>>Hello everyone Welcome to the cubes coverage of cubic on cloud native come here in person in L A 2021. I'm john ferrier, host of the Cuban Dave Nicholson host cloud host for the cube and of course former host of the cube steve minutemen. Now at red hat stew, we do our normal keynote reviews. We had to have you come back first while hazard and red hat >>john it's phenomenal. Great to see you nice to have Dave be on the program here too. It's been awesome. So yeah, a year and a day since I joined Red hat and uh, I do miss you guys always enjoyed doing the interviews in the cube. But you know, we're still in the community and still interacting lots, >>but we love you too. And Davis, your new replacement and covering the cloud angles. He's gonna bring little stew mo jokes of the interview but still, we've always done the wrap up has always been our favorite interviews to do an analysis of the keynote because let's face it, that's where all the action is. Of course we bring the commentary, but this year it's important because it's the first time we've had an event in two years too. So a lot of people, you know, aren't saying this on camera a lot, but they're kind of nervous. They're worried they're weirded out. We're back in person again. What do I feel? I haven't seen people, I've been working with people online. This is the top story. >>Yeah, john I thought they did a really good job in the keynote this morning. Normally, I mean this community in general is good with inclusion. Part of that inclusion is hey, what are you comfortable with if your remote? We still love you and it's okay. And if you're here in person, you might see there's wrist bands of green, yellow, red as in like, hey, you okay with a handshake. You want to do there or stay the f away from me because I'm not really that comfortable yet being here and it's whatever you're comfortable with. That's okay. >>I think the inclusion and the whole respect for the individual code of conduct, C N C. F and limits Foundation has been on the front end of all those trends. I love how they're taking it to a whole nother level. David, I want to get your take because now with multi cloud, we heard the same message over and over again that hey, open winds, okay. Open winds and still changing fast. What's your take? >>Open absolutely wins. It's uh, it's the present. It's the future. I know in some of the conversations we've had with folks looking back over the last seven years, a lot of things have changed. Um, whenever I think of open source anything, I go back to the foundations of Lennox and I remember a time when you had to reboot a Linux server to re scan a scuzzy bus to add a new storage device and we all sort of put our penguin hats on and kind of ignored that for a while. And uh, and, and as things are developed, we keep coming into these new situations. Multi cluster management was a big, big point of conversation in the keynote today. It's fascinating when you start thinking about something that was once sort of a back room science experiment. Absolutely. It's the center of the enterprise now from a software >>from an open tour standpoint security has been one of those front and center things. One of the day, zero events that got a lot of buzz coming at the beginning of the week was secure supply chain. So with the Solar Wind act going in there, you know, we remember cloud, wait, can I trust it with the security? Open source right now. Open source and security go together. Open source and the security in the cloud all go together. So you know that that wave of open source, obviously one of the things that brought me to red hat, I'd had a couple of decades, you know, working within the enterprise and open source and that that adoption curve which went through a few bumps in the road over time and it took time. But today, I mean open sources have given this show in this ecosystem are such proof >>points of a couple things. I noticed one, I want to do a shout out for the folks who put a nice tribute for dan Kaminsky who has passed away and we miss him. We saw on the Cube 2019, I believe he's on the Cube that year with Adam on big influence, but the inclusiveness do and the community is changing. I think security has changed a lot and I want to get your guys take on this. Security has forced a lot of things happen faster data, open data. Okay. And kubernetes to get hardened faster stew. I know your team's working on it. We know what Azure and amazon is working on it. What do you guys think about how security's been forcing the advances in kubernetes and making that stable? >>Yeah. So john security, you know, is job one, it is everyone's responsibility. We talk about it from a container and kubernetes standpoint. We think we have a relatively good handle on what's happening in the kubernetes space red hat, we made an acquisition earlier this year of stack rocks, which was one of the leading kubernetes native security pieces. But you know, john we know security isn't just a moat anymore in a wall that you put up every single piece. You need to think about it. Um, I've got a person from the stack rocks acquisition actually on my team now and have told him like hey, you need to cross train all of us. We need to understand this more from a marketing standpoint, we need to talk about it from a developer standpoint. We need to have consideration of it. It's no longer, hey, it works okay on my