 Thanks for joining us and welcome to Open Infra-Live, the Open Infra Foundation's new weekly hour-long interactive show. We are using this show to share production use cases, all kinds of open source demos, industry conversations, and the latest updates from around the global open infrastructure community. Now, this is our eighth episode, and we have some great shows coming up in the next few weeks, and we're hoping you can join us. Every Thursday at 1,400 UTC, like Clockwork on YouTube. Now, my name is Mark Collier, and Sparky Collier on Twitter with the Open Infra Foundation, and I'll be your host for the day along with Jonathan Brice. Today, we are also joined by the Open Infra Foundation board, director, leader from our board, which is Alison Randall and open source extraordinaire. She's extremely active and has tons of experience around the open source world for many years, and we're super lucky to have her on the show, and we're streaming live to YouTube, of course, as well as LinkedIn, Facebook, and Twitch, and we'll be answering your questions throughout the show. Make sure you put those questions in the comments, and then we will answer as many as we can. With that, let's go ahead and get started. Yes, let's do it. Thank you, Mark, for that intro. As you mentioned today, we are answering questions. This is our AMA, our Ask Me Anything. Perhaps we should say Ask Us Anything. We started promoting this episode over the last week, and we have been gathering questions from around the world, from our global community, and we actually even have some from some press that we've been interacting with, so we've got some good questions already that have come in, but what we really want to do is we want to also hear from those of you who are watching right now. So throw your questions or your comments into the chat box wherever you're streaming this, and we'll make sure that we incorporate them and try to get an answer to you if we can see that. So to start off with, I actually wanted to go ahead and kick it off with a question that we have that is actually a pretty common one right now, and I think is very relevant for us who are working on open source infrastructure specifically, and that is what is happening with open source and public clouds? Public clouds, especially the hyperscale public clouds, have created a really different dynamic in the IT industry overall, and they have, I think you know, disrupted the way that people are consuming technology, are buying products and working with vendors, and it's also had a big impact on open source, and I've heard some people who have the opinion that public clouds are killing open source, they're killing open source businesses, some people don't think that at all, they think that it's giving users more options for running open source. I think this is just a really fascinating discussion. I wanted to open up there, if you all have any thoughts, what is your opinion on the impact of hyperscale public clouds and open source? Allison, you wanna go? So I think the hard thing is it partly depends on your fundamental philosophy of open source, and there are two major camps that have been from the very beginning. The one is the Berkeley camp that sort of begun open source in the 70s, and that is very much a permissive, if open source is being used, that is success, that is great. And the other is sort of started more with like, well, actually Emacs, but like the GNU sort of copy left camp, and that is kind of more, well, open source is successful, it's not just about being used, it's about is there contribution back? And I think if you're just looking at it from the use case, then no, hyperscale public clouds aren't bad for open source at all, they're fantastic, they're all built on open source, they extensively use it internally, they have some proprietary components in them, but they use a lot of open source, and then also they enable the deployment of open source at massive scale very easily, like most of the software that's running in those hyperscale public clouds is open source. So in that sense, they're actually an enabler of open source, they're a sign of open sources success, and they help perpetuate that success. But the other side is the contribution back side, and on that, I mean, I think we have certainly seen a growing trend of contribution back to open source, even from the proprietary public clouds, but I'd say there is less contribution back than from some other companies without naming names. And I think when people get angry, when they start talking about, like, is this killing open source? That's what they're really talking about. And I think also, maybe we might have a unique perspective in the sense that we are open source that's kind of a direct competition to that small layer of their software that is not open source, which to me just seems like a massive waste. Like there's a lot of duplicated effort between the open source cloud infrastructure software and the proprietary infrastructure software that's out there. So if I had a hope out of all that, it would be maybe over the next 10 years, we could see more convergence. And that big stack of open source software they're using underneath, there would be more and more open source trickling into even the parts that are currently proprietary. Yeah, I think that's a really great way to think about it. And you're absolutely right from the historical perspective, everybody comes in with their prior so to speak about what is open source and then the norms and is this good or bad is very much framed by your thoughts of which camp you interpret open source from. And I would say that a lot of where the confusion comes in is people are looking at the businesses, right? That are startups or companies that are growing. Single company open source really, I think is what I would say is the most threatened by kind of the rise of the public clouds. And so in a lot of your perspective then in terms of how you interpret how good or bad or how big of a crisis it so-called is is I think comes from that point of view. If you're a company that's really kind of the only company driving a specific open source project, then that's where we're seeing I think the loudest kind of noise and people getting wound up. And you see venture capitalists coming out and saying, we're worried about this because we've invested in this one company that's the one company basically driving this one open source project. And so that's kind of another dimension to consider it from. And you know, obviously kind of our experience with OpenStack is very intentionally multi-company, many, many, many company, hundreds of companies, thousands of companies that have contributed