WEBVTT 1 00:00:14.439 --> 00:00:17.839 Hey everybody, and welcome back to another episode of Adventures 2 00:00:17.839 --> 00:00:20.719 in DevOps. This week on our panel we have Will Button. 3 00:00:20.960 --> 00:00:23.559 What's going on everyone, We have Jeffrey Growman. Hey there, 4 00:00:23.640 --> 00:00:26.440 I'm Charles Maxwood from Devchat dot TV. And this week 5 00:00:26.519 --> 00:00:29.239 we have a special guest and it is Simon Tults. 6 00:00:29.519 --> 00:00:31.640 Hi. Everyone, it's a pleasure to be here. Thank you 7 00:00:31.719 --> 00:00:32.759 very much for hosting me. 8 00:00:32.960 --> 00:00:35.479 So fun Yeah, absolutely, I mean you brought all the energy. 9 00:00:35.520 --> 00:00:37.520 It's it's funny. We were talking beforehand and you're just 10 00:00:37.600 --> 00:00:40.159 excited and I love it. Do you want to just 11 00:00:40.240 --> 00:00:42.359 introduce yourself real quick, let people know who you are, 12 00:00:42.439 --> 00:00:45.920 what you do at? Is it da Tree, Dat Tree. 13 00:00:45.200 --> 00:00:48.560 The Tree? Yeah? Sure, yep. So yeah. My name is Shimon. 14 00:00:48.840 --> 00:00:52.799 I've been in the infrastructure R and D space for 15 00:00:52.840 --> 00:00:56.200 more than ten years, and I've worked at large companies 16 00:00:56.240 --> 00:00:59.799 like Intel, and i worked at startups from like thirty 17 00:01:00.000 --> 00:01:04.599 employees until we were a thousand employees. And my previous role, 18 00:01:04.640 --> 00:01:08.439 I was an engineering manager for a media company and 19 00:01:08.680 --> 00:01:11.879 I grew together with the organization from thirty employees to 20 00:01:11.959 --> 00:01:16.159 one thousand, and I really saw how the struggle is 21 00:01:16.239 --> 00:01:19.840 real when you have four hundred engineers and you're trying 22 00:01:19.920 --> 00:01:23.959 to make this work while breaking things and moving fast. 23 00:01:24.120 --> 00:01:26.439 So this is actually what brought us here and what 24 00:01:26.599 --> 00:01:29.879 brought me to almost four years ago, me and my 25 00:01:29.959 --> 00:01:33.599 co founder to open the Tree, which helps prevent misconfigurations 26 00:01:33.640 --> 00:01:37.840 from ever reaching production environments, especially around kugernities. 27 00:01:38.040 --> 00:01:40.760 All right, so the code that crashes my stuff, that's 28 00:01:40.840 --> 00:01:45.040 my fault. The misconfigurations that's somebody else's fault. I'm just 29 00:01:45.079 --> 00:01:48.799 being clear. I hope my boss hears this anyway. So yeah, 30 00:01:48.840 --> 00:01:51.439 so we were talking before the episode and you said 31 00:01:51.439 --> 00:01:55.120 that you experienced this outage and this is where you've 32 00:01:55.200 --> 00:01:57.640 learned a lot of the lessons that led to the tree. 33 00:01:58.040 --> 00:02:00.280 Do you want to just talk about that? Kind of 34 00:02:00.280 --> 00:02:02.359 give us the background and the story so that we 35 00:02:02.439 --> 00:02:04.879 know what you screwed up? I mean how that went? 36 00:02:07.280 --> 00:02:12.199 Sure, sure thing. So let me describe the scenery first, 37 00:02:12.280 --> 00:02:15.319 you know, like in a book. So imagine a company 38 00:02:15.879 --> 00:02:18.560 and you have one thousand employees, four hundred of them 39 00:02:18.599 --> 00:02:22.400 are developers. The company is born in the cloud, paying 40 00:02:22.439 --> 00:02:26.520 one point five million dollars for AWS every month, a 41 00:02:26.599 --> 00:02:30.919 lot of stuff running. No one actually knows what is everything, 42 00:02:31.000 --> 00:02:34.840 but it kind of works, you know, and moving really 43 00:02:34.879 --> 00:02:38.000 really really fast working in micro services, a lot of 44 00:02:38.039 --> 00:02:42.599 different programming languages, and the philosophy of the company is, 45 00:02:42.639 --> 00:02:45.919 you know, like small speed boats, like Amazon calls it, 46 00:02:45.919 --> 00:02:49.240 two pizza teams. You know, you have your team, you find, 47 00:02:49.439 --> 00:02:51.680 you have a problem, you find the best solution, you go, 48 00:02:51.759 --> 00:02:56.000 you do it, responsible for it, sounds great, removes bottlenecks, 49 00:02:56.039 --> 00:03:00.479 makes you move fast, and really