from the cube studios in palo alto in boston bringing you data driven insights from the cube and etr this is breaking analysis with dave vellante over the past 150 days virtually everybody that i know in the technology industry has become an expert on covid in some way shape or form we've all lived the reality that covet 19 has accelerated by at least two years many trends that were in motion well before the virus hit the cyber security sector is no exception and one of the best examples where we have witnessed the accelerated change hello everyone and welcome to this week's episode of wikibon cube insights powered by etr in this breaking analysis we'll update you on the all-important security sector which remains one of the top spending priorities for organizations and i want to give you a shout out to my colleague eric bradley from etr who gave me some really good data and some macro insights as well as some anecdotal data from csos for this episode let's take a look at the big picture first now for many years we've talked about the shifting patterns in networking moving from what's often referred to as a north-south architecture meaning a hierarchical network that supports you know age-old organizational structures well today the network is flattening into what they often refer to as an east-west model and the moat or perimeter it's been vaporized the perimeter is now wherever the user is and users are at home or they're at their beach houses thanks to kovid now this is a bad actor's dream as the threat surfaced has expanded by orders of magnitude and as we've said in the past the adversary is well funded extremely capable and highly motivated because the roi of infiltration and exfiltration is outstanding the cso's job quite simply stated is to lower that return on investment now the other big trend that we see is that the cloud and sas are reducing reliance on hardware-based solutions like traditional firewalls because so many workers are now at home they're in their accessing sensitive data identity and endpoint security are exploding xdr or extended detection and response and zero trust networks are on the rise organizations are increasingly relying on analytics and automation to detect and remediate threats you know alerts just don't cut it anymore i need action and so to do so they're turning to a number of best of breed point products that have the potential to become the next great security platforms and this is setting up an epic battle between hot startups that are growing very very quickly and entrenched incumbents that really aren't going to go down without a fight finally while security is clearly a top spending priority customers and their cfos continue to be somewhat circumspect with respect to how much they allocate toward security budgets especially in the context of a shrinking i.t spending climate that we have said is dropping between five and eight percent in 2020. now security is critical but even in these times spending is governed by these tight budgets well cyber remains a top category in the etr taxonomy in terms of its presence in the data set what this chart tells us is that cios and i.t buyers have other priorities that they have to fund this data shows a comparison of net scores over three survey dates october of last year april and july net score remember is an indicator of momentum which is calculated by subtracting the percent of customers spending less on the technology from those spending more it's more complicated than that but that's that's the basics and you can see that at a 29 net score the security sector is just one of many priorities that i.t buyers face now remember this is the july survey and it's asking customers are you planning to spend more or less in the second half of 2020 relative to the first half and it's a forward-looking metric so what may be happening here is that the height of the lockdown and in the u.s anyway and the pivot to work from home organizations were spending heavily and are now fine-tuning those investments and maybe addressing other digital priorities let's look back and do some pre and post-covet assessments of various players within the etr data set i'm gonna go fairly quickly through these next slides but i want to give you a perspective as to how the security landscape and the vendor momentum has changed in the past eight months first i'm going to take you back to the january data set we actually originally did this exercise last year and then we updated it right at the beginning of 2020. the chart shows the top-ranked cyber security companies based on two metrics the left-hand side sorts the data and ranks companies based on net score or spending momentum and the right-hand side shows the ranking by shared n which is a measure of the pervasiveness of a company in the data set i.e the number of mentions that they get in the sector and what we did is we gave four stars to those companies that showed up in the top of both of those rankings and two stars to those that were close so you can see that microsoft splunk palo alto and proofpoint as well as octa and crowdstrike and then we added z scalar in january as new and then cyber arc software all got four stars then we gave cisco and fortinet two stars now this next chart shows the same thing at the height of the u.s lockdown now you may say okay what's the difference there's still microsoft palo alto proof point octa cyber arc z scaler and crowdstrike at four stars with cisco and fortnite having two star stars splunk fell off but that's it well what's different is instead of making the cut the top 22 which we did last time we narrowed it down to the top ten in order for a company to make that grade so if we had done that in january octa crowdstrike zscaler and cyberark they wouldn't have made the cut but in april they did as their presence in the dataset grew and we strongly believe this is a direct result of the work from home pivot crowdstrike endpoint octa identity access management z-scaler cloud security and they're disrupting traditional appliance-based firewalls now just to note we placed dell emc which was rsa and ibm in the list just for context now let's take a look at the most recent july survey now a lot of i'm out on a limb a little bit here because many of these companies they haven't reported yet so we don't have full visibility on their business outlook but we show the same data for the most recent survey the red line that you see there is the top 10 cutoff point and you can see splunk which didn't make the cut in april is back on the four-star list it's very possible buyers took a pause last quarter and focused attention on work from home but splunk continues to impress as it shifts toward the subscription model that we've talked about in the past splunk has a very strong hold on the sim space but everyone wants a piece of splunk especially some of the traditional firewall companies who they're seeing their hardware business dying so we're watching the competition from these players but also some other players like tennable now proof point fell off the four-star list because its net score didn't make the top ten crowdstrike cyber arc and zscaler also fell back because they dropped below the top 10 in shared in but we still really like these companies and expect them to continue to do well you know it could be some anomalies in the survey but we're trying to be as transparent as possible with you share the data listen to it interpret it and really adjust our models accordingly each quarter now let me make a few points and try to interpret what might be happening here first i want to point out octa pops to the top of the net score ranking overtaking crowdstrike's momentum from the last survey now one customer in the financial services sector told eric bradley on a recent then we're seeing amazing things from octa but the traditional firewall companies are stepping into identity they may not be best of breed but they have a level of integration and that's appealing to this individual this person also specifically called out palo alto and fortinet is trying to encroach on that space so keep your eyes on that now crowdstrike has declined noticeably which surprised us z z scalar is actually showing more momentum relative to the last survey so that's a positive palo alto and microsoft are consistently holding serve and continue to be leaders proof point and cyber arc are showing a bit of a velocity drop and sales point and tenable are also catching our attention in this survey and of course sales sale point which is identity management had a great quarter and reinstituted its guidance giving us the benefit of hindsight on its performance so it was actually pretty easy to give them two stars now just a side note by the way we've cut the data here with those companies that have more than 50 mentions in the sector we didn't do that the first time we did this we allowed companies with less than 50. so we're trying to tighten that up a bit so we still maintain strongly that you're seeing cloud endpoint and identity as the big security themes here csos need tools to be responsive they don't want to just get an alert secops pros would rather immediately shut off access and risk pissing off a user than getting hacked and companies are increasingly turning to ai to detect and they're relying on automation to remediate or protect and fence off critical resources let's now look at the two players or players in our two-dimensional view followers of this program know that we like to plot vendors within a sector across two of our favorite metrics net score or spending momentum which is a simple metric that tracks those spending more versus less on the technology and market share which measu measures a vendor's pervasiveness in the data set and it's calculated by taking the number of mentions a vendor gets within a sector divided by the total responses what we show here are the key security players that we've highlighted over the last several quarters let me start with microsoft microsoft has consistently performed well in the security sector as well as other parts of the etr taxonomy as you know they have a huge presence in the survey which is indicated on the horizontal axis and you can see they have a very solid net score which is shown on the y-axis impressive for a company their size now one interesting thing is you don't see aws in this chart and it's because aws and microsoft at least so far have somewhat different strategies with respect to security microsoft with its long application software history and sas presence across office 365 and sharepoint etc with active directory has been really focused on selling security solutions to directly protect its apps they have offerings like defender atp which is advanced threat protection sentinel which is microsoft sim cloud offering azure identity access management and the company's really going hard after this space now aws of course prioritizes security but they don't show an etr data set the same way microsoft does it's almost like aws is hiding in plain sight look aws has always put a great deal of emphasis on security and securing its infrastructure like the s3 buckets and it's you know it announced iam for ec2 way back in 2012. and last year at its reinforced conference you saw an impressive focus on security in a burgeoning security ecosystem in fact when you think of getting started in aws you really think about three things ec2 s3 and iam so i'd expect to see aws really become more prominent over time in the data set now i'll spend a minute talking about octa for the first time since we've been analyzing the security space with etr data octa has the highest net score at 58 percent it had consistently been crowdstrike with this moniker and the momentum lead the company though is dropped in this quarter survey and that's something that we're watching and by the way we're not implying that octa and crowdstrike are direct competitors they're not now as you can see nonetheless that crowdstrike z scalar and sales point sale sale point show very elevated net scores and we've plotted tenable here which is also showing some strength so you can see the respective positions of proof point and fortinet these are more mature companies they were founded in the early part of the century so you'd expect them to have somewhat lower net scores given their history and maturity and then there's cisco they've got a huge presence in the data and big in security cisco's doing really well in that space it consistently grows its security business in the double digits each quarter and it's a real feather in the cisco portfolio cap this is important because cisco's traditional hardware business continues to come under pressure splunk we talked about a lot and it's no surprise at their leadership position but i want to talk a little bit more about palo alto networks here's a company that we've talked about quite a bit in the past they are a tier one player in security they got great service csos want to work with them because they are thought leaders they're like a gold standard and have an impressive portfolio of great solutions but their traditional firewall business is coming under pressure for the reasons that we discussed earlier now palo alto has expanded its portfolio into the cloud and with prisma the company's suite of security services it will maintain a leadership position in our view but palo alto networks as we've discussed had some missteps with its product transition its sales execution and some of some challenges with its pricing models and it hurt their stock price but we've always said that they would work through these issues and that that was a buying opportunity the other thing about palo alto is you know they're considered the expensive choice you got to pay for that gold standard but that's what customers you know will tell us and so you're paying up for those top tier offerings but that's a sort of two-edged sword for palo alto here's an example why people often compare fortinet to palo alto and as we've shared in previous segments the valuation divergence between palo alto and fortinet where the the latter was making a smoother transition to its future and people often tell us that fortinet well you know maybe it's considered not as elite as palo alto they are a value choice their stuff just works and fortinet is a great alternative to palo alto and that has served them very well now let's take a closer look at the valuations of some of these companies we started off this segment by saying that the pandemic has affected every sector and especially cyber security so the next chart that we're showing here is the progression of key valuation metrics since earlier this year what we show are the valuations of nine of the companies in the sector since mid-february the data tracks their respective valuations their revenue multiples their growth rates in both value and revenue revenue growth is shown in the last column for the most recent quarterly report now the companies in red have yet to report the report any day now so he said i'm flying a little bit blind here and we'll have to take a look after the earnings to see how the survey data aligns with the actual results but let me make a few points here first here's the s p in nasdaq performance you see it in february in june and august pandemic recession what are you talking about you'd never know it looking at this data the nasdaq especially is up 14 said since mid february which is quite astounding next i want to come back to the discussion about palo alto and fortinet fortinet already has reported this quarter and palo alto has not but you can see based on the revenue multiples highlighted in red that the valuation divergence is starting to shrink a little bit and we'll see if that holds up after palo alto reports now the big eye popper in this chart is the valuation increases from february to august for octa crowdstrike and z scalar 52 67 and 104 percent increase respectively now you can't say we didn't warn you that these companies were all well positioned when we reported last year and in our january episode but i did say actually to be honest in the last episode that these three i thought were getting a little expensive that was a couple months ago and since then they've continued to run up so if you've been waiting for an entry point based on my advice well i'm sorry for that but look at the revenue multiples look at the expansion in the orange octa goes from 34x to 52x crowdstrike from 39x to 66x z scalar 25x to 43x i mean wow let's see what happens after these three report by this time i would have hoped that they'd taken a little breather maybe over the summer and you could have jumped in to these stocks but they just keep going up and despite the decline in net score for crowdstrike i still really like all three of these companies and feel that they're very well positioned from a product standpoint and customer feedback perspective and finally i want to mention sale point which we said last time was one to watch sale point crushed its quarter bringing in some large deals and providing forward guidance nearly a 50 percent valuation increase since february in a revenue multiple expansion from last quarter where the street last quarter wasn't really thrilled with their numbers but identity management is hot and so now is sales point from the streets perspective the last thing i'll say here is watch the growth rates expectations are very high for some of these companies and the street will