over time and taken it to market in various ways. So I think that's another dimension that's interesting to think about. And if you look at there was a really interesting example of something that happened recently with AWS and Matt Wilson, who's a big kind of open source advocate at AWS. And they had of course this kind of elastic search hubbub that came about and Amazon created their open search, kind of like fork of it. And they're trying to build a community around it. And they in the process discovered some kind of bug in one of the related upstream projects that the open search fork of elastic was consuming. And they ultimately kind of worked with the community of that. That other project to kind of land something upstream was a part of the Apache Software Foundation. So it's kind of a quick anecdote, but I think it's an interesting sign of things kind of moving to the better trends in terms of using that one specific example within Amazon Web Services. So to me, it's definitely not black and white. It's not all good, all bad. Is this killing it? Is this good for it? It's obviously nuanced, but I think that's a sign of some progress in the right direction in my opinion. So it sounds like the two of you are fairly well aligned around an answer that is, no, it's not killing open source, but it's creating challenges for certain kinds of open source and also maybe requiring us to think a little differently about our expectations of just kind of what comes along with starting an open source project or trying to build an open source business. Yeah, I mean, the dynamics are completely different than they were 10 years ago without a question. So you have to respond and evolve to that. I think if there was no other way to consume open source or I should say consume cloud computing than two or three companies and we fast forward 10 years and that's all the only way people are doing any infrastructure, I would say that's a bad outcome for humanity, but I don't see that we're there today and I don't know that that's an inevitable outcome given how much increase in open source contribution and adoption there is and how many people are running infrastructure outside of those big three providers or four, if you think about Alibaba being another example, but and you also see those big three or four companies getting more involved in open source. So to me, the picture is fairly optimistic. Yeah, and I think that, as you mentioned, the landscape is very different, the market dynamics are very different and that's something that is not just unique to open source. I think that that's how the technology industry works in general and we go through these cycles and it's something that we're all facing and so with open sources as kind of a segment of tech, it's gonna be impacted for sure. So while we were talking about that, a question came in from Allison Price that I think is a little bit related to one of the things you mentioned. You mentioned the open source project elastic and how AWS has been spending up a different distribution of it. There's an interesting thing that I think has happened with several very popular open source projects recently, which is that they have changed the license that they are distributed under and for people like the three of us who are kind of open source nerds, licensing is something that we think about a lot and pay a lot of attention to, but this was something that I think caught a number of people by surprise. Why did it happen? What's the impact? What do you think is the root cause of some of these relicensing and what do you think users should be thinking about in terms of the impact of their businesses if they're depending on open source software and licenses are changing or the way that the kind of the ground rules that they engage around a project change? I mean, I think Mark really hit on it in the last one and that is elastic. It's one of those companies that the way they constructed their business, they included an open source release of their software, but the business model, the way they structured it, they didn't really think about the fact that open source licenses, like one of the fundamental rights is that you can fork it, you can distribute it. And so there was like, they had a weird moment when they panicked because of what their license was allowing, which is what all open source licenses allow. So it's just a standard part of open source, but I don't think they were really very clueless about what open source licensing is. They wanted the brand boost of the name open source, but they didn't really understand what that meant. So they did a pullback and they changed to what is actually proprietary license. So Kenny, can I ask a follow up there? What piece do you think was maybe not fully understood that's a key part of open source that introduced that threat that they felt like they needed to address? The way it's phrased in the open source definition is no discrimination against the fields of endeavor. And that is fundamentally, someone is allowed to take your software and make a business on it and make a profit on it. And then also the sort of like, you're allowed, so there's the thing around fees, you're allowed to make money off of open source, you're not allowed to charge a licensing fee. So in order for Elastic to give a license to Amazon, they're not allowed to charge a fee for that license. That is fundamental. And the reason is that is what makes the growth and innovation and sharing possible. That is what makes open source successful. And so they were like, so ideally what they could have ended up in is a situation where Amazon is contributing patches back to Elastic and they're collaborating together and it's recognized that this is not a zero sum game. There's plenty of room to have one provider making money off of push button cloud installs on their cloud, another provider making money off of support contracts and their own distribution system. He's like, there is room in the system for more than one company to make money off of an open source project, but Elastic couldn't see that. The way they saw it was we should make all the profit off of the software, but we also wanna release it as open source. And so what they did was a clawback. It was basically, okay, we're going to change the license to proprietary license so that we can then control all the revenue, which is fine. I mean, if people wanna make proprietary software and license things in that way, that's like, I'm not gonna complain about that. I do complain if they try to call it open source and do that, but so it's, I was in that context, Amazon put out a press release that I was actually really impressed about when they did the fork