>>Good evening, brilliant humans. My name is Savannah Peterson and very delighted to be streaming to you. Live from the Cube Studios here in Motor City, Michigan. I've got John Furrier on my left. John, this is our last interview of the day. Energy just seems to keep oozing. How >>You doing? Take two, Three days of coverage, the queue love segments. This one's great cuz we have a practitioner who's implementing all the hard core talks to be awesome. Can't wait to get into it. >>Yeah, I'm very excited for this one. If it's not very clear, we are a community focused community is a huge theme here at the show at Cape Con. And our next guests are actually a provider and a customer. Turning it over to you. Lisa and Jake, welcome to the show. >>Thank you so much for having us. >>It's great to be here. It is our pleasure. Lisa, you're with Cockroach. Just in case the audience isn't familiar, give us a quick little sound bite. >>We're a distributed sequel database. Highly scalable, reliable. The database you can't kill, right? We will survive the apocalypse. So very resilient. Our customers, mostly retail, FinTech game meet online gambling. They, they, they need that resiliency, they need that scalability. So the indestructible database is the elevator pitch >>And the success has been very well documented. Valuation obviously is a scorp guard, but huge customers. We were at the Escape 19. Just for the record, the first ever multi-cloud conference hasn't come back baby. Love it. It'll come back soon. >>Yeah, well we did a similar version of it just a month ago and I was, that was before Cockroach. I was a different company there talking a lot about multi-cloud. So, but I'm, I've been a car a couple of years now and I run community, I run developer relations. I'm still also a CNCF ambassador, so I lead community as well. I still run a really large user group in the San Francisco Bay area. So we've just >>Been in >>Community, take through the use case. Jake's story set us up. >>Well I would like Jake to take him through the use case and Cockroach is a part of it, but what they've built is amazing. And also Jake's history is amazing. So you can start Jake, >>Wherever you take >>Your Yeah, sure. I'm Jake, I'm CEO and co-founder of Offset. Oted is the commercial entity behind Spice Dvy and Spice Dvy is a permission service. Cool. So a permission service is something that lets developers and let's platform teams really unlock the full potential of their applications. So a lot of people get stuck on My R back isn't flexible enough. How do I do these fine grain things? How do I do these complex sharing workflows that my product manager thinks is so important? And so our service enables those platform teams and developers to do those kinds of things. >>What's your, what's your infrastructure? What's your setup look like? What, how are you guys looking like on the back end? >>Sure. Yeah. So we're obviously built on top of Kubernetes as well. One of the reasons that we're here. So we use Kubernetes, we use Kubernetes operators to orchestrate everything. And then we use, use Cockroach TV as our production data store, our production backend data store. >>So I'm curious, cause I love when these little matchmakers come together. You said you've now been presenting on a little bit of a road show, which is very exciting. Lisa, how are you and the team surfacing stories like Jakes, >>Well, I mean any, any place we can obviously all the social medias, all the blogs, How >>Are you finding it though? >>How, how did you Oh, like from our customers? Yeah, we have an open source version so people start to use us a long time before we even sometimes know about them. And then they'll come to us and they'll be like, I love Cockroach, and like, tell me about it. Like, tell me what you build and if it's interesting, you know, we'll we'll try to give it some light. And it's always interesting to me what people do with it because it's an interesting technology. I like what they've done with it. I mean the, the fact that it's globally distributed, right? That was like a really important thing to you. Totally. >>Yeah. We're also long term fans of Cockroach, so we actually all work together out of Workbench, which was a co-working space and investor in New York City. So yeah, we go way back. We knew the founders. I, I'm constantly saying like if I could have invested early in cockroach, that would've been the easiest check I could have ever signed. >>Yeah, that's awesome. And then we've been following that too and you guys are now using them, but folks that are out there looking to have the, the same challenges, what are the big challenges on selecting the database? I mean, as you know, the history of Cockroach and you're originating the story, folks out there might not know and they're also gonna choose a database. What's the, what's the big challenge that they can solve that that kind of comes together? What, what would you describe that? >>Sure. So we're, as I said, we're a permission service and per the data that you store in a permission service is incredibly sensitive. You need it to be around, right? You need it to be available. If the permission service goes down, almost everything else goes down because it's all calling into the permission service. Is this user allowed to do this? Are they allowed to do that? And if we can't answer those questions, then our customer is down, right? So when we're looking at a database, we're looking for reliability, we're looking for durability, disaster recovery, and then permission services are one of the only services that you usually don't shard geographically. So if you look at like AWS's iam, that's a global service, even though the individual things that they run are actually sharded by region. So we also needed a globally distributed database with all of those other properties. So that's what led us >>To, this is a huge topic. So man, we've been talking about all week the cloud is essentially distributed database at this point and it's distributed system. So distributed database is a hot topic, totally not really well reported. A lot of people talking about it, but how would you describe this distributed trend that's going on? What are the key reasons that they're driving it? What's making this more important than ever in your mind, in your opinion? >>I mean, for our use case, it was just a hard requirement, right? We had to be able to have this global service. But I think just for general use cases, a distributed database, distributed database has that like shared nothing architecture that allows you to kind of keep it running and horizontally scale it. And as your requirements and as your applications needs change, you can just keep adding on capacity and keep adding on reliability and availability. >>I'd love to get both of your opinion. You've been talking about the, the, the, the phases of customers, the advanced got Kubernetes going crazy distributed, super alpha geek. Then you got the, the people who are building now, then you got the lagers who are coming online. Where do you guys see the market now in terms of, I know the Alphas are all building all the great stuff and you guys had great success with all the top logos and they're all doing hardcore stuff. As the mainstream enterprise comes in, where's their psychology, what's on their mind? What's, you share any insight into your perspective on that? Because we're seeing a lot more of it folks becoming like real cloud players. >>Yeah, I feel like in mainstream enterprise hasn't been lagging as much as people think. You know, certainly there's been pockets in big enterprises that have been looking at this and as distributed sequel, it gives you that scalability that it's absolutely essential for big enterprises. But also it gives you the, the multi-region, you know, the, you have to be globally distributed. And for us, for enterprises, you know, you need your data near where the users are. I know this is hugely important to you as well. So you have to be able to have a multi-region functionality and that's one thing that distributed SQL lets you build and that what we built into our product. And I know that's one of the things you like too. >>Yeah, well we're a brand new product. I mean