#143 March 24, 2021
Grant Miller is the co-founder and CEO of Replicated, which helps operationalize and scale the delivery of Kubernetes-based apps into the enterprise. We look at what it means to be enterprise software in a SaaS world, and we also get some 2021 predictions from guest host Liz Rice.
Do you have something cool to share? Some questions? Let us know:
CRAIG BOX: Hi, and welcome to tThe Kubernetes Podcast from Google. I'm Craig Box, with my very special guest host, Liz Rice.
[MUSIC PLAYING]
Welcome back to the show, Liz.
LIZ RICE: Thank you very much. It's been a while.
CRAIG BOX: It has. It was September 2018 in episode 19 when you joined us. I like to tell people not much has changed in the world since then.
LIZ RICE: Things have changed since then. Definitely.
CRAIG BOX: Well, for you, at least.
LIZ RICE: Well, for me, definitely, things have changed in the last couple of weeks. Because I have recently got a new job. I have joined Isovalent.
CRAIG BOX: Congratulations. Did you find the furnishings have improved substantially, compared to your last job?
LIZ RICE: It's very strange joining a new team in the middle of a pandemic and realizing that, actually, your working environment is identical. But you know, new people, new projects, lots of exciting things going on inside Isovalent.
CRAIG BOX: Yes, we spoke to Thomas recently. And we'll put a link to that episode in the show notes. What's he like?
LIZ RICE: He's great. I've known Thomas for probably four years, I think. I remember seeing him present Cilium at DockerCon. I think it was 2017. And he had that amazing demo involving "Star Wars" and whether or not you can blow up the Death Star. If only the Empire had been using cilium to protect the Death Star, they'd have been fine.
And I've been kind of impressed by Cilium ever since. So time has passed. And at long last, I've joined Isovalent to work on the project.
CRAIG BOX: Well, congratulations. Since last time we spoke, you've not only joined the TOC of the CNCF, but you were elected their chairperson?
LIZ RICE: That's true, yes.
CRAIG BOX: One of the benefits of that role is that you get asked to do keynotes for KubeCons. And in the last virtual KubeCon event, last year, you had a video with some predictions for 2021. And we figured that, today, it might be good to maybe put the tech aside and follow up with a few more Liz Rice predictions for 2021. So first question, where do you predict you will go first when the lockdown ends?
LIZ RICE: Oh, you mean beyond the end of my street?
CRAIG BOX: Mm-hmm.
LIZ RICE: Just this weekend I had a real craving to go for a pub lunch. Really, really, really badly wanted a pub lunch. So I can't wait 'til we can do that on the weekend.
But then when I can go further afield, I think pretty much evens on whether or not KubeCon in LA is going to happen. Well, I think there's a reasonably good chance that it will happen with an in-person element, but whether or not people can travel from abroad and whether it will make sense for those of us in London to be traveling to the US. I don't see that as a certainty, but fingers crossed.
CRAIG BOX: I'm on the record as saying that there will be a physical element, but it will basically only be Americans. I think very few international travelers, if any, will attend that event.
LIZ RICE: I think that's quite likely, yeah.
CRAIG BOX: Exports of British cheese, we learned recently, collapsed by over 85% in the first month since Brexit. Which British cheese will lead the recovery?
LIZ RICE: Cheddar is the classic. You know, there is no better cheddar than British cheddar.
CRAIG BOX: There is not. But cheddar is very much like how vanilla is used for flavorless ice cream, even though vanilla has wonderful flavor in and of itself. Cheddar is very much used as the cheese for when you can't select a better cheese.
LIZ RICE: There is no better cheese.
CRAIG BOX: Wensleydale? Stilton? Nothing? Not a "Wallace and Gromit" fan?
LIZ RICE: Stilton has a time and a place. I think blue cheese on a burger is always a good call.
CRAIG BOX: Bringing it back to the pub lunch. I like that.
LIZ RICE: [LAUGHS]
CRAIG BOX: Will we ever have full level five self-driving?
LIZ RICE: So I'm not super familiar with what the different levels are. But I definitely think that computers will be better at driving than humans. Humans are pretty bad.
So I don't think it will be many years before cars are better at it, if they're not already. It's really more a case of persuading people and getting people to trust. And as we all know, getting trust takes a lot of work.
CRAIG BOX: Level five I understand to be, you never need to be involved yourself. Effectively, you can sleep the entire time. You don't have to be able to drive. You can be blind, et cetera.
And as far as driving is concerned, it's one of those things where I feel there was a little bit of a regression. Because in the old days, you'd ride down to the saloon on your horse, and you may have a few whiskies, and you'd basically get on your horse, drunk as you like, and get home reasonably safely. So the self-driving system didn't really require a lot of input from the human. But since horses went out and cars came in, there's definitely been a regression in performance there.
LIZ RICE: Yeah, I think that's true. I'm not a huge fan of the idea-- I don't know what level this would be-- that you're going to have to pay some attention, but not really very much. Because I think that's like the uncanny valley of driving.
CRAIG BOX: Yeah, I think level three to four is what that is. And I'm pretty sure that that's about where we are and possibly where we will top out.
LIZ RICE: Yeah, but it's the worst of all worlds, right? You have to concentrate to prevent disaster, but you're not actually engaged in the activity. I see that leading to bad things.
I don't know. I don't even like putting on cruise control. I feel like, if I have cruise control, and I don't have automatic distance sensors to put the brakes on, I'll be going, YEAH but I don't have to do anything about the speed. Oh, oh, yeah, there's a car coming. I should probably slow down now.
