>> Thank you, everyone for joining. I'm here today to talk about ingress controllers, API gateways, and service mesh on Kubernetes, three very hot topics that are also frequently confusing. So I'm Richard Li, founder/CEO of Ambassador Labs, formerly known as Datawire. We sponsor a number of popular open source projects that are part of the Cloud Native Computing Foundation, including Telepresence and Ambassador, which is a Kubernetes native API gateway. And most of what I'm going to talk about today is related to our work around Ambassador. So I want to start by talking about application architecture and workflow on Kubernetes and how applications that are being built on Kubernetes really differ from how they used to be built. So when you're building applications on Kubernetes, the traditional architecture is the very famous monolith. And the monolith is a central piece of software. It's one giant thing that you build deploy, run. And the value of a monolith is it's really simple. And if you think about the monolithic development process, more importantly is that architecture is really reflected in that workflow. So with a monolith, you have a very centralized development process. You tend not to release too frequently because you have all these different development teams that are working on different features, and then you decide in advance when you're going to release that particular piece of software and everyone works towards that release train. And you have specialized teams. You have a development team, which has all your developers. You have a QA team, you have a release team, you have an operations team. So that's your typical development organization and workflow with a monolithic application. As organizations shift to microservices, they adopt a very different development paradigm. It's a decentralized development paradigm where you have lots of different independent teams that are simultaneously working on different parts of this application, and those application components are really shipped as independent services. And so you really have a continuous release cycle because instead of synchronizing all your teams around one particular vehicle, you have so many different release vehicles that each team is able to ship as soon as they're ready. And so we call this full cycle development because that team is really responsible not just for the coding of that microservice, but also the testing and the release and operations of that service. So this is a huge change, particularly with workflow, and there's a lot of implications for this. So I have a diagram here that just tries to visualize a little bit more the difference in organization. With the monolith, you have everyone who works on this monolith. With microservices, you have the yellow folks work on the yellow microservice and the purple folks work on the purple microservice and maybe just one person work on the orange microservice and so forth. So there's a lot more diversity around your teams and your microservices, and it lets you really adjust the granularity of your development to your specific business needs. So how do users actually access your microservices? Well, with a monolith, it's pretty straightforward. You have one big thing, so you just tell the internet, well, I have this one big thing on the internet. Make sure you send all your traffic to the big thing. But when you have microservices and you have a bunch of different microservices, how do users actually access these microservices? So the solution is an API gateway. So the API gateway consolidates all access to your microservices. So requests come from the internet. They go to your API gateway. The API gateway looks at these requests, and based on the nature of these requests, it routes them to the appropriate microservice. And because the API gateway is centralizing access to all of the microservices, it also really helps you simplify authentication, observability, routing, all these different cross-cutting concerns, because instead of implementing authentication in each of your microservices, which would be a maintenance nightmare and a security nightmare, you've put all of your authentication in your API gateway. So if you look at this world of microservices, API gateways are a really important part of your infrastructure which are really necessary, and pre-microservices, pre-Kubernetes, an API gateway, while valuable, was much more optional. So that's one of the really big things around recognizing with the microservices architecture, you really need to start thinking much more about an API gateway. The other consideration with an API gateway is around your management workflow, because as I mentioned, each team is actually responsible for their own microservice, which also means each team needs to be able to independently manage the gateway. So Team A working on that microservice needs to be able to tell the API gateway, this is how I want you to route requests to my microservice, and the purple team needs to be able to say something different for how purple requests get routed to the purple microservice. So that's also a really important consideration as you think about API gateways and how it fits in your architecture, because it's not just about your architecture, it's also about your workflow. So let me talk about API gateways on Kubernetes. I'm going to start by talking about ingress. So ingress is the process of getting traffic from the internet to services inside the cluster. Kubernetes, from an architectural perspective, it actually has a requirement that all the different pods in a Kubernetes cluster needs to communicate with each other. And as a consequence, what Kubernetes does is it creates its own private network space for all these pods, and each pod gets its own IP address. So this makes things very, very simple for interpod communication. Kubernetes, on the other hand, does not say very much around how traffic should actually get into the cluster. So there's a lot of detail around how traffic actually, once it's in the cluster, how you route it around the cluster, and it's very opinionated about how this works, but getting traffic into the cluster, there's a lot of different options and there's multiple strategies. There's Pod IP, there's Ingress, there's LoadBalancer resources, there's NodePort. I'm not going to go into exhaustive detail on all these different options, and I'm going to just talk about the most common approach that most organizations take today. So the most common strategy for routing is coupling an external load balancer with an ingress controller. And so an external load balancer can be a hardware load balancer. It can be a virtual machine. It can be a cloud load balancer. But the key requirement for an external load balancer is to be able to attach a stable IP address so that you can actually map a domain name and DNS to that particular external load balancer, and that external load balancer usually, but not always, will then route traffic and pass that traffic straight through to your ingress controller. And then your ingress controller takes that traffic and then routes it internally inside Kubernetes to the various pods that are running your microservices. There are other approaches, but this is the most common approach. And the reason for this is that the alternative approaches really require each of your microservices to be exposed outside of the cluster, which causes a lot of challenges around management and deployment and maintenance that you generally want to avoid. So I've been talking about an ingress controller. What exactly is an ingress controller? So an ingress controller is an application that can process rules according to the Kubernetes ingress specification. Strangely, Kubernetes is not actually shipped with a built-in ingress controller. I say strangely because you think, well, getting traffic into a cluster is probably a pretty common requirement, and it is. It turns out that this is complex enough that there's no one size fits all ingress controller. And so there is a set of ingress rules that are part of the Kubernetes ingress specification that specify how traffic gets routed into the cluster, and then you need a proxy that can actually route this traffic to these different pods. And so an ingress controller really translates between the Kubernetes configuration and the proxy configuration, and common proxies for ingress controllers include HAProxy, Envoy Proxy, or NGINX. So let me talk a little bit more about these common proxies. So all these proxies, and there are many other proxies. I'm just highlighting what I consider to be probably the three most well-established proxies, HAProxy, NGINX, and Envoy Proxy. So HAProxy is managed by HAProxy Technologies. Started in 2001. The HAProxy organization actually creates an ingress controller. And before they created an ingress controller, there was an open source project called Voyager which built an ingress controller on HAProxy. NGINX, managed by NGINX, Inc., subsequently acquired by F5. Also open source. Started a little bit later, the proxy, in 2004. And there's the Nginx-ingress, which is a community project. That's the most popular. As well as the Nginx, Inc. kubernetes-ingress project, which is maintained by the company. This is a common source of confusion because sometimes people will think that they're using the NGINX ingress controller, and it's not clear if they're using this commercially supported version or this open source version. And they actually, although they have very similar names, they actually have different functionality. Finally, Envoy Proxy, the newest entrant to the proxy market, originally developed by engineers at Lyft, the ride sharing company. They subsequently donated it to the Cloud Native Computing Foundation. Envoy has become probably the most popular cloud native proxy. It's used by Ambassador, the API gateway. It's used in the Istio service mesh. It's used in the VMware Contour. It's been used by Amazon in App Mesh. It's probably the most common proxy in the cloud native world. So as I mentioned, there's a lot of different options for ingress controllers. The most common is the NGINX ingress controller, not the one maintained by NGINX, Inc., but the one that's part of the Kubernetes project. Ambassador is the most popular Envoy-based option. Another common option is the Istio Gateway, which is directly integrated with the Istio mesh, and that's actually part of Docker Enterprise. So with all these choices around ingress controller, how do you actually decide? Well, the reality is the ingress specification's very limited. And the reason for this is that getting traffic into a cluster, there's a lot of nuance into how you want to do that, and it turns out it's very challenging to create a generic one size fits all specification because of the vast diversity of implementations and choices that are available to end users. And so you don't see ingress specifying anything around resilience. So if you want to specify a timeout or rate-limiting, it's not possible. Ingress is really limited to support for HTTP. So if you're using gRPC or web sockets, you can't use the ingress specification. Different ways of routing, authentication. The list goes on and on. And so what happens is that different ingress controllers extend the core ingress specification to support these use cases in different ways. So NGINX ingress, they actually use a combination of config maps and the ingress resources plus custom annotations that extend the ingress to really let you configure a lot of the additional extensions that is exposed in the NGINX ingress. With Ambassador, we actually use custom resource definitions, different CRDs that extend Kubernetes itself to configure Ambassador. And one of the benefits of the CRD approach is that we can create a standard schema that's actually validated by Kubernetes. So when you do a kub control apply of an Ambassador CRD, kub control can immediately validate and tell you if you're actually applying a valid schema and format for your Ambassador configuration. And as I previously mentioned, Ambassador's built on Envoy Proxy, Istio Gateway also uses CRDs. They can be used in extension of the service mesh CRDs as opposed to dedicated gateway CRDs. And again, Istio Gateway is built on Envoy Proxy. So I've been talking a lot about ingress controllers, but the title of my talk was really about API gateways and ingress controllers and service mesh. So what's the difference between an ingress controller and an API gateway? So to recap, an ingress controller processes Kubernetes ingress routing rules. An API gateway is a central point for managing all your traffic to Kubernetes services. It typically has additional functionality such as authentication, observability, a developer portal, and so forth. So what you find is that not all API gateways are ingress controllers because some API gateways don't support Kubernetes at all. So you can't, they can't be ingress controllers. And not all ingress controllers support the functionality such as authentication, observability, developer portal, that you would typically associate with an API gateway. So generally speaking, API gateways that run on Kubernetes should be considered a superset of an ingress controller. But if the API gateway doesn't run on Kubernetes, then it's an API gateway and not an ingress controller. So what's the difference between a service mesh and an API gateway? So an API gateway is really focused on traffic into and out of a cluster. So the colloquial term for this is North/South traffic. A service mesh is focused on traffic between services in a cluster, East/West traffic. All service meshes need an API gateway. So Istio includes a basic ingress or API gateway called the Istio Gateway, because a service mesh needs traffic from the internet to be routed into the mesh before it can actually do anything. Envoy Proxy, as I mentioned, is the most common proxy for both mesh and gateways. Docker Enterprise provides an Envoy-based solution out of the box, Istio Gateway. The reason Docker does this is because, as I mentioned, Kubernetes doesn't come package with an ingress. It makes sense for Docker Enterprise to provide something that's easy to get going, no extra steps required, because with Docker enterprise, you can deploy it and get going, get it exposed on the internet without any additional software. Docker Enterprise can also be easily upgraded to Ambassador because they're both built on Envoy. It ensures consistent routing semantics. And also with Ambassador, you get greater security for single sign-on. There's a lot of security by default that's configured directly into Ambassador. Better control over TLS, things like that. And then finally, there's commercial support that's actually available for Ambassador. Istio is an open source project that has a very broad community, but no commercial support options. So to recap, ingress controllers and API gateways are critical pieces of your cloud native stack. So make sure that you choose something that works well for you. And I think a lot of times organizations don't think critically enough about the API gateway until they're much further down the Kubernetes journey. Considerations around how to choose that API gateway include functionality such as how does it do with traffic management and observability? Does it support the protocols that you need? Also nonfunctional requirements such as does it integrate with your workflow? Do you offer commercial support? Can you get commercial support for this? An API gateway is focused on North/South traffic, so traffic into and out of your Kubernetes cluster. A service mesh is focused on East/West traffic, so traffic between different services inside the same cluster. Docker Enterprise includes Istio Gateway out of the box. Easy to use, but can also be extended with Ambassador for enhanced functionality and security. So thank you for your time. Hope this was helpful in understanding the difference between API gateways, ingress controllers, and service meshes, and how you should be thinking about that on your Kubernetes deployment.

>>thank you everyone for joining. I'm here today to talk about English controllers. AP Gateways and service mention communities three very hot topics that are also frequently confusing. So I'm Richard Lee, founder CEO of Ambassador Labs, formerly known as Data Wire. We sponsor a number of popular open source projects that are part of the Cloud Native Computing Foundation, including telepresence and Ambassador, which is a kubernetes native AP gateway. And most of what I'm going to talk about today is related to our work around ambassador. Uh huh. So I want to start by talking about application architecture, er and workflow on kubernetes and how applications that are being built on kubernetes really differ from how they used to be built. So when you're building applications on kubernetes, the traditional architectures is the very famous monolith, and the monolith is a central piece of software. It's one giant thing that you build, deployed run, and the value of a monolith is it's really simple. And if you think about the monolithic development process, more importantly, is the architecture er is really reflecting that workflow. So with the monolith, you have a very centralized development process. You tend not to release too frequently because you have all these different development teams that are working on different features, and then you decide in advance when you're going to release that particular pieces offering. Everyone works towards that release train, and you have specialized teams. You have a development team which has all your developers. You have a Q A team. You have a release team, you have an operations team, so that's your typical development organization and workflow with a monolithic application. As organization shift to micro >>services, they adopt a very different development paradigm. It's a decentralized development paradigm where you have lots of different independent teams that are simultaneously working on different parts of the application, and those application components are really shipped as independent services. And so you really have a continuous release cycle because instead of synchronizing all your teams around one particular vehicle, you have so many different release vehicles that each team is able to ship a soon as they're ready. And so we call this full cycle development because that team is >>really responsible, not just for the coding of that micro service, but also the testing and the release and operations of that service. Um, >>so this is a huge change, particularly with workflow. And there's a lot of implications for this, s o. I have a diagram here that just try to visualize a little bit more the difference in organization >>with the monolith. You have everyone who works on this monolith with micro services. You have the yellow folks work on the Yellow Micro Service, and the purple folks work on the Purple Micro Service and maybe just one person work on the Orange Micro Service and so forth. >>So there's a lot more diversity around your teams and your micro services, and it lets you really adjust the granularity of your development to your specific business need. So how do users actually access your micro services? Well, with the monolith, it's pretty straightforward. You have one big thing. So you just tell the Internet while I have this one big thing on the Internet, make sure you send all your travel to the big thing. But when you have micro services and you have a bunch of different micro services, how do users actually access these micro services? So the solution is an AP gateway, so the gateway consolidates all access to your micro services, so requests come from the Internet. They go to your AP gateway. The AP Gateway looks at these requests, and based on the nature of these requests, it routes them to the appropriate micro service. And because the AP gateway is centralizing thing access to all the micro services, it also really helps you simplify authentication, observe ability, routing all these different crosscutting concerns. Because instead of implementing authentication in each >>of your micro services, which would be a maintenance nightmare and a security nightmare, you put all your authentication in your AP gateway. So if you look at this world of micro services, AP gateways are really important part of your infrastructure, which are really necessary and pre micro services. Pre kubernetes Unhappy Gateway Well valuable was much more optional. So that's one of the really big things around. Recognizing with the micro services architecture er, you >>really need to start thinking much more about maybe a gateway. The other consideration within a P A gateway is around your management workflow because, as I mentioned, each team is actually response for their own micro service, which also means each team needs to be able to independently manage the gateway. So Team A working on that micro service needs to be able to tell the AP at Gateway. This this is >>how I want you to write. Request to my micro service, and the Purple team needs to be able to say something different for how purple requests get right into the Purple Micro Service. So that's also really important consideration as you think about AP gateways and how it fits in your architecture. Because it's not just about your architecture. It's also about your workflow. So let me talk about a PR gateways on kubernetes. I'm going to start by talking about ingress. So ingress is the process of getting traffic from the Internet to services inside the cluster kubernetes. From an architectural perspective, it actually has a requirement that all the different pods in a kubernetes cluster needs to communicate with each other. And as a consequence, what Kubernetes does is it creates its own private network space for all these pods, and each pod gets its own I p address. So this makes things very, very simple for inter pod communication. Cooper in any is, on the other hand, does not say very much around how traffic should actually get into the cluster. So there's a lot of detail around how traffic actually, once it's in the cluster, how you routed around the cluster and it's very opinionated about how this works but getting traffic into the cluster. There's a lot of different options on there's multiple strategies pot i p. There's ingress. There's low bounce of resource is there's no port. >>I'm not gonna go into exhaustive detail on all these different options on. I'm going to just talk about the most common approach that most organizations take today. So the most common strategy for routing is coupling an external load balancer with an ingress controller. And so an external load balancer can be >>ah, Harvard load balancer. It could be a virtual machine. It could be a cloud load balancer. But the key requirement for an external load balancer >>is to be able to attack to stable I people he address so that you can actually map a domain name and DNS to that particular external load balancer and that external load balancer, usually but not always well, then route traffic and pass that traffic straight through to your ingress controller, and then your English controller takes that traffic and then routes it internally inside >>kubernetes to the various pods that are running your micro services. There are >>other approaches, but this is the most common approach. And the reason for this is that the alternative approaches really required each of your micro services to be exposed outside of the cluster, which causes a lot of challenges around management and deployment and maintenance that you generally want to avoid. So I've been talking about in English controller. What exactly is an English controller? So in English controller is an application that can process rules according to the kubernetes English specifications. Strangely, Kubernetes is not actually ship with a built in English controller. Um, I say strangely because you think, well, getting traffic into a cluster is probably a pretty common requirement. And it is. It turns out that this is complex enough that there's no one size fits all English controller. And so there is a set of ingress >>rules that are part of the kubernetes English specifications at specified how traffic gets route into the cluster >>and then you need a proxy that can actually route this traffic to these different pods. And so an increase controller really translates between the kubernetes configuration and the >>proxy configuration and common proxies for ingress. Controllers include H a proxy envoy Proxy or Engine X. So >>let me talk a little bit more about these common proxies. So all these proxies and there >>are many other proxies I'm just highlighting what I consider to be probably the most three most well established proxies. Uh, h a proxy, uh, Engine X and envoy proxies. So H a proxy is managed by a plastic technology start in 2000 and one, um, the H a proxy organization actually creates an ingress controller. And before they kept created ingress controller, there was an open source project called Voyager, which built in ingress Controller on >>H a proxy engine X managed by engine. Xing, subsequently acquired by F five Also open source started a little bit later. The proxy in 2004. And there's the engine Xing breast, which is a community project. Um, that's the most popular a zwelling the engine Next Inc Kubernetes English project which is maintained by the company. This is a common source of confusion because sometimes people will think that they're using the ingress engine X ingress controller, and it's not clear if they're using this commercially supported version or the open source version, and they actually, although they have very similar names, uh, they actually have different functionality. Finally. Envoy Proxy, the newest entrant to the proxy market originally developed by engineers that lift the ride sharing company. They subsequently donated it to the cloud. Native Computing Foundation Envoy has become probably the most popular cloud native proxy. It's used by Ambassador uh, the A P a. Gateway. It's using the SDO service mash. It's using VM Ware Contour. It's been used by Amazon and at mesh. It's probably the most common proxy in the cloud native world. So, as I mentioned, there's a lot of different options for ingress. Controller is the most common. Is the engine X ingress controller, not the one maintained by Engine X Inc but the one that's part of the Cooper Nannies project? Um, ambassador is the most popular envoy based option. Another common option is the SDO Gateway, which is directly integrated with the SDO mesh, and that's >>actually part of Dr Enterprise. So with all these choices around English controller. How do you actually decide? Well, the reality is the ingress specifications very limited. >>And the reason for this is that getting traffic into the cluster there's a lot of nuance into how you want to do that. And it turns out it's very challenging to create a generic one size fits all specifications because of the vast diversity of implementations and choices that are available to end users. And so you don't see English specifying anything around resilience. So if >>you want to specify a time out or rate limiting, it's not possible in dresses really limited to support for http. So if you're using GSPC or Web sockets, you can't use the ingress specifications, um, different ways of routing >>authentication. The list goes on and on. And so what happens is that different English controllers extend the core ingress specifications to support these use cases in different ways. Yeah, so engine X ingress they actually use a combination of config maps and the English Resource is plus custom annotations that extend the ingress to really let you configure a lot of additional extensions. Um, that is exposing the engineers ingress with Ambassador. We actually use custom resource definitions different CRTs that extend kubernetes itself to configure ambassador. And one of the benefits of the CRD approach is that we can create a standard schema that's actually validated by kubernetes. So when you do a coup control apply of an ambassador CRD coop Control can immediately validate and tell >>you if you're actually applying a valid schema in format for your ambassador configuration on As I previously mentioned, ambassadors built on envoy proxy, >>it's the Gateway also uses C R D s they can to use a necks tension of the service match CRD s as opposed to dedicated Gateway C R D s on again sdo Gateway is built on envoy privacy. So I've been talking a lot about English controllers. But the title of my talk was really about AP gateways and English controllers and service smashed. So what's the difference between an English controller and an AP gateway? So to recap, an immigrant controller processes kubernetes English routing rules and a P I. G. Wave is a central point for managing all your traffic to community services. It typically has additional functionality such as authentication, observe, ability, a >>developer portal and so forth. So what you find Is that not all Ap gateways or English controllers? Because some MP gateways don't support kubernetes at all. S o eso you can't make the can't be ingress controllers and not all ingrates. Controllers support the functionality such as authentication, observe, ability, developer portal >>that you would typically associate with an AP gateway. So, generally speaking, um, AP gateways that run on kubernetes should be considered a super set oven ingress controller. But if the A p a gateway doesn't run on kubernetes, then it's an AP gateway and not an increase controller. Yeah, so what's the difference between a service Machin and AP Gateway? So an AP gateway is really >>focused on traffic into and out of a cluster, so the political term for this is North South traffic. A service mesh is focused on traffic between services in a cluster East West traffic. All service meshes need >>an AP gateway, so it's Theo includes a basic ingress or a P a gateway called the SDO gateway, because a service mention needs traffic from the Internet to be routed into the mesh >>before it can actually do anything Omelet. Proxy, as I mentioned, is the most common proxy for both mesh and gateways. Dr. Enterprise provides an envoy based solution out of the box. >>Uh, SDO Gateway. The reason Dr does this is because, as I mentioned, kubernetes doesn't come package with an ingress. Uh, it makes sense for Dr Enterprise to provide something that's easy to get going. No extra steps required because with Dr Enterprise, you can deploy it and get going. Get exposed on the Internet without any additional software. Dr. Enterprise can also be easily upgraded to ambassador because they're both built on envoy and interest. Consistent routing. Semantics. It also with Ambassador. You get >>greater security for for single sign on. There's a lot of security by default that's configured directly into Ambassador Better control over TLS. Things like that. Um And then finally, there's commercial support that's actually available for Ambassador. SDO is an open source project that has a has a very broad community but no commercial support options. So to recap, ingress controllers and AP gateways are critical pieces of your cloud native stack. So make sure that you choose something that works well for you. >>And I think a lot of times organizations don't think critically enough about the AP gateway until they're much further down the Cuban and a journey. Considerations around how to choose that a p a gateway include functionality such as How does it do with traffic management and >>observe ability? Doesn't support the protocols that you need also nonfunctional requirements such as Does it integrate with your workflow? Do you offer commercial support? Can you get commercial support for this on a P? A. Gateway is focused on north south traffic, so traffic into and out of your kubernetes cluster. A service match is focused on East West traffic, so traffic between different services inside the same cluster. Dr. Enterprise includes SDO Gateway out of the box easy to use but can also be extended with ambassador for enhanced functionality and security. So thank you for your time. Hope this was helpful in understanding the difference between a P gateways, English controllers and service meshes and how you should be thinking about that on your kubernetes deployment

(Upbeat music playing) >> Hey everyone, thanks for joining us today. Welcome to this event of Building your Cloud Center of Excellence with Hitachi Vantara. I'm your host, Lisa Martin. I've got a couple of guests here with me next to talk about redefining cloud operations and application modernization for customers. Please welcome Prem Balasubramanian the SVP and CTO at Hitachi Vantara, and Manoj Narayanan is here as well, the Managing Director of Technology at GTCR. Guys, thank you so much for joining me today. Excited to have this conversation about redefining CloudOps with you. >> Pleasure to be here. >> Pleasure to be here >> Prem, let's go ahead and start with you. You have done well over a thousand cloud engagements in your career. I'd love to get your point of view on how the complexity around cloud operations and management has evolved in the last, say, three to four years. >> It's a great question, Lisa before we understand the complexity around the management itself, the cloud has evolved over the last decade significantly from being a backend infrastructure or infrastructure as a service for many companies to become the business for many companies. If you think about a lot of these cloud bond companies cloud is where their entire workload and their business wants. With that, as a background for this conversation if you think about the cloud operations, there was a lot of there was a lot of lift and shift happening in the market where people lifted their workloads or applications and moved them onto the cloud where they treated cloud significantly as an infrastructure. And the way they started to manage it was again, the same format they were managing there on-prem infrastructure and they call it I&O, Infrastructure and Operations. That's kind of the way traditionally cloud is managed. In the last few years, we are seeing a significant shift around thinking of cloud more as a workload rather than as just an infrastructure. And what I mean by workload is in the cloud, everything is now code. So you are codifying your infrastructure. Your application is already code and your data is also codified as data services. With now that context apply the way you think about managing the cloud has to significantly change and many companies are moving towards trying to change their models to look at this complex environment as opposed to treating it like a simple infrastructure that is sitting somewhere else. So that's one of the biggest changes and shifts that are causing a lot of complexity and headache for actually a lot of customers for managing environments. The second critical aspect is even that, even exasperates the situation is multicloud environments. Now, there are companies that have got it right with things about right cloud for the right workload. So there are companies that I reach out and I talk with. They've got their office applications and emails and stuff running on Microsoft 365 which can be on the Azure cloud whereas they're running their engineering applications the ones that they build and leverage for their end customers on Amazon. And to some extent they've got it right but still they have a multiple cloud that they have to go after and maintain. This becomes complex when you have two clouds for the same type of workload. When I have to host applications for my end customers on Amazon as well as Azure, Azure as well as Google then, I get into security issues that I have to be consistent across all three. I get into talent because I need to have people that focus on Amazon as well as Azure, as well as Google which means I need so much more workforce, I need so many so much more skills that I need to build, right? That's becoming the second issue. The third one is around data costs. Can I make these clouds talk to each other? Then you get into the ingress egress cost and that creates some complexity. So bringing all of this together and managing is really become becoming more complex for our customers. And obviously as a part of this we will talk about some of the, some of the ideas that we can bring for in managing such complex environments but this is what we are seeing in terms of why the complexity has become a lot more in the last few years. >> Right. A lot of complexity in the last few years. Manoj, let's bring you into the conversation now. Before we dig into your cloud environment give the audience a little bit of an overview of GTCR. What kind of company are you? What do you guys do? >> Definitely Lisa. GTCR is a Chicago based private equity firm. We've been in the market for more than 40 years and what we do is we invest in companies across different sectors and then we manage the company drive it to increase the value and then over a period of time, sell it to future buyers. So in a nutshell, we got a large portfolio of companies that we need to manage and make sure that they perform to expectations. And my role within GTCR is from a technology viewpoint so where I work with all the companies their technology leadership to make sure that we are getting the best out of technology and technology today drives everything. So how can technology be a good compliment to the business itself? So, my role is to play that intermediary role to make sure that there is synergy between the investment thesis and the technology lures that we can pull and also work with partners like Hitachi to make sure that it is done in an optimal manner. >> I like that you said, you know, technology needs to really compliment the business and vice versa. So Manoj, let's get into the cloud operations environment at GTCR. Talk to me about what the experience has been the last couple of years. Give us an idea of some of the challenges that you were facing with existing cloud ops and and the solution that you're using from Hitachi Vantara. >> A a absolutely. In fact, in fact Prem phrased it really well, one of the key things that we're facing is the workload management. So there's so many choices there, so much complexities. We have these companies buying more companies there is organic growth that is happening. So the variables that we have to deal with are very high in such a scenario to make sure that the workload management of each of the companies are done in an optimal manner is becoming an increasing concern. So, so that's one area where any help we can get anything we can try to make sure it is done better becomes a huge value at each. A second aspect is a financial transparency. We need to know where the money is going where the money is coming in from, what is the scale especially in the cloud environment. We are talking about an auto scale ecosystem. Having that financial transparency and the metrics associated with that, it, these these become very, very critical to ensure that we have a successful presence in the multicloud environment. >> Talk a little bit about the solution that you're using with Hitachi and, and the challenges that it is eradicated. >> Yeah, so it end of the day, right, we we need to focus on our core competence. So, so we have got a very strong technology leadership team. We've got a very strong presence in the