>>Hey guys and girls, welcome back to Motor City, Lisa Martin here with John Furrier on the Cube's third day of coverage of Coon Cloud Native Con North America. John, we've had some great conversations over the last two and a half days. We've been talking about identity and security management as a critical need for enterprises within the cloud native space. We're gonna have another quick conversation >>On that. Yeah, we got a great segment coming up from someone who's been in the industry, a long time expert, running a great company. Now it's gonna be one of those pieces that fits into what we call super cloud. Others are calling cloud operating system. Some are calling just Cloud 2.0, 3.0. But there's definitely a major trend happening around how cloud is going Next generation. We've been covering it. So this segment should be >>Great. Let's unpack those trends. One of our alumni is back with us, O Rika Zi, co-founder and CEO of Aerio. Omri. Great to have you back on the >>Cube. Thank you. Great to be here. >>So identity move to the cloud, Access authorization did not talk to us about why you found it assertive, what you guys are doing and how you're flipping that script. >>Yeah, so back 15 years ago, I helped start Azure at Microsoft. You know, one of the first few folks that you know, really focused on enterprise services within the Azure family. And at the time I was working for the guy who ran all of Windows server and you know, active directory. He called it the linchpin workload for the Windows Server franchise, like big words. But what he meant was we had 95% market share and all of these new SAS applications like ServiceNow and you know, Workday and salesforce.com, they had to invent login and they had to invent access control. And so we were like, well, we're gonna lose it unless we figure out how to replace active directory. And that's how Azure Active Directory was born. And the first thing that we had to do as an industry was fix identity, right? Yeah. So, you know, we worked on things like oof Two and Open, Id Connect and SAML and Jot as an industry and now 15 years later, no one has to go build login if you don't want to, right? You have companies like Odd Zero and Okta and one login Ping ID that solve that problem solve single sign-on, on the web. But access Control hasn't really moved forward at all in the last 15 years. And so my co-founder and I who were both involved in the early beginnings of Azure Active directory, wanted to go back to that problem. And that problem is even bigger than identity and it's far from >>Solved. Yeah, this is huge. I think, you know, self-service has been a developer thing that's, everyone knows developer productivity, we've all experienced click sign in with your LinkedIn or Twitter or Google or Apple handle. So that's single sign on check. Now the security conversation kicks in. If you look at with this no perimeter and cloud, now you've got multi-cloud or super cloud on the horizon. You've got all kinds of opportunities to innovate on the security paradigm. I think this is kind of where I'm hearing the most conversation around access control as well as operationally eliminating a lot of potential problems. So there's one clean up the siloed or fragmented access and two streamlined for security. What's your reaction to that? Do you agree? And if not, where, where am I missing that? >>Yeah, absolutely. If you look at the life of an IT pro, you know, back in the two thousands they had, you know, l d or active directory, they add in one place to configure groups and they'd map users to groups. And groups typically corresponded to roles and business applications. And it was clunky, but life was pretty simple. And now they live in dozens or hundreds of different admin consoles. So misconfigurations are rampant and over provisioning is a real problem. If you look at zero trust and the principle of lease privilege, you know, all these applications have these course grained permissions. And so when you have a breach, and it's not a matter of if, it's a matter of when you wanna limit the blast radius of you know what happened, and you can't do that unless you have fine grained access control. So all those, you know, all those reasons together are forcing us as an industry to come to terms with the fact that we really need to revisit access control and bring it to the age of cloud. >>You guys recently, just this week I saw the blog on Topaz. Congratulations. Thank you. Talk to us about what that is and some of the gaps that's gonna help sarto to fill for what's out there in the marketplace. >>Yeah, so right now there really isn't a way to go build fine grains policy based real time access control based on open source, right? We have the open policy agent, which is a great decision engine, but really optimized for infrastructure scenarios like Kubernetes admission control. And then on the other hand, you have this new, you know, generation of access control ideas. This model called relationship based access control that was popularized by Google Zanzibar system. So Zanzibar is how they do access control for Google Docs and Google Drive. If you've ever kind of looked at a Google Doc and you know you're a viewer or an owner or a commenter, Zanzibar is the system behind it. And so what we've done is we've married these two things together. We have a policy based system, OPPA based system, and at the same time we've brought together a directory, an embedded directory in Topaz that allows you to answer questions like, does this user have this permission on this object? And bringing it all together, making it open sources a real game changer from our perspective, real >>Game changer. That's good to hear. What are some of the key use cases that it's gonna help your customers address? >>So a lot of our customers really like the idea of policy based access management, but they don't know how to bring data to that decision engine. And so we basically have a, you know, a, a very opinionated way of how to model that data. So you import data out of your identity providers. So you connect us to Okta or oze or Azure, Azure Active directory. And so now you have the user data, you can define groups and then you can define, you know, your object hierarchy, your domain model. So let's say you have an applicant tracking system, you have nouns like job, you know, know job descriptions or candidates. And so you wanna model these things and you want to be able to say who has access to, you know, the candidates for this job, for example. Those are the kinds of rules that people can express really easily in Topaz and in assertive. >>What are some of the challenges that are happening right now that dissolve? What, what are you looking at to solve? Is it complexity, sprawl, logic problems? What's the main problem set you guys >>See? Yeah, so as organizations grow and they have more and more microservices, each one of these microservices does authorization differently. And so it's impossible to reason about the full surface area of, you know, permissions in your application. And more and more of these organizations are saying, You know what, we need a standard layer for this. So it's not just Google with Zanzibar, it's Intuit with Oddy, it's Carta with their own oddy system, it's Netflix, you know, it's Airbnb with heed. All of them are now talking about how they solve access control extracted into its own service to basically manage complexity and regain agility. The other thing is all about, you know, time to market and, and tco. >>So, so how do you work with those services? Do you replace them, you unify them? What is the approach that you're taking? >>So basically these organizations are saying, you know what? We want one access control service. We want all of our microservices to call that thing instead of having to roll out our own. And so we, you know, give you the guts for that service, right? Topaz is basically the way that you're gonna go implement an access control service without having to go build it the same way that you know, large companies like Airbnb or Google or, or a car to >>Have. What's the competition look like for you guys? I'm not really seeing a lot of competition out there. Are there competitors? Are there different approaches? What makes you different? >>Yeah, so I would say that, you know, the biggest competitor is roll your own. So a lot of these companies that find us, they say, We're sick and tired of investing 2, 3, 4 engineers, five engineers on this thing. You know, it's the gift that keeps on giving. We have to maintain this thing and so we can, we can use your solution at a fraction of the cost a, a fifth, a 10th of what it would cost us to maintain it locally. There are others like Sty for example, you know, they are in the space, but more in on the infrastructure side. So they solve the problem of Kubernetes submission control or things like that. So >>Rolling your own, there's a couple problems there. One is do they get all the corner cases who built a they still, it's a company. Exactly. It's heavy lifting, it's undifferentiated, you just gotta check the box. So probably will be not optimized. >>That's right. As Bezo says, only focus on the things that make your beer taste better. And access control is one of those things. It's part of your security, you know, posture, it's a critical thing to get right, but you know, I wanna work on access control, said no developer ever, right? So it's kind of like this boring, you know, like back office thing that you need to do. And so we give you the mechanisms to be able to build it securely and robustly. >>Do you have a, a customer story example that is one of your go-tos that really highlights how you're improving developer productivity? >>Yeah, so we have a couple of them actually. So there's the largest third party B2B marketplace in the us. Free retail. Instead of building their own, they actually brought in aer. And what they wanted to do with AER was be the authorization layer for both their externally facing applications as well as their internal apps. So basically every one of their applications now hooks up to AER to do authorization. They define users and groups and roles and permissions in one place and then every application can actually plug into that instead of having to roll out their own. >>I'd like to switch gears if you don't mind. I get first of all, great update on the company and progress. I'd like to get your thoughts on the cloud computing market. Obviously you were your legendary position, Azure, I mean look at the, look at the progress over the past few years. Just been spectacular from Microsoft and you set the table there. Amazon web service is still, you know, thundering away even though earnings came out, the market's kind of soft still. You know, you see the cloud hyperscalers just continuing to differentiate from software to chips. Yep. Across the board. So the hyperscalers kicking ass taking names, doing great Microsoft right up there. What's the future? Cuz you now have the conversation where, okay, we're calling it super cloud, somebody calling multi-cloud, somebody calling it distributed computing, whatever you wanna call it. The old is now new again, it just looks different as cloud becomes now the next computer industry, >>You got an operating system, you got applications, you got hardware, I mean it's all kind of playing out just on a massive global scale, but you got regions, you got all kinds of connected systems edge. What's your vision on how this plays out? Because things are starting to fall into place. Web assembly to me just points to, you know, app servers are coming back, middleware, Kubernetes containers, VMs are gonna still be there. So you got the progression. What's your, what's your take on this? How would you share, share your thoughts to a friend or the industry, the audience? So what's going on? What's, what's happening right now? What's, what's going on? >>Yeah, it's funny because you know, I remember doing this quite a few years ago with you probably in, you know, 2015 and we were talking about, back then we called it hybrid cloud, right? And it was a vision, but it is actually what's going on. It just took longer for it to get here, right? So back then, you know, the big debate was public cloud or private cloud and you know, back when we were, you know, talking about these ideas, you know, we said, well you know, some applications will always stay on-prem and some applications will move to the cloud. I was just talking to a big bank and they basically said, look, our stated objective now is to move everything we can to the public cloud and we still have a large private cloud investment that will never go away. And so now we have essentially this big operating system that can, you know, abstract all of this stuff. So we have developer platforms that can, you know, sit on top of all these different pieces of infrastructure and you know, kind of based on policy decide where these applications are gonna be scheduled. So, you know, the >>Operating schedule shows like an operating system function. >>Exactly. I mean like we now, we used to have schedulers for one CPU or you know, one box, then we had schedulers for, you know, kind of like a whole cluster and now we have schedulers across the world. >>Yeah. My final question before we kind of get run outta time is what's your thoughts on web assembly? Cuz that's getting a lot of hype here again to kind of look at this next evolution again that's lighter weight kind of feels like an app server kind of direction. What's your, what's your, it's hyped up now, what's your take on that? >>Yeah, it's interesting. I mean back, you know, what's, what's old is new again, right? So, you know, I remember back in the late nineties we got really excited about, you know, JVMs and you know, this notion of right once run anywhere and yeah, you know, I would say that web assembly provides a pretty exciting, you know, window into that where you can take the, you know, sandboxing technology from the JavaScript world, from the browser essentially. And you can, you know, compile an application down to web assembly and have it real, really truly portable. So, you know, we see for example, policies in our world, you know, with opa, one of the hottest things is to take these policies and can compile them to web assemblies so you can actually execute them at the edge, you know, wherever it is that you have a web assembly runtime. >>And so, you know, I was just talking to Scott over at Docker and you know, they're excited about kind of bringing Docker packaging, OCI packaging to web assemblies. So we're gonna see a convergence of all these technologies right now. They're kind of each, each of our, each of them are in a silo, but you know, like we'll see a lot of the patterns, like for example, OCI is gonna become the packaging format for web assemblies as it is becoming the packaging format for policies. So we did the same thing. We basically said, you know what, we want these policies to be packaged as OCI assembly so that you can sign them with cosign and bring the entire ecosystem of tools to bear on OCI packages. So convergence is I think what >>We're, and love, I love your attitude too because it's the open source community and the developers who are actually voting on the quote defacto standard. Yes. You know, if it doesn't work, right, know people know about it. Exactly. It's actually a great new production system. >>So great momentum going on to the press released earlier this week, clearly filling the gaps there that, that you and your, your co-founder saw a long time ago. What's next for the assertive business? Are you hiring? What's going on there? >>Yeah, we are really excited about launching commercially at the end of this year. So one of the things that we were, we wanted to do that we had a promise around and we delivered on our promise was open sourcing our edge authorizer. That was a huge thing for us. And we've now completed, you know, pretty much all the big pieces for AER and now it's time to commercially launch launch. We already have customers in production, you know, design partners, and you know, next year is gonna be the year to really drive commercialization. >>All right. We will be watching this space ery. Thank you so much for joining John and me on the keep. Great to have you back on the program. >>Thank you so much. It was a pleasure. >>Our pleasure as well For our guest and John Furrier, I'm Lisa Martin, you're watching The Cube Live. Michelle floor of Con Cloud Native Con 22. This is day three of our coverage. We will be back with more coverage after a short break. See that.

>>Hey everybody. Welcome back. Good afternoon. Lisa Martin here with John Feer live in Detroit, Michigan. We are at Coon Cloud Native Con 2020s North America. John Thank is who. This is nearing the end of our second day of coverage and one of the things that has been breaking all day on this show is news. News. We have more news to >>Break next. Yeah, this next segment is a company we've been following. They got some news we're gonna get into. Managing Kubernetes life cycle has been a huge challenge when you've got large organizations, whether you're spinning up and scaling scale is the big story. Kubernetes is the center of the conversation. This next segment's gonna be great. It >>Is. We've got two guests from Specter Cloud here. Please welcome. It's CEO Chenery Fu and co-founder and it's c g a co-founder Sta Mallek. Guys, great to have you on the program. Thank >>You for having us. My pleasure. >>So Timary, what's going on? What's the big news? >>Yeah, so we just announced our Palace three this morning. So we add a bunch, a new functionality. So first of all we have a Nest cluster. So enable enterprise to easily provide Kubernete service even on top of their existing clusters. And secondly, we also support seamlessly migration for their existing cluster. We enable them to be able to migrate their cluster into our CNC for upstream Kubernete distro called Pallet extended Kubernetes, GX K without any downtime. And lastly, we also add a lot of focus on developer experience. Those additional capability enable developer to easily onboard and and deploy the application for. They have test and troubleshooting without, they have to have a steep Kubernetes lending curve. >>So big breaking news this morning, pallet 3.0. So you got the, you got the product. This is a big theme here. Developer productivity, ease of use is the top story here. As developers are gonna increase their code velocity cuz they're under a lot of pressure. This infrastructure's getting smarter. This is a big part of managing it. So the toil is now moving to the ops. Steves are now dev teams. Security, you gotta enable faster deployment of apps and code. This is what you guys solve while you getting this right. Is that, take us through that specific value proposition. What's the, what are the key things on in this news release? Yeah, >>You're exactly right. Right. So we basically provide our solution to platform engineering ship so that they can use our platform to enable Kubernetes service to serve their developers and their application ship. And then in the meantime, the developers will be able to easily use Kubernetes or without, They have to learn a lot of what Kubernetes specific things like. So maybe you can get in some >>Detail. Yeah. And absolutely the detail about it is there's a big separation between what operations team does and the development teams that are using the actual capabilities. The development teams don't necessarily to know the internals of Kubernetes. There's so much complexity when it comes, comes into it. How do I do things like deployment pause manifests just too much. So what our platform does, it makes it really simple for them to say, I have a containerized application, I wanna be able to model it. It's a really simple profile and from there, being able to say, I have a database service. I wanna attach to it. I have a specific service. Go run it behind the scenes. Does it run inside of a Nest cluster? Which we'll talk into a little bit. Does it run into a host cluster? Those are happen transparently for >>The developer. You know what I love about this? What you guys are doing in the news, it really points out what I love about DevOps. Because cloud, let's face a cloud early adopters, we're all the hardcore cloud folks as it goes mainstream. With Kubernetes, you start to see like words like platform engineering. I mean I love that term. That means as a platform, it's been around for a while. For people who are building their own stuff, that means it's gonna scale and enable people to enable value, build on top of it, move faster. This platform engineering is becoming now standard in enterprises. It wasn't like that before. What's your eyes reactions that, How do you see that evolving faster? Or do you believe that or what's your take on >>It? Yeah, so I think it's starting from the DevOps op team, right? That every application team, they all try to deploy and manage their application under their own ING infrastructure. But very soon all these each application team, they start realize they have to repeatedly do the same thing. So these will need to have a platform engineering team to basically bring some of common practice to >>That. >>And some people call them SREs like and that's really platform >>Engineering. It is, it is. I mean, you think about like Esther ability to deploy your applications at scale and monitoring and observability. I think what platform engineering does is codify all those best practices. Everything when it comes about how you monitor the actual applications. How do you do c i CD your backups? Instead of not having every single individual development team figuring how to do it themselves. Platform engineer is saying, why don't we actually build policy that we can provide as a service to different development teams so that they can operate their own applications at scale. >>So launching Pellet 3.0 today, you also had a launch in September, so just a few weeks ago. Talk about what these two announcements mean from Specter Cloud's perspective in terms of proof points, what you're delivering to the end users and the value that they're getting from that. >>Yeah, so our goal is really to help enterprise to deploy and around Kubernetes anywhere, right? Whether it's in cloud data center or even at Edge locations. So in September we also announce our HV two capabilities, which enable very easy deployment of Edge Kubernetes, right at at at any any location, like a retail stores restaurant, so on and so forth. So as you know, at Edge location, there's no cloud endpoint there. It's not easy to directly deploy and manage Kubernetes. And also at Edge location there's not, it's not as secure as as cloud or data center environment. So how to make the end to end system more secure, right? That it's temper proof, that is also very, very important. >>Right. Great, great take there. Thanks for explaining that. I gotta ask cuz I'm curious, what's the secret sauce? Is it nested clusters? What's, what's the core under the hood here on 3.0 that people should know about it's news? It's what's, what's the, what's that post important >>To? To be honest, it's about enabling developer velocity. Now how do you enable developer velocity? It's gonna be able for them to think about deploying applications without worrying about Kubernetes being able to build this application profiles. This NEA cluster that we're talking about enables them, they get access to it in complete cluster within seconds. They're essentially having access to be able to add any operations, any capabilities without having the ability to provision a cluster on inside of infrastructure. Whether it's Amazon, Google, or OnPrem. >>So, and you get the dev engine too, right? That that, that's a self-service provisioning in for environments. Is that, Yeah, >>So the dev engine itself are the capabilities that we offer to developers so that they can build these application profiles. What the application profiles, again they define aspects about, my application is gonna be a container, it's gonna be a database service, it's gonna be a helm chart. They define that entire structure inside of it. From there they can choose to say, I wanna deploy this. The target environment, whether it becomes an actual host cluster or a cluster itself is irrelevant to them. For them it's complete transparent. >>So transparency, enabling developer velocity. What's been some of the feedback so far? >>Oh, all developer love that. And also same for all >>The ops team. If it's easy and goods faster and the steps >>Win-win team. Yeah, Ops team, they need a consistency. They need a governance, they need visibility, but in the meantime, developers, they need the flexibility then theys or without a steep learning curve. So this really, >>So So I hear a lot of people say, I got a lot of sprawl, cluster sprawl. Yeah, let's get outta hand does, let's solve that. How do you guys solve that problem? Yeah, >>So the Neste cluster is a profit answer for that. So before you nest cluster, for a lot of enterprise to serving developers, they have to either create a very large TED cluster and then isolated by namespace, which not ideal for a lot of situation because name stay namespace is not a hard isolation and also a lot of global resource like CID and operator does not work in space. But the other way is you give each developer a separate, a separate ADE cluster, but that very quickly become too costly. Cause not every developer is working for four, seven, and half of the time your, your cluster is is a sit there idol and that costs a lot of money. So you cluster, you'll be able to basically do all these inside the your wholesale cluster, bring the >>Efficiency there. That is huge. Yeah. Saves a lot of time. Reduces the steps it takes. So I take, take a minute, my last question to you to explain what's in it for the developer, if they work with Spec Cloud, what is your value? What's the pitch? Not the sales pitch, but like what's the value pitch that >>You give them? Yeah, yeah. And the value for us is again, develop their number of different services and teams people are using today are so many, there are so many different languages or so many different libraries there so many different capabilities. It's too hard for developers to have to understand not only the internal development tools, but also the Kubernetes, the containers of technologies. There's too much for it. Our value prop is making it really easy for them to get access to all these different integrations and tooling without having to learn it. Right? And then being able to very easily say, I wanna deploy this into a cluster. Again, whether it's a Nest cluster or a host cluster. But the next layer on top of that is how do we also share those abilities with other teams. If I build my application profile, I'm developing an application, I should be able to share it with my team members. But Henry saying, Hey Tanner, why don't you also take a look at my app profile and let's build and collaborate together on that. So it's about collaboration and be able to move >>Really fast. I mean, more develops gotta be more productive. That's number one. Number one hit here. Great job. >>Exactly. Last question before we run out Time. Is this ga now? Can folks get their hands on it where >>Yes. Yeah. It is GA and available both as a, as a SaaS and also the store. >>Awesome guys, thank you so much for joining us. Congratulations on the announcement and the momentum that Specter Cloud is empowering itself with. We appreciate your insights on your time. >>Thank you. Thank you so much. Right, pleasure. >>Thanks for having us. For our guest and John Furrier, Lisa Martin here live in Michigan at Co con Cloud native PON 22. Our next guests join us in just a minute. So stick around.

