>> Hey everyone. Welcome back to theCUBE's coverage day two of CloudNative Security CON 23. Lisa Martin here in studio in Palo Alto with John Furrier. John, we've had some great conversations. I've had a global event. This was a global event. We had Germany on yesterday. We had the Boston Studio. We had folks on the ground in Seattle. Lot of great conversations, a lot of great momentum at this event. What is your number one takeaway with this inaugural event? >> Well, first of all, our coverage with our CUBE alumni experts coming in remotely this remote event for us, I think this event as an inaugural event stood out because one, it was done very carefully and methodically from the CNCF. I think they didn't want to overplay their hand relative to breaking out from CUBE CON So Kubernetes success and CloudNative development has been such a success and that event and ecosystem is booming, right? So that's the big story is they have the breakout event and the question was, was it a good call? Was it successful? Was it going to, would the dog hunt as they say, in this case, I think the big takeaway is that it was successful by all measures. One, people enthusiastic and confident that this has the ability to stand on its own and still contribute without taking away from the benefits and growth of Kubernetes CUBE CON and CloudNative console. So that was the key. Hallway conversations, the sessions all curated and developed properly to be different and focused for that reason. So I think the big takeaway is that the CNCF did a good job on how they rolled this out. Again, it was very intimate event small reminds me of first CUBE CON in Seattle, kind of let's test it out. Let's see how it goes. Again, clearly it was people successful and they understood why they're doing it. And as we commented out in our earlier segments this is not something new. Amazon Web Services has re:Invent and re:Inforce So a lot of parallels there. I see there. So I think good call. CNCF did the right thing. I think this has legs. And then as Dave pointed out, Dave Vellante, on our last keynote analysis was the business model of the hackers is better than the business model of the industry. They're making more money, it costs less so, you know, they're playing offense and the industry playing defense. That has to change. And as Dave pointed out we have to make the cost of hacking and breaches and cybersecurity higher so that the business model crashes. And I think that's the strategic imperative. So I think the combination of the realities of the market globally and open source has to go faster. It's good to kind of decouple and be highly cohesive in the focus. So to me that's the big takeaway. And then the other one is, is that there's a lot more security problems still unresolved. The emphasis on developers productivity is at risk here, if not solved. You saw supply chain software, again, front and center and then down in the weeds outside of Kubernetes, things like BIND and DNS were brought up. You're seeing the Linux kernel. Really important things got to be paid attention to. So I think very good call, very good focus. >> I would love if for us to be able to, as the months go on talk to some of the practitioners that actually got to attend. There were 72 sessions, that's a lot of content for a small event. Obviously to your point, very well curated. We did hear from some folks yesterday who were just excited to get the community back together in person. To your point, having this dedicated focus on CloudNativesecurity is incredibly important. You talked about, you know, the offense defense, the fact that right now the industry needs to be able to pivot from being on defense to being on offense. This is a challenging thing because it is so lucrative for hackers. But this seems to be from what we've heard in the last couple days, the right community with the right focus to be able to make that pivot. >> Yeah, and I think if you look at the success of Kubernetes, 'cause again we were there at theCUBE first one CUBE CON, the end user stories really drove end user participation. Drove the birth of Kubernetes. Left some of these CloudNative early adopters early pioneers that were using cloud hyperscale really set the table for CloudNative CON. I think you're seeing that here with this CloudNative SecurityCON where I think we're see a lot more end user stories because of the security, the hairs on fire as we heard from Madrona Ventures, you know, as they as an investor you have a lot of use cases out there where customers are leaning in with getting the rolling up their sleeves, working with open source. This has to be the driver. So I'm expecting to see the next level of SecurityCON to be end user focused. Much more than vendor focused. Where CUBECON was very end user focused and then attracted all the vendors in that grew the industry. I expect the similar pattern here where end user action will be very high at the beginning and that will essentially be the rising tide for the vendors to be then participating. So I expect almost a similar trajectory to CUBECON. >> That's a good path that it needs to all be about all the end users. One of the things I'm curious if what you heard was what are some of the key factors that are going to move CloudNative Security forward? What did you hear the last two days? >> I heard that there's a lot of security problems and no one wants to kind of brag about this but there's a lot of under the hood stuff that needs to get taken care of. So if automation scales, and we heard that from one of the startups we've just interviewed. If automation and scale continues to happen and with the business model of the hackers still booming, security has to be refactored quickly and there's going to be an opportunity structurally to use the cloud for that. So I think it's a good opportunity now to get dedicated focus on fixing things like the DNS stuff old school under the hood, plumbing, networking protocols. You're going to start to see this super cloud-like environment emerge where data's involved, everything's happening and so security has to be re imagined. And I think there's a do over opportunity for the security industry with CloudNative driving that. And I think this is the big thing that I see as an opportunity to, from a story standpoint from a coverage standpoint is that it's a do-over for security. >> One of the things that we heard yesterday is that there's a lot of it, it's a pretty high percentage of organizations that either don't have a SOCK or have a very primitive SOCK. Which kind of surprised me that at this day and age the risks are there. We talked about that today's focus and the keynote was a lot about the software supply chain and what's going on there. What did you hear in terms of the appetite for organizations through the voice of the practitioner to say, you know what guys, we got to get going because there's going to be the hackers are they're here. >> I didn't hear much about that in the coverage 'cause we weren't in the hallways. But from reading the tea leaves and talking to the folks on the ground, I think there's an implied like there's an unlimited money from customers. So it's a very robust from the data infrastructure stack building we cover with the angel investor Kane you're seeing data infrastructure's going to be part of the solution here 'cause data and security go hand in hand. So everyone's got basically checkbook wide open everyone wants to have the answer. And we commented that the co-founder of Palo Alto you had on our coverage yesterday was saying that you know, there's no real platform, there's a lot of tools out there. People will buy anything. So there's still a huge appetite and spend in security but the answer's not going to more tool sprawling. It's going to more platform auto, something that enables automation, fix some of the underlying mechanisms involved and fix it fast. So to me I think it's going to be a robust monetary opportunity because of the demand on the business side. So I don't see that changing at all and I think it's going to accelerate. >> It's a great point in terms of the demand for the business side because as we know as we said yesterday, the next Log4j is out there. It's not a matter of if this happens again it's when, it's the extent, it's how frequent we know that. So organizations all the way up to the board have to be concerned about brand reputation. Nobody wants to be the next big headline in terms of breaches and customer data being given to hackers and hackers making all this money on that. That has to go all the way up to the board and there needs to be alignment between the board and the executives at the organization in terms of how they're going to deal with security, and now. This is not a conversation that can wait. Yeah, I mean I think the five C's we talked about yesterday the culture of companies, the cloud is an enabler, you've got clusters of servers and capabilities, Kubernetes clusters, you've got code and you've got all kinds of, you know, things going on there. Each one has elements that are at risk for hacking, right? So that to me is something that's super important. I think that's why the focus on security's different and important, but it's not going to fork the main event. So that's why I think the spin out was, spinout, or the new event is a good call by the CNCF. >> One of the things today that struck me they're talking a lot about software supply chain and that's been in the headlines for quite a while now. And a stat that was shared this morning during the keynote just blew my brains that there was a 742% increase in the software supply chain attacks occurring over the last three years. It's during Covid times, that is a massive increase. The threat landscape is just growing so amorphously but organizations need to help dial that down because their success and the health of the individuals and the end users is at risk. Well, Covid is an environment where everyone's kind of working at home. So there was some disruption to infrastructure. Also, when you have change like that, there's opportunities for hackers, they'll arbitrage that big time. But I think general the landscape is changing. There's no perimeter anymore. It's CloudNative, this is where it is and people who are moving from old IT to CloudNative, they're at risk. That's why there's tons of ransomware. That's why there's tons of risk. There's just hygiene, from hygiene to architecture and like Nick said from Palo Alto, the co-founder, there's not a lot of architecture in security. So yeah, people have bulked up their security teams but you're going to start to see much more holistic thinking around redoing security. I think that's the opportunity to propel CloudNative, and I think you'll see a lot more coming out of this. >> Did you hear any specific information on some of the CloudNative projects going on that really excite you in terms of these are the right people going after the right challenges to solve in the right direction? >> Well I saw the sessions and what jumped out to me at the sessions was it's a lot of extensions of what we heard at CUBECON and I think what they want to do is take out the big items and break 'em out in security. Kubescape was one we just covered. They want to get more sandbox type stuff into the security side that's very security focused but also plays well with CUBECON. So we'll hear more about how this plays out when we're in Amsterdam coming up in April for CUBECON to hear how that ecosystem, because I think it'll be kind of a relief to kind of decouple security 'cause that gives more focus to the stakeholders in CUBECON. There's a lot of issues going on there and you know service meshes and whatnot. So it's a lot of good stuff happening. >> A lot of good stuff happening. One of the things that'll be great about CUBECON is that we always get the voice of the customer. We get vendors coming on with the voice of the customer talking about and you know in that case how they're using Kubernetes to drive the business forward. But it'll be great to be able to pull in some of the security conversations that spin out of CloudNative Security CON to understand how those end users are embracing the technology. You brought up I think Nir Zuk from Palo Alto Networks, one of the themes there when Dave and I did their Ignite event in December was, of 22, was really consolidation. There are so many tools out there that organizations have to wrap their heads around and they need to be able to have the right enablement content which this event probably delivered to figure out how do we consolidate security tools effectively, efficiently in a way that helps dial down our risk profile because the risks just seem to keep growing. >> Yeah, and I love the technical nature of all that and I think this is going to be the continued focus. Chris Aniszczyk who's the CTO listed like E and BPF we covered with Liz Rice is one of the most three important points of the conference and it's just, it's very nerdy and that's what's needed. I mean it's technical. And again, there's no real standards bodies anymore. The old days developers I think are super important to be the arbiters here. And again, what I love about the CNCF is that they're developer focused and we heard developer first even in security. So you know, this is a sea change and I think, you know, developers' choice will be the standards bodies. >> Lisa: Yeah, yeah. >> They decide the future. >> Yeah. >> And I think having the sandboxing and bringing this out will hopefully accelerate more developer choice and self-service. >> You've been talking about kind of putting the developers in the driver's seat as really being the key decision makers for a while. Did you hear information over the last couple of days that validates that? >> Yeah, absolutely. It's clearly the fact that they did this was one. The other one is, is that engineering teams and dev teams and script teams, they're blending together. It's not just separate silos and the ones that are changing their team dynamics, again, back to the culture are winning. And I think this has to happen. Security has to be embedded everywhere in making it frictionless and to provide kind of the guardrail so developers don't slow down. And I think where security has become a drag or an anchor or a blocker has been just configuration of how the organization's handling it. So I think when people recognize that the developers are in charge and they're should be driving the application development you got to make sure that's secure. And so that's always going to be friction and I think whoever does it, whoever unlocks that for the developer to go faster will win. >> Right. Oh, that's what I'm sure magic to a developer's ear is the ability to go faster and be able to focus on co-development in a secure fashion. What are some of the things that you're excited about for CUBECON. Here we are in February, 2023 and CUBECON is just around the corner in April. What are some of the things that you're excited about based on the groundswell momentum that this first inaugural CloudNative Security CON is generating from a community, a culture perspective? >> I think this year's going to be very interesting 'cause we have an economic challenge globally. There's all kinds of geopolitical things happening. I think there's going to be very entrepreneurial activity this year more than ever. I think you're going to see a lot more innovative projects ideas hitting the table. I think it's going to be a lot more entrepreneurial just because the cycle we're in. And also I think the acceleration of mainstream deployments of out of the CNCF's main event CUBECON will happen. You'll see a lot more successes, scale, more clarity on where the security holes are or aren't. Where the benefits are. I think containers and microservices are continuing to surge. I think the Cloud scale hyperscale as Amazon, Azure, Google will be more aggressive. I think AI will be a big theme this year. I think you can see how data is going to infect some of the innovation thinking. I'm really excited about the data infrastructure because it powers a lot of things in the Cloud. So I think the Amazon Web Services, Azure next level gen clouds will impact what happens in the CloudNative foundation. >> Did you have any conversations yesterday or today with respect to AI and security? Was that a focus of anybody's? Talk to me about that. >> Well, I didn't hear any sessions on AI but we saw some demos on stage. But they're teasing out that this is an augmentation to their mission, right? So I think a lot of people are looking at AI as, again, like I always said there's the naysayers who think it's kind of a gimmick or nothing to see here, and then some are just going to blown away. I think the people who are alpha geeks and the industry connect the dots and understand that AI is going to be an accelerant to a lot of heavy lifting that was either manual, you know, hard to do things that was boring or muck as they say. I think that's going to be where you'll see the AI stories where it's going to accelerate either ways to make security better or make developers more confident and productive. >> Or both. >> Yeah. So definitely AI will be part of it. Yeah, definitely. One of the things too that I'm wondering if, you know, we talk about CloudNative and the goal of it, the importance of it. Do you think that this event, in terms of what we were able to see, obviously being remote the event going on in Seattle, us being here in Palo Alto and Boston and guests on from Seattle and Germany and all over, did you hear the really the validation for why CloudNative Security why CloudNative is important for organizations whether it's a bank or a hospital or a retailer? Is that validation clear and present? >> Yeah, absolutely. I think it was implied. I don't think there was like anyone's trying to debate that. I think this conference was more of it's assumed and they were really trying to push the ability to make security less defensive, more offensive and more accelerated into the solving the problems with the businesses that are out there. So clearly the CloudNative community understands where the security challenges are and where they're emerging. So having a dedicated event will help address that. And they've got great co-chairs too that put it together. So I think that's very positive. >> Yeah. Do you think, is it possible, I mean, like you said several times today so eloquently the industry's on the defense when it comes to security and the hackers are on the offense. Is it really possible to make that switch or obviously get some balances. As technology advances and industry gets to take advantage of that, so do the hackers, is that balance achievable? >> Absolutely. I mean, I think totally achievable. The question's going to be what's the environment going to be like? And I remember as context to understanding whether it's viable or not, is to look at, just go back 13 years ago, I remember in 2010 Amazon was viewed as an unsecure environment. Everyone's saying, "Oh, the cloud is not secure." And I remember interviewing Steve Schmidt at AWS and we discussed specifically how Amazon Cloud was being leveraged by hackers. They made it more complex for the hackers. And he said, "This is just the beginning." It's kind of like barbed wire on a fence. It's yeah, you're not going to climb it so people can get over it. And so since then what's happened is the Cloud has become more secure than on premises for a lot of either you know, personnel reasons, culture reasons, not updating, you know, from patches to just being insecure to be more insecure. So that to me means that the flip the script can be flipped. >> Yeah. And I think with CloudNative they can build in automation and code to solve some of these problems and make it more complex for the hacker. >> Lisa: Yes. >> And increase the cost. >> Yeah, exactly. Make it more complex. Increase the cost. That'll be in interesting journey to follow. So John, here we are early February, 2023 theCUBE starting out strong as always. What year are we in, 12? Year 12? >> 13th year >> 13! What's next for theCUBE? What's coming up that excites you? >> Well, we're going to do a lot more events. We got the theCUBE in studio that I call theCUBE Center as kind of internal code word, but like, this is more about getting the word out that we can cover events remotely as events are starting to change with hybrid, digital is going to be a big part of that. So I think you're going to see a lot more CUBE on location. We're going to do, still do theCUBE and have theCUBE cover events from the studio to get deeper perspective because we can then bring people in remote through our our studio team. We can bring our CUBE alumni in. We have a corpus of content and experts to bring to table. So I think the coverage will be increased. The expertise and data will be flowing through theCUBE and so Cube Center, CUBE CUBE Studio. >> Lisa: Love it. >> Will be a integral part of our coverage. >> I love that. And we have such great conversations with guests in person, but also virtually, digitally as well. We still get the voices of the practitioners and the customers and the vendors and the partner ecosystem really kind of lauded loud and clear through theCUBE megaphone as I would say. >> And of course getting the clips out there, getting the highlights. >> Yeah. >> Getting more stories. No stories too small for theCUBE. We can make it easy to get the best content. >> The best content. John, it's been fun covering CloudNative security CON with you with you. And Dave and our guests, thank you so much for the opportunity and looking forward to the next event. >> John: All right. We'll see you at Amsterdam. >> Yeah, I'll be there. We want to thank you so much for watching TheCUBES's two day coverage of CloudNative Security CON 23. We're live in Palo Alto. You are live wherever you are and we appreciate your time and your view of this event. For John Furrier, Dave Vellante, I'm Lisa Martin. Thanks for watching guys. We'll see you at the next show.

(upbeat music) >> Hey everyone and welcome to theCUBE's coverage day one of CloudNativeSecurityCon '23. Lisa Martin here with John Furrier and Dave Vellante. Dave and John, great to have you guys on the program. This is interesting. This is the first inaugural CloudNativeSecurityCon. Formally part of KubeCon, now a separate event here happening in Seattle over the next couple of days. John, I wanted to get your take on, your thoughts on this being a standalone event, the community, the impact. >> Well, this inaugural event, which is great, we love it, we want to cover all inaugural events because you never know, there might not be one next year. So we were here if it happens, we're here at creation. But I think this is a good move for the CNCF and the Linux Foundation as security becomes so important and there's so many issues to resolve that will influence many other things. Developers, machine learning, data as code, supply chain codes. So I think KubeCon, Kubernetes conference and CloudNativeCon, is all about cloud native developers. And it's a huge event and there's so much there. There's containers, there's microservices, all that infrastructure's code, the DevSecOps on that side, there's enough there and it's a huge ecosystem. Pulling it as a separate event is a first move for them. And I think there's a toe in the water kind of vibe here. Testing the waters a little bit on, does this have legs? How is it organized? Looks like they took their time, thought it out extremely well about how to craft it. And so I think this is the beginning of what will probably be a seminal event for the open source community. So let's listen to the clip from Priyanka Sharma who's a CUBE alumni and executive director of the CNCF. This is kind of a teaser- >> We will tackle issues of security together here and further on. We'll share our experiences, successes, perhaps more importantly, failures, and help with the collecting of understanding. We'll create solutions. That's right. The practitioners are leading the way. Having conversations that you need to have. That's all of you. This conference today and tomorrow is packed with 72 sessions for all levels of technologists to reflect the bottoms up, developer first nature of the conference. The co-chairs have selected these sessions and they are true blue practitioners. >> And that's a great clip right there. If you read between the lines, what she's saying there, let's unpack this. Solutions, we're going to fail, we're going to get better. Linux, the culture of iterating. But practitioners, the mention of practitioners, that was very key. Global community, 72 sessions, co-chairs, Liz Rice and experts that are crafting this program. It seems like very similar to what AWS has done with re:Invent as their core show. And then they have re:Inforce which is their cloud native security, Amazon security show. There's enough there, so to me, practitioners, that speaks to the urgency of cloud native security. So to me, I think this is the first move, and again, testing the water. I like the vibe. I think the practitioner angle is relevant. It's very nerdy, so I think this is going to have some legs. >> Yeah, the other key phrase Priyanka mentioned is bottoms up. And John, at our predictions breaking analysis, I asked you to make a prediction about events. And I think you've nailed it. You said, "Look, we're going to have many more events, but they're going to be smaller." Most large events are going to get smaller. AWS is obviously the exception, but a lot of events like this, 500, 700, 1,000 people, that is really targeted. So instead of you take a big giant event and there's events within the event, this is going to be really targeted, really intimate and focused. And that's exactly what this is. I think your prediction nailed it. >> Well, Dave, we'll call to see the event operating system really cohesive events connected together, decoupled, and I think the Linux Foundation does an amazing job of stringing these events together to have community as the focus. And I think the key to these events in the future is having, again, targeted content to distinct user groups in these communities so they can be highly cohesive because they got to be productive. And again, if you try to have a broad, big event, no one's happy. Everyone's underserved. So I think there's an industry concept and then there's pieces tied together. And I think this is going to be a very focused event, but I think it's going to grow very fast. >> 72 sessions, that's a lot of content for this small event that the practitioners are going to have a lot of opportunity to learn from. Do you guys, John, start with you and then Dave, do you think it's about time? You mentioned John, they're dipping their toe in the water. We'll see how this goes. Do you think it's about time that we have this dedicated focus out of this community on cloud native security? >> Well, I think it's definitely time, and I'll tell you there's many reasons why. On the front lines of business, there's a business model for security hackers and breaches. The economics are in favor of the hackers. That's a real reality from ransomware to any kind of breach attacks. There's corporate governance issues that's structural challenges for companies. These are real issues operationally for companies in the enterprise. And at the same time, on the tech stack side, it's been very slow movement, like glaciers in terms of security. Things like DNS, Linux kernel, there are a lot of things in the weeds in the details of the bowels of the tech world, protocol levels that just need to be refactored. And I think you're seeing a lot of that here. It was mentioned from Brian from the Linux Foundation, mentioned Dan Kaminsky who recently passed away who found that vulnerability in BIND which is a DNS construct. That was a critical linchpin. They got to fix these things and Liz Rice is talking about the Linux kernel with the extended Berkeley Packet Filtering thing. And so this is where they're going. This is stuff that needs to be paid attention to because if they don't do it, the train of automation and machine learning is going to run wild with all kinds of automation that the infrastructure just won't be set up for. So I think there's going to be root level changes, and I think ultimately a new security stack will probably be very driven by data will be emerging. So to me, I think this is definitely worth being targeted. And I think you're seeing Amazon doing the same thing. I think this is a playbook out of AWS's event focus and I think that's right. >> Dave, what are you thoughts? >> There was a lot of talk in, again, I go back to the progression here in the last decade about what's the right regime for security? Should the CISO report to the CIO or the board, et cetera, et cetera? We're way beyond that now. I think DevSecOps is being asked to do a lot, particularly DevOps. So we hear a lot about shift left, we're hearing about protecting the runtime and the ops getting much more involved and helping them do their jobs because the cloud itself has brought a lot to the table. It's like the first line of defense, but then you've really got a lot to worry about from a software defined perspective. And it's a complicated situation. Yes, there's less hardware, yes, we can rely on the cloud, but culturally you've got a lot more people that have to work together, have to share data. And you want to remove the blockers, to use an Amazon term. And the way you do that is you really, if we talked about it many times on theCUBE. Do over, you got to really rethink the way in which you approach security and it starts with culture and team. >> Well the thing, I would call it the five C's of security. Culture, you mentioned that's a good C. You got cloud, tons of issues involved in cloud. You've got access issues, identity. you've got clusters, you got Kubernetes clusters. And then you've got containers, the fourth C. And then finally is the code itself, supply chain. So all areas of cloud native, if you take out culture, it's cloud, cluster, container, and code all have levels of security risks and new things in there that need to be addressed. So there's plenty of work to get done for sure. And again, this is developer first, bottoms up, but that's where the change comes in, Dave, from a security standpoint, you always point this out. Bottoms up and then middle out for change. But absolutely, the imperative is today the business impact is real and it's urgent and you got to pedal as fast as you can here, so I think this is going to have legs. We'll see how it goes. >> Really curious to understand the cultural impact that we see being made at this event with the focus on it. John, you mentioned the four C's, five with culture. I often think that culture is probably the leading factor. Without that, without getting those teams aligned, is the rest of it set up to be as successful as possible? I think that's a question that's- >> Well to me, Dave asked Pat Gelsinger in 2014, can security be a do-over at VMWorld when he was the CEO of VMware? He said, "Yes, it has to be." And I think you're seeing that now. And Nick from the co-founder of Palo Alto Networks was quoted on theCUBE by saying, "Zero Trust is some structure to give to security, but cloud allows for the ability to do it over and get some scale going on security." So I think the best people are going to come together in this security world and they're going to work on this. So you're going to start to see more focus around these security events and initiatives. >> So I think that when you go to the, you mentioned re:Inforce a couple times. When you go to re:Inforce, there's a lot of great stuff that Amazon puts forth there. Very positive, it's not that negative. Oh, the world is falling, the sky is falling. And so I like that. However, you don't walk away with an understanding of how they're making the CISOs and the DevOps lives easier once they get beyond the cloud. Of course, it's not Amazon's responsibility. And that's where I think the CNCF really comes in and open source, that's where they pick up. Obviously the cloud's involved, but there's a real opportunity to simplify the lives of the DevSecOps teams and that's what's critical in terms of being able to solve, or at least keep up with this never ending problem. >> Yeah, there's a lot of issues involved. I took some notes here from some of the keynote you heard. Security and education, training and team structure. Detection, incidents that are happening, and how do you respond to that architecture. Identity, isolation, supply chain, and governance and compliance. These are all real things. This is not like hand-waving issues. They're mainstream and they're urgent. Literally the houses are on fire here with the enterprise, so this is going to be very, very important. >> Lisa: That's a great point. >> Some of the other things Priyanka mentioned, exposed edges and nodes. So just when you think we're starting to solve the problem, you got IOT, security's not a one and done task. We've been talking about culture. No person is an island. It's $188 billion business. Cloud native is growing at 27% a year, which just underscores the challenges, and bottom line, practitioners are leading the way. >> Last question for you guys. What are you hoping those practitioners get out of this event, this inaugural event, John? >> Well first of all, I think this inaugural event's going to be for them, but also we at theCUBE are going to be doing a lot more security events. RSA's coming up, we're going to be at re:Inforce, we're obviously going to be covering this event. We've got Black Hat, a variety of other events. We'll probably have our own security events really focused on some key areas. So I think the thing that people are going to walk away from this event is that paying attention to these security events are going to be more than just an industry thing. I think you're going to start to see group gatherings or groups convening virtually and physically around core issues. And I think you're going to start to see a community accelerate around cloud native and open source specifically to help teams get faster and better at what they do. So I think the big walkaway for the customers and the practitioners here is that there's a call to arms happening and this is, again, another signal that it's worth breaking out from the core event, but being tied to it, I think that's a good call and I think it's a well good architecture from a CNCF standpoint and a worthy effort, so I give it a thumbs up. We still don't know what it's going to look like. We'll see what day two looks like, but it seems to be experts, practitioners, deep tech, enabling technologies. These are things that tend to be good things to hear when you're at an event. I'll say the business imperative is obvious. >> The purpose of an event like this, and it aligns with theCUBE's mission, is to educate and inspire business technology pros to action. We do it in theCUBE with free content. Obviously this event is a for-pay event, but they are delivering some real value to the community that they can take back to their organizations to make change. And that's what it's all about. >> Yep, that is what it's all about. I'm looking forward to seeing over as the months unfold, the impact that this event has on the community and the impact the community has on this event going forward, and really the adoption of cloud native security. Guys, great to have you during this keynote analysis. Looking forward to hearing the conversations that we have on theCUBE today. Thanks so much for joining. And for my guests, for my co-hosts, John Furrier and Dave Vellante. I'm Lisa Martin. You're watching theCUBE's day one coverage of CloudNativeSecurityCon '23. Stick around, we got great content on theCUBE coming up. (upbeat music)

