>> Announcer: Live from Vancouver, Canada it's theCUBE covering OpenStack Summit North America 2018. Brought to you by Red Hat, the OpenStack Foundation and its ecosystem partners. >> Welcome back to theCUBE here at OpenStack Summit 2018 in Vancouver. I'm Stu Miniman with co-host this week is John Troyer. I'm happy to welcome to the program, first time guest. It's Anne Bertucio, who is the Kata Containers Community Manager with the OpenStack Foundation. Thanks so much for joining us. >> Thank you for having me. >> All right, it's our pleasure and the containers has been a discussion we've been having for a few years now. I remember when we were last year in Vancouver, three years ago that the joke was it was Docker, Docker, Docker year. Tell us a little bit first your role, how long you've been with the foundation, and what you're covering there. >> Absolutely, I've been with the foundation for going on three years at this point. The Kata Containers Project we announced in December. It's come up and come in there as a community manager helping them figure out since December to the launch now, in less than six months we had to figure out how are we going to work together. How are we going to merge two code bases and we have to create a new open source project and new community. So leading that has been a big part of my work. >> So there's a whole track on Containers now. Give us a little bit of flavor for our audience that couldn't be sitting in the keynote and attend all the sessions. What were they missing? >> I think the major theme was security. Mia, she's the PM of security at Google. She opened it up saying containers don't contain. And I almost wished we'd been on a game show. Like containers don't contain. That was the theme of the day and we talked about where did Kata come from? Kata came from how do we answer that question. I think people got so excited about performance and portability about containers. We forgot about security a little bit and now we're seeing some of the ramifications and it's time to make this the year of security. >> So you talk about bringing two code basis together. Can you talk a little bit about what some of the ingredients are here to get to our dish that we finally call Kata Containers Projects? >> Yeah, absolutely, so we have ren-V from Hyper and we had Clear Containers from Intel. And they both looked at things a little differently like Hyper has a fracty implementation that was really critical to their customers. Clear Containers are becoming a little bit from runC Vert containers. And what we arrive at for 1.0 is the OCI compatible runtime is going to put a lightweight VM around your container, and we're thrilled to look beyond 1.0 and to things like supporting hardware accelerators. >> So it may be just to raise it up one level before we go on. How do containers in some sense, let's repeat maybe what you said, see if I get it right. >> Anne: Yeah. >> It's wrapping a container and a lightweight VM. And that gives us the isolation and security that's traditionally associated with a virtual machine with all the APIs and flexibility and performance, and all the other goodness of a container. One container in one VM is the first implementation. >> Yeah, I think the easy way to think about, you're talking about Docker Docker Docker. So in Kata, really instead of using runC as your runtime, we would just say Kata runtime, and now we have our Docker containers but they're wrapped in these light weight VMs each with their own kernel. >> I think back to the early days when we were trying to figure out what these whole containers were and was that the death of virtualization? It was like VMs, gosh they take minutes to spin up, and container is super fast. Security, oh VMs yeah, there's security there but we need to move fast, fast, fast. So explain how this helps bring together the peanut butter and chocolate, if we will? >> Absolutely, oh I love peanut butter and chocolate but that's really what it is. Like you were saying virtualization, yes. Super secure, slow. I think I have a clip art chart with a sad turtle on it. A little bit slower. The container is super fast, we're getting a little nervous about security. I think we maybe see groups and name spaces are good, but people who are enterprise environments. They've been putting full blown VMs around their containers 'cause they were saying well it's not enough. And I need two isolation boundaries, not just one. >> Right, in terms of some of the use cases then. I imagine multitenancy would be one and then perhaps even, I think some of the newest trend defense in depth of even an individual app putting different zones in different components or different risk zones in their own containers, their own VMs. Even inside an individual app just making sure that the different components can only talk to each other in ways that they're suppose to. >> Absolutely, I think it's anytime where you're running untrusted code, or you have questions about what's going on there or you just want a heightened security. Kata is an easy used case then. >> Sure, I guess my VMware call it microsegmentation would be their buzz word on it. >> Oh I got to think about what mine is going to be. >> Or we can all use the same words, it's good. >> So Anne, Intel Clear Containers was a piece of this. Of course Intel partners with everyone there. Give us a little bit also the ecosystem and the team that makes this up. Is this, people out there will be like, oh, well but Docker has their solution and VMware has their solution. How does this fit into the broader ecosystem? >> Our team is incredibly diverse. I've just been thrilled with 1.0. We had 40 contributors from a good diversity of companies. Our architecture committee, it's Google, it's Huawei, Hyper, Intel and Microsoft and I think we've, I was saying in the other note the other day. I was on a call for a architecture committee and we had AMD, ARM and Intel all talking about the same solution. So