>>from around the globe. It's the Cube with coverage of Coop Con and Cloud, Native Con Europe 2020 Virtual brought to You by Red Hat, The Cloud Native Computing Foundation and its ecosystem Partners. Hi, I'm stupid, man. And this is the Cube's coverage of Cube con Cloud Native Con Europe event, which, of course, this year has gone virtual, really lets us be able to talk to those guests where they are around the globe. Really happy to welcome back to the program. Liz Rice. First of all, she is the vice president of Open Source Engineering at Aqua Security. She's also the chair of the Technical Oversight Committee has part of Ah CN cf. Liz, it is great to see you. Unfortunately, it's remote, but ah, great to catch up with you. Thanks for joining. >>Yeah, Thanks for having me. Nice to see you if you know across the ocean. >>So, uh, you know, one of the one of the big things? Of course, for the Cube Con show. It's the rallying point for the community. There are so many people participating. One of the things we always love to highlight its not only the the vendor ecosystem. But there is a very robust, engaged community of end users that participate in it. And as I mentioned, you're the chair of that technology oversight committee. So maybe just give our audience a little bit of, you know, in case they're not familiar with the TOC does. And let's talk about the latest pieces there. >>Yes, say the TOC is really hit. C can qualify the different projects that want to join the CNC F. So we're assessing whether or not they're cloud native. We're assessing whether they could joined at sandbox or incubation or graduation levels. Which of the different maturity levels that we have for for project within the CN CF yeah, we're really there, Teoh also provide it steering around the What does cloud native mean and what does it mean to be a project inside the CN CF community? We're also a voice for all of the projects. We're not the only voice, but, you know, part >>of our role >>really is to make sure the projects are getting what they need in order to be successful. So it's it's really around the technology and the projects that we call cloud native >>Yeah, and and obliges Cloud Native because when people first heard of the show, of course, Kubernetes and Cube Con was the big discussion point. But as you said, Cloud native, there's a lot of projects there. I just glanced at the sandbox page and I think there's over 30 in the sandbox category on and you know they move along their process until they're, you know, fully mature and reach that, you know, 1.0 state, which is the stamp of approval that, you know, this could be used in production. I understand there's been some updates for the sandbox process, so help us understand you know where that is and what's the new piece of that? >>Yeah. So it's really been because of the growth off cloud native in general, the popularity off the CN CF and so much innovation happening in our space. So there's been so many projects who want Teoh become hard off the CNC f family on and we used to have a sponsorship model where members of the TOC would essentially back projects that they wanted to see joining at the sandbox level. But we ran into a number of issues with that process on and also dealing with the scale, the number of applications that have come in. So we've revamped the process. We made it much easier for projects to apply as much simpler form where really not making so much judgment we're really saying is it's a cloud native project and we have some requirements in terms off some governance features that we need from a project. And it's worth mentioning that when a project joins the CN CF, they are donating the intellectual property and the trademark off that project into the foundation. So it's not something that people should take lightly. But we have tried to make it easier and therefore much smoother. We're able Teoh assess the applications much more quickly, which I think everyone, the community, the projects, those of us on the TOC We're all pretty happy that we can make that a much faster process. >>Yeah, I actually, it brings up An interesting point is so you know, I've got a little bit of background in standards committees. A swell as I've been involved in open source for a couple of decades now some people don't understand. You know, when you talk about bringing a project under a foundation. You talked about things like trademarks and the like. There are more than one foundation out there for CN CF Falls under the Linux Foundation. Google, of course, brought Kubernetes in fully to be supported. There's been some rumblings I've heard for the last couple of years about SDO and K Native and I know about a month before the show there was some changes along SDO and what Google was doing there may be without trying to pass too many judgments in getting into some of the political arguments, help us understand. You know what Google did and you know where that kind of comparison the projects that sit in the CN cf themselves. >>Yeah, So I e I guess two years ago around two years ago, Stu was very much the new kid in the cloud native block. So much excitement about the project. And it was actually when I was a program co chair that we had a lot of talks about sdo at Cube Con cloud native bomb, particularly in Copenhagen, I'm recalling. And, uh, I think everyone I just saw a natural fit between that project on the CN, CF and There was an assumption from a lot of people across the community that it would eventually become part of the CNC f. That was it's natural home. And one of the things that we saw in recent weeks was a very clear statement from IBM, who were one off the Uh huh, yeah, big contributing companies towards that project that that was also their expectation. They were very much under the impression that Stu would be donated to the CN CF at an appropriate point of maturity, and unfortunately, that didn't happen. From my point of view, I think that has sown a lot of confusion amongst the community because we've seen so much. It's very much a project of fits. Service mesh designed to work with kubernetes is it really does. You're fit naturally in with the other CN CF projects. So it's created confusion for end users who, many of whom assume that it was called the CN CF, and that it has the neutral governance that the other projects. It's part of the requirements that we have on those projects. They have to have an open governance that they're not controlled by a single vendor, Uh, and we've seen that you know that confusion, Andi. Frustration around that confusion being expressed by more and more end users as well as other people across the community. And yeah, the door is still open, you know, we would still love to see SDO join the community. Clearly there are different opinions within the SD wan maintainers. I will have to see what happens. >>Yeah, lets you bring up some really good points. You know, absolutely some of some of that confusion out there. Absolutely. I've heard from customers that if they're making a decision point, they might say, Hey, maybe I'm not going to go down that maybe choose something else because I'm concerned about that. Um, you know, I sdo front and center k native, another project currently under Google that has, you know, a number of other big vendors in the community that aiding in that So hopefully we will see some progress on that, you know, going forward. But, you know, back to you talked about, You know, the TOC doesn't make judgements as to you know which project and how they are. One of the really nice things out there in the CN CF, it's like the landscape just for you to help, understand? Okay, here's all of these projects. Here's the different categories they fit in. Here is where they are along that maturity. There's another tool that I read. Cheryl Hung blogged about the technology radar. I believe for continuous delivery is the first technology radar. Help us understand how that is, you know, not telling customers what to do but giving them a little guidance that you know where some of these projects projects fit. In a certain segment, >>Yeah, the technology radar is a really great initiative. I'm really excited about it because we have increasing numbers or end users who are using these different projects it both inside the CN CF and projects that are outside of the CNC F family. Your end users are building stacks. They're solving real problems in the real world and with the technology radar. What Cheryl's been able to facilitate is having the end you to the end user community share with us. What tools? They're actually using what they actually believe are the right hammers for specific nails. And, you know, it's it's one thing for us as it's more on the developer or vendor side Teoh look at different projects and say what we think are the better solutions for solving different problems. Actually hearing from the horse's mouth from the end users who are doing it in the real world is super valuable. And I think that is a really useful input to help us understand. What are the problems that the end user is still a challenge by what are the gaps that we still need to fail more input we can get from the end user community, the more will be solving real problems and no necessarily academic problems that we haven't sorry discovered in >>the real world. Alright, well is, you know, teeing up a discussion about challenges that users still have in the world. If we go to your primary jobs, Main hat is you live in the security world and you know, we know security is still something, you know, front and center. It is something that has never done lots of discussion about the shared responsibility model and how cloud native in security fit together and all that. So maybe I know there's some new projects there, but love to just give me a snap shot as where we are in the security space. As I said, Overall, it's been, you know, super important topic for years. This year, with a global pandemic going on, security seems to be raised even more. We've seen a couple of acquisitions in the space, of course. Aqua Security helping customers along their security journey. So what do you seeing out there in the marketplace today and hear from your custom? >>Yeah, I Every business this year has, you know, look at what's going on and you know, it's been crazy time for everyone, but we've been pleasantly surprised at how, you know, in relative terms, our business has been able to. It's been strong, you know. And I think you know what you're touching on the fact that people are working remotely. People are doing so many things online. Security is evermore online. Cloud security's evermore part off what people need to pay attention to. We're doing more and more business online. So, actually, for those of us in the security business, it has bean, you know that there have been some silver linings to this this pandemic cloud? Um, yes. So many times in technology. The open source projects and in particularly defaults in kubernetes. Things are improving its long Bina thing that I've you know, I wished for and talked about that. You know, some of the default settings has always been the most secure they could be. We've seen a lot of improvements over the last 23 years we're seeing continuing to see innovation in the open source world as well as you know, on the commercial side and products that vendors like Akwa, you know, we continue to innovate, continue to write you ways for customers to validate that the application workloads that they're going to run are going to run securely in the cloud. >>Alright and lives. There's a new project that I know. Ah, you know, you Aqua are participating in Tell us a little bit about Starbird. You know what's what's the problem? It's helping solve and you know where that budget >>Yes, So stockholders, one of our open source initiatives coming out of my team are equal on, and the idea is to take security reporting information and turn it into a kubernetes native, uh, resources custom resources. And then that means the security information, your current security status could be queried over the kubernetes AP I, as you're querying the status or the deployment, say you can also be clearing to see whether it's passing configuration audits or it's passing vulnerability scans for the application containers inside that deployment. So that information is available through the same AP eyes through the queue control interface through dashboards like Octane, which is a nice dashboard viewer for kubernetes. And starboard brings security information not just from acquittals but from other vendor tools as well front and center into that kubernetes experience. So I'm really excited about Star Border. It's gonna be a great way of getting security visibility, Teoh more kubernetes use it >>all right. And we were talking earlier about just the maturity of projects and how they get into the sandbox. Is is this still pretty sandbox for >>this? OK, we're still very much in the early phases and you know it. I think in the open source world, we have the ability to share what we're doing early so that we can get feedback. We can see how it resonates with with real users. We've had some great feedback from partners that we've worked with and some actual customers who actually collaborated with When we're going through the initial design, some great feedback. There's still lots of work to do. But, yeah, the initial feedback has been really positive. >>Yeah, is usually the event is one of those places where you can help try toe, recruit some other people that might have tools as well as educate customers about what's going on. So is that part of the call to action on this is, you know, what are you looking for for kind of the rest of 2020 when it when it comes to this project? >>Yeah, absolutely. So internally, we're working on an operator which will automate some of the work that's double does in the background in terms off getting more collaboration. We would love to see integrations from or security tooling. We're talking with some people across the community about the resource definition, so we've come up with some custom resource definitions, but we'd love them to be applicable it to a variety of different tools. So we want to get feedback on on those definitions of people are interested in collaborating on that absolutely do come and talk to me and my team are reluctant. >>Great. Listen, and I'll give you the final word. Obviously, we're getting the community together while we're part So you know any other you know, engagement opportunities, you get togethers. Things that you want people to know about the European show this year. >>Well, it's gonna be really you know, I'm on tenterhooks to see whether or not we can recreate the same atmosphere as we would have in Q con. I mean, it won't be exactly the same, but I really hope that people will engage online. Do come and, you know, ask questions of the speakers. Come and talk to the vendors, get into slack channels with the community. You know, this is an opportunity to pretend we're in the same room. Let's let's let's do what we can Teoh recreate as close as we can. That community experience that you keep corn is famous for >>Yeah, absolutely. That whole way track is something that is super challenging to recreate. And there's no way that I am getting the Indonesian food that I was so looking forward to in Amsterdam just such a great culinary and cultural city. So hopefully sometime in the future will be able to be back there. Liz Rice. Always pleasure catching up with you. Thanks so much for all the work you're doing on the TOC. And always a pleasure talking to you. >>Thanks for having me. >>All right, Lots more coverage from Cube Con Cloud, Native con the European 2020 show, Of course. Virtual I'm stew minimum. And thank you for watching the Cube. Yeah, yeah, yeah, yeah.

>> Narrator: From around the globe, it's theCUBE with coverage of KubeCon and CloudNativeCon Europe 2020 Virtual brought to you by Red Hat, the Cloud Native Computing Foundation and ecosystem partners. >> Hi I'm Stu Miniman and this is theCUBE's coverage of KubeCon, CloudNativeCon the 2020 European show of course happening virtually and that has put some unique challenges for the people running the show, really happy to welcome to the program she is one of the co-chairs of this event, and she is also a Principal Software Engineer at Splunk, Constance Caramanolis thank you so much for joining us. >> Hi, thank you for having me, I'm really excited to be here, it's definitely an interesting time. >> Alright, so Constance we know KubeCon it's a great community, robust everybody loves to get together there's some really interesting hallway conversations and so much going on, we've been watching, the four or five years we've been doing theCUBE at this show, just huge explosion of the breadth and depth of the content and of course, great people there. Just, if we could start with a little bit, your background, as I mentioned you're the co-chair, you work for Splunk by way of an acquisition, of Omnition try saying that three times fast, and Omnition you were telling me is a company that was bought really before it came out of stealth, but when it comes to the community itself, how long have you been involved in this community? What kind of led you to being co-chair? >> Yeah, I guess I've been involved with the community since 2017, so, I was at Lyft before Omnition Splunk, and I was lucky enough to be one of the first engineers, on Envoy you might've heard of Envoy, sorry I laugh at my own jokes. (laughing) Like my first exposure to KubeCon and seeing the CNCF community was KubeCon Austin and the thing that I was amazed by was actually you said it the hallway tracks, right? I would just see someone and be like, "Hey, like, I think I've seen your code review can I say hi?" And that started back on me at least a little bit involved in terms of talking to more people then they needed people I would work on a PR or in some of the community meetings and that was my first exposure to the community. And so I was involved in Envoy pretty actively involved in Envoy all the way until from 2016 until mid 2018 and then I switched projects and turning it left and did some other stuff and I came back into CNCF community, in OpenTelemetry as of last year, actually almost exactly a year ago now to work on making tracing, I'm going to say useful and the reason why I say useful is that usually people think of tracing as, not as important as metrics and logs, but there is so much to tracing that we tend to undervalue and that's why I got involved with OpenTelemetry and Omnition, because there's some really interesting ways that you could view tracing, use tracing, and you could answer a lot of questions that we have in our day-to-day and so that's kind of that's how I got involved in the second-round community and then ended up getting nominated to be on the co-chair and I obviously said yes, because this is an amazing opportunity to meet more people and have more of that hallway track. >> Alright, so definitely want to talk about OpenTracing, but let's talk about the event first, as we were talking about. >> Yeah. >> That community you always love the speakers, when they finish a session, they get mobbed by people doing questions. When you walk through the expo hall, you go see people so give us a little bit of insight as to how we're trying to replicate that experience, make sure that there's I don't know office hours for the speakers and just places and spaces for people to connect and meet people. >> Yeah, so I will say that like, part of the challenge with KubeCone EU was that it had already been meant to be an in person event and so we're changing it to virtual, isn't going to be as smooth as a KubeCon or we have the China event that's happening in a few weeks or at Boston, right that's still going on, like, those ones are being thought out a lot more as a proper virtual event. So a little bit of the awkwardness of, now everything is going to be online, right? It's like you can't actually shake someone's hand in a hallway but we are definitely trying to be cognizant of when I'm in terms of future load, like probably less content, right. It's harder to sit in front of a screen and listen to everything and so we know that we know we have enough bandwidth we're trying to find, different pieces of software that allow for better Q and A, right? Exactly, like the mobbing after session is go in as a speaker and one as attendee is sometimes like the best part about conferences is you get to like someone might've said something like, "Hey, like this little tidbit "I need to ask you more questions about this." So we're providing software to at least make that as smooth, and I'm putting this in quotation and as you'll be able to tell anyone who's watching as I speak with my hands. Right, so we're definitely trying to provide software to at least make that initial interaction as smooth as possible, maybe as easy as possible we know it's probably going to be a little bit bumpy just because I think it's also our first time, like everyone, every conference is facing this issue so it's going to be really interesting to see how the conference software evolves. It is things that we've talked about in terms of maybe offering their office hours, for that it's still something that like, I think it's going to be really just an open question for all of us, is that how do we maintain that community? And I think maybe we were talking or kind of when I was like planting the seed of a topic beforehand, it's like it's something I think that matters like, how do we actually define community? 'Cause so much of it has been defined off that hallway track or bumping into someone, right? And going into someone's booth and be like, like asking that question there, because it is a lot more less intimidating to ask something in person than is to ask it online when everyone gets to hear your question, right. I know I ask less questions online, I guess maybe one thing I want to say is that for now that am thinking about it is like, if you have a question please ask questions, right? If recording is done, if there's a recording for a talk, the speakers are usually made available online during the session or a bit afterwards, so please ask your questions when things come up, because that's going to be a really good way to, at least have a bit of that question there. And also don't be shy, please, even when I say like in terms of like, when it comes to review, code reviews, but if something's unintuitive or let's say, think about something else, like interact with it, say it or even ask that question on Twitter, if you're brave enough, I wouldn't but I also barely use Twitter, yeah I don't know it's a big open question I don't know what the community is going to look like and if it's going to be harder. >> Yeah, well, one of the things I know every, every time I go to the show conferences, when the keynote when it's always like, okay, "How many people is this your first time at the show?" And you look around and it's somewhere, third or half people attending for the first time. >> Yeah. I know I'm trying to remember if it was year and a half ago, or so there was created a kind of one-on-one track at the show to really help onboard and give people into the show because when the show started out, it was like okay, it was Kubernetes and a couple of other things now you've got the graduated, the incubated, the dozens of sandbox projects out there and then even more projects out there so, cloud-native is quite a broad topic, there is no wrong way where you can start and there's so many paths that you can go on. So any tips or things that we're doing this time, to kind of help broaden and welcome in those new participants? >> Yeah so there's two things, one is actually the one to attract is official for a KubeCon EU so we do have like, there's a few good talks in terms of like, how to approach KubeCon it was meant to originally be for a person but at least helping people in terms of general terms, right? 'Cause sometimes there's so much terminology that it feels like you need to carry, cloud-native dictionary around with you, doing that and giving suggestions there, so that's one of the first talks that's going to be able to watch on KubeCon so I highly suggest that, This is actually a really tough question because a lot of it would have been like, I guess it would have been for me, would have been in person be like, don't be afraid to like, if you see someone that, said something really interesting in a talk you attended, like, even if it's not after the question, just be like, "Hey, I thought what you said was really cool "and I just want to say I appreciate your work." Like expressing that appreciation and just even if it isn't like the most thoughtful question in the world just saying thank you or I appreciate you as a really good way to open things up because the people who are speaking are just as well most people are probably just as scared of going up there and sharing their knowledge as probably or of asking a question. So I think the main takeaway from that is don't be shy, like maybe do a nervous dance to get those jitters out and then after (laughing) and then ask that question or say like, thank you it's really nice to meet you. It's harder to have a virtual coffee, so hopefully they have their own teapot or coffee maker beside them, but offered you that, send an email I think, one thing that is very common and I have a hard time with this is that it's easy to get overwhelmed with how much content there is or you said it's just like, I first feel small and at least if everyone is focusing on Kubernetes, especially like a few years ago, at least and you're like, maybe that there are a lot of people who are really advanced but now that there's so many different people like so many people from all range of expertise in this subject matter experts, and interests that it's okay to be overwhelmed just be like, I need to take a step back because mentally attending like a few talks a day is like, I feel like it's taking like several exams 'cause there's so much information being bombarded on you and you're trying to process it so understand that you can't process it all in one day and that's okay, come back to it, right. It's a great thing is that all of these talks are recorded and so you can watch it another time, and I would say probably just choose like three or four talks that you're really excited about and listen to those, don't need to watch everything because as I said we can't process it all and that's okay and ask questions. >> Some great advice there because right, if we were there in person it was always, attend what you really want to see, are there speakers you want to engage with? Because you can go back and watch on demand that's been one of the great opportunities with the virtual events is you can have access on demand, you can poke and prod, personally I love that a lot of them you can adjust the speed of them so, if it's something that it's kind of an intro talk, I can crank it up to one and a half or 2X speed and get through more content or I can pause it, rewind if I'm not getting it. And the other opportunity is I tell you the last two or three years, when I'm at an event, I try to just spend my time, not looking at my phone, talking to people, but now there's the opportunity, hey, if I can be of help, if anybody in the community has a question or wants to get connected to somebody, we know a lot of people I'm easily reachable on Twitter and I'm not sitting on a plane or in the middle of something that being like, so there is just a great robust community out there, online, and it were great be a part of it. So speaking of projects, you mentioned OpenTelemetry, which is what, your day job works on it's been a really, interesting topic of course for those that don't know the history, there were actually two projects that merged, it was a OpenTracing and OpenCensus created OpenTelemetry, so why don't you bring us up to speed as to where we are with the project, and what people should be looking at at the show and throughout the rest of 2020? >> OpenTelemetry is very exciting, we just did our first beta release so for anyone who's been on the fence of, is OpenTelemetry getting traction, or is it something that you're like at, this is a really great time to want to get involved in OpenTelemetry and start looking into it, if it's as a viable project, but I guess should probably take a step back of what is OpenTelemetry, OpenTelemetry as you mentioned was the merging or the marriage of OpenTracing-OpenCensus, right? It was an acknowledgement that so many engineers were trying to solve the same problem, but as most of us knows, right, we are trying to solve the same problem, but we had two different implementations and we actually ended up having essentially a lot of waste of resources because we're all trying to solve the same problem, but then we're working on two different implementations. So that marriage was to address that because, right it's like if you look at all of the major players, all of the players on OpenTelemetry, right? They have a wide variety of vendor experience, right even as of speaking from the vendor hat, right vendors are really lucky that they get to work with so many customers and they get to see all these different use cases. Then there's also just so many actually end users who are using it and they have very peculiar use cases, too, even with a wide set of other people, they're not going to obviously have that, so OpenTelemetry gets to merge all of those different use cases into one, or I guess not into one, but like into a wide set of implementations, but at least it's maintained by a larger group instead of having two separate. And so the first goal was to unify tracing tracing is really far ahead in terms of implementation,, or several implementations of libraries, like Go, Java, Python, Ruby, like on other languages right now but quite a bit of lists there and there's even a collector too which some people might refer to as an agent, depending on what background they have. And so there's a lot of ways to one, implement tracing and also metrics for your services and also gather that data and manipulate it, right? 'Cause for example, tracings so tracing where it's like you can generate a lot of traces, but sometimes missing data and like the collector is a really great place to add data to that, so going back to the state of OpenTelemetry, OpenTelemetry since we just did a beta release, right, we're getting closer to GA. GA is something that we're tracking for at some point this year, no dates yet but it's something that we're really pushing towards, but we're starting to have a very stable API in terms of tracing a metric was on its way, log was all something we're wrapping up on. It is a really great opportunity to, all the different ways that we are that, we even say like service owners, applications, even business rate that we're trying to collect data and have visibility into our applications, this is a really great way to provide one common framework to generate all that data, to gather all that data and generate all that data. So it was really exciting and I don't know, we just want more users and why we say that is to the earlier point is that the more users that we have who are engaged with community, right if you want to open an issue, have a question if you want to set up a PR please do, like we really want more community engagement. It is a great time to do that because we are just starting to get traction, right? Like hopefully, hopefully in a year or two, like we are one of those really big, big projects right up on a CNCF KubeCon and it's like, let's see how much has grown. And it's a great time to join and help influence a project and so many chances for ownership, I know it's really exciting, the company-- >> Excellent well Constance, it's really exciting >> Yeah. >> Congratulations on the progress there, I'm sure everybody's looking forward to as you said GA later this year, want to give you the final word, yourself and Vicky Cheung as the co-chairs for the event, what's your real goal? What do you hope the takeaway is from this instance of the 2020 European show? Of course, virtual now instead of Amsterdam. I guess like two parts one for the takeaway is that it's probably going to be awkward, right? Especially again going back to the community is that we don't have a lot of that in person things so this will be an awkward interaction, but it's a really great place for us to want to assess what a community means to us and how we interact with the community. So I think it's going to be going into it with an open mindset of just knowing like, don't set the expectations, like any other KubeCon because we just know it won't be right, we can't even have like the after hours, like going out for coffee or drinks and other stuff there so having that there and being open to that being different and then also if you have ideas share it with us, 'cause we want to know how we can make it better, so expect that it's different, but it's still going to provide you with a lot of that content that you've been looking for and we still want to make that as much of a welcoming experience for you, so know that we're doing our best and we're open to feedback and we're here for you. >> Excellent, well Constance thank you so much for the work that you and the team have been doing on. absolutely, one of the events that we always look forward to, thanks so much for joining us. >> Thank you for having me. >> Alright, lots more coverage of theCUBE at KubeCon-Cloud Native on Europe 2020, I'm Stu Miniman and thanks for watching. (soft music)