cream any of them that misses now that may be your opportunity to jump in because i like these companies i think they're disruptors but as always do your research and watch out for the big whales trying to freeze the markets on these guys all right let's wrap up we've covered a lot of ground today and surf the landscape a little bit so look the trend is plain as day the move to sas is entrenched and by the way this isn't necessarily all good news for buyers cios and cfos tell me that the dark side of capex to opex is unpredictable bills but the flexibility and business value gained is outweighing the downside and every vendor in this space is transitioning into a sas and annual recurring revenue model we believe the remote work trend is here to stay organizations are re-architecting their business around work from home and we think that they're seeing some real benefits they've made investments and it's driving new modes of work and productivity they're not just going to throw away those investments why should they what just to go back to the old way it's not going to happen and if we as we've said previously look the internet it's like the new private network so you've got a question vpns and sd-wan they start to look like stop gaps and of course you know the cloud endpoint security cloud-based iam they are clearly winning in the marketplace you know we're also seeing new security regimes emerge where the cso and the secops team are not this island we we've seen even some csos falling back under the cio which used to be taboo he used to be thought of that's like the fox guarding the hen house but this idea of shared responsibility is not just between the cloud providers and the secops teams because security is a board level priority everyone in the business is becoming more aware more attuned and despite the millennials fascination with and undotted courage when it comes to tick tock i digress now the last two points are interesting i remember reading a post by john oltzek who was an esg security analyst and he predicted last year that integrated suites would win out over the buffet of point products on the market and you know generally i i agreed with that assessment but look at least in the near term and probably mid-term that doesn't seem to be happening as we we've seen these hot companies really take off the ones that we've highlighted now these companies have ambitions beyond selling products and they would bristle at me lumping them into point products their boards are going after platform plays so they're on a collision course with each other and the big guys this should be fun to watch because the big integrated companies are well funded they got great cash flow they got large customer bases and and i've said they're not going down without a fight so i would expect eventually there's going to be more of an equilibrium to what seems to be right now a bifurcated and unbalanced market today so you're going to see more m a activity expect that however at these valuations some of these companies that we've highlighted they're becoming acquisition proof as such they'd better keep innovating or they're going to be in big trouble all right that's it for today remember these episodes are all available as podcasts wherever you listen so please subscribe i publish weekly on wikibon.com we've added in the wikibon menu bar a breaking analysis link that has all the episodes in there i also publish on siliconangle.com so check that out and please do comment on my linkedin posts don't forget to check out etr.plus for all the survey action get in touch on twitter i'm at d vellante or email me at david.vellante at siliconangle.com this is dave vellante for the cube insights powered by etr thanks for watching everybody be well and we'll see you next time [Music] you

>>from San Francisco. It's the queue every day to thank you. Brought to you by day to like you. Hey, >>welcome back already, Jeffrey. Here with the Cube were a day to IQ's headquarters in downtown San Francisco. They used to be metal sphere, which is what you might know them as. And they've rebranded earlier this year. And they're really talking about helping Enterprises in their journey to cloud native. And we're really excited to have really one of the product guys he's been here and seeing this journey and how through with the customers and helping the company transforming his Chandler hosing tonight. He's the s VP of engineering and product. Chandler, great to see you. Thanks. So, first off, give everyone kind of a background on on the day to like you. I think a lot of people knew mesosphere. You guys around making noise? What kind of changed in the marketplace to to do a rebranding? >>Sure. Yeah, we've been obviously, Mason's here in the past and may so so I think a lot of people watching the cube knows No, no one knows about Mace ose as as we were going along our journey as a company. We noticed that a lot of people are also asking for carbonates. Eso We've actually been working with kubernetes since I don't know 16 4017 something that for a while now and as Maur Maur as communities ecosystem starting involving mature more. We also want to jump in and take advantage of that. And we started building some products that were specific to kubernetes and eso. We thought, Look, you know, it's a little bit confusing for people May, SOS and Kubernetes and at times those two technologies were seen almost as competitive, even though we didn't always see it that way. The market saw it that way, so we said, Look, this is going too confusing for customers being called Mesa Sphere. Let's let's rebrand around Maur what we really do. And we felt like what we do is not just focus around one specific technology. We felt like we helped customers with more than that more than just may so support more than just community support, Andi said. Look, let's let's get us a name that shows what we actually do for customers, and that's really helping them take their workloads and put them on on Not just, you know, um, a source platform, but actually take their workloads, bring them into production and enterprise way. That's really ready for day two. And that's that's why we called it data. >>And let's unpack the day to, cause I think some people are really familiar with the concept of day two. And for some people, they probably never heard it. But it's a pretty interesting concept, and I think it packs a lot of meaning in it. A number of letters. I think you >>can kind of just think about it if you were writing software, right? I mean, Day zero is okay. We're gonna design it. We're gonna start playing with some ideas. We're gonna pull into different technologies. We're gonna do a POC. We're gonna build our skateboards. So to say, that's kind of your day. Zero. What do we want? Okay, we're gonna build a Data Analytics pipeline. We want spark. We're going to store data. Cassandra, we're gonna use cough. Go to pass it around. We're gonna run our containers on top of communities. That's just kind of your day. Zero idea. You get it working, you slap it on a cluster. Things are good right? Day one might be okay. Let's actually do a beta put in production in some kind of way. You start getting customers using it. But now, in Day two, after all that's done, you're like, Wait a second. Things were going wrong. Where's our monitoring? We didn't set that up. Where's our logging? Oh, I don't know. Like, >>who do we >>call this? Our container Run time, we think has above. Who do we call like? Oh, I don't know What support contract that we cut, Right? So that's the things that we want to help customers with. We want to help them in the whole journey, getting to Day two. But once they're there, we want them to be ready for day two, right? And that's what we do. >>I love it because one of my favorite quotes I've used it 1000 times. I'll do 2001 right? Is that open source is free like a puppy. Exactly for you. When you leave you guys, you're not writing a check necessarily to the to the shelter, But there's a whole lot of other check. You got a right and take care of. And I think that's such a key piece. Thio Enterprise, right. They need somebody to call when that thing breaks. >>Yeah. I mean, I haven't come from enterprise company. I was actually a customer basis Fear before I joined. Yeah, that's exactly why we're customers that we wanted. Not only that, insurance policy, but someone that partner with us as we start figuring this out, you know? I mean, just picking. You know what container run time do I want to use with communities? That one decision could take months if you're not familiar with it. And you you put a couple of your best architects on it. Go research container. You go research, cryo go research doctor. Tell me what's what's the best one we should use with kubernetes. Whereas if you're going, if you have a partnership with a company like day two, you can say, Look, I trust these. You know this company, they they're they're experts of this and they see a lot of this. Let's go with their recommendation. It's >>okay. So you got you got your white board. You've got a whole bunch of open source things going on, right? And you've got a whole bunch of initiatives and the pressure's coming down from from on high to get going, you've got containers, Asian and Cloud native and hybrid Cloud all the stuff. And then you've got some port CEO on his team trying to figure it out. You guys have a whole plethora of service is around some of these products. So as you try it and then you got the journey right and you don't start from from a standing start. You gotta go. You gotta go. So how do you map out the combination of how people progress through their journey? What are the different types of systems that they want to put in place and into, prioritize and have some type of a logical successful implementation and roll out of these things from day zero day 132? No, it's >>a great question. I think that's actually how we formed our product. Strategy is we've been doing this for a while now and we've we've gone. We've gone on this journey with really big advanced customers like ride sharing companies and large telcos customers like that. We've also gone on this journey with smaller, less sophisticated customers like, you know, industrial customers from the Midwest. Right? And those are two very, very different customers. But what's similar is they're both going on the same journey we feel like, but they're just at different places. So we wanted to build products, find the customer where they're at in their journey, and the way we see it really is just at the very beginning. It's just training, right? So we have, ah, bunch of support. We're sorry. Service is around training. Help you understand? Not just kubernetes, but the whole cloud native ecosystem. So what is all this stuff? How does it work? How does it fit together? How do I just deploy simple app to right? That's the beginning of it. We also have some products in that area as well, to help people scale their training across the whole whole organization. So that's really exciting for us once once, once that customer has their training down there like Okay, look, get I need a cluster now, like I need a destroyer of sorts and criminals itself is great, but it needs a lot of pieces to actually get it ready for prime time. And that's where we build a product called Convoy Say Okay, here is your enterprise great. Ready to go kubernetes destro right out of the box. And that product is really it's what you could use to just fiddle around with communities. It's also what you put into production right on the game. That's that's been scale tested, security tests and mixed workload tested. It's everything. So that's that's kind of our communities. Destro. So you've gotten your training. You have your destro and now you're like, OK, I actually wanna want to run some applesauce. >>Let me hold there. Is it Is it open corps? Or, you know, there's a lot of conversation in the way the boys actually >>the way we built convoy. It's a great question. The way we build convoys said, Okay, we don't We want to pick the best of breed from each of these. Have you seen the cloud native ecosystem kind of like >>by charter, high charter, whatever it is, where they have all the logos and all the different spiral thing. So it's crazy. Got thousands of logos, right? And >>we said, Look, we're gonna navigate this for you. What's the best container run time to pick. And it's It's almost as if we were gonna build this for ourselves using all open source technology. So convoys completely opens. Okay, um, there's some special sauce that we put in on how to bring these things together. Install it. But all the actual components itself is open source. Okay, so that's so if you're a customer, you're like, OK, I want open source. I don't want to be tied to any specific vendor. I want to run on Lee open. So >>yeah, I was just thinking in terms of you know, how Duke is a reference right. And you had, you know, the Horton worst cloud there and map our strategies, which were radically different in the way they actually packaged told a dupe under the covers. Yeah, >>you can think of it similar. How Cloudera per ship, Possibly where they had cdh. And they brought in a lot of open source. But they also had a lot of proprietary components to see th and what we've tried to get away from it is tying someone in tow. Us. I know that sounds counterintuitive from a business perspective, but we don't want customers to feel like if I go with D to like you. I always have to go with me to like you. I have to drink the Kool Aid, and I'm never gonna be able to get off. >>Kind of not. Doesn't really go with the open source. Exactly this stuff. It's not >>right for our customers, right? A lot of our customers want that optionality, and they don't want to feel locked in. And so when we built convoy, he said, Look, you know, if we were to start our own company, not not an infrastructure coming that we are right now, but just a software company build any kind of ab How would we approach it? And that was one of the problems we saw for We don't wanna feel like we're tied into any. >>Right. Okay, so you got to get the training, you got the products. What's >>next? What's next is if you think about the journey, you're like, OK, a lot. What we've found and this may or may not be totally true is one of the first things people like to run on committees is actually they're builds. So see, I see. And we said, How can we help with this. We looked around the market and there's a lot of great see, I see products out there right now. There's get lab, which is great partner of ours. It's a great product. There's there's your older products. Like Jenkins. There's a bunch of sass products, Travis. See all these things. But what we we wanted to do if we were customers of our own products is something that was native to Kubernetes. And so we started looking at projects like tectonic and proud. Some of these projects, right? And we said, How can we do the same thing we did with convoy where we bring these projects together and make it easy for someone to adopt these kubernetes native. See, I see tools. And we did some stuff there that we think is pretty innovative as well. And that's what that's the product we call dispatch. >>Okay. What do you got? More than just products. You've got profession service. That's right. So now >>you need help setting all this up. How do you actually bring your legacy applications to this new platform? How do you get your legacy builds onto these new build systems That that's where our service is coming the plate and kind of steer you through this whole journey. Lastly, what we next in the journey, though? Those service's compliment Really? Well, with with the kind of the rest of the product suite, right? And we didn't just stop with C i c. He said, what is the next type of work that we want to run here? Okay, so there we looked at things like red hat operators. Right? And we said, Look, red hats doing really cool thing here with this operator framework, how can we simplify it? We learn we've done a lot of this before with D. C. O s, where we built what we called the DCS sdk to help people bring advanced complex workloads onto that platform. And we saw a lot of similarities with operators to our d c West sdk. We said, How can we bring some of our understanding and knowledge to that world? And we built this open source product called kudo. Okay, people are free to go check that out. And that's how we bring more advanced workload. So if you think about the journey back to the journey again, you got some training you have your have your cluster, you put your builds on it. Now you want to run some advance work logs? That's where Kudo comes. >>Okay? And then finally, at the end of the trail is 1 800 I need help. Well, almost into the trail. We're not there yet. There was one thing they're still moving with one more step right on >>the very last one. Actually, we said, Okay, what's next in this journey? And that's running multiple clusters of the same. Okay, so that's kind of the scale. That's the end of the journey from for us, for our proxy as it stands right now. And that's where you build a product called Commander. And that's really helping us launch and manage multiple >>companies clusters at the same time. >>So it's so great that you have the perspective of a customer and you bring that directly in two. You know what you want because you just have gone through this this journey. But I'm just curious, you know, if you put your old hat on, you know, kind of c i o your customer. You know, you just talked about the cake chart with Lord knows how many logos? How do you help people even just begin to think about about the choices and about the crazy rapid change in what? That I mean? Kubernetes wasn't a thing four years ago to help them stay on top of it to help them, you know, both kind of have a night to the vision, you know, make sure you're delivering today on not just get completely distracted by every bright, shiny object that happens to come along. Yeah, no, >>I think it's really challenging for the buyers. You know, I think there's a, especially as the industry continues to make sure there's a new concept that gets thrown at all times. Service Manager. You know, some new, cool way to do monitoring or logging right? And you almost feel like a dinosaur. If you're not right on top of these things to go to a conference in, are you using? You know, you know B P f. Yet what is that? You didn't feel right? Exactly. I think I think most importantly, what customers want is the ability what, the ability to move their technology and their platforms as their business has the need. If the need isn't there for the business, and the technology is running well. There shouldn't be a reason to move to a new platform. Our new set of technologies, in fact, with dese us with Mason charities. To us, we have a lot of happy customers that are gonna be moving crib. Amazing if they wanted to anytime soon. Do you see What's that? Something's that criminal is currently doesn't do. It may never do because the community is just not focused on it that DCS is solving. And those customers just want to see that will continue to support them in the journey that they're on with their their business. And I think that's what's most important is just really understanding our customer's understanding their business, understand where they wanna go. What are their goals, So to say, for their technology platforms and and making sure you were always one step ahead >>of them, that's a >>good place to be one step ahead of demand. All right, well, thanks for for taking a few minutes and sharing the story. Appreciate it. Okay. Thank you. All right. Thanks. Chandler. I'm Jeff. You're watching >>the Cube. Where? Day two. I >>Q in downtown San Francisco. Thanks for watching. We'll see you next time