it's the beauty of open source that we've brought all of these groups together. >> One of the things that also struck us especially if we've been here. The diversity of the show is always really good. The main keynote, it's not oh, did they brought up some people of diversities. Oh no, these are the project leads and therefore they're doing this. Can you touch on some of the diversity and activities at the show itself? >> In terms of technologies, we're looking at or? >> No, I just, so there is, I'm just saying you talked about the community, the diversity of companies as well, the diversity of people. So we've got lots of the women inclusion. >> Oh sure. >> Things like that. >> Yeah, I know we had the executive producer of Chasing Grace was here and I know she's been, Jennifer Clower, is that correct? >> Stu: Yes, Jennifer Clower. We actually interviewed her last week at a different show. >> Oh fantastic. Yeah her document has been incredibly well received. I know she's making the rounds to get the word out there about what's going on with Women in Tech. And we were more than thrilled to host her and have her here and be apart of conversation. >> Clear Community is a big part of OpenStack, the OpenStack Summit and care of the OpenStack Foundation. In terms of Kata Containers, you work for the OpenStack Foundation. Is Kata officially then part of the OpenStack or does that have a different governance model? >> That's a great question. This is an area of confusion because it's the first time the foundation is broken out and there's the OpenStack Project, and there's Kata Containers the Project, but we both live at the OpenStack Foundation. >> John: Okay. >> I think the guiding principles though, and it's really helped us over the last four months is that the OSF, OpenStack Foundation, we believe in open source, open design, open development and open community. And Kata, we were like that's a great home. We believe in that as well. >> Any customers that are yet talking about their early usage of Kata that you can share? >> I think we have a lot of customers from runV and Clear Containers and Kata is going to be their next path forward. So with 1.0 out yesterday, I'm excited to see. We should see some upgrades real soon here. >> What's the path for them to get from where they are to the 1.0? Is that pretty straightforward? >> It should be, yeah, we think so. And they have their support from Intel and from Hyper to help them out with that as well. >> Stu: Okay. >> I was going to ask is Kata Containers, is it integrated in an API or is OpenStack necessary for it or is it independent of, from an infrastructure perspective, OpenStack, the stack? >> Yeah, it's completely independent, but it's also compatible. >> John: Okay. >> You can run on Azure, Google, OpenStack, agnostic of the infrastructure underneath it. >> John: Great. >> Anne, want to give you a final word. Takeaways from the show that you'd want people to have. >> Absolutely, I think the final word is containers are fantastic, it's probably time to take a look at your container architecture. Think about it from a security perspective, and I would encourage everyone to go check out Kata Containers and see if that's the solution for them. >> Anne Bertucio, really appreciate you joining and sharing with us everything happening. It can work with or without the OpenStack Containers. Absolutely a big trend, but security absolutely top of mind from everyone we've talked to. If it's not top of mind of a company, I'm always a little bit worried about them. For John Troyer, I'm Stu Miniman. We'll be back with lots more coverage here from OpenStack Summit 2018 in Vancouver. Thanks for watching theCUBE. (uptempo techno music)

>> Narrator: Live from Austin, Texas, it's theCUBE, covering KubeCon and CloudNativeCon 2017, brought to you by Red Hat, the Linux Foundation, and theCUBE's ecosystem partners. >> Okay, welcome back, everyone. This is theCUBE's exclusive coverage live here in Austin, Texas for the CNCF's two conferences, CloudNativeCon, which was yesterday, and two days, today and tomorrow, KubeCon for Kubernetes' conference. This is theCUBE, of course, from SiliconANGLE Media. I'm John Furrier with my cohost, Stu Miniman. Our next guest, Dan Kohn, is the executive director of the CNCF, the man who put it all together. Congratulations. Welcome back to theCUBE. Good to see you. >> Oh, absolutely. Thrilled to have you guys back here again. >> So you kind of doing a victory lap here now, high fiving each other? >> Dan: Great hugs. >> John: Great event. >> Laughing: I'm glad it's a good event, and I am hearing fantastic feedback that folks are thrilled to be here. But we sort of describe this moment for the organization and the community as being the end of the beginning. >> John: Yeah. >> Where we now have all the major cloud vendors, all of the biggest enterprise software companies. We have a core group of 14 projects anchored by Kubernetes, but tons and tons of work in front of us. >> And tons of success, so I'm just going to read a couple of highlights from yesterday. There's a lot today. Baidu joins the CNCF, a lot of scaling production application examples, 31 new silver end-user members joined, Alibaba Cloud update to platinum, CoreDNS 1.0, Containerd, Fluentd, Jaeger, tons of news. Obviously, we've been pumping out the coverage. Today, again, more and more great goodness. But really interesting is that you guys have put a frame around this community to allow it to grow, to fertilize the open source vibe, which is all cloud but yet scaled. And you put up a slide I want to get your reaction to that I thought was compelling yesterday during your keynote. It was the flywheel, circle, and it said projects, products, profit. >> Dan: Right. >> And not that you're promoting profit, but you're not hiding the ball, either, saying, hey, you know what? There's a lot of commercial interest in cloud, obviously. We saw AWS' success last week. And that is if you