Become a Creator today!Start creating today - Share your story with the world!
Start for free
00:00:00
00:00:01
DevOpsDays Boston - Helping developers be more productive in a multi-cloud world
1.2k Plays1 year ago
In this episode of Kubernetes Bytes, Ryan and Bhavin sit down with Michael o'leary and Ibett A to talk about how developers can build multi-cloud secure architectures using Kubernetes and the principles of Shift Left and DevSecOps.
Check out the KubernetesBytes website: https://www.kubernetesbytes.com/
Join the Kubernetes Bytes slack using: https://bit.ly/k8sbytes
Ads:
- Ready to shop better hydration, use "kubernetesbytes" to save 20% off anything you order.
Timestamps:
- 00:00 Interview with Michael o'leary
- 18:50 Interview with Ibett A
Show links: Boston Kubernetes Meetup - https://www.meetup.com/boston-kubernetes-meetup/
Recommended
Transcript
Welcome to Kubernetes Bites
00:00:03
Speaker
You are listening to Kubernetes Bites, a podcast bringing you the latest from the world of cloud native data management. My name is Ryan Walner and I'm joined by Bob and Shaw coming to you from Boston, Massachusetts. We'll be sharing our thoughts on recent cloud native news and talking to industry experts about their experiences and challenges managing the wealth of data in today's cloud native ecosystem.
Live from DevOps Days Boston with Michael O'Leary
00:00:31
Speaker
All right, welcome to Kubernetes Bites. You're our return guest, which is great, but you're live here with us in the flesh at DevOps Days Boston. So please give us a little intro and our audience a little intro who you are. Hi, it's great to be back on, guys. My name is Michael O'Leary and I'm a Solution Architect at F5. Very nice.
00:00:53
Speaker
This is day two of DevOps Days Boston. Give us your impressions of kind of what you've been doing here, what the events like. Have you been to others before this year? Sure. Yeah. Um, you know, I always love this event because it's Boston based and, uh, and the event organizers do a great job of supporting the community in their personal lives. You know, I know a lot of these guys.
00:01:15
Speaker
And F5 has sponsored this event in the past, and this year we held a happy hour in conjunction with another sponsor, logs.io, on the first evening of the event. So it's nice to be here as part of my day job at F5, but it's also nice to be here as a community member and someone who gets fairly involved in meetups and communities in Boston.
The Observability Trend at DevOps Days
00:01:36
Speaker
Absolutely. So what kind of conversations have you been having? Has anything been resonating or has there been any themes that kind of people are talking with? I know we were talking earlier with a couple of guests about we've definitely seen an observability theme in the talks and stuff like that. So I'm curious about your take there. You stole my trend.
00:01:57
Speaker
We did. Some other guest did. Okay, yeah. I was actually going to say that I have seen a lot of observability, but I'm never sure if it's a trend or if it's things that maybe I'm just noticing because I've been working a bit in observability or have found that interesting.
00:02:12
Speaker
So observability, there is one or two vendors that I thought were really interesting. It's nice to see startups, especially when they're Boston
Networking with Boston Startups
00:02:20
Speaker
based. There's a couple of startups that have been really fun to talk to. And then a couple of organizations that I cross paths with in a professional sense through my work at F5. It's always nice to talk to those as well. One of them, of course, being Dell.
00:02:34
Speaker
Yeah, that's right. It's always fun to be here. I know we've been sponsoring this for quite some time, but yeah, it's I think for me, it's the open
Open Spaces and Community Interactions
00:02:44
Speaker
spaces. It's the community that you interact with in a very different way than many other conferences, right? If you've been to KubeCon, right? There's no...
00:02:53
Speaker
necessarily, there's no unconference, there's no open space at those, maybe in some of the day one events or the prior events, but you get a whole different type of interaction with the community that you don't normally get when it's just you're attending a track, you're attending a talk, even if you wanted to go talk to that person, you know, a lot of the rooms are bigger, there's a lot of larger crowds a lot of times, it's hard to get in contact with that person.
00:03:19
Speaker
Whereas here, it's kind of everybody gets on the same playing field to a certain degree and you kind of only get what you put into it and hopefully you get more, you know, you put in more than what you get out of it because then that means everybody else is getting.
00:03:33
Speaker
a lot about it. And I know Paul Bruce, who helps organize it, really believes in that, putting a lot into it from the community members. So did you go to any open spaces or anything like that?