(upbeat intro) >> From our studios in the heart of Silicon Valley, Palo Alto California, this is a CUBE conversation. >> Hello everyone, welcome to the Palo Alto studios of theCUBE, I'm John Furrier host of theCUBE, we're here with a special power panel on industrial IOT, also known as IIOT, industrial IOT, and cybersecurity, with the theme being apocalypse now or later, when will the rug be pulled out from everyone, when will people have to make a move on making sure that the network and security are all teed up and all locked down, as IOT increases the surface area of networks, industrial IOT, where critical equipment or infrastructure is being run for businesses. Got a great panel here, we got Gabe Lowy who's the founder and CEO of Tectonic Advisors, and author of an upcoming research paper on this particular topic. Bryan Skene, vice president of product development at Tempered Networks, and Greg Ness, the CMO, who happened to be available to join us from Tempered Networks as well. Guys, thanks for spending the time to come on this power panel. >> Great to be here. >> So, convergence is a theme we've heard every wave of innovation, the convergence of this, the convergence of networks and apps. Now more than ever, there's a confluence of multiple waves of convergence happening, you're seeing it right now, infrastructure turned into cloud, big data turned into machine learning and AI, you've got future infrastructure like Blockchain around the corner, but in the middle of all this, the security, data, networking, this is kind of the beginning of a cloud 2.0 dynamic, where pure cloud is great for computing network, you native born in the cloud, you scale it up, it's great. Still got challenges but if you're a large company, and you want to actually operate cloud scale anything, and have instrumentation, internet of things, devices, sensors, in factory's, in plants, in cars, your game is changing, if it's connected to the network, it's got power and connectivity, a terrorist, a hacker, a digital terrorist can come in and do all kinds of damage. This is the topic. So Greg, we talked about this panel, what was the motivation for this, what's your thoughts? >> Well, it occurred to us that you know, as you look at all the connectivity that's you know, underway, billions of devices being connected, the level of scale, complexity, and the porosity of what's being connected, is just really incomprehensible, to the people that developed the internet, and it's raising a lot of issues. All around, basically, the number of devices the inability to protect and secure and update those devices, and the sheer amount of money and effort that would have to be applied to protect them is beyond the scope of current IT security stuff. IT's not ready. >> IT, certainly, you and I talk about this all the time, but you know, I love the hype and you know, digital transformation's going to save the world Gabe, talk about the dynamics because the title of this panel, really the subtitle is apocalypse now or later, and this seems to be the modus operandus is that you know, you know what has to hit the fan before any action is taken, you see Capital One, there isn't a day gone by where there's some major breach, major hack, it's a firewall for Capital One, going to an open S3 bucket from some girl whose bragging about it on Twitter, wasn't really a serious hacker, then you've got adversaries that are organized, whether it's state sponsored and or real money making underbelly activities happening, you know there are digital terrorists out there, there are digital thieves, the surface area with IOT is absolutely opened up, we kind of know that, but industrial IOT, just talking about industrial equipment, industrial activities, whether it's critical infrastructure or planting equipment for a company, this is a huge digital problem. What's your take, what's your thesis? >> Yes it is, and building on what Greg said, there's an interesting gap from both sides. The first is that this industrial equipment or critical infrastructure, some of it goes back 20, 25 years. It was not architected to be connected to the internet, but yet with this digital transformation that you eluded to, companies want to find ways of getting that data, putting it into various analytics engines to improve cost efficiencies or decision outcomes. But how do you do that with a lot of equipment out there that runs on different operating systems and really was not built for internet connections. The other side of the gap is that your traditional IT security technologies, firewalls, intrusion protection, VPN's, they in turn were not built or architected to secure this IIOT infrastructure. And that gap creates the vulnerability that opens the door for cyber criminals to come in, or state sponsored cyber attackers to come in and do some serious damage. >> Bryan, I want you to weight in here. You're a network guy, you've been around the block, you've seen the networks evolve, the primitives were clear, the building blocks internet were, the DNS ran, most of what the internet right now, whether you're talking about from the marketing to routing, it's all DNS based, it's IP addresses as well under that. So you've got the IP address, you've got DNS, what else is there? What can be done? Why aren't these problems being solved by traditional firewalls and traditional players out there, is it just the limitation of the infrastructure? Or is there just more cultural DNA, you've got to evolve, what's your take on this? >> Yeah, um the way I think about this is that the internet that we know and we use was mostly built for human beings, I mean, it's been built for humans to use it, humans have discriminating tastes, they decide what to click on, for the most part they are skeptical, they learn through trial and error what's happened with- when people try to fool other people, a machine or you know, you've got a webpage and it's got something misleading, you learn that, you don't click on that any more. And the infrastructure we have today is built to help people avoid these problems, as well as drop packets when they can detect that something is just absolutely wrong. But machines, they don't know any of that, they're not discriminating, they've been built to, well if it's going to be on a network, to trust everything that's talking to them, and to send data and assume that the other side is also trusting them and just acting on the data. So it's just a fundamentally different problem, you know what traditionally the machine networks have had air gaps, they've been air gapped away from any other kinds of data or potential threat. And those air gaps are gone. >> So air gaps were supposed to save us, weren't they? But they're not are they? >> Well, they kept us going as Gabe alluded, for 20 -25 years, machines have been operating, operating critical infrastructure, but you know, with digitalization, with the opportunity to look at that data in the cloud, and do machine learning, and by the way machine learning's being done in the cloud just for scale, so the problem with getting the data from machines, or other things back into the cloud is a huge issue, and if there's an air gap between say the cloud and the thing, we might be somewhere. >> So a lot of incompatible architectures relative to what everyone's doing with cloud, and say hybrid and multi cloud. Gabe, you know the two worlds of information technology or IT people, and operational technology people, that tend to run the IOT world, you know you do sensors to factory floors to whatever, called OT people, operational technologies. I've always said that's a train wreck between those two cultures, they kind of don't like each other. You got IT guys, they're stacking and racking equipment, OT guys, stay out of my world I run propietary stacks, it's lockdown. Pretty locked down from a security standpoint, IT are pretty promiscuous just in the nature of it. As those two worlds collide, is that the thesis of the catastrophe model, as you see that world coming together, what's your thoughts on this? >> Yes, good question. That world has to come together, and I'll give you an analogy to this. About 10, 12 years ago, a lot of people were doubtful that Devops would ever take off, 'cause development guys really didn't like operations guys, they didn't like dealing with them. Here we are 10 years or so later, and everyone's pretty much adopted it, and they're seeing the benefits of it. This OT IT convergence takes it to a much higher level, because the stakes are so much higher, because a cyber attack can cause catastrophic damage. And as a result, these two teams are not only going to have to work together in harmony, but they're going to have to learn each other's stacks in the case of the OT guys, it's their traditional OSI networking stack for IT networks. And for the IT guys, they're going to have to learn the Purdue model, which was the model that's principally used in architecting these OT systems. And unless these two teams do work together, the vulnerabilities and probabilities for a catastrophic event increases significantly. >> That's a great example, Devops was poo-pooed on earlier on, I mean Greg, we were back in 2008 riffing on this, now it's the mainstream. Agilities come from it, the Lean startup, all kinds of cool things, people are talking about, we love cloud, great. Now we bring the OT world together, and IT world together, Gabe, what is the benefit, what is the key ethos around operating technologies and IT guys coming together? Because you know, dev ops would simply abstract away the complexity so developers don't have to do configuration and management, all that provisioning stuff, and still have the reliability. They called it infrastructure as code, so Devops was infrastructure as code, what's the ethos of the two worlds coming together from IT and OT? >> I think the ethos is at a very high level, it's risk management. Because the stakes are so high that the types of losses that could be incurred, you know you mentioned Capital One at the top of the program, yes those are financial losses, but imagine if the losses resulted in thousands or tens of thousands of people getting infected, or perhaps dying. So the need for these two teams to work together is absolutely critical, and so I'd say the key strategic approach to this, both from the IT and the OT side, is to go into it- into strategy or cyber strategy with the premise that the company has already been compromised. And so that starts to get your thinking away from legacy types of technologies that were not architected to prevent these new threats, or defend against them, and now these teams have to start working together from a totally different standpoint, to try and prevent the risks of those catastrophic losses. >> Greg, I want to get your thoughts, you've been in the IT businesses for a long time, you've been a major player in it, historian as well as us in IT, what do you see as contrast between the two cultures of IT and OT, because you got to lock down these networks, you got to have the teamwork between the two, because the surface area with IOT and industrial IOT is so massive, it's so complicated yet it's an opportunity at the same time it's an exposure, I mean just people working at home in IT, I mean the home is a great place to target people because all you got to do is get that light bulb from nest and you're at a fully threaded processor, you could run malware and get all the passwords from the person working at home. So again, from home to industrial, does IT even have the chops to get there? >> Not the way they're architected today around the TCP- IP stack, and that's the challenge, right? So from the 90's to this era, whether it's the mainframes to the networks to the internet to the enterprise web et cetera, compared to this we've had relatively incremental change, as surprising as that sounds. You know, devices being added and every year, every other year, every three years, people are upgrading those endpoints, they're adding more sophisticated security. But this world that you referred to, the world's in collision. It's not evolving at all in parallel. So, you've got devices with no security in mind they're being connected, and you know, calling it the industrial internet of things almost underwhelms what the risk is, it should be the internet of places or spaces, because what these devices can control, control of a factory, a hospital, et cetera, and you think back you know, yes you've got historical perspective, you don't have to go back very far when the Russians were attacking Ukraine, you know, WannaCry, NotPetya, you know they spread all over the place in a matter of weeks, UK hospitals were running on carbon paper, postponing procedures, Maersk shipping had they're shipping- they lost control of their ships at sea, and now you've got VxWorks coming along, saying you know, you're going to have to update that, because there's some serious vulnerabilities here, VxWorks is deployed to cross billions of devices, so I don't think historically there's really a precedent, I mean, if you want to tap into a common interest with military history, you don't even have the semblance of a Maginot Line, and that was a pretty imperfect protection scheme. >> I mean, the opportunity to infect governments, take 'em down within misinformation to actually harming people say through hospital hacks for instance, you know, people could- lives were in danger. And there's also other threats, I mean, you mentioned, it takes one device to be penetrated, at home or at work, I saw an article, came across my desk I saw IBM did some research, this concept of war shipping, where hackers ship their exploits directly on WiFi devices, so people get these devices, hey, free you know, nest light bulb or whatever's going on, they install in their home, oh it's got, I got a free WiFi router, uh-uh, it's got built in malware. It's just got WiFi connectivity. So again, the exploits are getting more complicated, Bryan, the network has to be smart. At the end of the day, this cloud 2.0 theme is beyond compute and storage, networking and security are two underdeveloped areas that need to evolve very quickly to solve these problems, what's your take on this. >> Well, my take on that is that our approach is that if the network has to be so smart that it can watch everything and understand what's good and bad, then we're doomed, so we're going to need to also combine watching packets, the traditional method, deep packet inspection, with divide and conquer. Frankly, it's-as Tom and I said before, the air gaps are gone for OT. I think we need to figure out a way to divide up the networks of things, and give them clean networks if possible, and try to segment them away from the network that the rest of the things are on. So, you know, we don't have enough compute power, we don't have enough memory and resources, but that's not really the fit. We just don't understand what is good traffic versus bad traffic, and we talk about Day Zero attack, and we talk about, try to chase that down with signatures, and you know the- you can watch transactions, people