 Welcome back to theCUBE coverage of Red Hat Summit 2021. Virtual, I'm John Furrier, host of theCUBE. We've got a great lineup here. We've got two great guests, Ashish Bhadani, SVP of Cloud Platforms at Red Hat, and Tracy Rankin, VP of OpenShift Engineering at Red Hat. Folks, thanks for coming on. Good to see you. We've got some big news. You guys have made some acquisitions. Stack Rocks, you guys bought into Red Hat was a really big deal. People want to know what's the story? How's it going? What's the app to take? What's the integration? How's it going? Great, thanks, John. Thanks for having us on. So yeah, we're really excited with the Stack Rocks acquisition being the team on board. Well, the first thing to note before you and why we did it was for you and then the viewers who've been following us closely, this is our first acquisition as Red Hat being part of IBM. So quite big for us from that perspective as well, right? Continue to maintain our independence. Within IBM and I really appreciate that way of working together. But saying all of that aside, as a company, we've always been focused on ensuring that we're delivering enterprise capabilities to customers. We've been doing that for two decades with Linux. Security's always been a big part of our story, right? Ensuring that we're finding CVEs, updating and sending out patches to our customers and doing that in a reliable fashion, running mission-critical applications. We applied that same, if you will, so security mindset on the Kubernetes side with the OpenShift platform. We've invested in security ourselves organically, right? You know, in various areas of making it more secure, right? Can't run containers as root by default, investing in things like role-based access control and so on. And we really felt like, look, we want to deepen our commitment to security. And so in conversations with StackRocks, we found just a great fit for it, just a great team, building a really interesting approach to Kubernetes security, right? You know, very declarative approach to it, focus and a vision around this notion of shift left, right? You've probably been hearing it on that buzzword a little bit, right? Which is this idea that we're in the world moving from DevOps to DevSecOps and the approach that StackRocks was taking. So great team, great product, really great vision with regard to kind of whether going forward and finding a nice alignment between, you know, they've been thinking about the value that we want to bring. Yeah, I want to dig into the DevSecOps piece of it, but you brought up the IBM acquisition as part of now Red Hat bought IBM. You know, you remember back in 2019, I interviewed Arvin on theCUBE when he was at IBM and you guys were still independent and he had a smile on his face. He is pro-cloud, he is all about cloud native and even that interview, I had no idea what was going on behind the scenes, but I was kind of drilling in on some of the things that were important at that time, which are now certainly relevant today, which is cloud native, agile development, programmable infrastructure. I don't think we touched on security that much, but it was kind of inherent in the conversation. He was like all smiling. He loves the cloud native and this is where it comes into the relevance. I have to ask you, what was it like to get this through IBM where they were like grow green light or was it different? What was different about this acquisition? Well, John, great, great question for you to ask. And, you know, I will say that, you know, when everyone's heard the stories, they're telling us, hey, you know, part of IBM, you know, it's different. We were working at Red Hat, John theCUBE, you know, we've talked to you and several of your colleagues about that. The great thing has been that look, the Red Hat way of working and also pushing forward with regard to our commitment to open source and our culture, you know, is still the way it is. And I have to give huge credit not just to Arvin and his team, but definitely to Arvin, right? He's champion, he's champion of the Red Hat acquisition. He's champion kind of, you know, the independence that we've had and he takes a very, very firm stance around it. And look, IBM's a story company in the United States and really in the world. They have, their ways of working. And, you know, for Red Hat, they've kind of said, look, we'll give you a pass path, right? So getting the acquisition through, if you will, IBM processes really was hugely supported by, you know, from Arvin, but all the way down the rest of the organization. Obviously a strategic bet with the dollars involved. Tracy, I want to get you in this because, you know, one of the things about shift left and getting security built in by default, which has always been part of Red Hat. That's never been an issue. It just extends as developers want to have native security built in. There's a technology angle to this as well. So obviously cloud native is super important. What investments are you guys making with this acquisition and how does that translate to customer benefits? Yeah, I mean, the one thing that is really important about the StackRox acquisition and kind of, you know, key for us is, you know, this was a cube native solution. And I think that's really, you know, was important pieces to why StackRox might have been, you know, was a great fit for us. And so, you know, what we've been trying to do in the short time that that team is, you know, been on board with us is really, you know, taking a deep look and understanding where are the intersection points of some of the things that we have been trying to focus on, you know, just within side of, you know, OpenShift and Red Hat in general, and where do they have bring the additional value in really trying to make sure that when we create this solution and ultimately, it is a solution that's cohesive