 So up next we're going to do a quick scene change on the stage. We're going to do a panel We're going to have Frederick Lardinot of TechCrunch joining me alongside Molly Crowther Who was just on stage and Hen Goldberg and Matt Curry and we're gonna spend a little time talking about security agility flexibility and What's going on in the ecosystem come on out? Let me take this one here. Okay We'll switch. Very excited about chairs sitting sitting. We found coffee backstage We found coffee backstage. Yeah. Yeah, everybody's perkier now than they were during their first panel That's because we found coffee backstage. Well shots of us Should have brought you some you should have I could have used some coffee about now. You want some we'll bring you We're supposed to talk about The Cloud Foundry ecosystem but before we do that I want to talk about something more important and that's that's money Pivotal IPO Molly you excited I No comment You can't tell us if you're excited. No comment. It's happening on Friday You didn't hear it for me. Oh Yeah Okay, we put that there so she can talk about it, but Nice try nice try nice try Abby. Oh You're from We'll work on that We're just gonna roll with that back on track back on track Abby since this it's the first time a company in the Cloud Foundry ecosystem is IPOing. Does that matter? Yeah, I think it you know, it's Important because it to me it really represents a validation of Cloud Foundry The fact that a company is able to IPO with this to be a major part of its portfolio Really says that Cloud Foundry is not only an enablement for end users that are Working really hard to digitally transform But it's also helping companies build other solutions on top of and I think it's important as a platform To to be able to serve as both sides of that And so it really represents You know just for me an amazing validation of the ecosystem that we have but also the technology that sits here Do you think we'll see more of this? Well, we can pressure SAP to IPO I think they've already done that I'd love to see more of that maybe Google Maybe Google could sell IPO Matt you you guys have IPOed a long time ago, but when you made the decision to choose Cloud Foundry Did you consider what the ecosystem was looking like at the time? So I think when we chose Cloud Foundry the foundation didn't exist yet if I remember correctly So we're I mean we're definitely in In terms of evaluating software as an enterprise in the process that you typically go through In doing that evaluation the open-source dimension of it was very appealing And I believe at that time we had IBM and Pivotal as vendors that were supporting it as well as you know, you were able to run open-source Cloud Foundry And so that was appealing right so that then over time It's only gotten more appealing with the establishment of the foundation itself the establishment of the certification so that I Can rest easy that I do have workload portability across different distributions of Cloud Foundry and so Yes, we did look I mean I would say that we looked at that and it definitely influenced our decision Did it feel like a risk still at the time like shooting off fireworks next to your I It's only there was a lot of unanswered questions When you talk about enabling self-service in a company that Traditionally like doesn't enable self-service And so there was a lot of unanswered questions about you know, how do we manage risk? How do we do security? What impact does that have in terms of separation of duties if we're all of a sudden allowing developers to just deploy whenever they want How are we going to do change control? Which is part of the reason that you know, we created the deployed Actile stuff, but You know, so I think a lot of it a lot of the risk or perception of risk wasn't So much around the product selection as much as it was on the Operational impacts that it was going to have for just like how we do software Molly since you're all about mitigating risk In the ecosystem right now, there aren't a lot of pure play security players necessarily do you think the Community is doing enough in terms of security Yeah, so I think that's actually intentional I've talked about this before but The way that you provide a healthy culture for an open-source community like ours is that you Can't have vendors competing over each other on security. So it's something that we work together on which is great because any you know security Kind of things that we're doing as As individual vendors, we're trying to work together to make that story stronger for the entire ecosystem Not just for one of us. Is it working? Yeah, I think it is I mean I love working with all the the partners that we get to kind of interact with all the time So we you know, we talked to the other vendors We you know, it's really collaborative and then what about Google you've made a big bet on Kubernetes You're here now What what you what's your role in the cloud Foundry ecosystem? So first of all as I said before Google and Cloud Foundry and Kubernetes are sharing common principles Of how to build cloud native applications and how to modernize and we've been working very closely With building those open standards and Google was also working on building the cloud Fundy Container runtime, for example, that gives that ability to run both Kubernetes and Cloud Foundry on the application Runtime in a consistent way So from our perspective our main goal is really to bring those practices to the world because that's how Google has been Managing services forever, right? So that's how we manage search and YouTube and maps and everything And with open source and with the community and the ecosystem. We want to bring what we have learned But we also need the community because we are learning so many learning so many new things Right. So if you think about Kubernetes, Kubernetes wouldn't have been the same without partners that are so experienced with on-prem For example deployments and with Cloud Foundry, it's the same the way we are working on the Container storage interface for example also with