>> Announcer: Live from Vancouver, Canada it's theCUBE covering OpenStack Summit North America 2018. Brought to you by Red Hat, the OpenStack Foundation and its ecosystem partners. >> Welcome back to theCUBE here at OpenStack Summit 2018 in Vancouver. I'm Stu Miniman with co-host this week is John Troyer. I'm happy to welcome to the program, first time guest. It's Anne Bertucio, who is the Kata Containers Community Manager with the OpenStack Foundation. Thanks so much for joining us. >> Thank you for having me. >> All right, it's our pleasure and the containers has been a discussion we've been having for a few years now. I remember when we were last year in Vancouver, three years ago that the joke was it was Docker, Docker, Docker year. Tell us a little bit first your role, how long you've been with the foundation, and what you're covering there. >> Absolutely, I've been with the foundation for going on three years at this point. The Kata Containers Project we announced in December. It's come up and come in there as a community manager helping them figure out since December to the launch now, in less than six months we had to figure out how are we going to work together. How are we going to merge two code bases and we have to create a new open source project and new community. So leading that has been a big part of my work. >> So there's a whole track on Containers now. Give us a little bit of flavor for our audience that couldn't be sitting in the keynote and attend all the sessions. What were they missing? >> I think the major theme was security. Mia, she's the PM of security at Google. She opened it up saying containers don't contain. And I almost wished we'd been on a game show. Like containers don't contain. That was the theme of the day and we talked about where did Kata come from? Kata came from how do we answer that question. I think people got so excited about performance and portability about containers. We forgot about security a little bit and now we're seeing some of the ramifications and it's time to make this the year of security. >> So you talk about bringing two code basis together. Can you talk a little bit about what some of the ingredients are here to get to our dish that we finally call Kata Containers Projects? >> Yeah, absolutely, so we have ren-V from Hyper and we had Clear Containers from Intel. And they both looked at things a little differently like Hyper has a fracty implementation that was really critical to their customers. Clear Containers are becoming a little bit from runC Vert containers. And what we arrive at for 1.0 is the OCI compatible runtime is going to put a lightweight VM around your container, and we're thrilled to look beyond 1.0 and to things like supporting hardware accelerators. >> So it may be just to raise it up one level before we go on. How do containers in some sense, let's repeat maybe what you said, see if I get it right. >> Anne: Yeah. >> It's wrapping a container and a lightweight VM. And that gives us the isolation and security that's traditionally associated with a virtual machine with all the APIs and flexibility and performance, and all the other goodness of a container. One container in one VM is the first implementation. >> Yeah, I think the easy way to think about, you're talking about Docker Docker Docker. So in Kata, really instead of using runC as your runtime, we would just say Kata runtime, and now we have our Docker containers but they're wrapped in these light weight VMs each with their own kernel. >> I think back to the early days when we were trying to figure out what these whole containers were and was that the death of virtualization? It was like VMs, gosh they take minutes to spin up, and container is super fast. Security, oh VMs yeah, there's security there but we need to move fast, fast, fast. So explain how this helps bring together the peanut butter and chocolate, if we will? >> Absolutely, oh I love peanut butter and chocolate but that's really what it is. Like you were saying virtualization, yes. Super secure, slow. I think I have a clip art chart with a sad turtle on it. A little bit slower. The container is super fast, we're getting a little nervous about security. I think we maybe see groups and name spaces are good, but people who are enterprise environments. They've been putting full blown VMs around their containers 'cause they were saying well it's not enough. And I need two isolation boundaries, not just one. >> Right, in terms of some of the use cases then. I imagine multitenancy would be one and then perhaps even, I think some of the newest trend defense in depth of even an individual app putting different zones in different components or different risk zones in their own containers, their own VMs. Even inside an individual app just making sure that the different components can only talk to each