we only founded the company two years ago, but we're actually getting inbound interest from big enterprises because we solve the kinds of challenges that they have and whether, I mean, most of them already do have a cockroach footprint, but whether they did or didn't, once they need to bring in our product, they're going to be adopting cockroach transitively anyway. >>So, So you're built on top of Cockroach, right? And Spice dv, is that open source or? >>It >>Is, yep. Okay. And explain the role of open source and your business model. Can you take a minute to talk about the relevance of that? >>Yeah, open source is key. My background is, before this I was at Red Hat. Before that we were at CoreOS, so CoreOS acquisition and before that, >>One of the best acquisitions that ever happened for the value. That was a great, great team. Yeah, >>We, we, we had fun and before that we built Qua. So my co-founders and I, we built Quay, which is a, a first private docker registry. So CoreOS and, and all of those things are all open source or deeply open source. So it's just in our dna. We also see it as part of our go-to market motion. So if you are a database, a lot of people won't even consider what you're doing without being open source. Cuz they say, I don't want to take a, I don't want to, I don't want to end up in an Oracle situation >>Again. Yeah, Oracle meaning they go, you get you locked in, get you in a headlock, Increase prices. >>Yeah. Oh yeah, >>Can, can >>I got triggered. >>You need to talk about your PTSD there >>Or what. >>I mean we have 20,000 stars on GitHub because we've been open and transparent from the beginning. >>Yeah. And it >>Well, and both of your projects were started based on Google Papers, >>Right? >>That is true. Yep. And that's actually, so we're based off of the Google Zans of our paper. And as you know, Cockroach is based off of the Google Span paper and in the the Zanzibar paper, they have this globally distributed database that they're built on top of. And so when I said we're gonna go and we're gonna make a company around the Zabar paper, people would go, Well, what are you gonna do for Span? And I was like, Easy cockroach, they've got us covered. >>Yeah, I know the guys and my friends. Yeah. So the question is why didn't you get into the first round of Cockroach? She said don't answer that. >>The question he did answer though was one of those age old arguments in our community about pronunciation. We used to argue about Quay, I always called it Key of course. And the co-founder obviously knows how it's pronounced, you know, it's the et cd argument, it's the co cuddl versus the control versus coo, CTL Quay from the co-founder. That is end of argument. You heard it here first >>And we're keeping it going with Osted. So awesome. A lot of people will say Zeed or, you know, so we, we just like to have a little ambiguity >>In the, you gotta have some semantic arguments, arm wrestling here. I mean, it keeps, it keeps everyone entertained, especially on the over the weekend. What's, what's next? You got obviously Kubernetes in there. Can you explain the relationship between Kubernetes, how you're handling Spice dv? What, what does the Kubernetes piece fit in and where, where is that going to be going? >>Yeah, great question. Our flagship product right now is a dedicated, and in a dedicated, what we're doing is we're spinning up a single tenant Kubernetes cluster. We're installing all of our operator suite, and then we're installing the application and running it in a single tenant fashion for our customers in the same region, in the same data center where they're running their applications to minimize latency. Because of this, as an authorization service, latency gets passed on directly to the end user. So everybody's trying to squeeze the latency down as far as they can. And our strategy is to just run these single tenant stacks for people with the minimal latency that we can and give them a VPC dedicated link very similar to what Cockroach does in their dedicated >>Product. And the distributed architecture makes that possible because it's lighter way, it's not as heavy. Is that one of the reasons? >>Yep. And Kubernetes really gives us sort of like a, a level playing field where we can say, we're going going to take the provider, the cloud providers Kubernetes offering, normalize it, lay down our operators, and then use that as the base for delivering >>Our application. You know, Jake, you made me think of something I wanted to bring up with other guests, but now since you're here, you're an expert, I wanna bring that up, but talk about Super Cloud. We, we coined that term, but it's kind of multi-cloud, is that having workloads on multiple clouds is hard. I mean there are, they are, there are workloads on, on clouds, but the complexity of one clouds, let's take aws, they got availability zones, they got regions, you got now data issues in each one being global, not that easy on one cloud, nevermind all clouds. Can you share your thoughts on how you see that progression? Because when you start getting, as its distributed database, a lot of good things might come up that could fit into solving the complexity of global workloads. Could you share your thoughts on or scoping that problem space of, of geography? Yeah, because you mentioned latency, like that's huge. What are some of the other challenges that other people have with mobile? >>Yeah, absolutely. When you have a service like ours where the data is small, but very critical, you can get a vendor like Cockroach to step in and to fill that gap and to give you that globally distributed database that you can call into and retrieve the data. I think the trickier issues come up when you have larger data, you have huge binary blobs. So back when we were doing Quay, we wanted to be a global service as well, but we had, you know, terabytes, petabytes of data that we were like, how do we get this replicated everywhere and not go broke? Yeah. So I think those are kind of the interesting issues moving forward is what do you do with like those huge data lakes, the huge amount of data, but for the, the smaller bits, like the things that we can keep in a relational database. Yeah, we're, we're happy that that's quickly becoming a solved >>Problem. And by the way, that that data problem also is compounded when the architecture goes to the edge. >>Totally. >>I mean this is a big issue. >>Exactly. Yeah. Edge is something that we're thinking a lot about too. Yeah, we're lucky that right now the applications that are consuming us are in a data center already. But as they start to move to the edge, we're going to have to move to the edge with them. And it's a story that we're gonna have to figure out. >>All right, so you're a customer cockroach, what's the testimonial if I put you on the spot, say, hey, what's it like working with these guys? You know, what, what's the, what's the, you know, the founders, so you know, you give a good description, little biased, but we'll, we'll we'll hold you on it. >>Yeah. Working with Cockroach has been great. We've had a couple things that we've run into along the way and we've gotten great support from our account managers. They've brought in the right technical expertise when we need it. Cuz what we're doing with Cockroach is not you, you couldn't do it on Postgres, right? So it's not just a simple rip and replace for us, we're using all of the features of Cockroach, right? We're doing as of system time queries, we're doing global replication. We're, you know, we're, we're consuming it all. And so we do need help from them sometimes and they've been great. Yeah. >>And that's natural as they grow their service. I mean the world's changing. >>Well I think one of the important points that you mentioned with multi-cloud, we want you to have the choice. You know, you can run it in in clouds, you can run it hybrid, you can run it OnPrem, you can do whatever you want and it's just, it's one application that you can run in these different data centers. And so really it's up to you how do you want to build your infrastructure? >>And one of the things we've been talking about, the super cloud concept that we've been issue getting a lot of contrary, but, but people are leaning