gives great energy people 50 00:03:00.520 --> 00:03:03.199 because they don't feel like they're a small, small screw 51 00:03:03.479 --> 00:03:06.400 in a big organization. And my role there was the 52 00:03:06.479 --> 00:03:10.159 general manager of the infrastructure division. So my work was 53 00:03:10.199 --> 00:03:13.000 to find things that are relevant to all the other 54 00:03:13.120 --> 00:03:16.240 teams and build it as an infrastructure. So for example, 55 00:03:16.280 --> 00:03:20.199 we built a data collection pipeline that ingested more than 56 00:03:20.280 --> 00:03:24.960 two hundred billion with the b every month events from 57 00:03:25.039 --> 00:03:29.719 thirteen regions in AWS. And this is what we would do. 58 00:03:29.840 --> 00:03:32.599 And every time there's a new technology or something that 59 00:03:32.680 --> 00:03:35.680 is cross the company, we would be responsible for it. 60 00:03:35.759 --> 00:03:38.840 Might team and sort of like sort of special ops 61 00:03:38.879 --> 00:03:42.280 in a way. And one day we had a production outage. 62 00:03:42.439 --> 00:03:45.400 Now this happens. You know, we're all people. I make mistakes. 63 00:03:45.439 --> 00:03:52.479 Everyone makes mistakes, besides Charles. It happens, and like every 64 00:03:52.520 --> 00:03:55.000 company we said, okay, let's post more tom the problem, 65 00:03:55.240 --> 00:03:57.639 understand what happened, let's find the root cause. And we 66 00:03:57.719 --> 00:04:00.960 did it. And a developer made a miss configuration in 67 00:04:01.039 --> 00:04:04.159 one manifest file, and we said, okay, we totally understand 68 00:04:04.199 --> 00:04:06.800 people make mistakes, and we want we believe in the 69 00:04:06.800 --> 00:04:09.879 philosophy of, you know, run fast and break things, but 70 00:04:10.360 --> 00:04:13.080 we don't believe in the philosophy of let's make the 71 00:04:13.120 --> 00:04:16.120 same mistake five times. You know there is a limit 72 00:04:16.240 --> 00:04:18.720 to that as well. So we said, okay, so how 73 00:04:18.720 --> 00:04:22.000 do we make sure that this does not happen again. 74 00:04:22.160 --> 00:04:24.319 So first of all, you send the post mortem in 75 00:04:24.360 --> 00:04:27.000 an email to everyone in the company. So we tried that. 76 00:04:27.480 --> 00:04:31.000 Nice doesn't really work. No one reads it, no one 77 00:04:31.079 --> 00:04:33.399 remembers it. And I got to tell you from the 78 00:04:33.439 --> 00:04:37.360 other side as a developer getting emails every day telling 79 00:04:37.399 --> 00:04:41.360 me like, use this package, use this configuration, check this thing. 80 00:04:41.800 --> 00:04:44.279 It's it's not scalable, Like how am I supposed to 81 00:04:44.319 --> 00:04:48.240 remember everything? It's it's just not feasible. And we said, okay, 82 00:04:48.279 --> 00:04:52.360 we did, you know, internal educational systems, And we did 83 00:04:52.399 --> 00:04:55.199 an internal meetup and explain to everyone, and everyone agreed, 84 00:04:55.240 --> 00:04:59.800 and everyone understands but it didn't really work well because 85 00:05:00.160 --> 00:05:02.079 I think, and this is what we thought, and this 86 00:05:02.199 --> 00:05:04.920 is what drove us to actually open the company, is 87 00:05:04.959 --> 00:05:08.639 that it has to happen in an automated way within 88 00:05:08.720 --> 00:05:13.480 the development flow of the developer. Because every inch, every 89 00:05:13.519 --> 00:05:16.360 small thing that you do in order to change the 90 00:05:16.399 --> 00:05:20.839 workflow of the developer, it's crazy. It's almost never going 91 00:05:20.879 --> 00:05:22.720 to happen, and if it's going to happen, it's going 92 00:05:22.720 --> 00:05:25.680 to be very very painful for the developer, for the manager, 93 00:05:25.680 --> 00:05:27.839 and for the company. So he said, how can we 94 00:05:27.879 --> 00:05:30.560 do something that will be seamless in the flow, Because 95 00:05:30.600 --> 00:05:33.240 when we spoke with people, they said, I want to 96 00:05:33.279 --> 00:05:36.279 know when I'm doing something wrong. I don't want to 97 00:05:36.279 --> 00:05:39.839 be the person that submits secret keys into our public 98 00:05:39.879 --> 00:05:42.720 GTAB repository. I don't want to be the person that 99 00:05:42.800 --> 00:05:47.199 takes production down. But sometimes I just don't know. And 100 00:05:47.240 --> 00:05:49.439 this is what drove us to actually opening the tree 101 00:05:49.920 --> 00:05:54.920 and building a solution that hooks directly within the development workflow. 