>> Narrator: From around the globe, it's theCUBE. With coverage of KubeCon, and CloudNativeCon Europe 2020 virtual, brought to you by Red Hat, the Cloud Native Computing Foundation, and ecosystem partners. >> Hi, I'm Stuart Miniman, and this is theCUBE's coverage of KubeCon, CloudNativeCon, the European show, which of course for 2020 is virtual. Always love when we get to talk to the practitioners, as well as many of them heavily involved in what happens at the CNCF, you know, all these open source communities. Happy to welcome to the program, first time guest Katie Gamanji. She is a Cloud Platform Engineer with American Express, and she's also a member of the CNCF's TOC, which is the technical oversight committee. Katie, thanks so much for joining us. >> Thank you for having me today. I'm quite excited to be here. >> Excellent. Well, you are, as I mentioned, you're part of the TOC. You also present at the show last year. You presented at one of the KubeCon shows this year. As I mentioned, you were with American Express now. I believe it was Conde Nast, You shared some of the journey along those lines. Maybe for our audience, give us a little bit about, you know, your background, and what's got you involved in, you know, some of these projects in communities. >> Absolutely. Oh, such a good question. I can talk forever about that. My passion about Cloud Native. So, my name is Katie Gamanji, and I am one of the Cloud Platform Engineer for American Express. I joined American Express around five months ago, and I am part of the team that aims to transform the current platform, by embracing the Cloud Native principles, and making the best use of the open source tools. As mentioned previously, I've been working for Conde Nast. I've been in that role for almost two years. And as part of that role, we aim to create a centralized globally distributed platform that had Kubernetes as a central piece. And that was the role which actually got me involved more into the Cloud Native tooling, and I've been exploring them quite heavily since then. And that's why I wanted to get more in terms more contribution to the community. I've been doing that previously for different talks, and actually writing blog posts on different, giving different guides on how to start using some of the tooling. However, this year I decided to apply for TOC. And I've been elected as a TOC from the end user perspective, so I'm representing pretty much the overview of what end users think that the next direction should be within the Cloud Native landscape. And for the last, actually for the past five months, I've been on the TOC, with the CNCF, and it's only 11 of us. And we are in charge to make sure that we can guide, and set this technical vision for this year for the CNCF landscape. >> Yeah. Katie, I definitely want to talk about the TOC piece, but I want to back up a little bit. And you talked about some of the tooling, you talked about the community. Help me understand a little bit, you know, from a business standpoint, why you know, Conde Nast, American Express, looking towards using, Kubernetes and all of these open tours toolings. What was the charter, the challenge put before them, that felt that doing things this new way would help them. >> I think this actually goes a couple of years back. In my previous role before Conde Nast, I was in a team which aimed to provision infrastructure, but it was in a more, how can I say old fashioned manner? We had to configure our data centers manually, configure the VMs and processes. We had (indistinct) of automation. But at the time, this was maybe three years ago. I started to look into Kubertetes, and it was still baby steps, like, there was interest from the community, and I really wanted to, kind of get my hands on it more. And when I was looking for a role, which was at Conde Nast, I was looking for something which aimed to introduce containers in the entire infrastructure. And I think Conde Nast actually was very appealing as a role because not many expect for a media company to invest in technology, and actually the underlined infrastructure. So, from that perspective, I thought it's actually quite a good use case to change this perspective in the community. As well, with Conde Nast, it was a very international company. We had different business units around the world. All of them had different tech stacks. So, the challenge itself, how do we unify that? How do we centralize the deployment process of the application and serving our requests? But at the same time, have these individualized layer for every single market to still personalize their content. So, it was a very good project, I think, for me to further go into the Cloud Native to link, and actually definitely proved to be the right role for that. And currently I am in a different role. It's actually a financial company. But I think this is my personal challenge. I think there is a perception of financial companies moving towards modernization of their infrastructure, but it's still going quite slowly. And I think my personal challenge in this perspective is to make sure that actually FinTech is a thing, but FinTech in Cloud Native, actually using open source tooling is possible. Obviously, we can transition that to some of the secondary base, maybe not the core base of the business, but this transition, actually getting the change going is the most important bit. Once actual goes, it's just a boulder like, downhill, which is going to take everything around, and refactoring bit by bit. >> Yeah. Katie, you brought up a really important point. You know, in today's world, especially, you know, this year 2020 with the global pandemic going on, being able to react fast is so important regardless of what industry you're in. You talked about in your previous role, you had a global rollout to work across a lot of environments. Help us understand a little bit underneath the covers. You know, using this tool set, how does this help you move faster? How does it, you know, in some ways unify teams, regardless of what challenges they have? >> I think for us at least at Conde Nast, it was quite important to have one platform, so actually centralized all of our required, actually gather all our requirements, and translate them in within the platform. So, what we actually wanted, was to us to have Kubernetes as the gravitational point. Now, with Kubernetes, we'd have some of the main functionalities such as portability or flexibility. We'd be able to scale to very easily without, actually with minimal effort, but more importantly, we'll be able to transport our platform to different regions. So, to actually replicate the entire tech stat. So once we have these centralized platform, it was very easy for us to distribute them. For example, in regions across the US. And that time I was working there at least. There was an intentional strategy to replicate the tech stack in China. And that'll be very easy because with Kubernetes you just have this lifting shift capabilities. As long as you have BMs, you'll be able or compute, you'll be able to run the entire Conde Nast tech stack. So that was a very kind of big point for us to move to Kubernetes. Whilst I think in American Express, the strategy is completely different. It's still a lot of heritage infrastructure we have at the moment, actually we are running on Kubernetes. There is but the provider itself is Open shave This proving to be showcasing some of the issues for us moving forward, and we'd like to transition to a more neater way to run Kubernetes. And this potentially means, we haven't finalized the decision yet but it might we'd be using probably a cloud provider, or it might be the case of actually running Kubernetes self service. So we've actually got to maintain our clusters. This is not defined, but the underlying idea is that we want to be more kind of modern version of Kubernetes or managing Kubernetes moving forward. So this is one of the strategies. But I think within American express, the main underlying idea is that we really want to inner source most of the configuration. Historically we had different contractors and vendors working on our bits and pieces, we'd like to actually get all of these in house and have a centralized way to manage our infrastructure. So this is the underlying project which I think is going to take a while, but again there is an intention to include Cloud Native to link and technologies, and I think it's a very healthy thinking in terms of technology. >> Well Katie, you highlighted two really important topics that we've seen out there. Number one is exactly where my infrastructure is, it's going to change and I don't need to think about it. So you talked about public cloud, data centers, it might change in the future. And number two, making sure that you have the skill set in house. Something we definitely learnt from the outsourcing trends of the past was, when things need to be changed, if I had to rely on someone else it became very difficult. So if you're leveraging Kubernetes and you have the developer chops to be able to respond to the business in an agile way, you're going to be much more ready to be able to handle whatever happens in the future. >> Exactly >> So important. >> I want to switch and talk a little bit about your TOC work, presenting at the show. It's great to see companies enabling their employees to participate in this sort of thing. Help me understand how for you personally and what is the support that you get from your last job, your current job to participate in these open source projects in communities. >> Right. I think both of the companies, Conde Nast and American express, they're quite interested in been part of the Cloud Native community. With Conde Nast, they actually a part of end users. With American Express I think there is a thinking to actually join the end user community. So this might be something which will happen in future. I cannot guarantee but I'm hoping. This is going to be again one of my personal challenges, making sure we get in the community and share some of our used cases. But for now I think both of the companies actually understand the value of been part of actually using Open Source, but more importantly, understanding how other companies use that. Not one use case, especially when it come to Kubernetes, not one Kubernetes platform is going to be the same. There's always going to be different underlying technologies that plug in into it. There's always going to be different ways to use different tooling. And having these concentrated community and source of information, I think the companies actually understand the value in that and contributing to that. So I think, this is something which I've been quite passionate about to actually understand some of the strengths, to understand how some of the tooling are used, and if there is an actual hope for a project, or it's something which actually specialize into a very minimal kind of niche problem, and is going to be useful for maybe one or two big companies, it depends. So I think this is something I've been passionate about and I've actually had a support throughout. In my previous company and my current company I have very strong support from my higher ups to actually contribute more and be part of the end users community, and as such being a TOC as well. Which comes with a bunch of responsibilities as well. But I think in terms of either support, definitely I had the necessary support all the way through which I'm quite thankful. >> Katie, you mentioned some of your passions, I know from what I've read online that you're passionate about some of the tooling there, and that's some of what you're sharing through your presentations. So, I'd love if you could share a little bit about what we're going to be talking about at the Europe show right now and any other kind of tools that are getting your time and attention these days. >> So I think lately, I've been exploring Cluster API the new release. I've been waiting for new release. Actually everyone has been waiting for the new release for a couple of months. Now we actually have v1L for three end points with some of the cool features such as, manage control place for Cluster. And the second tool or set of toolings I'm working lately are the ones which concentrate on the Gitops model. So during the session at Kubecon in Europe this year, I will be presenting Cluster API, a guide on how to get started. So an overview of all the components necessary to create your own Clusters. In different cloud providers as well. But I will crown that presentation by delivering a demo of how can you provision your Custer with Gitops. And I'm going to use Argo CD at the moment. And the end result is going to be provisioning your Cluster in AWS by having maybe one click, and you have a Cluster refill masters, maybe five nodes and you just wait. Pretty much you can have a coffee while your Cluster is provisioning. But more importantly with Cluster API, again we have usable manifest which will allow us to have this one interface to integrate with different cloud providers. So we actually have this interoperobility Of manifest across different cloud providers. So look forward to that. >> Excellent. Katie, last question I have for you, what advice would you give your peers? Where do you see need for more participation, as people that are getting into this environment. Where do you think they can help? >> Oh such a good question. I think contribution is necessary in most of the sags In the Kubernetes community. So, I think it depends on the passion everyone has, if they're quite passionate about the networking, or storage or even service, there is going to be a group of people that have the same passion and interest with you. So please reach out and contribute. I think I never think I'll like to mention, you done necessarily need to be an active coder to be part of the sags or to be part of the Cloud Native. Because being in technology of course is an advantage, however, most of the ideas in actually making sure that we cover used cases for different tooling, comes from a diverse user base as well. So if you have an interest I think that's going to be very good engine for to further enable different ideas within the sags. So I wouldn't be able to recommend a particular project, I think this is very specific to everyone's daily role (indistinct) But yeah I think within the CNCF, we have a collection of sags for which you pretty much would find a place for yourself and your skills. >> Well Katie thank you so much for sharing your journey and participating so actively in the community. Thanks so much for joining us. >> Thank you for having me today. >> All right stay tuned much more coverage from Kubecon, CloudNativeCon Europe 2020 virtual edition, I'm Stuartt Miniman, and thank you for watching theCUBE. (gentle music)

>> From around the globe, it's theCUBE with coverage of KubeCon and CloudNativeCon Europe 2020 Virtual brought to you by Red Hat, the CloudNative Computing Foundation, and Ecosystem Partners. >> Hi and welcome back to theCUBE's coverage of KubeCon, CloudNativeCon 2020 in Europe, of course the virtual edition. I'm Stu Miniman and happy to welcome back to the program one of the keynote speakers, he's also a board member of the CNCF, Vijoy Pandey who is the vice president and chief technology officer for Cloud at Cisco. Vijoy, nice to see you and thanks so much for joining us. >> Thank you Stu, and nice to see you again. It's a strange setting to be in but as long as we are both health, everything is good. >> Yeah, it's still a, we still get to be together a little bit even though while we're apart, we love the engagement and interaction that we normally get through the community but we just have to do it a little bit differently this year. So we're going to get to your keynote. We've had you on the program to talk about "Network, Please Evolve", been watching that journey. But why don't we start it first, you know, you've had a little bit of change in roles and responsibility. I know there's been some restructuring at Cisco since the last time we got together. So give us the update on your role. >> Yeah, so that, yeah let's start there. So I've taken on a new responsibility. It's VP of Engineering and Research for a new group that's been formed at Cisco. It's called Emerging Tech and Incubation. Liz Centoni leads that and she reports into Chuck. The role, the charter for this team, this new team, is to incubate the next bets for Cisco. And, if you can imagine, it's natural for Cisco to start with bets which are closer to its core business, but the charter for this group is to mover further and further out from Cisco's core business and takes this core into newer markets, into newer products, and newer businesses. I am running the engineering and research for that group. And, again, the whole deal behind this is to be a little bit nimble, to be a little startupy in nature, where you bring ideas, you incubate them, you iterate pretty fast and you throw out 80% of those and concentrate on the 20% that make sense to take forward as a venture. >> Interesting. So it reminds me a little bit, but different, I remember John Chambers a number of years back talking about various adjacencies, trying to grow those next, you know, multi-billion dollar businesses inside Cisco. In some ways, Vijoy, it reminds me a little bit of your previous company, very well known for, you know, driving innovation, giving engineering 20% of their time to work on things. Give us a little bit of insight. What's kind of an example of a bet that you might be looking at in the space? Bring us inside a little bit. >> Well that's actually a good question and I think a little bit of that comparison is, are those conversations that taking place within Cisco as well as to how far out from Cisco's core business do we want to get when we're incubating these bets. And, yes, my previous employer, I mean Google X actually goes pretty far out when it comes to incubations. The core business being primarily around ads, now Google Cloud as well, but you have things like Verily and Calico and others which are pretty far out from where Google started. And the way we are looking at these things within Cisco is, it's a new muscle for Cisco so we want to prove ourselves first. So the first few bets that we are betting upon are pretty close to Cisco's core but still not fitting into Cisco's BU when it comes to go-to-market alignment or business alignment. So while the first bets that we are taking into account is around API being the queen when it comes to the future of infrastructure, so to speak. So it's not just making our infrastructure consumable as infrastructure's code, but also talking about developer relevance, talking about how developers are actually influencing infrastructure deployments. So if you think about the problem statement in that sense, then networking needs to evolve. And I talked a lot about this in the past couple of keynotes where Cisco's core business has been around connecting and securing physical endpoints, physical I/O endpoints, whatever they happen to be, of whatever type they happen to be. And one of the bets that we are, actually two of the bets that we are going after is around connecting and securing API endpoints wherever they happen to be of whatever type they happen to be. And so API networking, or app networking, is one big bet that we're going after. Our other big bet is around API security and that has a bunch of other connotations to it where we think about security moving from runtime security where traditionally Cisco has played in that space, especially on the infrastructure side, but moving into API security which is only under the developer pipeline and higher up in the stack. So those are two big bets that we're going after and as you can see, they're pretty close to Cisco's core business but also very differentiated from where Cisco is today. And once when you prove some of these bets out, you can walk further and further away or a few degrees away from Cisco's core as it exists today. >> All right, well Vijoy, I mentioned you're also on the board for the CNCF, maybe let's talk a little bit about open source. How does that play into what you're looking at for emerging technologies and these bets, you know, so many companies, that's an integral piece, and we've watched, you know really, the maturation of Cisco's journey, participating in these open source environments. So help us tie in where Cisco is when it comes to open source. >> So, yeah, so I think we've been pretty deeply involved in open source in our past. We've been deeply involved in Linux foundational networking. We've actually chartered FD.io as a project there and we still are. We've been involved in OpenStack. We are big supporters of OpenStack. We have a couple of products that are on the OpenStack offering. And as you all know, we've been involved in CNCF right from the get go as a foundational member. We brought NSM as a project. It's sandbox currently. We're hoping to move it forward. But even beyond that, I mean we are big users of open source. You know a lot of us has offerings that we have from Cisco and you would not know this if you're not inside of Cisco, but Webex, for example, is a big, big user of linger D right from the get go from version 1.0. But we don't talk about it, which is sad. I think for example, we use Kubernetes pretty deeply in our DNAC platform on the enterprise site. We use Kubernetes very deeply in our security platforms. So we are pretty deep users internally in all our SAS products. But we want to press the accelerator and accelerate this whole journey towards open source quite a bit moving forward as part of ET&I, Emerging Tech and Incubation as well. So you will see more of us in open source forums, not just the NCF but very recently we joined the Linux Foundation for Public Health as a premier foundational member. Dan Kohn, our old friend, is actually chartering that initiative and we actually are big believers in handling data in ethical and privacy preserving ways. So that's actually something that enticed us to join Linux Foundation for Public Health and we will be working very closely with Dan and the foundational companies there to, not just bring open source, but also evangelize and use what comes out of that forum. >> All right. Well, Vijoy, I think it's time for us to dig into your keynote. We've spoken with you in previous KubeCons about the "Network, Please Evolve" theme that you've been driving on, and big focus you talked about was SD-WAN. Of course anybody that been watching the industry has watched the real ascension of SD-WAN. We've called it one of those just critical foundational pieces of companies enabling Multicloud, so help us, you know, help explain to our audience a little bit, you know, what do you mean when you talk about things like CloudNative, SD-WAN, and how that helps people really enable their applications in the modern environment? >> Yeah, so, well we we've been talking about SD-WAN for a while. I mean, it's one of the transformational technologies of our time where prior to SD-WAN existing, you had to stitch all of these MPLS labels and actual data connectivity across to your enterprise or branch and SD-WAN came in and changed the game there. But I think SD-WAN as it exists today is application-alaware. And that's one of the big things that I talk about in my keynote. Also, we've talked about how NSM, the other side of the spectrum, is how NSM, or network service mesh, has actually helped us simplify operational complexities, simplify the ticketing and process hell that any developer needs to go through just to get a multicloud, multicluster app up and running. So the keynote actually talked about bringing those two things together where we've talked about using NSM in the past, in chapter one and chapter two, ah chapter two, no this is chapter three and at some point I would like to stop the chapters. I don't want this to be like, like an encyclopedia of networking (mumbling) But we are at chapter three and we are talking about how you can take the same consumption models that I talked about in chapter two which is just adding a simple annotation in your CRD and extending that notion of multicloud, multicluster wires within the components of our application but extending it all the way down to the user in an enterprise. And as you saw an example, Gavin Russom is trying to give a keynote holographically and he's suffering from SD-WAN being application alaware. And using this construct of a simple annotation, we can actually make SD-WAN CloudNative. We can make it application-aware, and we can guarantee the SLOs that Gavin is looking for in terms of 3D video, in terms of file access or audio just to make sure that he's successful and Ross doesn't come in and take his place. >> Well I expect Gavin will do something to mess things up on his own even if the technology works flawly. You know, Vijoy the modernization journey that customers are on is a neverending story. I understand the chapters need to end on the current volume that you're working on. But, you know, we'd love to get your view point. You talk about things like service mesh. It's definitely been a hot topic of conversation for the last couple of years. What are you hearing from your customers? What are some of the the kind of real challenges but opportunities that they see in today's CloudNative space? >> In general, service meshes are here to stay. In fact, they're here to proliferate to some degree and we are seeing a lot of that happening where not only are we seeing different service meshes coming into the picture through various open source mechanisms. You've got Istio there, you've got linger D, you've got various proprietary notions around control planes like App Mesh from Amazon. There's Console which is an open source project But not part of (mumbles) today. So there's a whole bunch of service meshes in terms of control planes coming in on volumes becoming a de facto side car data plane, whatever you would like to call it, de facto standard there which is good for the community I would say. But this proliferation of control planes is actually a problem. And I see customers actually deploying a multitude of service meshes in their environment. And that's here to stay. In fact, we are seeing a whole bunch of things that we would use different tools for. Like API Gate was in the past. And those functions are actually rolling into service meshes. And so I think service meshes are here to stay. I think the diversity of some service meshes is here to stay. And so some work has to be done in bringing these things together and that's something that we are trying to focus in on all as well because that's something that our customers are asking for. >> Yeah, actually you connected for me something I wanted to get your viewpoint on. Dial back you know 10, 15 years ago and everybody would say, "Ah, you know, I really want to have single pane of glass "to be able to manage everything." Cisco's partnering with all of the major cloud providers. I saw, you know, not that long before this event, Google had their Google Cloud show talking about the partnership that you have with Cisco with Google. They have Anthos. You look at Azure has Arc. You know, VMware has Tanzu. Everybody's talking about, really, kind of this multicluster management type of solution out there. And just want to get your viewpoint on this Vijoy is to, you know, how are we doing on the management plane and what do you think we need to do as a industry as a whole to make things better for customers? >> Yeah, but I think this is where I think we need to be careful as an industry, as a community and make things simpler for our customers because, like I said, the proliferation of all of these control planes begs the question, do we need to build something else to bring all of these things together. And I think the SMI apropos from Microsoft is bang on on that front where you're trying to unify at least the consumption model around how you consume these service meshes. But it's not just a question of service meshes. As you saw in the SD-WAN and also going back in the Google discussion that you just, or Google conference that we just offered It's also how SD-WANs are going to interoperate with the services that exist within these cloud silos to some degree. And how does that happen? And there was a teaser there that you saw earlier in the keynote where we are taking those constructs that we talked about in the Google conference and bringing it all the way to a CloudNative environment in the keynote. But I think the bigger problem here is how do we manage this complexity of disparate stacks, whether it's service meshes, whether it's development stacks, or whether it's SD-WAN deployments, how do we manage that complexity? And, single pane of glass is over loaded as a term because it brings in these notions of big, monolithic panes of glass. And I think that's not the way we should be solving it. We should be solving it towards using API simplicity and API interoperability. I think that's where we as a community need to go. >> Absolutely. Well, Vijoy, as you said, you know, the API economy should be able to help on these, you know, multi, the service architecture should allow things to be more flexible and give me the visibility I need without trying to have to build something that's completely monolithic. Vijoy, thanks so much for joining. Looking forward to hearing more about the big bets coming out of Cisco and congratulations on the new role. >> Thank you Stu. It was a pleasure to be here. >> All right, and stay tuned for much more coverage of theCUBE at KubeCon, CloudNativeCon. I'm Stu Miniman and thanks for watching. (light digital music)

