>>mhm Yes. >>Welcome back to the Cube coverage of Red Hat summit 21 2021. I'm john for host of the Cubans virtual this year as we start preparing to come out of Covid a lot of great conversations here happening around technology. This is the emerging technology with Red hat segment. We've got three great guests steve watt manager, distinguished engineer at Red Hat hurl saying senior software engineer Red Hat and luke Hines, who's the senior software engineer as well. We got the engineering team steve, you're the the team leader, emerging tech within red hat. Always something to talk about. You guys have great tech chops that's well known in the industry and I'll see now part of IBM you've got a deep bench um what's your, how do you view emerging tech um how do you apply it? How do you prioritize, give us a quick overview of the emerging tech scene at Redhead? >>Yeah, sure. It's quite a conflated term. The way we define emerging technologies is that it's a technology that's typically 18 months plus out from commercialization and this can sometimes go six months either way. Another thing about it is it's typically not something on any of our product roadmaps within the portfolio. So in some sense, it's often a bit of a surprise that we have to react to. >>So no real agenda. And I mean you have some business unit kind of probably uh but you have to have first principles within red hat, but for this you're looking at kind of the moon shot, so to speak, the big game changing shifts. Quantum, you know, you got now supply chain from everything from new economics, new technology because that kind of getting it right. >>Yeah, I think we we definitely use a couple of different techniques to prioritize and filter what we're doing. And the first is something will pop up and it will be like, is it in our addressable market? So our addressable market is that we're a platform software company that builds enterprise software and so, you know, it's got to be sort of fit into that is a great example if somebody came up came to us with an idea for like a drone command center, which is a military application, it is an emerging technology, but it's something that we would pass on. >>Yeah, I mean I didn't make sense, but he also, what's interesting is that you guys have an open source D N A. So it's you have also a huge commercial impact and again, open sources of one of the 4th, 5th generation of awesomeness. So, you know, the good news is open source is well proven. But as you start getting into this more disruption, you've got the confluence of, you know, core cloud, cloud Native, industrial and IOT edge and data. All this is interesting, right. This is where the action is. How do you guys bring that open source community participation? You got more stakeholders emerging there before the break down, how that you guys manage all that complexity? >>Yeah, sure. So I think that the way I would start is that, you know, we like to act on good ideas, but I don't think good ideas come from any one place. And so we typically organize our teams around sort of horizontal technology sectors. So you've got, you know, luke who's heading up security, but I have an edge team, cloud networking team, a cloud storage team. Cloud application platforms team. So we've got these sort of different areas that we sort of attack work and opportunities, but you know, the good ideas can come from a variety of different places. So we try and leverage co creation with our customers and our partners. So as a good example of something we had to react to a few years ago, it was K Native right? So the sort of a new way of doing service um and eventing on top of kubernetes that was originated from google. Whereas if you look at Quantum right, ibms, the actual driver on quantum science and uh that originated from IBM were parole. We'll talk about exactly how we chose to respond to that. Some things are originated organically within the team. So uh luke talking about six law is a great example of that, but we do have a we sort of use the addressable market as a way to sort of focus what we're doing and then we try and land it within our different emerging technologies teams to go tackle it. Now. You asked about open source communities, which are quite interesting. Um so typically when you look at an open source project, it's it's there to tackle a particular problem or opportunity. Sometimes what you actually need commercial vendors to do is when there's a problem or opportunity that's not tackled by anyone open source project, we have to put them together to create a solution to go tackle that thing. That's also what we do. And so we sort of create this bridge between red hat and our customers and multiple different open source projects. And this is something we have to do because sometimes just that one open source project doesn't really care that much about that particular problem. They're motivated elsewhere. And so we sort of create that bridge. >>We got two great uh cohorts here and colleagues parole on the on the Quantum side and you got luke on the security side. Pro I'll start with you. Quantum is also a huge mentioned IBM great leadership there. Um Quantum on open shift. I mean come on. Just that's not coming together for me in my mind, it's not the first thing I think of. But it really that sounds compelling. Take us through, you know, um how this changes the computing landscape because heterogeneous systems is what we want and that's the world we live in. But now with distributed systems and all kinds of new computing modules out there, how does this makes sense? Take us through this? >>Um yeah john's but before I think I want to explain something which is called Quantum supremacy because it plays very important role in the road map that's been working on. So uh content computers, they are evolving and they have been around. But right now you see that they are going to be the next thing. And we define quantum supremacy as let's say you have any program that you run or any problems that you solve on a classical computer. Quantum