across the board. We don't add confusion to, you know, what some of the things that maybe we already do. This team knows, you know, how to, they know their customer base. They really know what the customers are looking for. And we're just trying to absorb, I would say, so much of this information as we are trying to, you know, create what the right roadmap will be for StackRox from the long-term and for Red Hat ultimately in the security space. I mean, as the Shesh said, I mean, we're, you know, Red Hat's known for being, you know, security-mind-focused, built on top of well, you know, the leader. And so, you know, we want to make sure that what we've got that actually serves, you know, the developers, being able to not just secure the environment and the platform, but also the workloads, customers need that security from us and build it in so that we have, you know, into the CUBE native controls. So StackRox was known for kind of reinventing, you know, security, enterprise security with cloud native. How is it complementary? How does it fit in? Can you guys just quickly talk to that point because, like you said, you guys had security, but as Kubernetes and containers in general continue to rise up and Kubernetes continues to become a hybrid cloud kind of linchpin for applications. Where's the synergy? Where does this connect in? What are some of the areas where it's fitting in nicely or any overlaps that you might can talk about as well? Yeah, I can start on the maybe Tracy, if you want to add to that, security is a, it's a wide space, right? So, you know, just saying security is like, well, you know, what security are you talking about? Right? So talking about, you know, and user security, like what your desktop are you talking about, you know, intrusion prevention? I mean, it's a huge, huge, you know, space. There's, you know, many companies devoted to the entire spectrum, self has a very robust security business. We're very focused on, you know, I think Tracy was talking about this, the Kubernetes native security part of this, right? You know, do we have the appropriate runtime controls in place, you know, our policies configured appropriately? Well, if they're in one cluster, are they being applied consistently across, you know, every cluster? How do we make sure that, you know, we make security the domain, not just of the operators, but also in the, make it easier for it to be adopted at development time. So, you know, there's a, if you will, a very sort of large surface area for security, we're trying to really think about the pieces that are most relevant for our enterprise customers and the ones that are deploying it at scale, and ensure we can build that. Having said that, John, what I do want to add also is that because it expands even of Kubernetes security so large, there is a lot of room for our partners to play, right? And so before you ask me that question, I want to say that there is space, right? So, you know, I've had conversations with, you know, all the other folks in the cloud native security space, we know them well, we've been working with them over the years, and we continue to look forward to ensuring that they're building over and above the foundation that we're laying out. So, Polya Beachhead, what you're saying from a security standpoint, you guys hit the table stakes, added into the product, but there's so much surface area going on with this hybrid cloud and soon to be multi-cloud that you're saying there's room for partners to play. Exactly right. Okay, Tracy, quick under the hood, you know, obviously shift left, that's kind of the mindset for developers who are writing modern applications, might not want to get under the hood who just want all the programmability of security, and not have to come back to it. I mean, that seems to be the complaint that I hear. It's like, okay, I got to come back and do a security, more security work. I've just wrote the code, that was last week or yesterday. And that seems to be the developer productivity. And then there's also under the hood DevOps. What's, how does this all fit? Yeah, so let's take a step back and this is how I kind of like to think about it. So we are trying to look at, you know, how do we just enable in some of this CI CD, the tooling that we have, how do we actually take and enable some of the technology that was already available in StackRox today and actually put it into those tools? Cause if we can make it easy for you to not just develop your application and, you know, integrate it in with what you're, the tooling is that you're trying to use for the entire life cycle of developing your application. It then becomes exactly what you didn't say. You know, what they're doing now is it's an afterthought. We don't need it to be an afterthought. And I think, you know, we're seeing that change in from a customer mindset where there become customers are becoming a lot more aware of these things. So if we actually get this into, you know, some of the Argo and the CI CD pipeline work, then it just becomes something natural and not a secondary thought. Cause actually when it's a secondary thought, we have exposures and that's not what a customer wants when they're creating, you know, creating these workloads. They're trying to rapidly create the workloads. So we need to make it to have those integration points in as quickly as possible. Totally nailed. I mean, there's productivity issues and there's also the top line, which is security. Great stuff. Congratulations on that acquisition. Security continues to be built in from the beginning. That's what people want. They want productivity, want security. Great stuff. Great acquisition. Congratulations. Next, next segment I want to get into is open shifts around telemetry. Tell us about telemetry for OpenShift, Ashash. What is this about? Yeah, another big interesting topic for us. So over