into it is that it's the refactoring and taking advantage of the services. Like what you mentioned about cockroach. People are doing that now on cloud going the lift and shift market kind of had it time now it's like hey, I can start taking advantage of these higher level services or capability of someone else's stack and refactoring it. So I think that's a dynamic that I'm seeing a lot more of. And it sounds like it's working out great in this situation. >>I just came from a talk and I asked them, you know, what don't you wanna put in the cloud and what don't you wanna run in Kubernetes or on containers and good Yeah. And the customers that I was on stage with, one of the guys made a joke and he said I would put my dog in a container room. I could, he was like in the category, which is his right, which he is in the category of like, I'll put everything in containers and these are, you know, including like mis critical apps, heritage apps, since they don't wanna see legacy anymore. Heritage apps, these are huge enterprises and they wanna put everything in the cloud. Everything >>You so want your dog that gets stuck on the airplane when it's on the tarmac. >>Oh >>God, that's, she was the, don't take that analogy. Literally don't think about that. Well that's, >>That's let's not containerize. >>There's always supply chain concern. >>It. So I mean going macro and especially given where we are cncf, it's all about open source. Do y'all think that open source builds a better future? >>Yeah and a better past. I mean this is, so much of this software is founded on open source. I, we wouldn't be here really. I've been in open source community for many, many years so I wouldn't say I'm biased. I would say this is how we build software. I came from like in a high school we're all like, oh let's build a really cool application. Oh you know what? I built this cuz I needed it, but maybe somebody else needs it too. And you put it out there and that is the ethos of Silicon Valley, right? That's where we grew up. So I've always had that mindset, you know, and social coding and why I have three people, right? Working on the same thing when one person you could share it's so inefficient. All of that. Yeah. So I think it's great that people work on what they're really good at. You know, we all, now you need some standardization, you need some kind of control around this whole thing. Sometimes some foundations to, you know, herd the cats. Yeah. But it's, it's great. Which is why I'm a c CF ambassador and I spend a lot of time, you know, in my free time talking about open source. Yeah, yeah. >>It's clear how passionate you are about it. Jake, >>This is my second company that we founded now and I don't think either of them could have existed without the base of open source, right? Like when you look at I have this cool idea for an app or a company and I want to go try it out, the last thing I want to do is go and negotiate with a vendor to get like the core data component. Yeah. To even be able to get to the >>Prototypes. NK too, by the way. Yeah. >>Hey >>Nk >>Or hire, you know, a bunch of PhDs to go and build that core component for me. So yeah, I mean nobody can argue that >>It truly is, I gotta say a best time if you're a developer right now, it's awesome to be a developer right now. It's only gonna get better. As we were riff from the last session about productivity, we believe that if you follow the digital transformation to its conclusion, developers and it aren't a department serving the business, they are the business. And that means they're running the show, which means that now their entire workflow is gonna change. It's gonna be have to be leveraging services partnering. So yeah, open source just fills that. So the more code coming up, it's just no doubt in our mind that that's go, that's happening and will accelerate. So yeah, >>You know, no one company is gonna be able to compete with a community. 50,000 users contributing versus you riding it yourself in your garage with >>Your dogs. Well it's people driven too. It's humans not container. It's humans working together. And here you'll see, I won't say horse training, that's a bad term, but like as projects start to get traction, hey, why don't we come together as, as the world starts to settle and the projects have traction, you start to see visibility into use cases, functionality. Some projects might not be, they have to kind of see more kind >>Of, not every feature is gonna be development. Oh. So I mean, you know, this is why you connect with truly brilliant people who can architect and distribute sequel database. Like who thought of that? It's amazing. It's as, as our friend >>You say, Well let me ask you a question before we wrap up, both by time, what is the secret of Kubernetes success? What made Kubernetes specifically successful? Was it timing? Was it the, the unambitious nature of it, the unification of it? Was it, what was the reason why is Kubernetes successful, right? And why nothing else? >>Well, you know what I'm gonna say? So I'm gonna let Dave >>First don't Jake, you go first. >>Oh boy. If we look at what was happening when Kubernetes first came out, it was, Mesosphere was kind of like the, the big player in the space. I think Kubernetes really, it had the backing from the right companies. It had the, you know, it had the credibility, it was sort of loosely based on Borg, but with the story of like, we've fixed everything that was broken in Borg. Yeah. And it's better now. Yeah. So I think it was just kind and, and obviously people were looking for a solution to this problem as they were going through their containerization journey. And I, yeah, I think it was just right >>Place, the timing consensus of hey, if we just let this happen, something good might come together for everybody. That's the way I felt. I >>Think it was right place, right time, right solution. And then it just kind of exploded when we were at Cores. Alex Povi, our ceo, he heard about Kubernetes and he was like, you know, we, we had a thing called Fleet D or we had a tool called Fleet. And he's like, Nope, we're all in on Kubernetes now. And that was an amazing Yeah, >>I remember that interview. >>I, amazing decision. >>Yeah, >>It's clear we can feel the shift. It's something that's come up a lot this week is is the commitment. Everybody's all in. People are ready for their transformation and Kubernetes is definitely gonna be the orchestrator that we're >>Leveraging. Yeah. And it's an amazing community. But it was, we got lucky that the, the foundational technology, I mean, you know, coming out of Google based on Go conferences, based on Go, it's no to coincidence that this sort of nature of, you know, pods horizontally, scalable, it's all fits together. I does make sense. Yeah. I mean, no offense to Python and some of the other technologies that were built in other languages, but Go is an awesome language. It's so, so innovative. Innovative things you could do with it. >>Awesome. Oh definitely. Jake, I'm very curious since we learned on the way and you are a Detroit native? >>I am. Yep. I grew up in the in Warren, which is just a suburb right outside of Detroit. >>So what does it mean to you as a Michigan born bloke to be here, see your entire community invade? >>It is, I grew up coming to the Detroit Auto Show in this very room >>That brought me to Detroit the first time. Love n a I a s. Been there with our friends at Ford just behind us. >>And it's just so interesting to me to see the accumulation, the accumulation of tech coming to Detroit cuz it's really not something that historically has been a huge presence. And I just love it. I love to see the activity out on the streets. I love to see all the restaurants and coffee shops full of people. Just, I might tear up. >>Well, I was wondering if it would give you a little bit of that hometown pride and also the joy of bringing your community together. I mean, this is merging your two probably most core communities. Yeah, >>Yeah. Your >>Youth and your, and your career. It doesn't get more personal than that really. Right. >>It's just been, it's been really exciting to see the energy. >>Well thanks for going on the queue. Thanks for sharing. Appreciate it. Thanks >>For having us. Yeah, thank you both so much. Lisa, you were a joy of ball of energy right when you walked up. Jake, what a compelling story. Really appreciate you sharing it with us. John, thanks for the banter and the fabulous questions. I'm >>Glad I could help out. >>Yeah, you do. A lot more than help out sweetheart. And to all of you watching the Cube today, thank you so much for joining us live from Detroit, the Cube Studios. My name is Savannah Peterson and we'll see you for our event wrap up next.