Inviting Participation in Boston Kubernetes Meetup
00:03:45
Speaker
You know, I miss the open spaces because I was too busy meeting new friends and chatting to old ones. But the hallway track is also just as important. The hallway track sucks you in sometimes. But
00:03:56
Speaker
You know, to your points about putting into the community, I totally agree. For me, as you know, and I've mentioned in the past on this podcast, I host the Boston Kubernetes Meetup. So one of the things I've been able to do is talk to a lot of people and offer them the ability to come along and present or just attend the Boston Kubernetes Meetup. It's always interesting to talk to people that work in Kubernetes or
00:04:18
Speaker
areas adjacent to Kubernetes. So being a Boston-based conference, and being that it's a little smaller than some conferences, you're very likely to meet people that live and work in the Boston area, and that's kind of nice, as well as potentially recruiting.
F5's Recruitment and Open Positions
00:04:35
Speaker
So in my case, I'm always looking for bright engineers that I'd love to have work beside me. And F5 has a couple of open positions, so I've been talking to people about
00:04:46
Speaker
getting in an F5, whether you're a senior person or a junior entry level type person. Are those local or also remote positions? Oh, great question. I brought the descriptions with me. We have both a field
00:04:58
Speaker
and remote positions and sort of hybrid and positions based in offices. We are based out of Seattle, but we do have positions based around the country. So if you are, I was just assumed that you were like, you were at five and you said, that's so funny. Yeah, I wish. Um, and then, you know, there was a couple of other just sort of side conversations that I had that I found really interesting. One member here was working on an open source project.
00:05:25
Speaker
for a sort of management of data. And I'm going to do a terrible job if I try and explain what he's doing. But he has a project that he would like to evangelize. It's not part of CNCF. It's not a well-known project. So that was fascinating for me to talk to someone who's sort of at the ground level of these sort of projects.
Conversations on Innovation with Startup Founders
00:05:46
Speaker
And then I just have so much respect for these young startup founders. So every time I get to talk to one of those guys, I'm really impressed.
00:05:55
Speaker
Yeah, it definitely takes a different breed to start a company and really live and breathe it constantly, 24-7, right? Yeah. You mentioned the Meetup. I think you had an event last week, right? Sort of a warm up to Dev Offstage Boston. Yeah, to a certain degree. Yeah, let me think. So there's a lot of community events happening. Of course, KubeCon, a sort of annual Kubernetes conference, which I'm not going to be at this year, but I think you guys will be there. Yep.
00:06:21
Speaker
So that's next month.
Post-COVID Meetup and CNCF Activities
00:06:23
Speaker
And then we have the Boston Kubernetes Meetup. If you want to check out meetup.com, and it's the Boston Kubernetes Meetup. Come along. We meet every two months. We met last week, and we'll probably meet in December. That's a fantastic meetup. We meet in Google's office in Cambridge, Massachusetts. And then the Boston CNCF community chapter is also led by me. Now that went a little bit dormant over the COVID pandemic.
00:06:50
Speaker
But it's come back to life, and I'm not really looking to lead that long term, but I did want to help get that back to life. So if anyone is listening and you're in the Boston area or even in the Greater New England area, you want to be involved in community events, you've got the Boston Kubernetes Meetup or the Boston CNCF chapter, or of course the Boston DevOps group, the members of which are also organizing this conference. Exactly.
00:07:14
Speaker
Boston CNCF chapter. What does that mean? Like, what are the activities that are sort of the responsibilities of that chapter? Like, what does it mean to get involved there? Yeah, sure. So some cities have more active chapters than others, but there is community groups of the CNCF. And so the CNCF is a little bit more governed, centrally, you might say, than say Wild West meetup groups, where anyone can go to meetup.com and create their own meetup group.
00:07:42
Speaker
So the CNCF groups have a couple of guidelines, right? One of them is that vendor pitches should not really be allowed. Sure. I think a single vendor. And then, you know, in an ideal scenario, you would have enough people in your community to be able to hold sort of a mini KubeCon. They call them KC... KCDS.
