Become a Creator today!Start creating today - Share your story with the world!
Start for free
00:00:00
00:00:01
Play next
Community, Opensource and Kubernetes with Brendan Burns and Ganesh Ashokavardhanan image

Community, Opensource and Kubernetes with Brendan Burns and Ganesh Ashokavardhanan

S2 E28 · Kubernetes Bytes
Avatar
289 Plays2 years ago

Ryan (@wallywalls22) and Bhavin (@bhavin04890) talk to Brendan Burns (@brendandburns), co-founder of the Kubernetes open source project and corporate vice president for Azure cloud-native open source, and Ganeshkumar Ashokavardhanan (@ganeshkumar_av), Software Engineer in the Azure Kubernetes Service (AKS) team about community, Kubernetes and open-source at Microsoft. They also discuss how Ganesh was able to start as an intern and work his way into a fun full-time position with Azure Kubernetes Service. Come listen and learn about all of this and more! Show Links: KEDA https://keda.sh/ Virtual Kubelet https://github.com/virtual-kubelet/virtual-kubelet AKS enhancements - https://techcommunity.microsoft.com/t5/apps-on-azure-blog/azure-kubernetes-service-aks-updates-for-seamless-developer-and/ba-p/3407089 Container Apps GA https://techcommunity.microsoft.com/t5/apps-on-azure-blog/azure-container-apps-general-availability/ba-p/3416885 MS Build Sessions  https://mybuild.microsoft.com/en-US/sessions/cf62806e-b0a6-48ca-9664-92298b049abf https://mybuild.microsoft.com/en-US/sessions/b8cb89fa-f065-4711-8ec2-91b41bb39acf

Recommended
KubeCon NA 2024 News Recap image
KubeCon NA 2024 News Recap
S4 E23 · Kubernetes Bytes
00:58:24·2 months ago
Increasing AI adoption using Kubernetes image
Increasing AI adoption using Kubernetes
S4 E22 · Kubernetes Bytes
00:52:03·2 months ago
Monolith to Microservices using Kubernetes at Guidewire image
Monolith to Microservices using Kubernetes at Guidewire
Kubernetes Bytes
01:06:28·3 months ago
Inference in Action: Scaling Al Smarter with Inferless image
Inference in Action: Scaling Al Smarter with Inferless
S4 E20 · Kubernetes Bytes
00:55:17·3 months ago
Container security with Wiz image
Container security with Wiz
S4 E19 · Kubernetes Bytes
01:02:33·4 months ago
Dagger.io Deep Dive with Co-Founder Sam Alba image
Dagger.io Deep Dive with Co-Founder Sam Alba
S4 E18 · Kubernetes Bytes
01:06:24·5 months ago
Running Ray on Kubernetes with KubeRay image
Running Ray on Kubernetes with KubeRay
S4 E17 · Kubernetes Bytes
00:53:06·5 months ago
Building scalable data platforms using Data on EKS image
Building scalable data platforms using Data on EKS
S4 E16 · Kubernetes Bytes
01:02:20·6 months ago
Deploy and fine-tune LLM models on Kubernetes using KAITO image
Deploy and fine-tune LLM models on Kubernetes using KAITO
S4 E15 · Kubernetes Bytes
00:44:17·6 months ago
The business case for cloud-native and Kubernetes image
The business case for cloud-native and Kubernetes
S4 E14 · Kubernetes Bytes
00:54:24·6 months ago
Building the AI Hyperscaler with Kubernetes image
Building the AI Hyperscaler with Kubernetes
S4 E13 · Kubernetes Bytes
00:54:56·7 months ago
Shifting Minds: Exploring OpenShift's AI Landscape image
Shifting Minds: Exploring OpenShift's AI Landscape
S4 E12 · Kubernetes Bytes
01:05:07·8 months ago
Training Machine Learning (ML) models on Kubernetes image
Training Machine Learning (ML) models on Kubernetes
S4 E11 · Kubernetes Bytes
00:55:29·8 months ago
The evolution of service mesh technologies image
The evolution of service mesh technologies
S4 E10 · Kubernetes Bytes
01:08:00·9 months ago
What are Vector Databases image
What are Vector Databases
S4 E9 · Kubernetes Bytes
01:03:06·9 months ago
KubeCon EU Paris News Recap image
KubeCon EU Paris News Recap
S4 E8 · Kubernetes Bytes
00:47:39·10 months ago
Open Policy Agent (OPA) 101 image
Open Policy Agent (OPA) 101
S4 E7 · Kubernetes Bytes
01:07:20·10 months ago
Ops Ops Hooray! Navigating IDPs from an Ops perspective image
Ops Ops Hooray! Navigating IDPs from an Ops perspective
S4 E6 · Kubernetes Bytes
00:58:17·11 months ago
Generative AI on Kubernetes image
Generative AI on Kubernetes
S4 E5 · Kubernetes Bytes
01:15:56·11 months ago
IDPs Unveiled: Accelerating Deployment on Kubernetes image
IDPs Unveiled: Accelerating Deployment on Kubernetes
S4 E4 · Kubernetes Bytes
00:59:52·1 year ago
Transcript

Introduction to Kubernetes Bites Podcast

00:00:03
Speaker
You are listening to Kubernetes Bites, a podcast bringing you the latest from the world of cloud native data management. My name is Ryan Walner and I'm joined by Bob and Shaw coming to you from Boston, Massachusetts. We'll be sharing our thoughts on recent cloud native news and talking to industry experts about their experiences and challenges managing the wealth of data in today's cloud native ecosystem.
00:00:28
Speaker
Good morning, good afternoon and good evening wherever you are. We're coming to you from Boston, Massachusetts. Today is August 22nd, 2022. Hope everyone

