Listen Now

About “Matty”Matt Stratton is a Staff Developer Advocate at Pulumi, founder and co-host of the popular Arrested DevOps podcast, and the global chair of the DevOpsDays set of conferences.Matt has over 20 years of experience in IT operations and is a sought-after speaker internationally, presenting at Agile, DevOps, and cloud engineering focused events worldwide. Demonstrating his keen insight into the changing landscape of technology, he recently changed his license plate from DEVOPS to KUBECTL.He lives in Chicago and has three awesome kids, whom he loves just a little bit more than he loves Diet Coke. Matt is the keeper of the Thought Leaderboard for the DevOps Party Games online game show and you can find him on Twitter at @mattstratton.Links Referenced Pulumi: https://www.pulumi.com/ Arrested DevOps: https://www.arresteddevops.com/ 8bits.tv: https://8bits.tv Twitter: https://twitter.com/mattstratton LinkedIn: https://www.linkedin.com/in/mattstratton/ speaking.mattstratton.com: https://speaking.mattstratton.com twitch.tv/Pulumi: https://twitch.tv/Pulumi 8bit.tv: https://8bit.tv duckbillgroup.com: https://duckbillgroup.com TranscriptAnnouncer: Hello, and welcome to Screaming in the Cloud with your host, Chief Cloud Economist at The Duckbill Group, Corey Quinn. This weekly show features conversations with people doing interesting work in the world of cloud, thoughtful commentary on the state of the technical world, and ridiculous titles for which Corey refuses to apologize. This is Screaming in the Cloud.Corey: This episode is sponsored in part by our friends at Vultr. Spelled V-U-L-T-R because they’re all about helping save money, including on things like, you know, vowels. So, what they do is they are a cloud provider that provides surprisingly high performance cloud compute at a price that—while sure they claim its better than AWS pricing—and when they say that they mean it is less money. Sure, I don’t dispute that but what I find interesting is that it’s predictable. They tell you in advance on a monthly basis what it’s going to going to cost. They have a bunch of advanced networking features. They have nineteen global locations and scale things elastically. Not to be confused with openly, because apparently elastic and open can mean the same thing sometimes. They have had over a million users. Deployments take less that sixty seconds across twelve pre-selected operating systems. Or, if you’re one of those nutters like me, you can bring your own ISO and install basically any operating system you want. Starting with pricing as low as $2.50 a month for Vultr cloud compute they have plans for developers and businesses of all sizes, except maybe Amazon, who stubbornly insists on having something to scale all on their own. Try Vultr today for free by visiting: vultr.com/screaming, and you’ll receive a $100 in credit. Thats V-U-L-T-R.com slash screaming.Corey: Couchbase Capella Database-as-a-Service is flexible, full-featured and fully managed with built in access via key-value, SQL, and full-text search. Flexible JSON documents aligned to your applications and workloads. Build faster with blazing fast in-memory performance and automated replication and scaling while reducing cost. Capella has the best price performance of any fully managed document database. Visit couchbase.com/screaminginthecloud to try Capella today for free and be up and running in three minutes with no credit card required. Couchbase Capella: make your data sing.Corey: Welcome to Screaming in the Cloud. I’m Corey Quinn. Returning today for yet another round on the Screaming in the Cloud podcast is my dear friend, and hopefully yours as well, Matty Stratton. Since the last time we spoke, you’ve changed jobs, Mattie; you’re now a staff developer advocate at Pulumi. I don’t believe you were the last time you were on this show, but memory escapes me.Matty: You know, I was just wondering that myself, and I guess we’ll have to go back to the archives.Corey: Yes, but that sounds like work, so we’re going to roll with it anyway.Matty: Everyone who’s listening, go do the homework for us. And, like, just tweet and let us know what my job was last time.Corey: And yell at us if we get it wrong, of course.Matty: Yell at us if we get it right.Corey: In the interest of being, well, I guess a little on the judgey side—because why not I tend to be good at that.Matty: I was hoping to be on the judgey side on this show.Corey: Oh, absolutely. You have a very strange career trajectory, in that—the companies you work for and how that winds up going back and forth. But when we first met, you were at Chef; and Chef, great company. And after that it was PagerDuty; great company.Matty: [laugh].Corey: And then it was IBM Hat, which I—was it Red Hat, was it IBM side?Matty: For me, it was Red Hat.Corey: So, it went from Chef, which is great, and a company that was doing a lot of things on the container side of the world became a thing and mutable infrastructure did sort of change Chef’s business model. And then you went to PagerDuty, the wake-you-up-in-the-middle-of-the-night service named after some legacy technologies. And should be very direct in the popular consciousness, IBM views pagers as newfangled technology in some circles, in some areas, so it feels like you were traveling back in time a bit, again and again and again. On the federal side as well which, for excellent reasons, is not usually the absolute bow wave of innovation because you don’t usually want your government doing that in some ways. And now you’ve leapfrogged into Pulumi, which is sort of the bleeding edge of the modern way we think about provisioning cloud infrastructure.It feels like it’s a very interesting trajectory. Now, this is speaking as a complete outsider, I’m going to assume that’s not how you view basically any characterization of any of those companies I’ve just named. How do you view it?Matty: You know, I don’t know that I necessarily disagree with the way that you’ve put everything, but there’s some nuance and some interesting stuff when it comes to that. So, I’m going to specifically talk about the Red Hat thing; why did I leave PagerDuty? And one of the interesting things is, I actually had an offer from Pulumi at the time that I took the job from Red Hat. So, it actually took me a year to come and work at Pulumi. And the little bit of the short answer is Red Hat backed up a big truck of money. And we all have a price.Corey: Yeah, the dulcet tones of a dump truck full of gold bricks emptying itself into your backyard, it’s hard to say no to.Matty: The reason that I want to bring that up is that has nothing to do with specifically Red Hat the company versus other companies. It was the role. It was a sales-oriented role, so if you don’t know, sales gets paid a lot of money and there’s good reason. One of the reasons—again, if you don’t work in sales, you don’t necessarily know this—is, the last day of the quarter, you will have your VP of sales talking, he’ll be like, “Corey, you are amazing. I love you. Look at this big deal you brought in.” Twenty-four hours later, “What have you done for me lately?”Corey: Mm-hm.Matty: That didn’t matter, right? And I remember the CEO of PagerDuty—so Jen Tejada—at one of the sales kickoffs I was at, she said—you know, because salespeople, like, you might know this, like, the top sales reps in the company, they go on trips, they have all this stuff—and Jen said, you know, “I’ve got engineers here that are like, well, I don’t understand.” It’s like, “How come the salespeople get to go to Bermuda or do whatever?” And she’s like, “Would you like your paycheck to change every quarter based upon specifically what you did and have the stress of what have you done all this stuff? No? Okay, cool. Then you can keep”—you know, there’s a trade-off. So, the point of that was—Corey: And as your paycheck gets smaller, you’re getting closer and closer to losing your job because a salesperson needs to perform to keep. It’s very feast or famine. It’s a heck of a role, and I have nothing but respect for people who can do it.Matty: And people can do it well. And I do feel like a lot of people don’t understand how sales works, especially in a larger organization, and I think it’s really important. So, one of the things that was interesting is we’ve all—I shouldn’t say all, but many of us have worked in jobs that have some form of variable compensation, some kind of annual bonus. So, let’s say for example, at x company I’m working at, they’re like, “Mattie, your bonus is equal to 10% of your paycheck.” Well, the most it could be, generally speaking, it’s like, let’s say that your bonus would be, I’m just going to make up a number and say it’s a $10,000 bonus.That’s the most it could be, and that’s if everything is amazing. Maybe I’ll get a little more. Now, your commission, your what they call your on-target earnings and sales, they’ll tell you a number and they’ll say, “Okay, Corey, you’re on-target earnings are, say $200,000.” And you’re like, “Oh.” But whatever.The thing is, if you’re only getting you’re on-target earnings, you probably are needing to look for another job. So, you remember, like, we hear it differently, those of us that have done bonuses in a non-sales way. We’re like, “But that’s not a lot.” You’re like, “No, but what they tell you your commission is, it’s actually… it better end up being more or else you have trouble.” Anyway, point is—Corey: And in some cases, it could be a significant multiple of that number as well, for top performers.Matty: Absolutely.Corey: The upside is always interesting, and calculating out the nuances of the sales plan is always a challenge, speaking as a business owner. It is a very specific field that has a bunch of nuance to it. Something I learned very early on is that if you manage salespeople as if they were engineers, or manage engineers as if they were salespeople, you are going to have an absolutely terrible time.Matty: I think one of the things that, along those lines, I’ve have had conversations with people who work in different parts of technology, different parts of the business, who their long-term desire is to be a CEO, and I’m li

About JoeJoe Onisick is a polarizing technologist with nearly 25 years’ experience architecting, building, operating complex IT systems and advising customers on the same. Onisick’s passion is marrying technology to a customer’s real-time business challenges and leading them through the entirety of the adoption curve. Onisick is a Principal and co-founder of Transformation Continuum (transformationcontinuum.com), and founder of Define the Cloud (definethecloud.net). Links: transformation CONTINUUM: https://transformationcontinuum.com/ Twitter: https://twitter.com/JoeOnisick TranscriptAnnouncer: Hello, and welcome to Screaming in the Cloud with your host, Chief Cloud Economist at The Duckbill Group, Corey Quinn. This weekly show features conversations with people doing interesting work in the world of cloud, thoughtful commentary on the state of the technical world, and ridiculous titles for which Corey refuses to apologize. This is Screaming in the Cloud.Corey: This episode is sponsored by our friends at Revelo. Revelo is the Spanish word of the day, and its spelled R E V E L O. It means; I reveal. Now, have you tried to hire an engineer lately? I assure you it is significantly harder than it sounds. One of the things that Revelo has recognized as something I've been talking about for a while, specifically that while talent is evenly distributed opportunity is absolutely not. They're exposing a new talent pool to, basically, those of us without a presence in Latin America via their platform. It's the largest tech talent marketplace in Latin America with over a million engineers in their network, which includes, but isn't limited to, talent in Mexico, Costa Rica, Brazil, and Argentina. Now, not only do they wind up spreading all of their talent on English ability, as well as , you know, their engineering skills, but they go significantly beyond that. Some of the folks on their platform are hands down the most talented engineers that I've ever spoken to. Let's also not forget that Latin America has high time zone overlap with what we have here in the United States. So, you can hire full-time remote engineers who share most of the workday as your team. It's an end-to-end talent service. So, you can find and hire engineers in Central and South America without having to worry about, frankly, the colossal pain of cross border payroll and benefits and compliance because Revelo handles all of it. If you're hiring engineers, check out revelo.io/screaming to get 20% off your first three months. That's R E V E L O.io/screaming.Corey: This episode is sponsored in part by our friends at Vultr. Spelled V-U-L-T-R because they’re all about helping save money, including on things like, you know, vowels. So, what they do is they are a cloud provider that provides surprisingly high performance cloud compute at a price that—while sure they claim its better than AWS pricing—and when they say that they mean it is less money. Sure, I don’t dispute that but what I find interesting is that it’s predictable. They tell you in advance on a monthly basis what it’s going to going to cost. They have a bunch of advanced networking features. They have nineteen global locations and scale things elastically. Not to be confused with openly, because apparently elastic and open can mean the same thing sometimes. They have had over a million users. Deployments take less that sixty seconds across twelve pre-selected operating systems. Or, if you’re one of those nutters like me, you can bring your own ISO and install basically any operating system you want. Starting with pricing as low as $2.50 a month for Vultr cloud compute they have plans for developers and businesses of all sizes, except maybe Amazon, who stubbornly insists on having something to scale all on their own. Try Vultr today for free by visiting: vultr.com/screaming, and you’ll receive a $100 in credit. Thats V-U-L-T-R.com slash screaming.Corey: Welcome to Screaming in the Cloud, I’m Corey Quinn. My guest today is someone I’ve really admired from afar for a while just because he’s a study in contrast. By day, he is a transformation—effectively—expert. He’s a principal at his own consultancy that focuses on helping companies achieve their digital transformation. Very forward-looking, very high-level modern technology. But he also wound up effectively leaving Silicon Valley to go live in the middle of the woods. It’s not usually a common combination. Joe Onisick is the principal at transformation CONTINUUM. Joe, thank you for joining me and suffering my fairly ignorant questions.Joe: Corey, thanks a lot for having me and the brilliant intro there.Corey: [laugh]. So, I stumbled across you on Twitter of all places, which is where I spend my work time, my free time, my spare time, et cetera. When people say, “Where are you dialing in from?” I say, “Oh, Twitter.” And that usually gets a laugh, but it’s also a little unfortunately true.And your pinned tweet thread talks about how you weren’t particularly happy with your life, where things weren’t serving you and you decided it was time to make a change. It’s the kind of thing that I think an awful lot of people flirt with the idea of, but you actually went ahead and did it. What happened.?Joe: So, I did a whole series of things. I think the big thing I tried to do was not bite off everything at once. So, the first thing I did was quit drinking. I was a—you know, which it says in the tweet and I’m pretty public about I was an extremely heavy alcoholic. So, I cut that out because I wasn’t happy with it.And you know, the whole idea was I thought it was keeping me happy and it wasn’t. So, got rid of that to see how things were and then just started a series of changes, which has, I think, gotten more extreme over time.Corey: Well, one of the early tweets in the thread was one of your coworkers at the time was planning to climb I think it was Kilimanjaro, and your position was, well, that’s not something I would normally do. May I join you? If that’s how it starts, it seems like well, that seems pretty far on most people’s extreme scale.Joe: Yeah, that was an interesting one. The idea of starting in a rainforest and ending on a glacier up 20,000 feet was not of any interest to me at all, but it seemed like a life experience I wanted to put under my belt.Corey: I’m assuming that you’re probably glad you did it because you don’t meet too many people who are like, “Oh, yeah. I climbed a mountain. It sucked. I never wish I hadn’t done it.” It feels almost like it’s writing a book, on some level where no one wants to write a book; they want to have written a book. Is climbing a mountain similar to that, or does it go in a bit of a different direction?Joe: I think it was very similar to that. We did a ten-day track, but you can do it much shorter. So, we spent about seven days acclimatizing around the mountain and hiking around the mountain. So, it was more a little up and down, but more level. So, the first 15,000 feet was actually pretty enjoyable. It’s the summit day where you go from 15,000 to 20,000, that is—it’s just sheer misery, especially if it’s not something you do every day.Corey: I thought I had a rough time whenever I visit my in-laws who live in Colorado Springs, and it’s great hanging out in their house and whatnot, and I run up the stairs and I get winded and it’s “Wow, what a tubby piece of crap I am. How did this happen?” It’s like, “Oh right, we’re at 9000 feet; the air is a lot thinner here.” So, I basically spend the entire trip out there, trying to move as little as possible as opposed to at home where I sit in front of my computer attempting to move as little as possible. But it hits in a different way.You quit your job in Silicon Valley as a part of this journey of—was it a journey of discovery? Was it just a series of changes? How do you contextualize it? How do you describe it?Joe: I’m trying to learn how to be whoever I am would be the way I’d describe it. I’ve spent my entire life being someone I thought I was supposed to be, and I never stopped to think who I am. So, a lot of this is just trying everything to see what fits.Corey: And then you make one of the classic blunders as you do this; you decide, “You know, I’m not going to work a traditional job anymore. I’m going to start a consultancy.” That is truly the path of fools, speaking as someone who did exactly that. And looking back at it, it was one of the best things I’ve ever done for sure, but if I had known how much work it was going to be and all of the ins and outs and ups and downs in the managing of my own psychology, I’m not sure I would have the courage to get started.Joe: Yeah, that's a great way to say it. I look back—my favorite example is one of my mentors started a couple of companies. His wife has had several exits. I mean, he’s just a wealth of knowledge of tech: Tech the industry, and starting companies, and when I brought the idea to him, he asked, “So, you’re thinking of starting a consultancy?” And I said, “Yes.” He goes, “I have one word of advice.” And I waited for him to reply, “Don’t.”Corey: When you said that to people in my experience, they think, “Oh, they’re trying to hoard all the wealth and happiness for themselves.” It’s yes, that is what I’m trying to do. I view consulting as a zero sum game. There’s only enough room for one of us. Yeah, it never works that way.It’s just such an up and down thing and when I talk to folks who work at big tech companies and they are asking, “Oh, you know, I want to become an independent consultant because I’m tired of my job and my company and the rest,” don’t do that. It’s going to be a few lean years and it’s going to take an awful lot of trying. And honestly, the hardest part of all of it, at least in tech—this is, to be clear, not a sympathetic problem—is at any point, you can walk away and say, “The hell with this,” and within a week, wind up getting a salaried job somewhere very comfortable, where you don’t have to deal with all the hard parts of running a business and it pays three times your first year’s revenue. And it’s so much easier to go down that path. Fortunately for me, that wasn’t really on the table because I’m