00:08:04
Speaker
Kubernetes community days. So I'd like to plan one for the Boston area. And if you'd like to be involved, and you're listening, please reach out. Yeah. And I like the CNCF chapter, right? Because it's not just focused on Kubernetes. Since it's CNCF, it's everything under that complex landscape that we all love and hate. Love and hate. I like how you phrased it that way. Speaking of Kubernetes
F5's Cloud Innovations and Container Ingress Services
00:08:28
Speaker
then,
00:08:28
Speaker
Let's dive a little into like, what's going on in F5? Anything new to talk about in the Kubernetes world or love or hate? I am always excited to talk about Kubernetes and F5. We do have a couple of new offerings. I am really excited about our cloud product. We call it F5 distributed cloud. It allows you to run multiple sites, Kubernetes and multiple sites and manage them by a centralized platform.
00:08:56
Speaker
And even today I was talking to a customer about updates to container ingress services, which is an integration that allows you to take our flagship product F5 big IP and integrate with Kubernetes clusters. And there's many enterprise level features.
00:09:11
Speaker
and edge cases that that product will serve for sort of large multinational customers. So let's leave it there because if you start me talking on. Yeah, we will get you going. I do want to touch on the fact that one of those things that you just talked about really is about managing multiple clusters.
Trends in Multi-Cloud and Multi-Cluster Solutions
00:09:28
Speaker
I think we're definitely seeing this hybrid story, this multi-cluster story, something we've been talking about for quite a while now. I feel like years now, right? But I feel like more people are actually starting to do that type of architecture.
00:09:46
Speaker
in reality with real workloads. And I don't know if this means or signifies sort of the maturity level of where people are in the company's journey or architecture. But I'd love your take on that. And maybe you've interacted with customers in that regard. Yeah, of course I have. And F5's take is obviously along the same lines as mine.
00:10:08
Speaker
Customers are absolutely asking for multi-cloud and multi-cluster solutions. So we have one but there are other others as well and I've had our competitors and our sort of peers present at the Boston Kubernetes meetup and definitely open I would say multi-cloud multi-cluster would be sort of my four words if I was going to summarize the themes from the last couple of meetups we've had
00:10:31
Speaker
It involves the intersection of you need to know networking, you need to know Kubernetes, you need to know security, you need to know sort of SaaS consumption models, and then multiple clouds.
00:10:43
Speaker
I've heard the term meta cloud or cloud above the clouds or abstraction of clouds. I'll use whatever term you like, but I would say multi-cloud, multi-cluster is a huge thing. I think we need to get Michael in like an official F5 capacity. We are always talking to him about community. I think that we need to talk about F5 as well, Michael. Only if he wants to.
00:11:05
Speaker
You know, of course I will, but I'm telling you this will go for an hour and a half. Well, I think it's top of mind for us because, you know, we just had Midori from Elodil. We had Avisha on there. And these are all, you know, companies that are tackling this world. And I think they're also taking a different sort of view on
00:11:25
Speaker
what we traditionally have been saying multi-cloud, multi-cluster is like, okay, I'm using multiples. But a lot of these companies are developing solutions that really make multiple clusters look like one. Yeah, a virtual cluster is a one word that I've heard. Absolutely. So a workload spread across multiple clusters, you mentioned Avisha, I missed the first one, but there are other companies that do similar things. The way they differ is really interesting too, because you're always integrating, right? Every large company has
00:11:51
Speaker
Adjacent technologies that you're integrating with so You know I have to take my head off to the guys at f5 because they saw this coming years ago And it took me years to get my head around you know this concept now that I'm sort of catching up I think wow that whoever sort of built these technologies years ago, and I'm really impressed, but yes they it's can be thought of as I guess one logical cluster or one virtual cluster and then you know we go down a rabbit hole from there, but I guess the idea of
00:12:18
Speaker
abstracting and thinking about what really matters is your business value from your application.
Hybrid Cloud Landscape and F5's Strategy
00:12:23
Speaker
We don't want to be too involved with the plumbing underneath.
00:12:25
Speaker
Okay, so like, that's definitely what the vendors are talking about, right? F5 and Veech are those guys. But since you're involved so much in the community, do you see that those are actual challenges? Or this is just vendor talk, then eventually customers will be thinking about the same things. Yeah, that's great. And you know, to call, let's be real, is it just vendor talk? The most insight I get is actually from customers, because in community conversations, it's hard to get really deep with customers I do,
00:12:52
Speaker
It's absolutely a trend. So the average customer, you know, I was talking to one yesterday who had clusters in AKS and then on-prem he has OpenShift. And then another one, you know, the day before who might be in AKS and also in GKE. So there's usually a mix of both cloud and on-prem. There's always a security component to it and existing skills is a really huge issue. And then there's business problems. Do I already have any relationships? So a lot of,
00:13:17
Speaker
complex problems to solve at once. Absolutely. I think it's a hybrid, messy world and it's going to stay that way indefinitely. Yeah, I feel like I've seen and heard a lot of the same things in the community where people want choice, whether that's teams or companies, right? I feel like companies are trying to make sure that their teams can be flexible.