(upbeat music) >> Welcome back. We're winding down theCUBE's coverage of Red Hat Summit 2022. We're here at the Seaport in Boston. It's been two days of a little different Red Hat Summit. We're used to eight, 9,000 people. It's much smaller event this year, fewer developers or actually in terms of the mix, a lot more suits this year, which is kind of interesting to see that evolution and a big virtual audience. And I love the way, the keynotes we've noticed are a lot tighter. They're pithy, on time, they're not keeping us in the hall for three hours. So we appreciate that kind of catering to the virtual audience. Dave Vellante here with my co-host, Paul Gillin. As to say things are winding down, there was an analyst event here today, that's ended, but luckily we have Jim Mercer here as a research director at IDC. He's going to share maybe some of the learnings from that event today and this event overall, we're going to talk about DevSecOps. And Kirsten Newcomer is director of security, product management and hybrid platforms at Red Hat. Folks, welcome. >> Thank you. >> Thank you. >> Great to see you. >> Great to be here. >> Security's everywhere, right? You and I have spoken about the supply chain hacks, we've done some sort of interesting work around that and reporting around that. I feel like SolarWinds created a new awareness. You see these moments, it's Stuxnet, or WannaCry and now is SolarWinds very insidious, but security, Red Hat, it's everywhere in your portfolio. Maybe talk about the strategy. >> Sure, absolutely. We feel strongly that it's really important that security be something that is managed in a holistic way present throughout the application stack, starting with the operating system and also throughout the life cycle, which is partly where DevSecOps comes in. So Red Hat has kind of had a long history here, right? Think SELinux and Red Hat Enterprise Linux for mandatory access control. That's been a key component of securing containers in a Kubernetes environment. SELinux has demonstrated the ability to prevent or mitigate container escapes to the file system. And we just have continued to work up the stack as we go, our acquisition of stack rocks a little over a year ago, now known as Red Hat Advanced Cluster Security, gives us the opportunity to really deliver on that DevSecOps component. So Kubernetes native security solution with the ability to both help shift security left for the developers by integrating in the supply chain, but also providing a SecOps perspective for the operations and the security team and feeding information between the two to really try and do that closed infinity loop and then an additional investment more recently in sigstore and some technologies. >> Interesting. >> Yeah, is interesting. >> Go ahead. >> But Shift Left, explain to people what you mean by Shift Left for people might not be familiar with that term. >> Fair enough. For many, many years, right, IT security has been something that's largely been part of an operations environment and not something that developers tended to need to be engaged in with the exception of say source code static analysis tools. We started to see vulnerability management tools get added, but even then they tend to come after the application has been built. And I even ran a few years ago, I ran into a customer who said my security team won't let me get this information early. So Shift Left is all about making sure that there are security gates in the app dev process and information provided to the developer as early as possible. In fact, even in the IDE, Red Hat code ready dependency analytics does that, so that the developers are part of the solution and don't have to wait and get their apps stalled just before it's ready to go into deployment. >> Thank you. You've also been advocating for supply chain security, software supply chain. First of all, explain what a software supply chain is and then, what is unique about the security needs of that environment? >> Sure. And the SolarWinds example, as Dave said, really kind of has raised awareness around this. So just like we use the term supply chain, most people given kind of what's been happening with the pandemic, they've started hearing that term a lot more than they used to, right? So there's a supply chain to get your groceries, to the grocery store, food to the grocery store. There's a supply chain for manufacturing, where do the parts come for the laptops that we're all using, right? And where do they get assembled? Software has a supply chain also, right? So for years and even more so now, developers have been including open source components into the applications they build. So some of the supplies for the applications, the components of those applications, they can come from anywhere in the world. They can come from a wide range of open source projects. Developers are adding their custom code to that. All of this needs to be built together, delivered together and so when we think about a supply chain and the SolarWinds hack, right, there are a couple of elements of supply chain security that are particularly key. The executive order from May of last year, I think was partly in direct response to the SolarWinds hack. And it calls out that we need a software bill of materials. Now again, in manufacturing that's something folks are used to, I actually had the opportunity to contribute to the software package data exchange format, SPDX when it was first started, I've lost track of when that was. But an S-bomb is all about saying, what are all of those components that I'm delivering in my solution? It might be an application layer. It might be the host operating system layer, but at every layer. And if I know what's in what I'm delivering, I have the opportunity to learn more information about those components to track where does Log4Shell, right? When the Log4j or Spring4Shell, which followed shortly thereafter. When those hit, how do I find out which solutions that I'm running have the vulnerable components in them and where are they? The software bill of materials helps with that but you also have to know where, right. And that's the Ops side. I feel like I missed a piece of your question. >> No, it's not a silver bullet though, to your point and Log4j very widely used, but let's bring Jim into the conversation. So Jim, we've been talking about some of these trends, what's your focus area of research? What are you seeing as some of the mega trends in this space? >> I mean, I focus in DevOps and DevSecOps and it's interesting just talking about trends. Kirsten was mentioning the open source and if you look back five, six, seven years ago and you went to any major financial institution, you asked them if they use an open source. Oh, no. >> True. >> We don't use that, right. We wrote it all here. It's all from our developers-- >> Witchcraft. >> Yeah, right, exactly. But the reality is, they probably use a little open source back then but they didn't realize it. >> It's exactly true. >> However, today, not only are they not on versed to open source, they're seeking it out, right. So we have survey data that kind of indicates... A survey that was run kind of in late 2021 that shows that 70% of those who responded said that within the next two years 90% of their applications will be made up of open source. In other words, the content of an application, 10% will be written by themselves and 90% will come from other sources. So we're seeing these more kind of composite applications. Not, everybody's kind of, if you will, at that 90%, but applications are much more composite than they were before. So I'm pulling in pieces, but I'm taking the innovation of the community. So I not only have the innovation of my developers, but I