computer would be giving you the results faster. So that is uh, that is how we define content supremacy when the same workload are doing better on content computer than they do in a classical computer. So the whole the whole drive is all the applications are all the companies, they're trying to find avenues where Quantum supremacy are going to change how they solve problems or how they run their applications. And even though quantum computers they are there. But uh, it is not as easily accessible for everyone to consume because it's it's a very new area that's being formed. So what, what we were thinking, how we can provide a mechanism that you can you don't connect this deal was you have a classical world, you have a country world and that's where a lot of thought process been. And we said okay, so with open shift we have the best of the classical components. You can take open shift, you can develop, deploy around your application in a country raised platform. What about you provide a mechanism that the world clothes that are running on open shift. They are also consuming quantum resources or they are able to run the competition and content computers take the results and integrate them in their normal classical work clothes. So that is the whole uh that was the whole inception that we have and that's what brought us here. So we took an operator based approach and what we are trying to do is establish the best practices that you can have these heterogeneous applications that can have classical components. Talking to our interacting the results are exchanging data with the quantum components. >>So I gotta ask with the rise of containers now, kubernetes at the center of the cloud native value proposition, what work clothes do you see benefiting from the quantum systems the most? Is there uh you guys have any visibility on some of those workloads? >>Uh So again, it's it's a very new, it's very it's really very early in the time and uh we talk with our customers and every customers, they are trying to identify themselves first where uh these contacts supremacy will be playing the role. What we are trying to do is when they reach their we should have a solution that they that they could uh use the existing in front that they have on open shift and use it to consume the content computers that may or may not be uh, inside their own uh, cloud. >>Well I want to come back and ask you some of the impact on the landscape. I want to get the look real quick because you know, I think security quantum break security, potentially some people have been saying, but you guys are also looking at a bunch of projects around supply chain, which is a huge issue when it comes to the landscape, whether its components on a machine in space to actually handling, you know, data on a corporate database. You guys have sig store. What's this about? >>Sure. Yes. So sick store a good way to frame six store is to think of let's encrypt and what let's encrypt did for website encryption is what we plan to do for software signing and transparency. So six Door itself is an umbrella organization that contains various different open source projects that are developed by the Six door community. Now, six door will be brought forth as a public good nonprofit service. So again, we're very much basing this on the successful model of let's Encrypt Six door will will enable developers to sign software artifacts, building materials, containers, binaries, all of these different artifacts that are part of the software supply chain. These can be signed with six door and then these signing events are recorded into a technology that we call a transparency log, which means that anybody can monitor signing events and a transparency log has this nature of being read only and immutable. It's very similar to a Blockchain allows you to have cryptographic proof auditing of our software supply chain and we've made six stores so that it's easy to adopt because traditional cryptographic signing tools are a challenge for a lot of developers to implement in their open source projects. They have to think about how to store the private keys. Do they need specialist hardware? If they were to lose a key then cleaning up afterwards the blast radius. So the key compromise can be incredibly difficult. So six doors role and purpose essentially is to make signing easy easy to adopt my projects. And then they have the protections around there being a public transparency law that could be monitored. >>See this is all about open. Being more open. Makes it more secure. Is the >>thief? Very much yes. Yes. It's that security principle of the more eyes on the code the better. >>So let me just back up, is this an open, you said it's gonna be a nonprofit? >>That's correct. Yes. Yes. So >>all of the code is developed by the community. It's all open source. anybody can look at this code. And then we plan alongside the Linux Foundation to launch a public good service. So this will make it available for anybody to use if your nonprofit free to use service. >>So luke maybe steve if you can way into on this. I mean, this goes back. If you look back at some of the early cloud days, people were really trashing cloud as there's no security. And cloud turns out it's a more security now with cloud uh, given the complexity and scale of it, does that apply the same here? Because I feel this is a similar kind of concept where it's open, but yet the more open it is, the more secure it is. And then and then might have to be a better fit for saying I. T. Security solution because right now everyone is scrambling on the I. T. Side. Um whether it's zero Trust or Endpoint Protection, everyone's kind of trying everything in sight. This is kind of changing the paradigm a little bit on software security. Could you comment on how you see this playing out in traditional enterprises? Because if this plays out like the cloud, open winds, >>so luke, why don't you take that? And then I'll follow up with another lens on it which is the operate first piece. >>Sure. Yes. So I think in a lot of ways this