>>The cube presents, Coon and cloud native con Europe, 2022. Brought to you by red hat, the cloud native computing foundation and its ecosystem partners. >>Welcome to Licia Spain and cube con cloud native con 2022 Europe. I'm Keith Townsend, along with Paul Gillon senior editor, enterprise architecture for Silicon angle. We're gonna talk to some amazing folks. Day two coverage of Q con cloud native con Paul. We did the wrap up yesterday. Great. A great back and forth about what en Rico about yesterday's, uh, session. What are you looking for to today? >>I'm looking for, uh, to understand better, uh, how Kubernetes is being put into production, the types of applications that are being built on top of it. Yesterday, we talked a lot about infrastructure today. I think we're gonna talk a little bit more about applications, including with our first guest. >>Yeah, I was speaking our first guest. We have ish Degan CPO chief product officer at Hazelcast Hazelcast has been on the program before, but you, this is your first time in the queue, correct? >>It, it is Keith. Yeah. Well, >>Welcome to been Cuban. So we're talking data, which is always a fascinating topic. Containers are, have been known for not being supportive of stateful applications. At least you shouldn't hold the traditional thought. You shouldn't hold stateful data in containers. Tell me about the relationship between Hazel cast and containers we're at Cuan. >>Yeah, so a little bit about, uh, Hazelcast. We are a real time data platform and, uh, we are not a database, but a data platform because we basically allow, uh, data at rest as well as data in motion. So you can imagine that if you're writing an application, you can basically query and join a data coming in events, as well as data, which might have been persisted. So you can do both stream processing as well as, you know, low latency data access. And, and this platform of course, is supported on all the clouds. And we kind of delegate the orchestration of this kind of scale out system to Kubernetes. Um, and you know, that provides a resiliency and many things which go along with that. >>So you say you don't, you're not a database platform. What are you used for to manage the data? >>So we are, uh, we are memory first. So we are, you know, we started with low latency applications, but then we realized that real time has really become a business term. It's it's more of a business SLA mm-hmm, <affirmative>, it's really the, we see the opportunity, the punctuated change, which is happening in the market today is about real time data access to real time. I mean, there are real time applications. Our customers are building around real time offers, um, realtime thread detection. I mean, just imagine, you know, one of our customers like B and P par bars, they have, they basically originate a loan while the customer is banking. So you are in an ATM machine and you swipe your card and you are asking for, you know, taking 50 euros out. And at that point they can actually originate a custom loan offer based on your existing balance you're existing request and your credit score in that moment. So that's a value moment for them and they actually saw 400% loan origination go up because of that, because nobody's gonna be thinking about a credit, uh, line of credit after they're done banking. So it's in that value moment and we allow basically our data platform allows you to have fast access to data and also process incoming streams. So not before they get stored, but as they're coming in. >>So if I'm a developer and cuon is definitely a conference for developer and I, I come to the booth and I hear <inaudible>, that's the end value. I, I hear what I can do with my application. I guess the question is, how do I get there? I mean, uh, if it's not a database, how do I make a call from a container to, from my microservice to Hazel cath? Like, do I think of this as a, uh, a CNI or, or C CSI? How do I access >>PA care? Yeah. So, so we, uh, you know, we are, our server is actually built in Java. So a lot of the application which get written on top of the data platform are basically accessing through Java APIs. Or as you have a.net shop, you can actually use.net API. So we are basically an API first platform and SQL is basically the polyglot way of accessing data, both streaming data, as well as it store data. So most of the application developers, a lot of it is run done in microservices, and they're doing these fast get inputs for data. So they, they have a key, they want to get to a customer, they give a customer ID. And the beauty is that, um, while they're processing the events, they can actually enrich it because you need contextual information as well. So going back to the ATM example, you know, at that event happened, somebody swiped the card and ask for 50 euros, and now you want more information like credit score information, all that needs to be combined in that, in that value moment. >>So we allow you to do those joins and, you know, the contextual information is very important. So you see a lot of streaming platform out there, which just do streaming, but if you're an application developer, like you asked, you have to basically do call out to a streaming platform to get, um, to do streaming analytics and then do another call to get the context of that. You know, what is the credit score for this customer? But whereas in our case, because the data platform supports both streaming as well as data at rest, you can do that in one call and, you know, you don't want to have the operational complexity to stand out. Two different scale out servers is, is, is, is humongous, right? I mean, you want to build your business application. So, >>So you are querying data streaming data and data rest yes. In the same query >>Yes. In the same query. And we are memory first. So what happens is that we store a lot of the hot data in memory. So we have a scale out Ram based server. So that's where you get the low latency from. In fact, last year we did a benchmark. We were able to process a billion events a second, uh, with 99% of the latency under 30 milliseconds. So that kind of processing and that kind of power is, and, and the most important thing is determinism. I mean, you know, there's a lot of, um, if you look at real time, what real time is, is about this predictable latency at scale, because ultimately your, your adhering to a business SLA is not about milliseconds or microsecond. It's what your business needs. If your business needs that you need to deny or, uh, approve a credit credit card transaction in 50 milliseconds, that's your business SLA, and you need that predictability for every transaction. >>So talk to us about how how's this packaged in consumed. Cause I'm hearing a, a bunch of server Ram I'm hearing numbers that we're trying to adapt away from at this conference. We don't wanna see the onlay. We just want to use it. >>Yeah. So, so we kind of take a bit that, that complexity of managing this scale out, um, uh, uh, cluster, which actually utilizes Rams from each server. And then, you know, if you, you can configure it so that the hard set of data is in Ram, but the data, which is, you know, not so hard can actually go into a tiered storage model. So we are memory first. So, but what you are doing is you're doing simple, it's an API. So you do basically a crud, right? You create records, you read them through SQL. So for you, it's, it's, it's kind of like how you access that database. And we also provide you, you know, real time is also a journey. I mean, a lot of customers, you know, you don't want to rip their existing system and deploy another kind of scale out platform. Right? So we, we see a lot of these use cases where they have a database and we can sit in between the database, a system of record and the application. So we are kind of in between there. So that's, that's the journey you can take to real time. >>How does Kubernetes, uh, containers and Kubernetes change the game for real time analytics? >>Yeah. So, uh, Kubernetes does change it because what's hap first of all, we service most of the operational workloads. So it's, it's more on the, a lot of our customers. We have most, most of the big banks credit card companies in financial services and retail. Those are the two big sectors for us. And first of all, you know, a lot of these operational workloads are moving to the cloud and with move to the cloud, they're actually taking their existing applications and, and moving to, you know, one of the providers and to kind of orchestrate this scale out platform, which does auto scaling, that's where the benefit comes from mm-hmm <affirmative>. And it also gives them the freedom of choice. So, you know, the Kubernetes is, you know, a standard which goes across cloud providers. So that gives them the benefit that they can actually take their application. And if they want, they can actually move it to a different, a different cloud provider because we take away the orchestration complexity, you know, in that abstraction layer. >>So what happens when I need to go really fast? I mean, I, I, I need, uh, I'm looking at bare metal and I'm looking at really scaling a, a, a homogeneous application in a single data center set of data centers. Is there a bare metal play here? >>Yes. There, there, there are some very, very, uh, like if you want microsecond latency, mm-hmm, <affirmative>, um, you know, we have customers who actually store two to four terabytes in Ram and, and they can actually stand up. Um, you know, again, it depends on what kind of deployment you want. You can either scale up or scale out, scaling up is expensive, you know, because those boxes are not cheap, but if you have a requirement like that, where there is sub millisecond or microphone latency requirement, you could actually store the entire data set. I mean, a lot of the operational data sets are under four terabytes. So it's not uncommon that you could actually take the entire operational transactional data set, actually move, move that to a pure Ram. But, uh, I think now we, we also see that these operational workloads are also, there's a need for analytics to be done on top as well. >>I mean, we, going back to the example I gave you, so this, this, uh, customer is not only doing stream crossing, they're also influencing a machine learning algorithm in that same, in the same kind of cycle in the life cycle. So they might have trained a machine learning or algorithm on a data lake somewhere, but once they're ready, they're actually influencing the ML algorithm in our kind of life cycle right there. So, you know, that that really brings analytics and transactions kind of together because after all transactions are where the real, you know, insights are. >>Yeah. I'm, I'm struggling a little bit with this, with these two different use cases where I have transactional basically a transactional database or transactional data platform alongside a analytics platform. Those are two, like they're two different things. I have a, you know, I, I have spinning rust for one, and then I have memory and, and MBME for another. Uh, and that requires tuning requires DBAs. It requires a lot of overhead, there seems to be some type of secret sauce going on here. >>Yeah. Yeah. So, I mean, you know, we, we basically say that if you are, if you have a business case where you want to make a decision, you know, you, the only chance to succeed is where you are not making a decision tomorrow based on today's data. Right? I mean, the only way to act on that data is today. So the act is a keyword here. We actually let you generate a realtime offer. We, we let you do credit card fraud detection. In that moment, the analytics is about knowing less about acting on it. Right? Most of our applications are machine critical. They're acting on real time. I think when you talk about like the data lakes there, there's actually a real time there as well, but it's about knowing, and we believe that the operational side is where, you know, that value moment is there, you know, what good is, is to know about something tomorrow, you know, if something wrong happened, I mean, it, yeah, so there's a latency squeeze there as well, but we are on, on more on the kind of transaction and operational side. >>I gotcha. Yeah. So help me understand, like integrations. A lot of the, the, when I think of transactions, I'm thinking of SAP, Oracle, where the process is done, or some legacy banking or not legacy or new modern banking app, how does the data get from one platform to a, to Hazel cast so I can make those >>Decisions? Yeah. So we have, uh, this, the streaming engine, we have has a whole bunch of connectors to a lot of data sources. So in fact, most of our use cases already have data sources underneath there, their databases there's KA connectors, you know, joining us because if you look at it, events is, are comprised of transactions. So something, a customer did, uh, a credit card swipe, right. And also events events could be machine or IOT. So it's really unique connectivity and data ingestion before you can process that. So we have, uh, a whole suite of connectors to kind of bring data in, in our platform. >>We've been talking a lot, these last couple of days about, uh, about the edge and about moving processing capability closer to the edge. How do you enable that? >>Yeah. So edge is actually very, very relevant because of what's happening is that, um, you know, if you, if you look at like a edge deployment use case, um, you know, we have a use case where data is being pushed from these different edge devices to cloud data warehouse. Right. But just imagine that you want to be filtering data at the, at, at where it is being originated from, and you wanna push only relevant data to, to maybe a central data lake where you might want to do, you know, train your machine learning models. Mm-hmm <affirmative> so that at the edge, we are actually able to process that data. So Hazel cast will allow you to actually write a data pipeline and do stream processing so that you might want to just push, you know, a part or a subset of data, which applies by the rules. Uh, so there's, there's a big, um, uh, I think edge is, you know, there's a lot of data being generated and you don't want like garbage and garbage out there's there's, there is there's filtration done at the edge. So that only the relevant data lands in a data, data lake or something like that. >>Well, Monash, we really appreciate you stopping by realtime data is an exciting area of coverage for the queue overall from Valencia Spain, I'm Keith Townsend, along with Paul Gillon, and you're watching the queue, the leader in high tech coverage.

>>The cube presents, Coon and cloud native con Europe 22, brought to you by the cloud native computing foundation. >>Welcome to Valencia Spain and coverage of Q con cloud native con Europe, 2022. I'm Keith Townsend. You're a host of the cube along with Paul Gillum, senior editor, enterprise architecture for Silicon angle, ENCO, senior ready, senior it analyst for giga own. Uh, this has been a full day, 7,500 attendees. I might have seen them run out of food. This is just unexpected. I mean, they, the, it escalated from what understand it went from four, capping it off to 4,000 gold, 5,000 gold in and off. Finally at 7,500 people. I'm super excited for, you know, today's been a great day of coverage. I'm super excited for tomorrow's coverage, uh, from the cube. But first off, we'll let the, the new person on stage take the, the first question of, of the wrap up of the day of coverage, UN Rico on Rico. What's different about this year versus other Q coupons or cloud native conversations. >>I, I think in general, it's the maturity. So we talk it a lot about day two operations, uh, observability monitoring, uh, going deeper and deeper in the security aspects of the application. So this means that for many enterprises, Kubernetes is becoming real critical. They want to, to get more control of it. And of course you have the discussion around Phen op around, you know, uh, cost control because we are deploying Kubernetes everywhere. And, and if you don't have everything optimized control, monitor it, you know, uh, cost to the roof and think about, uh, deploying the public cloud. If your application is not optimized, you're paying more, but also in the on premises, if you are not optimiz, you don't have the clear idea of what is going to happen. So capacity planning become the nightmare that we know from the past. So there is a lot of going on around these topics, uh, really exciting, actually less infrastructure, more replication. That is what Kubernetes is India. >>Paul help me separate some of the signal from the noise. Uh, there is a lot going on a lot of overlap. What are some of the big themes of takeaways for day one that enterprise architects executives need to take home and really chew >>On? Well, the Kubernetes was a turning point. You know, Docker was introduced nine years ago and for the first three or four years, it was an interesting technology that was not very widely adopted. Kubernetes came along and gave developers a reason to use containers. What strikes me about this conference is that this is a developer event, you know, ordinarily you go to conferences and it's geared toward it managers towards CIOs. This is very much geared toward developers when you have the hearts and minds of developers, the rest of the industry is sort of pulled along with it. So this is ground zero for the hottest, uh, the, the hottest area of the entire computing industry. Right now, I is in this area building distributed services, BA microservices based cloud native applications. And it's the developers who are leading the way. I think that's, that's a significant shift. I don't see the managers here, the CIOs here, these are the people who are, uh, who are pulling this industry into the next generation. >>Um, one of the interesting things that I've seen when we, you know, we've always said, Kubernetes is for the developers, but we talk with, uh, an icon from, uh, MoneyGram. Who's a end user, he's an enterprise architect. And he brought Kubernetes to his front end developers and they, they, they kind of rejected it. They said, what is this? I just wanna develop cold. So when we say Kubernetes is for developers, or the developers are here, where, how do we reconcile that mismatch of experience? We have enterprise architecture. I hear constantly that, that the, uh, Kubernetes is for developers, but is it a certain kind of developer that Kubernetes is for? >>Well, yes and no. I mean, so the paradigm is changing. Okay. So, and maybe a few years back, it was tough to understand how, you know, uh, uh, make your application different. So microservices, everything was new for everybody, but actually, so everything is changed to a point. Now, the developer understands, you know, it is neural. So, you know, going through the application APIs automation, because the complexity of this application is, is huge. And you have, you know, 7 24 kind of development, uh, sort of deployment. So you have to stay always on cetera, et cetera. And actually to the point of, you know, developers, uh, you know, bringing this new generation of, uh, decision makers in India. So they are actually decision, they are adopting technology. Maybe it's a sort of shadow it at the very beginning. So they're adopting it, they're using it. And they're starting to use a lot of open source stuff. And then somebody upper in the stack, the executive says, what are, yeah, they, they discover that the technology is already in place is, uh, is a critical component. And then it's, uh, you know, uh, transformed in something enterprise, meaning, you know, paying enterprise services on top of it to be sure con uh, contract and so on. So it's a real journey. And these are, these guys are the real decision makers. Oh, they are at the base of the decision making process. At least >>Cloud native is something we're gonna learn to take for granted. You know, when you remember back, remember the fail whale in the early days of Twitter, when periodically the service would just would just, uh, um, crash from, uh, from, uh, traffic or Amazon went through the same thing. Facebook went through the same thing. We don't see that anymore because we are now learning to take cloud native for granted. We assume applications are gonna be available. They're gonna be performant. They're gonna scale. They're gonna handle anything. We throw at them that is cloud native at work. And I think we, we forget sometimes how refreshing it is to have, uh, an internet that really works for you. >>Yeah. I, I think we're much earlier in the journey. You know, we have Microsoft, uh, on the Xbox team talked about 22,000 pods running ni D some of the initial problems and pain points of, uh, around those challenges. Uh, much of my hallway track conversation has been centered around as we talk about kind of the decision makers, the platform teams. And this is what I'm getting excited to talk about in tomorrow's coverage. Who's on the ground doing this stuff. Is it developers as we are, as, as we see or hear or told, or is it what we're seeing from the Microsoft example, the MoneyGram example where central it is kind of getting it, and not only are they getting it, they're enabling developers to, to simply write code, build it. And Kubernetes is invisible. It seems like that's become the holy grill to make Kubernetes invisible cloud native invisible, and the experience is much closer to cloud. >>So I, I think that, uh, um, it's an interesting, I mean, I had a lot of conversation in the past year is that it's not that the original, you know, traditional it operations are disappearing. So it's just that, uh, traditional it operation are giving resources to these new developers. Okay. So it's a, it's a sort of walled garden. You don't see the wall, but it's a walled garden. So they are giving you resources and you use these resources like an internal cloud. So a few years back, we were talking about private cloud, the private cloud, as, you know, as a, let's say, uh, the same identical paradigm of, of the public cloud. This is not possible because there are no infinite resources or, well, whatever we, we think are infinite resources. So what you're doing today is giving these developers enough resources to think that they are unlimited and they can, uh, do automatic provisioning and do all these kind of things. So they don't think about infrastructure at all, but actually it's there. So it operation are still there providing resources to let developers be more free and agile and everything. So we are still in a, I think in an interesting time for all of it, >>Kubernetes and cloud native in general, I think are blurring the lines, traditional lines development and operations always were separate entities, obviously through with DevOps. Those two are emerging, but now we're moving. When you add in shift left testing shift, right? Testing, uh, dev SecOps, you see the developers become much more involved in the infrastructure and they want to be involved in infrastructure because that's what makes their applications perform. So this is gonna, cause I think it organizations to have, do some rethinking about what those traditional lines are, maybe break down those walls and have these teams work, work much closer together. And that should be a good thing because the people who are developing applications should also have intimate knowledge of the infrastructure they're gonna run on. >>So Paul, another recurring theme that we've heard here is the impact of funding on resources. What have you, what have your discussions been around founders and creators when it comes to sourcing talent and the impact of the markets on just their day to day? >>Well, the sourcing talent has been a huge issue for the last year. Of course, really ever since the pandemic started interesting. We, uh, one of our, our guests earlier today said that with the meltdown in the tech stock market, actually talent has become more available because people who were tied to their companies because of their, their stock options are now seeing those options are underwater. And suddenly they're not as loyal to the companies they joined. So that's certainly for the, for the startups. Uh, there are many small startups here. Um, they're seeing a bit of a windfall now from the, uh, from the tech stock, uh, bust, um, nevertheless skills are a long term problem. The us, uh, educational system is turning out about 10% of the skilled people that the industry needs every year. And no one I know, sees an end to that issue anytime soon. >>So ENGO, last question to you, let's talk about what that means to the practitioner. There's a lot of opportunity out >>There. >>200 plus sponsors I hear here I think is, or the projects is 200 plus, where are the big opportunities as a practitioner, as I'm thinking about the next thing that I'm going to learn to help me survive the next 10 or 15 years of my career? Where, where do you think the focus should be? Should it be that low level, uh, cloud builder, or should it be at those Le levels of extraction that we're seeing and reading about? >>I, I think, I think that, uh, you know, it's, uh, it's a good question. The, the answer is not that easy. I mean, uh, being a developer today, for sure grants, you, you know, uh, a salary at the end of the month, I mean, there is high demand, but actually there are a lot of other technical, uh, figures in, in the, in, uh, in the data center in the cloud that could, you know, really find easily a job today. So developers is the first in my mind also because they are more, uh, they, they can serve multiple roles. It means you can be a developer, but actually you can be also, you know, with the new roles that we have, especially now with the DevOps, you can be, uh, somebody that supports operation because, you know, automation, you know, a few other things. So you can be a C admin of the next generation, even if you're a developer, even if when you start as a developer, >>Cuan 20, 22 is exciting. I don't care if you're a developer practitioner, a investor, a, uh, it decision maker is CIO CXO. They're so much to learn and absorb here and we're going to be covering it for the next two days. Me and Paul will be shoulder to shoulder. We will, you, I'm not gonna say you're gonna get sick of this because it's just, you know, it's all great information. We'll, we'll, we'll help sort all of this from Valencia Spain. I'm Keith Townsend, along with my host ENCO senior, the Paul Gillon. And you're watching the, you, the leader in high tech coverage.

