 Hey everybody Everybody's doing good everybody eight. Yeah, good sleep from lunch You like that you get the first session after lunch everybody's in a meat coma from old barbecue. That's right awesome Well, you know as they say you know when you're in Texas do the barbecue So thank you very much for coming first of all. My name is Sean Rickard a little bit of an introduction. Yes, I am Canadian. Please do not throw things at me So I'm interested in mine. Obviously. I'm a big Susan fan. I do work for the company I'm a big into Linux obviously open stack or I wouldn't be here I've traveled quite extensively for both work and I used to be I used I actually used to be in a death metal band So I know I don't look like it, but it's true. Yeah Saw the horns of the back there pretty good and with me. I have Rick Ashford who is a Texan, which is technically American Also a big fan of Linux and Sousa and open stack. He's also really really really good with a barbecue I mean like he had us over at his house yesterday I was really good at picking up the phone and ordering it and like and then I drove all the way over there and watched them cut It so I could pick it up and bring it home. See that's awesome So we got a we've got a really good set of information here for you guys So we are going to be talking about implementing open stacking the legacy environment So without further ado, I'll pass it over to Rick All right. Thank you very much Wow, when we first walked into this room I at first I was like wow somebody is way more optimistic than I am that somebody's gonna that People are gonna be interested in hearing what we had to say because I marked this as a beginner level course Sessions, so I'm very excited to see so many people here. This is I'm very Can't repeat excited a couple times sounds like a bad present presenter presenter Yesh. All right. Apparently if you eat you can't talk either All right, I blame the tasty tasty barbecue sauce that we had There we go. All right IT and their end users Typically, this is not the best relationship you have in the world, right? Nobody calls up IT saying hey, you guys did a great job today all that server uptime awesome Right, usually you get the lynch mob coming because you have three seconds of outage on your Exchange server and it happened to coincide with when people were trying to coordinate their fantasy football Or their their NCAA betting Bracket for for the tournament And so at this point you were the most the source of all evil on the planet And they wish that you would be destroyed And by the way depending on your position when you're in enterprise you get to decide which side you're on That's right Sometimes sometimes you can say that's management in the center and IT people want to go kill them as well So there's a lot of different ways you can go with this with the point being here is That you know ideally everybody has You know you ideally the reason the reason that everybody gets mad at IT is because IT has exerted a lot of control over the Infrastructure and a lot of control over the way that people do their jobs and it's just necessary in order to bring order to the chaos Ideally from a from a from an IT standpoint you would have this wonderful homogenous data center Everything is all one hardware platform. Everything is all one operating system. Suza, of course, right? You're all in the room And all that kind of wonderful stuff, but unfortunately don't live in that kind of a clean You know that that particular unicorn does not exist. Does anybody here have a completely homogenous data center? Raise your hand. Okay, good. Nobody has the unicorn We're all honest. I Did have somebody raise that once but it turned out he was like a he was starting his own company like that week So he had no infrastructure. So everything was the same. I wanted to throw something at him All right, this is what your traditional IT environment really looks like right? You don't have that single clean one thing of truth You have a jumbled mess of a lot of different things that hurts your eyes to look at it And you try not to think about it in great detail all the time not only that but off the screen You can't see it, but you actually have a raptor riding a shark with laser beam on its head It's actually pretty cool. I wish we had the panorama of it But yeah next time he's only so much you can get in that four by three aspect ratio All right There we go Okay So you're bringing an open stack into your your big jumbled mess of an environment, you know Ideally you can go in and rip everything out and Reimplement everything but again that is not a realistic way of going about business In real life you have things like hardware or software that the that somebody in management decided that you had to buy and You cannot buy anything or do anything different with it until you go through the complete cycle and it fails Miserably and then they can go and buy something else that you don't want and real quick Just to make this an interactive session as he's talking about certain things if you've experienced this just raise your hand We have a lot of dishonor there we go Right there. I've I've been on the I've been on the IT side of this and then and then as I hate using the word sales engineers because it sounds like we're sales people, but we're not as a systems