has to be open this technology because this way we have we have transparency. The code can be audited openly. Okay. Our operational procedures can be audit openly and the community can help to develop not only are code but our operational mechanisms so we look to use technology such as cuba netease, open ship operators and so forth. Uh Six store itself runs completely in a cloud. It is it is cloud native. Okay, so it's very much in the paradigm of cloud and yeah, essentially security, always it operates better when it's open, you know, I found that from looking at all aspects of security over the years that I've worked in this realm. >>Okay, so just just to add to that some some other context around Six Law, that's interesting, which is, you know, software secure supply chain, Sixth floor is a solution to help build more secure software secure supply chains, more secure software supply chain. And um so um there's there's a growing community around that and there's an ecosystem of sort of cloud native kubernetes centric approaches for building more secure software. I think we all caught the solar winds attack. It's sort of enterprise software industry is responding sort of as a whole to go and close out as many of those gaps as possible, reduce the attack surface. So that's one aspect about why 6th was so interesting. Another thing is how we're going about it. So we talked about um you mentioned some of the things that people like about open source, which is one is transparency, so sunlight is the best disinfectant, right? Everybody can see the code, we can kind of make it more secure. Um and then the other is agency where basically if you're waiting on a vendor to go do something, um if it's proprietary software, you you really don't have much agency to get that vendor to go do that thing. Where is the open source? If you don't, if you're tired of waiting around, you can just submit the patch. So, um what we've seen with package software is with open source, we've had all this transparency and agency, but we've lost it with software as a service, right? Where vendors or cloud service providers are taking package software and then they're making it available as a service but that operationalize ng that software that is proprietary and it doesn't get contributed back. And so what Lukes building here as long along with our partners down, Lawrence from google, very active contributor in it. Um, the, is the operational piece to actually run sixth or as a public service is part of the open source project so people can then go and take sixth or maybe run it as a smaller internal service. Maybe they discover a bug, they can fix that bug contributed back to the operational izing piece as well as the traditional package software to basically make it a much more robust and open service. So you bring that transparency and the agency back to the SAS model as well. >>Look if you don't mind before, before uh and this segment proportion of it. The importance of immune ability is huge in the world of data. Can you share more on that? Because you're seeing that as a key part of the Blockchain for instance, having this ability to have immune ability. Because you know, people worry about, you know, how things progress in this distributed world. You know, whether from a hacking standpoint or tracking changes, Mutability becomes super important and how it's going to be preserved in this uh new six doorway. >>Oh yeah, so um mutability essentially means cannot be changed. So the structure of something is set. If it is anyway tampered or changed, then it breaks the cryptographic structure that we have of our public transparency service. So this way anybody can effectively recreate the cryptographic structure that we have of this public transparency service. So this mutability provides trust that there is non repudiation of the data that you're getting. This data is data that you can trust because it's built upon a cryptographic foundation. So it has very much similar parallels to Blockchain. You can trust Blockchain because of the immutable nature of it. And there is some consensus as well. Anybody can effectively download the Blockchain and run it themselves and compute that the integrity of that system can be trusted because of this immutable nature. So that's why we made this an inherent part of Six door is so that anybody can publicly audit these events and data sets to establish that there tamper free. >>That is a huge point. I think one of the things beyond just the security aspect of being hacked and protecting assets um trust is a huge part of our society now, not just on data but everything, anything that's reputable, whether it's videos like this being deep faked or you know, or news or any information, all this ties to security again, fundamentally and amazing concepts. Um I really want to keep an eye on this great work. Um Pearl, I gotta get back to you on Quantum because again, you can't, I mean people love Quantum. It's just it feels like so sci fi and it's like almost right here, right, so close and it's happening. Um And then people get always, what does that mean for security? We go back to look and ask them well quantum, you know, crypto But before we get started I wanted, I'm curious about how that's gonna play out from the project because is it going to be more part of like a C. N. C. F. How do you bring the open source vibe to Quantum? >>Uh so that's a very good question because that was a plan, the whole work that we are going to do related to operators to enable Quantum is managed by the open source community and that project lies in the casket. So casket has their own open source community and all the modification by the way, I should first tell you what excuse did so cute skin is the dedicate that you use to develop circuits that are run on IBM or Honeywell back in. So there are certain Quantum computers back and that support uh, circuits that are created using uh Houston S ticket, which is an open source as well. So there is already a community around this which is the casket. Open source