respective domains of each of the portfolio companies. But where Hitachi comes in and HAR comes in as a solution is that they allow us to excel in focusing on our core business and then make sure that we are able to take care of workload management or financial transparency. All of that is taken off the table from us and and Hitachi manages it for us, right? So it's such a perfectly compliment relationship where they act as two partners and HARC is a solution that is extremely useful in driving that. And, and and I'm anticipating that it'll become more important with time as the complexity of cloud and cloud associate workloads are only becoming more challenging to manage and not less. >> Right? That's the thing that complexity is there and it's also increasing Prem, you talked about the complexities that are existent today with respect to cloud operations the things that have happened over the last couple of years. What are some of your tips, Prem for the audience, like the the top two or three things that you would say on cloud operations that that people need to understand so that they can manage that complexity and allow their business to be driven and complimented by technology? >> Yeah, a big great question again, Lisa, right? And I think Manoj alluded to a few of these things as well. The first one is in the new world of the cloud I think think of migration, modernization and management as a single continuum to the cloud. Now there is no lift and shift and there is no way somebody else separately manages it, right? If you do not lift and shift the right applications the right way onto the cloud, you are going to deal with the complexity of managing it and you'll end up spending more money time and effort in managing it. So that's number one. Migration, modernization, management of cloud work growth is a single continuum and it's not three separate activities, right? That's number one. And the, the second is cost. Cost traditionally has been an afterthought, right? People move the workload to the cloud. And I think, again, like I said, I'll refer back to what Manoj said once we move it to the cloud and then we put all these fancy engineering capability around self-provisioning, every developer can go and ask for what he or she wants and they get an environment immediately spun up so on and so forth. Suddenly the CIO wakes up to a bill that is significantly larger than what he or she expected right? And, and this is this is become a bit common nowadays, right? The the challenge is because we think cost in the cloud as an afterthought. But consider this example in, in previous world you buy hard, well, you put it in your data center you have already amortized the cost as a CapEx. So you can write an application throw it onto the infrastructure and the application continues to use the infrastructure until you hit a ceiling, you don't care about the money you spent. But if I write a line of code that is inefficient today and I deploy it on the cloud from minute one, I am paying for the inefficiency. So if I realize it after six months, I've already spent the money. So financial discipline, especially when managing the cloud is now is no more an afterthought. It is as much something that you have to include in your engineering practice as much as any other DevOps practices, right? Those are my top two tips, Lisa, from my standpoint, think about cloud, think about cloud work, cloud workloads. And the last one again, and you will see you will hear me saying this again and again, get into the mindset of everything is code. You don't have a touch and feel infrastructure anymore. So you don't really need to have foot on the ground to go manage that infrastructure. It's codified. So your code should be managing it, but think of how it happens, right? That's where we, we are going as an evolution >> Everything is code. That's great advice, great tips for the audience there. Manoj, I'll bring you back into the conversation. You know, we, we can talk about skills gaps on on in many different facets of technology the SRE role, relatively new, skillset. We're hearing, hearing a lot about it. SRE led DevSecOps is probably even more so of a new skillset. If I'm an IT leader or an application leader how do I ensure that I have the right skillset within my organization to be able to manage my cloud operations to, to dial down that complexity so that I can really operate successfully as a business? >> Yeah. And so unfortunately there is no perfect answer, right? It's such a, such a scarce skillset that a, any day any of the portfolio company CTOs if I go and talk and say, Hey here's a great SRE team member, they'll be more than willing to fight with each of to get the person in right? It's just that scarce of a skillset. So, so a few things we need to look at it. One is, how can I build it within, right? So nobody gets born as an SRE, you, you make a person an SRE. So how do you inculcate that culture? So like Prem said earlier, right? Everything is software. So how do we make sure that everybody inculcates that as part of their operating philosophy be they part of the operations team or the development team or the testing team they need to understand that that is a common guideline and common objective that we are driving towards. So, so that skillset and that associated training needs to be driven from within the organization. And that in my mind is the fastest way to make sure that that role gets propagated across organization. That is one. The second thing is rely on the right partners. So it's not going to be possible for us, to get all of these roles built in-house. So instead prioritize what roles need to be done from within the organization and what roles can we rely on our partners to drive it for us. So that becomes an important consideration for us to look at as well. >> Absolutely. That partnership angle is incredibly important from, from the, the beginning really kind of weaving these companies together on this journey to to redefine cloud operations and build that, as we talked about at the beginning of the conversation really building a cloud center of excellence that allows the organization to be competitive, successful and and really deliver what the end user is, is expecting. I want to ask - Sorry Lisa, - go ahead. >> May I add something to it, I think? >> Sure. >> Yeah. One of the, one of the common things that I tell customers when we talk about SRE and to manages point is don't think of SRE as a skillset which is the common way today the industry tries to solve the problem. SRE is a mindset, right? Everybody in >> Well well said, yeah >> That, so everybody in a company should think of him or her as a cycle liability engineer. And everybody has a role in it, right? Even if you take the new process layout from SRE there are individuals that are responsible to whom we can go to when there is a problem directly as opposed to going through the traditional ways of AI talk to L one and L one contras all. They go to L two and then L three. So we, we, we are trying to move away from an issue escalation model to what we call as a a issue routing or a incident routing model, right? Move away from incident escalation to an incident routing model. So you get to route to the right folks. So again, to sum it up, SRE should not be solved as a skillset set because there is not enough people in the market to solve it that way. If you start solving it as a mindset I think companies can get a handhold of it. >> I love that. I've actually never heard that before, but it it makes perfect sense to think about the SRE as a mindset rather than a skillset that will allow organizations to be much more successful. Prem I wanted to get your thoughts as enterprises are are innovating, they're moving more products and services to the as a service model. Talk about how the dev teams the ops teams are working together to build and run reliable, cost efficient services. Are they working better together? >> Again, a a very polarizing question because some customers are getting it right many customers aren't, there is still a big wall between development and operations, right? Even when you think about DevOps as a terminology the fundamental principle was to make sure dev and ops works together. But what many companies have achieved today, honestly is automating the operations for development. For example, as a developer, I can check in code and my code will appear in production without any friction, right? There is automated testing, automated provisioning and it gets promoted to production, but after production, it goes back into the 20 year old model of operating the code, right? So there is more work that needs to be done for Devon and Ops to come closer and work together. And one of the ways that we think this is achievable is not by doing radical org changes, but more by focusing on a product-oriented single backlog approach across development and operations. Which is, again, there is change management involved but I think that's a way to start embracing the culture of dev ops coming together much better now, again SRE principles as we double click and understand it more and Google has done a very good job playing it out for the world. As you think about SRE principle, there are ways and means in that process of how to think about a single backlog. And in HARC, Hitachi Application Reliability Centers we've really got a way to look at prioritizing the backlog. And what I mean by that is dev teams try to work on backlog that come from product managers on features. The SRE and the operations team try to put backlog into the say sorry, try to put features into the same backlog for improving stability, availability and financials financial optimization of your code. And there are ways when you look at your SLOs and error budgets to really coach the product teams to prioritize your backlog based on what's important for you. So if you understand your spending more money then you reduce your product features going in and implement the financial optimization that came from your operations team, right? So you now have the ability to throttle these parameters and that's where SRE becomes a mindset and a principle as opposed to a skillset because this is not an individual telling you to do. This is the company that is, is embarking on how to prioritize my backlog beyond just user features. >> Right. Great point. Last question for both of you is the same talk kind of take away things that you want me to remember. If I am at an IT leader at, at an organization and I am planning on redefining CloudOps for my company Manoj will start with you and then Prem to you what are the top two things that you want me to walk away with understanding how to do that successfully? >> Yeah, so I'll, I'll go back to basics. So the two things I would say need to be taken care of is, one is customer experience. So all the things that I do end of the day is it improving the customer experience or not? So that's a first metric. The second thing is anything that I do is there an ROI by doing that incremental step or not? Otherwise we might get lost in the technology with surgery, the new tech, et cetera. But end of the day, if the customers are not happy if there is no ROI, everything else you just can't do much on top of that >> Now it's all about the customer experience. Right? That's so true. Prem what are your thoughts, the the top things that I need to be taking away if I am a a leader planning to redefine my cloud eye company? >> Absolutely. And I think from a, from a company standpoint I think Manoj summarized it extremely well, right? There is this ROI and there is this customer experience from my end, again, I'll, I'll suggest two two more things as a takeaway, right? One, cloud cost is not an afterthought. It's essential for us to think about it upfront. Number two, do not delink migration modernization and operations. They are one stream. If you migrate a long, wrong workload onto the cloud you're going to be stuck with it for a long time. And an example of a wrong workload, Lisa for everybody that that is listening to this is if my cost per transaction profile doesn't change and I am not improving my revenue per transaction for a piece of code that's going run in production it's better off running in a data center where my cost is CapEx than amortized and I have control over when I want to upgrade as opposed to putting it on a cloud and continuing to pay unless it gives me more dividends towards improvement. But that's a simple example of when we think about what should I migrate and how will it cost pain when I want to manage it in the longer run. But that's, that's something that I'll leave the audience and you with as a takeaway. >> Excellent. Guys, thank you so much for talking to me today about what Hitachi Vantara and GTCR are doing together how you've really dialed down those complexities enabling the business and the technology folks to really live harmoniously. We appreciate your insights and your perspectives on building a cloud center of excellence. Thank you both for joining me. >> Thank you. >> For my guests, I'm Lisa. Martin, you're watching this event building Your Cloud Center of Excellence with Hitachi Vantara. Thanks for watching. (Upbeat music playing) (Upbeat music playing) (Upbeat music playing) (Upbeat music playing)

(Upbeat music playing) >> Hey everyone, thanks for joining us today. Welcome to this event of Building your Cloud Center of Excellence with Hitachi Vantara. I'm your host, Lisa Martin. I've got a couple of guests here with me next to talk about redefining cloud operations and application modernization for customers. Please welcome Prem Balasubramanian the SVP and CTO at Hitachi Vantara, and Manoj Narayanan is here as well, the Managing Director of Technology at GTCR. Guys, thank you so much for joining me today. Excited to have this conversation about redefining CloudOps with you. >> Pleasure to be here. >> Pleasure to be here >> Prem, let's go ahead and start with you. You have done well over a thousand cloud engagements in your career. I'd love to get your point of view on how the complexity around cloud operations and management has evolved in the last, say, three to four years. >> It's a great question, Lisa before we understand the complexity around the management itself, the cloud has evolved over the last decade significantly from being a backend infrastructure or infrastructure as a service for many companies to become the business for many companies. If you think about a lot of these cloud bond companies cloud is where their entire workload and their business wants. With that, as a background for this conversation if you think about the cloud operations, there was a lot of there was a lot of lift and shift happening in the market where people lifted their workloads or applications and moved them onto the cloud where they treated cloud significantly as an infrastructure. And the way they started to manage it was again, the same format they were managing there on-prem infrastructure and they call it I&O, Infrastructure and Operations. That's kind of the way traditionally cloud is managed. In the last few years, we are seeing a significant shift around thinking of cloud more as a workload rather than as just an infrastructure. And what I mean by workload is in the cloud, everything is now code. So you are codifying your infrastructure. Your application is already code and your data is also codified as data services. With now that context apply the way you think about managing the cloud has to significantly change and many companies are moving towards trying to change their models to look at this complex environment as opposed to treating it like a simple infrastructure that is sitting somewhere else. So that's one of the biggest changes and shifts that are causing a lot of complexity and headache for actually a lot of customers for managing environments. The second critical aspect is even that, even exasperates the situation is multicloud environments. Now, there are companies that have got it right with things about right cloud for the right workload. So there are companies that I reach out and I talk with. They've got their office applications and emails and stuff running on Microsoft 365 which can be on the Azure cloud whereas they're running their engineering applications the ones that they build and leverage for their end customers on Amazon. And to some extent they've got it right but still they have a multiple cloud that they have to go after and maintain. This becomes complex when you have two clouds for the same type of workload. When I have to host applications for my end customers on Amazon as well as Azure, Azure as well as Google then, I get into security issues that I have to be consistent across all three. I get into talent because I need to have people that focus on Amazon as well as Azure, as well as Google which means I need so much more workforce, I need so many so much more skills that I need to build, right? That's becoming the second issue. The third one is around data costs. Can I make these clouds talk to each other? Then you get into the ingress egress cost and that creates some complexity. So bringing all of this together and managing is really become becoming more complex for our customers. And obviously as a part of this we will talk about some of the, some of the ideas that we can bring for in managing such complex environments but this is what we are seeing in terms of why the complexity has become a lot more in the last few years. >> Right. A lot of complexity in the last few years. Manoj, let's bring you into the conversation now. Before we dig into your cloud environment give the audience a little bit of an overview of GTCR. What kind of company are you? What do you guys do? >> Definitely Lisa. GTCR is a Chicago based private equity firm. We've been in the market for more than 40 years and what we do is we invest in companies across different sectors and then we manage the company drive it to increase the value and then over a period of time, sell it to future buyers. So in a nutshell, we got a large portfolio of companies that we need to manage and make sure that they perform to expectations. And my role within GTCR is from a technology viewpoint so where I work with all the companies their technology leadership to make sure that we are getting the best out of technology and technology today drives everything. So how can technology be a good compliment to the business itself? So, my role is to play that intermediary role to make sure that there is synergy between the investment thesis and the technology lures that we can pull and also work with partners like Hitachi to make sure that it is done in an optimal manner. >> I like that you said, you know, technology needs to really compliment the business and vice versa. So Manoj, let's get into the cloud operations environment at GTCR. Talk to me about what the experience has been the last couple of years. Give us an idea of some of the challenges that you were facing with existing cloud ops and and the solution that you're using from Hitachi Vantara. >> A a absolutely. In fact, in fact Prem phrased it really well, one of the key things that we're facing is the workload management. So there's so many choices there, so much complexities. We have these companies buying more companies there is organic growth that is happening. So the variables that we have to deal with are very high in such a scenario to make sure that the workload management of each of the companies are done in an optimal manner is becoming an increasing concern. So, so that's one area where any help we can get anything we can try to make sure it is done better becomes a huge value at each. A second aspect is a financial transparency. We need to know where the money is going where the money is coming in from, what is the scale especially in the cloud environment. We are talking about an auto scale ecosystem. Having that financial transparency and the metrics associated with that, it, these these become very, very critical to ensure that we have a successful presence in the multicloud environment. >> Talk a little bit about the solution that you're using with Hitachi and, and the challenges that it is eradicated. >> Yeah, so it end of the day, right, we we need to focus on our core competence. So, so we have got a very strong technology leadership team. We've got a very strong presence in the respective domains of each of the portfolio companies. But where Hitachi comes in and HAR comes in as a solution is that they allow us to excel in focusing on our core business and then make sure that we are able to take care of workload management or financial transparency. All of that is taken off the table from us and and Hitachi manages it for us, right? So it's such a perfectly compliment relationship where they act as two partners and HARC is a solution that is extremely useful in driving that. And, and and I'm anticipating that it'll become more important with time as the complexity of cloud and cloud associate workloads are only becoming more challenging to manage and not less. >> Right? That's the thing that complexity is there and it's also increasing Prem, you talked about the complexities that are existent today with respect to cloud operations the things that have happened over the last couple of years. What are some of your tips, Prem for the audience, like the the top two or three things that you would say on cloud operations that that people need to understand so that they can manage that complexity and allow their business to be driven and complimented by technology? >> Yeah, a big great question again, Lisa, right? And I think Manoj alluded to a few of these things as well. The first one is in the new world of the cloud I think think of migration, modernization and management as a single continuum to the cloud. Now there is no lift and shift and there is no way somebody else separately manages it, right? If you do not lift and shift the right applications the right way onto the cloud, you are going to deal with the complexity of managing it and you'll end up spending more money time and effort in managing it. So that's number one. Migration, modernization, management of cloud work growth is a single continuum and it's not three separate activities, right? That's number one. And the, the second is cost. Cost traditionally has been an afterthought, right? People move the workload to the cloud. And I think, again, like I said, I'll refer back to what Manoj said once we move it to the cloud and then we put all these fancy engineering capability around self-provisioning, every developer can go and ask for what he or she wants and they get an environment immediately spun up so on and so forth. Suddenly the CIO wakes up to a bill that is significantly larger than what he or she expected right? And, and this is this is become a bit common nowadays, right? The the challenge is because we think cost in the cloud as an afterthought. But consider this example in, in previous world you buy hard, well, you put it in your data center you have already amortized the cost as a CapEx. So you can write an application throw it onto the infrastructure and the application continues to use the infrastructure until you hit a ceiling, you don't care about the money you spent. But if I write a line of code that is inefficient today and I deploy it on the cloud from minute one, I am paying for the inefficiency. So if I realize it after six months, I've already spent the money. So financial discipline, especially when managing the cloud is now is no more an afterthought. It is as much something that you have to include in your engineering practice as much as any other DevOps practices, right? Those are my top two tips, Lisa, from my standpoint, think about cloud, think about cloud work, cloud workloads. And the last one again, and you will see you will hear me saying this again and again, get into the mindset of everything is code. You don't have a touch and feel infrastructure anymore. So you don't really need to have foot on the ground to go manage that infrastructure. It's codified. So your code should be managing it, but think of how it happens, right? That's where we, we are going as an evolution >> Everything is code. That's great advice, great tips for the audience there. Manoj, I'll bring you back into the conversation. You know, we, we can talk about skills gaps on on in many different facets of technology the SRE role, relatively new, skillset. We're hearing, hearing a lot about it. SRE led DevSecOps is probably even more so of a new skillset. If I'm an IT leader or an application leader how do I ensure that I have the right skillset within my organization to be able to manage my cloud operations to, to dial down that complexity so that I can really operate successfully as a business? >> Yeah. And so unfortunately there is no perfect answer, right? It's such a, such a scarce skillset that a, any day any of the portfolio company CTOs if I go and talk and say, Hey here's a great SRE team member, they'll be more than willing to fight with each of to get the person in right? It's just that scarce of a skillset. So, so a few things we need to look at it. One is, how can I build it within, right? So nobody gets born as an SRE, you, you make a person an SRE. So how do you inculcate that culture? So like Prem said earlier, right? Everything is software. So how do we make sure that everybody inculcates that as part of their operating philosophy be they part of the operations team or the development team or the testing team they need to understand that that is a common guideline and common objective that we are driving towards. So, so that skillset and that associated training needs to be driven from within the organization. And that in my mind is the fastest way to make sure that that role gets propagated across organization. That is one. The second thing is rely on the right partners. So it's not going to be possible for us, to get all of these roles built in-house. So instead prioritize what roles need to be done from within the organization and what roles can we rely on our partners to drive it for us. So that becomes an important consideration for us to look at as well. >> Absolutely. That partnership angle is incredibly important from, from the, the beginning really kind of weaving these companies together on this journey to to redefine cloud operations and build that, as we talked about at the beginning of the conversation really building a cloud center of excellence that allows the organization to be competitive, successful and and really deliver what the end user is, is expecting. I want to ask - Sorry Lisa, - go ahead. >> May I add something to it, I think? >> Sure. >> Yeah. One of the, one of the common things that I tell customers when we talk about SRE and to manages point is don't think of SRE as a skillset which is the common way today the industry tries to solve the problem. SRE is a mindset, right? Everybody in >> Well well said, yeah >> That, so everybody in a company should think of him or her as a cycle liability engineer. And everybody has a role in it, right? Even if you take the new process layout from SRE there are individuals that are responsible to whom we can go to when there is a problem directly as opposed to going through the traditional ways of AI talk to L one and L one contras all. They go to L two and then L three. So we, we, we are trying to move away from an issue escalation model to what we call as a a issue routing or a incident routing model, right? Move away from incident escalation to an incident routing model. So you get to route to the right folks. So again, to sum it up, SRE should not be solved as a skillset set because there is not enough people in the market to solve it that way. If you start solving it as a mindset I think companies can get a handhold of it. >> I love that. I've actually never heard that before, but it it makes perfect sense to think about the SRE as a mindset rather than a skillset that will allow organizations to be much more successful. Prem I wanted to get your thoughts as enterprises are are innovating, they're moving more products and services to the as a service model. Talk about how the dev teams the ops teams are working together to build and run reliable, cost efficient services. Are they working better together? >> Again, a a very polarizing question because some customers are getting it right many customers aren't, there is still a big wall between development and operations, right? Even when you think about DevOps as a terminology the fundamental principle was to make sure dev and ops works together. But what many companies have achieved today, honestly is automating the operations for development. For example, as a developer, I can check in code and my code will appear in production without any friction, right? There is automated testing, automated provisioning and it gets promoted to production, but after production, it goes back into the 20 year old model of operating the code, right? So there is more work that needs to be done for Devon and Ops to come closer and work together. And one of the ways that we think this is achievable is not by doing radical org changes, but more by focusing on a product-oriented single backlog approach across development and operations. Which is, again, there is change management involved but I think that's a way to start embracing the culture of dev ops coming together much better now, again SRE principles as we double click and understand it more and Google has done a very good job playing it out for the world. As you think about SRE principle, there are ways and means in that process of how to think about a single backlog. And in HARC, Hitachi Application Reliability Centers we've really got a way to look at prioritizing the backlog. And what I mean by that is dev teams try to work on backlog that come from product managers on features. The SRE and the operations team try to put backlog into the say sorry, try to put features into the same backlog for improving stability, availability and financials financial optimization of your code. And there are ways when you look at your SLOs and error budgets to really coach the product teams to prioritize your backlog based on what's important for you. So if you understand your spending more money then you reduce your product features going in and implement the financial optimization that came from your operations team, right? So you now have the ability to throttle these parameters and that's where SRE becomes a mindset and a principle as opposed to a skillset because this is not an individual telling you to do. This is the company that is, is embarking on how to prioritize my backlog beyond just user features. >> Right. Great point. Last question for both of you is the same talk kind of take away things that you want me to remember. If I am at an IT leader at, at an organization and I am planning on redefining CloudOps for my company Manoj will start with you and then Prem to you what are the top two things that you want me to walk away with understanding how to do that successfully? >> Yeah, so I'll, I'll go back to basics. So the two things I would say need to be taken care of is, one is customer experience. So all the things that I do end of the day is it improving the customer experience or not? So that's a first metric. The second thing is anything that I do is there an ROI by doing that incremental step or not? Otherwise we might get lost in the technology with surgery, the new tech, et cetera. But end of the day, if the customers are not happy if there is no ROI, everything else you just can't do much on top of that >> Now it's all about the customer experience. Right? That's so true. Prem what are your thoughts, the the top things that I need to be taking away if I am a a leader planning to redefine my cloud eye company? >> Absolutely. And I think from a, from a company standpoint I think Manoj summarized it extremely well, right? There is this ROI and there is this customer experience from my end, again, I'll, I'll suggest two two more things as a takeaway, right? One, cloud cost is not an afterthought. It's essential for us to think about it upfront. Number two, do not delink migration modernization and operations. They are one stream. If you migrate a long, wrong workload onto the cloud you're going to be stuck with it for a long time. And an example of a wrong workload, Lisa for everybody that that is listening to this is if my cost per transaction profile doesn't change and I am not improving my revenue per transaction for a piece of code that's going run in production it's better off running in a data center where my cost is CapEx than amortized and I have control over when I want to upgrade as opposed to putting it on a cloud and continuing to pay unless it gives me more dividends towards improvement. But that's a simple example of when we think about what should I migrate and how will it cost pain when I want to manage it in the longer run. But that's, that's something that I'll leave the audience and you with as a takeaway. >> Excellent. Guys, thank you so much for talking to me today about what Hitachi Vantara and GTCR are doing together how you've really dialed down those complexities enabling the business and the technology folks to really live harmoniously. We appreciate your insights and your perspectives on building a cloud center of excellence. Thank you both for joining me. >> Thank you. >> For my guests, I'm Lisa. Martin, you're watching this event building Your Cloud Center of Excellence with Hitachi Vantara. Thanks for watching. (Upbeat music playing) (Upbeat music playing) (Upbeat music playing) (Upbeat music playing)