say AI and machine learning, but machine learning means learning good and bad from people. >> How do companies fix this, what's the answer to all this, or is there one? Or it's just going to take catastrophic loss to wake people up? >> Well we can't react to the problem, that's one thing that we all can probably- we all know that if we wait for the catastrophe, and then we try to react to that and solve it, that it's already gone, it's too late. I mean, this is a geometric expansion in complexity of the problem, I don't think there's a silver bullet, I think that there's going to be several things that need to be done, one is to keep inspecting traffic, but another one is again segmenting things that should be talking to each other, away from things that they should not be talking to. And trying to control the peers in the network of things. And you know, Greg something you said reminded me, fundamentally with networking, the TCP-IP, we are using the IP address, to mean the location say if we're talking about places, we're talking about the location of something and the identity of that thing, and most of our security policies, are spelled out in terms of something, an IP address, that is not under our control, and the network has to be kind of so complex as it is growing, with mass proxies, you know, motion, mobility, things are moving. A lot of this wasn't foreseen. >> So, Gabe and Greg, do we have to build new software, a new naming system? Do we have to kind of level up and put an extraction layer on top of the existing systems? What's the answer? >> The answer is a layered approach. Because to try and do a complete rebuild or a retrofit particularly with different operating systems, different versions, incompatible systems, billions of devices, and various types of security solutions that were not built for this, that's not a practical solution. So you've really got to go with an overlay strategy, people are always going to be the vulnerability, they'll fall for fishing attacks, that's why the strategy is that we're already compromised. So if the attacker is already in our network, how do we contain them from doing serious damage? So one strategy for this is micro-segmentation, which is a much more granular approach, to prevent that lateral movement once the attacker is inside the network. And then when you go from there, you can pair that with host identity protocol which has been around for a while, but that was architected specifically to address the networking and security requirements for IIOT environment, because it addresses that gap that we were talking about between traditional security solutions that lack this functionality, and it only allows white-listed communications between hosts or devices that are already approved and only approved to communicate with one another. So you could effectively do a lockdown even if the attacker is already inside your network. >> I want to get back to some of the criteria on this, and I want to also put the plug in for the TechTonic advisors report that's coming out that you are the author of, called securing critical infrastructure against cyber attacks, I read it, great paper. The line that I read, I want to get your thoughts I'm going to read it out loud, I'd love to get your thoughts on this Gabe or anyone else who wants to chime in, it says industrial IOT cybersecurity is beyond the scope of traditional firewall and VPN solutions would struggle to keep up with the scale and variety of modern attacks. What do you mean by that? Give an example, tell me what you mean by that sentence, and what examples can you give? >> Well, I'd say the most important thing is that firewalls were initially built to protect what we call north-south traffic. In other words, traffic that's coming in from the internet into the organization and back out. But now with network expansion, cloud adoption and more and more devices, industrial devices being connected, these firewalls cannot defend against that. They simply were not architected for it, they cannot scale to those proportions, and even if you're using software only versions, those aren't effective either because they do not protect against east-west or in other words lateral traffic. So if you're an organization moving IIOT data from your OT systems across your network into IP analytics systems or software, that's lateral movement. Your firewall- traditional firewall, just not going to be able to handle that and protect against it, so in simple terms, we need a new overlay not to say that firewalls are going away any time soon, they can still protect north-south traffic, but we need a new type of overlay that can protect this type of traffic, micro-segmentation is the strategy to do that and using host identity protocol or HIP protocol is what fills that gap that your traditional security tools were not designed to protect against. >> Greg, I want you to weigh in on this, because you're in this business now, you know the IT world, the criticality of what you just said is super critical to the nature of business, you know the catastrophic example's there, but IT does not move that fast, you know IT, IT'S like molasses, I mean they're slow. What is going to light a fire under IT to get them to be sensitive, I mean it's pretty obvious, can they get there, do they have to re-structure what has to happen in the IT world, because you know, it is a catastrophic end game here if they don't nail down this traffic protection. >> Well a part of the- you know, part of it is education. Because we've been- we've seen wave and wave of incremental innovation in the network, and when it happened it seemed so big and and it produced huge market cap growth with a lot of companies, you know play this guessing game of who is really connecting to the network. And it's evolved kind of gradually, to this big leap we have ahead of us, and IT is going to have to become aware that IIOT is a fundamentally different problem and challenge to solve, and that's going to require new thinking, new purpose built, like Gabe said, approaches, anything like the traditional firewall segmentation is just not going to address what we talked about, the scale issues, the resilience right? So, some of these devices, you don't want them off for one or two percent of the time. And the implications are that it's much more serious. So I think that, you know, more types of attacks are inevitable, and they're going to be even more catastrophic, and we're all aware that NotPetya and WannaCry raised a lot of eyebrows just for how quick it spread and the damage it caused. And we've just seen VxWorks vulnerabilities being announced. We need to prepare now. >> Malware and worms are still popular, it's a problem. Well guys, thanks so much for spending the time on this panel, I'll give you the final word here, share what you think is going to happen over the next 24 months, 12 months, is it going to take catastrophic failure, what's going to happen in your mind, what's going to end up being the trajectory over the next, you know say year. >> Well, unfortunately, sometimes it might take a catastrophic event to get things moving, hopefully not, but I think there's growing recognition as IIOT is growing, that they need new ways to secure this movement of data between OT and IT, and in order to facilitate that securing of data, you're going to have to have that OT and IT convergence occur, because the risk, as you sort of eluded to earlier John, we hear in the headlines about massive data breaches and all this data that's stolen. But the risk in IIOT is not only the exfiltration of the data, the risk is that the attacker has the capacity to take over the infrastructure. And if that happens in a hospital, if it happens with a water treatment facility or government type of defense installation, the outcomes can be disastrous. So the first thing that has to happen is OT IT convergence. Second, they have to start thinking strategically from a standpoint that they have already been breached, and so that changes their viewpoint about the technologies that they have to deploy, and where they have to move to to efficiently get to what I call the iddies, and that's the- you still need the availability, you've got to have visibility into this traffic, you need reliability of this network, obviously it's got to be at scale, it's got to be manageable, and you need security. >> Well, we'd like to have you on again Gabe, because we've talked about this from a national security perspective, not only the hackers potentially risking the business risk there, there's a national security overlay because you know, if the government's attacking our businesses, that's like showing up on the shores of our country, its the government's job to protect the freedom's and safety of the citizens, that includes companies. So why are companies defending themselves with all this capability, what's the role of government in all of this, that's a very important, I think a longer conversation. So, let's pick that one up, a separate one, my favorite topic these days. Critical infrastructure even if it's just business it's the grid, it's the plants that run our country. >> And John, what I'd like to add to that is, I was talking to a friend of mine who's a CIO down here in California yesterday, and we were talking about the ransomware right, that was taking down all these cities. And you know, he goes well the difference between what you guys are talking about and that, is that you can back up your IT systems, right, into the cloud, and that's a growing business to kind of protect and then replicate game over, and he goes, can you back up a hospital? Can you back up a manufacturing plant? Can you back up a fleet of ships? You know, can you back up a control center? Not really, when you lose physical control, it's game over. And people, I think that really needs to sink in. And that was, I think in Gabe's paper when I first read it, that's what really struck me about it, this is a different ballgame. >> Well, I mean, there's many points, there's the technical point there, and there's also the societal point of- you imagine things being taken over by hackers that physically can harm people, and that's again the societal side, technically the incompatible architecture's coming home to roost now, because there's the problem right there, that's the collision that's happened I think, and a lot of education needs to happen fast, Gabe, thanks for writing that paper critical infrastructure against cyber and securing it, Bryan thanks for coming on appreciate it, you want to say, get the final word Bryan, go ahead. Your thoughts, next 12 months. >> I think that if our future, it depends on OT and IT coming together and a lot of education, a lot of change, I don't think we're going to get there, I think that what's going to happen in the next 24 months is that you know, there are lots of innovative schemes and companies and people, working on this and what we need to do is lay down infrastructure that allows OT and IT to keep operating, and not have to do a forklift upgrade and everything that they do, their processes or teach the things how to protect themselves, and again I'm going to go back to air gaps in network, make a logical air gap, if you imagine driverless cars driving around they're not going to, imagine them sharing the same network that we're using to use Snapchat and look at cities and you know, sitting on the internet and looking at Facebook. We're not going to want that. So we need to try and figure out a way to separate the location of the thing from the identity, create policies in terms of the identity, manage that a new layer, and do it in such a way that doesn't change IT. To me that's the key, 'cause I- we've said it here, IT's doesn't move that fast, they can't. It's not a matter of willpower, it's a matter of momentum and intertia. >> Well, I think the forcing function on this is going to be catastrophic event, the subtitle of this panel, apocalypse now or later. And in my opinion, Greg's been, you know, on this JetEye department of defense story. I believe this is one of the most important stories in the technology industry in a long long time, it really highlights the confluence and convergence of two differently designed infrastructure technologies, that have to in a very short time, be re-platformed at high speed, in a very fast short time frame, because the stakes are so high. So guys, thanks so much for spending the time here on this power panel, IIOT, industrial IOT and cyber security apocalypse now or later, something's going to have to happen, it has to happen fast. Gabe, Bryan, Greg thanks for taking the time. This is a cube conversation here in Palo Alto power panel, I'm John Furrier, thanks for watching. (upbeat music)

>> Announcer: Live from Boston, Massachusetts, it's theCUBE. Covering Red Hat Summit 2019. Brought to you by Red Hat. >> Good to have you back here on theCube we are live in Boston at the Convention Center here. Along with Stu Miniman, I'm John Walls and on theCUBE we're continuing our coverage of Red Hat Summit 2019 in Boston, as I said. Joined now by Reza Shafii, who is the VP of Platform Services at Red Hat. Former CoreOS guy >> That's right. >> Stu actually has his CoreOS socks on, >> He told me. >> Today, yeah, so he came dressed for the occasion. >> Shh, can't see those on camera, John. I can't be wearing vendor here. >> Don't show it to the camera. >> Well I just say they're cool! They're cool. Glad to have you with us, Reza. And first off, your impression, you have a big announcement, right, with OpenShift. OpenShift 4 being launched officially on the keynote stage today. That's some big news, right? >> It's a big deal, it's a big deal. The way I think about it is that it's really a culmination of the efforts that we planned out when we sat down between the CoreOS leadership team and the Red Hat leadership team, when the acquisition was closed. And we planned this out, I remember a meeting we had in the white board room. We planned this out. In terms of bringing the best of OpenShift and CoreOS technology together. And it's really great to see it out there on the keynote, and actually all demoed and working. >> And working, right? Key part. >> Reza, dig in for us a little bit here, because it's one thing to say okay, we got a white board and we put things together. You know, when I looked at both companies, at first both, CoreOS before the acquisition and Red Hat, I mean open source, absolutely as its core. I remember talking to the CoreOS team, I'm like, you guys are gonna build a whole bunch of really cool tools, but what's the business there? Do you guys think you're gonna be the next Red Hat? Come on. Well, now you're part of Red Hat. So, give us a little bit of the insight as to what it took to get from there to the announcements, CoreOS infused in many of the pieces that we heard announced this week. >> Yeah, so the way I like to think about it is that Red Hat's OpenShift's roots, it started with making sure that they create a really nice comfortable surface area for the deaf teams. The deaf teams can go in and start pushing the applications and it just ensures that it's running those applications in the right way. The CoreOS roots came from the operations perspective and the system administrator. We always looked at the world from the system administrator. Yes, you're right, CoreOS had a number of technologies they were working on, etcd, Rocket, clair. I used to joke that there's a constellation of open source services that we're working on, but where is the one product? And, towards the end, right before the acquisition, the one product I think was pretty clear is Tectonic, the Kubernetes software. Now, if you look at Tectonic, the key value difference was automated operations. The core tenants of what Alex Polvi and Brandon Philips said into the mindset of the company was we're outnumbered, the number of machines out there is going to be way more than we can handle, therefore we need to automate all operations. They started that on the operating system itself, with CoreOS, the namesake of the company. And then they brought that to Kubernetes. What you see with OpenShift is, OpenShift 4, you see us bringing that to, not only the Kubernetes core, that's the foundation of OpenShift 4, so all capabilities of running Kubernetes are automated with 20 plus operators now. But you see that apply to all the other value capabilities that are on top of OpenShift as well, and we're bringing that to ISV. I was walking around and a number of ISV's have their operators as the number one thing they're advertising. So you're seeing automated operations really take hold and with OpenShift 4 being a foundation for that. >> You talk about operations or operators, you have Operator Hub that was launched earlier this year, what was the driving force behind that? And then ultimately what are you trying to get out of that in terms of advancement and going forward here? >> Right, I think it means it's worked. Going back a little bit of history on this, the operator pattern was coined at CoreOS as a way to do things on a Kubernetes cluster to automate operations. The right way. You have to expose it as a proper API, you have to use a controller, so on and so forth. Then as the team started doing that we realized well there's a lot of demand for this pattern, we started documenting it, describing it better and so on. But then we realized there's a good case for a framework to help people build these