>>The cube presents, Coon and cloud native con Europe, 22 brought to you by the cloud native computing foundation. >>Welcome to ity of Spain and cube con coup con cloud native con Europe 2022 is near the end of the day. That's okay. We, we, we have plenty of energy because we're bringing it. I'm Keith Townsend, along with my coho, Paul Gillon Paul, this has been an amazing day. Thus far. We've talked to some incredible folks. You got a chance to walk the show floor. Yeah. So I'm really excited to hear what's the vibe of the show floor, 7,500 people in Europe following the protocols, but getting stuff done. >>Well, first I have to say that I haven't traveled for two years. So getting out to a show by, by itself is, is an amazing experience, but a show like this with all of the energy and the crowd, she is enormously crowded at lunchtime today. It's hard to believe how many people have made it, made it all the way here out on the floor. The boots are crowded. The, the demonstrations are what you would expect at a show like this. Lots of code, lots of, lots of block diagrams, lots of architecture. I think the audience is eating it up. You know, when they're, they're on their laptops, they're coding on their laptops. And this is very much symbolic of the crowd that comes to a cubic con. And it's, it's a, just a delight to see them outta here. I so much fun. >>So speaking of lots of gold, we have Bome Toro co-founder of pet trade, but, you know, just saw, didn't realize this Isto becoming part of CNCF was the latest on infield. >>Yeah. Is still is, you know, it was always one of those service mesh projects, which was very widely adopted. And it's great to see that going into the cloud native computing foundation. And I think what happened with Kubernetes, like just became the defacto container orchestrator. I think similar thing is happening with Isto and service mesh. >>What, >>So I'm sorry, Keith, what's the process like of becoming adopted by and incubated by the CNCF? >>Yeah, I mean, it's pretty simple. It's an application process into the foundation where you say, you know what the project is about, how diverse is your contributor base, how many people are using it. And it goes through a review of with TC. It goes through a review of like all the users and contributors. And if you see a good base of deployments in production, if you see a diverse of contributors, then you can basically be part of the CNCF. And as you know, CNCF is very flexible on governance. Basically it's like, bring your own governance. And then the projects can basically seamlessly go in and, you know, get into incubation and gradually graduate >>Another project close and dear to you Envoy. Yes. Now I've always considered Envoy just as what it is. It's a, I've always used it as, as a load balancer type thing. So I've always considered it somewhat of a gateway proxy, but Envoy gateway was announced last week. Yes. >>So Envoy is basically won the data plane war of in cloud native workloads. Right. And, but, and this was over the last five years, Envoy was announced even way before Rio and it is used in various deployment models. You can use it as a front load balancer. You can use it as an Ingres in Kubernetes. You can use it as a side car and a service mesh like steel, and it's lightweight dynamically, programmable, very open with a white community. But what we looked at when we looked at the Envoy base, was it still, wasn't very approachable for application developers. Like when you still see like the nouns that it uses in terms of clusters and so on is not what an application developer was used to. And so Envoy gateway is really an effort to make Envoy even more stronger out of the box for an application developer to use it as an API gateway. >>Right? Because if you think about it, ultimately, you know, people de developers start deploying workloads onto their Kubernetes clusters. They need some functionality like an API gateway to expose their services and you wanna make it really, really easy and simple. Right? I often say like what, what engine X was to like static websites like Envoy gateway will be to like, you know, APIs and it's really few the community coming together. We are a big part, but also VMware and as well as end users, like in this case, fidelity who is investing heavily into Envoy and API gateway use cases, joining forces saying, let's do this in upstream Envoy. >>I'd like to go back to IIO because this is a major step in IIOS development. Where do you see SIO coming into the picture? And Kubernetes is already broadly accepted. Is IIO generally adopted as an after an after step to, to Kubernetes or are they increasingly being adopted together? >>Yeah. So usually it's adopted as a follow on step and the reason is primarily the learning curve, right. It's just get used to all the Kubernetes and, you know, it takes a while for people to understand the concepts, get applications going, and then, you know, studio was made to basically solve, you know, three big problems there. Right. Which is around observability traffic management and security. Right. So as people deploy more services, they figure out, okay, how do I connect them? How do I secure all the connections and how do I do more fine grain routing? I'm doing more frequent deployments with Kubernetes, but I would like to do Canary releases to make safer rollouts. Right. And those are the problems that Isto solves. And I don't really want to know the metrics of like, yes, it'll be, I it's good to know all the node level and CPO level metrics. >>But really what I want to know is how are my services performing? Where is the latency, right? Where is the error rate? And those are the things thatto gives out of the box. So that's like a very natural next step for people using Kubernetes. And, you know, Tetra was really formed as a company to enable enterprises, to adopt STO Envoy and service mission, their environment. Right? So we do everything from run an academy for like courses and certifications on Envoy and STO to a distribution, which is, you know, compliant with various bills and tooling as well as a whole platform on top of STO to make it usable and deployment in a large enterprise. >>So paint the end to end for me, for STO in Envoy. I know they can be used in similar fashions is like side cars, but how they work together to deliver value. >>Yeah. So if you step back from technology a little bit, right, and you like, sort of look at what customers are doing and facing, right. Really it is about, they have applications. They have some applications that new workloads going into Kubernetes and cloud native. They have a lot of legacy workloads, a lot of workloads on VMs and with different teams in different clouds or due to acquisitions. They're very heterogeneous right now. Our mission Tetrad's mission is power. The world's application traffic, but really the business value that we are going after is consistency of application operations. Right? And I'll tell you how powerful that is because the more places you can deploy Envoy into the more places you can deploy studio into, the more consistency you can get for the value pillars of observability, traffic management, and security. Right. And really, if you think about what is the journey for an enterprise to migrate from workloads into Kubernetes or from data centers into cloud, the challenges are around security and connectivity, right? Because if it's Kubernetes fabric, the same Kubernetes app and data center can be deployed exactly as is it in cloud. Right. Right. So why is it hard to migrate to cloud, right. The challenges come in the security and networking layer. >>Right. So let's talk about that with some granularity and you can maybe gimme some concrete examples, right? Because it, as I think about the hybrid infrastructure where I have VMs on premises, cloud, native stuff, running in the public cloud, or even cloud native next to VMs, right. I do security differently when I'm in the VM world. I say, you know what, this IP address, can't talk to this Oracle database server. Right. That's not how cloud native works. Right. I, I can't say if I have a cloud, if I have a cloud native app talking to a Oracle database, there's no IP address. Yeah. But how do I, how, how do I secure the communication between the two? Exactly. >>So I think you hit it straight on the head. So which is with things like Kubernetes, IP is no longer a really a valid noun where you can say, because things will auto scale either from Kubernetes or, you know, the cloud autoscales. So really the noun that is becoming now is service. So, and I could have many instances of it. They could go scale up and down. But what I'm saying is this service, which, you know, some app server, some application can talk to the article service. Hmm. And what we have done with the te trade service bridge, which is why we call our platform service bridge, because it's all about bridging all the services is whatever you're running on, the VM can be onboarded onto the mesh, like as if it were a ity service. Right. And then my policy around this service can talk to this service is same in Kubernetes is same for Kubernetes talking to VM it's same for VM to VM, both in terms of access control in terms of encryption. What we do is because it's the Envoy, proxy goes everywhere and the traffic is going through them. We actually take care of distributing, certs, encrypting, everything, and it becomes, and that is what leads to consistent application operations. And that's where the value is. >>We're seeing a lot of activity around observ observability right now, a lot of different tools, both open source and proprietary STO certainly part of the open telemetry project, I believe. Are you part of that? Yes. But the customers are still piecing together a lot of tools on their own. Right. Do you see a, a more coherent framework forming around observability? >>I think very much so. And there are layers of observability, right? So the thing is like, if we tell you there is latency between these two services at L seven layer, the first question is, is it the service? Is it the Envoy? Or is it the network? It sounds like a very simple question. It's actually not that easy to answer. And that is one of the questions we answer in like platforms like ours. Right. But even that is not the end. It, if it's neither of these three, it could be the node. It could be the hardware underneath. Right. And those, you realize like those are different observability tools that work on each layer. So I think there's a lot of work to be done, to enable end users to go from app, like from top to bottom to make, reduce what is called MTTR or meantime to, you know, resolution of an issue, where is the problem. >>But I think with tools like what is being built now, it is becoming easier, right? It is because one of the things we have to realize is with things like Kubernetes, we made the development of microservices easier. Right. And that's great. But as a result, what is happening is that more things are getting broken down. So there is more network in between. So that's harder. It gets to troubleshoot harder. It gets to secure everything harder. It gets to get visibility from everywhere. Right. So I often say like, actually, if you're going embarking down microservices journey, you actually are, you better have a platform like this. Otherwise, you know, you're, you're taking on operational cost. >>Wow. J's paradox. The more accessible we make something, the more it gets used, the more complex it is. That's been a theme here at KU con cloud native con Europe, 2022 from Licia Spain. I'm Keith Townsend, along with my host, Paul Gillman. And you're watching the queue, the leader in high tech coverage.

>>The cube presents, Coon and cloud native con Europe 22, brought to you by the cloud native computing foundation. >>Welcome to Melissa Spain. And we're at cuon cloud native con Europe, 2022. I'm Keith Townsend. And my co-host en Rico senior Etti en Rico's really proud of me. I've called him en Rico and said IK, every session, senior it analyst giga, O we're talking to fantastic builders at Cuban cloud native con about the projects and the efforts en Rico up to this point, it's been all about provisioning insecurity. What, what conversation have we been missing? >>Well, I mean, I, I think, I think that, uh, uh, we passed the point of having the conversation of deployment of provisioning. You know, everybody's very skilled, actually everything is done at day two. They are discovering that, well, there is a security problem. There is an observability problem. And in fact, we are meeting with a lot of people and there are a lot of conversation with people really needing to understand what is happening. I mean, in their classroom, what, why it is happening and all the, the questions that come with it. I mean, and, uh, the more I talk with, uh, people in the, in the show floor here, or even in the, you know, in the various sessions is about, you know, we are growing, the, our clusters are becoming bigger and bigger. Uh, applications are becoming, you know, bigger as well. So we need to know, understand better what is happening. It's not only, you know, about cost it's about everything at the >>End. So I think that's a great set up for our guests, max, Provo, founder, and CEO of storm for forge and Patrick Britton, Bergstrom, Brookstone. Yeah, I spelled it right. I didn't say it right. Berg storm CTO. We're at Q con cloud native con we're projects are discussed, built and storm forge. I I've heard the pitch before, so forgive me. And I'm, I'm, I'm, I'm, I'm, I'm kind of torn. I have service mesh. What do I need more like, what problem is storm for solving? >>You wanna take it? >>Sure, absolutely. So it it's interesting because, uh, my background is in the enterprise, right? I was an executive at United health group. Um, before that I worked at best buy. Um, and one of the issues that we always had was, especially as you migrate to the cloud, it seems like the CPU dial or the memory dial is your reliability dial. So it's like, oh, I just turned that all the way to the right and everything's hunky Dory. Right. Uh, but then we run into the issue like you and I were just talking about where it gets very, very expensive, very quickly. Uh, and so my first conversations with Matt and the storm forge group, and they were telling me about the product and, and what we're dealing with. I said, that is the problem statement that I have always struggled with. And I wish this existed 10 years ago when I was dealing with EC two costs, right? And now with Kubernetes, it's the same thing. It's so easy to provision. So realistically, what it is is we take your raw telemetry data and we essentially monitor the performance of your application. And then we can tell you using our machine learning algorithms, the exact configuration that you should be using for your application to achieve the results that you're looking for without over provisioning. So we reduce your consumption of CPU of memory and production, which ultimately nine times outta 10, actually I would say 10 out of 10 reduces your cost significantly without sacrificing reliability. >>So can your solution also help to optimize the application in the long run? Because yes, of course, yep. You know, the lowing fluid is, you know, optimize the deployment. Yeah. But actually the long term is optimizing the application. Yes. Which is the real problem. >>Yep. So we actually, um, we're fine with the, the former of what you just said, but we exist to do the latter. And so we're squarely and completely focused at the application layer. Um, we are, uh, as long as you can track or understand the metrics you care about for your application, uh, we can optimize against it. Um, we love that we don't know your application. We don't know what the SLA and SLO requirements are for your app. You do. And so in, in our world, it's about empowering the developer into the process, not automating them out of it. And I think sometimes AI and machine learning sort of gets a bad wrap from that standpoint. And so, uh, we've at this point, the company's been around, you know, since 2016, uh, kind of from the very early days of Kubernetes, we've always been, you know, squarely focused on Kubernetes using our core machine learning, uh, engine to optimize metrics at the application layer, uh, that people care about and, and need to need to go after. And the truth of the matter is today. And over time, you know, setting a cluster up on Kubernetes has largely been solved. Um, and yet the promise of, of Kubernetes around portability and flexibility, uh, downstream when you operationalize the complexity, smacks you in the face. And, uh, and that's where, where storm forge comes in. And so we're a vertical, you know, kind of vertically oriented solution. Um, that's, that's absolutely focused on solving that problem. >>Well, I don't want to play, actually. I want to play the, uh, devils advocate here and, you know, >>You wouldn't be a good analyst if you didn't. >>So the, the problem is when you talk with clients, users, they, there are many of them still working with Java with, you know, something that is really tough. Mm-hmm <affirmative>, I mean, we loved all of us loved Java. Yeah, absolutely. Maybe 20 years ago. Yeah. But not anymore, but still they have developers. They are porting applications, microservices. Yes. But not very optimized, etcetera. C cetera. So it's becoming tough. So how you can interact with these kind of yeah. Old hybrid or anyway, not well in generic applications. >>Yeah. We, we do that today. We actually, part of our platform is we offer performance testing in a lower environment and stage. And we like Matt was saying, we can use any metric that you care about and we can work with any configuration for that application. So the perfect example is Java, you know, you have to worry about your heap size, your garbage collection tuning. Um, and one of the things that really struck, struck me very early on about the storm forage product is because it is true machine learning. You remove the human bias from that. So like a lot of what I did in the past, especially around SRE and, and performance tuning, we were only as good as our humans were because of what they knew. And so we were, we kind of got stuck in these paths of making the same configuration adjustments, making the same changes to the application, hoping for different results. But then when you apply machine learning capability to that, the machine will recommend things you never would've dreamed of. And you get amazing results out of >>That. So both me and an Rico have been doing this for a long time. Like I have battled to my last breath, the, the argument when it's a bare metal or a VM. Yeah. Look, I cannot give you any more memory. Yeah. And the, the argument going all the way up to the CIO and the CIO basically saying, you know what, Keith you're cheap, my developer resources expensive, my bigger box. Yep. Uh, buying a bigger box in the cloud to your point is no longer a option because it's just expensive. Talk to me about the carrot or the stick as developers are realizing that they have to be more responsible. Where's the culture change coming from? So is it, that is that if it, is it the shift in responsibility? >>I think the center of the bullseye for us is within those sets of decisions, not in a static way, but in an ongoing way, especially, um, especially as the development of applications becomes more and more rapid. And the management of them, our, our charge and our belief wholeheartedly is that you shouldn't have to choose, you should not have to choose between costs or performance. You should not have to choose where your, you know, your applications live, uh, in a public private or, or hybrid cloud environment. And so we want to empower people to be able to sit in the middle of all of that chaos and for those trade-offs and those difficult interactions to no, no longer be a thing. You know, we're at, we're at a place now where we've done, you know, hundreds of deployments and never once have we met a developer who said, I'm really excited to get outta bed and come to work every day and manually tune my application. <laugh> One side, secondly, we've never met, uh, you know, uh, a manager or someone with budget that said, uh, please don't, you know, increase the value of my investment that I've made to lift and shift us over mm-hmm <affirmative>, you know, to the cloud or to Kubernetes or, or some combination of both. And so what we're seeing is the converging of these groups, um, at, you know, their happy place is the lack of needing to be able to, uh, make those trade offs. And that's been exciting for us. So, >>You know, I'm listening and looks like that your solution is right in the middle in application per performance management, observability. Yeah. And, uh, and monitoring. So it's a little bit of all of this. >>So we, we, we, we want to be, you know, the Intel inside of all of that, mm-hmm, <affirmative>, we don't, you know, we often get lumped into one of those categories. It used to be APM a lot. We sometimes get a, are you observability or, and we're really not any of those things in and of themselves, but we, instead of invested in deep integrations and partnerships with a lot of those, uh, with a lot of that tooling, cuz in a lot of ways, the, the tool chain is hardening, uh, in a cloud native and, and Kubernetes world. And so, you know, integrating in intelligently staying focused and great at what we solve for, but then seamlessly partnering and not requiring switching for, for our users who have already invested likely in a APM or observability. >>So to go a little bit deeper. Sure. What does it mean integration? I mean, do you provide data to this, you know, other applications in, in the environment or are they supporting you in the work that you >>Yeah, we're, we're a data consumer for the most part. Um, in fact, one of our big taglines is take your observability and turn it into actionability, right? Like how do you take the it's one thing to collect all of the data, but then how do you know what to do with it? Right. So to Matt's point, um, we integrate with folks like Datadog. Um, we integrate with Prometheus today. So we want to collect that telemetry data and then do something useful with it for you. >>But, but also we want Datadog customers. For example, we have a very close partnership with, with Datadog, so that in your existing data dog dashboard, now you have yeah. This, the storm for capability showing up in the same location. Yep. And so you don't have to switch out. >>So I was just gonna ask, is it a push pull? What is the developer experience? When you say you provide developer, this resolve ML, uh, learnings about performance mm-hmm <affirmative> how do they receive it? Like what, yeah, what's the, what's the, what's the developer experience >>They can receive it. So we have our own, we used to for a while we were CLI only like any good developer tool. Right. Uh, and you know, we have our own UI. And so it is a push in that, in, in a lot of cases where I can come to one spot, um, I've got my applications and every time I'm going to release or plan for a release or I have released, and I want to take, pull in, uh, observability data from a production standpoint, I can visualize all of that within the storm for UI and platform, make decisions. We allow you to, to set your, you know, kind of comfort level of automation that you're, you're okay with. You can be completely set and forget, or you can be somewhere along that spectrum. And you can say, as long as it's within, you know, these thresholds, go ahead and release the application or go ahead and apply the configuration. Um, but we also allow you to experience, uh, the same, a lot of the same functionality right now, you know, in Grafana in Datadog, uh, and a bunch of others that are coming. >>So I've talked to Tim Crawford who talks to a lot of CIOs and he's saying one of the biggest challenges, or if not, one of the biggest challenges CIOs are facing are resource constraints. Yeah. They cannot find the developers to begin with to get this feedback. How are you hoping to address this biggest pain point for CIOs? Yeah. >>Development? >>Just take that one. Yeah, absolutely. That's um, so like my background, like I said, at United health group, right. It's not always just about cost savings. In fact, um, the way that I look about at some of these tech challenges, especially when we talk about scalability, there's kind of three pillars that I consider, right? There's the tech scalability, how am I solving those challenges? There's the financial piece, cuz you can only throw money at a problem for so long. And it's the same thing with the human piece. I can only find so many bodies and right now that pool is very small. And so we are absolutely squarely in that footprint of, we enable your team to focus on the things that they matter, not manual tuning like Matt said. And then there are other resource constraints that I think that a lot of folks don't talk about too. >>Like we were, you were talking about private cloud for instance. And so having a physical data center, um, I've worked with physical data centers that companies I've worked for have owned where it is literally full wall to wall. You can't rack any more servers in it. And so their biggest option is, well, I could spend 1.2 billion to build a new one if I wanted to. Or if you had a capability to truly optimize your compute to what you needed and free up 30% of your capacity of that data center. So you can deploy additional name spaces into your cluster. Like that's a huge opportunity. >>So either out of question, I mean, may, maybe it, it doesn't sound very intelligent at this point, but so is it an ongoing process or is it something that you do at the very beginning mean you start deploying this. Yeah. And maybe as a service. Yep. Once in a year I say, okay, let's do it again and see if something changes. Sure. So one spot 1, 1, 1 single, you know? >>Yeah. Um, would you recommend somebody performance tests just once a year? >>Like, so that's my thing is, uh, previous at previous roles I had, uh, my role was you performance test, every single release. And that was at a minimum once a week. And if your thing did not get faster, you had to have an executive exception to get it into production. And that's the space that we wanna live in as well as part of your C I C D process. Like this should be continuous verification every time you deploy, we wanna make sure that we're recommending the perfect configuration for your application in the name space that you're deploying >>Into. And I would be as bold as to say that we believe that we can be a part of adding, actually adding a step in the C I C D process that's connected to optimization and that no application should be released monitored and sort of, uh, analyzed on an ongoing basis without optimization being a part of that. And again, not just from a cost perspective, yeah. Cost end performance, >>Almost a couple of hundred vendors on this floor. You know, you mentioned some of the big ones, data, dog, et cetera. But what happens when one of the up and comings out of nowhere, completely new data structure, some imaginable way to click to elementry data. Yeah. How do, how do you react to that? >>Yeah. To us it's zeros and ones. Yeah. Uh, and you know, we're, we're, we're really, we really are data agnostic from the standpoint of, um, we're not, we we're fortunate enough to, from the design of our algorithm standpoint, it doesn't get caught up on data structure issues. Um, you know, as long as you can capture it and make it available, uh, through, you know, one of a series of inputs, what one, one would be load or performance tests, uh, could be telemetry, could be observability if we have access to it. Um, honestly the messier, the, the better from time to time, uh, from a machine learning standpoint, um, it, it, it's pretty powerful to see we've, we've never had a deployment where we, uh, where we saved less than 30% while also improving performance by at least 10%. But the typical results for us are 40 to 60% savings and, you know, 30 to 40% improvement in performance. >>And what happens if the application is, I, I mean, yes, Kubernetes is the best thing of the world, but sometimes we have to, you know, external data sources or, or, you know, we have to connect with external services anyway. Mm-hmm <affirmative> yeah. So can you, you know, uh, can you provide an indication also on, on, on this particular application, like, you know, where the problem could >>Be? Yeah, yeah. And that, that's absolutely one of the things that we look at too, cuz it's um, especially when you talk about resource consumption, it's never a flat line, right? Like depending on your application, depending on the workloads that you're running, um, it varies from sometimes minute to minute, day to day, or it could be week to week even. Um, and so especially with some of the products that we have coming out with what we want to do, you know, partnering with, uh, you know, integrating heavily with the HPA and being able to handle some of those bumps and not necessarily bumps, but bursts and being able to do it in a way that's intelligent so that we can make sure that, like I said, it's the perfect configuration for the application regardless of the time of day that you're operating in or what your traffic patterns look like. Um, or you know, what your disc looks like, right? Like cuz with our, our low environment testing, any metric you throw at us, we can, we can optimize for. >>So Madden Patrick, thank you for stopping by. Yeah. Yes. We can go all day. Because day two is I think the biggest challenge right now. Yeah. Not just in Kubernetes, but application replatforming and re and transformation. Very, very difficult. Most CTOs and S that I talked to, this is the challenge space from Valencia Spain. I'm Keith Townsend, along with my host en Rico senior. And you're watching the queue, the leader in high tech coverage.