Episode Highlights and Personal Updates

00:00:39
Speaker
is doing well and staying safe. Let's dive into it. Lots of twos in there. You know, before we dive into today's topic, it's a little bit of a special episode. I'll let Bob and give you the gist in just a few minutes here. But let's just talk about what we've been up to and then we can dive right into it.
00:00:57
Speaker
Yeah. And the way you introduced the episode was perfect, even though it was not planned, right? A lot of twos. I think I've been thinking twos. So this episode comes out on August 22nd. Tomorrow I'm headed to Glacier National Park. And then in a week after that, I'm headed to Acadia National Park. So two national parks in two weeks on August 22nd, 2022. Let's do it. And we have two guests. So, you know, it's all ringing a bell here. It's good. It's good.
00:01:24
Speaker
Great. What else do you have to do besides just those two national parks? Oh, I'm just glad that the weather has cooled down. I postponed all my yard work. I think listeners will remember my first experience with it. The second was not better. Let me just say that. I was glad that at least I was doing it in like a 70 degree weather, not a 90 degree weather, but we filled up, like me and my neighbor filled up like 730 gallon bags of yard waste. That's just 210 gallons. It's too much work.
00:01:53
Speaker
Welcome to home ownership. Every year, all the time, you get to do things like this now. Looking forward to it. How about you, Ryan? What have you been up to?

Guest Introductions: Brendan Burns and Ganesh Kumar

00:02:05
Speaker
Cool. Yeah. I mean, mostly enjoying the summer as much as I can. In a few days, I'm headed to, I don't know if there's any country fans here, but I'm going to Kenny Chesney at Gillette Stadium, which has been sort of a family tradition, but it's been canceled for
00:02:21
Speaker
two, three years now. And this is his last year doing it. I like country, don't get me wrong. I'm sort of a fan of all music. So, you know, it's a good time, the whole family comes up, you know, we go to the show, and then we like sort of have everybody over to
00:02:36
Speaker
barbecue and hang out. Hopefully, I like the idea of it being warm still because people can just jump in the pool and have a good time. Looking forward to that. Obviously, spending time with family is still always so important. I'm excited for it.
00:02:53
Speaker
Awesome. Today we have, as you said, two guests and two special guests. Like first, let me introduce Brendan Burns. Again, I don't think people need an introduction after listening to that name, but he's one of the co-founders of the community's open source project. And currently he's been up to like, he's the corporate vice president of Azure cloud native open source.
00:03:12
Speaker
So the team that works and contributes to open source projects in the cloud native ecosystem, Brendan basically manages all of that. And as the second guest, we have somebody who's new to the ecosystem, Ganesh Kumar Ashoka Vardhanan. He's

Microsoft in Open Source and AKS Focus

00:03:25
Speaker
a software engineer who started in the AKS team last year. But if I remember correctly, I think he interned for a couple of summers and he's just starting his career journey at Microsoft by working on such cool products like AKS and all the different cloud native open source projects that it has.
00:03:42
Speaker
I think in the episode we do want to ask questions around what are the open-source projects that Microsoft works with, but then also focus some time on AKS, how it helps customers spend time, maybe ask around Windows containers if we get the time, but before giving up too much information, are you excited about this episode?
00:03:59
Speaker
Yeah, I think, you know, having someone definitely more senior and having someone new to the ecosystem and Microsoft in general, I'm really excited to get both, you know, Brendan and Ganesh's perspective. So, you know, I say without further ado, let's let's get them on the show.
00:04:17
Speaker
Welcome to Kubernetes Spites, Brendan and Ganesh. I'm so excited to have you both here to talk all things Microsoft, Kubernetes and a bunch of other things. Why don't we kick it off and just do a little bit of introductions and background of what you're both doing.
00:04:35
Speaker
Hey, thank you so

Roles and Experiences of Brendan and Ganesh

00:04:36
Speaker
much for having us here. Really excited to be part of this podcast. I'm Ganesh Kumar and I'm a software engineer in the Azure Kubernetes service team, working primarily on the node lifecycle and Kubernetes versioning aspects. I graduated from UC Berkeley in 2021 with a degree in electrical engineering and computer science and a degree in business administration as part of the founding class of this program called the Management Entrepreneurship and Technology Program.
00:05:02
Speaker
Right after I graduated, I started full-time at Microsoft, and also during my time at Berkeley, I had the great opportunity to work at Microsoft during two internships.
00:05:13
Speaker
Great. Well, glad to have you here. Cool. Hi there. I'm Brendan Burns. I am the corporate vice president for cloud native open source and management and platforms and Microsoft Azure. I've been in the computer industry for close to 25 years. A lot of it dedicated to open source, but other things as well.
00:05:34
Speaker
Kind of been all over, did a PhD in robotics, was a professor for a while. And as a result of being a professor, I love to see the interns come in and bring some of the fresh perspective into Microsoft. And I think Inesh is a great example of how that program turns into great opportunities to make a difference for our customers.
00:05:53
Speaker
Yeah, absolutely. And many might know Brendan as one of the founding members of Kubernetes. And since you mentioned robotics, I think, you know, Ganesh, we had a little bit of time to speak ahead of this podcast. And you mentioned a conversation you had early early on when you were an intern with Brendan. Can you talk a little bit about about that and how that really kind of, you know, piqued your interest?
00:06:13
Speaker
Yeah, definitely. So I've been interested in robotics, machine learning and also distributed systems for a while now. So during my first internship at Microsoft, I was working on Azure compute health store team, which was essentially using infrastructure health signals to determine issues in Azure infrastructure based on anomaly detection algorithms. So in that internship, it was my first exposure to cloud computing and I learned a ton about
00:06:44
Speaker
are different aspects about cloud computing. And one of the ways in which I learned about Kubernetes was because my mentors then had shared about this paper called Borg Omega and Kubernetes. And then later on I found out that that paper was co-authored by Brendan and he was working at Microsoft. And I think he was in the same building where I was working in. So I thought that was really cool. And that's how I got interested in AKS Kubernetes.
00:07:10
Speaker
and I switched into that team so I could learn more about Kubernetes. In the AKS team when I was interning, in that summer, Brendan would actually organize these office hours with interns and have even many more one-on-one sessions with interns, which I always thought were amazing because given his expertise and experience, he still made time for interns and had these conversations.
00:07:40
Speaker
Yeah, so in that process, when I was talking to him, I was curious about how something that I noticed was that there was this link between robotics and Kubernetes concepts, especially around control loops and feedback loops. And it seemed like the concepts were similar. And I found out that Brendan did his PhD in robotics. And when I asked him if there were related
00:08:06
Speaker
connections, he actually did mention that many of those concepts were inspired by robotics. So I thought that was really cool. And in that we both had a similar interest and that, you know, it's also applicable in a sense to Kubernetes and distributed systems.
00:08:23
Speaker
Yeah, absolutely. I think that's a really cool connection of the control loops and everything. I don't think most would think about that. I mean, maybe that's a personal opinion. I know very little about robotics, but it's a great connection since I've been in this Kubernetes world and I totally get it. So really, really cool stuff.
00:08:40
Speaker
Okay, so I guess next question that I have is, Brendan, you said you lead the cloud native open source business unit at Microsoft. So I just wanted to learn more about how does Microsoft work with the open source ecosystem, especially like in the cloud native community, and then how it participates and owns these open source projects.
00:09:01
Speaker
Yeah, for sure.