engineer Consulting with our customers. How about that? I Have had customers say yeah, your products are fantastic. We really want to use them But they just bought this right here So we have to wait six months so that the project can blow up and die and the manager will get moved over to something else And then we can go do we can go do what we really want to do. So, okay So more real life right you have your standardized Virtualization platform whether that's VM or KVM whatever right and that is your gold standard and that's what everything's on, right? Except for when the windows people say, hey We got to do hyper V because we don't want to have to have incremental costs for the spinning up windows workloads And then you have the developers over in this section that say screw it. I don't want to deal with VMware I'm gonna do my own KVM stuff because I'm awesome, and I know better than everybody in IT Not that I've ever met a developer or been a developer like that And then you have the also there see we bought one of everything mentality Which is when you get to the really really really big, you know fortune to fortune five type companies They've just basically they just go buy everything underneath the Sun and then they'll figure it out later And it's up to you to figure out to work with them to figure out something that's gonna actually be usable from all this mismatch of weird stuff So then as Rick was talking about you end up with something like this you got you guys are saying Oh, yeah, I know we've got some some system Zed machines out there running our mainframes and and we're running Zed VM on there And now we've got some Microsoft boxes over here and you know, we're running all hyper V there And oh, but we got some Hewlett Packard ProLiant boxes and and oh we got we got VMware, of course And and and and we had that one box in the corner that's covered with dust It's somebody set it up six months ago and left the company four months ago and nobody knows what it is That's it and but everything's running as soon as well. No, that'd be a wonderful thing. I mean some companies even have hats Yeah, it should have been like that. There you go hats, but that's not the right type of hat. Yeah, that's that's closer to it Very cute that he was so proud of that artwork. He did it all by himself. I was giddy. It was fun so talking about security obviously Most companies actually I would hope to say all companies already have security platforms or security Procedures, thank you very much. This is what you get for having a guy. That's actually French first on stage and You've got your your your Certifications to get your things that you're talking about now moving everything over to an open stack cloud The good thing is is that you don't really have to change much I mean, there's some things that are going to be changing. You know, you're going to be handling your Your tendency differently to do access privileges You can do multi-domain to further separate things you can do You can do zones. I can do all those fun things But you know ideally you're gonna want to encrypt all your traffic and then there's multiple ways that you can do They can do TLS stuff between your your instances and your your outbound stuff and your physical service already existing You want to bring in your single sign on your single sign-ons like, you know, there's always a guy that's like Oh, yeah, no, we got everything on active directory bring it in It's definitely doable. We're gonna be talking about that in a little bit as well And one of the big things that you're definitely going to want to think about is having a centralized patching system So for us at SUSE, we have something called SUSE manager. We're creative with our name. Yes, we are and One of the great things with it is that you can actually do CV auditing with it So, you know, you're gonna be able to check all your instances. You see which ones are vulnerable to certain Certain vulnerabilities and then patch them directly from one tool There's more than just our tool available to do that and whatever is already in your environment could be a good idea to use and then obviously You know since open stack is open source can use things like SC Linux and app armor to further harden your instances As well as your control nodes your compute nodes and your admin nodes So let's talk a little bit about so who here and we're gonna try to make this a little bit interactive So who here has the IT Nazi department from the security group? Sorry We're not necessarily the IT but who has the security group from hell Nazis if Enforced everything that come on. There's more than that walk to the bathroom without getting clearance. There you go Okay, all right You guys have that little RSA thing where you know, yeah, as you said when you go to the bathroom You actually have to type into the pad. You know, I really have to go now Are we gonna have to have it on the door of the bathroom and on the stall? Yes, absolutely Okay, so those guys You know There's there's a wide range in the in the aggressiveness shall we say of the security groups throughout there? And this is one of those things that you need to start and planning ahead of time very strongly and backing up for half a second the When you're going out to deploy open stack who here is actually deployed open stack