>>Welcome back to Los Angeles, Lisa Martin and Dave Nicholson here on day three of the cubes, coverage of coop con and cloud native con north America, 21, Dave, we've had a lot of great conversations. The last three days it's been jam packed. Yes, it has been. And yes, it has been fantastic. And it's been live. Did we mention that it's inline live in Los Angeles and we're very pleased to welcome one of our alumni back to the program. David Stephanie is here. The CEO of Trulio David. Welcome back. It's good to see you. >>Thanks for having me. It's good to be here. Isn't it great to be in person? Oh man. It's been a reunion. >>It hasn't been a reunion and they have Ubered been talking about these great little, have you seen these wristbands that they have? I actually asked >>For two, cause I'm a big hugger, so >>Excellent. So, so here we are day three of coupon. That's actually probably day five, our third day of coverage. I'm losing track to it's Friday. I know that, that I can tell you, you guys announced two dot five a couple of weeks ago. Tell us what's in that. What's exciting. Before we crack open Twilio, uh, choy. >>Sure, sure. Well, it's been exciting to be here. Look, the theme right of resiliency realize has been it's right up our wheelhouse, right? To signal that more people are getting into production type of environments. More people require data protection for cloud native applications, right? And, uh, there's two dot five releases. It is as an answer to what we're seeing in the market. It really is centered predominantly around, uh, ransomware protection. And uh, you know, for us, when we look at this, I I've done a lot of work in, in cybersecurity, my career. And we took a hard look about a year ago around this area. How do we do this? How do we participate? How do we protect and help people recover? Because recovery that's part of the security conversation. You can talk about all the other things, but recovery is just as important. And we look at, uh, everything from a zero trust architecture that we provide now to adhering, to NIST standards and framework that's everything from immutability. Uh, so you can't touch the backups now, right? Uh, th that's fine to encryption, right? We'll encrypt from the application all the way to that, to the storage repository. And we'll leverage Keem in that system. So it's kind of like Bitcoin, right? You need a key to get your coin. You as an end-user only have your key to your data alone. And that's it. So all these things become more and more important as we adopt more cloud native technology. And >>As the threat landscape changes dramatically. >>Oh yeah. I got to tell you right. Every time we, you, you publish an application into another cloud, it's a new vector, right? So now I'm living in a multi-cloud world where multiple applications in my data now lives, right? So people are trying to attack backups through, uh, consoles and the ministry of consoles to the actual back of themselves. So new vectors, new problems need new solutions. >>And you mentioned, you mentioned something, you, you, you asked the question, how do we participate? And we are here at KU con uh, w uh, cloud native foundation. So what about, what's your connection to the open source community and efforts there? How do you participate in that? >>Yeah, so it's a really great question because, you know, uh, we are a closed source solution that focuses all of our efforts on the open source community and protecting cloud native applications. Our roots have been protecting cloud native applications since 2013, 2014, and with a lot of very large logos. And, um, you know, through time there are open source projects that do emerge, you know, in this community. And for example, Valero is an open source data protection platform, um, for all of its goodness, as a, as a community-based project, they're also deficiencies, right? So Valero in itself is, uh, focuses only on label based applications. It doesn't really scale. It doesn't have a UI it's really CLI driven, which is good for some people and it's free. But you know, if you need to really talk about an enterprise grade platform, this is where we pick up, you know, we, in our last release, we gave you the ability to capture your Valero based backups. And now you want to be an adult with an enterprise caliber, you know, backup solution and continue to protect your environment and have compliance and governance needs all satisfied. That's where, that's where we really stand out. >>Well, when you're talking to customers in any industry, what are the things that you talk about in terms of relief, categorizing the key differentiators that really make Trulia stand out above the competition? >>Yeah. Cause there, there a bunch of, they're a bunch of great competitors out there. There's no doubt about it. A lot of the legacy folks that you do see perhaps on those show floor, they do tuck in Valero and under the, under the covers, they can check a box or you can set aside some customer needs some of the pure play people that, that we do see out there, great solutions too. But really where we shine is, you know, we are the most flexible agnostic solution that there is in this market. And we've had people like red hat and Susa and verandas, digital ocean and HPS morale. And the list goes on, certify, say, Trulio is the solution of choice. And now no matter where you are in this journey or who you're using, we have your back. So there's a lot of flexibility. There we are complete storage agnostic. >>We are cloud agnostic in going back to how you want to build our architecture application. People are in various phases in their, in their journey. A lot of times, many moons ago, you may have started with just a label based application. Then you have another department that has a new technique and they want to use helm, or you may be adopting open shift and you're using operators to us. It doesn't matter. You have peace of mind. So whether you have, you have to protect multiple departments or you as an end user, as one single tenant are using various techniques, we'll discover or protect and we can move forward. >>So if you looked at, if you look at it from a workload basis, um, and you look at your customers are the workloads that you're protecting. What's, what's the mix of what you think of as legacy virtualized things versus containerized things. And then, and then, and then the other kind of follow on to that is, um, are you seeing a lot of modernization and migration or are you seeing people leave the legacy things alone and then develop net new in sort of separate silos? >>Yeah. So that's a great question. And I, to tell you the answer varies, that's, that's the honest answer, right? You end up having, you may have a group or a CIO that says, look, your CTO says, we're moving to this new architecture. The water's great, bring your applications in. And so either it's, we're going to lift and shift an application and then start to break it apart over time and develop microservices, or we're gonna start net new. And it really does run, run the gambit. And so, you know, as we look at, for some of those people, they have peace of mind that they can bring their two on applications in and we can recover. And for some people that say, look, I'm going to start brand new, and these are gonna be stateless applications. Um, we've seen this story before, right? Our, our, uh, uh, I joke around, it's kinda like the movie Groundhog's day. >>Uh, you know, we, we started many moons ago within the OpenStack world and we started with stateless to stateful. Always, always, always finds a way, but for the stateless people, um, when you start thinking about security, I've had conversations with CSOs around the world who say, I'm going to publish a stainless application. What I'm concerned about things like drift, you know, what's happening in runtime may be completely different than what I intended. So now we give you the ability to capture that runtime state compare. The two things identify what's changed. If you don't like what you see, and you can take that point in time recovery into a sandbox and forensically take it apart. You know, one of our superpowers, if you will, is the, our point in time, backups are all in an open format. Everyone else has proprietary Schemos. So the benefit of an open format is you have the ability to leverage a lot of third party tooling. So take a point in time, run scanners across it. And it, God forbid Trulio goes away. You still have access and you can recreate a point in time. So when you start thinking about compliance, heavy environments, think about telcos, right? Or financial institutions. They have to keep things for 15 years, right? Technologies change, architectures change. You can't have that lock-in >>So we continue to thrive. And on that front, one of the marketing terms that we hear a lot, and I want to get your opinion on this as a feature proofing, how do you, what does, what does it mean to you and Trillium and how do you enable that for organizations, like you said, for the FSI is I have to keep data for 15 years and other industries that have to keep it for maybe even longer. >>I mean, right. The future proof, uh, you know, terminology, that's part of our mantra actually, when I talked about, you know, a superpower being as agnostic and flexible as can be right, as long as you adhere to standards, right? The standards that are out here, we have that agnostic play. And then again, not just capturing an applications, metadata data, but that open format, right? Giving you that open capability to unpack something. So you're not, there is no, there is no vendor lock-in with us at all. So all these things play a part into, into future-proofing yourself. And because we live and breathe cloud native applications, you know, it's not just Kubernetes right? Over the course of time, there'll be other things, right. You're going to see mixed workloads too. They're gonna be VM based in the cloud and container based in the cloud and server lists as well. But you, as long as you have that framework to continuously build off of it, that's, that's where we go. You know, uh, it shouldn't matter where your application lives, right? At the end of the day, we will protect the application and its data. It can live anywhere. So conversations around multi-cloud change, we start to think and talk across cloud, right? The ability to move your application, your data, wherever it, wherever it needs to be to. >>Well, you talked about recoverability and that is the whole point of backing up video. You have to be able to recover something that we've seen in the last 18, 19 months. Anyone can backup >>Data. >>That's right. That's right. If you can't recover it, or if you can't recover it in time. Yeah. We're talking like going on a business potential and we've seen the massive changes in the security landscape in the last 18, 19 months ransomware. I was looking at some, some cybersecurity data that showed that just in the first half of this calendar year, January one to June 30, 20, 21, ransomware was up nearly 11 X DDoS attacks are up. We've got this remote workforce. That's going to probably persist for a while. So the ability to recover data from not if we get hit by ransomware, but when we get hit by ransomware is >>When you're, you're absolutely right. And, and, and to your plate anyway. So anyone can back up anything. When you look at it, it's at its highest form. We talk about point time where you orchestration, right. Backup is a use case. Dr. Is a use case, right? How do you, reorchestrate something that's complex, right? The containers, these applications in the cloud native space, there are morphous, they're living things, right? The metadata is different from one day to the next, the data itself is different from when one day the net to the next. So that's, what's so great about Trillium. It's such an elegant solution. It allows your, reorchestrate a point in time when and where you need it. So yes. You have to be able to recover. Yes. It's not a matter of if, but when. Right. And that's why recovery is part of that security conversation. Um, you know, I I've seen insurance companies, right? They want to provide insurance for ransomware. Well, you're gonna have enough attacks where they don't want to provide that insurance anymore. It costs too much. The investment that you make with, with Trulio will save you so much more money down the road. Right. Uh, who's our product manager actually gave a talk about that yesterday and the economics were really interesting. >>Hmm. So how has the recovery methodology who participates in that changed over time? As, as we, you know, as we are in this world of developer operators who take on greater responsibility for infrastructure things. Yeah. Who's, who's responsible for backup and recovery today and how, how has that changed >>Everyone? Everyone's responsible. So, you know, we rewind however many years, right? And it used predominantly CIS admin that was in charge of backup administrator, but a ticket in your backup administrator, right. Cloud native space and application lifecycle management is a team sport. Security is a team sport. It's a holistic approach. Right? So when you think about the, the team that you put out on the field, whether your DevOps, your SRE dev sec ops it ops, you're all going to have a need for point in time, we orchestration for various things and the term may not be backup. Right? It's something else. And maybe for test dev purposes, maybe for forensic purposes, maybe for Dr. Right. So I say it's a team sport and security as a holistic thing that everyone has to get on board with >>The three orchestration is exactly the right way to talk about absolute these processes. It's not just recovery, you're rebuilding >>Yeah. A complex environment. It's always changing. >>That's one of the guarantees. It's always going to be changing >>That much. >>Can you give us a, leave us with a customer example that you think really articulates the value of what Trulio delivers? >>Yeah. So it's interesting. I won't say who the customer is, but I'll tell you it's in the defense agency, it's a defense agency. Uh, they have developers all over the place. Uh, they need self-service capabilities for the tenants to mind their own backups. So you don't need to contact someone, right. They can build, they have one >>Dashboard, single pane of glass or truth to manage all their Corinthians applications. And it gives them that infrastructure to progress whether your dev ops or not your it ops, uh, this, this group has rolled it out across the nation and they're using in their work with very sensitive environments. So now we have they're back. And what are some of the big business outcomes that they're achieving already? >>The big business outcomes? Well, so operational efficiencies are definitely first and foremost, right? Empowering the end user with more tools, right? Because we've seen this shift left and people talking about dev ops, right. So how do I empower them to do more? So I see that operational efficiency, the recoverability aspect, God forbid, something goes wrong. How do you, how do you do that in the cost of that? Um, and then also, um, being native to the environment, the Trillium solution is built for Kubernetes. It is built on go. It is a Qubit stateless Kubernetes application. So you have to have seamless integration into these environments. And then going back to what I was saying before, knowing peace of mind, the credibility aspect, that it is blessed by, you know, red hat and suicide Mirandas and all these other, other folks in the field, um, that you can guarantee it's going to work >>Well, that helps to give your customers the confidence that there, and that confidence might sound trivial. It's not, especially when we're talking about security, it's not at all that, that's a, that's a big business outcome for you guys. When a customer says, I'm confident I have the right solution, we're going to be able to recover when things happen, we try, we fully trust in the solution that we're, >>And we'll bring more into production faster that helps everyone out here too. Right? It feels good. You have that credibility. You have that assurance that I can move faster and I can move into different clouds faster. And that's, we're gonna continue to put, we're gonna continue to push the envelope there. You know, coming a, as we look into, you know, going forward, we're going to come out with other capabilities. That's going to continue to differentiate ourselves from, from folks. Uh, we'll, we'll talk about in time, the ability to propagate data across multiple clouds simultaneously. So making RTOs look at the split seconds and minutes. And so I hope that we can have that conversation next time we were together, because it's really exciting. >>Any, any CTA that you want to give to the audience, any, any, uh, like upcoming or recent webinars that you think they would be really benefit from? >>I guess one thing I put out there is that, um, I understand that people need to continuously learn. There is a skillset hole in, in this market. We can, we understand that, you know, and people look to us as not just a vendor, but a partner. And a lot of the questions that we do get are how do I do this? Or how do I do that? Engage us, ask us to consume our product is really, really easy. You can download from the website or go to an, you know, red hats operator hub, or go to the marketplace over at Susa, and let's begin to begin and we're here to help. And so reach out, right? We want everyone to be successful. >>Awesome. trillium.io. David, thank you for joining us. This has been an exciting conversation. Good >>To see you all. >>Likewise. Good to see you in person take care. We look forward to the next time we see you when unpacking what other great things are going on on Trulia. We appreciate your >>Time. Thank you so much. Good to be here >>For David's fie and David Nicholson, the two Davids I'm going to sandwich. I'm Lisa Martin, you we're coming to you live from Los Angeles. This is Q con cloud native con north America, 2021. Stick around our next guest joins us momentarily.