create good products in this community framework, there's profit to be had. >> Right. So first of all, I should admit to plagiarizing that slide from Linux Foundation Executive Director Jim Zemlin. >> And similarly, I think you can look at a lot of aspects... >> It's an open source feature. >> Dan: Yes. >> Free for you to use. >> John: Right. >> Similarly, I think there's a lot of ways in which Kubernetes is trying to build on the success of Linux. And Jim even describes Kubernetes as the Linux of the cloud. >> John: Yeah. >> Stu: Yeah. >> John: That's a good point. >> Dan, one of the things we've been talking around Kubernetes is you talk about scale. >> Dan: Right. >> Talk about scale of the CNCF. You have 4 to 14 projects. People are a little worried when you get all the vendors around here and there's all these projects. It's a foundation thing, it's going to go off the rails. >> Dan: Yeah. >> Customers aren't going to have a voice. How do we make sure we kind of learn from some of the things that other projects have had challenges with in the past? >> And I think that's our advantage, which is the great thing about coming later than some of the other foundations, is we can look at where they had successes and where they had issues. And our aspiration for CNCF is to get to go make entirely new mistakes rather than replicating some of the issues that have come before. And so really from the beginning of CNCF, we had a somewhat unusual and frankly a little bit cumbersome charter where I describe it at times as a three-ring circus. We have a governing board made up of the vendors that are putting a lot of money into the community, but they don't get to run the projects and they don't even get to pick the projects. Instead, they appoint six of the nine members of an independent technical oversight committee, kind of like the Supreme Court. And then we have a third group in the end-user community that I'm thrilled to say is now up to 28 members in it. They appoint one of those folks. We finally got that working. We have Sam Lambert, the director of infrastructure at GitHub, who has just made a huge commitment to Kubernetes and is moving all their infrastructure over into it. Those seven appoint the last two. And so that body, and they just had their public meeting a couple hours ago. They feel very strongly about their independence, about their reputation, that they're trying to make very good judgments based on what they're seeing in the marketplace. >> That's interesting, the three-ring circle. I like how you put it. But let's talk about the end-user piece because I think that's critical. One of the things we were commenting earlier from the Lyft folks was you have a lot of end users who have built some large-scale systems out of their own sheer necessity. >> Dan: Definitely. >> And that is now being donated in. We saw Kubernetes come in with, you shepherded beautifully, went from Google, but you've got Lyft donating an amazing product convoy. >> This first convoy has a huge amount of excitement. And what was fun was, actually, on the same stage that they contributed back in LA in September, Uber contributed a separate project. Now, unlike Uber and Lyft, the two projects are in no way competitive- >> John: Yeah. >> Like Jaeger is really fantastic tracing one. But what they have in common is that they're companies that have had to grow from nothing to extremely high scale and then had problems that they solved. And they wanted to share that expertise with us. >> I want to get your thoughts on this. Because we've been speculating, on theCUBE, we've been kind of thinking, an editorial, but just that this is all good business. Now, that's pretty obvious, right? You're starting to see this kind of contribution, the gifts that keep on giving. These are significant code. >> Dan: Yeah. >> Not like, okay, let's start a little group and huddle and build something organically. You have real goodness coming in from Google, Uber, Lyft, and there's a million others. >> Dan: Right. >> How is that changing the game? Certainly accelerating it. That's really bringing goods to the table. >> Right. I think the whole... >> You have to manage it. >> Well, and for what it's worth, I don't actually manage the projects. And so we do provide a set of services- >> John: The community? >> -to them and we help them, we market them. But one of the unusual aspects of CNCF is that the projects do actually manage themselves. A little bit of guidance from the TOC, but we really are unusual in that sense. And that's one of the reasons the projects have been... >> And what's interesting is, to connect the dots, though, one step further, you're talking about a commercial entity donating massive intellectual property in the open for all the goodness of everyone else. But yet that flywheel is continuing. They're still using it. So it is inherently commercial dynamic. >> Right. And back to that circle, I think really the underlying concept is that companies agree that sharing key parts of their infrastructure has a huge amount of value to the whole ecosystem, to each other. And then they're absolutely eager to compete above that. And so you can look at it with the public clouds where we have now Amazon, Microsoft, Google, Alibaba, IBM, Oracle all at the table. They are absolutely fierce competitors. But they're saying that this specific software infrastructure layer isn't the area that they want to compete. They want to compete on all the value-added services, customer service, et cetera. >> Dan, I wonder if you can speak to how CNCF connects to some of the broader communities out there. Things like Kata containers got announced coming out of the OpenStack group. You've got a serverless track happening here, kind of extends some of where Kubernetes is going. How does CNCF fit into the broader... >> Sure. And it's definitely the case that all the innovation out there cannot happen in CNCF. Most obviously, everything that we do, almost everything