(upbeat music) >> Hello, everyone, from Palo Alto, Lisa Martin here. This is The Cube's coverage of CloudNativeSecurityCon, the inaugural event. I'm here with John Furrier in studio. In Boston, Dave Vellante joins us, and our guest, Liz Rice, one of our alumni, is joining us from Seattle. Great to have everyone here. Liz is the Chief Open Source officer at Isovalent. She's also the Emeritus Chair Technical Oversight Committee at CNCF, and a co-chair of this new event. Everyone, welcome Liz. Great to have you back on theCUBE. Thanks so much for joining us today. >> Thanks so much for having me, pleasure. >> So CloudNativeSecurityCon. This is the inaugural event, Liz, this used to be part of KubeCon, it's now its own event in its first year. Talk to us about the importance of having it as its own event from a security perspective, what's going on? Give us your opinions there. >> Yeah, I think security was becoming so- at such an important part of the conversation at KubeCon, CloudNativeCon, and the TAG security, who were organizing the co-located Cloud Native Security Day which then turned into a two day event. They were doing this amazing job, and there was so much content and so much activity and so much interest that it made sense to say "Actually this could stand alone as a dedicated event and really dedicate, you know, all the time and resources of running a full conference, just thinking about cloud native security." And I think that's proven to be true. There's plenty of really interesting talks that we're going to see. Things like a capture the flag. There's all sorts of really good things going on this week. >> Liz, great to see you, and Dave, great to see you in Boston Lisa, great intro. Liz, you've been a CUBE alumni. You've been a great contributor to our program, and being part of our team, kind of extracting that signal from the CNCF cloud native world KubeCon. This event really kind of to me is a watershed moment, because it highlights not only security as a standalone discussion event, but it's also synergistic with KubeCon. And, as co-chair, take us through the thought process on the sessions, the experts, it's got a practitioner vibe there. So we heard from Priyanka early on, bottoms up, developer first. You know KubeCon's shift left was big momentum. This seems to be a breakout of very focused security. Can you share the rationale and the thoughts behind how this is emerging, and how you see this developing? I know it's kind of a small event, kind of testing the waters it seems, but this is really a directional shift. Can you share your thoughts? >> Yeah I'm just, there's just so many different angles that you can consider security. You know, we are seeing a lot of conversations about supply chain security, but there's also runtime security. I'm really excited about eBPF tooling. There's also this opportunity to talk about how do we educate people about security, and how do security practitioners get involved in cloud native, and how do cloud native folks learn about the security concepts that they need to keep their deployments secure. So there's lots of different groups of people who I think maybe at a KubeCon, KubeCon is so wide, it's such a diverse range of topics. If you really just want to focus in, drill down on what do I need to do to run Kubernetes and cloud native applications securely, let's have a really focused event, and just drill down into all the different aspects of that. And I think that's great. It brings the right people together, the practitioners, the experts, the vendors to, you know, everyone can be here, and we can find each other at a smaller event. We are not spread out amongst the thousands of people that would attend a KubeCon. >> It's interesting, Dave, you know, when we were talking, you know, we're going to bring you in real quick, because AWS, which I think is the bellweather for, you know, cloud computing, has now two main shows, AWS re:Invent and re:Inforce. Security, again, broken out there. you see the classic security events, RSA, Black Hat, you know, those are the, kind of, the industry kind of mainstream security, very wide. But you're starting to see the cloud native developer first with both security and cloud native, kind of, really growing so fast. This is a major trend for a lot of the ecosystem >> You know, and you hear, when you mention those other conferences, John you hear a lot about, you know, shift left. There's a little bit of lip service there, and you, we heard today way more than lip service. I mean deep practitioner level conversations, and of course the runtime as well. Liz, you spent a lot of time obviously in your keynote on eBPF, and I wonder if you could share with the audience, you know, why you're so excited about that. What makes it a more effective tool compared to other traditional methods? I mean, it sounds like it simplifies things. You talked about instrumenting nodes versus workloads. Can you explain that a little bit more detail? >> Yeah, so with eBPF programs, we can load programs dynamically into the kernel, and we can attach them to all kinds of different events that could be happening anywhere on that virtual machine. And if you have the right knowledge about where to hook into, you can observe network events, you can observe file access events, you can observe pretty much anything that's interesting from a security perspective. And because eBPF programs are living in the kernel, there's only one kernel shared amongst all of the applications that are running on that particular machine. So you don't- you no longer have to instrument each individual application, or each individual pod. There's no more need to inject sidecars. We can apply eBPF based tooling on a per node basis, which just makes things operationally more straightforward, but it's also extremely performant. We can hook these programs into events that typically very lightweight, small programs, kind of, emitting an event, making a decision about whether to drop a packet, making a decision about whether to allow file access, things of that nature. There's super fast, there's no need to transition between kernel space and user space, which is usually quite a costly operation from performance perspective. So eBPF makes it really, you know, it's taking the security tooling, and other forms of tooling, networking and observability. We can take these tools into the kernel, and it's really efficient there. >> So Liz- >> So, if I may, one, just one quick follow up. You gave kind of a space age example (laughs) in your keynote. When, do you think a year from now we'll be able to see, sort of, real world examples in in action? How far away are we? >> Well, some of that is already pretty widely deployed. I mean, in my keynote I was talking about Cilium. Cilium is adopted by hundreds of really big scale deployments. You know, the users file is full of household names who've been using cilium. And as part of that they will be using network policies. And I showed some visualizations this morning of network policy, but again, network policy has been around, pretty much since the early days of Kubernetes. It can be quite fiddly to get it right, but there are plenty of people who are using it at scale today. And then we were also looking at some runtime security detections, seeing things like, in my example, exfiltrating the plans to the Death Star, you know, looking for suspicious executables. And again, that's a little bit, it's a bit newer, but we do have people running that in production today, proving that it really does work, and that eBPF is a scalable technology. It's, I've been fascinated by eBPF for years, and it's really amazing to see it being used in the real world now. >> So Liz, you're a maintainer on the Cilium project. Talk about the use of eBPF in the Cilium project. How is it contributing to cloud native security, and really helping to change the dials on that from an efficiency, from a performance perspective, as well as a, what's in it for me as a business perspective? >> So Cilium is probably best known as a networking plugin for Kubernetes. It, when you are running Kubernetes, you have to make a decision about some networking plugin that you're going to use. And Cilium is, it's an incubating project in the CNCF. It's the most mature of the different CNIs that's in the CNCF at the moment. As I say, very widely deployed. And right from day one, it was based on eBPF. And in fact some of the people who contribute to the eBPF platform within the kernel, are also working on the Cilium project. They've been kind of developed hand in hand for the last six, seven years. So really being able to bring some of that networking capability, it required changes in the kernel that have been put in place several years ago, so that now we can build these amazing tools for Kubernetes operators. So we are using eBPF to make the networking stack for Kubernetes and cloud native really efficient. We can bypass some of the parts of the network stack that aren't necessarily required in a cloud native deployment. We can use it to make these incredibly fast decisions about network policy. And we also have a sub-project called Tetragon, which is a newer part of the Cilium family which uses eBPF to observe these runtime events. The things like people opening a file, or changing the permissions on a file, or making a socket connection. All of these things that as a security engineer you are interested in. Who is running executables who is making network connections, who's accessing files, all of these operations are things that we can observe with Cilium Tetragon. >> I mean it's exciting. We've chatted in the past about that eBPF extended Berkeley Packet Filter, which is about the Linux kernel. And I bring that up Liz, because I think this is the trend I'm trying to understand with this event. It's, I hear bottoms up developer, developer first. It feels like it's an under the hood, infrastructure, security geek fest for practitioners, because Brian, in his keynote, mentioned BIND in reference the late Dan Kaminsky, who was, obviously found that error in BIND at the, in DNS. He mentioned DNS. There's a lot of things that's evolving at the silicone, kernel, kind of root levels of our infrastructure. This seems to be a major shift in focus and rightfully so. Is that something that you guys talk about, or is that coincidence, or am I just overthinking this point in terms of how nerdy it's getting in terms of the importance of, you know, getting down to the low level aspects of protecting everything. And as we heard also the quote was no software secure. (Liz chuckles) So that's up and down the stack of the, kind of the old model. What's your thoughts and reaction to that? >> Yeah, I mean I think a lot of folks who get into security really are interested in these kind of details. You know, you see write-ups of exploits and they, you know, they're quite often really involved, and really require understanding these very deep detailed technical levels. So a lot of us can really geek out about the details of that. The flip side of that is that as an application developer, you know, as- if you are working for a bank, working for a media company, you're writing applications, you shouldn't have to be worried about what's happening at the kernel level. This might be kind of geeky interesting stuff, but really, operationally, it should be taken care of for you. You've got your work cut out building business value in applications. So I think there's this interesting, kind of dual track going on almost, if you like, of the people who really want to get involved in those nitty gritty details, and understand how the underlying, you know, kernel level exploits maybe working. But then how do we make that really easy for people who are running clusters to, I mean like you said, nothing is ever secure, but trying to make things as secure as they can be easily, and make things visual, make things accessible, make things, make it easy to check whether or not you are compliant with whatever regulations you need to be compliant with. That kind of focus on making things usable for the platform team, for the application developers who deliver apps on the platform, that's the important (indistinct)- >> I noticed that the word expert was mentioned, I mentioned earlier with Priyanka. Was there a rationale on the 72 sessions, was there thinking around it or was it kind of like, these are urgent areas, they're obvious low hanging fruit. Was there, take us through the selection process of, or was it just, let's get 72 sessions going to get this (Liz laughs) thing moving? >> No, we did think quite carefully about how we wanted to, what the different focus areas we wanted to include. So we wanted to make sure that we were including things like governance and compliance, and that we talk about not just supply chain, which is clearly a very hot topic at the moment, but also to talk about, you know, threat detection, runtime security. And also really importantly, we wanted to have space to talk about education, to talk about how people can get involved. Because maybe when we talk about all these details, and we get really technical, maybe that's, you know, a bit scary for people who are new into the cloud native security space. We want to make sure that there are tracks and content that are accessible for newcomers to get involved. 'Cause, you know, given time they'll be just as excited about diving into those kind of kernel level details. But everybody needs a place to start, and we wanted to make sure there were conversations about how to get started in security, how to educate other members of your team in your organization about security. So hopefully there's something for everyone. >> That education piece- >> Liz, what's the- >> Oh sorry, Dave. >> What the buzz on on AI? We heard Dan talk about, you know, chatGPT, using it to automate spear phishing. There's always been this tension between security and speed to market, but CISOs are saying, "Hey we're going to a zero trust architecture and that's helping us move faster." Will, in your, is the talk on the floor, AI is going to slow us down a little bit until we figure it out? Or is it actually going to be used as an offensive defensive tool if I can use that angle? >> Yeah, I think all of the above. I actually had an interesting chat this morning. I was talking with Andy Martin from Control Plane, and we were talking about the risk of AI generated code that attempts to replicate what open source libraries already do. So rather than using an existing open source package, an organization might think, "Well, I'll just have my own version, and I'll have an AI write it for me." And I don't, you know, I'm not a lawyer so I dunno what the intellectual property implications of this will be, but imagine companies are just going, "Well you know, write me an SSL library." And that seems terrifying from a security perspective, 'cause there could be all sorts of very slightly different AI generated libraries that pick up the same vulnerabilities that exist in open source code. So, I think we're going to go through a pretty interesting period of vulnerabilities being found in AI generated code that look familiar, and we'll be thinking "Haven't we seen these vulnerabilities before? Yeah, we did, but they were previously in handcrafted code and now we'll see the same things being generated by AI." I mean, in the same way that if you look at an AI generated picture and it's got I don't know, extra fingers, or, you know, extra ears or something that, (Dave laughs) AI does make mistakes. >> So Liz, you talked about the education, the enablement, the 72 sessions, the importance of CloudNativeSecurityCon being its own event this year. What are your hopes and dreams for the practitioners to be able to learn from this event? How do you see the event as really supporting the growth, the development of the cloud native security community as a whole? >> Yeah, I think it's really important that we think of it as a Cloud Native Security community. You know, there are lots of interesting sort of hacker community security related community. Cloud native has been very community focused for a long time, and we really saw, particularly through the tag, the security tag, that there was this growing group of people who were, really wanted to work at that intersection between security and cloud native. And yeah, I think things are going really well this week so far, So I hope this is, you know, the first of many additions of this conference. I think it will also be interesting to see how the balance between a smaller, more focused event, compared to the giant KubeCon and cloud native cons. I, you know, I think there's space for both things, but whether or not there will be other smaller focus areas that want to stand alone and justify being able to stand alone as their own separate conferences, it speaks to the growth of cloud native in general that this is worthwhile doing. >> Yeah. >> It is, and what also speaks to, it reminds me of our tagline here at theCUBE, being able to extract the signal from the noise. Having this event as a standalone, being able to extract the value in it from a security perspective, that those practitioners and the community at large is going to be able to glean from these conversations is something that will be important, that we'll be keeping our eyes on. >> Absolutely. Makes sense for me, yes. >> Yeah, and I think, you know, one of the things, Lisa, that I want to get in, and if you don't mind asking Dave his thoughts, because he just did a breaking analysis on the security landscape. And Dave, you know, as Liz talking about some of these root level things, we talk about silicon advances, powering machine learning, we've been covering a lot of that. You've been covering the general security industry. We got RSA coming up reinforced with AWS, and as you see the cloud native developer first, really driving the standards of the super cloud, the multicloud, you're starting to see a lot more application focus around latency and kind of controlling that, These abstraction layer's starting to see a lot more growth. What's your take, Dave, on what Liz and- is talking about because, you know, you're analyzing the horses on the track, and there's sometimes the old guard security folks, and you got open source continuing to kick butt. And even on the ML side, we've been covering some of these foundation models, you're seeing a real technical growth in open source at all levels and, you know, you still got some proprietary machine learning stuff going on, but security's integrating all that. What's your take and your- what's your breaking analysis on the security piece here? >> I mean, to me the two biggest problems in cyber are just the lack of talent. I mean, it's just really hard to find super, you know, deep expertise and get it quickly. And I think the second is it's just, it's so many tools to deal with. And so the architecture of security is just this mosaic and a mess. That's why I'm excited about initiatives like eBPF because it does simplify things, and developers are being asked to do a lot. And I think one of the other things that's emerging is when you- when we talk about Industry 4.0, and IIoT, you- I'm seeing a lot of tools that are dedicated just to that, you know, slice of the world. And I don't think that's the right approach. I think that there needs to be a more comprehensive view. We're seeing, you know, zero trust architectures come together, and it's going to take some time, but I think that you're going to definitely see, you know, some rethinking of how to architect security. It's a game of whack-a-mole, but I think the industry is just- the technology industry is doing a really really good job of, you know, working hard to solve these problems. And I think the answer is not just another bespoke tool, it's a broader thinking around architectures and consolidating some of those tools, you know, with an end game of really addressing the problem in a more comprehensive fashion. >> Liz, in the last minute or so we have your thoughts on how automation and scale are driving some of these forcing functions around, you know, taking away the toil and the muck around developers, who just want stuff to be code, right? So infrastructure as code. Is that the dynamic here? Is this kind of like new, or is it kind of the same game, different kind of thing? (chuckles) 'Cause you're seeing a lot more machine learning, a lot more automation going on. What's, is that having an impact? What's your thoughts? >> Automation is one of the kind of fundamental underpinnings of cloud native. You know, we're expecting infrastructure to be written as code, We're expecting the platform to be defined in yaml essentially. You know, we are expecting the Kubernetes and surrounding tools to self-heal and to automatically scale and to do things like automated security. If we think about supply chain, you know, automated dependency scanning, think about runtime. Network policy is automated firewalling, if you like, for a cloud native era. So, I think it's all about making that platform predictable. Automation gives us some level of predictability, even if the underlying hardware changes or the scale changes, so that the application developers have something consistent and standardized that they can write to. And you know, at the end of the day, it's all about the business applications that run on top of this infrastructure >> Business applications and the business outcomes. Liz, we so appreciate your time talking to us about this inaugural event, CloudNativeSecurityCon 23. The value in it for those practitioners, all of the content that's going to be discussed and learned, and the growth of the community. Thank you so much, Liz, for sharing your insights with us today. >> Thanks for having me. >> For Liz Rice, John Furrier and Dave Vellante, I'm Lisa Martin. You're watching the Cube's coverage of CloudNativeSecurityCon 23. (electronic music)

>>The cube presents Koon and cloud native con Europe, 2022, brought to you by red hat, the cloud native computing foundation and its ecosystem partners. >>Welcome to Valencia Spain and CubeCon cloud native con Europe, 2022 I'm cube Townsend, along with Paul Gill, senior editor, enterprise architecture at Silicon angle. We are talking to some incredible folks this week, continuing the conversation around enabling developers to do their work. Paul you've said that this conference is about developers. What are you finding key as a theme running throughout the show >>That that developers really need a whole set of special tools. You know, it's not the end user, the end user tools, the end user access controls the authentication it's developers need a need their own to live their in their own environment. They need their own workflow tools, their own collaboration and their own security. And that's where teleport comes in. >>So speaking of teleport, we have Michael fork, chief marking our officer at teleport new world role for you. First, tell me about how long have you been at teleport now >>Going on seven or eight months now, >>Seven or eight months in this fast moving market. I'm I'm going to tell you a painful experience I've had in this new world. We've built applications. We've moved fast audits come in. The auditors have come in and they said, you know what, who authorized this change to the cluster? And we'll go into the change ticket and say, this person authorized the changes and the change ticket. And then they'll ask for trace back. Okay. Show me the change. What do it mean? Show you the changes. It just happened. >>Yeah. Check, check GitHub. >>Yeah, check GI, get, see, we, we, we, we said we were gonna make the changes, the change happen. That's not enough. What are CU, how are you helping customers solve this access control and audit problem? >>Yeah, that's a great question. There're kind of, there're kind of two, two sides to the puzzle. And actually I think that the intro hits it. Well, you you've talked about kind of developer experience needing needing tools to more efficiently do the job as a practitioner. And you're coming at it from kind of a security and compliance angle. And there's a tension between both of those teams. It's like, you know, there's, there's a tension between dev and ops before we created DevOps. There's also a tension between kind of security teams and developers. So we've created dev SecOps. What that means is you need an easy way for developers to get access, access to the resources they needed through their jobs. That's, you know, Linux hosts and databases and Kubernetes clusters and, you know, monitoring dashboards and managing all of those credentials is quite cumbersome. If I need to access a dozen systems, then you know, I'm using SSH keys to access this. >>I have admin credentials for my database. I I'm going through a VPN to access an internal dashboard, teleport, consolidates, all of that access into a single login via your identity provider, Okta active directory, but then on the security and compliance side, we make it really easy for that compliance officer. When they say, show me that change, we have all of the audit logs. That's that show exactly what changes Keith made when he logged into, into that system. And in fact, one of the booths behind here is talking about E B P F a modern way to get that kind of kernel level grade granularity. We build all of that observability into teleport to make the security and compliance teams happy. And the engineering teams a lot more productive. >>Where do the, the access control tools like Okta, you mentioned fall short. I mean, why, why is there a need for your level of, of control at the control plane? >>Yeah. When you, when you start to talk about authorization, authentication, audit at the infrastructure level, each of these technologies has its own way of managing what kind of in, in the jargon often and Ze, right? Authentication authorization. So you have SSH for, for Linux. Kubernetes has its own way of doing authorization. All of the database providers have their own way and it's quite complicated, right? It's, it's much different. So, you know, if I'm gonna access office 365 or I'm gonna a access Salesforce, right. I'm really talking about the HTTP protocol. It's relatively trivial to implement single sign on for web-based applications. But when we start talking about things that are happening at the Linux kernel level, or with Kubernetes, it's quite complicated to build those integrations. And that's where teleport extends what you have with your IDP. So for instance, Okta, lots of our customers use Okta as their identity provider, but then teleport takes those roles and applies them and enforces them at the actual infrastructure level. >>So if I'm a lay developer, I'm looking at this thinking, you know, I, I have service mesh, I've implemented link D SEO or something to that level. And I also have Ansible and Ansible has security, etcetera. What, what role, or how does that integrate to all together from a big picture perspective? >>Yeah. So >>What, one of the, kind of the meta themes at teleport is we, we like to, we like to say that we are fighting complexity cuz as we build new technologies, we tend to run the new tech on top of the old tech. Whereas for instance, when you buy a new car, you typically don't, you know, hook the old car to the back and then pull it around with you. Right? We, we replace old technology with new technology, but in infrastructure that doesn't happen as often. And so you end up with kind of layers of complexity with one protocol sitting on top of another protocol on top of another protocol. And what teleport does is for the access control plane, we, we kind of replace the legacy ways of doing authentication authorization and audit with a new modern experience. But we allow you to continue to use the existing tools. >>So we don't replace, for instance, you know, your configuration management system, you can keep using Ansible or, or salt or Jenkins, but teleport now is gonna give those, those scripts or those pipelines in identity that you can define. What, what should Ansible be able to do? Right? If, cuz people are worried about supply chain attacks, if a, if a vulnerable dependency gets introduced into your supply chain pipeline and your kind of Ansible playbook goes crazy and starts deploying that vulnerability everywhere, that's probably something you wanna limit with teleport. You can limit that with an identity, but you can still use the tools that you're, that you're used to. >>So how do I guarantee something like an ex-employee doesn't come in and, and initiate Ansible script that was sitting in the background just waiting to happen until, you know, they left. >>Yeah. Great question. It's there's kind of the, the, the great resignation that's happening. We did a survey where actually we asked the question kind of, you know, can you guarantee that X employees can no longer access your infrastructure? And shockingly like 89% of companies could not guarantee that it's like, wow, that's like that should, that should be a headline somewhere. And we actually just learned that there are on the dark web, there are people that are targeting current employees of Netflix and Uber and trying to buy credentials of those employees to the infrastructure. So it's a big problem with teleport. We solve this in a really easy, transparent way for developers. Everything that we do is based on short lift certificates. So unlike a SSH key, which exists until you decommission it, shortlist certificates by, by default expire. And if you don't reissue them based on a new login based on the identity, then, then you can't do anything. So even a stolen credential kind of the it's value decreases dramatically over time. >>So that statistic or four out of five companies can't guarantee X employees can't access infrastructure. Why is simply removing the employee from the, you know, from the L app or directory decommissioning their login credentials. Why is that not sufficient? >>Well, it, it depends on if everything is integrated into your identity provider and because of the complexities of accessing infrastructure, we know that developers are creative people. And by, by kind of by definition, they're able to create systems to make their lives easier. So one thing that we see developers doing is kind of copying an SSH key to a local notepad on, on their computer. So they essentially can take that credential out of a vault. They can put it somewhere that's easier for them to access. And if you're not rotating that credential, then I can also, you know, copy it to a, to a personal device as well. Same thing for shared admin credentials. So the, the, the issue is that those credentials are not completely managed in a unified way that enables the developer to not go around the system in order to make their lives easier. >>But rather to actually use the system, there's a, there's a market called privilege access management that a lot of enterprises are using to kind of manage credentials for their developers, but it's notoriously disruptive to developer workflows. And so developers kind of go around the system in order to make their jobs easier. What teleport does is we obviate the need to go around the system, cuz the simplest thing is just to come in in the morning, log in one time to my identity provider. And now I have access to all of my servers, all of my databases, all of my Kubernetes clusters with a short lift certificate, that's completely transparent. And does >>This apply to, to your, both your local and your cloud accounts? >>Yes. Yes, exactly. >>So as a security company, what's driving the increase in security breaches. Is it the lack of developer hygiene? Is it this ex-employee great resignation bill. Is it external intruders? What's driving security breaches today. >>Yes. >>It's you know, it's, it's all of those things. I think if I had to put, give you a one word answer, I would say complexity. The systems that we are building are just massively complex, right? Look at how many vendors there are at this show in order to make Kubernetes easy to use, to do what its promises. It's just, we're building very complex systems. When you build complex systems, there's a lot of back doors, we call it kind of a tax surface. And that's why for every new thing that we introduce, we also need to think about how do we remove old layers of the stack so that we can simplify so that we can consolidate and take advantage of the power of something like Kubernetes without introducing security vulnerabilities. >>One of the problems or challenges with security solutions is, you know, you there's this complexity versus flexibility knob that you, you need to be careful of. What's the deployment experience in integration experience for deploying teleport. >>Yeah, it's it, we built it to be cloud native to feel like any other kind of cloud native or Kubernetes like solution. So you basically, you deploy it using helm chart, you deploy it using containers and we take care of all of the auto configuration and auto update. So that it's just, it's, it's part of your stack and you manage it using the same automation that you use to manage everything else. That's a, that's a big kind of installation and developer experience. Part of it. If it's complex to use, then not only are developers not gonna use it. Operations teams are not gonna want to have to deal with it. And then you're left with doing things the old way, which is very unsatisfactory for everybody. >>How does Kubernetes change the security equation? Are there vulnerabilities? It introduces to the, to the stack that maybe companies aren't aware of >>Almost by definition. Yes. Kind of any new technology is gonna introduce new security vulnerabilities. That's the that's that is the result of the complexity, which is, there are things that you just don't know when you introduce new components. I think kind of all of the supply chain vulnerabilities are our way of looking at that, which is we have, you know, Kubernetes is itself built on a lot of dependencies. Those dependencies themselves could have security vulnerabilities. You might have a package that's maintained by one kind of hobbyist developer, but that's actually deployed across hundreds of thousands of applications across, across the internet. So again, it's about one understanding that that complexity exists and then saying, is there a way that we can kind of layer on a solution that provides a common layer to let us kind of avoid that complexity and say, okay, every critical action needs to be authorized with an identity that way if it's automated or if it's human, I have that level of assurance that a hacked Ansible pipeline is not going to be able to introduce vulnerabilities across my entire infrastructure. >>So one of the challenges for CIOs and CTOs, it's the lack of developer resources and another resulting pain point that compounds that issue is rework due to security audits is teleport a source of truth that when a auditor comes in to audit a, a, a, a C I C D pipeline that the developer or, or operations team can just say, Hey, here's, self-service get what you need. And come back to us with any questions or is there a second set of tools we have to use to get that audit and compliance reporting? >>Yeah, it's teleport can be that single source of truth. We can also integrate with your other systems so you can export all of the, what we call access logs. So every, every behavior that took place, every query that was run on a database, every, you know, curl command that was run on a Lennox, host, teleport is creating a log of that. And so you can go in and you can filter and you can view those, those actions within teleport. But we also integrate with other systems that, that people are using, you have its Splunk or Datadog or whatever other tool chain it's really important that we integrate, but you can also use teleport as that single source. So >>You can work with the observability suites that are now being >>Installed. Yeah, there, the, the wonderful thing about kind of an ecosystem like Kubernetes is there's a lot of standardization. You can pick your preferred tool, but under the hood, the protocols for taking a log and putting it in another system are standardized. And so we can integrate with any of the tools that developers are already using. >>So how big is teleport when I'm thinking about a, from a couple of things big as in what's the footprint and then from a developer operations team overhead, is this kind of a set and forget it, how much care feed and maintenance does it >>Need? So it's very lightweight. We basically have kind of two components. There's the, the access proxy that sits in front of your infrastructure. And that's what enables us to, you know, regardless of the complexity that sits across your multi data center footprint, your traditional applications, running on windows, your, your, your modern applications running on, you know, Linux and Kubernetes, we provide seamless access to all of that. And then there's an agent that runs on all of your hosts. And this is the part that can be deployed using yo helm or any other kind of cloud native deployment methodology that enables us to do the, the granular application level audit. For instance, what queries are actually being run on CockroachDB or on, on Postgres, you know, what, what CIS calls are running on Linnux kernel, very lightweight automation can be used to install, manage, upgrade all of it. And so from an operations perspective, kind of bringing in teleport shouldn't be any more complicated than running any application on a container. That's, that's the design goal and what we built for our customers. >>If I'm in a hybrid environment, I'm transitioning, I'm making the migration to teleport. Is this a team? Is this a solution that sits only on the Kubernetes cloud native side? Or is this something that I can trans transition to initially, and then migrate all of my applications to, as I transition to cloud native? >>Yeah. We, there are kind of, no, there are no cloud native dependencies for teleport. Meaning if you are, you're a hundred percent windows shop, then we support for instance, RDP. That's the way in which windows handles room access. If you have some applications that are running on Linux, we can support that as well. If you've got kind of the, you know, the complete opposite in the spectrum, you're doing everything, cloud native containers, Kubernetes, everything. We also support that. >>Well, Michael, I really appreciate you stopping by and sharing the teleport story. Security is becoming an obvious pain point for cloud native and container management. And teleport has a really good story around ensuring compliance and security from Licia Spain. I'm Keith towns, along with Paul Gillon and you're watching the cue, the, the leader, not the, the leader two, the high take tech coverage.