About AshleighAshleigh Early is a passionate advocate for sales people and through her consulting, coaching, and The Other Side of Sales, she is devoted to making B2B sales culture more inclusive so anyone can thrive. Over the past ten years Ashleigh has led, built, re-built, and consulted for 2 unicorns, 3 acquisitions, 1 abject failure and every step in between.  She is also the Head of Sales at the Duckbill Group! You can find Ashleigh on Twitter @AshleighatWork and more about the Other Side of Sales at Othersideofsales.comLinks: Twitter: https://twitter.com/ashleighatwork LinkedIn: https://www.linkedin.com/in/ashleighearly TranscriptAnnouncer: Hello, and welcome to Screaming in the Cloud with your host, Chief Cloud Economist at The Duckbill Group, Corey Quinn. This weekly show features conversations with people doing interesting work in the world of cloud, thoughtful commentary on the state of the technical world, and ridiculous titles for which Corey refuses to apologize. This is Screaming in the Cloud.Corey: Couchbase Capella Database-as-a-Service is flexible, full-featured and fully managed with built in access via key-value, SQL, and full-text search. Flexible JSON documents aligned to your applications and workloads. Build faster with blazing fast in-memory performance and automated replication and scaling while reducing cost. Capella has the best price performance of any fully managed document database. Visit couchbase.com/screaminginthecloud to try Capella today for free and be up and running in three minutes with no credit card required. Couchbase Capella: make your data sing.Corey: Today’s episode is brought to you in part by our friends at MinIO the high-performance Kubernetes native object store that’s built for the multi-cloud, creating a consistent data storage layer for your public cloud instances, your private cloud instances, and even your edge instances, depending upon what the heck you’re defining those as, which depends probably on where you work. It’s getting that unified is one of the greatest challenges facing developers and architects today. It requires S3 compatibility, enterprise-grade security and resiliency, the speed to run any workload, and the footprint to run anywhere, and that’s exactly what MinIO offers. With superb read speeds in excess of 360 gigs and 100 megabyte binary that doesn’t eat all the data you’ve gotten on the system, it’s exactly what you’ve been looking for. Check it out today at min.io/download, and see for yourself. That’s min.io/download, and be sure to tell them that I sent you.Corey: Welcome to Screaming in the Cloud. I’m Corey Quinn. My guest today does something that I, sort of, dabbled around the fringes of once upon a time, but then realized I wasn’t particularly good at it and got the hell out of it and went screaming into clouds instead. Ashleigh Early is the Head of Sales here at The Duckbill Group. Ashleigh, thank you for joining me.Ashleigh: Thanks for coming on and running, screaming from my chosen profession [laugh]. You’re definitely not the only one.Corey: Well, let’s be clear here; there are two ways that can go because sure, I used to dabble around in sales when I was, basically, trying to figure how to not starve to death. But I also used to run things; it’s basically a smart team. I was managing people and realized I was bad at that, too. So, really, that’s, sort of, an open-ended direction. We can go either side and…But, let’s go with sales. That seems like a more interesting way for this to play out. So, you’ve been here for—what is it now—it feels like ages, but my awareness for the passing of time in the middle of a global panini is relatively not great.Ashleigh: Yeah. I think we’re at day—what is it—1,053 of March 2020? So, time is irrelevant; it’s a construct; I don’t know. But, technically, by the Gregorian Calendar, I think I’m at six months.Corey: It’s very odd to me, at least the way that I contextualized doing this. Back when I started what became The Duckbill Group, I was an independent consultant. It was, more or less, working people I knew through my network who had a very specific, very expensive problem: The AWS bill is too high. And I figured, this is genius. It is the easiest possible sale in the world and one of the only scenarios where I can provably demonstrate ROI to a point where, “Bring me in; you will inherently save money.”And all of that is true, but one of things I learned very quickly was that, even with the easiest sale of, “Hi. I’d like to sell you this bag of money,” there is no such thing as an easy enterprise sale. There is nuance to it. There is a lot of difficulty to it. And I was left with the, I guess, driving question—after my first few months of playing this game—of, “How on earth does anyone make money in this space?”The reason I persisted was, basically, a bunch of people did favors for me, but they didn’t owe me at all. It was, “Oh, great. I’ll give them the price quote.” And they’re, like, “Oh, yeah.” So cool, they turned around and quoted that to their boss at triple the rate because, “Don’t slit your own throat on this.” They were right. And not for nothing, it turns out when you’re selling advice, charging more for it makes it likelier to succeed as a project.But, I had no idea what I was doing. And, like most engineers on Twitter, I look at something I don’t understand deeply myself, and figure, “Oh. Well, it’s not engineering, therefore, it’s easy.” Yeah, it turns out that running a business is humbling across a whole bunch of different axes.Ashleigh: I wouldn’t even say, it’s not running a business; it’s working with humans. Working with humans is humbling. If you’re working with a machine or even something as simple as, like, you know, you’re making a product. It’s follow a recipe; it’s okay. Follow the instructions. I do A, then B, then C, then D, unless you don’t enjoy using the instructions because you don’t enjoy using instructions. But you still follow a set general process; you build a thing that comes out correctly.The moment that process is, talk to this person, and then Person A, then Person B, then Person C, then Person D, then Back to Person A, then Person D, and then finally to Person E, everything goes to heck in a handbasket. That’s what really makes it interesting. And for those of us who are of a certain disposition, we find that fascinating and enthralling. If you’re of another disposition, that’s hell on earth [laugh]. So, it’s a very—yeah, it’s a very interesting thing.Corey: Back when I was independent, and people tried to sell me things—and yeah, sometimes it worked. It was always interesting going through various intake funnels and the rest. And, like, “Well, what role do you hold in the organization? Do you influence the decision? Do you make the decision? How many people need to be involved in the rest?”And I was looking around going, “How many people do you think fit in my home office here? Let’s be serious.” I mean, there are times I escalated to the Chihuahua because she’s unpleasant and annoying and basically, sometimes so are people. But that’s a separate topic for later. But it became a very different story back as the organizational distance between the people that needed to sign off on a sale increased.Ashleigh: Mm-hm. Absolutely. And you might have felt me squirm when you described those questions because one of my biggest pet peeves is when people take sales terminology and directly use that with clients. Just like if you’re an engineer and you’re describing what you do, you’re not going to go home and explain to your dad in technical jargon what exactly; you’re going to tell him broad strokes. And if they’re interested, go deeper and deeper; technical, more technical.I hate when salespeople use sales jargon, like, “What’s your role in the organization? Are you the decision-maker?” Don’t—mmm. There are better ways to deal with that. So, that’s just a sign of poor training. It’s not the sales rep’s fault; it’s his company’s fault—their company’s fault. But that’s a different thing.It’s fascinating to me, kind of, watching this—what you said spoke of two things there. One is poor training, and two, of a lack of awareness of the situation and a lack of just doing a little bit of pre-work. Like, you do five seconds of research on Corey Quinn, you can realize that the company is ten to 15 people tops. So, it makes sense to ask a question around, “Hey, do you need anyone else to sign off before we can move forward with this project?”That tells me if I need to get someone for technical, for budget, for whatever, but asking if you’re a decision-maker, or if you’re influencing, or if you’re doing initial research, like, that’s using sales terminology, not actually getting to the root of the problem and immediately making it very clear, you didn’t do any actual research in advance, which is not—in modern selling—not okay.Corey: My business partner, Mike, has a CEO job title, and he’ll get a whole bunch of cold outreach constantly all day, every day. I conducted a two-week experiment where in front of my Chief Cloud Economist job title, I put ‘CTO/’ just to see what would happen, and sure enough, I started getting outreach left, right, up, down, and sideways. Not just for things that a CTO figure might theoretically wind up needing to buy, but also, job opportunities for a skill set that I haven’t dusted off in a decade.So, okay. Once people can have something that hits their filters when you’re searching for very specific titles, then you wind up getting a lot more outreach. But if you create a job title that no one sensible would ever pick for themselves, suddenly a lot of that tends to go by the wayside. It shined a light on how frustratingly dreary a lot of the sales prospecting work really can be from—Ashleigh: Oh, yeah.Corey: —just from the side of someone who gets it. Now, I’m not exaggerating when I say that I did work in sales once upon a time. Not great at it, but one of the first white-collar-style jobs that I had was telemarketing, of all things. And I was spectacular at it because I was fortunate enough to be working on a co-branded affinity credit card that was great, and I had

About TimTimothy William Bray is a Canadian software developer, environmentalist, political activist and one of the co-authors of the original XML specification. He worked for Amazon Web Services from December 2014 until May 2020 when he quit due to concerns over the terminating of whistleblowers. Previously he has been employed by Google, Sun Microsystemsand Digital Equipment Corporation (DEC). Bray has also founded or co-founded several start-ups such as Antarctica Systems.Links Referenced: Textuality Services: https://www.textuality.com/ laugh]. So, the impetus for having this conversation is, you had a [blog post: https://www.tbray.org/ongoing/When/202x/2022/01/30/Cloud-Lock-In @timbray: https://twitter.com/timbray tbray.org: https://tbray.org duckbillgroup.com: https://duckbillgroup.com TranscriptAnnouncer: Hello, and welcome to Screaming in the Cloud with your host, Chief Cloud Economist at The Duckbill Group, Corey Quinn. This weekly show features conversations with people doing interesting work in the world of cloud, thoughtful commentary on the state of the technical world, and ridiculous titles for which Corey refuses to apologize. This is Screaming in the Cloud.Corey: This episode is sponsored in part by our friends at Vultr. Spelled V-U-L-T-R because they’re all about helping save money, including on things like, you know, vowels. So, what they do is they are a cloud provider that provides surprisingly high performance cloud compute at a price that—while sure they claim its better than AWS pricing—and when they say that they mean it is less money. Sure, I don’t dispute that but what I find interesting is that it’s predictable. They tell you in advance on a monthly basis what it’s going to going to cost. They have a bunch of advanced networking features. They have nineteen global locations and scale things elastically. Not to be confused with openly, because apparently elastic and open can mean the same thing sometimes. They have had over a million users. Deployments take less that sixty seconds across twelve pre-selected operating systems. Or, if you’re one of those nutters like me, you can bring your own ISO and install basically any operating system you want. Starting with pricing as low as $2.50 a month for Vultr cloud compute they have plans for developers and businesses of all sizes, except maybe Amazon, who stubbornly insists on having something to scale all on their own. Try Vultr today for free by visiting: vultr.com/screaming, and you’ll receive a $100 in credit. Thats V-U-L-T-R.com slash screaming.Corey: Couchbase Capella Database-as-a-Service is flexible, full-featured and fully managed with built in access via key-value, SQL, and full-text search. Flexible JSON documents aligned to your applications and workloads. Build faster with blazing fast in-memory performance and automated replication and scaling while reducing cost. Capella has the best price performance of any fully managed document database. Visit couchbase.com/screaminginthecloud to try Capella today for free and be up and running in three minutes with no credit card required. Couchbase Capella: make your data sing.Corey: Welcome to Screaming in the Cloud. I’m Corey Quinn. My guest today has been on a year or two ago, but today, we’re going in a bit of a different direction. Tim Bray is a principal at Textuality Services.Once upon a time, he was a Distinguished Engineer slash VP at AWS, but let’s be clear, he isn’t solely focused on one company; he also used to work at Google. Also, there is scuttlebutt that he might have had something to do, at one point, with the creation of God’s true language, XML. Tim, thank you for coming back on the show and suffering my slings and arrows.Tim: Oh, you’re just fine. Glad to be here.Corey: [laugh]. So, the impetus for having this conversation is, you had a blog post somewhat recently—by which I mean, January of 2022—where you talked about lock-in and multi-cloud, two subjects near and dear to my heart, mostly because I have what I thought was a fairly countercultural opinion. You seem to have a very closely aligned perspective on this. But let’s not get too far ahead of ourselves. Where did this blog posts come from?Tim: Well, I advised a couple of companies and one of them happens to be using GCP and the other happens to be using AWS and I get involved in a lot of industry conversations, and I noticed that multi-cloud is a buzzword. If you go and type multi-cloud into Google, you get, like, a page of people saying, “We will solve your multi-cloud problems. Come to us and you will be multi-cloud.” And I was not sure what to think, so I started writing to find out what I would think. And I think it’s not complicated anymore. I think the multi-cloud is a reality in most companies. I think that many mainstream, non-startup companies are really worried about cloud lock-in, and that’s not entirely unreasonable. So, it’s a reasonable thing to think about and it’s a reasonable thing to try and find the right balance between avoiding lock-in and not slowing yourself down. And the issues were interesting. What was surprising is that I published that blog piece saying what I thought were some kind of controversial things, and I got no pushback. Which was, you know, why I started talking to you and saying, “Corey, you know, does nobody disagree with this? Do you disagree with this? Maybe we should have a talk and see if this is just the new conventional wisdom.”Corey: There’s nothing worse than almost trying to pick a fight, but no one actually winds up taking you up on the opportunity. That always feels a little off. Let’s break it down into two issues because I would argue that they are intertwined, but not necessarily the same thing. Let’s start with multi-cloud because it turns out that there’s just enough nuance to—at least where I sit on this position—that whenever I tweet about it, I wind up getting wildly misinterpreted. Do you find that as well?Tim: Not so much. It’s not a subject I have really had too much to say about, but it does mean lots of different things. And so it’s not totally surprising that that happens. I mean, some people think when you say multi-cloud, you mean, “Well, I’m going to take my strategic application, and I’m going to run it in parallel on AWS and GCP because that way, I’ll be more resilient and other good things will happen.” And then there’s another thing, which is that, “Well, you know, as my company grows, I’m naturally going to be using lots of different technologies and that might include more than one cloud.” So, there’s a whole spectrum of things that multi-cloud could mean. So, I guess when we talk about it, we probably owe it to our audiences to be clear what we’re talking about.Corey: Let’s be clear, from my perspective, the common definition of multi-cloud is whatever the person talking is trying to sell you at that point in time is, of course, what multi-cloud is. If it’s a third-party dashboard, for example, “Oh, yeah, you want to be able to look at all of your cloud usage on a single pane of glass.” If it’s a certain—well, I guess, certain not a given cloud provider, well, they understand if you go all-in on a cloud provider, it’s probably not going to be them so they’re, of course, going to talk about multi-cloud. And if it’s AWS, where they are the 8000-pound gorilla in the space, “Oh, yeah, multi-clouds, terrible. Put everything on AWS. The end.” It seems that most people who talk about this have a very self-serving motivation that they can’t entirely escape. That bias does reflect itself.Tim: That’s true. When I joined AWS, which was around 2014, the PR line was a very hard line. “Well, multi-cloud that’s not something you should invest in.” And I’ve noticed that the conversation online has become much softer. And I think one reason for that is that going all-in on a single cloud is at least possible when you’re a startup, but if you’re a big company, you know, a insurance company, a tire manufacturer, that kind of thing, you’re going to be multi-cloud, for the same reason that they already have COBOL on the mainframe and Java on the old Sun boxes, and Mongo running somewhere else, and five different programming languages.And that’s just the way big companies are, it’s a consequence of M&A, it’s a consequence of research projects that succeeded, one kind or another. I mean, lots of big companies have been trying to get rid of COBOL for decades, literally, [laugh] and not succeeding and doing that. So—Corey: It’s ‘legacy’ which is, of course, the condescending engineering term for, “It makes money.”Tim: And works. And so I don’t think it’s realistic to, as a matter of principle, not be multi-cloud.Corey: Let’s define our terms a little more closely because very often, people like to pull strange gotchas out of the air. Because when I talk about this, I’m talking about—like, when I speak about it off the cuff, I’m thinking in terms of where do I run my containers? Where do I run my virtual machines? Where does my database live? But you can also move in a bunch of different directions. Where do my Git repositories live? What Office suite am I using? What am I using for my CRM? Et cetera, et cetera? Where do you draw the boundary lines because it’s very easy to talk past each other if we’re not careful here?Tim: Right. And, you know, let’s grant that if you’re a mainstream enterprise, you’re running your Office automation on Microsoft, and they’re twisting your arm to use the cloud version, so you probably are. And if you have any sense at all, you’re not running your own Exchange Server, so let’s assume that you’re using Microsoft Azure for that. And you’re running Salesforce, and that means you’re on Salesforce’s cloud. And a lot of other Software-as-a-Service offerings might be on AWS or Azure or GCP; they don’t even tell you.So, I think probably the crucial issue that we should focus our conversation on is my own apps, my own software that is my core competence that I actually use to run the core of my business. And typically, that’s the only place where a company would and should invest serious engineering resources to build software. And that’s where the question comes

About PeterPeter's spent more than a decade building scalable and robust systems at startups across adtech and edtech. At Remind, where he's VP of Technology, Peter pushes for building a sustainable tech company with mature software engineering. He lives in Southern California and enjoys spending time at the beach with his family.Links: Redis: https://redis.com/ Remind: https://www.remind.com/ Remind Engineering Blog: https://engineering.remind.com LinkedIn: https://www.linkedin.com/in/hamiltop Email: peterh@remind101.com TranscriptAnnouncer: Hello, and welcome to Screaming in the Cloud with your host, Chief Cloud Economist at The Duckbill Group, Corey Quinn. This weekly show features conversations with people doing interesting work in the world of cloud, thoughtful commentary on the state of the technical world, and ridiculous titles for which Corey refuses to apologize. This is Screaming in the Cloud.Corey: Today’s episode is brought to you in part by our friends at MinIO the high-performance Kubernetes native object store that’s built for the multi-cloud, creating a consistent data storage layer for your public cloud instances, your private cloud instances, and even your edge instances, depending upon what the heck you’re defining those as, which depends probably on where you work. It’s getting that unified is one of the greatest challenges facing developers and architects today. It requires S3 compatibility, enterprise-grade security and resiliency, the speed to run any workload, and the footprint to run anywhere, and that’s exactly what MinIO offers. With superb read speeds in excess of 360 gigs and 100 megabyte binary that doesn’t eat all the data you’ve gotten on the system, it’s exactly what you’ve been looking for. Check it out today at min.io/download, and see for yourself. That’s min.io/download, and be sure to tell them that I sent you.Corey: This episode is sponsored in part by our friends at Vultr. Spelled V-U-L-T-R because they’re all about helping save money, including on things like, you know, vowels. So, what they do is they are a cloud provider that provides surprisingly high performance cloud compute at a price that—while sure they claim its better than AWS pricing—and when they say that they mean it is less money. Sure, I don’t dispute that but what I find interesting is that it’s predictable. They tell you in advance on a monthly basis what it’s going to going to cost. They have a bunch of advanced networking features. They have nineteen global locations and scale things elastically. Not to be confused with openly, because apparently elastic and open can mean the same thing sometimes. They have had over a million users. Deployments take less that sixty seconds across twelve pre-selected operating systems. Or, if you’re one of those nutters like me, you can bring your own ISO and install basically any operating system you want. Starting with pricing as low as $2.50 a month for Vultr cloud compute they have plans for developers and businesses of all sizes, except maybe Amazon, who stubbornly insists on having something to scale all on their own. Try Vultr today for free by visiting: vultr.com/screaming, and you’ll receive a $100 in credit. Thats V-U-L-T-R.com slash screaming.Corey: Welcome to Screaming in the Cloud. I’m Corey Quinn and this is a fun episode. It is a promoted episode, which means that our friends at Redis have gone ahead and sponsored this entire episode. I asked them, “Great, who are you going to send me from, generally, your executive suite?” And they said, “Nah. You already know what we’re going to say. We want you to talk to one of our customers.” And so here we are. My guest today is Peter Hamilton, VP of Technology at Remind. Peter, thank you for joining me.Peter: Thanks, Corey. Excited to be here.Corey: It’s always interesting when I get to talk to people on promoted guest episodes when they’re a customer of the sponsor because to be clear, you do not work for Redis. This is one of those stories you enjoy telling, but you don’t personally have a stake in whether people love Redis, hate Redis, adopt that or not, which is exactly what I try and do on these shows. There’s an authenticity to people who have in-the-trenches experience who aren’t themselves trying to sell the thing because that is their entire job in this world.Peter: Yeah. You just presented three or four different opinions and I guarantee we felt all at the different times.Corey: [laugh]. So, let’s start at the very beginning. What does Remind do?Peter: So, Remind is a messaging tool for education, largely K through 12. We support about 30 million active users across the country, over 2 million teachers, making sure that every student has, you know, equal opportunities to succeed and that we can facilitate as much learning as possible.Corey: When you say messaging that could mean a bunch of different things to a bunch of different people. Once on a lark, I wound up sitting down—this was years ago, so I’m sure the number is a woeful underestimate now—of how many AWS services I could use to send a message from me to you. And this is without going into the lunacy territory of, “Well, I can tag a thing and then mail it to you like a Snowball Edge or something.” No, this is using them as intended, I think I got 15 or 16 of them. When you say messaging, what does that mean to you?Peter: So, for us, it’s about communication to the end-user. We will do everything we can to deliver whatever message a teacher or district administrator has to the user. We go through SMS, text messaging, we go through Apple and Google’s push services, we go through email, we go through voice call, really pulling out all the stops we can to make sure that these important messages get out.Corey: And I can only imagine some of the regulatory pressure you almost certainly experience. It feels like it’s not quite to HIPAA levels, where ohh, there’s a private cause of action if any of this stuff gets out, but people are inherently sensitive about communications involving their children. I always sort of knew this in a general sense, and then I had kids myself, and oh, yeah, suddenly I really care about those sorts of things.Peter: Yeah. One of the big challenges, you can build great systems that do the correct thing, but at the end of the day, we’re relying on a teacher choosing the right recipient when they send a message. And so we’ve had to build a lot of processes and controls in place, so that we can, kind of, satisfy two conflicting needs: One is to provide a clear audit log because that’s an important thing for districts to know if something does happen, that we have clear communication; and the other is to also be able to jump in and intervene when something inappropriate or mistaken is sent out to the wrong people.Corey: Remind has always been one of those companies that has a somewhat exalted reputation in the AWS space. You folks have been early adopters of a bunch of different services—which let’s be clear, in the responsible way, not the, “Well, they said it on stage; time to go ahead and put everything they just listed into production because we for some Godforsaken reason, view it as a todo list.”—but you’ve been thoughtful about how you approach things, and you have been around as a company for a while. But you’ve also been making a significant push toward being cloud-native by certain definitions of that term. So, I know this sounds like a college entrance essay, but what does cloud-native mean to you?Peter: So, one of the big gaps—if you take an application that was written to be deployed in a traditional data center environment and just drop it in the cloud, what you’re going to get is a flaky data center.Corey: Well, that’s unfair. It’s also going to be extremely expensive.Peter: [laugh]. Sorry, an expensive, flaky data set.Corey: There we go. There we go.Peter: What we’ve really looked at–and a lot of this goes back to our history in the earlier days; we ran a top of Heroku and it was kind of the early days what they call the Twelve-Factor Application—but making aggressive decisions about how you structure your architecture and application so that you fit in with some of the cloud tools that are available and that you fit in, you know, with the operating models that are out there.Corey: When you say an aggressive decision, what sort of thing are you talking about? Because when I think of being aggressive with an approach to things like AWS, it usually involves Twitter, and I’m guessing that is not the direction you intend that to go.Peter: No, I think if you look at Twitter or Netflix or some of these players that, quite frankly, have defined what AWS is to us today through their usage patterns, not quite that.Corey: Oh, I mean using Twitter to yell at them explicitly about things—Peter: Oh.Corey: —because I don’t do passive-aggressive; I just do aggressive.Peter: Got it. No, I think in our case, it’s been plotting a very narrow path that allows us to avoid some of the bigger pitfalls. We have our sponsor here, Redis. Talk a little bit about our usage of Redis and how that’s helped us in some of these cases. One of the pitfalls you’ll find with pulling a non-cloud-native application and put it in the cloud is state is hard to manage.If you put state on all your machines and machines go down, networks fail, all those things, you now no longer have access to that state and we start to see a lot of problems. One of the decisions we’ve made is try to put as much data as we can into data stores like Redis or Postgres or something, in order to decouple our hardware from the state we’re trying to manage and provide for users so that we’re more resilient to those sorts of failures.Corey: I get the sense from the way that we’re having this conversation, when you talk about Redis, you mean actual Redis itself, not ElastiCache for Redis, or as to I’m tending to increasingly think about AWS’s services, Amazon Basics for Redis.Peter: Yeah. I mean, Amazon has launched a number of products. They have their ElastiCache, they have their new MemoryDB, there’s a lot different ways to use this. We’ve relied pretty heavily on Redis, previously known as Redis Labs, and