CRAIG BOX: Do you like climate control or winding the window down?
LIZ RICE: Definitely climate control, 100%.
CRAIG BOX: And finally, Prince Harry has just been announced as chief impact officer at a Bay Area wellness startup. Which hyperscale cloud provider is now most likely to acquire that startup?
LIZ RICE: Oh, what a great question. I think he needed a job, right? He needed to find some income from somewhere.
CRAIG BOX: He's got to pay for all that expensive Santa Barbara real estate somehow.
LIZ RICE: Yeah. So Facebook does have a history of acquiring UK politicians or employing UK politicians. So maybe they want to round out the set.
CRAIG BOX: Perhaps.
LIZ RICE: Because they have Nick Clegg, who was deputy prime minister back in the day. So maybe they want to add some royalty to that as well.
CRAIG BOX: Well, Mark, make the call. Thank you for your predictions. And with that, let's get to the news.
[MUSIC PLAYING]
CRAIG BOX: Mesh and API gateway vendor Solo.io has reached "host its own conference" level with a number of announcements coming in from SoloCon this week. Gloo Cloud offers Istio as a service, with the Solo team providing complete lifecycle management of the popular service mesh. Hostiyour-own Gloo Mesh has gained multicluster observability and virtual destinations for locality-based routing.
Gloo Edge 2.0 makes their API gateway a first-class citizen in Istio, offering a single virtual gateway spanning multiple clusters and support for the new Kubernetes Gateway API. Finally, the Gloo Portal, a developer portal using Istio to publish APIs, now supports gRPC. All of these products will be available in beta in Q2. Learn more about the founding of Solo in episode 55.
LIZ RICE: Another vendor offering an Envoy-powered API gateway is Mesh7, a Bay Area company which has this week been acquired by VMware. Mesh7 is a contextual API behavior security solution, and VMware intends to integrate it with their Istio-powered Tanzu service mesh. Terms of the deal were not disclosed.
CRAIG BOX: A number of networking improvements to Google Cloud's GKE this week. Most pleasing for many of you will be that you can now add extra pod subnets to a cluster, allowing an increase in the maximum number of pods. If you're publishing services using Google's internal load balancer, you can now scale those clusters past 250 nodes. Both features are in preview.
Meanwhile, AWS has proudly proclaimed that they have reduced EKS cluster creation time by 40%, suggesting that, on average, creating a cluster now only takes nine minutes. In case you're wondering if you should be impressed by that, I started creating a GKE cluster when we started the news section, and it's finished already. Sorry Amazon, but you've still got at least six minutes to go.
LIZ RICE: NetApp acquired Spot in July 2020,. and recent Spot features have been around optimizing cost for running services on top of Kubernetes. This week, they launched Spot Wave, which promises up to 90% cost savings on running Apache Spark, using a mix of preemptible, Spot, on-demand, and reserved instances. The Spot Ocean engine that Wave uses supports GKE and EKS and now has added support for AKS.
CRAIG BOX: Continuous integration vendor CircleCI has released version 3.0 of their CircleCI server on prem version. This release promises faster access to features from the cloud product for the enterprise user, powered by replicators KOTS, with a K. An incredibly timely release given this week's interview. Fun fact-- CircleCI uses Kubernetes to run Nomad.
LIZ RICE: Hybrid Kubernetes platform and possible Bond villain organization Spektra-- with a K-- from Diamanti, added support for Google Cloud platform with their 3.2 release. Spektra is built on the ultimate data plane, not to be confused with the series of computer games of the same name. And you can now run hybrid Ultima environments spanning on prem, GCP, Azure, and AWS. GA support for the CRI-O runtime rounds out the release.
CRAIG BOX: Sonatype has added security scanning to its Nexus software delivery platform. In partnership with NeuVector, Nexus container continuously scans for security vulnerabilities and compliance misconfigurations, and prevents vulnerable images from deploying using admission control. It offers behavior-based runtime incident detection and inspection and uses deep packet inspection to implement data loss protection and protect against zero-day attacks.
LIZ RICE: The CNCF TOC has just held an election to appoint a member-appointed seat. They elected Davanum Srinivas, also known as Dims, from VMware to join for a two-year term, replacing Michelle Noorali of Microsoft, who we'll miss a lot, and we wish her very well. Reached for comment, TOC chair Liz Rice said-- wait, no, but that's me. [LAUGHS]
CRAIG BOX: Finally, you've surely seen the tweet with the flatbed truck carrying the toy truck and the caption, "Running your personal blog on Kubernetes." In case you haven't, it's embedded in Marcus Buffett's blog post entitled "Unironically Using Kubernetes for my Personal Blog." Why? Eventual power after a lot of learning. The same reason people use Vim or the Dvorak keyboard, only one of which Marcus suggests you should bother with.
LIZ RICE: And that's the news.
[MUSIC PLAYING]
CRAIG BOX: Grant Miller is the co-founder and CEO of Replicated, which helps operationalize and scale the delivery of Kubernetes-based apps into the enterprise. He is a serial entrepreneur, having sold his first company to LivePerson in 2012. Welcome to the show, Grant.
GRANT MILLER: Thank you so much for having me.
CRAIG BOX: You did a business degree. And while you were at school, you did a co-op term with an internet company. It sounds like you might have liked it, because you stayed there for a few years.