>>We're back at Super Computing, 22 in Dallas, winding down the final day here. A big show floor behind me. Lots of excitement out there, wouldn't you say, Dave? Just >>Oh, it's crazy. I mean, any, any time you have NASA presentations going on and, and steampunk iterations of cooling systems that the, you know, it's, it's >>The greatest. I've been to hundreds of trade shows. I don't think I've ever seen NASA exhibiting at one like they are here. Dave Nicholson, my co-host. I'm Paul Gell, in which with us is Satish Ier. He is the vice president of emerging services at Dell Technologies and Satit, thanks for joining us on the cube. >>Thank you. Paul, >>What are emerging services? >>Emerging services are actually the growth areas for Dell. So it's telecom, it's cloud, it's edge. So we, we especially focus on all the growth vectors for, for the companies. >>And, and one of the key areas that comes under your jurisdiction is called apex. Now I'm sure there are people who don't know what Apex is. Can you just give us a quick definition? >>Absolutely. So Apex is actually Dells for a into cloud, and I manage the Apex services business. So this is our way of actually bringing cloud experience to our customers, OnPrem and in color. >>But, but it's not a cloud. I mean, you don't, you don't have a Dell cloud, right? It's, it's of infrastructure as >>A service. It's infrastructure and platform and solutions as a service. Yes, we don't have our own e of a public cloud, but we want to, you know, this is a multi-cloud world, so technically customers want to consume where they want to consume. So this is Dell's way of actually, you know, supporting a multi-cloud strategy for our customers. >>You, you mentioned something just ahead of us going on air. A great way to describe Apex, to contrast Apex with CapEx. There's no c there's no cash up front necessary. Yeah, I thought that was great. Explain that, explain that a little more. Well, >>I mean, you know, one, one of the main things about cloud is the consumption model, right? So customers would like to pay for what they consume, they would like to pay in a subscription. They would like to not prepay CapEx ahead of time. They want that economic option, right? So I think that's one of the key tenets for anything in cloud. So I think it's important for us to recognize that and think Apex is basically a way by which customers pay for what they consume, right? So that's a absolutely a key tenant for how, how we want to design Apex. So it's absolutely right. >>And, and among those services are high performance computing services. Now I was not familiar with that as an offering in the Apex line. What constitutes a high performance computing Apex service? >>Yeah, I mean, you know, I mean, this conference is great, like you said, you know, I, there's so many HPC and high performance computing folks here, but one of the things is, you know, fundamentally, if you look at high performance computing ecosystem, it is quite complex, right? And when you call it as an Apex HPC or Apex offering offer, it brings a lot of the cloud economics and cloud, you know, experience to the HPC offer. So fundamentally, it's about our ability for customers to pay for what they consume. It's where Dell takes a lot of the day to day management of the infrastructure on our own so that customers don't need to do the grunge work of managing it, and they can really focus on the actual workload, which actually they run on the CHPC ecosystem. So it, it is, it is high performance computing offer, but instead of them buying the infrastructure, running all of that by themself, we make it super easy for customers to consume and manage it across, you know, proven designs, which Dell always implements across these verticals. >>So what, what makes the high performance computing offering as opposed to, to a rack of powered servers? What do you add in to make it >>Hpc? Ah, that's a great question. So, I mean, you know, so this is a platform, right? So we are not just selling infrastructure by the drink. So we actually are fundamentally, it's based on, you know, we, we, we launch two validated designs, one for life science sales, one for manufacturing. So we actually know how these PPO work together, how they actually are validated design tested solution. And we also, it's a platform. So we actually integrate the softwares on the top. So it's just not the infrastructure. So we actually integrate a cluster manager, we integrate a job scheduler, we integrate a contained orchestration layer. So a lot of these things, customers have to do it by themself, right? If they're buy the infrastructure. So by basically we are actually giving a platform or an ecosystem for our customers to run their workloads. So make it easy for them to actually consume those. >>That's Now is this, is this available on premises for customer? >>Yeah, so we, we, we make it available customers both ways. So we make it available OnPrem for customers who want to, you know, kind of, they want to take that, take that economics. We also make it available in a colo environment if the customers want to actually, you know, extend colo as that OnPrem environment. So we do both. >>What are, what are the requirements for a customer before you roll that equipment in? How do they sort of have to set the groundwork for, >>For Well, I think, you know, fundamentally it starts off with what the actual use case is, right? So, so if you really look at, you know, the two validated designs we talked about, you know, one for, you know, healthcare life sciences, and one other one for manufacturing, they do have fundamentally different requirements in terms of what you need from those infrastructure systems. So, you know, the customers initially figure out, okay, how do they actually require something which is going to require a lot of memory intensive loads, or do they actually require something which has got a lot of compute power. So, you know, it all depends on what they would require in terms of the workloads to be, and then we do havet sizing. So we do have small, medium, large, we have, you know, multiple infrastructure options, CPU core options. Sometimes the customer would also wanna say, you know what, as long as the regular CPUs, I also want some GPU power on top of that. So those are determinations typically a customer makes as part of the ecosystem, right? And so those are things which would, they would talk to us about to say, okay, what is my best option in terms of, you know, kind of workloads I wanna run? And then they can make a determination in terms of how, how they would actually going. >>So this, this is probably a particularly interesting time to be looking at something like HPC via Apex with, with this season of Rolling Thunder from various partners that you have, you know? Yep. We're, we're all expecting that Intel is gonna be rolling out new CPU sets from a powered perspective. You have your 16th generation of PowerEdge servers coming out, P C I E, gen five, and all of the components from partners like Invidia and Broadcom, et cetera, plugging into them. Yep. What, what does that, what does that look like from your, from your perch in terms of talking to customers who maybe, maybe they're doing things traditionally and they're likely to be not, not fif not 15 G, not generation 15 servers. Yeah. But probably more like 14. Yeah, you're offering a pretty huge uplift. Yep. What, what do those conversations look >>Like? I mean, customers, so talking about partners, right? I mean, of course Dell, you know, we, we, we don't bring any solutions to the market without really working with all of our partners, whether that's at the infrastructure level, like you talked about, you know, Intel, amd, Broadcom, right? All the chip vendors, all the way to software layer, right? So we have cluster managers, we have communities orchestrators. So we usually what we do is we bring the best in class, whether it's a software player or a hardware player, right? And we bring it together as a solution. So we do give the customers a choice, and the customers always want to pick what you they know actually is awesome, right? So they that, that we actually do that. And, you know, and one of the main aspects of, especially when you talk about these things, bringing it as a service, right? >>We take a lot of guesswork away from our customer, right? You know, one of the good example of HPC is capacity, right? So customers, these are very, you know, I would say very intensive systems. Very complex systems, right? So customers would like to buy certain amount of capacity, they would like to grow and, you know, come back, right? So give, giving them the flexibility to actually consume more if they want, giving them the buffer and coming down. All of those things are very important as we actually design these things, right? And that takes some, you know, customers are given a choice, but it actually, they don't need to worry about, oh, you know, what happens if I actually have a spike, right? There's already buffer capacity built in. So those are awesome things. When we talk about things as a service, >>When customers are doing their ROI analysis, buying CapEx on-prem versus, versus using Apex, is there a point, is there a crossover point typically at which it's probably a better deal for them to, to go OnPrem? >>Yeah, I mean, it it like specifically talking about hpc, right? I mean, why, you know, we do have a ma no, a lot of customers consume high performance compute and public cloud, right? That's not gonna go away, right? But there are certain reasons why they would look at OnPrem or they would look at, for example, Ola environment, right? One of the main reasons they would like to do that is purely have to do with cost, right? These are pretty expensive systems, right? There is a lot of ingress, egress, there is a lot of data going back and forth, right? Public cloud, you know, it costs money to put data in or actually pull data back, right? And the second one is data residency and security requirements, right? A lot of these things are probably proprietary set of information. We talked about life sciences, there's a lot of research, right? >>Manufacturing, a lot of these things are just, just in time decision making, right? You are on a factory floor, you gotta be able to do that. Now there is a latency requirement. So I mean, I think a lot of things play, you know, plays into this outside of just cost, but data residency requirements, ingress, egress are big things. And when you're talking about mass moments of data you wanna put and pull it back in, they would like to kind of keep it close, keep it local, and you know, get a, get a, get a price >>Point. Nevertheless, I mean, we were just talking to Ian Coley from aws and he was talking about how customers have the need to sort of move workloads back and forth between the cloud and on-prem. That's something that they're addressing without posts. You are very much in the, in the on-prem world. Do you have, or will you have facilities for customers to move workloads back and forth? Yeah, >>I wouldn't, I wouldn't necessarily say, you know, Dell's cloud strategy is multi-cloud, right? So we basically, so it kind of falls into three, I mean we, some customers, some workloads are suited always for public cloud. It's easier to consume, right? There are, you know, customers also consume on-prem, the customers also consuming Kohler. And we also have like Dell's amazing piece of software like storage software. You know, we make some of these things available for customers to consume a software IP on their public cloud, right? So, you know, so this is our multi-cloud strategy. So we announced a project in Alpine, in Delta fold. So you know, if you look at those, basically customers are saying, I love your Dell IP on this, on this product, on the storage, can you make it available through, in this public environment, whether, you know, it's any of the hyper skill players. So if we do all of that, right? So I think it's, it shows that, you know, it's not always tied to an infrastructure, right? Customers want to consume the best thumb and if we need to be consumed in hyperscale, we can make it available. >>Do you support containers? >>Yeah, we do support containers on hpc. We have, we have two container orchestrators we have to support. We, we, we have aner similarity, we also have a container options to customers. Both options. >>What kind of customers are you signing up for the, for the HPC offerings? Are they university research centers or is it tend to be smaller >>Companies? It, it's, it's, you know, the last three days, this conference has been great. We probably had like, you know, many, many customers talking to us. But HC somewhere in the range of 40, 50 customers, I would probably say lot of interest from educational institutions, universities research, to your point, a lot of interest from manufacturing, factory floor automation. A lot of customers want to do dynamic simulations on factory floor. That is also quite a bit of interest from life sciences pharmacies because you know, like I said, we have two designs, one on life sciences, one on manufacturing, both with different dynamics on the infrastructure. So yeah, quite a, quite a few interest definitely from academics, from life sciences, manufacturing. We also have a lot of financials, big banks, you know, who wants to simulate a lot of the, you know, brokerage, a lot of, lot of financial data because we have some, you know, really optimized hardware we announced in Dell for, especially for financial services. So there's quite a bit of interest from financial services as well. >>That's why that was great. We often think of Dell as, as the organization that democratizes all things in it eventually. And, and, and, and in that context, you know, this is super computing 22 HPC is like the little sibling trailing around, trailing behind the super computing trend. But we definitely have seen this move out of just purely academia into the business world. Dell is clearly a leader in that space. How has Apex overall been doing since you rolled out that strategy, what, two couple? It's been, it's been a couple years now, hasn't it? >>Yeah, it's been less than two years. >>How are, how are, how are mainstream Dell customers embracing Apex versus the traditional, you know, maybe 18 months to three year upgrade cycle CapEx? Yeah, >>I mean I look, I, I think that is absolutely strong momentum for Apex and like we, Paul pointed out earlier, we started with, you know, making the infrastructure and the platforms available to customers to consume as a service, right? We have options for customers, you know, to where Dell can fully manage everything end to end, take a lot of the pain points away, like we talked about because you know, managing a cloud scale, you know, basically environment for the customers, we also have options where customers would say, you know what, I actually have a pretty sophisticated IT organization. I want Dell to manage the infrastructure, but up to this level in the layer up to the guest operating system, I'll take care of the rest, right? So we are seeing customers who are coming to us with various requirements in terms of saying, I can do up to here, but you take all of this pain point away from me or you do everything for me. >>It all depends on the customer. So we do have wide interest. So our, I would say our products and the portfolio set in Apex is expanding and we are also learning, right? We are getting a lot of feedback from customers in terms of what they would like to see on some of these offers. Like the example we just talked about in terms of making some of the software IP available on a public cloud where they'll look at Dell as a software player, right? That's also is absolutely critical. So I think we are giving customers a lot of choices. Our, I would say the choice factor and you know, we are democratizing, like you said, expanding in terms of the customer choices. And I >>Think it's, we're almost outta our time, but I do wanna be sure we get to Dell validated designs, which you've mentioned a couple of times. How specific are the, well, what's the purpose of these designs? How specific are they? >>They, they are, I mean I, you know, so the most of these valid, I mean, again, we look at these industries, right? And we look at understanding exactly how would, I mean we have huge embedded base of customers utilizing HPC across our ecosystem in Dell, right? So a lot of them are CapEx customers. We actually do have an active customer profile. So these validated designs takes into account a lot of customer feedback, lot of partner feedback in terms of how they utilize this. And when you build these solutions, which are kind of end to end and integrated, you need to start anchoring on something, right? And a lot of these things have different characteristics. So these validated design basically prove to us that, you know, it gives a very good jump off point for customers. That's the way I look at it, right? So a lot of them will come to the table with, they don't come to the blank sheet of paper when they say, oh, you know what I'm, this, this is my characteristics of what I want. I think this is a great point for me to start from, right? So I think that that gives that, and plus it's the power of validation, really, right? We test, validate, integrate, so they know it works, right? So all of those are hypercritical. When you talk to, >>And you mentioned healthcare, you, you mentioned manufacturing, other design >>Factoring. We just announced validated design for financial services as well, I think a couple of days ago in the event. So yep, we are expanding all those DVDs so that we, we can, we can give our customers a choice. >>We're out of time. Sat ier. Thank you so much for joining us. Thank you. At the center of the move to subscription to everything as a service, everything is on a subscription basis. You really are on the leading edge of where, where your industry is going. Thanks for joining us. >>Thank you, Paul. Thank you Dave. >>Paul Gillum with Dave Nicholson here from Supercomputing 22 in Dallas, wrapping up the show this afternoon and stay with us for, they'll be half more soon.

>>Hello everyone. Welcome to the Cube's coverage of AWS Reinvent 22. I'm John Ferer, host of the Cube. Got some great coverage here talking about software supply chain and sustainability in the cloud. We've got a great conversation. Gunner Helickson, Vice President and general manager at Red Hat Enterprise Linux and Business Unit of Red Hat. Thanks for coming on. And Edon Eja Director, Product Management of commercial software services aws. Gentlemen, thanks for joining me today. >>Oh, it's a pleasure. >>You know, the hottest topic coming out of Cloudnative developer communities is slide chain software sustainability. This is a huge issue. As open source continues to power away and fund and grow this next generation modern development environment, you know, supply chain, you know, sustainability is a huge discussion because you gotta check things out where, what's in the code. Okay, open source is great, but now we gotta commercialize it. This is the topic, Gunner, let's get in, get with you. What, what are you seeing here and what's some of the things that you're seeing around the sustainability piece of it? Because, you know, containers, Kubernetes, we're seeing that that run time really dominate this new abstraction layer, cloud scale. What's your thoughts? >>Yeah, so I, it's interesting that the, you know, so Red Hat's been doing this for 20 years, right? Making open source safe to consume in the enterprise. And there was a time when in order to do that you needed to have a, a long term life cycle and you needed to be very good at remediating security vulnerabilities. And that was kind of, that was the bar that you had that you had to climb over. Nowadays with the number of vulnerabilities coming through, what people are most worried about is, is kind of the providence of the software and making sure that it has been vetted and it's been safe, and that that things that you get from your vendor should be more secure than things that you've just downloaded off of GitHub, for example. Right? And that's, that's a, that's a place where Red Hat's very comfortable living, right? >>Because we've been doing it for, for 20 years. I think there, there's another, there's another aspect to this, to this supply chain question as well, especially with the pandemic. You know, we've got these, these supply chains have been jammed up. The actual physical supply chains have been jammed up. And, and the two of these issues actually come together, right? Because as we've been go, as we go through the pandemic, we've had these digital transformation efforts, which are in large part people creating software in order to manage better their physical supply chain problems. And so as part of that digital transformation, you have another supply chain problem, which is the software supply chain problem, right? And so these two things kind of merge on these as people are trying to improve the performance of transportation systems, logistics, et cetera. Ultimately it all boils down to it all. Both supply chain problems actually boil down to a software problem. It's very >>Interesting that, Well, that is interesting. I wanna just follow up on that real quick if you don't mind. Because if you think about the convergence of the software and physical world, you know, that's, you know, IOT and also hybrid cloud kind of plays into that at scale, this opens up more surface area for attacks, especially when you're under a lot of pressure. This is where, you know, you can, you have a service area in the physical side and you have constraints there. And obviously the pandemic causes problems, but now you've got the software side. Can you, how are you guys handling that? Can you just share a little bit more of how you guys are looking at that with Red Hat? What's, what's the customer challenge? Obviously, you know, skills gaps is one, but like that's a convergence at the same time. More security problems. >>Yeah, yeah, that's right. And certainly the volume of, if we just look at security vulnerabilities themselves, just the volume of security vulnerabilities has gone up considerably as more people begin using the software. And as the software becomes more important to kind of critical infrastructure, more eyeballs are on it. And so we're uncovering more problems, which is kind of, that's, that's okay. That's how the world works. And so certainly the, the number of remediations required every year has gone up. But also the customer expectations, as I've mentioned before, the customer expectations have changed, right? People want to be able to show to their auditors and to their regulators that no, we, we, in fact, I can show the providence of the software that I'm using. I didn't just download something random off the internet. I actually have, like you, you know, adults paying attention to the, how the software gets put together. >>And it's still, honestly, it's still very early days. We can, I think the, in as an industry, I think we're very good at managing, identifying remediating vulnerabilities in the aggregate. We're pretty good at that. I think things are less clear when we talk about kind of the management of that supply chain, proving the provenance, proving the, and creating a resilient supply chain for software. We have lots of tools, but we don't really have lots of shared expectations. Yeah. And so it's gonna be interesting over the next few years, I think we're gonna have more rules are gonna come out. I see NIST has already, has already published some of them. And as these new rules come out, the whole industry is gonna have to kind of pull together and, and really and really rally around some of this shared understanding so we can all have shared expectations and we can all speak the same language when we're talking about this >>Problem. That's awesome. A and Amazon web service is obviously the largest cloud platform out there, you know, the pandemic, even post pandemic, some of these supply chain issues, whether it's physical or software, you're also an outlet for that. So if someone can't buy hardware or, or something physical, they can always get the cloud. You guys have great network compute and whatnot and you got thousands of ISVs across the globe. How are you helping customers with this supply chain problem? Because whether it's, you know, I need to get in my networking gears delayed, I'm gonna go to the cloud and get help there. Or whether it's knowing the workloads and, and what's going on inside them with respect open source. Cause you've got open source, which is kind of an external forcing function. You got AWS and you got, you know, physical compute stores, networking, et cetera. How are you guys helping customers with the supply chain challenge, which could be an opportunity? >>Yeah, thanks John. I think there, there are multiple layers to that. At, at the most basic level we are helping customers buy abstracting away all these data central constructs that they would have to worry about if they were running their own data centers. They would have to figure out how the networking gear, you talk about, you know, having the right compute, right physical hardware. So by moving to the cloud, at least they're delegating that problem to AWS and letting us manage and making sure that we have an instance available for them whenever they want it. And if they wanna scale it, the, the, the capacity is there for them to use now then that, so we kind of give them space to work on the second part of the problem, which is building their own supply chain solutions. And we work with all kinds of customers here at AWS from all different industry segments, automotive, retail, manufacturing. >>And you know, you see that the complexity of the supply chain with all those moving pieces, like hundreds and thousands of moving pieces, it's very daunting. So cus and then on the other hand, customers need more better services. So you need to move fast. So you need to build, build your agility in the supply chain itself. And that is where, you know, Red Hat and AWS come together where we can build, we can enable customers to build their supply chain solutions on platform like Red Hat Enterprise, Linux Rail or Red Hat OpenShift on, on aws. We call it Rosa. And the benefit there is that you can actually use the services that we, that are relevant for the supply chain solutions like Amazon managed blockchain, you know, SageMaker. So you can actually build predictive and s you can improve forecasting, you can make sure that you have solutions that help you identify where you can cut costs. And so those are some of the ways we are helping customers, you know, figure out how they actually wanna deal with the supply chain challenges that we're running into in today's world. >>Yeah, and you know, you mentioned sustainability outside of software su sustainability, you know, as people move to the cloud, we've reported on silicon angle here in the cube that it's better to have the sustainability with the cloud because then the data centers aren't using all that energy too. So there's also all kinds of sustainability advantages, Gunner, because this is, this is kind of how your relationship with Amazon's expanded. You mentioned Rosa, which is Red Hat on, you know, on OpenShift, on aws. This is interesting because one of the biggest discussions is skills gap, but we were also talking about the fact that the humans are huge part of the talent value. In other words, the, the humans still need to be involved and having that relationship with managed services and Red Hat, this piece becomes one of those things that's not talked about much, which is the talent is increasing in value the humans, and now you got managed services on the cloud, has got scale and human interactions. Can you share, you know, how you guys are working together on this piece? Cuz this is interesting cuz this kind of brings up the relationship of that operator or developer. >>Yeah, Yeah. So I think there's, so I think about this in a few dimensions. First is that the kind of the, I it's difficult to find a customer who is not talking about automation at some level right now. And obviously you can automate the processes and, and the physical infrastructure that you already have that's using tools like Ansible, right? But I think that the, combining it with the, the elasticity of a solution like aws, so you combine the automation with kind of elastic and, and converting a lot of the capital expenses into operating expenses, that's a great way actually to save labor, right? So instead of like racking hard drives, you can have somebody who's somebody do something a little more like, you know, more valuable work, right? And so, so okay, but that gives you a platform and then what do you do with that platform? >>And if you've got your systems automated and you've got this kind of elastic infrastructure underneath you, what you do on top of it is really interesting. So a great example of this is the collaboration that, that we had with running the rel workstation on aws. So you might think like, well why would anybody wanna run a workstation on, on a cloud? That doesn't make a whole lot of sense unless you consider how complex it is to set up, if you have the, the use case here is like industrial workstations, right? So it's animators, people doing computational fluid dynamics, things like this. So these are industries that are extremely data heavy. They have workstations have very large hardware requirements, often with accelerated GPUs and things like this. That is an extremely expensive thing to install on premise anywhere. And if the pandemic taught us anything, it's, if you have a bunch of very expensive talent and they all have to work from a home, it is very difficult to go provide them with, you know, several tens of thousands of dollars worth of worth of worth of workstation equipment. >>And so combine the rail workstation with the AWS infrastructure and now all that workstation computational infrastructure is available on demand and on and available right next to the considerable amount of data that they're analyzing or animating or, or, or working on. So it's a really interesting, it's, it was actually, this is an idea that I was actually born with the pandemic. Yeah. And, and it's kind of a combination of everything that we're talking about, right? It's the supply chain challenges of the customer, It's the lack of lack of talent, making sure that people are being put their best and highest use. And it's also having this kind of elastic, I think, opex heavy infrastructure as opposed to a CapEx heavy infrastructure. >>That's a great example. I think that's illustrates to me what I love about cloud right now is that you can put stuff in, in the cloud and then flex what you need when you need it at in the cloud rather than either ingress or egress data. You, you just more, you get more versatility around the workload needs, whether it's more compute or more storage or other high level services. This is kind of where this NextGen cloud is going. This is where, where, where customers want to go once their workloads are up and running. How do you simplify all this and how do you guys look at this from a joint customer perspective? Because that example I think will be something that all companies will be working on, which is put it in the cloud and flex to the, whatever the workload needs and put it closer to the work compute. I wanna put it there. If I wanna leverage more storage and networking, Well, I'll do that too. It's not one thing. It's gotta flex around what's, how are you guys simplifying this? >>Yeah, I think so for, I'll, I'll just give my point of view and then I'm, I'm very curious to hear what a not has to say about it, but the, I think and think about it in a few dimensions, right? So there's, there is a, technically like any solution that aan a nun's team and my team wanna put together needs to be kind of technically coherent, right? The things need to work well together, but that's not the, that's not even most of the job. Most of the job is actually the ensuring and operational consistency and operational simplicity so that everything is the day-to-day operations of these things kind of work well together. And then also all the way to things like support and even acquisition, right? Making sure that all the contracts work together, right? It's a really in what, So when Aon and I think about places of working together, it's very rare that we're just looking at a technical collaboration. It's actually a holistic collaboration across support acquisition as well as all the engineering that we have to do. >>And on your, your view on how you're simplifying it with Red Hat for your joint customers making Collabo >>Yeah. Gun, Yeah. Gunner covered it. Well I think the, the benefit here is that Red Hat has been the leading Linux distribution provider. So they have a lot of experience. AWS has been the leading cloud provider. So we have both our own point of views, our own learning from our respective set of customers. So the way we try to simplify and bring these things together is working closely. In fact, I sometimes joke internally that if you see Ghana and my team talking to each other on a call, you cannot really tell who who belongs to which team. Because we're always figuring out, okay, how do we simplify discount experience? How do we simplify programs? How do we simplify go to market? How do we simplify the product pieces? So it's really bringing our, our learning and share our perspective to the table and then really figure out how do we actually help customers make progress. Rosa that we talked about is a great example of that, you know, you know, we, together we figured out, hey, there is a need for customers to have this capability in AWS and we went out and built it. So those are just some of the examples in how both teams are working together to simplify the experience, make it complete, make it more coherent. >>Great. That's awesome. That next question is really around how you help organizations with the sustainability piece, how to support them, simplifying it. But first, before we get into that, what is the core problem around this sustainability discussion we're talking about here, supply chain sustainability, What is the core challenge? Can you both share your thoughts on what that problem is and what the solution looks like and then we can get into advice? >>Yeah. Well from my point of view, it's, I think, you know, one of the lessons of the last three years is every organization is kind of taking a careful look at how resilient it is. Or ever I should say, every organization learned exactly how resilient it was, right? And that comes from both the, the physical challenges and the logistics challenges that everyone had. The talent challenges you mentioned earlier. And of course the, the software challenges, you know, as everyone kind of embarks on this, this digital transformation journey that, that we've all been talking about. And I think, so I really frame it as, as resilience, right? And and resilience is at bottom is really about ensuring that you have options and that you have choices. The more choices you have, the more options you have, the more resilient you, you and your organization is going to be. And so I know that that's how, that's how I approach the market. I'm pretty sure that's exact, that's how AON is, has approaching the market, is ensuring that we are providing as many options as possible to customers so that they can assemble the right, assemble the right pieces to create a, a solution that works for their particular set of challenges or their unique set of challenges and and unique context. Aon, is that, does that sound about right to you? Yeah, >>I think you covered it well. I, I can speak to another aspect of sustainability, which is becoming increasingly top of mind for our customer is like how do they build products and services and solutions and whether it's supply chain or anything else which is sustainable, which is for the long term good of the, the planet. And I think that is where we have been also being very intentional and focused in how we design our data center. How we actually build our cooling system so that we, those are energy efficient. You know, we, we are on track to power all our operations with renewable energy by 2025, which is five years ahead of our initial commitment. And perhaps the most obvious example of all of this is our work with arm processors Graviton three, where, you know, we are building our own chip to make sure that we are designing energy efficiency into the process. And you know, we, there's the arm graviton, three arm processor chips, there are about 60% more energy efficient compared to some of the CD six comparable. So all those things that are also we are working on in making sure that whatever our customers build on our platform is long term sustainable. So that's another dimension of how we are working that into our >>Platform. That's awesome. This is a great conversation. You know, the supply chain is on both sides, physical and software. You're starting to see them come together in great conversations and certainly moving workloads to the cloud running in more efficiently will help on the sustainability side, in my opinion. Of course, you guys talked about that and we've covered it, but now you start getting into how to refactor, and this is a big conversation we've been having lately, is as you not just lift and ship but re-platform and refactor, customers are seeing great advantages on this. So I have to ask you guys, how are you helping customers and organizations support sustainability and, and simplify the complex environment that has a lot of potential integrations? Obviously API's help of course, but that's the kind of baseline, what's the, what's the advice that you give customers? Cause you know, it can look complex and it becomes complex, but there's an answer here. What's your thoughts? >>Yeah, I think so. Whenever, when, when I get questions like this from from customers, the, the first thing I guide them to is, we talked earlier about this notion of consistency and how important that is. It's one thing, it it, it is one way to solve the problem is to create an entirely new operational model, an entirely new acquisition model and an entirely new stack of technologies in order to be more sustainable. That is probably not in the cards for most folks. What they want to do is have their existing estate and they're trying to introduce sustainability into the work that they are already doing. They don't need to build another silo in order to create sustainability, right? And so there have to be, there has to be some common threads, there has to be some common platforms across the existing estate and your more sustainable estate, right? >>And, and so things like Red Hat enterprise Linux, which can provide this kind of common, not just a technical substrate, but a common operational substrate on which you can build these solutions if you have a common platform on which you are building solutions, whether it's RHEL or whether it's OpenShift or any of our other platforms that creates options for you underneath. So that in some cases maybe you need to run things on premise, some things you need to run in the cloud, but you don't have to profoundly change how you work when you're moving from one place to another. >>And that, what's your thoughts on, on the simplification? >>Yeah, I mean think that when you talk about replatforming and refactoring, it is a daunting undertaking, you know, in today's, in the, especially in today's fast paced work. So, but the good news is you don't have to do it by yourself. Customers don't have to do it on their own. You know, together AWS and Red Hat, we have our rich partner ecosystem, you know AWS over AWS has over a hundred thousand partners that can help you take that journey, the transformation journey. And within AWS and working with our partners like Red Hat, we make sure that we have all in, in my mind there are really three big pillars that you have to have to make sure that customers can successfully re-platform refactor their applications to the modern cloud architecture. You need to have the rich set of services and tools that meet their different scenarios, different use cases. Because no one size fits all. You have to have the right programs because sometimes customers need those incentives, they need those, you know, that help in the first step and last but no needs, they need training. So all of that, we try to cover that as we work with our customers, work with our partners and that is where, you know, together we try to help customers take that step, which is, which is a challenging step to take. >>Yeah. You know, it's great to talk to you guys, both leaders in your field. Obviously Red hats, well story history. I remember the days back when I was provisioning, loading OSS on hardware with, with CDs, if you remember, that was days gunner. But now with high level services, if you look at this year's reinvent, and this is like kind of my final question for the segment is then we'll get your reaction to is last year we talked about higher level services. I sat down with Adam Celski, we talked about that. If you look at what's happened this year, you're starting to see people talk about their environment as their cloud. So Amazon has the gift of the CapEx, the all that, all that investment and people can operate on top of it. They're calling that environment their cloud. Okay, For the first time we're seeing this new dynamic where it's like they have a cloud, but they're Amazon's the CapEx, they're operating. So you're starting to see the operational visibility gun around how to operate this environment. And it's not hybrid this, that it's just, it's cloud. This is kind of an inflection point. Do you guys agree with that or, or having a reaction to that statement? Because I, I think this is kind of the next gen super cloud-like capability. It's, it's, we're going, we're building the cloud. It's now an environment. It's not talking about private cloud, this cloud, it's, it's all cloud. What's your reaction? >>Yeah, I think, well I think it's a very natural, I mean we used words like hybrid cloud, multi-cloud, if, I guess super cloud is what the kids are saying now, right? It's, it's all, it's all describing the same phenomena, right? Which is, which is being able to take advantage of lots of different infrastructure options, but still having something that creates some commonality among them so that you can, so that you can manage them effectively, right? So that you can have kind of uniform compliance across your estate so that you can have kind of, you can make the best use of your talent across the estate. I mean this is a, this is, it's a very natural thing. >>They're calling it cloud, the estate is the cloud. >>Yeah. So yeah, so, so fine if it, if it means that we no longer have to argue about what's multi-cloud and what's hybrid cloud, I think that's great. Let's just call it cloud. >>And what's your reaction, cuz this is kind of the next gen benefits of, of higher level services combined with amazing, you know, compute and, and resource at the infrastructure level. What's your, what's your view on that? >>Yeah, I think the construct of a unified environment makes sense for customers who have all these use cases which require, like for instance, if you are doing some edge computing and you're running it WS outpost or you know, wave lent and these things. So, and, and it is, it is fear for customer to say, think that hey, this is one environment, same set of tooling that they wanna build that works across all their different environments. That is why we work with partners like Red Hat so that customers who are running Red Hat Enterprise Linux on premises and who are running in AWS get the same level of support, get the same level of security features, all of that. So from that sense, it actually makes sense for us to build these capabilities in a way that customers don't have to worry about, Okay, now I'm actually in the AWS data center versus I'm running outpost on premises. It is all one. They, they just use the same set of cli command line APIs and all of that. So in that sense, it's actually helps customers have that unification so that that consistency of experience helps their workforce and be more productive versus figuring out, okay, what do I do, which tool I use? Where >>And on you just nailed it. This is about supply chain sustainability, moving the workloads into a cloud environment. You mentioned wavelength, this conversation's gonna continue. We haven't even talked about the edge yet. This is something that's gonna be all about operating these workloads at scale and all the, with the cloud services. So thanks for sharing that and we'll pick up that edge piece later. But for reinvent right now, this is really the key conversation. How to bake the sustained supply chain work in a complex environment, making it simpler. And so thanks for sharing your insights here on the cube. >>Thanks. Thanks for having >>Us. Okay, this is the cube's coverage of ados Reinvent 22. I'm John Fur, your host. Thanks for watching.