00:13:40
Speaker
in the sense that you have a particular larger company or smaller company, you might have a smaller team within that company that wants to use AKS or OpenShift or that kind of thing. Well, they want to be able to use those tools because they're familiar, they can move faster, they can innovate faster, but they also want these connectivity piece, right? And I like this sort of viewpoint that we're going to as a community to say, hey, we're not trying to force people down
00:14:06
Speaker
one particular road, especially with a lot of the sort of VMs on Kubernetes or OpenShift these days. It's going to be a mixed world down the road. A mixed world is a great... Yeah, so the F5... I keep talking back to F5 because we keep setting these perfect traps. So we have this state of application services report that comes out every year. And in 2023,
00:14:31
Speaker
The overriding theme was there is this hybrid world we're living in and we think it's going to be hybrid indefinitely. So that means hybrid cloud and also hybrid technology. So a mix of traditional workloads on VMs and bare metal and of course in Kubernetes. So if you can marry all of those together and then you don't want to force customers down a particular path like you were saying, so bring your own cluster or bring your own X as often a theme. So if you can have a solution that will
00:14:58
Speaker
adapt to existing technologies, allow people to integrate to their chosen platform, as well as offering a platform, as well as doing things like offering an assess or on-prem.
00:15:08
Speaker
multiple dimensions that you have to be hybrid along. Yeah. And this might be a tangent, but I think the current economic state that we're in in terms of how companies are thinking about their future, I think probably, I don't know about you, plays a big role here, where they can move maybe faster by spending a little more money in cloud and really unblocking people. But at the same time, they want to be able to pull those reins.
00:15:35
Speaker
and say, well, you know, let's cut or let's go back on-prem or be able to kind of do both, right? I mean, it's a guess, it's a hypothesis, right? In the sense that I feel like our current climate and the way people are kind of organizations are looking at the outlook.
00:15:51
Speaker
And instead of making them think about those architectures more, too. Absolutely. So I'll refer again to the state of application services report from F5. One of the questions we ask our customers, and these are large, large customers, are how many workloads are repatriated, meaning they came back from the cloud to on-prem. And I think the number was around 30% last year, and that had grown. And so there's some workloads that, as we know, will always stay on-prem, but also other workloads that are just not
00:16:17
Speaker
suitable for cloud. So there is a hybrid mentality of having workloads that might, it's a delicate balance. You want to, on one hand, have a lot of agility for your developers and in other hand, you want an enterprise wide security standard and you want to enforce that. And how do you do that? It's obviously a delicate balance, but ideally you want to offer customer solutions that you can integrate with or fully adopt and you have, you have multiple sort of consumption models, if you will.
00:16:44
Speaker
I think I need to definitely look up that report and maybe we can add it in our show notes as well when this goes live.
Connecting with Michael O'Leary
00:16:49
Speaker
It might be in the last. We'll have to go look. I don't know if you've mentioned it last time around, but that's a good segue to say thank you for coming on the show again here live. Is there anywhere people can go find more? I know you've mentioned a lot of things so far. So Kubernetes, Boston Meetup, you have CNCF chapter, you have the report. Anything else I'm missing here?
00:17:11
Speaker
You know, I think that's probably it. You can find me on LinkedIn and the Boston Kubernetes Meetup. It's easy to find on meetup.com or you can Google it. You can reach out that way. It's probably the easiest.
00:17:24
Speaker
Great. Thank you again. We'll be right back after this short break. As long time listeners of the Kubernetes Bites podcast know, I like to visit different national parks and go on day hikes. As part of these hikes, it's always necessary to hydrate during and after it's done.
Sponsor Highlight: Liquid IV
00:17:44
Speaker
This is where our next sponsor comes in, Liquid IV. I've been using Liquid IV since last year on all of my national park trips because it's really easy to carry and I don't have to worry about buying and carrying Gatorade bottles with me. A single stick of Liquid IV in 16 ounces of water hydrates two times faster than water and has more electrolytes than ever.