GRANT MILLER: Yeah. I grew up in Cincinnati, Ohio, and I went to the University of Cincinnati. And the program that I was a part of had this great co-op program. And I was able to work for this company called SparkPeople, which was in the health and wellness space.
And it was founded by a team that had sold their first company to eBay. I think they got 1% of eBay pre-IPO. They had what initially was a small acquisition to a huge acquisition.
CRAIG BOX: Retirement money.
GRANT MILLER: Yeah, yeah. But I learned a ton from this team. They were just super smart and thoughtful. And it's sort of where I made my progression and realized I needed to work at startups, because I loved that ability to really impact what the business is going to do. And also, I was able to get really close to the product and the technology. While I was there, I was teaching myself how to program.
It's funny. When I was in business school, my favorite class was the one programming class. But for some reason, my approach to education was always like, it's a game. Just get as many As as possible for as little work as possible.
And so the computer science things, I was like, well, these are fun. Maybe I'll audit them. But I don't really want to be graded on this really deep class. I want to be graded on the easiest stuff.
CRAIG BOX: Fair enough.
GRANT MILLER: I loved those classes.
CRAIG BOX: While you were at SparkPeople, you moved out to California and then worked remotely for them. What encouraged you to do that?
GRANT MILLER: Again, I'd been in Cincinnati, Ohio. I grew up on the working class side of town. I think I was on my first plane when I was 18 years old. So I really wanted to explore a bit more.
And California, my brother was living there at the time, and I could kind of work wherever I really wanted. And I moved to LA, and the beach, and the hiking, and everything else that's available. Really amazing place. And so I stayed there for 12 years.
CRAIG BOX: If not for the pandemic, would you still be there now?
GRANT MILLER: Yeah, I would be. Replicated went fully remote during the pandemic, embracing the idea that, hey, we can live anywhere. And as the CEO, I said, well, if we're really going to be fully remote, I should move out of LA. And we decided to move down to Austin, Texas, where my wife and I bought a house, had a baby, did all the things that you do when you start to "adult".
CRAIG BOX: Lovely. One of the things you do on the path to adulthood, perhaps, is start some companies. Now, Replicated is actually the second startup that you've founded with your co-founder, Marc Campbell. How did the two of you meet?
GRANT MILLER: Marc and I met at a co-working space in LA. We were both there nights and weekends after our day jobs.
He's this incredible engineer and architect. And he was building his own companies. And I was, again, building my own. I taught myself how to program. I think I was building some search engine that did something with social media likes, integrated those two together.
Marc and I were both helping each other. I was helping with marketing and customer acquisition. And he was helping me with programming.
And then eventually, we realized we're both much better at the thing that we specialize in. So instead of, let's get those gains, let's combine and work on something together. And he came up with this idea for Look.io. He was developing a mobile app at the time for a company called TigerText.
And he was like, I need a way to view the screen of my users to support them. We brought it to a Startup Weekend. He launched it there. I kind of helped him figure out how to message it to everyone.
The funny thing is, when he first told me the idea, I was like, "oh, it's LivePerson for mobile". It's funny, because, then, nine months later, LivePerson acquired the company. But it was this really amazing experience together of starting our first company, all the fear of not knowing what's going to happen when you don't have a salary. We hadn't raised any money. And it was a really, really interesting and fun time together.
Yeah, and this is the second company we've started. Both these companies were Marc's ideas. He's just super insightful, and really always following the trends that are emerging and the new technologies, and will pick up a new language. And so my job has always just been, how can I help Marc be as successful as possible?
I always find these entrepreneurs that want a developer to build their idea for them. And I'm like, you're doing it wrong. You need to find a really amazing engineer who has an idea that they want to build and then just go help them put a business model around it.
That's been my whole approach with Marc. And having taught myself how to program, I always say I'm a crappy friend and engineer, basically. And so it's always a fun way to see and understand what we're building, and be able to explain it to folks, and then really focus on the fundraising and hiring side of it-- whatever I can do to make him successful.
CRAIG BOX: Do you think that it's possible to be a good co-founder on the business side without any background in programming?
GRANT MILLER: Not in the space that we're in. You need at least some. I'm also not a big credential person, so a degree doesn't really matter. Marc didn't finish his degree. He went to school and had one quarter left for a computer science degree and never finished it.
We've hired some really amazing folks who don't have degrees. So it doesn't necessarily have to be a degree. But I think you have to know enough on the business side to really be dangerous, and then do whatever you can to help your team succeed. I think, if I hadn't taught myself how to program, it would have been very hard to understand why Marc was an exceptional talent that I should get behind.
CRAIG BOX: Why he can spend three days and only have one line of code as the output.
GRANT MILLER: Yeah, exactly, yeah. [LAUGHS] Or deleted a bunch of code.
CRAIG BOX: Exactly. Back then you said that, after nine months, the company sold for, quote, "millions". Has enough time passed that you're allowed to say how many?
GRANT MILLER: Yeah, it wasn't very many. It was literally three and a half million. So at that time, it was a huge amount of money to us. I mean, it still is a lot of money.
Now we've raised 10 times more than that. And I was paying myself $24,000 a year when we got acquired. So we went from super poor to, OK, we actually have a little bit of money and stable jobs. We got a really amazing chance to learn from the team at LivePerson as well.
CRAIG BOX: And that's not a bad return for nine months of effort.