machine. Come on, It needs to go to production. We all know this shift left is something we've been talking about for many years. So yes, security, security, security, we cannot overemphasize how important is um, you know, when it comes to cooper, I think, you know, were relatively mature, we're crossing the chasm, the adoption numbers are there, so it's not an impediment anymore. >>It's totally next level. I don't agree with this too. David, get your thoughts on this whole adoption um, roadmap that put it together, one of the working groups that we interviewed has got that kind of navigate, kinda like trailheads for salesforce, but that speaks to the adoption by mainstream enterprises, not the hard core, >>you know, >>us devops guys, but like it goes into mainstream main main street enterprise had I. T. Department and security groups there, like we got a program faster. How do you see the cloud guys in this ecosystem competing and making that go faster. >>So it's been interesting over the last decade or more often, technology has been ahead of people's comfort level with that technology for obvious reasons, it's not just something went wrong, it's something went wrong. I lost my job. Really, really bad things happened. So we tend to be conservative. Rightfully so in the sometimes there are these seminal moments where a shift happens go back sort of analogous go back to a time when people's main concern with VM ware was how can I get support from Microsoft and all of a sudden it went from that within weeks to how can I deploy this in my enterprise very, very quickly. And I'm fascinated by this concept of locking down the supply chain of code, uh sort of analogous to https, secure, http. It's the idea of making sure that these blocks of code are validated and secure as they get implemented. You mentioned, you mentioned things like cluster and pad's security and infrastructure security. >>Well, David, you brought up a really good point. So get off is the instance creation of that. How can I have my infrastructure as code? How can I make sure that I don't have drift? It's because I could just, it'll live and get hub and therefore it's version controlled. If I try to do something, it will validate that it's there and keep me on version because we know john we talked about it for years on the cube, we've gone beyond human scale if I don't build automation into it, if I don't have the guard rails in place because humans will mess things up so we need to make sure that we have the processes and the automation in place and kubernetes was built for that automation at its core, putting in, we've seen get up the Argosy, D was only went graduated, you know, the one dato was supported as coupon europe. Earlier this year, we already had a number of our customers deploying it using it. Talking publicly >>about it too. I want to get the kid apps angle and that's a good call out there and, and mainly because when we were on the cute, when you work, you post with with us, we were always cheerleading for Cuban. It we love because we've been here every single coupon. We were one saying this is gonna be big trust us and it is, it happens to so, but now we've been kind of, we don't have to sell it anymore. We don't, I mean not that we're selling it, but like we don't have to be a proponent of something we knew was going to happen, it happened. You're now work for a vendor red hat you talk to customers. What is that next level conversation look like now that they know it's real, they have to do it. How is the tops and then modern applications development, changing. What are your observations? Can you share with us from a redhead perspective as someone who's talking to customers, you know, what does real look like? >>Yeah. So get off is a great example of that. So, you know, certain of our government agencies that we work with, you know, obviously very secured about, you know, we want zero trust who do we put in charge of things. So if they can have, you know that that source of truth and know that that is maintained and lockdown and not await some admin is gonna mess something up on us either maliciously or oops, by accident or anything in between. That's why they were pushing that adoption of that kind of technology. So absolutely they, for the most part john they don't want to have to think about the infrastructure piece anymore. What if developers want the old past days was I want to be able to, you know, write once deploy anywhere, live anywhere, containers helps that a little bit. We even have in the container space. Now you can, you can use a service deployment model with Okay. Natives, the big open source project that, you know, VM ware ourselves are working on google's involved in it. So, you know, having us be able to focus on the business and not, you know, running the plumbing anymore. >>That's exactly, that's exactly, that's what we're so psyched for. Okay guys, let's wrap this up and and review the keynote day will start with you. What do you think of the keynote? What were the highlights? What do you take away from the taste keynote? >>So you touched on a couple of things, uh inclusion from all sorts of different angles. Really impressive. This sort of easing back into the world of being face to face. I think they're doing a fantastic job at that. The thing that struck me was something I mentioned earlier. Um moving into multi cluster management in a