>>from around the globe. It's the Cube with coverage of Coop Con and Cloud, Native Con Europe 2020 Virtual brought to You by Red Hat, The Cloud Native Computing Foundation and its Ecosystem Partners. >>And welcome back to the Cube's coverage of Cube Con Cloud, Native Con Europe 20 twenties Virtual event. I'm Stew Minimum and and happy to Welcome back to the program, two of our Cube alumni. We're gonna be talking about storage in this kubernetes and container world. First of all, we have Sam Warner. He is the vice president of storage, offering management at IBM, and joining him is Brent Compton, senior director of storage and data architecture at Red Hat and Brent. Thank you for joining us, and we get to really dig in. It's the combined IBM and red hat activity in this space, of course, both companies very active in the space of the acquisition, and so we're excited to hear about what's going going. Ford. Sam. Maybe if we could start with you as the tee up, you know, Both Red Hat and IBM have had their conferences this year. We've heard quite a bit about how you know, Red Hat the solutions they've offered. The open source activity is really a foundational layer for much of what IBM is doing when it comes to storage, you know, What does that mean today? >>First of all, I'm really excited to be virtually at Cube Con this year, and I'm also really excited to be with my colleague Brent from Red Hat. This is, I think, the first time that IBM storage and Red Hat Storage have been able to get together and really articulate what we're doing to help our customers in the context of kubernetes and and also with open shift, the things we're doing there. So I think you'll find, ah, you know, as we talked today, that there's a lot of work we're doing to bring together the core capabilities of IBM storage that been helping enterprises with there core applications for years alongside, Ah, the incredible open source capabilities being developed, you know, by red Hat and how we can bring those together to help customers, uh, continue moving forward with their initiatives around kubernetes and rebuilding their applications to be develop once, deploy anywhere, which runs into quite a few challenges for storage. So, Brennan, I'm excited to talk about all the great things we're doing. Excited about getting to share it with everybody else. A cube con? >>Yes. So of course, containers When they first came out well, for stateless environments and we knew that, you know, we've seen this before. You know, those of us that live through that wave of virtualization, you kind of have a first generation solution. You know what application, What environment and be used. But if you know, as we've seen the huge explosion of containers and kubernetes, there's gonna be a maturation of the stack. Storage is a critical component of that. So maybe upfront if you could bring us up to speed you're steeped in, you know, a long history in this space. You know, the challenges that you're hearing from customers. Uhm And where are we today in 2020 for this? >>Thanks to do the most basic caps out there, I think are just traditional. I'm databases. APS that have databases like a post press, a longstanding APS out there that have databases like DB two so traditional APs that are moving towards a more agile environment. That's where we've seen in fact, our collaboration with IBM and particularly the DB two team. And that's where we've seen is they've gone to a micro services container based architecture we've seen pull from the market place. Say, you know, in addition to inventing new Cloud native APS, we want our tried true and tested perhaps I mean such as DB two, such as MQ. We want those to have the benefits of a red hat, open shift, agile environment. And that's where the collaboration between our group and Sam's group comes in together is providing the storage and data services for those state labs. >>Great, Sam, you know I IBM. You've been working with the storage administrator for a long time. What challenges are they facing when we go to the new architectures is it's still the same people it might There be a different part of the organization where you need to start in delivering these solutions. >>It's a really, really good question, and it's interesting cause I do spend a lot of time with storage administrators and the people who are operating the I T infrastructure. And what you'll find is that the decision maker isn't the i t operations or storage operations. People These decisions about implementing kubernetes and moving applications to these new environments are actually being driven by the business lines, which is, I guess, not so different from any other major technology shift. And the storage administrators now are struggling to keep up. So the business lines would like to accelerate development. They want to move to a developed, once deploy anywhere model, and so they start moving down the path of kubernetes. In order to do that, they start, you know, leveraging middleware components that are containerized and easy to deploy. And then they're turning to the I T infrastructure teams and asking them to be able to support it. And when you talk to the storage administrators, they're trying to figure out how to do some of the basic things that are absolutely core to what they do, which is protecting the data in the event of a disaster or some kind of a cyber attack, being able to recover the data, being able to keep the data safe, ensuring governance and privacy of the data. These things are difficult in any environment, but now you're moving to a completely new world and the storage administrators have ah tough challenge out of them. And I think that's where IBM and Red Hat can really come together with all of our experience and are very broad portfolio with incredibly enterprise hardened storage capabilities to help them move from their more traditional infrastructure to a kubernetes environment. >>Maybe if you could bring us up to date when we look back, it, like open stack of red hat, had a few projects from an open source standpoint to help bolster the open source or storage world in the container world. We saw some of those get boarded over. There's new projects. There's been a little bit of argument as to the various different ways to do storage. And of course, we know storage has never been a single solution. There's lots of different ways to do things, but, you know, where are we with the options out there? What's that? What's what's the recommendation from Red Hat and IBM as to how we should look at that? >>I wanna Bridget question to Sam's earlier comments about the challenges facing the storage admin. So if we start with the word agility, I mean, what is agility mean for it in the data world. We're conscious for agility from an application development standpoint. But if you use the term, of course, we've been used to the term Dev ops. But if we use the term data ops, what does that mean? What does that mean to you in the past? For decades, when a developer or someone deploying production wanted to create new storage or data, resource is typically typically filed a ticket and waited. So in the agile world of open shift in kubernetes, it's everything is self service and on demand or what? What kind of constraints and demands that place on the storage and data infrastructure. So now I'll come back to your questions. Do so yes. At the time, that red hat was, um, very heavily into open stack, Red Hat acquired SEF well acquired think tank and and a majority of the SEF developers who are most active in the community. And now so and that became the de facto software defying storage for open stack. But actually for the last time that we spoke at Coop Con and the Rook project has become very popular there in the CN CF as away effectively to make software defined storage systems like SEF. Simple so effectively. The power of SEF, made simple by rook inside of the open shift operator frame where people want that power that SEF brings. But they want the simplicity of self service on demand. And that's kind of the diffusion. The coming together of traditional software defined storage with agility in a kubernetes world. So rook SEF, open shift container storage. >>Wonderful. And I wonder if we could take that a little bit further. A lot of the discussion these days and I hear it every time I talk to IBM and Red Hat is customers air using hybrid clouds. So obviously that has to have an impact on storage. You know, moving data is not easy. There's a little bit of nuance there. So, you know, how do we go from what you were just talking about into a hybrid environ? >>I guess I'll take that one to start and Brent, please feel free to chime in on it. So, um, first of all, from an IBM perspective, you really have to start at a little bit higher level and at the middleware layer. So IBM is bringing together all of our capabilities everything from analytics and AI. So application, development and, uh, in all of our middleware on and packaging them up in something that we call cloud packs, which are pre built. Catalogs have containerized capabilities that can be easily deployed. Ah, in any open shift environment, which allows customers to build applications that could be deployed both on premises and then within public cloud. So in a hybrid multi cloud environment, of course, when you build that sort of environment, you need a storage and data layer, which allows you to move those applications around freely. And that's where the IBM storage suite for cloud packs was. And we've actually taken the core capabilities of the IBM storage software to find storage portfolio. Um, which give you everything you need for high performance block storage, scale out, um, file storage and object storage. And then we've combined that with the capabilities, uh, that we were just discussing from Red Hat, which including a CS on SEF, which allow you, ah, customer to create a common, agile and automated storage environment both on premises and the cloud giving consistent deployment and the ability to orchestrate the data to where it's needed >>I'll just add on to that. I mean that, as Sam noted and is probably most of you are aware. Hybrid Cloud is at the heart of the IBM acquisition of Red Hat with red hat open shift. The stated intent of red hat open shift is to be to become the default operating environment for the hybrid cloud, so effectively bring your own cloud wherever you run. So that that is at the very heart of the synergy between our companies and made manifest by the very large portfolios of software, which would be at which have been, um, moved to many of which to run in containers and embodied inside of IBM cloud packs. So IBM cloud packs backed by red hat open shift on wherever you're running on premises and in a public cloud. And no, with this storage suite for cloud packs that Sam referred to also having a deterministic experience. That's one of the things as we work, for instance, deeply with the IBM DB two team. One of the things that was critical for them, as they couldn't have they couldn't have their customers when they run on AWS have a completely different experience than when they ran on premises, say, on VM, where our on premises on bare metal critical to the DB two team t give their customers deterministic behavior wherever they can. >>Right? So, Sam, I I think any of our audience that it followed this space have heard Red House story about open shift in how it lives across multiple cloud environments. I'm not sure that everybody is familiar with how much of IBM storage solutions today are really this software driven. So ah, And therefore, you know, if I think about IBM, it's like, okay, and by storage or yes, it can live in the IBM Cloud. But from what I'm hearing from Brent in you and from what I know from previous discussion, this is independent and can live in multiple clouds, leveraging this underlying technology and can leverage the capabilities from those public cloud offers. That right, Sam? >>Yeah, that's right. And you know, we have the most comprehensive portfolio of software defined storage in the industry. Maybe to some, it's ah, it's a well kept secret, but those that use it No, the breadth of the portfolio. We have everything from the highest performing scale out file System Teoh Object store that can scale into the exabytes. We have our block storage as well, which runs within the public clouds and can extend back to your private cloud environment. When we talk to customers about deploying storage for hybrid multi cloud in a container environment, we give them a lot of houses to get there. We give them the ability to leverage their existing san infrastructure through the CS I drivers container storage interface. So our whole, uh, you know, physical on Prem infrastructure supports CS I today and then all the software that runs on our arrays also supports running on top of the public clouds, giving customers then the ability to extend that existing san infrastructure into a cloud environment. And now, with storage suite for cloud packs a sprint described earlier, we give you the ability to build a really agile infrastructure, leveraging the capabilities from Red Hat to give you a fully extensible environment and a common way of managing and deploying both on Prem and in the cloud. So we give you a journey with our portfolio to get from your existing infrastructure. Today, you don't have to throw it out it started with that and build out an environment that goes both on Prem and in the cloud. >>Yeah, Brent, I'm glad that you started with database, cause it's not something that I think most people would think about. You know, in a kubernetes environment, you Do you have any customer examples you might be able to give? Maybe Anonymous? Of course. Just talking about how those mission critical applications can fit into the new modern architect. The >>big banks. I mean, just full stop the big banks. But what I'd add to that So that's kind of frequently they start because applications based on structured data remain at the heart of a lot of enterprises. But I would say workload, category number two, our is all things machine Learning Analytics ai and we're seeing an explosion of adoption within the open shift. And, of course, cloud pack. IBM Cloud private for data, is a key market participant in that machine learning analytic space. So an explosion of the usage of of open shift for those types of workloads I was gonna touch just briefly on an example, going back to our kind of data data pipeline and how it started with databases, but it just it explodes. For instance, data pipeline automation, where you have data coming into your APS that are kubernetes based that our open shift based well, maybe we'll end up inside of Watson Studio inside of IBM ah, cloud pack for data. But along the way, there are a variety of transformations that need to occur. Let's say that you're a big bank. You need Teoh effectively as it comes in. You need to be able to run a CRC to ensure to a test that when when you modify the data, for instance, in a real time processing pipeline that when you pass it on to the next stage that you can guarantee well that you can attest that there's been no tampering of the data. So that's an illustration where it began, very with the basics of basic applications running with structured data with databases. Where we're seeing the state of the industry today is tremendous use of these kubernetes and open shift based architectures for machine learning. Analytics made more simple by data pay data pipeline automation through things like open shift container storage through things like open shift server lis or you have scale double functions and what not? So yeah, it began there. But boy, I tell you what. It's exploded since then. >>Yeah, great to hear not only traditional applications, but as you said so, so much interest. And the need for those new analytics use cases s so it's absolutely that's where it's going. Someone. One other piece of the storage story, of course, is not just that we have state full usage, but talk about data protection, if you could, on how you know things that I think of traditionally my backup restore and like, how does that fit into the whole discussion we've been having? >>You know, when you talk to customers, it's one of the biggest challenges they have honestly. And moving to containers is how do I get the same level of data protection that I use today? Ah, the environments are in many cases, more complex from a data and storage perspective. You want Teoh be able to take application consistent copies of your data that could be recovered quickly, Uh, and in some cases even reused. You can reuse the copies, for they have task for application migration. There's there's lots of or for actually AI or analytics. There's lots of use cases for the data, but a lot of the tools and AP eyes are still still very new in this space. IBM has made, uh, prior, uh, doing data protection for containers. Ah, top priority for our spectrum protect suite. And we provide the capabilities to do application aware snapshots of your storage environment so that a kubernetes developer can actually build in the resiliency they need. As they build applications in a storage administrator can get a pane of glass Ah, and visibility into all of the data and ensure that it's all being protected appropriately and provide things like S L A. So I think it's about, you know, the fact that the early days of communities tended to be stateless. Now that people are moving some of the more mission critical workloads, the data protection becomes just just critical as anything else you do in the environment. So the tools have to catch up. So that's a top priority of ours. And we provide a lot of those capabilities today and you'll see if you watch what we do with our spectrum. Protect suite will continue to provide the capabilities that our customers need to move their mission. Critical applications to a kubernetes environment. >>Alright And Brent? One other question. Looking forward a little bit. We've been talking for the last couple of years about how server lists can plug into this. Ah, higher kubernetes ecosystem. The K Native project is one that I, IBM and Red Hat has been involved with. So for open shift and server lis with I'm sure you're leveraging k native. What is the update? That >>the update is effectively adoption inside of a lot of cases like the big banks, but also other in the talk, uh, the largest companies in other industries as well. So if you take the words event driven architecture, many of them are coming to us with that's kind of top of mind of them is the need to say, you know, I need to ensure that when data first hits my environment, I can't wait. I can't wait for a scheduled batch job to come along and process that data and maybe run an inference. I mean, the classic cases you're ingesting a chest X ray, and you need to immediately run that against an inference model to determine if the patient has pneumonia or code 19 and then kick off another serverless function to anonymous data. Just send back in to retrain your model. So the need. And so you mentioned serverless. And of course, people say, Well, I could I could handle that just by really smart batch jobs, but kind of one of the other parts of server less that sometimes people forget but smart companies are aware of is that server lists is inherently scalable, so zero to end scalability. So as data is coming in, hitting your Kafka bus, hitting your object store, hitting your database and that if you picked up the the community project to be easy, Um, where something hits your relational database and I can automatically trigger an event onto the Kafka bus so that your entire our architecture becomes event >>driven. All right. Well, Sam, let me give you the funding. Let me let you have the final word. Excuse me on the IBM in this space and what you want them to have his takeaways from Cube con 2020 Europe. >>I'm actually gonna talk to I think, the storage administrators, if that's OK, because if you're not involved right now in the kubernetes projects that are happening within your enterprise, uh, they are happening and there will be new challenges. You've got a lot of investments you've made in your existing storage infrastructure. We had IBM and Red Hat can help you take advantage of the value of your existing infrastructure. Uh, the capabilities, the resiliency, the security of built into it with the years. And we can help you move forward into a hybrid, multi cloud environment built on containers. We've got the experience and the capabilities between Red Hat and IBM to help you be successful because it's still a lot of challenges there. But But our experience can help you implement that with the greatest success. Appreciate it. >>Alright, Sam and Brent, Thank you so much for joining. It's been excellent to be able to watch the maturation in this space of the last couple of years. >>Thank you. >>Alright, we'll be back with lots more coverage from Cube Con Cloud, native con Europe 2020 the virtual event. I'm stew Minimum And thank you for watching the Cube. Yeah, yeah, yeah, yeah

>> Announcer: From around the globe, it's theCUBE with coverage of KubeCon + CloudNativeCon Europe 2020 Virtual brought to you by Red Hat, the Cloud Native Computing Foundation and Ecosystem partners. >> Welcome back I'm Stu Miniman, this is theCUBE's coverage of KubeCon + CloudNativeCon Europe 2020, the virtual event. Of course, when we talk about Cloud Native we talk about Kubernetes there's a lot that's happening to modernize the infrastructure but a very important thing that we're going to talk about today is also what's happening up the stack, what sits on top of it and some of the new use cases and applications that are enabled by all of this modern environment and for that we're going to talk about artificial intelligence and machine learning or AI and ML as we tend to talk in the industry, so happy to welcome to the program. We have two first time guests joining us from Red Hat. First of all, we have Abhinav Joshi and Tushar Katarki they are both senior managers, part of the OpenShift group. Abhinav is in the product marketing and Tushar is in product management. Abhinav and Tushar thank you so much for joining us. >> Thanks a lot, Stu, we're glad to be here. >> Thanks Stu and glad to be here at KubeCon. >> All right, so Abhinav I mentioned in the intro here, modernization of the infrastructure is awesome but really it's an enabler. We know... I'm an infrastructure person the whole reason we have infrastructure is to be able to drive those applications, interact with my data and the like and of course, AI and ML are exciting a lot going on there but can also be challenging. So, Abhinav if I could start with you bring us inside your customers that you're talking to, what are the challenges, the opportunities? What are they seeing in this space? Maybe what's been holding them back from really unlocking the value that is expected? >> Yup, that's a very good question to kick off the conversation. So what we are seeing as an organization they typically face a lot of challenges when they're trying to build an AI/ML environment, right? And the first one is like a talent shortage. There is a limited amount of the AI, ML expertise in the market and especially the data scientists that are responsible for building out the machine learning and the deep learning models. So yeah, it's hard to find them and to be able to retain them and also other talents like a data engineer or app DevOps folks as well and the lack of talent can actually stall the project. And the second key challenge that we see is the lack of the readily usable data. So the businesses collect a lot of data but they must find the right data and make it ready for the data scientists to be able to build out, to be able to test and train the machine learning models. If you don't have the right kind of data to the predictions that your model is going to do in the real world is only going to be so good. So that becomes a challenge as well, to be able to find and be able to wrangle the right kind of data. And the third key challenge that we see is the lack of the rapid availability of the compute infrastructure, the data and machine learning, and the app dev tools for the various personas like a data scientist or data engineer, the software developers and so on that can also slow down the project, right? Because if all your teams are waiting on the infrastructure and the tooling of their choice to be provisioned on a recurring basis and they don't get it in a timely manner, it can stall the projects. And then the next one is the lack of collaboration. So you have all these kinds of teams that are involved in the AI project, and they have to collaborate with each other because the work one of the team does has a dependency on a different team like say for example, the data scientists are responsible for building the machine learning models and then what they have to do is they have to work with the app dev teams to make sure the models get integrated as part of the app dev processes and ultimately rolled out into the production. So if all these teams are operating in say silos and there is lack of collaboration between the teams, so this can stall the projects as well. And finally, what we see is the data scientists they typically start the machine learning modeling on their individual PCs or laptops and they don't focus on the operational aspects of the solution. So what this means is when the IT teams have to roll all this out into a production kind of deployment, so they get challenged to take all the work that has been done by the individuals and then be able to make sense out of it, be able to make sure that it can be seamlessly brought up in a production environment in a consistent way, be it on-premises, be it in the cloud or be it say at the edge. So these are some of the key challenges that we see that the organizations are facing, as they say try to take the AI projects from pilot to production. >> Well, some of those things seem like repetition of what we've had in the past. Obviously silos have been the bane of IT moving forward and of course, for many years we've been talking about that gap between developers and what's happening in the operation side. So Tushar, help us connect the dots, containers, Kubernetes, the whole DevOps movement. How is this setting us up to actually be successful for solutions like AI and ML? >> Sure Stu I mean, in fact you said it right like in the world of software, in the world of microservices, in the world of app modernization, in the world of DevOps in the past 10, 15 years, but we have seen this evolution revolution happen with containers and Kubernetes driving more DevOps behavior, driving more agile behavior so this in fact is what we are trying to say here can ease up the cable to EIML also. So the various containers, Kubernetes, DevOps and OpenShift for software development is directly applicable for AI projects to make them move agile, to get them into production, to make them more valuable to organization so that they can realize the full potential of AI. We already touched upon a few personas so it's useful to think about who the users are, who the personas are. Abhinav I talked about data scientists these are the people who obviously do the machine learning itself, do the modeling. Then there are data engineers who do the plumbing who provide the essential data. Data is so essential to machine learning and deep learning and so there are data engineers that are app developers who in some ways will then use the output of what the data scientists have produced in terms of models and then incorporate them into services and of course, none of these things are purely cast in stone there's a lot of overlap you could find that data scientists are app developers as well, you'll see some of app developers being data scientist later data engineer. So it's a continuum rather than strict boundaries, but regardless what all of these personas groups of people need or experts need is self service to that preferred tools and compute and storage resources to be productive and then let's