>>Welcome back everyone, to the special presentation of Cloud Native at scale, the Cube and Platform nine special presentation going in and digging into the next generation super cloud infrastructure as code and the future of application development. We're here with Bickley, who's the chief architect and co-founder of Platform nine Pick. Great to see you Cube alumni. We, we met at an OpenStack event in about eight years ago, or later, earlier when OpenStack was going. Great to see you and great to see congratulations on the success of Platform nine. Thank >>You very much. >>Yeah. You guys have been at this for a while and this is really the, the, the year we're seeing the, the crossover of Kubernetes because of what happens with containers. Everyone now has realized, and you've seen what Docker's doing with the new docker, the open source Docker now just a success Exactly. Of containerization. Right? And now the Kubernetes layer that we've been working on for years is coming, Bearing fruit. This is huge. >>Exactly, Yes. >>And so as infrastructure, as code comes in, we talked to Bacar, talking about Super Cloud. I met her about, you know, the new Arlon, our, our lawn you guys just launched, the infrastructure's code is going to another level, and then it's always been DevOps infrastructure is code. That's been the ethos that's been like from day one, developers just code. Then you saw the rise of serverless and you see now multi-cloud or on the horizon. Connect the dots for us. What is the state of infrastructures code today? >>So I think, I think I'm, I'm glad you mentioned it. Everybody or most people know about infrastructures code, but with Kubernetes, I think that project has evolved at the concept even further. And these dates, it's infrastructure is configuration, right? So, which is an evolution of infrastructure as code. So instead of telling the system, here's how I want my infrastructure by telling it, you know, do step A, B, C, and D. Instead, with Kubernetes, you can describe your desired state declaratively using things called manifest resources. And then the system kind of magically figures it out and tries to converge the state towards the one that you specify. So I think it's, it's a even better version of infrastructures code. Yeah, >>Yeah. And, and that really means it's developer just accessing resources. Okay. That declare, Okay, give me some compute, stand me up some, turn the lights on, turn 'em off, turn 'em on. That's kind of where we see this going. And I like the configuration piece. Some people say composability, I mean now with open source, so popular, you don't have to have to write a lot of code, this code being developed. And so it's into integrations, configuration. These are areas that we're starting to see computer science principles around automation, machine learning, assisting open source. Cuz you've got a lot of code that's right in hearing software, supply chain issues. So infrastructure as code has to factor in these new, new dynamics. Can you share your opinion on these new dynamics of, as open source grows, the glue layers, the configurations, the integration, what are the core issues? >>I think one of the major core issues is with all that power comes complexity, right? So, you know, despite its expressive power systems like Kubernetes and declarative APIs let you express a lot of complicated and complex stacks, right? But you're dealing with hundreds if not thousands of these yamo files or resources. And so I think, you know, the emergence of systems and layers to help you manage that complexity is becoming a key challenge and opportunity in, in this space. That's, >>I wrote a LinkedIn post today, it was comments about, you know, hey, enterprise is the new breed, the trend of SaaS companies moving our consumer comp consumer-like thinking into the enterprise has been happening for a long time, but now more than ever, you're seeing it the old way used to be solve complexity with more complexity and then lock the customer in. Now with open source, it's speed, simplification and integration, right? These are the new dynamic power dynamics for developers. Yeah. So as companies are starting to now deploy and look at Kubernetes, what are the things that need to be in place? Because you have some, I won't say technical debt, but maybe some shortcuts, some scripts here that make it look like infrastructure is code. People have done some things to simulate or or make infrastructure as code happen. Yes. But to do it at scale Yes. Is harder. What's your take on this? What's your >>View? It's hard because there's a per proliferation of methods, tools, technologies. So for example, today it's very common for DevOps and platform engineering tools, I mean, sorry, teams to have to deploy a large number of Kubernetes clusters, but then apply the applications and configurations on top of those clusters. And they're using a wide range of tools to do this, right? For example, maybe Ansible or Terraform or bash scripts to bring up the infrastructure and then the clusters. And then they may use a different set of tools such as Argo CD or other tools to apply configurations and applications on top of the clusters. So you have this sprawl of tools. You, you also have this sprawl of configurations and files because the more objects you're dealing with, the more resources you have to manage. And there's a risk of drift that people call that where, you know, you think you have things under control, but some people from various teams will make changes here and there and then before the end of the day systems break and you have no idea of tracking them. So I think there's real need to kind of unify, simplify, and try to solve these problems using a smaller, more unified set of tools and methodologies. And that's something that we tried to do with this new project. Arlon. >>Yeah. So, so we're gonna get into our line in a second. I wanna get into the why Arlon. You guys announced that at our GoCon, which was put on here in Silicon Valley at the, at the community invite in two where they had their own little day over there at their headquarters. But before we get there, vascar, your CEO came on and he talked about Super Cloud at our in AAL event. What's your definition of super cloud? If you had to kind of explain that to someone at a cocktail party or someone in the industry technical, how would you look at the super cloud trend that's emerging? It's become a thing. What's your, what would be your contribution to that definition or the narrative? >>Well, it's, it's, it's funny because I've actually heard of the term for the first time today, speaking to you earlier today. But I think based on what you said, I I already get kind of some of the, the gist and the, the main concepts. It seems like super cloud, the way I interpret that is, you know, clouds and infrastructure, programmable infrastructure, all of those things are becoming commodity in a way. And everyone's got their own flavor, but there's a real opportunity for people to solve real business problems by perhaps trying to abstract away, you know, all of those various implementations and then building better abstractions that are perhaps business or application specific to help companies and businesses solve real business problems. >>Yeah, I remember that's a great, great definition. I remember, not to date myself, but back in the old days, you know, IBM had a proprietary network operating system, so of deck for the mini computer vendors, deck net and SNA respectively. But T C P I P came out of the osi, the open systems interconnect and remember, ethernet beat token ring out. So not to get all nerdy for all the young kids out there, look, just look up token ring, you'll see, you've probably never heard of it. It's IBM's, you know, connection to the internet at the, the layer too is Amazon, the ethernet, right? So if T C P I P could be the Kubernetes and the container abstraction that made the industry completely change at that point in history. So at every major inflection point where there's been serious industry change and wealth creation and business value, there's been an abstraction Yes. Somewhere. Yes. What's your reaction to that? >>I think this is, I think a saying that's been heard many times in this industry and, and I forgot who originated it, but I think the saying goes like, there's no problem that can't be solved with another layer of indirection, right? And we've seen this over and over and over again where Amazon and its peers have inserted this layer that has simplified, you know, computing and, and infrastructure management. And I believe this trend is going to continue, right? The next set of problems are going to be solved with these insertions of additional abstraction layers. I think that that's really a, yeah, it's gonna continue. >>It's interesting. I just, when I wrote another post today on LinkedIn called the Silicon Wars AMD stock is down arm has been on a rise. We've remember pointing for many years now, that arm's gonna be hugely, it has become true. If you look at the success of the infrastructure as a serviced layer across the clouds, Azure, aws, Amazon's clearly way ahead of everybody. The stuff that they're doing with the silicon and the physics and the, the atoms, the pro, you know, this is where the innovation, they're going so deep and so strong at ISAs, the more that they get that gets come on, they have more performance. So if you're an app developer, wouldn't you want the best performance and you'd want to have the best abstraction layer that gives you the most ability to do infrastructures, code or infrastructure for configuration, for provisioning, for managing services. And you're seeing that today with service MeSHs, a lot of action going on in the service mesh area in in this community of, of co con, which we will be covering. So that brings up the whole what's next? You guys just announced Arlon at ar GoCon, which came out of Intuit. We've had Mariana Tessel at our super cloud event. She's the cto, you know, they're all in the cloud. So they contributed that project. Where did Arlon come from? What was the origination? What's the purpose? Why arlon, why this announcement? Yeah, >>So the, the inception of the project, this was the result of us realizing that problem that we spoke about earlier, which is complexity, right? With all of this, these clouds, these infrastructure, all the variations around and, you know, compute storage networks and the proliferation of tools we talked about the Ansibles and Terraforms and Kubernetes itself, you can think of that as another tool, right? We saw a need to solve that complexity problem, and especially for people and users who use Kubernetes at scale. So when you have, you know, hundreds of clusters, thousands of applications, thousands of users spread out over many, many locations, there, there needs to be a system that helps simplify that management, right? So that means fewer tools, more expressive ways of describing the state that you want and more consistency. And, and that's why, you know, we built our lawn and we built it recognizing that many of these problems or sub problems have already been solved. So Arlon doesn't try to reinvent the wheel, it instead rests on the shoulders of several giants, right? So for example, Kubernetes is one building block, GI ops, and Argo CD is another one, which provides a very structured way of applying configuration. And then we have projects like cluster API and cross plane, which provide APIs for describing infrastructure. So arlon takes all of those building blocks and builds a thin layer, which gives users a very expressive way of defining configuration and desired state. So that's, that's kind of the inception of, >>And what's the benefit of that? What does that give the, what does that give the developer, the user, in this case, >>The developers, the, the platform engineer, team members, the DevOps engineers, they get a a ways to provision not just infrastructure and clusters, but also applications and configurations. They get a way, a system for provisioning, configuring, deploying, and doing life cycle management in a, in a much simpler way. Okay. Especially as I said, if you're dealing with a large number of applications. >>So it's like an operating fabric, if you will. Yes. For them. Okay, so let's get into what that means for up above and below the, the, this abstraction or thin layer below as the infrastructure. We talked a lot about what's going on below that. Yeah. Above our workloads. At the end of the day, you, I talk to CXOs and IT folks that, that are now DevOps engineers. They care about the workloads and they want the infrastructure's code to work. They wanna spend their time getting in the weeds, figuring out what happened when someone made a push that that happened or something happened to need observability and they need to, to know that it's working. That's right. And here's my workloads running effectively. So how do you guys look at the workload side of it? Cuz now you have multiple workloads on these fabric, right? >>So workloads, so Kubernetes has defined kind of a standard way to describe workloads and you can, you know, tell Kubernetes, I wanna run this container this particular way, or you can use other projects that are in the Kubernetes cloud native ecosystem, like K native, where you can express your application in more at a higher level, right? But what's also happening is in addition to the workloads, DevOps and platform engineering teams, they need to very often deploy the applications with the clusters themselves. Clusters are becoming this commodity. It's, it's becoming this host for the application and it kind of comes bundled with it. In many cases it is like an appliance, right? So DevOps teams have to provision clusters at a really incredible rate and they need to tear them down. Clusters are becoming more, >>It's coming like an EC two instance, spin up a cluster. We very, people used words like that. >>That's right. And before arlon you kind of had to do all of that using a different set of tools as, as I explained. So with Arlon you can kind of express everything together. You can say I want a cluster with a health monitoring stack and a logging stack and this ingress controller and I want these applications and these security policies. You can describe all of that using something we call a profile. And then you can stamp out your app, your applications and your clusters and manage them in a very, >>So essentially standard like creates a mechanism. Exactly. Standardized, declarative kind of configurations. And it's like a playbook, deploy it. Now what there between say a script like I'm, I have scripts, I can just automate scripts >>Or yes, this is where that declarative API and infrastructures configuration comes in, right? Because scripts, yes you can automate scripts, but the order in which they run matters, right? They can break, things can break in the middle and, and sometimes you need to debug them. Whereas the declarative way is much more expressive and powerful. You just tell the system what you want and then the system kind of figures it out. And there are these things got controllers which will in the background reconcile all the state to converge towards your desire. It's a much more powerful, expressive and reliable way of getting things done. >>So infrastructure has configuration is built kind of on it's super set of infrastructures code because it's >>An evolution. >>You need edge re's code, but then you can configure the code by just saying do it. You basically declaring it's saying Go, go do that. That's right. Okay, so, alright, so cloud native at scale, take me through your vision of what that means. Someone says, Hey, what does cloud native at scale mean? What's success look like? How does it roll out in the future as you, not future next couple years. I mean people are now starting to figure out, okay, it's not as easy as it sounds. Kubernetes has value. We're gonna hear this year coan a lot of this. What does cloud native at scale mean? >>Yeah, there are different interpretations, but if you ask me, when people think of scale, they think of a large number of deployments, right? Geographies, many, you know, supporting thousands or tens or millions of, of users there, there's that aspect to scale. There's also an equally important a aspect of scale, which is also something that we try to address with Arran. And that is just complexity for the people operating this or configuring this, right? So in order to describe that desired state, and in order to perform things like maybe upgrades or updates on a very large scale, you want the humans behind that to be able to express and direct the system to do that in, in relatively simple terms, right? And so we want the tools and the abstractions and the mechanisms available to the user to be as powerful but as simple as possible. So there's, I think there's gonna be a number and there have been a number of CNCF and cloud native projects that are trying to attack that complexity problem as well. And Arlon kind of falls in in that >>Category. Okay, so I'll put you on the spot. Rogue got Coan coming up and obviously this'll be shipping this segment series out before. What do you expect to see at this year? What's the big story this year? What's the, what's the most important thing happening? Is it in the open source community and also within a lot of the, the people jogging for leadership. I know there's a lot of projects and still there's some white space in the overall systems map about the different areas get run time, there's ability in all these different areas. What's the, where's the action? Where, where's the smoke? Where's the fire? Where's the piece? Where's the tension? >>Yeah, so I think one thing that has been happening over the past couple of cub cons and I expect to continue and, and that is the, the word on the street is Kubernetes is getting boring, right? Which is good, right? >>Boring means simple. >>Well, >>Well maybe, >>Yeah, >>Invisible, >>No drama, right? So, so the, the rate of change of the Kubernetes features and, and all that has slowed, but in, in a, in a positive way. But there's still a general sentiment and feeling that there's just too much stuff. If you look at a stack necessary for hosting applications based on Kubernetes, there are just still too many moving parts, too many components, right? Too much complexity. I go, I keep going back to the complexity problem. So I expect Cube Con and all the vendors and the players and the startups and the people there to continue to focus on that complexity problem and introduce further simplifications to, to the stack. >>Yeah. Vic, you've had an storied career, VMware over decades with them, obviously in 12 years with 14 years or something like that. Big number co-founder here at Platform now you's been around for a while at this game. We, man, we talked about OpenStack, that project you, we interviewed at one of their events. So OpenStack was the beginning of that, this new revolution. I remember the early days it was, it wasn't supposed to be an alternative to Amazon, but it was a way to do more cloud cloud native. I think we had a cloud a Rod team at that time. We would joke we, you know, about, about the dream. It's happening now, now at Platform nine. You guys have been doing this for a while. What's the, what are you most excited about as the chief architect? What did you guys double down on? What did you guys pivot from or two, did you do any pivots? Did you extend out certain areas? Cuz you guys are in a good position right now, a lot of DNA in Cloud native. What are you most excited about and what does Platform Nine bring to the table for customers and for people in the industry watching this? >>Yeah, so I think our mission really hasn't changed over the years, right? It's been always about taking complex open source software because open source software, it's powerful. It solves new problems, you know, every year and you have new things coming out all the time, right? Open Stack was an example where the Kubernetes took the world by storm. But there's always that complexity of, you know, just configuring it, deploying it, running it, operating it. And our mission has always been that we will take all that complexity and just make it, you know, easy for users to consume regardless of the technology, right? So the successor to Kubernetes, you know, I don't have a crystal ball, but you know, you have some indications that people are coming up of new and simpler ways of running applications. There are many projects around there who knows what's coming next year or the year after that. But platform will, a, platform nine will be there and we will, you know, take the innovations from the, the, the community. We will contribute our own innovations and make all of those things very consumable to customers. >>Simpler, faster, cheaper. Exactly. Always a good business model technically to make that happen. Yes. Yeah. I think the, the reigning in the chaos is key, you know, Now we have now visibility into the scale. Final question before we depart Yeah. On this segment, what is at scale, how many clusters do you see that would be a, a watermark for an at scale conversation around an enterprise? Is it workloads we're looking at or, or clusters? How would you Yeah, I would you describe that when people try to squint through and evaluate what's a scale, what's the at scale kind of threshold? >>Yeah. And, and the number of clusters doesn't tell the whole story because clusters can be small in terms of the number of nodes or they can be large. But roughly speaking when we say, you know, large scale cluster deployments, we're talking about maybe hundreds, two thousands. Yeah. >>And final final question, what's the role of the hyperscalers? You got AWS continuing to do well, but they got their core ias, they got a PAs, they're not too too much putting a SaaS out there. They have some SaaS apps, but mostly it's the ecosystem. They have marketplaces doing, doing over $2 billion billions of transactions a year. And, and it's just like, just sitting there. It hasn't really, they're now innovating on it, but that's gonna change ecosystems. What's the role the cloud play in the cloud Native at scale? >>The the hyper square? >>Yeah. Yeah. Abras, Azure, Google, >>You mean from a business perspective, they're, they have their own interests that, you know, that they're, they will keep catering to, They, they will continue to find ways to lock their users into their ecosystem of services and, and APIs. So I don't think that's gonna change, right? They're just gonna keep Well, >>They got great I performance, I mean from a, from a hardware standpoint, yes. That's gonna be key, right? >>Yes. I think the, the move from X 86 being the dominant way and platform to run workloads is changing, right? That, that, that, that, and I think the, the hyperscalers really want to be in the game in terms of, you know, the, the new risk and arm ecosystems and the >>Platforms. Yeah. Not joking aside, Paul Morritz, when he was the CEO of VMware, when he took over once said, I remember our first year doing the cube. Oh, the cloud is one big distributed computer. It's, it's hardware and you got software and you got middleware. And he kinda over, well he kind of tongue in cheek, but really you're talking about large compute and sets of services that is essentially a distributed computer. Yes, >>Exactly. >>It's, we're back in the same game. Thank you for coming on the segment. Appreciate your time. This is cloud native at scale special presentation with Platform nine. Really unpacking super cloud Arlon open source and how to run large scale applications on the cloud, Cloud native develop for developers. And John Feer with the cube. Thanks for Washington. We'll stay tuned for another great segment coming right up.