can expand that. I can take the innovation to the community and bring that in and do things much quicker. I can also not have my developers worry about things that, maybe just kind of common stuff that's out there that might have already been written. In other words, just focus on the business logic, don't focus on, how to get orders or how to move widgets and those types of things that everybody does 'cause that's out there in open source. I'll just take that, right. I'll take it, somebody's perfected it, better than I'll ever do. I'll take that in and then I'll just focus and build my business logic on top of that. So open source has been a boom for growth. And I think we've heard a little bit of that (Kirsten laughs) in the last two days-- >> In the Keynotes. >> From Red Hat, right. But talking about the software bill of materials, and then you think about now I taking all that stuff in, I have my first level open source that I took in, it's called it component A. But behind component A is all these transitive dependencies. In other words, open source also uses open source, right? So there's this kind of this, if you will, web or nest, if you want to call it that, of transitive dependencies that need to be understood. And if I have five, six layers deep, I have a vulnerability in another component and I'm over here. Well, guess what? I picked up that vulnerability, right. Even though I didn't explicitly go for that component. So that's where understanding that software bill of materials is really important. I like to explain it as, during the pandemic, we've all experienced, there was all this contact tracing. It was a term where all came to mind. The software bill of materials is like the contact tracing for your open source, right. >> Good analogy. >> Anything that I've come in contact with, just because I came in contact with it, even though I didn't explicitly go looking for COVID, if you will, I got it, right. So in the same regard, that's how I do the contact tracing for my software. >> That 90% figure is really striking. 90% open source use is really striking, considering that it wasn't that long ago that one of the wraps on open source was it's insecure because anybody can see the code, therefore anybody can see the vulnerabilities. What changed? >> I'll say that, what changed is kind of first, the understanding that I can leapfrog and innovate with open source, right? There's more open source content out there. So as organizations had to digitally transform themselves and we've all heard the terminology around, well, hey, with the pandemic, we've leapfrog up five years of digital transformation or something along those lines, right? Open source is part of what helps those teams to do that type of leapfrog and do that type of innovation. You had to develop all of that natively, it just takes too long, or you might not have the talent to do it, right. And to find that talent to do it. So it kind of gives you that benefit. The interesting thing about what you mentioned there was, now we're hearing about all these vulnerabilities, right, in open source, that we need to contend with because the bad guys realize that I'm taking a lot of open source and they're saying, geez, that's a great way to get myself into applications. If I get myself into this one open source component, I'll get into thousands or more applications. So it's a fast path into the supply chain. And that's why it's so important that you understand where your vulnerabilities are in the software-- >> I think the visibility cuts two ways though. So when people say, it's insecure because it's visible. In fact, actually the visibility helps with security. The reality that I can go see the code, that there is a community working on finding and fixing vulnerabilities in that code. Whereas in code that is not open source it's a little bit more security by obscurity, which isn't really security. And there could well be vulnerabilities that a good hacker is going to find, but are not disclosed. So one of the other things we feel strongly about at Red Hat, frankly, is if there is a CVE that affects our code, we disclose that publicly, we have a public CVE database. And it's actually really important to us that we share that, we think we share way more information about issues in our code than most other users or consumers of open source and we work that through the broad community as well. And then also for our enterprise customers, if an issue needs to be fixed, we don't just fix it in the most recent version of the open source. We will backport that fix. And one of the challenges, if you're only addressing the most recent version, that may not be well tested, it might have other bugs, it might have other issues. When we backport a security vulnerability fix, we're able to do that to a stable version, give the customers the benefit of all the testing and use that's gone on while also fixing. >> Kirsten, can you talk about the announcements 'cause everybody's wondering, okay, now what do I do about this? What technology is there to help me? Obviously this framework, you got to follow the right processes, skill sets, all that, not to dismiss that, that's the most important part, but the announcements that you made at Red Hat Summit and how does the StackRox acquisition fit into those? >> Sure. So in particular, if we stick with DevSecOps a minute, but again, I'll do. Again for me, DevSecOps is the full life cycle and many people think of it as just that Shift Left piece. But for me, it's the whole thing. So StackRox ACS has had the ability to integrate into the CI/CD pipeline before we bought them. That continues. They don't just assess for vulnerabilities, but also for application misconfigurations, excess proof requests and helm charts, deployment YAML. So kind of the big, there are two sort of major things in the DevSecOps angle of the announcement or the supply chain angle of the announcement, which is the investment that we've been making in sigstore, signing, getting integrity of the components, the elements you're deploying is important. I have been asked for years about the ability to sign container images. The reality is that the signing technology and Red Hat signs everything we ship and always have, but the signing technology wasn't designed to be used in a CI/CD pipeline and sigstore is explicitly designed for that use case to make it easy for developers, as well as you can back it with full CO, you can back it with an OIDC based signing, keyless signing, throw away the key. Or if you want that enterprise CA, you can have that backing there too. >> And you can establish that as a protocol where you must. >> You can, right. So our pattern-- >> So that would've helped with SolarWinds. >> Absolutely. >> Because they were putting in malware and then taking it out, seeing what happened. My question was, could sigstore help? I always evaluate now everything and I'm not a security expert, but would this have helped with SolarWinds? A lot of times the answer is no. >> It's a combination. So a combination of sigstore integrated with Tekton Chains. So we ship Tekton, which is a Kubernetes supply chain pipeline. As OpenShift pipelines, we added chains to that. Chains allows you to attest every step in your pipeline. And you're doing that attestation by signing those steps so that you can validate that those steps have not changed. And in fact, the folks at SolarWinds are using Tekton Chains. They did a great talk in October at KubeCon North America on the changes they've made to their supply chain. So they're using both Tekton Chains and sigstore as part of their updated pipeline. Our pattern will allow our customers to deploy OpenShift, advanced cluster manager, advanced cluster security and Quay with security gates in place. And that include a pipeline built on Tekton with Tekton Chains there to sign those steps in the pipeline to enable signing of the code that's moving through that pipeline to store that signature in Quay and to validate the image signature upon deployment with advanced cluster security. >> So Jim, your perspective on this, Red Hat's, I mean, you care about security, security's everywhere, but you're not a security company. You follow security companies. There's like