About PhilipPhilip Griffiths is VP Global Business Development and regularly speaks at events from DevOps to IoT to Cyber Security. Prior to this, he worked for Atos IT Services in various roles working with C-suit executives to realise their digital transformation. He lives in Cambridge with his wife and two daughters.Links: NetFoundry: https://netfoundry.io/ Blog article: https://netfoundry.io/demystifying-the-magic-of-zero-trust-with-my-daughter-and-opensource/ netfoundry.io/screaminginthecloud: https://netfoundry.io/screaminginthecloud TranscriptAnnouncer: Hello, and welcome to Screaming in the Cloud with your host, Chief Cloud Economist at The Duckbill Group, Corey Quinn. This weekly show features conversations with people doing interesting work in the world of cloud, thoughtful commentary on the state of the technical world, and ridiculous titles for which Corey refuses to apologize. This is Screaming in the Cloud.Corey: Today’s episode is brought to you in part by our friends at MinIO the high-performance Kubernetes native object store that’s built for the multi-cloud, creating a consistent data storage layer for your public cloud instances, your private cloud instances, and even your edge instances, depending upon what the heck you’re defining those as, which depends probably on where you work. It’s getting that unified is one of the greatest challenges facing developers and architects today. It requires S3 compatibility, enterprise-grade security and resiliency, the speed to run any workload, and the footprint to run anywhere, and that’s exactly what MinIO offers. With superb read speeds in excess of 360 gigs and 100 megabyte binary that doesn’t eat all the data you’ve gotten on the system, it’s exactly what you’ve been looking for. Check it out today at min.io/download, and see for yourself. That’s min.io/download, and be sure to tell them that I sent you.Corey: This episode is sponsored by our friends at Oracle Cloud. Counting the pennies, but still dreaming of deploying apps instead of “Hello, World” demos? Allow me to introduce you to Oracle’s Always Free tier. It provides over 20 free services and infrastructure, networking, databases, observability, management, and security. And—let me be clear here—it’s actually free. There’s no surprise billing until you intentionally and proactively upgrade your account. This means you can provision a virtual machine instance or spin up an autonomous database that manages itself, all while gaining the networking, load balancing, and storage resources that somehow never quite make it into most free tiers needed to support the application that you want to build. With Always Free, you can do things like run small-scale applications or do proof-of-concept testing without spending a dime. You know that I always like to put asterisks next to the word free? This is actually free, no asterisk. Start now. Visit snark.cloud/oci-free that’s snark.cloud/oci-free.Corey: Welcome to Screaming in the Cloud. I’m Corey Quinn. Today’s promoted episode is about a topic that is near and dear to my heart. In the AWS universe, we have seen over time that the networking has gotten more and more capable going from EC2 Classic to the world of VPC network to a whole bunch of other things. But with that capability comes a stupendous amount of complexity, to the point where the easy answer to, “Do you understand how networking works within AWS?” Is, of course, no, “I don’t.”I’m joined today by Philip Griffiths, who’s the Head of Business Development at NetFoundry. Philip, thank you for joining me.Philip: Pleasure to be here, Corey.Corey: So, NetFoundry has what I would argue to be one of the most intriguing-slash-differentiated approaches to handling that ever-increasing complexity around the networking story, not just in AWS, but a number of different cloud providers, and between them, and that approach is to ignore it completely. Have I nailed the salient approach here with that, I guess we’ll call it a flippant statement.Philip: Yeah, I’d probably say so. It’s the interesting thing where a lot of people say cloud networking is hard, and from our perspective, it should just be super easy, you should be able to provision it in a few minutes with only outbound ports, and set up your policy so that malicious actors can’t get inside it. It should be that easy, and programmable, and it’s a shame that the current world is not.Corey: One of the hard problems has always been in, I guess, security, which is the thing that everyone pretends to care about right up front, but in practice, often winds up bolting it on after the fact because, “We care about security,” is sort of the trademark phrase of things that we see, usually an email announcing a data breach when it was very clear that companies did not care about security. It’s not just me complaining about how complex the network stack is, but by what directly flows from that. If you aren’t able to fit all of that into your head as far as what’s going on from a security perspective, the odds of misconfiguration creep in and you don’t really become aware of what your risk exposure is. I’m really partial to the idea of just avoiding it entirely. Is NetFoundry, effectively, a network overlay? Is it something that goes a bit beyond that? Effectively, where do you folks start and where do you stop?Philip: Yes, that is precisely correct. We are a network overlay that’s been built on the principles of zero trust. What is very unique is the ability to be able to start it wherever you want. So yes, you can deploy it from the AWS Marketplace in a few minutes into your VPC or into your operating system, but we also have the ability to actually put it directly into the application stack itself, which has some very interesting complications. What I find as the most interesting starting point is the oxymoron of secure networking.There are no secure networks. It’s not possible. Networks are designed to share information and taking it to first principles, you can only isolate networks. And this is why we had the thought process for if we’re going to put our overlay network into stuff and make it secure, we have to start at the application level because then we can actually just isolate it to an application communicating into an application, which has profound implications.Corey: The network part is relatively straightforward. I imagine it just becomes, more or less, what resembles a fairly flat network where everything internal is allowed to talk to each other, and then, in turn, this winds up effectively elevating what should be allowed to talk to what and on what ports and whatnot into something that’s a lot closer to the application logic, and transcends whatever provider it happens to be traversing.Philip: Yeah, correct. Following the principles of zero trust, we utilize strong embedded identity as a function of what the endpoints are, what the source and destination is. And therefore you build up your policies and services to say what should communicate to what on the basis that the default the least privileged: Absolutely nothing. Your underlay then, the only thing you need is commodity internet with outbound ports. The whole concept of north-south, east-west, if you’re app-embedded, you don’t even need public DNS; you don’t even need DNS at all. Naming conventions go out the window; you don’t need to conform to the standards. You know, you could say, “I want to hit Jenkins.” You go to Jenkins because that can be done.Corey: I would approach this entire endeavor with a fair bit of suspicion and no small amount of alarm if it were something that you had developed internally, as far as, “Well, we’re just going to replace what amounts to your entire network stack and just go ahead and trust us. It’s fine.” But you didn’t do that. You’re riding on top of the OpenZiti open-source project. And that basically assuages a whole raft of concerns I would have if something like this were proprietary, and people who know what they’re doing—who, let’s be clear, aren’t me—were not able to inspect it and say, “Okay, this passes muster”—as they have done—or alternately, “No, this is terrifyingly dangerous for a variety of excellent reasons.”And it really feels like a lot of the zero-trust stories that we see these days that are taking advantage of either a network overlay approach or shifting authentication into a different layer, have all taken a somewhat similar tack. I used to think it was a good idea; now I’m starting to suspect it might very well be the only viable model. Do you find that that’s accurate, or was this a subject of some contention when you were starting out?Philip: So, there’s two very interesting [sigh] thoughts that came to me as you were saying that. The number one is yes, we drove forward with OpenZiti because we’ve seen open-source just completely dominate the industry and everything new that’s been built. If you want to deploy an application, you’re building on Linux. And in fact, you’re probably [laugh] also running on Kubernetes if you’re building new. And our objective was to be able to turn OpenZiti into you know, the open-source, zero-trust private network and equivalent where it’s just standard: You’ll bake your application with Ziti, by design.It will become a check function that people say you have to comply to. When I look at other vendors and how they look at zero-trust, I broadly see a few things that dishearten me. And again, it’s a big market, a lot of people—everyone says they’re zero-trust nowadays—but I broadly categorize it into a few ways. You have people who are effectively acting as a proxy and they’re adding authentication as a way to check what people should have access to. And they may give access to the whole network, they may do granular; it varies between them. In fact, I’ve just written a blog on this where I effectively call that no-magic zero trust. It’s a blog conceptualized within Harry Potter and [unintelligible 00:07:36] a conversation with my daughter.Corey: Yeah, any way to tell a story that beats the traditional enterprise voice is very much appreciated over in this corner of the world.Philip: [laugh]. Yeah, exactly. You have a second tier

About NipunNipun Agarwal is a Senior Vice President, MySQL HeatWave and Advanced Development, Oracle. His interests include distributed data processing, machine learning, cloud technologies and security. Nipun was part of the Oracle Database team where he introduced a number of new features. He has been awarded over 170 patents.Links:Oracle: https://www.oracle.com TranscriptAnnouncer: Hello, and welcome to Screaming in the Cloud with your host, Chief Cloud Economist at The Duckbill Group, Corey Quinn. This weekly show features conversations with people doing interesting work in the world of cloud, thoughtful commentary on the state of the technical world, and ridiculous titles for which Corey refuses to apologize. This is Screaming in the Cloud.Corey: This episode is sponsored in part by our friends at Vultr. Spelled V-U-L-T-R because they’re all about helping save money, including on things like, you know, vowels. So, what they do is they are a cloud provider that provides surprisingly high performance cloud compute at a price that—while sure they claim its better than AWS pricing—and when they say that they mean it is less money. Sure, I don’t dispute that but what I find interesting is that it’s predictable. They tell you in advance on a monthly basis what it’s going to going to cost. They have a bunch of advanced networking features. They have nineteen global locations and scale things elastically. Not to be confused with openly, because apparently elastic and open can mean the same thing sometimes. They have had over a million users. Deployments take less that sixty seconds across twelve pre-selected operating systems. Or, if you’re one of those nutters like me, you can bring your own ISO and install basically any operating system you want. Starting with pricing as low as $2.50 a month for Vultr cloud compute they have plans for developers and businesses of all sizes, except maybe Amazon, who stubbornly insists on having something to scale all on their own. Try Vultr today for free by visiting: vultr.com/screaming, and you’ll receive a $100 in credit. Thats V-U-L-T-R.com slash screaming.Corey: Couchbase Capella Database-as-a-Service is flexible, full-featured and fully managed with built in access via key-value, SQL, and full-text search. Flexible JSON documents aligned to your applications and workloads. Build faster with blazing fast in-memory performance and automated replication and scaling while reducing cost. Capella has the best price performance of any fully managed document database. Visit couchbase.com/screaminginthecloud to try Capella today for free and be up and running in three minutes with no credit card required. Couchbase Capella: make your data sing.Corey: Welcome to Screaming in the Cloud, I’m Corey Quinn. Today’s promoted episode is a returning guest with a slight difference. When last we spoke, Nipun Agarwal was a VP over at Oracle, but now—that’s right. When people stay in a company long enough and perform well, they wind up getting additional adjectives in lieu of other things—Nipun, you’re now a Senior VP over at Oracle. Congratulations, I think, unless that just means you’ve gotten older. Welcome back.Nipun: Thank you, Corey.Corey: So, now that you’re at SVP level, I can ask some of the harder questions that we didn’t necessarily—seem fair to get into the last time we spoke, such as what is an Oracle, and what might they do these days? For folks who have, I don’t know, been living in a cave for 40 years.Nipun: Corey, glad to be back on your show. And since the last time we spoke, we have had, like, you know, a lot of enhancements and innovations, and I’ll be happy to describe those in detail whenever is a good time.Corey: Absolutely so you’ve been focused on MySQL for a very long time. And you’ve been using it so long, I really should be calling it YourSQL, but that’s neither here nor there. And you’ve also been focusing on HeatWave, which is effectively MySQL with then some—I’m just going to cheat and call it magic that is layered on top of it. That is probably a terrible descriptor of what it actually does, but understand I’m coming from a perspective where I firmly believe the best database in the world is Amazon Route 53, which is a DNS server, so people look at that and say, ‘well, that’s not really what it’s designed to do,’ which really sounds like a ‘them’ problem. And fair enough. We’re going to invert it here. So, why is HeatWave a terrible DNS server? What is it exactly?Nipun: So, MySQL is the most popular database in the world—it’s the most popular open-source database in the world—lots of people use it. All the major cloud vendors, they take the MySQL database, and either as is or, like, you know, with some enhancements, they offer a managed service, whether it’s Amazon, Azure, Google, pretty much all the major cloud vendors. Now, MySQL has been designed and optimized for transaction processing, so it does a great job for transaction processing. But when customers need to run complex queries or when they need to run analytics, customers would have to take the data out of the MySQL database into some other database for running analytics.Corey: Let me make sure I understand your terms properly. When you say ‘transactional,’ you’re talking about I’m shopping for underpants on a website. I go ahead and make a purchase; that’s considered a transaction, and a database change reflecting my purchase makes sense. From an analytics perspective, you’re like, “All right, let’s see who bought underpants during this time period.” It’s effectively, usually, a small individual record versus now we’re going to start doing deep dives into effectively a lot of those records in aggregate, is that directionally correct, or is my understanding more than a little flawed about things beyond DNS?Nipun: Right. What you describe is very accurate. That transaction processing is about point queries making frequent changes, whereas when we talk about analytics, it typically involves scanning a much larger amount of data to get the results, and aggregations is a very good example of that.Corey: So historically, that seems that people have used very different tooling for different sides of those. Ideally—I admit, back in the bad old days when I was a systems administrator, we were running MySQL a fair bit, and we had the primary database, which was the thing that handled all of the live transactions and the rest, and whenever we ran business reporting queries on it, it’s like, “Huh, why is the website super slow?” And it didn’t seem to work very well. Now, back then, at the scale we were operating at the solution was, “Ah, we’re going to use a replica, and then we’re going to basically beat the crap out of the replica for our reporting queries.” And if that gets a little slow and bogged down, who cares? Well, just other people running reporting queries; people can still buy underpants.So, that was the way that we handled it back then. This was a decade ago. Data sets have gotten significantly larger since then, and apparently, my way of viewing it is, as they say, quaint when they’re trying not to be actively insulting. The right way to do it these days is to have completely separate systems that wind up handling those queries with different user interfaces by and large. That is, to my understanding, the rise of ‘Big Data,’ and you can hear the initial caps in Big Data with people talk about it like that.Nipun: Correct. So, what you describe is absolutely correct that people would extract the data out of databases, take it to specialized databases, which are [apt 00:05:11] for running decision-making analytic processing. But the downside is that a people need to express the logic and write code to extract this data, and then customers end up with these two different databases. They got to keep the data in sync, they got to move the data periodically. So, there are a lot of, like, you know, issues in terms of having to manage two different databases, one for transaction processing, one for analytics.What we have done with HeatWave is to enhance the MySQL database service in the Oracle Cloud so that now the single MySQL database is optimized both for transaction processing as well as analytics. So, now you have a single database. And whether you want to run point queries or these aggregate queries, you can do it on the same data. So, the data remains as is. You’re bringing richness of computation, richness in query processing, to the customers.Corey: One of the truisms of cloud is that it forces a reevaluation, in many cases, of things that people historically hadn’t had to think about it. A classic example when I was consulting on cloud migrations, was building up costing models, as you might imagine. And my customers would ask me questions, such is, “Great. So, what’s this going to cost us?” And I would come back with, “Well, okay, how many gigabytes in a given month does transfer between this database and that other database, you know, in the machine sitting right next to it?” And their response started off with a, “Why on earth do you think we would know that?” Followed by, “Wait, why do we need to know that?” Followed by, “Oh, God. It costs us to do what?”And very quickly an architectural pattern has emerged within cloud of—you know, people experience this the second time, they plan for it. And as a result, whatever database is the most cost-effective is the one that data is already in because moving data from point to point is inherently an expensive proposition. Depending on where the second point is, it can be an extortionately expensive proposition. Which means that very often, we’ll start to see patterns that are, I guess, sacrificing one side of the database interaction model or the other, that transactions are going to be a little slower because you need to have it in the same place you’re going to be running large scale analytics on, or alternately, analytics are going to be super crappy, just because you have to wind up querying systems during downtimes and low periods. It just becomes a giant mess, regardless of whether it’s bad in one way, bad in another, or just expensive, it hasn’t worked for people. And my sense

