>> Presenter: From around the globe, it's theCUBE, with coverage of KubeCon and CloudNativeCon North America 2020 Virtual. Brought to you by Red Hat, the Cloud Native Computing Foundation and ecosystem partners. >> Hey, welcome back everybody, Jeff Frick here with theCUBE. We're coming to you from our Palo Alto Studios with our ongoing coverage of KubeCon + CloudNativeCon 2020, the digital version. It would have been the North American version but obviously everything is digital. So we're excited, we've been coming back here for years and we've got a founder of CNCF and also a practitioner, really great opportunity to get some insight from someone who's out in the field and putting this stuff into work. So we're joined in this next segment by Ken Owens. He is the Vice President of Software Development Engineering for MasterCard, and he's a founding member of the CNCF, The Cloud Native Computing Foundation. Ken, great to see you. >> Yeah, great. Thank you for having me, I have, I've enjoyed theCUBE over the years and I'm glad to be a part of it again. >> Yeah, so we're, we're psyched to have you on, and I think it's the first time I've got to talk to you. I think you might've been on in LA a couple of years ago, or I was kind of drifting around that show. I don't think I was a it was on the set that day, but before we jump into kind of what's going on now, you were a founding member of CNCF. So let's take a step back and kind of share your perspective as to kind of where we are now from where this all began and kind of this whole movement around Cloud Native. Certainly it's a good place to be. >> Yeah, yeah definitely. It's been a great ride. In our industry, we go through these sort of timeframes every decade or so, where something big kind of comes along and you get involved in and you participate in it. And it gets to be a lot of fun and it either dies or it evolves into something else, right? And with CloudNativeCon Cloud Native itself, this concept of just how difficult it was to really move with the type of agility and the type of speed that developers in the enterprise really need to move at. It was just, it was hard to get there with just traditional infrastructure, traditional ways of doing configurations of doing management of infrastructure and it really needed something different and something to kind of help, it was called orchestration of course but at the time we didn't know it was called orchestration right. We knew we needed things like service mesh, but they weren't called service meshes then. There were more like control planes. And how do you, how do you custom create all of these different pieces? And the great thing about the CNCF is that we, when we started it, we had very simple foundational principles we wanted to follow right. One was, we wanted to have end users involved. A lot of foundations as become very vendor-driven and very vendor-centric. And you kind of lose your, your core base of the practitioners as you call us right? The guys who actually need to solve problems they're trying to make a living solving problems for the industry, not just for selling products, right? And so it was important that we get those end users involved and that, and that's probably the biggest changes. It's a great technology body. We had great technologists, great engineers and the foundation but we also have a huge over 150 end users that have engaged and been very involved and contributing to the end users things of the community, contributing to the foundation now. And it's been awesome to see that come to fruition over the last three years. >> Yeah, it certainly part of the magic of open source, that's been so, so transformative. And we've seen that obviously with servers and Linux and what what that did, but we've been talking a lot lately too about kind of the anniversary of the of the Agile Manifesto and kind of the Agile Movement and really changing the prioritization around change and really making change a first class citizen as opposed to kind of a nightmare I don't want to deal with and really building systems and ways of doing things that adopt that. I want to just to pull up the Cloud Native definition 'cause I think it's interesting. We talk about Cloud Native a lot and you guys actually wrote some words down and I think it's worth reading them that Cloud Native Technologies empower organizations to build and run scalable applications in dynamic environments. Dynamic environments is such a key piece to this puzzle because it used to be, this is your infrastructure person, you've got to build something that fits into this. Now with an app-centric world has completely flipped over and the application developer doesn't have to worry about the environment anymore, right? It's spin it up and make it available to me when I need it. A really different way of thinking about things than kind of this static world. >> Definitely and then that was the big missing piece for all those years was how do you get to this dynamic environment, right, that embraces change and embraces risk to some extent. Not risk like you heard in the past with risk avoidance is so important to have, right. It's really more, how do you embrace risk and fail earlier in the process, learn earlier in the process so that when you get to production you're not failing, you're not having to worry about failure because you cut as much as you could in the earlier phases of your development life cycle. And