102 00:05:55.480 --> 00:05:58.279 So it's a cli utility. You can run it on 103 00:05:58.319 --> 00:06:01.399 your laptop, Linux and Mac. Just run the three tests 104 00:06:01.720 --> 00:06:05.480 on your Kubernities manifest file or helm file, and then 105 00:06:05.639 --> 00:06:09.319 we provide out of the box pre defined policies. So 106 00:06:09.360 --> 00:06:13.920 I'll give you simple examples that seems, you know, really trivial, 107 00:06:14.000 --> 00:06:17.399 but people don't do it. It's like memory limit SIPY. 108 00:06:17.399 --> 00:06:21.959 You limit a likeness probe, readiness probe, pulling containers from 109 00:06:21.959 --> 00:06:25.920 a centralized registree, not using the latest doctor tag. Because 110 00:06:25.959 --> 00:06:28.279 then every time you build it, it's like going to 111 00:06:28.319 --> 00:06:31.240 the casino. You don't know it's version. You're gonna get what, 112 00:06:31.839 --> 00:06:35.480 You're gonna have it any productions like you know, and 113 00:06:35.959 --> 00:06:38.399 next after you have it in your computer, you install 114 00:06:38.439 --> 00:06:41.920 it in your CICD. And at this point this is 115 00:06:41.959 --> 00:06:44.279 one of the most powerful things because you get a 116 00:06:44.399 --> 00:06:49.240 centralized policy management solution. So I, as the develops engineer, 117 00:06:49.639 --> 00:06:52.680 can identify a problem, think of a policy that I 118 00:06:52.759 --> 00:06:55.959 want to apply to all of my hundred or fifty 119 00:06:56.120 --> 00:06:59.240 or five thousand engineers, and with the click of a button, 120 00:06:59.360 --> 00:07:02.560 I can enable policy. And now all the projects that 121 00:07:02.639 --> 00:07:06.639 go through this CICD pipeline will actually comply with this 122 00:07:06.759 --> 00:07:11.199 policy and otherwise it will fail. And the idea is 123 00:07:11.240 --> 00:07:14.720 that once it fails, it does not notify the develops person. 124 00:07:15.079 --> 00:07:18.680 It explains the developer what do they have to do 125 00:07:19.240 --> 00:07:21.800 and shows them and links them to wiki and to 126 00:07:21.879 --> 00:07:26.160 our dogs and tells them, hey, mister developer, Hey missus developer, 127 00:07:26.279 --> 00:07:28.720 this is how you can fix it. So we are 128 00:07:28.839 --> 00:07:32.040 very very proud of it because I really believe that 129 00:07:32.160 --> 00:07:35.319 this is how I would want my organization to communicate 130 00:07:35.360 --> 00:07:38.519 those policies and practices to me as a developer, as 131 00:07:38.560 --> 00:07:39.160 an engineer. 132 00:07:39.240 --> 00:07:45.480 Quit telling me what to do. No, it makes sense, 133 00:07:45.759 --> 00:07:48.160 and to be perfectly honest, you know. So, yeah, I 134 00:07:48.480 --> 00:07:51.279 write web developed. I'm a web developer for a fairly 135 00:07:51.360 --> 00:07:54.959 large financial firm. And what's nice is a lot of 136 00:07:54.959 --> 00:07:58.120 this stuff does kind of get pushed into our CICD. 137 00:07:58.959 --> 00:08:02.600 But the other nice part of it is that generally 138 00:08:02.680 --> 00:08:05.720 when these kinds of policy changes come down and I 139 00:08:05.720 --> 00:08:07.639 don't think they're using the tree. I think they're using 140 00:08:07.720 --> 00:08:10.759 just we're making this policy change and we're configuring Jenkins 141 00:08:10.800 --> 00:08:13.920 to do it. But they generally are pretty good about 142 00:08:13.920 --> 00:08:17.160 going in and making the initial move right, so they 143 00:08:17.319 --> 00:08:21.240 move it to the to match the policy, and then 144 00:08:21.279 --> 00:08:25.000 from there when it lines up with whatever we're doing. 145 00:08:25.399 --> 00:08:28.000 That's when we get to the point where it's like, okay, 146 00:08:28.079 --> 00:08:30.759 So then if we change something that messes it up right, 147 00:08:30.800 --> 00:08:32.840 then it's on us. Okay, we can roll this back. 148 00:08:32.960 --> 00:08:35.480 But yeah, they're usually the ones that initially make it comply. 