far too many of them. CISOs all say my number one challenge is lack of talent, but I have all these tools to deal with. You see new emerging companies that are doing pretty well. And then you see a company that's highly respected, like an Okta screw up the communications on a pretty benign hack. Actually, when you peel the onion on that, it's just this mess (chuckles) and it doesn't seem like it's going to get any simpler. Maybe the answer is companies like Red Hat kind of absorbing that and taking care of it. What do you see there? I mean, maybe it's great for business 'cause you've got so many companies. >> There's a lot of companies and there's certainly a lot of innovation out there and unique ways to make security easier, right. I mean, one of the keys here is to be able to make security easier for developers, right. One of the challenges with adopting DevSecOps is if DevSecOps creates a lot of friction in the process, it's hard to really... I can do it once, but I can't keep doing that and get the same kind of velocity. So I need to take the friction out of the process. And one of the challenges a lot of organizations have, and I've heard this from the development side, but I've also heard it from the InfoSec side, right. Because I take inquiry for people on InfoSec, and they're like, how do I get these developers to do what I want? And part of the challenge they have is like, I got these teams using these tools. I got those teams using those tools. And it's a similar challenge that we saw on DevOps where there's just too many, if you will, too many dang tools, right. So that is a challenge for organizations is, they're trying to kind of normalize the tools. Interestingly, we did a survey, I think around last August or something. And one of the questions was around, where do you want your security? Where do you want to get your DevSecOps security from, do you want to get it from individual vendors? Or do you want to get it from like, your platforms that you're using and deploying changes in Kubernetes. >> Great question. What did they say? >> The majority of them, they're hoping they can get it built into the platform. That's really what they want. And you see a lot of the security vendors are trying to build security platforms. Like we're not just assess tool, we're desk, we're this, whatever. And they're building platforms to kind of be that end-to-end security platform, trying to solve that problem, right, to make it easier to kind of consume the product overall, without a bunch of individual tools along the way. But certainly tool sprawl is definitely a challenge out there. Just one other point around the sigstore stuff which I love. Because that goes back to the supply chain and talking about digital providence, right. Understanding where things... How do I validate that what I gave you is what you thought it was, right. And what I like about it with Tekton Chains is because there's a couple things. Well, first of all, I don't want to just sign things after I built the binary. Well, I mean, I do want to sign it, but I want to just sign things once, right. Because all through the process, I think of it as a manufacturing plant, right. I'm making automobiles. If I check the quality of the automobile at one stage and I don't check it to the other, things have changed, right. How do I know that I did something wasn't compromised, right. So with sigstore kind of tied in with Tekton Chains, kind of gives me that view. And the other aspect I like it about is, this kind of transparency in the log, right-- >> The report component. >> Exactly. So I can see what was going on. So there is some this kind of like public scrutiny, like if something bad happened, you could go back and see what happened there and it wasn't as you were expected. >> As with most discussions on this topic, we could go for an hour because it's really important. And thank you guys for coming on and sharing your perspectives, the data. >> Our pleasure. >> And keep up the good work. Kirsten, it's on you. >> Thanks so much. >> The IDC survey said it, they want it in platforms. You're up. >> (laughs) That's right. >> All right. Good luck to both you. >> Thank you both so much. >> All right. And thank you for watching. We're back to wrap right after this short break. This is Dave Vellante for Paul Gill. You're watching theCUBE. (upbeat music)

>> Narrator: From Copenhagen, Denmark, it's theCUBE, covering KubeCon, and CloudNativeCon Europe 2018. Brought to you by the Cloud Native Computing Foundation, and its ecosystem partners. >> Okay, welcome back, everyone, live coverage here in theCUBE, in Europe, at Copenhagen, Denmark for KubeCon Europe 2018. This is theCUBE. We have the CNCF, at the Cloud Native Computing Foundation, part of the Linux Foundation. I'm John Furrier, co-host of theCUBE, with Lauren Cooney, the founder of SparkLabs, new venture around open source and innovation. Our analysts here, today with theCUBE, and our two guests are Michael Hausenblas, who's the direct developer advocate at Red Hat. Diane Meuller's the director of community development at Red Hat, talking about OpenShift, Red Hat, and just the rise and success of OpenShift. It's been really well-documented here on theCUBE, but certainly, in the industry, everyone's taking notice. Great to see you again, welcome to theCUBE, good to see you. >> Thank you. >> And wonderful to be here again. >> So, first of all, a lot of big news going on. CoreOS is now part of Red Hat, so that's exciting. I haven't had a chance to talk to you guys about that yet here on theCUBE, but great, great puzzle piece from the industry there for you guys, congratulations. >> Yeah, it's been a wonderful collaboration, having the CoreOS team as part of the Red Hat, and the OpenShift team, it's just a perfect fit. And the team from CoreOS, they've always been my favorite people. Alright, and Brandon Philips and the team over there are just awesome. And to have the expertise from Tectonics, the operator framework, which you'll hear more about here at KubeCon EU this week, to have Quay under the wings of Red Hat now, and Quay is a registry with OpenShift or with any other Kubernetes, you know, the stuff that they brought to the table, and the expertise, as well as the wonderful culture that they had, it was such a perfect fit with OpenShift. >> And you know, you guys bring a lot to the table, too. And I was, I mean, I've been kind of critical of CoreOS in the past, in a good way, 'cause I love those guys. I had good chats with them over the years, but they were so pure open-source guys, like Red Hat. >> Diane: Well, there's nothing wrong with being pure open-source. (laughing) >> No, no, I'm cool with that, but you guys have perfected the business more, you have great customers. So one of the things that they were always strong at was the open-source piece but when you start to monetize, and you start to get into the commercialization, it's hard for a start-up to be both, pure open-source and to monetize. You guys now have it together, >> Yeah. >> Great fit. >> So, it's a wonderful thing. We, on the OpenShift side, we have the OpenShift Commons, which is our open-source community, and we've sort of flipped the model of community development and that's at Red Hat. And one of the things is, they've been really strong, CoreOS, with their open-source projects, whether etcd, or you know, a whole myriad of other things. >> Well, let's double down on that. I want to get your thoughts. What is this OpenShift Commons? Take a minute to talk about what you guys had. You had an event Monday. It was the word on the streets, here in the hallways, is very positive. Take a minute to explain what happened, what's going on with that program? >> So OpenShift Commons is the open-source community around OpenShift Origin, but it also includes all the upstream projects that we collaborate with, with everybody from the Kubernetes world, from the Promytheus, all the CNCF project leads, all kinds of people from the upstream projects that are part of the OpenShift Ecosystem, as well as all the service providers and partners, who are doing wonderful things, and all the hosts, like Google, and you know, Microsoft Azure folks are in there. But, we've kind of flipped the