that's been set, like you said that dynamic piece has just been such the difference. I think in why it's been taken off. >> Yeah. >> And industry this last five years now that we've been around. >> Yeah, for sure. So then the next one well, I'm just going to go through them 'cause there's three main tenants of this thing. These techniques and techniques enabled loosely coupled systems that allow engineers to make high impact changes frequently and predictably with minimum toil. I mean, those are, those are really hard challenges in a classic waterfall way with PRDs and MRDs and everything locked down in a big, giant Gantt chart that fills half of the half the office to actually be able to have loosely coupled systems. Again a really interesting concept versus hardwired, connected systems. Now you're talking about APIs and systems all connecting. Really different way to think about development and how do you build applications. >> Yeah and the interesting thing there is the very first definition we came up with five plus years ago was containers, containerized workloads, right? And being technologist, everyone focused on those words containers and containerized and then everything had to be a container, right? And to your point, that isn't what we're trying to do, right? We're trying to create services that are just big enough to support whatever is needed for that service to support and be able to scale those up and down independently of other dependent systems that may have different requirements associated with what they have to do, right. And it was more about that keeping those highly efficient type of patterns in mind of spinning up and spinning down things that don't have impact or cause impact to other larger components around them was really the key not containers or containerized. >> Right. >> Obviously that's one of the patterns you could follow to create those types of services and those patterns, but there is nothing that guarantees it has to be a container that can do that. Lots of BMS today and lots of Bare Metal Servers can have a similar function. They're just not going to be as dynamic as you may want them to be in other environments. >> Right and then the third tenant, three of three is fostering sustainable ecosystem of open source vendor neutral projects, democratizing state-of-the-art patterns to make these innovations accessible for everyone. So just the whole idea of democratization of technology, democratization of data, democratization of tools, to do something with the data to find the insight democratization of the authority to execute on those decisions once you get going on that, I mean the open source and kind of this democratization to enable a broad distribution of power to more than just mahogany row, huge fundamental shift in the way people think about things. And really even still today, as everyone's trying to move their organizations to be more data-centric in the way they operate, it is really all about the democratization and getting that information and the tools and the ability to do something with it to as broad a group of people as you can. And that's even before we talk about open source development and the power of again, as you said, bringing in this really active community who want to contribute. It's a really interesting way that open source works. It's such a fun thing to watch, and I'm not a developer from the outside, but to see people get excited about helping other people. I think that's probably the secret to the whole thing that really taps into. >> Yeah, it is. And open source, there were discussions about open source for 20 plus years trying to get more into open source contributing to open source in an enterprise mindset, right? And it could never really take off 'cause it's not really the foundation or the platforms or the capabilities needed to do that. And now to your point, open source was really the underlying engine that is making all of this possible. Without open source and some of those early days of trying to get more open source and understanding of open source in the enterprise, I think we'd still be trying to get adoption but open source had just gotten to that point where everyone wanted to do more with open source. The CNCF comes along and said, here's the set of democratized, we're not going to have kingmakers in this organization. We're going to have a lot of open solutions, a lot of good options for companies to look at, and we're not going to lock you in to anything. 'Cause that's another piece of that open source model, right. Open source still can lock you in, right. But if you have open choices within open source, there's less, lock-in potential and locking isn't really a horrible thing. It's just one of those tenants you don't want to be tied too tightly to any one solution or one hope, open source even program because that could 'cause issues of that minimal toil we talked about, right. If you have a lot of dependencies and a lot of, I always joked about OpenStack but if I have to email two guys, if I find an issue in OpenStack about security that's not really a great security model that I can tell my customers I have your security covered, right? So, you want to get away from emails and having to ask for help, if you see a big security issue you want to just address it right then and fix it fast. >> Right, right. So much to unpack there. And for those that don't follow you, you've done a ton of presentations. You've got a ton of great content out of the internet with deep technical dives, into some of this stuff and the operational challenges in your philosophies but good keeping it kind of high level here. 