 from Seattle, Washington. It's theCUBE, covering KubeCon and CloudNativeCon North America 2018. Brought to you by Red Hat, the CloudNative Computing Foundation and its ecosystem partners. Hello everyone, welcome back to theCUBE's live coverage here in Seattle for KubeCon and CloudNativeCon 2018. I'm John Furrier with Stu Miniman, three days of coverage around the CloudNative growth, around the ecosystem, around open source, and the role of microservice in the cloud. Our next guest is Roland Garcia, who's the IBM Distinguished Engineer for IBM's Hybrid Cloud. Welcome to theCUBE. Thank you, glad to be here. Thanks for joining us. Being a Distinguished Engineer at IBM is a pretty big honor, so congratulations. It means you got technical chops, so we can get down and dirty if we want to, but I want to get your check on this because a lot of companies in IT are transforming. That's right. And that's been called digital transformation. It's happening, and cloud has helped scale, and the wish list, if you had the magic wand, if you can make things do better, is actually happening. Kubernetes is actually creating some goodness that if you had the magic wand, if I asked that question three years ago, if you had a magic wand, what would an environment look like? Seamless operations around the cloud. So it's kind of happening. How are you guys positioned for this? Talk about the IBM cloud, what you're doing here, and how you see this cloud native market exploding. Obviously, there's 8,000 people here up from 4,000 last year. Yeah, that's a great question. I think I work a lot with our enterprise clients. I'm part of what's called the IBM Cloud Garage, so I'm very customer facing. And oftentimes we're seeing that there's different paces of a journey. And so, for example, I worked with a client that started building a cloud native application. They built about 60 microservices, and at the end of that, they were deploying it as one job, which means they defeated the whole purpose of microservice architecture. And so what we really need to think about is an end-to-end journey. I think the developers are probably the more modern role in an enterprise, but we're starting to see modernization of an operations team, for example, and adopting culture and cutting down the walls of IT organizational groups into mixed squads, adopting something like a Spotify model. And I think a lot of the challenges in adopting Kubernetes is really in cultural aspects in an enterprise. That make sense? And because network guys are different than the app guys, and now they have policy knobs on Kubernetes. They could play with network guys love policy. Yeah, and they're fighting over ownership, right? Yeah, Roland, we look at that modernization, the application modernization really is that long-haul intent. And what we hear here is you need to be able to meet customers where they are. Sure, there's some stuff they're building, shiny and new, and have the developers, but enterprises have a lot of applications, and therefore there's a grand spectrum. What do you hear from customers? What's the easy part and where's the parts they're getting stuck? Yeah, so I think the easy part is writing the application. I think where they're getting stuck is really scaling it to the enterprise, doing the operations, doing the DevOps. I always tell people that a modernization journey might be better started by taking a certain class of applications like middleware. We have a web sphere heritage from IBM, and saying, why don't we take a look at containerizing that? We've built tools like Transformation Advisor that'll scan your web sphere applications and tell you what do you need to change in that middleware application to make it behave well in a containerized platform. Then from there, you built your DevOps engine, your DevOps pipeline, and you really start to get your operations teams going in delivering containers, delivering applications as containers, and then getting your policies and your standards in place. Then you could start opening up around innovation and start really driving towards building cloud native new applications in addition to that. Yeah, one of those areas we've been talking about in the industry for decades is automation. Conversation is a little bit different these days. Maybe you can bring us up to speed about what's different today than say the web sphere days. Yeah, I think IT organizations have always done a bit of automation. I think they're right scripts, they automate builds. I think the mantra that I use is automate everything, right? Organizations need to really start to automate in a new way how I deliver containers, but delivering the app is not enough. I need to automate all levels of testing in a modern way. Test-driven development is big. At the IBM Cloud Garage, we have something we call the IBM Cloud Garage method, which really takes a set of practices like test-driven development, pair programming, things out of lean startup, extreme programming, and really start to help enterprises adopt those practices. So I say, why can't we automate end-to-end performance testing in the pipeline and functional testing, and writing them early and in the beginning of projects that way as I'm deploying containers which are very dynamic, along with configuration, along with policy, you're testing it continuously. I think that level of automation is what we need to get to. Talk about security as well, because security is one of those things where it's got to be baked in up front, you got to think about it holistically. It's also now being pulled out of IT, it's being more of a board function because the risk management is one hack you could get crushed. And so you got to have security. And the container is