About RickI lead the developer relations team for strategic accounts at MongoDB. My responsibilities include defining technical standards for the global strategic accounts team and consulting with the largest customers and opportunities for the business. My role spans technology sectors and as part of my engagements I routinely provide guidance on industry best practices, technology transformation, distributed systems implementation, cloud migration, and more. I led the architecture and design effort at Amazon for migrating thousands of relational workloads from RDBMS to NoSQL and built the center of excellence team responsible for defining the best practices and design patterns used today by thousands of Amazon internal service teams and AWS customers. I currently operate as the technical leader for our global strategic account teams to build the market for MongoDB technology by facilitating center of excellence capabilities within our customer organizations through training, evangelism, and direct design consultation activities.30+ years of software and IT expertise.9 patents in Cloud Virtualization, Complex Event Processing, Root Cause Analysis, Microprocessor Architecture, and NoSQL Database technology.Links: MongoDB: https://www.mongodb.com/ Twitter: https://twitter.com/houlihan_rick TranscriptAnnouncer: Hello, and welcome to Screaming in the Cloud with your host, Chief Cloud Economist at The Duckbill Group, Corey Quinn. This weekly show features conversations with people doing interesting work in the world of cloud, thoughtful commentary on the state of the technical world, and ridiculous titles for which Corey refuses to apologize. This is Screaming in the Cloud.Corey: The company 0x4447 builds products to increase standardization and security in AWS organizations. They do this with automated pipelines that use well-structured projects to create secure, easy-to-maintain and fail-tolerant solutions, one of which is their VPN product built on top of the popular OpenVPN project which has no license restrictions; you are only limited by the network card in the instance. To learn more visit: snark.cloud/deployandgoCorey: This episode is sponsored by our friends at Oracle Cloud. Counting the pennies, but still dreaming of deploying apps instead of “Hello, World” demos? Allow me to introduce you to Oracle’s Always Free tier. It provides over 20 free services and infrastructure, networking, databases, observability, management, and security. And—let me be clear here—it’s actually free. There’s no surprise billing until you intentionally and proactively upgrade your account. This means you can provision a virtual machine instance or spin up an autonomous database that manages itself, all while gaining the networking, load balancing, and storage resources that somehow never quite make it into most free tiers needed to support the application that you want to build. With Always Free, you can do things like run small-scale applications or do proof-of-concept testing without spending a dime. You know that I always like to put asterisks next to the word free? This is actually free, no asterisk. Start now. Visit snark.cloud/oci-free that’s snark.cloud/oci-free.Corey: Welcome to Screaming in the Cloud. I’m Corey Quinn. A year or two before the pandemic hit, I went on a magical journey to a mythical place called Australia. I know, I was shocked as anyone to figure out that this was in fact real. And while I was there, I gave the opening keynote at a conference that was called Latency Conf, which is great because there’s a heck of a timezone shift, and I imagine that’s what it’s talking about.The closing keynote was delivered by someone I hadn’t really heard of before, and he started talking about single table design with respect to DynamoDB, which, okay, great; let’s see what he’s got to say. And the talk started off engaging and entertaining and a high-level overview and then got deeper and deeper and deeper and I felt, “Can I please be excused? My brain is full.” That talk was delivered by Rick Houlihan, who now is the Director of Developer Relations for Strategic Accounts over at MongoDB, and I’m fortunate enough to be able to get him here to more or less break down some of what he was saying back then, catch up with what he’s been up to, and more or less suffer my slings and arrows. Rick, thank you for joining me.Rick: Great. Thanks, Corey. I really appreciate—you brought back some memories, you know, trip down memory lane there. And actually, interestingly enough, that was the world’s introduction to single table design was that. That was my dry-run rehearsal for re:Invent 2018 is where I delivered that talk, and it has become since the most positive—Corey: This was two weeks before re:Invent, which was just a great thing. I’d been invited to go; why not? I figured I’d see a couple of clients I had out in that direction. And I learned things like Australia is a big place. So, doing a one-week trip, including Sydney, Melbourne, and Perth. Don’t do that.Rick: I had no idea that it took so long to fly from one side to the other, right? I mean, that’s a long plane [laugh] [crosstalk 00:02:15]—Corey: Oh, yeah. And you were working at AWS at the time—Rick: Absolutely.Corey: —so I can only assume that they basically stuffed you into a dog kennel and threw you underneath the seating area, given their travel policy?Rick: Well, you know, I have the—[clear throat] actually at the time, they just upgraded the policy to allow the intermediate seating, right? So, if you wanted to get the—Corey: Ohhh—Rick: I know—Corey: Big spender. Big spender.Rick: Yes, yes. I can get a little bit extra legroom, so I didn’t have my knees shoved into some of these back. But it was good.Corey: So, let’s talk about, I guess… we’ll call it the elephant in the room. You were at MongoDB, where you were a big proponent of the whole no-SQL side of the world. Then you went to go work at AWS and you carried the good word of DynamoDB far and wide. It made an impression; I built my entire newsletter pipeline production system on top of DynamoDB. It has the same data in three different tables because I’m not good at listening or at computers.But now you’re back at Mongo. And it’s easy to jump to the conclusion of, “Oh, you’re just shilling for whoever it is that happens to sign your paycheck.” And at this point, are you—what’s the authenticity story? But I’ve been paying attention to what you’ve been saying, and I think that’s a bad take because you have been saying the same things all along since before you were on the Dynamo side of it. I do some research for this show, and you’ve been advocating for outcomes and the right ways to do things. How do you view it?Rick: That’s basically the story here, right? I’ve always been a proponent of NoSQL. You know, what I took—the knowledge—it was interesting, the knowledge I took from MongoDB evolved as I went to AWS and I delivered, you know, thousands of applications and deployed workloads that I’d never even imagined I would have my hands on before I went there. I mean, honestly, what a great place it was to cut your teeth on data modeling at scale, right? I mean, that’s the—there is no greater scale.That’s when you learn where things break. And honestly, a lot of the lessons I took from MongoDB, well, when I applied them at scale at AWS, they worked with varying levels of success, and we had to evolve those into the sets of design patterns, which I started to propose for DynamoDB customers, which had been highly effective. I still believe in all those patterns. I would never tell somebody that they need to drop everything and run to MongoDB, but, you know, again, all those patterns apply to MongoDB, too, right? A very—a lot—I wouldn’t say all of them, but many of them, right?So, I’m a proponent of NoSQL. And I think we talked before the call a little bit about, you know, if I was out there hocking relational technology right now and saying RDBMS is the future, then everybody who criticizes anything I say, I would absolutely have to, you know, say that there’s some validity there. But I’m not saying anything different I’ve ever said. MongoDB announced Serverless, if you remember, in July, and that was a big turning point for me because the API that we offer, the developer experience for MongoDB is unmatched, and this is what I talk to people now. And it’s the patterns that I’ve always proposed, I still model data the same way, I don’t do it any different, and I’ve always said, if you go back to my earlier sessions on NoSQL, it’s all the same.It doesn’t matter if it’s MongoDB, DynamoDB, or any other technology. I’ve always shown people how to model their data and NoSQL and I don’t care what database you’re using, I’ve actually helped MongoDB customers do their job better over the years as well. So.Corey: Oh, yeah. And looking back at some of your early talks as well, you passed my test for, “Is this person a shill?” Because you wound up in those talks, addressing head-on when is a relational model the right thing to do? And then you put the answers up on a slide, and this—and what—it didn’t distill down to, “If you’re a fool.”Rick: [laugh].Corey: Because there are use cases where if you don’t [unintelligible 00:05:48] your access patterns, if you have certain constraints and requirements, then yeah. That you have always been an advocate for doing the right thing for the workload. And in my experience, for my use cases, when I looked at MongoDB previously, it was not a fit for me. It was very much a you run this on an instance basis, you have to handle all this stuff. Like three—you kno, keeping it in triplicate in three different DynamoDB tables, my newsletter production pipeline now, including backups and the rest, of DynamoDB portion has climbed to the princely sum of $1.30 a month, give or take.Rick: A month. Yes, exactly.Corey: So, there’s no answer for that there. Now that Mongo Serverless is coming out into the world, oh, okay, this starts to be a lot more compelling. It starts to be a lot more flexible.Rick: I was just going to say, for your use case there, Corey, you’re probably looking at the very similar pricing experience now, with Mon

About RachelRachel leads product and technical marketing for Chronosphere. Previously, Rachel wore lots of marketing hats at CloudHealth (acquired by VMware), and before that, she led product marketing for cloud-integrated storage at NetApp. She also spent many years as an analyst at Forrester Research. Outside of work, Rachel tries to keep up with her young son and hyper-active dog, and when she has time, enjoys crafting and eating out at local restaurants in Boston where she’s based.Links: Chronosphere: https://chronosphere.io Twitter: https://twitter.com/RachelDines Email: rachel@chronosphere.io TranscriptAnnouncer: Hello, and welcome to Screaming in the Cloud with your host, Chief Cloud Economist at The Duckbill Group, Corey Quinn. This weekly show features conversations with people doing interesting work in the world of cloud, thoughtful commentary on the state of the technical world, and ridiculous titles for which Corey refuses to apologize. This is Screaming in the Cloud.Corey: The company 0x4447 builds products to increase standardization and security in AWS organizations. They do this with automated pipelines that use well-structured projects to create secure, easy-to-maintain and fail-tolerant solutions, one of which is their VPN product built on top of the popular OpenVPN project which has no license restrictions; you are only limited by the network card in the instance. To learn more visit: snark.cloud/deployandgoCorey: Couchbase Capella Database-as-a-Service is flexible, full-featured and fully managed with built in access via key-value, SQL, and full-text search. Flexible JSON documents aligned to your applications and workloads. Build faster with blazing fast in-memory performance and automated replication and scaling while reducing cost. Capella has the best price performance of any fully managed document database. Visit couchbase.com/screaminginthecloud to try Capella today for free and be up and running in three minutes with no credit card required. Couchbase Capella: make your data sing.Corey: Welcome to Screaming in the Cloud. I’m Corey Quinn. A repeat guest joins me today, and instead of talking about where she works, instead we’re going to talk about how she got there. Rachel Dines is the Head of Product and Technical Marketing at Chronosphere. Rachel, thank you for joining me.Rachel: Thanks, Corey. It’s great to be here again.Corey: So, back in the early days of me getting started, well, I guess all this nonsense, I was an independent consultant working in the world of cloud cost management and you were over at CloudHealth, which was effectively the 800-pound gorilla in that space. I’ve gotten louder, and of course, that means noisier as well. You wound up going through the acquisition by VMware at CloudHealth, and now you’re over at Chronosphere. We’re going to get to all of that, but I’d rather start at the beginning, which, you know, when you’re telling stories seems like a reasonable place to start. Your first job out of school, to my understanding, was as an analyst at Forrester is that correct?Rachel: It was yeah. Actually, I started as a research associate at Forrester and eventually became an analyst. But yes, it was Forrester. And when I was leaving school—you know, I studied art history and computer science, which is a great combination, makes a ton of sense—I can explain it another time—and I really wanted to go work at the equivalent of FAANG back then, which was just Google. I really wanted to go work at Google.And I did the whole song-and-dance interview there and did not get the job. Best thing that’s ever happened to me because the next day a Forrester recruiter called. I didn’t know what Forrester was—once again, I was right out of college—I said, “This sounds kind of interesting. I’ll check it out.” Seven years later, I was a principal analyst covering, you know, cloud-to-cloud resiliency and backup to the cloud and cloud storage. And that was an amazing start to my career, that really, I’m credited a lot of the things I’ve learned and done since then on that start at Forrester.Corey: Well, I’ll admit this: I was disturbingly far into my 30s before I started to realize what it is that Forrester and its endless brethren did. I’m almost certain you can tell that story better than I can, so what is it that Forrester does? What is its place in the ecosystem?Rachel: Forrester is one of the two or three biggest industry analyst firms. So, the people that work there—the analysts there—are basically paid to be, like, big thinkers and strategists and analysts, right? There’s a reason it’s called that. And so the way that we spent all of our time was, you know, talking to interesting large, typically enterprise IT, and I was in the infrastructure and operations group, so I was speaking to infrastructure, ops, precursors to DevOps—DevOps wasn’t really a thing back in ye olden times, but we’re speaking to them and learning their best practices and publishing reports about the technology, the people and the process that they dealt with. And so you know, over a course of a year, I would talk to hundreds of different large enterprises, the infrastructure and ops leaders at everyone from, like, American Express to Johnson & Johnson to Monsanto, learn from them, write research and reports, and also do things like inquiries and speaking engagements and that kind of stuff.So, the idea of industry analysts is that they’re neutral, they’re objective. You can go to them for advice, and they can tell you, you know, these are the shortlist of vendors you should consider and this is what you should look for in a solution.Corey: I love the idea of what that role is, but it took me a while as a condescending engineer to really wrap my head around it because I viewed it as oh, it’s just for a cover your ass exercise so that when a big company makes a decision, they don’t get yelled at later, and they said, “Well, it seemed like the right thing to do. You can’t blame us.” And that is an overwhelmingly cynical perspective. But the way it was explained to me, it really was put into context—of all things—by way of using the AWS bill as a lens. There’s a whole bunch of tools and scripts and whatnot on GitHub that will tell you different things about your AWS environment, and if I run them in my environment, yeah, they work super well.I run them in a client environment and the thing explodes because it’s not designed to work at a scale of 10,000 instances in a single availability zone. It’s not designed to do backing off so it doesn’t exhaust rate limits across the board. It requires a rethinking at that scale. When you’re talking about enterprise-scale, a lot of the Twitter zeitgeist, as it were, about what tools work well and what tools don’t for various startups, they fail to cross over into the bowels of a regulated entity that has a bunch of other governance and management concerns that don’t really apply. So, there’s this idea of okay, now that we’re a large, going entity with serious revenue behind this, and migrating to any of these things is a substantial lift. What is the right answer? And that is sort of how I see the role of these companies in the ecosystem playing out. Is that directionally correct?Rachel: I would definitely agree that that is directionally correct. And it was the direction that it was going when I was there at Forrester. And by the way, I’ve been gone from there for, I think, eight-plus years. So, you know, it’s definitely evolved it this space—Corey: A lifetime in tech.Rachel: Literally feels like a lifetime. Towards the end of my time there was when we were starting to get briefings from this bookstore company—you might have heard of them—um, Amazon?Corey: Barnes and Noble.Rachel: Yes. And Barnes and Noble. Yes. So, we’re starting to get briefings from Amazon, you know, about Amazon Web Services, and S3 had just been introduced. And I got really excited about Netflix and chaos engineering—this was 2012, right?—and so I did a bunch of research on chaos engineering and tried to figure out how it could apply to the enterprises.And I would, like, bring it to Capital One, and they were like, “Ya crazy.” Turns out I think I was just a little bit ahead of my time, and I’m seeing a lot more of the industry analysts now today looking at like, “Okay, well, yeah, what is Uber doing? Like, what is Netflix doing?” And figure out how that can translate to the enterprise. And it’s not a one-to-one, right, just because the people and the structures and the process is so different, so the technology can’t just, like, make the leap on its own. But yes, I would definitely agree with that, but it hasn’t necessarily always been that way.Corey: Oh, yeah. Like, these days, we’re seeing serverless adoption on some levels being driven by enterprises. I mean, Liberty Mutual is doing stuff there that is really at the avant-garde that startups are learning from. It’s really neat to see that being turned on its head because you always see these big enterprises saying, “We’re like a startup,” but you never see a startup saying, “We’re like a big enterprise.” Because that’s evocative of something that isn’t generally compelling.“Well, what does that mean, exactly? You take forever to do expense reports, and then you get super finicky about it, and you have so much bureaucracy?” No, no, no, it’s, “Now, that we’re process bound, it’s that we understand data sovereignty and things like that.” But you didn’t stay there forever. You at some point decided, okay, talking to people who are working in this industry is all well and good, but time for you to go work in that industry yourself. And you went to, I believe, NetApp by way of Riverbed.Rachel: Yes, yeah. So, I left Forrester and I went over to Riverbed to work on their cloud storage solution as a product marketing. And I had an amazing six months at Riverbed, but I happened to join, unfortunately, right around the time they were being taken private, and they ended up divesting their storage product line off to NetApp. And they divested some of their other product lines to some other companies as part of the whole deal going private. So, it was a short stint at Riverbed, alth

About ClintClint is the CEO and a co-founder at Cribl, a company focused on making observability viable for any organization, giving customers visibility and control over their data while maximizing value from existing tools.Prior to co-founding Cribl, Clint spent two decades leading product management and IT operations at technology and software companies, including Splunk and Cricket Communications. As a former practitioner, he has deep expertise in network issues, database administration, and security operations.Links: Cribl: https://cribl.io/ Cribl.io: https://cribl.io Docs.cribl.io: https://docs.cribl.io Sandbox.cribl.io: https://sandbox.cribl.io TranscriptAnnouncer: Hello, and welcome to Screaming in the Cloud with your host, Chief Cloud Economist at The Duckbill Group, Corey Quinn. This weekly show features conversations with people doing interesting work in the world of cloud, thoughtful commentary on the state of the technical world, and ridiculous titles for which Corey refuses to apologize. This is Screaming in the Cloud.Corey: Today’s episode is brought to you in part by our friends at MinIO the high-performance Kubernetes native object store that’s built for the multi-cloud, creating a consistent data storage layer for your public cloud instances, your private cloud instances, and even your edge instances, depending upon what the heck you’re defining those as, which depends probably on where you work. It’s getting that unified is one of the greatest challenges facing developers and architects today. It requires S3 compatibility, enterprise-grade security and resiliency, the speed to run any workload, and the footprint to run anywhere, and that’s exactly what MinIO offers. With superb read speeds in excess of 360 gigs and 100 megabyte binary that doesn’t eat all the data you’ve gotten on the system, it’s exactly what you’ve been looking for. Check it out today at min.io/download, and see for yourself. That’s min.io/download, and be sure to tell them that I sent you.Corey: This episode is sponsored in part by our friends at Sysdig. Sysdig is the solution for securing DevOps. They have a blog post that went up recently about how an insecure AWS Lambda function could be used as a pivot point to get access into your environment. They’ve also gone deep in-depth with a bunch of other approaches to how DevOps and security are inextricably linked. To learn more, visit sysdig.com and tell them I sent you. That’s S-Y-S-D-I-G dot com. My thanks to them for their continued support of this ridiculous nonsense.Corey: Welcome to Screaming in the Cloud. I’m Corey Quinn. I have a repeat guest joining me on this promoted episode. Clint Sharp is the CEO and co-founder of Cribl. Clint, thanks for joining me.Clint: Hey, Corey, nice to be back.Corey: I was super excited when you gave me the premise for this recording because you said you had some news to talk about, and I was really excited that oh, great, they’re finally going to buy a vowel so that people look at their name and understand how to pronounce it. And no, that’s nowhere near forward-looking enough. It’s instead it’s some, I guess, I don’t know, some product announcement or something. But you know, hope springs eternal. What have you got for us today?Clint: Well, one of the reasons I love talking to your audiences because product announcements actually matter to this audience. It’s super interesting, as you get into starting a company, you’re such, like, a product person, you’re like, “Oh, I have this new set of things that’s really going to make your life better.” And then you go out to, like, the general media, and you’re like, “Hey, I have this product.” And they’re like, “I don’t care. What product? Do you have a funding announcement? Do you have something big in the market that—you know, do you have a new executive? Do you”—it’s like, “No, but, like, these features, like these things, that we—the way we make our lives better for our customers. Isn’t that interesting?” “No.”Corey: Real depressing once you—“Do you have a security breach to announce?” It’s, “No. God no. Why would I wind up being that excited about it?” “Well, I don’t know. I’d be that excited about it.” And yeah, the stuff that mainstream media wants to write about in the context of tech companies is exactly the sort of thing that tech companies absolutely do not want to be written about for. But fortunately, that is neither here nor there.Clint: Yeah, they want the thing that gets the clicks.Corey: Exactly. You built a product that absolutely resonates in its target market and outside of that market. It’s one of those, what is that thing, again? If you could give us a light refresher on what Cribl is and does, you’ll probably do a better job of it than I will. We hope.Clint: We’d love to. Yeah, so we are an observability company, fundamentally. I think one of the interesting things to talk about when it comes to observability is that observability and security are merging. And so I like to say observability and include security people. If you’re a security person, and you don’t feel included by the word observability, sorry.We also include you; you’re under our tent here. So, we sell to technology professionals, we help make their lives better. And we do that today through a flagship product called LogStream—which is part of this announcement, we’re actually renaming to Stream. In some ways, we’re dropping logs—and we are a pipeline company. So, we help you take all of your existing agents, all of your existing data that’s moving, and we help you process that data in the stream to control costs and to send it multiple places.And it sounds kind of silly, but one of the biggest problems that we end up solving for a lot of our enterprises is, “Hey, I’ve got, like, this old Syslog feed coming off of my firewalls”—like, you remember those things, right? Palo Alto firewalls, ASA firewalls—“I actually get that thing to multiple places because, hey, I want to get that data into another security solution. I want to get that data into a data lake. How do I do that?” Well, in today’s world, that actually turns out is sort of a neglected set of features, like, the vendors who provide you logging solutions, being able to reshape that data, filter that data, control costs, wasn’t necessarily at the top of their priority list.It wasn’t nefarious. It wasn’t like people are like, “Oh, I’m going to make sure that they can’t process this data before it comes into my solution.” It’s more just, like, “I’ll get around to it eventually.” And the eventually never actually comes. And so our streaming product helps people do that today.And the big announcement that we’re making this week is that we’re extending that same processing technology down to the endpoint with a new product we’re calling Cribl Edge. And so we’re taking our existing best-in-class management technology, and we’re turning it into an agent. And that seems kind of interesting because… I think everybody sort of assumed that the agent is dead. Okay, well, we’ve been building agents for a decade or two decades. Isn’t everything exactly the same as it was before?But we really saw kind of a dearth of innovation in that area in terms of being able to manage your agents, being able to understand what data is available to be collected, being able to auto-discover the data that needs to be able to be collected, turning those agents into interactive troubleshooting experiences so that we can, kind of, replicate the ability to zoom into a remote endpoint and replicate that Linux command line experience that we’re not supposed to be getting anymore because we’re not supposed to SSH into boxes anymore. Well, how do I replicate that? How do I see how much disk is on this given endpoint if I can’t SSH into that box? And so Cribl Edge is a rethink about making this rich, interactive experience on top of all of these agents that become this really massive distributed system that we can process data all the way out at where the data is being emitted.And so that means that now we don’t nec—if you want to process that data in the stream, okay, great, but if you want to process that data at its origination point, we can actually provide you cheaper cost because now you’re using a lot of that capacity that’s sitting out there on your endpoints that isn’t really being used today anyway—the average utilization of a Kubernetes cluster is like 30%—Corey: It’s that high. I’m sort of surprised.Clint: Right? I know. So, Datadog puts out the survey every year, which I think is really interesting, and that’s a number that always surprised me is just that people are already paying for this capacity, right? It’s sitting there, it’s on their AWS bill already, and with that average utilization, a lot of the stuff that we’re doing in other clusters, or while we’re moving that data can actually just be done right there where the data is being emitted. And also, if we’re doing things like filtering, we can lower egress charges, there’s lots of really, really good goodness that we can do by pushing that processing further closer to its origination point.Corey: You know, the timing of this episode is somewhat apt because as of the time that we’re recording this, I spent most of yesterday troubleshooting and fixing my home wireless network, which is a whole Ubiquity-managed thing. And the controller was one of their all-in-one box things that kept more or less power cycling for no apparent reason. How do I figure out why it’s doing that? Well, I’m used to, these days, doing everything in a cloud environment where you can instrument things pretty easily, where things start and where things stop is well understood. Finally, I just gave up and used a controller that’s sitting on an EC2 instance somewhere, and now great, now I can get useful telemetry out of it because now it’s stuff I know how to deal with.It also, turns out that surprise, my EC2 instance is not magically restarting itself due to heat issues. What a concept. So, I have a newfound appreciation for the fact that oh, yeah, not everything lives in a cloud provider’s regions. Who knew? This is a revelation that I think is going to be somewhat surprising f

