Enterprise IT Perspectives Panel Two – Transcript
John Furrier of the Cube talks with Zoura, Ellie Mae and Coupa
>> Narrator: From Santa Clara, California, in the heart of Silicon Valley, it’s theCUBE, covering Altitude 2020. Brought to you by Aviatrix.
>> John: Our next customer panel, got great another set of cloud network architects, Justin Smith with Zuora, Justin Brodley with EllieMae and Amit Utreja with Coupa. Welcome to stage. (audience applauds) (upbeat music)
>> All right, thank you.
>> How are ya? >> Thank you. Thank You. >> Hey Amit. How are ya?
>> Did he say it right? >> Yeah.
>> Okay he’s got all the cliff notes from the last session, welcome back. Rinse and repeat. We’re going to go into the hood a little bit. And I think they nailed what we’ve been reporting, we’ve been having this conversation around, networking is where the action is because that’s at the end of the day you got to move packet from A to B and you got workloads exchanging data. So it’s really killer. So let’s get started. Amit, what are you seeing as the journey of multicloud as you go under the hood and say, “Okay, I got to implement this. “I have to engineer the network, “make it enabling, make it programmable, “make it interoperable across clouds.” That almost sounds impossible to me. What’s your take?
>> Yeah, it seems impossible but if you are running an organization which is running infrastructure as a code it is easily doable. Like you can use tools out there that’s available today, you can use third party products that can do a better job. But put your architecture first, don’t wait. Architecture may not be perfect, put the best architecture that’s available today and be agile, to iterate and make improvements over the time.
>> We get to Justin’s over here, so I have to be careful when I point a question to Justin, they both have the answer. Okay, journeys, what’s the journey been like? Is there phases, We heard that from Gardner, people come into multicloud and cloud native networking from different perspectives? What’s your take on the journey, Justin?
>> Yeah, from our perspective, we started out very much focused on one cloud and as we’ve started doing acquisitions, we started doing new products to the market, the need for multicloud becomes very apparent, very quickly for us. And so having an architecture that we can plug and play into and be able to add and change things as it changes is super important for what we’re doing in the space.
>> Justin, your journey.
>> Yes. For us, we were very ad hoc oriented and the idea is that we were reinventing all the time, trying to move into these new things and coming up with great new ideas. And so rather than it being some iterative approach with our deployments that became a number of different deployments. And so we shifted that toward and the network has been a real enabler of this. There’s one network and it touches whatever cloud we want it to touch, and it touches the data centers that we need it to touch, and it touches the customers that we needed to touch. Our job is to make sure that the services that are available in one of those locations are available in all of the locations. So the idea is not that we need to come up with this new solution every time, it’s that we’re just iterating on what we’ve already decided to do.
>> Before we get the architecture section, I want to ask you guys a question? I’m a big fan of let the app developers have infrastructure as code, so check. But having the right cloud run that workload, I’m a big fan of that, if it works great. But we just heard from the other panel, you can’t change the network. So I want to get your thoughts, what is cloud native networking? And is that the engine really, that’s the enabler for this multicloud trend? What’s you guys take? We’ll start with Amit, what do you think about that?
>> Yeah, so you’re going to have workloads running in different clouds and the workloads would have affinity to one cloud or other. But how you expose that it’s a matter of how you are going to build your networks. How you’re going to run security. How you’re going to do egress, ingress out of it so —
>> You said networking is the big problem to solve. >> Yes.
>> What’s the solution? What’s the key pain points and problem statement?
>> The key pain point for most companies is how do you take your traditionally on premise network and then blow it out to the cloud in a way that makes sense. You have IP conflicts, you have IP space, you have public IPs on premise as well as in the cloud. And how do you kind of make sense of all of that? And I think that’s where tools like Aviatrix make a lot of sense in that space.
>> From our side, it’s really simple. It’s a latency, it’s bandwidth and availability. These don’t change whether we’re talking about cloud or data center, or even corporate IT networking. So our job when these all of these things are simplified into like, S3, for instance and our developers want to use those. We have to be able to deliver that and for a particular group or another group that wants to use just just GCP resources. We have to support these requirements and these wants, as opposed to saying, “Hey, that’s not a good idea.” No, our job is to enable them not to disable them.
>> Do you guys think infrastructure is code? Which I love that, I think that’s the future in this. We even saw that with DevOps. But as you start getting the networking, is it getting down to the network portion where its network as code? Because storage and compute working really well, we’re seeing all Kubernetes on service mesh trend. Network has code, reality is it there? Is it still got work to do?
>> It’s absolutely there, you mentioned net DevOps and it’s very real. In Coupa we build our networks through terraform and not only just terraform, build an API so that we can consistently build VNets and VPC all across in the same way.