where they like, they were like, I mean, I know they've hired a lot of open source people. Clearly they had some cluful open source people involved there, you know, it's like, no, this is fun. This is what the open source license does. And within this open source license, it was released under before we have the right to fork. That's fundamental. And we think it's important for there to be a truly open source version of Elastic. So it wasn't like, I mean, I know they had commercial motivations as well. They wanted to keep making a profit off of it, but they understood like that this is not a debate. This debate is not just about two companies complaining about who makes money. This debate is actually much more fundamental and it's about what open source is and what open source enables. And in this case, I won't say Amazon is always right, but in this case, Amazon was in the right. They did, what they did was reasonable and it was actually good for the users. Yeah, I agree. And I think that what's interesting and I've seen this pattern emerge many times is you have, I think there's this incredible temptation once you had this huge open source success where it's just a runaway success and suddenly you have a massive community, tons of adoption and you have all these benefits, right? And there's this temptation to go, man, if only we could capture all of that and as if you could just go back and do it all over again, get the same results, but be able to capture it all if it hadn't been open source, which is a major logical fallacy. I think that's just a kind of a fantasy, right? Like you can't have your cake and eat it too, right? You've got to think, in my opinion, in terms of it not being a zero sum game, in terms of like, if you try to capture all of the value, you can do that. And like you said, go proprietary, develop the value, capture the value, knock yourself out like that. I have no problems with that. But in my opinion, most of the time, there's going to simply be less value to capture, right? So you're gonna own all the pie, but it's gonna be a much smaller pie. So I think that there's just kind of this temptation to kind of wake up one day and go, wow, I'm like, I'm Docker, Inc. And I have the hottest open source project on the planet. It's changing the way developers do everything. The only thing I wish is we controlled it more. And when you do that, be careful what you wish for. Like the unintended consequences can be very powerful because you've benefited from all that openness and kind of the open source nature of it. And oftentimes it's the pressure of investors. You have, you get raised more money or whatever. And suddenly it's like, well, this market's so big, why don't you have more of it? And I would just submit that, the reason it's so big is often very much tied to those decisions to be open source in the first place. And to your question, Jonathan, like as a consumer, if I'm looking at a product from a company and they're telling me it's open source, what do I need to be considering? You need to be considering whether they can actually re-license it later or whether or not if they did kind of say future versions are under a new license. Like what does that do to my strategy? Does that threaten kind of my whole stack? Because I think that the state of any stack today is that you have hundreds of open source projects or hundreds of pieces of software inside of your environment in terms of how you write, deploy, run in production. So it's this kind of complex, almost like Jenga that you don't want to fall down. So you got to think sort of game theory, what happens if one of these pieces in this Jenga puzzle tower, I have to replace or I suddenly it's no longer open source. So I think it will cause the end consumers, the customers, the people making decisions to think twice and go to companies and say, look, when I put out this RFP and I said it need to be open source and you supply this product and I select it and now we have a customer relationship that you're not gonna re-license it later. So I think we'll see some kind of second order effects in the market where companies that are now feeling perhaps a little uneasy because they bet their farm on say like an elastic type product and well this isn't the bargain I thought we were getting. So it's all fair in the marketplace. So I think people should try these different models out but I think we're gonna see some market reactions in the customer bases and in other people that are consuming this stuff to say like, it's open source today, not tomorrow, where are we going with this? So that sounds like you are an adherent to the old adage that open source is not a business model. Yeah, it's definitely one of those things that I think people get hung up on and so the question of what are some good open source business models? The best answer is that's the wrong question which is like business models are business models and open source is as Allison eloquently described, defined and we can talk about the OSI being the kind of like accepted body that's writing that definition with the input of everyone in open source hopefully. But that definition is about kind of freedoms and enabling people to do different things with the software which may or may not be commercial and you have the options to do it commercially, build a business, you can also not build a business so it's somewhat of apples and oranges to compare business models to licensing and they're super connected but I think it's kind of a logical, another logical fallacy I guess if you can deflate the two. I'm gonna try to describe it as that open source is a production and supply model and you can pair any business model that involves software with open source instead of proprietary software but the business model is a thing in its own that doesn't, there's not a one-to-one course one between business models and open source it's more business model is, business model is the way you run your company open source is a choice in how you supply or distribute your software. Much better answer, thank you. Much more clear than what I was railing on about so thank you. So this show is open and for live we're all associated with the Open Infrastructure Foundation and one of the questions that came in early was around Ceph, do we use Ceph in this open infrastructure? And I think this is, it's specific to Ceph there were some other questions about Ceph I think we shared a link to the Ceph community so if you have kind of technical questions around Ceph that's a great spot to go get involved with the developers and users who are really deep into Ceph but I wanted to address this a little bit you know what is open infrastructure? Mark