GRANT MILLER: It was pretty good. I mean, in terms of timeline, to start a company and sell it later for $3.5 million, it felt pretty good. And it was such a crazy ride. I always say, if starting a company is like swimming across the ocean, with Look.io, we basically just weren't drowning. That's all the progress we were making.
CRAIG BOX: Treading water, you say.
GRANT MILLER: Yeah, exactly. [LAUGHS]
CRAIG BOX: You were acquired by LivePerson. How long did you work there after the acquisition? And did you keep developing your ideas from Look.io. or were you just part of the big company at this point?
GRANT MILLER: We stayed there for two and a half years,. and we ran the mobile team. And LivePerson is this really amazing company. It's been a SaaS enterprise software company for 20-something years with the same founders, the CEO, Robert Locascio.
They've hired incredible execs from across the industry. And so we jumped in, and we really had a chance to work with a lot of different enterprises from banks and telcos in the US and Japan, all across the world and just learn so much about enterprise software that we stayed as long as we could. But eventually, Marc was just really excited when Docker launched. And he was like, oh, this is this really cool technology. It's going to change the game.
And Marc and I were always looking for platform shifts. So platform shifts are these things that come and happen in industries. And they're very rare. But when they do happen, that's when the biggest companies are formed. And he was like, this thing is going to change how people build and deploy software. Everything's going to be rethought in its image.
CRAIG BOX: Replicated started in 2015. So obviously, as you say, Docker is a thing at this point. But Kubernetes isn't quite a thing. What was the thought process behind the technology and how you're going to operationalize the nascent Docker revolution?
GRANT MILLER: So Marc's idea was, instead of all of these software companies only offering either a SaaS version or an on-prem version, if they use containers, that would be this unit of portability. And they could distribute those containers to their customers to run them privately in their own environment-- so very much the same concept that we still are doing today. The difference is the unit of portability.
So previously, we thought it was containers, so we wrote our own lightweight orchestration and scheduling. Eventually, we realized the real power is in providing this for a full platform-- so not only the containers, but the manifests that then know how to operate those containers. And if that orchestration scheduling system is consistent across all of these organizations, then it basically becomes the substrate for how enterprise software can be delivered.
CRAIG BOX: A lot of people were adopting cloud software because it was far and away better than the traditional alternatives, for many reasons. If you look at email, for example, you've got Gmail and things that followed it. But then you compare that to Lotus Notes, and there is a 15-year jump you can get on old software that you have. So a lot of people were willing to overlook the fact that it wasn't run behind their firewall to do this. What was the alternative to people who wanted to be in the middle of that?
GRANT MILLER: What we saw in the industry before Replicated and before Kubernetes was these dual tracks. You could either be a SaaS company or you could be an on-prem software company. And the folks that were building on-prem software were building these very custom bespoke installers, these systems that would require 127-page install guide to understand how to actually operationalize it. Because you were basically getting a binary, and then you were getting, like, go set up Tomcat, and your Java runtime, and your JDBC connectors, and do all these things. And so it really required this massive operational lift in order to operate it.
Middle ground at the time, if you look at who implemented a version of SaaS and on-prem the best, it was GitHub. And so GitHub had GitHub Enterprise.
They basically took the same code. They didn't create two different products like Atlassian did. They had the same product. And they just took the cloud product and they basically put it into a VM and delivered it to their customers.
Obviously, a VM doesn't really provide the scalability that you're going to get with a horizontally scalable Kubernetes-based application, nor does it actually truly operate in the same way. It's more like a virtual appliance rather than a truly distributed system.
CRAIG BOX: Yeah, it's the modern equivalent of shipping a box that just goes to the data center.
GRANT MILLER: Exactly, yeah.
CRAIG BOX: How were those appliances operationalized back in the day?
GRANT MILLER: We always joked, 20 years ago, not only would you have to run the application, you'd have to set up all the hardware. You would have IT admins who were racking and stacking physical boxes into a server closet or a new colo facility and then setting up a new power supply and all the things that you had to do in order to actually even just get the foundations of this going. And so there was all this manual effort in order to actually run these applications.
And then maybe you were loading into vSphere. Or maybe you were writing some scripts in Ansible or Puppet, and there's all these one-off things. But again, just a very manual, bespoke process, because, at the time, software operations was very manual. Even a lot of SaaS companies were spending time SSH-ing into servers and making changes.
And so what we've seen over the last six or seven years, particularly with the advent of Kubernetes, is that you're no longer manually operating these applications if you're doing it well. We really found that the industry moved towards creating manifests that would describe to an underlying platform how to operate the application. And then as that platform has become common and fairly ubiquitous, it's almost like anybody with a Kubernetes cluster can run any application developed for the Kubernetes cluster.
Obviously, there are some different dependencies. And you might need an operator or some specific plug-in for networking. But generally, you can validate those before you would ever install the application.
CRAIG BOX: Now that you have the container runtime and that substrate provided by Kubernetes, a lot of people who have the engineering mindset might say, the job is done. I have the things. I have the pipe cleaners and string mentality, I like to think of it. What's the magic that Replicated brings on top of that? And why shouldn't a vendor just build the thing themselves?
GRANT MILLER: It's a really important question. And DIY is our most common competitor, really. There's a couple of pieces here that matter.
The first piece is, folks will look at Helm, and they'll look at Operators and say, well, I'll just publish Helm charge, I'll just publish this Operator. And that's a really great start. And we actually encourage people to do that for the first few deployments through their enterprise customers.