depends on Linux. And so that's our parent organization, the Linux Foundation. But we've had a good collaboration with Jonathan Bryce from OverStack. They have two booths on the floor here at the show. And we've spoken to Clear Containers and RunV, the two predecessors in the past. But the part that I'm particularly pleased with for Kata containers is that it is an OCI-compliant runtime, that's another sister organization, and is really designed to work well for Kubernetes. And then they can pitch that and let the market go decide which container runtimes they find the most valuable. >> Obviously a lot of traction here in terms of the sentiment around service meshes and pluggable lock-in textures. That's been very cool. But security came up. So I want to get your thoughts around security, obviously storage and these older models around how to deal with storage and networking. Obviously, always in the action. >> Yeah. >> But security is top of mind for everyone. How is that being addressed? You know, talk is out there... >> Sure. I mean our philosophy on this is that moving to cloud-native and particularly the continuous integration and continuous development that goes along with that is the most important step that you can do to help secure your infrastructure. And Equifax is the example everyone always brings up. But there was a case where they were using known insecure software and they didn't have the processes up to place where instead of doing quarterly updates or monthly updates, you want to be doing dozens of updates per day. And a cloud-native infrastructure allows you to do that. >> What's next for you? Because you've got great traction with both community response, and the community has been absolutely amazing, the quality of people, level has been great, but also at the funding sponsors. You've got a lot of people that are involved. What's next? What happens next? What do you envision happening? What's the plan, and then how do you view that evolving? >> Well, I hate to fall into the buzzword implosion here, but if you go back to the crossing the chasm metaphor, I think we're still very much just in the early adopter phase. 2018 could very well be the moment that we jump over to the early majority. And I do feel like this whole community now has the velocity to do that and that we're on track for it. But as that happens, there's just far, far more people who need to be educated so they understand the projects and the options and how to work with them. And then hopefully they go from just being consumers of these technologies to contributors and that we can welcome them into our community and hopefully get the advantage of their expertise as well. >> I want to get your thoughts on a comment that Stu and I were talking about. Stu, you and I were talking about the notion of value creation above the stack, and then how Kubernetes, although some could say being commoditized, but it's also creating value because with that consistency of Kubernetes, you can now create value. So we believe, and I want to get your reaction to this, because we think a whole new ecosystem dynamic will emerge of a new kind of ecosystem. And if this new app developer combined with software engineering, which is really going on, you're talking about the cloud, the app developers will just build in value, that value creation will be rewarded. That's where monetization will be happening. >> And if I could build off that... >> John: Yeah. >> Dan, I loved one of your opening comments. You quoted, "exciting times for boring infrastructure, "maybe too exciting." So this week we've been teasing out there's a lot of work to make that infrastructure boring. You've got everybody on this floor, the CNCF board, lots of new projects making that. Where the action is and what this is going to create is that application monetization and the speed and agility of being able to create these cool new cloud-native applications out there. So it's interesting dynamic, spans broad pieces of this, layers of the stack there. >> Yeah. Well, I will point out that there was an odd level of unanimity of just a ton of different leaders in the community, in keynotes from Craig McLuckie and Chen Goldberg and others where they all agree that Kubernetes is not by any means the ultimate answer or the final answer. I think everybody now expects to see Kubernetes as a core aspect of the infrastructure for software for the next decade or more. But there's a belief that there's a whole ton of value that needs to be added above it, particularly to try and show for a regular application developer who just has a PHP app or no-GS microservices or anything else what's the easiest way to go from having a piece of software and deploying it effectively. >> Dan, so it's interesting. You watch the people on the outside. They're like, oh, look at Kubernetes. They're all holding hands and saying Kumbaya. We know there's some spirited debates that happen- >> Dan: Definitely. >> In the code, some projects that are sometimes competing up there. Why has the community come together, and where are some of the areas that we still need to work on and improve to help customers going forward? >> And again, I think they have the big advantage of having watched other communities that didn't value community and consensus and the ability to work through their issues. And so thankfully, we just have a ton of really capable engineers who also have some of those social or personal qualities that they care about working these things out. And to date, at least, I think most of those disagreements have been settled pretty amicably and in a positive direction. I think there's still huge swathes of this space that are still up in the air. Storage is an obvious one where there's a ton of work going on in a storage working group of CNCF. Serverless is another where I think everyone agrees that the application deployment model of AWS Lambda is really exciting and has things that people should