out to production Okay, that's more hands-on. I thought why are you here? I'm glad you're here. Don't get me wrong, but but You've already encountered some of these things and actually when we get to the end of this We've left time at the end so that so that people we do have these microphones here People want to share their stories horror stories war stories Or things that they've run into that they want to help other people avoid We want to hear those kinds of things. We hear the things that we talked to you about with our customers, but But we don't necessarily know I don't know everything I'd love to hear what you had to say And if any of you guys actually have a story about that magical pink unicorn, we want to hear it Another thing to actually No, I was still on halfway through my thought and I'll go ahead. I forgot you like this Okay, so you've got the wide range of Security teams right from the ultra paranoid You can't even go to the bathroom without swiping a key card to the people that are just basically You know sitting in the closet sitting in the closet Enjoying a certain substances that they shouldn't be Where did you work before this lots of places Apparently so But you also have like the extreme opposite end where you have like the the people in a coffee shop that are using the free A Wi-Fi access point and who knows who's snooping in on their traffic and all that kind of fun stuff So there's a wide range of going on in there and the reason that I'm bringing this up is because The vast majority of your time in getting to your open-stack deployment is not going to be done In actually deploying open-stack. That is actually one of the fastest the most easy things to do At least With our stuff it is There there's there's lots of deployment frameworks to help out there to help you get out there really fast The vast majority of your time is going to be spent in conference rooms and dealing with people's people like the security teams To be able to negotiate out how this cloud is going to come into your into your Into your environment and this is where you know you get into the whole everybody is in sales kind of thing even if you are not even if you're you know an IT person if you're a On that security team if you're in operations, whatever you're doing You're you need to be able to sell and understand Not only what how these things are going to impact you but how these things are going to impact the other teams the other the other people that have interests in How your cloud comes out and that's actually a good point You know he's talking about basically planning depending on what type of enterprise you are and what your focus is Your little worries might be just script kiddies your worries might be actual you know motivated people that actually know their stuff You know if you're working in governments you're you're looking at you know potentially hardening your cloud Against other states or other other governments So you have to really talk to the to the the whole organization as a whole and figure out what your threats are What type of level you're looking at and what you need to do to actually get it hardened to a satisfied Satisfying level. Yep, and what you know do the whole risk cost analysis stuff of you know If it costs you five million dollars to a secure one million dollars worth of data, that's not a very good strategy but When you so so the point is that you're gonna have to negotiate these types of things and there's lots of Different pieces and we've listed out a couple of these things right here in some cases. You'll have Your your your poll company policies will require that you encrypt everything in sight, right? Well, there's there's trade-offs right because security is all about a trade-off between security versus versus convenience right so You need to decide where you where you want to allow things for Why didn't I did that even sound? No, they go here. Okay. Let's try that again. So you need to decide What what your particular level of paranoia is and what particular level of paranoia? You can get sold up the chain and where this comes into play is for example With encrypting your traffic right is encrypting traffic a good thing. Yes Yeah, go on this is interactive people. Yes. Okay encrypting. Do you need to encrypt all of your traffic? Yes, thank you. That's much better. All right. So there are reasons for not encrypting all of your traffic, right? You if you're trying to monitor the traffic and maintain the cloud internally You don't necessarily want to have all that encrypted you want to have it segmented off So that other people can't get into it and look at it But you don't necessarily need to have it encrypted if you can isolate all that traffic and keep things away from it it'll make your life as an operator trying to debug and Find where something went wrong Significantly easier than if you have to intercept encrypted SSL streams And then install the keys and decrypt them all that kind of stuff It's it's just a lot of extra time and especially if you're under a time crunch to get something to get an issue resolved You need to make sure that you have the appropriate level of responsiveness Via your your security choices, I mean if you want to go really deep into it Then you can talk about instance entropy and and hardware number Hardware