But ultimately, if you're building a large enterprise software company-- our customers are folks like HashiCorp, and UiPath, and Puppet, and Tripwire. And when they look at this, they have lots of different teams who need to-- I call it "cross-functionally collaborate--" on the successful implementation of this application into tens, hundreds, or thousands of enterprise environments.
And so when you're doing that, you need workflows and tools that make it easier for you to manage the releases, work with your support team, deliver entitlements and licensing. And so Replicated provides that on the vendor tooling side. But then on the enterprise IT admin side, we also focus on, how do you make it really simple for the IT admin to have the tooling that they need to validate that their environment is going to meet the requirements of the actual application? We call those pre-flight checks.
Or how do you make sure that they can configure it easily with values that are not going to cause errors? And how can you do all these other integrations with version control systems and identity systems and snapshots? So there's all this additional work.
It's not just, get it deployed. But it's like, help your customer truly operationalize and automate the application over time to, really, day two. Like, how do you make day two possible?
And there's obviously the other sides of build versus buy, which is like, if you're building it yourself, you have to think about this as a pretty core part of your business. So particularly if you're going to build it, how do you make sure that your pipe cleaners and string can be taken over and managed by somebody else if you move to a different project or a different company in a year or two? Because this thing is going to be around for a while.
If you launch a new product that needs the same technology, how do you make sure that new team adopts yours as the standard and is sort of made successful with it? So there's all this additional work that has to be done beyond just writing the code around making it successful, and obviously maintaining it, and supporting it in a very fast-moving ecosystem that Kubernetes is.
Most of our customers do end up building something before they even try Replicated. And then I don't think any customers ever actually moved off of Replicated to build their own. You come one way, but not the other.
CRAIG BOX: Your customers are the vendors, and then their customers are end users who want to run something, quote, unquote onprem. How many of those end users are running within their own physical walls versus cloud VPC? And if the reason that they're adopting this thing is the risk profile might have a vendor stealing their data, is there a difference in the risk when they're running in that semi public cloud environment?
GRANT MILLER: Yeah. To your point, when we say modern on-prem, we don't just mean data centers. We mean a Google VPC.
Within that VPC I could have my own GKE cluster and install these third-party applications into it. As the IT admin, I'm not worried about the underlying infrastructure or really even the Kubernetes layer. I'm just now deploying this automation to deploy these applications.
We think that is actually the best way to do this. Because it really lightens the workload, so you don't have to worry about the underlying Kubernetes platform, et cetera. What it does do is, if you think about-- I call it your data surface area.
So if you're an enterprise IT admin, and you have-- I think the average enterprise has over 1,000 different SaaS providers. So you have to think about 1,000 SaaS providers who have access to some amount of your data. Then they have vendors that they're putting that data into, and they have employees and admin panels.
And so you end up with all of this exposure and sort of additional risk. Not necessarily your vendor might steal your data, but your vendor just might accidentally put it into an S3 bucket without credentials on it, right? And so then it's unauthenticated.
So it's not about a lack of total trust. It's just like, things happen. And the more organizations that have access to that data, the more risk there is. And so the whole philosophy for putting it into a VPC is, now you can control the processes and the access level of those applications.
And so we say, instead of sending your data out to thousands of different vendors, you can bring the applications to where the data already resides and then really reduce that surface area. And then you know, hey, look, we've vetted that Google and Amazon and Microsoft are doing a very high level of security around these physical boxes and around access. And so we can accept their security posture, but we don't necessarily want to accept the security posture of the 1,002nd application that comes to us, and it's a team of 100 people distributed all throughout the world who maybe don't have as strong of a focus on security.
CRAIG BOX: When you are running in a physical space, can you assume that cloud APIs exist there? People who don't have a Kubernetes of their own, do you provide that for them? Or do you have them acquire something like Anthos and then run on top of that?
GRANT MILLER: We do support installing into any existing Kubernetes cluster, which is a really important part of how this works. Ultimately, you could have Anthos. You could have GKE. You could have OpenShift, Rancher. It doesn't really matter to us. Anything that's like a modern version of Kubernetes, we'll run our pre-flight checks and validate that the application will deploy. Now if you don't have Kubernetes--
CRAIG BOX: Shame on you.
GRANT MILLER: Yeah, exactly. Why are you listening to the podcast?
We have an embedded version of Kubernetes. We think about it as a kind of custom installer that the vendor has validated. It works well with their application. And it's just upstream Kubernetes with a handful of add-ons. And the vendor can identify which versions of the add-ons to include.
We call it kURL with a K. So you run it from a kURL | bash, install it into your cluster. Or there's an air gap installer.
CRAIG BOX: You run it with a cURL-with-a-C | bash.
GRANT MILLER: Yeah. That's why we named it that, right? It's a Kubernetes URL. So you cURL kURL.
The whole concept was, let's make it really easy to install a multi-node environment that will provide the app as the cluster, much in the same way of that virtual appliance of years ago. It's like a multi-node version of that.
For folks who don't have Kubernetes experience, it's not like I'm trying to provide a Kubernetes platform that's going to be how their entire team moves to Kubernetes. It's the first version of Kubernetes they have. It's running a third-party application. That application is vetted to run on that version. And then we make sure it's easy to update, make sure it's easy to scale out.
And ultimately, that embedded solution is about 50% of the installs. And about 50% end up being into existing clusters. And we see that continuously moving more and more towards existing clusters.
