Talking About the Open Source Community, the CNCF, Rancher and Suse – Percona Podcast 56 With Matt Farina

by Matt Farina, Matt Yonkovit

Link to listen and subscribe: PodBean

The Head of Open Source Strategy at Percona, Matt Yonkovit, sits down with Matt Farina, Distinguished Engineer at SUSE to talk about starting out in open source, what helped Matt become a better contributor in the community, and his work on many projects including OpenStack, Kubernetes, and Rancher. Matt Farina talks about how his drive to understand how things work lead him into the depths of some open source code (from Drupal to OpenStack, to Rancher). Matt was drawn to containers, orchestration, docker, and technologies like Kubernetes, etc. The pair of Matts dig into the ongoing and upcoming projects at Rancher and Suse, their shared experience in Kubernetes, and Matt’s ( Farina ) work with the CNCF as part of their Technical Oversight Committee (TOC).

YouTube

Link: https://youtu.be/ldQRgCQ7Fuc

Matt Farina

Distinguished Engineer at SUSE

Matt Farina is a Distinguished Engineer, driving development of new open source solutions and supporting open source software leveraged by SUSE. Matt is a software engineer and architect primarily focused on cloud applications, web applications, and services. He is also and author and speaker.

See all talks by Matt Farina »

Matt Yonkovit

The HOSS, Percona

Matt is currently working as the Head of Open Source Strategy (HOSS) for Percona, a leader in open source database software and services. He has over 15 years of experience in the open source industry including over 10 years of executive-level experience leading open source teams. Matt’s experience merges the technical and business aspects of the open source database experience with both a passion for hands on development and management and the leadership of building strong teams. During his time he has created or managed business units responsible for service delivery ( consulting, support, and managed services ), customer success, product management, marketing, and operations. He currently leads efforts around Percona’s OSPO, community, and developer relations efforts. He hosts the HOSS talks FOSS podcast, writes regularly, and shares his MySQL and PostgreSQL knowledge as often as possible.

See all talks by Matt Yonkovit »

Transcript

Matt Farina:
So when I look at things, I don’t just look at what’s out there, because everything is out there. I try to figure out what’s going to be useful, useful to me or useful to lots of other people’s customers' friends if it’s just something that kind of thing I’m looking for who’s it going to be useful to? And why I want to be able to justify that.

Matt Yonkovit:
Hi, everybody, welcome to another HOSS Talks FOSS. I am the Head of the Open Source strategy at Percona, or the HOSS for short, Matt Yonkovit. And today we are here with Matt Farina from Suse. How’re you doing today, Matt?

Matt Farina:
Hi, thanks for having me, Matt.

Matt Yonkovit:
Ah, see, we have two Matt today is the double Matt show, which is always fun and exciting. So, Matt, you have been in the open-source space for years and years coming out of college, you started to get involved fairly early on, and have continued your open-source journey. And so we’d love to hear a little bit about you, how you came to the open-source community, and some of the cool things you’ve done over the years.

Matt Farina:
Sure. So I started using open-source a long time ago. Back in the 90s, I was a consumer of open-source, I had my first Linux on DVD or CD back then I would install and I was using open-source back then. But after college, I went to college to get an electrical engineering degree, because I wanted to know how software ran on chips. It just fascinated me.

Matt Yonkovit:
That’s unusual, right? Because people don’t necessarily start with electrical engineering for a software career.

Matt Farina:
Well, I started actually writing software back in elementary school. And so by that point of writing software for all those years, I really had this hankering, what was going on underneath what was happening in the hardware, how did it work. And so I came out of college with an electrical engineering degree. And I ended up going to work at General Dynamics doing military systems, and I was doing electrical engineering work, I worked in diagnostics and testability engineering, which is how to basically figure out something failed. So it can be easily repaired. That’s where I ended up. And I ended up working first on some of older vehicles and diagnosing things, which was one of the best and most educational experiences of my life. And that’s because I had to get outside of my own head, about half of that job had me paired with an end-user, a guy who actually had to fix stuff and deal with vehicles. And I just had to sit there with him and go through stuff, take notes, correct things, learn from this guy who had all this knowledge. And I really grew to respect who the end-users were, and their vantage point. And I think that’s something that’s carried with me throughout everything because I had to learn to get out of my own head and get out of my way and listen to others.