About AlexAlex holds a Ph.D. in Computer Science and Engineering from UC San Diego, and has spent over a decade building high-performance, robust data management and processing systems. As an early member of a couple fast-growing startups, he’s had the opportunity to wear a lot of different hats, serving at various times as an individual contributor, tech lead, manager, and executive. Prior to joining the Duckbill Group, Alex spent a few years as a freelance data engineering consultant, helping his clients build, manage and maintain their data infrastructure. He lives in Los Angeles, CA.Links: Twitter: https://twitter.com/alexras/ Personal page: https://alexras.info Old Consulting website with blog: https://bitsondisk.com TranscriptAnnouncer: Hello, and welcome to Screaming in the Cloud with your host, Chief Cloud Economist at The Duckbill Group, Corey Quinn. This weekly show features conversations with people doing interesting work in the world of cloud, thoughtful commentary on the state of the technical world, and ridiculous titles for which Corey refuses to apologize. This is Screaming in the Cloud.Corey: The company 0x4447 builds products to increase standardization and security in AWS organizations. They do this with automated pipelines that use well-structured projects to create secure, easy-to-maintain and fail-tolerant solutions, one of which is their VPN product built on top of the popular OpenVPN project which has no license restrictions; you are only limited by the network card in the instance. To learn more visit: snark.cloud/deployandgoCorey: Today’s episode is brought to you in part by our friends at MinIO the high-performance Kubernetes native object store that’s built for the multi-cloud, creating a consistent data storage layer for your public cloud instances, your private cloud instances, and even your edge instances, depending upon what the heck you’re defining those as, which depends probably on where you work. It’s getting that unified is one of the greatest challenges facing developers and architects today. It requires S3 compatibility, enterprise-grade security and resiliency, the speed to run any workload, and the footprint to run anywhere, and that’s exactly what MinIO offers. With superb read speeds in excess of 360 gigs and 100 megabyte binary that doesn’t eat all the data you’ve gotten on the system, it’s exactly what you’ve been looking for. Check it out today at min.io/download, and see for yourself. That’s min.io/download, and be sure to tell them that I sent you. Corey: Welcome to Screaming in the Cloud. I’m Corey Quinn. I’m the chief cloud economist at The Duckbill Group, which people are generally aware of. Today, I’m joined by our most recent principal cloud economist, Alex Rasmussen. Alex, thank you for joining me today, it is a pleasure to talk to you, as if we aren’t talking to each other constantly, now that you work here.Alex: Thanks, Corey. It’s great being here.Corey: So, I followed a more, I’d say traditional path for a cloud economist, but given that I basically had to invent the job myself, the more common path because imagine that you start building a role from scratch and the people you wind up looking for initially look a lot like you. And that is grumpy sysadmin, historically, turned into something, kind of begrudgingly, that looks like an SRE, which I still maintain are the same thing, but it is imperative people not email me about that. Yes, I know, you work at Google. But instead, what I found during my tenure as a sysadmin, is that I was working with certain things an awful lot, like web servers, and other things almost never, like databases and data warehouses. Because if you screw up a web server, we all have a good laugh, the site’s down for a couple of minutes, life goes on, you have a shame trophy on your desk if that’s your corporate culture, things continue.Mess up the data severely enough, and you don’t have a company anymore. So, I was always told to keep my aura away from the expensive spendy things that power a company. You are sort of the first of a cloud economist subtype that doesn’t resemble that. Before you worked here, you were effectively an independent consultant working on data engineering. Before that, you had a couple of jobs, but you had gotten a PhD in computer science, which means, first, you are probably one of the people in this world most qualified to pass some crappy job interview of solving a sorting algorithm on a whiteboard, but how did you get here from where you were?Alex: Great question. So, I like to joke that I kind of went to school until somebody told me that I had to stop. And I took that and went and started—or didn’t start, but I was an early engineer at a startup and then was an executive at another early-stage one, and did a little bit of everything. And went freelance, did that for a couple of years, and worked with all kinds of different companies—vast majority of those being startups—helping them with data infrastructure problems. I’ve done a little bit of everything throughout my career.I’ve been, you know, IC, manager, manager, manager, IT guy, everything in between. I think on the data side of things, it just sort of happened, to be honest with you, it kind of started with the stuff that I did for my dissertation and parlayed that into a job back when the big data wave was starting to kind of truly crest. And I’ve been working on data infrastructure, basically my entire career. So, it wasn’t necessarily something that was intentional. I’ve just been kind of taking the opportunity that makes the most sense for me it kind of every juncture. And my career path has been a little bit strange, both by academic and industrial standards. But I like where I’m at and I gained something really valuable from each of those experiences. So.Corey: It’s been an interesting area of I won’t say weakness here, but it’s definitely been a bit of a challenge when we look at an AWS environment and even talking about a typical AWS customer without thinking of any of them in particular, I can already tell you a few things are likely to be true. For example, the number one most expensive line item in their bill is going to be EC2, and compute is the thing that powers it. Now, maybe that is they’re running a bunch of instances the old-fashioned way. Maybe they’re running Kubernetes but that’s how it shows up. There’s a lot of things that could be, and we look at what rounds that out.Now, the next item down should almost certainly not be data transfer and if so we should have a conversation, but data in one form or another is very often going to be number two. And that can mean a bunch of different things, historically. It could mean, “Oh, you have a whole bunch of stuff in S3. Let’s talk about access patterns. Let’s talk about lifecycle policies. Let’s talk about making sure the really important stuff is backed up somewhere. Maybe you want to spend more on that particular aspect of it.”If it’s on EBS volumes, that’s interesting and definitely worth looking into and trying to understand the context of what’s going on. Periodically we’ll see a whole bunch of additional charges that speak to some of that EC2 charge in the form of EMR, AWS’s Elastic MapReduce, which charges a per-hour instance charge, but also charges you for the instances that are running under the hood and under the EC2 line item. So, there’s a lot of data lifecycle stuff, there’s a lot of data ecosystem stories, that historically we’ve consulted out with experts in that particular space. And that’s great, but we were starting to have to drag those people in on more and more engagements as we saw them. And we realized that was really something we had to build out as a core competency for ourselves.And we started out not intending to hire for someone with that specialty, but the more we talked to you, the more it became clear that this was a very real and very growing need that we and our customers have. How closely it is what you’re doing now as far as AWS bill analysis and data pattern deep-dive align with what you were doing as a freelance consultant in the space?Alex: A lot more than you might expect. You know, I think that increasingly, what you’re seeing now is that a company’s core differentiator is its data, right, how much of it they have, what they do with it. And so, you know, to your point, I think when you look at any company’s cloud spend, it’s going to be pretty heavy on the data side in terms of, like, where have you put it? What are you doing to process it? Where is it going once it’s been processed? And then how is that—Corey: And data transfer is a very important first word in that two-word sequence.Alex: Oh, sure is. And so I think that, like, in a lot of ways, the way that a customer’s cloud architecture looks and the way that their bill looks kind of as a consequence of that is kind of a reification in a way of the way that the data flows from one place to another and what’s done with it at each step along the way. I think what complicates this is that companies that have been around for a little while have lived through this kind of very amorphous, kind of, polyglot way that we’re approaching data. You know, back when I was first getting started in the big data days, it was MapReduce, MapReduce, MapReduce, right? And we quickly [crosstalk 00:07:29]—Corey: Oh, yes. The MapReduce white paper out of Google, a beautiful April Fool’s Day prank that the folks at Yahoo fell for hook, line, and sinker. They wrote Hadoop, and now we’re all stuck with that pattern. Great gag, they really should have clarified they were kidding. Here we are.Alex: Exactly. So—Corey: I mostly kid.Alex: No, for sure. But I think especially when it comes to data, we tend to over-index on what the large companies do and then quickly realize that we’ve made a mistake and correct backwards, right? So, there was this big push toward MapReduce for everything until people realize that it was just a pain in the neck to operate and to build. And so then we moved into Spark, so kind of up-leveled a little bit. And then there was this kind of explosion of NoSQL and NewSQL databases that hit the market.And MongoDB in

About AidanAidan is an AWS enthusiast, due in no small part to sharing initials with the cloud. He's been writing software for over 20 years and getting paid to do it for the last 10. He's still not sure what he wants to be when he grows up.Links: Stedi: https://www.stedi.com/ GitHub: https://github.com/aidansteele Blog posts: https://awsteele.com/ Ipv6-ghost-ship: https://github.com/aidansteele/ipv6-ghost-ship Twitter: https://twitter.com/__steele TranscriptAnnouncer: Hello, and welcome to Screaming in the Cloud with your host, Chief Cloud Economist at The Duckbill Group, Corey Quinn. This weekly show features conversations with people doing interesting work in the world of cloud, thoughtful commentary on the state of the technical world, and ridiculous titles for which Corey refuses to apologize. This is Screaming in the Cloud.Corey: Couchbase Capella Database-as-a-Service is flexible, full-featured and fully managed with built in access via key-value, SQL, and full-text search. Flexible JSON documents aligned to your applications and workloads. Build faster with blazing fast in-memory performance and automated replication and scaling while reducing cost. Capella has the best price performance of any fully managed document database. Visit couchbase.com/screaminginthecloud to try Capella today for free and be up and running in three minutes with no credit card required. Couchbase Capella: make your data sing.Corey: Today’s episode is brought to you in part by our friends at MinIO the high-performance Kubernetes native object store that’s built for the multi-cloud, creating a consistent data storage layer for your public cloud instances, your private cloud instances, and even your edge instances, depending upon what the heck you’re defining those as, which depends probably on where you work. It’s getting that unified is one of the greatest challenges facing developers and architects today. It requires S3 compatibility, enterprise-grade security and resiliency, the speed to run any workload, and the footprint to run anywhere, and that’s exactly what MinIO offers. With superb read speeds in excess of 360 gigs and 100 megabyte binary that doesn’t eat all the data you’ve gotten on the system, it’s exactly what you’ve been looking for. Check it out today at min.io/download, and see for yourself. That’s min.io/download, and be sure to tell them that I sent you.Corey: Welcome to Screaming in the Cloud. I’m Corey Quinn. I’m joined this week by someone who is honestly, feels like they’re after my own heart. Aidan Steele by day is a serverless engineer at Stedi, but by night, he is an absolute treasure and a delight because not only does he write awesome third-party tooling and blog posts and whatnot around the AWS ecosystem, but he turns them into the most glorious, intricate, and technical shit posts that I think I’ve ever seen. Aidan, thank you for joining me.Aidan: Hi, Corey, thanks for having me. It’s an honor to be here. Hopefully, we get to talk some AWS, and maybe also talk some nonsense as well.Corey: I would argue that in many ways, those things are one in the same. And one of the things I always appreciated about how you approach things is, you definitely seem to share that particular ethos with me. And there’s been a lot of interesting content coming out from you in recent days. The thing that really wound up showing up on my radar in a big way was back at the start of January—2022, for those listening to this in the glorious future—about using IPv6 to use multi-factor auth, which it is so… I don’t even have the adjectives to throw at this because, first it is ridiculous, two, it is effective, and three, it is just who thinks like that? What is this and what did you—what monstrosity have you built?Aidan: So, what did I end up calling it? I think it was ipv6-ghost-ship. And I think I called it that because I’d recently watched, oh, what was that series that was recently on Apple TV? Uh, the Isaac Asimov—Corey: If it’s not Paw Patrol, I have no idea what it is because I have a four-year-old who is very insistent about these things. It is not so much a TV show as it is a way of life. My life is terrible. Please put me out of my misery.Aidan: Well, at least it’s not Bluey. That’s the one I usually hear about. That’s Australia’s greatest export. But it was one of the plot devices was a ship that would teleport around the place, and you could never predict where it was next. And so no one could access it. And I thought, “Oh, what about if I use the IPv6 address space?”Corey: Oh, Foundation?Aidan: That’s the one. Foundation. That’s how the name came about. The idea, honestly, it was because I saw—when was it?—sometime last year, AWS added support for those IP address prefixes. IPv4 prefixes were small; very useful and important, but IPv6 with more than 2 trillion IP addresses, per instance, I thought there’s got to be fun to be had there.Corey: 281 trillion, I believe is the—Aidan: 281 trillion.Corey: Yeah. It is sarcastically large space. And that also has effectively, I would say in InfoSec sense, killed port scanning, the idea I’m going to scan the IP range and see what’s there, just because that takes such a tremendous amount of time. Now here, in reality, you also wind up with people using compromised resources, and yeah, it turns out, I can absolutely scan trillions upon trillions of IP addresses as long as I’m using your AWS account and associated credit card in which to do it. But here in the real world, it is not an easily discoverable problem space.Aidan: Yeah. I made it as a novelty, really. I was looking for a reason to learn more about IPv6 and subnetting because it’s the term I’d heard, a thing I didn’t really understand, and the way I learn things is by trying to build them, realizing I have no idea what I’m doing, googling the error messages, reluctantly looking at the documentation, and then repeating until I’ve built something. And yeah, and then I built it, published it, and seemed to be pretty popular. It struck a chord. People retweeted it. It tickled your fancy. I think it spoke something in all of us who are trying not to take our jobs too seriously, you know, know we can have a little fun with this ludicrous tech that we get to play with.Corey: The idea being, you take the multi-factor auth code that your thing generates, and that is the last series of octets for the IP address you wind up going towards and that is such a large problem space that you’re not going to find it in time, so whatever it is automatically connect to that particular IP address because that’s the only one that’s going to be listening for a 30 to 60-second span for the connection to be established. It is a great idea because SSH doesn’t support this stuff natively. There’s no good two-factor auth approach for this. And I love it. I’d be scared to death to run this in production for something that actually matters.And we also start caring a lot more about how accurate are the clocks on those instances, all of a sudden. But, oh, I just love the concept so much because it hits on the ethos of—I think—what so much of the cloud does were these really are fundamental building blocks that we can use to build incredible, awe-inspiring things that are globe-spanning, and also ridiculousness. And there’s so much value of being able to do the same thing, sometimes at the same time.Aidan: Yeah, it’s interesting, you mentioned, like, never using in prod, and I guess when I was building it, I thought, you know, that would be apparent. Like, “Yes, this is very neat, but surely no one’s going to use it.” And I did see someone raised an issue on the GitHub project which was talking about clock skew. And I mentioned—Corey: Here at the bank where I’m running this in production, we’re—Aidan: [laugh].Corey: —having some trouble with the clock. Yeah, it’s—Aidan: You know, I mentioned that the underlying 2FA library did account for clock scheme 30 seconds either way, but it made me realize, I might need to put a disclaimer on the project. While the code is probably reasonably sound, I personally wouldn’t run it in production, and it was more meant to be a piece of performance art or something to tickle one’s fancy and to move on, not to roll it out. But I don’t know, different strokes for different folks.Corey: I have gotten a lot better about calling out my ridiculous shitpost things when I do them. And the thing that really drove that home for me was talking about using DNS TXT records to store information about what server a virtual machine lives on—or container or whatnot—thus using Route 53 is a database. And that was a great gag, and then someone did a Reddit post of “This seems like a really good idea, so I’m going to start doing it, and I’m having these questions.”And at that point is like, “Okay, I’ve got a break character at that point.” And is, yeah, “Hi. That’s my joke. Don’t do it because X, Y, and Z are your failure modes, there are better tools for it. So yeah, there are ways you can do this with DNS, but it’s not generally a great idea, and there are some risk factors to it. And okay, A, B, and C are the things you don’t want to do, so let’s instead do it in a halfway intelligent way because it’s only funny if everyone’s laughing. Otherwise, we fall into this trap of people take you seriously and they feel bad as a result when it doesn’t work in production. So, calling it out as this is a joke tends to put a lot of that aside. It also keeps people from feeling left out.Aidan: Yeah. I realized that because the next novelty project I did a few days later—not sure if you caught it—it was a Rick Roll over ICMPv6 packets, where if you had run ping six to a certain IP range, it would return the lyrics to music’s greatest treasure. So, I think that was hopefully a bit more self-evident that this should never be taken seriously. Who knows, I’m sure someone will find a use for it in prod.Corey: And I was looking through this, this is great. I love some of the stuff that you’re doing because it’s just fantastic. And I started digging a bit more to things you had done. And at that point, it was whoa, whoa, whoa, wait a minute. Back in 2020, you found an example of a