The vision behind Replicated and the product KOTS, which stands for Kubernetes Off-the-Shelf Software, is that, over time, enterprises will adopt Kubernetes. And it will become that common substrate. And you won't need to provide this installer.
We would vastly prefer every one of these installations to go into a customer's existing cluster. One of the core concepts behind this project is that the only way that you're really going to move away from manual operations of third-party applications is if every enterprise is actually operating their own Kubernetes cluster or using a managed Kubernetes cluster. We piggyback off of the existing tooling that they use to deploy first-party applications into that cluster. And so the example here is, if I have a GKE cluster within a VPC, and it's already secured, and I have a methodology of deploying applications into that, one of our favorite ways to do that is the GitOps.
And so I might have a version control that I commit my manifests into and then an image registry that I push my images to. And then I use a GitOps operator like Flux or Argo to actually pull those in and deploy it to my cluster. And then I have Prometheus to monitor it. And I have other things that are going on inside of my cluster.
But I have this system. It's set up. And that's how I deploy all the code and all the manifest that we write internally.
Marc's vision, my co-founder, for what KOTS would do is, he said, well, the only way that people are going to be able to run tens, hundreds, or thousands of third-party applications is if this isn't a new process for every one of those applications. And instead, we can say, look, we'll automatically commit a new version of this third-party software that has an update into your version control system. We'll automatically download and push the images into your internal registry so they can be scanned. And you can basically use all the exact same tooling that you already have, your exact same cluster. You're just going to be running third-party applications instead of all these first-party apps that you're writing internally.
CRAIG BOX: If a customer purchases a piece of this third-party software to operate, do they need to know Replicated exists? Or is it simply an implementation detail, and it's a Kubernetes-native application, as far as they're concerned?
GRANT MILLER: They definitely don't need to know that we exist. They will end up using parts of our open source projects. So anything that an end customer would actually touch in this process, an enterprise, is fully open source.
So that could be our Kubernetes installer. That could be the KOTS admin console. Or it could be our troubleshoot projects.
But those are all fully open source. If Kubernetes doesn't exist, it'll install Kubernetes. It'll install the admin console on top of it. And then it'll bring up the application on top of that.
It's fairly white-labeled. So they are using a KOTS CLI. And it does have a consistent look and feel.
But for the enterprise IT admin, they think about it as, hey, this is the installer for Puppet Enterprise, or Tripwire, or UiPath. Now they can combine those, and run them in a single cluster, and use the tool to run multiple applications. But for them it's just, hey, I want to run Kubernetes applications in my own environment in the most private and secure way possible. And that's really what Replicated focuses on.
CRAIG BOX: You mentioned there your troubleshooting tool, which is named the Troubleshoot. I hope you gave a promotion to whoever came up with that.
GRANT MILLER: Yeah. Naming’s hard. I think we all know that. We really love the KOTS name, the Kubernetes off-the-shelf software.
Troubleshoot was a bit easier to come up with. But the whole concept here is, it's actually made up of two different parts. One part of Troubleshoot is pre-flight checks, which will validate that the environment meets the vendor's requirements. And it does this both by looking if there's no Kubernetes looking at the host and figuring out a bunch of things-- disk space, IOPs, et cetera.
And if there is Kubernetes, you can validate that you have the operators you need, or you have the right ingress, or anything else. That sort of pre-flight check is a really important piece of making sure that software can be successfully deployed. Because what we see oftentimes, in this world of delivering on-prem software into customer environments, is that the majority of support issues actually arise from just misconfigured base environments.
Oh, I didn't know I needed that. I didn't know I needed this. And so by automating as much of this as possible, you can now basically self-remediate past many of those issues.
And then the next part is around support bundles. And so Troubleshoot also has this support bundle. It's a kubectl plug-in through the krew package management system. What you can do there is actually run a command against your cluster from your local machine, and it will pool all of the resources that the vendor says, I normally need to have these in order to successfully troubleshoot an issue-- logs, commands, other things like that. Before you have to even deliver that to the vendor, it'll run them through local analyzers which look at most common issues that this vendor has ever seen, or that we've seen across the board with Kubernetes clusters.
And so it's going to, again, give you a chance to self-remediate before you have to escalate this back to the vendor. If you do need to send it to the vendor, it'll run it through some really detailed redaction to pull out sensitive information, produce a redaction report. That way, you know, hey, these secrets were pulled out, this other information was pulled out. And that way, you can share it with the vendor for that disconnected troubleshooting.
We really don't like the idea of giving vendors access to these boxes. Because we think, ultimately, if you're trying to reduce the surface area of your third-party applications, then, if you're giving remote access to a vendor to troubleshoot when they need to break glass, it's not really following the model. So we really try to build as much as we can to make sure that disconnected concept really plays through the whole time.
CRAIG BOX: If I'm a platform team or if I'm developing an application to run internally in units of my larger company, do you think I should look at adopting Troubleshoot myself?
GRANT MILLER: This is definitely an interesting opportunity. People always ask us, hey, should we use this to run our own applications internally-- our first-party apps? We generally say probably not. Because if you can share access to that cluster with people who are using it, and you're the developer, then you don't really need these disconnected systems.
However, if you have a-- in some banks they call it a Chinese firewall, where you can't actually send any amount of information back and forth. There's no information sharing across different teams. Then it could be useful.
Most of these things are really developed around this idea of third-party applications rather than internal applications. So that's where licensing matters. That's where disconnected troubleshooting matters.