Matt Yonkovit:
And that’s, that’s an interesting start, and not to interrupt. But my career started early on in the database space. And I remember being at Penske logistics, and one of the activities that they did was have you do ride along and trucks to see how the truck drivers would use you heard logistic stuff, as well. So very similar story in the early days.

Matt Farina:
Yeah, yeah. And I think it’s really valuable to know what people are doing with your stuff. Because that just teaches you so much about that environment. And if you’re just making it up as you go, it can quite often be different from what somebody is really doing with it.

Matt Yonkovit:
Yeah, definitely. So from that, you kind of dove into a bit of a different role where you started to do more develop software.

Matt Farina:
Yeah. So I was working on hardware stuff. And I ended up working in new hardware stuff. And in the military design cycle, it takes years to get something to market. And I am entirely impatient. And I learned software, Save, Compile run. It was beautiful. It was fast. You can ship like that, right? Yeah, it’s great. I couldn’t handle not shipping quickly. So I first went to a Software Group there but then I ended up switching to it during that time I started doing open-source. I had a friend who was doing websites he needed a platform to do first we started off with some small libraries. And that was right around the time WordPress and Drupal were becoming big. And we ended up on Drupal because it offered more flexibility. And at first, I was consuming Drupal and then I got into large-scale contributions, new modules, new add-ons to Drupal and then Drupal itself I ended up working on. And that was really my big leap into contributing at scale. Before that it was little things here and there I’d contribute. That’s really when I invested in one thing and started to contribute. And that community taught me a lot about what it meant to be a good contributor, right! code, reviews, reviews are a huge thing, just writing code and throwing it at somebody and expecting, they’re just going to pick it up. That doesn’t work giving good reviews to others and helping them grow in that’s useful, getting up and speaking, and teaching others how to do things, which makes them better contributors, that community taught me so much about not just writing code, but everything involved in contributing and maintaining that software.

Matt Yonkovit:
It’s interesting, because when we talk about contributions, there’s often a misconception around contributions, that it’s code only. And there’s so much else you mentioned, speaking, you mentioned, mentoring, you mentioned reviews, and doing different activities that are so valuable to projects that a lot of people minimize, but they’re really, really important.

Matt Farina:
Yeah, they’re very valuable. And even if you’re not a maintainer you can jump in, and you can give code review feedback, if little things that they expect and what they like, and that makes a change request, pull request, patch whatever you’re working on, better when a maintainer does get around to it, because it’s been well-formed for them that feedback that they just have to give out all the time. They don’t have to, because somebody else has helped that. And that helps you get further along in your contribution life and all of this stuff.

Matt Yonkovit:
Yeah, absolutely. And I think that it’s, it’s so important for people to realize that because it’s often hard for people to get started even. And they don’t know where to begin with an open-source project. Because sometimes they’re not confident in their coding skills. They’re not confident in their technical skills. But they might have used the product, they might have some insight that is valuable to share, but they just don’t know how to go about doing it.

Matt Farina:
And I’ll say, reviewing pull requests, and then trying to figure out why they did what they did, or why did it work that way, or what was going on, and then going out and reading up more about it. Right. So one of the things that I got involved in at that point was web performance because it’s a web thing, right? How do you make this perform? Why was web Performance important? And then what kinds of things are you doing? And how does that work? Right, I ended I remember, at one point, I learned how you know about TCP round trips, how many round trips and how it scaled up in size compared to that and looking at performance from that point. And learning all of that was trying to figure out why somebody else’s patch, work the way it did, why they were doing, what they were doing it, how it mattered. And trying to dig into those harder things, and then go outside and research the space, is one of the ways I’ve learned so much in my career.

Matt Yonkovit:
Yeah, yeah, I mean, and that’s, that’s a great point. Being able to review the code, what people are doing, how they’re thinking. It provides you with a guidebook or a roadmap for your own skill set and your own growth. And it’s very well,

Matt Farina:
From there. I decided I wanted to do the open-source stuff full time, and there were Drupal agencies. So I went to my first agency, then a second agency, doing Drupal consulting, Drupal development, Drupal work. The second one I stayed at for about two years was Palantir dot net, not the Palantir everybody thinks out. This is a Chicago-based consulting company. Palantir dot net. And that’s actually where I met Matt Butcher, who he and I have collaborated on numerous things now another Matt.