149 00:08:35.600 --> 00:08:37.720 And I just wanted to add that because I think 150 00:08:37.759 --> 00:08:40.519 there's some level of responsibility that goes both ways, and 151 00:08:40.600 --> 00:08:43.720 so that's what I like about this. But if you're 152 00:08:43.720 --> 00:08:46.240 the one that's making the initial change that's going to 153 00:08:46.320 --> 00:08:49.120 cause it to fail and SI, then you probably also 154 00:08:49.159 --> 00:08:51.399 ought to be the person that's either working with somebody 155 00:08:51.799 --> 00:08:54.000 or doing the work yourself to make it comply in 156 00:08:54.039 --> 00:08:54.600 the first place. 157 00:08:54.879 --> 00:08:57.799 I totally agree, and this is why when we designed 158 00:08:57.879 --> 00:09:01.519 our policy engine, we design I need to have several 159 00:09:01.960 --> 00:09:05.519 points of granularity. So first of all, you can see 160 00:09:05.799 --> 00:09:09.080 how am I doing. Now let's scan my GitHub repositors 161 00:09:09.120 --> 00:09:13.679 and see do I have any violations now or not. Secondly, 162 00:09:14.039 --> 00:09:17.039 you can enable a rule in a way that we 163 00:09:17.120 --> 00:09:21.440 call it gradual rollout. So now every time that they 164 00:09:21.480 --> 00:09:24.039 make a change that is not complainant, to tell them listen, 165 00:09:24.480 --> 00:09:28.320 on August first, this change will not be complied. Now 166 00:09:29.039 --> 00:09:31.720 it is passing, and that's okay, totally fine, but just 167 00:09:31.759 --> 00:09:33.600 so you know, we're going to have a policy in 168 00:09:33.639 --> 00:09:36.600 place in August first, and this is the policy, and 169 00:09:36.639 --> 00:09:39.639 here you have time to actually prepare to it, and 170 00:09:39.679 --> 00:09:44.440 then once August first hits, then it fails as a 171 00:09:44.480 --> 00:09:48.240 warning and not as enforcement, and then you have a 172 00:09:48.279 --> 00:09:52.240 great period for adoption of the policy, and only then 173 00:09:52.320 --> 00:09:53.919 at the end of the end of the end it 174 00:09:54.039 --> 00:09:57.360 actually goes to full enforcement. And you're totally right. This 175 00:09:57.440 --> 00:10:00.200 is the feedback that we got from our customers, and 176 00:10:00.240 --> 00:10:03.080 this is how they designed it, and we built it 177 00:10:03.200 --> 00:10:04.360 because this is how they wanted. 178 00:10:04.600 --> 00:10:05.480 Now that's super cool. 179 00:10:05.519 --> 00:10:07.879 I really like the approach of You mentioned the path 180 00:10:07.919 --> 00:10:11.120 of how you got here through the emails and the 181 00:10:11.200 --> 00:10:14.919 meetings and the workshops and stuff, but really all that 182 00:10:15.440 --> 00:10:17.639 is only relevant at the time. And doing it this way, 183 00:10:18.279 --> 00:10:20.120 I think one of the key things there is that 184 00:10:20.159 --> 00:10:24.159 you're meeting the developers where they are, because that's the 185 00:10:24.279 --> 00:10:28.360 right time to introduce the solution or the information is 186 00:10:28.399 --> 00:10:31.720 when it's relevant to them. Otherwise it's just out of context. 187 00:10:32.080 --> 00:10:36.279 I totally agree. You have to get the warning and 188 00:10:36.080 --> 00:10:39.440 the data in line. I call it in line. And 189 00:10:39.480 --> 00:10:41.840 this is why we're working on We have a helm 190 00:10:41.919 --> 00:10:44.399 plug in, working on a cube, cattle plug in, vias, 191 00:10:44.440 --> 00:10:49.320 code plug in, everything, and this is very important because 192 00:10:49.639 --> 00:10:52.039 if it's not convenient, and if it's not in the 193 00:10:52.080 --> 00:10:56.480 developer's workflow, then I'll give you a story. Okay, I 194 00:10:56.519 --> 00:11:00.519 met with a big enterprise company. The talk to me 195 00:11:00.519 --> 00:11:03.279 about the certain policy that we have that says like 196 00:11:03.440 --> 00:11:06.840 pull containers from the centralized registry of the company. So 197 00:11:06.879 --> 00:11:10.960 it's like m doctor at company ACME dot com, right, 198 00:11:11.200 --> 00:11:13.440 and he's like, it's it's a good policy. I want 199 00:11:13.679 --> 00:11:16.600 to use your solution instead of ours. And I'm like, what, 200 00:11:16.600 --> 00:11:19.320 what's your solution? So what do you do today? Oh, 201 00:11:19.399 --> 00:11:22.279 we just blocked docer hobbing our firewall and no one 202 00:11:22.279 --> 00:11:26.200 can ask it. And I'm like, what. 203 00:11:27.480 --> 00:11:28.600 Problem solved? 