About DavidDavid is an AWS expert who likes to design and build scalable solutions that are fully automated and take care of themselves. Now he is focusing on selling his own products on the AWS Marketplace.Links: 0x4447: https://0x4447.com/ Products page: https://products.0x4447.com TranscriptAnnouncer: Hello, and welcome to Screaming in the Cloud with your host, Chief Cloud Economist at The Duckbill Group, Corey Quinn. This weekly show features conversations with people doing interesting work in the world of cloud, thoughtful commentary on the state of the technical world, and ridiculous titles for which Corey refuses to apologize. This is Screaming in the Cloud.Corey: Today’s episode is brought to you in part by our friends at MinIO the high-performance Kubernetes native object store that’s built for the multi-cloud, creating a consistent data storage layer for your public cloud instances, your private cloud instances, and even your edge instances, depending upon what the heck you’re defining those as, which depends probably on where you work. It’s getting that unified is one of the greatest challenges facing developers and architects today. It requires S3 compatibility, enterprise-grade security and resiliency, the speed to run any workload, and the footprint to run anywhere, and that’s exactly what MinIO offers. With superb read speeds in excess of 360 gigs and 100 megabyte binary that doesn’t eat all the data you’ve gotten on the system, it’s exactly what you’ve been looking for. Check it out today at min.io/download, and see for yourself. That’s min.io/download, and be sure to tell them that I sent you.Corey: This episode is sponsored in part by our friends at Sysdig. Sysdig is the solution for securing DevOps. They have a blog post that went up recently about how an insecure AWS Lambda function could be used as a pivot point to get access into your environment. They’ve also gone deep in-depth with a bunch of other approaches to how DevOps and security are inextricably linked. To learn more, visit sysdig.com and tell them I sent you. That’s S-Y-S-D-I-G dot com. My thanks to them for their continued support of this ridiculous nonsense.Corey: Welcome to Screaming in the Cloud. I’m Corey Quinn. Today’s promoted episode is brought to us by 0x4447. And my guest today is David Gatti, their CEO. David, thank you for taking the time to speak with me today.David: Thank you for getting me on the show.Corey: One of the things that I find fascinating about what you do and where you come from is that for the last five years, you’ve been running an independent company that I would classify based upon our conversations as pretty close to a consultancy. However, you’ve gone down the path that I didn’t when I set up my own consultancy, and started actually selling software—not just software: Solutions—as a packaged thing that you can wind up doling out to various customers, whereas I just went with the very high touch approach of, “Oh, let me come in and have a whole series of conversations with people.” Your scale is a heck of a lot more. So, do you view yourself these days as a software company, as a consultancy, or something else entirely?David: So, right now, I did put aside the consultancy because yeah, one thing that I realized, it’s possible but it’s very hard to scale, it’s also hard to find people at the same level. So yeah, the scalability of the business is quite hard, whereas with software sold on the AWS Marketplace, that is much easier to scale than what I was doing before, and that’s why I decided to take a break from consulting and focusing one hundred percent on the products that I sell on the AWS Marketplace to see how this goes and how it actually works, and can a business be built around it.Corey: The common wisdom that I’ve encountered is that consulting, especially when you’re doing it yourself, is one of those things that is terrific when you find yourself in the position that I originally did of your employer showing up and, “Knock, knock,” “Who’s there?” “Not you anymore. Get out.” And there’s a somewhat, in my case, limited runway as far as how long I’ve got before I have to go find another job. With consulting, you can effectively go out and start talking to people, and provided that you can land a project, it starts throwing off revenue, basically immediately, whereas building software, building packages, things that you end up selling to people, it’s almost like a real estate business on some level, where you have to take a lot of investment up front to wind up building the thing, where—because no one is, generally speaking, going to pay you spec work to go ahead and build something for 18 months and come back and hope that it works.David: Right.Corey: I also bias towards the services because I’m bad at writing code. You, on the other hand, write things that seem to actually work, which is another refreshing difference.David: Yes. So, I did that, but now I have a guy that is just a Linux expert. So, you were saying that there is a high investment in the beginning, but what actually—in my case what happened, I’ve been selling these products for the past three years basically as a hobby. So, when I was doing AWS consulting, I was seeing, like, a company has a problem, a repeating problem, so I was just creating a product, putting it on the Marketplace, and then sending it to them. So basically, they had a situation where I can manage those projects to update when there’s a need to do an update, and there was always a standardization behind that, right?So, if they had, you know, five SFTP servers, and there was a need to make an update, I was making the update on my image, putting it on the Marketplace, and then updating all those servers in one go in a much quicker fashion then managing them one by one, right? And so I had this thing for three years. So now, when I started doing this full-time, I have a little bit of a leap on what’s going on. So, I already had a bunch of clients that are using their products, so that actually helped me not to have to wait three years before I saw any revenue coming in.Corey: I always thought that the challenge behind building something like this was that well, you needed to actually be conversant in a programming language; that was the thing that you needed to package and build these things. But I take a look at what you have on the AWS Marketplace—and I will throw a link to this in the [show notes 00:04:39]—but you offer right now four different offerings: A Rsyslog server, a Samba server, VPN server, and an SFTP server, and every one of those four things, back in my DevOps days, I built and implemented on AWS, generally either from scratch or from something in the Marketplace—and I’ll get to that in a bit—that didn’t really meet a variety of needs. And every single time I built these things, it drove me up a wall because I had to do this without, like, solving a global problem locally, myself, to meet some pile of needs, then I had to worry about the maintenance of the thing, making sure that the care and feeding continued to work. And it just wasn’t—it didn’t work for me in the way that I wanted it to. It never occurred to me that I really could have just solved this whole thing once, [unintelligible 00:05:28] it on the Marketplace, and then just gone and grabbed the thing.David: Exactly. So, that was my exact thinking here. Especially when your work with the client, this [unintelligible 00:05:38] was also great [idea 00:05:39] because when you work with clients, they want to do things as fast as possible, right? So, can they say, “I need an SFTP server?” Of course, it takes, you know, half a day to set up something, but then they scream at you and say, like, “Hey, do the next thing. Do the next thing. Do the next thing.” And you never end up configuring the server that you’re making a reliable way, sometimes you misconfigure it because, oh I forgot this option, and now everybody on the internet can access the server itself.Corey: Wait, screw up a server config? That doesn’t sound like something I would do.David: Well, of course not.Corey: Yeah, no one [unintelligible 00:06:08] they’re going to until oops.David: Yes. You’re amazing and you’re perfect, of course, but I’m not. And I was seeing, like, oh, you know, in the middle of the night, oh, I forgot this option. I forgot this. I forgot that.And so there was never a, basically, one place when the configuration just correct, right? And that was something that sparked my idea when I realized the Marketplace exists. It’s like, oh, wait a moment, I can spend few weeks to do it, right, put it there and never worry about it again. And so if when a client says like, “Hey, I need this,” I can deploy it literally, in less than one minute. You have any of those products that actually I’m selling up and running, right?And of course, the VPN is going to be a little bit slower because it needs to generate all the certificates at the beginning, but for example, the SFTP one is just poof, you’re deployment with our CloudFormation file, provide username and password, and you’re up and running. And I see, for example, this thing with clients, which sometimes it’s funny, when there’s two clients that they use the SFTP server only once a day for one hour. So, every day is like one new instance created, then one instance removed, and one instance created and one instance removed. And so it keeps on going like that.Corey: The thing that always drove me nuts about building these things out was first I had to go and find something on those rare occasions where I used the Marketplace. Again, I wasn’t really working in the same modern Marketplace that we think of today when we talk about the AWS Marketplace. It was very early on, the only way that it would deliver software was via, “Here’s an AMI, grab the thing, and go ahead and deploy it, and it’s going to have an additional hourly cost on. It the end.” And more or less the whole Henry Ford approach of, “Oh, you can get it in any color you want, as long as it’s black.”So, back in those days, I would spin up an OpenVPN server—and I did this at several companies—I would go and find the thing on the Marketp

About SethSeth Vargo is an engineer at Google. Previously he worked at HashiCorp, Chef Software, CustomInk, and some Pittsburgh-based startups. He is the author of Learning Chef and is passionate about reducing inequality in technology. When he is not writing, working on open source, teaching, or speaking at conferences, Seth advises non-profits.Links:Twitter: https://twitter.com/sethvargo TranscriptAnnouncer: Hello, and welcome to Screaming in the Cloud with your host, Chief Cloud Economist at The Duckbill Group, Corey Quinn. This weekly show features conversations with people doing interesting work in the world of cloud, thoughtful commentary on the state of the technical world, and ridiculous titles for which Corey refuses to apologize. This is Screaming in the Cloud.Corey: The company 0x4447 builds products to increase standardization and security in AWS organizations. They do this with automated pipelines that use well-structured projects to create secure, easy-to-maintain and fail-tolerant solutions, one of which is their VPN product built on top of the popular OpenVPN project which has no license restrictions; you are only limited by the network card in the instance.Corey: Couchbase Capella Database-as-a-Service is flexible, full-featured and fully managed with built in access via key-value, SQL, and full-text search. Flexible JSON documents aligned to your applications and workloads. Build faster with blazing fast in-memory performance and automated replication and scaling while reducing cost. Capella has the best price performance of any fully managed document database. Visit couchbase.com/screaminginthecloud to try Capella today for free and be up and running in three minutes with no credit card required. Couchbase Capella: make your data sing.Corey: Welcome to Screaming in the Cloud. I’m Corey Quinn. I have a return guest today, though it barely feels like it qualifies because Seth Vargo was guest number three on this podcast. I’ve had a couple of folks on since then, and for better or worse, I’m no longer quite as scared of the microphone as I was back in those early days. Seth, thank you for joining me.Seth: Yeah, thank you so much for having me back, Corey. Really excited to figure out whatever we’re talking about today.Corey: Well, let’s start there because last time we spoke, you were if memory serves a developer advocate at Google Cloud.Seth: Correct.Corey: And you’ve changed jobs, but not companies—but kind of companies because, welcome to large environments—but over the past few years, you have remained at Google. You are no longer at Google Cloud and you’re no longer a developer advocate. In fact, your title is simply ‘Engineer at Google.’ And what you’ve been focusing on, to my understanding, is helping Alphabet companies, namely—you know, the Alphabet, always in parentheses in journalistic styles, Google’s parent company because no one thinks of it in terms of Alphabet—is—you’re effectively helping companies within the conglomerate umbrella securely and privately consume public cloud.Seth: Yes, that is correct. So, I used to work in what we call the Cloud PA—PA stands for product area. Other product areas are like Chrome and Android—and I moved to the Core PA where I’m helping lead and run an initiative that, like you said, is to help Alphabet companies to, you know, securely and privately use public cloud services.Corey: So, I am going to go out on a limb because my position on multi-cloud has always been pick a cloud—I don’t particularly care which one—but pick one and focus on that. I’m going to go out on a limb and presume that given that you are not at Google Cloud anymore, but you are at Google, you probably have a slight preference as far as which public cloud these various companies within the umbrella should be consuming.Seth: Yeah. I mean, obviously, I think most viewers will think the answer is GCP. And if you said GCP, you would be, like, 95% correct.Corey: Well, you’d also be slightly less than that correct, because they’re doing a whole rebrand and calling it Google Cloud in public, as opposed to GCP. You really don’t work for the same org anymore. You’re not up-to-date on the very latest messaging talking points.Seth: I missed—ugh, there’s so many TLAs that you lose all your TLAs over time.Corey: Oh, yes.Seth: So, Google Cloud would be, like, 95% correct. But what you have to really understand is, Google has its own, you know, cloud—we didn’t call it a cloud at the time, you might call it on-prem or legacy infrastructure, if you will—primarily built on a scheduling system called Borg, which is like Kubernetes version zero. And a lot of the Alphabet companies have workloads that run onboard. So, we’re actually talking about hybrid cloud here, which, you know, you may not think of Google is like a hybrid cloud customer, but a workload that runs on our production infrastructure called Borg that needs to interact with a workload that runs on Google Cloud, that is hybrid cloud, it’s no different than a customer who has their own data center that needs peering to a public cloud provider, you know, whether that’s Google Cloud, or AWS, or Azure.I think the other thing is if you look at, like, the regulatory space, particularly a lot of the Alphabet companies operate in, say, like healthcare, or finance, or FinTech, where certain countries and certain jurisdictions have regulations around, like, you must be multi-cloud. You know, some people might say that means you have to run, you know, the same instance of the same app across clouds, or some people say your data can be here, but your workloads can be over there. That’s to be interpreted, but you know, I would say 95% of GCP, but there is a—or sorry, 95% is Google Cloud—Corey: There we go.Seth: But there is a small percentage that is definitely going to be other cloud providers and hybrid cloud as well.Corey: My position on multi-cloud has often—people like to throw it in my face of, “See you gave this general guidance, and therefore whenever you say something that goes against it, you’re a giant phony.” And it’s yeah, Twitter doesn’t do so well with the nuance. My position of pick a provider and go all-in is intended as general guidance for the common case. There are exceptions to this and any individual company or customer is going to have more context than that general guidance will. So, if you say you need to be in multiple clouds for certain reasons, you’re probably correct.If you say you need to be in multiple clouds because your regulator demands it, you are certainly correct. I am not arguing against that in any way. I do want to disclaim my one of my biases here as well, and that is specifically that if I were building a startup today and I were not me—by which I mean having spent ten years in the AWS ecosystem learning, not just how it works, but how it breaks because that’s important in production, and you know, also having a bunch of service owners at AWS on speed dial—and I, were approaching this from the naive, I need to pick a cloud, which one would I go with, my bias is for Google Cloud. And the reason behind that is the developer experience is spectacular as the primary but not only perspective on that. So, I am curious to know that as you’re helping what are effectively internal customers move to Google Cloud, is their interaction with Google Cloud as a platform the same as it would be if I as a random outside customer, were using Google Cloud? Is there a bunch of internal backchannels? “Oh, you get the good kind of internal Google Cloud that most of us don’t get access to?” Or something else?Seth: Yeah, so that’s a great question. So first, you know, thank you for the kind words on the developer experience—Corey: They were honest words, to be clear. Let me be very direct with you, if I thought your developer experience was trash, I might not say it outright in their effort not to be, you know, actively antagonistic to someone I’m having on the show right now, but I would not say it if I didn’t believe it.Seth: Yeah. And I totally—I know you, I’ve known you for many years. I totally believe you. But I do thank you for saying that because that was the team that I was on before this was largely responsible for that across the platform. But back to your original question around, like, what does the support experience look like? So, it’s a little bit of both.So, Alphabet companies, they get a technical account manager, very similar to how, you know, reasonable-sized spend customer would get a technical account manager. That account manager has access to the Cloud support channels. So, all that looks the same. I think we’re things look a little bit different is because myself and some of our other leads came from Cloud, you know, I generally don’t like this phrase, but we know people. So, we tend not to go directly to Cloud when we can, right?We want Alphabet companies to really behave and act as if they were an external entity, but we’re able to help the technical account manager navigate the support process a little bit better by saying like, “You need to ask for this person,” right? You need to say these words to get in front of the right person to get this ticket assigned to the right person. So, the process is still the same, but we’re able to leverage our pre-existing knowledge with Cloud. The same way, if you had a [unintelligible 00:07:45] or an ex-Googler who worked for your company, would be able to kind of help move that support process along a little bit faster.Corey: I am quite sincere when I say that this is a problem that goes far beyond simply Google. A disturbing portion of my job as a cloud economist helping my clients consists of nothing other than introducing Amazonians to one another. And these are hard problems at scale. I work at a company with a dozen people in it. And it turns out that yeah, it’s pretty easy to navigate who’s responsible for what. When you have a hyperscale-size company in the trillion-dollar range, a lot of that breaks down super quickly.Seth: And there’s just a lot of churn at all levels of the organization. And, you know, we talked about this when I first joined the show, like, I switched roles, I used to be

About BrookeBrooke is the Head of Enablement - AI/ML and Data at Blackbook.ai, an Australian based consulting firm and AWS Partner. Brooke has degrees in Mathematics and Data Engineering and they specialise in developing technically robust solutions that help “non-data people” harness the power of AI for their industry, and communicate this effectively.Outside of their 'day job', Brooke speaks at Data, AI, Software Engineering, UX and Business conferences and events to Australian and international audiences, and has guest lectured at the University of Queensland Business School and Griffith University. Brooke is proudly a volunteer member of the Queensland National Science Week Committee, and is always on the lookout for new ways to promote STEM pathways to young people, especially young women and members of the LGBTIQA+ community from regional Australia.Links: Blackbook: https://blackbook.ai/ Twitter: https://twitter.com/brooke_jamieson TikTok: https://www.tiktok.com/@brookebytes LinkedIn: https://www.linkedin.com/in/brookejamieson/ TranscriptAnnouncer: Hello, and welcome to Screaming in the Cloud with your host, Chief Cloud Economist at The Duckbill Group, Corey Quinn. This weekly show features conversations with people doing interesting work in the world of cloud, thoughtful commentary on the state of the technical world, and ridiculous titles for which Corey refuses to apologize. This is Screaming in the Cloud.Corey: The company 0x4447 builds products to increase standardization and security in AWS organizations. They do this with automated pipelines that use well-structured projects to create secure, easy-to-maintain and fail-tolerant solutions, one of which is their VPN product built on top of the popular OpenVPN project which has no license restrictions; you are only limited by the network card in the instance.Corey: This episode is sponsored in part by our friends at Sysdig. Sysdig is the solution for securing DevOps. They have a blog post that went up recently about how an insecure AWS Lambda function could be used as a pivot point to get access into your environment. They’ve also gone deep in-depth with a bunch of other approaches to how DevOps and security are inextricably linked. To learn more, visit sysdig.com and tell them I sent you. That’s S-Y-S-D-I-G dot com. My thanks to them for their continued support of this ridiculous nonsense.Corey: Welcome to Screaming in the Cloud. I’m Corey Quinn. As my 30s draw to a close, I am basically beating myself up emotionally by making myself feel tremendously, tremendously old. And there’s no better way to do that than to go on TikTok where it pops up with, “Hey if you were born before 2004”—and then I just closed the video because it’s ridiculous. It’s more or less of a means of self-flagellation.But there are good parts to it. One of those good parts is I get to talk to people who I don’t generally encounter in other areas of the giant cloud ecosystem, and my guest today is a shining example of someone who has been very prolific on TikTok but for some reason or other, hadn’t really come across my radar previously. Brooke Jamieson is the Head of Enablement of AI and machine learning at Blackbook. Brooke, thank you for joining me today.Brooke: Thanks so much for having me. Welcome to 6 a.m. in Brisbane. [laugh].Corey: It was right before the pandemic that I did my first trip to Australia, discovered that was a real place. Like, “Oh, yeah. You’re going to go to give a talk in Perth. What, are you taking a connection through Narnia?” No, no, it turns out it’s a real place, unlike New Zealand.Brooke: Oh, yeah. New Zealand’s fake.Corey: [laugh].Brooke: I booked a conference in Portugal soon, and it’s going to take me 31 hours to get there from here. So. [laugh].Corey: I remember the days of international travel. Hopefully for me, they’ll come back again, sooner or later.Brooke: Fingers crossed.Corey: What really struck my notice about a lot of your content is the way that you fold multiple things together. First and foremost, you talk an awful lot about machine learning, data engineering, et cetera, and you are the second person that I’ve encountered that really makes me think that there is something to all of this. The first being Emily Freeman, which I’ve discussed on the show previously, and on Twitter, and shouting from the rooftops because she works at AWS and is able to tell the story, which basically, I think makes her a heretic compared to most folks over in that org. But there’s something about making incredibly complex things easily accessible, which is hard enough in its own right, but you also managed to do it basically via short-form video on TikTok. How did you discover all this?Brooke: Yeah, I have a very strange resume. [laugh]. It is sort of a layered Venn diagram is the way I normally talk about it if I’m doing a conference talk or something. So, I studied pure maths at university the first time, and then I went back and studied data engineering after. But then I also worked in fashion as a model internationally, and then I’ve also worked in things like user experience, doing lots of behavioral science, and everything even design-related around that.And then I’ve also done lots more work into cloud and AI and everything that happens. So overall, it’s just being about educating people on this. Most of my role now is educating executives and showing them how they were lied to at various conferences so that they can actually make an informed decision. Because if I go to talk to a board, I know when I leave, they’re going to have a conversation about what we talked about without me in the room, and I think executives keep making terrible decisions because they can’t have that conversation as a group. They don’t know what to do when the tour guide isn’t there anymore because they don’t have a shared vocabulary or a framework to talk about what they might like to do, or what they might like to prioritize to do first, things like that.So, so much of what I do is just really helping people to understand, conceptually from a high level what they’re actually trying to do, so that then they can deliver on that rather than thinking, oh, I just really saw this cool model of a specific AI thing at a conference, and it was a cool animated slide. And I would like to purchase exactly one of those for my company, thank you.Corey: It’s odd because you don’t have a quote-unquote, “Traditional”—if there is such a thing—DevRel role: You’re not an advocate, you’re not an evangelist. And none of your content and talks that I have seen have been actively selling any product, but they very much been selling ideas and concepts. And it really strikes me that you have threaded the needle beautifully as far as understanding the assignment. You’re trying to cause a shift in the audience, get them to see things in a way that they don’t already without trying to push a particular product or a particular solution. How much of that was happy accident and how much of that was something you set out to do intentionally?Brooke: First, thanks so much. Second of all, I think this comes from studying maths. So, the number one skill you get from doing a pure maths degree is you have a toolbox with you, and then there’s a number of things in that toolbox. There’s different ways you can solve problems, and usually, there’s a few different ways you can solve a given problem, but you just open up your toolbox that grows over time, and you can see what you can use in there to solve a problem. So, that’s really how I’ve continued to exist, even working in user experience roles as well, just like what elements do we have to even work with here?And I brought that with me into the cloud as well because I think the really big thing with actually selling tech products is being confident enough to know that there are a number of things you can actually use instead of your product, but if you’re confident enough in the product you have, it will be the obvious solution anyway, so instead, I just get people thinking about what they actually need it for, how they could use it solving a problem and give them ideas on how to apply it. And you would know this: In cloud, there’s always ten million different ways to do something. [laugh]. And it’s just, instead of getting them to think—because then you just get stuck in a thought vortex about, “This one or this one?” Or, “What am I doing,” but instead latch on to an idea of what you’re trying to achieve, and then work out the most optimal way to do that for your underlying infrastructure as well. And even the training of staff that you have, is really important.Corey: There’s a definite idea around selling—like, I think it’s called ‘solution selling.’ I don’t know; I don’t have a background in this stuff. I’ve basically stumbled into it. But periodically, I’ll have folks come on this show, and I’ll chat with them, “So, what is the outcome we’re looking to have in the audience here?” Because again, telling a story with no real target in mind doesn’t always go super well. And, “Oh, I want people to sign up for my product.” “Okay, how do you envision them doing that?”And their story is to sit there and pitch the whole time, and it’s, yeah, that’s going to be a really bad show, and I don’t want to put that out. Instead, if you’re active in a particular space, my approach has always been to talk about the painful problem that you solve and allude to what you do and a bit of how you do it. If you make the audience marinate in the painful problem, the folks who are experiencing that are going to sit up and self-select of, “Ooh, that sounds a lot like the problems we have. If they’re talking about this, they might have some ideas and solutions.” It’s a glimpse and a hook into reaching out to find out more.And to be clear, that’s not the purpose of this show, but if someone wants to pitch a particular product or service, that’s the way to do it because the other stuff just doesn’t work. Giving away free t-shirts, for example, okay, you’ll get a bunch of people clicking links and whatnot, but you’re also effectively talking to people who are super willing to spend time filling out forms and talkin