a year ago, we released OpenShift 4 and, you know, we learned a lot of lessons, you know, shipping OpenShift 3 and over the years and really getting feedback from hundreds of customers around the globe. One of the things obviously we heard from a lot was, you know, make the install the upgrade experience better, right? But, you know, we were thinking about how can we take that forward to the next level, right? Which is, is there a way for us to say, you know, let these clusters be connected up so we can, you know, get a better sense of cluster health and help with remote health monitoring and be able to proactively provide information back to our customers around, let's say, you know, if applications are healthy, clusters are healthy and how they're running and how we can help them configure them if they're not. So that led us to introducing telemetry or remote health monitoring directly into OpenShift 4 as a value that we can provide to customers. And what that really starts doing is starts bringing this notion of a public cloud-like experience. Two customers with clusters run across the hybrid cloud, right? So you have the expectation that, you know, your clusters are monitored and watched over in the public cloud and we want to make sure we can provide that to customers regardless of, you know, where they're running in. So, so that's powerful. So just a quick question on that. Insights for OpenShift, that's what you're getting to. Is that on premise and in the cloud? So it's hybrid environment, is that correct? Exactly, right? So the insights for OpenShift is all about that, right? So how can we proactively, you know, identify risk, help remediate it? How can we do things like, for example, give you recommendations, cost optimization, right? Insights around that, and to your point, right? The goal is to make it completely hybrid. So it's obviously a new area, right? For customers who aren't necessarily used to that, you know, in an on-premise environment, they're used to that in a public cloud or a cloud-needed environment. And we're trying to make sure we bring that consistently across to our customers, you know, regardless of where they're running it on. Tracy, talk about the developer productivity involved. Because if you have telemetry and you have insight into what's going on in the infrastructure and the data and what's going on in the application, you can be more proactive. You don't have to get pulled into these rabbit holes of troubleshooting, oh, is a trace over here or something's going on over here? Are clusters going down? Or should I could have caught that? There's a lot of, you know, good intentions with the code and then all of a sudden new code gets pushed and then all of a sudden that triggers this to go off and you have all these kind of dependencies, day two operations. Many people call this kind of that phenomenon where, hey, everything looks good and then you start pushing more stuff, more code, and then the cluster goes down. And then it's like, wait, that could have been a void. That was a dumb error. We could have fixed that. This is kind of the basic, what I call human software error kind of stuff that's not intended. Does telemetry help this area? Yeah, it does. And actually at one point that even to take it further that I think it's important is our customers can learn from each other, not even having to talk to each other, which is the beauty of what telemetry is and what Red Hat Insights for OpenShift is. You know, what we have been able to see is, you know, there are certain characteristics that happen even across certain groups of customers. They don't know that. They don't talk to each other, but the telemetry is giving us a nigh into what some of those patterns are. And so when a customer in one site starts to have, we start to see telemetry, you know, maybe a TV is going down for a certain reason and we can determine that. We then have the ability to take that telemetry and be able to send alerts back to all the other customers and say, hey, we recognize this might be coming an issue. You know, here's how you might remediate it. Or, hey, we've already put a fix out for this issue that we're starting to see you having an issue. You should probably take action on. So it's an increasing the efficiency of customers without them necessarily having to, you know, constantly be understanding, monitoring, you know, watching everything like they had had to do from a V3 perspective. We're now giving them some of the insights of what we know as developers back to them. You know, that's interesting. I think that's really key, Shesh, because I was talking to a friend last night, we were just talking about cybersecurity and we're talking about how a lot of these things are patterns that are the same. And people just don't talk to each other. This is no shared insights. I think this is an interesting dynamic where you can get the collective intelligence of other patterns and then share that. So the question that, I mean, first of all, that's a game changer in my opinion. So that's awesome. The question I have is can you guys push alerts and recommendations to the customers? So from this data. So how does that work? Is that built into the product? Can I get some proactive notifications that say, hey, you know, your cluster might go down. We've seen this before. We've seen this movie. I mean, Shesh, is that built in? Yeah, so John, you're keying into exactly where we're taking this, right? And I think Tracy started putting out some breadcrumbs for you there. So first get comfortable, you know, with the foundation we laid out, get clusters connected, right? Then information starts getting reported. We start getting exactly to what you said, John, right? A set of patterns that we can see. Tracy start talking about, well, if we see pattern on one end, we can go off and help customers on another