>>Good morning from Los Angeles, Lisa Martin here at Qube con cloud native con north America, 2021. This is the cubes third day, a wall-to-wall coverage. So great to be back at an event in person I'm excited to be joined by Vince Wang, senior director of products at 49. We're going to talk security and Kubernetes then welcome to the program. >>Thank you for having me. >>So I always love talking to 40 minutes. Cybersecurity is something that is such an impersonal interest of mine. The fording that talks about the importance of integrating security and compliance and the dev sec ops workflow across the container life cycle. Why is this important and how do you help companies achieve it? >>Well, as companies are making digital innovations, they're trying to move faster and as to move faster, or many companies are shifting towards a cloud native approach, uh, rapid integrations, rapid development, and rapid deployment, uh, but sometimes speed, you know, there's a benefit to that, but there's also the downside of that, where, you know, you can lose track of issues and you can, uh, introduce a human error in a problem. So as part of the, as part of the, the, the means to deliver fast while maintaining his six year approach, where both the company and the organizations delivering it and their end customers, it's important to integrate security throughout the entire life cycle. From the moment you start planning and development, and people's in process to when you're developing it and then deploying and running in production, um, the entire process needs to be secured, monitored, and, um, and vetted regularly with good quality, um, processes, deep visibility, and an integrated approach to the problem. Um, and I think the other thing to also consider is in this day and age with the current situation with COVID, there's a lot of, uh, development of employment in terms of what I call NASA dental Baltic cloud, where you're deploying applications in random places, in places that are unplanned because you need speed and that, uh, diversity of infrastructure and diversity of, uh, of clouds and development and things to consider then, uh, produces a lot of, uh, you know, uh, opportunities for security and, and challenges to come about. >>And we've seen so much change from a security perspective, um, the threat landscape over the last 18 months. So it's absolutely critical that the integration happens shifting left. Talk to us about now let's switch topics. Application teams are adopting CIC D uh, CICB workflows. Why does security need to be at the center of that adoption? >>Well, it goes back to my earlier point where when you're moving fast, your organizations are doing, um, you're building, deploying, running continuously and monitoring, and then improving, right? So the idea is you're, you're creating smaller, incremental changes, throwing it to the cloud, running it, adjusting it. So then you're, you're rapidly integrating and you're rapidly developing and delivery. And again, it comes down to that, that rapid nature, uh, things can happen. There's, there's more, uh, more points of touching and there's more points of interactions. And, you know, and again, when you're moving that fast, it's really easy to, um, miss things along the way. So as you have security as a core fundamental element of that DNA, as you're building it, uh, that that's in parallel with everything you're doing, you just make sure that, um, when you do deliver something that is the most secure application possible, you're not exposing your customers or your organizations to unforeseen risks that just kind of sits there. >>Uh, and I think part of that is if you think about cloud infrastructure, misconfiguration is still number one, uh, biggest problem with, uh, with security on the, in the cloud space, there's, uh, tasks and vulnerabilities those, we all know, and there's there's means to control that, but the configurations, when you're storing the data, the registries, all these different considerations that go into a cloud environment, those are the things that organizations need visibility on. And, um, the ability to, to adopt their processes, to be proactive in those things and know what they, uh, do. They just need to know what, what then, where are they're operating in, um, to kind of make these informed decisions. >>That visibility is key. When you're talking with customers in any industry, what are the top three, let's say recommendations to say, here's how you can reduce your exposure to security vulnerabilities in the CIS CD pipeline. What are some of the things that you recommend there to reduce the risk? >>There's a couple, oh, obviously security as a fundamental practice. We've been talking about that. So that's number one, key number. The second thing that I would say would be, uh, when you're adopting solutions, you need to consider the fact that there is a very much of a heterogeneous environment in today's, uh, ecosystem, lots of different clouds, lots of different tools. So integration is key. The ability to, um, have choices of deployment, uh, in terms of where you wanted to play. You don't want to deploy based upon the technology limitations. You want to deploy and operate your business to meet your business needs and having the right of integrations and toolings to, uh, have that flexibility. Now, option is key. And I think the third thing is once you have security, the choices, then you can treat, you create a situation where there's a lot of, uh, you know, process overhead and operational overhead, and you need a platform, a singular cybersecurity platform to kind of bring it all in that can work across multiple technologies and environments, and still be able to control at the visibility and consolidate, uh, policies and nationally consistent across all closet points. >>So we're to the DevOps folks, what are some of the key considerations that they need to take into >>Account to ensure that their container strategy isn't compromising security? Well, I think it comes down to having to think outside of just dev ops, right? You have to, we talk about CIC D you have to think beyond just the build process beyond just where things live. You have to think continuous life cycles and using a cyber security platform that brings it together, such as we have the Fortinet security fabric that does that tying a lot of different integration solutions. We work well within their core, but theirs have the ability to integrate well into various environments that provide that consistent policies. And I think that's the other thing is it's not just about integration. It's about creating that consistency across class. And the reality is also for, I think today's dev ops, many organizations are in transition it's, you know, as, as much as we all think and want to kind of get to that cloud native point in time, the reality is there's a lot of legacy things. >>And so dev ops set ups, the DevSecOps, all these different kind of operational functions need to consider the fact that everything is in transition. There are legacy applications, they are new cloud native top first type of application delivery is using containers of various technologies. And there needs to be a, again, that singular tool, the ability to tie this all together as a single pane of glass, to be able to then navigate emerge between legacy deployments and applications with the new way of doing things and the future of doing things with cloud native, uh, and it comes down again to, to something like the Fortinet security fabric, where we're tying things together, having solutions that can deploy on any cloud, securing any application on any cloud while bringing together that consistency, that visibility and the single point management, um, and to kind of lower that operational overhead and introduce security as part of the entire life cycle. >>Do you have a Vincent example of a customer that 49 has worked with that has done this, that you think really shows the value of what you're able to enable them to achieve? >>We do. We do. We have lots of customers, so can name any one specific customer for various reasons, you know, it's security after all. Um, but the, the most common use cases when customers look at it, that when you, we talked to a CIO, CSO CTO is I think that's a one enter they ask us is, well, how do we, how do we manage in this day and age making these cloud migrations? Everyone? I think the biggest challenge is everyone is in a different point in time in their cloud journey. Um, there's if you talk to a handful of customers or a rueful customers, you're not going to find one single organization that's going to be at the same point in time that matches them yet another person, another organization, in terms of how they're going about their cloud strategies, where they're deploying it at what stage of evolution there are in their organizational transformations. >>Um, and so what they're looking for is that, that that's the ability to deploy and security any application on any topic throughout their entire application life cycle. Um, and so, so the most common things that, that our customers are looking for, um, and, you know, they're doing is they're looking to secure things on the network and then interconnected to the cloud with, uh, to deliver that superior, uh, application experience. So they were deploying something like the security fabric. Uh, again, you know, Fordanet has a cybersecurity approach to that point and securing the native environments. They're looking at dev ops, they're deploying tooling to provide, uh, you know, security posture management, plus a few posture management to look at the things that are doing that, the registries, their environment, the dev environment, to then securing their cloud, uh, networks, uh, like what we do with our FortiGate solutions, where we're deploying things from the dev ops. >>I feel secure in the cloud environment with our FortiGate environments across all the various multitudes of cloud providers, uh, like, uh, AWS Azure, Google cloud, and that time that together with, with some secure, um, interconnections with SD LAN, and then tying that into the liver and productions, um, on the web application side. So it's a very much a continuous life cycle, and we're looking at various things. And again, the other example we have is because of the different places in different, uh, in terms of Tod journeys, that the number one key is the ability to then have that flexibility deployment to integrate well into existing infrastructure and build a roadmap out for, uh, cloud as they evolve. Because when you talk to customers today, um, they're not gonna know where they're going to be tomorrow. They know they need to get there. Uh, they're not sure how they're going to get there. And so what they're doing now is they're getting to cloud as quickly as they can. And then they're looking for flexibility to then kind of adjust and they need a partner like Fordanet to kind of bring that partnership and advisorship to, uh, to those organizations as they make their, their, their strategies clearer and, uh, adjust to new business demands. >>Yeah. That partnership is key there. So afforded it advocates, the importance of taking a platform approach to the application life cycle. Talk to me about what that means, and then give me like the top three considerations that customers need to be considering for this approach. >>Sure. Number one is how flexible is that deployment in terms of, do you, do customers have the option to secure and deploy any application, any cloud, do they have the flexibility of, um, integrating security into their existing toolings and then, uh, changing that out as they need, and then having a partner and a customer solution that kind of grows with that? I think that's the number one. Number two is how well are these, uh, integrations or these flexible options tied together? Um, like what we do with the security fabric, where everything kind of starts with, uh, the idea of a central management console that's, you know, uh, and consistent policies and security, um, from the get-go. And I think the third is, is looking at making sure that the, the, the security integrations, the secure intelligence is done in real time, uh, with a quality source of information, uh, and, and points of, uh, of responsiveness, um, what we do with four guard labs. >>For example, we have swell of large, um, machine learning infrastructure where have supported by all the various customer inputs and great intelligence organizations, but real time intelligence and percussion as part of that deployment life cycle. Again, this kind of really brings it all together, where organizations looking for application security and, and trying to develop in a CSED fashion. And you have the ability to then have security from the get, go hide ident to the existing toolings for flexibility, visibility, and then benefits from security all along the way with real time, you know, uh, you know, leading edge security, that then kind of brings that, that sense of confidence and reassurance as they're developing, they don't need to worry about security. Security should just be part of that. And they just need to worry about solving the customer problems and, uh, and, you know, delivering business outcomes and results. >>That's it, right? It's all about those business outcomes, but delivering that competence is key. Vince, thank you for joining me on the program today, talking through what 49 is doing, how you're helping customers to integrate security and compliance into the dev dev sec ops workflow. We appreciate your insights. >>Thank you so much for your time. I really appreciate it. My >>Pleasure for vents Wang. I'm Lisa Martin. You're watching the cube live from Los Angeles, uh, cube con and cloud native con 21 stick around at Dave Nicholson will join me next with my next guest.

>>Mhm Welcome back to Los Angeles. The Cubans live, I can't say that enough. The Cubans live. We're at cu con cloud Native Con 21. We've been here all day yesterday and today and tomorrow talking with lots of gas. Really uncovering what's going on in the world of kubernetes, lisa martin here with Dave Nicholson. We've got some folks. Next we're gonna be talking about a customer use case, which is always one of my favorite things to talk about. Please welcome Michael Coletti, the principal platform engineer at CHG Healthcare and then cat from a christian VP of products from port works by pure storage. Guys, welcome to the program, Thank you. Happy to be here. Yeah. So Michael, first of all, let's go ahead and start with you, give the audience an overview of CHG healthcare. >>Yeah, so CHG Healthcare were a staffing company so we sure like a locum pen and so our clients are doctors and hospitals, so we help staff hospitals with temporary doctors or even permanent placing. So we deal with a lot of doctors, a lot of nursing and we're were a combination of multiple companies to see if she is the parents. So and uh yeah, we're known in the industry is one of the leaders in this, this field and providing uh hospitals with high quality uh doctors and nurses and uh you know, our customer services like number one and one of these are Ceos really focused on is now how do we make that more digital, how we provide that same level of quality of service, but a digital experience as rich for >>I can imagine there was a massive need for that in the last 18 months alone. >>Covid definitely really raised that awareness out for us and the importance of that digital experience and that we need to be out there in the digital market. >>Absolutely. So your customer report works by pure storage, we're gonna get into that. But then can talk to us about what's going on. The acquisition of port works by peer storage was about a year ago I talked to us about your VP of product, what's going on? >>Yeah, I mean, you know, first of all, I think I could not say how much of a great fit for a port works to be part of your storage. It's uh uh Pure itself is a very fast moving large start up that's a dominant leader in a flash and data center space. And you know, pure recognizes the fact that Cuban it is is the new operating system of the cloud is now how you know, it's kind of virtualizing the cloud itself and there is a, you know, a big burgeoning need for data management in communities and how you can kind of orchestrate work lords between your on prem data centers in the cloud and back. So port books fits right into the story as complete vision of data management for our customers and uh spend phenomenal or business has grown as part of being part of Pure and uh you know, we're looking at uh launching some new products as well and it's all exciting times. >>So you must have been pretty delighted to be acquired as a startup by essentially a startup because because although pure has reached significant milestones in the storage business and is a leader in flash storage still, that, that startup mindset is there, that's unique, that's not, that's not the same as being acquired by a company that's been around for 100 years seeking to revitalize >>itself. Can >>you talk a little bit about that >>aspect? So I think it will uh, Purest culture is highly innovation driven and it's a very open flat culture. Right? I mean everybody impure is accessible, it can easily have a conversation with folks and everybody has his learning mindset and Port works is and has always been in the same way. Right? So when you put these teams together, if we can create wonders, I mean we, right after that position, just within a few months we announced an integrated solution that Port works orchestrates volumes and she file shares in Pure flash products and then delivers as an integrated solution for our customers. And Pure has a phenomenal uh, cloud based monitoring and management system called Pure one that we integrated well into. Now we're bringing the power of all of the observe ability that Purest customers are used to for all of the partners customers and having super happy, you know, delivering that capability to our customers and our customers are delighted now they can have a complete view all the way from community is an >>app to the >>flash and I don't think any one company on the planet can even climb, they can do that. >>I think, I think it's fair to acknowledge that pure one was observe ability before observe ability was a word. Exactly one used regularly. So that's very interesting. >>I could talk to us about obviously you are a customer CHD as a customer of court works now Port works by peer storage. Talk to us about the use case, what what was the compelling? It was their compelling event and from a storage perspective that that led you to Port works in the >>first so we be, they began this our Ceo basically in the vision, we we need to have a digital presence, we need and hazards and this was even before Covid, so they brought me on board and my my manager read uh glass or he we basically had this task to how are we going to get out into the cloud, how we're going to make that happen And we we chose to follow very much cloud native strategy and the platform of choice. I mean it just made sense with kubernetes and so when we were looking at kubernetes, we're starting to figure out how we're doing, we knew that data is going to be a big factor, you know, um being to provide data, we're very much focused on an event driven, were really pushing to event driven architecture. So we leverage Kafka on top of kubernetes, but at the time we were actually leveraging Kafka with M S K down out in a W S and that was just a huge cost to us. So I came on board, I had experienced with poor works prior company before that and I basically said we need to figure out a great storage away overlay. And the only way to do is we gotta have high performance storage, we've got to have secure, we gotta be able to back up and recover that storage and the poor works was the right match and that allowed us to have a very smooth transition off of M S K onto kubernetes, saving us, it's a significant amount of money per month and just leverage that already existing hardware that are existing, compute memory and just in the and move right to port works, >>leveraging your existing investments. >>Exactly which is key. Very, very key. So, >>so been kept, how common are the challenges that when you guys came together with the HD, how common are the challenges? It's actually, >>that's a great question, you know, this is, I'll tell you the challenges that Michael and his team are running into is what we see a lot in the, in the industry where people pay a ton of money, you know, to, you know, to to other vendors or especially in some cases use some cloud native services, but they want to have control over the data. They want to control the cost and they want higher performance and they want to have, you know, there's also governance and regulatory things that they need to control better. So they want to kind of bring these services and have more control over them. Right? So now we will work very well with all of our partners including the cloud providers as well as uh, you know, an from several vendors and everybody but different customers are different kinds of needs and port works gives them the flexibility if you are a customer who want, you know, have a lot of control over your applications, the performance of the agency and want to control cars very well in leveraging existing investments board works can deliver that for you in your data center right now you can integrate it with pure slash and you get a complete solution or you won't run it in cloud and you still want to have leverage the agility of the cloud and scale for books delivers a solution for you as well. So it kind of not only protects their investment in future proves their architecture, you get future proving your architecture completely. So if you want to tear the cloud or burst the cloud, you have a great solution that you can continue to leverage >>when you hear a future proof and I'm a marketer. So I always go, I love to know what it means to different people, what does that mean to you in your environment? >>My environment. So a future proof means like one of the things we've been addressing lately, that's just a real big challenge and I'm sure it's a challenge in the industry, especially Q and A's is upgrading our clusters ability to actually maintain a consistent flow with how fast kubernetes is growing, you know, they they're out I think yes, we leverage eks so it's like 1 21 or 1 22 now, uh that effort to upgrade a cluster, it can be a daunting one with port works. We actually were able to make that to where we could actually spin up a brand new cluster and with port work shift, all our application services, data migrated completely over poor works, handles all that for us and stand up that new cluster in less than a day. And that effort, it would take us a week, two weeks to do so not even man hours the time spent there, but just the reliability of being able to do that and the cost, you know, instead of standing up a new cluster and configuring it and doing all that and spending all that time, we can just really, we move to what we call blue green cut over strategy and port works is an essential piece of that. >>So is it fair to say that there are a variety of ways that people approach port works from a, from a value perspective in terms of, I I know that one area that you are particularly good in is the area of backups in this environment, but then you get data management and there's a third kind of vector there. What is the third vector? >>Yeah, it's all of the data services. Data services, like for example, database as a service on any kubernetes cluster paid on your cloud or you're on from data centers, which >>data, what kind of databases >>you were talking about? Anything from Red is Kafka Postgres, my sequel, you know, council were supporting, we just announced something called port books, data services offering that essentially delivers all these databases as a service on any kubernetes cluster uh that that a customer can point to unless than kind of get the automated management of the database on day one to day three, the entire life cycle. Um you know, through regular communities, could curdle experience through Api and SDK s and a nice slick ui that they can, you know, just role based access control and all of that, that they can completely control their data and their applications through it. And, you know, that's the third vector of potatoes Africans >>like a question for you. So what works has been a part of peer storage? You've known it since obviously for several years before you were a c h G, you brought up to see H G, you now know it a year into being acquired by a fast paced startup. Talk to me about the relationship and some of the benefits that you're getting with port works as a part of pure storage. >>Well, I mean one of the things, you know, when, when I heard about the accusation, my first thing was I was a little bit concerned is that relationship going to change and when we were acquiring, when we're looking at a doctor and Poor works, One thing I would tell my management is poor works is not just a vendor that wants to throw a solution on you and provide some capability there, partner, they want to partner with you and your success in your journey and this whole cloud native journey to provide this rich digital experience for not only our platform engineering team, but our dev teams, but also be able to really accelerate the development of our services so we can provide that digital portal for our end users and that didn't change. If anything that accelerated that that relationship did not change. You know, I came to the cat with an issue we just, we're dealing with, he immediately got someone on the phone call with me and so that has not changed. So it's really exciting to see that now that they've been acquired that they still are very much invested in the success of their customers and making sure we're successful. You know, it's not all of a sudden I was worried I was gonna have to do a whole different support process and it's gonna go into a black hole didn't happen. They still are very much involved with their customers. And >>that sounds kind of similar to what you talked about with the cultural alignment I've known here for a long time and they're very customer centric. Sounds like one of the areas in which there was a very strong alignment with port works. >>Absolutely important works has always taken pride in being customer. First company. Our founders are heavily customer focused. Uh, you know, they are aligned. They want, they have always aligned uh, the portraits business to our customers needs. Uh Pure is a company that's men. I actually focused on customers, right? I mean, that's all, you know, purist founder cause and everybody care about and so, you know, bringing these companies together and being part of the pure team. I kind of see how synergistic it is. And you know, we have, you know, that has enabled us to serve our customers customers even better than before. >>So, I'm curious about the two of you personally, in terms of your histories, I'm going to assume that you didn't both just bounce out of high school into the world of kubernetes, right? So like lisa and I your spanning the generations between the world of, say, virtualization based on X 86 architecture and virtualization where you can have microservices, you have a full blown operating system that you're working with, that kind of talk about, you know, Michael with you first talk about what that's been like navigating that change. We were in the midst of that, Do you have advice for others that are navigating that change? >>Don't be afraid of it, you know, a lot of people want to, you know, I call it, we're moving from where we're uh naming, we still have cats and dogs, they have a name, the VMS either whether or not their physical boxes or their VMS to where it's more like it's a cattle, you know, it's like we don't own the Os and not to be afraid afraid of that because change is really good. You know, the ability for me to not have to worry about patching and operating system is huge, you know, where I can rely on someone like the chaos and and the version and allow them to, if CV comes out, they let me know I go and I use their tools to be able to upgrade. So I don't have to literally worry about owning that Os and continues the same thing. You know, you, you, you know, it's all about being fault tolerant, right? And being able to be changed where you can actually brought a new version of a container, a base image with a lot of these without having to go and catch a bunch of servers, I mean patch night was held, I'm sorry if I could say that, but it was a nightmare, you know, but this whole world has just been a game changer >>with that. So Van cut from your perspective, you were coming at it, going into a startup, looking at the landscape in the future and seeing opportunity, um what what what's that been like for you? I guess the question for you is more something lisa and I talk about this concept of peak kubernetes, where are we in the wave, is this just is this just the beginning, are we in the thick of it? >>Yeah, I think I would say we're kind of transitioning from earlier doctors too early majority face in the whole, you know, um crossing the chasm analogy. Right, so uh I would say we're still the early stages of this big wave that's going to transform how infrastructure is built, apps are, apps are built and managed and run in production. Um I think some of the uh pieces, the key pieces are falling in place and maturing, uh there are some other pieces like observe ability and security, uh you know, kind of edge use cases need to be, you know, they're kind of going to get a lot more mature and you'll see that the cloud as we know today and the apps as we know today, they're going to be radically different and you know, if you're not building your apps and your business on this modern platform, on this modern infrastructure, you're gonna be left behind. Um, you know, I, my wife's birthday was a couple of days ago. I was telling this story a couple of friends is that I r I used another flowers delivery website. Uh they missed delivering the flowers on the same day, right? So when they told me all kinds of excuses, then I just went and looked up, you know, like door dash, which delivers uh, you know, and then, you know, like your food, but there's also flower delivery, indoor dash and I don't do it, I door dash flowers to her and I can track the flower does all the way she did not eat them, okay, You need them. But my kids love the chocolates though. So, you know, the case in point is that you cannot be, you know, building a modern business without leveraging the moral toolchain and modern toolchain and how the business is going to be delivered. That that thing is going to be changing dramatically. And those kind of customer experience, if you don't deliver, uh, you're not gonna be successful in business and communities is the fundamental technology that enables these containers. It's a fundamental piece of technology that enables building new businesses, you know, modernizing existing businesses and the five G is gonna be, there's gonna be new innovations that's going to get unleashed. And uh, again, communities and containers enable us to leverage those. And so we're still scratching the surface on this, it's big now, it's going to be much, much bigger as we go to the next couple of years. >>Speaking of scratching the surface, Michael, take us out in the last 30 seconds or so with where CHG healthcare is on its digital transformation. How is port works facilitating that? >>So we're right in the thick of it. I mean we are we still have what we call the legacy, we're working on getting those. But I mean we're really moving forward um to provide that rich experience, especially with inventing driven platforms like Kafka and Kubernetes and partnering with port works is one of the key things for us with that and a W s along with that. But we're, and I remember I heard a talk and I can't, I can't remember me but he he talked about how, how kubernetes just sort of like 56 K. Modem, You're hearing it, see, but it's got to get to the point where it's just there, it's just the high speed internet and Kelsey Hightower, That's who Great. Yeah, and I really like that because that's true, you know, and that's where we're on that transition, where we're still early, it's still that 50. So you still want to hear a note, you still want to do cube Cto, you want to learn it the hard way and do all that fun stuff, but eventually it's gonna be where it's just, it's just there and it's running everything like five G. I mean stripped down doing Micro K. It's things like that, you know, we're gonna see it in a lot of other areas and just proliferate and really accelerate uh the industry and compute and memory and, and storage and >>yeah, a lot of acceleration guys, thank you. This has been a really interesting session. I always love digging into customer use cases how C H. G is really driving its evolution with port works Venkat. Thanks for sharing with us. What's going on with port works a year after the acquisition. It sounds like all good stuff. >>Thank you. Thanks for having us. It's been fun, our >>pleasure. Alright for Dave Nicholson. I'm lisa martin. You're watching the cube live from Los Angeles. This is our coverage of Yukon cloud native Con 21 mhm