>>To the Seaport in Boston, Massachusetts, everybody's buzzing. The Bruins are playing tonight. They tied it up. The Celtics tied it up last night. We're excited. We don't talk about the red Sox. Red Sox are getting struggles, but you know, we have good distractions. Paul goer is here. He's the president and chief executive officer at red hat and also a Boston fan of great to see, of course, you too. >>Nice to see you guys, you know, it's been a, it's been a while. >><laugh> yeah, we saw you, you know, online and virtually for a couple of years there, but, uh, you know, we've been doing red hat summit for a long, long time. Yeah, of course we were talking earlier. It's just much more intimate, kind of a VIP event, a few more suit jackets here. You know, I got my tie on, so I don't get too much grief. I usually get grief when I wear a tie of red hat summit, but it's a different format this year. Compressed keynotes. Your keynote was great. The new normal, sometimes we call it the new abnormal <laugh>, uh, but you know, how do you feel? >>I, I, I, I feel great. First of all, you know, combination today, virtual audience in, in house audience here today. I think we're gonna see a lot of that in the future. I mean, we designed the event around that and I, I think it, I think it played pretty well. Kudos, kudos to our team. You're right. It's, it's, it's a bit more intimate even the way it was set up, but those are the conversations we like having with our customers and our partners, much more partner centric, uh, as well right now, as well. >>You know, we were talking about, you know, hybrid cloud. It was kind of, you know, it was a good marketing term. And, but now it's, it's, it's become the real thing. I've said many times the, the definition of cloud is changing. It's expanding it's no, the cloud is no longer this remote set of services, you know, somewhere up in the cloud, it's on prem connecting to a cloud across clouds, out to the edge and you need capabilities that work everywhere. And that's what red hat did. The market's just swimming toward you. >>Yeah. I mean, you look at it, you know, I was, uh, you know, if you look at it, you know, the clouds are powerful unto themselves, right? The clouds are powerful unto themselves. They're all different. Right? And that that's, I mean, hardware vendors were, were similar, but different, same thing. You need that connective tissue across, across the whole thing. I mean, as I said, in my keynote today, I remember talking to some of our CIOs and customers 10 years ago and they said, we're going 90% of our apps tomorrow to one cloud. And we knew that wasn't practical because of course the clouds are built from Linux. So we knew it was underneath the hood and, and what's happened. It's taken some time, but as they started to get into that, they started to see, well, maybe one cloud's more suited for one application than the other, these apps. You may have to keep on premise, but you know, what really exploded at the, the, the hybrid thing, the edge. Now they're putting things at the edge, the GM announcement tell you, I know you're gonna talk to Francis. Yeah, yeah. Later. I mean, that's, that's a mini data center in, in every cloud, but that's still under the purview of the CIO, you know? So, so, so that's what hybrid's all about is tying all those pieces together, cuz it got more powerful, but it also more complex. >>You mentioned being the connective tissue, but we don't hear as much talk about multi-cloud seems to me, as we used to this conference has been all about hybrid cloud. You don't really talk about multi-cloud. How important is that to the red hat strategy, being that consistent layer? >>It's probably my mistake or our mistake because multi's more prevalent and more important than just hybrid alone. I mean, hybrid hybrid started from on-premise to one part to any one particular cloud. That was the, the first thought of hybrid. But as I said, as, as, as um, some of the cloud providers became so big, um, every, every CIO I talked to, whether they know whether they know it or not most do are in a multi environment for a whole bunch of reasons, right. You know, one cloud provider might be better in a different part of the world. And another one cloud provider might have a better service than another. Some just don't like to be stuck to one it's it's really hybrid multi. We should, we should train ourselves to every time we say hybrid, say multi, because that's really, that's really what it is. It, I think that happened overnight with, with Microsoft, you know, with Microsoft they've, they've, they've really grown over the last few years, so has Amazon for that matter. But Microsoft really coming up is what really made it a, a high, a multi world. >>Microsoft's remarkable what, what they're doing. But I, I, I have a different thinking on this. I, I heard Chuck Whitten last week at, at the Dell conference he used, he said used the phrase a multicloud, uh, by default versus multi-cloud by design. And I thought that was pretty interesting because I've said that multi-cloud is largely multi-vendor, you know? And so hybrid has implications, right? We, we bring and a shesh came up with a new term today. Metacloud I use Supercloud I like Metacloud better because something's happening, Paul. It feels like there's this layer abstraction layer that the underlying complexity is hidden. Think about OpenShift. Yeah. I could buy, I could get OpenShift for free. Yeah. I mean, I could, and I could cobble together and stitch together at 13, 15 dozens of different services and replicate, but I don't, I don't want that complexity. I want you to hide that complexity. I want, I'd rather spend money on your R and D than my engineering. So something's changing. It feels like >>You buy that. I totally buy that. I mean, you know, I, I, I'm gonna try to not make this sound like a marketing thing because it's not, not fair enough. Right. I mean, I'm engineer at heart, you know that, so, >>Okay. >>I really look to what we're trying to do is we're building a hybrid multi cloud. I mean that we, I look at us as a cloud provider spanning the hybrid multi all the way out to the edge world, but we don't have the data centers in the back. Like the cloud providers do in and by that is you're seeing our products being consumed more like cloud services because that's what our customers are demanding. Our, our products now can be bought out of the various marketplaces, et cetera. You're seeing different business models from us. So, uh, you're seeing, uh, committed spend, for example, like the cloud providers where a customer will buy so much up front and sort of just work it down. You're seeing different models on how they're consumed, consumption, based pricing. These, these are all things that came from the cloud providers and customers buying like that. >>They now want that across their entire environment. They don't wanna buy differently on premise or in one cloud and they don't wanna develop differently. They don't wanna operate differently. They don't wanna have to secure it differently. Security's the biggest thing with, with our, with our customers, because hybrid's powerful, but you no longer have the, you know, your security per perimeter, no longer the walls of your data center. You know, you're, you're responsible as a CIO. You're responsible for every app. Yeah. No matter where it's running, if that's the break in point, you're responsible for that. So that's why we've done things like, you know, we cried stack rocks. We've, we've built it into the container Kubernetes platform that spans those various footprints because you no longer can just do perimeter security because the perimeter is, is very, very, very large right now >>Diffuse. One of the thing on the multi-cloud hyper skills, I, I, red hat's never been defensive about public cloud. You, I think you look at the a hundred billion dollars a year in CapEx spend that's a gift to the industry. Not only the entire it industry, but, but the financial services companies and healthcare companies, they can build their own hybrid clouds. Metacloud super clouds taking advantage of that, but they still need that connective tissue. And that's where >>We products come in. We welcome our customers to go to, to the public cloud. Um, uh, look, it's it's. I said a long time ago, we said a long time it was gonna be a hybrid. Well, I should have said multi anybody said hybrid, then it's gonna be a hybrid world. It is. And it doesn't matter if it's a 20, 80, 80, 20, 40, 60, 60, 40. It's not gonna be a hundred percent anywhere. Yeah. And, and so in that, in that definition, it's a hybrid multi world. >>I wanna change the tune a little bit because I've been covering IBM for 40 years and seen a lot of acquisitions and see how they work. And usually it follows the same path. There's a commitment to leaving the acquire company alone. And then over time that fades, the company just becomes absorbed. Same thing with red hat. It seems like they're very much committed to, to, to leaving you alone. At least they said that upon the acquisition, have they followed through on that promise? >>I have to tell you IBM has followed through on every commitment they've made, made to us. I mean, I, I owe it, I owe a lot of it to Arvin. Um, he was the architect of the deal, right. Um, we've known each other for a long time. Um, he's a great guy. Um, he, uh, he, he believes in it. It's not, he's not just doing it that way because he thinks, um, something bad will happen if he doesn't, he's doing it that way. Cuz he believes in that our ecosystem is what made us. I mean, I mean, even here it's about the partners in the ecosystem. If you look at what made REL people think what made red hat as a company was support, right. Support's really important. Small piece of the value proposition life cycle supports certainly their life cycle a 10 year life cycle just came out of a, a, a customer conference asking about the life cycle and could we extend it to 15 years? You know? Um, the ecosystem is probably the most important part of, of, of, of the, of the overall value proposition. And Arvin knows in IBM knows that, you know, we have to be neutral to be able to do everything the same for all of our ecosystem partners. Some that are IBM's competitors, even. So, >>So we were noticing this morning, I mean, aside from a brief mention of power PC and the IBM logo during, at one point, there was no mention of IBM during the keynote sessions this morning. Is that intentional? Or is that just >>No, no, it it's, it's not intentional. I mean, I think that's part of, we have our strategy to drive and we're, we're driving our, our strategy. We, we, we IBM great partner. We look at them as a partner just as we do our, our many other partners and we won't, you know, we wouldn't, we wouldn't do something with our products, um, for I with IBM that we wouldn't offer to our, our entire ecosystem. >>But there is a difference now, right? I don't know these numbers. Exactly. You would know though, but, but pre 2019 acquisition red hat was just, I think north of 3 billion in revenue growing at maybe 12% a year. Something like that, AR I mean, we hear on the earnings calls, 21% growth. I think he's publicly said you're north of 5 billion or now I don't know how much of that consulting gets thrown in. IBM likes to, you know, IBM math, but still it's a much bigger business. And, and I wonder if you could share with us, obviously you can't dig into the numbers, but have you hired more people? I would imagine. I mean, sure. Like what's been different from that standpoint in terms of the accelerant to your >>Business. Yeah. We've been on the same hiring cycle percentage wise as, as we, we always were. I mean, I think the best way to characterize the relationship and where they've helped is, um, Arvin, Arvin will say, IBM can be opinionated on red hat, but not the other way around <laugh>. So, so what that, what that means is they had a lot of, they had, they had a container based Linux platform. Yeah, right, right. They, they had all their, they were their way of moving to the cloud was that when we came in, they actually stopped that. And they standardized on OpenShift across all of their products. We're now the vehicle that brings the blue software products to the hybrid cloud. We are that vehicle that does it. So I think that's, that's how, that's how they, they look about it. I mean, I know, I mean in IBM consulting, I know, I know they have a great relationship with Microsoft of course. >>Right. And so, so that's, that's how to really look at it. They they're opinionated on us where we not the other way around, but that, but they're a great partner. And even if we're at two separate companies, we'd do be doing all the same things we're doing with them. Now, what they do do for us can do for us is they open a lot of doors in many cases. I mean, IBM's been around for over a hundred years. So in many cases, they're in, in, in the C-suite, we, we may be in the C suite, but we may be one layer down, one, two layers down or something. They, they can, they help us get access. And I think that's been a, a part of the growth as well as is them talking into their, into, into their >>Constituents. Their consulting's one of the FA if not the fastest growing part of their business. So that's kind of the tip of the spear for application modernization, but enough on IBM you said something in your keynote. That was really interesting to me. You said, you, you, you didn't use the word hardware Renaissance, but that my interpretation was you're expecting the next, you know, several years to be a hardware Renaissance. We, we certainly have done relationships with arm. You mentioned Nvidia and Intel. Of course, you've had relationships with Intel for a long time. And we're seeing just the spate of new hardware developments, you know, does hardware matter? I'll ask you, >>Oh, oh, I mean the edge, as I said, you're gonna see hardware innovation out in the edge, software innovation as well. You know, the interesting part about the edge is that, you know, obviously remade red hat. What we did with REL was we did a lot of engineering work to make every hardware architecture when, when it was, when, when the world was just standalone servers, we made every hardware architecture just work out of the box. Right? And we did that in such, because with an open source development model. So embedded in our psyche, in our development processes is working upstream, bringing it downstream 10 years, support all of that kind of thing. So we lit up all that hardware. Now we go out to the edge, it's a whole new, different set of hardware innovation out at the edge. We know how to do that. >>We know how to, we know how to make hardware, innovation safe for the customer. And so we're bringing full circle and you have containers embedded in, in Linux and REL right now as well. So we're actually with the edge, bringing it all full circle back to what we've been doing for 20 plus years. Um, on, on the hardware side, even as a big part of the world, goes to containers and hybrid in, in multi-cloud. So that's why we're so excited about, about, about the edge, you know, opportunity here. That's, that's a big part of where hybrid's going. >>And when you guys talk about edge, I mean, I, I know a lot of companies will talk about edge in the context of your retail location. Okay. That's fine. That's cool. That's edge or telco that that's edge. But when you talk about, um, an in vehicle operating system, right. You know, that's to me the far edge, and that's where it gets really interesting, massive volumes, different architectures, both hardware and software. And a lot of the data may stay. Maybe it doesn't even get persisted. May maybe some comes back to the club, but that's a new >>Ballgame. Well, think about it, right? I mean, you, if you listen, I think you, right. My talk this morning, how many changes are made in the Linux kernel? Right? You're running in a car now, right? From a safety perspective. You wanna update that? I mean, look, Francis talked about it. You'll talk to Francis later as well. I mean, you know, how many, how many in, in your iPhone world Francis talked about this this morning, you know, they can, they can bring you a whole new world with software updates, the same in the car, but you have to do it in such a way that you still stay with the safety protocols. You're able to back things out, things like that. So it's open source, but getting raw upstream, open source and managing itself yourself, I just, I'm sorry. It takes a lot of experience to be able to be able to do those kinds of things. So it's secure, that's insecure. And that's what that's, what's exciting about it. You look at E the telco world look where the telco world came from in the telco world. It was a hardware stack from the hardware firmware operating system, every service, whether it was 9 1, 1 or 4, 1, 1 was its own stack. Yep. In the 4g, 3g, >>4g >>Virtualized. Now, now it's all software. Yeah. Now it's all software all the way out to the cell tower. So now, so, so now you see vendors out there, right? As an application, as a container based application, running out, running in the base of a cell tower, >>Cell tower is gonna be a little mini data >>Center. Yeah, exactly. Because we're in our time here asking quickly, because you've been at red hat a long time. You, you, you, uh, architected a lot of the reason they're successful is, is your responsibility. A lot of companies have tried to duplicate the red hat model, the, the service and support model. Nobody has succeeded. Do you think anybody ever will or will red hat continue to be a unicorn in that respect? >>No, I, I, I think, I think it will. I think open source is making it into all different parts of technology. Now I have to tell you the, the reason why we were able to do it is we stayed. We stayed true to our roots. We made a decision a long time ago that we weren't gonna put a line, say everything below the line was open and above the line was closed. Sometimes it's hard sometimes to get a differentiation with the competition, it can be hard, but we've stayed true to that. And I, to this day, I think that's the thing that's made us is never a confusion on if it's open or not. So that forces us to build our business models around that as well. But >>Do you have a differentiated strategy? Talk about that. What's your what's your differentiation >>Are, are, well, I mean, with the cloud, a differentiation is that common cloud platform across I differentiate strategy from an open source perspective is to, to sort make open source consumable. And, and it's even more important now because as Linux Linux is the base of everything, there's not enough skills out there. So even, even a container platform like open source op like OpenShift, could you build your own? Certainly. Could you keep it updated? Could you keep it updated without breaking all the applications on top? Do you have an ecosystem around it? It's all of those things. It was, it was the support, the, the, the hardening the 10 year to predictability the ecosystem. That was, that was, that is the secret. I mean, we even put the secret out as open. >>Yeah, <laugh> right. Free, like a puppy, as they say. All right, Paul, thanks so much for coming back in the cubes. Great to see you face to face. Nice to see you guys get it. All right. Keep it right there. Dave Valante for Paul Gill, you're watching the cubes coverage of red hat summit, 2022 from Boston. Be right back.