way that really speaks to enterprise deployments and the complexity of enterprise deployments moving forward? It's not just, it's not just, I'm a developer, I'm using resources in the cloud. I'm doing things this way, the rest of the enterprises doing it a legacy way. It's really an acknowledgement that these things are coming together increasingly. That's what really struck me >>to do. What's your takeaway from the end? >>So there's been a discussion in the industry, you know, what do the next million cloud customers look like we've crossed the chasm on kubernetes. One of the things they announced the keynote is they have a new associate level certification because I tell you before the keynote, I stopped by the breakfast area, saturday table, talk to a couple people. One guy was like, hey, I'm been on amazon for a bunch of years, but I'm a kubernetes newbie, I'm here to learn about that. It's not the same person that five years ago was like, I'm gonna grab all these projects and pull them down from getting, build my stack and you know, have a platform team to manage it from a red hat standpoint, we're delivering our biggest growth areas in cloud services where hey, I've got an SRE team, they can manage all that because can you do it? Sure you got people maybe you'll hire him, but wouldn't you rather have them work on, you know, that security initiative or that new application or some of these pieces, you know, what can you shift to your vendor? What can you offload from your team because we know the only constant is that things are gonna there's gonna be gonna be new pieces and I don't want to have to look at, oh there's another 20 new projects and how does that fit? Can I have a partner or consultant in sc that can help me integrate that into my environment when it makes sense for me because otherwise, oh my God, cloud, So much innovation. How do I grasp what I want? >>Great stuff guys, I would just say my summary is that okay? I'm excited this community has broken through the pandemic and survived and thrived people were working together during the pandemic. It's like a V. I. P. Event here. So that my keynote epiphany was this is like the who's who some big players are here. I saw Bill Vaz from amazon on the on the ground floor on monday night, He's number two at a W. S. I saw some top Vcs here. Microsoft IBM red hat the whole way tracks back. Whole track is back and it's a hybrid event. So I think we're here for the long haul with hybrid events where you can see a lot more in person, V. I. P. Like vibe people are doing deals. It feels alive too and it's all open. So it's all cool. And again, the team at C. N. C. F. They do an exceptional job of inclusion and making people feel safe and cool. So, great job. Thanks for coming on. I appreciate it. Good stuff. Okay. The keynote review from the cube Stupid Man shot for Dave Nicholson. Thanks for watching >>mm mm mm.

>>Hey, welcome to the Cubes coverage of Red Hat Summit 2021, the virtual experience, I'm lisa martin, I have two guests joining me. One is a cube alum kamal Shah is back, he's now the VP of cloud platforms at Brent had come on, it's great to have you back on the program. You're in a new role, we're going to talk about that. Thank you. And Kirsten newcomer is here as well. She's the Director of cloud and Death stickups strategy at Red Hat, Kirsten, Welcome and thank you for bringing the red hat vibe to the segment. >>Absolutely, very happy to be here. >>So looking forward to this conversation that we're going to be having in the next 20 minutes or so. We're gonna be talking about the last time come on, you were on, you were the ceo of stack rocks In January of 2021. The announcement that red hat plans to acquire stack rocks, it wouldn't be talking all about that. But I'd like to start with Kirsten, give us your perspective from red hats perspective, why is red hat a good fit for stack rocks? >>You know, there are so many reasons first of all as as you know, right? Red hat has been working with product Izing kubernetes since kubernetes one dato. Right, so so open shift three dato shipped with kubernetes one dot Oh, so we've been working with kubernetes for a long time, stack rocks embraces kind of is kubernetes native security embraces the declarative nature of kubernetes and brings that to security. Red hats, Custer's red hat enterprise customers, we have a great set across different verticals that are very security conscious and and during my five years at red hat, that's where I spend the majority of my time is talking with our customers about container and kubernetes security. And while there's a great deal of security built in to open shift as it goes to market out of the box, customers need the additional capabilities that stack rock springs. Historically, we've met those needs with our security partners. We have a great ecosystem of security partners. And with the stack rocks acquisition, we're now in a position to offer additional choice. Right. If a customer wants those capabilities from Red hat tightly integrated with open shift, we'll have those available and we continue to support and work with our broad ecosystem of security partners. >>Excellent customers always want choice. Come on. Give me your perspective. You were at the helm the ceo of stack rocks as you were last time you were on the cube. Talk to me about the redhead acquisition from your seat. >>Yeah. So as as