'Cause one of the themes that comes up over and over in some of the other stuff I saw from you is really about asking the right questions. And we hear this time and time again, that the way to get the right answer first you got to frame the question right. And you talk quite extensively about asking the why and asking the how. I wonder if you can unpack that a little bit as to why those two questions are so important and how do you ask them in a way that doesn't piss everybody off or scare them away when you're at a big company like MasterCard that has a lot of personal information, you're in the finance industry, you got ton of regulation but still you're asking how and you're asking why. >> Yeah, definitely. And those, those are two questions that I keep coming back to in the industry because they are, they're not asked enough in my opinion. I think they, for the reasons you brought up those there's too much pushback or there's, you don't want to be viewed as someone who's being difficult, right? And there maybe other reasons why you don't want to ask that but I like to ask the why first because it, you kind of have to understand what's the problem you're trying to solve. And it kind of goes back to my engineering background, I think right. I love to solve problems and one of my early days and you might have heard this on one of my, my interviews, right. But in my early days, I was trying to fix a problem that I was on an advanced engineering team. And I was tier four support in a large Telco. And for months we had this issue with one of our large oil based companies and no one could solve it. And I was on call the night that they called in. And I asked the guy a simple question, tell me which lights you see on this DHUC issue? Which is a piece of equipment that sits between a ATM network and a regular Sonnet network. So we're watching, I'm asking them as kind of find out where in this path, there's a problem. And the guy tells me where there's no lights on. And I'm like well, plug in the power and let me know when it boots up and then let's try another test. And that was the problem. So my, the cleaning crew would come through and unplugged it. And so I learned early on in my crew that if you don't ask those simple questions, you just assume that everything's working almost nine times out of 10, it's the simple, easy solution to a problem. You're just too busy thinking of all the complex things that could go wrong and trying to solve all the hard problems first. And so I really try to help people think about, ask the why questions, ask, why is this important? Why do we need to do this now? Why, what would happen if we don't do this? If we did it this other way, what's the downside of doing it this other way? Really think through your options, 'cause it may take you 20, 30 minutes to kind of do a good analysis of a problem, but then your solution you're not going to spend weeks trying to troubleshoot when it doesn't work because you put the time upfront to think about it. So that's sort of the main reason why I like to ask the why and the how, because it forces you to think outside of your normal, my job is to take this cog and put it over here and fix this, right. And you don't want to be in that, that mode when you're solving complex problems because you overlook or you miss the simple things. >> Right. So you don't like the 'cause we've always done it that way? (both laughing) >> I do not. And I hear that a lot everywhere I've been in the industry and anywhere, any company you have those, this is the way we've always done it. >> Yeah, yeah. Just like the way we've always traveled, right. And the way we've always been educated and the way we've always consumed entertainment. It's like really? I wanted to (indistinct) >> I have learned though that there's a good, I like to understand the reason behind why we've always done it that way. So I do always ask that question. >> Right. >> I don't turn around on someone and get mad at them and you say, Oh, we can't we have to do it differently. I don't have the mindset of let's throw that out the window because I realized that over time something happened. It's like when I had younger kids, I always laugh because they put these warnings on those whatever they call them at the kids stand up in them. >> Right, the little, the little (indistinct) >> Don't put them on top of the stairs right. These stupid little statements are written on there. And I always thought I was dumb. And if somebody told me, well that's because somebody put their kid near the pool and they drown. >> Right, right. >> You have to kind of point out the obvious to people and so, >> Yeah. >> I don't think it's that dangerous of a situation and in the work environment, but hopefully we're not making the same mistakes that have been prevented by not allowing just the, not because we've done it this way before modeled it to go forward. >> Right, right now we have a rule around here too. There's a reason we have every rules is because somebody blew it at some point in time. That's why we have the rule that I want to shift gears a little bit and talk about automation, right? 