforms or, um, standardization of how they do application development across fairly large footprints. Um, I think what they're missing, and this is what everyone's kind of building on their own today, that, um, is a real opportunity within the community is, uh, abstract abstractions around a location, not really about clusters or machines, but something broader than that, whether it's, um, folks who need to be resilient across clouds, and whether it's folks who are looking to bring together disparate footprints to accelerate their boot to the cloud, or to modernize their on premise stack. They're looking for abstractions that are, um, productive to say, I don't really want to worry too much about the details of clusters or machines or applications, but I'm talking about services and where they run and that I need to stitch those into. >>Um, I need to stitch those deeply into some environments, but not others. So that pattern, um, has been something that we've been exploring for a long time within the community. So the open service broker project, um, you know, has been a long running effort of trying to genericize one type of interface operators and some of the obstructions and Kubernetes for extending Kubernetes and new dimensions is another. What I'm seeing is that people are building layers on top through continuous deployment, continuous integration, building their own API is building their own services that really hide these details. I think there's a really rich opportunity within open to observe what's going on and to offer some supporting technologies that bridge clouds, bridge locations, what you deal with computed a little bit more of an abstract level, um, and really doubled down on making services run. Well, I think we're kind of ready to make the transition to say officially, it's not just about applications, which is what we've been saying for a long time. >>You know, I've got these applications and I'm moving them, but to flip it around and say, we want to be service focused and services, have a couple of characteristics, the details of where they run are more about the guarantees that you're providing for your customers. Um, we lack a lot of open source tools that make it easier to build and run services, not just to consume as dependencies or run open source software, but what are the things that make our applications more resilient in and of themselves? I think Kubernetes was a good start. Um, I really see organizations struggling with that today. You're going to have multiple locations. You're going to have, um, the need to dramatically move workloads. What are the tools that the whole ecosystem, the open source ecosystem, um, can collaborate on and help accelerate that transition? >>Well, Clayton, you teed up on my last thing. I want to ask you, you know, we're, we're here at the Google cloud show and when you talk about ecosystem, you talk about community, you know, Google and red hat, both very active participants in this community. So, you know, you, you peer you collaborate with a lot of people from Google I'm sure. So give our audience a little bit of insight as to, you know, Google's participation. What, what you've been seeing from them the last couple of years at Google has been a great partner, >>Crazy ecosystem for red hat. Um, we worked really closely with them on Istio and K native and a number of other projects. Um, I, you know, as always, um, I'm continually impressed by the ability of the folks that I've worked with from Google to really take a community focus and to concentrate on actually solving use cases. I think the, you know, there's always the desire to create drama around technology or strategy or business and open source. You know, we're all coming together to work on common goals. I really want to, um, you know, thank the folks that I've worked with at Google over the years. Who've been key participants. They've believed very strongly in enabling users. Um, you know, regardless of, um, you know, business or technology, it's about making sure that we're improving software for everyone. And one of the beauties of working on an open source project like Kubernetes is everyone can get some benefit out of it. And those are really, um, you know, the sum of all of the individual contributions is much larger than what the simple math would apply. And I think that's, um, you know, Kubernetes has been a huge success. I want to see more successes like that. Um, you know, working with Google and others in the open source ecosystem around infrastructure as a service and, you know, this broadening >>Domain of places where we can collaborate to make it easier for developers and operations teams and dev ops and sec ops to just get their jobs done. Um, you know, there's a lot more to do and I think open source is the best way to do that. All right. Well, Clayton Coleman, thank you so much for the update. It's really great to catch up. It was a pleasure. All right. Stay tuned for lots more coverage. The Google cloud next 2020 virtually I'm Stu Miniman. Thank you for watching the cube.