Open Source Philosophy and Developer Productivity

00:09:02
Speaker
I think that one of the things that I believe is really essential to building a product based on open source is that it's critical to be present in that community, right? You can't just sort of take it off GitHub, compile it, put it on your website and sort of walk away.
00:09:19
Speaker
You know there there's a lot of value for end customers that we can deliver by being a part of the communities community we'll talk about a little bit later but one of the things that you know ganache works on is versioning for communities and getting the latest versions of communities into the azure community service one of the reasons we can do that so quickly.
00:09:39
Speaker
Is because we have people who have been the release managers right so they've been intimately familiar with the release as it's proceeding the road map is ahead we can start working on. Snapshots ahead of time with people who work in the community security projects so that you know we have.
00:09:57
Speaker
visibility into evolving security issues and ensure that our customers are patched on that day zero when a CVE is released. So I think all of those things are just a critical part of delivering managed open source as a service.
00:10:12
Speaker
But also we want to innovate right and a lot of the innovation that we do is driven by our own customer needs and you know the honest truth is that i think there's an expectation now in the cloud specially in cloud native that anything you do is portable.
00:10:27
Speaker
We love it when people run on the Azure Kubernetes service, but they may also need to run Kubernetes on bare metal in a container ship, or they may be running across multiple clouds because they're a gaming company and they want to be as close to the customer as possible. They're going to not want to take a dependency on stuff that we're building unless they know they can work with that everywhere. If you look like projects like Kata, which is the Kubernetes event-driven auto-scaler,
00:10:55
Speaker
Products like dapper which is random productivity or even the work we've done to integrate kubernetes and vs code together. They're all focused on delivering a lot of value for our azure customers, but also delivering something that is useful in the broader kubernetes ecosystem. Even in places, I think a great example of this is our work with the flux community, which is a get ops project in the CNCF.
00:11:21
Speaker
We could have said, hey, we want to own it. We're going to create the Microsoft GitOps thing. But we looked out into the CNCF and there's already a really great community and a really great project there. We said, actually, we're going to go work with Flux.
00:11:35
Speaker
but we're not going to just take the code. We're going to actually become contributing members to that project. We're going to kind of talk philosophically about what does GitOps mean and how are we going to try to advance those ideas and thought leadership. So it's a bunch of different pieces that come together to really, I think, help move the broader cloud native community forward. And at the end of the day, just create a better experience for those customers running Kubernetes and cloud native workloads on Azure.
00:12:02
Speaker
No, that really makes sense, right? It helps Microsoft and the world community raise the lowest common denominator. So like you're not stuck at the very bottom. You are innovating and contributing back to those open source communities. So everybody can use those features regardless of whether they are an Azure customer today or not. It just helps these open source projects be better. Yeah, for sure. I mean, and the truth is the world is hybrid, right? I don't think there's anyone who believes that, you know,
00:12:28
Speaker
people are going to be able to run absolutely everything on a specific public cloud. Maybe if you have some small applications, but there's going to be a mobile app or there's going to be a retail. Obviously, if you have a retail store, physical brick and mortar store, that's not going to our data center. We have to build for this hybrid world. We're just seeing that breakdown where people aren't really writing code for the cloud, they're writing code for the entire world.
00:12:57
Speaker
Yeah, and that brings up a good point, breaking down these boundaries, making the services that we're working on more flexible so that people can go beyond the boundaries that we're sort of setting up for the basic use cases. Something you mentioned when we spoke a few weeks ago was the concept of developer productivity and sort of
00:13:15
Speaker
what it means. And I feel like this concept of being part of the open source projects, but being present and really caring about what else they're trying to do beyond just what AKS is up to, I think is a big thing. So maybe you could speak to a little bit about what developer productivity means to you and how it all connects. Yeah, I think actually Ganesh has a great perspective on some of the work he's been doing with Event Grid and otherwise for developer productivity and Kubernetes there.
00:13:46
Speaker
Yeah. I think, so I had the great opportunity to work on this project or to integrate Event Grid with AKS, which essentially improves developer productivity. So Event Grid is this Azure service that allows you to keep track of different events and create workflows based on that. And AKS users can use Event Grid to actually know about important events that happen in your cluster. One example is
00:14:13
Speaker
new Kubernetes versions being available in your cluster. And during my internship in AKS, I was lucky to be able to work on this project with my manager and another intern. And last year it went into public preview as well. So with this feature, you can create workflows like being able to run test pipelines after a new version is available and doing that automatically. And this integration is like one example of the developer productivity tools and integrations that Microsoft is developing.
00:14:43
Speaker
And there's also many other interesting projects that team members and AKS have worked on such as draft, which allows you to containerize your applications, even if they're not already containerized and allows you to easily deploy them. So I think even.
00:14:59
Speaker
The work in the open-source community, it's really allowing users, not just in Microsoft, but everywhere else to become more productive. I think that is something that really aligns well with Microsoft's mission. It's also something that I'm very interested in because it allows one to scale your impact even beyond the product. Even at the product level itself, because of the global usage, you're really improving developer productivity for all the users of AKS or Azure.
00:15:28
Speaker
Yeah, I agree. I really like that, you know, when a new version of AKS comes out, you get, you know, the event grid kind of action and be able to deploy some pipeline. I feel like that really targets, right, a real pain point that developers or even often, you know, might have in and one that I've suffered from myself and other deployments as well. So, you know, I think, you know, both between making it easier to get onboarded, right, where
00:15:54
Speaker
Like draft or being able to do these things that solve real pain points i think that's really obvious like obvious thing but not everyone's thinking that way so it's really cool to see those projects.
00:16:06
Speaker
Yeah, I think we really are centered around that idea of empowering our users to do more and oftentimes that means removing pain. I've always said I would rather build something that a million people use than something that impresses some engineer down the hall.
00:16:26
Speaker
I could care less if someone thinks it's cool. I want a ton of people to think it's useful. I think sometimes we look at some of these cloud native projects and they're almost designed for Twitter.
00:16:41
Speaker
You have the cool logo and they know they're gonna go do a meet up or whatever but you dig in and you're actually what is why would i adopt this check what is the pain you're removing i think people forget. I think we get really blinded right and we forget that the truth is that ninety five percent of the people who use kubernetes.
00:17:00
Speaker
Like, they're here to get a job done. They're not here because they love the community, although it is a great community. They're here to just get a job done. And our job, as people who do love Kubernetes and are excited about it, is to sort of get out of their way and help them be productive. And