replicate and should be brought over to Kubernetes. But how that should happen, what the software is, et cetera, there's still, in fact, we have our first serverless track today here at KubeCon where several different competing approaches are all talking about what they'd like to do. >> Awesome stuff. And you also announced some dates for next year, December 11 and 13 in Seattle. >> Dan: Yes. >> Okay. >> Dan: That's a year from now. >> November 14 and 15 in Shanghai. >> Now, you and I met in Hangzhou in the lobby, which was just amazing. But I certainly am hoping to convince you to go back to China with us. This will be our first event... >> I got a three-year visa. >> Good, yeah, that's the exactly right one. But this will be our first event in China, which I think is just a huge opportunity. We now have Baidu, Tencent, Huawai, ZTE, a number of startups. There's just so much excitement for this space over there that we're really excited to satisfy. >> Stu: And Copenhagen in May. >> And that's the last one. Thank you. May 2 to 4 in Copenhagen, and we're really excited for the event, to bring it to Europe and the rest of the world. >> Okay. So you've been working like a dog, you've been working hard. I've seen you in China. It's serendipitous. But it's not without being mentioned that this has been great effort by your team and the Linux Foundation and Jim and the whole team. But congratulations. Are you having a pinch me moment? I know it's too early to do a victory lap. >> But you've got to be pretty excited. >> Yeah. It really has been a great thing for the foundation that we sort of accomplished many of our 2018 and 2019 goals this year. But I'm sure we're going to find plenty of stuff to do next year. >> And your goal for the next 6 to 12 months, what's on your top three to-do's, continue the momentum? Share your API for... >> Yeah. What's great is that we really have plenty of members. We'd always like to add new ones and serve the ones we have better. But right now, the focus is really about providing better services to our projects. All of them feel overworked. They would love help on documentation, on marketing, on messaging about it, and some of them need help with testing development and other things. So that's really what we're buckling down on. >> Great community are going to test them, being here on the ground, personally present at creation. And I was standing there with J.J. and Lew Tucker, OpenStack three years ago, talking about Kubernetes. We were kind of ripping. We couldn't have imagined, then, obviously, they bolted it on last year with your event. Now second year here, huge community... >> But you have 4,100 folks here, is more than the previous four events combined. >> Yeah, awesome. >> So it really is exciting. >> TheCUBE, always on the ground. And sometimes the squirrel finds a nut. We found a cloud-native foundation, part of the Linux Foundation. CNCF, Cloud-Native Compute Foundation, really a new, growing, and relevant community for cloud and a new way to do software and reimagine the future from software engineering to full application development, a new way. This is theCUBE's coverage, and we are here live in Austin. More live coverage after this short break. We'll be right back. [Techno Music]

>> Announcer: Live from Austin Texas, it's theCUBE. Covering KubeCon and CloudNativeCon 2017. Brought to you by Red Hat, the Linux Foundation, and theCUBE's ecosystem partners. >> Welcome back everyone, this is theCUBE live in Austin, Texas for our exclusive coverage at the CloudNative Conference and KubeCon with Kubernetes via theCUBE. theCUBE which we're live, and 8 years running, I'm John Furrier, the founder of SiliconANGLE Media, my colleague, Stu Miniman. And I'm excited to have Cube alumni, and its distinguished industry legend, Lew Tucker, Vice President CT of Cloud Computing at Cisco Systems. Welcome back to theCUBE, great to see you. >> Great to be back, it's one of my favorite shows. >> Lou, we've had many conversations over the years, and it's always great to have you on because you're on the cutting-edge perspective, but you have a historical view as well, you've seen many waves of innovation. And obviously you own lots of property in the Computer's History museum, your resume goes on and on. But, you got to admire this community. Three years old, it was you, me and JJ we're sitting around at OpenStack in Vancouver three and a half years ago, having a beer after the event one of these days, and we were talking about Kubernetes, and we were really riffing on orchestration and kind of shooting the arrow forward, kind of reading the tea leaves. And we were predicting inter-clouding, inter-networking, Cisco core competency, the notion of application developers wanting infrastructure as code. We didn't actually say mircoservices but we were kind of describing a world that would be microservices, and this awesomeness that's going on with the Cloud. What a ... [Lew] You were right. You were right. >> We were right, it wasn't me, it was the community. This is how communities operate. >> It is. I think that what we're seeing, and particularly in these open source communities, you're getting the best ideas. And therefore, a lot of people are looking at this future space, and then we bring the kids out of the communities, get the projects that we work together on it, and that's how we move it forward. >> You've been a great leader in the community, just want to give you some props for that, you deserve it, but more importantly is just the momentum going on right now. And I want to get your take, you're squinting through the growth, you're looking at the innovation, looking at the big picture, certainly from a Cisco perspective, but also as an industry participant. Where's the action? Obviously containers grew, that tide came in, a lot of boats floated up. We saw microservices boom, then we now, Kubernetes' getting better and better, multiple versions, it's - some say commoditized, some