'Cause automation is such a big and important piece of this whole story especially as these systems scale, scale, scale. And we know that people are prone to errors. I mean, I had seen that story about the cleaner accidentally unplugging things. We all know that people fat fingers, copy and paste is not used as universally as it should be. But I wonder if you could share, how important automation is. And I know you've talked a lot about how people should think about automate automation and prioritizing automation and helping use automation to both make people more productive but also to prioritize what the people should be working on as well as lowering the error rate on stuff that they probably shouldn't be doing anyway. >> Exactly, yeah automation to me is, as you've heard me say before is it's something that is probably almost as big of a key tenet as open source should be, right? It's one of those foundational things that it really helps you to get rid of some of that churn and some of the toil that you run into in a production environment where you're trying to always figure out what went wrong and why did this system not work on this point in time and this day and this deployment, and it's almost to your point always a fat finger, someone deleted an IP address from the IPAM system. There's all kinds of errors that you can people can tell you about that have happened. But to the root of your question is automation needs to be thought about from three different primary areas in my view, in my experience. The first one is the infrastructure as code, software defined infrastructure, right. So the networking teams and the storage teams and the security teams are probably the furthest behind in adopting automation in in their jobs, right. And their jobs are probably the most critical pieces of the infrastructure, right? And so those are, those are pieces that I really highly encouraged them to think about how can they automate those areas. The second piece is I think is equally as important as the infrastructure piece is the application side. When I first joined multiple enterprises in the past, the test coverage is in the low 10's to 20%, right. And your test coverage is a direct correlation to how well your application is going to behave and production in terms of failures, right? So if you have low test coverage, you're going to have high failure rates. It's sort of over over all types of industries every study has shown that, right. So getting your test coverage up and testing the right things not just testing to have test coverage right. >> But actually. >> Right, right. >> Thinking through your user stories and acceptance criteria and having good test is really, really important. So you have those two bookends, right. And in between, I think it's important that you look at how you connect to these services, these distributed systems we talked about in the opening right. If you fully automate your infrastructure and fully automate your application development and delivery, that's great. But if in the middle you have this gooey middle that doesn't really connect well doesn't really have the automation in place to ensure that your certificates are there that your security is in place. That middle piece can become really a problem from a security and from a availability issue. And so those those are the two pieces that I say really focus on is that gooey middle and then that infrastructure piece is really the two keys. >> Right, right. You've got another group of words that you use a lot. I want you to give us a little bit more color behind it. And that's talking to people to tell them that they need to spend more time on investigation. They need to do more experimentation. And then and the one that really popped out to me was it was retro to retrospective to not necessarily a postmortem which I thought is interesting. You say retrospective versus the postmortem, because this is an ongoing process for continuous improvement. And then finally, what seems drop dead dumb obvious is to iterate and deliver. But I wonder if you can share a little bit more color on how important it is to experiment and to investigate and to have those retrospectives. >> Yeah definitely. And then it kind of goes back to that culture we want to create in a Cloud Native world, right. We want to be open to thinking about how we can solve problems better, how we can have each iteration we want, to look at, how do we have a less toil, have less issues. How do we improve the, I liked kind of delight in your experience, how do you make your developers and your customers specific, but specifically how do you make your customers so happy with your service? And when you think about those sort of areas, right. You want to spend some portion of your time dedicated to how do I look at and investigate better ways of doing things or more improvements around the way my customer experience is being delivered. Asking your customers questions, right. You'd be surprised how how many customers don't ever get asked for their opinion on how something works, right. And they want to be asked, they'd love to give you feedback. It doesn't necessarily mean you're going to go do it that next iteration, right? The old adage I like to use is if Henry Ford had listened to his customers he would have tried to breed a faster horse, right? And so you have to kind of think about what you want to try to deliver as a product and as an organization but at the same time, that input is important. And I think, I say carve it