>> So you guys are doing it? >> Yup. And even security groups. And then on top and Aviatrix comes in, we can peer the networks bridge all the different regions through code.
>> Same with you guys. >> Yeah.
>> What do you think about this?
>> Everything we deploy is done with automation and then we also run things like Lambda on top to make changes in real time, we don’t make manual changes on our network. In the data center, funny enough, it’s still manual but the cloud has enabled us to move into this automation mindset. And all my guys, that’s what they focus on is bringing, now what they’re doing in the cloud into the data center, which is kind of opposite of what it should be or what it used to be.
>> It’s full DevOps then? >> Yes.
>> For us, it was similar on-prem is still somewhat very manual, although we’re moving more and more to ninja and terraform type concepts. But everything in the production environment is code, confirmation terraform code and now coming into the data center same (mumbles).
>> So I just wanted to jump in Justin Smith, one of the comment that you made, because it’s something that we always talk about a lot is that the center of gravity of architecture used to be an on-prem and now it’s shifted in the cloud. And once you have your strategic architecture, what do you do? You push that everywhere. So what you used to see at the beginning of cloud was pushing the architecture on-prem into cloud. Now, I want to pick up on what you said, do you others agree that the center of gravity is here, I’m now pushing what I do in the cloud back into on-prem? And then so first that and then also in the journey, where are you at from zero to 100 of actually in the journey to cloud? Are you 50% there, are you 10%? Are you evacuating data centers next year? Where are you guys at?
>> Yeah, so there’s there’s two types of gravity that you typically are dealing with, with the migration. First is data, gravity and your data set, and where that data lives. And then the second is the network platform that wraps all that together. In our case, the data gravity solely mostly on-prem but our network is now extending out to the app tier, it’s going to be in cloud. Eventually, that data, gravity will also move to cloud as we start getting more sophisticated but in our journey, we’re about halfway there. About halfway through the process, we’re taking a handle of lift and shift and —
>> Steve: And when did that start?
>> We started about three years ago.
>> Okay, okay.
>> Well for Coupa it’s a very different story. It started from a garage and 100% on the cloud. So it’s a business plan management platform, software as a service run 100% on the cloud.
>> That was was like 10 years ago, right?
>> Yes. >> Yeah.
>> You guys are riding the wave of the architecture. Justin I want to ask you, Zuora, you guys mentioned DevOps. Obviously, we saw the huge observability wave, which essentially network management for the cloud, in my opinion. It’s more dynamic, but this is about visibility. We heard from the last panel you don’t know what’s being turned on or turned off from a services standpoint, at any given time. How is all this playing out when you start getting into the DevOps down (mumbles)?
>> This is the big challenge for all of us is visibility. When you talk transport within a cloud, very interestingly we we have moved from having a backbone that we bought, that we own, that would be data center connectivity. Zuora’s a subscription billing company, so we want to support the subscription mindset. So rather than going and buying circuits and having to wait three months to install and then coming up with some way to get things connected and resiliency and redundancy. My backbone is in the cloud. I use the cloud providers interconnections between regions to transport data across and so if you do that with their native solutions, you do lose visibility. There are areas in that that you don’t get, which is why controllers and having some type of management plane is a requirement for us to do what we’re supposed to do and provide consistency while doing it.
>> Great conversation. I loved what you said earlier latency, bandwidth, I think availability were your top three things. Guys SLA, just do ping times between clouds it’s like, you don’t know what you’re getting for round trip time. This becomes a huge kind of risk management, black hole, whatever you want to call it, blind spot. How are you guys looking at the interconnect between clouds? Because I can see that working from ground to cloud on per cloud but when you start dealing with multiclouds workloads, SLAs will be all over the map, won’t they just inherently. How do you guys view that?
>> Yeah, I think we talked about workload and we know that the workloads are going to be different in different clouds, but they’re going to be calling each other. So it’s very important to have that visibility, that you can see how data is flowing at what latency and what availability is there and our authority needs to operate on that.
>> So use the software dashboard, look at the times and look at the latency —
>> In the old days, Strongswan Openswan you try to figure it out, in the new days you have to figure out.
>> Justin, what’s your answer to that because you’re in the middle of it?
>> Yeah, I think the key thing there is that we have to plan for that failure, we have to plan for that latency in our applications. If certain things are tracking in your SLI, certain things are planning for and you loosely coupled these services in a much more microservices approach. So you actually can handle that kind of failure or that type of unknown latency and unfortunately, the cloud has made us much better at handling exceptions in a much better way.
>> You guys are all great examples of cloud native from day one. When did you have the tipping point moment or the epiphany of saying a multiclouds real, I can’t ignore it, I got to factor that into all my design principles and everything you’re doing? Was there a moment or was it from day one?