Kirsten mentioned, we were partners of red hat. You're part of the red hat partner ecosystem. And uh, what we found is that was both a great strategic fit and a great cultural fit between our two companies. Right? And so the discussions that we had were how do we go and quickly enable our customers to accelerate their digital transformation initiatives to move workloads to the cloud, to containerized them, to manage them through kubernetes and make sure that we seamlessly addressed their security concerns. Right? Because it continues to be the number one concern for large enterprises and medium sized enterprises and frankly any enterprise that uh, you know, uh, working out today. So, so that was kind of the impetus behind it. And I must say that so far the the acquisition has been going on very smoothly. So we had two months in roughly and everybody and has been very welcoming, very collaborative, very supportive. And we are already working hand in hand to to integrate our companies and to make sure that we are working closely together to make our customers successful. >>Excellent. We're gonna talk about that integration in a second. But I can imagine challenging going through an acquisition during a global pandemic. Um but that is one of the things that I think lends itself to the cultural alignment. Kamal that you talked about, Kirsten. I want to get your perspective. We know we talk about corporate culture and corporate culture has changed a lot in the last year with everybody or so many of us being remote. Talk to me about kind of the core values that red hat and stack rocks share >>actually, you know, that's been one of the great joys doing during the acquisition process in particular, Kamal and and ali shared kind of their key values and how they um how they talked to talk with their team And some of the overlap was just so resonated so much for all of us. In particular the sense of transparency, uh, that the, that the team the stack rocks executive team brings and approaches. That's a that's a clear value for red hat um strongly maintained. Uh, that was one of the key things the interest in um uh, containers and kubernetes. Right. So the technology alignment was very clear. We probably wouldn't have proceeded without that. But again, um and I think the investment in people and the independence and the and the strong drive of the individuals and supporting the individuals as they contribute to the offering so that it really creates that sense of community um and collaboration that is key. Uh and and it's just really strong overlap in in cultural values and we so appreciated that >>community and collaboration couldn't be more important these days. And ultimately the winner is the customers. So let's dig in. Let's talk about what stack rocks brings to open shift Kirsten take it away >>man. So as I said earlier, um so I think we we really believe in continuous security at red hat and in defense and depth. And so when we look at an enterprise kubernetes distribution that involves security at the real core os layer security and kubernetes adding the things into the distribution, making sure they're there by default, that any distribution needs to be secured to be hardened, auditing, logging, identity, access management, just a wealth of things. And Red hat has historically focused on infrastructure and platform security, building those capabilities into what we bring to market stack rocks enhances what we already have and really adds workload protection, which is really when it comes down to it. Especially if you're looking at hybrid cloud, multi cloud, how you secure, not just the platform, but how you secure your workloads changes. And we're moving from a world where, you know, you're deploying anti virus or malware scanners on your VMS and your host operating system to a world where those work clothes may be very short lived. And if they aren't secured from the get go, you miss your opportunity to secure them right? You can't rely on, you know, you do need controls in the infrastructure but they need to be kubernetes native controls and you need to shift that security left. Right? You never patch a running container. You always have to rebuild and redeploy if you patch the running container the next time that container images deployed, you've missed, you've lost that patch. And so the whole ethos the whole shift left. The Deb sec ops capabilities that stack rock springs really adds such value. Right? You can't just do DEF SEc or set cops. You need to do a full infinity loop to really have def SEc ops and stack rocks. I'm gonna let Kamal tell you about it, but they have so many capabilities that that really drive that shift left and enable that closed loop. We're just so excited that they're part of our offerings. >>So can you take us through that? How does stack rocks facilitate the shift left? >>Yeah, absolutely. So stack rocks, which we we announced at summit is now being rebranded as red hat. Advanced cluster security was really purpose built to help our customers address the use cases across the entire application lifecycle. Right? So from bill to deploy to run time. So this is the infinite loop that Kirsten mentioned earlier and one of our foundations was to be kubernetes native to ensure that security is really built into the application is supposed to bolt it on. So specifically, we help our customers shift left by securing the