Security in Development and DevOps

00:17:20
Speaker
then also, I think the other thing that I've been thinking about, this is like the pointy-haired boss part of me, where I've become more and more responsible for.
00:17:27
Speaker
larger organizations is a realization that we also have to help people do the right thing. When I think about software supply chain security, it's not okay to say you have to make sure that your images are secure.
00:17:44
Speaker
We have to develop infrastructure so that that person can't even deploy an insecure image, can't even check in a Dockerfile with an insecure image. It is unfair to a developer to expect that they're going to be able to keep track of the laundry list of 20 million CVEs or whatever it is.
00:18:03
Speaker
And instead, this is automation. And I think in some sense, this is the next generation of DevOps. I mean, and they're calling it DevSecOps. Which is, I mean, I like I cringe a little bit. DevOps thing and like, I cringe a little bit. But I think that the motivation is right. Right? The motivation of saying like, hey, security is not something that you remember or something that you memorize. Yeah.
00:18:29
Speaker
It's a core part of your validation and deployment pipeline. It's a core part of CICD. It's even a core part of your tools. We're going to put red squiggly lines under your YAML file if something's wrong. I think that mentality shift is actually really valuable and is something that we're really going after.
00:18:51
Speaker
Yeah, security shouldn't be an afterthought, right? As you said, it has to be built in. And even if just the word DevSecOps instead of DevOps helps people get into that mind frame of, oh, security is important. Maybe that's what its purpose is. OK, people should be thinking about security.
00:19:06
Speaker
Yeah. No, I think that's probably true, right? I mean, I think DevOps sort of said like, Hey, you should be thinking about CI CD and testing, right? Yeah. And the real, the real, it was like test and how do you deploy quickly with automation? And I think now saying like, okay, we test, but we also secure with automation. Um, and it leads to good projects, right? Like a lot of our work on the gatekeeper project for policy and everybody's, you know, is dedicated to, to exactly that. How do you make sure that people.
00:19:32
Speaker
don't deploy stuff from random image pulls from Docker Hub, whatever it happens to be. Yeah, I feel like for years with the complexity and the newness of what Kubernetes was and the excitement around it, now we've finally gotten to a point
00:19:47
Speaker
where Kubernetes is becoming this thing that's just there and that's fine. Now, we're really focused on everything above that. That being said, we have to care a lot more about everything we put on it and that we're building these really great projects and yes, security has to be inherit to the system to enable to do this safely in production, especially with all the noise that is around
00:20:15
Speaker
Security and ransomware and things that are going on the first question that you know often comes up is like you know why is the system different like what's not be you.
00:20:25
Speaker
No, so talking about security and Brendan, you said there's a list of 20,000 CVs. I know we had at least a couple of really popular ones with Log4J and Spring4Shell. Ganesh, since you are on the AKS team, how does that work? When a new CV or Day Zero vulnerability comes online or gets published, how do we make sure the customers are patched and they can be up and running easily?
00:20:46
Speaker
Yeah, I can share more about that and also want to add on to what Brandon mentioned earlier. Because AKS is a managed Kubernetes service, a lot of components are managed by AKS and a lot of the security that customers would have otherwise had to take care of is also handled by AKS, which I think makes it easier for them to
00:21:08
Speaker
make sure that their workloads are secure. And there's so many other features that are built on top of AKS to make it easier for users to securely deploy their workloads and manage that infrastructure securely. So I think that is sort of one major way in which AKS sort of simplifies security for many users.
00:21:29
Speaker
Particularly if you have some vulnerabilities and components that AKS itself manages, I think there's different avenues depending on the type of issue as well. Sometimes we have embargoed CVEs that we would handle to make sure that it's deployed before even it's announced.
00:21:49
Speaker
and the exact details I mentioned earlier. And then there's this huge group of people within Microsoft as well who actively look at security issues and provide information to make AKS more secure. And some parts of this process I think still need to be automated just like Brandon mentioned in terms of hot fixing previous releases or simplifying the process of applying these changes before and also making it easier for users of AKS to
00:22:18
Speaker
actually consume these security patches easily and automatically. I think there's a lot of work going on there and part of what I do as well has been in terms of applying these fixes for currently used AKS infrastructure. So I think the process is involved depending on the use case and it also makes it easier for users.
00:22:45
Speaker
because we handle it. All the heavy lifting is done by those engineering teams or development teams in the background. For the customer, it's maybe a right-click upgrade and you don't have to worry about the CV again. I think that's what I'm getting from your answer.
00:23:00
Speaker
For sure, and I think what's interesting even there is we've seen an evolution, right? Like we actually offer auto upgrade at this point, right? Where you can tick a box and we'll automatically upgrade you the minute it comes out. And to be honest, like in a couple of cases with severe CVs, we've just done that anyway. Because it was bad enough that we figured, hey, any risk of instability is outweighed by the security risk.
00:23:25
Speaker
But I think what's really interesting there is this evolution in our customer set, which is three years ago, nobody would turn on auto update.
00:23:33
Speaker
They were just terrified. They want to be sitting at the keyboard watching the thing as it goes through. I think in part because we've done a lot to improve auto upgrade and reduce the impact, but also because people become better at building cloud native applications. They've become better at building applications where if you one by one remove and upgrade machines, their application just handles it. They're getting more comfortable with this notion of auto upgrade.
00:24:02
Speaker
And the analogy I kind of give is like, it used to be, you know, you paid a ton of attention to like what version of your web browser you're running. You know, Internet Explorer or 6.5 or whatever it is, right? Now, like nobody could tell you what version of a web browser they're running.
00:24:18
Speaker
They don't even know how to figure it out. I think we're going through that same kind of iteration with Cloud Native where upgrade and response to CVE just becomes something that happens transparently in the background rather than something where you're thinking a lot about it. It requires a bunch of different coordination from all sorts of different people.
00:24:41
Speaker
I almost want to say that the notion of things happening automatically and auto-updating is sort of built into the definition of what is cloud native to begin with anyway. If you were kind of asked me, what makes something cloud native?
00:24:56
Speaker
the conversation of something just automatically being able to update and take care of things like that would be part of that conversation. So I think there's also a paradigm shift, right, of maybe new developers also becoming used to the expectation that this is going to be happening. So therefore they're more comfortable with this type of feature and turning it on and maybe not having the PTSD from like...
00:25:21
Speaker
back in the day and like managing open stack clusters or something. I think we have seen a whole spectrum. Like we spoke to somebody from MongoDB and the developer, like when he entered the ecosystem, operators are already a thing. So he didn't know a world before operators existed. So that's like one side and then the other side is those Microsoft
00:25:40
Speaker
SQL server admins or Windows admins that have to worry about past Tuesdays and making sure all of their servers are updated. I think that's like you are on this journey and then hopefully as we go on this and maybe in the next five years auto-operate becomes the baseline configuration that you need for your clusters.
00:25:58
Speaker
Yeah, I think that's absolutely, you know, where we're headed. And it requires it's a careful dance, right? Like, he doesn't have health checks, or honestly, like, if the developer doesn't know to define a health check, because it's kind of scary, you know, really limited in our ability to safely upgrade something. Yeah.
00:26:18
Speaker
Um, and, and so like, is this dance between like the developers getting more aware, like if I tick these boxes, then this automation can help me. Um, but also getting comfortable with the fact that, Oh yeah, it's been a few years since an upgrade killed me. It's going to be okay. Although it'll still happen eventually. I guarantee you all over Twitter.
00:26:42
Speaker
Okay, so I think, Brendan, you were talking about the next step, right?