foreign [Music] to the special presentation of cloud native at scale the cube and Platform 9 special presentation going in and digging into the next generation super cloud infrastructure as code and the future of application development we're here with dick Lee who's the Chief Architect and co-founder of platform nine pick great to see you Cube alumni we we met at openstack event in about eight years ago or later earlier uh when openstack was going great to see you and great congratulations on the success of platform nine thank you very much yeah you guys been at this for a while and this is really the the Year we're seeing the the crossover of kubernetes because of what happens with containers everyone now was realized and you've seen what docker's doing with the new Docker the open source Docker now just the success of containerization and now the kubernetes layer that we've been working on for years is coming bearing fruit this is huge exactly yes and so as infrastructure as code comes in we talked to baskar talking about super cloud I met her about you know the new Arlo our our lawn um you guys just launched the infrastructure's code is going to another level and it's always been devops infrastructure is code that's been the ethos that's been like from day one developers just code I think you saw the rise of serverless and you see now multi-cloud or on the horizon connect the dots for us what is the state of infrastructure as code today so I think I think um I'm glad you mentioned it everybody or most people know about infrastructure as code but with kubernetes I think that project has evolved at the concept even further and these days it's um infrastructure as configuration right so which is an evolution of infrastructure as code so instead of telling the system here's how I want my infrastructure by telling it you know do step a b c and d uh instead with kubernetes you can describe your desired State declaratively using things called manifest resources and then the system kind of magically figures it out and tries to converge the state towards the one that you specify so I think it's it's a even better version of infrastructure as code yeah and that really means it's developer just accessing resources okay that declare okay give me some compute stand me up some turn the lights on turn them off turn them on that's kind of where we see this going and I like the configuration piece some people say composability I mean now with open source so popular you don't have to have to write a lot of code this code being developed and so it's integration it's configuration these are areas that we're starting to see computer science principles around automation machine learning assisting open source because you've got a lot of code that's what you're hearing software supply chain issues so infrastructure as code has to factor in these new Dynamics can you share your opinion on these new dynamics of as open source grows the glue layers the configurations the integration what are the core issues I think one of the major core issues is with all that power comes complexity right so um You know despite its expressive Power Systems like kubernetes and declarative apis let you express a lot of complicated and complex Stacks right but you're dealing with um hundreds if not thousands of these yaml files or resources and so I think you know the emergence of systems and layers to help you manage that complexity is becoming a key Challenge and opportunity in this space I wrote a LinkedIn post today those comments about you know hey Enterprise is the new breed the trend of SAS companies moving uh our consumer consumer-like thinking into the Enterprise has been happening for a long time but now more than ever you're seeing it the old way used to be solve complexity with more complexity and then lock the customer in now with open source it's speed simplification and integration right these are the new Dynam power dynamics for developers so as companies are starting to now deploy and look at kubernetes what are the things that need to be in place because you have some I won't say technical debt but maybe some shortcuts some scripts here that make it look like infrastructure as code people have done some things to simulate or or make infrastructures code happen yes but to do it at scale yes is harder what's your take on this what's your view it's hard because there's a proliferation of of methods tools Technologies so for example today it's a very common for devops and platform engineering tools I mean sorry teams to have to deploy a large number of kubernetes clusters but then apply the applications and configurations on top of those clusters and they're using a wide range of tools to do this right for example maybe ansible or terraform or bash scripts to bring up the infrastructure and then the Clusters and then they may use a different set of tools such as Argo CD or other tools to apply configurations and applications on top of the Clusters so you have this sprawl of tools you also you also have this sprawl of configurations and files because the more objects you're dealing with the more resources you have to manage and there's a risk of drift that people call that where you know you think you have things under control but some people from various teams will make changes here and there and then before the end of the day systems break and you have no idea of tracking them so I think there's real need to kind of unify simplify and try to solve these problems using a smaller more unified set of tools and methodology apologies and that's something that we try to do with this new project Arlon yeah so so we're going to get to our line in a second I want to get to the yr lawn you guys announced that at argocon which was put on here in Silicon Valley at the community meeting by Intuit they had their own little day over their headquarters but before we get there um Bhaskar your CEO came on and he talked about super cloud at our inaugural event what's your definition of super cloud if you had to kind of explain that to someone at a cocktail party or someone in the industry technical how would you look at the super cloud Trend that's emerging has become a thing what's your what would be your contribution to that definition or the narrative well it's it's uh funny because I've actually heard of the term for the first time today speaking to you earlier today but I think based on what you said I I already get kind of some of the the gist and the the main Concepts it seems like uh super cloud the way I interpret that is you know um clouds and infrastructure um programmable infrastructure all of those things are becoming commodity in a way and everyone's got their own flavor but there's a real opportunity for people to solve real business Problems by perhaps trying to abstract away you know all of those various implementations and then building uh um better abstractions that are perhaps business or application specific to help companies and businesses solve real business problems yeah I remember it's a great great definition I remember not to date myself but back in the old days you know IBM had its proprietary Network operating system so the deck for the mini computer vintage deck net and sna respectively um but tcpip came out of the OSI the open systems interconnect and remember ethernet beat token ring out so not to get all nerdy for all the young kids out there look just look up token ring you'll see if I never heard of it it's IBM's you know a connection for the internet at the layer two is Amazon the ethernet right so if TCP could be the kubernetes and containers abstraction that made the industry completely change at that point in history so at every major inflection point where there's been serious industry change and wealth creation and business value there's been an abstraction Yes somewhere yes what's your reaction to that I think um this is um I think a saying that's been heard many times in this industry and I forgot who originated it but um I think the saying goes like there's no problem that can't be solved with another layer of indirection right and we've seen this over and over and over again where Amazon and its peers have inserted this layer that has simplified you know Computing and infrastructure management and I believe this trend is going to continue right the next set of problems are going to be solved with these insertions of additional abstraction layers I think that that's really a yeah it's going to continue it's interesting just when I wrote another post today on LinkedIn called the Silicon Wars AMD stock is down arm has been on the rise we've been reporting for many years now that arm's going to be huge it has become true if you look at the success of the infrastructure as a service layer across the clouds Azure AWS Amazon's clearly way ahead of everybody the stuff that they're doing with the Silicon and the physics and the atoms the pro you know this is where the Innovation they're going so deep and so strong at is the more that they get that gets gone they have more performance so if you're an app developer wouldn't you want the best performance and you'd want to have the best abstraction layer that gives you the most ability to do infrastructures code or infrastructure for configuration for provisioning for managing services and you're seeing that today with service meshes a lot of action going on in the service mesh area in this community of kubecon which we'll be covering so that brings up the whole what's next you guys just announced our lawn at argocon which came out of Intuit we've had Mariana Tesla out our supercloud event she's a CTO you know they're all in the cloud so there contributed that project where did Arlon come from what was the origination what's the purpose why our lawn why this announcement yeah so um the the Inception of the project this was the result of um us realizing that problem that we spoke about earlier which is complexity right with all of this these clouds these infrastructure all the variations around and you know compute storage networks and um the proliferation of tools we talked about the ansibles and terraforms and kubernetes itself you can think of that as another tool right we saw a need to solve that complexity problem and especially for people and users who use kubernetes at scale so when you have you know hundreds of clusters thousands of applications thousands of users spread out over many many locations there there needs to be a system that helps simplify that management right so that means fewer tools more expressive ways of describing the state that you want and more consistency and and that's why um you know we built um Arlon and we built it um recognizing that many of these problems or sub problems have already been solved so Arlon doesn't try to reinvent the wheel it instead rests on the shoulders of several Giants right so for example kubernetes is one building block get Ops and Argo CD is another one which provides a very structured way of applying configuration and then we have projects like cluster API and cross-plane which provide apis for describing infrastructure so Arlon takes all of those building blocks and um builds a thin layer which gives users a very expressive way of defining configuration and desired state so that's that's kind of the Inception and what's the benefit of that what does that give what does that give the developer the user in this case the developers the the platform engineer team members the devops engineers they uh get a ways to provision not just infrastructure and clusters but also applications and configurations they get away a system for provisioning configuring deploying and doing life cycle Management in a in a much simpler way okay especially as I said if you're dealing with a large number of applications so it's like an operating fabric if you will yes for them okay so let's get into what that means for up above and below the the abstraction or thin layer below is the infrastructure we talked a lot about what's going on below that yeah above our workloads at the end of the day and I talked to cxos and um I.T folks that are now devops Engineers they care about the workloads and they want the infrastructure's code to work they want to spend their time getting in the weeds figuring out what happened when someone made a push that that happened or something happened they need observability and they need to to know that it's working that's right and as my workloads running if effectively so how do you guys look at the workload side because now you have multiple workloads on these fabric right so workloads so kubernetes has defined kind of a standard way to describe workloads and you can you know tell kubernetes I want to run this container this particular way or you can use other projects that are in the kubernetes cloud native ecosystem like k-native where you can express your application in more at a higher level right but what's also happening is in addition to the workloads devops and platform engineering teams they need to very often deploy the applications with the Clusters themselves clusters are becoming this commodity it's it's becoming this um host for the application and it kind of comes bundled with it in many cases it's like an appliance right so devops teams have to provision clusters at a really incredible rate and they need to tear them down clusters are becoming more extremely like an ec2 instance spin up a cluster we've heard people used words like that that's right and before Arlon you kind of had to do all of that using a different set of tools as I explained so with our own you can kind of express everything together you can say I want a cluster with a health monitoring stack and a logging stack and this Ingress controller and I want these applications and these security policies you can describe all of that using something we call the profile and then you can stamp out your app your applications and your clusters and manage them in a very essentially standard that creates a mechanism it's standardized declarative kind of configurations and it's like a Playbook you just deploy it now what's this between say a script like I have scripts I can just automate Scripts or yes this is where that um declarative API and um infrastructures configuration comes in right because scripts yes you can automate scripts but the order in which they run matters right they can break things can break in the middle and um and sometimes you need to debug them whereas the declarative way is much more expressive and Powerful you just tell the system what you want and then the system kind of uh figures it out and there are these things called controllers which will in the background reconcile all the state to converge towards your desire to say it's a much more powerful expressive and reliable way of getting things done so infrastructure as configuration is built kind of on it's a superset of infrastructures code because different Evolution you need Edge restaurant's code but then you can configure The Code by just saying do it you're basically declaring and saying go go do that that's right okay so all right so Cloud native at scale take me through your vision of what that means someone says hey what is cloud native at scale mean what's success look like how does it roll out in the future as you that future next couple years I mean people are now starting to figure out okay it's not as easy as it sounds kubernetes has value we're going to hear this year kubecon a lot of this what is cloud native at scale mean yeah there are different interpretations but if you ask me when people think of scale they think of a large number of deployments right geographies many you know supporting thousands or tens or millions of users there's that aspect to scale there's also um an equally important aspect of scale which is also something that we try to address with Arlon and that is just complexity for the people operating this or configuring this right so in order to describe that desired State and in order to perform things like maybe upgrades or updates on a very large scale you want the humans behind that to be able to express and direct the system to do that in in relatively simple terms right and so we want uh the tools and the abstractions and the mechanisms available to the user to be as powerful but as simple as possible so there's I think there's going to be a number and there have been a number of cncf and Cloud native projects that are trying to attack that complexity problem as well and Arlon kind of Falls in in that category okay so I'll put you on the spot where I've got kubecon coming up and obviously this will be shipping this seg series out before what do you expect to see at kubecon issue it's the big story this year what's the what's the most important thing happening is it in the open source community and also within a lot of the the people jockeying for leadership I know there's a lot of projects and still there's some white space on the overall systems map about the different areas get runtime and observability in all these different areas what's the where's the action where's the smoke where's the fire where's the piece where's the tension yeah so uh I think uh one thing that has been happening over the past couple of coupons and I expect to continue and and that is uh the the word on the street is kubernetes getting boring right which is good right or I mean simple well um well maybe yeah invisible no drama right so so the rate of change of the kubernetes features and and all that has slowed but in a positive way um but um there's still a general sentiment and feeling that there's just too much stuff if you look at a stack necessary for uh hosting applications based on kubernetes they're just still too many moving Parts too many uh components right too much complexity I go I keep going back to the complexity problem so I expect kubecon and all the vendors and the players and the startups and the people there to continue to focus on that complexity problem and introduce a further simplifications uh to to the stack yeah Vic you've had a storied career VMware over decades with them uh obviously 12 years for the 14 years or something like that big number co-founder here platform I think it's been around for a while at this game uh we man we'll talk about openstack that project you we interviewed at one of their events so openstack was the beginning of that this new Revolution I remember the early days was it wasn't supposed to be an alternative to Amazon but it was a way to do more cloud cloud native I think we had a Colorado team at that time I mean it's a joke we you know about about the dream it's happening now now at platform nine you guys have been doing this for a while what's the what are you most excited about as the Chief Architect what did you guys double down on what did you guys pivot from or two did you do any pivots did you extend out certain areas because you guys are in a good position right now a lot of DNA in Cloud native um what are you most excited about and what is platform nine bring to the table for customers and for people in the industry watching this yeah so I think our mission really hasn't changed over the years right it's been always about taking complex open source software because open source software it's powerful it solves new problems you know every year and you have new things coming out all the time right openstack was an example within kubernetes took the World by storm but there's always that complexity of you know just configuring it deploying it running it operating it and our mission has always been that we will take all that complexity and just make it you know easy for users to consume regardless of the technology right so the successor to kubernetes you know I don't have a crystal ball but you know you have some indications that people are coming up of new and simpler ways of running applications there are many projects around there who knows what's coming uh next year or the year after that but platform will a Platform 9 will be there and we will you know take the Innovations from the the community we will contribute our own Innovations and make all of those things uh very consumable to customers simpler faster cheaper always a good business model technically to make that happen yeah I think the reigning in the chaos is key you know now we have now visibility into the scale final question before we depart you know this segment um what is that scale how many clusters do you see that would be a high a watermark for an at scale conversation around an Enterprise um is it workloads we're looking at or or clusters how would you yeah how would you describe that and when people try to squint through and evaluate what's a scale what's the at scale kind of threshold yeah and the number of clusters doesn't tell the whole story because clusters can be small in terms of the number of nodes or they can be large but roughly speaking when we say you know large-scale cluster deployments we're talking about um maybe a hundreds uh two thousands yeah and final final question what's the role of the hyperscalers you've got AWS continuing to do well but they got their core I asked they got a pass they're not too too much putting assess out there they have some SAS apps but mostly it's the ecosystem they have marketplaces doing over two billion dollars billions of transactions a year um and and it's just like just sitting there it has really they're now innovating on it but that's going to change ecosystems what's the role the cloud play and the cloud native at scale the the hyperscale yeah Abus Azure Google you mean from a business they have their own interests that you know that they're uh they will keep catering to they they will continue to find ways to lock their users into their ecosystem of uh services and and apis um so I don't think that's going to change right they're just going to keep well they got great uh performance I mean from a from a hardware standpoint yes that's going to be key right yes I think the uh the move from x86 being the dominant away and platform to run workloads is changing right that that that and I think the the hyperscalers really want to be in the game in terms of you know the the new risk and arm ecosystems and platforms yeah that joking aside Paul maritz when he was the CEO of VMware when he took over once said I remember our first year doing the cube the cloud is one big distributed computer it's it's hardware and you've got software and you got middleware and uh he kind of over these kind of tongue-in-cheek but really you're talking about large compute and sets of services that is essentially a distributed computer yes exactly it's we're back in the same game Vic thank you for coming on the segment appreciate your time this is uh Cloud native at scale special presentation with platform nine really unpacking super cloud rlon open source and how to run large-scale applications uh on the cloud cloud native philadelph4 developers and John Furrier with the cube thanks for watching and we'll stay tuned for another great segment coming right up foreign [Music]

>>And welcome back to the cubes coverage of a, of us. Reinforc here in Boston, Massachusetts. I'm John furrier. We're here for a great interview on the next generation topic of state of industrial security. We have two great guests, Tim Jefferson, senior vice president data network and application security at Barracuda. And Cenon Aron vice president of zero trust engineering at Barracuda. Gentlemen. Thanks for coming on the queue. Talk about industrial security. >>Yeah, thanks for having us. >>So one of the, one of the big things that's going on, obviously you got zero trust. You've got trusted, trusted software supply chain challenges. You've got hardware mattering more than ever. You've got software driving everything, and all this is talking about industrial, you know, critical infrastructure. We saw the oil pipeline had a hack and ransomware attack, and that's just constant barrage of threats in the industrial area. And all the data is pointing to that. This area is gonna be fast growth machine learning's kicking in automation is coming in. You see a huge topic, huge growth trend. What is the big story going on here? >>Yeah, I think at a high level, you know, we did a survey and saw that, you know, over 95% of the organizations are experiencing, you know, security challenges in this space. So, you know, the blast radius in the, of the, the interface that this creates so many different devices and things and objects that are getting network connected now create a huge challenge for security teams to kind of get their arms around that. >>Yeah. And I can add that, you know, majority of these incidents that, that these organizations suffer lead to significant downtime, right? And we're talking about operational technology here, you know, lives depend on, on these technologies, right? Our, our wellbeing everyday wellbeing depend on those. So, so that is a key driver of initiatives and projects to secure industrial IOT and operational technologies in, in these businesses. >>Well, it's great to have both of you guys on, you know, Tim, you know, you had a background at AWS and sit on your startup, founder, soldier, coming to Barracuda, both very experienced, seeing the ways before in this industry. And I'd like to, if you don't mind talk about three areas, remote access, which we've seen in huge demand with, with the pandemic and the out, coming out with the hybrid and certainly industrial, that's a big part of it. And then secondly, that the trend of clear commitment from enterprises to have in a public cloud component, and then finally the secure access edge, you know, with SAS business models, securing these things, these are the three hot areas let's go into the first one, remote access. Why is this important? It seems that this is the top priority for having immediate attention on what's the big challenge here? Is it the most unsecure? Is it the most important? What, why is this relevant? >>So now I'll let you jump in there. >>Yeah, sure. Happy to. I mean, if you think about it, especially now, we've been through a, a pandemic shelter in place cycle for almost two years. It, it becomes essentially a business continuity matter, right? You do need remote access. We also seen a tremendous shift in hiring the best talent, wherever they are, right. Onboarding them and bringing the talent into, into, into, into businesses that have maybe a lot more distributed environments than traditionally. So you have to account for remote access in every part of everyday life, including industrial technologies, you need remote support, right? You need vendors that might be overseas providing you, you know, guidance and support for these technologies. So remote support is every part of life. Whether you work from home, you work on your, on the go, or you are getting support from a vendor that happens to be in Germany, you know, teleporting into your environment in Hawaii. You know, all these things are essentially critical parts of everyday life. Now >>Talk about ZT and a zero trust network access is a, this is a major component for companies. Obviously, you know, it's a position taking trust and verifies. One other approach, zero trust is saying, Hey, I don't trust you. Take us through why that's important. Why is zero trust network access important in this area? >>Yeah. I mean, I could say that traditionally remote access, if you think about infancy of the internet in the nineties, right? It was all about encryption in, in transit, right? You were all about internet was vastly clear text, right? We didn't have even SSL TLS, widely distributed and, and available. So when VPNs first came out, it was more about preventing sniffing, clear tech clear text information from, from, from the network, right? It was more about securing the, the transport, but now that kind of created a, a big security control gap, which implicitly trusted user users, once they are teleported into a remote network, right? That's the essence of having a remote access session you're brought from wherever you are into an internal network. They implicitly trust you that simply breakdown over time because you are able to compromise end points relatively easily using browser exploits. >>You know, so, so for supply chain issues, water hole attacks, and leverage the existing VPN tunnels to laterally move into the organization from within the network, you literally move in further and further and further down, you know, down the network, right? So the VPN needed a, a significant innovation. It was meant to be securing packets and transit. It was all about an encryption layer, but it had an implicit trust problem with zero trust. We turn it into an explicit trust problem, right? Explicit trust concept, ideally. Right? So you are, who do you say you are? And you are authorized to access only to things that you need to access to get the work done. >>So you're talking about granular levels versus the one time database look up you're in >>That's right. >>Tim, talk about the OT it side of this equation of industrial, because it, you know, is IP based, networking, OT have been purpose built, you know, maybe some proprietary technology yeah. That connects to the internet internet, but it's mainly been secure. Those have come together over the years and now with no perimeter security, how is this world evolving? Because there's gonna be more cloud there, be more machine learning, more hybrid on premise, that's going on almost a reset if you will. I mean, is it a reset? What's the, what's the situation. >>Yeah. I think, you know, in typical human behavior, you know, there's a lot of over rotation going on. You know, historically a lot of security controls are all concentrated in a data center. You know, a lot of enterprises had very large sophisticated well-established security stacks in a data center. And as those applications kind of broke down and, and got rearchitected for the cloud, they got more modular, they got more distributed that centralized security stack became an anti pattern. So now this kind of over rotation, Hey, let's take this stack and, and put it up in the cloud. You know, so there's lots of names for this secure access, service edge, you know, secure service edge. But in the end, you know, you're taking your controls and, and migrating them into the cloud. And, you know, I think ultimately this creates a great opportunity to embrace some of security, best practices that were difficult to do in some of the legacy architectures, which is being able to push your controls as far out to the edge as possible. >>And the interesting thing about OT and OT now is just how far out the edge is, right? So instead of being, you know, historically it was the branch or user edge, remote access edge, you know, Syon mentioned that you, you have technologies that can VPN or bring those identities into those networks, but now you have all these things, you know, partners, devices. So it's the thing, edge device edge, the user edge. So a lot more fidelity and awareness around who users are. Cause in parallel, a lot of the IDP and I IBM's platforms have really matured. So marrying those concepts of this, this lot of maturity around identity management yeah. With device in and behavior management into a common security framework is really exciting. But of course it's very nascent. So people are, it's a difficult time getting your arms around >>That. It's funny. We were joking about the edge. We just watching the web telescope photos come in the deep space, the deep edge. So the edge is continuing to be pushed out. Totally see that. And in fact, you know, one of the things we're gonna, we're gonna talk about this survey that you guys had done by an independent firm has a lot of great data. I want to unpack that, but one of the things that was mentioned in there, and I'll get, I wanna get your both reaction to this is that virtually all organizations are committing to the public cloud. Okay. I think it was like 96% or so was the stat. And if you combine in that, the fact that the edge is expanding, the cloud model is evolving at the edge. So for instance, a building, there's a lot behind it. You know, how far does it go? So we don't and, and what is the topology because the topology seem to change too. So there's this growth and change where we need cloud operations, DevOps at, at the edge and the security, but it's changing. It's not pure cloud, but it's cloud. It has to be compatible. What's your reaction to that, Tim? I mean, this is, this is a big part of the growth of industrial. >>Yeah. I think, you know, if you think about, there's kind of two exciting developments that I would think of, you know, obviously there's this increase to the surface area, the tax surface areas, people realize, you know, it's not just laptops and devices and, and people that you're trying to secure, but now they're, you know, refrigerators and, you know, robots and manufacturing floors that, you know, could be compromised, have their firmware updated or, you know, be ransomware. So this a huge kind of increase in surface area. But a lot of those, you know, industrial devices, weren't built around the concept with network security. So kind of bolting on, on thinking through how can you secure who and what ultimately has access to those, to those devices and things. And where is the control framework? So to your point, the control framework now is typically migrated now into public cloud. >>These are custom applications, highly distributed, highly available, very modular. And then, you know, so how do you, you know, collect the telemetry or control information from these things. And then, you know, it creates secure connections back into these, these control applications, which again, are now migrated to public cloud. So you have this challenge, you know, how do you secure? We were talking about this last time we discussed, right. So how do you secure the infrastructure that I've, I've built in deploying now, this control application and in public cloud, and then connect in with this, this physical presence that I have with these, you know, industrial devices and taking telemetry and control information from those devices and bringing it back into the management. And this kind marries again, back into the remote axis that Sunan was mentioning now with this increase awareness around the efficacy of ransomware, we are, you know, we're definitely seeing attackers going after the management frameworks, which become very vulnerable, you know, and they're, they're typically just unprotected web applications. So once you get control of the management framework, regardless of where it's hosted, you can start moving laterally and, and causing some damage. >>Yeah. That seems to be the common thread. So no talk about, what's your reaction to that because, you know, zero trust, if it's evolving and changing, you, you gotta have zero trust you. I didn't even know it's out there and then it gets connected. How do you solve that problem? Cuz you know, there's a lot of surface area that's evolving all the OT stuff and the new, it, what's the, what's the perspective and posture that the clients your clients are having and customers. Well, >>I, I think they're having this conversation about further mobilizing identity, right? We did start with, you know, user identity that become kind of the first foundational building block for any kind of zero trust implementation. You work with, you know, some sort of SSO identity provider, you get your, you sync with your user directories, you have a single social truth for all your users. >>You authenticate them through an identity provider. However that didn't quite cut it for industrial OT and OT environments. So you see like we have the concept of hardware machines, machine identities now become an important construct, right? The, the legacy notion of being able to put controls and, and, and, and rules based on network constructs doesn't really scale anymore. Right? So you need to have this concept of another abstraction layer of identity that belongs to a service that belongs to an application that belongs to a user that belongs to a piece of hardware. Right. And then you can, yeah. And then you can build a lot more, of course, scalable controls that basically understand the, the trust relation between these identities and enforce that rather than trying to say this internal network can talk to this other internal network through a, through a network circuit. No, those things are really, are not scalable in this new distributed landscape that we live in today. So identity is basically going to operationalize zero trust and a lot more secure access going forward. >>And that's why we're seeing the sassy growth. Right. That's a main piece of it. Is that what you, what you're seeing too? I mean, that seems to be the, the approach >>I think like >>Go >>Ahead to, yeah. I think like, you know, sassy to me is really about, you know, migrating and moving your security infrastructure to the cloud edge, you know, as we talked to the cloud, you know, and then, you know, do you funnel all ingress and egress traffic through this, you know, which is potentially an anti pattern, right? You don't wanna create, you know, some brittle constraint around who and what has access. So again, a security best practices, instead of doing all your enforcement in one place, you can distribute and push your controls out as far to the edge. So a lot of SASI now is really around centralizing policy management, which is the big be one of the big benefits is instead of having all these separate management plans, which always difficult to be very federated policy, right? You can consolidate your policy and then decide mechanism wise how you're gonna instrument those controls at the edge. >>So I think that's the, the real promise of, of the, the sassy movement and the, I think the other big piece, which you kind of touched on earlier is around analytics, right? So it creates an opportunity to collect a whole bunch of telemetry from devices and things, behavior consumption, which is, which is a big, common, best practice around once you have SA based tools that you can instrument in a lot of visibility and how users and devices are behaving in being operated. And to Syon point, you can marry that in with their identity. Yeah. Right. And then you can start building models around what normal behavior is and, you know, with very fine grain control, you can, you know, these types of analytics can discover things that humans just can't discover, you know, anomalous behavior, any kind of indicators are compromised. And those can be, you know, dynamic policy blockers. >>And I think sun's point about what he was talking about, talks about the, the perimeters no longer secure. So you gotta go to the new way to do that. Totally, totally relevant. I love that point. Let me ask you guys a question on the, on the macro, if you don't mind, how concerned are you guys on the current threat landscape in the geopolitical situation in terms of the impact on industrial IOT in this area? >>So I'll let you go first. Yeah. >>I mean, it's, it's definitely significantly concerning, especially if now with the new sanctions, there's at least two more countries being, you know, let's say restricted to participate in the global economic, you know, Mar marketplace, right? So if you look at North Korea as a pattern, since they've been isolated, they've been sanctioned for a long time. They actually double down on rents somewhere to even fund state operations. Right? So now that you have, you know, BES be San Russia being heavily sanctioned due to due to their due, due to their activities, we can envision more increase in ransomware and, you know, sponsoring state activities through illegal gains, through compromising, you know, pipelines and, you know, industrial, you know, op operations and, and seeking large payouts. So, so I think the more they will, they're ized they're pushed out from the, from the global marketplace. There will be a lot more aggression towards critical infrastructure. >>Oh yeah. I think it's gonna ignite more action off the books, so to speak as we've seen. Yeah. We've >>Seen, you know, another point there is, you know, Barracuda also runs a, a backup, you know, product. We do a, a purpose built backup appliance and a cloud to cloud backup. And, you know, we've been running this service for over a decade. And historically the, the amount of ransomware escalations that we got were very slow, you know, is whenever we had a significant one, helping our customers recover from them, you know, you know, once a month, but over the last 18 months, this is routine now for us, this is something we deal with on a daily basis. And it's becoming very common. You know, it's, it's been a well established, you know, easily monetized route to market for the bad guys. And, and it's being very common now for people to compromise management planes, you know, they use account takeover. And the first thing they're doing is, is breaking into management planes, looking at control frameworks. And then first thing they'll do is delete, you know, of course the backups, which this sort of highlights the vulnerability that we try to talk to our customers about, you know, and this affects industrial too, is the first thing you have to do is among other things, is, is protect your management planes. Yeah. And putting really fine grain mechanisms like zero trust is, is a great, >>Yeah. How, how good is backup, Tim, if you gets deleted first is like no backup. There it is. So, yeah. Yeah. Air gaping. >>I mean, obviously that's kinda a best practice when you're bad guys, like go in and delete all the backups. So, >>And all the air gaps get in control of everything. Let me ask you about the, the survey pointed out that there's a lot of security incidents happening. You guys pointed that out and discussed a little bit of it. We also talked about in the survey, you know, the threat vectors and the threat landscape, the common ones, ransomware was one of them. The area that I liked, what that was interesting was the, the area that talked about how organizations are investing in security and particularly around this, can you guys share your thoughts on how you see the, the market, your customers and, and the industry investing? What are they investing in? What stage are they in when it comes to IOT and OT, industrial IOT and OT security, do they do audits? Are they too busy? I mean, what's the state of their investment thesis progress of, of, of how they're investing in industrial IOT? >>Yeah. Our, our view is, you know, we have a next generation product line. We call, you know, our next, our cloud chain firewalls. And we have a form factor that sports industrial use cases we call secure connectors. So it's interesting that if you, what we learned from that business is a tremendous amount of bespoke efforts at this point, which is sort of indicative of a, of a nascent market still, which is related to another piece of information I thought was really interested in the survey that I think it was 93% of the, the participants, the enterprises had a failed OT initiative, you know, that, you know, people tried to do these things and didn't get off the ground. And then once we see build, you know, strong momentum, you know, like we have a, a large luxury car manufacturer that uses our secure connectors on the, on the robots, on the floor. >>So well established manufacturing environments, you know, building very sophisticated control frameworks and, and security controls. And, but again, a very bespoke effort, you know, they have very specific set of controls and specific set of use cases around it. So it kind of reminds me of the late nineties, early two thousands of people trying to figure out, you know, networking and the blast radi and networking and, and customers, and now, and a lot of SI are, are invested in this building, you know, fast growing practices around helping their customers build more robust controls in, in helping them manage those environments. So, yeah, I, I think that the market is still fairly nascent >>From what we seeing, right. But there are some encouraging, you know, data that shows that at least helpful of the organizations are actively pursuing. There's an initiative in place for OT and a, you know, industrial IOT security projects in place, right. They're dedicating time and resources and budget for this. And, and in, in regards to industries, verticals and, and geographies oil and gas, you know, is, is ahead of the curve more than 50% responded to have the project completed, which I guess colonial pipeline was the, you know, the call to arms that, that, that was the big, big, you know, industrial, I guess, incident that triggered a lot of these projects to be accelerating and, and, you know, coming to the finish line as far as geographies go DACA, which is Germany, Austria, Switzerland, and of course, north America, which happens to be the industrial powerhouses of, of the world. Well, APAC, you know, also included, but they're a bit behind the curve, which is, you know, that part is a bit concerning, but encouragingly, you know, Western Europe and north America is ahead of these, you know, projects. A lot of them are near completion or, or they're in the middle of some sort of an, you know, industrial IOT security project right >>Now. I'm glad you brought the colonial pipeline one and, and oil and gas was the catalyst. Again, a lot of, Hey, scared that better than, than me kinda attitude, better invest. So I gotta ask you that, that supports Tim's point about the management plane. And I believe on that hack or ransomware, it wasn't actually control of the pipeline. It was control over the management billing, and then they shut down the pipeline cuz they were afraid it was gonna move over. So it wasn't actually the critical infrastructure itself to your point, Tim. >>Yeah. It's hardly over the critical infrastructure, by the way, you always go through the management plane, right. It's such an easier lying effort to compromise because it runs on an endpoint it's standard endpoint. Right? All this control software will, will be easier to get to rather than the industrial hardware itself. >>Yeah. It's it's, it's interesting. Just don't make a control software at the endpoint, put it zero trust. So down that was a great point. Oh guys. So really appreciate the time and the insight and, and the white paper's called NETEC it's on the Barracuda. Netex industrial security in 2022. It's on the barracuda.com website Barracuda network guys. So let's talk about the read force event hasn't been around for a while cuz of the pandemic we're back in person what's changed in 2019 a ton it's like security years is not dog years anymore. It's probably dog times too. Right. So, so a lot's gone on where are we right now as an industry relative to the security cybersecurity. Could you guys summarize kind of the, the high order bit on where we are today in 2022 versus 2019? >>Yeah, I think, you know, if you look at the awareness around how to secure infrastructure in applications that are built in public cloud in AWS, it's, you know, exponentially better than it was. I think I remember when you and I met in 2018 at one of these conferences, you know, there were still a lot of concerns, whether, you know, IAS was safe, you know, and I think the amount of innovation that's gone on and then the amount of education and awareness around how to consume, you know, public cloud resources is amazing. And you know, I think that's facilitated a lot of the fast growth we've seen, you know, the consistent, fast growth that we've seen across all these platforms >>Say that what's your reaction to the, >>I think the shared responsibility model is well understood, you know, and, and, and, and we can see a lot more implementation around, you know, CSBM, you know, continuously auditing the configurations in these cloud environments become a, a standard table stake, you know, investment from every stage of any business, right? Whether from early state startups, all the way to, you know, public companies. So I think it's very well understood and, and the, and the investment has been steady and robust when it comes to cloud security. We've been busy, you know, you know, helping our customers and AWS Azure environments and, and others. So I, I think it's well understood. And, and, and we are on a very optimistic note actually in a good place when it comes to public cloud. >>Yeah. A lot of great momentum, a lot of scale and data act out there. People sharing data, shared responsibility. Tim is in, thank you for sharing your insights here in this cube segment coverage of reinforce here in Boston. Appreciate it. >>All right. Thanks for having >>Us. Thank you. >>Okay, everyone. Thanks for watching the we're here at the reinforced conference. AWS, Amazon web services reinforced. It's a security focused conference. I'm John furier host of the cube. We'd right back with more coverage after the short break.