I know this is a question that you get I've heard people ask you that what do you think we mean when we say open infrastructure? Yeah, it's a great question and I think it actually is sometimes difficult for people to wrap their head around especially in the context as you said of all of us being part of the Open Infrastructure Foundation so the simplest definition is it's infrastructure like cloud computing, edge computing built and operated with open source software components that's kind of the basic definition it's also we think very much a community of people who are practitioners, operators as well as upstream developers and I think that we think about the many, many pieces of open source software you might combine and compose to put into production to power your infrastructure and then you think, okay well how does that relate to the Open Infrastructure Foundation? And I think one of the things that maybe can be confusing to people is to understand that not every piece of software that's open source that you might actually use in the composition and production of bringing your cloud to market is necessarily gonna be hosted by the Open Infrastructure Foundation so as a foundation, we are committed to helping build communities through right software that runs in production but there's also a lot of work to be done and pulling together different pieces I think there was a question about SEF that I saw pop up on the screen and so I think there's a lot of open source out there that's relevant to our community, to our members we have 110,000 members in over 180 countries like SEF so great really valuable pieces of software SEF is widely adopted inside the open infrastructure community and among OpenStack users for example Kubernetes is another good example Linux obviously very foundational so not all of those projects are quote unquote hosted by the Open Infrastructure Foundation but we as a community are trying to get all the pieces and communities to work together so that when you test it all and you run it all in production, it actually works like that's the sort of last mile of open source and where so many of the challenges are in the real world so we think of Open Infrastructure as sort of more broad than just two or three projects obviously like OpenStack very critical component in that but there's so many other pieces to it when you think about like running a production cloud I don't know if that addresses the question Jonathan but that's where my mind went and Srinivasan just asked, you mentioned OpenStack and is Open Infrastructure related to OpenStack by any means? Absolutely, I mean we like to say OpenStack is the heart of open infrastructure you know one of the things that's kind of insane we were recently looking at how widely adopted OpenStack is and right now currently one of the things that kind of blows my mind we were looking at just the telecom world and you see that like four billion people more than half of the humans on earth are actually connected to networks powered by OpenStack so that is Open Infrastructure in a really meaningful way that's actually connecting human beings four billion of them around the world so yeah, OpenStack very relevant to Open Infrastructure and I think as we became so historically we were the OpenStack Foundation focused on OpenStack because in the world of infrastructure and open source that was the first primary thing we needed to really produce and infrastructure as a service suite of software really make it work well and we're in the 23rd release but after 10 years almost 11 years so many other capabilities are necessary to make a fully functioning cloud and so that's why we became the Open Infrastructure Foundation it's a broader set of software out there more work to be done but OpenStack is absolutely a vital component in many open infrastructures. So you talked about kind of starting with OpenStack and expanding to open infrastructure we recently became the Open Infrastructure Foundation as the successor to the OpenStack Foundation and one of the things that you and I got a chance to do this week was a press conference with a large set of reporters in China the Chinese media as well as some of our platinum members that have a presence there and this is my, I tweeted about it I don't tweet very much, I'm on Twitter I send a tweet, this was my 2021 tweet but it was really interesting and exciting to be able to get some of their questions and also to hear from some of the leading companies China's obviously a massive, massive market and in the last few years so many companies have been getting involved in open source projects and are starting to create open source projects of their own that's very exciting to see but one of the reporters there asked what does it mean to be the Open Infrastructure Foundation what are we seeing as kind of the changes and where are we going from here? So I'd love to, Allison you were a really important part of helping us to make that move and you've worked in our community like many open source communities you've worked in ours for years now and gave us a lot of great input and strategic insight as we did that so I'd love to kind of hear your thought as somebody that helped to guide us through that process. I mean, I think the best way to put it is that name change is really just about embracing the identity we had already developed so like developing this open infrastructure identity was like almost the entire course of the foundation even from the beginning we were very aware that the OpenStack project where it started also depended heavily on upstreams it depended on Linux it depended on various other dependencies but it also had a chain of things that either depended on it directly or were building on top of it so we were conscious both of any project that consumed OpenStack or any company that distributed OpenStack but also of all the many, many, many open source projects that run as guests on top of OpenStack so it's, from the very beginning we had a very big consciousness that we're just kind of a part within a much bigger whole and the integration is key but I think we became much more aware of that over the years so understanding that integration is important and we also like sort of gradually over the years we evolved from welcoming more and more projects within the OpenStack umbrella to recognizing that actually not everything needed to be in the OpenStack umbrella and we should welcome projects that don't necessarily need the label OpenStack but they're still open infrastructure so the foundation became an umbrella for more than just OpenStack but then we've also always had this consciousness of relationships between the projects that