Choosing the Right Azure Solutions

00:26:46
Speaker
Like where the community is headed. And like my question was, like, since you are involved in the origin of Kubernetes as a project, where, like, how do you see people using something like AKS versus something like Azure Container Apps or serverless with like Azure Functions? How do those things work together? And how can developers choose which one to like use?
00:27:05
Speaker
Yeah, man, I spent so much of my life on this particular topic. I don't know. And I think that the TLDR of it is that what has happened in the past is that that platform choice of whether it's Azure Container Apps or Cloud Foundry or Heroku or
00:27:27
Speaker
Lambda or whatever your favorite platform is, was a really, really heavyweight choice. It was a choice of where your code ran as well as how you wrote the code. How easy or hard is it to write the code? I think what we're trying to drive towards in Azure and with AKS is a world where those two choices are separated.
00:27:52
Speaker
Where your code, well it runs in AKS no matter what. And if you run an Azure container app, ultimately that container is running in a Kubernetes cluster. So no matter what, your code is running in a Kubernetes environment.
00:28:05
Speaker
But the way of writing that code and the infrastructure around running that code might be a functions as a service or it might be a Helm chart. And those two things can interoperate. So that function as a service can really easily call that MongoDB that's being run by the operator.
00:28:25
Speaker
That's not where we are right now. If you write an Azure function and you want it to call into a MongoDB that's running in an AKS cluster, that's a hard thing to do. That's why it feels like such a heavyweight choice to people. What I really think we're driving towards is a world where actually Kubernetes becomes the underlying operating system.
00:28:48
Speaker
And whether you are writing c code down in the guts of the operating system or you're writing visual basic code out at the high level or even no code, right? Low code, no code. Excel, maybe. By the way to the Excel eSports championship. It's so cool.
00:29:09
Speaker
You know but no matter which of those you're going through the inner process communication is the same and the file system is the same metaphorically for metaphor system is the same i think that's where we need to get because. Otherwise we're just gonna continually be in this world where people.
00:29:25
Speaker
are debating how do I balance developer productivity of a platform like functions with freedom and flexibility and an ecosystem of operators and everything else that are going to be based on these lower level concepts. I don't think it's a winning solution to say, well, it's great for you to use these functions as a service, but you can't run MongoDB yourself. That's never going to win.
00:29:53
Speaker
Interesting. That's just a lot to think about. Just to, I don't know, have that information sit in there. I'll need to listen to this again.
00:30:02
Speaker
Go ahead Ryan. Yeah, well, so one thing I did learn in a little bit of research is that, you know, container apps is built on AKS, right? And so there's a bit of a notion of like, this thing is sort of, you know, inherited to a certain aspect where if you do start with something like container apps, because it's focused on like being the right tool for maybe that use case,
00:30:27
Speaker
you get you could have sort of a path off in and with more flexibility with something like a chaos is that like part of the journey as well. Yeah that's absolutely part of the journey is that you know that container image and things like dapper. You can absolutely are portable into the a chaos environment i think you know we really want it to be seamless.
00:30:52
Speaker
It's where it's not a redeploy. Right now, it would be a redeploy. Take your application out of this environment, put it into the AKS environment. I think ideally, it's actually more of just who's responsible, who manages it. Does Azure manage it for you or are you responsible for managing it for you? That's a choice that you could make effectively on a running thing.
00:31:18
Speaker
And it's going to take a long time for us to get there, I think. But that's the North Star. Gotcha. Got it.
00:31:27
Speaker
Sorry, I was just going to ask Ganesh a question around like developer productivity and VS code and the work that Microsoft has done, right? I know we spoke some about Kubernetes versioning in AKS and how that is managed. But how do I get my code? Maybe that's I'm working on it on my laptop into an AKS cluster and how does that workflow work? I know you already hinted at something like draft, but can you expand a bit more on that, please?
00:31:52
Speaker
Yeah, sure. And I can also touch a little bit about other ways in which I think AKS improves productivity for users compared to managing your own Kubernetes clusters. So the upgrade process, for instance, just like we mentioned, has been elaborate in the past. And even for Kubernetes versions, particularly minor versions, it can be elaborate if you're doing it completely on your own. And one of the things that I learned
00:32:17
Speaker
had after I joined full-time was Kubernetes versioning itself is quite an elaborate process in that there's a lot of APIs that can get deprecated, feature flags that are deprecated. And as a managed service, we also have to handle a lot of edge cases with respect to how users.
00:32:34
Speaker
use these different features. So one of the things that I worked on quite extensively was also Kubernetes versioning. And I think because we handle, as AKS, handle all these edge cases and making sure you're able to upgrade without breaking your APIs and so on.
00:32:57
Speaker