and random number generators and all that fun stuff, but then you're going really really deep and and we're not gonna talk about that today So going on Existing out the authentication network, you know I talked about you know the guys is oh, yeah No, we have active directory already existing the so let's do a quick poll who here has active directory? I Don't even know we do okay open all that Okay, we used to be owned by Novel and we hate it, but but who here had a directory anyway shape or form I am so sorry the one guy over there in the corner. Okay. He's a good guy. We like at least he's honest. So that's right What's that? Oh had it, okay? Yeah, there's a lot of people that had it That's why there's no Novel anymore. Yes, okay So there's a so there's a wide variety different platforms and you need to be able to integrate into that so the the too long didn't read version which Who here does it? Everybody should be raising their hands there a couple of honest people you want to let it leverage your your hybrid authentication driver That's gonna be the first thing. This was introduced back in OpenStack Juno. So now we are on Well currently on non-liberty and coming up with me Yeah, so it's a few versions ago And your authentication equals LDAP open LDAP active directory I Mean the really the the main things that you want to talk about is that there's a few considerations when talking about Implementing active directory There's a couple of steps that you need to do that are actually all outlined on the OpenStack Security guide and we have actually a susan documentation there that that goes along with it But you have to change a couple of little sections. You have to make sure that group of names is usable Otherwise, it's not going to work And the key thing here is the hybrid authentication driver for those you have not played with that yet Basically enables you to do the authentication against your existing LDAP framework But then store all the metadata that's unique to OpenStack inside of your local cloud And that enables you to integrate with the outside world But then you don't have to alter the schema of the of the LDAP Store that you're using to be able to add in all this extra information that you need to know for OpenStack One of the very important things you have to make sure that you have the right permissions to actually access those things because if you don't you're gonna hit a brick wall and The cloud moves fast and you don't want to hit a brick wall at 100 miles an hour All right storage who here has storage in their environment. Come on. All right. There we go If you want to alternate hands when you're doing that you can get some good exercise, okay so the big thing with storage is When you're implementing something this is as significantly different as OpenStack is Into your environment you have the ability to start over in some cases Or reuse existing equipment, right? So this is where you need to start getting into the planning with your storage team of saying, you know What are our long-term goals for storage? Do you want to take advantage of this opportunity to slip some object-based storage or you know some software defined storage into here whether that's Swift or whether that's stuff Whether that's one of the other any of the other object stores and whatnot that are out there This is when you this is when you would need to make those decisions And this is this is also when you get into the the whole negotiating with with management where they made their hardware Decisions and they need you to justify it so you can't throw out the sand yet Like that guy that bought the tape drive six months ago even though it's you know antiquated technology Somebody bought a tape drive Okay, they did you still do that. I actually have a lot of customers that still use tapes so see What see? There you go Okay, so storage so you need to stop and think about what are your long-term goals for storage and that's gonna impact a lot of different things, right? You want to Look at how you're going to optimize Storage, what are or what are you optimizing for if you are optimizing for performance? That's gonna be a one thing you'll likely have a nice big sand with lots of really fast spinning drives You'll probably have some SSDs in there and do some cash tiering and all that kind of fun stuff versus if you're doing You're optimizing for security storage density years, you know something like that You'll have different hardware profiles are coming in here And the reason we keep bringing that we're going over this is simply because there's usually not one single storage solution that you have in Your cuss in your company. There's usually Five six seven eight You'll have the stuff you bought from one to vendor one time and then you have the other stuff you bought once that stuff was Obsoleted but nobody got rid of it. And so now it's being used by somebody else You'll have all these pieces in here And you'll have to you need to decide which ones of those you want to incorporate Into your open stack strategy and so going along with that who here has like Different vendor storage solutions in their enterprise right now quite a bit of you, right? You know some of its EMC some of its net apps some of it is you know backspace or our workspace but It'll come back to me I'll probably interject