we're back at vemma in 2022 we're here at the aria hotel in las vegas this is thecube's continuous coverage we're day two welcome to the cxo session we have ceo cto cso chief strategy officer brett diamond is the ceo justin jardina is the cto and dante orsini is the chief strategy officer for 11 11 systems recently named i guess today the impact cloud service provider of the year congratulations guys welcome thank you welcome back to the cube great to see you again thank you great likewise so okay brett let's start with you tell give us the overview of 11 1111 uh your focus area talk about the the the island acquisition what that what that's all about give us the setup yeah so we started 11-11 uh really with a focus on taking the three core pillars of our business which are cloud connectivity and security bring them together into one platform allowing a much easier way for our customers and our partners to procure those three solution sets through a single company and really focus on uh the three main drivers of the business uh which you know have a litany of other services associated with them under each platform okay so so justin cloud connectivity and security they all dramatically changed in march of 2020 everybody had to go to the cloud the rather rethink the network had a secure remote worker so what did you see from a from a cto's perspective what changed and how did 11 respond sure so early on when we built our cloud even back into 2008 we really focused on enterprise great features one of which being uh very flexible in the networking so we found early on was that we would be able to architect solutions for customers that were dipping their toe in the cloud and set ourselves apart from some of the vendors at the time so if you fast forward from 2008 until today we still see that as a main component for iaz and draz and the ability to start taking into some of the things brett talked about where customers may need a point-to-point circuit to offload data connectivity to us or develop sd-wan and multi-cloud solutions to connect to their resources in the cloud in my opinion it's just the natural progression of what we set out to do in 2008 and to couple that with the security um if you think about what that opens up from a security landscape now you have multiple clouds you have different ingress and egress points you have different people accessing workloads in each one of these clouds so the idea or our idea is that we can layer a comprehensive security solution over this new multi-cloud networking world and then provide visibility and manageability to our customer base so what does that mean specifically for your customers because i mean we saw obviously a rapid move toward endpoint um cloud security uh identity access you know people really started thinking rethinking that as opposed to trying to just you know build a moat around the castle right um what does that mean for for your customer you take care of all that you partner with whomever you need to partner in the ecosystem and then you provide the managed service how does that work right it does and that's a great analogy you know we have a picture of a hamburger in our office exploded with all the components and they say a good security policy is all the pieces and it's really synonymous with what you said so to answer your question yes we have all that baked in the platform we can offer managed services around it but we also give the consumer the ability to access that data whether it's a ui or api so dante i know you talk to a lot of customers all you do is watch the stock market go like this and like that you say okay the pandemic drove all these but but when you talk to csos and customers a lot of things are changing permanently first of all they were forced to march to digital when previously they were like we'll get there i mean a lot of customers were let's face it i mean some were serious about it but many weren't now if you're not a digital business you're out of business what have you seen when you talk to customers in terms of the permanence of some of these changes what are they telling you well i think we go through this for ourselves right the business continues to grow you've got tons of people that are working remotely and that are going to continue to work remotely right as much as we'd like to offer up hybrid workspace and things like that some folks are like hey i've worked it out i'm working out great from home right and also i think what justin was saying also is we've seen time go on that operating environment has gotten much more complex you've got stuff in the data center stuff it's somebody's you know endpoint you've got various different public clouds different sas services right that's why it's been phenomenal to work with veeam because we can protect that data regardless of where it exists but when you start to look at some of the managed security services that we're talking about we're helping those csos you get better visibility better control and take proactive action against the infrastructure um when we look at threat mitigation and how to actually respond when when something does happen right and i think that's the key because there's no shortage of great security vendors right but how do you tie it all together into a single solution right with a vendor that you can actually partner with to help secure the environment while you go focus on the things they're more strategic to the business i was talking to jim mercer at um red hat summit last week he's an idc analyst and he said we did a survey i think it was last summer and we asked customers to your point about there's no shortage of security tools how do you want to buy your security and you know do you want you know best to breed bespoke tools and you sort of put it together or do you kind of want your platform provider to do it now surprisingly they said platform provider the the problem is that's aspirational for a lot of platforms providers so they've got to look to a managed service provider so brett talk about the the island acquisition what green cloud is how that all fits together so we acquired island and green cloud last year and the reality is that the people at both of those companies and the technology is what drove us to making those acquisitions they were the foundational pieces to eleven eleven uh obviously the things that justin has been able to create from an automation and innovation perspective uh at the company is transforming this business in a litany of different ways as well so those two acquisitions allow us at this point to take a cloud environment on a geographic footprint not only throughout the us but globally uh have a security product that was given to us from from the green cloud acquisition of cascade and add-on connectivity to allow us to have all three platforms in one all three pillars so i like 11 11 11 is near and dear to my heart i am so where'd the name come from uh everybody asked me this question i think five times a day so uh growing up as a kid everyone in my family would always say 11 11 make a wish whenever you'd see it on the clock and uh during coven we were coming up with a new name for the business my daughter looked at the microwave said dad it's 11 11. make a wish the reality was though i had no idea why i'd been doing it for all that time and when you look up kind of the background origination derivation of the word uh it means the time of day when everything's in line um and when things are complex especially with running all the different businesses that we have aligning them so that they're working together it seemed like a perfect man when i had the big corner office at idc i had my staff meetings at 11 11. because the universe was aligned and then the other thing was nobody could forget the time so they gave him 11 minutes to be there now you'll see it all the time even when you don't want to so justin we've been talking a lot about ransomware and and not just backup but recovery my friend fred moore who you know coined the phrase backup is one thing recovery is everything and recovery time network speeds and and the like are critical especially when you're thinking cloud how are you architecting recovery for your clients maybe you could dig into that a little bit sure so it's really a multitude of things you know you mentioned ransomware seeing the ransomware landscape evolve over time especially in our business with backup and dr it's very singular you know people protecting against host nodes now we're seeing ransomware be able to get into an environment land and expand actually delete backups target backup vendors so the ransomware point i guess um trying to battle that is a multi-step process right you need to think about how data flows into the organization from a security perspective from a networking perspective you need to think about how your workloads are protected and then when you think about backups i know we're at veeam vmon now talking about veeam there's a multitude of ways to protect that data whether it's retention whether it's immutability air gapping data so while i know we focus a lot sometimes on protecting data it's really that hamburg analogy where the sum of the parts make up the protection so how do you provide services i mean you say okay you want immutability there's a there's a line item for that um you want faster or you know low rpo fast rto how does that all work for as a customer what what am i buying from you is it just a managed service we'll take care of everything platinum gold silver or is it if if you don't mind so i'm glad you asked that question because this is something that's very unique about us years ago his team actually built the ip because we were scaling at such an incredible rate globally through all our joint partners with veeam that how do we take all the intelligence that we have in his team and all of our solution architects and scale it so they actually developed a tool called catalyst and it's a pre-sales tool it's an application you download it you install it it basically takes a snapshot of your environment you start to manipulate the data what are you trying to do dave are you trying to protect that data are you backing up to us are you trying to replicate for dr purposes um you know what are you doing for production or maybe it's a migration it analyzes the network it analyzes all your infrastructure it helps the ses know immediately if we're a feasible solution based on what you are trying to do so nobody in the space is doing this and that's been a huge key to our growth because the channel community as well as the customer they're working with real data so we can get past all the garbage and get right to what's important for them for the outcome yeah that's huge who do you guys sell to is it is it more mid-sized businesses that maybe don't have the large teams is it larger enterprises who want to complement to their business is it both well i would say with the two acquisitions that we made the go-to-market sales strategies and the clientele were very different when you look at green cloud they're selling predominantly wholesale through msps and those msps are mostly selling to smbs right so we covered that smb market for the most part through our acquisition of green cloud island on the other hand was more focused on selling direct inbound through vars through the channel mid enterprise big enterprise so really those two acquisitions outside of the ip that we got from the systems we have every single go-to-market sale strategy and we're aligned from smb all the way up to the fortune 500. i heard a stat a couple months ago that that less than 50 of enterprises have a sock it blew me away and you know even small businesses need one they may not be able to afford but certainly a medium size or larger business should have some kind of sock is it does that stat jive with what you're seeing in the marketplace 100 if that's true the need for a managed service like this is just it's going to explode it is exploding yeah i mean 100 right there is zero unemployment in the cyberspace right just north america alone there's about a million or so folks in that space and right now you've got about 600 000 open wrecks just in north america right so earlier we talked about no shortage of tools right but the shortage of head count is a significant challenge big time right most importantly the people that you do have on staff they've got alert fatigue from the tools that they do have that's why you're seeing this massive insurgence in the managed security services provider lack of talent is number one challenge for csos that's what they'll tell you and there's no end in sight to that and it's you know another tool and and it's amazing because you see security companies popping up all the time billion dollar evaluations i mean lacework did a billion dollar raise and so so there's no shortage of funding now maybe that'll change you know with the market but i wanted to turn our attention to the keynotes this morning you guys got some serious love up on stage um there was a demo uh it was a pretty pretty cool demo fast recovery very very tight rpo as i recall it was i think four minutes of data loss is that right was that the right knit stat i was happy it wasn't zero data loss because there's really you know no such thing uh but so you got to feel good about that tell us about um how that all came about your relationship with with veeam who wants to take it sure i can i can take a step at it so one of the or two of the things that i'm um most excited about at least with this vmon is our team was able to work with veeam on that demo and what that demo was showing was some cdp-based features for cloud providers so we're really happy to see that and the reason why we're happy to see that is that with the veeam platform it's now given the customers the ability to do things like snapshot replication cdp replication on-prem backup cloud backup immutability air gap the list goes on and on and in our opinion having a singular software vendor that can provide all that through you know with a cloud provider on prem or not is really like the icing on the cake so for us it's very exciting to see that and then also coupled with a lot of the innovation that veeam's doing in the sas space right so again having that umbrella product that can cover all those use cases i'll tell you if you guys can get a that was a very cool demo if we can get a youtube of that that that demo i'll make sure we put it in the the show notes and uh of this video or maybe pop it into one of the blogs that we write about it um so so how you guys feel i mean this is a new chapter for you very cool with a couple of acquisitions that are now the main mainspring of your strategy so the first veeam on in a couple years so what's the vibe been like for you what's the nighttime activity the customer interaction i know you guys are running a lot of the back end demos so you're everywhere what's the what's the vibe like at veeamon and how does it feel to be back look at that one at dante as far as yeah you got a lot of experience here yeah let me loose on this one dave i'm like so excited about this right it's been it's been far too long to get face to face again and um veeam always does it right and i think that uh for years we've been back-ending like all the hands-on lab infrastructure here but forget about that i think the part that's really exciting is getting face-to-face with such a great team right we have phenomenal architects that we work with at veeam day in and day out they put up with us pushing them pushing and pushing them and together we've been able to create a lot of magic together right but i think it's you can't replace the human interaction that we've all been starving for for the last two years but the vibe's always fantastic at veeam if you're going to be around tonight i'll be looking forward to enjoying some of that veeam love with you at the after party yeah that's well famous after parties we'll see if that culture continues i have a feeling it will um brett where do you want to take 11 11. a new new phase in all of your careers you got a great crew out here it looks like i i love that you're all out and uh make some noise here people let's hear it all right let's see you this is the biggest audience we've had all week where do you want to take 11 11. i think you know if uh if you look at what we've done so far in the short six months since the acquisitions of green cloud and ireland obviously the integration is a key piece we're going to be laser focused on growing organically across those three pillars we've got to put more capital and resources into the incredible ip like i said earlier that just and his team have created on those front ends the user experience but you know we made two large acquisitions obviously mna is a is a key piece for us we're going to be diligent and we're probably going to be very aggressive on that front as well to be able to grow this business into the global leader of cloud connectivity and security and i think we've really hit a void in the industry that's been looking for this for a very long time and we want to be the first ones to be able to collaborate and combine those three into one when the when the cloud started to hit the steep part of the s-curve kind of early part of the last decade people thought oh wow these managed service providers are toast the exact opposite happened it created such a tailwind and need for consistent services and integration and managed services we've seen it all across the stack so guys wish you best of luck congratulations on the acquisitions thank you uh hope to have you back soon yeah thank you around the block all right keep it right there everybody dave vellante for the cube's coverage of veeamon 2022 we'll be right back after this short break

>>The cube presents, Coon and cloud native con Europe, 2022. Brought to you by red hat, the cloud native computing foundation and its ecosystem partners. >>Welcome to Valencia Spain and cuon cloud native con 20 Europe, 2022. I'm your host Keith towns alongside a new hope en Rico, senior reti, senior editor. I'm sorry, senior it analyst at <inaudible> Enrique. Welcome to the program. >>Thank you very much. And thank you for having me. It's exciting. >>So thoughts, high level thoughts of CU con first time in person again in couple years? >>Well, this is amazing for several reasons. And one of the reasons is that yeah, I had the chance to meet, uh, with, uh, you know, people like you again. I mean, we, we met several times over the internet over zoom calls. I, I started to eat these zoom codes. <laugh> because they're really impersonal in the end. And like last night we, we are together group of friends, industry folks. It's just amazing. And a part of that, I mean, the event is, uh, is a really cool, it's really cool. There are a lot from people interviews and, you know, real people doing real stuff, not just, uh, you know, again, in personal calls, you don't even know if they're telling the truth, but when you can, you know, look in their eyes, what they're doing, I, I think that's makes a difference. >>So speaking about real people, meeting people for the first time, new jobs, new roles, Greg Moscarella, enterprise container management and general manager at SUSE. Welcome to the show, welcome back clue belong. >>Thank you very much. It's awesome to be here. It's awesome to be back in person. And I completely agree with you. Like there's a certain fidelity to the conversation and a certain, uh, ability to get to know people a lot more. So it's absolutely fantastic to be here. >>So Greg, tell us about your new role and what SUSE has gone on at KU coupon. >>Sure. So I joined SA about three months ago to lead the rancher business unit, right? So our container management pieces and, you know, it's a, it's a fantastic time. Cause if you look at the transition from virtual machines to containers and to moving to microservices, right alongside that transition from on-prem to cloud, like this is a very exciting time to be in this industry. And rancher has been setting the stage. And again, I'm go back to being here. Rancher's all about the community, right? So this is a very open, independent, uh, community driven product and project. And so this, this is kinda like being back to our people, right. And being able to reconnect here. And so, you know, doing it, digital is great, but, but being here is changes the game for us. So we, we feed off that community. We feed off the energy. So, uh, and again, going back to the space and what's happening in it, great time to be in this space. And you guys have seen the transitions you've seen, I mean, we've seen just massive adoption, uh, of containers and Kubernetes overall and ranchers been been right there with some amazing companies doing really interesting things that I'd never thought of before. Uh, so I'm, I'm still learning on this, but, um, but it's been great so far. >>Yeah. And you know, when we talk about strategy about Kubernetes today, we are talking about very broad strategies. I mean, not just the data center or the cloud with, you know, maybe smaller organization adopting Kubernetes in the cloud, but actually large organization thinking guide and more and more the edge. So what's your opinion on this, you know, expansion of Kubernetes towards the edge. >>So I think you're, I think you're exactly right. And that's actually a lot of meetings I've been having here right now is these are some of these interesting use cases. So people who, uh, whether it be, you know, ones that are easy to understand in the telco space, right? Especially the adoption of 5g and you have all these space stations, new towers, and they have not only the core radio functions or network functions that they're trying to do there, but they have other applications that wanna run on that same environment. Uh, I spoke recently with some of our, our good friends at a major automotive manufacturer, doing things in their factories, right. That can't take the latency of being somewhere else. Right. So they have robots on the factory floor, the latency that they would experience if they tried to run things in the cloud meant that robot would've moved 10 centimeters. >>By the time, you know, the signal got back, it may not seem like a lot to you, but if, if, if you're an employee, you know, there, you know, uh, a big 2000 pound robot being 10 centimeters closer to you may not be what you, you really want. Um, there's, there's just a tremendous amount of activity happening out there on the retail side as well. So it's, it's amazing how people are deploying containers in retail outlets. You know, whether it be fast food and predicting, what, what, how many French fries you need to have going at this time of day with this sort of weather. Right. So you can make sure those queues are actually moving through. It's, it's, it's really exciting and interesting to look at all the different applications that are happening. So yes, on the edge for sure, in the public cloud, for sure. In the data center and we're finding is people want a common platform across those as well. Right? So for the management piece too, but also for security and for policies around these things. So, uh, it really is going everywhere. >>So talk to me, how do, how are we managing that as we think about pushing stuff out of the data center, out of the cloud cloud, closer to the edge security and life cycle management becomes like top of mind thought as, as challenges, how is rancher and sushi addressing >>That? Yeah. So I, I think you're, again, spot on. So it's, it starts off with the think of it as simple, but it's, it's not simple. It's the provisioning piece. How do we just get it installed and running right then to what you just asked the management piece of it, everything from your firmware to your operating system, to the, the cluster, uh, the Kubernetes cluster, that's running on that. And then the workloads on top of that. So with rancher, uh, and with the rest of SUSE, we're actually tacking all those parts of the problems from bare metal on up. Uh, and so we have lots of ways for deploying that operating system. We have operating systems that are, uh, optimized for the edge, very secure and ephemeral container images that you can build on top of. And then we have rancher itself, which is not only managing your ES cluster, but can actually start to manage the operating system components, uh, as well as the workload components. >>So all from your single interface, um, we mentioned policy and security. So we, yeah, we'll probably talk about it more, um, uh, in a little bit, but, but new vector, right? So we acquired a company called new vector, just open sourced, uh, that here in January, that ability to run that level of, of security software everywhere again, is really important. Right? So again, whether I'm running it on, whatever my favorite public cloud providers, uh, managed Kubernetes is, or out at the edge, you still have to have security, you know, in there. And, and you want some consistency across that. If you have to have a different platform for each of your environments, that's just upping the complexity and the opportunity for error. So we really like to eliminate that and simplify our operators and developers' lives as much as possible. >>Yeah. From this point of view, are you implying that even you, you are matching, you know, self, uh, let's say managed clusters at the, at the very edge now with, with, you know, added security, because these are the two big problems lately, you know, so having something that is autonomous somehow easier to manage, especially if you are deploying hundreds of these that's micro clusters. And on the other hand, you need to know a policy based security that is strong enough to be sure again, if you have these huge robots moving too close to you, because somebody act the, the, the class that is managing them, that is, could be a huge problem. So are you, you know, approaching this kind of problems? I mean, is it, uh, the technology that you are acquired, you know, ready to, to do this? >>Yeah. I, I mean, it, it really is. I mean, there's still a lot of innovation happening. Don't, don't get me wrong. We're gonna see a lot of, a lot more, not just from, from SA and ranch here, but from the community, right. There's a lot happening there, but we've come a long way and we solved a lot of problems. Uh, if I think about, you know, how do you have this distributed environment? Uh, well, some of it comes down to not just, you know, all the different environments, but it's also the applications, you know, with microservices, you have very dynamic environment now just with your application space as well. So when we think about security, we really have to evolve from a fairly static policy where like, you might even be able to set an IP address and a port and some configuration on that. >>It's like, well, your workload's now dynamically moving. So not only do you have to have that security capability, like the ability to like, look at a process or look at a network connection and stop it, you have to have that, uh, manageability, right? You can't expect an operator or someone to like go in and manually configure a YAML file, right? Because things are changing too fast. It needs to be that combination of convenient, easy to manage with full function and ability to protect your, your, uh, your resources. And I think that's really one of the key things that new vector really brings is because we have so much intelligence about what's going on there. Like the configuration is pretty high level, and then it just runs, right? So it's used to this dynamic environment. It can actually protect your workloads wherever it's going from pod to pod. Uh, and it's that, that combination, again, that manageability with that high functionality, um, that, that is what's making it so popular. And what brings that security to those edge locations or cloud locations or your data center. >>So one of the challenges you're kind of, uh, touching on is this abstraction on, upon abstraction. When I, I ran my data center, I could put, uh, say this IP address, can't talk to this IP address on this port. Then I got next generation firewalls where I could actually do, uh, some analysis. Where are you seeing the ball moving to when it comes to customers, thinking about all these layers of abstraction IP address doesn't mean anything anymore in cloud native it's yes, I need one, but I'm not, I'm not protecting based on IP address. How are customers approaching security from the name space perspective? >>Well, so it's, you're absolutely right. In fact, even when you go to IPV six, like, I don't even recognize IP addresses anymore. <laugh> yeah. >>That doesn't mean anything like, oh, just a bunch of, yeah. Those are numbers, alpha Ric >>And colons. Right. You know, it's like, I don't even know anymore. Right. So, um, yeah, so it's, it comes back to that, moving from a static, you know, it's the pets versus cattle thing. Right? So this static thing that I can sort of know and, and love and touch and kind of protect to this almost living, breathing thing, which is moving all around, it's a swarm of, you know, pods moving all over the place. And so, uh, it, it is, I mean, that's what Kubernetes has done for the workload side of it is like, how do you get away from, from that, that pet to a declarative approach to, you know, identifying your workload and the components of that workload and what it should be doing. And so if we go on the security side some more like, yeah, it's actually not even namespace namespace. >>Isn't good enough if we wanna get, if we wanna get to zero trust, it's like, just cuz you're running in my namespace doesn't mean I trust you. Right. So, and that's one of the really cool things about new vectors because of the, you know, we're looking at protocol level stuff within the network. So it's pod to pod, every single connection we can look at and it's at the protocol layer. So if you say you're on my SQL database and I have a mye request going into it, I can confirm that that's actually a mye protocol being spoken and it's well formed. Right. And I know that this endpoint, you know, which is a, uh, container image or a pod name or some, or a label, even if it's in the same name, space is allowed to talk to and use this protocol to this other pod that's running in my same name space. >>Right. So I can either allow or deny. And if I can, I can look into the content that request and make sure it's well formed. So I'll give you an example is, um, do you guys remember the log four J challenges from not too long ago, right. It was a huge deal. So if I'm doing something that's IP and port based and name space based, so what are my protections? What are my options for something that's got logged four J embedded in like, I either run the risk of it running or I shut it down. Those are my options. Like those neither one of those are very good. So we can do, because again, we're at the protocol layer. It's like, ah, I can identify any log for J protocol. I can look at whether it's well formed, you know, or if it's malicious and it's malicious, I can block it. If it's well formed, I can let it go through. So I can actually look at those, those, um, those vulnerabilities. I don't have to take my service down. I can run and still be protected. And so that, that extra level, that ability to kind of peek into things and also go pod to pod, you know, not just same space level is one of the key differences. So I talk about the evolution or how we're evolving with, um, with the security. Like we've grown a lot, we've got a lot more coming. >>So let's talk about that a lot more coming what's in the pipeline for SUSE. >>Well, probably before I get to that, we just announced new vector five. So maybe I can catch us up on what was released last week. Uh, and then we can talk a little bit about going, going forward. So new vector five, introduce something called um, well, several things, but one of the things I can talk in more detail about is something called zero drift. So I've been talking about the network security, but we also have run time security, right? So any, any container that's running within your environment has processes that are running that container. What we can do is actually comes back to that manageability and configuration. We can look at the root level of trust of any process that's running. And as long as it has an inheritance, we can let that process run without any extra configuration. If it doesn't have a root level of trust, like it didn't spawn from whatever the, a knit, um, function was in that container. We're not gonna let it run. Uh, so the, the configuration that you have to put in there is, is a lot simpler. Um, so that's something that's in, in new vector five, um, the web application firewall. So this layer seven security inspection has gotten a lot more granular now. So it's that pod Topo security, um, both for ingress egress and internal on the cluster. Right. >>So before we get to what's in the pipeline, one question around new vector, how is that consumed and deployed? >>How is new vector consumed, >>Deployed? And yeah, >>Yeah, yeah. So, uh, again with new vector five and, and also rancher 2 65, which just were released, there's actually some nice integration between them. So if I'm a rancher customer and I'm using 2 65, I can actually deploy that new vector with a couple clicks of the button in our, uh, in our marketplace. And we're actually tied into our role-based access control. So an administrator who has that has the rights can just click they're now in a new vector interface and they can start setting those policies and deploying those things out very easily. Of course, if you aren't using, uh, rancher, you're using some other, uh, container management platform, new vector still works. Awesome. You can deploy it there still in a few clicks. Um, you're just gonna get into, you have to log into your new vector, uh, interface and, and use it from there. >>So that's how it's deployed. It's, it's very, it's very simple to use. Um, I think what's actually really exciting about that too, is we've opensourced it? Um, so it's available for anyone to go download and try, and I would encourage people to give it a go. Uh, and I think there's some compelling reasons to do that now. Right? So we have pause security policies, you know, depreciated and going away, um, pretty soon in, in Kubernetes. And so there's a few things you might look at to make sure you're still able to run a secure environment within Kubernetes. So I think it's a great time to look at what's coming next, uh, for your security within your Kubernetes. >>So Paul, we appreciate chief stopping by from ity of Spain, from Spain, I'm Keith Townsend, along with en Rico Sinte. Thank you. And you're watching the, the leader in high tech coverage.