end. Now, if you take this forward, I think the first word for your viewers today, introduce AI, you know, into this, right? And then we can start almost starting to be proactive now of saying, look, you know, following actions are going to be committed or we expect them to be committed. You know, here's what the outcome is as a result of that. Here's what we'd recommend for you to do, right? So start, you know, proactive remediation on that. So that is exactly, you know, the surface that we're trying to lay down here. And I think this is a huge point. Yeah, huge game changer. Well, great stuff. I want to move on to the next we're getting written. We can go on for hours on that one topic. I think telemetry is a super important trend. You guys are on top of a great, great job that it bring in the AI piece. I think that's super cool. Let's get back to the kind of blocking and tackling. Tracy, you know, one of the things that we're seeing with DevOps as it goes mainstream now, you got DevSecOps in there too, is you've got the infrastructure and you got the modern application development. Modern application developers just want to code, be productive, all that security shifting left, everyone's all happy, that thing's going great. Under the hood, you have a whole set of developers working on infrastructure. At the end of the day, customers don't want to manage their own infrastructure. How is Red Hat focused on these now two groups? Cause you got this SRE like CloudOps persona developing in the enterprise, and you got the developers. So it's kind of like almost two worlds coming together. How are you helping customers, control their infrastructure and manage it better? Yeah, so great question. And this really plays to the strength of what we have been trying to champion here at Red Hat for many years now around the hybrid cloud. And this, you know, hopefully everybody's recently heard about the announcement we've made with our new offering Rosa in partnership with Amazon. You know, you've got different offerings that enables customers to really focus as you mentioned on the key aspects that they are concerned about, which is how do they drive their businesses? How do they create their applications, their workloads that they need to and offload, you know, the need for having to understand all of the IT infrastructure that's underneath. We want to at Red Hat to reduce the operational complexity that customers are having and give them the ability to really focus on what's important for them, how can they be able to scale out their applications, their businesses and continue to add value where they need to have. And so I think it's great. We're seeing a huge uptake right now and we've got customers and they understand completely this hybrid cloud model where they're purchasing open shift for certain, you know, applications and workloads that they want to run inside their own data centers. And then for those that they know that they don't, you know, don't have to be inside their own data centers, they don't want to have all of that operational complexity. They want to utilize some of the cloud. That's when they're starting to look at other things like Rosa or, you know, open shift dedicated and really starting to, you know, find the right mix that works well for their business. So are you saying that you guys are going to the next level because the previous, I won't say generation, but the current situation was, okay, born in the cloud or you lift and shift to the cloud, you do that manually, then you go on premise to build that cloud operations. Now you're in a hybrid environment. So you're saying if I get this right that you guys are providing automation around standing up and building services on AWS and cloud, public cloud and hybrid. Is that kind of what you're getting at? Yeah, so to go into a hybrid multi-cloud world, right? You want platform consistency, right? Running my application, running it on the platform consistently, you know, everywhere we go, right? Tracy started talking about this idea of, in some cases you say, well, I've got infrastructure team, I've got the ops team, John, you talked about this notion of well-did jobs can be hard sometimes, right, for some groups. And so, hey, Red Hat or hey, Red Hat plus, you know my hyperscaler of choice, you know, take that off of my hands, right? Run that for me consistently yourself, right? So I focus on my application and the management of infrastructure is something that's on you. Tracy talked about Rosa, that's our joint first-party service that, you know we've got with Amazon, we're directly available in Amazon's console, you can go pull that down, right? You'll see Red Hat OpenShift on AWS, right on there. We've got a similar one with Microsoft Azure. Tracy mentioned OpenShift dedicated, we stand up the platform, we have our own SRE team that manages it, you know, with IBM as well as with Google. So you pick your cloud of choice and we'll make sure, you know, we'll give you a platform that if you as a customer so choose to self-manage, great, go for it. If you'd like for us to manage it directly ourselves or in conjunction with the cloud provider and provide it to you as a native service, you know, we can do that for you as well, right? So that day-to-op sort of, you know, challenge that both of us are talking about, you know, it's something that, you know we can take your hands if you want us to. That's very cool. So you got to manage servers, they can do it themselves, whatever they want, they can do it on public cloud and hybrid, great stuff. Yeah, I think that's the key and that's killer. Now the next question is my favorite, I want to ask you guys both, pretend I'm a customer and I'm like, okay, Tracy, tell me, what's in it for me? What is OpenShift and Red Hat doing for me as the customer? What are you bringing to the table for me? What are you going to