automations. Therefore we announced the operator framework at Cubeacon. I think it was a year and a half ago. What happened then was interesting, suddenly we started seeing hundreds plus operators being built on the operator framework. But, it was hard because you could see five Redis operators, 10 MySQL operators. It was hard for our customers to know where can I find the right set of operators that have the right functionality and how do they compare to each other? OperatorHub.IO is a registry that we launched together with AWS, Google and Microsoft to solve for that problem. Now that we have a way to create operators easily and capture that automated operations, we have sort of created a pattern and a framework around it, where do you go to find the right set of operators. >> It's an interesting point because if you look in the container space, especially Kubernetes, it's like, okay well what's standardized, what works across all of these environments? We always worry, I've probably got some pain from previous projects and foundations as to well what's certified and what's not and how do we do that? So, did I see there's a certification now for operators and how do you balance that we need it to work everywhere, we don't wanna have it's Red Hat's building an open ecosystem not something that's limited to only this? >> Yes. So OperatorHub.IO is a community initiative. And, every operator you find on there should work on any Kubernetes. So in fact as part of the vetting process we make sure that that's the case. And then on the certification we launched today, actually, and you can see a number of, we have already 20 plus operators that are certified. This is where we take it a step further and we work with the vendors to make sure that it works on OpenShift. It's following a number of guidelines that we have, in terms of using, for example, Rail as the basis. They work with us to run the updates through security checks and so on. And that's just to give our enterprise customers more levels of guarantees and validation, if they would like to. >> So what are they getting out of that, out of the certification system? What, I guess, stability and certainty and all those kinds of things that I'm looking for, standardization of some kind, is that what's driving that? >> It's simple, at the end of the day they got three things. They get automated updates that are pushed through the OpenShift update mechanism. So if you are using the Redis one, for example, and it's certified, you're gonna be able to update the Redis operator through the same cluster administration mechanism, then you would apply it to the entire cluster itself. You see updates from Redis come in, you can put it through the same approval work so on, so on. The second is they get support. So they get first line of support from Red Hat. They can call Red Hat, our customers and actually we work with them on that. And the third is that they actually get that security vulnerability scans that we put them through to make sure that they pass certain checks. And actually one last one, they also get Rail as the basis of the operator, so, yup. >> Reza, help bring us into the customer point of view. What does all this mean to them, what are the big challenges, how do they modernize their applications and get more applications moving along this path? >> Yeah, in this case the operator customer is mainly the infrastructure administrators. It's important to point that out. The developers will get some benefit on that in that it's self service, so the provision, but there's other ways to do that as well. You can go to a Helm chart, deploy that Helm chart, you get that level of self service automated provisioning. To go ahead and configure for example, a charted MongoDB database on a Kubernetes cluster, you have to create something like 20 different objects. And then to update that to change the charts, you have to go and modify all those 20 different objects. Let's just stay at that level alone. An operator makes that before different parameters on a yaml file that you change. The operator takes that and applies all these configurations for you. So, it's all about simplifying the life of the infrastructure administrators. I truly believe that operators, human operators, infrastructure administrators are one of the least appreciated personas right now that we have out there. They're not the most important ones, but there is a lot of pain points and challenges that they have we're not really thinking about too much. And I think OpenShift goes a long way and operators go a long way to actually start thinking about their pain point as well. >> So what do you think their reaction was this morning when they're looking, first off, the general announcement, right? And then some of the demonstrations and all those things that are occurring? Is there, do you have or are you talking to customers? Are you getting the sense of relief or of anticipation or expectation? I mean, how would you characterize that? >> Think they're falling into a couple of different buckets. There's the customers we've talked to, for awhile now, that know this stuff, so this is not super new to them, but they're very happy to see it. There's one big automaker that's a customer of us and the main human operator was telling me awhile ago that he does not want any service on the cluster unless it has an operator, this is a year and a half ago. And he kept pushing me well I want a Kafka one and I want an Elasticsearch one, and you know. And we, CoreOS, were too small to try to build that ourselves. Obviously that's not, we can't maintain a Kafka operator and a CoreOS one. Now, he's able to go to our operator APP, he's gonna be able to get a Kafka operator that's maintained by Kafka experts. He's gonna be able to get a Redis operator that's maintained by Redis experts. So that bucket of customers are super happy. And then there's another one that's just starting to understand the power of all this. And I think they're just starting to kick the tires and play around with this. Hopefully they will get to the same point as the first bucket of customers, and be asking for everything to be operator based all the time. >> Convert the tire kickers, you're gonna be okay, right? >> That's right. >> Thank you for the time. >> Thank you. >> We appreciate that and continued success at Red Hat, and, once again, good to see you. >> Thank you, always a pleasure. >> You bet. Live, here on theCUBE, you're watching Red Hat Summit 2019. (upbeat music)

>> Live, from Las Vegas! It's theCUBE! Covering the VMworld 2018. Brought to you by VMware and its ecosystem partners. >> Welcome back. We're in Las Vegas, and you're watching theCUBE's exclusive coverage of VMworld 2018. I'm Stu Miniman joined by my cohost Justin Warren, and happy to welcome to the program for the first time, James Labocki, who's a director of product management with Red Hat. And joining him is CUBE alum, Rob Young, who's the lead manager of virtualization product management strategy, also with Red Hat, wearing the shadow man logo. Rob, James, thank you so much for joining us. >> Great to be here >> Thanks for having us. >> Alright, so Rob, we touch base with Red Hat at a number of shows, you know, Red Hat Summit. We spoke with you last year at VMworld. Give us the update, Red Hat's got a nice booth here at the show, A lot of things going on, Red Hat plays in a lot of the multi-cloud environments that I hear VMware talking about, so, talk about your presence here. >> So, Red Hat has done quite a bit of growing over the course of the last year that we talked. We are focused on not only where our customers are today, but also on how our portfolio needs to evolve to where they aspire to be. And by that, I mean, RHEL is still the foundation of our business. We have Red Hat Virtualization, we have OpenStack Platform, we have the OpenShift, as you know, and what we're learning from our customers and the market, is that, on top of RHEL, customers have not only a footprint in the virtualization world, but they have an aspiration to evolve along with the market to more of a containerized world that is managed, orchestrated, delivered via Kubernetes, and we feel that our portfolio is well positioned with the pillars of our business from infrastructure to application middleware all the way through management, to allow them to act on those aspirations, not in the future but right now. So that's where we are. Our strategy is build around that vision and around that level of enablement and market dynamic, right now, so we're excited, would you agree? >> Yeah absolutely. A lot of interest in OpenShifted option, whether that's on the Vmware platform itself, out on the public clouds, and then on KVR, KVM based hypervisors with Red Hat Virtualization OpenStack Platform as well. >> Yeah it's interesting because, I've watched this adoption of containerization in the marketplace. What's the line I hear from Red Hat? It's like, Linux is containers, containers are Linux. >> Hey you got that good. >> Yeah I got the t shirt too. But, you know, here at VMworld, some people are still trying to understand that virtualization versus containers and, "How do I stack things?" "How do I do that?" What do you hear from customers? Where is their head at? Talk to us about, you know, it's pervasive in the product line so how do you think about it internally too? >> Yeah absolutely so, I think containers are absolutely Linux and Linux is fundamental to containers, so I think one of the most interesting paradigms that we're seeing, or one of the interesting trends we're seeing is that as people are beginning to adopt containers, they're also beginning to realize that they're looking to simplify their environments as they do that. And so it's presenting a lot of new opportunities and reinvigoration of other technologies. So things like traditional virtualization that they have in place today, they're looking at, maybe bringing along KVM and starting to orchestrate containers and virtual machines with Kubernetes in a consistent manner across both on-premise and public cloud providers. So, we're really excited to be involved in projects around that. We're helping drive the adoption of that. And with that reinvigoration of KVM as a hypervisor, based on that work, to bring a common orchestration layer we're seeing even reinvigoration of the ecosystem around KVM with partners of ours like Trilio, Maxta, Veeam, and so on and so forth, which have been kind of discussed in... >> Yeah, Sorry. >> Well I was just going to add to what Dave said. What we see also happening is that the Linux market 25 years ago was open-source, contributor laden. Red Hat was fully engaged there, we are seeing that very same dynamic happening in the Kubernetes environment. We actually see that as very much the equivalent of what Linux was 25 years ago, so we are contributing upstream to the Kubernetes project, but our goal really is not only to stabilize and build out Kubernetes, but also to bring the virtualization aspect that we had brought into KVM and to virtualization into the Kubernetes project and community so that we can get rid of an additional layer of complexity around the hypervisor allowing containers to be managed and deployed and to have the same isolation levels that you have with VMs now. So all that is in process now. We've got upstream work going on and we're leading a lot of those contributions in the Kubernetes community, specifically via the Kubert project so anyway... >> Leads nicely into what I wanted to ask about which was, Red Hat has a long history of open-source, and open-source is a really important part of containers in general. What are you seeing for enterprises in their adoption of open-source? I mean clearly you've watched it go from something which was once verboten, to now it's pretty much de facto. So what are you seeing customers using open-source for in this new cloud and container world? >> Yeah so I think, you know, the typical pattern we see is a lot of times previously people would look at open-source as a way to commoditize and reduce cost. That was the beginning of open-sources right, with the UNIX to Linux migrations and things of that nature. Now, open-source and really Linux is at the forefront of a lot of the innovation happening, so customers are using both those, basically, techniques inside of their environments to embrace open-source. So at one point, they're using their Linux skills to commoditize things inside their environment or reduce cost. They're also looking at it as the basis of containers, microservices, machine learning, so on and so forth, so really this common skillset of Linux is kind of on both sides, and it's really rooted in the open-source knowledge and methodologies that our customers need to be able to... >> You hit the nail right on the head when you mentioned that everything that has to do with the new modernization of the data center built on containers is open-source, and Red Hat's participation in the community is we already have credibility in the Linux world and the OpenStack world and the KVM world and the Kubernetes world as well, and what we're seeing on the customer side, specifically enterprise and public sector is, they are embracing open-source. They've actually got strategies that named open-source as part of the criteria for proof of concepts and things like that, and we believe we've been preparing for this moment for the last 25 years, for the market to really see this as an open opportunity, not only for open-source and communities, but also to enable their development staffs to extend and participate in those projects to their advantage, so it's a really good thing, for a Red Hat market. >> Yeah it's certainly encouraging to see it. Having watched it develop, it's been really nice seeing that actually get used with enterprises, and seeing that Red Hat is there, the whole way through that and as a trusted partner I'm sure gives them a lot of confidence. >> One thing I would add is just, it's not just about the ability to deliver open-source and to use it, although delivering that with along lifecycle is something that is a core competency of Red Hat as a company, but also the ability to actually affect change in those communities and get contributions back in is really key. And then, even advising customers on how to do that is something that we're, it's just to say, "Hey we do open-source," but actually providing that lifecycle around it is a whole nother story. >> Red Hat has a lot of experience living in a lot of different environments, just Linux is pervasive in the data center and in the cloud. When you talk about multi-cloud, customers need to figure out how to deal with these multi-could environments and you know, multi-cloud, multi-hypervisor, how does Red Hat help customers through this journey? >> So there's, we have a really good story there and really good enablement. There are basically four footprints that you can deploy an application on, physical, virtual; public, and private cloud, and red hat portfolio deploys nicely there, RHEL, VMs, OpenStack, OpenShift, containers, you name it. So our approach is, not only do we allow the deployment there, but also the management of it as well, and we agree with you wholeheartedly, workloads are portable, they're mobile, people are going to move them between clouds, on site, they're going to burst into clouds, so our solution to that is the management console that we provide with CloudForms, and our management vision going forward for software as a service and some other things that we're doing, is all about that heterogeneous environment. Multiple hypervisor, multiple cloud providers, multiple OSs as well, so, you know, we want people to see Red Hat as a platform to stabilize on, not a solution where they have to go out and cobble together a solution. They should be able to do everything with our product in a portfolio from a single management console, including that heterogeneous environment with multiple hypervisor, multiple cloud. So that's how we approach it and we're building on that concept, not only with CloudForms, but also with the new CoreOS Tectonic Platform that we just, acquired, that'll be part of OpenShift, and then going forward our management business unit is working on software as a service, consumption based model that allows customers to do the same thing from their phone as an example. It's that vision that we've already executed on, but it's only going to get bigger going forward. >> One thing I would add is, one thing that's fundamental to our vision is that we're actually delivering a consistency across all those footprints so, it's not one version of Kubernetes for public cloud, another version for on-premise, a different automation tool here and a different automation tool there, it's consistent right? Ansible automation across bare metal on-premise, virtualization, private, public cloud, OpenShift with the foundation of RHEL, consistent across all those for one version of Kubernetes across all of them. So I think that's a big key differentiator as opposed to some of the other visions where you have one version on public cloud, one version on private, different disparate tools tools for each of those. We really believe in simplifying that from a complexity standpoint. >> Well Rob and James, really appreciate you giving us the update on Red Hat. We'll be back with lots more coverage from VMworld 2018. For Justin Warren, I'm Stu Miniman, thanks for watching theCUBE.