204 00:11:29.960 --> 00:11:31.679 For real? This is the real really, this is what 205 00:11:31.720 --> 00:11:38.320 he told me. I was and he's like, yeah, well, 206 00:11:38.320 --> 00:11:40.679 we just block it in the DNS and firewall level 207 00:11:40.720 --> 00:11:42.639 and that's it and they can't pull it from there. 208 00:11:42.960 --> 00:11:45.799 And I think that this is absolutely not the way 209 00:11:45.879 --> 00:11:50.360 to do it. As we go forward, developers want to 210 00:11:50.399 --> 00:11:52.759 achieve left nice to play solution. 211 00:11:53.000 --> 00:11:56.200 Yeah, that works until your developers get smart enough to 212 00:11:56.200 --> 00:11:58.519 figure out how to use a VPN or other ways 213 00:11:58.519 --> 00:12:01.120 of Yeah. Yeah, I mean this. 214 00:12:01.200 --> 00:12:03.440 Is security by obscurity. 215 00:12:03.240 --> 00:12:06.679 That's yeah, it's the wrong way I was going to 216 00:12:06.720 --> 00:12:12.679 say Jurassic part nature or developers will find a way. 217 00:12:13.639 --> 00:12:16.519 Absolutely, you know, just a pile on. I totally love 218 00:12:16.559 --> 00:12:19.679 this idea too, and it's it really speaks I think 219 00:12:19.679 --> 00:12:22.679 to like the whole DevOps mentality of like flow and 220 00:12:22.759 --> 00:12:25.919 like pull requests versus push requests, because I think, you know, 221 00:12:25.960 --> 00:12:28.159 the way you were describing it earlier was that it's 222 00:12:28.200 --> 00:12:31.120 basically just you know, pushing stuff out, which never really 223 00:12:31.200 --> 00:12:33.399 works all that well. But if you, as Will said, 224 00:12:33.559 --> 00:12:37.559 you get timing right so that now developers can pull 225 00:12:37.600 --> 00:12:40.960 that information as they need it. The timing is right, 226 00:12:41.120 --> 00:12:44.679 the method is right, the information is there for them 227 00:12:44.720 --> 00:12:45.720 to pull it. 228 00:12:45.919 --> 00:12:46.519 Just you know. 229 00:12:46.639 --> 00:12:48.440 Again, I know I'm just piling on, but I just 230 00:12:48.480 --> 00:12:51.559 feel like it actually really fits really nicely and elegantly. 231 00:12:51.960 --> 00:12:54.720 Then the whole DevOps you know sort of methodology. 232 00:12:54.919 --> 00:12:57.240 But you know what I got to say, of course 233 00:12:57.240 --> 00:13:02.039 I gave a very radical example. Well, now, but when 234 00:13:02.080 --> 00:13:06.039 we meet with companies that are at this crossroad, because 235 00:13:06.080 --> 00:13:08.720 they say, okay, listen, we scale we had thirty developers, 236 00:13:08.720 --> 00:13:10.879 it was okay, forty fifth, like now we have like 237 00:13:10.960 --> 00:13:15.039 seventy developers. It's COVID. We're all working from home. You 238 00:13:15.080 --> 00:13:17.720 can't come to just a room and ask hey, how 239 00:13:17.720 --> 00:13:20.000 do we do this and that, and it's like we 240 00:13:20.240 --> 00:13:22.720 need to put something in place. And then I see 241 00:13:22.759 --> 00:13:27.279 companies choose two different paths. It's like two opposites that 242 00:13:27.600 --> 00:13:29.720 you can go to. And of course I think that 243 00:13:29.879 --> 00:13:32.919 the best solution is the middle ground. But like some 244 00:13:33.039 --> 00:13:37.120 companies go the old way, the whole way too. Okay, 245 00:13:37.519 --> 00:13:41.279 So DevOps is responsible for the cluster, which is true 246 00:13:41.279 --> 00:13:46.080 in many organizations, the responsible for the operational excellence of 247 00:13:46.120 --> 00:13:48.879 the cluster and for the day to day operations. But 248 00:13:48.919 --> 00:13:52.679 then the developers write the application. Then what they say 249 00:13:52.879 --> 00:13:56.519 is okay. So now every change that the developer makes 250 00:13:56.879 --> 00:13:59.960 to a Kuberniti's