00:18:08
Speaker
The best part is I can choose my own flavor. Personally, I like passion fruit, but they have 12 different options available. If you want to change the way you hydrate when you're outside, you can get 20% off when you go to liquidiv.com and use code KubernetesBytes at checkout. That's 20% off anything you order when you shop better hydration today using promo code KubernetesBytes at liquidiv.com. And we are back.
00:18:49
Speaker
All right, welcome to Kubernetes Bites. We're live here at DevOps Days Boston.
Intel's Security Focus with Yvette Takarapi
00:18:55
Speaker
Why don't you introduce yourself and what you do? Yes, so hello. Thank you for having me. I am Yvette Takarapi. I work at Intel and I focus on our security products. Very cool. So what brings you to DevOps Days Boston? Is this your first time here? It is my first time here. Okay, so how has it been for you so far? What are you getting out of it?
00:19:17
Speaker
It's been great. It's been very good. I really like the topics that they talked, especially because I'm going to have a security focus.
Security Challenges at DevOps Days
00:19:23
Speaker
So we talked about security CICD, some of those challenges, some of the struggles that are going through in the community at work, right?
00:19:33
Speaker
And then also some good resources, some like of the white pagers that is going to tell us about about this zero architecture. And now I just came out of the session of least privilege in AI. So it's been great.
00:19:48
Speaker
Tell us more. We were not attendance in attendance for that talk. So tell us more a little bit about that talk and what you got to have it. Yeah. So for the least privilege, um, talked a little bit about some of the controls, how it could be a human problem. Um, but then, you know, if you want to not have any of that data access, you just unplug it. It was kind of the
00:20:10
Speaker
you're not going to be able to do much with that data. So I was interested because I focus with confidential computing and I didn't tell that that's kind of where it works, right? It's like giving some of those hardware controls at the application virtual machine level to when they're migrating to the cloud or being able to do multi-party collaborations. Okay. You mentioned confidential computing. Yes.
00:20:37
Speaker
Explain that a little bit. I'm unfamiliar with the term.
Intel's Confidential Computing Initiative
00:20:40
Speaker
Yeah, so Intel actually is one of the founding members for Confidential Computing Consortium. And what we kind of started doing some of that is bringing more awareness into like, all right, how are we going to be able to have more secure solutions for our customers? And there were hardware solutions that are using the hardware that are providing trusted execution environments that is isolating at the processor level, but only the application is using it.
00:21:09
Speaker
So when we talk about all these different ways that we can actually limit the access, but also not restrictive because we want to be able to do a lot more with that data, this is allowing you to do that as you're migrating to the cloud, especially some people that don't want to give control to their data when they're going to the cloud. And you can still keep your data, you can still own your data, and you can still collaborate.
00:21:36
Speaker
That's awesome, right? So I want to learn more about it, right? So how does it expose binaries or libraries into Docker, like into container D or into Kubernetes, or how do developers actually make use of that feature that's built at the chip level? I am so glad that you asked that. I am. We get that question so much, right? And it all depends on what is it that you're trying to protect and where does it live. But we facilitated that access recently because we announced Intel Developer Cloud.
00:22:05
Speaker
Design for developers. So that's exactly what we're trying to do. And then we have the TDX, which is isolating the virtual machine that developers can go and access and be able to test it. So before it's even like in some environments, you can access in the Intel cloud. And a lot of our capabilities with AI as well. If they want to start testing, they want to start exploring, that's what it's for. That's why it's called Intel Developer Cloud.
00:22:34
Speaker
Okay, that's awesome. So, you said it's pretty brand new, maybe announced over the last couple of months. Okay, do you see adoption already or was this something because, built because you had a lot of requests from developers who were trying to solve a specific challenge?
00:22:50
Speaker
Yes, yes. I think a lot of developers were like, all right, I have to figure out where this might be available. How can I bring all this together? So we brought the cloud to say, OK, let's enable developers so they don't have to go through all these different rounds. They can get access in sometimes even early access. So you can get early access to start exploring and getting engaged. And now that those capabilities are built in, so much in security and AI.
00:23:19
Speaker
So, um, you know, you mentioned AI, the magic word that we hear everywhere, get so excited.
AI's Role in Security Automation
00:23:25
Speaker
We're going to solve all your problems as we heard several times. So I would love to hear your opinions on sort of, since you have security background, um, what are the sort of top things that, you know, concerns and, or kind of things we need to be sort of looking forward to in the security space from Intel's perspective on AI in general?