>>The cube presents, Coon and cloud native con Europe 22, brought to you by the cloud native computing foundation. >>Welcome to Valencia Spain and con cloud native con 20 Europe, 2022. I'm your host, Keith Townson alongside a new host en Rico senior reti, senior editor. I'm sorry, senior it analyst at giong Enrique. Welcome to the program. >>Thank you very much. And thank you for having me. It's exciting. >>So thoughts, high level thoughts of CU con first time in person again in couple years? >>Well, this is amazing for several reasons. And one of the reasons is that yeah, I had the chance to meet, uh, with, uh, you know, people like you again. I mean, we, we met several times over the internet, over zoom codes. I, I started to eat these zoom codes. <laugh> because they're very impersonal in the end. And like last night we, we are together group of friends, industry folks. It's just amazing. And a part of that, I mean, the event is, uh, is a really cool, it's really cool. There are a lot from people interviews and, you know, real people doing real stuff, not just, uh, you know, again, in personal calls, you don't even know if they're telling the truth, but when you can, you know, look in their eyes, what they're doing, I, I think that's makes a difference. >>So speaking about real people, meeting people for the first time, new jobs, new roles, Greg Moscarella enterprise container management in general manager at SUSE, welcome to the show, welcome back clue belong. >>Thank you very much. It's awesome to be here. It's awesome to be back in person. And I completely agree with you. Like there's a certain fidelity to the conversation and a certain, uh, ability to get to know people a lot more. So it's absolutely fantastic to be here. >>So Greg, tell us about your new role and what SUSE has gone on at KU con. >>Sure. So I joined SA about three months ago to lead the rancher business unit, right? So our container management pieces and, you know, it's a, it's a fantastic time. Cause if you look at the transition from virtual machines to containers and to moving to micro services, right alongside that transition from on-prem to cloud, like this is a very exciting time to be in this industry and rancher's been setting the stage. And again, I'm go back to being here. Rancher's all about the community, right? So this is a very open, independent, uh, community driven product and project. And so this, this is kinda like being back to our people, right. And being able to reconnect here. And so, you know, doing it, digital is great, but, but being here is changes the game for us. So we, we feed off that community. We feed off the energy. So, uh, and again, going back to the space and what's happening in it, great time to be in this space. And you guys have seen the transitions you've seen, I mean, we've seen just massive adoption, uh, of containers and Kubernetes overall, and rancher has been been right there with some amazing companies doing really interesting things that I'd never thought of before. Uh, so I'm, I'm still learning on this, but, um, but it's been great so far. >>Yeah. And you know, when we talk about strategy about Kubernetes today, we are talking about very broad strategies. I mean, not just the data center or the cloud with, you know, maybe smaller organization adopting Kubernetes in the cloud, but actually large organization thinking guide and more and more the edge. So what's your opinion on this, you know, expansion of Kubernetes towards the edge. >>So I think you're, I think you're exactly right. And that's actually a lot of meetings I've been having here right now is these are some of these interesting use cases. So people who, uh, whether it be, you know, ones that are easy to understand in the telco space, right? Especially the adoption of 5g and you have all these base stations, new towers, and they have not only the core radio functions or network functions that they're trying to do there, but they have other applications that wanna run on that same environment, uh, spoke recently with some of our, our good friends at a major automotive manufacturer, doing things in their factories, right. That can't take the latency of being somewhere else. Right? So they have robots on the factory floor, the latency that they would experience if they tried to run things in the cloud meant that robot would've moved 10 centimeters. >>By the time, you know, the signal got back, it may not seem like a lot to you, but if, if, if you're an employee, you know, there, you know, uh, a big 2000 pound robot being 10 centimeters closer to you may not be what you, you really want. Um, there's, there's just a tremendous amount of activity happening out there on the retail side as well. So it's, it's amazing how people are deploying containers in retail outlets. You know, whether it be fast food and predicting, what, what, how many French fries you need to have going at this time of day with this sort of weather. Right. So you can make sure those queues are actually moving through. It's, it's, it's really exciting and interesting to look at all the different applications that are happening. So yes, on the edge for sure, in the public cloud, for sure. In the data center and we're finding is people want to common platform across those as well. Right? So for the management piece too, but also for security and for policies around these things. So, uh, it really is going everywhere. >>So talk to me, how do, how are we managing that as we think about pushing stuff out of the data center, out of the cloud cloud, closer to the edge security and life cycle management becomes like top of mind thought as, as challenges, how is rancher and sushi addressing >>That? Yeah. So I, I think you're, again, spot on. So it's, it starts off with the think of it as simple, but it's, it's not simple. It's the provisioning piece. How do we just get it installed and running right then to what you just asked the management piece of it, everything from your firmware to your operating system, to the, the cluster, uh, the Kubernetes cluster, that's running on that. And then the workloads on top of that. So with rancher, uh, and with the rest of SUSE, we're actually tacking all those parts of the problems from bare metal on up. Uh, and so we have lots of ways for deploying that operating system. We have operating systems that are, uh, optimized for the edge, very secure and ephemeral container images that you can build on top of. And then we have rancher itself, which is not only managing your Kubernetes cluster, but can actually start to manage the operating system components, uh, as well as the workload components. >>So all from your single interface, um, we mentioned policy and security. So we, yeah, we'll probably talk about it more, um, uh, in a little bit, but, but new vector, right? So we acquired a company called new vector, just open sourced, uh, that here in January, that ability to run that level of, of security software everywhere again, is really important. Right? So again, whether I'm running it on, whatever my favorite public cloud providers, uh, managed Kubernetes is, or out at the edge, you still have to have security, you know, in there. And, and you want some consistency across that. If you have to have a different platform for each of your environments, that's just upping the complexity and the opportunity for error. So we really like to eliminate that and simplify our operators and developers lives as much as possible. >>Yeah. From this point of view, are you implying that even you, you are matching, you know, self, uh, let's say managed clusters at the, at the very edge now with, with, you know, added security, because these are the two big problems lately, you know, so having something that is autonomous somehow easier to manage, especially if you are deploying hundreds of these that's micro clusters. And on the other hand, you need to know a policy based security that is strong enough to be sure again, if you have these huge robots moving too close to you, because somebody act the class that is managing them, that could be a huge problem. So are you, you know, approaching this kind of problems? I mean, is it, uh, the technology that you are acquired, you know, ready to, to do this? >>Yeah. I, I mean, it, it really is. I mean, there's still a lot of innovation happening. Don't, don't get me wrong. We're gonna see a lot of, a lot more, not just from, from SA and rancher, but from the community, right. There's a lot happening there, but we've come a long way and we've solved a lot of problems. Uh, if I think about, you know, how do you have this distributed environment? Uh, well, some of it comes down to not just, you know, all the different environments, but it's also the applications, you know, with microservices, you have very dynamic environment now just with your application space as well. So when we think about security, we really have to evolve from a fairly static policy where like, you might even be able to set an IP address in a port and some configuration on that. It's like, well, your workload's now dynamically moving. >>So not only do you have to have that security capability, like the ability to like, look at a process or look at a network connection and stop it, you have to have that, uh, manageability, right? You can't expect an operator or someone to like go in and manually configure a YAML file, right? Because things are changing too fast. It needs to be that combination of convenient, easy to manage with full function and ability to protect your, your, uh, your resources. And I think that's really one of the key things that new vector really brings is because we have so much intelligence about what's going on there. Like the configuration is pretty high level, and then it just runs, right? So it's used to this dynamic environment. It can actually protect your workloads wherever it's going from pod to pod. Uh, and it's that, that combination, again, that manageability with that high functionality, um, that, that is what's making it so popular. And what brings that security to those edge locations or cloud locations or your data center >>Mm-hmm <affirmative> so one of the challenges you're kind of, uh, touching on is this abstraction on upon abstraction. When I, I ran my data center, I could put, uh, say this IP address, can't talk to this IP address on this port. Then I got next generation firewalls where I could actually do, uh, some analysis. Where are you seeing the ball moving to when it comes to customers, thinking about all these layers of abstraction I IP address doesn't mean anything anymore in cloud native it's yes, I need one, but I'm not, I'm not protecting based on IP address. How are customers approaching security from the name space perspective? >>Well, so it's, you're absolutely right. In fact, even when you go to I P six, like, I don't even recognize IP addresses anymore. <laugh> >>Yeah. Doesn't mean anything like, oh, just a bunch of, yes, those are numbers, ER, >>And colons. Right. You know, it's like, I don't even know anymore. Right. So, um, yeah, so it's, it comes back to that, moving from a static, you know, it's the pets versus cattle thing. Right? So this static thing that I can sort of know and, and love and touch and kind of protect to this almost living, breathing thing, which is moving all around, it's a swarm of, you know, pods moving all over the place. And so, uh, it, it is, I mean, that's what Kubernetes has done for the workload side of it is like, how do you get away from, from that, that pet to a declarative approach to, you know, identifying your workload and the components of that workload and what it should be doing. And so if we go on the security side some more like, yeah, it's actually not even namespace namespace. >>Isn't good enough. We wanna get, if we wanna get to zero trust, it's like, just cuz you're running in my namespace doesn't mean I trust you. Right. So, and that's one of the really cool things about new vectors because of the, you know, we're looking at protocol level stuff within the network. So it's pod to pod, every single connection we can look at and it's at the protocol layer. So if you say you're on my database and I have a mye request going into it, I can confirm that that's actually a mye protocol being spoken and it's well formed. Right. And I know that this endpoint, you know, which is a, uh, container image or a pod name or some, or a label, even if it's in the same name, space is allowed to talk to and use this protocol to this other pod that's running in my same name space. >>Right. So I can either allow or deny. And if I can, I can look into the content that request and make sure it's well formed. So I'll give you an example is, um, do you guys remember the log four J challenges from not too long ago, right. Was, was a huge deal. So if I'm doing something that's IP and port based and name space based, so what are my protections? What are my options for something that's got log four J embedded in like I either run the risk of it running or I shut it down. Those are my options. Like those neither one of those are very good. So we can do, because again, we're at the protocol layers like, ah, I can identify any log for J protocol. I can look at whether it's well formed, you know, or if it's malicious, if it's malicious, I can block it. If it's well formed, I can let it go through. So I can actually look at those, those, um, those vulnerabilities. I don't have to take my service down. I can run and still be protected. And so that, that extra level, that ability to kind of peek into things and also go pod to pod, you know, not just name space level is one of the key differences. So I talk about the evolution or how we're evolving with, um, with the security. Like we've grown a lot, we've got a lot more coming. >>So let's talk about that a lot more coming what's in the pipeline for SUSE. >>Well, how, before I get to that, we just announced new vector five. So maybe I can catch us up on what was released last week. Uh, and then we can talk a little bit about going, going forward. So new vector five, introduce something called um, well, several things, but one of the things I can talk in more detail about is something called zero drift. So I've been talking about the network security, but we also have run time security, right? So any, any container that's running within your environment has processes that are running that container. What we can do is actually comes back to that manageability and configuration. We can look at the root level of trust of any process that's running. And as long as it has an inheritance, we can let that process run without any extra configuration. If it doesn't have a root level of trust, like it didn't spawn from whatever the, a knit, um, function was and that container we're not gonna let it run. Uh, so the, the configuration that you have to put in there is, is a lot simpler. Um, so that's something that's in, in new vector five, um, the web application firewall. So this layer seven security inspection has gotten a lot more granular now. So it's that pod Topo security, um, both for ingress egress and internal on the cluster. Right. >>So before we get to what's in the pipeline, one question around new vector, how is that consumed and deployed? >>How is new vector consumed, >>Deployed? And yeah, >>Yeah, yeah. So, uh, again with new vector five and, and also rancher 2 65, which just were released, there's actually some nice integration between them. So if I'm a rancher customer and I'm using 2 65, I can actually just deploy that new vector with a couple clicks of the button in our, uh, in our marketplace. And we're actually tied into our role-based access control. So an administrator who has that has the rights can just click they're now in a new vector interface and they can start setting those policies and deploying those things out very easily. Of course, if you aren't using, uh, rancher, you're using some other, uh, container management platform, new vector still works. Awesome. You can deploy it there still in a few clicks. Um, you're just gonna get into, you have to log into your new vector, uh, interface and, and use it from there. >>So that's how it's deployed. It's, it's very, it's very simple to use. Um, I think what's actually really exciting about that too, is we've opensourced it? Um, so it's available for anyone to go download and try, and I would encourage people to give it a go. Uh, and I think there's some compelling reasons to do that now. Right? So we have pause security policies, you know, depreciated and going away, um, pretty soon in, in Kubernetes. And so there's a few things you might look at to make sure you're still able to run a secure environment within Kubernetes. So I think it's a great time to look at what's coming next, uh, for your security within your Kubernetes. >>So, Paul, we appreciate you stopping by from ity of Spain. I'm Keith Townsend, along with en Rico Sinte. Thank you. And you're watching the, the leader in high tech coverage.