model of community development on its head. In the past, if you were a community manager, which is what I started out as, you were trying to get people to contribute to your own code base. And here, because there's so much cross-community collaboration going on, we've got people working on Kubernetes. We got Kubernetes people making commits to Origin. We work on the OCI Foundation, trying to get the container stuff all figured out. >> So when you say you flipped the model, you mean there's now multiple-project contributions going on, or? >> Yeah, we've got our fingers in lots of pies now, and we have to, the collaboration has to be open, and there has to be a lot of communication. So the OpenShift Commons is really about creating those peer-to-peer networks. We do a lot of stuff virtual. I host my own OpenShift Commons briefings twice a week, and I could probably go to three or four days a week, and do it, because there's so much information. There's a fire hose of new stuff, new features, new releases, and stuff. Michael just did one on FAS. You did one before for the machine-learning Saigon OpenShift on Callum. >> Hold on, I want to just get your thoughts, Michael, on this, because what came up yesterday on theCUBE, was integration glue layers are really important. So I can see the connection here. Having this Commons model allows people to kind of cross-pollenate, one. Two, talk about integration, because we've got Promytheus, I might use KubeFlow. So there's new things happening. What does this mean for the integration piece? Good for it, or accelerating it? What's your thoughts? >> Right, right, right. So, I mainly work upstream which means when it is KubeFlow and other projects. And for me, these kind of areas where you can bring together both, the developers, and the end users, which is super important for us to get the feedback to see where we really are struggling. We hear a lot from those people that meet there, what their pinpoints are. And that is the best way to essentially shape the agenda, to say, well, maybe let's prioritize this over this other feature. And as you mention, integration being one big part, and Functions and Service being, could be considered as the visual basics of applications for Cloud Native Computing. It can act as this kind of glue between different things there. And I'm super excited about Commons. That's for me a great place to actually meet these people, and talk with them. >> So the Commons is almost a cross-pollination of folks that are actually using the code, building the code, and they see other projects that makes sense to contribute to, and so it's an alignment where you allow for that cross-pollination. >> It's a huge series of conversations, and one of the things that is really important to all of the projects is, as Michael said, is getting that feedback from production deployments. People who are working on stuff. So we have, I think we're at around 375 organizational members, so there's... >> John: What percentage of end-user organizations, do you think? >> It's probably about 50/50. You know, you can go to Commons.OpenShift.org, and look up the participants list. I'm behind a little bit in getting everybody in there, but-- >> John: So it's a good healthy dose of end-users? >> It's a good healthy dose of end-users. There's some special interest groups. Our special interest groups are more around used cases. So, we just hosted a machine-learning reception two nights ago, and we had about 200 people in the room. I'd say 50% of them were from the KubeFlow community, and the other 50% were users, or people who are building frameworks for our people to run on OpenShift. And so our goal, as always, is to make OpenShift the optimal, the best place to run your, in this case, machine-learning workloads, or-- >> And I think that's super critical, because one of the things that I've been following a little bit, and you know, I have your blog entry in front of me, is the operator framework, and really what you're trying to do with that framework, and how it's progressing, and where it's going, and really, if you can talk a little bit about what you're doing there, I think that would be great for our viewers. >> So what I'm going to do is I'm going to make sure you get Brandon Philips here, on your KubeFlow, sometime this week, 'cause I don't want to steal the thunder from his keynote tomorrow morning-- >> Lauren: Well, drop a couple hints. (laughs) >> John: Share a little bit, come on. >> So the operator stuff that CoreOS, and they brought it to the table, so it's really their baby. They had done a lot of work to make sure that they had first-class access to be able to inject things into Kubernetes itself, and make it run. And they're going to do a better technical talk on it than I am, and make things run. And so that what they've done is they've opened up and created an STK for operators, so other people can build more. And we think, this is a tipping point for Kubernetes, and I really don't want to steal any thunder here, or get in over my head, is the other part of it, too. >> I think Brandon is the right person to talk about that. >> Brandon, we'll drag Brandon over here. >> I'm super excited about it, but let's-- >> Yeah, let's talk about why you're super excited about it. Is there anything you can kind of tell us in terms of what? >> Enables people to run any kind of workload in communities, in a reliable automated fashion. So you bring the experience that human operators have into software. So you automate that application, which makes it even more suitable to run your enterprise application that so far might have not been the best place to run. >> Lauren: That's great, yeah. >> And yeah, I'm also looking forward to Brandon explaining the details there. >> So I think it's great hearing about that, and we talk a lot about how it's great for users. It's great, you know, operators, developers, how they're building things out, and things along those lines. But one of the things that we are not hearing a ton about here, and we want to hear more about, is security. Security is increasingly important. You know, we're hearing bits and pieces but nothing's really kind of coming together here and what're your thoughts on that? >> Security, I was recently, when I blogged about it, and people on Twitter said, well, is that really true that, you know, couldn't this secure body fall? It's like, well, all the pieces are there. You need to be aware of it. You need to know what you're doing. But it is there, right? All the defaults might not be as you would expect it, but you can enable it. And I think we did a lot of innovations there, as well. With our back, and security context, and so on. And, actually, Liz Rice and myself are working on putting the security cookbook, and for a variety that will come out later this year. We're trying to document the best practice, because it is early days, and it's quite a range of things. From building container images in a secure way, to excess control, and so on, so there's a lot of stuff (mumbles). >> What're some of the end-user feedback sessions, or feedback data that you're getting from these sessions? What is some of the things you guys are hearing? What's the patterns? What's the things that are boiling up to the top? >> Well, there's so many. I mean, this conference is one of those ones where it's a cornucopia of talks, and trying to, I just wrote a little blog post called, The Hitchhiker's Guide to KubeCon. It's on blog.openshift.com. And because, you could spend all of your time here in a different track, and never leave it, like Security 1, or in Operations 1, or-- >> John: There's a lot of great content. >> I think the Istio stuff is probably the hottest thing I'm hearing people going to. There was a great deep-dive training session, hands-on on Monday, here, that got incredible feedback. IBM and Google did that one. We had a lot of customer talks and hands-on training sessions on Monday. Here, there are pretty much, there's a great talk coming up this afternoon, on Kube Controllers that Magic... I think that's at 11:45-ish. There are a lot of the stuff around Service Fish, and service brokers, is really kind of the hot thing that people are looking for to get implemented. And