I think really improves developer productivity for all users of AKS. And that is something that I found to be quite satisfying as well, especially when seeing people tweet about it or, you know, lots of AKS users, you know, using these versions that have helped drive with the team.
00:33:13
Speaker
And going, I guess, back to the other part that you asked about, you know, in terms of broader developer productivity, the event grid integration is for when you already have your Hs cluster. And then prior to that, there's recent developments that
00:33:30
Speaker
The other members of the AKS team have worked on draft which just makes it easy for you to containerize your applications even if it's not containerized. You just install the tool and you need to provide some information like the ports that are used and so on and then it will actually generate the helm charts and manifest for you and it makes it easier to
00:33:53
Speaker
deploy on to Kubernetes. And also touching on what Brandon said, you know, I think there's a lot of different ways in which you can actually eventually end up deploying your applications on Kubernetes, but hide away many of the abstractions from users. So yeah. So are you saying I don't need to learn how to write my own YAML files if I install draft?
00:34:20
Speaker
Let's say on-demand learning, which is to say, learning YAML will not get in the way of deploying your first application to Kubernetes.
00:34:30
Speaker
We expect that sooner or later, you're going to need to sling some yowl. But it's not going to get in the way of that first dopamine hit of that app is now running in this cloud environment. And I think even beyond that, when we think about the VS Code work that we've done,
00:34:49
Speaker
It's little things, right? Like, mostly people don't know that there's this feature called cube control describe. If you say cube control describe and some path into an API object, it'll give you a little blurb about, you know what that field does in that yaml file. But the truth is the ergonomics of that are terrible.
00:35:08
Speaker
Who wants to go into the command line and type cube control, describe, field name, blah, blah, blah. With the extension, we've integrated that with the YAML file with a hover card so that you can turn it on. If you hover over a field in a pod definition or in a deployment definition, it'll give you the little description of what that field does.
00:35:28
Speaker
Right? You know, something like replicas, it's really obvious what it does, but something, you know, like, yeah, there's all sorts of different stuff, or like the deployment, like all the different options for how you configure a deployment, like when a deployment proceeds, like period, seconds, whatever. So being able to basically, in the midst of your YAML editing, hover over the field and have it described for you, you know, what that field does, just improves somebody's productivity, reduces what they have to learn,
00:35:57
Speaker
beforehand and enables them to effectively on-demand learn it. Just the weird context switching, I feel like. Not having to say, what is this thing? Hold on, let me go find the API or Google it, or find the whole path and use this other CLI tool. Just not having a context switch, right? For sure. Yeah, I mean, and also similarly,
00:36:21
Speaker
putting in a little red squiggly line that says, hey, this isn't going to deploy right because your YAML indentation isn't quite right or whatever. There's all of these things that you can do in that familiar editing environment. Another thing, people do kubectl apply all the time. I mean, we would suggest maybe that GitOps and CICD is a better way to manage your cluster, but the truth is people do kubectl apply. If you do that in the context of VS Code, we're going to show you a visual diff.
00:36:50
Speaker
You're going to be able to actually see, oh great, replicas is going from 3 to 15. You'll also see, oh, image is going from V10 to V1. Maybe I didn't actually mean for that to happen. That visualization, it just helps. I think there's a lot to be said for
00:37:12
Speaker
the command line, but there's a lot to be said for places where the sort of information density of a GUI can help you. And it's all of these smaller things, right? Like in a delivery system, we know the last mile is the hardest. So like having all of this integrated into the IC that you're using, that just makes it easier. Yeah, I mean, and I think that, you know, it's so, I mean, actually just came from the meeting, but like,
00:37:38
Speaker
be sitting in live site meeting every week, sitting in the meeting where we go over outages and how they happened. You just really learn a lot about how
00:37:49
Speaker
This stuff just happens because sometimes there's really bad weird bugs, but a lot of it is just because somebody was distracted or it just wasn't easy enough. As you said, they have four different tabs open. They're switching between different tabs. They forgot what they cut and pasted. They just didn't see that they had an old Git repo. They hadn't refreshed that Git repo.
00:38:11
Speaker
And the more we can do i don't look at that and take that boy that developer messed up i look at that and i think oh my god we failed these people. This is what is supposed to prevent you from it's like we're handing out razor blades basically. It shouldn't be a resume generating even for the developer it should be a feature generating even for the product manager i guess hundred percent right hundred percent true.
00:38:35
Speaker
Yeah, there begs the question of, you know, can we make it easier for people to get to the spot where kubectl apply isn't sort of like, they've gotten to a point, they're like, yes, and just throw it over the wall because they have that pool at their hand. But but it's much easier to get a pipeline or get ups pipeline sort of set up for them, you know, from the get go. So that