About LizLiz Rice is Chief Open Source Officer with cloud native networking and security specialists Isovalent, creators of the Cilium eBPF-based networking project. She is chair of the CNCF's Technical Oversight Committee, and was Co-Chair of KubeCon + CloudNativeCon in 2018. She is also the author of Container Security, published by O'Reilly.She has a wealth of software development, team, and product management experience from working on network protocols and distributed systems, and in digital technology sectors such as VOD, music, and VoIP. When not writing code, or talking about it, Liz loves riding bikes in places with better weather than her native London, and competing in virtual races on Zwift.Links: Isovalent: https://isovalent.com/ Container Security: https://www.amazon.com/Container-Security-Fundamental-Containerized-Applications/dp/1492056707/ Twitter: https://twitter.com/lizrice GitHub: https://github.com/lizrice Cilium and eBPF Slack: http://slack.cilium.io/ CNCF Slack: https://cloud-native.slack.com/join/shared_invite/zt-11yzivnzq-hs12vUAYFZmnqE3r7ILz9A TranscriptAnnouncer: Hello, and welcome to Screaming in the Cloud with your host, Chief Cloud Economist at The Duckbill Group, Corey Quinn. This weekly show features conversations with people doing interesting work in the world of cloud, thoughtful commentary on the state of the technical world, and ridiculous titles for which Corey refuses to apologize. This is Screaming in the Cloud.Corey: Today’s episode is brought to you in part by our friends at MinIO the high-performance Kubernetes native object store that’s built for the multi-cloud, creating a consistent data storage layer for your public cloud instances, your private cloud instances, and even your edge instances, depending upon what the heck you’re defining those as, which depends probably on where you work. It’s getting that unified is one of the greatest challenges facing developers and architects today. It requires S3 compatibility, enterprise-grade security and resiliency, the speed to run any workload, and the footprint to run anywhere, and that’s exactly what MinIO offers. With superb read speeds in excess of 360 gigs and 100 megabyte binary that doesn’t eat all the data you’ve gotten on the system, it’s exactly what you’ve been looking for. Check it out today at min.io/download, and see for yourself. That’s min.io/download, and be sure to tell them that I sent you.Corey: This episode is sponsored in part by our friends at Sysdig. Sysdig is the solution for securing DevOps. They have a blog post that went up recently about how an insecure AWS Lambda function could be used as a pivot point to get access into your environment. They’ve also gone deep in-depth with a bunch of other approaches to how DevOps and security are inextricably linked. To learn more, visit sysdig.com and tell them I sent you. That’s S-Y-S-D-I-G dot com. My thanks to them for their continued support of this ridiculous nonsense.Corey: Welcome to Screaming in the Cloud. I’m Corey Quinn. One of the interesting things about hanging out in the cloud ecosystem as long as I have and as, I guess, closely tied to Amazon as I have been, is that you learned that you never quite are able to pronounce things the way that people pronounce them internally. In-house pronunciations are always a thing. My guest today is Liz Rice, the Chief Open Source Officer at Isovalent, and they’re responsible for, among other things, the Cilium open-source project, which is around eBPF, which I can only assume is internally pronounced as ‘Ehbehpf’. Liz, thank you for joining me today and suffering my pronunciation slings and arrows.Liz: I have never heard ‘Ehbehpf’ before, but I may have to adopt it. That’s great.Corey: You also are currently—in a term that is winding down if I’m not misunderstanding—you were the co-chair of KubeCon and CloudNativeCon at the CNCF, and you are also currently on the technical oversight committee for the foundation.Liz: Yeah, yeah. I’m currently the chair, in fact, of the technical oversight committee.Corey: And now that Amazon has joined, I assumed that they had taken their horrible pronunciation habits, like calling AMIs ‘Ah-mies’ and whatnot, and started spreading them throughout the ecosystem with wild abandon.Liz: Are we going to have to start calling CNCF ‘Ka’Nff’ or something?Corey: Exactly. They’re very frugal, by which I mean they never buy a vowel. So yeah, it tends to be an ongoing challenge. Joking and all the rest aside, let’s start, I guess, at the macro view. The CNCF does an awful lot of stuff, where if you look at the CNCF landscape, for example, like, I think some of my jokes on the internet go a bit too far, but you look at this thing and last time I checked, there were something like four or 500 different players in various spaces.And it’s a very useful diagram, don’t get me wrong by any stretch of the imagination, but it also is one of those things that is so staggeringly vast that I’ve got a level with you on this one, given my old, ancient sysadmin roots, “The hell with it. I’m going to run some VMs in a three-tiered architecture just like grandma and grandpa used to do,” and call it good. Not really how the industry is evolved, but it’s overwhelming.Liz: But that might be the right solution for your use case so, you know, don’t knock it if it works.Corey: Oh, yeah. If it’s a terrible architecture and it works, is it really that terrible of an architecture? One wonders.Liz: Yeah, yeah. I mean, I’m definitely not one of those people who thinks, you know, every solution has the same—you know, is solved by the same hammer, you know, all problems are not the same nail. So, I am a big fan of a lot of the CNCF projects, but that doesn’t mean to say I think those are the only ways to deploy software. You know, there are plenty of things like Lambda are a really great example of something that is super useful and very applicable for lots of applications and for lots of development teams. Not necessarily the right solution for everything. And for other people, they need all the bells and whistles that something like Kubernetes gives them. You know, horses for courses.Corey: It’s very easy for me to make fun of just about any company or service or product, but the thing that always makes me set that aside and get down to brass tacks has been, “Okay, great. You can build whatever you want. You can tell whatever glorious marketing narrative you wish to craft, but let’s talk to a real customer because once we do that, then if you’re solving a problem that someone is having in the wild, okay, now it’s no longer just this theoretical exercise and PowerPoint. Now, let’s actually figure out how things work when the rubber meets the road.”So, let’s start, I guess, with… I’ll leave it to you. Isovalent are the creators of the Cilium eBPF-based networking project.Liz: Yeah.Corey: And eBPF is the part of that I think I’m the most familiar with having heard the term. Would you rather start on the company side or on the eBPF side?Liz: Oh, I don’t mind. Let’s—why don’t we start with eBPF? Yeah.Corey: Cool. So easy, ridiculous question. I know that it’s extremely important because Brendan Gregg periodically gets on stage and tells amazing stories about this; the last time he did stuff like that, I went stumbling down into the rabbit hole of DTrace, and I have never fully regretted doing that, nor completely forgiven him. What is eBPF?Liz: So, it stands for extended Berkeley Packet Filter, and we can pretty much just throw away those words because it’s not terribly helpful. What eBPF allows you to do is to run custom programs inside the kernel. So, we can trigger these programs to run, maybe because a network packet arrived, or because a particular function within the kernel has been called, or a tracepoint has been hit. There are tons of places you can attach these programs to, or events you can attach programs to.And when that event happens, you can run your custom code. And that can change the behavior of the kernel, which is, you know, great power and great responsibility, but incredibly powerful. So Brendan, for example, has done a ton of really great pioneering work showing how you can attach these eBPF programs to events, use that to collect metrics, and lo and behold, you have amazing visibility into what’s happening in your system. And he’s built tons of different tools for observing everything from, I don’t know, memory use to file opens to—there’s just endless, dozens and dozens of tools that Brendan, I think, was probably the first to build. And now this sort of new generations of eBPF-based tooling that are kind of taking that legacy, turning them into maybe more, going to say user-friendly interfaces, you know, with GUIs, and hooking them up to metrics platforms, and in the case of Cilium, using it for networking and hooking it into Kubernetes identities, and making the information about network flows meaningful in the context of Kubernetes, where things like IP addresses are ephemeral and not very useful for very long; I mean, they just change at any moment.Corey: I guess I’m trying to figure out what part of the stack this winds up applying to because you talk about, at least to my mind, it sounds like a few different levels all at once: You talk about running code inside of the kernel, which is really close to the hardware—it’s oh, great. It’s adventures in assembly is almost what I’m hearing here—but then you also talk about using this with GUIs, for example, and operating on individual packets to run custom programs. When you talk about running custom programs, are we talking things that are a bit closer to, “Oh, modify this one field of that packet and then call it good,” or are you talking, “Now, we launch Microsoft Word.”Liz: Much more the former category. So yeah, let’s inspect this packet and maybe change it a bit, or send it to a different—you know, maybe it was going to go to one interface, but we’re going to send it to a different interface; maybe we’re going to modify that packet; maybe we’re going to throw the packet on the floor because we don’t—there’s really great security use cases for inspecting pa

About EmilyEmily is an Android engineer by day, but makes tech jokes and satires videos by night. She lives in San Francisco with two ridiculously fluffy dogs.Links: Uber: https://eng.uber.com/ Blog: https://www.emilykager.com/ Twitter: https://twitter.com/EmilyKager TikTok: https://www.tiktok.com/@shmemmmy TranscriptAnnouncer: Hello, and welcome to Screaming in the Cloud with your host, Chief Cloud Economist at The Duckbill Group, Corey Quinn. This weekly show features conversations with people doing interesting work in the world of cloud, thoughtful commentary on the state of the technical world, and ridiculous titles for which Corey refuses to apologize. This is Screaming in the Cloud.Corey: Couchbase Capella Database-as-a-Service is flexible, full-featured and fully managed with built in access via key-value, SQL, and full-text search. Flexible JSON documents aligned to your applications and workloads. Build faster with blazing fast in-memory performance and automated replication and scaling while reducing cost. Capella has the best price performance of any fully managed document database. Visit couchbase.com/screaminginthecloud to try Capella today for free and be up and running in three minutes with no credit card required. Couchbase Capella: make your data sing.Corey: This episode is sponsored by our friends at Oracle HeatWave is a new high-performance query accelerator for the Oracle MySQL Database Service, although I insist on calling it “my squirrel.” While MySQL has long been the worlds most popular open source database, shifting from transacting to analytics required way too much overhead and, ya know, work. With HeatWave you can run your OLAP and OLTP—don’t ask me to pronounce those acronyms again—workloads directly from your MySQL database and eliminate the time-consuming data movement and integration work, while also performing 1100X faster than Amazon Aurora and 2.5X faster than Amazon Redshift, at a third of the cost. My thanks again to Oracle Cloud for sponsoring this ridiculous nonsense.Corey: Welcome to Screaming in the Cloud. I’m Corey Quinn. Today’s episode is a little bit off of the beaten path because, you know, normally we talk to folks doing things in the world of cloud. What is cloud, you ask? Great question. Whatever someone’s trying to sell you that day happens to be cloud.But it usually looks like SaaS products, Platform as a Service products, Infrastructure as a Service products, with ridiculous names because no one ever really thought what that might look like to pronounce out loud. But today, we’re going in a completely different direction. My guest is Emily Kager, a senior Android engineer at a small scrappy startup called Uber. Emily, thank you for joining me.Emily: Thanks for having me.Corey: So, I’m going to outright come out and say it I know remarkably little about, I don’t even want to say the mobile ecosystem in general, but even Android specifically because I fell down the iPhone hole a long time ago, and platform lock-in is a very real thing. Whenever you start talking about technical things, that generally tends to sail completely past me. You’re talking about things like Promises and whatnot. And it’s like, oh, that sounds suspiciously close to JavaScript, a language that I cannot make sense of to save my life. And it’s clear you know an awful lot about what you’re doing. It’s also clear, I don’t know, a whole heck of a lot about that side of the universe.Emily: Well, that’s good because I don’t know much about the cloud.Corey: Exactly. Which sounds like well, we don’t have a whole lot of points of commonality to have a show on, except for this small little thing, where recently, I decided in an attempt to recapture my lost youth and instead wound up feeling older than I ever have before, I joined the TikToks and started making small videos that I would consider humorous, but almost no one else will. And okay, great. I give it a hearty, sensible chuckle and move on, and then I start scrolling to see what else is out there. And I started encountering you, kind of a lot.And oh, my God, this is content that it’s relatable, it is educational, dare I say, and most of all, it’s engaging without being overbearing. And this is a new type of content creation that I hadn’t really spent a lot of time with before. So, I want to talk to you about that.Emily: Awesome. I want to apologize for having to see my face as you’re just scrolling throughout your day, but happy to chat about it. [laugh].Corey: No, no, it’s—compared to some of the things I wind up on the TikTok algorithm, it is ridiculous. I think it’s about 80% confident that I’m a lesbian for some Godforsaken reason. Which hey, power to the people. I don’t think I qualify, but you know, that’s just how it works. And what I found really interesting about it, what does tie it back to the world of cloud, is that a recurring theme of this show has been, since the beginning, where does the next generation of cloud-engineering-type come from?Because I’ve been in this space, almost 20 years, and it turns out that my path of working to help desk until you realize that you like the computers, but not so much being screamed at by the general public, then go find a unicorn job somewhere you can bluff your way into because the technical interviewer is out sick that day, and so on and so forth, isn’t really a path that is A) repeatable by a whole lot of people, and B) something that exists anymore. So, how do people who are just entering the workforce now or transitioning into tech from other fields learn about this stuff? And we’ve had a bunch of people talking about approaches to educating people on these sorts of things, but I don’t think I’ve ever spoken to someone who’s been as effective at it in minute or less long videos as you are.Emily: That’s super kind. Yeah, I think there’s actually a whole discussion and joke set on TikTok of people’s parents suggesting why don’t you just go slide your resume under the CEOs door? Like, why don’t you just go get a job [laugh] that way? I think the realities of—what year are we in? 2022? [laugh]—Corey: All year long, I’m told.Emily: Yeah, [laugh] yeah. Yeah. I think that’s not going to be the reality anymore, right? You can’t just go shake hands with the CEO and work your way up from the mailroom and yeah, that’s not the way anymore. So yeah, I think I, you know, started just putting some feelers out, making educational content mostly about my own experiences as a change career person in the tech world.I have some, I would say interesting perspectives on how to enter the industry, you know, either through undergrad or after undergrad, so. And it’s done really well. I think people are really interested in tech is a career at this point. Like, it’s kind of well known that they’re good jobs, well paid, and, you know, pretty, like, good work-life balance, most of the time. So yeah, the youth are interested.Corey: It’s something that offers a path forward that lends itself to folks with less traditional backgrounds. For example, you have a master’s degree; I have an eighth-grade education on paper. And, yes, I’m proof-positive that it is possible to get into this space and, by some definitions, excel in it without having a degree, but let’s also be clear, here, I have the winds of privilege at my back, and I was stupendously lucky. It is harder to do without the credential than it is with the credential.Emily: Yep.Corey: But the credential is not required in the same way that it is if I want to be a surgeon. Yeah, you’re going to spend a lot of time in either school or prison with that approach. So, you have really two paths there; one is preferable over the other. Tech, it feels like there’s always more than one way to get in. And there’s always, it seems, as many stories as there are people out there about how they wound up approaching their own path to it. What was yours?Emily: Yeah. First of all, it’s funny, you mentioned surgeons because I actually just today saw on my ‘For You’ page some surgeons sharing, you know, their own suturing techniques. And I think it’s a really interesting platform even, you know, within different fields and different subsets to kind of share information and keep up to date and connect with people in your own industry. So, beyond learning how to get into [laugh] an industry, it can also be helpful for other things. But sorry, I completely forgot the original question. How—what was my path? Is that what the question was?Corey: Yeah. How did you get here is always a good question. It’s the origin stories that we sometimes tell, sometimes we wind up occluding aspects of it. But I find it’s helpful to tell these stories just because, if nothing else, it reaffirms to folks who are watching or listening or reading depending on how they want to consume this, that when they feel like well, I tried to get a credential and didn’t succeed, or I applied for a job and didn’t get it, there are other paths. There is not only one way to get there.Emily: Yeah. And I think it’s also super important to talk about failures that we’ve had, right? So, when I was in undergrad, I was studying neuroscience and I was pre-med. And I thought I wanted to go to med school, kind of decided halfway through, I was only lukewarm about it, and I don’t think med school is the type of thing that you want to feel lukewarm about as you’re [laugh] approaching, you know, hundreds of thousands of dollars of debt and a ten-plus year commitment to schooling and whatever else, right? So yeah, I felt very lukewarm about the whole thing.Both my parents were doctors, so I just didn’t really have exposure to many other careers or job options. I’m from a pretty, like, rural area, so tech had never really [laugh] occurred to me either. So yeah, then I decided to just take a year off after undergrad, felt super lost. I think when you’re 22, everything feels so important, [laugh] and you look at everyone else who already has their first job at 22, and I was like, “Wow, I’m a huge failure. I’m never going to have a job.” Which is, you know, hilarious looking back because 22-year-olds are so young. And yeah, just decided to take a year off. I work