>> Live from Las Vegas, it's theCUBE covering VMworld 2018. Brought to you by VMware and its ecosystem partners. >> Welcome back to theCUBE's coverage of VMworld 2018. Two sets, wall-to-wall coverage. We had Michael Dell on this morning. We had Pat Gelsinger on this afternoon. And happy to welcome to the program, first time guest, Keith Moran, who's the vice president with Nutanix. Keith, I've talked to you lots about theCUBE, you've watched theCUBE, first time on theCUBE. Thanks so much for joining us. Yeah, thanks for having me. It's a great show. >> Alright, so let's set the stage here. We're here in Vegas. It's my ninth year doing VMworld. How many of these have you done? >> So this is my fourth. >> Yeah? How's the energy of the show? The expo hall's hopping. You guys have a nice booth. What are you hearing from the customers here? >> I think that we're seeing just a lot of discussion around where the market's going with hybrid cloud. I think that it's a massive opportunity. I think people are trying to connect the dots on where it's going in the next five years. The vibe's extremely strong right now. >> I've met you at some of the Nutanix shows in the past and seen you at some of these, but tell us a little bit about your role, how long you've been there, where you came from before. >> I run the Central US for Nutanix, and I spent a long time in the converged, whether it was that app at EMC, through a few start-ups, and then I've been at Nutanix for four years. It's been a great ride, seeing how the market's adopting to hyperconverged. The core problem and vision that Dheeraj saw nine years ago is playing out. He's five chess moves ahead of everyone. I think there's, again, a massive opportunity as we move forward. >> Keith, I love your to share. I love people in the field. You're talking to customers every day. You hear their mindset. I think back over the last 15 years in my career, and when Blade Server first came out, or when we started building converged solutions. It was like, "Oh, wait." Getting the organization together, sorting out the budgets. There were so many hurdles because this was the way we did things, and this is the way we're organized, and this is the way the budgets go. I think we've worked through a number of those, but I'd love to hear from you where we are with most customers, how many of them are on board, and doing more things, modernizing, and making changes, and being more flexible. >> Yeah, so I think you're spot on in the sense that the silos was the enemy in the sense that people were doing business as usual and that there was process, and they didn't want to take risks. But I think that the wave of disruption has been so strong and that we're in this period of mass extinction where customers, They don't have a choice anymore. That they have to protect against the competitive threat or exploit opportunity, and I think that the speed and the agility with hyperconverged is, And what the market disruption is forcing them to make those changes and forcing them to innovate. At the end of the day, that's their core revenue stream is how they experiment, how they innovate. Again, you're seeing the disruptions coming so fast that people are changing to survive. >> Yeah, we have some interesting paradoxes in the industry. We're talking about things like hyperconverged, yet really what we're trying to do is build distributed architectures. >> Correct. >> We're talking about, "Oh, well I want simplicity, and I want to get rid of the silos, but now I've got multicloud environment where I've got lots of different SaaS pieces, I've got multiple public clouds, I often have multiple vendors in my public cloud, and I've like recreated silos and certifications and expertise." How do customers deal with that? How do you help, and your team help to educate and get them up so that hopefully the new modern era is a little bit better than what they were dealing with? >> Yeah, and I think that's part of where the opportunity is. I think that the private cloud people don't do public well, and I don't think that the public cloud vendors do private well. So that's why the opportunity's so big. And I think for us, we're going to continue to harden the IaaS stack of what we built, and then our vision is how do we build a control plane for the next generation. If you look at our acquisition strategy, and where we're putting in it, how do you have a single operating system that spans the user experience from the public to private, making an exact replica. Again, I think customers are struggling with this problem and that as apps scale up, and scale down, and the demand for them, that they want this ability to course correct and be able to move VMs and containers in a very seamless fashion from one app to the next and adjust for the business market conditions. >> Yeah, I had a comment actually by one of my guests this week. We now have pervasive multicloud. We spent a few years sorting out who are the public clouds going to be. And there's still moves and changes, but we know there's a handful of the real big guys, then there's the next tier of all of the server providers, and the software players, like Nutanix. Look, you're not trying to become a competitor at Amazon or Google. You're partners. I see Nutanix at those shows. So maybe explain what's the long-term strategy. How does Nutanix, as you've been talking about enterprise cloud for a number of years, but what's that long-term vision as to how Nutanix plays in this ecosystem? >> Yeah. So for us I think part of it is our own cloud, which is Xi, and it's living in this multicloud world where our customer can do DRs of service with that single operating system, moving it from a Nutanix on-prem solution, moving it to a Nutanix cloud, moving it to Azure, moving it up to TCP, or moving it to AWS. And they have to do with it with thought because clearly there are so many interdependencies with these apps. There's governance, there's laws of the land, there's physics. There's so many things that are going to make this a complex equation for customers. But again, they're demanding, and that's forcing the issue where customers have to make these decisions. >> Keith, I want to hear, when you talk to your customers, where are they with their cloud strategy? I heard a one conference, 85% of customers have a cloud strategy, and I kind of put tongue in cheek. I said, "Well 15% of the people got to figure something out, and the other 85, when you talk to them next quarter, the strategy probably has changed quite a bit." Because things are changing fast, and you need to be agile and be able to change and adjust with what's going on. So where do your customers, I'm sure it's a big spectrum but? >> It is. The interesting thing for me for cloud is on average, we're seeing that the utilization rate, specifically in AWS, is somewhere in the 25% rate for reserved entrance, which was very surprising to me because the whole point of cloud is to test it, to deploy it, and to scale up, and if you're running in an environment where the utilization rate that the economics aren't working. So I think that people are starting to look at, alright, what are the economics behind the app? Does it make sense in the cloud? Does it make sense on-prem? Again, what are the interdependencies of it? The classic problems they're having are still around. They're spending 80% of their time just managing firmware and drivers and spending thousands of hours per quarter just troubleshooting and not impacting the business. So I think, fundamentally, that's what the customers are trying to solve is how do we get out of this business of spending all our time keeping the lights on and how do we drive innovation. And that ratio has been historically for 20 years. And I think, again, Nutanix helps drive that in the sense that we're helping customers shift that ratio and that pain. I always say, "Put your smartest people on your hardest problems," and when you've got these high-end SAN administrators spending a lot of time, they should be working on automation, orchestration, repeatable process that gives scale and again, impacts the business. >> Yeah. A line that I used at your most recent Nutanix show is talking to customers. Step one was modernize the platform, and step two, they could modernize the application. >> Absolutely. >> Speak a little bit to that because in this environment, we know the journey we went through to virtualize a lot of applications. I talked to a Nutanix customer this morning and talked about deploying Oracle, and I said, "Tell me how that was," because how many years did we spend fighting as customers? "You want to virtualize Oracle?" And Oracle would be like, "No, no, no. You have to use OVM. You have to use Oracle this. You have to use Oracle that." We've gone through that. And is it certified on Nutanix? It's good to go. It's ready to go. He's like, "It was pretty easy." And I'm like, it's so refreshing to see that. But when you talk about new modern applications and customers have this whole journey to embrace things like Agile, LMC ICD, and the like. Where does Nutanix play in this, and how are you helping? >> Yeah, so I think on the first. When you look at the classic database, so things like Sequel were automating so that you can extract it in a very simple manner. You look at the mode 2 apps like Kubernetes, we're taking a 37 page deployment guide and automating it down into three clicks because customers want the speed, they want the deployment cycles, they want the automation associated with that. And it's having a big impact in the sense that these customers are trying to figure out, "Where am I going here in the next three years?" For us, we're seeing massive workloads, whether it's Oracle, Sequel, people deploying on it. And again, there's so much pressure for people to change and constantly disrupt themselves, and that's what we're seeing. And layer that all on top of a lot of legacy apps. So we've got oil and gas customers, and big retailers, and when they show us the dependency maps of their applications, it's incredible. How complex these are, and they want simplicity and speed, and how do they get out of that business of the tangled mess. >> Yeah. Keith, I wonder if you have an example, and you might not be able to use an exact customer, but you mentioned some industries, so here's something I hear at a show like this. Alright, I understand my virtualized environment. I've deployed HCI. I really need to start extending and using public cloud. What are some first steps that you've seen customers as to how they're making that successful? What are some of those important patterns, what works, and where's good places for them to start? >> I look at it almost, when I see some of the automation deployment cycles they have of how they get a VM through the full lifecycle, and behind the scenes they have such massive complexities that it's hindering their ability to create automations. So the first layer is how do you simplify the infrastructure underneath, and it goes back to that dependency map. So again, oil and gas, that's big retailers. When they show us what their infrastructure is, they want to simplify that layer first, and then from there they can build incredible automation that gives them a multiple in the return that is much greater than what they're seeing in today's infrastructure. >> Keith, what's exciting you in the marketplace today? You get to meet with a lot of customers. Just kind of an open-ended. >> So for me, it's I've worked in a lot of big legacy companies, and I've never seen customers that have the passion towards Nutanix. And I think that it's the problems that we're solving for them, the impacts we're having on the business is driving that loyal following. But again, how fast people are either trying to exploit a competitive advantage or protect against a threat, that it's interesting to be right in this, in the epicenter of this big shift that's happening, right? Tectonic plates are shifting in that you've got a massive cloud provider like AWS. You've got a big player like VMware. What's the next generation going to look like? For me it's fascinating to see how these businesses are competing. I look at a customer. I've got a Fortune 500, The CTO's comment to me was, "I'm one app away from disruption." So they're a massive commercial real estate organization, and he's terrified of what could happen next, and he's got to stay way ahead of the curve, and I think that the innovation rate that we're bringing, the support, the infrastructure. I think it's a great place because of how we're serving what we call the underserved customer and having a big impact. >> Yeah. It's interesting. We always poke at the how much are customers just dreading that potential disruption and how much are they excited about what they can do different. You talk about working with traditional vendors in IT for the last decade or so, it's like IT and the business were kind of fighting over it. There's a line one of our hosts here, Alan Cohen, used to use. Actually, the first time I heard it was at the Nutanix show in Miami when we had it on. And he said there's this triangle, and where you want to get people is away from the no and the slow, and get them to go. Do you feel more people are fearful, or more people are excited. Is it a mix of-- >> It is. >> Those for your customers? >> And again, I think that the marketforce is really helping because people there they have to shift to stay competitive, and they're pushing every day to the level of change and how people are embracing change is much faster than it was. Because again, these disruption cycles are much faster and they're coming at customers in a totally different way that they weren't prepared for. >> Alright, Keith, final word from you is how many of theCUBE interviews have you watched in the last bunch of years? >> The content, I mean, it's off the charts. Hundreds and hundreds of hours, I would say. >> Well, hey. Really appreciate you joining us. Keith Moran, not only a long-time watcher, but now a CUBE alumni with the thousands that we've done. So pleasure to talk with ya on-camera, as well as always off-camera. >> Yeah, great stuff, Stu. >> We'll be back with lots more coverage here from VMworld 2018. I'm Stu Miniman, and thanks for watching theCUBE. (upbeat music)

>> Live from San Francisco, it's theCUBE, covering DockerCon 18. Brought to you by Docker and its ecosystem partners. >> Welcome back to theCUBE's continuing coverage of DockerCon 2018. I'm Lisa Martin with John Troyer. We are in San Francisco on a spectacularly sunny day. We're excited to welcome to theCUBE some guys from Red Hat. We've got Ben Breard, Senior Technical Products Manager, and Reza Shafii, VP of Platform Services. Guys, thanks so much for stopping by. >> Thanks for having us. >> Thank you. >> It's great. >> So, Reza, you come from the CoreOS acquisition, you've been with Red Hat for about five months, Ben, you've been there about eight years, but I did see online that it's Red Hat's 25th anniversary. You guys have been doing something right for 25 years. >> Open source, that's what we do. (laughs) >> Open source. So talk to us, what's going on at Red Hat, what's new, what's exciting? >> I mean, OpenShift is, I mean, that's the big thing, right? I mean, so, just, this is a humbling time to be in the industry, like with this container wave and to see the industry adoption that we've had with OpenShift and, like, how all the technology in Red Hat's portfolio is just pushing and driving that along, it's, I don't know. It's exciting to me. >> No, it's very exciting. For us I think that cultural compatibility between CoreOS and Red Hat has been just fabulous to see. And then seeing how Red Hat provides a platform to really extend that and enhance that is just great, yeah. >> Culture is key. We talk about culture a lot when, at every event we talk about digital transformation, right? And culture is key to that, so maybe, Reza, give us a little bit of perspective, it's been five months now. How has CoreOS been embraced by the Red Hat guys and how are you now living in harmony? >> Right, well, first of all, CoreOS had, we always believed in open source. We were behind many open source projects in the containerized infrastructure space. And in that space, especially there on Kubernetes, we worked very closely with Red Hat. So, we knew each other really well. So as the teams got together, it was very easy for us to really get together and brainstorm towards what are the possibilities. And that's what we've been working on and, you know, the shovel has been hitting the ground for a while now and we're working on a conversion platform that brings Tectonic's technology to OpenShift. That's been very exciting as well as bringing the container Linux technology together with Red Hat, so. >> Some of those announcements happened at Red Hat summit a few weeks back or a month or so back. Can you talk about have there been any other updates? And also like, okay, maybe go one level deeper, so Tectonic was CoreOS', Kubernetes', I don't know, I don't wanna call it, would you call it a distribution? But a lot of autonomic and automation technologies for the operator built into Tectonic which was part of CoreOS' core DNA, now being brought into, kind of, the Red Hat platforms. So maybe you can talk a little bit about some of the stats, some of the recent developments. >> Yeah, so where we're at, it's kind of a phased implementation of bringing those technologies in, right? And so our next quarterly release, right, is gonna start, that's where, you know, we start bringing in some of the components, right? And then the one after that, you know, it's more on the operator side and then, you know, end of the year is when it's fully converged and so that's the path we're on, yeah. >> In terms of Kubernetes in general, Red Hat made a really early bet on Kubernetes and a big shift, a big pivot for its OpenShift platform. Kind of really embracing, throwing out a lot of the internals and embracing Kubernetes. Here at DockerCon, Kubernetes was a big topic, Docker's doing a lot of integration with Kubernetes, I kind of think that maybe that is, one size doesn't fit all but certainly Kubernetes is becoming accepted a lot more places. Can you talk a little bit about, you know, the implications of that, this phenomenon? >> Yeah. >> Yeah, well I think it's, there's a recognition that Kubernetes is now the defacto standard for orchestration, right? I think even if you go back a year ago, that was probably not quite there but now I think that that sense is there, and I think you're right, like, Red Hat embraced that three or four years ago and so did CoreOS and we both had to do a big shift, right? CoreOs was using fleets before that and we made a shift to Kubernetes. That has paid dividends, I think, because now we're really focusing on many of the concerns above and beyond just operating Kubernetes itself. It's what do you do above the stack and how do you operate everything above the stack, and that's where all the operator framework and everything we've been working on comes in. >> Yeah, I mean, it's basically how you get value in a more applied technology and a more application centered way. And so it's just been great to see the whole industry really rally around those standards and API's and everything and, you know, all the cloud platforms, everything, and so it's, you know, it's where the ecosystem is. >> Let's talk about collaboration. When you're talking with customers, you know, we've talked a lot today and at other events too, our enterprises are spending a lot of money, a lot of their IT budgets, on just keeping the lights on on mission-critical applications that they have to have but there's very little budget for innovation. Which is key to an organization being competitive, being relevant and being a leader. What are some of the customer conversations that you guys are having and what are some of the common barriers to container adoption that you're helping, with open to public customers, to eliminate? >> Yeah. >> I can take a shot at it. So, essentially, now on Kubernetes running stateless work goal at Kubernetes, is something that most people