>> Announcer: From around the Globe, it's theCUBE with coverage of Kube Con and Cloud Native Con Europe 2021 virtual brought to you by Red Hat, the cloud native computing foundation and ecosystem partners. >> Hello, and welcome back to theCUBE's coverage of Kube Con and Cloud Native Con 2021 virtual. I'm John Furrier, host of theCUBE, here with a great guest, I'm excited to talk to. His company, that he was part of founding CTO, was bought by Red Hat. Ali Golshan, Senior Director of Global Software Engineer at Red Hat, formerly CTO of StackRox. Ali thanks for coming on, I appreciate it. Thanks for joining us. >> Thanks for having me excited to be here. >> So big acquisition in January, where we covered it on SiliconANGLE, You guys, security company, venture backed amplify Sequoya and on and on. Big part of Red Hat story in their security as developers want to shift left as they say and as more and more modern applications are being developed. So congratulations. So real quick, just quick highlight of what you guys do as a company and inside Red Hat. >> Sure, so the company's premise was built around how do you bring security the entire application life cycle. So StackRox focuses on sort of three big areas that we talk about. One is, how do you secure the supply chain? The second part of it is, how do you secure infrastructure and foster management and then the third part is now, how do you protect the workload that run on top of that infrastructure. So this is the part that aligned really well with Red Hat which is, Red Hat had wanted to take a lot of what we do around infrastructure, foster management configuration management and developer tools integrated into a lot of the things they do and obviously the workload protection part was a very seamless part of integrating us into the OpenShift part because we were built around cloud native constructs and obviously Red Hat having some of the foremost experts around cloud native sort of created a really great asset. >> Yeah, you guys got a great story. Obviously cloud native applications are rocking and rolling. You guys were in early serverless emerges, Kubernetes and then security in what I call the real time developer workflow. Ones that are building really fast, pushing code. Now it's called day two operations. So cloud native did two operations kind of encapsulates this new environment. You guys were right in the sweet spot of that. So this became quite the big deal, Red Hat saw an opportunity to bring you in. What was the motivation when you guys did the deal Was it like, "wow" this is a good fit. How did you react? What was the vibe at the StackRox when this was all going down? >> Yeah, so I think there's really three areas you look for, anytime a company comes up and sort of starts knocking on your door. One is really, is the team going to be the right fit? Is the culture going to be the right environment for the people? For us, that was a big part of what we were taking into consideration. We found Red Hat's general culture, how they approach people and sort of the overall approach the community was very much aligned with what we were trying to do. The second part of it was really the product fit. So we had from very early on started to focus purely on the Kubernetes components and doing everything we could, we call it sort of our product approach built in versus bolted on and this is sort of a philosophy that Red Hat had adopted for a long time and it's a part of a lot of their developer tools, part of their shift left story as well as part of OpenShift. And then the third part of it was really the larger strategy of how do you go to market. So we were hitting that point where we were in triple digit customers and we were thinking about scalability and how to scale the company. And that was the part that also fit really well which was obviously, RedHat more and more hearing from their customers about the importance and the criticality of security. So that last part happened to be one part. We ended up spending a lot of time on it, ended up being sort of three out of three matches that made this acquisition happen. >> Well congratulations, always great to see startups in the right position. Good hustle, great product, great market. You guys did a great job, congratulations. >> Thank you. >> Now, the big news here at KubeCon as Linux foundation open-source, you guys are announcing that you're open-sourcing at StackRox, this is huge news, obviously, you now work for an open-source company and so that was probably a part of it. Take us through the news, this is the top story here for this segment tickets through open-source. Take us through the news. >> Yeah, so traditionally StackRox was a proprietary tool. We do have open-source tooling but the entire platform in itself was a proprietary tool. This has been a number of discussions that we've had with the Red Hat team from the very beginning. And it sort of aligns around a couple of core philosophies. One is obviously Red Hat at its core being an open-source company and being very much plugged into the community and working with users and developers and engineers to be able to sort of get feedback and build better products. But I think the other part of it is that, I think a lot of us from a historic standpoint have viewed security to be a proprietary thing as we've always viewed the sort of magic algorithms or black boxes or some magic under the hood that really moved the needle. And that happens not to be the case anymore also because StackRox's philosophy was really built around Kubernetes and Built-in, we feel like one of the really great messages around wide open-source of security product is to build that trust with the community being able to expose, here's how the product works, here's how it integrates here are the actions it takes here's the ramifications or repercussions of some of the decisions you may make in the product. Those all I feel make for very good stories of how you build connection, trust and communication with the community and actually get feedback on it. And obviously at its core, the company being very much focused on Kubernetes developer tools, service manage, these are all open-source toolings obviously. So, for us it was very important to sort of talk the talk and walk the walk and this is sort of an easy decision at the end of the day for us to take the platform open-source. And we're excited about it because I think most still want a productized supported commercial product. So while it's great to have some of the tip of the spear customers look at it and adopt the open-source and be able to drive it themselves. We're still hearing from a lot of the customers that what they do want is really that support and that continuous management, maintenance and improvement around the product. So we're actually pretty excited. We think it's only going to increase our velocity and momentum into the community. >> Well, I got some questions on how it's going to work but I do want to get your comment because I think this is a pretty big deal. I had a conversation about 10 years ago with Doug Cutting, who was the founder of Hadoop, And he was telling me a story about a company he worked for, you know all this coding, they went under and the IP was gone, the software was gone and it was a story to highlight that proprietary software sometimes can never see the light of day and it doesn't continue. Here, you guys are going to continue the story, continue the code. How does that feel? What's your expectations? How's that going to work? I'm assuming that's what you're going to open it up which means that anyone can download the code. Is that right? Take us through how to first of all, do you agree with that this is going to stay alive and how's it going to work? >> Yeah, I mean, I think as a founder one of the most fulfilling things to have is something you build that becomes sustainable and stands the test of time. And I think, especially in today's world open-source is a tool that is in demand and only in a market that's growing is really a great way to do that. Especially if you have a sort of an established user base and the customer base. And then to sort of back that on top of thousands of customers and users that come with Red Hat in itself, gives us a lot of confidence that that's going to continue and only grow further. So the decision wasn't a difficult one, although transparently, I feel like even if we had pushed back I think Red Hat was pretty determined about open-source and we get anyway, but it's to say that we actually were in agreement to be able to go down that path. I do think that there's a lot of details to be worked out because obviously there's sort of a lot of the nuances in how you build product and manage it and maintain it and then, how do you introduce community feedback and community collaboration as part of open-source projects is another big part of it. I think the part we're really excited about is, is that it's very important to have really good community engagement, maintenance and response. And for us, even though we actually discussed this particular strategy during StackRox, one of the hindering aspects of that was really the resources required to be able to manage and maintain such a massive open-source project. So having Red Hat behind us and having a lot of this experience was very relevant. I think, as a, as a startup to start proprietary and suddenly open it and try to change your entire business model or go to market strategy commercialization, changed the entire culture of the company can sometimes create a lot of headwind. And as a startup, like sort of I feel like every year just trying not to die until you create that escape velocity. So those were I think some of the risk items that Red Hat was able to remove for us and as a result made the decision that much easier. >> Yeah, and you got the mothership with Red Hat they've done it before, they've been doing it for generations. You guys, you're in the startup, things are going crazy. It's like whitewater rafting, it's like everything's happening so fast. And now you got the community behind you cause you're going to have the CNC if you get Kubecon. I mean, it's a pretty great community, the support is amazing. I think the only thing the engineers might want to worry about is go back into the code base and clean things up a bit, as you start to see the code I'm like, wait a minute, their names are on it. So, it's always always a fun time and all serious now this is a big story on the DevSecOps. And I want to get your thoughts on this because kubernetes is still emerging, and DevOps is awesome, we've been covering that in for all of the life of theCUBE for the 11 years now and the greatness of DevOps but now DevSecOps is critical and Kubernetes native security is what people are looking at. When you look at that trend only continuing, what's your focus? What do you see? Now that you're in Red Hat as the CTO, former CTO of StackRox and now part of the Red Hat it's going to get bigger and stronger Kubernetes native and shifting left-hand or DevSecOps. What's your focus? >> Yeah, so I would say our focus is really around two big buckets. One is, Kubernetes native, sort of a different way to think about it as we think about our roadmap planning and go-to-market strategy is it's mutually exclusive with being in infrastructure native, that's how we think about it and as a startup we really have to focus on an area and Kubernetes was a great place for us to focus on because it was becoming the dominant orchestration engine. Now that we have the resources and the power of Red Hat behind us, the way we're thinking about this is infrastructure native. So, thinking about cloud native infrastructure where you're using composable, reusable, constructs and objects, how do you build potential offerings or features or security components that don't rely on third party tools or components anymore? How do you leverage the existing infrastructure itself to be able to conduct some of these traditional use cases? And one example we use for this particular scenario is networking. Networking, the way firewalling in segmentation was typically done was, people would tweak IP tables or they would install, for example, a proxy or a container that would terminate MTLS or become inline and it would create all sorts of sort of operational and risk overhead for users and for customers. And one of the things we're really proud of as sort of the company that pioneered this notion of cloud native security is if you just leverage network policies in Kubernetes, you don't have to be inline you don't have to have additional privileges, you don't have to create additional risks or operational overhead for users. So we're taking those sort of core philosophies and extending them. The same way we did to Kubernetes all the way through service manager, we're doing the same sorts of things Istio being able to do a lot of the things people are traditionally doing through for example, proxies through layer six and seven, we want to do through Istio. And then the same way for example, we introduced a product called GoDBledger which was an open-source tool, which would basically look at a yaml on helm charts and give you best practices responses. And it's something you we want for example to your get repositories. We want to take those sort of principles, enabling developers, giving them feedback, allowing them not to break their existing workflows and leveraging components in existing infrastructure to be able to sort of push security into cloud native. And really the two pillars we look at are ensuring we can get users and customers up and running as quickly as possible and reduce as much as possible operational overhead for them over time. So we feel these two are really at the core of open-sourcing in building into the infrastructure, which has sort of given us momentum over the last six years and we feel pretty confident with Red Hat's help we can even expand that further. >> Yeah, I mean, you bring up a good point and it's certainly as you get more scale with Red Hat and then the customer base, not only in dealing with the threat detection around containers and cloud native applications, you got to kind of build into the life cycle and you've got to figure out, okay, it's not just Kubernetes anymore, it's something else. And you've got advanced cluster security with Red Hat they got OpenShift cloud platform, you're going to have managed services so this means you're going to have scale, right? So, how do you view that? Because now you're going to have, you guys at the center of the advanced cluster security paradigm for Red Hat. That's a big deal for them and they've got a lot of R and D and a lot of, I wouldn't say R and D, but they got emerging technologies developing around that. We covered that in depth. So when you start to get into advanced cluster, it's compliance too, it's not just threat detection. You got insights telemetry, data acquisition, so you have to kind of be part of that now. How do you guys feel about that? Are you up for the task? >> Yeah, I hope so it's early days but we feel pretty confident about it, we have a very good team. So as part of the advanced cluster security we work also very closely with the advanced cluster management team in Red Hat because it's not just about security, it's about, how do you operationalize it, how do you manage it and maintain it and to your point sort of run it longterm at scale. The compliance part of it is a very important part. I still feel like that's in its infancy and these are a lot of conversations we're having internally at Red Hat, which is, we all feel that compliance is going to sort of more from the standard benchmarks you have from CIS or particular compliance requirements like the power, of PCI or Nest into how do you create more flexible and composable policies through a unified language that allows you to be able to create more custom or more useful things specific to your business? So this is actually, an area we're doing a lot of collaboration with the advanced cluster management team which is in that, how do you sort of bring to light a really easy way for customers to be able to describe and sort of abstract policies and then at the same time be able to actually and enforce them. So we think that's really the next key point of what we have to accomplish to be able to sort of not only gain scale, but to be able to take this notion of, not only detection in response but be able to actually build in what we call declarative security into your infrastructure. And what that means is, is to be able to really dictate how you want your applications, your services, your infrastructure to be configured and run and then anything that is sort of conflicting with that is auto responded to and I think that's really the larger vision that with Red Hat, we're trying to accomplish. >> And that's a nice posture to have you build it in, get it built in, you have the declarative models then you kind of go from there and then let the automation kick in. You got insights coming in from Red Hat. So all these things are kind of evolving. It's still early days and I think it was a nice move by Red Hat, so congratulations. Final question for you is, as you prepare to go to the next generation KubeCon is also seeing a lot more end user participation, people, you know, cloud native is going mainstream, when I say mainstream, seeing beyond the hyperscalers in the early adopters, Kubernetes and other infrastructure control planes are coming in you start to see the platforms emerge. Nobody wants another security tool, they want platforms that enable applications handle tools. As it gets more complicated, what's going to be the easy button in security cloud native? What's the approach? What's your vision on what's next? >> Yeah so, I don't know if there is an easy button in security and I think part of it is that there's just such a fragmentation and use cases and sort of designs and infrastructure that doesn't exist, especially if you're dealing with such a complex stack. And not only just a complex stack but a potentially use cases that not only span runtime but they deal with you deployment annual development life cycle. So the way we think about it is more sort of this notion that has been around for a long time which is the shared responsibility model. Security is not security's job anymore. Especially, because security teams probably cannot really keep up with the learning curve. Like they have to understand containers then they have to understand Kubernetes and Istio and Envoy and cloud platforms and APIs. and there's just too much happening. So the way we think about it is if you deal with security a in a declarative version and if you can state things in a way where how infrastructure is ran is properly configured. So it's more about safety than security. Then what you can do is push a lot of these best practices back as part of your gift process. Involve developers, engineers, the right product security team that are responsible for day-to-day managing and maintaining this. And the example we think about is, is like CVEs. There are plenty of, for example, vulnerability tools but the CVEs are still an unsolved problem because, where are they, what is the impact? Are they actually running? Are they being exploited in the wild? And all these things have different ramifications as you span it across the life cycle. So for us, it's understanding context, understanding assets ensuring how the infrastructure has to handle that asset and then ensuring that the route for that response is sent to the right team, so they can address it properly. And I think that's really our larger vision is how can you automate this entire life cycle? So, the information is routed to the right teams, the right teams are appending it to the application and in the future, our goal is not to just pardon the workload or the compute environment, but use this information to action pardon application themselves and that creates that additional agility and scalability. >> Yeah it's in the lifecycle of that built in right from the beginning, more productivity, more security and then, letting everything take over on the automation side. Ali congratulations on the acquisition deal with Red Hat, buyout that was great for them and for you guys. Take a minute to just quickly answer final final question for the folks watching here. The big news is you're open-sourcing StackRox, so that's a big news here at KubeCon. What can people do to get involved? Well, just share a quick quick commercial for what people can do to get involved? What are you guys looking for? Take a pledge to the community? >> Yeah, I mean, what we're looking for is more involvement in direct feedback from our community, from our users, from our customers. So there's a number, obviously the StackRox platform itself being open-source, we have other open-source tools like the KubeLinter. What we're looking for is feedback from users as to what are the pain points that they're trying to solve for. And then give us feedback as to how we're not addressing those or how can we better design our systems? I mean, this is the sort of feedback we're looking for and naturally with more resources, we can be a lot faster in response. So send us feedback good or bad. We would love to hear it from our users and our customers and get a better sense of what they're looking for. >> Innovation out in the open love it, got to love open-source going next gen, Ali Golshan Senior Director of Global Software Engineering the new title at Red Hat former CTO and founder of StackRox which spread had acquired in January, 2021. Ali thanks for coming on congratulations. >> Thanks for having, >> Okay, so keeps coverage of Kube Con cloud native Con 2021. I'm John Furrie, your host. Thanks for watching. (soft music)

from around the globe it's thecube with coverage of kubecon and cloudnativecon north america 2020 virtual brought to you by red hat the cloud native computing foundation and ecosystem partners hey welcome back everybody jeff frick here with thecube coming to you from our palo alto studios with our ongoing coverage of kubecon cloud nativecon north america 2020 virtual it's virtual like everything else that we're doing in 2020 we're really excited by our next guest we're going to dive into a company that you probably know a little bit on the surface but probably don't know a lot of the stuff that's going on behind the surface so we're really excited to have our next guest he is jai chakrabarti he is the director of engineering for core infrastructure at spotify jai great to see you great to be here with you today so as a as a long-standing uh spotify fan and and customer and premium customer and family playing customer just so there's no question i'm a big fan the infrastructure to deliver what i want to hear basically any sound any song from the entire world it seems like i don't know what the actual uh percentage of every published song you guys have you know kind of at my fingertips searchable available now to listen to is an amazing accomplishment i can't imagine how big and significant and complicated the infrastructure you guys must be managing and and not only that but kind of the meteoric growth over the last several years so first off just talk a little bit about spotify scale how you guys think about it is there some things that you can share to help people really understand you know some of the some of the big iron that's behind giving me the songs i want to hear absolutely and thank you for the opportunity to let me talk about this so it's a as you say it's a pretty mammoth project to be able to deliver just about any song that's in the world or now any podcast that you might want to listen to to hundreds of millions of fans and also enable creators to be able to share their content with the consumers who are interested in consuming that content so some of the metrics that go behind us are we have thousands of microservices running in production we were one of the early adopters of microservices at scale and continued to build on that foundation with early entrants to dockerize services and now of course largely on kubernetes we also have thousands of data pipelines hundreds of uh websites as well as micro app features and we're doing about 20 000 deployments a day to give you kind of a scale of how fast things are changing and for us speed is a great virtue as we're testing out features doing ab tests and trying to roll out the next best thing for the audio network it's amazing and i'm and i'm curious in terms of execution on the business side i mean clearly you're in many many countries you know you're global are all the licensing agreements for the music different by country are you just like super micromanaging um you know kind of the the revenue streams and the licensing by geo or is is that just as complex as it feels like it might be or is there some some simplicity or some scale that you can bring to uh to bring a little bit of of clarification there yeah so that is an area of complexity as well um so you know licensing across the broad set of content that we have as well as the number of publishers and creators that we have to make sure that everything is well accounted for is also kind of a source of complexity in our organizational makeup and then and then the the piece that i don't think a lot of people know is you guys are huge consumers and contributors back to open source and clearly we're here at q con cloud native con you've talked already about kubernetes and containers but i wonder before we get into some of the specifics if you can talk about philosophically the role of open source and why you know you guys are such a big open source company versus kind of back in the old days when you would have a lot of proprietary technology that you would try to develop and keep in-house as part of the as part of the secret sauce yeah thank you for that question so philosophically we are big proponents of open source we believe in giving back to the community we believe that when we as a community come together to solve these problems at scale the end result is much better than if we were to try it alone if any one company were to try it alone so some of the projects that we've contributed or invested a lot of time in are envoy for example which we use to power our perimeter at spotify or kubernetes which we use for deployment purposes as many companies do but there are also a number of other open source projects that we're committing to so for example with cloud bigtable we have produced an auto scaler that's now fairly widely used to be able to manage costs better with cloud bigtable we've also invested in a open source time series database called heroic to manage millions of data points for a metrics platform and scales so those are just a few examples