would say more inter-operable. Really, that's the connection tissue for multi-cloud. >> Exactly right. >> Do you see the same thing? Where's the action? >> So, cloud computing is going everywhere now. And so it's natural that we see one of the next phases of this is in the area of multi-cloud. The customers, they are in public cloud, they have private data centers where they want to run similar applications. They don't want to have a completely different environment. What they really want to see is a consistent environment across which they can deploy applications. And that consistent environment also has to have security policies, authentication services, and a lot of these things. And to really drive the innovation, what I find interesting is that, the services that are coming now out of public cloud, whether it be an AI or server list, event-driven kind of programming models. Enterprises want to connect into them. And so one of the things I think that that leads to is that you're beginning to hear talk now, just beginning to hear it, which is this project called Istio. Which is a service mesh, because what that really allows -- >> John: What's the project name? >> It's called Istio? >> John: Istio. >> Lew: I-S-T-I-O. >> Okay. >> dot I-O. Everything is open source, it's a project that's contributed to by Google, and IBM, and Lyft, and now Cisco's getting involved in it, as well. And what it really plays into is this world of multi-cloud. That now we can actually access services in the public cloud from your own private data center, or from the public running applications in a public cloud, you can access services that are back in your data center. So it's really about this kind of application-level networking stack, that means that application developers can now off-load all of that heavy work to a service mesh, and therefore that'll accelerate application development. >> So it's interesting, I heard some talk about things like Envoy edge and service proxies, and service proxies have been a nice tool to kind of cobble together old legacy stuff, but now you're seeing stuff go to the next level. This data I heard in the keynote, I want to get your reaction 'cause this kind of jumps out at me. Lyft had created a mesh over hundreds of thousands of services over millions of transactions per second. Lyft. Uber's got some stuff on the monitoring side, Google's donated - This is large scale cloud guys who had to build their own stuff with open source, now contributing all this stuff back. This is the mesh you're talking about, correct? >> This is exactly right, yes. Because what we're seeing is, we've talked about micro services, and Kubernetes is about orchestration of containers. And that has accelerated application development and deploying it. But now the services, each one of those services still has all of this networking stuff they have to deal with. They have to deal with load balancing, they have to deal with retries, they have to deal with authentication. So instead, what is happening now, we're recognizing these common patterns, this is what the community does (mumbles). You see a common pattern, you abstract it, and you push that out into what is known as side cars now, so that the application developer doesn't have to -- the application doesn't get changed when you need to change, like, 'bring up a couple more services over here' 'put this on a different cloud'. The individual components now are unaffected by that, because all of that work has been offloaded into a service mesh. >> Lew, bring us inside a little bit. Dig into that next level of kind of networking. 'Cause you speak, kind of networking administrator, running around the data center, you get everything from pulling cables to zoning and everything like that. Now it's multi-cloud, multi-service, everything's faster. Through all the architect, the person running it, automation ... We don't have an hour, but give us a little bit about what it means to be a networking person these days. >> Well, it's interesting, because one of the things that we know application developers did not want to become, is to be a network engineer. And yet to do a lot of what they had to do, they had to learn a lot of those skills. And instead they would rather set things up by policy. For example, they would like to be able to say, 'if I'm deploying now the version two of my application', it's a classic thing we talk about in this deal, 'the next version we want to just direct' '5% of the traffic to it, make sure it's okay' 'before we turn over the whole thing.' You should be able to do that at the application level, and through a service mesh that is built in networking at the application level, the application guys can do it. Now the role of the network engineer is still the same, they have to provide the basic infrastructure to allow that to happen. And for example, a lot of the infrastructure now is extending the Cloud from public cloud through the cloud BPM services that they have back into the data center. So Cisco, for example, is putting technologies that are running at AWS and at Google, and Azure, that allows that to come back into the data center. So we can run Cisco virtual routers in the Cloud, connected back up in the data center. So their standard networking policy that the networking engineers really want to see enforced, they can be assured that that's enforced, and then Istio layers on top of it. >> And that's decoupled from the application. >> Right. Right. >> This is what we've been talking about since 2010, our eighth year of theCUBE, infrastructure as code. This is what DevOps was all about, and now it's evolving mainstream. >> Absolutely right. You really want infrastructure to be as boring as possible. And capable and then secure. And now give a lot more control over to the application developer. And we also know, right now it's really based largely on Kubernetes, it's a great example, but that will connect into virtual