Istio. So if you'll go to the Cloud Foundry You'll see that there is now already a Project which I saw I think there are 13 contributors one three contributors already working on on integrating Cloud Foundry into Istio and Giving that feedback back to the project will make it better no doubt It's the power of open source power of open source absolutely Ideally you never know this some projects come and go Goals and go go fast. We're the community Yeah, exactly. It's not really open source without the community. I think that's how much you really Make yourself ready for open source and really Not just talk about open source, but really act with it It's so open opening a discussion and getting input and and getting different ideas and now we talked about security So for example the Kubernetes Way we work so we do have a team which is a community team and working on security vulnerabilities But we are also providing an interface that allows different companies and project to innovate for example, I think that actually Makes the pace of innovation faster Since you mentioned the community Matt What what's your take on the state of the community since you're a token user and it probably matters more to you than anybody else Yeah, I mean it's It's improving over time. It's gotten better I think the Cloud Foundry community is different than most traditional open source communities in that it's largely Made up of enterprise users who are not used to being very community driven quite frankly and So were you before you started this? I I had spent quite a bit of time in open source. I did a lot of work with the open stack Which I still have nightmares about but it's fine Before I came and you know when you're running open stack you learn to rely a lot on the community because like you have no Yeah, like you're hanging in the wind So So yeah, so tried to bring like the community dimension and that is why we open sourced You know deployed act all is to try and engage the community and and I think there's been a number of folks You know folks where you've seen users actually become a part of the foundation which has been a great evolution and where you know the customers and users of the open-source software are actually Working to dictate kind of the roadmap and direction of the product in a very direct way And and it's great, but it's it's not like we just turned on community. I got a lot of these projects that Kind of come out of open source by default Build I it feels like I know there's a lot of people that do a lot of work but it feels like the community is more diverse and organic say it like that way and then where like this community is a growing and evolving community and started out being a community of a very small number of Players and then has become is becoming more diverse over time Is is a good thing? Like Abby coached you to say that I'll give you money later Well, Abby and I have had a lot of discussions about that topic, right? Yeah about what we need to do in order to improve the community and like She's obviously been hugely Instrumental and getting us to where we where we are and you know directing us forward. So that's awesome It's important and you know with nearly half of our membership now users like you know yourself at all state It's it's important because you're what's propelling this forward This isn't just a a single idea or a single notion It is the collective and I think that's what makes open-source powerful and that really builds on on hens point About the work that's happening in kubernetes an issue is it's this is the collective and how this all propels each other forward Even separately with different communities I think we still are building and leveraging on each other and in real ways that I think Makes us more powerful at the end of the day That's been really cool seeing the container runtime kind of takes shape Over the last year and and seeing the open-source kind of cloud foundry teams work together with the Google teams and Just like the relationship that's formed between them has been really cool That definitely is an engineering manager. That's something that I appreciate the most. There's something called the engineering economics Right and and we as engineers we want to innovate. We don't want to reinvent the wheel So if you can work together and just allow us to innovate faster We benefit from that for sure and that's something you've done with the kubernetes Community quite well. I think over the last two years since you've been at Google. I think but When you're looking at the cloud foundry community right now in the ecosystem around it Is there something they could do better they could learn from you Fredericks put me on the spot. That's putting it. Yes. Just she's not here just I Don't know that I haven't thought about that I really like the work that cloud foundry has been doing and really connecting the different communities and so far it's been great experience Working with with people right. It's all about the people right talk about the foundry and the foundation But working with people in cloud foundry was is always great And I think everybody in both those communities really put the user in the center and solving problems Here was hoping you're gonna say something No, I actually know I think platform is actually evolving and changing and talking about top ability and bringing other communities That sounds to me like great things and and I'm I would love to have also users talk about kubernetes. That's the way Some of them do some of them do Molly as the community grows the security Does it become a bigger challenge to hurt everybody together and ensure securities? It's not forgotten. Yeah, definitely. So I am technically on the technical program management team for cloud foundry and There's nine of us now and we Basically heard the cats and it's not all security. I mean there's Just making sure that the different teams are working together when they need to and not breaking each other Because they move really fast. So you you know, you have to help them create visibility between what