we hosted this foundation and also the projects hosted it at other foundations projects that don't have any foundation and I think the thing that's beautiful about the open infrastructure identity it does represent all of those things it represents that we know the projects we are hosting are broad and cover this space of open infrastructure but also that we understand that we are part of a much larger and more complex ecosystem and we care about the relationships across the band I think that's a perfect answer for it and I think that one of the realities in the open source world and especially in the infrastructure world is that the pace of innovation is just incredible it is moving faster and faster there's more open source than ever before and no one is running their entire data center their entire business with just one or two pieces of software and I think that some of this is an acknowledgement that if we want to support companies and projects we need to be thinking broadly like you said Yeah and just to jump in there I think Allison absolutely nailed it and I think one of the things that I loved about your answer Allison is that it's kind of the mission we've been on all along and one of the things that is kind of interesting to think about is the very beginning and the simplest definition of OpenStack is open source infrastructure as a service software like back when everybody was talking about IaaS and that was the buzzword and if you think about that very simple definition the word's open and infrastructure actually right in there so we built in an Easter egg knowing that maybe eight years down their line we might become the open infrastructure foundation not really that was just how it worked out but anyway it's cool to think that we're still kind of on the same mission it's just a much bigger world out there and it's fun to still be going to it and look into the next decade Yeah and you've also mentioned community Allison and we just got a question on YouTube from Yusuf that I think gets to the heart of community says is there honestly a place for human empathy and current tech communities does seem lacking to me in action but high in marketing open source means collaboration correct this is a really great question to consider I have some thoughts but I'll let y'all chime in first I mean as an old school free software developer I have to say the 2000s were a rude shock for me when the focus shifted from look we're just a bunch of people we're hanging out we're working together we're doing some stuff to these big marketing conferences with the floors and everything what I have come to understand though is that yes like that marketing component sometimes it feels like conflicting with the community part but it's actually not and the reason is so I've had these sort of community projects that have no component of let's help businesses understand what we're doing that just died because there were just a few people talking to each other and the word never got out so the way I've come to see it over the years is like community is the core if you're lacking empathy that's a problem if your tech community is tearing itself apart that's a problem so community and collaboration is absolutely a core but that's not a conflict with marketing marketing when it's done well in a way that understands the community and a way that understands the businesses that the communities are trying to reach out to and serve is actually a really good thing because it helps those communities who might not know how to they may not have a voice to their users it helps communities shape that voice to their users while also not losing that empathy and that collaboration so when it's done well it's actually a harmony the two work together but how do we make sure that we are building those communities that do display care and empathy and don't just kind of use those as buzzwords? It's not easy part of it has to do with creating a safe space and a safe structure and I think that's something that we didn't really realize in the 90s that you actually sometimes have to put roles in place to create a safe space so that you can have that collaboration so that's part of it and part of it is also it's really human relationship building so consciously like building a culture of connecting over mailing lists of connecting over IRC or some chat service of the in-person events that we haven't been able to have this year but we've kind of substituted with some virtual collaboration events but that kind of like face-to-face collaboration in person when you can, virtual when you can there's a human psychology to building culture to building tribes, we would call them an anthropology that you really do have to kind of consciously take those steps you can't just assume that a bunch of people sitting at their keyboard in their home are gonna like really make those connections and part of it is about the senior members of the community sort of setting examples and I think that's one thing that in OpenStack I've seen so I knew several of the senior members of the OpenStack community in the Ubuntu community before so I know they had already learned those sort of patterns and then they replicated them and actually improved on them when they were building their next open source community so leaders who understand community building and actively practice it is really important. Yeah, I think that that's a really good point about the established members of communities I think just like any kind of structure sometimes people, I think that there are times where you don't realize maybe how much of an impact your code review can have in terms of being welcoming or turning somebody off and so it is important for those established and senior members to sort of model the behavior that makes a healthy community to also coach other people that are maybe falling short and then I think also, and this gets into something that I think has we've seen in some of the recent news in different open source communities when there are toxic or abusive or people that are really damaging to the community and to the members of the community, you have to be willing to actually move them out and address those otherwise, that ends up taking over your community but all of those things are, as you said, they're tough. You have to constantly be putting in that effort and it's something that you, one of the things where you end up with kind of the community that you build, we worked with somebody once who said, we have met the community and it is us. You know, because I think sometimes when I've worked with different projects or companies who are involved in open source and they will talk about the community like it's