but philosophically we believe this isn't something that we want to do alone and we want to leverage and do this together with the community right another one that you didn't mention there but you've talked about i want to dig into is backstage and as you mentioned you have a lot of developer teams working on a lot of projects like i saw a statistic maybe in github of the number of of github projects you guys are working on it's a it's a lot so what is backstage all about give us the story there yeah so at spotify we have almost somewhere around 500 engineering teams and so you can think about backstage as kind of like a central nervous system to be able to help engineers interface across the wide landscape that is spotify's engineering ecosystems so if you're an engineer you can go into backstage and you can manage your services your data pipelines your micro features you can see what other teams are doing what the organizational structure is you can get recommendations and insights on your tech health so you can see where you might need to invest more time and get some recommendations on how to get back to the blessed stock so it's really a one-stop developer portal that engineers spend the bulk of their time in today we open sourced it uh earlier this year and we've been absolutely thrilled with the response we've gotten thus far a number of companies have already started using it and contributing back so we've seen you know a lot of contributions coming back to backstage which is of course one of the ideas to be able to get some of the great ideas uh on backstage so we're really excited about that and specifically within backstage something that my team has just released into the open is a product called cost insights so one of the problems that we were dealing with at spotify is how do we sustainably look at cloud costs but do it in a way that isn't like a compliance exercise isn't a focus on traditional top top down cost controls but really taps into developers innate desire to work on optimization because all of us who come from an engineering background know that optimization is fun at the same time premature optimization is the root of all evil as the saying goes and so what we've done within our cost insights product and backstage is really try to find a good balance between engineering love for optimization and letting people know what are the areas where cloud spend really matters so if making an investment here isn't going to move the needle for us we let people know that this isn't worth your time to worry about so let me unpack you touch on a couple things first off you talked about it gives you an assessment of your engineering health so does that mean that it's kind of uh compliance within a standard is that looking for i guess not quite red flags yet but yellow flags of things that that are known potential issues down the road is it you know tapping into maybe higher cost services or microservices versus less that maybe there's a less expensive way so so how do you define health and how do you you know keep track of people getting away from health and then you know steering them back to being more healthy yeah that's a great question so we have this concept at spotify called golden state which is a reflection of how far away are you from all of the blessed frameworks libraries that we recommend to engineers and the way we think about golden state is there ought to be clear value adds to going to a new service a new library version and so the way we try to express it is unless of course there's a kind of a direct security concern and there aren't really too many ways to get around that but we really tried to preserve engineering autonomy and say if you go to this new framework for example you're going to save this much time on average so the recommendations that you'll find there are going to be highly specific so for example if you adopt uh you know an auto scaler for bigtable you're going to save this much time and spend this much less that's in general how we phrase these things okay and then on the cost insights i mean clearly when a dev is working on a new feature or new uh you know experimenting maybe with a bunch of new features and you're you're setting up multiple a b testing this and that are they are they not really working worrying about cost at the front end of that or is really kind of the cost optimization and you mentioned you know don't optimize too early does that come kind of after the fact and after you've you know moved some new things into production they have potential and now we do maybe a second order kind of analysis of the appropriateness of that feature because i imagine if they're just if you're just trying to come up with new features and exploring and trying new things not really worrying about the you're not worrying about the cloud bill right you're just trying to get some feature functionality and make sure you don't have too many bugs and make sure you're going to get some good client value and some new customer experience yeah yeah no and and we agree with that perspective so we think about the world in terms of startup scale-ups and mature businesses at spotify so there are a lot of teams who are experimenting with new ideas that fall into the startup category and by and large they are not going to be worrying about costs that being said we as infrastructure teams have the notice on us to think about how do we provide shared services and frameworks that abstract away a lot of these questions around how do you properly manage your costs right so that that is on us as infrastructure teams but really our perspective is for startups to move as quickly as they can and really if that's an idea that's viable and you get to what we call the scale-up stage or you get to the mature business stage where it really is a core part of our business then that's where you know you might start to get some nudges or recommendations and cost insights so interesting so i'd love to you know your background you came from financial services and trading where clearly speed matters accuracy matters you know that that's i mean basically financial services is is a software game at this stage of the game and it's a speed game and i saw another interesting uh video getting ready for this i think it was with gustav soderstrom talking about the competitive advantage of the early days really being speed and speed to return a result and speed to start that stream and it just struck me very much like you know the early days of google which was that was their whole speed thing and they even told you how fast you got a return on your search when you're thinking about optimizing now with the huge suite of features and functionalities that you have how do you think about speed is it still speed number one how is kind of the priority changed and what are some of the design priorities that when things go from experiment to start to be into the scale realm and hopefully be successful in production that that need to be thought about and potentially rank ordered um in in the proper way yeah yeah that's it's a great question and so you know i'll just refer to daniel x quote around this which is we aim to fail faster than anyone else and so for us as a company and with our growth trajectory and investing in the areas that we are looking to invest into it's still absolutely critical that we move fast that we get the ideas of the startup phase out to be vetted and validated if we can go to the next phase to the scale-up phase so i see that just as important today if not more than when i first joined spotify uh you know over four years ago at this point and regarding financial services um there are certainly you know touch points in terms of the amount of data that we're processing and the scale of technology that it requires to process that kind of data but one of the things that i really love about spotify of course is that we get to move fast which is sometimes of course going to be a lot more difficult when you're talking about the financial service arena and various uh compliance bodies that are overseeing any changes that you might make yeah you guys are you guys were running a little bit ahead of the regs i think which is pretty typical uh in the music business napster was running a little bit ahead of the regs and you know then we saw the evolution with the itunes and then you know you guys really really nailing the streaming service really for the first time and and opening up this new con consumption bottle and i wonder if you could talk about you know kind of keeping the customer experience first and making sure that that's a positive thing i can't help but think of of the netflix experience where they spend so much time on people's interaction with the application to to get them to try new things a recommendation engine such an important piece of the of the puzzle and i think what you guys have really nailed is the discovery piece because it's one thing to be able to quickly access a favorite song and be able to listen to it but everyone loves discovery right and discovery is kind of an interesting and interesting process and you guys have taken a really scientific approach in terms of cataloging music and and different attributes of music and then using those to help drive the recommendation engine i wonder if you can share you know kind of your thoughts in terms of being you know kind of ultimately driven by the customer experience and their interaction with the application and these things called you know music or podcast which is such a such a a a very personal thing to interact with yeah so from the perspective of core infrastructure you know it's spotify our goal is to really enable the scale in which we are processing the amount of audio content that goes through our system and so podcast of course is a new category that wasn't there when i originally joined spotify but it's really to provide a platform so these experiments can be done seamlessly so we can have different ways of looking at discovery looking at user segmentation and being able to come up with new ways that are going to be compelling to our customers so that's very exciting and fulfilling for us to be able to provide that platform by which our sister teams can iterate very quickly knowing that they have the guard rails uh which you know in our on-premise days at times was a struggle and where we're in a very different place now yeah so last question before i let you go we're at cubecon cloudnativecon um and and it's just an interesting thing that i always think about when you're managing engineering teams that are heavily open source participants and you know it's such a big piece now of of a lot of engineers motivation to be active participants in open source and to and to show their work to others outside the company but at the same time they have to get company work done so i just wonder if you could share your perspective of how do you manage open source contributions how do you keep them you know working on company projects but also make sure you allocate time and priorities to open source contributions because that is a really important piece of the motivation for a lot of engineers it's not just working for the company and getting paid at the india at the end of every two weeks yeah it's a key motivation as you say and it's key to our recruiting strategy and also how we think about retaining engineers and spotify so there are different mechanisms that we use and there's a lot of focus that's modified on coming up with development plans for engineers that actually make sense um so you know i would say that all the way from the oft quoted 20 time is something that you might hear at spotify where you have engineers who are working on open source 20 of the time or you might see a variety of customized customized options depending on who the engineer is where they want to grow and really i think the key here is providing the right support structures so even if you have the time are you getting the mentorship are you getting the right kind of support system so you know how to connect with the community and so you have other like-minded people who are bouncing ideas and you don't feel like you're doing it yourself so that's something that i feel really excited about that we've grown those support structures over the last few years eyes have also been very intentional about giving engineers time to work on open source and you give them as much as 20 i'd never heard that before yeah in some cases some i mean if that is what where an engineer really wants to focus and grow there are a number of folks at spotify who are spending up to 20 of their time on open source wow that's amazing that that is a uh that's a it's just it's such a great commitment for the company to the engineer if that's their priority and then everyone's going to benefit from it both the engineer the company as well as the community so really a forward-looking you know point of view to take that long-term view versus the you know maybe we should only give them 10 we're losing 10 of their time working on a project so that is super super progressive and i'm sure you must be seeing great roi on it or you wouldn't continue to be such huge proponents of open source and such huge contributors back so that's that's a great story yeah terrific i mean you know we we want those contributions to be in line with where we're growing as a company and we see a lot of opportunities uh where that is happening so like envoy or kubernetes um just to name a couple of examples where folks have devoted time in those areas well thanks for uh thanks for sharing some of the the story behind the scenes you know again household name what what a tremendous success story and and and uh you know i'm a movie customer so i'm definitely a customer though no no doubt about it so uh thank you for your contributions congrats to the team and uh and really loved the story of how you guys are contributing back and and doing a lot more than just making great music available to us all and a great channel for uh for creators to get their stuff out there so thanks again thanks so much for your time i really appreciate it all right he's jai i'm jeff you're watching the cube's continuing coverage of kubecon cloud nativecon north america 2020 thanks for watching we'll see you next [Music] time you

>>from around the globe. It's the Cube with coverage of Coop Con and Cloud, Native Con Europe 2020 Virtual brought to You by Red Hat, The Cloud Native Computing Foundation and its ecosystem Partners. Hi, I'm stupid, man. And this is the Cube's coverage of Cube con Cloud Native Con Europe event, which, of course, this year has gone virtual, really lets us be able to talk to those guests where they are around the globe. Really happy to welcome back to the program. Liz Rice. First of all, she is the vice president of Open Source Engineering at Aqua Security. She's also the chair of the Technical Oversight Committee has part of Ah CN cf. Liz, it is great to see you. Unfortunately, it's remote, but ah, great to catch up with you. Thanks for joining. >>Yeah, Thanks for having me. Nice to see you if you know across the ocean. >>So, uh, you know, one of the one of the big things? Of course, for the Cube Con show. It's the rallying point for the community. There are so many people participating. One of the things we always love to highlight its not only the the vendor ecosystem. But there is a very robust, engaged community of end users that participate in it. And as I mentioned, you're the chair of that technology oversight committee. So maybe just give our audience a little bit of, you know, in case they're not familiar with the TOC does. And let's talk about the latest pieces there. >>Yes, say the TOC is really hit. C can qualify the different projects that want to join the CNC F. So we're assessing whether or not they're cloud native. We're assessing whether they could joined at sandbox or incubation or graduation levels. Which of the different maturity levels that we have for for project within the CN CF yeah, we're really there, Teoh also provide it steering around the What does cloud native mean and what does it mean to be a project inside the CN CF community? We're also a voice for all of the projects. We're not the only voice, but, you know, part >>of our role >>really is to make sure the projects are getting what they need in order to be successful. So it's it's really around the technology and the projects that we call cloud native >>Yeah, and and obliges Cloud Native because when people first heard of the show, of course, Kubernetes and Cube Con was the big discussion point. But as you said, Cloud native, there's a lot of projects there. I just glanced at the sandbox page and I think there's over 30 in the sandbox category on and you know they move along their process until they're, you know, fully mature and reach that, you know, 1.0 state, which is the stamp of approval that, you know, this could be used in production. I understand there's been some updates for the sandbox process, so help us understand you know where that is and what's the new piece of that? >>Yeah. So it's really been because of the growth off cloud native in general, the popularity off the CN CF and so much innovation happening in our space. So there's been so many projects who want Teoh become hard off the CNC f family on and we used to have a sponsorship model where members of the TOC would essentially back projects that they wanted to see joining at the sandbox level. But we ran into a number of issues with that process on and also dealing with the scale, the number of applications that have come in. So we've revamped the process. We made it much easier for projects to apply as much simpler form where really not making so much judgment we're really saying is it's a cloud native project and we have some requirements in terms off some governance features that we need from a project. And it's worth mentioning that when a project joins the CN CF, they are donating the intellectual property and the trademark off that project into the foundation. So it's not something that people should take lightly. But we have tried to make it easier and therefore much smoother. We're able Teoh assess the applications much more quickly, which I think everyone, the community, the projects, those of us on the TOC We're all pretty happy that we can make that a much faster process. >>Yeah, I actually, it brings up An interesting point is so you know, I've got a little bit of background in standards committees. A swell as I've been involved in open source for a couple of decades now some people don't understand. You know, when you talk about bringing a project under a foundation. You talked about things like trademarks and the like. There are more than one foundation out there for CN CF Falls under the Linux Foundation. Google, of course, brought Kubernetes in fully to be supported. There's been some rumblings I've heard for the last couple of years about SDO and K Native and I know about a month before the show there was some changes along SDO and what Google was doing there may be without trying to pass too many judgments in getting into some of the political arguments, help us understand. You know what Google did and you know where that kind of comparison the projects that sit in the CN cf themselves. >>Yeah, So I e I guess two years ago around two years ago, Stu was very much the new kid in the cloud native block. So much excitement about the project. And it was actually when I was a program co chair that we had a lot of talks about sdo at Cube Con cloud native bomb, particularly in Copenhagen, I'm recalling. And, uh, I think everyone I just saw a natural fit between that project on the CN, CF and There was an assumption from a lot of people across the community that it would eventually become part of the CNC f. That was it's natural home. And one of the things that we saw in recent weeks was a very clear statement from IBM, who were one off the Uh huh, yeah, big contributing companies towards that project that that was also their expectation. They were very much under the impression that Stu would be donated to the CN CF at an appropriate point of maturity, and unfortunately, that didn't happen. From my point of view, I think that has sown a lot of confusion amongst the community because we've seen so much. It's very much a project of fits. Service mesh designed to work with kubernetes is it really does. You're fit naturally in with the other CN CF projects. So it's created confusion for end users who, many of whom assume that it was called the CN CF, and that it has the neutral governance that the other projects. It's part of the requirements that we have on those projects. They have to have an open governance that they're not controlled by a single vendor, Uh, and we've seen that you know that confusion, Andi. Frustration around that confusion being expressed by more and more end users as well as other people across the community. And yeah, the door is still open, you know, we would still love to see SDO join the community. Clearly there are different opinions within the SD wan maintainers. I will have to see what happens. >>Yeah, lets you bring up some really good points. You know, absolutely some of some of that confusion out there. Absolutely. I've heard from customers that if they're making a decision point, they might say, Hey, maybe I'm not going to go down that maybe choose something else because I'm concerned about that. Um, you know, I sdo front and center k native, another project currently under Google that has, you know, a number of other big vendors in the community that aiding in that So hopefully we will see some progress on that, you know, going forward. But, you know, back to you talked about, You know, the TOC doesn't make judgements as to you know which project and how they are. One of the really nice things out there in the CN CF, it's like the landscape just for you to help, understand? Okay, here's all of these projects. Here's the different categories they fit in. Here is where they are along that maturity. There's another tool that I read. Cheryl Hung blogged about the technology radar. I believe for continuous delivery is the first technology radar. Help us understand how that is, you know, not telling customers what to do but giving them a little guidance that you know where some of these projects projects fit. In a certain segment, >>Yeah, the technology radar is a really great initiative. I'm really excited about it because we have increasing numbers or end users who are using these different projects it both inside the CN CF and projects that are outside of the CNC F family. Your end users are building stacks. They're solving real problems in the real world and with the technology radar. What Cheryl's been able to facilitate is having the end you to the end user community share with us. What tools? They're actually using what they actually believe are the right hammers for specific nails. And, you know, it's it's one thing for us as it's more on the developer or vendor side Teoh look at different projects and say what we think are the better solutions for solving different problems. Actually hearing from the horse's mouth from the end users who are doing it in the real world is super valuable. And I think that is a really useful input to help us understand. What are the problems that the end user is still a challenge by what are the gaps that we still need to fail more input we can get from the end user community, the more will be solving real problems and no necessarily academic problems that we haven't sorry discovered in >>the real world. Alright, well is, you know, teeing up a discussion about challenges that users still have in the world. If we go to your primary jobs, Main hat is you live in the security world and you know, we know security is still something, you know, front and center. It is something that has never done lots of discussion about the shared responsibility model and how cloud native in security fit together and all that. So maybe I know there's some new projects there, but love to just give me a snap shot as where we are in the security space. As I said, Overall, it's been, you know, super important topic for years. This year, with a global pandemic going on, security seems to be raised even more. We've seen a couple of acquisitions in the space, of course. Aqua Security helping customers along their security journey. So what do you seeing out there in the marketplace today and hear from your custom? >>Yeah, I Every business this year has, you know, look at what's going on and you know, it's been crazy time for everyone, but we've been pleasantly surprised at how, you know, in relative terms, our business has been able to. It's been strong, you know. And I think you know what you're touching on the fact that people are working remotely. People are doing so many things online. Security is evermore online. Cloud security's evermore part off what people need to pay attention to. We're doing more and more business online. So, actually, for those of us in the security business, it has bean, you know that there have been some silver linings to this this pandemic cloud? Um, yes. So many times in technology. The open source projects and in particularly defaults in kubernetes. Things are improving its long Bina thing that I've you know, I wished for and talked about that. You know, some of the default settings has always been the most secure they could be. We've seen a lot of improvements over the last 23 years we're seeing continuing to see innovation in the open source world as well as you know, on the commercial side and products that vendors like Akwa, you know, we continue to innovate, continue to write you ways for customers to validate that the application workloads that they're going to run are going to run securely in the cloud. >>Alright and lives. There's a new project that I know. Ah, you know, you Aqua are participating in Tell us a little bit about Starbird. You know what's what's the problem? It's helping solve and you know where that budget >>Yes, So stockholders, one of our open source initiatives coming out of my team are equal on, and the idea is to take security reporting information and turn it into a kubernetes native, uh, resources custom resources. And then that means the security information, your current security status could be queried over the kubernetes AP I, as you're querying the status or the deployment, say you can also be clearing to see whether it's passing configuration audits or it's passing vulnerability scans for the application containers inside that deployment. So that information is available through the same AP eyes through the queue control interface through dashboards like Octane, which is a nice dashboard viewer for kubernetes. And starboard brings security information not just from acquittals but from other vendor tools as well front and center into that kubernetes experience. So I'm really excited about Star Border. It's gonna be a great way of getting security visibility, Teoh more kubernetes use it >>all right. And we were talking earlier about just the maturity of projects and how they get into the sandbox. Is is this still pretty sandbox for >>this? OK, we're still very much in the early phases and you know it. I think in the open source world, we have the ability to share what we're doing early so that we can get feedback. We can see how it resonates with with real users. We've had some great feedback from partners that we've worked with and some actual customers who actually collaborated with When we're going through the initial design, some great feedback. There's still lots of work to do. But, yeah, the initial feedback has been really positive. >>Yeah, is usually the event is one of those places where you can help try toe, recruit some other people that might have tools as well as educate customers about what's going on. So is that part of the call to action on this is, you know, what are you looking for for kind of the rest of 2020 when it when it comes to this project? >>Yeah, absolutely. So internally, we're working on an operator which will automate some of the work that's double does in the background in terms off getting more collaboration. We would love to see integrations from or security tooling. We're talking with some people across the community about the resource definition, so we've come up with some custom resource definitions, but we'd love them to be applicable it to a variety of different tools. So we want to get feedback on on those definitions of people are interested in collaborating on that absolutely do come and talk to me and my team are reluctant. >>Great. Listen, and I'll give you the final word. Obviously, we're getting the community together while we're part So you know any other you know, engagement opportunities, you get togethers. Things that you want people to know about the European show this year. >>Well, it's gonna be really you know, I'm on tenterhooks to see whether or not we can recreate the same atmosphere as we would have in Q con. I mean, it won't be exactly the same, but I really hope that people will engage online. Do come and, you know, ask questions of the speakers. Come and talk to the vendors, get into slack channels with the community. You know, this is an opportunity to pretend we're in the same room. Let's let's let's do what we can Teoh recreate as close as we can. That community experience that you keep corn is famous for >>Yeah, absolutely. That whole way track is something that is super challenging to recreate. And there's no way that I am getting the Indonesian food that I was so looking forward to in Amsterdam just such a great culinary and cultural city. So hopefully sometime in the future will be able to be back there. Liz Rice. Always pleasure catching up with you. Thanks so much for all the work you're doing on the TOC. And always a pleasure talking to you. >>Thanks for having me. >>All right, Lots more coverage from Cube Con Cloud, Native con the European 2020 show, Of course. Virtual I'm stew minimum. And thank you for watching the Cube. Yeah, yeah, yeah, yeah.