Matt Yonkovit:
The lesson here is you’re in a good spot if your name is Matt, …

Matt Farina:
Well, he and I have worked on numerous, we’ve worked at two companies. We’ve worked on numerous open-source projects together. And we’ve co-authored three books together. And so that was the start of a nice partnership between people in different places over time. But I worked there for a while doing Drupal stuff, and then somebody else who I’d met from the Drupal and just a web development space pulled me into Hewlett Packard, and this was before HPE and or Hewlett Packard Enterprise and HP Inc, had separated the business and split apart. And it was one gigantic company to go work in HP cloud. And I started there just doing web stuff, the same Drupal stuff I had been doing before. But my desire to tinker and work on things led me to do other things over there, working on a marketplace, which is another web thing but I have a bunch of automation in the back. Working On, we ended up doing Cloud Foundry-based stuff. That was really exciting. That’s That was actually my first foray into containers. And before Docker and Kubernetes, and everything, anything, you had stuff like Cloud Foundry, which was built on Aleksey containers at the time, and based on the kind of like Heroku in a box, and doing stuff in that space and learning how all that stuff worked. Even before this is probably 2012. Before you had Docker and Kubernetes. And all these other engines, you still had container orchestration through systems like Cloud Foundry, just had a pat on the front of it. And eventually, I landed, and every so often things would change, I would do something else. I ended up after a little while working, doing just new research and development with Brian Aker, who yeah, who was a fellow at the time, and we were doing R&D work inside of HP? Yeah,

Matt Yonkovit:
Yeah. Brian used to work at MySQL AB, he had developed quite a bit of the technology that made it into the core MySQL engines, built a few engines on the side. For those of you who don’t remember, he also did a slimmed-down version of MySQL called drizzle and was very active in the OpenStack space for quite some time. So that’s, that’s, that’s great that that kind of HP growth from just a web developer to someone who is starting to think about what the future is, and try and figure out how to take where we are today and move us forward. And that’s, that’s a good transition. I like how you phrased it as tinkering, because a lot of people in the open-source space, start there. The tinkering is what really motivates them, it’s how does this work? How do I break it apart? And can I optimize it? It’s almost like the old days of people souping up their cars tuning them up, or when I was in college, I used to build all my own machines and try and get the most performance out of them. It’s that sort of mentality that often you find really drives a lot of open-source, contributors, and community members.

Matt Farina:
Well, you brought up a bunch of interesting things. So along the way, I actually did open tech stuff, which was one of the things that I failed, to talk about. We did some really neat r&d And some stuff on OpenStack at the time, so it had moved beyond web development at that point into some of the OpenStack events. And, but you’re right, I’m an engineer at heart, I like to take things apart. When I was 16. When I first got into cars, I worked on them myself. In fact, I still work on my own cars today. And I agree with you on computers, because there’s a laptop out there called a framework laptop, and it’s one that is entirely and completely repairable, you can literally take it apart, they send you a screwdriver in order to let you do that, right. And I got one early on because I like the ability to work on my own stuff. And I’ve built my own computers over time. And so that Tinker, take it apart, refactor it toy with things is definitely part of who I am to understand how things work and what I can do with it.

Matt Yonkovit:
Yeah, and you see that with the software side, especially on the open-source space, where products end up being derivatives of other products and other ideas so often, and it’s a really great ecosystem to be able to learn from one another and see what others have done. And if they’ve done it better to be able to adapt and adapt your software and kind of move into a new piece of software, something brand new, that didn’t exist before, but might have some points back to previous products or projects that add success.