>>Hello, and welcome. Very excited to see everybody here. DockerCon is going fantastic. Everybody's uh, engaging in the chat. It's awesome to see. My name is Peter McKee. I'm the head of developer relations here at Docker and Taber. Today. We're going to be talking about container first development now and in the future. But before we do that, a couple little housekeeping items, first of all, yes, we are live. So if you're in our session, you can go ahead and chat, ask us questions. We'd love to get all your questions and answer them. Um, if you come to the main page on the website and you do not see the chat, go ahead and click on the blue button and that'll die. Uh, deep dive you into our session and you can interact with the chat there. Okay. Without further ado, let's just jump right into it. Katie, how are you? Welcome. Do you mind telling everybody who you are and a little bit about yourself? >>Absolutely. Hello everyone. My name is Katie and currently I am the eco-system advocate at cloud native computing foundation or CNCF. My responsibility is to lead and represent the end-user community. So these are all the practitioners within the cloud native space that are vendor neutral. So they use cloud native technologies to build their services, but they don't sell it. So this is quite an important characteristic as well. My responsibility is to make sure to close the gap between these practitioners and the project maintainers, to make sure that there is a feedback loop around. Um, I have many roles within the community. I am on the advisory board for KIPP finishes, a sandbox project. I'm working with open UK to make sure that Elton standards are used fairly across data, hardware, and software. And I have been, uh, affiliated way if you'd asked me to make sure that, um, I'm distributing a cloud native fundamental scores to make cloud and they do a few bigger despite everyone. So looking forward to this panel and checking with everyone. >>Awesome. Yeah. Welcome. Glad to have you here. Johanna's how are you? Can you, uh, tell everybody a little bit about yourself and who you are? Yeah, sure. >>So hi everybody. My name is Johannes I'm one of the co-founders at get pot, which in case you don't know is an open-source and container based development platform, which is probably also the reason why you Peter reached out and invited me here. So pleasure to be here, looking forward to the discussion. Um, yeah, though it is already a bit later in Munich. Um, and actually my girlfriend had a remote cocktail class with her colleagues tonight and it took me some stamina to really say no to all the Moscow mules that were prepared just over there in my living room. Oh wow. >>You're way better than me. Yeah. Well welcome. Thanks for joining us. Jerome. How are you? Good to see you. Can you tell everybody who you are and a little bit about yourself? Hi, >>Sure. Yeah, so I'm, I, I used to work at Docker and some, for me would say I'm a container hipster because I was running containers in production before it for hype. Um, I worked at Docker before it was even called Docker. And then since 2018, I'm now a freelancer and doing training and consulting around Docker containers, Kubernetes, all these things. So I used to help folks do stuff with Docker when I was there and now I still have them with containers more generally speaking. So kind of, uh, how do we say same, same team, different company or something like that? Yeah. >>Yeah. Perfect. Yeah. Good to see you. I'm glad you're on. Uh, Jacob, how are you? Good to see you. Thanks for joining us. Good. Yeah. Thanks for having me tell, tell everybody a little bit about yourself who you are. >>Yeah. So, uh, I'm the creator of a tool called mutagen, which is an open source, uh, development tool for doing high performance file synchronization and, uh, network forwarding, uh, to enable remote development. And so I come from like a physics background where I was sort of always doing, uh, remote developments, you know, whether that was on a big central clusters or just like some sort of local machine that was a bit more powerful. And so I, after I graduated, I built this tool called mutagen, uh, for doing remote development. And then to my surprise, people just started using it to use, uh, with Docker containers. And, uh, that's kind of grown into its primary use case now. So I'm, yeah, I've gotten really involved with the Docker community and, uh, talked with a lot of great people and now I'm one of the Docker captains. So I get to talk with even more and, and join these events and yeah, but I'm, I'm kind of focused on doing remote development. Uh, cause I, you know, I like, I like having all my tools available on my local machine, but I also like being able to pull in a little bit more powerful hardware or uh, you know, maybe a software that I can't run locally. And so, uh, that's sort of my interest in, in Docker container. Yeah. Awesome. >>Awesome. We're going to come back to that for sure. But yeah. Thank you again. I really appreciate you all joining me and yeah. So, um, I've been thinking about container first development for a while and you know, what does that actually mean? So maybe, maybe we can define it in our own little way. So I, I just throw it out to the panel. When you think about container first development, what comes to mind? What w what, what are you kind of thinking about? Don't be shy. Go ahead. Jerome. You're never a loss of words >>To me. Like if I go back to the, kind of the first, uh, you know, training engagements we did back at Docker and kind of helping folks, uh, writing Dockerfiles to stop developing in containers. Um, often we were replacing, um, uh, set up with a bunch of Vagrant boxes and another, like the VMs and combinations of local things. And very often they liked it a lot and they were very soon, they wanted to really like develop in containers, like run this microservice. This piece of code is whatever, like run that in containers because that means they didn't have to maintain that thing on their own machine. So that's like five years ago. That's what it meant to me back then. However, today, if you, if you say, okay, you know, developing in containers, um, I'm thinking of course about things like get bought and, uh, I think it's called PR or something like that. >>Like this theme, maybe that thing with the ESCO, that's going to run in a container. And you, you have this vs code thing running in your browser. Well, obviously not in your browser, but in a container that you control from your browser and, and many other things like that, that I, I think that's what we, where we want to go today. Uh, and that's really interesting, um, from all kinds of perspectives, like Chevy pair pairing when we will not next to each other, but actually thousands of miles away, um, or having this little environment that they can put aside and come back to it later, without it having using resource in my machine. Um, I don't know, having this dev service running somewhere in the cloud without needing something like, it's at the rights that are like the, the possibilities are really endless. >>Yeah. Yeah. Perfect. Yeah. I'm, you know, a little while ago I was, I was torn, right. W do I spin up containers? Do I develop inside of my containers? Right. There's foul sinking issues. Um, you know, that we've been working on at Docker for a while, and Jacob is very, very familiar with those, right? Sometimes it, it becomes hard, but, and I, and I love developing in the cloud, but I also have this screaming, you know, fast machine sitting on my desktop that I think I should take advantage of. So I guess another question is, you know, should we be developing inside of containers? Is that a smart thing to do? Uh, I'd love to hear you guys' thoughts around that. >>You know, I think it's one of those things where it's, you know, for me container first development is really about, um, considering containers as sort of a first class citizen in, in terms of your development toolkit, right. I mean, there's not always that silver bullet, that's like the one thing you should use for everything. You know, you shouldn't, you shouldn't use containers if they're not fitting in or adding value to your workflow, but I think there's a lot of scenarios that are like, you know, super on super early on in the development process. Like as soon as you get the server kind of running and working and, you know, you're able to access it, you know, running on your local system. Uh that's I think that's when the value comes in to it to add containers to, you know, what you're doing or to your project. Right. I mean, for me, they're, um, they're more of a orchestrational tool, right? So if I don't have to have six different browser tabs open with like, you know, an API server running at one tab and a web server running in another tab and a database running in another tab, I can just kind of encapsulate those and, and use them as an automation thing. So I think, you know, even if you have a super powerful computer, I think there's still value in, um, using containers as, as a orchestrational mechanism. Yeah. Yeah, >>For sure. I think, I think one of the, one of my original aha moments with Docker was, oh, I can spin up different versions of a database locally and not have to install it and not have to configure it and everything, but, you know, it just ran inside of a container. And that, that was it. Although it's might seem simple to some people that's very, very powerful. Right. So I think being able to spin things up and containers very quickly is one of the super benefits. But yeah, I think, uh, developing in containers is, is hard right now, right. With, um, you know, and how do you do that? Right. Does anybody have any thoughts around, how do you go about that? Right. Should you use a container as just a development environment, so, you know, creating an image and then running it just with your dev tools in it, or do you just, uh, and maybe with an editor all inside of it, and it's just this process, that's almost like a VM. Um, yeah. So I'll just kick it back to the panel. I'd love to hear your thoughts on, you know, how do you set up and configure, uh, containers to develop in any thoughts around that? >>Maybe one step back again, to answer your question, what kind of container first development mean? I think it doesn't mean, um, by default that it has to be in the cloud, right? As you said, um, there are obvious benefits when it comes to the developer experience of containers, such as, I dunno, consistency, we have standardized tools dependencies for the dev side of things, but it also makes their dev environment more similar to all the pipeline that is somehow happening to the right, right. So CIC D all the way to production, it is security, right? Which also somehow comes with standardization. Um, but vulnerability scanning tools like sneak are doing a great job there. And, um, for us, it gets pod. One of the key reasons why we created get pod was literally creating this peace of mind for deaths. So from a developer's point of view, you do not need to take care anymore about all the hassle around setups and things that you will need to install. >>And locally, based on some outdated, REIT me on three operating systems in your company, everybody has something different and leading to these verbs in my machine situations, um, that really slow professional software developers down. Right. Um, back to your point, I mean, with good pod, we obviously have to package everything together in one container because otherwise, exactly the situation happens that you need to have five browser tabs open. So we try and leverage that. And I think a dev environment is not just the editor, right? So a dev environment includes your source code. It includes like a powerful shell. It includes file systems. It includes essentially all the tools you need in order to be productive databases and so on. And, um, yeah, we believe that should be encapsulated, um, um, in a container. >>Yeah. Awesome. Katie, you talked to a lot of end users, right. And you're talking to a lot of developers. What, what's your thoughts around container first development, right? Or, or what's the community out there screaming or screaming. It might be too to, uh, har you know, to, to two grand of the word. Right. But yeah, I love it. I love to hear what your, your thoughts. >>Absolutely. So I think when you're talking about continuing driven development, uh, the first thing that crosses my mind is the awareness of the infrastructure or the platform you're going to run your application on top of, because usually when you develop your application, you'd like to replicate as much as possible the production or even the staging environment to make sure that when you deploy your application, you have us little inconsistencies as possible, but at the same time, you minimize the risk for something to go wrong as well. So when it talking about the, the community, um, again, when you deploy applications and containers and Kubernetes, you have to use, you have awareness about, and probably apply some of the best practices, like introducing liveliness and readiness probes, to make sure that your application can restart in, in case it actually goes down or there's like a you're starving going CPU or something like that. >>So, uh, I think when it comes to deployment and development of an application, the main thing is to actually improve the end developer experience. I think there has been a lot of focus in the community to develop the tool, to actually give you the right tool to run application and production, but that doesn't necessarily, um, go back to how the end developer is actually enabling that application to run into that production system. So I think there has been, uh, this focus for the community identified now, and it's more, more, um, or trying to build momentum on enhancing the developer experience. And we've seen this going through many, uh, where we think production of many tools did what has been one of them, which actually we can have this portable, um, development environment if you choose so, and you can actually replicate them across different teams in different machines, which is actually quite handy. >>But at the same time, we had tools such as local composts has been a great tool to run locally. We have tool such as carefully, which is absolutely great to automatically dynamically upload any changes to how within your code. So I think all of these kinds of tools, they getting more matured. And again, this is going back to again, we need to enhance our developer experience coming back to what is the right way to do so. Um, I think it really depends on the environment you have in production, because there's going to define some of the structures with the tool and you're going to have internally, but at the same time, um, I'd like to say that, uh, it really depends on, on what trucks are developing. Uh, so it's, it's, I would like to personally, I would like to see a bit more diversification in this area because we might have this competitive solutions that is going to push us to towards a new edge. So this is like, what definitely developer experience. If we're talking about development, that's what we need to enhance. And that's what I see the momentum building at the moment. >>Yeah. Yeah. Awesome. Jerome, I saw you shaking your head there in agreement, or maybe not, but what's your thoughts? >>I was, uh, I was just reacting until 82. Uh, it depends thinking that when I, when I do training, that's probably the answer that I gave the most, uh, each time somebody asks, oh, should we do diesel? And I was also looking at some of the questions in the chat about, Hey, the, should we like have a negatory in the, in the container or something like that. And folks can have pretty strong opinions one way or the other, but as a ways, it kind of depends what we do. It also depends of the team that we're working with. Um, you, you could have teams, you know, with like small teams with folks with lots of experience and they all come with their own Feb tools and editorials and plugins. So you know that like you're gonna have PRI iMacs out of my cold dead hands or something like that. >>So of course, if you give them something else, they're going to be extremely unhappy or sad. On the other hand, you can have team with folks who, um, will be less opinionated on that. And even, I don't know, let's say suddenly you start working on some project with maybe a new programming language, or maybe you're targeting some embedded system or whatever, like something really new and different. And you come up with all the tools, even the ADE, the extensions, et cetera, folks will often be extremely happy in that case that you're kind of giving them a Dettol and an ADE, even if that's not what they usually would, uh, would use, um, because it will come with all of the, the, the nice stage, you know, the compression, the, um, the, the, the bigger, the, whatever, all these things. And I think there is also something interesting to do here with development in containers. >>Like, Hey, you're going to start working on this extremely complex target based on whatever. And this is a container that has everything to get started. Okay. Maybe it's not your favorites editor, but it has all the customization and the conserver and whatever. Um, so you can start working right away. And then maybe later you, we want to, you know, do that from the container in a way, and have your own Emacs, atom, sublime, vs code, et cetera, et cetera. Um, but I think it's great for containers here, as well as they reserve or particularly the opportunity. And I think like the, that, that's one thing where I see stuff like get blood being potentially super interesting. Um, it's hard for me to gauge because I confess I was never a huge ID kind of person had some time that gives me this weird feeling, like when I help someone to book some, some code and you know, that like with their super nice IDE and everything is set up, but they feel kind of lost. >>And then at some point I'm like, okay, let's, let's get VI and grep and let's navigate this code base. And that makes me feel a little bit, you know, as this kind of old code for movies where you have the old, like colorful guy who knows going food, but at the end ends up still being obsolete because, um, it's only a going for movies that whole good for masters and the winning right. In real life, we don't have conformance there's anymore mentioned. So, um, but part of me is like, yeah, I like having my old style of editor, but when, when the modern editorial modern ID comes with everything set up and configured, that's just awesome. That's I, um, it's one thing that I'm not very good at sitting up all these little things, but when somebody does it and I can use it, it's, it's just amazing. >>Yeah. Yeah. I agree. I'm I feel the same way too. Right. I like, I like the way I've I have my environment. I like the tools that I use. I like the way they're set up. And, but it's a big issue, right? If you're switching machines, like you said, if you're helping someone else out there, they're not there, your key bindings aren't there, you can't, you can't navigate their system. Right? Yeah. So I think, you know, talking about, uh, dev environments that, that Docker's coming out with, and we're, you know, there's a lot, there, there's a, it's super complex, all these things we're talking about. And I think we're taking the approach of let's do something, uh, well, first, right. And then we can add on to that. Right. Because I think, you know, setting up full, full developed environments is hard, right. Especially in the, the, um, cloud native world nowadays with microservices, do you run them on a repo? >>Do you not have a monitor repo? Maybe that would be interesting to talk about. I think, um, you know, I always start out with the mono repos, right. And you have all your services in there and maybe you're using one Docker file. And then, because that works fine. Cause everything is JavaScript and node. And then you throw a little Python in there and then you throw a little go and now you start breaking things out and then things get too complex there, you know, and you start pulling everything out into different, get repos and now, right. Not everything just fits into these little buckets. Right. So how do you guys think maybe moving forward, how do we attack that night? How do we attack these? Does separate programming languages and environments and kind of bring them all together. You know, we, we, I hesitate, we solve that with compose around about running, right about executing, uh, running your, your containers. But, uh, developing with containers is different than running containers. Right. It's a, it's a different way to think about it. So anyway, sorry, I'm rattling on a little bit, but yeah. Be interesting to look at a more complex, uh, setup right. Of, uh, of, you know, even just 10 microservices that are in different get repos and different languages. Right. Just some thoughts. And, um, I'm not sure we all have this flushed out yet, but I'd love to hear your, your, you guys' thoughts around that. >>Jacob, you, you, you, you look like you're getting ready to jump there. >>I didn't wanna interrupt, but, uh, I mean, I think for me the issue isn't even really like the language boundary or, or, um, you know, a sub repo boundary. I think it's really about, you know, the infrastructure, right? Because you have, you're moving to an era where you have these cloud services, which, you know, some of them like S3, you can, you can mock up locally, uh, or run something locally in a container. But at some point you're going to have like, you know, cloud specific hardware, right? Like you got TPS or something that maybe are forming some critical function in your, in your application. And you just can't really replicate that locally, but you still want to be able to develop against that in some capacity. So, you know, my, my feeling about where it's going to go is you'll end up having parts of your application running locally, but then you also have, uh, you know, containers or some other, uh, element that's sort of cohabitating with, uh, you know, either staging or, or testing or production services that you're, uh, that you're working with. >>So you can actually, um, you know, test against a really or realistic simulation or the actual, uh, surface that you're running against in production. Because I think it's just going to become untenable to keep emulating all of that stuff locally, or to have to like duplicate these, you know, and, you know, I guess you can argue about whether or not it's a good thing that, that everything's moving to these kind of more closed off cloud services, but, you know, the reality of situation is that's where it's going to go. And there's certain hardware that you're going to want in the cloud, especially if you're doing, you know, machine learning oriented stuff that there's just no way you're going to be able to run locally. Right. I mean, if you're, even if you're in a dev team where you have, um, maybe like a central machine where you've got like 10 or 20 GPU's in it, that's not something that you're going to be able to, to, to replicate locally. And so that's how I kind of see that, um, you know, containers easing that boundary between different application components is actually maybe more about co-location, um, or having different parts of your application run in different locations, on different hardware, you know, maybe someone on your laptop, maybe it's someone, you know, AWS or Azure or somewhere. Yeah. It'd be interesting >>To start seeing those boundaries blur right. Working local and working in the cloud. Um, and you might even, you might not even know where something is exactly is running right until you need to, you know, that's when you really care, but yeah. Uh, Johanas, what's your thoughts around that? I mean, I think we've, we've talked previously of, of, um, you know, hybrid kind of environments. Uh, but yeah. What, what's your thoughts around that? >>Um, so essentially, yeah, I think, I mean, we believe that the lines between cloud and local will also potentially blur, and it's actually not really about that distinction. It's just packaging your dev environment in a way and provisioning your dev environment in a way that you are what we call always ready to coat. So that literally, um, you, you have that for the, you described as, um, peace of mind that you can just start to be creative and start to be productive. And if that is a container potentially running locally and containers are at the moment. I think, you know, the vehicle that we use, um, two weeks ago, or one week ago actually stack blitz announced the web containers. So potentially some things, well, it's run in the browser at some point, but currently, you know, Docker, um, is the standard that enables you to do that. And what we think will happen is that these cloud-based or local, um, dev environments will be what we call a femoral. So it will be similar to CIS, um, that we are using right now. And it doesn't literally matter, um, where they are running at the end. It's just, um, to reduce friction as much as possible and decrease and yeah, yeah. Essentially, um, avoid or the hustle that is currently involved in setting up and also managing dev environments, um, going forward, which really slows down specifically larger teams. >>Yeah. Yeah. Um, I'm going to shift gears a little bit here. We have a question from the audience in chat, uh, and it's, I think it's a little bit two parts, but so far as I can see container first, uh, development, have the challenges of where to get safe images. Um, and I was going to answer it, but let me keep it, let me keep going, where to get safe images and instrumentation, um, and knowing where exactly the problem is happening, how do we provide instrument instrumentation to see exactly where a problem might be happening and why? So I think the gist of it is kind of, of everything is in a container and I'm sitting outside, you know, the general thought around containers is isolation, right. Um, so how do I get views into that? Um, whether debugging or, or, or just general problems going on. I think that's maybe a broader question around the, how you, you know, you have your local hosts and then you're running everything containers, and what's the interplay there. W what's your thoughts there? >>I tend to think that containers are underused interactively. I mean, I think in production, you have this mindset that there's sort of this isolated environment, but it's very, actually simple to drop into a shell inside of a container and use it like you would, you know, your terminal. Um, so if you want to install software that way, you know, through, through an image rather than through like Homebrew or something, uh, you can kind of treat containers in that way and you can get a very, um, you know, direct access to the, to the space in which those are running in. So I think, I think that's maybe the step one is just like getting rid of that mindset, that, that these are all, um, you know, these completely encapsulated environments that you can't interact with because it's actually quite easy to just Docker exec into a container and then use it interactively >>Yeah. A hundred percent. And maybe I'll pass, I'm going to pass this question. You drone, but maybe demystify containers a little bit when I talked about this on the last, uh, panel, um, because we have a question in the, in the chat around, what's the, you know, why, why containers now I have VMs, right? And I think there's a misunderstanding in the industry, uh, about what, what containers are, we think they're fair, packaged stuff. And I think Jacob was hitting on that of what's underneath the hood. So maybe drown, sorry, for a long way to set up a question of what, what, what makes up a container, what is a container >>Is a container? Well, I, I think, um, the sharpest and most accurate and most articulate definition, I was from Alice gold first, and I will probably misquote her, but she said something like containers are a bunch of capsulated processes, maybe running on a cookie on welfare system. I'm not sure about the exact definition, but I'm going to try and, uh, reconstitute that like containers are just processes that run on a Unix machine. And we just happen to put a bunch of, um, red tape or whatever around them so that they are kind of contained. Um, but then the beauty of it is that we can contend them as much, or as little as we want. We can go kind of only in and put some actual VM or something like firecracker around that to give some pretty strong angulation, uh, all we can also kind of decontam theorize some aspects, you know, you can have a container that's actually using the, um, the, um, the network namespace of the host. >>So that gives it an entire, you know, wire speed access to the, to the network of the host. Um, and so to me, that's what really interesting, of course there is all the thing about, oh, containers are lightweight and I can pack more of them and they start fast and the images can be small, yada yada, yada. But to me, um, with my background in infrastructure and building resilient, things like that, but I find really exciting is the ability to, you know, put the slider wherever I need it. Um, the, the, the ability to have these very light containers, all very heavily, very secure, very anything, and even the ability to have containers in containers. Uh, even if that sounds a little bit, a little bit gimmicky at first, like, oh, you know, like you, you did the Mimi, like, oh, I heard you like container. >>So I put Docker when you're on Docker. So you can run container for you, run containers. Um, but that's actually extremely convenient because, um, as soon as you stop building, especially something infrastructure related. So you challenge is how do you test that? Like, when we were doing.cloud, we're like, okay, uh, how do we provision? Um, you know, we've been, if you're Amazon, how do you provision the staging for us installed? How do you provision the whole region, Jen, which is actually staging? It kind of makes things complicated. And the fact that we have that we can have containers within containers. Uh, that's actually pretty powerful. Um, we're also moving to things where we have secure containers in containers now. So that's super interesting, like stuff like a SIS box, for instance. Um, when I saw that, that was really excited because, uh, one of the horrible things I did back in the days as Docker was privileged containers, precisely because we wanted to have Docker in Docker. >>And that was kind of opening Pandora's box. That's the right, uh, with the four, because privileged containers can do literally anything. They can completely wreck up the machine. Um, and so, but at the same time, they give you the ability to run VPNs and run Docker in Docker and all these cool things. You can run VM in containers, and then you can list things. So, um, but so when I saw that you could actually have kind of secure containers within containers, like, okay, there is something really powerful and interesting there. And I think for folks, well, precisely when you want to do development in containers, especially when you move that to the cloud, that kind of stuff becomes a really important and interesting because it's one thing to have my little dev thing on my local machine. It's another thing when I want to move that to a swarm or Kubernetes cluster, and then suddenly even like very quickly, I hit the wall, which is, oh, I need to have containers in my containers. Um, and then having a runtime, like that gets really intense. >>Interesting. Yeah, yeah, yeah. And I, and jumping back a bit, um, yeah, uh, like you said, drum at the, at the base of it, it containers just a, a process with, with some, uh, Abra, pardon me, operating constructs wrapped around it and see groups, namespaces those types of things. But I think it's very important to, for our discussion right. Of, uh, developers really understanding that, that this is just the process, just like a normal process when I spin up my local bash in my term. Uh, and I'm just interacting with that. And a lot of the things we talk about are more for production runtimes for securing containers for isolating them locally. I don't, I don't know. I'll throw the question out to the panel. Is that really relevant to us locally? Right. Do we want to pull out all of those restrictions? What are the benefits of containers for development, right. And maybe that's a soft question, but I'd still love to hear your thoughts. Maybe I'll kick it over to you, Katie, would you, would you kick us off a little bit with that? >>I'll try. Um, so I think when, again, I was actually thinking of the previous answers because maybe, maybe I could do a transition here. So, interesting, interesting about containers, a piece of trivia, um, the secrets and namespaces have been within the Linux kernel since 2008, I think, which just like more than 10 years ago, hover containers become popular in the last years. So I think it's, it's the technology, but it's about the organization adopting this technology. So I think why it got more popular now is because it became the business differentiator organizations started to think, how can I deliver value to my customers as quickly as possible? So I think that there should be this kind of two lane, um, kind of progress is the technology, but it's at the same time organization and cultural now are actually essential for us to develop, uh, our applications locally. >>Again, I think when it's a single application, if you have just one component, maybe it's easier for you to kind of run it locally, have a very simple testing environment. Sufficient is a container necessary, probably not. However, I think it's more important when you're thinking to the bigger picture. When we have an architecture that has myriads of microservices at the basis, when it's something that you have to expose, for example, an API, or you have to consume an API, these are kind of things where you might need to think about a lightweight set up within the containers, only local environment to make sure that you have at least a similar, um, environment or a configuration to make sure that you test some of the expected behavior. Um, I think the, the real kind of test you start from the, the dev cluster will like the dev environment. >>And then like for, for you to go to staging and production, you will get more clear into what exactly that, um, um, configuration should be in the end. However, at the same time, again, it's, it's more about, um, kind of understanding why you continue to see this, the thing, like, I don't say that you definitely need containers at all times, but there are situations when you have like, again, multiple services and you need to replicate them. It's just the place to, to, to work with these kind of, um, setups. So, um, yeah, really depends on what you're trying to develop here. Nothing very specific, unfortunately, but get your product and your requirements are going to define what you're going to work with. >>Yeah, no, I think that's a great answer, right. I think one of the best answers in, in software engineering and engineering in general as well, it depends. Right. It's things are very specific when we start getting down to the details, but yeah, generally speaking, you know, um, I think containers are good for development, but yeah, it depends, right. It really depends. Is it helping you then? Great. If it's hindering you then, okay. Maybe think what's, what's the hindrance, right. And are containers the right solution. I agree. 110% and, >>And everything. I would like absurd this too as well. When we, again, we're talking about the development team and now we have this culture where we have the platform and infrastructure team, and then you have your engineering team separately, especially when the regulations are going to be segregated. So, um, it's quite important to understand that there might be a, uh, a level of up-skilling required. So pushing for someone to use containers, because this is the right way for you to develop your application might be not, uh, might not be the most efficient way to actually develop a product because you need to spend some time to make sure that the, the engineering team has the skills to do so. So I think it's, it's, again, going back to my answers here is like, truly be aware of how you're trying to develop how you actually collaborate and having that awareness of your platform can be quite helpful in developing your, uh, your publication, the more importantly, having less, um, maybe blockers pushing it to a production system. >>Yeah, yeah. A hundred percent. Yeah. The, uh, the cultural issue is, is, um, within the organization, right. Is a very interesting thing. And it, and I would submit that it's very hard from top down, right. Pushing down tools and processes down to the dev team, man, we'll just, we'll just rebel. It usually comes from the bottom up. Right. What's working for us, we're going to do right. And whether we do it in the shadows and don't let it know, or, or we've conformed, right. Yeah. A hundred percent. Um, interesting. I would like to think a little bit in the future, right? Like, let's say, I don't know, two, three years from now, if, if y'all could wave a and I'm from Texas. So I say y'all, uh, if you all could wave a magic wand, what, what, what would that bring about right. What, what would, what would be the best scenario? And, and we just don't have to say containers. Right. But, you know, what's the best development environment and I'm going to kick it over to you, Jacob. Cause I think you hinted at some of that with some hybrid type of stuff, but, uh, yeah. Implies, they need to keep you awake. You're, you're, you're, uh, almost on the other side of the world for me, but yeah, please. >>Um, I think, you know, it's, it's interesting because you have this technology that you've been, that's been brought from production, so it's not, um, necessarily like the right or the normal basis for development. So I think there's going to be some sort of realignment or renormalization in terms of, uh, you know, what the, what the basis and the abstractions that we're using on a daily basis are right. Like images and containers as they exist now are really designed for, um, for production use cases. And, and in terms of like, even even the ergonomics of opening a shell inside a container, I think is something that's, um, you know, not as polished or not as smooth as it could be because they've come from production. And so I think it's important, like not to, not to have people look at, look at the technology as it exists now and say like, okay, this is slightly rough around the edges, or it wasn't designed for this use case and think, oh, there's, you know, there's never any way I could use this for, for my development of workflows. >>I think it's, you know, it's something Docker's exploring now with, uh, with the, uh, dev containers, you know, it's, it's a new, and it's an experimental paradigm and it may not be what the final picture looks like. As, you know, you were saying, there's going to be kind of a baseline and you'll add features to that or iterate on that. Um, but I think that's, what's interesting about it, right? Cause it's, there's not a lot of things as developers that you get to play with that, um, that are sort of the new technology. Like if you're talking about things you're building to ship, you want to kind of use tried and true components that, you know, are gonna, that are going to be reliable. But I think containers are that interesting point where it's like, this is an established technology, but it's also being used in a way now that's completely different than what it was designed for. And, and, you know, as hackers, I think that's kind of an interesting opportunity to play with it, but I think, I think that's, what's going to happen is you're just going to see kind of those production, um, designed, uh, knobs kind of sanded down or redesigned for, for development. So that's kind of where I see it going. >>Yeah. Yeah. And I think that's what I was trying to hint out earlier is like, um, yeah, just because all these things are there, does it actually mean we need them locally? Right. Do they make sense? I, I agree. A hundred percent, uh, anybody else drawn? What are your thoughts around that? And then, and then, uh, I'll probably just ask all of you. I'd love to hear each of your thoughts of the future. >>I had a thought was maybe unrelated, but I was kind of wondering if we would see something on the side of like energy efficiency in some way. Um, and maybe it's just because I've been thinking a lot about like climate change and things like that recently, and trying to reduce like the, uh, the energy use energy use and things like that. Perhaps it's also because I recently got a new laptop, which on paper is super awesome, but in practice, as soon as you try to have like two slack tabs and a zoom call, you know, it's super fast, both for 30 seconds. And after 30 seconds, it blows its thermal budget and it's like slows down to a crawl. And I started to think, Hmm, maybe, you know, like before we, we, we were thinking about, okay, I don't have that much CPU available. So you have to be kind of mindful about that. >>And now I wonder how are we going to get in something similar to that, but where you try to save CPU cycles, not just because you don't have that many CPU cycles, but more because you know, that you can't go super fast for super long when you are on one of these like small laptops or tablets or phones, like you have this demo budget to take into account. And, um, I wonder if, and how like, is there something where goaltenders can do some things here? I guess it can be really interesting if they can do some the equivalent of like Docker top and Docker stats. And if I could see, like how much what's are these containers using, I can already do that with power top on Linux, for instance, like process by process. So I'm thinking I could see what's the power usage of, of some containers. Um, and I wonder if down the line, is this going to be something useful or is this just silly because we can just masquerade CPU usage for, for Watson and forget about it. >>Yeah. Yeah. It was super, super interesting, uh, perspective for sure. I'm going to shut up because I want to, I want to give, make sure I give Johannes and Katie time. W w what are your thoughts of the future around, let's just say, you know, container development in general, right? You want, you want to start absolutely. Oh, honest, Nate. Johns wants more time. I say, I'll try not to. Beneficiate >>Expensive here, but, um, so one of the things that we've we've touched upon earlier in the panel was multicloud strategy. And I was reading one of the data reports from it was about the concept of Kubernetes from gamer Townsville. But what is working for you to see there is that more and more organizations are thinking about multicloud strategy, which means that you need to develop an application or need an infrastructure or a component, which will allow you to run this application bead on a public cloud bead, like locally in a data center and so forth. And here, when it comes to this kind of, uh, maybe problems we come across open standards, this is where we require something, which will allow us to execute our application or to run our platform in different environments. So when you're thinking about the application or development of the application, one of the things that, um, came out in 2019 at was the Oakland. >>Um, I wish it was Kybella, which is a, um, um, an open application model based application, which allows you to describe the way you would like your service to be executed in different environments. It doesn't need to be well developed specifically for communities. However, the open application model is specialized. So specialized tries to cover multiple platforms. You will be able to execute your application anywhere you want it to. So I think that that's actually quite important because it completely obstructs what is happening underneath it, completely obstructs notions, such as containers, uh, or processes is just, I want this application and I want to have this kind of behavior is so example of, to scale in this conditions or to, um, to be exposed for these, uh, end points and so forth. And everything that I would like to mention here is that maybe this transcends again, the, uh, the logistics of the application development, but it definitely will impact the way we run our applications. >>So one of the biggest, well, one of the new trends that is kind of gaining momentum now has been around Plaza. And this is again, something which is trying to present what we have the on containers. Again, it's focusing on the, it's kind of a cyclical, um, uh, action movement that we have here. When we moved from the VMs to containers, it was smaller footprint. We want like better execution, one, this agnosticism of the platforms. We have the same thing happening here with Watson, but again, it consents a new, um, uh, kind of, well, it teaches in you, uh, in new climax here, where again, we shrink the footprint of the cluster. We have a better isolation of all the services. We have a better trend, like portability of how services and so forth. So there is a great potential out there. And again, like why I'm saying this is some of these technologies are gonna define the way we're gonna do our development of the application on our local environment. >>That's why it's important to kind of maybe have an eye there and maybe see if some of those principles of some of those technologies we can bring internally as well. And just this, like a, a final thought here, um, security has been mentioned as well. Um, I think it's something which has been, uh, at the forefront, especially when it comes to containers, uh, especially when it comes to enterprise organizations and those who are regulated, which I feel come very comfortable to run their application within a VM where you have the full isolation, you can do what we have complete control of what's happening inside that compute. So, um, again, security has been at the forefront at the moment. So I know it has mentioned in the panel before. I'd like to mention that we have the security white paper, which has been published. We have the software supply chain, white paper as well, which twice to figure out or define some of these good practices as well, again, which you can already apply from your development environment and then propagate them to production. So I'm just going to leave, uh, all of these. That's all. >>That's awesome. And yeah, well, while is very, very interesting. I saw the other day that, um, and I forget who it was, maybe, maybe all can remember, um, you know, running, running the node, um, engine inside of, you know, in Walzem inside of a browser. Right. And, uh, at first glance I said, well, we already have a JavaScript execution engine. Right. And it's kind of like Docker and Docker. So you have, uh, you know, you have the browser, then, then you have blossom and then you have a node, you know, a JavaScript runtime. And, and I didn't understand was while I was, um, you know, actually executing is JavaScript and it's not, but yeah, it's super interesting, super powerful. I always felt that the browser was, uh, Java's what write once run anywhere kind of solution, right. That never came about, they were thinking of set top, uh, TV boxes and stuff like that, which is interesting. >>I don't know, you'll some of the history of Java, but yeah. Wasm is, is very, I'm not sure how to correctly pronounce it, but yeah, it's extremely interesting because of the isolation in that boxing. Right. And running powerful languages that were used to inside of a more isolated environment. Right. And it's almost, um, yeah, it's kind of, I think I've mentioned it before that the containers inside of containers, right. Um, yeah. So Johannes, hopefully I gave you enough time. I delayed, I delayed as much as I can. My friend, you better, you better just kidding. I'm just kidding, please, please. >>It was by the way, stack let's and they worked together with Google and with Russell, um, developing the web containers, it's called there's, it's quite interesting. The research they're doing there. Yeah. Yeah. I mean, what we believe and I, I also believe is that, um, yeah, probably somebody is doing to death environments, what Docker did to servers and at least that good part. We hope that somebody will be us. Um, so what we mean by that is that, um, we think today we are still somehow emotionally attached to our dev environments. Right. We give them names, we massage them over time, which can also have its benefits, but it's, they're still pets in some way. Right. And, um, we believe that, um, environments in the future, um, will be treated similar like servers today as automated resources that you can just spin up and close down whenever you need them. >>Right. And, um, this trend essentially that you also see in serverless, if you look at what kind of Netlify is doing a bit with preview environments, what were sellers doing? Um, there, um, we believe will also arrive at, um, at Steph environments. It probably won't be there tomorrow. So it will take some time because if there's also, you know, emotion involved into, in that, in that transition, but ultimately really believe that, um, provisioning dev environments also in the cloud allows you to leverage the power of the cloud and to essentially build all that stuff that you need in order to work in advance. Right? So that's literally either command or a button. So either, I don't know, a command that spins up your local views code and SSH into, into a container, or you do it in a browser, um, will be the way that professional development teams will develop in the future. Probably let's see in our direction of document, we say it's 2000 to 23. Let's see if that holds true. >>Okay. Can we, can, we let's know. Okay. Let's just say let's have a friendly bet. I don't know that's going to be closed now, but, um, yeah, I agree. I, you know, it's my thought around is it, it's hard, right? Th these are hard. And what problems do you tackle first, right? Do you tackle the day, one of, uh, you know, of development, right. I joined a team, Hey, here's your machine? And you have Docker installed and there you go, pull, pull down your environment. Right. Is that necessarily just an image? You know, what, what exactly is that sure. Containers are involved. Right. But that's, I mean, you, you've probably all gone through it. You joined a team, new project, even open-source project, right there. There's a huge hurdle just to get everything configured, to get everything installed, to get it up and running, um, you know, set aside all understanding the code base. >>Cause that's a different issue. Right. But just getting everything running locally and to your point earlier, Jacob of around, uh, recreating, local production cues and environments and, you know, GPS or anything like that, right. Is extremely hard. You can't do a lot of that locally. Right. So I think that's one of the things I'd love to see tackled. And I think that's where we're tackling in dev environments, uh, with Docker, but then now how do you become productive? Right. And where do we go from there? And, uh, and I would love to see this kind of hybrid and you guys have been all been talking about it where I can, yes. I have it configured everything locally on my nice, you know, apple notebook. Right. And then, you know, I go with the family and we go on vacation. I don't want to drag this 16 inch, you know, Mac laptop with me. >>And I want to take my nice iPad with the magic keyboard and all the bang stuff. Right. And I just want to fire up and I pick up where I left off. Right. And I keep coding and environment feels, you know, as much as it can that I'm still working at backup my desktop. I think those, those are very interesting to me. And I think reproducing, uh, the production running runtime environments as close as possible, uh, when I develop my, I think that's extremely powerful, extremely powerful. I think that's one of the hardest things, right. It's it's, uh, you know, we used to say, we, you debug in production. Right. We would launch, right. We would do, uh, as much performance testing as possible. But until you flip that switch on a big, on a big site, that's where you really understand what is going to break. >>Right. Well, awesome. I think we're just about at time. I really, really appreciate everybody joining me. Um, it's been a pleasure talking to all of you. We have to do this again. If I, uh, hopefully, you know, I I'm in here in America and we seem to be doing okay with COVID, but I know around the world, others are not. So my heart goes out to them, but I would love to be able to get out of here and come see all of you and meet you in person, maybe break some bread together. But, um, again, it was a pleasure talking to you all, and I really appreciate you taking the time. Have a good evening. Cool. >>Thanks for having us. Thanks for joining us. Yes.

>> From around the globe, It's theCUBE. With digital coverage of IBM Think 2021, brought to you by IBM. >> Hi, welcome back to theCUBE's coverage of IBM Think 2021 virtual. I'm John Furrier host of the CUBE. We got a great guest here. Brian Bouchard is the co-founder president and CEO of Alacrinet. Brian great to see you remoting in all the way from Puerto Rico to Palo Alto. >> That's right. >> Great to see you. >> Thanks for First of all, thanks John, for having me. I really appreciate the opportunity. >> Yeah, great to see you. Thanks for coming on. First of all, before we get into what you guys do and and how this all ties in to Think. What do you guys do at Alacrinet? Why the name? A it's good you're at the top of the list and alphabetically, but tell us the, the, the the secret behind the name and what you guys do. >> So, first of all Alacrinet is based on the root word alacrity which means a prompt and willing, a prompt a joyous prompt to, excuse me, to achieve a common goal. So we ultimately are a network of individuals with the traits of alacrity. So Alacrinet. So that's our name. >> Great. So what's your relationship with IBM and how you guys have been able to leverage the partnership program in the marketplace? Take us through the relationship. >> So, well, first of all Alacrinet is a platinum IBM business partner and it was awarded recently the 2020 IBM North American partner of the year award. And we were selected amongst 1600 other business partners across North America. We've been actually a consulting, an IT consulting company for almost 20 years now. And we were founded in 2002 in Palo Alto and we have focused specifically on cyber security since 2013. And then as part, go ahead. >> What are some of the things that you guys are working on? Because obviously, you know, the business is hot right now. Everyone's kind of looking at COVID saying we're going to double down on the most critical projects and no time for leisurely activities when it comes to IT. And cloud scale projects, you know mission critical stuff's happening what are you guys working on? >> So we're, we're focused on cybersecurity, our security services really compliment IBM's suite of security solutions and cover the full spectrum from our research and penetration testing, which helps identify vulnerabilities before a breach occurs. And we also have managed security services which helps prevent, detect and remediate attacks in real time. And then finally, we also have a security staffing division and a software resell division, which kind of rounds out the full amount of offerings that we have to provide protection for our clients. >> What are some of the biggest challenges you guys have as a business, and how's IBM helping you address those? >> Well, as you know, John, we all know the importance of cybersecurity in today's world, right? So it's increasing in both demand and importance and it's not expected to wane anytime soon. Cyber attacks are on the rise and there's no there's no expected end in sight to this. And in fact, just this week on 60 minutes, Jay Powell, the chairman of the federal reserve board he noted that cyber attacks were the number one threat to the stability of the US economy. Also this week, a public school in Buffalo New York was hacked with ransomware and the school you know, this, the school district is just contemplating you know, paying the ransom to the hackers. So there's literally thousands of these attacks happening every day, whether it's in local school district or a state government, or an enterprise even if you don't hear about them, they're happening In adding to the complexity that the cyber attackers pose is the complexity of the actual cybersecurity tools themselves. There isn't a single solution provider or a single technology, that can ensure a company's security. Our customers need to work with many different companies and disconnected tools and processes to build an individual strategy that can adequately protect their organizations. >> You know, I love this conversation whenever I talk to practitioners on cybersecurity, you know that first of all, they're super smart, usually cyber punks and they also have some kinds of eclectic backgrounds, but more importantly is that there's different approaches in terms of what you hear. Do you, do you put more if you add more firefighters, so to speak to put out the fires and solve the problems? Or do you spend your time preventing the fires from happening in the first place? You know, and you know, the buildings are burning down don't make fire fire, don't make wood make fire resistance, you know, more of a priority. So there's less fires needing firefighters So it's that balance. You throw more firefighters at the problem or do you make the supply or the material the business fireproof, what's your take on that? >> Yeah, well, it kind of works both ways. I mean, we've seen customers want it. They really want choice. They want to, in some cases they want to be the firefighter. And in some cases they want the firefighter to come in and solve their problems. So, the common problem set that we're seeing with our that our customers encounter is that they struggle one, with too many disparate tools. And then they also have too much data being collected by all these disparate tools. And then they have a lack of talent in their environment to manage their environments. So what we've done at Alacrinet is we've taken our cybersecurity practice and we've really specifically tailored our offerings to address these core challenges. So first, to address the too many disparate tools problem, we've been recommending that our clients look at security platforms like the IBM Cloud Pak for security the IBM Cloud Pak for security is built on a security platform that allows interoperability across various security tools using open standards. So our customers have been responding extremely positively to this approach and look at it as a way to future-proof their investments and begin taking advantage of interoperability with, and, tools integration. >> How about where you see your business going with this because, you know, there's not a shortage of need or demand How are you guys flexing with the market? What's the strategy? Are you going to use technology enablement? You're going to more human driven. Brian, how do you see your business unfolding? >> Well, actually really good. We're doing very well. I mean, obviously we made the, the top the business partner for IBM in 2020. They have some significant growth and a lot of interest. I think we really attack the market in a, in a with a good strategy which was to help defragment the market if you will. There's a lot of point solutions and a lot of point vendors that various, you know, they they spent specialized in one piece of the whole problem. And what we've decided to do is find them the highest priority list, every CSO and CIO has a tick list. So that how that, you know, first thing we need we need a SIM, we need an EDR, we need a managed service. We need, what's the third solution that we're doing? So we, we need some new talent in-house. So we actually have added that as well. So we added a security staffing division to help that piece of it as well. So to give you an idea of the cybersecurity market size it was valued at 150 billion in 2019 and that is expected to grow to 300 billion by 2027. And Alacrinet is well-positioned to consolidate the many fragmented aspects of the security marketplace and offer our customers more integrated and easier to manage solutions. And we will continue to help our customers select the best suite of solutions to address all types of cybersecurity, cybersecurity threats. >> You know, it's it's such a really important point you're making because you know, the tools just have piled up in the tool shed. I call it like that. It's like, it's like you don't even know what's in there anymore. And then you've got to support them. Then the world's changed. You get cloud native, the service areas increasing and then the CSOs are also challenged. Do I, how many CLAWs do I build on? Do I optimize my development teams for AWS or Azure? I mean, now that's kind of a factor. So, you have all this tooling going on they're building their own stuff they're building their own core competency. And yet the CSO still needs to be like maintaining kind of like a relevance list. That's almost like a a stock market for the for the products. You're providing that it sounds like you're providing that kind of service as well, right? >> Yeah, well, we, we distill all of the products that are out there. There's thousands of cybersecurity products out there in the marketplace and we kind of do all that distillation for the customer. We find using, you know, using a combination of things. We use Forrester and Gartner and all the market analysts to shortlist our proposed solutions that we offer customers. But then we also use our experience. And so since 2013, we've been deploying these solutions across organizations and corporations across America and we've, we've gained a large body of experience and we can take that experience and knowledge to our customers and help them, you know, make make some good decisions. So they don't have to, you know, make them go through the pitfalls that many companies do when selecting these types of solutions. >> Well congratulations, you've got a great business and you know, that's just a basic search making things easier for the CSO, more so they can be safe and secure in their environment. It's funny, you know, cyber warfare, you know the private companies have to fight their own battles got to build their own armies. Certainly the government's not helping them. And then they're confused even with how to handle all this stuff. So they need, they need your service. I'm just curious as this continues to unfold and you start to see much more of a holistic view, what's the IBM angle in here? How, why are you such a big partner of theirs? Is it because their customers are working with you they're bringing you into business? Is it because you have an affinity towards some of their products? What's the connection with IBM? >> All of the above. (chuckles) So I think it probably started with our affinity to IBM QRadar product. And we have, we have a lot of expertise in that and that solution. So that's, that's where it started. And then I think IBM's leadership in this space has been remarkable, really. So like what's happening now with the IBM Cloud Pak for security you know, building up a security platform to allow all these point solutions to work together. That's the roadmap we want to put our customers on because we believe that's the that's the future for this, this, this marketplace. >> Yeah. And the vision of hybrid cloud having that underpinning be with Red Hat it's a Linux kernel, model of all things >> Yeah. Super NetEase. >> Locked in >> It's portable, multiple, you can run it on Azure. IBM Cloud, AWS. It's portable. I mean, yeah, all this openness, as you probably know cyber security is really a laggard in the security in the information technology space as far as adopting open standards. And IBM is I think leading that charge and you'll be able to have a force multiplier with the open standards in this space. >> Open innovation with open source is incredible. I mean, if you, if, if if open source can embrace a common platform and build that kind of control plane and openness to allow thriving companies to just build out then you have an entire hybrid distributed architecture. >> Yeah. Well, I think companies want to use the best in breed. So when we, when we show these solutions to customers they want the best in breed. They always say, I don't, when it comes to security they don't want second best. They want the best it's out there because they're securing their crown jewels. So that makes sense. So the problem with, you know having all these different disparate solutions that are all top in their category none of them talk to each other. So we need to address that problem because without that being solved, this is just going to be more it's going to compound the complexity of the problems we solve day to day. >> Awesome. Congratulations, Brian, great story. You know entrepreneur built a great business over the years. I think the product's amazing. I think that's exactly what the market needs and just shows you what the ecosystem is all about. This is the power of the ecosystem. You know, a thousand flowers are blooming. You got a great product. IBM is helping as well. Good partnership, network effects built in and and still a lot more to do. Congratulations. >> Absolutely. >> Okay. >> Thank you very much >> Brian Bouchard >> Made my impression. I appreciate that >> Thanks for coming on theCUBE Appreciate it. I'm John Furrier with IBM thinks 2021 virtual coverage. Thanks for watching. (outro music plays)