manifest or helm or anything that touches 251 00:14:00.120 --> 00:14:03.080 the infrastructure has to go through the opsteam. Now what 252 00:14:03.200 --> 00:14:07.000 happens at this point is that there's a huge bottleneck. Eventually, 253 00:14:07.039 --> 00:14:11.279 it frustrates both sides because the developers they have the 254 00:14:11.440 --> 00:14:13.960 R and D backlog and the product sitting on them 255 00:14:14.200 --> 00:14:16.840 with timelines that they need to release stuff and they're 256 00:14:16.879 --> 00:14:20.080 waiting for the up steam to approve it. The OPS 257 00:14:20.120 --> 00:14:23.519 team they don't want to babysit developers and tell them listen, 258 00:14:23.639 --> 00:14:26.080 you forget you're pulling the latest image put up in 259 00:14:26.200 --> 00:14:29.399 down version. No, because it's not interesting. They want to 260 00:14:29.399 --> 00:14:32.679 do cost reduction, they want to optimize the performance, they 261 00:14:32.679 --> 00:14:34.679 want to upgrade it, they want to bring the new 262 00:14:34.960 --> 00:14:39.639 best versions. They you know, do crazy pocs. And then, 263 00:14:39.759 --> 00:14:44.480 like all all sides are are basically frustrated because they 264 00:14:44.519 --> 00:14:48.720 babysit developers. The developers don't get autonomy, and at the 265 00:14:48.799 --> 00:14:51.919 end of the day, it's just bottleneck the develops. And 266 00:14:51.960 --> 00:14:54.480 not to talk about the fact that SERE and DevOps 267 00:14:54.519 --> 00:14:57.919 teams are usually like one to ten developers, so you 268 00:14:58.039 --> 00:15:00.879 might have like ten develops people to one hundred or 269 00:15:00.960 --> 00:15:03.840 two hundred developers. So that's one side. 270 00:15:03.679 --> 00:15:05.320 I can definitely identify with this. 271 00:15:05.399 --> 00:15:07.759 I mean, I'm working on a project right now that's 272 00:15:07.799 --> 00:15:11.559 on several timelines, right, and yeah, when everything's won't deploy, 273 00:15:11.679 --> 00:15:15.480 when it doesn't play nicely with the cluster, things like that, 274 00:15:15.879 --> 00:15:18.480 we get frustrated, right, And then my boss gets frustrated 275 00:15:18.519 --> 00:15:20.519 and it's like, why isn't this out there? 276 00:15:20.559 --> 00:15:20.720 Right? 277 00:15:20.799 --> 00:15:23.120 And then you know, well DevOps, right, and so then 278 00:15:23.159 --> 00:15:25.559 they go to DevOps and it's the same thing, right, 279 00:15:25.600 --> 00:15:29.120 and then the DevOps guys. Sometimes it's okay, well, let's 280 00:15:29.200 --> 00:15:31.120 they'll go figure out what it is and it's something 281 00:15:31.159 --> 00:15:33.639 that they can fix. And sometimes they're coming back to 282 00:15:33.720 --> 00:15:37.879 us and saying, well, there's this problem, and they don't 283 00:15:37.879 --> 00:15:41.039 want to come back to us and manage us, and 284 00:15:42.039 --> 00:15:45.799 and nobody else is happy because whoever the powers that 285 00:15:45.879 --> 00:15:48.320 be are for the business needs, they just want it 286 00:15:48.360 --> 00:15:49.240 out right. 287 00:15:49.679 --> 00:15:53.080 And so, yeah, what you're talking about. We've run into 288 00:15:53.080 --> 00:15:54.639 this more than once over the last year. 289 00:15:55.080 --> 00:15:57.879 And then it's like, what I'm doing to know? I 290 00:15:57.919 --> 00:16:00.559 heard it from several and several companies and multiple times. 291 00:16:00.600 --> 00:16:04.080 And just to tell you another example, the most common 292 00:16:04.120 --> 00:16:06.159 thing is that they come to Develops and tell them 293 00:16:06.159 --> 00:16:08.159 I have a deadline and then they go like, yeah, 294 00:16:08.159 --> 00:16:11.039 but the CFO told me to do cost reduction on AWS. 295 00:16:11.120 --> 00:16:13.080 So what do I do? I listen to the CEO 296 00:16:13.200 --> 00:16:15.519 to the CFO, or do I listen to the VPR 297 00:16:15.559 --> 00:16:18.679 and D or like what's more important? And who knows? 