can do, right? Once you get to stateful work mode, that starts getting tricky and what we're seeing is that people who have now adopted Kubernetes for a year plus, they're starting to think, how do I run my stateful work on the databases, backend storage, in a, you know, scalable fashion on top of Kubernetes. And that's where we're coming in ans trying to help people, help the community, deliver that, really. Through creation of operators, through creation of reusable business logic that can do that across any Kubernetes department. >> Yip, I was just gonna add on to that, it's, like, as far just keeping the lights on and freeing up resources, right? When you look at all of the path and the deployment models on the net and new stuff, right, we're able to take away a serious amount of, like, operational overhead and just everything to where people can scale and just move way faster, right, and so there's a certain amount of that value that carries over to the traditional stuff, right, and so, you know, I think the biggest thing on the customer side is just, like, a mindset and culture change and getting, getting people to, like, change the way they look at the problem, right? And so, you know, those things and just understanding security, those are the big topics. >> Nice. I was at some Red Hat summit and one of the things that really impressed me there was this promise that, you know, we've all been trying to promise the end customer a time to value that you can actually do things faster, that you actually can innovate, was actually starting to be real in the sense that all of the customer examples were in terms of weeks or months and not years. And the Apple's app and the Apple's multi-cloud and all those other, and, so, can you talk a little about maybe some customers that are doing that or some examples of that, of both time to value and then the fact that a very few number of people were controlling very large infrastructures and I think you were just touching on that in terms of the operators and just all the automation, the day two sort of things. It seems like, I kind of think we've turned a corner in terms of productivity and time to value and real-life, real production workloads. >> Yeah, absolutely, and when you look at, like, where we see adoption, be it the financial sector, or, I mean, it's all over the place, it's really encouraging. And so at summit we had, I don't know, I think, like, 300, or 200 customer talks, it was insane. Going through the use cases and everything. Some of the big ones we're seeing from Amadeus, Optum and it was great. >> I saw an IDC report, I think on the Red Hat website, that showed that customers that adopt OpenShift can see a massive ROI, I wanna say it was, like, over 500% ROI within a 5 year period. >> Well, I think, part of, there's multiple factors to that, right? Part of it comes out of, just the sheer power of containerized infrastructure. Instead of deploying applications on a per compute basis and having to map them to single compute nose, you have the orchestrator that plays that perfect Tetris game with all of your applications. The other part comes a bit out of simplified operations, right? And that's where I think we're just at the beginning of the road. There is plenty more work to do on simplifying operations of Kubernetes and that's what I'm most excited about on this. >> Nice. Let's talk about the future. We are, I don't know, at an inflection point of this container technology, it's becoming more mature, people are in production, multi-cloud is certainly an aspect of what's going on, but I'd love for you to kind of explore a little bit more about some of the tooling. Like, I don't know if you need to get down into the OCI and the runtime level but, you know, what do we see the tooling doing? So, Kubernetes is there, you know, that level is there, but, like, what about, you know, builder and other things like that, like, what other pieces of tooling and automation are being developed to help, again, help developer productivity? >> Yeah, that's a good one, so I'll take a shot. So, it's a couple of things, so Kubernetes itself is plugable on, like, every tier, right, so it's finding that balance of seeing defaults and guidance of what works but then being flexible to work in customer environments so we can lock into, whether we're in, kind of, build strategy pipelines and, you know, whatever works for the customer and their, frankly, different teams, right? Because they all have different levels of maturity and stuff, so that's one thing, is just providing that level of flexibility. And the other thing is, you know, you said multi-cloud, just the way OpenShift provides that, like, common platform across anything, right, it just abstracts away any of the, you know, differences and whatever. >> Yeah, and we're seeing multi-cloud more and more with our customer base. And having a consistent model to deal with every one of them, including your non-prep environment, is becoming a bigger deal. >> In terms of, so on prep, maybe, actually I think it'd be useful. We've been talking about Kubernetes and OpenShift a lot but maybe let's step up a level and say, okay, OpenShift, how do you decide, so OpenShift has Kubernetes in it, but it's much more, it's a services platform built up off of, you know, rail on the bottom all the way up to, kind of, operators now. Can you talk a little bit about what else, what is some of the special sauce of OpenShift? >> Yeah, so, kind of what I was saying earlier about just, like, kind of every layer. So, we start, you know, like you said, rail, right, so the supported bulletproof kernel right up to the runtime, to the, literally the enterprise cube distribution is OpenShift. And then what we bring to it is this, like, amazing developer experience, right? And, like, the secret sauce of where it's going is all of the beauty from the CoreOS side on top of that. So, we've had the developer story, right, so, really, prescriptive onboarding of applications is the power because an empty cluster is useless, right, so you've gotta have that easy path to onboard. And then when we marry that with the day two stuff and all of the, you know, the deployment, and say, operators, everything, I mean, that's the, those pieces coming together is what differentiates it. >> From just up in the air of, kind of, Kubernetes. >> Right. >> Gets you part of the way but there's certainly a lot more. >> Yeah, it doesn't have any of the developer experience, the web console, the admin console, none of that stuff exists, right? >> The way I look at it is that the value add comes from two perspectives, right? One is from the system administrators and the infrastructural owners. That certainly comes to day two operations and how much to simplify that. How do you get a consistent interface across different environments? And how do you do things like accountability? Converging everything on to the same cluster, which is really what Kubernetes does, also changes the focus from a cost perspective, for example. From different application owners to a single owner. How do you make sure that, like, that owner is able to say, well, these are the people that are using it. We have services on top of Kubernetes, in OpenShift, that provide you that capability, for example. Through metering and charge back. Sometimes people call it metering and shame back. (laughing) And then from the point of view of developers, you know, there is multiple opinionated ways of simplifying developers life, right? And any given large enterprise has many, many ways of doing that and we wanna just be ready to address all of them and by the way, we have our own opinions and we have built that on top of OpenShift as well. >> So, you guys work a lot with developers. We have about five or six thousand people that are here at this event. I'm curious, when you go to open source events, including your own, are you finding that same mix of developers, IT professionals, enterprise architects and execs? And if so, what is that conversation like at that higher level where there might be, you know, checkbooks and keys to the kingdom and a business saying, hey, we have to iterate quickly. What is, kind of, the mix of conversations that you guys find in these communities? >> Yeah, it's the difference between the strategy, right, versus, like, bits, right? So, the admin, developer, we wanna focus, we wanna get in the weeds, right, and then the higher levels it's all about strategy, direction and enablement and those types of, you know, higher level concepts, right? So, I mean, that's, I don't know, my perspective. >> Are you learning that your conversations and maybe education of developers helps them then go up the chain within their organizations to explain, this is why we need to do this? >> I think there's some of that, right? The other thing I left off the lift though, is the cultural piece, because traditional enterprises, there's something here that they want to glean and take home in the culture space, right? And so that's a, you know, that's the other big one. >> I find that the conversation varies widely, right? So, when you talk to the infrastructure administrators and developers, you gotta be able to talk very technical and explain to them exactly how all this is working. And they're interested in the feature and technology. But when you talk to the CIO's out there, and the CTO's out there, really they're in interested in the outcome. And when you talk about the outcome it's easy just to show just what everybody wants to get to a pure DevOps model, everybody wants to get to a microservices model. This is kind of like going to the gym and seeing the of really fit people and then saying, well, yeah, but how do I get there, right? And this is where I think a company like Red Hat can come in and say, well, we'll work with you to get you there, right? So that's, that's important. >> Well the other one is just the value of being there and talking to your peers in the industry too, right? I mean, yeah, it's us, we're facilitating, but it's peers too, right? >> But you're right, culture, we talked about that, John, a number of times today, how critical culture is to being able to move past inertia. You know, we mentioned when I kicked off the segment that Red Hat is just celebrating its 25th birthday, so I imagine, I know you've been there, Ben, for 8 years, that there's been a lot of change there and a lot of cultural, kind of, mindset shift. Obviously, Reza, coming on in the last 5 months. Give us a little bit of an insight into the Red Hat culture that's helping to drive the agility that you need to also give your customers. >> Yeah, this is something our CEO talks about all the time, right? He wrote a book on it, The Open Organization, and, you know, just, like, lays out clear values of transparency, doing things very visually. We go through these exercises all the time just for changing our slogans and brands and these types of things, and the way where everybody participates and everybody takes ownership in it, right, and is part of it. And so that's one thing, I mean, we've been going through crazy growth. When I joined it was 3,000 people, now it's, like, 12,000 or so. I don't know the exact number but, and so how we scale that culture has been, it's been interesting, but it's been really successful. I mean, it's a big part of it. Open was a really clear message from summit, you know, basically in the cloud, open has won, right? Open innovation, open source, open culture. That's what's driving all the things we see now, I'd say. >> Yes. >> Well guys, thanks so much, Ben and Reza for stopping by theCUBE and sharing with us what's new at Red Hat and what excites you guys and we look forward to having you back on. >> Thanks so much for having us. >> Thank you. >> We wanna thank you guys for watching theCUBE. Lisa Martin with John Troyer, from DockerCon 2018. Stick around, we'll be right back with our next guest. (upbeat music)

>> Announcer: Live from San Francisco, it's theCUBE. Covering Red Hat Summit 2018. Brought to you by Red Hat. >> Hello everyone, welcome to theCUBE's special coverage here at Red Hat Summit. This is exclusive three days of wall-to-wall coverage of theCUBE. I've been covering Red Hat for years. Excited to be back here at Moscone West. I'm John Furrier, the co-host of theCUBE, with my co-host analyst this week, John Troyer. He's the CEO of TechReckoning, an advisory firm in the technology industry as well as an influencer, and he advises on influencer and influencer of communities. I would say it's community focused. John, great to see you. Welcome to the Red Hat Summit. We're going to kick it off! >> Great to be here. Thanks for having me. >> So you know I am pretty bullish on open source. I have been from day one. At my age who have lived through the wars of when it was second class citizen. Now it's first class citizen. Software power in the world. Again, on and on, this is not a new story. What is the new story is the cloud impact to the world of open source and business. We're seeing the results of Amazon just continue to be skyrocketing. You see Microsoft as you're having their developer conference of Microsoft Build this week. Google I/O is also this week. There is a variety of events happening. It's all pointing to cloud economics, cloud scale, and the role of software and data, and Red Hat has been a big time winner in taking advantage of these trends by making some good bets. >> Absolutely. I think one of the words were going to hear a lot this week is OpenShift. They are a container and cloud platform. Hybrid cloud is a super big emphasis here. Hybrid cloud, multi cloud already on stage at the first key note. They had a big stack of machines and they were going out to a multi cloud deployment right there on stage. Open source, also huge this week, right? The key note, the tagline, of the whole conference, if you are interested in open source, you should be here. I think you nailed it. It's going to be about multi cloud. >> It's exciting for me, I got to say. The disruption that's happening obviously with IT, with cloud, is pretty much out there. We pretty much recognize IT as transforming into a whole other look in terms of how it's operating, but the interesting thing that's just happening recently is the overwhelming takeover of Kubernetes and the conversation and in the stack you're seeing a rallying point and a rallying cry and establishing a de facto standard of Kubernetes. The big news of 2018 is, to me, the de facto standard of Kubernetes across a multi cloud, hybrid cloud architecture to allow developers and also infrastructure providers the ability to move workloads around, managing workloads across clouds. This is kind of the holy grail outcome everyone's looking for is how do I get to a true multi cloud world? And I think Kubernetes this year has the stake in the ground to say we're going to make that the interoperable capability. And Red Hat made a bet a couple years ago, three, four years ago. Everyone was scratching their head. What the hell are they doing with Kubernetes? What's Red Hat-- They're looking like geniuses now because of the results. >> Absolutely. In fact, I think by the end my joke is going to be this is the OpenShift Summit. I'll be very interested, John in your observations. You were at KubeCon last week. So that's the open source project and the ecosystem around Kubernetes. Red Hat owns a lot of Kubernetes. Red Hat employs many of the Kubernetes' leaders. They have really taken over from Google in a lot of ways about the implementation and go-forward path for Kubernetes. So this is the show that takes that open source project and packages it into something that an IT buyer can understand and take. >> I got to say one of the things that is interesting, and this is not well-reported in the news. It's a nuanced point but it's kind of an interesting thing, I think an inflection point for Red Hat. By them buying CoreOS has been a really good outcome for both companies. CoreOS, pure open source DNA in that business. Those guys were doing some amazing technology development, and again, all pure open source. Total pure. There is nothing wrong with being a pure open source. My point is, when you have that kind of religious point of view and then the pressure to monetize it Docker has had. We know what happened there. So CoreOS was doing amazing things but it kind of took a lot of pressure from the market. How are you going to make money? You know I always say it's hard to make money when you're trying to do it too early. So CoreOS lands at Red Hat who has generations of commercialization. Those two together is really going to give Red Hat the capability to go to the next level when you talk about applications. It's going to increase their total addressable market. It's going to give them more range. And with Kubernetes becoming the de facto standard, OpenShift now can become a key platform as a service that really enables new applications, new management capabilities. This should expand the RHEL opportunity from a market standpoint in a significant, meaningful way. I think if you're like a financial analyst or you're out there looking at this going, hmm, where's the dots connecting? It's connecting up the stack, software to service, with DevOps, with cloud native, Red Hat is positioned well. So that's my takeaway from KubeCon. >> Interesting. Yeah, before we move away from CoreOS, a lot of announcements today about how Red Hat will be incorporating CoreOS technologies into their platform. They talked about the operator framework. I think one of the bigger pieces of news is that CoreOS' OS, called Container Linux changes its name back to CoreOS and will now be the standard container operating system for Red Hat. That's kind of big news because Red Hat had its own atomic host, its own kind of micro, mini Linux distribution and so now they're switching over to that. They also talked about Tectonic, which actually is a really good automated operations stack, some of those technologies. In the future they will be incorporated into OpenShift. So they were talking a little bit about futures but it at least they've given a roadmap. No one was quite sure what the super-smart rocket scientists at CoreOS were doing here and so now we know a little more. >> And also at KubeCon they announced the open source of the operator framework. It's an open source toolkit for managing Kubernetes clusters. Again, and first of all, I love the CoreOS name. This is all about what Red Hat is doing. Now let's not forget the ecosystem that Red Hat has. So you're talking about a company that's been successful in open source for multiple generations now. Looking forward to this next generation modern infrastructure, you're seeing the stack look completely different with the cloud. If you look at all the presentations from Amazon, Google, Microsoft, the stack is not the old stack. It's a new concept. New things are happening so you've got to swap some pieces out. You get CoreOS, you bring that in, new puzzle piece. But look at the deals they're doing. They did a relationship with IBM, so IBM's back into the fold with Red Hat joining forces. >> Containerizing some of their biggest components like WebLogic and Dv2 and MQ. >> I think the containerization will create a nice compatibility mode, bring these old legacy apps into a modern cloud native architecture and gives that an opportunity to kind of get into the game, but also bring cloud native to the table. >> Absolutely. >> You've got IoT Edge, all these new applications. You just can't go anywhere without hearing about Internet of Things, machine learning, AI, cameras, whatnot. All this is happening. >> Absolutely. So we're going to break it down all week for the next three days. Red Hat Summit. It's all about containers, it's all about the Linux moment, kind of going to the next level. Cloud native, big time data action. All the great stuff happening. All done with open source with projects with new products being commercialized from these projects. This is the open source ethos. This is of course theCUBE coverage. We'll be back with more live coverage here in San Francisco at Moscone West after this short break.