>> There are two reasons, one was the business. So in business, there were some affinity to not be in one cloud or to be in one cloud and that drove from the business side. So as a cloud architect our responsibility was to support that business. Another is the technology, some things are really running better in, like if you’re running Dotnet workload or your going to run machine learning or AI so that you would have that preference of one cloud over other.
>> Guys, any thoughts on that?
>> That was the bill that we got from AWS. That’s what drives a lot of these conversations is the financial viability of what you’re building on top of. This failure domain idea which is fairly interesting. How do I solve our guarantee against a failure domain? You have methodologies with back end direct connects or interconnect with GCP. All of these ideas are something that you have to take into account but that transport layer should not matter to whoever we’re building this for. Our job is to deliver the frames and the packets, what that flows across, how you get there? We want to make that seamless. And so whether it’s a public internet API call or it’s a back end connectivity through direct connect, it doesn’t matter. It just has to meet a contract that you’ve signed with your application, folks.
>> Yeah, that’s the availability piece.
>> Justin, your thoughts on that, any comment on that?
>> So actually multiclouds become something much more recent in the last six to eight months, I’d say. We always kind of had a very much an attitude of like moving to Amazon from our private cloud is hard enough, why complicate it further? But the realities of the business and as we start seeing, improvements in Google and Azure and different technology spaces, the need for multicloud becomes much more important. As well as our acquisition strategies are matured, we’re seeing that companies that used to be on premise that we typically acquire are now very much already on a cloud. And if they’re on a cloud, I need to plug them into our ecosystem. And so that’s really changed our multicloud story in a big way.
>> I’d love to get your thoughts on the clouds versus the clouds, because you compare them Amazon’s got more features, they’re rich with features. Obviously, the bills are high to people using them. But Google’s got a great network, Google’s networks pretty damn good And then you got Azure. What’s the difference between the clouds? Where do they fall? Where do they peak in certain areas better than others? What are the characteristics, which makes one cloud better? Do they have a unique feature that makes Azure better than Google and vice versa? What do you guys think about the different clouds?
>> Yeah, to my experience, I think the approach is different in many places. Google has a different approach very DevOps friendly and you can run your workloads with your network can span regions. But our application ready to accept that. Amazon is evolving. I remember 10 years back Amazon’s network was a flat network, we would be launching servers in 10.0.0/8, right. And then the VPCs came out.
>> We’ll have to translate that to English for the live feed. Not good. So the VPCs concept came out, multi account came out, so they are evolving. Azure had a late start but because they have a late start, they saw the pattern and they have some mature setup on the network.
>> They’ve got around the same price too.
>> I think they’re all trying to say they’re equal in their own ways. I think they all have very specific design philosophies that allow them to be successful in different ways and you have to kind of keep that in mind as you architect your own solution. For example, Amazon has a very regional affinity, they don’t like to go cross region in their architecture. Whereas Google is very much it’s a global network, we’re going to think about as a global solution. I think Google also has advantage that it’s third to market and so has seen what Azure did wrong, it seeing what AWS did wrong and it’s made those improvements and I think that’s one of their big advantage.
>> They got great scale too. Justin thoughts on the cloud.
>> So yeah, Amazon built from the system up and Google built from the network down. So their ideas and approaches are from a global versus original, I agree with you completely that is the big number one thing. But the if you look at it from the outset, interestingly, the inability or the ability for Amazon to limit layer to broadcasting and what that really means from a VPC perspective, changed all the routing protocols you can use. All the things that we had built inside of a data center to provide resiliency and make things seamless to users, all of that disappeared. And so because we had to accept that at the VPC level, now we have to accept that at the WAN level. Google’s done a better job of being able to overcome those things and provide those traditional network facilities to us.
>> Just a great panel, we could go all day here, it’s awesome. So I heard, we will get to the cloud native naive questions. So kind of think about what’s naive and what’s cloud, I’ll ask that next but I got to ask you I had a conversation with a friend he’s like, “WAN is the new LAN?” So if you think about what the LAN was at a data center, WAN is the new LAN, cause you keep talking about the cloud impact? So that means ST-WAN, the old ST-WAN kind of changing. There’s a new LAN. How do you guys look at that? Because if you think about it, what LANs were for inside a premises was all about networking, high speed. But now when you take the WAN and make it, essentially a LAN, do you agree with that? And how do you view this trend? Is it good or bad or is it ugly? What you guys take on this?
>> Yeah, I think it’s a thing that you have to work with your application architects. So if you are managing networks and if you’re a server engineer, you need to work with them to expose the unreliability that it would bring in. So the application has to handle a lot of the difference in the latencies and the reliability has to be worked through the application there.