in the middle of his talk and with a random brand But yeah, the big benefit really to open stack in this case is that if you have all these random bits of equipment And you know sender can you operate multiple back ends at one time? So you can actually stick all the stuff in there together And you don't necessarily have to worry about having you know that single common platform You can have multiple back ends in there that that sender can do and it really opens back in general like the biggest thing This was talked about briefly this morning And by the way part of the reason that we're Going quicker and pace-wise than what we're planning is because a lot of the stuff that we had in here was covered in Keynotes this morning and so so we're shortening and compressing it a little bit just so we don't do too much redundancy but And I just completely lost my train of thought as I was going what was I talking about? Talking about storage storage Thanks guys. Oh, I know what it is. So yeah, you can stick all these different pieces underneath a single storage umbrella So if you have the EMC and the equal logic and whatever net app you can stick that all underneath there The the the big benefit to open stack in general is simply that you have this common point of integration for so many things You know at a traditional it you walk in and you buy the net app Then you need to have all the tools for net app, right? And they all have to you have to write all of your stuff to be able to leverage those and then when you go buy another tool You know a ecologic or emc or whatever Then you have to get the tooling for those and you have to rejigger all your scripts to use those the big benefit for open stack in general is that you can by Bringing these all underneath the open stack API then all of a sudden you only have to write your stuff one time and then It can it can go to all these different platforms Seamlessly to the end user and so you don't have to sit there and continuously be rewriting things whenever you Decide you want to make changes to your environment you know from a from a hypervisor standpoint if you you know if you're Already running out VMware in production a lot of times when you're wanting to to people in the open stack community that are going to What say you know the whole point of going to open stack is to get rid of VMR. So we need to be able to We need to be able to you know you want to get rid of that right Well realistically in your enterprise you can't just pick up and rip out your entire production VMware environment and replace it with KVM It's a non-starter so the benefit to open stack is that you can then you can take a portion of that VMware and Put that up into open stack and have that be managed by open stack But then you can add in the other pieces as well if you want to have your KVM or Zen or we've got what hyper V as well up here You can also do now ZVM if for the design by here have a mainframe We got a couple people. All right. Yeah, we like the mainframe guys Mainframe docker all these different options that are out there Nice thing is you can have all those hyper visor all those platforms underneath open stack And you can write your single scripts against the open stack API And then if you decide to shift resources from one hyper visor to the other if you decide to add in more KVM And take away from VMware. There's absolutely no change to the end users So at that point you get a right once and then you can you can from the operational standpoint underneath that You can try different platforms with reduced risk, right? if you want to try out a new hyper visor you simply add it in and you can only you know only shuttle a couple of Workloads over there so you so that you can test that out if you like it You can add more to it if you don't you take it away with and everything's transparent to the to the end users And that goes along with the whole message today You know your your legacy environment your current environment has stuff already there. Why not use it? so one of the things that it already has is Existing workloads, so You know Ideally, you know again ideal world you'd have this you'd be able to just scrap everything you've got and rebuild from scratch And sometimes it's nice to get that clean start. I have one a very large Custom company who has been featured at a keynote here in the past Who is doing a complete revamping of? systems such that they have They have their current builds for their OS and everything like that has a lot of accumulated cruft from over the years they basically wrote the the stuff initially 10 years ago and They would just kind of keep piling more duct tape and more stuff On top of it until they've got to this point right now where you know when you boot up a system There's about ten different Fatal errors that flash by and nobody pays any attention to anymore because nobody knows what they're for and so they can't be that Important if it doesn't impact your daily life And all these kind of things and there's lots of times where you do have that accumulation And it's really nice to have that break in the break in the line The open stack can provide to be able to roll out and and do a complete clean build That's nice and real out reality That's not going to happen all that terribly much for the most part You've got all these