an external thing and in reality, we are all the community and our behaviors are going to have a big impact on that kind of outcome and what experience people have. I agree. Well, I mean, I just, I think that Allison once again, kind of hit the nail on the head here specifically about like those individual relationships and I very much look forward to when we can get together in person again as a community because I think that too much time behind the keyboard and kind of people can get a little bit more tribal or kind of get attached to labels like you're, I've been marketing and you're an upstream developer therefore, this is our starting point versus I'm this individual, you're that individual we both kind of have a common goal with this project. We want it to be better. We want to add features or make it more reliable or make it easier to use and write more documentation and sort of thinking of it as awareness versus marketing. I mean, it's fine to call it marketing but I think at the same time with the early days of OpenStack, I mean, I think a lot of people were a little bit surprised by how much we put awareness forward or marketing forward. We built a lot of t-shirts. We did a lot of things to kind of try to make it bigger and that did create tensions and growing pains and things like that. But I think looking at it as individuals and that everybody has a potential to contribute whether they're writing lines of code or documentation or they're helping to generate awareness and not getting too kind of hung up on those labels like I'm a marketer, you're an upstream developer or whatever, but like I'm just a person, you're a person I think that's where the empathy really comes into play and looking for what's the common purpose we're trying to achieve and not sort of get too hung up on what the roles are and just think like there aren't these dividing lines or these bright lines between one label or the other and we're all just people and we're trying to make the software better and how more people run it. So I wanna change directions a little bit here and I want to talk about something that is what I think is one of the most important topics in technology and an area that actually has really seen a lot of open source activity and that is telecom and connectivity. And Mark, you threw out this stat a little while ago which was about four billion worldwide subscribers and that is based off of data that we've collected of telecoms who are powering their networks with OpenStack and I think it's something like nine of the top 10 that the... Yeah, exactly. Yeah, nine of the 10 largest telecom operators on the planet are running OpenStack as part of those networks today. Yeah, and that is, I think that's an incredible uptick in adoption of open source into really critical true infrastructure. Connectivity is a key piece of infrastructure. A few weeks ago, we did an episode with some people who are really experts in this, Bruce Davies, Amar Pavanavan and Martín Casado and we talked about connectivity in a lot of depth and I wanted to play a little clip of some comments that Martín made about the networking space, not even just open source, but just about the networking space. So maybe we can roll that clip of Martín. I think what's excited about this, if you zoom out just a little bit, which is there are massive technology trends, there is a market, there are new applications, we've talked about all of them. But I mean, I almost feel like doing a call to arms, which is it's hard to find another sector or another area where the problem domain is this rich. If you actually look at what Amar's doing with Magma, it touches tech, economics, regulation, social issues, operational logistics issues. I mean, all of these things are required in order to do deployments. And so, often tech is like this kind of 2D chess game, you know, like tech pieces, and maybe tech and economics and 3D chess game, whatever I mean, whatever I mean, I think this is kind of complex and complex and it's a space I've never seen in my entire life. And so, you know, for those that are listening that are interested, I do recommend them actually looking into this broad problem of, you know, connectivity, what does it mean going forward? What are the convergence? What's happening? What is Magma and so forth? Because again, like we're at this like, you know, inflection point now, and we're seeing, I think the same type of evolution with, you know, last mile connectivity that we saw in the PC industry, you know, back in the 80s. So it really is quite interesting. So there we have Martin saying this is, you know, the biggest opportunity that he's ever seen. And Martin Casado, he's a VC at Andreessen Horitz. So, you know, he's one of those capitalists that wants to make money. But he also started an early open source company, NYSERA, that was acquired by VMware. They created Open VSwitch and, you know, we're really pioneers in the SDN space. So when he says something like that, you know, I think that it's definitely got some weight and experience behind it. The thing that to me is really interesting is, you know, we are 10 years into the, what like you were saying, Mark, since we started Open Stack as open source infrastructure as a service. But, you know, what we are starting to see now is that rather than it being something that's just adopted by tech companies or software as a service companies, it's getting into these core infrastructure components. And I think this ties back to a question that came in earlier, which was, you know, where do we see open source changing and going over the next 10 years? And this example of networks and telecoms to me is actually a great hint for what we're gonna see, which is that this is going to be something that gets embedded into more and more just what we think of as core traditional industries and use cases around the world. And so, you know, I'd love to hear your thoughts on where open source is gonna go. What industries is it gonna impact next? You know, what are the things that we're gonna see kind of drive those changes? You asking me. You start. All right, I'm happy to go. Yeah, I mean, first of all, I would say that the most honest answer is, I don't know, but one of the things that's just, the reason I say that is it's incredible to think about that stat about the telecoms because when we started OpenStack, we had no clue that a single telecom provider, anywhere in the world would even care about OpenStack and now it's connecting 4 billion people. So one of the amazing things about open source is that freedom to use it in any way you want that Allison was talking about earlier. And I think that that's what's so amazing about it is it