community and we have pushed the code and all the maintenance is taken care of by that community. Do answer your question about if we are going to integrate it with C and C. F. That is not in the picture right now. We are, it has a place in its own community and it is also very niche to people who are working on the Quantum. So right now you have like uh the contributors who who are from IBM as well as other uh communities that are specific specifically working on content. So right now I don't think so, we have the map to integrated the C. N. C. F. But open source is the way to go and we are on that tragic Torri >>you know, we joke here the cube that a cubit is coming around the corner can can help but we've that in you know different with a C. But um look, I want to ask you one of the things that while you're here your security guru. I wanted to ask you about Quantum because a lot of people are scared that Quantum is gonna crack all the keys on on encryption with his power and more hacking. You're just comment on that. What's your what's your reaction to >>that? Yes that's an incredibly good question. This will occur. Okay. And I think it's really about preparation more than anything now. One of the things that we there's a principle that we have within the security world when it comes to coding and designing of software and this aspect of future Cryptography being broken. As we've seen with the likes of MD five and Sha one and so forth. So we call this algorithm agility. So this means that when you write your code and you design your systems you make them conducive to being able to easily swap and pivot the algorithms that use. So the encryption algorithms that you have within your code, you do not become too fixed to those. So that if as computing gets more powerful and the current sets of algorithms are shown to have inherent security weaknesses, you can easily migrate and pivot to a stronger algorithms. So that's imperative. Lee is that when you build code, you practice this principle of algorithm agility so that when shot 256 or shot 5 12 becomes the shar one. You can swap out your systems. You can change the code in a very least disruptive way to allow you to address that floor within your within your code in your software projects. >>You know, luke. This is mind bender right there. Because you start thinking about what this means is when you think about algorithmic agility, you start thinking okay software countermeasures automation. You start thinking about these kinds of new trends where you need to have that kind of signature capability. You mentioned with this this project you're mentioning. So the ability to actually who signs off on these, this comes back down to the paradigm that you guys are talking about here. >>Yes, very much so. There's another analogy from the security world, they call it turtles all the way down, which is effectively you always have to get to the point that a human or a computer establishes that first point of trust to sign something off. And so so it is it's a it's a world that is ever increasing in complexity. So the best that you can do is to be prepared to be as open as you can to make that pivot as and when you need to. >>Pretty impressive, great insight steve. We can talk for hours on this panel, emerging tech with red hat. Just give us a quick summary of what's going on. Obviously you've got a serious brain trust going on over there. Real world impact. You talk about the future of trust, future of software, future of computing, all kind of going on real time right now. This is not so much R and D as it is the front range of tech. Give us a quick overview of >>Yeah, sure, yeah, sure. The first thing I would tell everyone is go check out next that red hat dot com, that's got all of our different projects, who to contact if you're interested in learning more about different areas that we're working on. And it also lists out the different areas that we're working on, but just as an overview. So we're working on software defined storage, cloud storage. Sage. Well, the creator of Cf is the person that leads that group. We've got a team focused on edge computing. They're doing some really cool projects around um very lightweight operating systems that and kubernetes, you know, open shift based deployments that can run on, you know, devices that you screw into the sheet rock, you know, for that's that's really interesting. Um We have a cloud networking team that's looking at over yin and just intersection of E B P F and networking and kubernetes. Um and then uh you know, we've got an application platforms team that's looking at Quantum, but also sort of how to advance kubernetes itself. So that's that's the team where you got the persistent volume framework from in kubernetes and that added block storage and object storage to kubernetes. So there's a lot of really exciting things going on. Our charter is to inform red hats long term technology strategy. We work the way my personal philosophy about how we do that is that Red hat has product engineering focuses on their product roadmap, which is by nature, you know, the 6 to 9 months. And then the longer term strategy is set by both of us. And it's just that they're not focused on it. We're focused on it and we spend a lot of time doing disambiguate nation of the future and that's kind of what we do. We love doing it. I get to work with all these really super smart people. It's a fun job. >>Well, great insights is super exciting, emerging tack within red hat. I'll see the industry. You guys are agile, your open source and now more than ever open sources, uh, product Ization of open source is happening at such an accelerated rate steve. Thanks for coming on parole. Thanks for coming on luke. Great insight all around. Thanks for sharing. Uh, the content here. Thank you. >>Our pleasure. >>Thank you. >>Okay. We were more, more redhead coverage after this. This video. Obviously, emerging tech is huge. Watch some of the game changing action here at Redhead Summit. I'm john ferrier. Thanks for watching. Yeah.