>> Live from the Julia Morgan Ballroom in San Francisco. Extracting the signal from the noise, it's TheCUBE. Covering Structure 2015. Now your host, George Gilbert. >> This is George Gilbert, we're at Structure 2015. Reborn and really healthy from the old GigaOM, and we're pleased to welcome Alex Polvi from CoreOS, everyone seems to want to talk to Alex these days. So we've got first dibs. Alex why don't you tell us a little bit about CoreOS and why it's of such relevance right now. >> Sure, so we started CoreOS a little over two years ago, about two and a half years ago now. And our mission is to fundamentally improve the security of the internet. And our approach in doing that is to help companies run infrastructure in this way that allows it to be much more serviceable and have much better security and so on. This way that we're modeling looks a lot like what we've seen from the hyperscale companies. Folks like Google. So we often call it Google's Infrastructure For Everyone Else, GIFFY for short 'cause that's kind of a mouthful. And that involves distributed systems, containers, and running on standard hardware which in 2015 can be a bare-metal server, or could be an instance in AWS. >> Okay. So help us understand though that, if CoreOS, it sounds like there's an operating system at the core. >> Yeah. >> Is this like a cut down version of Linux that gives it a small attack surface and a sort of easier deployment and patching? >> Exactly, so in our quest to run the world servers to secure the internet we start at the lowest level component possible. There's the OS, then there's the distributed system side. So CoreOS is our company name, but it's also the name of the first product that we released, CoreOS Linux. CoreOS Linux is a lightweight container-based OS that automatically updates itself, 'cause we think that updates are the key to good security. So it's a combination of the updates, the container weight, the lightweight container-based application model. As well as just stripping everything else out. I mean the last 20 years of Linux distributions have created lots of cruft so it was time to kind of rebirth a new lightweight Linux OS. >> Sticking to CoreOS >> Yeah. >> For a moment, in an earlier era, might we have called this like an embedded OS where you just sort of chopped out everything that was not necessary for the application? >> Yeah, it's very much inspired by embedded OSes. On servers you know, you really want to get everything out of the way of the resources like the memory and CPU and so on so you get as much as you want out of it. So while it's a little bit counterintuitive, you have this really monster server, you still want as light and thin of an OS on there as you possibly can like an embedded OS so you can really maximize the performance. >> So something that abstracts the hardware but gets out of the way. >> Exactly. Just focus, get on the things that matter which is running your applications and managing the actual hardware and really nothing else. >> Okay, so, presumably to provide Google's infrastructure for everyone else, and I don't remember the acronym, >> GIFFY. >> Okay. What other products did you have to fill out to make that possible? >> Sure, great question. So the next major piece that we released is a tool called ETCD. It's meant for doing shared configuration amongst servers. Whenever you have a group of servers, the first thing you need to do is they all need to know about each other, and tell each other about the configuration. This is load balancers knowing where the app servers are, the app servers knowing where the databases are and so on. And to do this in the most robust distributed systems way, you have to do this thing in computer science that's very difficult called "consensus". Consensus algorithms is an area of computing, actually speaking about here in a little bit with Eric Brewer, who is a huge academic, a very well respected engineer in the area of consenus and distributed systems. And so we built ETCD, which solves this really hard distributed systems problem in a way that's usable by many operations teams. >> So let me just interrupt you for a second, >> Yeah. >> I mean I've got this sound going off in my head that says "Zookeeper, Zookeeper". >> Exactly. It's Zookeeper for everyone else. >> It's simplified. >> It's a simplified Zookeeper and make it accessible. Areas that a lot of people wanted to use distributed systems but Zookeeper is a little bit too difficult to use as well as really oriented toward the Java and Hadoop community, and there's a whole wide array of other folks out there. >> So it couldn't make as many constraining assumptions as yours, which would simplify. >> It just couldn't be as widely adopted. And so we released ETCD around the same time we released CoreOS Linux and this point, there's been over a thousand projects if you go on GitHub that have built things around ETCD, so our bet was right. Even things like Kubernetes, itself has a hard dependency on ETCD. Without ETCD, Kupernetes will not run. So our hypothesis there was let's make the hardest part of distributed systems easier, and then we will see distributed systems overall accelerate. And that is definitely what's happened with ETCD. >> Okay so help us understand, how you've built up the rest of the infrastructure and then where you'd like to see it go. >> Sure, so the thing that we're targeting is this distributed systems approach. And again we care about this a lot because we think that the ability to manage and service your applications, is what is the key to the security. Keeping things up to date, and when we mean up to date, we don't just mean like patch a vulnerability. Of which we've fixed many of those. But it's also about company's comfort rolling out a new version of their application that they won't break something. If you run your infrastructure in a distributed system, you can roll out a version, if it breaks a little bit of the application that's okay, but you didn't take the whole thing down. And that's kind of the safety net that distributed systems give you. >> Does this require the sort of micro-service approach where there's a clean separation between this new set of bits and the rest of the app? >> It really does. And that's why we've invested so heavily in containers. It requires a container, it also requires the distributed systems components of it. So we first built CoreOS Linux, then we built ETCD, then we started building some distributed systems work very early in the market. And then things like Kubernetes came along, and we were like, "Hey, instead of us reinventing all of this stuff let's partner up with the guys from the Google" if we're monitoring Google's infrastructure for everyone else, let's partner up with the team at Google that built that and get their solution more widely adopted out in the world as well. So the whole platform comes together as this combination of Kubernetes, ETCD, CoreOS Linux, we have our own container runtime called Rocket, which we built primarily to address some security issues in Docker. And so all of these pieces come together and what we call that piece when they're all together is Tectonic. Tectonic is our product that is that Google's infrastructure in a box. >> Okay let me just drop down in the weed for a sec. Derek Collison calls, I'm sorry I'm having a senior moment. And I hope it's not early onset Alzheimer's. The Docker, he calls sort of this generation's Tarball, you know, like to distribute you know, just a sort of I guess equivalent of an executable. Are you providing something that's compatible or does what's inside the container have to change to take advantage of the additional services that's sort of Google-centric. >> Sure. So the packaging, that Tarball piece, we're compatible with. And will always remain compatible with. To even further the compatibility, we've put together standards around what that container should be so many vendors can inter-operate more widely. We've done that first through the app container project and then more recently through the open container initiative which is a joint effort between Docker and us, and the rest of the ecosystem. And so we always, we always want the user to be able to package their application once and then choose whatever system they want to run it in, and the container is what really unlocks that portability. >> Okay. So then let me ask you, does the Google compute engine folks, or the passgroup, do they view you as a way of priming the pump outside the Google ecosystem to get others using their sort of application model or their infrastructure model? Because I'm trying to understand, you know Azure sort of has its own way of looking at the world, Amazon has its own way of looking at the world, are they looking at you as a way of sort of disseminating an approach to building applications? Or managing applications. >> Sure. So the Google team and their motivations behind Kubernetes, you'd have to talk to them about it. My understanding is that they see that as a way to have a very consistent environment between different cloud providers and so on. It is a next-generation way of running infrastructure as well, and its just better than the previous way of running infrastructure. >> That's sort of the answer I was looking for which is, they don't have to either give away their stuff or manage their infrastructure elsewhere. But you're sort of the channel to deliver Google style infrastructure in other environments. >> Sure, I mean Google Cloud's motivation at the end of the day is selling cores of memory. They put all these other services on top of it to make it, to make it more attractive to use, but the end of the day anything that drives more usage of these products is how they run their business. At least that's my perception of it. I'm obviously not speaking on behalf of Google. >> So where are you in attracting showcase customers? Guys who've sort of said "okay we'll bet", if not the entire business, "we'll bet the success of this application or these set of applications on this". >> Right, so first the technology's been very, very exciting. I mean the past two years we've seen this whole space explode in interest, but the discussion around "how does this solve business problems, how does this actually get adopted to these companies and what motivates them to actually do this" outside of the tech being very cool. That's a discussion that is just getting started and in fact in about two weeks here in early December in New York we're hosting that discussion at an event called the Tectonic Summit. The Tectonic Summit is where we're bringing together all the enterprise early adopters that are using containers, using distributed systems, and talking about why did their management and their leadership decide to make investments in these technologies. And what we're seeing are use cases about multi-data center between your physical data center and your cloud environments. We're seeing folks build their next-generation web services. Many businesses that weren't traditionally in the web services businesses need to be now because of mobile, just modern product offerings. And so we're hearing from these large guys and how they're using our technologies and other companies' technologies today to do this, and it's just two weeks at our event. >> Would it be fair to say, I'm listening to this and what seems to becoming across is that your technology makes it easier to abstract not just the machine, which would be CoreOS, but hybrid infrastructure. And it doesn't even have to be hybrid, it could be this data center and that data center. >> Right. >> Or your own data center and a public cloud. >> Exactly. One of the biggest value props of all this is the consistency between environments. We just give this compute, CPUs, memory, storage, we don't care if it's on cloud or if it's a physical data center, we can allow you to manage that in an extremely consistent way. Not just between your data centers but also between development and production, and that's a really important part of all of this. >> Do you need a point of view built into the infrastructure to make it palatable to developers who want a platform? As opposed to just infrastructure. >> Sure. So one of the things that's most exciting about this space is we're splitting the difference of platform and infrastructure. Platform is typically, platform is a service, this very prescriptive way of running your server infrastructure. And there's raw infrastructure which is a like, "here is a canvas, go to town but you need to bring all your own tools". What's happening right now in this distributed systems container space is a middle category. It's still infrastructure, but it's application focused. And at the end of the day that's what a developer is trying to do, is deploy their application out into the server infrastructure. >> So it doesn't have an opinion that tells the developer "we think you should build it this way", but it does hide all the sort of, the different types of hardware and their location pretty much. >> Right, it gives you a prescriptive way to how you package and deploy that, but doesn't put on any constraints of what you can package or deploy. >> Okay. Very interesting. It's sort of like a, if platform as a service was constraining because developers didn't want a straightjacket for how they should build the app, and infrastructures, our service was too raw. You're giving them a middle ground. >> Exactly. It's still infrastructure, but it's a consistent way of running that infrastructure. And that's why companies like Google and Facebook and Twitter do this, they have millions of servers and data centers all over the world. >> And they can't prescribe. >> Well they need to be able to have a consistent way of doing it so that they don't have to have an infinitely growing operations team as they scale their infrastructure. You need to have consistency, but at the same time you need to be able to have a wide array of tools and things to deploy and interact with that infrastructure. So it's that middle ground, and that's why the hyperscale guys have adopted it because they're forced to, because they have to have that consistency to have that scale. >> Okay let me ask you then, not on the, separate from the hyperscale guys, the sort of newest distributed system that mainstream enterprises are struggling with and sort of off the record, maybe choking on, you know is Hadoop. Because they haven't had to do elastic infrastructure before and like you said the Zookeeper is not that easy, and there's 22 other projects by the way that also have to get stood up. Can you help someone who is perhaps flailing in that or if not flailing, finding the skills overhead really, really tough? >> So, Hadoop. Let's remember Hadoop's roots. Where did that come from? >> Well Yahoo!. >> Well but where did Yahoo! get the idea? >> Oh yeah, Google, sorry. >> Exactly. Yahoo! gets all the credit for it. Even though it was a Google paper that was modeled after. And so again, if Kubernetes and containers and everything is the equivalent of Google's borg, which is that raw application infrastructure, Hadoop is a certain application that consumes the spare resources on that cluster in order to do these map reducing computational jobs. >> So the next question is, how much can you simplify what mainstream enterprises do that don't have the Google infrastructure yet? >> Right, so they have to manage that as its own whole separate thing. It's its own set of infrastructure, it's its own set of servers to manage their Hadoop cluster. If you combine it with this application infrastructure, we just treat Hadoop as another application that runs on the platform. It's not its own distinct, special thing. It's just another application running out there along with your web servers and your databases, and everything else, you have your Hadoop workload in the mix. So you have this consistent pool of infrastructure and Hadoop is just another application that's monitored or managed the exact same way as everything else. >> So, for folks who are a little more familiar with Mesos, which is the opposite of a virtual machine, it makes many machines look like a single one, I assume. >> Well this is a very similar message to Mesos. Mesos is also building Google-like infrastructure for everyone else. The difference with what we're doing is really we just partnered up with the team that built that at Google, and focusing our solution around Kubernetes which is what the Google efforts are behind. So we're all modeling Google's infrastructure. >> Okay. >> Mesos took their own spin on it with Kubernetes, and CoreOS and ETCD, we're taking a different spin on it. >> So and what other products have you built out that we haven't touched on, and what do you see the roadmap looking like? >> Sure, so really, all these things we've talked about are open source projects. They're all components for building this Google-like infrastructure. Tectonic is our platform for companies that want this style of infrastructure but they don't want to have to figure out all the different pieces themselves. And we think once companies adopt Tectonic, just this general style of infrastructure, that we can give them all the benefits of this, better utilization, that consistency, easier management of lots and lots of servers and so on. But we also think we can dramatically improve the security of their infrastructure as well. And that's what we're investing in our roadmap is to leverage this kind of change, and then with that change we can do some things to the infrastructure that was never possible before. >> Okay. >> And that's the things that we're investing in as a company. >> Okay, great. We're going to break at that, this is George Gilbert, at Structure '15, with Alex Polvi of CoreOS. And we'll be back in just a few minutes. (light music)