But they are fully open source. You can run them from your machine against any cluster. You can write manifest. You can make it easy.
Every one of these integrations that we do with KOTS-- and we also integrate with things like Velero and Prometheus-- we're really trying to not build every part of this. We really want to find what the community has and then integrate that into how our product does backups or does monitoring, et cetera. And the way that you invoke any of those external projects or any of our purpose-built projects is by just providing an additional Kubernetes manifest.
So we sort of did it modeled after CRDs and operators, except you don't actually run an operator for these in your cluster. You just provide a custom resource. And then the KOTS admin console and tooling will consume those and invoke Velero, or invoke Prometheus, or invoke these other services in the way that you describe in your manifests.
CRAIG BOX: Another open source project that Replicated has built and then donated to the CNCF is SchemaHero. Is that like a really boring version of "Guitar Hero"?
GRANT MILLER: [LAUGHS] Exactly.
CRAIG BOX: Quick! Select, select, insert, insert.
GRANT MILLER: My co-founder Marc, he loves-- there are so many parts of Kubernetes that are so powerful as an API that you provide these declarative manifests to. And it's so extensible. So he was like, you know what? The way that we're doing schema migrations is kind of crazy.
It has to run through 100 different migrations every time you want to deploy the software locally. This is wrong. This is convergence, not declarative methodology.
So he built SchemaHero as an operator to basically do the migration in a much more declarative way. It's super Kubernetes-native. It lives inside of your cluster. It consumes these SchemaHero manifests that declare, this is what my schema should be.
And then we'll make those changes, kind of like an ORM, just doing the schema part. We decided to donate it to the CNCF, because, ultimately, we think it's a really powerful idea, and it should be helping folks who are managing these schema migrations. And he's made it compatible with Cockroach, and MySQL, and Postgres. And so we can extend it as far as the community will help us to hopefully make this a really easy way to manage schemas super declaratively Kubernetes-native.
CRAIG BOX: Back in October, you took a $25 million series B round of funding. It took a little bit longer than nine months to get to that.
GRANT MILLER: [LAUGHS] Very true. Yeah, Replicated has been around for six years. And it took us, I think, a long time to really find the market.
Because when we first started this company six years ago, and we told people that the future of enterprise software looked more like on-prem software than it did like SaaS, people thought we were kind of crazy. That was a time when Kubernetes didn't really exist. People didn't really understand how automation was going to change the industry. I think it's become a little less insane since then. We have people kind of get it now.
But we were still very early to the market. And when we first started the company, we were evangelizing for companies to use Docker as much as we were telling them about our product. It took a while for us to hit a velocity where we were closing deals and bringing on new customers at a really great rate.
Ultimately, what happened was, about 18 months ago, we launched the KOTS project. And that has been this perfect combination for most vendors. It allows them to either deploy to that existing cluster or to embed Kubernetes with their application. And at the same time, we really figured out that our ideal customer profile wasn't just SaaS companies looking to go on-prem, but it included what I would call a traditional ISV-- so someone that was already deploying software on-prem, like Tripwire, but they were making this huge transition away from delivering binaries to delivering fully Kubernetes applications.
They needed to retool as they did that. And Kubernetes provided a bunch of different patterns and primitives that would help them get there. But they all realized they needed more. They needed tooling for their different teams. They needed these things to help customers manage it.
And so that's why they chose Replicated as a partner. And now we're rolling pretty well. We're finding great new customers all the time.
And there's so many companies that I wouldn't even think about as a software vendor, but they're becoming software vendors. Because ultimately, if you think about digital transformation, this is a concept that I think most people really understand from the consumer world, where they think, OK, my bank needs a good mobile experience. The hotel that I check in needs to have a tablet on the nightstand so that I can interface with it.
But they don't really understand digital transformation from the B2B side. So if you're a supplier, you need to now figure out how to add value not just through supplying parts or services, but by supplying software. And so you're either going to supply that software as a service, or you're going to deliver it to where the customer is going to run it.
And many times, those suppliers are very deep in the enterprise. And so this idea of delivering a modern on-prem version of the product actually makes them a really great candidate to use Replicated's technology. So we've seen companies that I would have never even guessed were going to be delivering Kubernetes applications. This is how they're going to deliver the future of their business. And these are multibillion dollar organizations.
CRAIG BOX: In this modern BYOD, app-driven world, you exude a love for enterprise software. And you run the site called "EnterpriseReady" where you publish guides on how to run successful enterprise software. Do people really love enterprise software, or do they really love the idea of selling large numbers of things with smaller amounts of customers?
GRANT MILLER: I've done consumer, and I've done enterprise. And the thing about enterprise software is that there are so many interesting problems to be solved, and customers are willing to pay for it. And you don't have to manage the fickle response of a consumer world. I don't really understand why one product or one app is more popular than another when they both look like they're well-built.
CRAIG BOX: Influencers.
GRANT MILLER: Maybe that's it, right? But in the enterprise software world, you get this huge world of problems that you can step into and solve. And if you can solve it, there's real value that's created. And it's pretty easy to draw a connection to an ROI.
And I think buyers are fairly rational in the fact that they're like, yep, that makes sense. We should buy it. And we'll keep paying you to solve this problem.
When you look at the market cap of all these software companies now, the number of billion dollar-plus market cap enterprise software companies has more than 10x-ed in the last 10 years. And that's because people are realizing that there is so much value that you can get from using as much software as possible, and having a team that's dedicated to solving that problem, and then making sure it's successfully rolled out throughout the entire company. I love problem-solving, and I think a lot of people in this industry do.