supply chain and we're making sure that we identifying vulnerabilities early during the build process before they make it to a production environment. We helped them secure the infrastructure by preventing miS configurations again early in the process because as we all know, MIS configurations often lead to breaches at at runtime. Right? We help them address uh compliance requirements by ensuring that we can check for CS benchmarks are regulatory requirements around the C I P C I, hip hop and this and and that's uh you know, just focusing on shift left, doesn't really mean that you ignore the right side or ignore the controls you need uh when your applications are running in production. So we help them secure that at runtime by identifying preventing breaches the threat detection, prevention and incident response. >>That built in security is you both mentioned that built in versus bolt on Kirsten? Talk to me about that, that as really kind of a door opener. We talked a lot about security issues, especially in the last year. I don't know how many times we've talked about miS configurations leading to breaches that we've seen so many security challenges present in the last year. We talked to me a little bit Kirsten about >>what >>customers appetites are for going. All right now, I've got cloud native security, I'm going to be able to, I'm going to feel more comfortable with rolling out production deployments. >>It's, it's a great place to go. So there are a number of elements to think about. And if I could, I could, I could start with by building on the example that Kamal said, Right, So when we think about um I need to build security into my pipeline so that when I deliver my containerized workloads, they're secure. What if I miss a step or what if a new vulnerability is discovered after the fact? Right. So one of the things that stack rocks or redhead a CS offers is it has built in policy checks to see whether a container or running image has something like a package manager in it. Well, a package manager can be used to load software that is not delivered with the container. And so the idea of ensuring that you are including workload, built in workload, protect locks with policies that are written for you. So you can focus on building your applications. You don't necessarily have to learn everything there is to know about the new attack vectors that are really just it it's new packaging, it's new technology. It's not so much there are some new attack vectors, but mostly it's a new way of delivering and running your applications. That requires some changes to how you implement your security policies. And so ensuring that you have the tools and the technology that you're running on have those capabilities built in. So that when we have conversations with our security conscious customers, we can talk with them about the attack vectors they care about. We can illustrate how we are addressing those particular concerns. Right? One of them being malware in a container, we can look for stack. Rocks can look for a package manager that could be used to pull in, you know, code that could be exploited and you can stop a running container. Um, we can do deeper data collection with stack rocks. Again, one of the challenges when you're looking at moving your security capabilities from a traditional application environment is containers come and go all the time. In a kubernetes cluster nodes, your servers can come and go in a cloud native kubernetes cluster, right? If you're running on on cloud public cloud infrastructure, um, those things are the nodes are ephemeral to, they're designed to be shut down and brought back up. So you've got a lot more data that you need to collect and that you need to analyze and you need to correlate the information between these. Right? I no longer have one application stack running on one or more VMS, it's just things are things are moving fast so you want the right type of data collection and the right correlation to have good visibility into your environment. >>And if I can just build on that a little bit. The whole idea here is that these policies really serve as god rails right for the developers. So the it allows developers to move quickly to accelerate the speed of development without having to worry about hundreds of potential security issues because there are guardrails that will notify that with concrete recommendations early in the process. And the analogy I often use is that you know the reason we have breaks in our cars, it's not to slow us down but to allow us to go faster because we know we can slow down when we need to write. So similarly these policies are really it's really designed to accelerate the speed of development and accelerate digital transformation initiatives that our customers are embarking on >>and come on. I want to stick with you on the digital transformation front. We've talked so much about how accelerated that has been in the last year with everything going on in such a dynamic market. Talk to me Kamal about some of the feedback that you've gotten from stack rocks customers about the acquisition and how it is that maybe that facilitator of the many pivots that businesses have had to do in the last year to go from survival mode to thriving business. >>Yeah. Yes, absolutely. The feedback from all of our customers bar none has been very very positive. So it's been it's allowed us to invest more