Matt Farina:
And as we get into the container space, I think that’s a great segue, because that’s kind of what you saw. We were using Staccado was our Cloud Foundry distribution that it was using at the time. And it came out , and they replaced Aleksey with Docker when Docker came out. Yeah, that was exciting to see a different engine under the hood being used there. And then when Docker came out, then you saw Kubernetes come out and be on top of Docker. Right? And because now you got the orchestration. And now Cloud Foundry had had, they had their DEA’s, which was an orchestration system of its own sort of like a Kubernetes competitor, but you couldn’t use it on its own. And you just saw this, this kind of thing. And now with Kubernetes, you had container orchestration on Docker, but without the PAs in the front. And early on, we saw it and Brian saw and others that Kubernetes was going to be the big thing, kind of the Linux of the container orchestration space or the cluster or data center operating system space. If you see a bunch of machines as one system you schedule across , and we saw this , and so we invested heavily in it. And that’s when I started doing upstream work in the Kubernetes Community. I got involved in CIG apps, which dealt with, actually co-founded CIG apps, which dealt with running workloads on Kubernetes. And how do you make that experience better, because early Kubernetes, didn’t have the workloads API? So there are no deployments or stateful sets or jobs or any of that, you worked with some lower-level things and had to do it yourself. And there weren’t a lot of tools you could use around the space. Initially, there was no package manager or none of it. And so I got involved in CIG apps, I spent a little time co-chairing SEC architecture along the way. But that’s when I got involved in that kind of Kubernetes space. And after doing that for a little while there, I was watching helm along the way while I was at HP. And then when I moved on to Samsung, and there, got involved in their cloud stuff, my boss over there said, Hey, you should get more involved in Helm. And helm is the package manager for Kubernetes. And that’s when I got involved in helm and started doing stuff there. Now I was a lot of doing lots of open-source piecing things together, building solutions along the way. But that’s when I got really big into Helm. That package manager, which was actually started by Matt butcher, the other Matt we had talked about before, because he and I along the way, have done lots of things like one of the other projects we did was a collide, which was a package manager for the Go programming language before going modules and all of that. And so that was our second package manager that I got to work on with them together.

Matt Yonkovit:
Oh, very cool. Yeah. And I mean, I think that getting early on in one of these projects gives you a lot of ability to help guide and have input. in those early days, as you’re talking about some of the new technologies that are starting to evolve. how did you kind of pick directions and like, like, as part of that team, as you as you were starting to get more involved and start doing contributions? How would you come up with what to work on next? What picked your interest? What things kind of like, oh, this is really interesting, I want to dive into this.

Matt Farina:
So when I look at things, I don’t just look at what’s out there, because everything is out there. I try to figure out what’s going to be useful, useful to me, or useful to lots of other people customers friends if it’s a just something I’m that kind of thing I’m looking for who’s it going to be useful to, and why I want to be able to justify that, right. And so when I was looking at the different container orchestration systems, and said, Okay, there are a few useful ones. But on top of that usefulness, who’s already got the mindshare, who’s got kind of the marketing the voice, right? Because it’s more than just building something useful. People got to know about it, they’ve got to know how to use it. And so that’s what kind of led me to Kubernetes and when there were multiple package managers, that’s what kind of led me to Helm. I could kind of see how it was being crafted to be useful, and how there was that voice behind it, that was telling people that they were hearing and wanted it. And so I look for those things when it comes to these larger projects. And that was a big thing for me along the way and picking those

Matt Yonkovit:
So, that led you to Rancher eventually Suse, which bought Rancher. And now you work on Rancher at Suse. Is that correct?

Matt Farina:
Sort of its sort of correct. So I left Samsung to go to Rancher before it was pulled in. But the Rancher going into Suse had already been announced, so I knew what I was getting myself into. And so I joined Rancher, and then it came into Suse, and I originally came into you continue a lot of the open-source contributions, because Rancher wanted to help contribute more to open-source. But then Shang Liang, the CEO of Rancher who’s the president of EMI over at Suse, of engineering and Innovation at Suse said hey, I’ve got ideas of things we want to r&d. And he started pulling me into some of the new things we wanted to create. Because as Rancher came in, and it was kind of this known Kubernetes cluster management system where you can manage lots of clusters, and we’ve had iterations Rancher had worked on other things as well. We saw Rio which is now an archive, we had k3s, which and Longhorn some other things came up alongside that have turned out to be really useful. And we had ideas on more of this and they said, Let’s go do this. And so I got pulled into some of the new stuff we decided to start working on. And I think the first thing that he hit me up on was the Rancher desktop, which isn’t Rancher on your desktop. It’s local Kubernetes cluster on your desktop, and it’s container management on your desktop, all wrapped up as a desktop app that can run we originally thought we’re gonna go after Windows and Mac. And now it’s Windows, Mac, and Linux. But it’s a desktop app for Kubernetes. And container management. And that’s what I got pulled into, after being there about a month and a half just getting on board doing my contributions. Let’s go do something new.