not forget the IT, engineering and operations teams that need to make all this happen in an easy, reliable, available manner and something that is really safe and secure. So containers help you, they help you quickly and easily deploy a broad set of machine learning tools, data tools across the cloud, the hybrid cloud from data center to public cloud to the edge in a very consistent way. Teams can therefore alternatively modify, change a shared container images, machine learning models with (indistinct) and track changes. And this could be applicable to both containers as well as to the data by the way and be transparent and transparency helps in collaboration but also it could help with the regulatory reasons later on in the process. And then with containers because of the inherent processes solution, resource control and protection from threat they can also be very secure. Now, Kubernetes takes it to the next level first of all, it forms a cluster of all your compute and data resources, and it helps you to run your containerized tools and whatever you develop on them in a consistent way with access to these shared compute and centralized compute and storage and networking resources from the data center, the edge or the public cloud. They provide things like resource management, workload scheduling, multi-tendency controls so that you can be a proper neighbors if you will, and quota enforcement right? Now that's Kubernetes now if you want to up level it further if you want to enhance what Kubernetes offers then you go into how do you write applications? How do you actually make those models into services? And that's where... and how do you lifecycle them? And that's sort of the power of Helm and for the more Kubernetes operators really comes into the picture and while Helm helps in installing some of this for a complete life cycle experience. A kubernetes operator is the way to go and they simplify the acceleration and deployment and life cycle management from end-to-end of your entire AI, ML tool chain. So all in all organizations therefore you'll see that they need to dial up and define models rapidly just like applications that's how they get ready out of it quickly. There is a lack of collaboration across teams as Abhinav pointed out earlier, as you noticed that has happened still in the world of software also. So we're talking about how do you bring those best practices here to AI, ML. DevOps approaches for machine learning operations or many analysts and others have started calling as MLOps. So how do you kind of bring DevOps to machine learning, and fosters better collaboration between teams, application developers and IT operations and create this feedback loop so that the time to production and the ability to take more machine learning into production and ML-powered applications into production increase is significant. So that's kind of the, where I wanted shine the light on what you were referring to earlier, Stu. >> All right, Abhinav of course one of the good things about OpenShift is you have quite a lot of customers that have deployed the solution over the years, bring us inside some of your customers what are they doing for AI, ML and help us understand really what differentiates OpenShift in the marketplace for this solution set. >> Yeah, absolutely that's a very good question as well and we're seeing a lot of traction in terms of all kinds of industries, right? Be it the financial services like healthcare, automotive, insurance, oil and gas, manufacturing and so on. For a wide variety of use cases and what we are seeing is at the end of the day like all these deployments are focused on helping improve the customer experience, be able to automate the business processes and then be able to help them increase the revenue, serve their customers better, and also be able to save costs. If you go to openshift.com/ai-ml it's got like a lot of customer stories in there but today I will not touch on three of the customers we have in terms of the different industries. The first one is like Royal Bank of Canada. So they are a top global financial institution based out of Canada and they have more than 17 million clients globally. So they recently announced that they build out an AI-powered private cloud platform that was based on OpenShift as well as the NVIDIA DGX AI compute system and this whole solution is actually helping them to transform the customer banking experience by being able to deliver an AI-powered intelligent apps and also at the same time being able to improve the operational efficiency of their organization. And now with this kind of a solution, what they're able to do is they're able to run thousands of simulations and be able to analyze millions of data points in a fraction of time as compared to the solution that they had before. Yeah, so like a lot of great work going on there but now the next one is the ETCA healthcare. So like ETCA is one of the leading healthcare providers in the country and they're based out of the Nashville, Tennessee. And they have more than 184 hospitals as well as more than 2,000 sites of care in the U.S. as well as in the UK. So what they did was they developed a very innovative machine learning power data platform on top of our OpenShift to help save lives. The first use case was to help with the early detection of sepsis like it's a life-threatening condition and then more recently they've been able to use OpenShift in the same kind of stack to be able to roll out the new applications that are powered by machine learning and deep learning let say to help them fight COVID-19. And recently they did a webinar as well that had all the details on the challenges they had like how did they go about it? Like the people, process and technology and then what the outcomes are. And we are proud to be a partner in the solution to help with such a noble cause. And the third example I want to share here is the BMW group and our partner DXC Technology what they've done is they've actually developed a very high performing data-driven data platform, a development platform based on OpenShift to be able to analyze the massive amount of data from the test fleet, the data and the speed of the say to help speed up the autonomous driving initiatives. And what they've also done is they've redesigned the connected drive capability that they have on top of OpenShift that's actually helping them provide various use cases to help improve the customer experience. With the customers and all of the customers are able to leverage a lot of different value-add services directly from within the car, their own cars. And then like last year at the Red Hat Summit they had a keynote as well and then this year at Summit, they were one of the Innovation Award winners. And we have a lot more stories but these are the three that I thought are actually compelling that I should talk about here on theCUBE. >> Yeah Abhinav just a quick follow up for you. One of the things of course we're looking at in 2020 is how has the COVID-19 pandemic, people working from home how has that impacted projects? I have to think that AI and ML are one of those projects that take a little bit longer to deploy, is it something that you see are they accelerating it? Are they putting on pause or are new project kicking off? Anything you can share from customers you're hearing right now as to the impact that they're seeing this year? >> Yeah what we are seeing is that the customers are now even more keen to be able to roll out the digital (indistinct) but we see a lot of customers are now on the accelerated timeline to be able to say complete the AI, ML project. So yeah, it's picking up a lot of momentum and we talk to a lot of analyst as well and they are reporting the same thing as well. But there is the interest that is actually like ramping up on the AI, ML projects like across their customer base. So yeah it's the right time to be looking at the innovation services that it can help improve the customer experience in the new virtual world that we live in now about COVID-19. >> All right, Tushar you mentioned that there's a few projects involved and of course we know at this conference there's a very large ecosystem. Red Hat is a strong contributor to many, many open source projects. Give us a little bit of a view as to in the AI, ML space who's involved, which pieces are important and how Red Hat looks at this entire ecosystem? >> Thank you, Stu so as you know technology partnerships and the power of open is really what is driving the technology world these days in any ways and particularly in the AI ecosystem. And that is mainly because one of the machine learning is in a bootstrap in the past 10 years or so and a lot of that emerging technology to take advantage of the emerging data as well as compute power has been built on the kind of the Linux ecosystem with openness and languages like popular languages like Python, et cetera. And so what you... and of course tons of technology based in Java but the point really here is that the ecosystem plays a big role and open plays a big role and that's kind of Red Hat's best cup of tea, if you will. And that really has plays a leadership role in the open ecosystem so if we take your question and kind of put it into two parts, what is the... what we are doing in the community and then what we are doing in terms of partnerships themselves, commercial partnerships, technology partnerships we'll take it one step at a time. In terms of the community itself, if you step back to the three years, we worked with other vendors and users, including Google and NVIDIA and H2O and other Seldon, et cetera, and both startups and big companies to develop this Kubeflow ecosystem. The Kubeflow is upstream community that is focused on developing MLOps as we talked about earlier end-to-end machine learning on top of Kubernetes. So Kubeflow right now is in 1.0 it happened a few months ago now it's actually at 1.1 you'll see that coupon here and then so that's the Kubeflow community in addition to that we are augmenting that with the Open Data Hub community which is something that extends the capabilities of the Kubeflow community to also add some of the data pipelining stuff and some of the data stuff that I talked about and forms a reference architecture on how to run some of this on top of OpenShift. So the Open Data Hub community also has a great way of including partners from a technology partnership perspective and then tie that with something that I mentioned earlier, which is the idea of Kubernetes operators. Now, if you take a step back as I mentioned earlier, Kubernetes operators help manage the life cycle of the entire application or containerized application including not only the configuration on day one but also day two activities like update and backups, restore et cetera whatever the application needs. Afford proper functioning that a "operator" needs for it to make sure so anyways, the Kubernetes operators ecosystem is also flourishing and we haven't faced that with the OperatorHub.io which is a community marketplace if you will, I don't call it marketplace a community hub because it's just comprised of community operators. So the Open Data Hub actually can take community operators and can show you how to run that on top of OpenShift and manage the life cycle. Now that's the reference architecture. Now, the other aspect of it really is as I mentioned earlier is the commercial aspect of it. It is from a customer point of view, how do I get certified, supported software? And to that extent, what we have is at the top of the... from a user experience point of view, we have certified operators and certified applications from the AI, ML, ISV community in the Red Hat marketplace. And from the Red Hat marketplace is where it becomes easy for end users to easily deploy these ISVs and manage the complete life cycle as I said. Some of the examples of these kinds of ISVs include startups like H2O although H2O is kind of well known in certain sectors PerceptiLabs, Cnvrg, Seldon, Starburst et cetera and then on the other side, we do have other big giants also in this which includes partnerships with NVIDIA, Cloudera et cetera that we have announced, including our also SaaS I got to mention. So anyways these provide... create that rich ecosystem for data scientists to take advantage of. A TEDx Summit back in April, we along with Cloudera, SaaS Anaconda showcased a live demo that shows all these things to working together on top of OpenShift with this operator kind of idea that I talked about. So I welcome people to go and take a look the openshift.com/ai-ml that Abhinav already referenced should have a link to that it take a simple Google search might download if you need some of that, but anyways and the other part of it is really our work with the hardware OEMs right? And so obviously NVIDIA GPUs is obviously hardware, and that accelerations is really important in this world but we are also working with other OEM partners like HP and Dell to produce this accelerated AI platform that turnkey solutions to run your data-- to create this open AI platform for "private cloud" or the data center. The other thing obviously is IBM, IBM Cloud Pak for Data is based on OpenShift that has been around for some time and is seeing very good traction, if you think about a very turnkey solution, IBM Cloud Pak is definitely kind of well ahead in that and then finally Red Hat is about driving innovation in the open-source community. So, as I said earlier, we are doing the Open Data Hub which that reference architecture that showcases a combination of upstream open source projects and all these ISV ecosystems coming together. So I welcome you to take a look at that at opendatahub.io So I think that would be kind of the some total of how we are not only doing open and community building but also doing certifications and providing to our customers that assurance that they can run these tools in production with the help of a rich certified ecosystem. >> And customer is always key to us so that's the other thing that the goal here is to provide our customers with a choice, right? They can go with open source or they can go with a commercial solution as well. So you want to make sure that they get the best in cloud experience on top of our OpenShift and our broader portfolio as well. >> All right great, great note to end on, Abhinav thank you so much and Tushar great to see the maturation in this space, such an important use case. Really appreciate you sharing this with theCUBE and Kubecon community. >> Thank you, Stu. >> Thank you, Stu. >> Okay thank you and thanks a lot and have a great rest of the show. Thanks everyone, stay safe. >> Thanks you and stay with us for a lot more coverage from KubeCon + CloudNativeCon Europe 2020, the virtual edition I'm Stu Miniman and thank you as always for watching theCUBE. (soft upbeat music plays)

>> Announcer: From around the globe, it's theCUBE! With coverage of KubeCon and CloudNativeCon Europe 2020, virtual. Brought to you by Red Hat, the Cloud Native Computing Foundation, and ecosystem partners. >> Hi, and welcome back, I'm Stu Miniman, and this is theCUBE's coverage of KubeCon CloudNativeCon 2020 in Europe, the virtual edition of course. We're talking to practitioners, we're talking to contributors, we're talking to end users from around the globe where they are, and of course when we talk about the CNCF, it's not just Kubernetes, there's a lot of projects in there, and it's not just for building things in the cloud, one of the interesting use cases that we've been talking about the last year or two has been about how edge computing fits into this whole ecosystem. To help us dig in a little bit deeper into that conversation, welcome on board one of our CUBE alumni, Nick Barcet, he is a senior director of technology strategy at Red Hat. Nick, great to see you again, thanks so much for joining us. >> Thanks for inviting me again. >> All right, so as I teed up, containerization and Kubernetes, a lot of times people think about it's the big public cloud that's my data center, but of course, cloud is not a destination, there's so much happening with the containerized world, and of course these lightweight environments, when we can make them lightweight, makes sense to go to the edge, so if you could, just tell us where we are with the state of containerization and the cloud-native ecosystem, and where does that fit with edge computing today? >> So what we're seeing currently is every ISV, every customer we talk with, are converting to developing their application with container as a target. This is making it so much simpler for them to be able to establish their application wherever they want. Of course, when we add, for example, the operator framework that we just got accepted into the CNCF, and normalize how you're going to do day one and day two of the life cycle of this container, this is making things a lot simpler. And this is allowing us to have the same principle reapplied for deployments happening in the cloud, on your private data center, and anywhere at the edge. And that's really the core of our strategy, whether in the open source community, or as a commercial company. It is to make all these different footprints absolutely equal when you are writing code, when you're deploying code, when you're managing it. >> Yeah, Nick, we talk about the edge from my standpoint, tend to think that it is going to need a lighter weight, smaller footprint than if I'm thinking about my data center or the environment, reminds me some ways of of course Red Hat, but CoreOS was how do we build something that can be updated faster and be a thinner operating system. When we think of Kubernetes, Kubernetes today isn't as simple, there's obviously a lot of managed services out there, of course with OpenShift you've got an industry leading solution out there, but is there something different I need to do to be able to do containerization and Kubernetes at the edge? How does that fit? >> As a developer, as a user, I hope you have nothing different to do. It's our job to make our platform suit the requirement that are very specific to the edge. For example, if you're going to put Kubernetes inside of a plane, you're not going to be able to use all the space you want. You're very space-constrained. Or if you put it in a train, or if you put it in a boat, you're going to have different types of constraints. And we need to be able to have a implementation of Kubernetes that fits the smallest requirement, but still has the components that enables you as a developer or you as the administrator to feel at home regardless of the implementation of it. And that's the real beauty of what we are trying to do, and that's why we are not rushing it. We are trying to do it upstream so that we have something that is as smooth as possible across different points. >> All right, when we talk about going to the edge, one of the considerations of course is the network to get there. So help us connect what the impact is of 5G, where we are with the rollout, and are there any industries maybe that are leading the pack when it comes to this discussion? >> Yeah, so when I talk about 5G, I like to distinguish two things. There is 5G as the network that the carriers are currently deploying to support all kinds of terminal endpoints. And it happens that in order to have an efficient 5G deployment, operators use edge technology to deploy computing power as close as possible to the tower. So that the latency between your device and what is connecting you to the internet, the time packets take to go across that last mile, is as short as possible. There is a second case, which is also very interesting in the edge part. Which is private 5G, because private 5G enables the customer to establish his, let's say his own antenna, his own local 5G network completely secure, that will enable connecting sensors or devices of all kinds, without having to run wire, and in a much more reliable way than if you're using Wi-Fi or similar kinds of connectivity. So these two aspects are crucial to edge, one because edge is enabling the deployment of it, the other one because it's enabling the growth of the number of sensors without multiplying the cost like crazy. In terms of deployments, well, you know our largest reference is Verizon, and Verizon is moving forward with its plan. This is going very well, I believe they have communicated around this so I will point you around what Verizon has stated on their deployment, but we have multiple other customers starting their journey and clearly, the fact that we have the ability to deploy the stack on the version of Kubernetes that is basically the same regardless of where you're deploying it. That has the ability to support both containers and VM for those applications that are not yet containerized, makes a huge difference in the simplicity of this transition. >> Yeah, it's interesting, you talk about the conversion between virtual machines and containers. One of the big use cases often talked about for edge computing is in industrial manufacturing, and there you've got the boundary between IT and OT, and OT traditionally doesn't want to even think about all those IT conversions and challenges that they've got their proprietary systems for the most part, so is that something, speak to what you're seeing in that segment. >> So, it's interesting, because we just released last week our first inclination about the industrial blueprint that we are proposing. And for us, the convergence between IT and OT comes at when you have automation in the interpretation of data provided by sensors. This automation generally takes the form of machine learning algorithms, that are deployed on the factory floors, that analyzes the sensor data in real time, and will be able to predict failure, or will be able to look at video feed to verify that employees are respecting safety measures, and many many other applications. So because of the value this brings to the operational people, this bridge is very easily closed once you've resolved the technical difficulty, and the technical difficulty are mostly what I call plumbing. Plumbing that takes the form of norms being widely different between the industrial world and the IT world so far. Difficulties because you don't speak the same language. Let's take an example. In the industrial world, CAN is the way you're synchronizing time resources. In the IT world, we have been using other protocol, and more recently, especially in the telco space, we're using PTP. But it seems that PTP is now crossing over to the industrial world, so things are slowly but very safely evolving with something that is enabling this next wave of revolution into the factories. >> Yeah, Nick, it's been fascinating always to watch when you have some of those silos, and when is the right time that things pull together. Curious, one of the big questions in 2020 of course is with the global pandemic going on, which projects get accelerated, and which ones might be pushed off a little bit, where does edge computing fall in the conversations you're having with customers, is that something mission-critical that they need to accelerate, or is it something that might take a little bit longer, possibly even a delay with the current pandemic? >> So it's quite hard to answer this question because we are in an up slope. Is the slope less up now than it would have been without the pandemic, I have no way to tell. What I'm seeing is a constant uptick of people moving forward with their projects, in fact some projects are made, for example for worker safety, are made even more urgent than they were before, because by just analyzing video feed, you can ensure that your processes prevents too close contact between coworkers, and making them vulnerable in this way. So it really depends on the industry, I imagine, but right now we see the demand growing regardless of the pandemic. >> All right, Nick, you mentioned earlier that when I think about the edge, it should be the same code, I hopefully shouldn't have to think about it differently no matter where it is. That begs the question, help connect OpenShift for us as to what is Red Hat offering when it comes to the edge solution with OpenShift? >> So, you have, what we say is the edge is like an onion, where you have different layers. And every time I look at the onion in the perspective of a given customer, the layers are very different. But what we are finding is, similar requirements in terms of security, in terms of power consumption, in terms of space allocated for the hardware, and in order to satisfy these requirements, we found out that we need to build three new ways of deploying OpenShift, so that we can match all of these potential layers. The first one that we have released and are announcing this week is OpenShift deployable on three nodes, that means that you have your supervisors, your controllers, and your workers, on the same three physical machines. That's not the smallest footprint that we need, but it's a pretty good footprint to solve the case of a factory. In this environment, with these three nodes, we have something that is capable of being fully connected or working disconnected with. The second footprint that we need to be able to satisfy for is what we call single node deployment. And single node deployment from our perspective need to come in two flavors. The easy way, the one we're going to be releasing next quarter, is what we call remote worker node. So you have your controllers in a central site, and you can have up to 2000 remote worker nodes spread across as many site as you want. The caveat with this is that you need to have full time connectivity. So in order to solve for this connected site, then we need something that is a standalone single node deployment, and that's something that a lot of people have prototypes so far, and we are currently working on delivering a version that we hope is going to be satisfying 99% of the requirement, and is going to be fully upstream. >> All right, last piece on this, Nick, how should I be thinking about managing my environment when it comes to the edge, seen a lot of course from Red Hat at Red Hat Summit and talked to some of your peers, some recent announcements, so how do we plug in what's happening at the edge and make sure we've got full visibility and management across all of my environments? >> So if I had one word to explain what we need to do, it's GitOps. Basically, you need immutable deployments, you need to be pulling configuration and all information from a central site and adapt it to the local site, without manual intervention. You need full automation. And you need a tool to manage your policies on top of it, and of course aggregate information on how things are going. What we don't want is to have to sit one administrator per site. What we do not want is to have to send people on each site at the time of deployment. So you need to be abiding by this completely automated model in order to be edge compliant. Does that make sense? >> It does, and I'm assuming the ACM solution, Advanced Cluster Management, is a piece of that overall offer. >> Absolutely, ACM is the way we present, we organize policies, the way we get reporting information, and the way we do our GitOps automation. >> All right, so Nick, final question for you, give us a little bit of a look forward, you just mentioned earlier one of the things that's getting worked on is that single node disconnected type of solution. What else should we be looking at in the maturity of edge solutions in this containerizing Kubernetes world? >> So it's not only about the architecture that we need to support. It's a lot more about the workloads that we are going to have running there. And in order to help our customer make their choice, in how they design the network, we need to provide them with what we call blueprints. And in our mind, a blueprint is more than just a piece of paper. It's actually a complete set of instruction, abiding with this GitOps model that I described, that you can pull from a Git repository, that enables automation of the deployment of something. So for example, the first blueprint we are going to be releasing is the one for industrial manufacturing using AIML, and this is going to be something that we are going to be maintaining over time, accepting contribution from outside, and is an end to end example of how to do it in a factory. We are going to follow up with that with other blueprints for 5G, for private 5G, for how do you deploy that in maybe a healthcare environment, et cetera, et cetera, the idea here is to exemplify and help people make the right choices and also ensuring that the stack we provide at one point in time remains compatible given the complexity of the components we have in there over time, and that's really the thing that we think we need to be providing to our customers. >> All right, well Nick, thank you so much for giving us the update, in regards to edge computing, really important and exciting segment of the market. >> Thank you very much, 'twas a pleasure being with you once again. >> All right, and stay with us, lots more coverage from KubeCon CloudNativeCon 2020 in Europe, the virtual edition. I'm Stu Miniman and thank you for watching theCUBE. (calm music)