And the other really interesting part of it, particularly within the infrastructure software world, is it’s a small ecosystem. So there's not that many of us yet. And what that creates is, it enforces this social norm where you have to be fairly long-term-oriented. You can't try to get every penny out of every deal or screw people over.
It forces people to be really good actors because you're going to see these people in the future. They might work at your company. You might work at theirs. You might be a customer, or they might be a customer. You might partner.
And because of that, people are generally pretty great. And we have an ecosystem that's thoughtful, that's caring, that's very inclusive. What an amazing thing to be a part of. That's why I love it. And I think that's shared by a lot of people who love complex problems and welcoming communities.
CRAIG BOX: Both you and Marc are podcast hosts. Your podcast is "EnterpriseReady." And his is more focused on conversations with people in the Kubernetes space. Didn't he think there was someone else who was already doing a good job in that area?
GRANT MILLER: [LAUGHS] Yeah, so Marc loves the Kubernetes Podcast. He was hoping to be here with us today as well. But he saw the opportunity. We've been operating the Kubelist podcast and the Kubelist site for a few years now. We took it over from the folks at Manifold.
And Marc just loves these projects. And he's always following things. And he was, like, yeah, I want to just send out the newsletter and keep people up to date on what's going on. And then we decided to put together a podcast, because he's like, I have this problem, which is, I'm so excited when I see new projects in the sandbox or as incubators, but sometimes I don't really understand exactly what they do, or how they work, or what's going on with them. I just want to be able to ask people questions about that to help me understand it.
Because I want to use these new technologies. I want to support what's going on. I want to learn.
And so he started the podcast to do that and then just to share it with the rest of the world. And that's the whole concept. He just mainly brings on new projects that are admitted to the sandbox, or admitted to the incubator, or he'll want to talk about what they're doing.
And it's a pretty technical look at, what does this actually mean? How does it work? I think the best things are always created to scratch your own itch. That's his itch. He wants to know about all of these projects.
The other part that I think is really important-- I love podcasting, both yours, Marc's, and the one that we run-- is, sometimes this knowledge that we have is sort of siloed in only a handful of locations in the world. So if you wanted to learn about containers 10 years ago, you had to be at Google, and you had to live in the Valley.
CRAIG BOX: Yes.
GRANT MILLER: And if you wanted to understand enterprise go-to-market, you had to work at Cisco or Oracle.
CRAIG BOX: And also be in the Valley.
GRANT MILLER: And also be in the Valley, right.
The idea was, well, look, there's so much of this knowledge, and there's so many more people who should be able to contribute. Let's try to open up a door so they can have a common vernacular to talk about these things and to learn from the same stories. It shouldn't have to be passed between a couple of white guys sitting at coffee in the Valley. It should be shared with everybody.
And this way, it can be more inclusive. More people can access it. They can ask questions. They can engage. And this knowledge can stop being siloed.
I think, if you believe that capability, and intelligence, et cetera, are normally distributed throughout the world, which I do, then there are so many more people that we should be getting involved. Because they could be helping to push things forward. That's our small contribution. Hey, this is knowledge that we have. Let's just share it.
And I love the internet for that. I love all these platforms and systems that we have. Because the idea that somebody could be in a rural country thousands of miles away and getting this sort of information, that makes me really happy. And I think that that's going to make the world better long-term.
CRAIG BOX: Finally, a number of great science fiction properties have the concept of a replicator. Do you have a favorite?
GRANT MILLER: Yeah. I'd say it's Ryan Gosling. Ryan is "Blade Runner 2049." Yeah, he's the dreamiest of the replicators in my opinion.
CRAIG BOX: He's a repli-cant.
GRANT MILLER: Yeah. He's a replicant, right. He's the dreamiest, though. [LAUGHS]
CRAIG BOX: You remember those little sort of spider robot things from "Stargate SG-1?" I think they were called replicators. They may disassemble your spaceship and use the metal to build more of themselves. But I'm sure they make a nice pet.
GRANT MILLER: Would you say that gremlins are also a replicator?
CRAIG BOX: I don't know. This is one of those thought experiments. Can a replicator build one of itself?
GRANT MILLER: Yeah. Yeah, well, they just spill water on them, right?
CRAIG BOX: Perhaps. And feed them after midnight.
GRANT MILLER: [LAUGHS]
CRAIG BOX: What happens if you feed a gremlin to a gremlin?
GRANT MILLER: [LAUGHS] I don't know.
CRAIG BOX: The questions we ask. Thank you very much for joining us today, Grant.
GRANT MILLER: It was a pleasure. Thank you.
CRAIG BOX: You can find Grant on Twitter at @GrantM, and you can find Replicated at Replicated.com.
[MUSIC PLAYING]
CRAIG BOX: Thank you very much, Liz, for helping out with the show today.
LIZ RICE: My pleasure. Thanks for inviting me.
CRAIG BOX: If you enjoyed the show, please help us spread the word and tell a friend. If you have any feedback for us, you can find us on Twitter at @KubernetesPod or reach us by email at kubernetespodcast@google.com.
LIZ RICE: You can also check out the website at kubernetespodcast.com, where you'll find transcripts and show notes and links to subscribe.
CRAIG BOX: I will be back with another guest host next week. So until then, thanks for listening.
[MUSIC PLAYING]