Matt Yonkovit:
Well, that’s exciting, though, right? I mean, coming from that Tinker mentality, it’s often good to have the freedom and the creativity to go try new things and try and innovate. And so that r&d type mentality is something that it’s great when you’re allowed to do it, a lot of companies end up forced to just kind of maintain and keep stable, so, and then innovation is really a good opportunity.

Matt Farina:
Yeah. And at first, when he, when we chatted about it, I walked away from that and went, oh, boy, because it had been more than 15 years since I’d worked on a desktop app. And the space had changed so much. And at the time, it was Windows desktop. And now we’re talking multiple environments. And so I had to go learn that whole tech stack I knew Kubernetes I knew how to run it, and my desktop just through terminals, and things like that. And VMs. But how do I make it an easy-to-use app? And how do I even build a desktop app? So it was a lot of early tinkering and learning technologies and piecing them together? It’s like somebody saying, go build a car, and you’ve never done one before? And you’re like, Okay, well, I know how engines work. I know how there are body panels over here, how do I fat body pen, you had to go learn all that stuff on desktop apps. And so there was a lot of onboarding and learning that early on, and trying to piece together a proof of concepts learned, what worked, what didn’t, until we got to where we are today, where we have, we’re past, and we’ve got multiple environments and easy to use the app.

Matt Yonkovit:
Now, do you find that the Rancher desktop is mostly used for developers and those who are looking to have a local Kubernetes environment for their, own R&D or their own kind of development cycles?

Matt Farina:
Yeah, and that’s kind of what we figured it would be. If you’re I like to break things down into different roles. Some people like persona like roles, you’ve got things like a Kubernetes cluster operator, who’s dealing with your production environments, and QA and Dev and these different environments, and quite often, they don’t have a lot of need to run, like Kubernetes locally, like it’s in your production environment, where they have a need is tools to help them manage those environments, wherever they are, right? Servers, laying down the operating system, bringing up Kubernetes, or maybe interacting with what the service of public cloud has. And that’s really Rancher’s sweet spot. And then there are people who are taking others' applications or taking applications and packaging them up. So they run in Kubernetes. And they run as containers, right. And you see lots of cases were sent your own application, you’re doing that if you take MySQL, Maria, Postgres, Mongo, any of these, and you’ve got to package it up to run it yourself. You’re taking somebody else’s code and material and quite often having to go get it to run. And so you’ve got that role. And then you have the role of the actual application developer who’s writing their own code, and they want to just have it running Kubernetes. And they’re developing locally, they want to have that inner loop or save, see how it works, go make more changes, save, compile, or maybe just refresh, see how it works. And so you’ve got these, that model there. And they know, it’s going to be in Kubernetes, or it’s going to be in a container. So how do I test to make that work? And you kind of got those roles. And that other role is where we went after with Rancher desktop.

Matt Yonkovit:
Yeah, and I mean you mentioned that different use cases. And obviously, where I work, we’re all about the databases, we’re all about the Stateful applications, which classically has not been a sweet spot for containers or Kubernetes. And there’s been a lot of work over the last few years to get towards that. And we’ve been working with data on the Kubernetes community. But that is a difficult space, often because the application development paradigm around microservices around how apps are being built today, these cloud-native apps, it doesn’t always fit into what databases need to do in order to maintain that state and maintain consistency, it’s been an interesting challenge.

Matt Farina:
It really is. And for a lot of application developers, what they love is the fact that they can go grab a Helm chart and install a database or they can go grab an operator and haven’t handled the database for them. And then they just work on stateless business logic. And the hard part state is somebody else’s problem.