may impact some industry that you had no idea about. And that's why it's kind of so much more powerful than like any sort of proprietary top-down kind of, you know, central planned kind of approach where you're thinking about, why not exactly how people are gonna use them and design it for that purpose? You know, if you unleash it on the world, they'll use it in so many different ways. You can't imagine unlocks a lot more value. But I think without a doubt, I think that I'm very optimistic it will continue to be more pervasive. I saw a stat recently that 99% of all software today contains some open source. So if you're building software today, you're probably almost certainly using open source. So I don't think that that's gonna change at all. But I think this kind of continual shift towards everything as a service is absolutely kind of related to that very first question we open up with, which is the big cloud providers, how's that affecting open source? So I think that the way to think about it in my mind is that everything as a service just gonna affect how we build upstream but also like actually operate this stuff in production. And this idea that here's just a piece of software you install and therefore then maybe every two years you upgrade it. You know, I think that that's actually what's gonna go away and may take a long time but like what we're seeing with things like CI CD, Zool is an amazing tool that was built by the OpenStack community but there are tons of others out there. So continuous integration, delivery, continuous development, deployment, all the ways you wanna call CI CD. I think that that just continues to merge with the concept of open source. So all these things that we think of distinctly are just gonna become more and more kind of, they're gonna meld together and you'll start to think of upstream communities as truly like a stream, right? Where you're just as it comes in it rolls out to production. Now we're a long way away from that in kind of many open source communities. We still have people that will take a cut a version of say OpenStack and then install it and then in three years they upgrade it. But if we're talking about 10 years I think that that's what we're gonna see sort of a shift from the idea that software is the static thing to this much more continuous innovation pipeline. And then on top of that, where the real complexity is and the real work is the fact that when you just run a new OpenStack every day it's not just OpenStack, right? What are all the dependencies? So we're talking about a very complex kind of world that I'm making it sound like it's just gonna magically happen but you gave me a decade so I think we can pull it off. And the thing about that world is it's actually the stack is too complex for one company to write it all themselves in a reasonable amount of time to like, you know, like sure Amazon made their cloud they were already using something similar internally but the chances of other companies coming along and making an Amazon cloud now it's just impossible. So what that means is it's actually more economical to do things as open source than to try to do your own internal proprietary. And that has this snowball effect over 10 and 20 years that you will tend to see more and more of this large scale distributed infrastructure software being written as open source from the beginning even or more and more relied on the open source components become more and more relied on by more and more companies instead of each one writing their own separate thing. So it actually means we're more interdependent than ever in the future which I think is a good thing, right? We should embrace that. You know, I think that it can be a good thing but it raises a question in my mind which is, you know, what about software supply chain security? You know, this is a hot topic lately as we've seen some big exploits, some big attacks and major systems compromise. What do users and developers of open source need to think about when we are building this software using this software to make sure that we're taking into account security and the interdependent nature since it's not just a single piece of software. I think we should throw that to you, Jonathan. What do you think? You're asking all the questions. What do you think, Jonathan? Well, I think that security is always, you know, it's a multi-layered effort. And so, you know, I think that when we are talking about open source communities, understanding the flow of software and an open source project is really important if you're a consumer, you're building a business on it. You need to understand how does the code get written? How does it get accepted? How does it get released? How does it get distributed? Because at each of those steps, there are layers that can positively or negatively impact the security. And so, you know, it is something that becomes the responsibility of consumers to make sure that that whole kind of provenance of the software includes the mature processes. So there are code reviews that are not just surface level that have multiple eyes looking at the code on the way in. There's some kind of policy for how dependencies are introduced. You know, one of the things that has been the underlying cause for a number of those exploits recently was pulling in a dependency from a separate project that maybe wasn't maintained as rigorously as the core project. That introduced some kind of backdoor loophole that was able to be exploited. And so understanding what's the governance of code on the way in is a really key part of it. And there are a number of things that are fairly well-established across open source projects. Again, like code reviews and policies for incorporating dependencies. And then I think also, you know, just how does the code get from there onto my server, onto my desktop and understanding, you know, if you're working with a commercial distribution, what are their processes for testing and integration? What else do they pull in? It really is, it's something that the term software supply chain security is something that has really become kind of a term du jour. But to me, when I actually hear that term, it's the way that I think open source communities have often thought about the flow of code from, you know, the mechanical keyboard of a developer onto a server eventually down the road. There are steps, there are checkpoints, there are people who are involved in each of that. In open source, those are all structures that are operated in the open. And, you know, for those of us who have run businesses on it before, we've tried to understand, at least at some level, how those work. And I think that extra visibility is actually