existing workloads that are already out there on your on your in your virtualization infrastructure Sometimes physical infrastructure and your end users want to be able to continue to use those even if it's inside of your cloud environment So you're going to need to establish a strategy for going and migrating those in there It's a fairly simple process. Has anybody done this before? migrating existing workloads into your open stack Couple people double people. All right. I was expecting more than that. Was it very difficult? Yes, oh So it does it does take a while there. There's a number of different ways that you can go about it When the TLDR version is snapshot Yeah, convert it to an image and take a glance, but that's that's the easy version Yeah, the easy version that hides away all the the nuances is Take as you said take the snapshot Convert that over to a disk image import that into open stack and then relaunch it The trick is then it is depending on how much downtime Your that's particular service is allowed to have you may own you may not have a long enough service window to be able to Do a shut it down and then bring it over and bring it back up So you'll need to have a policy or a procedure in place for being able to do that Cut over to make it as live as possible for that and that means making sure also that you're migrating data at the same time You know bring you bring you over all the data that you need to make sure you have access to that in your cloud environment and Excuse me need some water So the that's not water. It's not water, but it's something to drink. Yeah Well, I lost my train of thought again, so you have your existing workloads So you need to have the procedures to to bring those across Actually, if if one or two of you that have actually done this before want to Share a story about it. I believe the microphones right here in the middle work I saw I raised hand over here anything Anybody cared to share your story story? What? Oh and a story. Oh, those are the best kind. Yes. I'll tell you, but I have to kill you All right, well in that case, let's go on to some of the actual more More operational aspects of incorporating these into into Into your open-stack environment how this is going to impact the design of your particular cloud So for example, if you're going to be leveraging VMware All the security Groups and all that kind of stuff that you're doing in open-stack are all done via IP tables There is no IP tables on VMware and so None of that is going to translate over so you need to take that into account you need to have a backup plans in terms of firewalls setups and whatnot the depending on how How big security plays a factor in here, right? Whether you're the ultra paranoid or the ultra aggressive security versus the the very lackadaisical Kind of thing the lackadaisical guys will be just like I'll just let all the ports be open. We'll figure it out later No live migration via open-stack, right? So if you go and do Go into Nova and say, you know Nova migrate the the image That the your workload from one to another That works great on your KVM as in that command does not get translated over to VMware the way that the VMware driver works is it talks directly to vSphere you provided your credentials credentials for vSphere it Logs in and then vSphere has a cluster inside of it that is dedicated to running open-stack And it presents that entire cluster to you as this big single entity So if you have 10 servers in there that have 10 CPUs each then it'll show you I have a system here with 100 CPUs and four terabytes of RAM or something like that and then when you submit in your You're starting up a virtual machine It's going to go in there and and find a place to stick your virtual machine So you need to make sure your flavors are not too big for for the largest of your Of your Nodes your your VMware nodes that you're you're dedicating to this the VMware knows that you are putting Into the cluster to be able to be managed by open-stack do need to be dedicated to running open-stack pieces Oh, thank you. All right The other thing So VMware officially only supports doing the integration if you're using there the NSX stuff that they bought from the nice syrup As your software to find networking stack in practice. You can use open vSwitch. It works just fine You do need to make sure that when you're doing your your data encapsulation setup You that you can't use GRE which is usually the default what most people use for their encapsulation protocol VM where it does not understand that and So as such you'll get very very frustrated as trying to get Your nodes to talk to each other and to talk to you and they won't seem to be able to and that will be why so you need To use either just the flat networking structure or just or the or the VLANs is gonna It's gonna take care of you. Oh Look at that. Thank you. All right hyper V. How many people have hyper V in their environment just out of curiosity Couple you guys. It's good Why would you ever want to do hyper V in your open stack? environment right The biggest reason that we've seen for our customers is the pricing controls I mentioned earlier that talking about the hyper V that do you have the windows people? Once you have that server license for for windows They can spin up as many instances on there as