 Live from Seattle, Washington, it's theCUBE, covering KubeCon and CloudNativeCon North America 2018. Brought to you by Red Hat, the CloudNative Computing Foundation and its ecosystem partners. Okay, welcome back, everyone. It's theCUBE's live coverage here in Seattle for KubeCon and CloudNativeCon 2018. I'm John Furrier, with Stu Miniman, host of theCUBE. Three days of live coverage, wall-to-wall, 8,000 people here, doubled from the previous event in North America, spanning globally. We're here with Liz Rice, technology analyst at Evangelist at Aqua Security and program co-chair here at KubeCon, CloudNativeCon. Liz, thanks for joining us. Thank you for having me. I know you had a busy day, keynotes and all, a lot of activity, a lot of hands shaking, walking around. Very crowded. It is, we're packed. I mean, we're absolutely at capacity here and the event's sold out and it's busy. A lot of energy, real quick. I know you guys did a lot of work. You guys always do a great job, exceptional performance, again, CNCF. Does a great job on the content programming. It is about the open source communities. That's fundamental. A lot of end users, both participating and consuming. Vendor lists is expanding. Putting their program together gets challenging when you have this kind of number. So, what were the themes? How did you put it all together? What was resonating? What's the focus? Yeah, I mean, it was so hard. We had so many applications that we could only accept 13%, which it makes it almost impossible, some of the decisions that you have to make. And some of the themes that were coming out were like K-native, a lot of submissions around K-native. Serverless in general, obviously being quite a hot topic, I would say, across our industry. Really great talks from end users and we've seen a few on the keynote stage where there's some brands that we are all aware of, people like Airbnb, sharing their stories of what they've done to make their deployments, their K-native deployments, their use of Kubernetes successful. So it's not just, oh yeah, we're kicking the tires and doing some experiments. They are telling us how they've done this for real. Which is great. You had a very successful KubeCon in Copenhagen. And so how did you iterate from Copenhagen to here? What were some of the inefficiencies? Obviously the bigger numbers here. You recently had China as a success, where we've reported on SiliconANGLE, the open source consumption and contribution is off the charts, it's huge. It's growing and it's a new dynamic. So between China and Copenhagen here, interesting things happening. China was phenomenal for me. It was my first trip to China, so it was eye-opening in all sorts of respects. And one of the really interesting things there was the use of machine learning. So the uses of KubeFlow, real-life examples. Again, I mean, I think there's something about how much data they've been able to collect in China, but we heard some really great stories of, for example, electricity companies using machine learning on Kubernetes to predict demand. It's a lot of adoption. They're in the front end, they've got a mobile culture, IoT's booming over there, it's just massive. Absolutely. Here in Seattle, obviously Seattle home of AWS, and I was talking to some folks here locally in Seattle just this morning, they said, they think this is the biggest conference of the year here in Seattle, which is really telling where you guys have come from. So interesting dynamic, a lot of new ecosystem partners. What's happening? It seems to be energy, the buzz, there's a subtext here that's buzzing around the hallways. What's the most important thing that people should be taking away from this event this year? I think the scale of it is coming from real adoption and businesses that are moving their applications into the cloud, public cloud and hybrid cloud, and finding success through doing that with cloud-native components. And you mentioned the end users who want to be part of the community and they're actually wanting to contribute to the community. And you can look around the hall and see booths from like Ubers over there. They're really contributing to this community and it's not just a bunch of enthusiasts, it's for real. Problems being solved, real company end users. So Liz, one of the things we've been looking at, this is not a monolith here, you've actually got a whole lot of communities I've been wandering the floor if I'm talking to people. We had Matt come on to talk about Envoy and they had their own conference at the beginning of the week and they had 250 people as I'm wandering around and you talk to a number of, it's like, oh, I'm here all about helm. And there's different service measures all over the place everybody's been talking about. Yeah, another big thing. And I mean, you're heavily focused on security aspects there. I believe you've got a project that Aqua's been involved in. It was CubeHunter, if I've got it, maybe before you talk about CubeHunter, just talk about balancing the, this isn't one community, it's gotten really big. Do we need to break this into a microservices space show that just has, okay, we'll have the core but we have