we've got a lot of people from Red Hat working on that. There's, oh man, there's etcd updtes, there's a bazillion things going-- >> John: It's exploding big time here. >> Yeah. >> No doubt about it. >> The number one thing that I'm seeing last couple of months, being onsite with customers, and also here, is that given that Kubernetes is now the defective standard of container authorization, people are much more willing to go all-in, you know? >> Yeah. >> A lot of folks were on the fence, for a couple of years, going like, which one's going to make it? Now, it's kind of like, this is a given. You couldn't, you know, just as Linux is everywhere on the servers, that's the same with Kubernetes, and people are now happy to really invest, to like, okay, let's do it now, let's go all in. >> Yeah, and, what we're hearing, too, just stepping back and looking at the big picture is we see the trend, kind of hearing and connecting the dots, as the number of nodes is going to expand significantly. I mean, Sterring was on stage yesterday, and we heard their, and still small, not a lot of huge, not a lot on a large scale. So, we think that the scale question is coming quickly. >> Well, I think it already came, alright? In the machine-learning reception that we had at night, one of the gentleman, Willem Bookwalter, from Microsoft, and Diane Feddema, from Red Hat, and a whole lot of people are talking about how do we get, because machine-learning workloads, have such huge work, you know, GPU, and Google has their TPU requirements to get to scale, to run these things, that people are already pushing the envelope on Kubernetes. Jeremy Eater from Red Hat has done some incredible performance management work. And on the CNCF blog, they've posted all of that. To get the optimal performance, and to get the scale, is now, I think, one of the next big things, and there's a lot of talks that are on that. >> Yeah, and that's Istio's kind of big service mesh opportunity there, is to bring that to the next level. >> To the next level, you know, there's going to be a lot of things that people are going to experience trying to get the most out of their clusters, but also, I think we're still at the edge of that. I mean, someone said something about getting to 2,500 nodes. And I'm like, thinking, that's just the beginning, baby. >> Yeah, it's going to be more, add a couple zeroes. I got to ask you guys, I got to put you both on the spot here, because it's what we do on theCUBE. You guys are great supporters of theCUBE. We appreciate that, but we've had many conversations over the years with OpenShift, going back to OpenStacks, I don't know what year it was, maybe 2012, or I don't know. I forget what year it was. Now, the success of OpenShift was really interesting. You guys took this to a whole 'nother level. What's the reaction? Are you, as you look back now on where you were with OpenShift and where you are today, do you pinch yourself and say, damn? Or what's your view? >> Red Hat made a big bet on Kubernetes three years ago, three and a half years ago, when people thought we were crazy. You know, they hadn't seen it. They didn't understand what Google was trying to open-source, and some of the engineers inside of Red Hat, Clayton Coleman, Matt Hicks, a lot of great people, saw what was coming, reached out, worked with Google. And the rest of us were like, well, what about Ruby and Rails, and Mongo DB, and you know, doing all this stuff? And like, we invested so much in gears and cartridges. And then, once they explained it, and once Google really open-sourced the whole thing, making that bet as a company, and pivoting on that dime, and making version 3.0 of OpenShift and OpenShift Origin, as a Kubernetes-based platform, as a service, and then, switching over to being a container platform, that was a huge thing. And if you had talked to me back then, three years ago, it was kind of like, is this the right way to go? But, then, you know, okay. >> Well, it's important to history to document that point, because I remember we talked about it. And one of the things, you guys made a good bet, and people were scratching their head, at that time. >> Oh yeah. >> Big time. But also, you've got to give credit to the community, because the leaders in the community recognized the importance of Kubernetes early on. We've been in those conversations, and said, hey, you know, we can't screw this up, because it was an opportunity. People saw the vision, and saw it as a great opportunity. >> I think, as much as I like the technical bits, as an engineer, the API being written and go, and so on, I really think the community, that is what really makes the difference. >> Yeah, absolutely does. >> If you compare it with others, they're also successful. But here with CNCF, all the projects, all the people coming together, and I love the community, I really-- >> It's a case study of how to execute, in my opinion. You guys did a great job in your role, and the people didn't get in the way and try to mess it up. Great smart people understood it, shepherded it through, let it grow. >> And it really is kudos to the Kubernetes community, and the CNCF, for incubating all of this wonderful cross-community collaboration. They do a great job with their ambassadors program. The Kubernetes community does amazing stuff around their SIGs, and making sure that projects get correctly incubated. You know, they're not afraid to rejig the processes. They've just done a wonderful thing, changing the way that new projects come into the Kubernetes, and I think that willingness to learn, learn from mistakes, to evolve, is something that's really kind of unique to the whole new way of thinking about open-source now, and that's the change that we've seen. >> And open-source, open movements, always have a defining moment. You know, the OSI model, remember? That stack never got fully standardized but it stopped at a really important point. PCPIP, IP became really important. The crazy improbability world, CISCO, as we know, and others. This is that kind of moment where there's going to be a massive wealth creation, value creation opportunity because you have people getting behind something, as a de facto standard. And then, there's a lot of edge work around it that can be innovated on. I think, to me, this is going to be one of those moments we look back on. >> Yeah, and I think it's that willingness to adjust the processes, to work with the community, and you know, that Kubernetes, the ethos that's around this project, we've learned from a lot of other foundations' mistakes. You know, not that they're better or worse, but we've learned that you could see the way we're bringing in new projects, and adding them on. We took a step back as a community, and said okay, this is, we're getting too many, too soon, too fast. And maybe, this is not quite the right way to go. And rather than doing the big tent umbrella approach, we've actually starting doing some really re-thinking of our processes, and the governing board and the TOC of the CNCF, have done an awesome job getting that done. >> When you got lightning in a bottle, you stop and you package it up, and you run with it, so congratulations. Red Hat Summit next week, we'll be there, theCUBE. >> Oh yeah. >> Looking forward to going deep on this. >> Well, the OpenShift Commons Gathering is the day before Red Hat Summit. We've completely sold out, so sorry, there's a waitlist. We've gone from being, our first one, I think we had 150 people come. There's over 700 people now coming to the Gathering one, and 25 customers with production deployments speaking. This is the day before Red Hat Summit. And I lost count of how many OpenShift stories are being told at Red Hat Summit. It's going to be a crazy, jetlag-y week, next week, so-- >> Congratulations, you guys got a spring in your step, well done. OpenShift going to the next level, certainly the industry and Kubernetes, a service mesh as Istio. Lot of great coverage here in theCUBE, here in Europe for KubeCon 2018 in Copenhagen, Denmark. I'm John Furrier, and Lauren Cooney, the founder of SparkLabs. I'm with theCUBE, we'll be back with more live coverage. Stay with us! Day Two, here at KubeCon, we'll be right back. (upbeat techno music)