>>Live from Barcelona, Spain, execute covering CubeCon cloud native con Europe, 2019 onto you by red hat, the cloud native computing foundation and ecosystem partners. >>Welcome back. We're here in Barcelona, Spain where 7,700 attendees are here for Q con cloud native con. I'm Stu Miniman and this is the cubes live two day coverage having to have on the program to returning guests to talk about five years of Kubernetes. To my right is Tim Hawkin wearing the Barna contributors shirt. Uh, and uh, sitting to his right is gay Bon Roy. So, uh, I didn't introduce their titles and companies, but you know, so Tim's and Google gives it Microsoft, uh, but you know, heavily involvement in uh, you know, Coobernetti's since the very early days. I mean, you know, Tim, you're, you're on the Wikipedia page game, you know, I think we have to do some re editing to make sure we get the community expanded in some of the major contributors and get you on there. But gentlemen, thanks so much for joining us. Thanks for having us. >>Alright. Uh, so, you know, Tim just spoke to Joe Beda and we talked about, you know, the, the, the idea of, you know, Craig and Brendan and him sitting in the room and, you know, open source and, you know, really bringing this out there to community. But let's start with you. Cause he, you know, uh, I remember back many times in my career like, Oh, I read this phenomenal paper about Google. You know, we're going to spend the next decade, you know, figuring out the ripple effect of this technology. Um, you know, Coobernetti's has in five years had a major impact on, on what we're doing. Uh, it gives a little bit of your insight is to, you know, what you've seen from those early days, you know. >>Yeah. You know, um, in the early days we had the same conversations we produced. These papers are, you know, seminal in the industry. Um, and then we sort of don't follow up on them sometimes as Google. Um, we didn't want this to be that, right. We wanted this to be alive living thing with a real community. Uh, that took root in a different way than MapReduce, Hadoop sort of situation. Um, so that was very much front of mind as we work through what are we going to build, how are we going to build and how are we going to manage it? How are we going to build a community? How, how do you get people involved? How do you find folks like Gaiman and Deus and get them to say we're in, we want to be a part of this. >>All right, so Gabe, it was actually Joe corrected me when I said, well, Google started it and they pulled in some other like-minded vendors. Like he said, no, no stew. We didn't pull vendors in. We pulled in people and people that believed in the project and the vision, you were one of those people that got pulled in early. He were, you know, so help give us a little context in your, your viewpoint. I did. And, and, and you know, at the time I was working for a company, uh, called, uh, that I had started and we were out there trying to make developers more productive in industry using modern technology like containers. And you know, it was through the process of trying to solve problems for customers, sort of the lens that I was bringing, uh, to this where, um, I was introduced to some really novel technology approaches first through Docker. >>Uh, and you know, I was close with Solomon hikes, the, the founder over there. Uh, and then, you know, started to work closely with folks at Google, uh, namely Brendon burns, who I now work with at Microsoft. Um, you know, part of the, the founding Kubernetes team. Uh, and I, I agree with that statement that it is really about people. It's really about individual connections at the end of the day. Um, I think we do these things that at these coupons, uh, events called the contributor summits. And it's very interesting because when folks land at one of these summits, it's not about who you work for, what Jersey you're wearing, that sort of thing. It's people talking to people, trying to solve technical problems, trying to solve organizational challenges. Uh, and I think, you know, the, the phenomenon that's happened there and the scale with which that's happened is part of the reason why there's 8,000 people here in Barcelona today. >>Yeah. It's interesting to him cause you know, I used to be involved in some standards work and I've been, you know, working with the open source community for about 20 years. It used to be ah, you know, it was the side project that people did at nights and everything like that. Today a lot of the people that are contributing, well they do have a full time job and their job will either let them or asking them to do that. So I do talk to people here that when they're involved in the working groups, when they're doing these things, yes. You think about who their paycheck comes for, but that's secondary to what they're doing as part of the community. And it is, you know, some of the people what, what >>absolutely. It's part of the ethos of the project that the project comes first and if company comes second or maybe even third. Uh, and for the most part, this has been wildly successful. Uh, there's