298 00:16:18.919 --> 00:16:23.159 I don't know. It's it's hard. Now let's talk about 299 00:16:23.200 --> 00:16:27.519 the other side. The other side is actually when this happens, 300 00:16:28.120 --> 00:16:33.039 but Develops does not assume responsibility and they go the 301 00:16:33.080 --> 00:16:36.120 path of educating the developers and they say, no, we're 302 00:16:36.120 --> 00:16:39.200 not going to lock everything. We're not going to lock anything, 303 00:16:39.279 --> 00:16:42.360 but we're going to put additional efforts into educating the 304 00:16:42.399 --> 00:16:45.639 developers in order to making the right decisions, which is nice. 305 00:16:45.919 --> 00:16:50.399 The thing is, while this happens, you're really not sleeping 306 00:16:50.440 --> 00:16:54.120 at night, both because you're afraid and because you're getting 307 00:16:54.279 --> 00:16:58.000 like pager paged for things that are happening. And secondly 308 00:16:58.639 --> 00:17:03.080 the developers are I find them terrified. They go like, 309 00:17:03.559 --> 00:17:06.480 I'm going to do that's something that is going to 310 00:17:07.240 --> 00:17:10.799 change production now. And they go like, I'm a Java 311 00:17:10.799 --> 00:17:14.480 billing engineer, I don't know Docker, I don't know Kubernites. 312 00:17:15.160 --> 00:17:18.759 I'm expert in Java billing, not in you know, Docker, 313 00:17:19.160 --> 00:17:21.519 I don't know. And then you find them like almost 314 00:17:21.519 --> 00:17:25.200 crippled because because they're afraid, they say, I don't know, 315 00:17:25.279 --> 00:17:27.799 I'm not an expert, and I'm afraid to break it 316 00:17:27.839 --> 00:17:30.000 and I don't want to do it. And then the 317 00:17:30.319 --> 00:17:33.160 teams they try to educate them and so on. But 318 00:17:33.279 --> 00:17:37.359 I think that what goes best, and it's solutions like 319 00:17:37.400 --> 00:17:40.119 the tree or you can take up open policy agent 320 00:17:40.599 --> 00:17:44.200 with contest and the gatekeeper and write your own policies 321 00:17:44.559 --> 00:17:47.319 and what I've heard from developers is that when the 322 00:17:47.359 --> 00:17:51.480 middle ground they call it, I feel like I have guardrails, 323 00:17:52.000 --> 00:17:55.599 Like I'm riding the freeway, but I have guardrails so 324 00:17:55.720 --> 00:17:58.960 I can do it by myself. I'm not bottlenecked by 325 00:17:59.000 --> 00:18:02.640 de VopS, but if I do something horribly wrong, the 326 00:18:02.759 --> 00:18:06.799 system will stop me. And then it's like a nice 327 00:18:06.799 --> 00:18:10.319 middle ground between the two, which I think can greatly 328 00:18:10.400 --> 00:18:12.720 help both sides of the equation. 329 00:18:13.160 --> 00:18:14.880 I think that's one of the approaches I try to 330 00:18:14.880 --> 00:18:17.759 take in specifically in post mortems, you know, because in 331 00:18:17.799 --> 00:18:21.000 post mortims a lot of the focus is on root 332 00:18:21.079 --> 00:18:22.319 cause and what went wrong. 333 00:18:22.400 --> 00:18:23.119 But I try to. 334 00:18:23.039 --> 00:18:25.799 Take it a little bit further than that and say, 335 00:18:26.319 --> 00:18:29.839 you know, the failure was not that this code did whatever. 336 00:18:29.920 --> 00:18:34.799 The failure is that the system didn't warn somebody that 337 00:18:34.880 --> 00:18:35.839 this was going to happen. 338 00:18:35.960 --> 00:18:36.200 Right. 339 00:18:36.279 --> 00:18:40.559 We built an environment where a developer or an engineer 340 00:18:41.200 --> 00:18:43.200 was able to make a change that they shouldn't have 341 00:18:43.240 --> 00:18:45.000 been allowed to make. And I think that's what you're 342 00:18:45.039 --> 00:18:47.880 describing there, is they're free to do whatever they want, 343 00:18:47.920 --> 00:18:50.759 but there's the guardrails in place to keep them from 344 00:18:51.240 --> 00:18:53.720 doing something that they didn't intentionally want. 345 00:18:53.759 --> 00:18:57.400 To do a WS you go delead the resource and 346 00:18:57.400 --> 00:19:02.279 it's like, there are fifteen resources attached to this security group. 347 00:19:03.440 --> 00:19:05.960 I guess you don't want to delete the security group. 348 00:19:07.640 --> 00:19:10.480 So one thing I'm curious about you is when you 349 00:19:10.480 --> 00:19:14.240 talk about your clients, I'm curious to hear what are 350 00:19:14.240 --> 00:19:18.519 the comment sort of misconfigurations. You know, I don't know 351 00:19:18.559 --> 00:19:20.480 if you're to say, you know, if you were to 352 00:19:20.480 --> 00:19:22.319 ask you here, what are the top five or top ten, 353 00:19:22.880 --> 00:19:26.559 I'm really curious to hear like what you see commonly. 