they want and it's not gonna incur any additional charges Whereas if they were on say KVM or VM or something like that, they would have to pay the per instance pricing so as a result a Lot of the windows administrators want to be able to run their stuff out on hyper V because they want to have that cost Certainty, right? I've got 10 hyper V servers. I have to pay for 10 light 10 licenses I don't have to worry about you know counting anything or all that kind of stuff It's very easy to keep track of to audit and to maintain for you as the open stack designer That means you need to see if you're if you're going to bring the open stack into bring that hyper V into your open stack Which is usually a good idea to have everything unified under that that one umbrella Then again, we're gonna have to get some other things that come into play here again. There's no IP tables on windows I don't know if they have a new Linux-like environment with bash and stuff like that that they're gonna bake into windows 12 is gonna be able to do that But that so that may change at some point, but as of right now there are no security groups Available to you because there's no IP tap IP tables two nicks are required So you need to be able to have one Nick is gonna be to be talking to the management Framework and the other Nick is dedicated towards talking for the guests to be able to talk with each other There is a little bit of confusion on the documentation pages for for the open stack docs because it says on one line Two nicks are required and then about the other line says six inches below down lower There's no one that says just you won't be able to to communicate with your IPer V. So This is why you can do some things to make the the one interface work, right? But out straight out of the box you need to have the two and that's the preferred way of going about it Not a big deal, but it's something to to make sure you you know on the storage side you need ice-cazi initiator so luckily with a lot of the stuff stuff that you can actually Activate an ice-cazi initiator if you don't have that windows won't know how to communicate with your storage and that's gonna be like That's actually a technical term Feel free to use it. I use a lot Okay, so You need to have it enable your ice-cazi initiator. No big deal. That's fairly easy to do You do need to set up the shared nothing migration life migration Manually on the hyper V. That's not something that's turned on by default. You have to go through and enable it and it's It's one of those things that kind of got bolted on after the fact And I'm sure it'll get better as time goes on again You can't do GRE here either And so you need to again use either the flat Vlan Vlan X a different methodology for doing your your encapsulation Another thing that we've seen for customers who are rolling this out is Taking numus spanning and turning that off it helps to By reducing the number of choices it has to make in terms of placement because of the getting the memory in the CPUs all matched up and all that kind of stuff in the in the same zones You turning the turning off the new a spanning can save you a lot of performance here on Windows I don't know that I don't know how much that's going to impact most people from a day-to-day business But for if you're doing something that's on a fairly large scale with hyper V This is going to make a significant difference for you The other thing then this is kind of a roll-your-eyes kind of moment, but you have to do a 32-bit Python 2.7 64 bit crashes Was that 64 bit crashes? Yeah 64 bit crashes There's lots of instability in the 64 bit libraries So you need it do need to do the 32 bit and it does need to be a Python 2.7 So at some point hopefully they will join the modern world and let's not Microsoft fault Somebody will figure out will blame Microsoft anyway deal All right, I keep looking back at the screen as if I can't see the See the monitor right here in front of me. It's just forced to have it I'm not used to having like all the fancy equipment here. This is great Okay, who here is familiar with the networking OSI model right here. Did you guys know that there's actually two hidden layers? There's two actually two extra layers right here that are not on there, but I Almost blew the next cheese There we go Politics and money right if you have a break in the politics of your network Then you are effectively shut down as just as much as if somebody ran a backhoe over your fiber optic main This is this gets back to what we were talking about with security groups Earlier where you need to make sure that you are talking to people when you're planning your open stack network People tend to be very very touchy about you doing things to their network Because you know if there's a network outage or short or anything like that it impacts everybody So everybody's gonna come screaming to them if you have one server over in the corner of the data center There's good chance that it might not cause a problem if it goes down But if the network goes down then then all of a sudden there's hell to pay You know even the CEO notices that kind of thing and they're the ones with the money Yeah, and they're the ones with the money. So if they don't fund it it didn't happen. So that's my dad's joke by the way It's a so it's a dad joke Try that again