>> Narrator: From around the globe, It's the CUBE with digital coverage of next level network experience event. (upbeat music) Brought to you by Infoblox. >> Everyone welcome back to the CUBE's coverage and co-hosting of the Infoblox next level networking experience virtual event. With a pop up event, only a few hours, but four great segments. Officer Stu Miniman helped me kick it off this morning, and Stu, I want to bring you in, Stu Miniman who's the... He host for the CUBE, covering networking with me Stu we do all the cloud native shows. We can, we can smell what's relevant, and I want to get your take on this, because, Infoblox putting out some pretty good content with some great guests. But, next level networking, let's just unpack that, next level networking and next level networking experience. The word experience changes the context of that definition, because going the next level with networking is one thing, having an experience is another, just what's your take, you seen, we talk about this all the time, what's your take? >> Yeah, so John, one of the words that we've talked about so much is, how do we simplify this environment? Networking is known for its complexity. Too often, it's, stuck down in protocols and just the arcane arts that I don't want to think about. Networking at its best, is just going to work. And I don't want to think about it, so, if I'm adopting SaaS models, if I'm going cloud native, it should, tie into everything else we're doing. What I was hearing, the themes, John, and the interviews you discussed, they're talking about SaaS, they're talking about cloud native, things like visibility, moving real time, really changes so much of these environments, so, IP addresses used to be a lot more static. We know now, things just change constantly and that's one of the big challenges. How do I monitor that environment? How do I keep them secure? And that's where modern environments need to go to the next level to be able to keep up with all of those changes. >> The word experience means something to me in a sense, I think contemporary, right? I think something new, relevant and cool, and still we're old enough to remember the '80s and '90s, and I was coming out of college late '80s, and I remember I never had a punch, I never did any program with a punch card. I was kind of the young gun, coming into the workforce with a technical degree, and I remember looking at the mainframe guys going, "who are those old relics?" And they, those guys hung onto their job as long as they could, and the smart ones moved and said, "Hey, I'm going to jump on this mini computer bandwagon, Oh, there's inter networking and local area networking that the PC toys are attaching to, that's interesting." And so you had a migration of systems talent move to the new, the new way. Some didn't, and I look at that and I say, hmm, that's similar to what's going on in networking, if you're the old networking guy or gal, and you're hugging onto the router, or you're hugging onto that old way, you could be extinct, because there is a new experience coming. It's programmable, it's automation, it's different. It's not, the big, old way, similar to the mainframe. So, a lot of psychology in this networking industry right now is, and the young people come in. It's like, why we do it that way? This to me is about next level networking, experience. Your reaction to that. >> Yeah, well, John, it's been interesting here in 2020, you talk about the acceleration of things moving, people that were dipping their toe in cloud and have to move in a matter of weeks, if not, hours and days to get things up and running. So, leveraging software, open source is a big component of what a lot of companies are doing, and of course, cloud and that cloud experience means in the public cloud and edge environments, you talked a bit about IOT in some of these cases, the order of magnitude of networking challenges that are out there are such that I have to have automation, it needs to be simpler because I could not do things the manual old way. John, I lived through so many generations, you work with people in the networking, it's manually done. It was done via CLI, because I knew how to do it. Maybe I did some scripting, but in today's day and era, things change too fast and the amount of work that needs to be done is so much so that that's why automation needs to be front and center. And you see Infoblox, as some of their new solutions, especially leveraging SnapRoute take advantage of the modern way that people need to do things. >> Well, we actually did a deep dive on SnapRoute and it was super impressive, again, I thought it was way too early, but they were doing some stuff with Kubernetes thinking, just thinking like Linux kernel, low level thinking. And I think Stu, this is what I want to get your thoughts on, because in the industry we cover Cisco aggressively. We saw them by open DNS, manage services versus low level, we got automation, you got Amazon out there, I mean, hell I can just have a screen that goes in and manages my DNS in the cloud, I can start thinking differently about how I wire my services together, if I think about Amazon, for instance, or hybrid and multicloud, this a whole new level of thinking. And, these are going to be new solutions, and this is the theme that came up and it's come up across every single major vendor, whether we're talking the Google cause they have a pretty damn good network. You got Cisco, you've got, all these people out there, they got to reinvent themselves. And, new expectations require new solutions. This has been something that's clearly coming out of the COVID, that, you know what I like working from home, I'm more productive. We don't need the real estate costs, wait, why do we even need a VPN? Why we over-provisioned? What are we paying for? Let's just build and secure. So again, all these projects are going to come out of the woodwork, I think that they're going to create a new vendor, a new brand or new opportunity because, these new solutions need to come because of the demand has been highlighted by COVID and other cloud scale. What's your thoughts on that, because this may not be your grandfather's networking company that comes out of the woodwork, It might be a cloud app. >> Yeah, well John, first of all, I think you nailed it. You look at a company like Infoblox, founded back in the .com era, back in 1999 and dominant in their space. So, they're not here saying, oh, we're the tried and trusted company that you work with, and you shouldn't try that new Fangled, Kubernetes piece or anything like that. It's not ready for prime time. As you said, they're getting, they're looking to skate where, to where the pack is going, they're aggressively going after these environments to make sure that they maintain their leadership in this environment. And, you're absolutely right, for the longest time, generally in networking, you were talking about, it was Cisco and everybody else out there, but now the cloud is such a big piece of what's going on, we've seen chip acquisitions by the big Hyperscalers, we've seen how they build their environments, and in many ways there's been consolidation, but there's also been dis-aggregation. So, the fundamental layer, but like what Infoblox has with their DDI stack, is something that customers need, I need to make sure my identity and my IP is something that I can manage wherever I am in all of these environment. >> It's funny Stu, we joke about SD-WAN, and now that's the internet and you think about the internet, one constant in all of it is you got to move packets from point a to point B and store a packet in a storage device, and ultimately you need to have to resolve addresses. And DNS, as old as it is, is fundamentally the standard, and a lot of people take it for granted, so to me, DNS has survived. It's a low level building block, but as things evolve, new abstraction layers come up, and I think we'll see more. I mean, I think there'll be a new naming system on how to deal with different scale across multicloud. And I think, Amazon is talking about it. We hear Ava Trix talking about it, we hear, things going on within Google talking about it, so, I think you're going to start to see new levels of innovation because, that's where the packets are moving, that's what the bad guys are, and you can't cover your footprints if you're trying to get in there. So, huge change is coming will be on it, And the CUBE we'll be monitoring it, as always, we can see the waves coming, Stu, what do you see? What's your future ball, tell you, as we come out of COVID, networking world, cloud collision, multicloud, apps, microservices, all this massive wave, what's your take, What's going to happen? >> Well yeah John, we've talked so much, It's those builders out there, how do I make sure that I can build my application, allow my users to access things wherever they are. The shift we hear for post COVID, it goes from work from home to work from anywhere. So, we were not going to see everybody just go back to the pre COVID era, this will have a lasting impact, and especially from a networking standpoint, we were starting to look at how does 5G and IOT change the way we think of networking? This just accelerates what we Needed to look at. Some networking technologies, take a long time to go through their maturation and standards, but being able to manage my entire environment, be able to spin up my new applications, and as you said John, DNS, like identity is something that is a fundamental piece that I need to make sure is rock solid so that I can get my employees access to the information while still keep things secure. >> Well, when you click on a link, that's malware, that's DNS, so this is where the action is, and people got to preserve it. Stu, We're going to be covering it, we're going to be watching all the waves, and again, this the CUBE on top of the big wave of networking and as networking evolves, I just still, I just still think, it's one big IOT world now, and it's an internet of things. They're all connected, there's no perimeter, it's borderless. This is going to change the game. I think in the next 18 months, we're going to see really different connected experiences and whoever can deliver them, will be the winner. Of course, we'll be watching it, go to siliconangle.com. We have a special report on next gen networking, Rob hope from Paul Gillin are constantly reporting, Stu has been getting a ton of great interviews, and again, we're getting the stories out, during COVID-19, with our remote interviews. Thanks for watching the CUBE, for the special next level networking experience event by Infoblox. (upbeat music)

>> From theCUBE studios in Palo Alto and Boston, connecting with thought-leaders all around the world, this is a Cube Conversation. >> Hi everybody, this is Dave Vellante. Welcome to this Cube Conversation. We're really excited to have Wim Coekaerts in, he is the senior vice-president of software development at Oracle. Wim, it's great to have you on, and, you know I often say I wish we were face-to-face but if we were you'd have to cut off my tie, cause developers and ties just don't go together. >> No, I know, and this is my normal outfit, so this is me wherever I go. Hi again, good to see you. >> Yeah, great to see you. So, of course, you know a lot of people are confused about Oracle, and open-source, they say "Oracle? Open-source? What is that all about?" But I think you're misunderstood. People don't, first of all, realize you as the leader of the software-development community inside of Oracle, I mean, you've been involved in Linux since the early 90s. But you guys have a lot of committers, you do a lot. I want to talk about that. What is up with Oracle, and open-source? >> Ah, well, it's a broad question. So, you know, a couple of things. One is, we have many different areas within the company that are dealing with open-source. So we have the cloud team doing a lot of stuff around cloud SDKs and support for different languages like Python and Go, and of course Java and so forth, so they do a lot around ensuring that the Oracle ecosystem is integrated in the open-source tools that customers use, or developers use, Terraform companies and so forth. And then you have the Java team, and so forth. Java is open-source and then the Graal project, GraalVM which is a polyglot compiler that can run Java, and Python, and Javascript and so forth together in one. VM do really cool optimizations, that's an open-source project, also on GitHub. There's of course MySQL, which is along with Java, they're probably the two most popular and widely used open-source projects out there. There's VirtualBox which is of course also a very popular project that's open-source. There's all the work we do around Linux. And I think one of the things is that, when you have so many different areas, doing things that are for that area, then as a developer or as a customer, you typically just deal with that group. And what you see is, oh you're talking to the Java developers, so you know what's going on around Java. The Java developers might not necessarily say, "Oh well we also do MySQL, and we do Linux and VirtualBox and so forth," and so you get a rather myopic, narrow view of the larger company. When you add all these things up, and there will be one big slide that says "This is Oracle, these are all these open source projects," and there's multiple ways. One is, we have projects that we've open-sourced and all the code came from us and we made it publicly available, we're the main contributor and we get contributions back. There are other projects where we contribute to third-party in terms of enhancing things, like I said with the Cloud Team, and then in general something like Linux where we're part of an external project and we participate in development of that project at large. And so there's these three different ways, when you count up all the developers that we have that deal with open-source on a daily basis. And in terms of contributions, in terms of bug fixes, testing, and so forth, it's thousands, literally, full-time paid developers. And of course, all the projects are all either on GitHub or similar sites that are very popular. So yeah, I think the misunderstood is probably a lack of knowledge of the breadth of what we do. And, you know, our primary goal is to provide services and products to customers, and so the open-source part is sort of embedded in a development methodology. But that's not something we sell or market separately, we just work with customers and products and services, and so in some cases it's not well-understood. >> Yeah. Well, we're talking of course, we're talking about the state of the penguin, I think it's important for people to understand, Oracle got into the Linux game in the 90s, maybe the latter part of the 90s and Oracle, of course, wants to make Linux-- wants to make Oracle, it's applications and database run better on Linux, but as you're pointing out, your Linux distro, full support, end-to-end, thousands of people in your open-source community, and the contributions that you make to Linux, many if not most, they go upstream, everybody can benefit from those, but of course you want an Oracle distro that is going to make Oracle stuff run better, that's always kind of been the Oracle way. >> Well, so, yes, two things though. One is, so everything we do is upstream. So we have no Linux patches that are not contributed upstream; There's no proprietary code in Oracle Linux at all, it's all completely open, publicly available: the source code, the change log, all the commits, it's fully open and public, which sometimes is not well-understood, but it's completely open. And, everything we do in terms of feature development or functionality or bug fixes goes upstream to the Linux kernel mail-list. It's actually, it's the only way to be able to manage a Linux distribution and be a Linux vendor is to live in that eco-system. Otherwise, the cost of maintaining your own fork, so to speak, is very high and it doesn't really solve the problem. Now, the functionality we work on obviously is focused on making Oracle products run better, making Oracle Cloud run better, and so forth. However, again, what's important to understand, though, is an Oracle database is a program running on an operating system. It does IO, it does networking, it deals with memory management, lots of processing. So, for the most part, the things that we work on to improve that helps everyone out, right? It helps every other database run better, or helps every other language run better. So none of these changes are specific to Oracle, they're just things that we found doing performance benchmarks and testing and so forth, where we say "Hey, if Linux did the following, it would make boot-up faster. Now boot-up has nothing to do with the database. But our customers run on 1-terabyte, 4-terabyte, 8-terabyte systems, and so booting up, and Linux starting up, and cleaning up memory takes a long time. So we want to reduce that from an availability point of view. So here, we're now talking about just enterprise for you. So there's this broad set of things we work on that definitely help us, but they're actually really completely generic and help everyone out. >> Yeah, that's great. So I wanted to kind of get that out of the way and help our audience understand that. So let's get into it a little bit; What are you seeing, what's going on in IT, pick your observation space and your vision of what you see happening out there. >> Well, you know, it's very interesting, it's sort of, there's two... there's sort of two worlds, right, there's the cloud world and the move to cloud, and there's the on-premises world, where people run their systems on their own. And, one of the things that we've learned is, when you talk about machine-learning, obviously, is something that's very popular these days, and automation. And so in order to rely on machine-learning well, and have algorithms that are very effective, you need lots of data. And so being a cloud vendor, and having Linux in our cloud on tens of thousands, or hundreds of thousands of servers, or more, allows us to have a view of how an operating system works across an incredibly large scale. So we get lots of data. And so for us to figure out which algorithms work well in terms of how can we do network optimizations, how can we discover anomalies on the storage site, and deal with it and so forth, we can do that at scale. And what's interesting is, how do we then bring that on-prem? Well, if we can get the data and the learning done, the training done, in our cloud directly, then when we provide that service also for people running Oracle Linux on premises then that will work. The alternative is to have point solutions where you provide something to a customer, and he needs to learn something from small amounts of data. That doesn't work so well. So I think having both worlds, on-prem and cloud directly, allows us to kind of benefit from that. And I think that's important, because lots of customers are interested in going to cloud. Many of the enterprises have not yet. You know, they're starting, but there's still a huge on-premises space that's important. And so by being able to get them familiar with how these things work at scale, autonomy is again important, right, Autonomous Database is incredibly popular and so forth, that allows us to then say, "Here, try these things out here, it's a service. We can show you the benefits right away," and then as that improves we bring that, to a certain extent, on-premises as well. And then they can have it in both places. And that, I think, is something, again, that's relatively unique but also very important, is that we want to provide services and products that act similarly on-premises as well as in cloud, because at some point when people move we want to make that transition seamless. And what you have today for the most part is one world that's on-prem, and then the cloud world is completely different. And that is a big barrier of moving, and so we want to reduce that, we can run the same operating system local as well as cloud, you can the same functionality, and then that helps transition people over much easier. >> Yeah, well Oracle actually was one of the -- I think Oracle was the first company to actually market same-same, you actually used that term. Others put forth that concept, but Oracle was the first to announce products like Cloud at Customer, that were same-same, now it took some time to actually get it perfected, and get it to market, but the point is, and we've written about this, is Oracle, because of the ascendancy of cloud, flipped and has a cloud-first mentality, and you just kind of referenced that, you just said, "And you can bring that to on-prem." So I wonder if you could talk about that cloud-first mentality, and the impact on hybrid. >> So yeah, I think the cloud-first part is of course in cloud we work on services moreso than products that we deliver. And there's a number of things that are happening. So one is that we obviously continue to provide products to customers, you can download Oracle Linux, you can download the database and what not, you can install it on your own, you can do the traditional way of working. Then in the cloud-world, what typically happens is "Oh, I use a database service. I'm not installing anything, I push a button and I get an IP address and a SQL that connects extremely quickly to the database." And we take care of everything underneath that is on this database. Now, in order to do that, you need a whole infrastructure in place, you need log-in agents, you need a back-end that captures all that stuff, you need monitoring tools, you need all the automation scripts for bringing the service up and monitor it. And so, that takes a lot of time to do right, and we learn a lot by doing this. And so the cloud-first part of these services means that we get to experience this ourselves with direct access to everything. Now taking that service with all of the additional features like autonomy, and bringing that to an on-premises world, we have to make sure we can package that so that all these pieces around it go along with it. And that takes a little bit more time, so we can do everything at the same time. And so what we've done with Autonomous Database is we created everything in Oracle Cloud, we have the whole system running really well, and then we've been able to sort of package that and shrink it into something that can be installed on-premises, but then connected into Oracle Cloud again. And so that way we can get all the telemetry over the metric, and that allows us to scale. Because part of providing a cloud service that runs on-prem in the customer environment is that we need to be able to remotely manage that similar to how that runs in our own cloud. Right, otherwise it doesn't scale. And so that takes a little bit of time, but we've done all that work, and now with Cloud at Customer Database that's really in place. >> Yeah, you really want to have that same cloud experience, whether with on-prem, in the public cloud, hybrid, et cetera. So, I want to explore a little bit more who is using Oracle Linux, and what's the driver for using it. Can you describe maybe some of the types of customers and why they buy? >> Sure, so we started this fourteen years ago, in 2006, October 25th, 2006. I remember that day very well; Penguins on stage and a big launch for Oracle Linux in San Francisco Moscone Center. So, look, the initial driver for Oracle Linux was to ensure that Oracle database customers or Oracle product customers had a good operating system experience, and the ability to be able to handle critical issues when that occurs, because typically a database runs the company's critical data: the most essential stuff that a company has is typically in a database, an Oracle database. And so when that thing has issues with the operating system, you don't want just to talk to multiple vendors and have finger-pointing, and having to explain to an operating system vendor how the database works. In the Unix world, we had a good relationship with the OS vendors, and the hardware vendors, they were the same. And they knew our products really well, and in the Linux world, that was very different. The OS vendor basically did not want to understand or learn anything about the products living on top. And so while to a certain extent that makes sense, it's an enterprise world where time is of the essence, and downtime needs to be limited absolutely. We can't have these arguments and such. And that was the driver, initially, for doing Oracle Linux. It was to ensure there was a Linux distribution really backed by us, that we could fix, that we could fully support. That was completely the original intent. And so the early customer base was database customers. Database and middleware. Mostly database. But that has then evolved quickly, and so what happened was, people say "Look, I have a thousand servers, a hundred run Oracle, so we'll run Oracle Linux on those hundred, and we'll run something else on those other nine-hundred." Now after a year or so, they realize that our support is really good; We fix all these issues, and so then they're like "Why are we having two Linux distributions? This thing works really well, it runs any application, it's fully compatible, so we'll do a thousand with Oracle Linux." And so the early days, the first few years, was definitely Oracle Database as the core driver, and then it sort of expanded to the rest of the estate. And over the years, we've added lots of features and functionality, like Ksplice, and so forth. We have an attractive pricing model for running on servers, and so now lots of our customers have a very small Oracle percentage running and many other things running. So it's really become a all-or-nothing play in the Linux space, and we're well-known now, so it's actually very good. >> You just mentioned Ksplice. We've been talking about cloud, and on-prem, and hybrid. Let's talk about security, because security really is a differentiator, particularly if you're going to start to put stuff in the cloud. Talk about Ksplice specifically, but generally security and your policy there. >> So, "Security first" is sort of what you hear us say and do, in everything we do. The database obviously security, on the Linux site security matters. Ksplice as a technology is there to do critical bug-fixing and make sure that we can apply security vulnerability fixes without affecting the customer, and not have downtime. And if you look at most of the cases or many of the cases where you have security vulnerabilities and exploits, it tends to be because systems were not patched. Why were they not patched? Well not that our customer doesn't understand that it's important, but it's a whole train of events that needs to happen. You have to, you get notified that there's a security issue in your operating system or application. Then, well, an application typically means it's a multi-layered setup. So if you have to bring your database server down, then you first have to coordinate with the application users to bring the app server down, cause that talks to the database. So to patch one system, you basically have to bring down the whole application stack. You have to negotiate with the DBAs, you have to negotiate with the app admins, you have to negotiate with the user. It takes weeks to do that and find time. Well during that time, you're vulnerable. So the only way, really, to address security in a scalable and reducing that window of time is to do it without affecting the customer. And so Casewise is something that, it's a company we acquired in 2009, and have since evolved in terms of capabilities, and so it allows us to patch the Linux terminal without downtime. We lock the kernel for 8 microseconds. It's literally no downtime. You don't have to bring down applications, the user doesn't see it, there's no hang, there's no delay. And so by doing that, you can run a Linux operating system, or gLinux, and you can be fully patched on a system that hasn't rebooted for 3 years. You don't even know it. And so by doing that type of stuff, it makes customers more secure, and it avoids them-- It saves them a lot of money in terms of dealing with project management and so forth, but it really keeps them secure. And so we do that for the Linux kernel, we do that for some of the libraries on top that are critical like OpenSSL and 2 LVC, and, you know one example-- I can give you two examples. So one example is, Heartbleed was this bug in OpenSSL a number of years ago. And so everyone had to patch their SSH server. And that meant, basically, systems around the world had to reboot. Like a whole IT reboot across the world. With Ksplice today, if Heartbleed were to happen tomorrow, we would be able to patch this online for all the Oracle Linux customers without any downtime. No reboots, no restarting of applications, everything keeps running. The amount of money saved would be massive, and also, of course, the headache. Another example is, and this was in Oracle Cloud, when some of these CPU bugs that happened a few years ago that were rather damaging on the cloud side, where you could basically see memory potentially of other CPUs running, the cloud is incredibly critical. We were basically able to basically patch our entire cloud in four hours. And the customer didn't know, right, a hundred and twenty million patches, or something, that we applied within four hours, all online, without any downtime. And so that technology has been really helpful, both for us to run our cloud, but the exact same patches and same fixes go to customers on-premises as well. But this comes back to the whole, what we do in cloud we also do for customer. And I think that's a unique thing that we have at Oracle which is quite fascinating. The operating system we run for our customers, the operating system that's the host part of VMs, is the exact same binary and source code that we make available, just to be clear, the exact same binaries are the ones that you run as a customer on-premises. So if you run Oracle Linux with KVM, you run VMs, you're actually running the exact same stuff as we run underneath our customer's stuff. Nobody else does that, everyone else has a black box. So I think that helps a little bit with transparency as well. >> Yeah, and that homogeneity just creates an environment, you're talking about that sort of security mindset, it's critical, you're not just bolting it on, it's part of the culture. But you started your career, and then of course you were a Linux person when you came to Oracle, but then I think you spent some time in database, back in the day when there were serious database wars going on, before Oracle became the king of database. So now you've got, obviously, this great portfolio, and a lot of really sharp software developers; What should we expect going forward, from Oracle? What should we look for? >> You know, I was talking to some, I was welcoming some interns to the company, for their summer internship yesterday, and one of the things I mentioned to them was that -- so cloud obviously gives us a lot of opportunities, but there's a number of things. One is, we have such a breadth of applications and software and hardware together. We have the servers, we have the storage, we have the operating systems, we have the database layer and so forth, and we have the cloud side, and one of the great opportunities, and I think we've shown a lot of this happening with the ability to create something like Autonomous Database, is to combine all these things. Right, we have such a broad portfolio of really cool technology that by itself is okay, but if you combine the things it really becomes awesome. You cannot create autonomous database without having autonomous learning. You cannot create those two and make them really safe without also controlling the firmware on the hardware and so forth. So by being able to combine all these layers, and by having a really great relationship across the teams within the company, that opens up a lot of opportunities to do stuff really quickly. And having the scale for that. I think that has been, for the last few years, a really great thing, but I can see that being one of the advantages that we have going forward. We have Oracle Fusion Applications, which is incredibly popular, and has great growth, and then we have that running on Oracle Cloud, that talks to Oracle Autonomous Database, so we bring all these pieces together. And no other SaaS vendor can do that, because they don't have these other pieces. They have one area, we have all of them. And so that's the exciting part for me, it's not so much about making my own world better, and having Linux be better, and Casewise and so forth, which is important, but that becoming part of the bigger picture. And that's the exciting part. >> Well, Oracle's always invested in RND, we've made that point many, many times. Whether it's database, you know Fusion was a painful but worthy effort, the whole public cloud piece, obviously many acquisitions, but the investments that you've made in open-source as well, Wim, you're a great spokesperson, and a great representative of the open-source community generally, and then Oracle specifically, so thanks very much for coming on theCUBE and sharing with us the state of the penguin, and best of luck. >> You're welcome. Thank you, thanks for having me. >> Alright, and thank you for watching, everybody. This is Dave Vellante for theCUBE. We'll see you next time. (cheerful music).