a security boundary issue, so it's important. Last week we met with an insurance company, we did a workshop, and they walked us through all the compliance steps that they need to go through today, how they do it with traditional middleware and virtual machines and hardware. And it was a very, what I'm going to say, governance-driven process. And so a lot of checks and balances stop, don't move forward, which is really the industry for developing and innovating is going the opposite way, self-service and enabling, and there's a lot of risk with that. And so what we're really trying to do with technologies like multi-cloud manager technology we have around multi-cluster management is how do I do things like I want to check which clusters are HIPAA compliant? Which ones are out? How do I enforce that policy? Now that everything is software-driven, software-developed, there's an opportunity to really automate those checks. To your point, automate everything. Yeah, automate everything. Governance is a service. Yeah, that's right. And actually that can help get away from error-prone human checks, where it had all these tons of documents of all different policies they have to go through can now be automated in a seamless way. So compliance and governance could be a stumbling block or it can be part of the software? That's right. That's what you're getting at. That's what I'm getting at. I think the transition is, look at it as an opportunity, now that everything is software-driven, use software disciplines that developers are used to in those security roles, in those CISO roles, et cetera. So I want to ask you a question. So one of the things we're seeing, obviously with cloud is it's great for certain things and then on-premises that does latency issues, we saw Amazon essentially endorse this by saying RDS on VMware, on-premises, they announced Outposts at Reinvent. Oh, latency, things aren't moving into the cloud as fast. So you're going to see this hybrid environment. So hybrids, we get that, it's been around check. No real discussion there other than it's happening. The real trend is multi-cloud, right? That's right. Multi-cloud is just a modern version of the word multi-vendor about the client server days. So in the systems world, multi-vendor meant choice. This is a fundamental thing. So it's not so much about multi-cloud as it is about choice. That's right. How do you guys see that? Obviously you are in an environment where you have a lot of customers who don't have one cloud. That's right. So this is a big upcoming trend in 2019. Most of our clients have at least five different clouds that they deal with, whether it be an IaaS, a PaaS, a SaaS-based solution. What we're seeing as a trend is we talked about on-premise and private and enterprises, I think 80% of workloads are still in a data center. And so they want to build that private cloud environment as a transitionary point to public. But what we're seeing across the multi-cloud space is, I'm going to say a new integration space. If you really think 15 years ago, SOA and enterprise service buses in a very centralized fashion, I think there's a new opportunity for integration across clouds and on-prem in a more decentralized way. So I think integration is kind of the next trend that we're seeing in this multi-cloud space because the new applications that we're seeing with cognitive data AI are mixing data sources from multiple clouds and on-prem. And needing to control that in a hybrid control plane is key. It's funny, the industry always talks about these buzzwords, multi-cloud. If we're talking about multi-cloud, then it's a problem. The idea of infrastructure as code is to not even use the word multi-cloud. I mean, if you think about it, if you're programming the infrastructure and enabling the stuff under the covers, why even talk about cloud? It should be automated. So that's the future state. But in reality, that's kind of what enterprises are trying to think about. They are, and I think it's a tension between innovation and moving fast and control, right? The enterprises want to move fast, but they want to make sure that they don't break security protocol, that they don't break resiliency that they maybe have used to with their existing customers and applications. I do think the challenge is how operations teams and management teams start to act like developers to get to that point. And I think that's part of the journey. Open source is obviously a big part of this show. And that's open source. People contribute upstream. It's great stuff. IBM's a big contributor. And even more when Red Hat gets into the mix. So upstream is great. But as you got 8,000 people here, you're starting to see people talking about business issues and other things. One of the downstream impacts of this conference being so open source centric is the IT equation. And then just the classic developer, right? So you have multiple personas now kind of interacting. You got the developer, you got the IT architect, cloud architect, pro, whatever. And then you got the open source community members. Sure. Melting pot, good challenges, thoughts. So I think it's, so developers love that, right? I think from an enterprise perspective, there are issues. We're seeing a lot of our clients with our private cloud platform ask us to build out what's called an air gap environment, which is, how do I build up an open source style ecosystem within my enterprise? So things like getting an artifactory registry or a Docker registry or whatever type of registry where I get certified open source packages in my enterprise that I've gone and done security vulnerability scans with. Or that I've made sure that I look at every layer from the Linux kernel all the way up to