00:23:45
Speaker
Yeah, so I think we're looking into automation. We're looking into a lot of data growing. Now we're collaborating in so many different other sectors, but it's also how we're using those tools. Who is using it? How are they going to be getting implemented for what?
00:24:06
Speaker
With the security focus that I have, I look at security with that AI and like, okay, this is just getting so much bigger. And then you automate and make it much faster. It's like, oh, but what metrics, standards, best practices, and community awareness do we have to make all those different phases and processes?
00:24:25
Speaker
to be secure, right? So working in the hardware side is like, how are those built in? What are those capabilities available for our customers that already kind of facilitate that process that are already built in? They can already use those capabilities. In some of the cases, enable it, right? Like with software guard extension, it needs some enablement, but it does provide isolation from the rest of the stack.
00:24:49
Speaker
But then also, what are we doing to bring awareness into not only inside, right, the company, but outside? And communication, because vulnerabilities has been a big deal, right? It's like, okay, now we got this new vulnerability, we got to go patch, update, and we don't have an organized way that we can actually start planning those. And I think focus and security in this side, it has given me that kind of view
00:25:19
Speaker
While we are proactive, we do need to be more proactive. And as we're implementing more of the AI, that's just because more like bigger. Okay. Gotcha. So I want to take a step back, right? Like AI is still brand new. Everybody's still learning about it. Especially like, I know machine learning has been around for a while. Gen AI is the new thing.
00:25:37
Speaker
new kid on the blog, but talking about vulnerabilities, right? And as you said, you're focused on security. Let's see if I'm running confidential computing where only certain applications can be run on top of that platform or that server.
00:25:51
Speaker
Does that help me avoid scenarios where if I get attacked, if somebody puts a ransomware attack or a malware attack, it can allow me to stop random applications or malicious applications to run on those same servers that way adding that defense in depth methodology to security or how does that work? Yeah.
00:26:10
Speaker
All right, so we know that one solution or we don't have like the bulletproof solution, right? I think the way software got extension is like independently of any of those layers that it can get exposed and you know your bios, your hypervisor,
00:26:30
Speaker
where Intel SGX actually helps is actually already isolated from all those different areas. So even if those places do get exposed or do get threat, even today or in the future, you don't know what threats those might be. It's like, well, that's already isolated. Nobody has access to that except the application owner.
00:26:49
Speaker
in the same way with the virtual machine isolation. So it's not like we're gonna give you the solution for all these securities that we really know it's existing like phishing and malware and ransomware, right? But at isolating it kind of like in COVID, right? What were we doing? What were we able to happen? Stay home, 20 months, right?
00:27:13
Speaker
So one theme I think that we've seen talking with various security folks in the ecosystem is this idea of shifting the responsibility left, right, is the term, or more towards the developers.
Integrating Security in Development Processes
00:27:27
Speaker
You mentioned Developer Cloud before, but I'd love to hear your thoughts generally on how as a community or have a DevOps community, we can be better about making sure we're aware of the security aspects earlier on, whether that's in development or during build or those kind of scenarios, that it's not just this
00:27:48
Speaker
tack on after the fact, I'll shove it up in production and then let our security team go, you know, figure it out how to make it better. Yeah, yeah. So we had a session about that yesterday. It was Dec SecOps. Yeah.
00:27:59
Speaker
And that's really what we wanted to discuss. Who's kind of responsible? Is it the developer who does this security focus? Is it like, oh, I just focus on developing and then pass it on to the security team? Is it a best practice? Is there a way that everybody is, how do we focus on this? There was no really product.
00:28:23
Speaker
But that's why we're here. That's why we want to talk about this. So, I come and then, you know, to add a layer to that, you know, everybody is talking about developing and I come from the hardware world. So, I add a layer to that. It's like, well, think about the hardware too. The hardware can help you.
00:28:43
Speaker
When you're talking about security and you're developing, we have built-in capabilities that can help you when you're developing, but we also have software that is taking benefit of those capabilities. So I think it is definitely more of that awareness of saying, okay, one of the things I heard in the sessions was saying,
00:29:07
Speaker
Well, when the developers actually send them to production and they don't meet certain requirements, they get flagged back. So that kind of delays their process. And then at the next time that they're going to be doing something like this, they already take this into account. They're like, well, the security team already told me to do certain things. I'm just going to go ahead and do those because I was already kind of
00:29:30
Speaker
brought back on some of that. So that was good, is good initial thinking already like, oh, I already got some awareness on this, so I'm doing it better next time. Right. Yeah, awareness is a good point, because especially when you're talking about hardware features that need to be sort of
00:29:48
Speaker
taking advantage. Application teams, DevOps teams, platform teams, whatever it may be, they're removed from that layer. So much so, right? We're a fan of abstractions in this ecosystem, especially when we're talking about containers and all the way up from the OS.