Next up is choosing an open-stack vendor And this it gets a little bit touchy I'm I get I don't want this to be sounding like it's a marketing thing where we're coming up here and saying Hey, go buy Suza, which we would love for you to be able to do. Please go buy Suza Please go buy Suza But even if you don't buy us buy from somebody and the reason for that and Again, this is my my dad's quote as well Linux is free as long as your time is worth nothing to you the same thing applies to open-stack, right? You are always paying for it in one way or another it may be because You know you pay a subscription fee to us or one of our competitors or something like that to have it out There is great if you're doing it in-house that means you hey need to have a higher-trained Staff on board right because it requires a higher level of expertise to be able to dive into all these kind of things Those type of people are not the most Easy kind of people to find is very difficult to find people that are up to that level And as a result the ones that are that are at that level tend to move around a lot because people keep offering them more Money to go do something for them So in that case then your capital costs are going to be going up because is it capital? I can't remember. I'm not my wife's the NBA not me I can't remember the things you're your money going out the door goes out invest Investitures I can't remember this cap up sir. Opex. I'm not good with that stuff Anyway, the money going out the door increases right because you have to pay these people additional money You have to have additional benefits for them You have to make concessions into your workflows for these people because they're generally the type of eccentric type genius people that That do weird things that nobody else understands kind of stuff So there's there is a cost a very real cost for doing this stuff on your own And the other thing that comes into play here is this is not your core competency Right. This is for the most part unless you're like an open-stack vendor like us or somebody else Five minutes. Okay, unless you're an open-stack vendor like some like us or somebody else This is not what you do to make money and to be in business Don't waste time doing things that are not your core competency bring somebody in they can work with you They can help you with the training and from the implementation and maintenance and whatnot to to make life easier The corollary to that quote by the way is the open-stack is not free as a beer freeze and speech It's free as a puppy. Does anybody here gotten a free puppy? Anybody anybody ever raised a puppy? I've got two dogs. I got one. She's a year and a half now, and she's 127 pounds This is true It is not cheap to raise a puppy. Okay, and that is actually my quote So I keep pointing it over the screen like that's gonna make a difference. There we go. Okay, so we'll move right along We've taken up too much of the time already. We're going too slow So Susan sponsored a study a couple months ago about enterprise open-stack adoption And there's some really neat things that came out of it and I was gonna put I even got a hold of the studies so I could put some of the graphs and stuff like that into this presentation I always pulled them up and they were about the ugliest looking graphs that you ever saw in your life So we decided to stick with text instead, but there are two key things that we wanted to pull out 86% of the people that responded said that the lack of skills in the market is making their companies reluctant to pursue private cloud Is it true for your company? Wow, yeah, okay, I expected more hands in that In addition 78% of companies that have yet to adopt private cloud are doing it specifically because of that skills shortage Again that comes into the whole those types of people are hard to find and they're difficult to retain So by working with an of a vendor then you can You can offset some of that by having the the the high-level engineering expert expertise Be something that we take care of and just to Very quickly finish up here The other reason for getting a vendor is because you'll have many organizations you have existing SLAs And this actually comes into your choice of vendor as well You need to make sure that your specific vendor has a support organization in place that is capable of Doing rapid turnaround on complex issues that may involve OS Hardware and and the open stack bits themselves We feel like we do this very well and this is one of the things that we bring to the table And really when you're paying for these kind of things whether it's Linux or open stack This is the one thing that you're paying for and you want to make sure that you actually get good Another thing is compliance with government regulations So if you know you're working for a state or national government You got to make sure you have your certifications and finally your hardware and software certifications So you know that your stuff is going to run because if if your CEO doesn't have proof that your hardware is going to be Okay, and your software is gonna be okay. He's not gonna dish out the money. Yep So fist bump a baby thinks that you're awesome. You guys are great Now you're all ready to go out there and do your enterprise open stack implementation. Thank you guys so very much