whatever software is included. So we're seeing is how do I open the aperture a bit but do it in a more responsible fashion, I think, is the key. Yeah, and that's for stability, right? Yeah. So Stu, one of the things I've been talking about, I want to get your thoughts on this, Roland, is that you got the cloud as a scalable system. And one of the things that's being discussed in Silicon Valley now for the first time, we've been saying on the queue for years, is the cloud's a system, a system architecture, it's network distributed computing, art, paradigm. All that computer science has been around for a while, right? So if you've been a systems person, whether hardware or whatever operating systems, you get cloud. But also you got the horizontal specialism of applications that are using machine learning and data and applications, which is unique on top. So you have the collision of those two worlds. This is kind of a modern version of two worlds that we used to call systems and apps, but they're happening in a real dynamic way. What's your thoughts on this? Because you got the benefits of horizontally scalable cloud. And you now have the ability to power that. So we're seeing things like AI, which has been around for a long, long time, have a renaissance because now you got a lot of compute. That's right. I think data is the real big challenge we're seeing with a lot of our clients. They have a lot of it in their enterprise. They don't want to unlock it all right away. We recently did what's called IBM Cloud Private for Data, in which we've brought in a set of technologies around our AI, our Watson Core, to really start leveraging some of those tools in a private manner. And then what we're seeing is a lot of applications that are moving to the cloud have a data drag. It might start as something as simple as caching data in no SQL database, but very quickly they want to learn a lot more about that data. So we're seeing that mix happening all the time. Yeah. We've had someone say in the cube, ML is the new SQL. Yeah. Because you start to see these abstraction layers are a beautiful thing if they're connected. So I want to get your thoughts on this because everyone's kind of in discovery mode right now, learning, there's a lot of education. I mean, we're talking about real big time players, architects are becoming cloud architects, sys admins are becoming operators for a large infrastructure scale. You see network guys going, wait a minute, if I don't like get on the new network programmable model, I'm going to be irrelevant. So a lot of persona changes in the enterprise. How are you guys handling that with customer? I know you guys have the expert program. How are you, comment on that dynamic. I think what we're doing is we use the IBM cloud garage to bring in practices like the Spotify method where we start pushing things like What's the Spotify method? Spotify method is a way of doing kind of development where rather than having your disciplines of architects, development, operations, we're now splitting teams, let's say functionally where I have mixed disciplines in a squad and maybe saying, hey, the person building the account team has an SRE, an ops guy, a dev guy, all within their same squad. And then maybe have guilds across disciplines, right? And so what we do at the garage is we bring them into one of the garages. We have 14 locations worldwide. Maybe do your first project. When we build enablement and education around that, bring it back to the enterprise and start making that viral. And that's what we're doing in the IBM cloud garage. So not a monolithic thing, breaking it down, integrating multiple disciplines, kind of like a playlist. Yeah, that's right. And I think the best way to do it is to practice it, right? In action, let's pick a project rather than talking about it. If I had to ask you in 2019, what is the IT investment going to look like with Kubernetes impact? How does Kubernetes change the IT priorities and investments for an enterprise? Yeah, so I think you'll see Kubernetes become a vehicle for enterprises to deliver content. So one, the whole area around Helm and other package managers as a way to bundle software. I think as people build more clusters, multi-cluster management is going to be the big trend of how do I deal now with clusters that I have in public cloud, in private cloud, all different clouds. And I think that integration layer that I talked about where, what does modern integration look like across Kubernetes-based applications? Someone asked me last week at re-invent, hey, can't we just automate Kubernetes? And I was like, well, it's kind of automated now. What's your thoughts on that? So I think when someone asks a question, what does it mean to automate that? I think the Kubernetes stack really sits on top of IaaS infrastructure. And so for example, our IBM cloud private, you can run it on Z-Linux or Power. And we have a lot of IBM folks that run multi-architecture clusters. And therefore they still need a level of automating how I create clusters over IaaS. And there's technologies like Terraform and others that help with that. But then there's also automating, standing up the DevOps stack, automating deployment of the applications over that stack. And I think they mean automating how I use Kubernetes in an environment. So 2019, the year of programmability and automation creating goodness around Kubernetes. Yeah, absolutely. Roland, thanks for coming on theCUBE. Thank you, this is great. Thanks for that smart insight. We've got coverage here, day two winding down. We've got day two three tomorrow. This is theCUBE covering KubeCon and cloud native con 2018. We'll be right back with more day two coverage after this short break. Thanks.