Matt Yonkovit:
Yeah. Yeah. And, and that that presents a challenge. And I think we’ve started to see, many new companies start to crop up in the open-source or open-source compatible space, if you will, where you’re you’re building these cloud-native databases that are built on heavy clustering to try and make it as seamless as possible. So I mean, there’s a lot of innovation around that space as well. But from a Kubernetes perspective, one of the things that I’ve often I don’t know if I would say fret, or I thought about the number of different ways or a number of different packages, a number of different flavors of Kubernetes, depending on which cloud provider you’re on might be a little bit different than another cloud provider. Everybody has their own little ways of doing things. And that makes it challenging. Now, it’s great that from an open-source perspective, people are able to adopt, but it does make it a little more challenging to get consistency. And I know the CNCF is doing quite a bit about that. And I know you’re on the technical oversight committee there. So what is the technical oversight committee, and maybe tell us about some things happening over at the CNCF.

Matt Farina:
So I was recently elected to the technical oversight committee. And so I have become quite vocal over there. Mostly as a project maintainer. And a generally vocal person, I’ll tell you what I think, for better or worse, and the TOC o kind of oversees the projects, but not in the sense of, we’re going to tell projects, what to do, or how to do things. We oversee each open-source project that’s in the Cloud Native Computing Foundation, CNCF. And the CNCF is underneath the Linux Foundation, right? It’s a sub-foundation of the Linux Foundation. And each project is self-governing. And they don’t all have the same governance and the technical oversight committee kind of oversees the landscape of projects that are actually joining it, the criteria for them to advance along the way from a sandbox to incubating to graduated, if projects need to be archived, they’ll evaluate new projects coming in to see is this a good project fit. They’ll give guidance to projects, we’ve now created technical advisory groups, tags that are working on papers, and guidance to try to help projects and people kind of navigate the space. While each project is self-governing, we’re there to try to help them along, give them guidance, and set targets for them. Right as they’re going along. What kind of things would we like to see out of them that they don’t do today, and maybe set some of those as goals and not just for individual projects for all the projects collectively to think about. But at the same time, we’ve set up an environment where we’re not trying to make a king out of one project or another. We like we are happy to have two projects in the CNCF that directly compete with each other, let the market decide, and do those kinds of things. We very much act as technical facilitators.

Matt Yonkovit:
Okay. Okay. And that enables you to kind of see some of the things that might be coming down the pipeline, right? If you’re looking at different projects, maybe what you want to include, or what might be interesting to get involved with CNCF, I’m curious, what new things do you see coming in the future here in this space that kind of excites you or get you really curious?

Matt Farina:
I would say it’s, it’s a very hard thing that we’re getting into. But it’s interesting, and that’s Edge. you hear so often you think of cloud computing, you think of public clouds, or even if you go back to OpenStack, people tried to set up public clouds with it, there are some that are like that, but many of them ran as their own private clouds or their own private data centers with public cloud-like features. And that’s even where Kubernetes had a lot of its strong spot. But now we’re seeing a start to get smaller and smaller and more people talking about the edge and proposing projects, who either directly say edge, like there’s a CNCF project called cube edge, right? Or there’s K3s, which is a Kubernetes sandbox project that came out of Rancher and it’s kind of a smaller, pared-down distribution of Kubernetes that uses fewer resources. And you see people talking about using that in more edge scenarios as you get away from that nice connectivity like k3s offers all the images it needs in just one pack you can download for its air-gapped images because it knows there are these places with poor connectivity or no connectivity, you may, you may need it. And you see more things, there’s cube edge and the CNCF, that are directly saying, Hey, this is an edge. And so I see that as a big thing. And so those same ideas you took to the large public clouds and data centers see people trying to take to these really small environments, so you can manage your workloads and run the same things in the same way.