lots of other things and spread it out all over the world. It's a real challenge. As this community is growing so fast and trying to keep the community feel, balancing what the contributors want to do and making sure they're getting value and having the conversations they want but also enabling the vendors and their end users and every constituent part to get something good out of this conference. It's a challenge as this gets bigger. I mean, there's no kind of, if this was doubles again, will it feel the same? That's, it's hard to imagine. So we've got to think carefully about how to keep. When that happened, it would not. Even from last year to this year was a big change for a lot of people. For sure, for sure. Maybe, so CubeHunter, tell us about that. Yeah, CubeHunter, yes. So CubeHunter is one of our open source projects at Aqua and it's basically penetration testing for Kubernetes clusters. So it's written in Python, it attempts to make network requests looking for things like the open ports. It will tell you if you've got some misconfigurations because a lot of the security issues with Kubernetes can come about through poor configuration. And the other thing you can do, you can run it from externally to your cluster. You can also run it inside a pod inside your cluster and then that's simulating what might happen if an attacker got into your cluster, what could they do from there? They compromised a pod, which could happen through a software vulnerability. Once they're in the pod, how vulnerable are you? What's the blast radius of that attack? And CubeHunter can help you see whether it's a complete disaster or actually fairly contained. All right, Liz, how are we doing from a security standpoint? We've watched the rise of containers over the last few years and it's like, okay, wait, do I need to put it in some kind of lightweight VM? Do I do something there? What can I trust? What do I do at AWS? Reinvent a couple of weeks ago, there's the whole container marketplace and it feels like we're making progress, but still plenty of work to do, you know. Right, right. And container security has lots of parts to it as you go through the life cycle of a container. Actually, the AWS Reinvent Act Core was recognized as having, I think they called it competency, which doesn't, you know, I think it's a bit better than competency, but yeah, in container security. That's a compliment, I bet. Yeah, I think, yeah. Yeah, really compliment, yeah, really competent. Yeah, so I think as a community and at the open source level, there are lots of good things happening. So for example, the defaults in Kubernetes have been getting better and better. If you are an enterprise, and particularly if you're a financial user or a media company or government organization, you have much stronger requirements from a security perspective. And that's where the open source tooling on its own may not be sufficient and you may need to plug in commercial solutions like Acqua to really beef that up. And also to provide that end-to-end security right from when you're building your image through to the runtime protection, which is really powerful. And security's going to be built in from the beginning. I'd love to get your thoughts on end-to-use, the end-user traction, a huge demand for what end-users are doing. I know you guys are seeing on the program side the Linux Foundation CNCF was talking about trying to get more case studies with seeing the end-users prominent, who you mentioned, Uber, Apple's here, a bunch of other companies, they're here. So end-users are not only just contributing, they're also consuming. How are the new enterprises that are coming in, consuming and interacting and engaging with Kubernetes, how, where are they on the IQ, if you will, level, and what are they engaging on? I mean, because Kubernetes has matured a bit and ready, it's being deployed, people are using it, people are gathering around it, but now people are starting to consume and deploy it at different scales. What's the end-user uptake, what's the hot areas? What do you see the most people digging in? Great question. So I think we're seeing a lot of, particularly these, I want to say mature start-ups. So the Ubers and the Airbnb's and the Lyfts, they've got these massive-scaled technology problems and Kubernetes is giving them, and the whole cloud-native community around it, it's giving them the ability to do these kind of custom things that they need to do, the kind of weird and wonderful things that they can add whatever adaptations they need that maybe they wouldn't get if they were in a traditional architecture. So they're kind of the prominent voices that we're hearing right now. But at Aqua, we're seeing some of these, maybe what you might call more traditional businesses like banks, who they want to replicate that, right? They want to shift functionality really quickly. They're seeing challenges from upstart. They want to compete, so they know they've got to shift functionality quickly. They've got to do continuous deployment. Containers enable that. The whole cloud-native world enables that, and that's where the adoption's been coming from. So they can take the