354 00:19:27.559 --> 00:19:32.839 Yeah, great question, It's an absolutely great question. And by 355 00:19:32.839 --> 00:19:34.880 the way, in our docs have that the tree that 356 00:19:34.960 --> 00:19:37.200 I owe, we list all of the policies that we 357 00:19:37.279 --> 00:19:41.440 have and you can view everything. So let's go over 358 00:19:41.559 --> 00:19:45.279 some categories and talk about them and talk about the 359 00:19:45.039 --> 00:19:51.119 their security. So one one day, one company, very big 360 00:19:51.160 --> 00:19:54.160 messaging company told me, he told me, I want an 361 00:19:54.200 --> 00:19:57.759 if in for a safety score. I want this to 362 00:19:57.880 --> 00:20:02.200 run and for me to be to feel not safe 363 00:20:02.240 --> 00:20:06.079 in regards to security safe. Also it also has security aspects, 364 00:20:06.079 --> 00:20:09.519 but I want to know that my safety score is high. 365 00:20:10.400 --> 00:20:15.240 So it starts from resource management. So in kubernets, for example, 366 00:20:15.240 --> 00:20:19.359 you can have a CPU requests and CPU limit, memory limit, 367 00:20:19.519 --> 00:20:23.240 and memory requests. This is very very common, and it 368 00:20:23.279 --> 00:20:29.920 specially happens because the developer, she codes the app and 369 00:20:29.960 --> 00:20:33.000 then she sends it to the cluster, she doesn't know 370 00:20:33.680 --> 00:20:36.480 what is she going to be paired with. Now, the 371 00:20:36.519 --> 00:20:42.519 develops engineer works on workload management and optimizes the workloads 372 00:20:42.799 --> 00:20:46.160 on the different nodes so it will be cost effective. 373 00:20:46.559 --> 00:20:49.119 And the problem starts when you don't have memory in 374 00:20:49.200 --> 00:20:52.599 CPU limits, and then you have a memory leak in 375 00:20:52.680 --> 00:20:56.400 one of your containers, and then it starts affecting it 376 00:20:56.440 --> 00:21:00.279 psych a noisy neighbor, but very very noisy, and then 377 00:21:00.400 --> 00:21:04.160 Kubernitis starts to it depends on how you configured it 378 00:21:04.200 --> 00:21:07.119 and so on, but it starts to kill services, starts 379 00:21:07.119 --> 00:21:10.079 to run out of memory. There are different behaviors that 380 00:21:10.400 --> 00:21:12.640 none of them is good and none of them is 381 00:21:12.680 --> 00:21:16.400 as expected. So I'd say this is the like no 382 00:21:16.559 --> 00:21:19.319 brainer one that you should do. 383 00:21:20.359 --> 00:21:20.519 Now. 384 00:21:20.559 --> 00:21:23.319 What we see companies usually do also is that they 385 00:21:23.359 --> 00:21:27.920 start and they apply cluster wide memory and CPU limit 386 00:21:28.799 --> 00:21:30.880 because you can do it on the runtime level. The 387 00:21:30.920 --> 00:21:34.680 problem starts when you know you have different departments. One 388 00:21:34.680 --> 00:21:37.960 of them needs four jigabytes of memory and it's great, 389 00:21:38.039 --> 00:21:40.440 but then you have the AI engineers and they're like, 390 00:21:40.480 --> 00:21:43.960 we need forty jigabytes. And then if you don't configure 391 00:21:44.000 --> 00:21:46.640 it on a shift left side, then you go like, okay, 392 00:21:46.680 --> 00:21:49.160 so I need to increase everyone's limit to forty jigabytes, 393 00:21:49.200 --> 00:21:52.440 and then it's like nothing, it doesn't matter. So it's 394 00:21:52.440 --> 00:21:55.440 really important to set it on the resources side. So 395 00:21:55.599 --> 00:21:58.839 that's one. The second one is I would say around 396 00:21:59.160 --> 00:22:02.720 workload manage in terms of making sure that you have 397 00:22:02.759 --> 00:22:07.079 a liveness probe, a readiness probe, that your doctor container 398 00:22:07.119 --> 00:22:11.559 has a health check. It sounds so trivial, it sounds 399 00:22:11.680 --> 00:22:16.720 so simple, but so many times people go and create 400 00:22:16.759 --> 00:22:20.480 the workload, don't set those things. They just oh, just 401 00:22:20.680 --> 00:22:24.039