>> Voice over: From around the globe, it's theCUBE with coverage of KubeCon and CloudNativeCon Europe 2020 virtual, brought to you by Red Hat, the Cloud Native Computing Foundation and Ecosystem Partners. >> Hi, I'm Stu Mittleman, and welcome back to theCUBE's Coverage of KubeCon CloudNativeCon Europe for 2020. Get to talk to the participants in this great community and ecosystem where they are around the globe. And when you think back to the early days of containers, it was, containers, they're lightweight, they're small, going to obliterate virtualization is often the headline that we had. Of course, we know everything in IT tends to be additive. And here we are in 2020 and containers and virtual machines, living side by side and often we'll see the back and forth that happens when we talk about virtualization in containers. To talk about that topic specifically, happy to welcome to the program, first time guest, Steve Gordon. He's the director of product management at Red Hat. Steve, thanks so much for joining us. >> Thanks so much Stu, it's great to be here. >> All right, as I teed up of course, virtualization was a wave that swept through the data center. It is a major piece, not only of what's in the data center, but even if you look at the public Clouds, often it was virtualization underneath there. Certain companies like Google, of course, really drove a container adoption. And often you hear when people talk about, I built something CloudNative, that underlying piece of being containerized and then using an orchestration layer like Kubernetes is what they talk about. So maybe stop for a sec, Red Hat of course, heavily involved in virtualization and containers, how you see that landscape and what's the general conversation you have with customers as to how they make the choice and how the lines blur between those worlds? >> Yeah, so at Red Hat, I think we've been working on certainly the current iteration of the next specialization with KVM for around 12 years and myself large portion of that. I think, one thing that's always been constant is while from the outside-in, specialization looks like it's been a fairly stable marketplace. It's always changing, it's always evolving. And what we're seeing right now is as people are adopting containers and even constructs built on top of containers into their workflows, there is more interest and more desire around how can I combine these things, recognizing that still an enormous percentage of my workloads are out there running in virtual machines today, but I'm building new things around them that need to be able to interact with them and springboard off of that. So I think for the last couple of years, I'm sure you yourself have seen a number of different projects pop up and the opensource community around this intersection of containers and visualization and how can these technologies compliment each other. And certainly KubeVirt is one of the projects that we've started in this space, in reaction to both that general interests, but also the real customer problems that people have, as they try and meld these two worlds. >> So Steve, at Red Hat Summit earlier this year, there was a lot of talk around container native virtualization. If you could just explain what that means, how that might be different from just virtualization in general, and we'll go from there. >> Sure, so back in, I think early 2017, late 2016, we started playing around this idea. We'd already seen the momentum around Kubernetes and the result the way we architected OpenShift, three at a time around, Kubernetes has this strength as an orchestration platform, but also a shared provider of storage, networking, et cetera, resources. And really thinking about, when we look at virtualization and containers, some of these problems are very common regardless of what footprint the workload happens to fit into. So leveraging that strength of Kubernetes as an orchestration platform, we started looking at, what would it look like to orchestrate virtual machines on that same platform right next to our application containers? And the extension of that the KubeVirt project and what has ultimately become OpenShift virtualization is based around that core idea of how can I make a traditional virtual machine to a full operating system, interact with and look exactly like a Kubernetes native construct, that I can use from the same platform? I can manage it using the same constructs, I can interact with it using the same console, all of these kinds of ideas. And then on top of that, not just bring in workloads as they lie, but enable really powerful workforce with people who are building a new application in containers that still need some backend components, say a database that's sitting in a VM, or also trying to integrate those virtual machines into new constructs, whether it's something like a pipeline or a service mesh. We're hearing a lot of questions around those things these days where people don't want to just apply those things to brand new workloads, but figure out how do they apply those constructs to the broader majority of their fleet of workflows that exist today. >> All right, so I believe back at Red Hat Summit, OpenShift virtualization was in beta. Where's the product that solution sets till today? >> Right, so at this year's KubeCon, we're happy to announce that OpenShift virtualization is moving to general availability. So it will be a fully supported part of OpenShift. And what that means is, you, as a subscriber to OpenShift, the platform, get virtualization as just an additional capability of that platform that you can enable as an operator from the operator hub, which is really a powerful thing for admins to be able to do that. But also is just really powerful in terms of the user experience. Like once that operator is enabled on your cluster, the little tab shows up, that shows that you can now go and create a virtual machine. But you also still get all of the metrics and the shared networking and so on that goes with that cluster, that underlies it all. And you can again do some really powerful things in terms of combining those constructs for both virtual machines and containers. >> When you talk about that line between virtualization and containers, a big question is, what does this mean for developers? How is it different from what they were using before? How do they engage and interact with their infrastructure today? >> Sure, so I think the way a lot of this current wave of technology got started for people was whether it was with Kubernetes or Docker before that, people would go and grab, easiest way they could grab compute for capacity was go to their virtual machine firm, whether that was their local virtualization estate at their company, or whether that was taking a credit card to public Cloud, getting a virtual machine and spinning up a container platform on top of that. What we're now seeing is, as that's transitioning into people building their workloads, almost entirely around these container constructs, in some cases when they're starting from scratch, there is more interest in, how do I leverage that platform directly? How do I, as my application group have more control over that platform? And in some cases, depending on the use case, like if they have demand for GPUs, for example, or other high-performance devices, that question of whether the virtualization layer between my physical host and my container is adding that much value? But then still wanting to bring in the traditional workloads they have as well. So I think we've seen this gradual transition where there is a growing interest in reevaluating, how do we start with container based architectures? To, okay, how has we transitioned towards more production scenarios and the growth in production scenarios? What tweaks do we make to that architecture? Does it still make sense to run all of that on top of virtual machines? Or does it make more sense to almost flip that equation as my workload mix gradually starts changing? >> Yeah, two thoughts come to mind on that. Number one is, are there specific applications out there, or I think about traditional VMs, often that Windows environments that we have there, is that some of the use case to bring them over to containers? And then also, once I've gotten it into the container environment, what are the steps to move forward? Because I have to expect that there's going to be some refactoring, some modernization to take advantage of the innovation and pace of change, not just to take it, containerize it and leave it. >> Yeah, so certainly, there is an enormous amount of potential out there in terms of Windows workloads, and people are definitely trying to work out how do they leverage those workloads in the context of OpenShift and Kubernetes based environment. And Windows containers obviously, is one way to address that. And certainly, that is very powerful in and of itself, for bringing those workloads to OpenShift and Kubernetes, but does have some constraints in terms of needing to be on a relatively recent version of Windows server and so on for those workloads to run in that construct. So where OpenShift virtualization helps with that is we can actually take an existing virtual machine workload, bring that across, even if it's say Windows server 2012, run it on top of the OpenShift virtualization platform as a VM, And then if or when you start modernizing more of that application, you can start teasing that out into actual containers. And that's actually something, it is one of our very early demos at Red Hat Summit 2018, I think was how you would go about doing that, and primarily we did that because it is a very powerful thing for customers to see how they can bring those, all the applications into this mix. And the other aspect of that I'll mention is one of our financial services customers who we've been working with, basically since that demo, they saw it from a hallway at Red Hat Summit and came and said, "Hey, we want to talk to you guys about that." One of the primary workload, is a Windows 10 style environment, that they happened to be bringing in as well. And that's more in that construct of treating OpenShift almost as a pool of compute, which you can use for many different workload types with the Windows 10 being just one aspect of that. And the other thing I'll say in terms of the second part of the question, what do I need to do in terms of refactoring? So we are very conscious of the fact that, if this is to provide value, you have to be able to bring in existing virtual machines with as minimal change as possible. So we do have a migration solution set, that we've had for a number of years, for bringing our virtual machines to Linux specialization stacks. We're expanding that to include OpenShift virtualization as a target, to help you bring in those existing virtual machine images. Where things do change a little bit is in terms of the operational approaches. Obviously, admin console now is OpenShift for those virtual machines, that does right now present a change. But we think it is a very powerful opportunity in terms of, as people get more and more production workloads into containers, for example, it's going to become a lot more appealing to have a backup solution, for example, that can cater to both the virtual machine workloads as well as any stateful container workloads you may have, which do exist in increasing numbers. >> Well, I'm glad you brought up a stateful discussion because as an industry, we've spent a long time making sure that virtual machines, have storage and have networking that is reliable in performance and the like. What should customers be thinking about and operators when they move to containers? Are there things that are different you manage bringing into, this brings them into the OpenShift management plane. So what else should I be thinking about? What do I need to do differently when I've embraced this? >> Yeah, so I think in terms of the things that virtual machine expects, the two big ones that come to mind to me are networking and storage. The compute piece is still there obviously, but I think is a little less complicated to solve just because the OpenShift and broader Kubernetes community have done such a great job of addressing that piece, and that's really what attracted us to it in the first place. But on the networking side, certainly the expectations of a traditional virtual machine are a little bit different to the networking model of Kubernetes by default. But again, we've seen a lot of growth in container based applications, particularly in the context of CloudNative network functions that have been pushing the boundaries of Kubernetes networking as well. That's resulted in projects like Motus, which allow us to give a virtual machine related to networking interface that it expects, but also give it the option of using the pod networking natively, for some of those more powerful constructs that are native to Kubernetes. So that's one of those areas where you've got a mix of options, depending on how far you want to go from a modernization perspective versus do I just want to bring this workload in and run it as it is. And my modernization is more built around it, in terms of the other container based things. Then similarly in storage, it's an area where obviously at Red Hat, we've been working close with the OpenShift container storage team, but we also work with a number of ecosystem partners on, not just how do we certify their storage plugins and make sure they work well both for containers and virtual machines, but also how do we push forward upstream efforts, around things like the container storage interface specification, to allow for these more powerful capabilities like snapshots cloning and so on which we need for virtual machines, but are also very valuable for container based workloads as well. >> Steve, you've mentioned some of the reasons why customers were moving towards this environment. Now that you're GA, what learnings did you have during beta? Are there any other customer stories you could share that you've learned along this journey? >> Yeah, so I think one of the things I'll say is that, there's no feedback like direct product in the hands of customer feedback. And it's really been interesting to see the different ways that people have applied it, not necessarily having set out to apply it, but having gotten partway through their journey and realized, hey, I need this capability. You have something that looks pretty handy and then having success with it. So in particular, in the telecommunications vertical, we've been working closely with a number of providers around the 5G rollouts and the 5G core in particular, where they've been focused on CloudNative network functions. And really what I mean by that is the wave of technology and the push they're making around 5G is to take what they started with network function virtualization a step further, and build that next generation network around CloudNative technologies, including Kubernetes and OpenShift. And as I've been doing that, I have been finding that some of the vendors are more or less prepared for that transition. And that's where, while they've been able to leverage the power of containers for those applications that are ready, they're also able to leverage OpenShift virtualization as a transitionary step, as they modernize the pieces that are taking a little bit longer. And that's where we've been able to run some applications in terms of the load balancer, in terms of a carrier grade database on top of OpenShift virtualization, which we probably wouldn't have set out to do this early in terms of our plan, but we're really able to react quickly to that customer demand and help them get that across the line. And I think that's a really powerful example where the end state may not necessarily be to run everything as a virtual machine forever, but that was still able to leverage this technology as a powerful tool in the context of our broadened up optimization effort. >> All right, well, Steve, thank you so much for giving us the updates. Congratulations on going GA for this solution. Definitely look forward to hearing more from the customers as they come. >> All right, thanks so much Stu. I appreciate it. >> All right, stay tuned for more coverage of KubeCon CloudNativeCon EU 2020, the virtual edition. I'm Stu Stu Mittleman. And thank you for watching theCUBE. (upbeat music)

>>from around the globe. >>It's the Cube with >>coverage of Coop Khan and Cloud Native Con Europe 2020 Virtual brought to you by Red Hat Cloud, >>Native Computing Foundation and >>Ecosystem Partners. Hi. And welcome back. I'm stew Minuteman. And this is the cube coverage of que con cognitive con 2020. The Europe virtual addition Course kubernetes won the container wars as we went from managing a few containers that managing clusters, too many customers managing multiple clusters and that and get more complicated. So to help understand those challenges and how solutions are being put out to solve them, having a welcome back to the from one of our cube alumni do if it Gerald is the vice president and general manager of the management business unit at Red Hat. Joe, good to see you again. Thanks so much for joining us >>two. Thanks for having me back. >>All right, so at Red Hat Summit, one of the interesting conversation do you and I add, was talking about advanced cluster management or a CME course. That was some people and some technology that came over to Red hat from IBM post acquisition. So it was tech preview give us the update. What's the news? And, you know, just level set for the audience. You know what cluster management is? >>Sure, So advanced Cluster manager or a CMS, We actually falling, basically, is a way to manage multiple clusters. Ross, even different environments, right? As people have adopted communities and you know, we have at several 1000 customers running open shift on their starting to push it in some very, very big ways. And so what they run into is a stay scale. They need better ways to manage. It would make those environments, and a CMS is a huge way to help manage those environments. It was early availability back at Summit end of April, and in just a few months now it's generally available. We're super excited about that. >>Well, that that Congratulations on moving that from technical preview to general availability so fast. What can you tell us? How many customers have you had used this? What have you learned in talking to them about this solution? >>So, first of all, we're really pleasantly surprised by the amount of people that were interested in the tech preview. Integrity is not a product that's ready to use in production yet so a lot of times accounts are not interested in. They want to wait for the production version. We had over 100 customers in our tech review across. Not only geography is all over the world Asia, America, Europe, us across all different verticals. There's a tremendous amount of interest in it. I think that just shows you know, how applicable it is to these environments of people trying to manage. So tremendous had update. We got great feedback from that. And in just a few months, we incorporate that feedback into the now generally available product. So great uptick during the tech created >>Excellent Bring assigned side a little bit, you know, When would I use this solution? If I just have a single cluster, Does it make sense for May eyes? Is it only for multi clusters? You know, what's the applicability of the offering? Yes, sir, even for >>single clusters that the things that ACM really does fall into three major areas right allows closer lifecycle management. Of course, that would mean that you have more than one cluster ondas people grow. They do for a number of reasons. Also, policy based management the ability to enforced and fig policies and enforce compliance across even your single cluster to make sure that stays perfect in terms of settings and configuration and things like that. Any other application. Lifecycle management The ability to deploy applications in more advanced way, even if you're on a single cluster, gets even better for multi cluster. But you can deploy your APS to just the clusters that are tagged a certainly, but lots of capabilities, even for application, even a single cluster. So we find even people that are running a single cluster need it askew, deployed more more clusters. You're definitely >>that's great. Any you mentioned you had feedback from customers. What are the things that I guess would be the biggest pain points that this solves for them that they were struggling with in the past? Well, >>first of being able to sort of Federated Management multiple clusters, right, as opposed to having to manage each cluster individually, but the ability to do policy based configuration management to just express the way you want things to stay, have them stay that way to adopt a more of a getups ethnology in terms of how they're managing their your open ships environments. There's lots more feedback, but those were some of the ones that seem to be fairly common, repetitive across the country. >>Yeah, and you know, Joe, you've also gotten automation in the management suite. How do I think about this? How does this fit into the broader management automation that customers were using? Well, >>I think as people in employees environments. And it was a long conversation about platform right? But there's a lot of things that have to go with the platform and red hats actually in very good about that, in terms of providing all the things you necessary that you would find necessary to make the five form successful in your environment. Right? So I was seen by four. We need storage, then development environments management, the automation ability to train on it. We have our open innovation labs. There's lots of things that are beyond the platform that people acquire in order to be successful. In the case of management automation, ACM was a huge advancement. Terms had managed these environments, but we're not done. We're gonna continue to ADM or automation integration with things like answerable mawr, integration with observe ability and analytics so far from done. But we want to make sure that open ship stays the best managed environment that's out there. I also do want to make a call out to the fact that you know, this team has been working on this technology for the past couple of years. And so, you know, it's only been a red hat for five months. This technology is actually very mature, but it is quite an accomplishment for any company to take a new team in a new technology. And in five months, do what Red Hat does to it in terms of making it consumable for the enterprise. So then kudos continue. Really not >>well. And I know a piece of that is, you know, moving that along to be open source. So, you know, where are we with the solution? Now that is be a How does that fit in tow being open? Source. >>Eso supports that are open source Already. When the process of open sourcing the rest of it, as you've seen over time read, it has a perfect record here of acquiring technologies that were either completely closed Source Open core in some cases where part it was open. It was closed. But that was the case with Ansell a few years ago. But basically our strategy is everything has to be open source. That takes time in the process of going through all of the processes necessary to open source parts of ACM on. We think that will find lots of interest in the community around the different projects inside of >>Yeah. How about what? One of the bigger concerns talking to customers in general about kubernetes even Mawr in 2020 is. What about security? How does a CME help customers make sure that their environment to secure? >>Yeah, so you know, configuration policies and forcing you can actually sent with ACM that you want things to be a certain way that somebody changes them that automatically either warn you about them or enforcement would set them back. So it's got some very strong security chops in terms of keeping the configurations just the way you want. That gets harder as you get more and more clusters. Imagine trying to keep everything but the same levels, settings, software, all the parts and pieces so affected you have ACM that can do this across any and all of your clusters really took the burden off people trying to maintain secure environments, >>okay, and so generally available. Now, anything you can share about how this solution is priced, how it fits in tow. The broader open shift offerings, >>Yes. Oh, so it's an add on for open shift is priced very similarly to open shift in terms of the, you know, core pricing. One thing I do want to mention about ACM, which maybe doesn't come out just by a description product is the fact that a scene was built from scratch for communities, environments and optimize for open shift. We're seeing a lot of competition out there that's taking products that were built for other environments, trying to sort of been member coerce them into managing kubernetes environments. We don't think people are going to be successful at that. Haven't been successful to date. So one things that we find as sort of a competitive differentiator for ACM and market is the fact that it was built from scratch designed for communities environments. So it is really well designed for the environment it's trying to manage, and we think that's gonna keep your competitive edge? >>Well, always. Joe. When you have a new architecture, you advantage of things. Any examples that you have is what, what a new architecture like this can do that that an older architecture might struggle with or not believe. Be able to do even though when you look at the product sheet, the words sound similar. But when you get underneath the covers, it's just not a good architect well fit. >>Yeah, so it's very similar sort of the shift from physical to virtual. You can't have a paradigm shift in the infrastructure and not have a sort of a corresponding paradigm shift in management tool. So the way you monitor these environments, where you secure them the way they scale and expand, we do resource management, security. All those things are vastly different in this environment compared to, let's say, a virtual more physical environment. So this has improved many times in the past. You know, paradigm shift in the infrastructure or the application environment will drive a commensurate paradigm shift in management. That's what you're seeing here. So that's why we thought it was super important to have management that was built for these environments. by design. So it's not trying to do sort of unnatural things north manage the environment. >>Yeah, I wondered. I love to hear just a little bit your philosophy as to what's needed in this space. You know, I look back to previous generations, look at virtualization. You know, Microsoft did very well at managing their environment, the M where did the same for their environments. But, you know, we've had generations of times where solutions have tried to be management of everything, and that could be challenging. So, you know, what's Red Hat in a CM's position and what do we need in the community space, you know, today and for the next couple of years. >>So kubernetes itself is the automation platform you talked about, you know, early on in the second. So you know, Cooper navies itself provides, you know, a lot of automation around container management. What a CME does is build a top it out and then capture, you know, data and events and configuration items in the environment and then allows you to define policies. People want to move away from manual processes. Certainly, but they wanna be able to get to a more state full expression of the way things should be. You want to be able to use more about, you know, sort of get up, you know, kind of philosophy where they say, this is how I want things today. Check the version in, keep it at that level. If it changes, put it back. Tell me about it. But sort of the era of chasing. You know, management with people is changing. You're seeing a huge premium now on probation. So automation at all levels. And I think this is where a cm's automation on top of open shift automation on down the road, combined with things like ansell, will provide the most automated environment you can have for these container platforms. Um, so it's definitely changing your seeing observe ability, ai ops getups type of philosophies Coming in these air very different manager in the past helps you seeing innovation across the whole management landscape in the communities environment because they are so different. The physics of them are different than the previous environments. We think with ACM answerable or insights product and some over analytics that we've got the right thing for this environment >>and can give us a little bit of a look forward, you know? How often should we expect to see updates on this? Of course. You mentioned getting feedback from the community from the technical preview to G A. So give us a little bit. Look, you know, what should we be expecting to see from a CME down the right the So >>the ACM team is far from done, right? So they're going to continue to rev, you know, just like we read open shift, that very, very fast base we're gonna be reading ACM and fast face. Also, you see a lot of integration between ACM. A lot of the partners were already working with in the application monitoring space and the analytics space security automation I would expect to see in the uncivil fest time frame, which is mid October, will cease, um, integration with danceable on ACM around things. That insult does very well combined with what ACM does. A sand will continue to push out on Mawr cluster management, more policy based management and certainly advancing the application life cycles that people are very interested in ruined faster. They want to move faster with a higher degree of certainty in their application. Employments on ACM is right there. >>It just final question for you, Joe, is, you know, just in the broader space, looking at management in this kind of cube con cloud, native con ecosystem final words, you want customers to understand where we are today and where we need to go down the road. >>So I think the you know, the market and industry has decided communities is the platform of future right? And certainly we were one of the earliest to invest in container management platforms with open shift were one of the first to invest in communities. We have thousands of customers running open shift back Russell Industries on geography is so we bet on that a long time ago. Now we're betting on the management automation of those environments and bringing them to scale. And the other thing I think that redhead is unique on is that we think that people gonna want to run their kubernetes environments across all different kinds of environments, whether it's on premise visible in virtual multiple public clouds, where we have offerings as well as at the edge. Right. So this is gonna be an environment that's going to be very, very ubiquitous. Pervasive, deported scale. And so the management of a nation has become a necessity. And so but had investing in the right areas to make sure that enterprises continues communities particularly open shift in all the environments that they want at the scale. >>All right. Excellent. Well, Joe, I know we'll be catching up with you and your team for answerable fest. Ah, coming in the fall. Thanks so much for the update. Congratulations to you in the team on the rapid progression of ACM now being G A. >>Thanks to appreciate it, we'll see you soon. >>All right, Stay tuned for more coverage from que con club native con 2020 in Europe, the virtual addition on still minimum and thanks, as always, for watching the Cube.