Matt Yonkovit:
Yeah, and I think that’s something that as we’ve advanced in the technology space, there’s an insatiable demand for more data and more real-time access to it, which has driven a lot of that desire to keep things out there. So think about how many devices, IoT devices, are out there. I mean heck, my daughter’s toothbrush reports back to a web app that tells her if she brushed her teeth enough, right? It like you think like, what, but we have customers, for instance, in the retail space, who they want systems that are at individual retail locations that have redundancy, and everything built in to do all kinds of processing locally, and then they sync up, they push data with the master servers back in whatever data center they have. And I think that’s a very classic model when you talk about distributed systems to have different locations, but now we’ve taken it to the nth degree because everyone’s phone has so much data on it, everyone’s devices, my refrigerator, my laundry all these different things have little bits of data and being able to access them do processing on them, is often something people want. And the ability to build those systems in a way that is resilient and will handle outages is critically important. So I do definitely see a lot of that desire for more information on the edge, more redundancy, but it does bring up kind of an interesting problem, which is, instead of dealing with managing and maintaining just a few systems, now you’ve got 1000s, or even 10s, of 1000s.

Matt Farina:
Yeah, and so your management problem has grown, and the kinds of software you’re writing have grown. I’m always amazed that when I have to deal with stores Home Depot, Lowe’s, Walmart, any of these stores, right, and they’ve got all these locations, but 1000s of locations, and I can go to their website, and I can find out what’s in stock at a particular store. Because they’ve got the inventory management. They obviously have it in that store. And they’ve got it synced up so that way their websites and systems can access that inventory and use it elsewhere. And that’s a distributed data problem, and how do you deal with it? And of course, then there are things like beacons, right? If you remember, I remember I was shocked when that technology came out, people put beacons through their stores, so they could track as people walked through their aisles. And if you collect a lot of data there, you don’t want to send that everywhere. Because then you’re dealing with that egress and ingress and extra cost of bandwidth. There’s a lot of data to move around. And so there was a concept I learned a while ago called data gravity. And you want to process where your data is at where your data is, that kind of pulls in your compute. And so being able to do more of that at your edge location, so you can work stuff out without having to move it is very useful. I mean, that’s been Apple’s bread and butter with the iPhone, right? They put these neural engines and chips in there. So they can do more of the processing locally, instead of sending it back to their data centers. And they say they do in the name of privacy quite often. But it also has to do with things like bandwidth and moving data around and tracking all of that. And so it’s interesting to see this becomes a large distributed systems problem. But it does mean there’s a call for more management and computing power out at those Edge locations.

Matt Yonkovit:
Yeah, I mean, yeah, it is a shift. It is something that we have to get used to. I think it’s I think it presents a lot of challenges. You mentioned privacy, that’s one that we often don’t, we think a lot about, but I don’t think we realize how much data is out there. And how many people have it? Right. And you mentioned walking through stores and being able to track I mean, there’s quite a few different data points and it’s hard to sometimes secure all the different systems, let alone troubleshoot them. So I think that there’s a lot of effort that is coming out to try and manage and secure the herd, if you will, of systems.

Matt Farina:
And I think that that’s one of the interesting things working for Suse, we’ve got a group that does edging out, right, it’s one of the things we go after. And you can go read it in our marketing materials, one of our, our things we chase after, and Suse is a German company headquartered out of Germany. And so, privacy and the EU laws on privacy, and all this stuff has been, since I joined, I didn’t even realize it’s all taken into very careful consideration along the way with what we do. And those conversations happen. And we look at it because that’s a natural part of that culture coming out of there. And so when, when I think of edge now, and I think, of those things, privacy comes to mind because so many of my great co-workers have kind of reminded me over time about those angles, and the different laws and the implications and how that applies to situations because they’ve just so long thought about it.

Matt Yonkovit:
Yeah, and I think being the global world that we are, and how we all do business that transcends borders, you’re often restricted to what the laws and privacy of some of the more strict countries or regions are, because you are crossing boundaries, and the EU has done a good job with GDPR. And with some of the privacy laws, I know, the US is starting to try and catch up with some of theirs, but it’s more state by state. So there, there is quite a bit of emphasis there to keep people’s data private, I mean, for the most part, I think people want, their data kept private and secure. They want to be able to get what they need, whenever they need it, and make sure it’s always available. And I think if you hit all those three people are happy. So I think that those are important topics there. Now, you mentioned what’s going on at Suse? I’m interested you mentioned some of the Rancher desktops, what are some of the other exciting things that you might have been working on or that the team has been putting out.