machines, it will connect into legacy services. So all of this has to do with connecting all of those pieces that are today in an enterprise, moving to a public cloud. And that transition doesn't happen wholesale. You move a couple over. >> Lew, one thing. I want you to look back, John talked about - We interviewed a bunch of years in OpenStack. What's your take on the role of OpenStack today, is there still a roll in OpenStack, and how's that kind of compare/contrast to what we're doing here? >> Happy to answer, because I actually am on both boards, I'm on the CNCF board and I'm on the OpenStack board, and I have contributors on my teams to both efforts across the board. And I think that the role that we're seeing of OpenStack is Openstack is evolving also, and it's becoming more embracive and it's becoming about open infrastructure. And it's really about, how do you create these open infrastructure plays. So it is about virtual machines, and containers, and bare metal, and setting up of those services. So Kubernetes works just great on top of OpenStack, and so now people get to have a choice, because one of the hard things I think for, mostly enterprise developers and everything else, is that the pace is changing so fast. So how do they try out some of the newer technologies that still can be connected back into the existing legacy systems? And that's why I think that we're seeing the role for OpenStack is to make that, you can put it with virtual machines, you can stand them up in there, and you can have the same virtual machines essentially running in the Cloud. >> So virtual machines versus other approaches has come up as a trade off, we heard in the keynote, between cost - I mean, speed, and security. Security's super important. So let me get your thoughts on how that plays out, because we've got the pluggable logger tech, which is another big theme we heard in the keynote, which is essentially just meaning, having a very focused, leverageable piece of code that can be connected into Kubernetes. But with VM's now, some are saying VM's are slow when you're trying to do security, but you want slow, boring when you need it, but you want speed and secure when you need it, too. How do you get both out of that? >> Without being too geeky in terms of, a virtual machine is emulating an entire computer. And so it looks like a computer, so you're running your traditional applications on top of a virtual machine. The same as they would if they were running on what we call, bare metal machine. So that is by necessity, much heavier. You're bringing around a whole operating system and things like that. Containers -- >> And there's a role for that, too. >> There's absolutely a role for that. >> Now containers? >> But containers, then, are really much more about, it's an application packaging exercise, so that you can say, 'I'm going to run this application, I just want all its dependencies packaged up.' I'll assume there's an operating system there. I'm going to count on the fact that there's a single operating system. So you can spin up containers, they're much more lightweight, much more quickly. And now there's even things such as Kata Containers that are coming out of Intel, which is now merging those technologies. >> Male: The clear containers. >> Clear containers, they came originally Clear Containers, and now it's merging, because we're saying, 'we want the security and the protection that you get' 'with a virtual machine, tied into, like the VTX' 'instruction set, in the hardware'. So you can get that level of security, assurances, but now you get the speed of containers. So, I think we're continuing to see the whole community evolving in this direction and making things easier for application developers, faster to do. They're increasing in scale, so management and orchestration - we talked about that three years ago, that that would be a big issue, and guess what? Of course it is. That's exactly what Kubernetes is addressing. >> And the role of the data is going to be critical, this is where a lot of people in the enterprise that we talked to, love the story, they love the narrative, but they're hearing things that they've never heard before and they kind of, slow down. So I'd like you to take a minute, Lew, and explain to the person watching, CIO, chief architect, network guy, whatever - what the hell is this Kubernetes hubbub about? What is Kubernetes, from your perspective? How would you wrap that up and describe the, what it is, and the impact to the customer? >> So, formally it's an orchestration of the container. So what that means is that, when you're developing an application, if you want it to be resilient, you want several instances of that application running, and you want traffic, then, to be low-balanced across it. Kubernetes provides that level of orchestration, to make sure there's always three running. If one fails, it can bring up another one. And it can do that completely automated. So it's a layer that really manages the deployment of containers. As an application developer, you still write your application, you package it up into a container, could be a doc or a container, and then you deploy it using Kubernetes in there. What is interesting, and I think that this is what we've recognized in this last year, I think, is that Kubernetes has a very simple networking model. Which is basically that of having a way to load-balance across multiple containers and keep them running. If you have anything more complicated about different services that you want to talk to from those containers, that may be different places in the universe, we don't have a mechanism for doing that. And everybody was having to write their own. So again, that's where the idea of a service mesh, STF -- >> John: That's where the meshing comes in. >> That's where the mesh ... >> Hundreds and hundreds of services. >> Lynkerd has been doing it for a while, Envoy. >> And Lyft and Uber, they had to do it because they had