other in ways that they're suppose to. >> Absolutely, I think it's anytime where you're running untrusted code, or you have questions about what's going on there or you just want a heightened security. Kata is an easy used case then. >> Sure, I guess my VMware call it microsegmentation would be their buzz word on it. >> Oh I got to think about what mine is going to be. >> Or we can all use the same words, it's good. >> So Anne, Intel Clear Containers was a piece of this. Of course Intel partners with everyone there. Give us a little bit also the ecosystem and the team that makes this up. Is this, people out there will be like, oh, well but Docker has their solution and VMware has their solution. How does this fit into the broader ecosystem? >> Our team is incredibly diverse. I've just been thrilled with 1.0. We had 40 contributors from a good diversity of companies. Our architecture committee, it's Google, it's Huawei, Hyper, Intel and Microsoft and I think we've, I was saying in the other note the other day. I was on a call for a architecture committee and we had AMD, ARM and Intel all talking about the same solution. So it's the beauty of open source that we've brought all of these groups together. >> One of the things that also struck us especially if we've been here. The diversity of the show is always really good. The main keynote, it's not oh, did they brought up some people of diversities. Oh no, these are the project leads and therefore they're doing this. Can you touch on some of the diversity and activities at the show itself? >> In terms of technologies, we're looking at or? >> No, I just, so there is, I'm just saying you talked about the community, the diversity of companies as well, the diversity of people. So we've got lots of the women inclusion. >> Oh sure. >> Things like that. >> Yeah, I know we had the executive producer of Chasing Grace was here and I know she's been, Jennifer Clower, is that correct? >> Stu: Yes, Jennifer Clower. We actually interviewed her last week at a different show. >> Oh fantastic. Yeah her document has been incredibly well received. I know she's making the rounds to get the word out there about what's going on with Women in Tech. And we were more than thrilled to host her and have her here and be apart of conversation. >> Clear Community is a big part of OpenStack, the OpenStack Summit and care of the OpenStack Foundation. In terms of Kata Containers, you work for the OpenStack Foundation. Is Kata officially then part of the OpenStack or does that have a different governance model? >> That's a great question. This is an area of confusion because it's the first time the foundation is broken out and there's the OpenStack Project, and there's Kata Containers the Project, but we both live at the OpenStack Foundation. >> John: Okay. >> I think the guiding principles though, and it's really helped us over the last four months is that the OSF, OpenStack Foundation, we believe in open source, open design, open development and open community. And Kata, we were like that's a great home. We believe in that as well. >> Any customers that are yet talking about their early usage of Kata that you can share? >> I think we have a lot of customers from runV and Clear Containers and Kata is going to be their next path forward. So with 1.0 out yesterday, I'm excited to see. We should see some upgrades real soon here. >> What's the path for them to get from where they are to the 1.0? Is that pretty straightforward? >> It should be, yeah, we think so. And they have their support from Intel and from Hyper to help them out with that as well. >> Stu: Okay. >> I was going to ask is Kata Containers, is it integrated in an API or is OpenStack necessary for it or is it independent of, from an infrastructure perspective, OpenStack, the stack? >> Yeah, it's completely independent, but it's also compatible. >> John: Okay. >> You can run on Azure, Google, OpenStack, agnostic of the infrastructure underneath it. >> John: Great. >> Anne, want to give you a final word. Takeaways from the show that you'd want people to have. >> Absolutely, I think the final word is containers are fantastic, it's probably time to take a look at your container architecture. Think about it from a security perspective, and I would encourage everyone to go check out Kata Containers and see if that's the solution for them. >> Anne Bertucio, really appreciate you joining and sharing with us everything happening. It can work with or without the OpenStack Containers. Absolutely a big trend, but security absolutely top of mind from everyone we've talked to. If it's not top of mind of a company, I'm always a little bit worried about them. For John Troyer, I'm Stu Miniman. We'll be back with lots more coverage here from OpenStack Summit 2018 in Vancouver. Thanks for watching theCUBE. (uptempo techno music)