>> From theCUBE studios in Palo Alto and Boston, connecting with thought-leaders all around the world, this is a Cube Conversation. >> Hi everybody, this is Dave Vellante. Welcome to this Cube Conversation. We're really excited to have Wim Coekaerts in, he is the senior vice-president of software development at Oracle. Wim, it's great to have you on, and, you know I often say I wish we were face-to-face but if we were you'd have to cut off my tie, cause developers and ties just don't go together. >> No, I know, and this is my normal outfit, so this is me wherever I go. Hi again, good to see you. >> Yeah, great to see you. So, of course, you know a lot of people are confused about Oracle, and open-source, they say "Oracle? Open-source? What is that all about?" But I think you're misunderstood. People don't, first of all, realize you as the leader of the software-development community inside of Oracle, I mean, you've been involved in Linux since the early 90s. But you guys have a lot of committers, you do a lot. I want to talk about that. What is up with Oracle, and open-source? >> Ah, well, it's a broad question. So, you know, a couple of things. One is, we have many different areas within the company that are dealing with open-source. So we have the cloud team doing a lot of stuff around cloud SDKs and support for different languages like Python and Go, and of course Java and so forth, so they do a lot around ensuring that the Oracle ecosystem is integrated in the open-source tools that customers use, or developers use, Terraform companies and so forth. And then you have the Java team, and so forth. Java is open-source and then the Graal project, GraalVM which is a polyglot compiler that can run Java, and Python, and Javascript and so forth together in one. VM do really cool optimizations, that's an open-source project, also on GitHub. There's of course MySQL, which is along with Java, they're probably the two most popular and widely used open-source projects out there. There's VirtualBox which is of course also a very popular project that's open-source. There's all the work we do around Linux. And I think one of the things is that, when you have so many different areas, doing things that are for that area, then as a developer or as a customer, you typically just deal with that group. And what you see is, oh you're talking to the Java developers, so you know what's going on around Java. The Java developers might not necessarily say, "Oh well we also do MySQL, and we do Linux and VirtualBox and so forth," and so you get a rather myopic, narrow view of the larger company. When you add all these things up, and there will be one big slide that says "This is Oracle, these are all these open source projects," and there's multiple ways. One is, we have projects that we've open-sourced and all the code came from us and we made it publicly available, we're the main contributor and we get contributions back. There are other projects where we contribute to third-party in terms of enhancing things, like I said with the Cloud Team, and then in general something like Linux where we're part of an external project and we participate in development of that project at large. And so there's these three different ways, when you count up all the developers that we have that deal with open-source on a daily basis. And in terms of contributions, in terms of bug fixes, testing, and so forth, it's thousands, literally, full-time paid developers. And of course, all the projects are all either on GitHub or similar sites that are very popular. So yeah, I think the misunderstood is probably a lack of knowledge of the breadth of what we do. And, you know, our primary goal is to provide services and products to customers, and so the open-source part is sort of embedded in a development methodology. But that's not something we sell or market separately, we just work with customers and products and services, and so in some cases it's not well-understood. >> Yeah. Well, we're talking of course, we're talking about the state of the penguin, I think it's important for people to understand, Oracle got into the Linux game in the 90s, maybe the latter part of the 90s and Oracle, of course, wants to make Linux-- wants to make Oracle, it's applications and database run better on Linux, but as you're pointing out, your Linux distro, full support, end-to-end, thousands of people in your open-source community, and the contributions that you make to Linux, many if not most, they go upstream, everybody can benefit from those, but of course you want an Oracle distro that is going to make Oracle stuff run better, that's always kind of been the Oracle way. >> Well, so, yes, two things though. One is, so everything we do is upstream. So we have no Linux patches that are not contributed upstream; There's no proprietary code in Oracle Linux at all, it's all completely open, publicly available: the source code, the change log, all the commits, it's fully open and public, which sometimes is not well-understood, but it's completely open. And, everything we do in terms of feature development or functionality or bug fixes goes upstream to the Linux kernel mail-list. It's actually, it's the only way to be able to manage a Linux distribution and be a Linux vendor is to live in that eco-system. Otherwise, the cost of maintaining your own fork, so to speak, is very high and it doesn't really solve the problem. Now, the functionality we work on obviously is focused on making Oracle products run better, making Oracle Cloud run better, and so forth. However, again, what's important to understand, though, is an Oracle database is a program running on an operating system. It does IO, it does networking, it deals with memory management, lots of processing. So, for the most part, the things that we work on to improve that helps everyone out, right? It helps every other database run better, or helps every other language run better. So none of these changes are specific to Oracle, they're just things that we found doing performance benchmarks and testing and so forth, where we say "Hey, if Linux did the following, it would make boot-up faster. Now boot-up has nothing to do with the database. But our customers run on 1-terabyte, 4-terabyte, 8-terabyte systems, and so booting up, and Linux starting up, and cleaning up memory takes a long time. So we want to reduce that from an availability point of view. So here, we're now talking about just enterprise for you. So there's this broad set of things we work on that definitely help us, but they're actually really completely generic and help everyone out. >> Yeah, that's great. So I wanted to kind of get that out of the way and help our audience understand that. So let's get into it a little bit; What are you seeing, what's going on in IT, pick your observation space and your vision of what you see happening out there. >> Well, you know, it's very interesting, it's sort of, there's two... there's sort of two worlds, right, there's the cloud world and the move to cloud, and there's the on-premises world, where people run their systems on their own. And, one of the things that we've learned is, when you talk about machine-learning, obviously, is something that's very popular these days, and automation. And so in order to rely on machine-learning well, and have algorithms that are very effective, you need lots of data. And so being a cloud vendor, and having Linux in our cloud on tens of thousands, or hundreds of thousands of servers, or more, allows us to have a view of how an operating system works across an incredibly large scale. So we get lots of data. And so for us to figure out which algorithms work well in terms of how can we do network optimizations, how can we discover anomalies on the storage site, and deal with it and so forth, we can do that at scale. And what's interesting is, how do we then bring that on-prem? Well, if we can get the data and the learning done, the training done, in our cloud directly, then when we provide that service also for people running Oracle Linux on premises then that will work. The alternative is to have point solutions where you provide something to a customer, and he needs to learn something from small amounts of data. That doesn't work so well. So I think having both worlds, on-prem and cloud directly, allows us to kind of benefit from that. And I think that's important, because lots of customers are interested in going to cloud. Many of the enterprises have not yet. You know, they're starting, but there's still a huge on-premises space that's important. And so by being able to get them familiar with how these things work at scale, autonomy is again important, right, Autonomous Database is incredibly popular and so forth, that allows us to then say, "Here, try these things out here, it's a service. We can show you the benefits right away," and then as that improves we bring that, to a certain extent, on-premises as well. And then they can have it in both places. And that, I think, is something, again, that's relatively unique but also very important, is that we want to provide services and products that act similarly on-premises as well as in cloud, because at some point when people move we want to make that transition seamless. And what you have today for the most part is one world that's on-prem, and then the cloud world is completely different. And that is a big barrier of moving, and so we want to reduce that, we can run the same operating system local as well as cloud, you can the same functionality, and then that helps transition people over much easier. >> Yeah, well Oracle actually was one of the -- I think Oracle was the first company to actually market same-same, you actually used that term. Others put forth that concept, but Oracle was the first to announce products like Cloud at Customer, that were same-same, now it took some time to actually get it perfected, and get it to market, but the point is, and we've written about this, is Oracle, because of the ascendancy of cloud, flipped and has a cloud-first mentality, and you just kind of referenced that, you just said, "And you can bring that to on-prem." So I wonder if you could talk about that cloud-first mentality, and the impact on hybrid. >> So yeah, I think the cloud-first part is of course in cloud we work on services moreso than products that we deliver. And there's a number of things that are happening. So one is that we obviously continue to provide products to customers, you can download Oracle Linux, you can download the database and what not, you can install it on your own, you can do the traditional way of working. Then in the cloud-world, what typically happens is "Oh, I use a database service. I'm not installing anything, I push a button and I get an IP address and a SQL that connects extremely quickly to the database." And we take care of everything underneath that is on this database. Now, in order to do that, you need a whole infrastructure in place, you need log-in agents, you need a back-end that captures all that stuff, you need monitoring tools, you need all the automation scripts for bringing the service up and monitor it. And so, that takes a lot of time to do right, and we learn a lot by doing this. And so the cloud-first part of these services means that we get to experience this ourselves with direct access to everything. Now taking that service with all of the additional features like autonomy, and bringing that to an on-premises world, we have to make sure we can package that so that all these pieces around it go along with it. And that takes a little bit more time, so we can do everything at the same time. And so what we've done with Autonomous Database is we created everything in Oracle Cloud, we have the whole system running really well, and then we've been able to sort of package that and shrink it into something that can be installed on-premises, but then connected into Oracle Cloud again. And so that way we can get all the telemetry over the metric, and that allows us to scale. Because part of providing a cloud service that runs on-prem in the customer environment is that we need to be able to remotely manage that similar to how that runs in our own cloud. Right, otherwise it doesn't scale. And so that takes a little bit of time, but we've done all that work, and now with Cloud at Customer Database that's really in place. >> Yeah, you really want to have that same cloud experience, whether with on-prem, in the public cloud, hybrid, et cetera. So, I want to explore a little bit more who is using Oracle Linux, and what's the driver for using it. Can you describe maybe some of the types of customers and why they buy? >> Sure, so we started this fourteen years ago, in 2006, October 25th, 2006. I remember that day very well; Penguins on stage and a big launch for Oracle Linux in San Francisco Moscone Center. So, look, the initial driver for Oracle Linux was to ensure that Oracle database customers or Oracle product customers had a good operating system experience, and the ability to be able to handle critical issues when that occurs, because typically a database runs the company's critical data: the most essential stuff that a company has is typically in a database, an Oracle database. And so when that thing has issues with the operating system, you don't want just to talk to multiple vendors and have finger-pointing, and having to explain to an operating system vendor how the database works. In the Unix world, we had a good relationship with the OS vendors, and the hardware vendors, they were the same. And they knew our products really well, and in the Linux world, that was very different. The OS vendor basically did not want to understand or learn anything about the products living on top. And so while to a certain extent that makes sense, it's an enterprise world where time is of the essence, and downtime needs to be limited absolutely. We can't have these arguments and such. And that was the driver, initially, for doing Oracle Linux. It was to ensure there was a Linux distribution really backed by us, that we could fix, that we could fully support. That was completely the original intent. And so the early customer base was database customers. Database and middleware. Mostly database. But that has then evolved quickly, and so what happened was, people say "Look, I have a thousand servers, a hundred run Oracle, so we'll run Oracle Linux on those hundred, and we'll run something else on those other nine-hundred." Now after a year or so, they realize that our support is really good; We fix all these issues, and so then they're like "Why are we having two Linux distributions? This thing works really well, it runs any application, it's fully compatible, so we'll do a thousand with Oracle Linux." And so the early days, the first few years, was definitely Oracle Database as the core driver, and then it sort of expanded to the rest of the estate. And over the years, we've added lots of features and functionality, like Ksplice, and so forth. We have an attractive pricing model for running on servers, and so now lots of our customers have a very small Oracle percentage running and many other things running. So it's really become a all-or-nothing play in the Linux space, and we're well-known now, so it's actually very good. >> You just mentioned Ksplice. We've been talking about cloud, and on-prem, and hybrid. Let's talk about security, because security really is a differentiator, particularly if you're going to start to put stuff in the cloud. Talk about Ksplice specifically, but generally security and your policy there. >> So, "Security first" is sort of what you hear us say and do, in everything we do. The database obviously security, on the Linux site security matters. Ksplice as a technology is there to do critical bug-fixing and make sure that we can apply security vulnerability fixes without affecting the customer, and not have downtime. And if you look at most of the cases or many of the cases where you have security vulnerabilities and exploits, it tends to be because systems were not patched. Why were they not patched? Well not that our customer doesn't understand that it's important, but it's a whole train of events that needs to happen. You have to, you get notified that there's a security issue in your operating system or application. Then, well, an application typically means it's a multi-layered setup. So if you have to bring your database server down, then you first have to coordinate with the application users to bring the app server down, cause that talks to the database. So to patch one system, you basically have to bring down the whole application stack. You have to negotiate with the DBAs, you have to negotiate with the app admins, you have to negotiate with the user. It takes weeks to do that and find time. Well during that time, you're vulnerable. So the only way, really, to address security in a scalable and reducing that window of time is to do it without affecting the customer. And so Casewise is something that, it's a company we acquired in 2009, and have since evolved in terms of capabilities, and so it allows us to patch the Linux terminal without downtime. We lock the kernel for 8 microseconds. It's literally no downtime. You don't have to bring down applications, the user doesn't see it, there's no hang, there's no delay. And so by doing that, you can run a Linux operating system, or gLinux, and you can be fully patched on a system that hasn't rebooted for 3 years. You don't even know it. And so by doing that type of stuff, it makes customers more secure, and it avoids them-- It saves them a lot of money in terms of dealing with project management and so forth, but it really keeps them secure. And so we do that for the Linux kernel, we do that for some of the libraries on top that are critical like OpenSSL and 2 LVC, and, you know one example-- I can give you two examples. So one example is, Heartbleed was this bug in OpenSSL a number of years ago. And so everyone had to patch their SSH server. And that meant, basically, systems around the world had to reboot. Like a whole IT reboot across the world. With Ksplice today, if Heartbleed were to happen tomorrow, we would be able to patch this online for all the Oracle Linux customers without any downtime. No reboots, no restarting of applications, everything keeps running. The amount of money saved would be massive, and also, of course, the headache. Another example is, and this was in Oracle Cloud, when some of these CPU bugs that happened a few years ago that were rather damaging on the cloud side, where you could basically see memory potentially of other CPUs running, the cloud is incredibly critical. We were basically able to basically patch our entire cloud in four hours. And the customer didn't know, right, a hundred and twenty million patches, or something, that we applied within four hours, all online, without any downtime. And so that technology has been really helpful, both for us to run our cloud, but the exact same patches and same fixes go to customers on-premises as well. But this comes back to the whole, what we do in cloud we also do for customer. And I think that's a unique thing that we have at Oracle which is quite fascinating. The operating system we run for our customers, the operating system that's the host part of VMs, is the exact same binary and source code that we make available, just to be clear, the exact same binaries are the ones that you run as a customer on-premises. So if you run Oracle Linux with KVM, you run VMs, you're actually running the exact same stuff as we run underneath our customer's stuff. Nobody else does that, everyone else has a black box. So I think that helps a little bit with transparency as well. >> Yeah, and that homogeneity just creates an environment, you're talking about that sort of security mindset, it's critical, you're not just bolting it on, it's part of the culture. But you started your career, and then of course you were a Linux person when you came to Oracle, but then I think you spent some time in database, back in the day when there were serious database wars going on, before Oracle became the king of database. So now you've got, obviously, this great portfolio, and a lot of really sharp software developers; What should we expect going forward, from Oracle? What should we look for? >> You know, I was talking to some, I was welcoming some interns to the company, for their summer internship yesterday, and one of the things I mentioned to them was that -- so cloud obviously gives us a lot of opportunities, but there's a number of things. One is, we have such a breadth of applications and software and hardware together. We have the servers, we have the storage, we have the operating systems, we have the database layer and so forth, and we have the cloud side, and one of the great opportunities, and I think we've shown a lot of this happening with the ability to create something like Autonomous Database, is to combine all these things. Right, we have such a broad portfolio of really cool technology that by itself is okay, but if you combine the things it really becomes awesome. You cannot create autonomous database without having autonomous learning. You cannot create those two and make them really safe without also controlling the firmware on the hardware and so forth. So by being able to combine all these layers, and by having a really great relationship across the teams within the company, that opens up a lot of opportunities to do stuff really quickly. And having the scale for that. I think that has been, for the last few years, a really great thing, but I can see that being one of the advantages that we have going forward. We have Oracle Fusion Applications, which is incredibly popular, and has great girth, and then we have that running on Oracle Cloud, that talks to Oracle Autonomous Database, so we bring all these pieces together. And no other SaaS vendor can do that, because they don't have these other pieces. They have one area, we have all of them. And so that's the exciting part for me, it's not so much about making my own world better, and having Linux be better, and Casewise and so forth, which is important, but that becoming part of the bigger picture. And that's the exciting part. >> Well, Oracle's always invested in RND, we've made that point many, many times. Whether it's database, you know Fusion was a painful but worthy effort, the whole public cloud piece, obviously many acquisitions, but the investments that you've made in open-source as well, Wim, you're a great spokesperson, and a great representative of the open-source community generally, and then Oracle specifically, so thanks very much for coming on theCUBE and sharing with us the state of the penguin, and best of luck. >> You're welcome. Thank you, thanks for having me. >> Alright, and thank you for watching, everybody. This is Dave Vellante for theCUBE. We'll see you next time. (cheerful music).

>> Announcer: From theCUBE Studios in Palo Alto in Boston, connecting with thought leaders all around the world. This is a Cube Conversation. >> Hi everybody, this is Dave Vellante and welcome to this Cube Conversation. Really excited to have Wim Coekaerts and he is the senior vice president of software development at Oracle. Wim, it's great to have you on. And you know what I often say I wish we were face to face but if we were you'd have to cut off my tie 'cause developers and ties just don't go together. >> No, I know, and this is my normal outfit so this is me, wherever I go. Hi again, good to see you. >> Yeah, great to see you. So of course, you know a lot of people are confused about Oracle and open source. They say, Oracle, open source? What is that all about? But I think you misunderstood. People don't first of all realize you as the leader of the software development community inside of Oracle, I mean, you've been involved in Linux since the early '90s but you guys have a lot of committers. You do a lot, I want to talk about that. What is up with Oracle and open source? >> Well, it's a broad question. So you know, a couple of things. One is we have many different areas within the company that are dealing with open source, right? So we have the cloud team doing a lot of stuff around the cloud SDKs and support for different languages like Python and go and of course Java and so forth. So they do a lot around ensuring that the Oracle ecosystem is integrated in the open source tools that customers use, or developers use Terraform, so on and so forth. And then you have the Java team, and so of course Java is open source. And then, the Graal project, GraalVM, which is a polyglot compiler that run Java and Python and JavaScript and so forth together in one VM, do really cool optimizations, that's an open source project. Also on GitHub, there's of course MySQL which is along with Java, they're probably the two most popular and widely used open source projects out there. There's VirtualBox which is of course also a very popular project that's open sources is all the work we do around Linux. And I think one of the things is that when you have so many different areas doing things that are for that area, then as a developer or as a customer, you typically just deal with that group and what you see is, oh, you're talking to the Java developers so you know what's going on around Java. The Java developers might not necessarily say, oh, and we also do MySQL and we do Linux and VirtualBox and so forth. And so you get sort of a rather myopic narrow view of the larger company. When you add all these things up and there would be one big slide that says, "This is Oracle, these are all these open source projects there". And there's multiple ways, right? One is we have projects that we've opened sourced and all the code came from us and we made it publicly available. We are the main distributor and we get contributions back. There are other projects where we contribute to third party in terms of enhancing things, like a separate the cloud team. And then in general, something like Linux where, you know, we're part of an external project and we participate in the development of that project at large. And so there's these three different ways when you count up all the developers that we have that deal with open source on a daily basis and in terms of contributions, in terms of both Pyxis testing and so forth, it's thousands, literally, full time developers. And of course all the projects is on GitHub or similar sites that are very popular. So yeah, I think the misunderstood is probably a lack of knowledge of the breadth of what we do. And our primary goal is to provide services and products to customers. And so the open source part is sort of embedded in the development methodology, but that's not something we sell or market separately. We just work with customers and products and services. And so in some cases it's not well understood. >> Yeah, well, we're talking, of course we're talking about the state of the Penguin. I think it's part of what people understand. I mean, Oracle got into the Linux game, in the '90s, maybe the latter part of the '90s and Oracle of course wants to make Linux, wants to make Oracle its applications and database run better on Linux. But as you're pointing out you're Linux distro, full support, end-to-end, thousands of people in your open source community and the contributions that you make to Linux, many if not most, they go upstream, everybody can benefit from those. But of course you want an Oracle distro that is going to make Oracle stuff run better. That's always kind of been the Oracle way. >> Well, so yes, two things. The one is that, so everything we do is upstream. So we have no Linux patches that are not contributed upstream. There's no proprietary code in Oracle Linux at all. It's all completely open, publicly available. The source code, the change log, all the commits, everything. It's fully open and public, which sometimes is not well understood, but it's completely open. And everything we do in terms of feature development or functionality or bug fixes goes upstream to the Linux kernel mailers. It's actually, it's the only way to be able to manage a Linux distribution and be a Linux vendor is to live in that ecosystem. Otherwise, the cost of maintaining your own forks so to speak is very high and it doesn't really solve problems. Now the functionality we worked on obviously is focused on making Oracle products run better, making Oracle cloud run better and so forth. However, again, what's important to understand though is an Oracle database is a program running on an operating system that does IO, it does networking, it does memory, it deals with memory management, lots of processes. So for the most part, the things we work on to improve that, helps everyone out, right? It helps every other database run better or it helps every other language run better. So none of these changes are specific to Oracle. They're just things that we found doing performance benchmarks and testing and so forth. But we say, "Hey, if Linux did the following, it would make boot up fast." Now boot up has nothing to do with the database. But if our customers run on one terabyte, four terabyte, eight terabyte systems, and so booting up and Linux starting up and cleaning up memory takes a long time. So we want to reduce that from an availability point of view. So here we're now talking about just enterprise, right? And so there's this broad set of things we work on that definitely help us, but they're actually really completely generic and help everyone customer. >> Yeah, that's great, good. So I wanted to kind of get that out of the way and help our audience understand it. So let's get into it a little bit. What are you seeing, what's going on in IT? Pick your observation space and your vision of what you see happening out there? >> Well it's very interesting. There's sort of two worlds, right? There's the cloud world and move to cloud and there's the on-premise world where people run their systems on their own. And one of the things that we've learned is, when you talk about machine learning obviously is something that's very popular these days and automation. And so in order to rely on machine learning well and have algorithms that are very effective, you need lots of data. And so being a cloud vendor and having Linux in our cloud on tens of thousands or hundreds of thousands of servers or more allows us to have a view of how an operating system works across incredibly large scale. So we get lots of data and so for us to figure out which algorithms work well in terms of, how can we do network customizations, how can we discover anomalies on the storage side and deal with it and so forth, we can do that at scale. And what's interesting is how do we then bring that to on-prem? Well, if we can get the data and the learning done the training done in our cloud directly, then when we provide that service also to people running Oracle Linux on-premises, then that will work. The alternative is to have point solutions where you provide something to a customer and he needs to learn something from small amounts of data. That doesn't work so well. So I think having both worlds on-prem and cloud directly allows us to kind of benefit from that. And I think that's important because lots of customers are interested in going to cloud. Many of the enterprises have not yet, you know, they're starting, but there's still a huge on-premises space that's important. And so by being able to get them familiar with how these things work at scale, autonomy is again important, right? Autonomous database is incredibly popular and so forth. That allows us to then say, "Here, try these things out here. "It's a service, we can show you the benefits right away". And then as that improves, we bring that on to a certain extent on-premise as well and then they can have it in both places. And that I think is something, again, that's relatively unique but also very important is that we want to create an... we want to provide services and products that act similarly on-premises as well as the cloud. Because at some point when people move, we want to make that transition seamless. And what you have today for the most part is one world that's on-prem and then the cloud world is completely different and that is a big barrier of moving. And so we want to reduce that. You can run the same operating system local as well as cloud, you can get the same banality and then that helps transition people over much easier. >> Yeah, well, Oracle actually was one of the... I think but Oracle was the first company to actually market same-same, you actually use that term. Others put forth that concept, but Oracle was the first to announce products like cloud to customer that was same-same now it took some time to actually get it perfective and get it to market. But the point is, and we've written about this is that Oracle, because of the ascendancy of cloud flipped and has a cloud first mentality and you just kind of referenced that you just said, "And you can bring that to on-prem". So I wonder if you could talk about that cloud first mentality and the impact on hype? >> So yeah, I think the clouds first part is of course in cloud we work on services more so than products that we deliver and there's a number of things that are happening. So one is we obviously continue to provide products across you can download Oracle Linux, you can download the database in web blog, you can install it on your own, right? You can do to the traditional way of working. Then in a cloud world, what typically happens is, oh, I use a database service. I'm not installing anything. I push a button and I get an IP address and a SQL, and a connect string and connect to a database. And we take care of everything underneath the database. Now, in order to do that, you need to hold infrastructure in place, right? You need lugging agents, you need a backend that captures all that stuff, you need monitoring tools, you need all the automation scripts for bringing this service up and monitor it. And so that takes a lot of time to do, right? And we learned a lot by doing this. And so the cloud first part of the services means that we get to experience this ourselves with direct access to everything. Now taking that service with all of the additional features like autonomy and bringing that to an on-premises world, we have to make sure we can package that so that all these pieces around it go along with it. And that takes a little bit more time, so we can't do everything at the same time. And so what we've done with autonomous database is we created everything in Oracle cloud, you have the whole system running really well. And then we've been able to sort of package that and shrink it into something that can be installed on-premises but then connected into Oracle cloud again. And so that way we can get all the telemetry, all the metrics, and that allows us to scale because part of providing a cloud service that runs on-prem in the customer environment is that we need to be able to remotely manage that, similar to how we manage something that runs in their own cloud, right? Otherwise it doesn't scale. And so that takes a little bit of time, but we've done all that work and now we've got our customer database that that's really in place. >> Yeah, you really want to have that same cloud experience, whether it's on-prem, in the public cloud, hybrid, et cetera. So I want to explore a little bit more. Who is using Oracle Linux and what's the driver for using it? Can you describe maybe some of the types of customers and why they buy? >> Sure, so we started 14 years ago, right? 2006, October 25th, 2006 (giggles). I remember that day very well. Penguin's on stage and a big launch for Linux in San Francisco Moscone Center. So look, the initial driver for Oracle Linux was to ensure that Oracle database customers or Oracle product customers had a good operating system experience, right? And the ability to be able to handle critical issues when that occurs because typically a database runs the company's critical data. The most essential stuff that a company has is typically in a database, in Oracle database. And so when that thing has issues with the operating system, you don't want just to talk to multiple vendors and have finger pointing and having to explain to an operating system vendor how the database works. In the Unix world, we had a glitch relationship with the OS vendors and the hardware vendors. They were the same. And they knew our products really well, and in the Linux world that was very different. The OS vendor basically did not want to understand or learn anything about products living on top. And so, while, to a certain extent, that makes sense. It's an enterprise world where time is of the essence and downtime needs to be limited absolutely. We can't have these arguments and such. And so that was the driver initially for doing Oracle. So it was to ensure there was a Linux distribution really backed by us that we could fix and we could fully support, right? That was completely the original intent. And so the early customer base was database customers. Database and middleware, mostly database. So but that has then evolved quickly, and so, (clears throat) sorry. What happened was, people would say, "Look, have a thousand servers, a hundred run Oracle, "so we'll run Oracle Linux on those hundred "and we run, something else on those other 900." Now after a year or so, they realized that our support was really good. We fixed all these issues and so then they're like, "Why are we having two Linux distributions? "This thing works really well. "It's runs any application, it's fully compatible. "So we'll just go a thousand with Oracle Linux". And so the early days, the first few years was definitely Oracle database as the core driver and then it sort of expanded to the rest of the estate. And over the years (clears throat), we've added lots of features and functionality, like Ksplice and so forth. We have an attractive pricing model for running on servers. And so now lots of our customers have a very small Oracle percentage running and many other things running. So it's really become a all or nothing play in the Linux space and we're well known now, so it's been actually very good. >> You just mentioned Ksplice. I mean, we've been talking about cloud and on-prem and hybrid and let's talk about security because security really is a differentiator but particularly if you're going to start to put stuff into the cloud. Talk about Ksplice specifically, but generally security and your policy there. >> So security first is sort of what you hear us say and do in everything we do, right? The database obviously security on the Linux side, security matters, Ksplice as the technology is there to do critical bug fixing and make sure that we can apply security vulnerability fixes without affecting the customer and not have downtime, right? And if you look at, most of the cases or many of the cases where you have security vulnerabilities and exploits, it tends to be because systems were not patched. Why were they not patched? Well, not that a customer doesn't understand that it's important, but it's a whole train of events that needed to happen. You have to get notified that there's a security issue in your operating system or application. Then, well, an application typically means it's a multi-tiered set up. So if you have to bring your database server down, then you first have to coordinate with the application users to bring the app server down because that talks to the database. So to patch one system, you basically have to bring down all application stacks. You have to negotiate with the DBAs, you have to negotiate with the app admins, you have to negotiate with the user. It takes weeks to do that and find time. Well, during that time you're vulnerable. So the only way really to address security in a scalable way and reducing that window of time is to do it without effecting the customer, right? And so Ksplice is something that... It's a company we acquired in 2009 and have since evolved in terms of capabilities. And so it allows us to patch the Linux kernel without downtime, right? We lock the kernel for a microsecond, so it's literally no downtime. You don't have to bring down applications. The user doesn't see it. There's no hang, there's no delay. And so by doing that, you can run the Linux operating system, Oracle Linux, and you can be fully patched on a system that hasn't rebooted for three years and you don't even know it. And so by doing that type of stuff, it makes customers more secure and it avoids them... It saves them a lot of money in terms of dealing with project management and so forth, but it really keeps them secure. And so we do that for the Linux kernel. We do that for some of the libraries on up that are critical, like OpenSSL and glibc and one example, I can give you two examples. So one example is Heartbleed was this bug in OpenSSL a number of years ago and so everyone had to patch their SSH server. And that meant basically, systems around the world had to reboot, like a whole active reboot across the world. With the Ksplice today if Heartbleed were to happen tomorrow, we would be able to patch this online for all the Oracle Linux customers without any downtime. No reboots, no restarting of applications, everything keeps running. The amount of money saved would be massive, right? And also of course, the headache. Another example is, (clears throat) and this was an Oracle cloud when some of these CPU bugs that happened a few years ago that were rather damaging on the cloud side, right? Where you could basically see memory of potentially of other machines running that the cloud it's incredibly critical. We were basically able to patch our entire cloud in four hours and the customer didn't know, right? 120 million patches or something that we applied within four hours all online without any down time. And so that technology has been really helpful both for us to run our cloud, but the exact same patches and same fixes go to customers on-premises as well. But this comes back to the whole what we do in cloud, we also do for customer, and I think that's a unique thing that we have at Oracle, which is quite fascinating, right? The operating system we run for our customers, the operating system that's the host for the VM is the exact same binary and source code that we make available, just to be clear. The exact same binaries are the ones that you run as a customer on premises. So you run Oracle Linux with KVM, you run VMs, you're actually running the same stuff as we do for our... That we run underneath our customer stuff. Nobody else does that. Everyone else has a black box. So I think that helps a little bit with transparency as well. >> Yeah, and that homogeneity just creates an environment you're talking about sort of the security mindset is critical. You're not just bolting it on, it's part of the culture. Look, you were, you know, started your career, and then of course you were a Linux person when you came to Oracle, but then I think you've spent some time in the database back in the day when there were some serious database wars going on before Oracle, became the king of database. So now you've got obviously this great portfolio and a lot of really sharp software developers. What should we expect going forward from Oracle? What should we look for? >> I was welcoming some interns to the company, (clears throat) for their summer internship yesterday. And one of the things that I, (clears throat) I'm sorry. One of the things I mentioned to them, was that one of the... So cloud obviously gives us a lot of opportunities, but there's a number of things. One is we have such a breadth of applications and software and hardware together, right? We have the servers, we have the storage, we have the operating systems, we have the database layer and so forth, and we have the cloud side. And one of the great opportunities and I think we've shown a lot of this happening with the ability to create something like autonomous database is to combine all these things, right? We have such a broad portfolio of really cool technology that by itself is okay, but if you combine the things, it really becomes awesome, right? You cannot create autonomous database without having autonomous Linux, right? You cannot create those two and make them really safe without also controlling the firmware on the hardware and so forth. So by being able to combine all these layers and by having a really great relationship across the teams within the company, that opens up a lot of opportunities to do stuff really quickly and having the scale for that. I think that has been for the last few years a really great thing but I can see that being one of the advantages that we have going forward, right? We have Oracle Fusion Applications, which is incredibly popular and has great growth. And then we have that running on Oracle cloud that talks to our autonomous database. So we bring all these pieces together and no other SaaS vendor can do that because they don't have these other pieces. They have one area, we have all of them. And so that's the exciting part for me is basic... It's not so much about making my own world better and having Linux be better and Ksplice and so forth, which is important, but that becoming part of the bigger picture. And that's the exciting part. >> Well, Oracle has always invested in R&D. We've made that point many many times, whether it's database, fusion was a painful but worthy (giggles) effort. The whole public cloud piece, obviously many acquisitions but the investments that you've made in open source as well. Wim, you're a great spokesperson and a great representative of the open source community generally, and an Oracle specifically. So thanks very much for coming on theCUBE and sharing with us the state of the Penguin. The best of luck. >> You're welcome. Thank you, thanks for having me. >> All right, and thank you for watching everybody. This is Dave Vellante for theCUBE. We'll see you next time. (soft music)