Windows Containers in AKS

00:38:56
Speaker
way, they're thinking that way from the get go.
00:38:59
Speaker
Yeah. And I think fully featured too, right? Like I think one of the things I've seen in a lot of the, like, here's how you just set up your CI CD is that it doesn't leave empty spots for all the things that you would will eventually need. Like it gives you a really basic CI CD, but there's no slot that says like, you should probably put testing here. Right. Or a slot that says, Hey, you should probably put some sort of like stage map multi-region thing here. Right. And I think that's part of it as well is that, that, you know, we don't have, have that,
00:39:28
Speaker
mindset of like, well, what does day N look like when we're trying to get people started on day zero?
00:39:33
Speaker
Absolutely. I'm going to switch gears a little bit here because it's been a burning question I know I've had and Bob and I have had because it's something that in our day jobs and things like that we paid attention to is the state of Windows containers. Obviously, what that looks like in AKS, what's the adoption of what people are doing with Windows containers? I'm just curious about it all, I guess.
00:39:59
Speaker
Yeah, for sure. I mean, so we continue to see strong interest in Windows containers. And of course, I've got some members of my open source team that are dedicated working in upstream on Kubernetes support for Windows containers and increasing parity. There's definitely some places where, you know, there's just not parity between the Kubernetes support for Windows and for Linux. You know, I was just talking to somebody about
00:40:30
Speaker
legacy computing because it's just something that's fascinating to me. Someone was discovering an underworld of legacy computing. I think the truth is that there's a ton of binaries and a ton of executables out there that that source code is long gone.
00:40:51
Speaker
And nobody's going back for it. Nobody's coming back for that code. And so I think when we look at Windows containers, a lot of what we see is it's an opportunity to move that last 10%.
00:41:06
Speaker
Yeah, right. You know, you're going to modern development. I think the new development even in dotnet is happening with dotnet on Linux dotnet core on Linux. But, you know, there's a bunch of like mission critical C plus plus code that was written a bunch of time ago. It's just not moving.
00:41:25
Speaker
And the ability then but then the ability to get that into the cluster to really get every update your development processes your cicd all of that stuff is just a huge advantage for people try not have it be a weird singleton but have it like look and smell and feel like the same to the monitoring systems into the logging systems and all of that kind of stuff is a ton of wind for people in that.
00:41:48
Speaker
We've seen some great examples of Windows container usage. In fact, actually, Forza 5 upon AKS is using Windows containers for the back-end for Forza. Nice. That's pretty cool. Obviously, that's not even that legacy, right? That's not even you-ish development.
00:42:10
Speaker
Well, gaming has a ton of legacy, actually. It's amazing. When you go talk to gaming companies and you think of it as being super modern and stuff, and you're like, whoa. And also, they have a lot of the code they wrote started on the client server as a relatively new thing in the game industry. Sure.
00:42:30
Speaker
I'm just saying multiplayer continues to evolve. A lot of the infra that they built was single player on Windows or on Xbox or on console for a really long time. They're continuing to evolve and to address distributed systems, but there's definitely legacy there.
00:42:54
Speaker
Got it. So I think we are running up to our time limit. I think I do want to end with this question. Ganesh, why don't we start with you? We have discussed so many things about how cloud native open source works at Microsoft, how the team is empowered to go and contribute to these projects and be release leads.