they're doing So as we scale as a community like security Becomes a bigger part of that and it's not just like let's make sure everybody's working well together It's like let's also make sure that everybody's being secure sure Matt, what would you like to see from the ecosystem and the community That's a great question What's missing Well, I think I'd like to see us continue on the path that we're on in terms of like having more diversity Not just from a like overall community, you know individual diversity, which is great But just from a contributor perspective Continuing to drive that diversity up. I think it's a good thing bring different perspectives I think it would be healthy to have more players So right now, I think the ecosystem is largely dominated by a few distributions And so like the more choice that we have the better And I think we're starting to see that like with some of the work that Suce is doing And the cool thing about that is with the certification Like as a customer I'm not breaking the interfaces that are exposed to my developers, but when you look at the different companies they approach Cloud Foundry as in terms of how they deploy it slightly differently And it's nice that they have that Choice and that I as a customer can look at those decisions and make a choice on What I like or don't like about those decisions But still have assurance that at the top layer like my my customer or my developer is going to have the same experience Sure sure for a very similar experience Do you care if those distributions are certified? I? I do. I don't know if if others do but I do Yeah, that's good. That's good to know. Yeah I was looking at the the Foundry the marketplace earlier today and there's about what's it now eight certified secure Distributions eight. Yes, and another eight that are not certified. Yes Why are they not certified? well, I Don't know that everyone needs to be certified and I think Certification is a signal particularly to customers or potential customers that you're maintaining with the upstream And it's a really good verification of that for end for their end users Whomever those are But it also if you're looking to promote it and talk about it externally allows for us We're really just as a foundation. What do we have? We have IP and trademark and So for us it allows us to relinquish the trademark to you to use and say I'm running cloud Foundry So we're relinquishing the trademark to you, but we're saying But we're you know, we're forcing you to say okay. Yes, but I'm also keeping pace with the upstream I'm not forking it and and I'm really making sure that If I'll say it wants to use my distribution They can move their workload somewhere else if they wanted to and it's not a different experience And so for us, it's really important to keep that but if you're running your own distribution and Being able to say that or being able to promote that is not that important Then I could see why you wouldn't want to have a certification. I mean our goal at the foundation isn't to have a million distributions It's to have a you know a nice selection of diverse options In dip in variety of regions I'd like to see it in more regions, but giving people choice, but giving them choice with direction that seems like you've got You would like to have more choice. Well, I mean eight is a good number, right? But I but I think you know, I think when I think of it. It's not so much The number as much as the distribution of customers across that number So, you know, if I have a but only to have customers Then it's like I have to Who are those two? Trying to make a scandal fear fear. Yeah And that comes back to kind of the community tie-in and like the influence Dimensions of what we're talking about earlier, right? So maybe there's something that you know, Kubernetes is doing differently I think we did in seven times in sympathize everybody into community to be conformance. All right now I think there are sixty six zero integration distribution that are all Conformant and the community is working on on extending those conformance test and in essence, it's about of course for the user it's about the portability of workloads and But We are also talking about that consistent experience, right? That's what we are proposing with modernization now for the Vendor for example Because the pace of innovation is so fast Actually conformance is a tool for you to know that you can always upgrade and it won't be Something to need to work on for a long time. So it's the same value as for user also for vendors You know, when I know that Google Kubernetes engine is conformed I know that Upgrade is easy and I can offer the next version and whatever is coming for the community on GCP The certification matter from a security standpoint it matters that we The more people we can have using up-to-date versions the better off we are like I'm you know upgrade upgrade upgrade So if that uncertified distribution has a security issue and it becomes a big deal I mean it can hold on you. I mean, I'm sure you can be not certified but also keeping up with us Yeah, so it's not one is not related to the other. I think it's You know Damali's point and I actually want to reiterate that again. It's please upgrade Well, just maintaining the pace with the upstream which you know right now is about every other week about about that It's fast, but maintaining that pace is important Because more than just keeping pace with new features and functionalities. It's keeping your Your platform and subsequently your application is secure Yeah, I guess from my perspective when it just comes to platforms in general like the platform offers you a benefit in that You take away the work that every individual development team would have to do and you kind of formalize it in the construct of like a platform and so The more that security capabilities like maybe credential handling or something else become platform level abstractions Then you know that certification While it's not important right now based on like what we what we have from a security perspective It will