a benefit of open source. But I think as, you know, developers and people who create projects or maintain projects, there is a responsibility there to make sure that we are doing things responsibly and mature. We have, you know, vulnerability disclosure processes and so there are a lot of these things out there. Actually, someone that we've worked with, Ann Bertucchio, who is now at Google, I saw that she tweeted last night and they are hosting a security day to talk about some of these issues and specifically open source vulnerability management and dependencies. So, you know, there's a link in here, it's a Google link slash security day. If you're interested in this in more depth, that's happening in just a couple of hours, a little bit later today. So, you know, I think that, yes, it's a very layered topic, something that I'm glad to see people like Google and others investing and publishing more and more of their learnings and kind of tips and tools for other people to engage in. And Ann was very active in the OpenStack and Coddic communities in the past. She used to work for the foundation. So, shout out to Ann. Good luck with your talk today. Yeah, and a comment that just came in from YouTube was kind of highlighting that for a lot of non-open source software, we don't really have that visibility. We don't know what the real security is and, you know, so this person considers open source more safe over the long term. I think that's a good way to look at it. Yeah, the nuance we've come at over the past 20 years is we no longer say open source is more secure, but it's that open source gives us the opportunity to make it more secure because we can actually look at it. We can actually run reproducible builds on it. We can actually, you know, whereas we just don't have any insight into the proprietary software, which means chances are, you know, practically speaking, it has a lot of bugs and it has a lot of security flaws just because all software does. So, if you can't see it, that's a bad thing. So, we are just about out of time. I'm just trying to see if we have any other final questions that I missed here. Yeah, I think we actually were able to get most of the questions that came in. Any final thoughts about the kind of key things that the people who care about open source should be thinking about or engaging in as we wrap up this episode? Well, I love the question about empathy and I just think that like, open source is all about individuals participating and we can get roll hung up on business models and is this company threatened by this company and absolutely economics is, I love economics and everybody should think about a way to participate and get rewarded for their efforts. So, I absolutely agree with that as being an important principle, but at the end of the day, it's just individuals working across communities or, you know, not sort of drawing too many dividing lines between this community and that community and, you know, let's not build a bunch of walls, let's work together across companies, across countries. That's where the real opportunity is and I think that that's what I love about open source and I think in the infrastructure space, we have nothing but opportunity there, you know, let's connect the next, the last three billion, four billion people left to connect, like let's just take that opportunity to work together. It's amazing to think about that four billion number that means that, you know, that's sort of half of the population of the planet and, you know, that's pretty amazing and awesome to think about the efforts of these communities make an impact. And impacting, yeah, that many people around the world. Any final words, Allison? Great to check. Really interesting questions. Thanks, everyone. Yeah, I really appreciate all the interaction and the comments and the questions. You know, this is our first AMA that we've done. You know, I think we'll probably do some more of these. So, you know, if you didn't think of a question today, feel free to hit us up and send those along and we'll include them in our next one. So, you know, thank you very much for joining us, Allison, and for being willing to sit in the hot seat with us and go through and share your thoughts on open source and letting everyone pick your brain along with us. So next week, we're gonna have a great episode that is going to be kind of following up on some production use cases that we have heard about previously, talking about upgrades and large scale, and we're gonna have a number of users. The last time that we did this, we had some really good users who were talking in detail and here's a little clip from Blizzard from the last episode. If you've played any Blizzard games, you're probably familiar with this screen. So it's Tuesday, I guess I just don't play my video games today. Too bad that was my only day off, that sucks. So this kind of weekly scheduled maintenance used to be a standard practice in the online gaming industry, but it's really not normal or acceptable anymore. We just don't have that weekly eight hour window to just take down APIs, perform upgrades, do any kind of maintenance that we want whenever we feel like it. Game servers that we support host long live player sessions may depend on OpenStack APIs to be available and how long are those sessions? Well, just think of how long it might be possible for a person to be awake for a day and then maybe add a few more hours of Monster Energy drinks to that and that's about how long they last. So really the only way we can deploy upgrades on a regular schedule is if we're able to deploy them with zero downtime. Did we solve for that? Amazing. Solved for that. Cliff Hanger, oh boy. If you want to know the answer, Joshua from Blizzard is going to be part of next week's episode along with Belmiro from CERN, Arno from OVH, Mohamed from Vexos, MTS from Workday and Terry Coez from the Open Infrastructure Foundation. They will all be joining us to continue this discussion around upgrades and large scale OpenStack deployments. And the last time that we had this discussion, we had a ton of questions. We weren't able to get to all of them. So we're going to be covering those and more, don't miss that one. This show is made possible by our community. We have community members on here every single week. If you have ideas for what you'd like to see in future episodes or if you think that you want to come on and present with us or have a topic, please share those at ideas.openinfra.live. Let us know what you want to see. This show is all about you and bringing our community together. So thanks again, Allison and thank you, Mark and be sure to join us next Thursday at 1400 UTC. See you then.