Advice on Engaging with Microsoft and Open Source

00:43:10
Speaker
If people want to get started with not just Microsoft and their journey at Microsoft, but even open source projects, what do you recommend as somebody who has entered the ecosystem over the past year?
00:43:21
Speaker
Yeah, I think I want to also just mention that really the impact that we have at Microsoft and through working in AKS is just tremendous. And I think the scale of impact through projects like Event Grid Integration with AKS or Kubernetes versioning and so on is quite awesome to see.
00:43:43
Speaker
A lot of the ways in which I learned about this was through engineers in the team, but also through a lot of open source tutorials and videos and so on. And actually, Brendan himself has contributed to a lot of that, which is pretty cool. So even when I was getting started in Kubernetes, I was watching videos that Brendan had.
00:44:02
Speaker
on how Kubernetes works and so on. And then even his Kubernetes up and running book as well has been a reference for me. So a lot of these resources are helpful and I think particularly
00:44:15
Speaker
For people who are starting in the outside of Microsoft, maybe working on projects hands-on, trying to deploy any applications that they've written onto Kubernetes or using a managed Kubernetes service like AKS early on, I think is helpful in understanding how the entire flow is. And that's not something that you often tend to do in university. So I think it's a great way to
00:44:40
Speaker
get started. And I also want to plug that, you know, at Microsoft you do have an incredible opportunity to work and connect with senior engineering talent like Brendan, who are really willing to mentor young engineers. Same question to you, Brendan, like how can people get started?
00:44:58
Speaker
Yeah, I mean, I think one of the things that's valuable, there may be two things to think about. You know, one is that it's easier than you think, right? And I think sometimes people look at it and they get kind of intimidated. But like the truth is that like every open source maintainer and every open source project I've ever run across has fewer people than they would wish for working on them.
00:45:24
Speaker
Yeah right everybody is strapped for people to come and help like they don't want people to come and do drive bys right so realize that when you're doing it needs to be a commitment you need to be willing to put aside you know say i'm gonna actually focus on this thing a little bit for. Three months six months or whatever and i'm not gonna just kinda trying to one PR and then it needs to be a little bit of a commitment but every project.
00:45:45
Speaker
has too few people working on it. And so there's definitely opportunity out there. But on the other hand, I will also say it's probably going to be harder than you think, because you're going to do all this hard work, and you're going to craft up this PR, and you're going to be so excited and happy about this PR, and you're going to submit it, and it's going to get torn to shreds. Or somebody's going to tell you that, well, no, we thought about that three years ago, and we decided not to or whatever. And I think it's also important to realize that that's going to be
00:46:15
Speaker
part of the learning experience. Doesn't mean anything about you.
00:46:19
Speaker
It's about learning how to be in these communities and about what the community expectations are. I will tell you that every time I push a PR into a new repo that I have never been in before, I still have that experience. I'm a little bit better about it because I know the red flags, they're true of all projects. I know a little bit about how you read up and look at other PRs and try and get a sense for the culture. But every first PR I've ever done, it takes a month or longer to get merged.
00:46:47
Speaker
Just because you got to have to kind of like get in with like their processes. Right. And also like they, to be honest, like random PRs from new people, they get ignored for a time. Yeah. Patience, patience is a virtue. And soon enough, before you know it, you will be tearing PRs apart yourself. I'm sure. I haven't fixed my bug yet, guy. I mean, like day job or something.
00:47:17
Speaker
It's funny. Again, the thing with open source communities, especially the different things that the communities community has, they are open. All the meeting notes are in a Google Doc. All the meetings are recorded in Zoom and available for you to watch. So if you ever need to find out where to find answers for certain things, why certain features are built, there's always a recording where those things were discussed. So don't be afraid. Just go in the archives and find that information yourself.
00:47:45
Speaker
I could also share a little bit of an anecdote to what Brandon was saying because recently I've been involved in this project for container acceleration on AKS which is essentially speeding up image pulls and pod start times and also tying into what we were saying earlier about really thinking about open source throughout AKS. We've been considering various open source solutions and trying out different tools and I've been able to try out new projects that are
00:48:12
Speaker
oftentimes in the nascent stages in terms of identifying what could be useful for us. So in this process, I've been able to go through the same cycle that Brendan is saying in terms of learning how the repo works, getting it set up, which itself can be a complex process. But I think one interesting observation is that a lot of these projects, which are part of CNCF, they have very helpful developers, not just in Microsoft, but in
00:48:40
Speaker
other companies as well who are very responsive in Slack and in terms of helping you understand how to get set up and how to contribute and so on. So I would encourage someone who wants to start to actually
00:48:55
Speaker
you know, try things hands on and also ask questions and not really hesitate too much in terms of making progress. Yeah, yeah, yeah, absolutely. I mean, the community is the one of the greatest parts I think about, you know, Kubernetes and the different companies involved in it half the time, you don't even know
00:49:12
Speaker
which companies they're a part of because they're there to answer your questions and help you first. Speaking of community, we're going to wrap the show up. Thank you both for coming on and being part of our little podcast here. It's been really insightful and we really appreciate you both taking the time and joining the show. Absolutely. Thanks for having us. Thank you so much.
00:49:35
Speaker
Well, Bob, and I think that was one of my favorite conversations of season two here so far. And I have a lot more questions I feel like I have for both of them. But as far as takeaways, what did you really get out of that conversation?
00:49:52
Speaker
Yeah, that's a takeaways perspective. I think if we start at the very beginning of our questions, right, developer productivity and like Microsoft's goal of making sure that developers have an easy experience writing those apps, pushing it to contain, like writing in containers and then pushing it to AKS or even if it's not AKS, something that's
00:50:12
Speaker
in the ecosystem, maybe a different managed service, maybe Kubernetes on bare metal, that really helps. Small things that we discussed in the episode, like having those hover descriptions of different Kubernetes objects, giving you those red squiggly lines, if you have errors in your YAML file definition, all of that really helps. These are the small things that will make any developers experience with Kubernetes and with containers really easy. So that was a big takeaway for me.
00:50:39
Speaker
Yeah, you know, I agree completely those little additions to things like VS code and kubectl explain and the hover, right, those are integral, I think, to, you know, making a developer happy in general, and making their life a little easier, you know, to me, I really liked sort of Brennan's take on being present in the community, right, whether
00:51:01
Speaker
your art and representing a big company like microsoft and part of a project like a gas making sure open source in the community comes first and doing that by being present right is a big part of sort of what you should be doing and the fact that.
00:51:19
Speaker
when you're part of open source, the thing he said towards the end of all these projects need more help. Don't be scared to get involved and get your feet wet, but also don't think it's going to be a walk in the park to make sure you want to invest some time into getting to be part of these projects and to learn the process of submitting code and being part of a PR review and what that's like and working your way through the project.
00:51:48
Speaker
really

Microsoft's Customer-Driven Focus

00:51:49
Speaker
valuable information to someone looking to get involved in these projects. I know in the past with my experience in OpenStack, it was similar in the sense that it was very open source focused and projects were begging people to come join and be a part of it, but where do you start? A lot of it back then was
00:52:12
Speaker
Go and squash some bugs to get your feet wet because squashing bugs is low hanging fruit and you can fix something and get generally a smaller PR cycle because it's probably a lot less code than a whole new feature. But if you want to tackle new features and be part of something new, it's going to take longer. But just getting the experience and to your point around the SIGs and being open, just start being part of it. I think those were really the things I
00:52:42
Speaker
I really like to take out that conversation. I think the comment that Brendan made, that if you are participating in a project, it can't be a one-off thing. You have to make that commitment. It can't be a drive-through. You have to actually go inside and make some sausage. Even though that's a tedious part of the job, you have to do it.
00:53:00
Speaker
So I think that's really important. And then just having these different perspectives, as you said in the intro, Ganesh was new to the ecosystem, and Brendan, who basically was one of the co-founders of this ecosystem, that really helped. And then talking to them about where they see this community heading towards, talking about how functions and containers and Kubernetes work together,
00:53:23
Speaker
how does things like auto upgrade work to handle those CVs. Those were some really, I'm just glad that people who are offering these services and participating in the community are actually putting some thought behind it. And it's not just whatever will make the biggest noise on Twitter is the feature that's getting prioritized. It's actually trying to solve customer challenges. And having that as the number one priority is perfect. So I guess I'll just ended that.
00:53:49
Speaker
Yeah, absolutely. Like Brandon said, you'd rather help a ton of people than just have one person think it's cool. I think that's a thoughtful insight. Yes. Well, with that, as always, for our listeners, please go ahead and share our episodes. Give us feedback, whether that's on Anchor, Apple Podcasts, Google Podcasts, whatever you use to listen to podcasts, please give us a shout, a DM, a message, wherever you can.
00:54:14
Speaker
And with that, this brings us to the end of today's episode. I'm Ryan. I'm Bobby. And thanks for joining another episode of Kubernetes Bites. Thank you for listening to the Kubernetes Bites podcast.