00:30:07
Speaker
What's the mechanism, I guess, to make that awareness something that's easy to consume for the developers? Because as we shift more things left, and I've heard this not just in security, putting more and more responsibility on the developers, at what point are we overwhelming that side of the plate? Or do we need to break those developers up into various teams? And then we're just repeating the cycle all over again.
00:30:36
Speaker
Yeah. Yeah. I think both teams, right? I think the security team is also like, Oh, like I don't, I don't want to feel like I'm blocking you. I want you to innovate. I want you to focus on what you're doing. And the developer is like, Oh, I don't want to think about security because I have so many other things I got to think about. Um, so I really liked the approach. So to add to that layer is like, well, let's think about hardware, which is a place that a lot of developers, I don't want to think about it nor deal with it. Exactly. Yeah.
00:31:02
Speaker
So I really like the idea, you know, one of the places where Intel, the developer cloud, you know, it's like, okay, this is built for developers. So that's one way where it's like, have more developers thinking about, you don't have to deal with the cloud, but you can still have all the benefits and reap all the benefits of those capabilities and facilitating that process that's already built in. I think another way it's,
00:31:26
Speaker
Just asking some of those questions like, okay, how can I facilitate this process? Because you don't think of hardware, sometimes you don't even ask those questions like, can I do this in hardware? Can I have some of those hardware controllers that can actually help me in not only my security, but also help me with the application that I'm doing?
00:31:47
Speaker
And that's why I'm here, right? Because in the similar token, I don't deal with a lot of the application development, but I want to learn more about it and learn what
Enhancing Security with Hardware Features
00:31:56
Speaker
are their struggles, what are the things that they're facing with, so that way I can become more aware of like, oh, here's some of what their world looks like when I'm thinking about my kind of world.
00:32:07
Speaker
Yeah, I think in the perspective of learning, I'd love to hear maybe an example of one of these hardware components or features that a DevOps team or an application developer can use. What does it look like surfaced above the hardware? Yeah.
00:32:30
Speaker
So a few of our customers, they have a lot of like different limitations. Some of them are like, okay, I want to go to the cloud, but I can't because this data is confidential and I don't want to lose some of that access. And some of the cases is like, I have so many third parties that I need to collaborate with, but I cannot collaborate with them because this data is so confidential. I don't need it to be, you know,
00:32:53
Speaker
expose or I need to know where it's going to be. So what we do is we guide them into like, all right, what is it that you, what data do you want to protect? Where does it live? And then is that, are you operating in Azure? Are you like, where are you operating? So then we can give you, you know, we collaborate, we have an Azure marketplace that you can actually start testing some of these capabilities. So we give you some of those guides.
00:33:19
Speaker
And you do have a team that can actually give you some of that recommendations on where you can actually take some of the use cases.
00:33:28
Speaker
where you want to go with your business needs. So you're not your own. You're not on your own. Which is always good. I feel like that's a great way to sort of wrap up here because this whole community makes you feel like you're not on your own. Being able to go to these open spaces and really kind of ask the questions from various experts, from various
00:33:51
Speaker
places in the field, security or automation or whatever it may be, it's a really valuable thing. I know I feel like security has been something I've been on a journey learning more and more about in the last few years because of everything in current events that we hear all the time. It's not like we're putting less information out there. We have to make sure that we're focusing on security.
Community's Role in Security Learning and Collaboration
00:34:17
Speaker
As a way to wrap up, where can people find more, get in contact with you or more about some of the work that you've been doing? Yeah, so I am very active on LinkedIn. You can look me up with Yvette, I-V-E-T-T. And this is definitely a community work because I don't think none of us have security, AI, and cloud figured out.
00:34:39
Speaker
So I think it's definitely community until seeing what developers are doing and how we can help in that area. So thank you so much. Absolutely. Thank you. Enjoy the rest of the show. Thank you for listening to the Kubernetes Bites podcast.