this huge base of trust among, uh, among the leadership and among the contributors. Um, and you know, it's, it's a big enough project now that I don't know every one of the contributors, but we have this web of trust. And, you know, I, I have this, this army of people that I know and I trust very well and they know people and they know people and it works out that the project has been wildly successful and we've never yet had a major conflict or strife that centered on company this or company that. >>Yeah. And I don't, I'd also add that it's an important development has happened in the wake of Kubernetes where, you know, for example, in my teams at Microsoft, I actually have dedicated PM and engineering staff where their only job is to focus on community engagements, right? Running the release team for communities one 15 or working on IPV six support or windows container support. Uh, and, and that work, that upstream work, uh, puts folks in contact with people from all different companies, Google, uh, uh, you know, Microsoft working closely together on countless initiatives. Uh, and the same is true really for the entire community. So I think it's really great to see that you can get not just sort of the interpersonal interactions. We can also get sort of corporate sponsorship of that model. Cause I do think at the end of the day people need to get their paychecks. Uh, and oftentimes that's going to come from a big company. Uh, and, and seeing that level of investment is, I think, uh, pretty encouraging. Okay. Well, you know, luckily five years in we've solved all the problems and everything works perfectly. Um, if that's not maybe the case, where do we need people involved? What things should we be looking at? Kind of the, the, the next year or two in this space, you know, a project >>of this size, a community of this size, a system of this scope has infinite work to do, right? The, the, the barrel is never going to be empty. Um, and in some cases it's filling faster than it's draining. Um, every special interest group, every SIG, it has a backlog of issues of things that they would like to see fixed of features that they have some user pounding the table saying, I need this thing to work. Uh, IPV six is a great example, right? And, and we have people now stepping up to take on these big issues because they have customers who need it or they see it as important foundational work for building future stuff. Um, so, you know, there's, there's no shortage of work to do. That's not just engineering work though, right? It's not just product definition or API. We have a, what we call a contributor experience. People who work with our community to entre online, uh, new contributors and um, and, and streamline how to get them in and involved in documentation and testing and release engineering. And there's so much sort of non-core work. Uh, I could go on on this for. >>Yeah, you're just reminding me of the session this morning is I don't manage clusters. I manage fleets. And you have the same challenge with the people. Yeah. And I also had another dimension to this about just the breadth of contribution. We were just talking before the show that, um, you know, outside at the logo there is this, uh, you know, characters, book characters, and such. And really that came from a children's book that was created to demonstrate core concepts, uh, to developers who were new to Kubernetes. And it ended up taking off and it was eventually donated to the CNCF. Um, but things like that, you can't underestimate the importance and impact that that can have on making sure that Kubernetes is accessible to a really broad audience. Okay. Uh, yeah, look, I want to give you both a, just the, the, the final word as to w what you shout out, you one for the community and uh, yeah. And any special things that have surprised you or exciting you? Uh, you know, here in 2019, >>uh, you know, exciting is being here. If you rewind five years and tell me I'm going to in Barcelona with with 7,500 of my best friends, uh, I would think you are crazy or are from Mars. Um, this is amazing. And uh, I thank everybody who's here, who's made this thing possible. We have a ton of work to do. Uh, and if you feel like you can't figure out what you need to work on, come talk to me and we'll, we'll figure it out. >>Yeah. And for me, I just want to give a big thank you to all the maintainers folks like Tim, but also, you know, some other folks who, you know, may, you may not know their name but they're the ones slogging it out and to get hub PRQ you know, trying to just make the project work and function day to day and were it not for their ongoing efforts, we wouldn't have any of this. So thank you to that. Well and look, thank you. Of course, to the community and thank you both for sharing with our community. We're always happy to be a small piece of a, you know, helping to spread the word and uh, give some voice to everything that's going on here. Thank you so much. All right, so we will be back with more coverage here from coupon cloud native con 2019 on Stu Miniman and thank you for watching the cube.