(upbeat music) >> From around the globe, it's theCUBE, with coverage of KubeCon and CloudNativeCon Europe 2020, virtual brought to you by Red Hat. The Cloud Native Computing Foundation and ecosystem partners. >> Welcome back I'm Stu Miniman and this is theCUBEs coverage of KubeCon, CloudNativeCon the Europe 2020 virtual edition. Of course, even before 2020 security was one of the top concerns out there, with everyone working from home, some of the ramifications what's happening. Security is even more heightened and something we've had great pleasure digging into in this cloud native ecosystem. Happy to welcome to the program first time guest and first time we've had CyberArmor on theCUBE, so welcome Ben Hirschberg who's the co-founder and vice president of R&D. Ben thank you so much for joining us. >> (mumbles) Thank you for having me Stu. Thank you. >> All right so you know Ben 10 years ago when I became an analyst, security was one of those things that if you look at security and management overall, it's uh, these are the things we need to fix in IT. Unfortunately a decade later, it's still something that I can say. So if you could just frame for us a little bit as one of the co-founders of the company, what was the why for CyberArmor, what did you see out in the marketplace, what was some of the core competencies that you and your team had that made you form the company? >> Yeah, so it's a really good question because three years ago when we started look around, in the cyber industry and we're really looking into what's happening today because CyberArmor was founded by veterans of the industry. And we were looking into what part of the chain was missing in the security field. And we saw one of the key components which is even today is missing and we're coming in to solve it, is the component of the software itself. I mean we're really looked for many many years as just you said, we looked into the field and we so firewalls and segments and perimeters, and we saw authentication of users, and this is the most important aspects of cybersecurity. And we saw that there is a big change in the field because today the systems are so elastic, so changing, so much many new components went into the field and so much is changing that we've seen it. We cannot still build our security upon the old infrastructure we had before. And we went into the most common denominator you have in the field and it's the software. Because if you're looking into what you're trying to protect today, obviously you try to protect your data and your data is sitting behind some kind of software. And usually the software is running some kind of an infrastructure which is in the old world it was a data center, today we're advancing things into the cloud. And between two steps came into the new kind of containerization and cloud native infrastructure. Which really changes the whole way we are looking into how to run our software today. And we still did the... Most common denominator is the software itself. So what we call workloads. And we said that well, if I need to protect something, I need to protect the workload. And I run to protecting the way that I don't really care who is running it and where it's being run. But I am in our case we are also SAS provider for security solution. When I'm running my workloads, I want to be in control, and this is the thing we are targeting. We are targeting giving the one who's writing the software, the one who is deploying the software, the owner of service, giving him let's say the keys and only to him and no one else. >> All right, so Ben if I hear you right, is that then the application developer is the one that's interacting with your software and using it, obviously the DevOps movement really rallied around telling people that security can't be an afterthought it needs to be something baked into the process. Recently DevSecOps is a term that we hear used quite a bit so who are the people that are involved will help us understand a little bit really the organizational impact of what you're doing. >> So today we see our world really gravitating towards development and DevOps. I mean I see DevOps as an integral part of the development because we don't want to create a different organization to handle these kind of deployment things. If I have a group who's in charge of all the service, I want this group to handle the service from A to Z. And we are targeting not really the developers in sense that we are not integrating the software with APIs, but we are integrating our solution through the deployment tools. So in order to use our solution which is actually a software identity based control plane. You don't need to integrate it with your software you're developing. We can take any kind of software anyone wrote. And we can integrate it with the system using a cloud native techniques like Kubernetes integration, so it's really who is going to interface with our solution is more DevOps and set DevOps as you mentioned. >> All right, Ben when I look at your website, you talked quite a bit about the integration, you mentioned Kubernetes of course we're here at the cloud native conference, so what integrations, how much work is there to do to integrate with the various Kubernetes platforms, how do you tie into things like service meshes, are there any other of the dozens and dozens of projects that the CNCF has out there that your team needs to be involved in integrating with? >> So we took a really... It's interesting phrase but we took an Orthodox approach here where we said that we want to integrate with the core features of Kubernetes only. Because from our perspective we don't want to bring in other solutions into the service-based what our customers are having. So therefore we are integrating ourselves only with the Kubernetes core components and literally installation of our system takes a second, and which is virtual because Kubernetes itself is such a good solution that such a good project that literally installations and all setups are taking no time. And we are bringing our own service to service authentication control plane. We're on an early stage startup, and we are looking into developing our solutions to integrate with the service mesh also at a later phase, bring our security on board. Also they're the missing chain in the security which the service mesh was missing. Because we simply see that there're really great products and really great solutions there so we want to enable our customers to enjoy all they can, but without compromising their security. >> All right, your product itself, what's the relationship with open source? Many of the companies we've seen doing security, have open source projects, you when the event is in person, you walk around the show floor, and open source is a big piece of this community here, so what's your relationship when it comes to open source? >> It's really interesting question because I actually also offer... Many of our founders came from the direction not from the open source but from classical closed source companies. And personally this is due to simply the sensitivity of security field and there're historical reasons for that but I myself and some of our key people have always gave into our open source and took part in many open source projects in the past. As a company CyberArmor looks into open source as something very very valuable. We are really looking into how we can interact and how we can open source parts of our solution, which can interest other companies and other people because everyone of us knows that there are two main reasons to open source. One is it shows some kind of transparency, and the other is to let others enjoy also your project and take part in it. So right now at this stage we have only a few open source parts of our system, which are more... We have open sourced them for transparency reasons. But we're really looking into that criteria we're looking into how we could take some parts of our system and make it generally available because we think it's a good idea. >> All right, Ben what can you tell me about your customers, oftentimes if you've got an example even if it's anonymized, helps explain the value proposition of what your company is offering. >> Okay. Where to start? One of our first customers is a big service provider, BTC service provider, which is a well known company and this company really had high security expectations from the cloud native systems. And they tried many solutions they wanted to protect their services and their internal service to service communication. And they simply after a few trials they tried our solution and understood that our solution has also big benefits from the security side and outside from the performance side, therefore they decided to go with CyberArmor in order to protect their... Ease fast communications within their systems. Another company which is a B2C company Simply it's deploying it's system in a cloud infrastructure which they're less rely on and less feel secure because of legal reasons, and therefore they decided to use CyberArmor to completely protect their services and not just the communication between the services, but also the intellectual property that they have within their services in order to protect themselves. This is a very interesting use case because they're simply, I think one of the biggest beyond Google and Facebook and the big companies we know, customers we know. They are one of the biggest cloud users I know. So they really have a very interesting scale of going from way from 3000 notes in Kubernetes spanning up to within a few hours to 200 thousands notes scale, which was very interesting experience for us because as a new startup this is how you are trying your system out and prove that your solution is indeed made for the clouds. And we're really happy to say that we passed this phase. >> All right. Well, Ben, since you have the R&D component in your role, give us a little bit of an insight as to the things you're working on, what you see as some of the big challenges that security in this space need to be addressing a little bit further down the road. >> So there're two big things which we are working on and I think that's two interesting parts of the security question cause one part is that no one of us really like to pay more for security. We don't like to pay for it. Once just we have it, it's something you want to be there, but you don't want to know about it. And when we are talking about even hearing (mumbles) we are talking about simple things like moving from clear communications to TLS and right away understand that it costs us money. And one of our biggest goals here is to add security without having excessive costs toward the service provider. And we really are trying to improve our system and make them more performing in the sense that they should take as less toll on services they can in order to provide the security. And the other big part is runtime security because our solution is making sure that your workload which you're running in your system is being the same workload throughout the whole runtime process just as you wanted to be. And in order to do that, we're taking what we call code DNA in the CI/CD of our customers. And we understand how these workload should work. And in runtime, make sure that this workload is not changing maliciously and the same behavior stays as it shouldn't be. And this is something we are really improving because we're looking into the newest texts coming from many many directions, and we want to incorporate that in our solutions and make sure that you can throughout the whole runtime process of your workloads, we can keep you secure and safe. And this you know this is very interesting work, and as someone who is a veteran of cybersecurity and a white hat hacker of myself in my previous jobs, I see this as something really interesting and really evolving today. >> All right, well Ben Hirschberg thanks so much for introducing our community to CyberArmor, great catching up with you. >> Yeah I was glad to be here, thank you very much. >> All right, and thank you. Stay tuned for more coverage of KubeCon, CloudNativeCon, I'm Stu Miniman thanks for watching. (soft music)

>>from around the globe. >>It's the Cube with coverage >>of Coop con and cloud, Native con Europe 2020 Virtual brought to you by Red Hat, The Cloud Native Computing Foundation and its ecosystem partners. Welcome back. I'm stew minimum. And this is the Cube's coverage of cube con cloud, native con Europe 2020 of course, happening virtual this year. We always love when we get to talk to the practitioners in this community. So much happening in the developer space and really excited to have on the program first time guest in a very timely topic, we welcome our bod. Hassani, Who is the back and lead for house? My flattening, which is a joint research project. It related to code 19 associated with the University of Toronto. About thanks so much for joining us. >>Thank you. >>All right, so maybe explain how is my flattening? You know, the term flattening the curve is something that I think everyone around the globe is familiar with. Now, um, you know, Canada, you've got some great initiatives going. So help us understand how you got involved in this in what? What is the project? Sure, So I'll >>take a stock to March, which now feels like years ago. Um, back in March, way could look across in Europe, and we saw that. You know, I feel we're being overwhelmed. This new Cobra thing was happening, and there seems to be nothing happening here despite the fact that we know what was going on in Europe. So this whole collaboration started. It's really the brainchild of Dr Ben. Fine. Who's the radiologist that actually and partners on the idea was, Why don't we put all the data that is related to co bid, uh, for the province of Ontario, where I'm from in one place, right. So for the data mining people, like a lot of people on the on the program here and for the data minded people of Ontario to be able to have the information they need to make targeted both of the general public on that policy makers to really empower them with the right tools. We know the data was siloed in health care, and we know, you know, when this whole thing started, everything was on a website, you would get a daily update, but it wasn't something that you could analyze. Something you couldn't use. Really? It was unusable. How everything kind of started it. What if we did something about that? What if we brought all the data in one place? What if we visualize it and put all the resources in place that was released? How is my fattening got a Which is this initiative that I got involved with back in March and what we've been doing is building a number of dashboards based on Kobe data that are close to real time as possible. Doing a number of analyses. Um, the answer, your specific questions and doing deep dives into specific question. We have a team of scientific experts where our leadership, um you know Dr Ben Fine. I mentioned earlier. There's Dr Laura Rosello, the epidemiologists out of Ah, Perceptron. Oh, and then we have a Dr Alley that he's Austin Oy. Who the data science lead over it. Quick. Also, we got this kind of three perfect or the organization of the right talent required, and we've been trying Yeah, and whatever way we can by making the data transparent, >>Yeah, there's been a lot of initiatives, obviously that have had to accelerate really fast during this time it bring us inside a little bit. How long did it take to spend the site up? How do you make sure you're getting good data in Who decides? You know which visualizations love to hear a little bit about? You know how that has matured over the months that you've had project out there >>for sure. So when we started what people were doing out on Twitter, really, where there's a lot of this activity was happening was people were grabbing expect sheets and typing out every day what was happening. And I mean, coming from I'm not by any means a technical developer. That's not what I specialize in, but having some development dot com, and it makes sense that things could be done so much better. So we started to build data pipelines. Starting in March. We had a couple of government sources that were public. It was basically scrapping the government website and recording that in a database. Um, and then we start to visualize that we're using, you know, whatever we could that we started with Pablo just because we had a few. We're trying to build a community, right? So a community people want help and do this. But we have some tableau experts on our team and our community and, you know, the way we went. So we had the database. We started to connect with tableau and visualize it. Do you know, besides into and also that and then the project has matured from that web stopper ever since, with more complex data, pipeline building and data from different sources and visualizing them in different ways and expanding our dash boarding and expanding our now >>well in the cube con show that we're here at is so much about community. Obviously, open source is a major driver of what's going on there. So it sounded like that was that was a big piece of what you're working on. Help us bring inside out of that community build. I'd love to hear if there's any projects and tools you mentioned tableau for visualization, but anything from open source also that you're using. >>So actually, I I've never been involved in open source project before That this was kind of my first attempt, if you will, on we started, uh, on get hub quite early on. Actually, one of the partners I got involved in re shots was was Red hat off course. They're known for doing open source and for selling at it, and we have some amazing help from them into how we can organize community. Um, and we started to move the community over from getting up to get lab. You know, we started to the way we collaborate in slack. Ah, lot of times. And there's a lot of silos that we started to break those down and move them into get lab. And all conversations were happening in public that would beam or more closer to an open source approach. And honestly, a lot of people that are involved are our students, grass students who want to help our people in the community that want to help people from all kind of different backgrounds. I think we're really bringing in open source is not not a known concept in a lot of these clinical scientific communities, right? It's a lot more developer oriented, and I think it's been it's been learning opportunity for everyone involved. Uh, you know, something that may seem kind of default or basic have been a big learning opportunity for everyone of, you know, issues shocking and labeling and using comments and I'll going back into our own old ways of like, emailing people are people. Um, they had been digital art to it, and we'll get a lot of the big one. Um, we went from having this kind of monolithic container rising it and using Kubernetes, of course, were developed with the help of Red Hat. We're able to move everything over to their open shift dedicated platform, and that was that allowed us to do is really do a lot of do things a lot better and do things in a more mature way. Um, that's that's quite a bit of information, but that's kind of high level. What it? >>Well, no, it's great. We One of the things we've been poking out for the last few years is you know, in the early days you talk about kubernetes. It was Oh, I need things at a scale on And, you know, while I'm sure that the amount of data and scale is important, speed was a major major piece of what you need to be involved in and you'll be able to rally and James So can you talk a little bit more. Just open shift. What did that bring to the environment? Any aspects related to the data that red hat help you with. >>So a few things there. The one thing that open shift I think really helped us with was really mean and how to help us with generally was establishing a proper see I CD pipeline. Right. So now we we use git lab itself. We have get lab runners that everyone, basically all developers involved have their own branches when they push code to get auto. We like to their branch. It just made everything a lot easier and a lot faster to be able to push things quickly without worrying about everything breaking That was definitely a big plus. Um, the other thing that we're doing with, uh that is using containers. Actually, we've been working on this open data hub, which is, you know, working on another great open source project which is again built on kubernetes and trying to break down some of the barriers when it comes to sharing data in the healthcare system. Um, we're using that and we, with the help of red, how we're able to deploy that to be able to collaborate between hospitals, share data securely. You do security analytics and try to break down some of these silos that I've gone up due to fears over security and find the so That's another great example open source helping us kind of pushing forward. >>Well, that that's I'm glad you brought that up The open data hub, that collaboration with other places when you have data being able to share that, you know, has to be important talk. This was a collaboration to start with, you know, what's the value of being able to work with other groups and to share your data beyond beyond just the community that's working on it. >>So if you think about what's happening right now in a lot of hospitals in Canada, and I mean it's the same in the US is everyone is in this re opening stage. We shut down the economy. We should down a lot of elective surgeries and a lot of procedures. I know hospitals are trying to reopen right so and trying to figure out how to go back to their old capacity, and in that they're all trying to solve the same problem in different ways. So everyone is in their silo trying to tackle the same problems in a way. So what we're trying to do is basically get everyone together and collaborate on this open, open source environments, right? And what this open data allows us to do in to some degree alleviate some of the fears over sharing data so that we're not all doing the same thing in parallel are not talking to each other. We're able to share code, share data, get each other's opinions and, you know, use your resources in the healthcare system or official the drill, you know, all trying to address the same goal here. >>So imagine if you've had a lot of learnings from this project that you've done. Have you given any thought to? You know, once you get past that kind of the immediate hurdle of covert 19 you know what? Will this technology be able to help you going forward? You know, what do you see? Kind of post dynamic, if you will. >>I think the last piece I touched on, there is a big thing that I'm really hoping we'll be able to push forward past the pandemic. I think what? What the pandemic has shown us is the need for more transparency and more collaboration and being able to be more agile in response to things faster. And that's know how they're operating. And I think we know that now we can see that. I'm hoping that can be used as an opportunity to be able to bring people together to collaborate on projects like, How's my funding outside of this, right? We're not Not only the next pandemic. Hopefully I never come. Um but but for other, bigger problem that we face every day, collaboration can only help things, not tender thing. I'm hoping that's one big side effect that comes out of this. And I think the data transparency thing is is another big one that I'm hoping can improve outside of the situation. >>Yeah, I I wonder if I can ask you just a personal question. We've heard certain organizations say that, you know, years of planning have been executed in months. When I think about all the technologies that you had thrown at you, all the new things you learned often that something that would have taken years. But you didn't month. So how do you work through that? You know, there's only 24 hours in any day, and we do need some sleep. So what was important from your standpoint? What partners into tools helped, you know, and And the team, you know, take advantage of all of these new technologies. >>Yeah, honestly, I think that the team is really, really important. We've had an amazing set of people that are quite diverse and then usually would, quite honestly, never be seen in the same room together just because of all the different backgrounds that are there. Um, so that was a big driver. I think everyone was motivated to get things done. What happens when we first launched the site? We, you know, put it together. Basic feedback mechanism. Where we where we could hear from the public on. We've got an outpouring of support, people saying that they found that information really useful. And I think that pushed everyone to work harder and ah, and kind of reinforces our belief that this is what we're doing is helpful on, is making a difference in someone's life. And I think everyone that helped everyone work harder in terms of some of the tools that we use. Yeah, I totally agree. I think there was a 1,000,000 things that we all learned. Um, and it definitely wasn't amazing. Growing opportunity, I think, for the whole group. Um, I I don't know if there's a There's any wisdom I can impart. They're more than I think we were just being pushed by the need and being driven by the support that we're getting. Okay, >>well, you know, when there's a necessity to get things done, it's great to see the team execute the last question I have for you. You've got all this data. You've got visualizations. You've been going through a lot of things any any interesting learnings that you had or something that you were. You able to visualize things in a certain way in the community, reacted anything that you've learned along the way. That may be surprised you. >>That's a really interesting question there. I think the biggest, the biggest learning opportunity or surprise for me was what? How much people are willing to help if you just write, um, a lot of people involved. I mean, this is a huge group of volunteers who are dedicating their time to this because they believe in it on because they think they're doing the right thing and they're doing it for a bigger cause. It sounds very cheesy. Um, but I think that was wonderful to me to see that we can bring together such diverse people to dedicate their time for freedom to do something for the public. >>Yeah, well, and along that note, I I see on the website there is a get involved. But so is there anything you know, skill set or people that you're looking for, uh, further to help the team >>100%. So I think when I every time we do a presentation of any thought really got for anyone who's watching to just go on our site and get involved, there's a 1,000,000 different things that you can get involved with. If you're a developer, we can always use help. If you're a data, this person, we can always use help If you're a designer, honestly, there were a community driven organization. Uhm and we can always use more people in that community. That's that's the unique thing about the organization. 100%. Please do to house my finding, Dr and you get involved in get Lab. >>Well, so far, but thank you so much for sharing. We definitely encourage the unity get involved. It's projects like this that are so critically important. Especially right now during the pandemic. Thanks so much for joining. And thank you for all the work the team did. >>Thank you for having me. >>Alright. And stay tuned for more coverage from Cube Con Cloud native on 2020 in Europe Virtual Edition. I'm Stew Minimum. And thank you for watching the Cube. Yeah, yeah, yeah, yeah, yeah, yeah

>> Man: from around the globe, it's "theCUBE" with coverage of "Kubecon" and "CloudNativeCon Europe 2020", virtual. Brought to you by Red Hat, the cloud native computing foundation and ecosystem partners. >> Welcome back, I'm Stu Miniman, and this is "theCUBE's" coverage of KubeCon CloudNativeCon Europe 2020, the virtual edition of course, it, this ecosystem has been bustling, a lot of activity in the five years that we've been covering it with "theCUBE" we've watched very much the maturation of what's going on. Remember, in the early days, it was open source projects, companies pulling all the pieces together. Now, there's a lot more things to choose from lots of projects, not just Kubernetes, but all the other pieces, and still lots of new innovations and new startups coming into the space. So happy to welcome to the program, have two first time guests from Spectro Cloud, first of all, we have the co founder and CEO Tenry Fu, and also Tina Notle who's the Vice President of product, Tina and Tenry, thank you so much for joining us. >> Thank you for having us. >> Likewise. >> All right, so Tenry, as one of the co founders, I want to understand, you know, why Spectro Cloud? Why now, you know, many outsiders, would they have said for a while, you know, Kubernetes, it's just getting baked into all of the environment. They looked at all the platforms, whether you're talking, you know, Google and AWS or VMware, they all have their platforms, they all have their managed services offering. So help us understand, what your team does and how you differentiate from what's already existing. >> Absolutely yeah, so I actually used to work at VMware, I, and then, I saw clouds taking off right and then I left VMware, to start my first startup called CliQr Technologies, which focus on multicloud management. But at that time, really, multicloud management through a single pane of glass is obviously right, and then clicker later acquired by Cisco. So at Cisco, I kind of witness The Container and Kubernetes taking off, right? And it makes a lot of sense, right for the first time both the application workloads and infrastructure became truly portable across multiple environments, but also very interestingly at Cisco I observed there are many developer teams, right? That is adopting Kubernetes and everyone is doing a little bit different things, that because different teams, they have a different stack constructor requirements, like some for AI/ML, some, they need a different base OS, some they just don't want to have a different version, and a lot of existing solutions doesn't really provide this kind of flexibility to satisfy all the different needs, right? one size fit all, typically is a one size fit for nothing. So we asked ourselves, why can't we try to create a platform that will give people the flexibility, but not turning it into a DIY project, right, still have a full manageability, so that user don't need to worry about the upgrade, Day Two operations, governance so and so forth. >> Yeah to Tina, I know when I've looked at your product, it's discussed as layers, which my background's in networking. So I love seeing things visually and understanding the pieces as they lay out the stack. So maybe help us understand a little bit as to, you know, that the flexibility that you give and how it's not just the Paradox of Choice, just too many options out there and you know, developers left to create their own mess that they can't then support. (laughing) >> Yeah, so you know, as Tenry mentioned, offering folks flexibility without turning into a do it yourself, you know, hot mess is what we're what we're helping People do at Spectrol Cloud, the core of our solution, the core of the differentiation within our solution is around this concept of a cluster profile, and as you mentioned, cluster profile basically allows people to define in a layered fashion, what's part of their Kubernetes infrastructure stack? So at the bottom, you're talking, what's the base operating system? What's the version of Kubernetes, that's going to be part of clusters that uses profile? What's your networking and storage interface look like? And then on top of that, you have a number of optional layers. So again, you know, back to flexibility manageability, we give people options around what those other layers look like on top. They include everything from security, logging, monitoring, etc, just anything that you want to go ahead and kind of bake into a definition, a profile of what a cluster should look like in one of your deployed environments. >> All right, well, Want to make sure I understand when you talk about Kubernetes in there, can it be, you know, say VMware with Vsphere7, now has Kubernetes support. Red Hat open shift is an option, all of the cloud players have their, you know, AKS, EKS. And they're like, can I bake that Kubernetes in or are you taking a different approach? >> We're going with upstream vanilla Kubernetes today, that allows us to go ahead and provide what's newest within the ecosystem, and let people go ahead and have a really open, really open solution that's replying. >> Okay, so when I talk to, when you look out there, a lot of companies are saying how can I manage multiple clusters? So if you look at what Google, Microsoft and VMware, they're talking about, we can manage our clusters and we can also help you with those other clusters. How does that impact Tenry, your Solution, doesn't it need to be, it's just the upstream solution that I put into that cluster profile, or can I connect to, say a managed cloud solution? >> Yeah, so I think in terms the multi class management or the consistency is really the key, right. So through this class profile concept, not only it can be used as the initial template to deploy a cluster, but it can also use as a single source for choose, to drive the cluster Lifecycle Management income upgrade. So right now, as Tina mentioned, we primarily focus on upstream, so that we want to provide the maximum flexibility in terms of our end to end Kubernetes stack. But we do also have a plan, that down the road that we go into in Brownfield existing clusters. So that enterprise, existing investment to their Kubernete