>>from around the globe. It's the Cube with coverage of Coop Con and Cloud, Native Con Europe 2020 Virtual brought to You by Red Hat, The Cloud Native Computing Foundation and its Ecosystem Partners. >>And welcome back to the Cube's coverage of Cube Con Cloud, Native Con Europe 20 twenties Virtual event. I'm Stew Minimum and and happy to Welcome back to the program, two of our Cube alumni. We're gonna be talking about storage in this kubernetes and container world. First of all, we have Sam Warner. He is the vice president of storage, offering management at IBM, and joining him is Brent Compton, senior director of storage and data architecture at Red Hat and Brent. Thank you for joining us, and we get to really dig in. It's the combined IBM and red hat activity in this space, of course, both companies very active in the space of the acquisition, and so we're excited to hear about what's going going. Ford. Sam. Maybe if we could start with you as the tee up, you know, Both Red Hat and IBM have had their conferences this year. We've heard quite a bit about how you know, Red Hat the solutions they've offered. The open source activity is really a foundational layer for much of what IBM is doing when it comes to storage, you know, What does that mean today? >>First of all, I'm really excited to be virtually at Cube Con this year, and I'm also really excited to be with my colleague Brent from Red Hat. This is, I think, the first time that IBM storage and Red Hat Storage have been able to get together and really articulate what we're doing to help our customers in the context of kubernetes and and also with open shift, the things we're doing there. So I think you'll find, ah, you know, as we talked today, that there's a lot of work we're doing to bring together the core capabilities of IBM storage that been helping enterprises with there core applications for years alongside, Ah, the incredible open source capabilities being developed, you know, by red Hat and how we can bring those together to help customers, uh, continue moving forward with their initiatives around kubernetes and rebuilding their applications to be develop once, deploy anywhere, which runs into quite a few challenges for storage. So, Brennan, I'm excited to talk about all the great things we're doing. Excited about getting to share it with everybody else. A cube con? >>Yes. So of course, containers When they first came out well, for stateless environments and we knew that, you know, we've seen this before. You know, those of us that live through that wave of virtualization, you kind of have a first generation solution. You know what application, What environment and be used. But if you know, as we've seen the huge explosion of containers and kubernetes, there's gonna be a maturation of the stack. Storage is a critical component of that. So maybe upfront if you could bring us up to speed you're steeped in, you know, a long history in this space. You know, the challenges that you're hearing from customers. Uhm And where are we today in 2020 for this? >>Thanks to do the most basic caps out there, I think are just traditional. I'm databases. APS that have databases like a post press, a longstanding APS out there that have databases like DB two so traditional APs that are moving towards a more agile environment. That's where we've seen in fact, our collaboration with IBM and particularly the DB two team. And that's where we've seen is they've gone to a micro services container based architecture we've seen pull from the market place. Say, you know, in addition to inventing new Cloud native APS, we want our tried true and tested perhaps I mean such as DB two, such as MQ. We want those to have the benefits of a red hat, open shift, agile environment. And that's where the collaboration between our group and Sam's group comes in together is providing the storage and data services for those state labs. >>Great, Sam, you know I IBM. You've been working with the storage administrator for a long time. What challenges are they facing when we go to the new architectures is it's still the same people it might There be a different part of the organization where you need to start in delivering these solutions. >>It's a really, really good question, and it's interesting cause I do spend a lot of time with storage administrators and the people who are operating the I T infrastructure. And what you'll find is that the decision maker isn't the i t operations or storage operations. People These decisions about implementing kubernetes and moving applications to these new environments are actually being driven by the business lines, which is, I guess, not so different from any other major technology shift. And the storage administrators now are struggling to keep up. So the business lines would like to accelerate development. They want to move to a developed, once deploy anywhere model, and so they start moving down the path of kubernetes. In order to do that, they start, you know, leveraging middleware components that are containerized and easy to deploy. And then they're turning to the I T infrastructure teams and asking them to be able to support it. And when you talk to the storage administrators, they're trying to figure out how to do some of the basic things that are absolutely core to what they do, which is protecting the data in the event of a disaster or some kind of a cyber attack, being able to recover the data, being able to keep the data safe, ensuring governance and privacy of the data. These things are difficult in any environment, but now you're moving to a completely new world and the storage administrators have ah tough challenge out of them. And I think that's where IBM and Red Hat can really come together with all of our experience and are very broad portfolio with incredibly enterprise hardened storage capabilities to help them move from their more traditional infrastructure to a kubernetes environment. >>Maybe if you could bring us up to date when we look back, it, like open stack of red hat, had a few projects from an open source standpoint to help bolster the open source or storage world in the container world. We saw some of those get boarded over. There's new projects. There's been a little bit of argument as to the various different ways to do storage. And of course, we know storage has never been a single solution. There's lots of different ways to do things, but, you know, where are we with the options out there? What's that? What's what's the recommendation from Red Hat and IBM as to how we should look at that? >>I wanna Bridget question to Sam's earlier comments about the challenges facing the storage admin. So if we start with the word agility, I mean, what is agility mean for it in the data world. We're conscious for agility from an application development standpoint. But if you use the term, of course, we've been used to the term Dev ops. But if we use the term data ops, what does that mean? What does that mean to you in the past? For decades, when a developer or someone deploying production wanted to create new storage or data, resource is typically typically filed a ticket and waited. So in the agile world of open shift in kubernetes, it's everything is self service and on demand or what? What kind of constraints and demands that place on the storage and data infrastructure. So now I'll come back to your questions. Do so yes. At the time, that red hat was, um, very heavily into open stack, Red Hat acquired SEF well acquired think tank and and a majority of the SEF developers who are most active in the community. And now so and that became the de facto software defying storage for open stack. But actually for the last time that we spoke at Coop Con and the Rook project has become very popular there in the CN CF as away effectively to make software defined storage systems like SEF. Simple so effectively. The power of SEF, made simple by rook inside of the open shift operator frame where people want that power that SEF brings. But they want the simplicity of self service on demand. And that's kind of the diffusion. The coming together of traditional software defined storage with agility in a kubernetes world. So rook SEF, open shift container storage. >>Wonderful. And I wonder if we could take that a little bit further. A lot of the discussion these days and I hear it every time I talk to IBM and Red Hat is customers air using hybrid clouds. So obviously that has to have an impact on storage. You know, moving data is not easy. There's a little bit of nuance there. So, you know, how do we go from what you were just talking about into a hybrid environ? >>I guess I'll take that one to start and Brent, please feel free to chime in on it. So, um, first of all, from an IBM perspective, you really have to start at a little bit higher level and at the middleware layer. So IBM is bringing together all of our capabilities everything from analytics and AI. So application, development and, uh, in all of our middleware on and packaging them up in something that we call cloud packs, which are pre built. Catalogs have containerized capabilities that can be easily deployed. Ah, in any open shift environment, which allows customers to build applications that could be deployed both on premises and then within public cloud. So in a hybrid multi cloud environment, of course, when you build that sort of environment, you need a storage and data layer, which allows you to move those applications around freely. And that's where the IBM storage suite for cloud packs was. And we've actually taken the core capabilities of the IBM storage software to find storage portfolio. Um, which give you everything you need for high performance block storage, scale out, um, file storage and object storage. And then we've combined that with the capabilities, uh, that we were just discussing from Red Hat, which including a CS on SEF, which allow you, ah, customer to create a common, agile and automated storage environment both on premises and the cloud giving consistent deployment and the ability to orchestrate the data to where it's needed >>I'll just add on to that. I mean that, as Sam noted and is probably most of you are aware. Hybrid Cloud is at the heart of the IBM acquisition of Red Hat with red hat open shift. The stated intent of red hat open shift is to be to become the default operating environment for the hybrid cloud, so effectively bring your own cloud wherever you run. So that that is at the very heart of the synergy between our companies and made manifest by the very large portfolios of software, which would be at which have been, um, moved to many of which to run in containers and embodied inside of IBM cloud packs. So IBM cloud packs backed by red hat open shift on wherever you're running on premises and in a public cloud. And no, with this storage suite for cloud packs that Sam referred to also having a deterministic experience. That's one of the things as we work, for instance, deeply with the IBM DB two team. One of the things that was critical for them, as they couldn't have they couldn't have their customers when they run on AWS have a completely different experience than when they ran on premises, say, on VM, where our on premises on bare metal critical to the DB two team t give their customers deterministic behavior wherever they can. >>Right? So, Sam, I I think any of our audience that it followed this space have heard Red House story about open shift in how it lives across multiple cloud environments. I'm not sure that everybody is familiar with how much of IBM storage solutions today are really this software driven. So ah, And therefore, you know, if I think about IBM, it's like, okay, and by storage or yes, it can live in the IBM Cloud. But from what I'm hearing from Brent in you and from what I know from previous discussion, this is independent and can live in multiple clouds, leveraging this underlying technology and can leverage the capabilities from those public cloud offers. That right, Sam? >>Yeah, that's right. And you know, we have the most comprehensive portfolio of software defined storage in the industry. Maybe to some, it's ah, it's a well kept secret, but those that use it No, the breadth of the portfolio. We have everything from the highest performing scale out file System Teoh Object store that can scale into the exabytes. We have our block storage as well, which runs within the public clouds and can extend back to your private cloud environment. When we talk to customers about deploying storage for hybrid multi cloud in a container environment, we give them a lot of houses to get there. We give them the ability to leverage their existing san infrastructure through the CS I drivers container storage interface. So our whole, uh, you know, physical on Prem infrastructure supports CS I today and then all the software that runs on our arrays also supports running on top of the public clouds, giving customers then the ability to extend that existing san infrastructure into a cloud environment. And now, with storage suite for cloud packs a sprint described earlier, we give you the ability to build a really agile infrastructure, leveraging the capabilities from Red Hat to give you a fully extensible environment and a common way of managing and deploying both on Prem and in the cloud. So we give you a journey with our portfolio to get from your existing infrastructure. Today, you don't have to throw it out it started with that and build out an environment that goes both on Prem and in the cloud. >>Yeah, Brent, I'm glad that you started with database, cause it's not something that I think most people would think about. You know, in a kubernetes environment, you Do you have any customer examples you might be able to give? Maybe Anonymous? Of course. Just talking about how those mission critical applications can fit into the new modern architect. The >>big banks. I mean, just full stop the big banks. But what I'd add to that So that's kind of frequently they start because applications based on structured data remain at the heart of a lot of enterprises. But I would say workload, category number two, our is all things machine Learning Analytics ai and we're seeing an explosion of adoption within the open shift. And, of course, cloud pack. IBM Cloud private for data, is a key market participant in that machine learning analytic space. So an explosion of the usage of of open shift for those types of workloads I was gonna touch just briefly on an example, going back to our kind of data data pipeline and how it started with databases, but it just it explodes. For instance, data pipeline automation, where you have data coming into your APS that are kubernetes based that our open shift based well, maybe we'll end up inside of Watson Studio inside of IBM ah, cloud pack for data. But along the way, there are a variety of transformations that need to occur. Let's say that you're a big bank. You need Teoh effectively as it comes in. You need to be able to run a CRC to ensure to a test that when when you modify the data, for instance, in a real time processing pipeline that when you pass it on to the next stage that you can guarantee well that you can attest that there's been no tampering of the data. So that's an illustration where it began, very with the basics of basic applications running with structured data with databases. Where we're seeing the state of the industry today is tremendous use of these kubernetes and open shift based architectures for machine learning. Analytics made more simple by data pay data pipeline automation through things like open shift container storage through things like open shift server lis or you have scale double functions and what not? So yeah, it began there. But boy, I tell you what. It's exploded since then. >>Yeah, great to hear not only traditional applications, but as you said so, so much interest. And the need for those new analytics use cases s so it's absolutely that's where it's going. Someone. One other piece of the storage story, of course, is not just that we have state full usage, but talk about data protection, if you could, on how you know things that I think of traditionally my backup restore and like, how does that fit into the whole discussion we've been having? >>You know, when you talk to customers, it's one of the biggest challenges they have honestly. And moving to containers is how do I get the same level of data protection that I use today? Ah, the environments are in many cases, more complex from a data and storage perspective. You want Teoh be able to take application consistent copies of your data that could be recovered quickly, Uh, and in some cases even reused. You can reuse the copies, for they have task for application migration. There's there's lots of or for actually AI or analytics. There's lots of use cases for the data, but a lot of the tools and AP eyes are still still very new in this space. IBM has made, uh, prior, uh, doing data protection for containers. Ah, top priority for our spectrum protect suite. And we provide the capabilities to do application aware snapshots of your storage environment so that a kubernetes developer can actually build in the resiliency they need. As they build applications in a storage administrator can get a pane of glass Ah, and visibility into all of the data and ensure that it's all being protected appropriately and provide things like S L A. So I think it's about, you know, the fact that the early days of communities tended to be stateless. Now that people are moving some of the more mission critical workloads, the data protection becomes just just critical as anything else you do in the environment. So the tools have to catch up. So that's a top priority of ours. And we provide a lot of those capabilities today and you'll see if you watch what we do with our spectrum. Protect suite will continue to provide the capabilities that our customers need to move their mission. Critical applications to a kubernetes environment. >>Alright And Brent? One other question. Looking forward a little bit. We've been talking for the last couple of years about how server lists can plug into this. Ah, higher kubernetes ecosystem. The K Native project is one that I, IBM and Red Hat has been involved with. So for open shift and server lis with I'm sure you're leveraging k native. What is the update? That >>the update is effectively adoption inside of a lot of cases like the big banks, but also other in the talk, uh, the largest companies in other industries as well. So if you take the words event driven architecture, many of them are coming to us with that's kind of top of mind of them is the need to say, you know, I need to ensure that when data first hits my environment, I can't wait. I can't wait for a scheduled batch job to come along and process that data and maybe run an inference. I mean, the classic cases you're ingesting a chest X ray, and you need to immediately run that against an inference model to determine if the patient has pneumonia or code 19 and then kick off another serverless function to anonymous data. Just send back in to retrain your model. So the need. And so you mentioned serverless. And of course, people say, Well, I could I could handle that just by really smart batch jobs, but kind of one of the other parts of server less that sometimes people forget but smart companies are aware of is that server lists is inherently scalable, so zero to end scalability. So as data is coming in, hitting your Kafka bus, hitting your object store, hitting your database and that if you picked up the the community project to be easy, Um, where something hits your relational database and I can automatically trigger an event onto the Kafka bus so that your entire our architecture becomes event >>driven. All right. Well, Sam, let me give you the funding. Let me let you have the final word. Excuse me on the IBM in this space and what you want them to have his takeaways from Cube con 2020 Europe. >>I'm actually gonna talk to I think, the storage administrators, if that's OK, because if you're not involved right now in the kubernetes projects that are happening within your enterprise, uh, they are happening and there will be new challenges. You've got a lot of investments you've made in your existing storage infrastructure. We had IBM and Red Hat can help you take advantage of the value of your existing infrastructure. Uh, the capabilities, the resiliency, the security of built into it with the years. And we can help you move forward into a hybrid, multi cloud environment built on containers. We've got the experience and the capabilities between Red Hat and IBM to help you be successful because it's still a lot of challenges there. But But our experience can help you implement that with the greatest success. Appreciate it. >>Alright, Sam and Brent, Thank you so much for joining. It's been excellent to be able to watch the maturation in this space of the last couple of years. >>Thank you. >>Alright, we'll be back with lots more coverage from Cube Con Cloud, native con Europe 2020 the virtual event. I'm stew Minimum And thank you for watching the Cube. Yeah, yeah, yeah, yeah