>> LAN, WAN, same concept is that BS? Can you give some insight? >> I think we’ve been talking about for a long time the erosion of the edge. And so is this just a continuation of that journey we’ve been on for last several years. As we get more and more cloud native and we talked about API’s, the ability to lock my data in place and not be able to access it really goes away. And so I think this is just continuation. I think it has challenges. We start talking about WAN scale versus LAN scale, the tooling doesn’t work the same, the scale of that tooling is much larger. and the need to automation is much, much higher in a WAN than it wasn’t a LAN. That’s why you’re seeing so much infrastructure as code.
>> Yeah. So for me, I’ll go back again to this, it’s bandwidth and its latency that define those two LAN versus WAN. But the other thing that’s comes up more and more with cloud deployments is whereas our security boundary and where can I extend this secure aware appliance or set of rules to protect what’s inside of it. So for us, we’re able to deliver VRFs or route forwarding tables for different segments wherever we’re at in the world. And so they’re trusted to talk to each other but if they’re going to go to someplace that’s outside of their network, then they have to cross the security boundary, where we enforce policy very heavily. So for me, there’s it’s not just LAN, WAN it’s how does environment get to environment more importantly.
>> That’s a great point in security, we haven’t talked it yet but that’s got to be baked in from the beginning, this architecture. Thoughts on security, how you guys are dealing with it?
>> Yeah, start from the base, have app to app security built in. Have TLS, have encryption on the data at transit, data at rest. But as you bring the application to the cloud and they’re going to go multicloud, talking to over the internet, in some places, well have app to app security.
>> Our principles day, security is day zero every day. And so we always build it into our design, build into our architecture, into our applications. It’s encrypt everything, it’s TLS everywhere. It’s make sure that that data is secure at all times.
>> Yeah, one of the cool trends at RSA, just as a side note was the data in use encryption piece, which is homomorphic stuff was interesting. Alright guys, final question. We heard on the earlier panel was also trending at re:Invent, we think the T out of cloud native, it spells cloud naive. They have shirts now, Aviatrix kind of got this trend going. What does that mean to be naive? To your peers out there watching the live stream and also the suppliers that are trying to supply you guys with technology and services, what’s naive look like and what’s native look like? When is someone naive about implementing all this stuff?
>> So for me, because we are in 100% cloud, for us its main thing is ready for the change. And you will find new building blocks coming in and the network design will evolve and change. So don’t be naive and think that it’s static, evolve with the change.
>> I think the biggest naivety that people have is that well, I’ve been doing it this way for 20 years, I’ve been successful, it’s going to be successful in cloud. The reality is that’s not the case. You got to think some of the stuff a little bit differently and you need to think about it early enough, so that you can become cloud native and really enable your business on cloud.
>> Yeah for me it’s being open minded. Our industry, the network industry as a whole, has been very much I’m smarter than everybody else and we’re going to tell everybody how it’s going to be done. And we fell into a lull when it came to producing infrastructure and so embracing this idea that we can deploy a new solution or a new environment in minutes as opposed to hours, or weeks or months in some cases, is really important in and so —
>> It’s naive being closed minded, native being open minded. >> Exactly. For me that was a transformative kind of where I was looking to solve problems in a cloud way as opposed to looking to solve problems in this traditional old school way.
>> All right, I know we’re at a time but I got to asked one more question, so you guys so good. Give me a quick answer. What’s the BS language when you, the BS meter goes off when people talk to you about solutions? What’s the kind of jargon that you hear, that’s the BS meter going off? What are people talking about that in your opinion you here you go, “That’s total BS?” What triggers you?
>> So that I have two lines out of movies if I say them without actually thinking them. It’s like 1.21 gigawatts are you out of your mind from Back to the Future right? Somebody’s giving you all these wiz bang things. And then Martin Maul and Michael Keaton in Mr Mom when he goes to 220, 221, whatever it takes.
>> Yeah. >> Those two right there, if those go off in my mind where somebody’s talking to me, I know they’re full of baloney.
>> So a lot of speeds and feeds, a lot of speeds and feeds a lot of —
>> Just data. Instead of talking about what you’re actually doing and solutioning for. You’re talking about, “Well, it does this this this.” Okay to 220, 221. (laughter)
>> Justin, what’s your take?
>> Anytime I start seeing the cloud vendors start benchmarking against each other. Your workload is your workload, you need to benchmark yourself. Don’t listen to the marketing on that, that’s just awful.
>> Amit, what triggers you in the BS meter?
>> I think if somebody explains to you are not simple, they cannot explain you in simplicity, then it’s all bull shit.
>> (laughs) That’s a good one. Alright guys, thanks for the great insight, great panel. How about a round of applause to practitioners.
(audience applauds) (upbeat music)