>> From around the globe its theCUBE with digital coverage of Red Hat Summit 2020, brought to you by Red Hat. >> Hi I'm Stu Miniman and this is theCUBE's coverage of a Red Hat Summit 2020. Of course this year the event is virtual. We're bringing all the people on theCUBE from where they are and really happy to bring back to the program, one of our CUBE alumni, Paul Cormier, who is the president and CEO of Red Hat. Of course the keynote and you and I spoke ahead of the show. Paul great to see you and thanks so much for joining us. >> My pleasure, always great to see you Stu. My pleasure. >> All right, so Paul lots have changed since last time we got together for summit. One things stayed the same though. So, you know, the big theme, I heard in your keynote, you talked about open hybrid cloud of course. We've been talking about cloud for years when you ran the product theme, you know, making Red Hat go everywhere is something that we've watched, you know, that move. Is anything different when you're talking to customers, when you're talking to your, the product themes, you think about the times were in, why is open hybrid cloud not a buzzword but hugely important in the times were facing? >> Because the big premise to open hybrid cloud is that customers, cloud has become part of people's infrastructure. I've seen very few if any true enterprise customers that are moving everything, every app to one cloud. And so I think what people really realized once they started implementing clouds, part of their infrastructure was that you going to always have applications that are running bare metal. Some are virtual machine maybe on top of VMware it might been a private cloud, and not many people saying you know what the public clouds are all so different from each other I might want to run one application for whatever reason in one in a different one or another I think they started to realize the actual operational cost to that, the security cost of that and even more mobility the development cost of that from the application perspective and now having five silos up there now how that's so costly so now our whole premise since the beginning of open hybrid cloud has been to give you that level playing field to have those things all the same no matter where the application wants whether experimental virtual machine private multiple public cloud and so in the long run as customers start to start to really go to cloud first application development and they can still manage that under one platform in a common way but at the same time managed develop secure it but at the same time they can manage develop and secure their legacy applications that are also on linux as well in the same way so I think in the long run it really brings it together and saves money and efficiency in those areas. >> Yeah it's I always loved I look over time we have certain words that we think we know what they mean and then they mature over time let's just say we'll start with the first piece of what you're talking about open we live through those of us that have been through that the really ascendancy of open-source is in the early days open was free and we joke it was free like puppies >> Yeah. but today open source of course is very prevalent we see it all over the place but give from an open hybrid cloud why open is important today and what customers should think, how do customers think about that today? >> There's probably two most misunderstood things with open so first thing is that open source is a development model, first of all. I always say it's a verb not a noun, I even say well think internally and externally. We're not an open source company, we're an enterprise software company with an open source development model. So you think about that, that's what that's really important. Why is the open source development model so important? It's important because everyone has the same opportunity in terms of the features of within the code everyone has the same opportunity to contribute. The best technology wins that's how it works in the upstream community is it's not a technology driven by one company that may have a one company agenda. It's really a development process that allows the best technology to win and I think that's one of the main things and one of the main reasons why you see all the innovation frankly in the last five years around infrastructure and development, associated pieces and tools around that of being in and around Linux because Linux was available, it was powerful, it was open when people wanted to develop for when people wanted to develop kubernetes for example, they had to make changes to the Linux kernel in order to do that it did work because they could and so those are the things that make it really important as a development model and I think those are the things that get confused a lot. I think the other things that get confuses a lot of people think that, "hey if I have this great technology and I just open-source is that it'll all just work, everyone will come, now that's not the case. The things that really, the projects that really succeed of an open-source perspective are the problems that are common and horizontal across a big group of people so they're trying to solve similar problems and that's one of the things that we found as you go further up the stack the length typically the less community is involved it's the horizontal layers where you need whether you're in banking or retail or telco or whatever they're all the same, those are the pieces where open-source really fits well. >> Alright so the second piece you talk about hybrid I think back to the early days Paul when cloud was first defined and we talked about public and private cloud we had discussions of hybrid cloud and multi clouds and the concern that I have is it was very much an infrastructure discussion and it was pieces and the vision that we always have is, were customers to actually get value is, the total solution needs to be more valuable than the sum of its parts. So it's really about hybrid applications about where my data lives, so do you agree with some of those things I'm saying how does Red Hat look at it and from your team i do get lots of the application and app dev discussion which I always find even more meaningful than arguing over ontologies of how you build your cloud. >> Everything you said is all about the application if you look at just where we started with linux just along what did Linux bring to the enterprise when we first started rally me you and I talked about this earlier that was the thing that really opened things up. The enterprise's started buying Linux they right they started buying Linux for Linux for $29.95 at the book stores but when I first came on board we talked to some of the banking customers in there, they said well we love this technology but every time you guys change a release on my applications breaker when I get new hardware it doesn't work etc. So it's all about the application Linux is better about that all the time from the beginning of time what hybrid it really means here, is that I can run that seamlessly across wherever that footprint is going to live and so I think that's also one of the things that gets confused a bit. When the cloud first started, the cloud vendors were telling people that every application was going to move to one cloud tomorrow right? We knew that was not practical, that's the other thing from open-source developers, we look at a practical perspective, we look back in 2007 I just looked at just to prepare for the note I just put up to the company. Back in 2007 at the summit I talked about any application anywhere anytime. That's really the essence of what hybrid is here, so what we found here is what every application is impractical for every application to move to one cloud and so cloud is powerful but it's become part of people's development and operations and security environment so now as we stitch that in may make that common for those three things for the operation security in development more application development world that's where the power is. So I see the day where application developers and application users won't know or care what platform the back-end day is coming from for whatever applications they're writing, they shouldn't care that should just happen seamlessly under the covers but having said that, that complicates thing and that's why management needs to be retooled with it as well. Sorry on that but I could talk about that for three days right? >> Yeah so as an industry we kind of argue about these and everybody feels that they understand the way the future should look. So Paul for a number of years it was, "we're going to build this stack "and let's have the exact same stack here and there." There were some of the big iron companies that did that a few years ago now you see some of your public cloud partners saying, "we can give you that same experience "that same hardware all the way "down to the chip level things are going to be the same." When I look at software companies, there's two that come to mind to live across dispersed environments. One is very much from a virtualization standpoint they design themselves to live on any hardware out there. Red Hat has a slightly different way of looking at things, so what's your take on kind of the stack and why is hybrid in that hybrid cloud model that you're building probably looks and sounds and feels different then I think almost anybody else out there? >> Well the cloud guys, they all have similar technologies underneath I mean most of it not all of its based on Linux but they're all different I mean remember the UNIX days I'm old enough to remember the UNIX day. That was the goal back then but like each hardware vendor did each cloud vendor is now taking that Linux or the Associated pieces with it and they have to make their changes to adapt to their environment and some of those changes don't allow for applications to be portable outside that environment, that's exactly like the OEM world of the past and so I hope some people hate it when I say this to make this a comparison but I really look at the cloud guys as a mainframe and certainly mainframe as and still does bring a ton of value to certain customer base and so if you're going to keep your application in that one place, a mainframe will all on you mainframe mentality will always stitch it to bet together better but that's not the reality of what customers are trying to do out there. So I really think you have to look at it that way it's not that much different in concept anyways to the OEM days whether from when they started running Linux and the thing that Red Hat's done that some of the others haven't for VMware for example, VMware they have no pieces that touch the application I mean they have some now they had photon, they had some of the other pieces that sort of tried to touch the application but at the end of the day we always concentrated in Linux and especially from a Red Hat perspective of keeping the environment the same, both from an application perspective and from a hardware perspective. Certainly when an application runs in the cloud, we don't have to worry about the hardware anymore but we still have to worry about the application and businesses are all about the application and so we always took that tack from both sides of that. I think that's one of VMware's weaknesses frankly is that applications don't run on hypervisors, they run on operating systems including when I say operating systems I mean containers because that is a Linux operating system. >> Yeah Paul a lot of good points you brought up there and it's interesting the mainframe analogy in the early days of cloud there were some that would throw stones and saying right you're rebuilding the mainframe and you're going to be locked in, this is going to be an environment so I'd love to get your thought you think about what's happening in application development, the rise of is you talked about containers and kubernetes serverless is out there there's that, "we want to enable the application developers but we don't want to get locked into some platform there. Talk about red-hat's role how your products are helping the ship, help customers make sure that they can take advantage of some of these new ways of building, maintaining and changing without being stuck on any specific platform or technology >> Well the first place, I believe I'm sure I will be corrected on this but we really are the only company that I can think of at this moment that is a hundred percent open source. Everything we do when our products go is open source based goes back upstream to the community for everyone to take advantage of so that's the first thing. I mean the second thing we do is one of the big fallacies is, open source has become so popular that people are confusing upstream projects with downstream products and so for us I'll use us as an example, I'll use Linux and I'll use kubernetes as an example, the Linux kernel we all built from the Linux kernel us, Susa, Ubuntu we all build from the Linux kernel but at the end of the day we all make choices when we bring that upstream work down to become a product. In our case we go upstream to rel, we go from fedora to sent us to rel. We all make choices, which file systems were going to package, what development environment we're going to to package, what packages werre gonna package and so when we get down to what's get deployed in the enterprise, those choices in what makes the difference of why by rel is slightly different than SUSE Linux which is slightly different than Canonical's upon - but they're all come from the same heritage, the same as the case with kubernetes is this sort of fallacy that kubernetes is the last time I checked it was 127 different kubernetes vendors out there. They're all just going to magically work together yes they all come from the same place but we have to touch the users face, we have to touch the kernel and so there how do you line that up in the life cycle of what the customers get is going to be different. We might be able to take different pieces from different from those 127, make it work at one point but the first time any of us makes a change, it's not coordinated with the other side, it's probably going to break. Anyone our life cycles go out 10 plus years and so engineering that altogether is something that makes it all work together as you upgrade whether it be hardware or your applications and so some people confuse that with not being old till 100 percent open. When we find a bug in rel, rel that's been out there for five years maybe we give that fix back to the upstream community that's open it's out there and so I think that's the part that this doesn't become so accepted now and so much part of the mainstream now that we very much confused projects with products and so that's one of the biggest confusion points out there. >> Yeah really good points there Paul. So when I think about some of the things we've heard over the years is in the original days it was, "Oh well public hug Paul? I'm not going to need rel anymore they've got Linux then kubernetes has come along and Red Hat's had a really strong position but you look at it and you say, "Okay well if I'm most customers, "if I'm doing Amazon, "if I'm doing Google, "if I'm doing Microsoft, "I'm probably going to end up using some of their native services that they've got built-in. Talk about how the role of Red Hat kind of continues to change and you live in this multi cloud environment and i think it's kind of that intersection that you were talking about, open and compatibility as opposed to. You're not saying that Red Hat's going to conquer the world and take down all the other options >> Well cloud providers bring a ton of value. I mean the users have to be smart on how and when they use that value. If you truly are going to be a hundred percent of your applications in one public cloud, then you probably will get the best solution from that one public cloud. Serverless is a great example if you're an Amazon and you spin up via services serverless that container that gets spun up is never going to run outside that Club, if that's okay with you that's okay with you. (Voice scrambles) The we've gone about this is as I said to give you that seamless environment all the way across. If you want to run just containers, (voice scrambles) on one particular cloud vendor and you want it under their kubernetes and it's never going to run in any other place, that's okay too but if you're going to have an environment with applications that are in multiple cloud vendors infrastructure you're even on your own, you're now going to have to spin up these different silos of that technology even though the technology as the same heritage. So that's a huge operational and development cost as you grow bigger and able to order to do that and so our set a strategy is very simple, it's give the developers operations and security people that common environment to work across and over time (voice scrambles) they shouldn't care where the services are coming from. It should just all work and that's why you seen things like automation being so important now. I mean our nation is our biggest growing business with ansible right now and part of the reason is as people spread out to a container based environment applications that may now spread across those different footprints maybe you want to have your front (voice scrambles) we have one of the rel customers in Europe that has the front facing customer side of their ticket, their ticketing system up in the public cloud and they've got the backend financial transaction database pieces that click credit cards behind their firewall, that's really one application spread across containers, if you have do you want to have to manage the front end of that with one kubernetes and the backend of that were the different kubernetes? Probably not and so that's really what we bring to the table as we've really grown in with this new technology. >> Alright, so final question I have for you Paul I'm actually going to get away a little bit from your background on the product piece you have to talk a little bit about just red hat going forward. So you talked about, we know for many years red hat has been much more than the Linux piece you talk about automation I've got some great interviews this week talking about some of the the latest in application development, lots of open source projects and so many open source projects (laughing) nobody can keep them all straight there. So as customers look at strategic partnerships, what is the role of red hat and with now being under IBM Jim white her steps over to become president there Arvind of course had a long relationship and it was the architect behind the Red Hat acquisition what's the same and what's different as we think about Red Hat 2020 under your leadership? >> I think it's a lot of the same I mean I think the the difference becomes in the world we're in right now is sort of how we can help our customers come out of back and back into re-entry right and so how that's going to to be different than the past (voice scrambles) we're working through that with many of our customers and we think we can be a big help here because we run their business and today where they run their business over the platforms on their business and that's not going to go away for them and in fact if anything that's going to get even more critical for them because they've got to get more automation to get just more efficiency out of it so in terms of what we do and as a company that's not going to change at all I mean we've been on this path that we're on for a long time. I stand up in front of our sales kickoffs every year is hearing and virtual as well and I say, "we'll to talk to you about the strategy." Guess what? It hasn't changed much from last year and that's a good thing because these technology rollouts are multi-year rollouts, so we're going to continue on that I mean the other thing too is, our customers are seeing moving many more of their work close to the Linux environment and so I think we can help them expand that as well and I think from an IBM perspective (voice scrambles) one of the big premises here from our perspective is to help us scale because they're in the process of helping their customers move to this next generation architectures and at the same time be able support the current architectures and that's what we do well and so they can just help us get to places that we just wouldn't have had the time and the resources maybe to get there get on our own so we can expand that footprint even more quickly with IBM. So that's the focus right now is to really help our customers move to the next phase of this in terms of re-entry >> Yeah as I've heard you and many other Red Hatters say Red Hat is still Red Hat and definitely it's something that we can see loud and clear at Red Hat summit 2020. Thank you so much Paul. >> Thank you Stu nice to see you again. >> All right lots of coverage from Red Hat summit 2020 be sure to check out the cube net for the whole back catalogue that we have of Paul their customers, there their partners and thank you for so watching the queue [Music]

right so with kubernetes the history is we started off with only file systems block is something very new within the past couple releases that actually personally worked on the next piece that we're doing at Red Hat is leading the charge to create CRTs for object storage so it's defining those api's so customers can dynamically provision and manage their object storage with that in addition we recently acquired a company called nuba that does exactly that they're able to have that data mobility through object buckets across many clouds doing the sharding and replication with the ability to do and that's super important because it opens up for our customers to have image streams photos things like that that they typically use within an enterprise and quickly move the data and copy it as they as they need to so we notice that that more and more people want to try their workloads outside of the centralized one centralized data cluster so the big you know term for the last year was the hybrid cloud but it's not just hybrid cloud people coming from also from the iot user space wants to you know containerize their work clothes what wants to put the processing closer and closer to the devices that are actually producing and consuming those data in the users and there is a lot of use cases which should be tackled in in that way and as you all said previously like you Burnett is want developers hearts and minds so api's are stable everybody is using them it will be supported for decades so it's it's natural to try to bring all these tools and and all these platforms that are already you know available to developers try to tackle these new new challenges so that's why last year we reformed the kubernetes at the edge working group trying to you know start with the simple questions because when people come to you and say edge everybody thinks something different from somebody it's in IOT gateway for somebody it's a it's a full-blown you know kubernetes faster it's some telco providers so that's what we're trying to figure out all these and try to form a community because as we saw in the previous cell so for the IOT user space is that complex problems like these are never basically solved by single single company you need open source you need open standards you need the community around it so that people can pick and choose and build a solution to fit their needs yeah yeah so I care a lot about diversity in tech and women in tech more specifically one of the things that I I feel like this community has a lot of very visible women so when I actually looked at the number of contributors by by men and women I was really shocked to find out it was 3 percents it's kind of disappointing it's 3 percent of all the contributors to the all the projects in the CNCs it's only if you look at the 36 projects you look at the number of the people who've made issues commits comments pull requests it's 3 percent women and I think the CSUF has put a lot of effort into the for example of the diversity scholarships so bringing more than 300 people from underrepresented groups to cube corn including 56 here in Barcelona and it has a personal meaning to me because I really got my start through that diversity scholarship to keep calm Berlin two years ago and when I first came to keep on Berlin I knew nobody but just that little first step can go a long way into getting people into feeling like they're part of the community and they have something valuable to give back and then once you're in you're hooked on it and yeah then there's a lot of fun I think the ecosystem may finally be ready for it and this is I feel like it's easy for us to look at examples of the past you know people kind of shake their heads and OpenStack as a cautionary tale or sprawl and you know whatnot but this is a thriving which means growing which means changing which means a very busy ecosystem but like you're pointing out if your enterprises are gonna adopt some of this technology gee they look at it and everyone here was you know eating cupcakes or whatever for the kubernetes 5th birthday to an enterprise just because this got launched in 2014 you know ok June 2014 that sounds kind of new we're still running that mainframe that is still producing business value and actually that's fine I mean I think this maybe is one of the great things about a company like Microsoft is we are our customers like we also respect the fact that if something works you don't just Yolo a new thing out into production to replace it for what reason what is the business value of replacing it and I think for this that's why this kind of UNIX philosophy of the very modular pieces of this ecosystem and we were talking about how them a little earlier but there's also you know draft brigade you know etc like the porter the C NAB spec implementation stuff and this cloud native application bundles which that's a whole mouthful one of the things I like I've been a long history and open source too is if there are things that aren't perfect or things that are maturing a lot of times we're talking about them in public because there is a roadmap and you know people are working on it and we can all go to the repositories and you know see where people are complaining so at a show like this I feel like we do have some level of transparency and we can actually have realism here we I don't think we hear that as much anymore because there is no more barrier to getting the technology it's no longer I get this technology from vendor a and I wish somebody else would support the standard it's like I can get it if I want it I think the competition we typically have aren't about features anymore they're simply my business is driven by software let that's the way I interact with my customer that's the way I collect data for my customers whatever that is I need to do that faster and I need to teach my people to do that stuff so the technology becomes secondary like I have this saying it frustrates people so nice but I'm like there is not a CEO a CIO a CTO that you would talk to that wakes up and says I have a kubernetes problem they all go I have a I have this business problem I have that problem it happens to be software kubernetes is a detail sure I think the NSM is just a first step so the natural service is basically doing a couple of things one is it is simplifying networking so that the consumption paradigm is similar to what you see on the developer l7 layer so if you think SEO and how SEO is changing the game in terms of how you consume layer seven services think of bringing that down to the layer two layer three layer as well so the way a developer would discover services at the l7 layer is the same way we would want developers to discover networking endpoints or networking services or security capabilities that's number one so the language in which you consume needs to be simplified whereas it's whereby it becomes simple for developer to consume the second thing that I touched upon is we don't want developers to think about switches routers subnets BGP reacts van VLAN for me I want to take a little bit more into the idea of multi cloud I've been making a bit of a stink for the past year with a talk called the myths of multi cloud where it's not something I generally advise as a best practice and I'm holding to that fairly well but what I want to do is I won't have conversations with people who are pursuing multi-cloud strategies and figure out first are they in fact pursuing that the same thing that we're defining our terms and talking on the same page and secondly I want to get a little more context and insight into why they're doing that and what that looks like for them is it they want to be able to run different workloads in different places great that's fair the same workload run everywhere the lowest common denominator well let's scratch build a surface a bit and find out why that is bob wise and his team spent a ton of time working on the community and the whole the whole team does right for one of the the biggest contributors to @cd we're hosting birds of a feather we've committed we've contributed back to a fair amount of community projects and I think a lot of them are in fact around how to just make kubernetes work better on AWS and that might be something that we built because uks or it might be something like the like cluster autoscaler right which ultimately people would like to work better with with auto-scaling groups I think we we had the community involvement but I think it's about having a quiet community involvement right that it's it's about chopping wood and carrying water and being present and committing and showing up and having experts and answering questions and being present and things like say groups than it is necessarily having the biggest booth so Joe tremendous progress in five years look look forward for us a little bit you know what what what does you know kubernetes you know 2024 look like for us well you know a lot of folks like to say that you know in five years kubernetes is going to disappear and sometimes they come at this from the sort of snarky angle but other times I think you know it's gonna disappear in terms of like it's gonna be so boring so solid so assumed that people don't talk about it anymore I mean we're here at you know something that you know the the CNC F is part of the Linux Foundation which is great but you know how often do people really focus on the Linux kernel these days it is so boring so solid there's new stuff going on but like clearly all the exciting stuff all the action all the innovation is happening at higher layers and I think we're gonna see something similar happen with kubernetes over time exciting is being here if you rewind five years and tell me I'm ready in Barcelona with with 7,500 of my best friends I would think you were crazy or from Mars this is amazing and I thank everybody who's here who's made this thing possible we have a ton of work to do you know if you feel like you can't figure out what you need to work on come talk to me and we'll figure it out yet for me I just want to give a big thank you to all the maintain a nurse folks like Tim but also you know some other folks who you may not know their name but they're the ones slogging it out and to get up PRQ you know trying to just you know make the project's work in function day today and we're it not for their ongoing efforts we wouldn't have any of this you [Music]

>> Live from Barcelona, Spain, it's theCUBE. Covering KubeCon + CloudNativeCon Europe 2019. Brought to you by Red Hat, the CloudNative Computing Foundation and ecosystem partners. >> In mid-2014, announced the world, coming out of Google led by Joe Beda, sitting to my right, Brendan Burges and Craig McLucky, all Kube alumni. Kubernetes, which is the Greek for governor helmsman or captain and here we are, five years later at the show. I'm Stu Miniman and this is theCUBE's coverage of KubeCon + CloudNativeCon here in Barcelona, Spain. Joe you've got your title today is that you're a principal engineer at VMware of course, by way of acquisition through Heptio, but you are one of the people who helped start this journey that we are all on Kubernetes, thanks so much for joining us. >> Yeah, thank you so much for having me. >> Alright, so, the cake and the candles and the singing we'll hold for the parties later. We have Fippy and the gang have been watching our whole thing, for people who don't know there's a whole cartoon, books and stuffed animals and everything like that. Joe, when you started this merchandising, that was what you were starting, no. In all seriousness though, bring us back a little bit give us a little bit of historical context as to we've had you on the program a few times but yeah, here we are five years later was this what you were expecting? >> I mean when I remember Craig and Bren and I sitting around and we're like hey, we should do this as an open source project This is before we got approvals and got the whole thing started. And I think there was, like an idea in the back of our head, of like, this could be a big deal. You dream big a lot of times and you know that there's a reality and that it's not always going to end up being this. And so, I don't think anybody involved with Kubernetes in the early days really thought it was going to turn into what it has turned into. >> Yeah, so when we look at open source projects, I remember back a few years back, it was like to succeed you must have a phoenetical dictator that will make sure the community does this or wait we don't want too much vendor we're just going to let the user community take over and there's all these extremes out there, but these are complicated pieces. The keynote this morning the discussion was Kubernetes is a platform of platforms it's like I've got all of these APIs and by itself, Kubernetes doesn't do a lot. It is, what it enables and what things put together, so walk us through a little bit of that the mission, how it changed a bit and a little bit of the community and we'll go from there. >> Yeah, I think so early on one of the goals with Kubernetes from Google's point of view was to essentially take a lot of the ideas that had been incubated over about a decade, with respect to Borg and other things and so, a lot of the early folks who got involved in the project and worked on those systems and really bring that to the outside world as a way to actually start bridging the gap between what Googlers did and what the rest of the world did. We had a really good idea of what we were looking to get out of this system and that was widely shared based on experience across a bunch of relatively senior engineers. We brought in some of the Red Hat folks early on Clayton Coleman and some of the other folks who are still super involved in the project. I think there was enough of an understanding that we looked and said okay we got a lot of work to do let's just get this done. So, we didn't really need sort of the benevolent dictator because there was a shared understanding and we had senior engineers that were willing to make trade-offs to be able to go and move forward. So that I think was a key bit of the success early on. >> Alright, so you talked, it was pulling in some other vendor community there. Talk a little bit about how that ecosystem grew and when was user feedback part of that discussion? >> Yeah, I mean, when you say we pulled in the vendor we pulled in people who worked for vendors but we never really viewed it as, there was really from the beginning this idea of well what's good for the project? What's going to actually create sustainability and for the project, sort of project over vendor is really something that we wanted to establish. And that even came down to the name, right? Like, when we named the project, we could have called it Google XYZ or some sort of XYZ but we didn't want to do that because we wanted to establish it as an independent thing with a life of its own. And so, yeah, so we wanted to bring in those external ideas and I think early on, we did have some early users, we did listen to them but it really resonated with folks who could actually see where we were going. I think it took time for the rest of the world to really catch on with what the vision was. >> OK, when we look at today, there's a lot at the show that is on top of or next to or with Kubernetes it's not all about that piece. How do you balance what goes in it versus what goes with it? One of my favorite lines last year overall, was from you, saying Kubernetes is not a magic player it is not the be all and end all it is set with very specific guidelines. How do you avoid scope creep? As engineers it's always like, I don't know, we know how to do that piece of it better. >> So when we started out the project we didn't actually have a governance model. It was just a bunch of engineers that sort of worked well together. Over time and as the project grew, we knew that we needed to actually get some sort of structure in place. And so a bunch of us who had been there from the start got together, formed a steering committee, held elections. There's a secret architecture that we formed and these are the places where we can actually say what is Kubernetes what is Kubernetes not how do we actually maintain sort of good taste with how we actually approach this stuff and that's one of the ways that we try to contain scope creep. But also, I think everybody realizes that a thriving ecosystem whether officially part of the CNCF or adjacent to it, is good for everybody. Trying to hold on too tight is not going to be good for the project. >> So, Joe, tremendous progress in five years. Look forward for us a little bit. What does Kubernetes 2024 look like for us? >> Well a lot of folks like to say that in five years, Kubernetes is going to disappear. And sometimes they come at this from this sort of snarky angle. (chuckles) But other times, I think it's going to disappear in terms of like it's going to be so boring, so solid, so assumed that people don't talk about it anymore. I mean, we're here, at something that the CNCF is part of the Linux Foundation, which is great. But how often do people really focus on the Linux kernel these days? It is so boring, so solid, there's new stuff going on, but clearly, all the exciting stuff all the action, all the innovation is happening at higher layers. I think we're going to see something similar happen with Kubernetes over time. >> Yeah, that being said the reach of Kubernetes is further than ever. I was talking to this special interest group looking at edge computing and IoT people making the micro-cage version of this stuff when the team first got together, I mean, is you must look at and said there were many fathers, many parents of this solution, but, could you imagine the kind of the family and ecosystem that would have grown out of it? >> I think we knew that it could go there I mean, Google had some experience with this, I mean When Google bought YouTube, they had a problem where they had to essentially build out something that looked a little bit like a CDN. And so there were some examples of sort of like, how does technology, like Boar, adapt to an Edge type of situation. So, there was some experience to borrow we definitely knew that we wanted this thing to scale up and down. But I think that's a hallmark of these successful technologies is that they can be used in ways and in places that you really never thought about when you got started. So that's definitely true. >> Alright, Joe, want to give you the final word the contributors, the users, the ecosystem community, what do you say with five years of Kubernetes now in the books? >> I just want to send a huge thank you to everybody who made it happen. This is, it was started by Google it was started by a few of us early on. But, we really want to make it so that everybody feels like it's theirs. A lot of times Brendan Burns and me and Kelsey wrote a book together and I'll do signing and a lot of times I'll sign that and I'll say thank you for being a part of Kubernetes. Because I really feel like every user everybody who bets on it, everybody who shares their knowledge, they're really a big part of it. And so thank you to everybody who's a big part of Kubernetes. >> All right, well, Joe, thank you as always for sharing your knowledge with our community >> Thank you so much. >> We've been happy to be a small part in helping to spread the knowledge and everything going on here, so congratulations to the community on five years of Kubernetes and we'll be back with more coverage here from KubeCon + CloudNativeCon 2019. I'm Stu Miniman and thanks for watching theCUBE. (upbeat music)