About KellyKellyAnn Fitzpatrick is a Senior Industry Analyst at RedMonk, the developer-focused industry analyst firm. Having previously worked as a QA analyst, test & release manager, and tech writer, she has experience with containers, CI/CD, testing frameworks, documentation, and training. She has also taught technical communication to computer science majors at the Georgia Institute of Technology as a Brittain Postdoctoral Fellow.Holding a Ph.D. in English from the University at Albany and a B.A. in English and Medieval Studies from the University of Notre Dame, KellyAnn’s side projects include teaching, speaking, and writing about medievalism (the ways that post-medieval societies reimagine or appropriate the Middle Ages), and running to/from donut shops.Links: RedMonk: https://redmonk.com/ Twitter: https://twitter.com/drkellyannfitz TranscriptAnnouncer: Hello, and welcome to Screaming in the Cloud with your host, Chief Cloud Economist at The Duckbill Group, Corey Quinn. This weekly show features conversations with people doing interesting work in the world of cloud, thoughtful commentary on the state of the technical world, and ridiculous titles for which Corey refuses to apologize. This is Screaming in the Cloud.Corey: Today’s episode is brought to you in part by our friends at MinIO the high-performance Kubernetes native object store that’s built for the multi-cloud, creating a consistent data storage layer for your public cloud instances, your private cloud instances, and even your edge instances, depending upon what the heck you’re defining those as, which depends probably on where you work. It’s getting that unified is one of the greatest challenges facing developers and architects today. It requires S3 compatibility, enterprise-grade security and resiliency, the speed to run any workload, and the footprint to run anywhere, and that’s exactly what MinIO offers. With superb read speeds in excess of 360 gigs and 100 megabyte binary that doesn’t eat all the data you’ve gotten on the system, it’s exactly what you’ve been looking for. Check it out today at min.io/download, and see for yourself. That’s min.io/download, and be sure to tell them that I sent you.Corey: This episode is sponsored by our friends at Oracle HeatWave is a new high-performance query accelerator for the Oracle MySQL Database Service, although I insist on calling it “my squirrel.” While MySQL has long been the worlds most popular open source database, shifting from transacting to analytics required way too much overhead and, ya know, work. With HeatWave you can run your OLAP and OLTP—don’t ask me to pronounce those acronyms again—workloads directly from your MySQL database and eliminate the time-consuming data movement and integration work, while also performing 1100X faster than Amazon Aurora and 2.5X faster than Amazon Redshift, at a third of the cost. My thanks again to Oracle Cloud for sponsoring this ridiculous nonsense.Corey: Welcome to Screaming in the Cloud, I’m Corey Quinn. It’s always a good day when I get to sit down and have a chat with someone who works over at our friends at RedMonk. Today is no exception because after trying for, well, an embarrassingly long time, my whining and pleading has finally borne fruit, and I’m joined by Kelly Fitzpatrick, who’s a senior industry analyst at RedMonk. Kelly, thank you for, I guess, finally giving in to my always polite, but remarkably persistent requests to show up on the show.Kelly: Great, thanks for having me. It’s great to finally be on the show.Corey: So, let’s start at the very beginning because I am always shockingly offended whenever it happens, but some people don’t actually know what RedMonk is. What is it you’d say it is that you folks do?Kelly: Oh, I love this question. Because it’s like, “What do you do,” versus, “What are you?” And that’s a very big difference. And I’m going to start with maybe what we are. So, we are a developer-focused industry analyst firm. You put all those things, kind of, together.And in terms of what we do, it means that we follow tech trends. And that’s something that many industry analysts do, but our perspective is really interested in developers specifically and then practitioners more broadly. So, it’s not just, “Okay, these are things that are happening in tech that you care about if you’re a CIO,” but what tech things affect developers in terms of how they’re building software and why they want to build software and where they’re building software?Corey: So, backing it up slightly because it turns out that I don’t know the answer to this either. What exactly is an industry analyst firm? And the reason I bring this up is I’ve been invited to industry analyst events, and that is entirely your colleague, James Governor’s, fault because he took me out for lunch at I think it was Google Next a few years ago and said, “Oh, you’re definitely an analyst.” “Okay, cool. Well, I don’t think I am. Why should I be an analyst?”“Oh, because companies have analyst budgets.” “Oh, you said, analyst”—protip: Never get in the way of people trying to pay you to do things. But I still feel like I don’t know what an analyst is, in this sense. Which means I’m about to get a whole bunch of refund requests when this thing airs.Kelly: I should hope not. But industry analysts, one of the jokes that we have around RedMonk is how do we explain to our families what an industry analyst is? And I think even Steve and James, who are RedMonk’s founders, they’ve been doing this for quite a long time, like, much longer than they ever want to admit that they do, and they still are like, “Okay, how do I explain this to my parents?” Or you know, anyone else who’s asking, and partly, it’s almost like a very—a term that you’ll see in the tech industry, but outside of it doesn’t really have that much, kind of, currency in the same way that you can tell someone that you’re like, maybe a business analyst or something like that, or any of those, almost like spy-like versions of analyst. I think was it The Hunt for Red October, the actual hero of that is an analyst, but not the type of analyst that I am in any way, shape or form.But you know, industry analyst firms, specifically, it’s like we keep up on what tech is out there. People engage with us because they want to know what to buy for the things that they’re doing and the things that they’re building, or how to better create and sell the stuff that they are building to people who build software. So, in our case, it’s like, all right, what type of tools are developers using? And where does this particular tool that our company is building fit into that? And how do you talk about that with developers in a way that makes sense to them?Corey: On some level, what I imagine your approach to this stuff is aligns somewhat with my own. Before you became an industry analyst, which I’m still not entirely sure I know what that is—I’m sorry, not your fault; just so many expressions of it out there—before you wound up down that path, you were a QA manager; you wound up effectively finding interesting bugs in software, documentation, et cetera. And, on some level, that’s, I think, what has made me even somewhat useful in the space is I’ll go ahead and try and build something out of something that a vendor has released, and huh, the documentation says it should work this way, but I try it and it breaks and it fails. And the response is always invariably the same, which is, “That’s interesting,” which is engineering-speak for, “What the hell is that?” I have this knack for stumbling over weird issues, and I feel like that aligns with what makes for a successful QA person. Is that directionally correct, or am I dramatically misunderstanding things and I’m just accident-prone?Kelly: [laugh]. No, I think that makes a lot of sense. And especially coming from QA where it’s like, not just making sure that something works, but making sure that something doesn’t break if you try to break it in different ways, the things that are not necessarily the expected, you know, behaviors, that type of mindset, I think, for me translated very easily to, kind of, being an analyst. Because it’s about asking questions; it’s about not just taking the word of your developers that this software works, but going and seeing if it actually does and kind of getting your hands dirty, and in some cases, trying to figure out where certain problems or who broke the build, or why did the build break is always kind of super fun mystery that I love doing—not really, but, like, everyone kind of has to do it—and I think that translates to the analyst world where it’s like, what pieces of these systems, or tech stacks, or just the way information is being conveyed about them is working or is not, and in what ways can people kind of maybe see things a different way that the people who are building or writing about these things did not anticipate?Corey: From my position, and this is one of the reasons I sort of started down this whole path is if I’m trying to build something with a product or a platform—or basically anything, it doesn’t really matter what—and the user experience is bad, or there are bugs that get in my way, my default response—even now—is not, “Oh, this thing’s a piece of crap that’s nowhere near ready for primetime use,” but instead, it’s, “Oh, I’m not smart enough to figure out how to use it.” It becomes a reflection on the user, and they feel bad as a result. And I don’t like that for anyone, for any product because it doesn’t serve the product well, it certainly doesn’t serve the human being trying to use it and failing well, and from a pure business perspective, it certainly doesn’t serve the ability to solve a business problem in any meaningful respect. So, that has been one of the reasons that I’ve been tilting at that particular windmill for as long as I have.Kelly: I think that makes sense because you can have the theoretically best, most innovative, going to change everyone’s lives for the better, product in the world, but if nobody can use it, it’s not going to change the world.Corey: As you take a look at your time at RedMonk, which has been, I believe, four years, give or take?Kelly:

About AnnaAnna has nearly ten years of experience researching and advising organizations on cloud adoption with a focus on security best practices. As a Gartner Analyst, Anna spent six years helping more than 500 enterprises with vulnerability management, security monitoring, and DevSecOps initiatives. Anna's research and talks have been used to transform organizations' IT strategies and her research agenda helped to shape markets. Anna is the Director of Thought Leadership at Sysdig, using her deep understanding of the security industry to help IT professionals succeed in their cloud-native journey.Anna holds a PhD in Materials Engineering from the University of Michigan, where she developed computational methods to study solar cells and rechargeable batteries.How do I adapt my security practices for the cloud-native world?How do I select and deploy appropriate tools and processes to address business needs?How do I make sense of new technology trends like threat deception, machine learning, and containers?Links: Sysdig: https://sysdig.com/ “2022 Cloud-Native Security and Usage Report”: https://sysdig.com/2022-cloud-native-security-and-usage-report/ Twitter: https://twitter.com/aabelak LinkedIn: https://www.linkedin.com/in/aabelak/ Email: anna.belak@sysdig.com TranscriptAnnouncer: Hello, and welcome to Screaming in the Cloud with your host, Chief Cloud Economist at The Duckbill Group, Corey Quinn. This weekly show features conversations with people doing interesting work in the world of cloud, thoughtful commentary on the state of the technical world, and ridiculous titles for which Corey refuses to apologize. This is Screaming in the Cloud.Corey: Today’s episode is brought to you in part by our friends at MinIO the high-performance Kubernetes native object store that’s built for the multi-cloud, creating a consistent data storage layer for your public cloud instances, your private cloud instances, and even your edge instances, depending upon what the heck you’re defining those as, which depends probably on where you work. It’s getting that unified is one of the greatest challenges facing developers and architects today. It requires S3 compatibility, enterprise-grade security and resiliency, the speed to run any workload, and the footprint to run anywhere, and that’s exactly what MinIO offers. With superb read speeds in excess of 360 gigs and 100 megabyte binary that doesn’t eat all the data you’ve gotten on the system, it’s exactly what you’ve been looking for. Check it out today at min.io/download, and see for yourself. That’s min.io/download, and be sure to tell them that I sent you.Corey: This episode is sponsored by our friends at Oracle HeatWave is a new high-performance query accelerator for the Oracle MySQL Database Service, although I insist on calling it “my squirrel.” While MySQL has long been the worlds most popular open source database, shifting from transacting to analytics required way too much overhead and, ya know, work. With HeatWave you can run your OLAP and OLTP—don’t ask me to pronounce those acronyms again—workloads directly from your MySQL database and eliminate the time-consuming data movement and integration work, while also performing 1100X faster than Amazon Aurora and 2.5X faster than Amazon Redshift, at a third of the cost. My thanks again to Oracle Cloud for sponsoring this ridiculous nonsense.Corey: Welcome to Screaming in the Cloud. I’m Corey Quinn. Once upon a time, I went to a conference talk at, basically, a user meetup. This was in the before times, when that wasn’t quite as much of a deadly risk because of a pandemic, and mostly a deadly risk due to me shooting my mouth off when it wasn’t particularly appreciated.At that talk, I wound up seeing a new open-source project that was presented to me, and it was called Sysdig. I wasn’t quite sure on what it did at the time and I didn’t know what it would be turning into, but here we are now, what is it, five years later. Well, it’s turned into something rather interesting. This is a promoted episode brought to us by our friends at Sysdig and my guest today is their Director of Thought Leadership, Anna Belak. Anna, thank you for joining me.Anna: Hi, Corey. I’m very happy to be here. I’m a big fan.Corey: Oh, dear. So, let’s start at the beginning. Well, we’ll start with the title: Director of Thought Leadership. That is a lofty title, it sounds like you sit on the council of the Lords of Thought somewhere. Where does your job start and stop?Anna: I command the Council of the Lords of thought, actually. [laugh].Corey: Supply chain issues mean the robe wasn’t available. I get it, I get it.Anna: There is a robe. I’m just not wearing it right now. So, the shortest way to describe the role is probably something that reports into engineering, interestingly, and it deals with product and marketing in a way that is half evangelism and half product strategy. I just didn’t feel like being called any of those other things, so they were like, “Director of Thought Leadership you are.” And I was like, “That sounds awesome.”Corey: You know, it’s one of those titles that people generally don’t see a whole lot of, so if nothing else, I always liked those job titles that cause people to sit up and take notice as opposed to something that just people fall asleep by the time you get halfway through it because, in lieu of a promotion, people give you additional adjectives in your title. And we’re going to go with it. So, before you wound up at Sysdig, you were at Gartner for a number of years.Anna: That’s right, I spent about six years at Gartner, and there half the time I covered containers, Kubernetes, and DevOps from an infrastructure perspective, and half the time I spent covering security operations, actually, not specifically with respect to containers, or cloud, but broadly. And so my favorite thing is security operations, as it relates to containers and cloud-native workloads, which is kind of how I ended up here.Corey: I wouldn’t call that my favorite thing. It’s certainly something that is near and dear to the top of mind, but that’s not because I like it, let’s put it [laugh] that way. It’s one of those areas where getting it wrong is catastrophic. Back in 2017, when I went to that meetup in San Francisco, Sysdig seemed really interesting to me because it looked like it tied together a whole bunch of different diagnostic tools, LSOF, strace, and the rest. Honestly—and I mean no slight to the folks who built out this particular tool—it felt like DTrace, only it understood the value of being accessible to its users without basically getting a doctorate in something.I like the idea, and it felt like it was very much aimed at an in-depth performance analysis story or an observability play. But today, it seems that you folks have instead gone in much more of a direction of DevSecOps, if the people listening to this, and you, will pardon the term. How did that happen? What was that product evolution like?Anna: Yeah, I think that’s a fair assessment, actually. And again, no disrespect to DTrace of which I’m also a fan. So, we certainly started out in the container observability space, essentially because this whole Docker Kubernetes thing was exploding in popularity—I mean, before it was exploding, it was just kind of like, peaking out—and very quickly, our founder Loris, who is the co-founder of Wireshark, was like, “Hey, there’s a visibility issue here. We can’t see inside these things with the tools that we have that are built for host instrumentation, so I’m going to make a thing.” And he made a thing, and it was an awesome thing that was open-sourced.And then ultimately, what happened is, the ecosystem of containers and communities evolved, and more and more people started to adopt it. And so more people needed kind of a more, let’s say, hefty, serious tool for observability, and then what followed was another tool for security because what we actually discovered was the data that we’re able to collect from the system with Sysdig is incredibly useful for noticing security problems. So, that caused us to kind of expand into that space. And today we are very much a tool that still has an observability component that is quite popular, has a security component which is it’s fairly broad: We cover CSPM use cases, we cover [CIEM 00:05:04] use cases, and we are very, kind of let’s say, very strong and very serious about our detection response and runtime security use cases, which come from that pedigree of the original Sysdig as well.Corey: You can get a fairly accurate picture of what the future of technology looks like by taking a look at what my opinion of something is, and then doing the exact opposite of that. I was a big believer that virtualization, “Complete flash in the pan; who’s going to use that?” Public cloud, “Are you out of your tree? No one’s going to trust other companies with their holy of holies.” And I also spent a lot of time crapping on containers and not actually getting into them.Instead, I leapfrogged over into the serverless land, which I was a big fan of, which of course means that it’s going to be doomed sooner or later. My security position has also somewhat followed similar tracks where, back when you’re running virtual machines that tend to be persistent, you really have to care about security because you are running full-on systems that are persistent, and they run all kinds of different services simultaneously. Looking at Lambda Functions, for example, in the modern serverless world, I always find a lot of the tooling and services and offerings around security for that are a little overblown. They have a defined narrow input, they have a defined output, there usually aren’t omnibus functions shoved in here where they have all kinds of different code paths. And it just doesn’t have the same attack surface, so it often feels like it’s trying to sell me something I don’t need. Security in the container world is one of those areas I never had to deal with in anger, as a direct result. So, I have to ask, how bad is it?Anna: Well, I have some data to share with you, but I’ll start by saying that I maybe was the opposite of you, so we’ll see which one of

About LynnCloud Architect who codes, Angel InvestorLinks: Lynn Langit Consulting: https://lynnlangit.com/ Groove Capital: https://www.groovecap.com/groove-capital-minnesotas-first-check-fund Twitter: https://twitter.com/lynnlangit GitHub: https://github.com/lynnlangit TranscriptAnnouncer: Hello, and welcome to Screaming in the Cloud with your host, Chief Cloud Economist at The Duckbill Group, Corey Quinn. This weekly show features conversations with people doing interesting work in the world of cloud, thoughtful commentary on the state of the technical world, and ridiculous titles for which Corey refuses to apologize. This is Screaming in the Cloud.Corey: Today’s episode is brought to you in part by our friends at MinIO the high-performance Kubernetes native object store that’s built for the multi-cloud, creating a consistent data storage layer for your public cloud instances, your private cloud instances, and even your edge instances, depending upon what the heck you’re defining those as, which depends probably on where you work. It’s getting that unified is one of the greatest challenges facing developers and architects today. It requires S3 compatibility, enterprise-grade security and resiliency, the speed to run any workload, and the footprint to run anywhere, and that’s exactly what MinIO offers. With superb read speeds in excess of 360 gigs and 100 megabyte binary that doesn’t eat all the data you’ve gotten on the system, it’s exactly what you’ve been looking for. Check it out today at min.io/download, and see for yourself. That’s min.io/download, and be sure to tell them that I sent you.Corey: This episode is sponsored by our friends at Oracle HeatWave is a new high-performance query accelerator for the Oracle MySQL Database Service, although I insist on calling it “my squirrel.” While MySQL has long been the worlds most popular open source database, shifting from transacting to analytics required way too much overhead and, ya know, work. With HeatWave you can run your OLAP and OLTP—don’t ask me to pronounce those acronyms again—workloads directly from your MySQL database and eliminate the time-consuming data movement and integration work, while also performing 1100X faster than Amazon Aurora and 2.5X faster than Amazon Redshift, at a third of the cost. My thanks again to Oracle Cloud for sponsoring this ridiculous nonsense.Corey: Welcome to Screaming in the Cloud. I’m Corey Quinn. So, I’ve been doing this podcast for a little while now—by my understanding, this is episode 300 and something—but back when the very first episode aired, I had pre-recorded the first twelve episodes. Episode number ten was with Lynn Langit who is, among many other things, the CEO of Lynn Langit Consulting, she is also the first person to achieve the AWS Community Hero and equivalent designations at all three of the primary tier-one hyperscale cloud providers, which I can’t even wrap my head around what it takes to get that at one of those companies. Lynn, thank you so much for agreeing to come back now that I’m no longer scared of the microphone.Lynn: Well, thank you for having me. It’s great to be back, Corey.Corey: So, it’s been a few years now since we really sat down and caught up. And what an interesting few years it’s been. There’s been a whole minor global pandemic thing that wound up hitting us from unexpected and unpleasant places. There’s been a significant, I would say, not revolution but evolution in how adoption of cloud services has been proceeding. The types of problems that customers are encountering, the conversational discourse has moved significantly away from, “Should we be using cloud?” Into, “Okay, we obviously should be using Cloud. How should we be using it?” And the industry keeps on churning. Sure there’s still rough parts, there are still ridiculous aspects of it, but what have you been up to?Lynn: Well, as you might remember, I have an independent consultancy where I do really what my customers need. I work across different clouds, which keeps it interesting and fun, but I’ve had a focus over the past few years in supporting bioinformatics research. Before the pandemic, it was mostly cancer research. Since the pandemic, it’s been all Covid, all the time.Corey: All Covid, all the time sort of has been the unofficial theme of this. And it’s weird. I know, we’re in 2022, now, but it still feels like on some level, it’s like, “Man, this is March 2020; it’s still dragging on, on some level.” There have been a number of stories in the world that is, let’s say medicine-adjacent, more so than—we’re all sort of medicine adjacent these days, but there’s been a lot of refocusing away from things like cancer research into Covid and similar pandemic respiratory diseases. Do you think that there’s a longer-term story where we’re going to start seeing progress stall on things that were previously areas of focus—in your case cancer—in favor of reducing infectious disease, or is it really one of those ‘rising tide lifts all boats’ type of scenarios?Lynn: Yeah, it’s the latter. It’s been really interesting. Without getting too much into the details, you know, you think of genomic research for drug discovery, you know, we started with this idea of different DNA sequencing cohorts. So, like people from the—you know, that started from the United States, people that started from Africa, you know, different cohort as a normative to evaluate the effectiveness of diseases, what was an area of research already was to go down to the level of what’s called single-cell RNA. So, look at the expression of the genomics by cell area, so by the different parts of your body.Well, this is similar to what has been done to understand the impact and the efficacy of potential Covid drugs. So, this whole single-cell RNA mapping cohorts of what is normal for different types of populations has resulted in this data explosion that I’ve never seen before. And I see it as positive for the impact of human health. However, it really drives the need for adoption to the cloud. These research facilities are running out of space if they’re still working on-prem.Corey: I spend an awful lot of time thinking about data and its storage from a primarily cost-focused perspective, for obvious reasons, and that is nuanced and intricate and requires, sort of, an end-to-end lifecycle policy. There’s this idea of, ideally, you would delete old data you don’t need anymore, but failing that you, maybe aspirationally, don’t need 500 copies of the same thing lying around. Maybe there are ways to fix that. And that’s all within one cloud ecosystem. You work across all of the clouds. How do you keep it all straight in your head trying to figure out things around lifecycles, things around just understanding the capabilities of the various platforms? Because I got to say, from my perspective, it’s challenging enough only bounding it to one.Lynn: Yeah, it’s the constant problem. The big clients I had over this past year were not on Amazon, they were on other platforms. So, it seems like it sort of goes in cycles. And what I’ll sometimes need to do is hire subcontractors that have been working on those platforms because you can’t, I mean, you can’t even know one platform, much less all of them to the level of complexity in order to implement. One thing that is kind of interesting though, in bioinformatics is—and different than the other domains—is when you talk about data, it’s a function of time first and cost second.So, they will run on less computational resources, so that they can, for example, not overspend their research grant, and wait longer for the results. And this has been really an interesting shift in my work because I used to work with FinTech and ad tech, where it’s all about, get it out there fast. And we don’t really care how much it costs, we just want it super fast. So, this continuum of time or money shifts by vertical. And that’s been something that—I don’t know, it’s kind of obvious, in hindsight, but I didn’t really expect until I got into the different domains.Corey: It’s always been fascinating to me watching how different organizations and different organization types wind up have interacting with cost. I mean, I’ve been saying for a while now that cost and architecture are the same thing when it comes to cloud. What are your trade-offs? What are your constraints? In many venture-backed companies, it’s when you have a giant pile of other people’s money raring to go, and it’s a spend it and hit your milestone if you want to get another round of funding, or this has been an incredible journey Medium post in the making, then, yeah, okay, go ahead and make the result happen faster. Save money is not the first, second or third order of business as far as what you’re trying to achieve.In academia, where everything’s grant powered. And it’s a question of, we need to be able to deliver, and we need to be able to show results and be able to go and play the game and understand the cultural context we’re operating in, and ideally get another grant next year, it completely shifts the balance of what needs to be prioritized and when. And I don’t think there’s been a lot of discussion around that because most cloud cost discussions inherently center around industry.Lynn: They do and they focus on the industries where they’re willing to spend most. So, most of the reference examples are, they always prioritize for time and money is sort of unlimited. I’ll give you an example—this was from a few years back—some work I did with a research group in Australia, and again, it was a genomics example. They were running on-prem, and to do a single query, it took them 500 hours. And I was just like, “Are you kidding me?”And they’re like, “Hey, cloud lady, what can you do?” Right? So, we gave two solutions, and the first solution was kind of a more of a lift-and-shift kind of a solution because they didn’t know anything about cloud. And it took a few hours. The second solution was what was in our opinion, super elegant, it was one of the earliest data lakes, it took minutes.Well, it was a big hit to the ego that they adopted… the easier solution. But again, it’s a learning because another dimension