infrastructure can be under managed by us. >> Well there always reaches a time when the brand new technology gets called Brownfield. I think that's the first time I've heard something like, you know, EKS or the like, you know, referred to as Brownfield. Tina, you know, when I think back to my history with integrated solutions, obviously, if I have the various pieces, it should be easier for me to stay on the latest make upgrades, roll things forward or roll things back, but you know, what, give us if you could some of the, the key values of, you know, building these cluster profiles, what that enables for your customers. >> So the key around cluster profiles, we offer this policy based management, so you describe as an administrator, what it is that those clusters need to look like, right? And we've got, we adopt a declarative desired state, you know, management approach along what Kubernetes does itself, and so what you're able to get through adopting, utilize cluster profiles, is this guarantee that from deployment and then into day two as well, what you've described in this profile, winds up maintaining itself, it remains true of the clusters that have been deployed. So what it is that you require as far as the operating system, what is required as far as some configuration options, etc. So the profile itself winds up being ground source of truth and around what it is that you've got running at all these various locations, across clouds, across different clusters, etc. >> All right. Tenry, you mentioned that having things more standardized is going to help customers, absolutely, we saw that in data centers for a long time, and standardized, how do you help customers make sure that the configuration that they build are going to work, are going to be stable, if they make changes that they're not going to get things out of sync. Is there you know, interoperability matrix or some other ways that we're trying to make sure that customers, you know, stay on the rails, if you will. >> Absolutely right, So through our system, right, all the integration points, we carry the additional metadata, right to basically give the hint about compatibility, resource constraints, right, and also the upgradability, in terms of moving from one version to another. So this way, we can kind of give you some guidance, when they initially construct a class profile, what will work together nicely and then what will not, right. And then on top of that, when upgrading from one existing cluster to a new version of a class profile definition, then we can look at the environment, right to understand, right, if there's something that potentially incompatible will popping up right, so we call that pre pilot integration, check right and also post deployment, we also allow user to run additional conformance tests. So that make sure the cluster everything is actually is still acting as as it's supposed to be. >> Another way to explain that is that you know, the cluster profile concept has a lot of flexibility attached with to it, right? That's a lot of power, it can get you into trouble if you don't have the right safety nets and safety harnesses underneath you. So we have a multi layered approach to helping make sure that people are getting benefit out of that flexibility. >> Wonderful and I'm wondering did, when you've had more customers using this, is their shared information, and if there're community guidelines that help, you know, understand when it's going to be okay, hey, 1.19's out, we're looking at 1.20. You might want to do this or hey, if you're using this piece of networking, you might want to wait a little bit before you go to the next version. >> That's definitely the idea over time, folks that are engaging with us, are very interested in the fact that, because of the fact that we're SaaS management platform, SaaS space management platform today, that it offers them the opportunity to learn from their peers, if you will, right, and their peers experiences. On top of that, we also have the ability to watch just what's been going on in other deployments in the Kubernetes ecosystem and we can make sure that all that's available, as Tenry mentioned, you know, in the form of the metadata that's on top of those packs. >> All right, how about how do you price this solution? When I look out there, I talked about Kubernetes baked into all the platforms, oftentimes, it can be baked into ELA, It's part of, you know, my just general cloud spend from that platform. So how do you do the pricing and, you know, are you plugged into any of the cloud marketplaces yet? >> Yeah, so flexibility is really part of our DNA. So even for pricing, we want to provide the maximum flexibility to our customer. So unlike some traditional solution typically is priced based on number of pause, right, a year, or even number of nodes, right. So we actually price based on number of CPU cores of all workers node under management by hour. So what we call those, core hour under management, right, and then every thousand core hours at one unit, we call kilo core hours. So kind of similar to how electricity is consumed, right, so this way, based on these core hour consumption, we allow user to either pay as you go as amongst the on demand plan, or you can do an annual commitment. >> And we are in process on the marketplaces. >> Yeah. >> All right, how about, we talked about Kubernetes, I think service mesh are part of it. What in this Kube, kubecon cloud native con ecosystem, which projects are the most tied into what you're doing anything that specter cloud is particularly contributing to that you can share? >> Yeah, so our system is built on top of Kubernetes cluster API project. So we are one of the contributor to class API, we are actively adding additional functionality to enhance class API, especially by in some other VMware environment for some custom use case, such as static IP or some special placement behaviors, and also adding additional contribute on different cloud support. >> Yeah, and as far as things that we're watching, and clearly we're, we've seen a dramatic increase in the number of people on our customer front that are interested in actual deployment, of service mesh now. So that's something that you know, we're going to be more engaged in over time. And another one that we're hoping to see, check out more talks around Kubecon is AI ML, right? A lot of interest on the part of customers around AIML use cases. >> Yeah, absolutely edge and AI and ML. Definitely very hot topics to conversation this year at the, at the Europe show, expect that to continue. Tina, I'm wondering, do you have any customer examples, maybe even anonymized that could kind of just explain the key values that your customers are seeing using your solution? >> Yeah, sure, so we've got one of our earliest customers is a Canadian financial, who came to us because, they were looking to figure out how to manage consistently at scale, and they have the problem that Tenry described earlier, around, I've got different development teams, they have different needs, and you know, how do you satisfy all those guys without going crazy, right? They've got an AIML use case, that's a special snowflake they've got two separate teams in different groups that would like to be under an IT management umbrella. That's a convergence use case that they're looking at, so kind of a typical example of somebody that we think of is, you know, a really good set of people for us to be having conversations with. We've also been working with a telecom provider that it's in a similar, similar vein actually, there's an AIML, there are multiple teams of different infrastructure, and they want to be able to consistently manage it's a story that we're seeing over and over again, thankfully. >> Yeah, we also see right from I think, at individual group or team level, right. There are a lot of, kind of a product owner or data scientists that they really want to have a kind of an easy button to quickly be able to provision Kubernetes clusters that suit for their need, right. And a lot of these groups, their primary focus is really the application, right? It's not their interest to spend a lot of time and resource on Kubernete management, in terms of deploying update, or secure an operation. So through us, they can very easily spin up a Kubernetes cluster, whether it's for AIML or for developing experiment, they can very quickly do that But with the flexibility, because a lot of existing solution, they may limit the version of Kubernetes clusters, they may limit the what kind of integration they can do. >> Yeah, Tenry you, we talked a little bit earlier about, you know, potential integration down the road. I'm curious, just there's so many companies creating innovations out there, you know, say for example, one that I hear a lot of feedback on is AWS now has far gate support for their EKS offering. Is that Something down the line you should look at or do you have some guidance as to how customers should be thinking about that, and if they want that kind of functionality, how they would get that with a solution like yours? >> Yeah, actually, we really share the same vision as AWS, right. So we believe, ultimately is the infrastructure really should be transparent to application developers, right, and it should be boundary-less. So our goal is not only manage Kubernetes, across multiple environment, but eventually we will be able to link all these cluster together, to make them acting as a single infrastructure. So developers, they can still use their familiar Kubernetes interface to deploy and manage their application, but without worrying about the how infrastructure underneath is operated or managed, right. So this in a way will eventually become kind of a phallic model, but across multiple cluster and multiple clouds. >> Alright, Tina, if maybe if you could give us the final takeaway, people attending Kubecon, cloud native con, what's the one thing that if you know they have a problem, they should be coming to Spectro cloud to hear more about? >> Yeah, sure so what Spectrol cloud aims to do is help enterprises not have to trade off between flexibility and control of their infrastructure, and manageability of use that stuff's that's the main, the main thing that we would like people to remember. >> All right, well Tenry and Tina, thank you so much for sharing with our community a little bit about Specter Cloud great talking to you and look forward to hearing more in the future. >> Thanks so much. >> Thank you too. >> All right, and stay tuned more coverage from Kubecon Cloud Native Con 2020. I'm Stu MiniMan and thank you, for watching "theCUBE." (light music)

>> From around the globe, it's theCUBE with coverage of KubeCon and CloudNativeCon Europe 2020, Virtual. Brought to you by Red Hat, The Cloud Native Computing Foundation and Ecosystem partners. >> Welcome back, I'm Stu Miniman and this is CUBEs coverage of KubeCon CloudNativeCon 2020 in Europe, the virtual edition and of course one of the things we love when we come to these conferences is to get to the actual practitioners, understanding how they're using the various technologies especially here at the CNCF show, so many projects, lots of things changing and really excited. We're going to talk about security in a slightly different way than we often do on theCUBE so happy to welcome to the program from Sera4 I have Jeff Klink who's the Vice President of Engineering and Cloud. Jeff, thanks so much for joining us. >> Thanks too, thanks for having me. >> All right so I teed you up there, give us if you could just a quick thumbnail on Sera4, what your company does and then your role there. >> Absolutely so we're a physical hardware product addressing the telco markets, utility space, all of those so we kind of differentiate herself as a Bluetooth lock for that higher end space, the highest security market where digital encryption is really an absolute must. So we have a few products including our physical lock here, this is a physical padlock, it is where door locks and controllers that all operate over the Bluetooth protocol and that people can just use simply through their mobile phones and operate at the enterprise level. >> Yeah, I'm guessing it's a little bit more expensive than the the padlock I have on my shed which is getting a little rusty and needs a little work but it probably not quite what I'm looking for but you have Cloud, you know, in your title so give us if you could a little bit you know, what the underlying technology that you're responsible for and you know, I understand you've rolled out Kubernetes over the last couple of years, kind of set us up with what were the challenges you were facing before you started using that? >> Absolutely so Stu We've grown over the last five years really as a company like in leaps and bounds and part of that has been the scalability concern and where we go with that, you know, originally starting in the virtual machine space and, you know, original some small customers in telco as we build up the locks and eventually we knew that scalability was really a concern for us, we needed to address that pretty quickly. So as we started to build out our data center space and in this market it's a bit different than your shed locks. Bluetooth locks are kind of everywhere now, they're in logistics, they're on your home and you actually see a lot of compromises these days actually happening on those kind of locks, the home security locks, they're not built for rattling and banging and all that kind of pieces that you would expect in a telco or utility market and in the nuclear space or so you really don't want to lock that, you know, when it's dropped or bang the boat immediately begins to kind of fall apart in your hands and two you're going to expect a different type of security much like you'd see in your SSH certificates, you know, a digital key certificate that arrives there. So in our as we grew up through that piece Kubernetes became a pretty big player for us to try to deal with some of the scale and also to try to deal with some of the sovereignty pieces you don't see in your shed locks. The data sovereignty meeting in your country or as close to you as possible to try to keep that data with the telco, with the utility and kind of in country or in continent with you as well. That was a big challenge for us right off the bat. >> Yeah, you know Jeff absolutely, I have some background from the telco space obviously, there's very rigorous certifications, there's lots of environments that I need to fit into. I want to poke at a word that you mentioned, scale. So scale means lots of things to lots of different people, this year at the KubeCon CloudNativeCon show, one of the scale pieces we're talking about is edge just getting to lots of different locations as opposed to when people first thought about, you know, scale of containers and the like, it was like, do I need to be like Google? Do I have to have that much a scale? Of course, there is only one Google and there's only a handful of companies that need that kind of scale, what was it from your standpoint, is it you know, the latency of all of these devices, is it you know, just the pure number of devices, the number of locations, what was what was the scale limiting factor that you were seeing? >> It's a bit of both in two things, one it was a scale as we brought new customers on, there were extra databases, there was extra identity services, you know, the more locks we sold and the more telcos we sold too suddenly what we started finding is that we needed all these virtual machines and sources in some way to tie them together and the natural piece to those is start to build shared services like SSO and single sign on was a huge driver for us of how do we unite these spaces where they may have maintenance technicians in that space that work for two different telcos. Hey, tower one is down could you please use this padlock on this gate and then this padlock on this cabinet in order to fix it. So that kind of scale immediately showed us, we started to see email addresses or other on two different places and say, well, it might need access into this carrier site because some other carrier has a equipment on that site as well. So the scale started to pick up pretty quickly as well as the space where they started to unite together in a way that we said, well, we kind of have to scale to parts, not only the individuals databases and servers and identity and the storage of their web service data but also we had to unite them in a way that was GDPR compliant and compliant with a bunch of other regulations to say, how do we get these pieces together. So that's where we kind of started to tick the boxes to say in North America, in Latin America, South America we need centralized services but we need some central tie back mechanism as well to start to deal with scale. And the scale came when it went from Let's sell 1000 locks to, by the way, the carrier wants 8000 locks in the next coming months. That's a real scalability concern right off the bat, especially when you start to think of all the people going along with those locks in space as well. So that's the that's the kind of first piece we had to address and single sign on was the head of that for us. >> Excellent, well you know, today when we talk about how do i do container orchestration Kubernetes of course, is the first word that comes to mind, can you bring us back though, how did you end up with Kubernetes, were there other solutions you you looked at when you made your decision? What were your kind of key criteria? How did you choose what partners and vendors you ended up working with? >> So the first piece was is that we all had a lot of VM backgrounds, we had some good DevOps backgrounds as well but nobody was yet into the the container space heavily and so what we looked at originally was Docker swarm, it became our desktop, our daily, our working environment so we knew we were working towards microservices but then immediately this problem emerged that reminded me of say 10, 15 years ago, HD DVD versus Blu-ray and I thought about it as simply as that, these two are fantastic technologies, they're kind of competing in this space, Docker Compose was huge, Docker Hub was growing and growing and we kind of said you got to kind of pick a bucket and go with it and figure out who has the best backing between them, you know from a security policy, from a usage and size and scalability perspective, we knew we would scale this pretty quickly so we started to look at the DevOps and the tooling set to say, scale up by one or scale up by 10, is it doable? Infrastructure as code as well, what could I codify against the best? And as we started looking at those Kubernetes took a pretty quick change for us and actually the first piece of tooling that we looked at was Rancher, we said well there's a lot to learn the Kubernetes space and the Rancher team, they were growing like crazy and they were actually really, really good inside some of their slack channels and some of their groups but they said, reach out, we'll help you even as a free tier, you know and kind of grow our trust in you and you know, vice versa and develop that relationship and so that was our first major relationship was with Rancher and that grew our love for Kubernetes because it took away that first edge of what am i staring at here, it looks like Docker swarm, they put a UI on it, they put some lipstick on it and really helped us get through that first hurdle a couple years ago. >> Well, it's a common pattern that we see in this ecosystem that you know, open source, you try it, you get comfortable with it, you get engaged and then when it makes sense to roll it into production and really start scaling out, that's when you can really formalize those relationships so bring us through the project if you will. You know, how many applications were you starting with? What was the timeline? How many people were involved? Were there, you know, the training or organizational changes, you know, bring us through under the first bits of the project. >> Sure, absolutely. So, like anything it was a series of VMs, we had some VM that were load balanced for databases in the back and protected, we had some manual firewalls through our cloud provider as well but that was kind of the edge of it. You had your web services, your database services and another tier segregated by firewalls, we were operating at a single DCs. As we started to expand into Europe from the North America, Latin America base and as well as Africa, we said this has got to kind of stop. We have a lot of Vms, a lot of machines and so a parallel effort went underway to actually develop some of the new microservices and at first glance was our proxies, our ingresses, our gateways and then our identity service and SSL would be that unifying factor. We honestly knew that moving to Kubernetes in small steps probably wasn't going to be an easy task for us but moving the majority of services over to Kubernetes and then leaving some legacy ones in VM was definitely the right approach for us because now we're dealing with ingressing around the world. Now we're dealing with security of the main core stacks, that was kind of our hardcore focus is to say, secure the stacks up front, ingress from everywhere in the world through like an Anycast Technology and then the gateways will handle that and proxy across the globe and we'll build up from there exactly as we did today. So that was kind of the key for us is that we did develop our micro services, our identity services for SSO, our gateways and then our web services were all developed in containers to start and then we started looking at complimentary pieces like email notification mechanisms, text notification, any of those that could be containerized later, which is dealt with a single one off restful services were moved at a later date. All right. >> So Jeff, yeah absolutely. What to understand, okay, we went through all this technology, we did all these various pieces, what does this mean to your your business projects? So you talked about I need to roll out 8000 devices, is that happening faster? Is it you know, what's the actual business impact of this technology that you've rolled out? >> So here's the key part and here's a differentiator for us is we have two major areas we differentiate in and the first one is asymmetric cryptography. We do own the patents for that one so we know our communication is secure, even when we're lying over Bluetooth. So that's kind of the biggest and foremost one is that how do we communicate with the locks on how do we ensure we can all the time. Two is offline access, some of the major players don't have offline access, which means you can download your keys and assign your keys, go off site do a site to a nuclear bunker wherever it may be and we communicate directly with the lock itself. Our core technology is in the embedded controllers in the lock so that's kind of our key piece and then the lock is a housing around it, it's the mechanical mechanism to it all. So knowing that we had offline technology really nailed down allowed us to do what many called the blue-green approach, which is we're going down for four hours, heads up everybody globally we really need to make this transition but the transition was easy to make with our players, you know, these enterprise spaces and we say we're moving to Kubernetes. It's something where it's kind of a badge of honor to them and they're saying these guys, you know, they really know what they're doing. They've got Kubernetes on the back end, some we needed to explain it to but as soon as they started to hear the words Docker and Kubernetes they just said, wow, this guys are serious about enterprise, we're serious about addressing it and not only that they're forefront of other technologies. I think that's part of our security plan, we use asymmetric encryption, we don't use the Bluetooth security protocol so every time that's compromised, we're not compromised and it's a badge of honor we were much alongside the Kubernetes. >> Alright, Jeff the thing that we're hearing from a lot of companies out there is that that transition that you're going through from VMs to containerization I heard you say that you've got a DevOps practice in there, there's some skill set challenges, there's some training pieces, there's often, you know, maybe a bump or two in the road, I'm sure your project went completely smoothly but what can you share about, you know, the personnel skill sets, any lessons learned along the way that might help others? >> There was a ton. Rancher took that first edge off of us, you know, cube-cuddle, get things up, get things going, RKE in the Rancher space so the Rancher Kubernetes engine, they were kind of that first piece to say how do I get this engine up and going and then I'll work back and take away some of the UI elements and do it myself, from scheduling and making sure that nodes came up to understanding a deployment versus a DaemonSet, that first UI as we moved from like a Docker swarm environment to the the Rancher environment was really kind of key for us to say, I know what these volumes are, I know the networking and I all know these pieces but I don't know how to put core DNS in and start to get them to connect and all of those aspects and so that's where the UI part really took over. We had guys that were good on DevOps, we had guys are like, hey how do I hook it up to a back end and when you have those UI, those clicks like your pod security policy on or off, it's incredible. You turn it on fine, turn on the pod security policy and then from there, we'll either use the UI or we'll go deeper as we get the skill sets to do that so it gave us some really good assurances right off the bat. There were some technologies we really had to learn fast, we had to learn the cube-cuddle command line, we had to learn Helm, new infrastructure pieces with Terraform as well, those are kind of like our back end now. Those are our repeatability aspects that we can kind of get going with. So those are kind of our cores now is it's a Rancher every day, it's cube-cuddle from our command lines to kind of do those, Terraform to make sure we're doing the same thing but those are all practices we, you know, we cut our teeth with Rancher, we looked at the configs that are generated and said, alright, that's actually pretty good configure, you know, maybe there's a team to tolerance or a tweak we could make there but we kind of work backwards that way to have them give us some best practices and then verify those. >> So the space you're in, you have companies that rely on what you do. Security is so important, if you talk about telecommunications, you know, many of the other environments they have, you know, rigid requirements. I want to get to your understanding from you, you're using some open source tools, you've been working with startups, one of your suppliers Rancher was just acquired by SUSE, how's that relationship between you know, this ecosystem? Is that something that is there any concerns from your end user clients and what are your own comfort level with the moves and changes that are happening? >> Having gone through acquisitions myself and knowing the SUSE team pretty well, I'd say actually it's a great thing to know that the startups are funded in a great source. It's great to hear internally, externally their marketing departments are growing but you never know if a startup is growing or not. Knowing this acquisitions taking place actually gives me a lot of security. The team there was healthy, they were growing all the time but sometimes that can just be a face on a company and just talking to the internals candidly as they've always done with us, it's been amazing. So I think that's a great part knowing that there's some great open source texts, Helm Kubernetes as well that have great backers towards them, it's nice to see part of the ecosystem getting back as well in a healthy way rather than a, you know, here's $10,000 Platinum sponsorship. To see them getting the backing from an open source company, I can't say enough for. >> All right, Jeff how about what's going forward from you, what projects you're looking at or what what additions to what you've already done are you looking at doing down the road? >> Absolutely. So the big thing for us is that we've expanded pretty dramatically across the world now. As we started to expand into South Africa, we've expanded into Asia as well so managing these things remotely has been great but we've also started to begin to see some latencies where we're, you know, heading back to our etcd clusters or we're starting to see little cracks and pieces here in some of our QA environment. So part of this is actually the introduction and we started looking into the fog and the edge compute. Security is one of these games where we try to hold the security as core and as tight as you can but trying to get them the best user experience especially in South Africa and serving them from either Europe or Asia, we're trying to move into those data centers and region as well, to provide the sovereignty, to provide the security but it's about latency as well. When I opened my phone to download my digital keys I want that to be quick, I want the administrators to assign quickly but also still giving them that aspect to say I could store this in the edge, I could keep it secure and I could make sure that you still have it, that's where it's a bit different than the standard web experience to say no problem let's put a PNG as close as possible to you to give you that experience, we're putting digital certificates and keys as close as possible to people as well so that's kind of our next generation of the devices as we upgrade these pieces. >> Yeah, there was a line that stuck with me a few years ago, if you look at edge computing, if you look at IoT, the security just surface area is just expanding by orders or magnitude so that just leaves, you know, big challenges that everyone needs to deal with. >> Exactly, yep. >> All right, give us the final word if you would, you know, final lessons learned, you know, you're talking to your peers here in the hallways, virtually of the show. Now that you've gone through all of this, is there anything that you say, boy I wish I had known this it would have been this good or I might have accelerated things or which things, hey I wish I pulled these people or done something a little bit differently. >> Yep, there's a couple actually a big parts right off the bat and one, we started with databases and containers, followed the advice of everyone out there either do managed services or on standalone boxes themselves. That was something we cut our teeth on over a period of time and we really struggled with it, those databases and containers they really perform as poorly as you think they might, you can't get the constraints on those guys, that's one of them. Two we are a global company so we operate in a lot of major geographies now and ETC has been a big deal for us. We tried to pull our ETC clusters farther apart for better resiliency, no matter how much we tweak and play with that thing, keep those things in a region, keep them in separate, I guess the right word would be availability zones, keep them make redundant as possible and protect those at all costs. As we expanded we thought our best strategy would do some geographical distribution, the layout that you have in your Kubernetes cluster as you go global for hub-and-spoke versus kind of centralized clusters and pods and pieces like that, look it over with a with an expert in Kubernetes, talk to them talk about latencies and measure that stuff regularly. That is stuff that kind of tore us apart early in proof of concept and something we had to learn from very quickly, whether it'll be hub-and-spoke and centralize ETC and control planes and then workers abroad or we could spread the ETC and control planes a little more, that's a strategy that needs to be played with if you're not just in North America, South America, Europe, Asia, those are my two biggest pieces because those are our big performance killers as well as discovering PSP, Pod Security Policies early. Get those in, lock it down, get your environments out of route out of, you know, Port 80 things like that on the security space, those are just your basic housecleaning items to make sure that your latency is low, your performances are high and your security's as tight as you can make it. >> Wonderful, well, Jeff thank you so much for sharing Sera4 for story, congratulations to you and your team and wish you the best luck going forward with your initiatives. >> Absolutely, thanks so much Stu. >> All right, thank you for watching. I'm Stu Miniman and thank you for watching theCUBE. (soft music)