do for me? What is Red Hat doing for me today? So if you had to kind of bottom line me, we're in the elevator or I ask you, I like what I'm hearing. Why are you cool? Why are you relevant? What's in it for me? Well, I appreciate it. You want me to start? I can't tell you where it's at. Yeah, so I mean, I think it's a couple of things that we, let's just tie it back to the first initial blend. I mean, we've got, we're enabling the customers to choose like, where do they want to work, run their workloads? What do they want to focus on? I think that's the first thing. We're enabling them to also determine like what workloads do they want to put on there? We continue to expand the workloads that we are providing capabilities to customers. You know, most, you know, one of the more recent ones we've had is, you know, enablement of Windows containers. Huge plus for us. You know, Ashesh kind of talked about, dropped the buzzword AI, you know, recently, you know, we're looking at that. We're talking about, you know, moving, workloads need to go to the edge now. It's not just about being in the data centers. So it's about enablement. That's really what OpenShift is, you know, bread and butter is, is, you know, let us, you know, create the ability for you to drive your workloads, whichever, whatever your workloads is, modernize those workloads and place them wherever you want to. Ashesh, your answer. How would you say the answer to that? I'll, I'll, I'll build on what Tracy said, right? She obviously took the, you know, build up product management perspective on it. I'll, I'll sort of talk about a business thing here that we're introducing actually at, right at Summit. So, you know, we'd go up and acquire stack rocks, you know, for the deep end investment in Kubernetes or container security. If you recall, John, we've talked to you about, you know, advanced cluster management team that we actually got from IBM incorporated that within Red Hat to start providing, you know, those capabilities around consistent, you know, cluster policy, integration management. And, you know, in the past, we've made an acquisition of CoreOS. We got a lot of technology from that incorporated into the platform and also things like the Quake Container Registry. What we're introducing at Red Hat Summit is a way for us to package all of that together. So a customer doesn't say, look, you know, let me pick out a container platform here. Let me go find, you know, some way to manage it over there. You know, let me see, you know, what security you add here. We're introducing something called OpenShift Platform Plus, right? Which is a packaging of, you know, Core OpenShift Container Platform. The capabilities within stack rocks, which we're calling Advanced Cluster Security, capabilities of cluster management, which is called Advanced Cluster Management and the Quake Container Registry. All those want to make it much easier for customers to consume that. And again, you know, the goal is, you know, run that consistently in your hybrid multi-cloud. Ashash and Tracy, great segment, great insight here on the cloud platform and OpenShift under the hood. You guys are well positioned and I was, you know, talking about Arvin and IBM who acquired Red Hat. You know, it's pretty clear that cloud native hybrid is the new cloud operating environment. That's clear. You guys are well positioned and congratulations. Final question, Ashash, take a minute to quickly put the plug in for OpenShift. What's next? Looking forward, what are you guys building on? What's on the roadmap? If you can, I'm not going to share the roadmap, but yeah, tell us what you're thinking about. I mean, you're innovating out in the open, love your shirt, by the way, and that's the Red Hat way. Looking ahead, what's coming for OpenShift? Yeah, so John, I will say this, our roadmap is out in the open. Every quarter, our product managers host a session, right, open to anybody, right? You know, customers, prospect, competitors, anybody. It can come on and hear about our roadmap. Lots of interesting things that we're working on. As you could imagine, investments on the edge front, right? So, and that's across our portfolio, right? On the OpenShift side, but also on our Linux platform as well as on the OpenStack front, make it easier to have slimmed down OpenShift to be able to run that, be able to run OpenShift in remote locations and then manage it. So expect for us, you know, just to show you more work there, bringing things like AI and more workloads directly onto the platform, right? So you'll see what we're doing to get more analytics on, work we're doing to take a technology set we've got called OpenData Hub to make it easier to run more data intensive, more AI ML types of frameworks directly on the platform. And so that's a great interest. More workloads, Tracy start talking about that, right? So Windows Container Support has GAID and then what's really awesome about that is that we've done that with Microsoft, right? So that offering is jointly supported by both us and our partners over at Microsoft. OpenShift Virtualization, which is taking virtual machines and being able to run them as containers orchestrated by Kubernetes and doing more work, you know, on that front as well. So just a lot of different areas we're investing in and really, really excited to bring more workloads onto our cloud. Well, Shesh, Tracy, great segment with a lot of data in there. Thanks for spending the time and providing that insight and sharing the information. A lot of flowers blooming here in the cloud native environment, a lot of action, a lot of new stuff going on. Love the shift left. I think that's super relevant. You guys doing a great job. Thanks for coming on. Appreciate it. Thanks for having us. Okay. This is theCUBE's coverage of Red Hat Summit. I'm John Furrier, host of theCUBE. Thank you for watching.