become more perform important because of like vendor a is like I didn't implement any of the security stuff and it's like I'd really like to have that security start and important and And and traditionally not very user friendly. So if I can make that more, you know, if I can make those controls easier to consume That's all the better Safety first. Yeah And easy safety easy safety. Yeah Switching gears a little bit abby With Alibaba joining the foundation What's the ecosystem like right now in Asia and China specifically because what I'm hearing from a lot of the other open source foundations Is that they're seeing a lot of growth, especially in China? Well, China is a fast growing market and If for those of you that aren't paying attention It is a excessively fast growing organism country as a whole greater China And in the region it's cloud. They're investing heavily in cloud Our ecosystem is not as robust as it should be in China because we really frankly have an invested and haven't spent the time So we started in January of this year investing and spending the time we have a couple of distributions One of them a certified Huawei in the area and Mopaz is it is another Distribution that we have there and they've been running for several years But we have a long way to go to really invest and build out an ecosystem because I think Matt really hit on the point is having the diversity in the breath and So we're going to spend a lot of time in China this year and Alibaba cloud Is a great way to kick that off for this year because you know to their point they are the leading public cloud offering in China and are doing phenomenal things and We're going to spend a lot more time there and I'm going to be talking about it Which for the many of you that spent more than five minutes with me. I've talked about China I've been there. I've been there Why didn't you spend time there before? We have a very very small team We have a team of about 12 people and It's we spend a lot of time trying to spend time with our users the community and other projects but you know we and so I Want to be very thoughtful about when we go and invest in regions China is a very big region and really requires the thought and the investment behind it in order to be effective and We want to make sure that when we're doing that we can be intentional and thoughtful and and not over extend ourselves but also really Continue to expand the brand of cloud foundry and and bring as rich of an ecosystem around as we possibly can Totally what's going to say something about the Google cloud in China, but I Think we can't speak about kubernetes in China. Yes. Yes. Absolutely. Please so from the very first days of kubernetes So we have a while a are actually a large computer in kubernetes and we have a large community we have a lot of meet-ups and many users and Cube con is gonna be in Shanghai as well this year. So it's gonna be a big event I think either in September or October To celebrate kubernetes in that region to celebrate. Yes Should always be fun That's what this summit is about. It's all about fun. I think there's beer later on so should be there is beer later on this coffee backstage To wrap it up. We've got about a minute left just Everybody on the panel. What is it that? Cloud Foundry could do better for you Abbey your last but Matt you kind of already told us is there anything else? In general wow Because you've got everybody here. Yeah, the pressure is on right? I think for me, I think it's gonna be interesting You know you have cloud foundry and and kubernetes and I think you know from an enterprise perspective It seems like we need both Or both are useful and so it and it and it feels like kubernetes is taking on a more Platforming nature as it evolves and more focused towards developer experience as it evolves. It's awesome And so it's going to be an open question as to like how do those things come together I think we're in the early stages of trying to figure out what that looks like But you know, I'm really excited to see those things come together So whatever we can do to accelerate that I think is a good thing In terms of community, I I guess that's what I would say outside of what I've kind of already said I guess what I would say is I'm gonna put a put in a plug for security at cloud foundry org It's an email address where you can send any of your concerns about security related to cloud foundry I Would hope that everyone who's part of the community if they see something that they say something Because that's the main way that we hear about things that we need to improve in the platform So if you have an idea if you have a problem if you have something that you know Your bosses want you to do with cloud foundry like we'd love to hear from you security of cloud foundry.org And for me, I will echo what Matt said definitely developer experience has been one of the hot topics in every a cube con the last two at least and but there are different principles, right, so Cloud Foundry is more of a pretty lead platform while Cubase is Giving you more freedom of choice And I think what would be interesting to really learn from the experience and understand what we can plug and play into Kubernetes because as I said before there is a trade-off and sometimes people want to choose but we would like to choose from someone with that has experience Sure and proven best practices Oh, I get to have a point you Over time it doesn't yes They'll let me talk for a long time. That's why I I always think we can continuously improve and I think there that's the name of the game and we're in tech So continuous improvement is necessary. So I Really highlighted this in my keynote, but there's something that's really important to me is improving the ecosystem and Improving the interoperability and building that connective tissue because I do think both of those things are equally important to what cloud Foundry continues to evolve into That's a good answer It's like you've thought about this All right, thanks everybody. Thank you. Let's go and celebrate the pivotal IPO Thank you