blueprints from the people who built it from the ground up, the large-scale start-ups, cloud-native, from the beginning, and kind of apply the traditional IT kind of approach with the same tooling and same platform. And we're seeing some interesting things around making that easier. So things like the CNAP, the cloud-native application bundling that is coming out of Microsoft and Docker are involved in that. And I think that's all to do with making it easier for enterprises to just go, yeah, this is the application. I want to run it in the cloud. So let me ask you a question around the customer end users that we see coming on board, because you got the upstream kind of community. The downstream benefits are impacting certainly IT and then developers, right? The classic developers. IT is starting to reimagine their infrastructure, all the goodnesses with cloud and machine learning and application is being redefined. It's changing the investments. So in 2019, what's your view on how companies are shaping their investment strategy to IT investment or technology investment strategies with cloud-native? Because this is real trend that you just pointed out, which is, okay, I'm a big company and I've used the old way, now I'm on the new way. And so there's a lot of, okay, instant star, turn the key, there's a run. There's a lot of managed services here. So there's a new persona of customer. How does that impact their investment, IT investments in your mind? What are you seeing? Can you share any color commentary around that? I'm sure we're all aware that we're seeing shifts, away from the traditional data center into public cloud, which has implications around OPEX rather than CAPEX. And I guess following on from that, people worrying about whether vendor lock-in is a thing. Should they be just adopting one public cloud or perhaps putting their eggs across different baskets? Should they be using these managed platforms? We have all these different distributions. We have all these different managed solutions for Kubernetes. There's a lot of choice out there. I think that's going to be interesting to see how that shakes out over the next few years. Are all these different distributions going to find a niche, or how's that going to work? Matt Klein had a great observation on who's on earlier today from Lyft. He says, look, solve a problem. Use the tech to solve a problem and then iterate, build on that. It's the iteration model of DevOps. So that's kind of a, I think that's a good starting point. There's no magic, silver bullet, there's no magic answer. I think it's more of just get in there, get it going. The other question I have for you is 2019 prediction for Kubernetes. What's going to happen this coming year? If we're seeing this picture now, 8,000 people, diverse audience. What's the prediction in 2019 for Kubernetes? Oh, great question. I think maybe broader than just Kubernetes, but the kind of cloud native, because Kubernetes is like Janet said in her keynote this morning. It's essentially boring. It kind of does what it's supposed to do now. I think what's going to be interesting is seeing those other pieces around it and above it. The improved developer experiences, making it easier for companies to adopt. Maybe some of these, maybe choices around things like what service mesh you're going to use, how you're going to implement your observability, how you're going to deploy all this stuff without needing to hire 20 super detailed experts. Because we've got all the experts in this stuff. They're kind of here. And the early adopters, great. Maybe that next wave, how are they going to be able to take advantage of this cloud native? I think it's the programmability is key. Well, great to have you. I think a big part of that actually is going to be serverless, right? The ease of using serverless rather than the flexibility that you get out of. The millisecond latency around compute, yes, great. Well, thanks for coming on. I really appreciate it. Final question for you. What surprised you this year? Was there's one thing that jumped out at you that you didn't expect? Good, bad, or ugly? Just great show here and it was packed and waiting was like 1500. What's the surprise this year from a program standpoint? What was that? I think actually the nicest surprise was the contribution of Fippy and you know, all those lovely characters from Fippy goes to the zoo and that. Those characters being donated by Microsoft, Matt Butcher and Karen Cheese were terrific and so it's just beautiful. It's lovely. That's awesome. Thanks so much, Liz, appreciate it. Liz right here, program co-chair at KubeCon Cloud Native Con. Also technology evangelist at Aqua Security. That's her day job. And her other job, she's running the content program which is very huge here. Congratulations, I know it's tough work. A great job, thank you. Thank you very much. So KubeCon is breaking down all the action here at KubeCon and Cloud Native Con. I'm John Horst, Stu Miniman. Stay with us three days of wall to wall coverage. And only on day two, got a hold of the day. A lot of great stories coming out of here and great content. Stay with us for more after this short break.