out, because if you don't, we're so busy today and there's so much going on in our lives. If you don't dedicate and carve out some of that time and protect that time, you will never get to that, right. It's always a, I'll get to that next year. Maybe our next iteration I'll try, right. And so it's important to really hold that time as sacred and spend time every week, every couple of weeks, whatever it works out in the schedule, but actually put that in your calendar and block out that time and use it to really look at what's possible, what's relevant, what kind of improvements you can have. I think those are really the key the key takeaways I can have from that piece of it. And then, the last one you asked about, which I think is so important, is the retrospective, right. Always trying to get better and better at what you do is, is an engineer's goal, right? We never liked to fail. We never liked to do something twice, right? We don't want to, we want to learn the first time we make a mistake and not make it over and over again. So that those retrospectives and improving on what you're doing iteratively. And to the point you brought up and I like to bring this up a lot, 'cause I've been part not at MasterCard, but at other companies parts of companies that would talk a great game come up with great stories, say here's our plan. And then when we get ready to go to deliver it, we go and we reinvestigate the plan and see if there's a better plan. And then we get to a point where we're ready to go execute. And then we go back and start all over again, right. And you've got to deliver iteratively, if you don't, you're the point I like to always make is you're never going to be ready, right. It's like, when are you ready to have kids? You never ready to have kids, right. You just have to go and you'll learn as you go. You know so. >> Right, right, I love that. Well again, Ken, you have so much great stuff out there for technical people that want to dive in deep? So I encourage them just to do a simple YouTube or excuse me, YouTube search or Google search but I want to give you the last word. One word, I'm going to check the transcript when this thing is over that you've used probably more than any other word while we've been talking for the last few minutes is toil. And I think it's really interesting that it brings up and really highlights your empathy towards what you're trying to help developers avoid and what you're trying to help teams avoid so that they can be more productive. You keep saying, avoid the toil, get out of the toil, get out of this kind of crap that inhibits people from getting their job done and being creative and being inventive and being innovative. Where does that come from? And I just love that you keep reinforce it and just kind of your final perspective as we wrap on 2020 and another year of CNCF and clearly containers and Kubernetes and Cloud Native is continues to be on fire and on a tear. I just wonder if you can share a little bit of your perspective as a founding member as we kind of come to the end of 2020. >> Yeah definitely. Thanks again for having me. It's been a great, great discussion. I am a developer by background, by trade today, I still develop. I still contribute to open source and I've had this mantra pretty much my entire career that you have to get into the weeds and understand what everyone's experiencing in order to figure out how to solve the problems, right. You can't be in an ivory tower and look down and say, Oh, there's a problem, I'm going to go fix that. It just doesn't work that way. And most problems you try to solve in that model will be problems that no other team has really experienced. And there not going to be help, they're not going to be thankful that you solved the problem they don't have, right? They want you to solve a problem that they have. And so I think that that's sort of a key for the reason why I spent so much time talking about that as I live it every day. I understand it. I talk with my development community and with a broader community of developers at MasterCard and understand the pains that they're going through and try to help them every day with coming up with ways to help make their lives a lot easier. So it's important to me and to to all organizations out there and in all of the, in the world. So, CNCF its been great. It's still growing. I'm always looking for end users. I'd love to talk to you. Well, you can reach out to, to the CNCF if you'd like to learn more, our website has information on how to get connected to the end user community. We community within the CNCF that is not, it's a private community. So you don't have to worry about your information being shared. If you don't want people to know you belong to the community, you don't have to list that information. If you want to list it, you're welcome to list it. There's no expectations on you to contribute to open source, but we do encourage you to contribute, and are here to support that end user community any way we can. So thanks again for having us and looking forward to, to a great show in North America. >> All right well, thank you, Ken, for sharing your information sharing the insight, sharing the knowledge really appreciate it and great to catch up. All right. He's Ken, I'm Jeff. You're watching theCUBE with our ongoing coverage of KubeCon + CloudNativeCon 2020 North America Digital. Thanks for watching. We'll see you next time. (gentle music)