>> Live from Barcelona, Spain, it's theCUBE! Covering KubeCon and CloudNativeCon Europe 2019. Brought to you by Red Hat, the Cloud Native Computing Foundation, and ecosystem partners. >> Welcome back. This is theCUBE's live coverage of KubeCon, CloudNativeCon 2019 here in Barcelona, Spain. 7,700 here in attendance, here about all the Cloud Native technologies. I'm Stu Miniman; my cohost to the two days of coverage is Corey Quinn. And to help us break down what's happening in this ecosystem, we've brought in Jason Bloomberg, who's the president at Intellyx. Jason, thanks so much for joining us. >> It's great to be here. >> All right. There's probably some things in the keynote I want to talk about, but I also want to get your general impression of the show and beyond the show, just the ecosystem here. Brian Liles came out this morning. He did not sing or rap for us this morning like he did yesterday. He did remind us that the dinners in Barcelona meant that people were a little late coming in here because, even once you've got through all of your rounds of tapas and everything like that, getting that final check might take a little while. They did eventually filter in, though. Always a fun city here in Barcelona. I found some interesting pieces. Always love some customer studies. Conde Nast talking about what they've done with their digital imprint. CERN, who we're going to have on this program. As a science lover, you want to geek out as to how they're finding the Higgs boson and how things like Kubernetes are helping them there. And digging into things like storage, which I worked at a storage company for 10 years. So, understanding that storage is hard. Well, yeah. When containers came out, I was like, "Oh, god, we just fixed it for virtualization, "and it took us a decade. "How are we going to do it this time?" And they actually quoted a crowd chat that we had in our community. Tim Hawken, of course one of the first Kubernetes guys, was in on that. And we're going to have Tim on this afternoon, too. So, just to set a little context there. Jason, what's your impressions of the show? Anything that has changed in your mind from when you came in here to today? Let's get into it from there. >> Well, this is my second KubeCon. The first one I went to was in Seattle in December. What's interesting from a big picture is really how quickly and broadly KubeCon has been adopted in the enterprise. It's still, in the broader scheme of things, relatively new, but it's really taking its place as the only container orchestrator anybody cares about. It sort of squashed the 20-or-so alternative container orchestrators that had a brief day in the sun. And furthermore, large enterprises are rapidly adopting it. It's remarkable how many of them have adopted it and how broadly, how large the deployment. The Conde Nast example was one. But there are quite a number. So we turned the corner, even though it's relatively immature technology. That's the interesting story as well, that there's still pieces missing. It's sort of like flying an airplane while you're still assembling it, which makes it that much more exciting. >> Yeah, one of the things that has excited me over the last 10 years in tech is how fast it takes me to go from ideation to production, has been shrinking. Big data was: "Let's take the thing that used to take five years "and get it down to 18 months." We all remember ERP deployments and how much money and people you need to throw at that. >> It still takes a lot of money and people. >> Right, because it's ERP. I was talking to one of the booths here, and they were doing an informal poll of, "How many of you are going to have Kubernetes "in production in the next six months?" Not testing it, but in production in the next six months, and it was more than half of the people were going to be ramping it up in that kind of environment. Anything architecturally? What's intriguing you? What's the area that you're digging down to? We know that we are not fully mature, and even though we're in production and huge growth, there's still plenty of work to do. >> An interesting thing about the audience here is it's primarily infrastructure engineers. And the show is aimed at the infrastructure engineers, so it's technical. It's focused on people who code for a living at the infrastructure level, not at the application level. So you have that overall context, and what you end up having, then, is a lot of discussions about the various components. "Here's how we do storage." "Here's how we do this, here's how we do that." And it's all these pieces that people now have to assemble, as opposed to thinking of it overall, from the broader context, which is where I like writing about, in terms of the bigger picture. So the bigger picture is really that Cloud Native, broadly speaking, is a new architectural paradigm. It's more than just an architectural trend. It's set of trends that really change the way we think about architecture. >> One interesting piece about Kubernetes, as well. One of the things we're seeing as we see Kubernetes start to expand out is, unlike serverless, it doesn't necessarily require the same level of, oh, just take everything you've done and spend 18 months rewriting it from scratch, and then it works in this new paradigm in a better way. It's much less of a painful conversion process. We saw in the keynote today that they took WebLogic, of all things, and dropped that into Kubernetes. If you can do it with something as challenging, in some respects, and as monolithic as WebLogic, then almost any other stack you're going to see winds up making some sense. >> Right, you mentioned serverless in contrast with Kubernetes, but actually, serverless is part of this Cloud Native paradigm as well. So it's broader than Kubernetes, although Kubernetes has established itself as the container orchestration platform of choice. But it's really an overall story about how we can leverage the best practices we've learned from cloud computing across the entire enterprise IT landscape, both in the cloud and on premises. And Kubernetes is driving this in large part, but it's bigger picture than the technology itself. That's what's so interesting, because it's so transformative, but people here are thinking about trees, not the forest. >> It's an interesting thing you say there, and I'm curious if you can help our community, Because they look at this, and they're like, "Kubernetes, Kubernetes, Kubernetes." Well, a bunch of the things sit on Kubernetes. As they've tried to say, it's a platform of platforms. It's not the piece. Many of the things can be with Kubernetes but don't have to be. So, the whole observability piece. We heard the merging of the OpenCensus, OpenTracing with OpenTelemetry. You don't have to have Kubernetes for that to be a piece of it. It can be serverless underneath it. It can be all these other pieces. Cloud Native architecture sits on top of it. So when you say Cloud Native architecture, what defines that? What are the pieces? How do I have to do it? Is it just, I have to have meditated properly and had a certain sense of being? What do we have to do to be Cloud Native? >> Well, an interesting way of looking at it is: What we have subtracted from the equation, so what is intentionally missing. Cloud Native is stateless, it is codeless, and it is trustless. Now, not to say that we don't have ways of dealing with state, and of course there's still plenty of code, and we still need trust. But those are architectural principals that really percolate through everything we do. So containers are inherently stateless; they're ephemeral. Kubernetes deals with ephemeral resources that come and go as needed. This is key part of how we achieve the scale we're looking for. So now we have to deal with state in a stateless environment, and we need to do that in a codeless way. By codeless, I mean declarative. Instead of saying, how are we going to do something? Let's write code for that, we're going to say, how are we going to do that? Let's write a configuration file, a YAML file, or some other declarative representation of what we want to do. And Kubernetes is driven this way. It's driven by configuration, which means that you don't need to fork it. You don't need to go in and monkey with the insides to do something with it. It's essentially configurable and extensible, as opposed to customizable. This is a new way of thinking about how to leverage open-source infrastructure software. In the past, it was open-source. Let's go in an monkey with the code, because that's one of the benefits of open-source. Nobody wants to do that now, because it's declaratively-driven, and it's configurable. >> Okay, I hear what you're saying, and I like what you're saying. But one of the things that people say here is everyone's a little bit different, and it is not one solution. There's lots of different paths, and that's what's causing a little bit of confusion as to which service mesh, or do I have a couple of pieces that overlap. And every deployment that I see of this is slightly different, so how do I have my cake and eat it, too? >> Well, you mentioned that Kubernetes is a platform of platforms, and there's little discussion of what we're actually doing with the Kubernetes here at the show. Occasionally, there's some talk about AI, and there's some talk about a few other things, but it's really up to the users of Kubernetes, who are now the development teams in the enterprises, to figure out what they want to do with it and, as such, figure out what capabilities they require. Depending upon what applications you're running and the business use cases, you may need certain things more than others. Because AI is very different from websites, it's very different from other things you might be running. So that's part of the benefit of a platform of platforms, is it's inherently configurable. You can pick and choose the capabilities you want without having to go into Kubernetes and fork it. We don't want 12 different Kubernetes that are incompatible with each other, but we're perfectly okay with different flavors that are all based on the same, fundamental, identical code base. >> We take a look at this entire conference, and it really comes across as, yes, it's KubeCon and CloudNativeCon. We look at the, I think, 36 projects that are now being managed by this. But if we look at the conversations of what's happening here, it's very clear that the focus of this show is Kubernetes and friends, where it tends to be taking the limelight of a lot of this. One of the challenges you start seeing as soon as you start moving up the stack, out through the rest of the stack, rather, and seeing what all of these Cloud Native technologies are is, increasingly, they're starting to be defined by what they aren't. I mean, you have the old saw of, serverless runs on servers, and other incredibly unhelpful sentiments. And we talk about what things aren't more so than we do what they are. And what about capabilities story? I don't have an answer for this. I think it's one of those areas where language is hard, and defining what these things are is incredibly difficult. But I see what you're saying. We absolutely are seeing a transformative moment. And one of the strangest things about it, to me at least, is the enthusiasm with which we're seeing large enterprises, that you don't generally think of as being particularly agile or fast-moving, are demonstrating otherwise. They're diving into this in fascinating ways. It's really been enlightening to have conversations for the last couple of days with companies that are embracing this new paradigm. >> Right. Well, in our perspective at Intellyx, we're focusing on digital transformation in the enterprise, which really means putting the customer first and having a customer-driven transformation of IT, as well as the organization itself. And it's hard to think in those terms, in customer-facing terms, when you're only talking about IT infrastructure. Be that as it may, it's still all customer-driven. And this is sometimes the missing piece, is how do we connect what we're doing on the infrastructure side with what customers require from these companies that are implementing it? Often, that missing piece centers on the workload. Because, from the infrastructure perspective, we have a notion of a workload, and we want workload portability. And portability is one of the key benefits of Kubernetes. It gives us a lot of flexibility in terms of scalability and deployment options, as well as resilience and other benefits. But the workload also represents the applications we're putting in front of our end users, whether they're employees or end customers. So that's they key piece that is like the keystone that ties the digital story, that is the customer-facing, technology-driven, technology-empowered story, with the IT infrastructure stories. How do we support the flexibility, scalability, resilience of the workloads that the business needs to meet its business goals? >> Yeah, I'm really glad you brought up that digital transformation piece, because I have two questions, and I want to make sure I'm allowing you to cover both of them. One is, the outcome we from people as well: "I need to be faster, and I need to be agile." But at the same point, which pieces should I, as an enterprise, really need to manage? Many of these pieces, shouldn't I just be able to consume it as a managed service? Because I don't need to worry about all of those pieces. The Google presentation this morning about storage was: You have two options. Path one is: we'll take care of all of that for you. Path two is: here's the level of turtles that you're going to go all the way down, and we all know how complicated storage is, and it's got to work. If I lose my state, if I lose my pieces there, I'm probably out of business or at least in really big trouble. The second piece on that, you talked about the application. And digital transformation. Speed's great and everything, but we've said at Wikibon that the thing that will differentiate the traditional companies and the digitally transformed is data will drive your business. You will have data, it will add value of business, and I don't feel that story has come out yet. Do you see that as the end result from this? And apologies for having two big, complex questions here for you. >> Well, data are core to the digital transformation story, and it's also an essential part of the Kubernetes story. Although, from the infrastructure perspective, we're really thinking more about compute than about data. But of course, everything boils down to the data. That is definitely always a key part of the story. And you're talking about the different options. You could run it yourself or run it as a managed service. This is a key part of the story as well, is that it's not about making a single choice. It's about having options, and this is part of the modern cloud storage. It's not just about, "Okay, we'll put everything in one public cloud." It's about having multiple public clouds, private clouds, on-premises virtualization, as well as legacy environments. This is what you call hybrid IT. Having an abstracted collection of environments that supports workload portability in order to meet the business needs for the infrastructure. And that workload portability, in the context of multiple clouds, that is becoming increasingly dependent on Kubernetes as an essential element of the infrastructure. So Kubernetes is not the be-all and end-all, but it's become an essentially necessary part of the infrastructure, to make this whole vision of hybrid IT and digital transformation work. >> For now. I mean, I maintain that, five years from now, no one is going to care about Kubernetes. And there's two ways that goes. Either it dries up, blows away, and something else replaces it, which I don't find likely, or, more likely, it slips beneath the surface of awareness for most people. >> I would agree, yeah. >> The same way that we're not sitting here, having an in-depth conversation about which distribution of Linux, or what Linux kernel or virtual memory manager we're working with. That stuff has all slipped under the surface, to the point where there are people who care tremendously about this, but you don't need to employ them at every company. And most companies don't even have to think about it. I think Kubernetes is heading that direction. >> Yeah, it looks like it. Obviously, things continue to evolve. Yeah, Linux is a good example. TCP/IP as well. I remember the network protocol wars of the early 90s, before the web came along, and it was, "Are we going to use Banyan VINES, "are we going to use NetWare?" Remember NetWare? "Or are we going to use TCP/IP or Token Ring?" Yeah! >> Thank you. >> We could use GDP, but I don't get it. >> Come on, KOBOL's coming back, we're going to bring back Token Ring, too. >> KOBOL never went away. Token Ring, though, it's long gone. >> I am disappointed in Corey, here, for not asking the question about portability. The concern we have, as you say: okay, I put Kubernetes in here because I want portability. Do I end up with least-common-denominator cloud? I'm making a decision that I'm not going to go deep on some of the pieces, because nice as the IPI lets things through, but we understand if I need to work across multiple environments, I'm usually making a trade-off there. What do you hear from customers? Are they aware that they're doing this? Is this a challenge for people, not getting the full benefit out of whichever primary or whichever clouds they are using? >> Well, portability is not just one thing. It's actually a set of capabilities, depending upon what you are trying to accomplish. So for instance, you may want to simply support backing up your workload, so you want to be able to move it from here to there, to back it up. Or you may want to leverage different public clouds, because different public clouds have different strengths. There may be some portability there. Or you may be doing cloud migration, where you're trying to move from on-premises to cloud, so it's kind of a one-time portability. So there could be a number of reasons why portability is important, and that could impact what it means to you, to move something from here to there. And why, how often you're going to do it, how important it is, whether it's a one-to-many kind of thing, or it's a one-to-one kind of thing. It really depends on what you're trying to accomplish. >> Jason, last thing real quick. What research do you see coming out of this? What follow-up? What should people be looking for from Intellyx in this space in the near future? >> Well, we continue to focus on hybrid IT, which include Kubernetes, as well as some of the interesting trends. One of the interesting stories is how Kubernetes is increasingly being deployed on the edge. And there's a very interesting story there with edge computing, because the telcos are, in large part, driving that, because of their 5G roll-outs. So we have this interesting confluence of disruptive trends. We have 5G, we have edge computing, we have Kubernetes, and it's also a key use case for OpenStack, as well. So it's like all of these interesting trends are converging to meet a new class of challenges. And AI is part of that story as well, because we want to run AI at the edge, as well. That's the sort of thing we do at Intellyx, is try to take multiple disruptive trends and show the big picture overall. And for my articles for SiliconANGLE, that's what I'm doing as well, so stay tuned for those. >> All right. Jason Bloomberg, thank you for helping us break down what we're doing in this environment. And as you said, actually, some people said OpenStack is dead. Look, it's alive and well in the Telco space and actually merging into a lot of these environments. Nothing ever dies in IT, and theCUBE always keeps rolling throughout all the shows. For Corey Quinn, I'm Stu Miniman. We have a full-packed day of interviews here, so be sure to stay with us. And thank you for watching theCUBE. (upbeat techno music)

>> Announcer: Live from Boston, Massachusetts, it's theCUBE, covering Red Hat Summit 2019. Brought to you by Red Hat. >> Welcome back here on theCUBE, joined by Stu Miniman, I'm John Walls, as we wrap up our coverage here of the Red Hat Summit here in 2019. We've been here in Boston all week, three days, Stu, of really fascinating programming on one hand, the keynotes showing quite a diverse ecosystem that Red Hat has certainly built, and we've seen that array of guests reflected as well here, on theCUBE. And you leave with a pretty distinct impression about the vast reach, you might say, of Red Hat, and how they diversified their offerings and their services. >> Yeah, so, John, as we've talked about, this is the sixth year we've had theCUBE here. It's my fifth year doing it and I'll be honest, I've worked with Red Hat for 19 years, but the first year I came, it was like, all right, you know, I know lots of Linux people, I've worked with Linux people, but, you know, I'm not in there in the terminal and doing all this stuff, so it took me a little while to get used to. Today, I know not only a lot more people in Red Hat and the ecosystem, but where the ecosystem is matured and where the portfolio is grown. There's been some acquisitions on the Red Hat side. There's a certain pending acquisition that is kind of a big deal that we talked about this week. But Red Hat's position in this IT marketplace, especially in the hybrid and multi-cloud world, has been fun to watch and really enjoyed digging in it with you this week and, John Walls, I'll turn the camera to you because- >> I don't like this. (laughing) >> It was your first time on the program. Yeah, you know- >> I like asking you the questions. >> But we have to do this, you know, three days of Walls to Miniman coverage. So let's get the Walls perspective. >> John: All right. >> On your take. You've been to many shows. >> John: Yeah, no, I think that what's interesting about what I've seen here at Red Hat is this willingness to adapt to the marketplace, at least that's the impression I got, is that there are a lot of command and control models about this is the way it's going to be, and this is what we're going to give you, and you're gonna have to take it and like it. And Red Hat's just on the other end of that spectrum, right? It's very much a company that's built on an open source philosophy. And it's been more of what has the marketplace wanted? What have you needed? And now how can we work with you to build it and make it functional? And now we're gonna just offer it to a lot of people, and we're gonna make a lot of money doing that. And so, I think to me, that's at least what I got talking to Jim Whitehurst, you know about his philosophy and where he's taken this company, and has made it obviously a very attractive entity, IBM certainly thinks so to the tune of 34 billion. But you see that. >> Yeah, it's, you know, some companies say, oh well, you know, it's the leadership from the top. Well, Jim's philosophy though, it is The Open Organization. Highly recommend the book, it was a great read. We've talked to him about the program, but very much it's 12, 13 thousand people at the company. They're very much opinionated, they go in there, they have discussions. It's not like, well okay, one person pass this down. It's we're gonna debate and argue and fight. Doesn't mean we come to a full consensus, but open source at the core is what they do, and therefore, the community drives a lot of it. They contribute it all back up-stream, but, you know, we know what Red Hat's doing. It's fascinating to talk to Jim about, yeah you know, on the days where I'm thinking half glass empty, it's, you know, wow, we're not yet quite four billion dollars of the company, and look what an impact they had. They did a study with IDC and said, ten trillion dollars of the economy that they touch through RHEL, but on the half empty, on the half full days, they're having a huge impact outside. He said 34 billion dollars that IBM's paying is actually a bargain- >> It's a great deal! (laughing) >> for where they're going. But big announcements. RHEL 8, which had been almost five years in the works there. Some good advancements there. But the highlight for me this week really was OpenShift. We've been watching OpenShift since the early days, really pre-Kubernetes. It had a good vision and gained adoption in the marketplace, and was the open source choice for what we called Paths back then. But, when Kubernetes came around, it really helped solidify where OpenShift was going. It is the delivery mechanism for containerization and that container cluster management and Red Hat has a leadership position in that space. I think that almost every customer that we talked to this week, John, OpenShift was the underpinning. >> John: Absolutely. >> You would expect that RHEL's underneath there, but OpenShift as the lever for digital transformation. And that was something that I really enjoyed talking to. DBS Bank from Singapore, and Delta, and UPS. It was, we talked about their actual transformation journeys, both the technology and the organizational standpoint, and OpenShift really was the lever to give them that push. >> You know, another thing, I know you've been looking at this and watching this for many many years. There's certainly the evolution of open source, but we talked to Chris Wright earlier, and he was talking about the pace of change and how it really is incremental. And yet, if you're on the outside looking in, and you think, gosh, technology is just changing so fast, it's so crazy, it's so disruptive, but to hear it from Chris, not so. You don't go A to Z, you go A to B to C to D to D point one. (laughing) It takes time. And there's a patience almost and a cadence that has this slow revolution that I'm a little surprised at. I sense they, or got a sense of, you know, a much more rapid change of pace and that's not how the people on the inside see it. >> Yeah. Couple of comment back at that. Number one is we know how much rapid change there is going because if you looked at the Linux kernel or what's happening with Kubernetes and the open source, there's so much change going on there. There's the data point thrown out there that, you know, I forget, that 75% or 95% of all the data in the world was created in the last two years. Yet, only 2% of that is really usable and searchable and things like that. That's a lot of change. And the code base of Linux in the last two years, a third of the code is completely overhauled. This is technology that has been around for decades. But if you look at it, if you think about a company, one of the challenges that we had is if they're making those incremental change, and slowly looking at them, a lot of people from the outside would be like, oh, Red Hat, yeah that's that little Linux company, you know, that I'm familiar with and it runs on lots of places there. When we came in six years ago, there was a big push by Red Hat to say, "We're much more than Linux." They have their three pillars that we spent a lot of time through from the infrastructure layer to the cloud native to automation and management. Lots of shows I go to, AnsiballZ all over the place. We talked about OpenShift 4 is something that seems to be resonating. Red Hat takes a leadership position, not just in the communities and the foundations, but working with their customers to be a more trusted and deeper partner in what they're doing with digital transformation. There might have been little changes, but, you know, this is not the Red Hat that people would think of two years or five years ago because a large percentage of Red Hat has changed. One last nugget from Chris Wright there, is, you know, he spent a lot of time talking about AI. And some of these companies go buzzwords in these environments, but, you know, but he hit a nice cogent message with the punchline is machines enhance human intelligence because these are really complex systems, distributed architectures, and we know that the people just can't keep up with all of the change, and the scope, and the scale that they need to handle. So software should be able to be helping me get my arms around it, as well as where it can automate and even take actions, as long as we're careful about how we do it. >> John: Sure. There's another, point at least, I want to pick your brain about, is really the power of presence. The fact that we have the Microsoft CEO on the stage. Everybody thought, well (mumbles) But we heard it from guest after guest after guest this week, saying how cool was that? How impressive was that? How monumental was that? And, you know, it's great to have that kind of opportunity, but the power of Nadella's presence here, it's unmistakable in the message that has sent to this community. >> Yeah, you know, John, you could probably do a case study talking about culture and the power of culture because, I talked about Red Hat's not the Red Hat that you know. Well, the Satya Nadella led Microsoft is a very different Microsoft than before he was on board. Not only are they making great strides in, you know, we talk about SaaS and public cloud and the like, but from a partnership standpoint, Microsoft of old, you know, Linux and Red Hat were the enemy and you know, Windows was the solution and they were gonna bake everything into it. Well, Microsoft partnered with many more companies. Partnerships and ecosystem, a key message this week. We talked about Microsoft with Red Hat, but, you know, announcement today was, surprised me a little bit, but when we think about it, not too much. OpenShift supported on VMware environments, so, you know, VMware has in that family of Dell, there's competitive solutions against OpenShift and, you know, so, and virtualization. You know, Red Hat has, you know, RHV, the Red Hat Virtualization. >> John: Right, right, right. >> The old day of the lines in the swim lanes, as one of our guests talked about, really are there. Customers are living in a heterogeneous, multi-cloud world and the customers are gonna go and say, "You need to work together, before you're not gonna be there." >> Azure. Right, also we have Azure compatibility going on here. >> Stu: Yeah, deep, not just some tested, but deep integration. I can go to Azure and buy OpenShift. I mean that, the, to say it's in the, you know, not just in the marketplace, but a deep integration. And yeah, there was a little poke, if our audience caught it, from Paul Cormier. And said, you know, Microsoft really understands enterprise. That's why they're working tightly with us. Uh, there's a certain other large cloud provider that created Kubernetes, that has their own solution, that maybe doesn't understand enterprise as much and aren't working as closely with Red Hat as they might. So we'll see what response there is from them out there. Always, you know, we always love on theCUBE to, you know, the horse is on the track and where they're racing, but, you know, more and more all of our worlds are cross-pollinating. You know, the AI and AI Ops stuff. The software ecosystems because software does have this unifying factor that the API economy, and having all these things work together, more and more. If you don't, customers will go look for solutions that do provide the full end to end solution stuff they're looking for. >> All right, so we're, I've got a couple in mind as far as guests we've had on the show. And we saw them in action on the keynotes stage too. Anybody that jumps out at you, just like, wow, that was cool, that was, not that we, we love all of our children, right? (laughing) But every once in awhile, there's a story or two that does stand out. >> Yeah, so, it is so tough, you know. I loved, you know, the stories. John, I'm sure I'm going to ask you, you know, Mr. B and what he's doing with the children. >> John: Right, Franklin Middle School. >> And the hospitals with Dr. Ellen and the end of the brains. You know, those tech for good are phenomenal. For me, you know, the CIOs that we had on our first day of program. Delta was great and going through transformation, but, you know, our first guest that we had on, was DBS Bank in Singapore and- >> John: David Gledhill. >> He was so articulate and has such a good story about, I took outsourced environments. I didn't just bring it into my environment, say okay, IT can do it a little bit better, and I'll respond to business. No, no, we're going to total restructure the company. Not we're a software company. We're a technology company, and we're gonna learn from the Googles of the world and the like. And he said, We want to be considered there, you know, what was his term there? It was like, you know, bank less, uh, live more and bank less. I mean, what- >> Joyful banking, that was another of his. >> Joyful banking. You don't think of a financial institution as, you know, we want you to think less of the bank. You know, that's just a powerful statement. Total reorganization and, as we mentioned, of course, OpenShift, one of those levers underneath helping them to do that. >> Yeah, you mentioned Dr. Ellen Grant, Boston Children's Hospital, I think about that. She's in fetal neuroimaging and a Professor of Radiology at Harvard Medical School. The work they're doing in terms of diagnostics through imaging is spectacular. I thought about Robin Goldstone at the Livermore Laboratory, about our nuclear weapon monitoring and efficacy of our monitoring. >> Lawrence Livermore. So good. And John, talk about the diversity of our guests. We had expats from four different countries, phenomenal accents. A wonderful slate of brilliant women on the program. From the customer side, some of the award winners that you interviewed. The executives on the program. You know, Stefanie Chiras, always great, and Denise who were up on the keynotes stage. Denise with her 3D printed, new Red Hat logo earrings. Yeah, it was an, um- >> And a couple of old Yanks (laughing). Well, I enjoyed it, Stu. As always, great working with you, and we thank you for being with us as well. For now, we're gonna say so long. We're gonna see you at the next Red Hat Summit, I'm sure, 2020 in San Francisco. Might be a, I guess a slightly different company, but it might be the same old Red Hat too, but they're going to have 34 billion dollars behind them at that point and probably riding pretty high. That will do it for our CUBE coverage here from Boston. Thanks for much for joining us. For Stu Miniman, and our entire crew, have a good day. (funky music)