in the business and you know, we publicly stated that we are going to invest more in adding more capabilities. We are more than doubling the size of our teams as an example. And really working hand in hand with our uh the broader team at Red had to uh further accelerate the speed of development and digital transformation initiatives. So it's been extremely positive because we're adding more resources, We're investing more. We're accelerating the product roadmap uh based on uh compared to what we could do as a, as a start up as you can imagine. And and the feedback has been nothing but positive. So that's kind of where we are today. And what we're doing with the summit is rolling out a new bundle called open shift uh, Open shift platform plus, which includes not just Red hat A CS which used to be Stock rocks, but also red hat open shift hybrid cloud platform as well as Red hat advanced uh container cluster management, ACM capabilities as well as create the container registry. So we're making it easier for our customers to get all the capabilities that they need to for the drive digital transformation initiatives to get. It goes back to this whole customer centric city team that red hat has, that was also core value of stack rocks and and the winner and all of this, we believe ultimately is our, our our customers because that's where we exist to serve them, >>right. And I really like that if I could chime in kind of on top of that a little bit. Um so, so I think that one of the things we've seen with the pandemic is more of the red Hat customers are accelerating their move to public cloud and away from on premises data centers. Uh and and you know, that's just part partly because of so many people working remotely. Um it just has really pushed things. And so with Hybrid cloud becoming even more key to our joint customer base and by hybrid cloud, I mean that they have some environments that are on premises as they're making this transition. Some of those environments may stay that footprint may stay on premises, but it might be smaller, they may not have settled on a single public cloud. They could, in fact, they often are picking a public cloud based on where their development focuses. Google is very popular for ai and ml workloads. Amazon of course is just used, you know, by pretty much everybody. Um and then Azzurri is popular with um a subset of customers as well. And so we see our customers investing in all of these environments and stack rocks red hat A CS like open shift runs in all these environments. So with open shift platform plus you get a complete solution that helps with multi cluster management with a C. M with security across all of these environments, right? You can take one approach to how you secure your cluster, how you secure your workloads, how you manage configurations, You get one approach no matter where you're running your containers and kubernetes platform when you're doing this with open shift platform plus. So you also get portability. If today you want to be running an amazon maybe tomorrow you need to spin up a cluster in google, you can do that if you're working with the K s or G K E, you can or a Ks, you can do that with red hat a CS as well. So we really give you everything you need to be successful in this move and we give you back to that choice word, right? We give you the opportunity to choose and to migrate at the speed that works for you. >>So that's simplicity. That streamlining. I gotta ask you the last question here in our last couple of minutes. Come on, what's the integration process been like? as we said the acquisition just a couple of months in. But talk to me about that integration process. What that's been like? >>Yeah, absolutely. So as I mentioned earlier, the process has been very smooth so far, so two months in and it's largely driven by the common set of culture and core values that exists between our two companies. And so uh you know, from a product standpoint, we've been working hand in hand because I mentioned earlier, we were partners are working hand in hand on accelerating the road map the joint roadmap that we have here uh from a go to market perspective teams are well integrated. We are going to be rolling out the rolling out the bundle and we're gonna be rolling out additional uh options for our customers. We've also publicly announced that will be open sourcing uh red hat A. C. S. Uh formerly known as Stock Rock. So stay tuned for further news and that announcement. And, and so you know, uh, again two months and everybody's been super collaborative. Super helpful, super welcoming. And the team is the well settled and we're looking forward to now focusing on our primary objective is just to make sure that our customers are successful. >>Absolutely. That customer focus is absolutely critical. But also so is the employee experience. And it sounds like we both talked about the ethos and the and the core value alignment. They're probably being pretty critical to doing an integration during a very challenging time globally. I appreciate both of you joining me on the program today, sharing what's going on stack rocks now asks the opportunities for customers to have that built in cuBA and the security. Thanks so much for your time. >>Thank you. Thank >>you for Camel shaw and Kirsten newcomer. I'm lisa martin. You're watching the cubes coverage of Red Hat Summit, The virtual experience. Mhm