massive explosion of devices. >> Right, exactly right. And so that's why getting together the code from Lyft and Envoy, adding a control plane to it, which is what Istio really is about, brings that out, too. >> Sounds like an operating system to me, but Lew I one more question for you. You mentioned in, as you described it, Kubernetes, isn't that auto-scaling? If I'm familiar with AWS, isn't that just auto-scaling? Or is it auto-scaling for application instances? Or is auto-scaling more - defined differently? >> It does do the scaling part, it does the resiliency part, but it has a very simple model for that. And that's why you need to have other - but it's a beginning of that orchestration layer. >> Because at the container level, it has all those inherent problems. >> Right. And it can make sure to keep those containers alive and well, and manage the life cycle. >> John: And that's the difference. >> And that's the real difference. Whereas the auto-scaling from Amazon, as a service, is purely a networking capability then tied into bringing up new instances. >> So this is like auto-scaling on steroids. >> It is. But one of the differences also is that Kubernetes and what we're doing here is all open source. So you can run it anywhere. You don't get, a lot of people are very concerned about being locked in to, it used to be, you were locked into Oracle, or to Microsoft, or Java, on premise of things like that. >> Whatever proprietary operating system. >> And now they have concern being locked into these services that are in the public cloud providers. And what we're seeing now with Kubernetes and we're seeing in almost everything around here, by open sourcing them, the advantage is now the enterprise can run the same technology inside, without being locked into a vendor, as they do in the public cloud. >> Lew, so we spent a bunch of time talking about multi-cloud. Some of the more interesting pieces is what's happening at the edge, and IOT. We've heard Cisco talking about it for many years, networking of course important. What's your take, what are you working on, with regards to that these days. >> There's a couple new trends that we've been, IOT is actually now really getting realized, I think, because it is pushing a lot of the computing out to the edge, whether it be in cell phone towers or base stations, retail stores, that kind of edge. At the same time, we're seeing this multi-cloud that we want the big services. If I want to use a machine learning service, I want to use it up in the cloud, and I need to now connect it back to those devices. So multi-cloud is really about, addressing how do you develop applications that run across multiple, in the cloud, on the edge, in an IOT device. There's also, I think you've probably been hearing, server lists, and function as a service. These are, again, a lighter weight way to have kind of an event-driven model, so that if you have an IOT device and it just causes an event, you want to be able to spawn essentially a service, in the cloud, that only runs to process that one event, and then it goes away. So you're not paying to run instances of virtual machines or whatever, sitting there waiting for some event. You get a trigger, and you only pay - so it has this micro-billing capability as a part of it - so that you just can use only the resources. We finally realized the promise that we always had in cloud computing, which is that, pay for only what you need, for what you use. And so this is another way to do that. >> Lew, it's great to have you on theCUBE again, good to see you, great to get the update. I'd like to ask you one more final question to end the segment here. You always have your ear to the ground, reading the tea leaves, you have a unique skill to understand the tech at the root level. What's coming next? If we go back and we have these nice conversations where we're riffing on what's coming out in the next two, three years. It's unclear to some of the visionaries out there, so I got to ask you, what's going to be hot, what do you see emerging? As we saw Kubernetes and discussed, we couldn't have predicted this, I couldn't have. I knew it was going to be hot, I knew it was going to be big, but not this big, changing industry. What do you see out there? What would be the conversation you'd say, 'You know, we've got to watch this,' 'this is going to be a value creation opportunity,' 'enabling technology that's going to make a lot of things' 'flow nicely' - what kind of tech should ... >> Well, it may be a trite answer, 'cause I think a lot of people are seeing the same thing, is that we're actually laying the groundwork here, when we talk about multi-cloud, things that are distributed across multiple things. Accessing different services. I'm still a big believer in, it's going to be in the strength of those services. Whether they be speech-translation services, whether they be recommendation engine, whether it means big data services. Access to those services is what's going to be important. Three or four years from now, we're going to be talking about the intelligence -- >> Without a lot of heavy lifting to integrate it. >> Yes, that's exactly the point. We want it so that somebody can almost visually wire up these things, and take advantage of tremendously powerful machine-learning algorithms. That they don't want to have to hire the machine-learning experts to do it, they want to use that as a service. >> Slinging API, slinging services, wiring things up, sounds like it's an operating system to me. >> It's always an operating system at the end of the day. >> Lew Tucker, Vice President and CTO at Cisco Systems. Industry legend, on the board of CNCF, the fastest-growing organization, where projects equal products equals profit, and of course the OpenStack. Lew, thanks for coming on theCUBE, I'm John Furrier with Stu Miniman, back here live in Austin for more live coverage of CloudNativeCon and KubeCon, after this short break. >> Lew: Thank you.