Matt Farina:
One of the other ones is we have something called the base container images. So SLE is our Linux distro. And it’s known for being very, very secure. Right, when a vulnerability comes out, we typically release the fix for it at about the same time the vulnerability is made available to the world, right, we’re really on top of it, it’s a highly secure enterprise distribution. And when it comes to container images, though, we’ve recently come out with the base container images. And they come in things like just a very minimal thing on the bottom, where you just have that Linux distro with your base system library. So it’s not a scratch container, you can get them with builder runtime tools, like NoJS, or the Go programming language. And there’s a flavor of those. And what I find really interesting about these is the update, and you can get updates for them at the same cadence with things like CVE, and stuff like that you can regular SLE for. So if there’s an update that comes out and we rebuild dependencies and, and make the latest patch set available with everything fixed, that becomes available to these base container images. And it’s very easy to just replace the one underneath with now the secure one. And in this world where the secure supply chain and security vulnerabilities become a really big deal. Actually having those bottom base layers for my container images be built on something very, very secure, is really interesting to me. And so that’s one of those things that we’ve been working on that I really like I want to build more stuff on it and then constantly update that bottom image. So that way, everything is secure. And we release updates quickly.

Matt Yonkovit:
Well, and I mean, that’s, that’s a good process because it makes it easier for administrators and end-users. It helps you automate that process more. I mean, I’m an old school person and I’m guessing so are you when when when I started, it was all command line, it was all by hand it was you might write some shell scripts to do it. But if you didn’t write shell scripts to do it, it wasn’t gonna get done. So a lot of by hand things which meant that you miss some things. And now we’re in a process where people are looking for more automation, the easier way to do the mundane things, and security is so important, but you want to make it so it is easy for them to be secure. They don’t have to jump through hoops. They don’t have to potentially miss a step or keep something that’s vulnerable. And, quite frankly, there are a lot of people who are running technology they don’t understand. So if things do have the ability to auto-update or keep things up to date, it’s better for everyone. Especially in the database space, what I’ve seen is the majority of data leaks come from people who do silly things, right, they copy a database over, they leave it with no password, they use it for a test for five minutes, or whatever to do some reporting, and they forget about it, you know. So anything we can do to secure the systems easier, I think is going to benefit everyone, because we spent a lot of time and effort making technology more accessible for everyone.

Matt Farina:
Yeah. And thinking of security gets me into another one of the things we’re working on. It’s a project called Kubewarden. And it’s an admission controller for Kubernetes. But it’s got an interesting twist to it over some of the things like a gatekeeper and some stuff in the CNCF today. And that’s you can write your policies in pretty much whatever language you want, including turning complete languages, and you compile it to web assembly. And it uses web assembly as the standard component that it runs. And so all of these languages, everybody jumping on board, web assembly, which is kind of a really fascinating thing that a lot of it’s being developed to run outside of the web, and other infrastructure places, is the key component there. And so anything that compiles to WebAssembly. Python, if you can even take PHP these days, and compile it to web assembly, can be used to write your policies. But it does allow you to write policies and things like Rigo in some of the existing ways, or take those policies, turn them into web assembly and use those as well. And so it’s a policy engine. And if you’re using PSPs, today, and Kubernetes, which are going away, and or some of this other stuff, you can actually use this as your policy engine. And so if you need to write policies for Kubernetes, and you’re already a go shop or a rush shop, you can just use the same language use you use today. And WebAssembly is a big thing. So

Matt Yonkovit:
Yeah, I think I’ve seen it really grow in popularity over the last few years. So, I mean, I definitely think that people are looking for new ways to do to solve old problems more efficiently and leverage the resources and code that they already have. So I think WebAssembly does help with that. Well, Matt, I wanted to thank you for coming out and chatting with me today, giving us a little bit about your background telling us some of the cool things that are happening over at Suse. As things progress, if there’s something interesting, you want to talk about a new trend, anything, feel free to reach out to us. But we do appreciate having you.

Matt Farina:
Thanks for having me. This was fun. ∎

Comments

Did you like this post? Why not read more?

✎ Edit this page on GitHub