(upbeat music) >> Welcome back to DTW 2021, theCUBE's continuous coverage of Dell Technologies World, the virtual version. My name is Dave Vellante and for years we've been looking forward to the day that the on-premises experience was substantially similar to that offered in the public cloud. And one of the biggest gaps has been subscription based experiences, pricing and simplicity and transparency with agility and scalability, not buying and installing a box but rather consuming an outcome based service to support my IT infrastructure needs. And with me to talk about how Dell is delivering on this vision is Akanksha Mehrotra, Vice-President Marketing for APEX at Dell Technologies. Welcome Akanksha, great to see you. >> Thank you, thanks for having me. >> It's our pleasure. So we're going to dig into APEX. We know that Dell has been delivering cloud-based solutions for a long time now, but it seems like there's a convergence happening in all these areas. And it's generating a lot of talk in the industry. What are your customers asking you to deliver and how is Dell responding? >> Yeah, there's a few trends that we're seeing and they've been in place for a while, but they have accelerated certainly over the past year. The first one is organizations all over the world want to become more digital in order to modernize their operation and foster innovation on behalf of their customers. And they've been thriving for years, digital transformation can do so. That in and of itself isn't necessarily new, but the relative complexity of driving digital transformation. For example, when they're bringing on a predominantly or all of the remote workforce as well as the relative piece of change, for example, if they see remarkable spike in the consumption of digital content validated over the past year. And because of that the need for agility has gone up. The other trend that we see is that there's a clear preference for a hybrid cloud approach. Customers tell us that they need on-prem cloud resources to help mitigate risk for applications that need dedicated fast performance as well as, you know, in order to contain costs. But then they also tell us that public cloud is here to stay for the increased agility that it provides a simplified operations as well as the faster access to innovation. And so what's really clear is that both private cloud and public cloud has their strengths and picking one you're inevitably trading off the benefits of the other. And so an organizations want the flexibility to be able to choose the right path that best meet their business objectives. And IT is a service delivered at the location of your choice is one way to do that. As you know, we talk a lot to analysts like yourself and they tend to agree with us. IDC predicts that by 2024 or perhaps a better data center infrastructure is going to be consumed as a service. At Dell Technologies, we're beginning to see the shift happen already. As you said, we've been providing flexible consumption and as a service solutions for well over a decade. However, what's different now is that we're radically simplifying that entire technology experience to deliver this at scale to our entire install base and that's what APEX is all about. >> Great, thank you. So I know Dell is very proud of the tie. I think I got this ratio right, do to say ratio, right? The numerator's bigger than the denominator. And you've got a good track record in this regard. You're going to announce project APEX in October and you've provided a preview of what was coming then and today you're fully unveiling APEX, no more project, just APEX. What's APEX all about and what customer benefits specifically does APEX deliver? >> Yeah, so you're right. We announced that this a vision back in October and now we're kind of taking away the project and it's generally available. So you can kind of refer to it as APEX going forward. APEX represents our portfolio of as-a-service offerings. These helps simplify digital transformation for our customers by increasing their IT's agility and their control. We believe it's a solution that helps bridge this divide between public and private cloud by delivering as a service wherever it's needed to help organizations meet the needs of their digital transformation agenda. Talking to our customers in terms of customer benefits, we've centered around three areas and they are simplicity, agility, and control as the key benefits that APEX is going to provide to our customers. So let me unpack these one by one and kind of demonstrate how we're going to deliver on these promises. Let's start with simplicity. APEX represents a fundamental shift in the way that we deliver our technology portfolio. And obviously we do this to simplify IT for our customers. Our goal is to remove complexity from every stage of the customer journey. So for example, with APEX and APEX offers that I'll just get into in a bit, we take away that complexity, the pain and frankly the undifferentiated work of managing infrastructure so that organizations can focus on what they do best, right? Adding value to their organizations. Another way in which we simplify is streamline the procurement process. So we allow customers to just simplify a simple set of outcomes that they're looking for and subscribe to a service using an easy web based console and then we'll take it from there. We will pick the technology and its services that best meets the needs, you know, best delivers on those set of outcomes and then we'll deliver it for them. So as a result, organizations can kind of take advantage of the technology that best meets their needs but without all the complexity of life cycle management whether it's at the beginning or at the end, you know, the decommissioning part of the life cycle. Next, let's talk about agility. This is an area that's been top of mind for our customers as I said, certainly over the past year and frankly, it's been one of the main driving factors over the other service revolution. Again, with APEX we aim to deliver agility to every stage of the customer journey. So for example, with APEX, our goal is to get customers started on projects faster than they ever have before within their data center. We target a 14 day time to value from order to activation or from subscription to activation within the location of their choice. Another driver for agility is having access to technology when you need it without costly over provisioning. So with APEX, you can dynamically scale your resources up and down based on changing business requirements. And then the third barrier of agility and this is a serious one, it's just forecasting costs and containing them. And with APEX, our promise is that you're paying for technology only as it's used using a clear, consistent and a transparent rate. So you're never guessing what you're going to pay. There's no overage charges and you're not paying to access your own data. And then finally from a control standpoint, often business and IT leaders are forced to make difficult trade offs between the simplicity and the flexibility they want and the control, the performance and the data locality that perhaps they need. APEX will help bridge this divide and so we're not going to make them make this kind of false trade off between them. It'll enable organizations to take control of their operations from where resources are located to how they are run to who can access them. So for example, by dictating where they want to run their resources in a cool or at the Edge or within their data center, you know, IT teams can take charge of their compliance obligations and simplify them by using role-based permissions stick to limit access, IT organizations can choose who can access certain functionality for configuring APEX services and thereby kind of reduce risk and simplify those security obligations. So, those are some examples of, you know, how we deliver simplicity, agility and control to our customers with APEX. >> You know, I'll give you a little aside here if I may, you know, you said the trade-offs and I've been working on this scenario of how we're going to come back from the pandemic. And you're seeing this hybrid approach where we're, organizations are having to fund their digital transformation. They're having to support a hybrid workforce and their headquarters investments, their traditional data center investments have been neglected. And the other thing is there's very clearly a skills gap, a shortage of talent. So to the extent that you have something like APEX that where I don't have to be provisioning lungs and spending all time, both waiting and provisioning and tuning, that allows me to free up talent and really deliver on some of those problematic areas that are forcing me today to do a trade-off. So I think that really resonates with me Akanksha, so. >> You're exactly right and we're what kind of refactoring applications, learning new skillset, hiring new people. If the part that resonates with you is that agility and simplicity, you know, why not have it where it makes sense in a skill set? >> So APEX is new way of thinking. I mean, certainly for Dell in terms of how you deliver for way customers consume, can you be specific on some of the offerings that we can expect from DTW this year? >> Yes, we've got a variety of announcements, let me talk about those. Let's start with the APEX console. This is a unified experience for the entire APEX journey. It provides self-service access to our catalog of APEX services. As I mentioned customers simply select the outcomes that they're looking for and it's ascribed to the technology services that best meets their needs and then we'll take it from there. From a day two operation standpoint the console will also give customers insight and oversight into other aspects of the APEX experience. For example, they can limit access to the functionality by role. They can modify, view their subscriptions and then modify it. They can engage and kind of provisioning type tasks. They can see costs transparent, review billing and payment information each month and use it for things like show back or charge back to, you know, various business units within their organization. Over time, we will also be integrating the console with common procurement and provisioning systems so that they can further streamline approval workflows as well as published API for further integration from developers at the customer site. So, Net-Net console will be the single place for us to procure, operate and monitor APEX services and we think it's going to become an important way for us to interact with our customers as well as our partners to interact with Dell Technologies going forward. >> Yes, please, no carry on, thanks. >> The next announcement is APEX data storage services. This one is a first in a series of outcome-based turnkey services in the APEX portfolio. At the end this essentially delivers storage resources at the customers at the location that they would prefer. When subscribing to this which is four parameters that the customers need to think about, what type of data services they're looking for, file block and soon it'll be object. What performance tier, the application that the customer is going to run on these resources needs, they can be in three levels, what base capacity they want where they can start at 50 terabytes and then the time length that they're looking for, the subscription length. We also announced a partnership with Equinix. So if a customer wants they can deploy these resources at Equinix's data centers all around the world and still get a unified bill from us and that's it. Once they make those four selections, they subscribe to the service, we take it from there, there's no selecting what product do you want, what configuration on that product, etc, etc. You know, we take care of all of that, include the right services and then kind of deliver it to them. So it's really an outcome-based way of procuring technology as easily as you would provision resources in a public cloud. >> Awesome, so again console, data storage, cloud services, which are key... >> Now, they check the cloud services. >> And then the partner piece with Equinix for latency and proximity, speed of light type stuff, okay, cool. >> Exactly. Cloud services very quickly are integrated solutions to help simplify that adoption and they support both cloud native as well as traditional workloads. Customers can subscribe either to a private cloud offer or a hybrid cloud offer depending on the level of control that they're looking for and the operational consistency that they need. And again, similar to storage services they pick from kind of four simple steps and we'll deliver it to them within 14 days. And then finally, we've got something called custom solutions. These are for customers who are looking for a more flexible as a service environment, they're available right now in over 30 countries, also available to our partner network. Comes in two flavors, APEX Flex On Demand, which takes anything within our broad infrastructure portfolio, servers, storage, data protection, you name it and we can turn that into a paper use environment. You can also select what services you'd like to include. So if a customer wants it managed, we can manage it for them. If they don't want to managed again, you know, include it without those services. And essentially they can configure their own as a service experience. And the data center utility takes it to the next level and offers even more customization in terms of customer elementary options, etc, etc. So that's kind of a quick summary of the announcements in the APEX portfolio. >> Okay, I think I got it. Five buckets, the console, which gives you that full life cycle, that self-service, the storage piece, the cloud services, the Equinix partnership and the partners, that's a whole nother conversation and then the custom piece if you really want to customize it for your... >> And storage services. >> All right, good, okay, you guys have been busy. So you announced project APEX last fall and so I presume you've been out talking to customers about this, prototyping it, testing it out. Maybe you could share some examples of customers who've tried it out and what the feedback has been and the use cases. >> Yeah, let me give you a couple of examples. We'll start with APEX data storage services. As I said, this one's going generally available now. At Dell we believe in drinking our own champagne. So our own IT team has been engaged in a private data of this service for the past several months and their feedback has helped shape the offer. The feedback that they've given us is that they really liked that, like simple life cycle management. You know, they tell us that it speeds up their folks to do a lot of other things. And that are kind of higher level order tasks if you will versus managing the infrastructure. They're seeing greater efficiencies in the past in performance management, they like not having to worry about building a capacity pipeline. And they like being able to kind of build on a charge back process that will allow them to build internal views based on what's being used. And so they think it's going to be a game changer for them. And, you know, that's the feedback that they and of course they've given us lots of feedback that we've also put into building the product itself, in short they really liked the flexibility of it. Let me give you a, maybe a customer example and then a partner example as well. APEX cloud services. This is one where more and more customers are realizing that for compliance, regulatory or performance reasons, maybe public cloud doesn't really work for them. And so they've been looking for ways to get that experience within their data center. APEX hybrid cloud enables this, using this as a foundation customers are quickly able to extend workloads like VDI into these different environments. A global technology consulting firm wanted to focus on their business of providing consulting service versus you know, managing our infrastructure. And so what they also really liked was the people use model and the ability to scale up without having to engage and kind of renegotiating terms. They also appreciated and like the cost transparency that we provided and their feedback to us that it was sort of unmatched with other solutions that they'd seen and they like sort of cost-containment benefits because it give them much more control over their budget. And then from a partner standpoint, APEX custom solutions as I said is available in over 30 countries today, it's available through our vast partner network. We've got a series of lucrative partner options for them. A recent win that we saw in the space was with a healthcare provider. This particular healthcare provider was constantly challenging their IT team to improve service delivery. They wanted to onboard customers faster, drive services deployment while ensuring the compliance of their healthcare data as you I'm sure know their, you know, some strict requirements in this space. With Flex On Demand they were able to dramatically cut that onboarding time from months to days, they were able to be just as agile while simplifying their compliance with industry regulations for data privacy and sovereignty. And so their feedback with that since they were able to be just as agilent just as cost effective as a cloud solution but without the concerns over data residency. So those are a few use cases and then real customer examples of customers that have tried out these services. >> Awesome, thanks for that. And the real transformation for the partners as well. I think actually if partners leaned in they can make a lot of money doing this. >> It means so much in profitability. >> Yeah, well, hey, that's what the channel cares about. I mean, it's different from the past of selling boxes, That was to do, okay, I know you got my margin there, but this I think actually huge opportunities to get deeper into the customer, add value in so many other different ways, the channel is undergoing tremendous transformation. I have to ask you, so I think the first time I saw it, so you have flexible consumption, you've had that for a number of years. I think the first time I saw it it was like late '90s or early 2000s when I saw these types of models emerge. So can you explain how APEX differs from your past as a service offerings? And I got another sort of second part of the question after that. >> Yeah, you're right. We've offered these solutions for a while and very successfully so I should add, certainly over the past year our business has seen tremendous momentum. And if you listen to our earnings you've probably heard that. What's different here is that we're caking, think of this as APEX is a two durdle of that. So we've been doing that. We're going to continue doing that, but what I talked about in APEX customer solutions is what we've been delivering for a while. And of course, we continue to improve it as we get customer feedback on it. What we're doing here on the turnkey side is that we're taking out a product based, not a service based but really an outcome based approach and what's different there and what I mean by that is we're truly looking to bypass complexity throughout the entire technology life cycle. We're truly kind of looking to figure out where can we remove a significant amount of time and effort from IT teams by delivering them an offer that's simple from the get-go. Each of these offers have been designed from the ground up to provide not just the innovative technology that our customers have known us forever, but to so with greater simplicity, to deliver greater agility while still retaining the control that we know our customers want. That is what is different. And by doing that, by making this consistently available in a very kind of simple way we believe we can scale that experience. That along with backed up with our services, our scale, our supply chain leadership that we've had for awhile built on our industry leading portfolio, the broadest in the industry then delivering that with unmatched time to value at whatever location the customer is looking for, by doing these three things we believe we're combining not just the agility that our customers want and as well as the control that they need and putting it all together in the simplest way possible and delivering it with our partners. So I think that's what's different with what we're doing now and frankly that's also our commitment going forward. So you can imagine today, I talked to you about our cloud solutions, our infrastructure solutions, but imagine going forward all of our solutions, server, storage, data protection, workload, end user devices telecom solutions, Edge Solutions, gaming devices all of them kind of delivered in this way. And you know, only the way that Dell Technologies and our partner community camp. >> When I hear you say outcome based a lot of people may say, well, what's that? I'll tell you what I think it is. The outcome I want is I want is I want my IT to be fast, I want it to be reliable, I want it to be at a fair price. I don't want to run out of storage for example and if I need more, I want it fast and I want it simple. I mean, that's the outcome that I want. Is that what you mean by outcome based? >> Absolutely, those are exactly the types of, you know, it's a combinations like you've said of business as well as technology outcomes that we're targeting. But those are exactly it availability, uptime, performance, you know, time to value. Those are exactly the types of outcomes that we're targeting with these offers and that's what our services are designed from the ground up to do. >> Okay, last question, second part of my other question is, I mean, it's essentially, you've got the cloud model. You're bringing that to on-prem, you've got other on-prem competitors, what's different with Dell from the competition? >> Yeah, so I would say from a competitive standpoint as you've said, we certainly have a series of competitors in the on-prem space, and then we've got another set of competitors in the cloud space. And what we are truly trying to do is, you know, bring the best of that experience to wherever our customers want to deploy these resources. From an on-prem standpoint I think our differentiation always has and will continue to be the breadth of our portfolio. You know, the technology that we provide and bringing this APEX experience in a very simple and consistent way across that entire breadth of products. The other differentiation that I believe we have is frankly our pricing model, right? You mentioned it a few times, I talked a little bit about it earlier as well. If I use storage as an example we are not going to have, you know, we're not going to charge you a penalty if you need to scale up and down. We understand and realize that businesses, you know, need to have that flexibility to be able to go up and down and having a simple clear consistent rate that they understand very clearly upfront, that they have visibility to that, you know, charges them in kind of a fair way is another kind of point of differentiation. So not having that kind of surge pricing, if you will. And then finally, the third differences are our services, our scale, our supply chain leadership and then just say-do ratio, right? When we say something we're going to do it and we're going to deliver it. From a cloud clearer standpoint it's really interesting. You know, I talk about this trade off that our customers often have to make. You have to give up control to get this simplicity and agility, and we're not going to make you do that, right? As an IT DN you manage, you know, you've got full control of that infrastructure while still getting the benefits of the agility and the simplicity that today you often have to go to public cloud for. Again, from a pricing standpoint, the other differentiation that we have is you're not going to be paying to access your old data. You pay a clear rate and it stays consistent, there's no egress ingress charges. There's no retraining of your sales force. There's no refactoring of the application to move it there. There's all these kind of unspoken costs that go into moving an application into public cloud that you're not going to see with us. And then finally, from a performance standpoint we do believe that the performance that we have at APEX Solution is significantly better. You know, just the fact that you've got dedicated infrastructure, like you're not running into issues with noisy neighbors, for example, as well as just the underlying quality of the technology that we deliver. I mean, the experience that we've had and not just in the space, but then delivering it to, you know, hundreds of thousands of customers and hundreds and thousands of locations there's a very good at optimizing for a few locations for hundreds of thousands of customers, but we've been for years delivering this experience, across the world, across hundreds and thousands of data centers and the expertise that our services, our supply chain, and in fact their product teams have built out I think will serve as well. >> Great, a lot of depth there Akanshka, thanks so much. And congratulations for giving birth formerly to APEX and best of luck, really appreciate you coming on theCUBE and sharing. >> Thanks Dave, thank you for having me. >> And it was really our pleasure. And thank you for watching everybody. This is theCUBE's coverage ongoing coverage of Dell Tech World 2021, we'll be right back. (upbeat music)

>>Well, good day and welcome back to the cube as we continue our segment featuring AWS star showcase we're with now Mike Bilodeau, who's in corporate development and operations at Kong. Mike, uh, thank you for joining us here on the cube and particularly on the startup showcase. Nice to have you and pong represented here today. Thanks for having me, John. Great to be here. You bet. All right, first off, let's just tell us about pong a little bit and, and, uh, con cadet, which I know is your, your feature program, um, or, um, service. Oh, I love the name by the way. Um, but tell us a little bit about home and then what connect is all about to? Sure. So, uh, Kong as a company really came about in the past five years, our two co-founders came over from Italy in, uh, in the late, in the late aughts, early 20 teens and, uh, had a company called Mashape. >>And so what they were looking at and what they were betting on at that time was that API APIs, uh, were going to be the future of how software was built and how developers interacted with software. And so what came from that was a piece of, uh, they were running that shape as a marketplace at the time. So connecting developers sit in for an API so they can consume them and use them to build new software. And what they found was that actually the most valuable piece of technology that they created was the backbone for running that marketplace. And that backbone is what Kong is. And so they created it to be able to handle a massive amount of traffic, a massive amount of API APIs, all simultaneously. This is a problem that a lot of enterprises have, especially now that we've started to get some microservices, uh, started to, to have more distributed technologies. >>And so what Kong is really is it's a way to manage all of those different API APIs, all of the connections between different microservices, uh, through a single platform, which is called connect. And now that we've started to have Coobernetti's, uh, the, sort of the birth and the, the nascent space of service mesh con connect allows all of those connections to be managed and to be secured and made reliable, uh, through a single platform. So what's driving this right. I mean, um, you, you mentioned micro services, um, and Coobernetti's, and that environment, which is kind of facilitating, you know, this, uh, I guess transformation you might say. Um, but what's the big driver in your opinion, in terms of, of what's pushing this microservices phenomenon, if you will, or this revolution. Sure. And when I think it starts out at, at the simple active of technology acceleration in general, um, so when you look at just the, the real shifts that have come in enterprise, uh, especially looking, you know, start with that at the cloud, but you could even go back to VMware and virtualization is it's really about allowing people to build software more rapidly. >>Um, all of these different innovations that have happened, you know, with cloud, with virtualization now with containers, Kubernetes, microservices, they're really focused on making it, uh, so that developers can build software a lot more quickly, uh, develop the, the latest and greatest in a more rapid way. >>A huge driver out of this is just making it easier for developers, for organizations to bring new technologies to market. Uh, and we see that as a kind of a key driver in a lot of these decisions that are being made. I think another piece of it that's really coming about is looking at, uh, security, uh, as a really big component, you know, do you have a huge monolithic app? Uh, it can become very challenging to actually secure that if somebody gets into kind of that initial, uh, into the, the initial ops space, they're really past the point of no return and can get access to some things that you might not want them to similar for compliance and governance reasons that becomes challenging. So I think you're seeing this combination of where people are looking at breaking things into smaller pieces, even though it does come with its own challenges around security, um, that you need to manage, it's making it so that, uh, there's less ability to just get in and cause a lot of damage kind of all at once. Often Melissa malicious attackers. >>Yeah. You bring up security. And so, yeah, to me, it's almost, in some cases it's almost counterintuitive. I think about, I've got the, if I got this model, the gap and I've got a big parameter around it, right. And I know that I can confine this thing. I can contain this. This is good. Now microservices, now I got a lot of, it's almost like a lot of villages, right. They're all around. And, and uh, I don't have the castle anymore. I've got all these villages, so I have to build walls around all these villages. Right. But you're saying that there that's actually easier to do, or at least you're more capable of doing that now as opposed to living >>Three years ago. Well, you can almost think of it, uh, as if you have this little just right, and you might, um, if you have one castle and somebody gets inside, they're going to be able to find whatever treasury may have, you know, to extend the analogy here a bit, but now it's different, uh, 50 different villages that, you know, uh, an attacker needs to look in, it starts to become really time-consuming and really difficult. And now when you're looking at, especially this idea of kind of cybersecurity, um, the ability to secure a monolithic app is typically not all that different from what you can do with a microservice or with a once you get past that initial point, instead of thinking of it, you know, I have my one wall around everything, you know, think of it almost as a series of walls where it gets more and more difficult. Again, this all depends on, uh, that you're, you're managing that security well, which can get really time-consuming more than anything else and challenging from a pure management standpoint, but from an actual security posture, it is a way of where you can strengthen it, uh, because you're, you're creating more, um, more difficult ways of accessing information for attackers, as well as just more layers potentially of security. >>But what do you do to lift that burden then from, from the customer? Because like you said, that that that's a concern they really don't want to have. Right. They want, they want you to do that. They want somebody to do that for them. So what can, what do you do to alleviate those kinds of stress >>On their systems? Yeah, it's a great question. And this is really where the idea of API management and, um, in it's in its infancy came from, was thinking about, uh, how do we extract a way these different tasks that people don't really want to do when they're managing, uh, how API, how people can interact with their API APIs, whether that be a device or another human, um, and part of that is just taking away. So what we do and what API gate management tools have always done is abstract that into a, a new piece of software. So instead of having to kind of individually develop and write code for security, for logging, for, you know, routing logic, all these different pieces of how those different APIs will communicate with each other, we're putting that into a single piece of software and we're allowing that to be done in a really easy way. >>And so what we've done now with con connect and where we've extended that to you, is making it even easier to do that at a microservices level of scale. So if you're thinking about hundreds or thousands of different microservices that you understand and be able to manage, that's what we're really building to allow people to do. And so that comes with, you know, being able to, to make it extremely easy, uh, to, to actually add policies like authentication, you know, rate-limiting, whatever it may be, as well as giving people the choice to use what they want to use. Uh, we have great partners, you know, looking at the Datadog's, the Okta's of the world who provide a pretty, pretty incredible product. We don't necessarily want to reinvent the wheel on some of these things that are already out there, and that are widely loved and accepted by, uh, technology, practitioners and developers. We just want to make it really easy to actually use those, uh, those different technologies. And so that's, that's a lot of what we're doing is providing a, a way to make it easy to add this, you know, these policies and this logic into each one of these different services. >>So w if you're providing these kinds of services, right. And, and, and, and they're, they're, they're new, right. Um, and you're merging them sometimes with kind of legacy, uh, components, um, that transition or that interaction I would assume, could be a little complex. And, and you've, you've got your work cut out for you in some regards to kind of retrofit in some respects to make this seamless, to make this smooth. So maybe shine a little light on that process in terms of not throwing all the, you know, the bath out, you know, with, with the baby, all the water here, but just making sure it all works right. And that it makes it simple and, and, um, takes away that kind of complexity that people might be facing. >>Yeah, that's really the name of the game. Uh, we, we do not believe that there is a one size fits all approach in general, to how people should build software. Uh, there are going to need instances aware of building a monolithic app. It makes the most sense. There are going to be instances where building on Kubernetes makes the most sense. Um, the key thing that we want to solve is making sure that it works and that you're able to, to make the best technical decision for your products and for your organization. And so in looking at, uh, sort of how we help to solve that problem, I think the first is that we have first class support for everything. So we support, you know, everything down to, to kind of the oldest bare metal servers to NAMS, to containers across the board. Uh, and, and we had that mindset with every product that we brought to market. >>So thinking about our service mesh offering, for instance, um, Kula is the open source project that under tens now are even, but looking at Kumo, one of the first things that we did when we brought it out, because we saw this gap in space was to make sure that that adds first-class support for and chance at the time that wasn't something that was commonly done at all. Uh, now, you know, there there's more people are moving in that direction because they do see it as a need, which is great for the space. Um, but that's something where we, we understand that the important thing is making sure your point, you said it kind of the exact way that we like to, which is it needs to be reliable. It needs work. So I have a huge estate of, you know, older applications, older, uh, you know, potentially environments, even. I might have data centers that might've cloud being, trying to do everything all at once. Isn't really a pragmatic approach. Always. It needs to be able to support the journey as you move to, to a more modern way of building. So in terms of going from on-premise to the cloud, running in a hybrid approach, whatever it may be, all of those things shouldn't be an all or nothing proposition. It should be a phase approach and moving to, to really where it makes sense for your business and for the specific problem >>Talking about cloud deployments, obviously AWS comes into play there in a major way for you guys. Um, tell me a little bit about that, about how you're leveraging that relationship and how you're partnering with them, and then bringing the, the value then to your customer base and kind of how long that's been going on and the kinds of work that you guys are doing together, uh, ultimately to provide this kind of, uh, exemplary product or at least options to your customers. >>Yeah, of course. I think the way that we're doing it first and foremost is that, um, we, we know exactly who AWS is and the space and, and, you know, a great number of our customers are running on AWS. So again, I think that first class support in general for AWS environments services, uh, both from the container service, their, their Kubernetes services, everything that they can have and that they offer to their customers, we want to be able to support, uh, one of the first areas of really that comes to mind in terms of first-class integration and support is thinking about Lambda and serverless. Um, so at the time when we first came out, was that, again, it was early for us, uh, or early in our journey as product and as company, uh, but really early for the space. And so how we were able to support that and how we were able to see, uh, that it could support our vision and, and what we wanted to bring as a value proposition to the market has been, you know, really powerful. So I think in looking at, you know, how we work with AWS, certainly on a partnership level of where we share a lot of the same customers, we share a very similar ethos and wanting to help people do things in the most cost-effective rapid manner possible, and to build the best software. Uh, and, you know, I mean, for us, we have a little bit of a backstory with AWS because Jeffrey's us was a, an early investor in, in common. >>Yeah, exactly. I mean, the, the whole memo that he wrote about, uh, you know, build an API or you're fired was, was certainly an inspiration to, to us and it catalyzed, uh, so much change in, in the technology landscape in general, about how everyone viewed API APIs about building a software that could be reused and, and was composable. And so that's something that, you know, we, we look at, uh, kind of carrying forward and we've been building on that momentum ever since. So, >>Well, I mean, it's just kind of take a, again, a high level, look at this in terms of microservices. And now that it's changing in terms of cloud connectivity. Thank you. Actually, I have a graphic to that. Maybe we can pull up and take a look at this and let's talk about this evolution. You know, what's occurring here a little bit, and, and as we take a look at this, um, tell us what you think those, these impacts are at the end of the day for your customers and how they're better able to provide their services and satisfy their customer needs. >>Absolutely. So this is really the heart of the connect platform and of our vision in general. Um, we'd spoken just a minute ago about thinking how we can support the entire journey or, uh, the, the enterprise reality that is managing a, a relatively complex environment of modelists different services, microservices, you know, circle assumptions, whatever it may be, uh, as well as lots of different deployment methods and underlying tech platforms. You know, if you have, uh, virtual machines and Kubernetes, whatever, again, whatever it may be. But what we look at is just the different sort of, uh, design patterns that can occur in thinking about a monolithic application. And, um, okay. Mainly that's an edge concern of thinking about how you're going to handle connectivity coming in from the edge and looking at a Kubernetes environment of where you're going to have, you know, many Kubernetes clusters that need to be able to communicate with each other. >>That's where we start to think about, uh, our ingress products and Kubernetes ingress that allows for that cross applic, uh, across application communication. And then within the application itself, and looking at service mesh, which we talked a little bit about of just how do I make sure that I can instrument and secure every transaction that's happening in a, a truly microservices, uh, deployment within Kubernetes or outside of it? How do I make sure that that's reliable and secure? And so what we look at is this is just a, uh, part of it is evolution. And part of it is going to be figuring out what works best when it, um, certainly if you're, if you're building something from scratch, it doesn't always make sense to build it, your MDP, as, you know, microservices running on Kubernetes. It probably makes sense to go with the shortest path, uh, at the same time, if you're trying to run it at massive scale and big applications and make sure they're as reliable as possible, it very well does make sense to spend the time and the effort to, to make humanize work well for you. >>And I think that's, that's the, the beauty of, of how the space is shifting is that, uh, it's, it's going towards a way of the most practical solution to get towards business value, to, to move software quicker, to give customers the value that they want to delight them to use. Amazon's, uh, you know, phrase ology, if that's, uh, if that's a word, uh, it's, it's something of where, you know, that is becoming more and more standard practice versus just trying to make sure that you're doing the, the latest and greatest for the sake of, of, uh, of doing it. >>So we've been talking about customers in, in rather generic terms in terms of what you're providing them. We talked about new surfaces that are certainly, uh, providing added value and providing them solutions to their problems. Can you give us maybe just a couple of examples of some real life success stories, where, where you've had some success in terms of, of providing services that, um, I assume, um, people needed, or at least maybe they didn't know they needed until, uh, you, you provided that kind of development that, but give us an idea of maybe just, uh, shine, a little light on some success that you've had so that people at home watching this can perhaps relate to that experience and maybe give them a reason to think a little more about calm. >>Yeah, absolutely. Uh, there, there's a number that come to mind, but certainly one of the customers that I spent a lot of time with, uh, you know, become almost friends would be with, uh, with the different, with a couple of the practitioners who work there is company called Cargill. Uh, it's a shared one with us and AWS, you know, it's one we've written about in the past, but this is one of the largest companies in the world. Um, and, uh, the, the way that they describe it is, is that if you've ever eaten a Vic muffin or eaten from McDonald's and had breakfast there, you you've used a Cargill service because they provide so much of the, the food supply chain business and the logistics for it. They had a, uh, it's a, it's an old, you know, it's a century and a half old company. >>It has a really story kind of legacy, and it's grown to be an extremely large company that's so private. Uh, but you know, they have some of the most unique challenges. I think that I've, I've seen in the space in terms of needing to be able to ensure, uh, that they're able to, to kind of move quickly and build a lot of new services and software that touch so many different spaces. So they were, uh, the challenge that was put in front of them was looking at really modernizing, you know, again, a century and a half old company modernizing their entire tech stack. And, you know, we're certainly not all of that in any way, shape or form, but we are something that can help that process quite a bit. And so, as they were migrating to AWS, as they were looking at, you know, creating a CICB process for, for really being able to ship and deploy new software as quickly as possible as they were looking at how they could distribute the, the new API APIs and services that they were building, we were helping them with every piece of that journey, um, by being able to, to make sure that the services that they deployed, uh, performed in the way that they expected them to, we're able to give them a lot of competence and being able to move, uh, more rapidly and move a lot of software over from these tried and true, uh, you know, older or more legacy of doing things to a much more cloud native built as they were looking at using Kubernetes in AWS and, and being able to support that handle scale. >>Again, we are something that was able to, to kind of bridge that gap and make sure that there weren't going to be disruptions. So there, there are a lot of kind of great reasons of why they're their numbers really speak for themselves in terms of how, uh, how much velocity they were able to get. You know, they saying them saying them out loud on the sense fake in some cases, um, because they were able to, you know, I think like something, something around the order of 20 X, the amount of new API APIs and services that they were building over a six month period, really kind of crazy crazy numbers. Um, but it is something where, you know, the, for us, we, we got a lot out of them because they were open source users. So calling is first and foremost, an open source company. >>And so they were helping us before they even became paying customers, uh, just by testing the software and providing feedback, really putting it through its paces and using it at a scale that's really hard to replicate, you know, the scale of a, uh, a couple of hundred thousand person company, right? Yeah. Talking about a win-win yeah. That worked out well. It's certainly the proof is in the pudding and I'm sure that's just one of many examples of success that you've had. Uh, we appreciate the time here and certainly the insights and wish you well on down the road. Thanks for joining us, Mike. Thanks, Sean. Thanks for having me. I've been speaking with Mike Villa from Kong. He is in corporate development and operations there on John Walls, and you're watching on the cube, the AWS startup showcase.