>> From around the globe, it's theCUBE, with coverage of KubeCon and CloudNativeCon Europe 2020 virtual. Brought to you by Red Hat, the Cloud Native Computing Foundation and ecosystem partners. >> Welcome back I'm Stu Miniman. And this is theCUBE coverage of KubeCon CloudNativeCon 2020, the Europe virtual edition. Happy to welcome back to the program, fresh off the keynote stage, Priyanka Sharma. She's the general manager of the CNCF. Priyanka, thanks so much for joining us. Great to see you. And we all get to be together even while we're apart. >> That's absolutely right. Thank you so much for having me Stu and great energy in the interwebs today with my keynote and everybody engaging and attending KubeCon. So, very happy to be here. >> All right, so I want to dig into your keynote a little bit. I had a bunch of key themes, a lot of pieces, and of course, community at the heart of it. When I spoke with you when you first took the job, of course, you've got strong background, you know this community really well. We've loved covering it for the last five years, but you talked about the foundation of doers and how that's powering the end user driven open tour. So talk to us a little bit about that, how is this community different from everything else. You know, open source always is community, but this feels a little bit special. >> Well, I'm glad to hear you say that, it is special. Yes, so when you think about the Cloud Native Ecosystem, right? There's so many people who've come together to create this amazing field that we all get to create. The awesome technology that people use to be part of this whole technology creation and deployment process. Those people are the end users first and foremost, they utilize the technology every day. And as time has grown, as time has gone by, they have played a bigger and bigger role. Over time they've become very sophisticated, they're contributing their own projects such as you know, I mean, you all know Envoy and a Jaeger came from Lyft and Uber respectively, but there's many more like Spotify and Wayfair, the furniture company. They have all submitted projects for the sandbox. So there was a lot of momentum, but not only are they creating their own technologies very needed and donating them. They're becoming the guider. They're becoming the guidance for the project that exists. They're giving feedback, they're sharing requirements. It's a very collaborative process and that's what is end-user-driven open source. Now this end user-driven-open source cannot happen by one contributor alone by one maintainer or alone by one company. No, it takes a lot of people. I mean, CNCF, as you know, has invested in its global community since day one. That's why we have the KubeCon EU, we have China events, we have North America. And just the other day I was speaking on a virtual Brazil event. There's just the geographic diversity is amazing. And by being able to reach out to a very large ecosystem and by especially having a formal role for end users, by having an end user member program with their own special interest groups and working groups, we've created a safe space where there is a neutral IP zone, open governance, and also a clear directive and shared partnership with the end users. So that ends up being a large group of people who are all doers, everybody's collaboration matters, and together they create end user-driven-open source. >> Well, Priyanka, I'm not sure that that most people understand really the full charter of what the CNCF does. So maybe you could talk a little bit about, obviously there's all the projects involved. You just brought up some of the end users and how you get engaged. There's also help along career development, when you talk to the individual developers and participants. So help us understand beyond the big events that we gather people at any given time with the smaller events, just, you know, what the CNCF its charter as these days. >> Absolutely, so as some of you know, the CNCF stands for Cloud Native Computing Foundation. And our objective is to host and proliferate technologies that support development, infrastructure development that is cloud native. Now what does cloud native mean, cloud native is when you develop, when you utilize cloud computing, which is the big clouds you must have heard of such as, Alibaba cloud, AWS, Google cloud platform, Azure, IBM, all these hyperscalers. They provide these offerings by which you don't need to have your own server farm, and you can buy compute from them and run your applications on that. When you do that, the way you develop software changes, it should change in order to maximize the value you get. So you started developing with micro services, containerization happens once that happens you need to orchestrate the containers, which is where Kubernetes our founding project comes in. And then you go from there because you have different complexities and observability, you have different complexities and storage and all the cloud native tech comes together to support you in that journey. So from a technology perspective that's what we do. As we have been so fortunate to develop this large ecosystem that so many people joining in of all kinds, we believe it is part of our responsibility to support this community in skill development and always like knowledge sharing. So knowledge sharing community empowers education. And that's how we talked about the events, right? Like KubeCon et cetera. But also these days, we are focusing a lot on our programs with the certifications we offer such as a CKA, which stands for a Certified Kubernetes Admin and CKAD, which stands for Certified Kubernetes Application Developer. To date, 15,000 plus people have taken these certifications successfully. So we have more and more people joining in these ranks. And we are here to support people as they build their careers, as they get more knowledgeable on cloud native, from in formal ways, such as training edX and in informal ways, such as KubeCon and the Meetups and the Webinars, you name it, and we're here for you. >> Well, you used a word that I want to touch on, responsibility, obviously in 2020, there's a lot going on Priyanka. So first of all, you talk about the global pandemic. Some of my favorite interviews I've done for this shows and others talking about how open source and communities are contributing to it. One of the interviews I have coming up for the KubeCon show is out of the Pronto area with how's my flattening, which uses data and visualization, really phenomenal to see how, you know, Kubernetes and collaboration allowed people to rally fast and share data and get information from the right people. The other piece is social justice. You announced a new working group for racial terminology, talk about, how's the CNCF dealing with, all the changes and all the things that are happening in 2020. And how are you helping the community get engaged and participate? >> Absolutely. 2020s is a very unique year. It's had very unique challenges. We've all been through it out together as a global community. So in that way, it has brought us all together, but the fissures and cracks that maybe were overlooked before have gotten deeper this year. And we are committed to bringing the open source cloud native way to help support this full global push to overcome 2020 as a year. (laughs) So part of that as you said, we have a working group to eradicate racially charged tech, sorry, I am really not speaking well to that. So part of our initiatives is a working group to eradicate racially charged terminology from code we're working on it, not just on the CNCF level, but on the entire Linux foundation level, by bringing together various folks, such as companies projects, regardless of where they stand, they don't need to be an LF project or a CNCF project, but we're sharing best practices on What should be the terminology we agree upon? What is the change management look like? And soon we want to really encourage the people who are making these positive steps with and enablement and incentive programs, such as prizes, et cetera. So I'm very committed to this. I think anyone and everyone has a home in open source. This cannot be, you know, the take ground of one type of person or one type of community. And we're going to do our very best to welcome each and every one. This world of technology has been built by the blood, sweat, and tears off many people, and we honor them all. And we also open our arms to more and more of you, no matter how few of people from your ecosystem or community you see in open source, join in, we welcome you.. we are here for you and this working group and this initiative hopes to voice exactly just that. >> Well, yeah, the KubeCons absolutely. I can speak from the event I've gone to, you know, strong diversity. We've really appreciated being able to hear those voices. When you talk about the collaboration, the community activity, we'd love when we can help support those from our team's standpoint, when we can, we want to be able to help those nonprofits, help those communities get their messages and do their call to actions. All right, Priyanka so much to cover. This week when I look at all the breakouts, when I look at the interviews and the technologies, there's a lot of emerging themes also in edge computing has been something we've been talking about for the last year or two, of course, IOT, DevSecOps, what are some of the hot technologies that you're seeing and making sure that the show covers. >> Well, you send them all. (laughs) No, but these are the key themes. Yes, absolutely. As you know, devices are proliferating across the globe. So many people have cell phones, with the coming of 5G things will be even more rocket ship. And these folks need to go cloud native to support development as this change happens, and Kubernetes and CNCF is here to support. We have projects such as KubeEdge. We have k3s from Rancher and the sandbox, all these are meant for edge deployment. So there's that focus that we have. There's always going to be DevSecOps. The minute there is this complexity, the minute there's this growth, new security vulnerabilities, pop up, new interfaces become exposed. And so we have to be on a constant watch. So DevSecOps is a theme that we are going to see a lot of innovation and development in. For anyone who may not be familiar with DevSecOps, DevSecOps does for security, what DevOps did for operations, which is shifted left into the application developers workflow, so that things have got faster so that there is a better collaboration between security teams and application development team. So these are absolutely trans, I think a trend we briefly touched upon is, end-user-driven open source. I think the voice of end users is going to grow bigger and more louder and just that much more critical. The ship has left the dock. And now it's just going to gain steam and gain steam. I think we're going to see more technology contributions from them. We're going to see much more utilization of cloud native from them. And we also will get lots of feedback and advice from them. And there'll be interwoven into the fabric of cloud native in a way like never before. >> Yeah, Priyanka, you've known this community, but now you're very steeped into it. You had to work with a lot of people. I'm curious, does anything, especially from those end users, you know, a big focus of what you've been talking about. Absolutely, it's so important that they not just use the technology, but are participate in it. It's been one of those big waves we've been watching in the open source community for a number of years. So any insight you can give us as to why it is so important to those end users, what is encouraging them, not just to, use these projects, but, you know, assigned people and sponsor events and have much deeper integration with this community. >> They don't integrate with this community. They are part of this community. That's one key thing to remember. I would say, when we all, like, I mean, CNCF is relatively young, it started end of 2015. I started working on a project in it in 2016. And back then we were talking about things like, what are microservices? How to do a lift and shift to the cloud, or what are containers, things like that, right? And there was maybe a bit of a gap in the knowledge that people had to acquire to get good at deploying containers, that's using microservices, et cetera, et cetera. Now, in the last four years, huge leaps have been made by an users just because they were in the trenches, they were doing the work, right? So now their knowledge level has gone really up. And they've also started like knowing where the gaps are, what they need, because they're doing the building, they're the doers here. And so in that environment, it is a natural thing that they will have the best sense of where things should go next. They will have the best sense of what their own requirements are. And so it's an evolution of the end user community. It's an evolution of the doers. And I think that's why this trend is going to continue. And I would like to take like, not a credit, but I would say a tiny shoutout to the CNCF ecosystem program, which is run by Cheryl on my team. She's done a phenomenal job having been a developer herself to bring people and create safe spaces where the enhancers or the vendors are not like necessarily breathing down their neck and they can discuss amongst each other, the topics that matter. And I think that's gone a really long way. >> Yeah. There's, Cheryl's been doing some great work. I know I'm having a conversation with Liz Rice to talk about some of the new pooling, helping customers understand. It's such a broad ecosystem out there that, you know, we didn't even touch on. We're going to talk in many of the other interviews I have Priyanka. There's so many projects, new ways for sandbox and incubation and everything like that. It is definitely a challenge for everybody to look at this space. Want to give you the final word though. What do you want people to have as their takeaway from the event this time? >> Absolutely. Hi everybody. I am so happy. You all took the time and engaged with the community you joined in and attended KubeCon EU virtual, stay with us, partnering with us, come to our events, give us feedback, share ideas. We're all a foundation of doers. We're all team cloud native, and we're in this together. We will go through 2020, we'll come out strong. And this is just the beginning. >> Well, Priyanka, thank you so much. We love the partnership with the CNCF and definitely happy to be able to participate in the event again this year. >> Absolutely. Thank you so much Stu. >> All right, and stay tuned. Lots of coverage here from KubeCon, CloudNativeCon 2020 Europe the virtual edition. I'm Stu Minimam. And thank you as always for watching theCUBE. (upbeat music)

>> From around the globe, it's theCUBE! With coverage of KubeCon and CloudNativeCon Europe 2020, virtual. Brought to you by Red Hat, the Cloud Native Computing Foundation, and ecosystem partners. >> Hi, I'm Stu Miniman and welcome to theCUBE's coverage of KubeCon CloudNativeCon 2020 in Europe. Of course the event this year was supposed to be in the Netherlands, I know I was very much looking forward to going to Amsterdam. This year of course it's going to be virtual, I'm really excited theCUBE's coverage, we've got some great members of the CNCF, we've got a bunch of end users, we've got some good thought leaders, and I'm also bringing a little bit of the Netherlands to help me bring in and start this keynote analysis, happy to welcome back to the program my cohost for the show, Joep Piscaer, who is an industry analyst with TLA. Thank you, Joep, so much for joining us, and we wish we could be with you in person, and check out your beautiful country. >> Absolutely, thanks for having me Stu, and I'm still a little disappointed we cannot eat the (indistinct foreign term) rijsttafel together this year. >> Oh, yeah, can we just have a segment to explain to people the wonder that is the fusion of Indonesian food and the display that you get only in the Netherlands? Rijsttafel, I seriously had checked all over the US and Canada, when I was younger, to find an equivalent, but one of my favorite culinary delights in the world, but we'll have to put a pin in that. You've had some warm weather in the Netherlands recently, and so many of the Europeans take quite a lot of time off in July and August, but we're going to talk about some hardcore tech, KubeCon, a show we love doing, the European show brings good diversity of experiences and customers from across the globe. So, let's start, the keynote, Priyanka Sharma, the new general manager of the CNCF, of course, just some really smart people that come out and talk about a lot of things. And since it's a foundation show, there's some news in there, but it's more about how they're helping corral all of these projects, of course, a theme we've talked about for a while is KubeCon was the big discussion for many years about Kubernetes, still important, and we'll talk about that, but so many different projects and everything from the sandbox, their incubation, through when they become fully, generally available, so, I guess I'll let you start and step back and say when you look at this broad ecosystem, you work with vendors, you've been from the customer side, what's top of mind for you, what's catching your attention? >> So, I guess from a cloud-native perspective, looking at the CNCF, I think you hit the nail on the head. This is not about any individual technology, isn't about just Kubernetes or just Prometheus, or just service mesh. I think the added value of the CNCF, and the way I look at it at least, looking back at my customer perspective, I would've loved to have a organization curate the technology world around me, for me. To help me out with the decisions on a technology perspective that I needed to make to kind of move forward with my IT stack, and with the requirements my customer had, or my organization had, to kind of move that into the next phase. That is where I see the CNCF come in and do their job really well, to help organizations, both on the vendor side as well as on the customer side, take that next step, see around the corner, what's new, what's coming, and also make sure that between different, maybe even competing standards, the right ones surface up and become the de facto standard for organizations to use. >> Yeah, a lot of good thoughts there, Joep, I want to walk through that stack a little bit, but before we do, big statement that Priyanka made, I thought it was a nice umbrella for her keynote, it's a foundation of doers powering end user driven open-source, so as I mentioned, you worked at a service provider, you've done strategies for some other large organizations, what's your thought on the role of how the end users engage with and contribute to open-source? One of the great findings I saw a couple years ago, as you said, it went from open-source being something that people did on the weekend to the sides, to many end users, and of course lots of vendors, have full-time people that their jobs are to contribute and participate in the open-source communities. >> Yeah, I guess that kind of signals a maturity in the market to me, where organizations are investing in open-source because they know they're going to get something out of it. So back in the day, it was not necessarily certain that if you put a lot of effort into an open-source project, for your own gain, for your own purposes, that that would work out, and that with the backing of the CNCF, as well as so many member organizations and end user organizations, I think participating in open-source becomes easier, because there's more of a guarantee that what you put in will kind of circulate, and come out and have value for you, in a different way. Because if you're working on a service mesh, some other organization might be working on Prometheus, or Kubernetes, or another project, and some organizations are now kind of helping each other with the CNCF as the gatekeeper, to move all of those technology stacks forward, instead of everyone doing it for themselves. Maybe even being forced to reinvent the wheel for some of those technology components. >> So let's walk through the stack a little bit, and the layers that are out there, so let's start with Kubernetes, the discussion has been Kubernetes won the container orchestration battles, but whose Kubernetes am I going to use? For a while it was would it be distributions, we've seen every platform basically has at least one Kubernetes option built into it, so doesn't mean you're necessarily using this, before AWS had their own flavor of Kubernetes, there was at least 15 different ways that you could run Kubernetes on top of it, but now they have ECS, they have EKS, even things like Fargate now work with EKS, so interesting innovation and adoption there. But VMware baked Kubernetes into vSphere 7. Red Hat of course, with OpenShift, has thousands of customers and has great momentum, we saw SUSE buy Rancher to help them move along and make sure that they get embedded there. One of the startups you've worked with, Spectro Cloud, helps play into the mix there, so there is no shortage of options, and then from a management standpoint, companies like Microsoft, Google, VMware, Red Hat, all, how do I manage across clusters, because it's not going to just be one Kubernetes that you're going to use, we're expecting that you're going to have multiple options out there, so it sure doesn't sound boring to me yet, or reached full maturity, Joep. What's your take, what advice do you give to people out there when they say "Hey, okay, I'm going to use Kubernetes," I've got hybrid cloud, or I probably have a couple things, how should they be approaching that and thinking about how they engage with Kubernetes? >> So that's a difficult one, because it can go so many different ways, just because, like you said, the market is maturing. Which means, we're kind of back at where we left off virtualization a couple years ago, where we had managers of managers, managing across different data centers, doing the multicloud thing before it was a cloud thing. We have automation doing day two operations, I saw one of the announcements for this week will be a vendor coming out with day two operations automation, to kind of help simplify that stack of Kubernetes in production. And so the best advice I think I have is, don't try to do it all yourself, right, so Kubernetes is still maturing, it is still fairly open, in a sense that you can change everything, which makes it fairly complex to use and configure. So don't try and do that part yourself, necessarily, either use a managed service, which there are a bunch of, Spectro Cloud, for example, as well as Platform9, even the bigger players are now having those platforms. Because in the end, Kubernetes is kind of the foundation of what you're going to do on top of it. Kubernetes itself doesn't have business value in that sense, so spending a lot of time, especially at the beginning of a project, figuring that part out, I don't think makes sense, especially if the risk and the impact of making mistakes is fairly large. Like, make a mistake in a monitoring product, and you'll be able to fix that problem more easily. But make a mistake in a Kubernetes platform, and that's much more difficult, especially because I see organizations build one cluster to rule them all, instead of leveraging what the cloud offers, which is just spin up another cluster. Even spin it up somewhere else, because we can now do the multicloud thing, we can now manage applications across Kubernetes clusters, we can manage many different clusters from a single pane of glass, so there's really no reason anymore to see that Kubernetes thing as something really difficult that you have to do yourself, hence just do it once. Instead, my recommendation would be to look at your processes and figure out, how can I figure out how to have a Kubernetes cluster for everything I do, maybe that's per team, maybe that's per application or per environment, per cloud, and they kind of work from that, because, again, Kubernetes is not the holy grail, it's not the end state, it is a means to an end, to get where we're going with applications, with developing new functionality for customers. >> Well, I think you hit on a really important point, if you look out in the social discussion, sometimes Kubernetes and multicloud get attacked, because when I talk to customers, they shouldn't have a Kubernetes strategy. They have their business strategy, and there are certain things that they're trying to, "How do I make sure everything's secure," and I'm looking at DevSecOps, I need to really have an edge computing strategy because that's going to help my business objectives, and when I look at some of the tools that are going to help and get me there, well, Kubernetes, the service meshes, some of the other tools in the CNCF are going to help me get there, and as you said, I've got managed services, cloud providers, integrators are going to help me build those solutions without me having to spend years to understand how to do that. So yeah, I'd love to hear any interesting projects you're hearing about, edge computing, the security space has gone from super important to even more important if that's possible in 2020. What are you hearing? >> Yeah, so the most interesting part for me is definitely the DevSecOps movement, where we're basically not even allowed to call it DevOps anymore. Security has finally gained a foothold, they're finally able to shift lift the security practices into the realm of developers, simplifying it in a way, and automating it in a way that, it's no longer a trivial task to integrate security. And there's a lot of companies supporting that, even from a Kubernetes perspective, integrating with Kubernetes or integrating with networking products on top of Kubernetes. And I think we finally have reached a moment in time where security is no longer something that we really need to think about. Again, because CNCF is kind of helping us select the right projects, helping us in the right direction, so that making choices in the security realm becomes easier, and becomes a no-brainer for teams, special security teams, as well as the application development teams, to integrate security. >> Well, Joep, I'm glad to hear we've solved security, we can all go home now. That's awesome. But no, in all seriousness, such an important piece, lots of companies spending time on there, and it does feel that we are starting to get the process and organization around, so that we can attack these challenges a little bit more head-on. How 'about service mesh, it's one of those things that's been a little bit contentious the last couple of years, of course ahead of the show, Google is not donating Istio to the foundation, instead, the trademark's open. I'm going to have an interview with Liz Rice to dig into that piece, in the chess moves, Microsoft is now putting out a service mesh, so as Corey Quinn says, the plural of service mesh must be service meeshes, so, it feels like Mr. Meeseeks, for any Rick and Morty fans, we just keep pressing the button and more of them appear, which may cause us more trouble, but, what's your take, do you have a service mesh coming out, Kelsey Hightower had a fun little thing on Twitter about it, what's the state of the state? >> Yeah, so I won't be publishing a service mesh, maybe I'll try and rickroll someone, but we'll see what happens. But service meshes are, they're still a hot topic, it's still one of the spaces where most discussion is kind of geared towards. There is yet to form a single standard, there is yet a single block of companies creating a front to solve that service mesh issue, and I think that's because in the end, service meshes are, from a complexity perspective, they're not mature enough to be able to commoditize into a standard. I think we still need a little while, and maybe ask me this question next year again, and we'll see what happens. But we'll still need a little while to kind of let this market shift and let this market innovate, because I don't think we've reached the end state with service meshes. Also kind of gauging from customer interest and actual production implementations, I don't think this has trickled down from the largest companies that have the most requirements into the smaller companies, the smaller markets, which is something that we do usually see, now Kubernetes is definitely doing that. So in terms of service meshes, I don't think the innovation has reached that endpoint yet, and I think we'll still need a little while, which will mean for the upcoming period, that we'll kind of see this head to head from different companies, trying to gain a foothold, trying to lead a market, introduce their own products. And I think that's okay, and I think the CNCF will continue to kind of curate that experience, up to a point where maybe somewhere in the future we will have a noncompeting standard to finally have something that's commoditized and easy to implement. >> Yeah, it's an interesting piece, one of the things I've always enjoyed when I go to the show is just wander, and the things you bump into are like "Oh my gosh, wow, look at all of these cool little projects." I don't think we are going to stop that Cambrian explosion of innovation and ideas. When you go walk around there's usually over 200 vendors there, and a lot of them are opensource projects. I would say many of them, when you have a discussion with them, I'm not sure that there's necessarily a business behind that project, and that's where you also see maturity in spaces. A year or so ago, in the observability space, open tracing helped pull together a couple of pieces. Storage is starting to mature. Doesn't mean we're going to get down to one standard, there's still a couple of storage engines out there, I have some really good discussions this week to go into that, but it goes from, "Boy, storage is a mess," to "Oh, okay, we have a couple of uses," and just like storage in the data center, there's not a box or a protocol to do anything, it's what's your use case, what performance, what clouds, what environments are you living on, and therefore you can do that. So it's good to see lots of new things added, but then they mature out and they consolidate, and as you said, the CNCF is help giving those roadmaps, those maps, the landscapes, which boy, if you go online, they have some really good tools. Go to CNCF, the website, and you can look through, Cheryl Hung put one, I'm trying to remember which, it's basically a bullseye of the ones that, here's the one that's fully baked, and here's the ones that are making its way through, and the customer feedback, and they're going to do more of those to help give guidance, because no one solution is going to fit everybody's needs, and you have these spectrums of offerings. Wild card for you, are there any interesting projects out there, new things that you're hearing about, what areas should people be poking around that might not be the top level big things? >> So, I guess for me, that's really personal because I'm still kind of an infrastructure geek in that sense. So one of the things that really surprised me was a more traditional vendor, Zerto in this case, with a fantastic solution, finally, they're doing data protection for Kubernetes. And my recommendation would be to look at companies like Zerto in the data protection space, finally making that move into containers, because even though we've completed the discussion, stateful versus stateless, there's still a lot to be said for thinking about data protection, if you're going to go all-in into containers and into Kubernetes, so that was one that really provoked my thoughts, I really was interested in seeing, "Okay, what's Zerto doing in this list of CNCF members?" And for that matter, I think other vendors like VMware, like Red Hat, like other companies that are moving into this space, with a regained trust in their solutions, is something that I think is really interesting, and absolutely worth exploring during the event, to see what those more traditional companies, to use the term, are doing to innovate with their solutions, and kind of helping the CNCF and the cloud data world, become more enterprise-ready, and that's kind of the point I'm trying to make, where for the longest time, we've had this cloud-native versus traditional, but I always thought of it like cloud-native versus enterprise-ready, or proven technology. This is kind of for the developers doing a new thing, this is for the IT operations teams, and we're kind of seeing those two groups, at least from a technology perspective, being fused into one new blood group, making their way forward and innovating with those technologies. So, I think it's interesting to look at the existing vendors and the CNCF members to see where they're innovating. >> Well, Joep, you connected a dotted line between the cloud-native insights program that I've been doing, you were actually my first guest on that. We've got a couple of months worth of episodes out there, and it is closing that gap between what the developers are doing and what the enterprise was, so absolutely, there's architectural pieces, Joep, like you, I'm an infrastructure geek, so I come from those pieces, and there was that gap between, I'm going to use VMs, and now I'm using containers, and I'm looking at things like serverless too, how do we built applications, and is it that bottom-up versus top-down, and what a company's needs, they need to be able to react fast, they need to be able to change along the way, they need to be able to take advantage of the innovation that ecosystems like this have, so, I love the emphasis CNCF has, making sure that the end users are going to have a strong voice, because as you said, the big companies have come in, not just VMware and Red Hat, but, IBM and Dell are behind those two companies, and HPE, Cisco, many others out there that the behemoths out there, not to mention of course the big hyperscale clouds that helped start this, we wouldn't have a lot of this without Google kicking off with Kubernetes, AWS front and center, and an active participant here, and if you talk to the customers, they're all leveraging it, and of course Microsoft, so it is a robust, big ecosystem, Joep, thank you so much for helping us dig into it, definitely hope we can have events back in the Netherlands in the near future, and great to see you as always. >> Thanks for having me. >> All right, stay tuned, we have, as I said, full spectrum of interviews from theCUBE, they'll be broadcasting during the three days, and of course go to theCUBE.net to catch all of what we've done this year at the show, as well as all the back history. Feel free to reach out to me, I'm @Stu on Twitter, and thank you, as always, for watching theCUBE. (calm music)