I returned last week from three whirlwind days in Berlin, where I was attending and speaking at “CoreOS Fest 2016.” In addition to soaking up the energy of a city bubbling with tech startups, I was fortunate enough to spend quality time with leaders in the Open Source distributed systems movement. For an amateur Linux nerd head like me, it was like being a kid in a candy store. A strangely mature candy store, filled with knowledge, ideas, experience, and vision - and really smart people.
Overall the conference was a huge success. One reason was that despite all the smart developers in attendance, I was surprised to find that most of them represented what I would describe as “traditional” enterprises - as opposed to startups and ecosystem players. Literally one out of every two people I met represented a “non tech” company - defense contractors, equipment manufacturers, service businesses, banks, etc.
GIFEE On the Mind
CoreOS is best known for its namesake open-source operating system. With its founding in building a more secure Internet, CoreOS (the operating system) is super lightweight and puts emphasis on automation, ease of application deployment, security, reliability and scalability.
All of these characteristics make the CoreOS ecosystem incredibly well suited to powering infrastructure for clustered deployments - and their increasingly modern workloads.
And it was this bigger idea that was the focus of the ‘Fest. Throughout the presentations and speaking tracks, ad hoc debugging sessions, and debates at the local dive bar (which looked like a 60’s aircraft hangar taken over by hipster anarchists) the community was wrestling with what CEO Alex Polvi calls “GIFEE” - or Google Infrastructure for Everyone Else.
GIFEE vs Distributed Systems vs Cloud Native
While the conference had CoreOS stamped all over it, I think you could just as easily swapped out “GIFEE” or “Distributed Systems” or “Cloud Native” - all terms that describe the revolution in making “at scale” infrastructure better, easier and more secure. CoreOS calls this thing #GIFEE, others describe it as Cloud Native architecture and some just say they are using Docker.
My personal favorite is Cloud Native. And with the general working group of the industry called the Cloud Native Computing Foundation (www.cncf.io) I’m going to stick with that for a bit and describe Distributed Systems as “Cloud Native” in their inspiration and values. Essentially systems built to run in and at Internet scale.
But what’s driving interest in “Cloud Native” infrastructure beyond developers and engineers playing around with shiny new tools like CoreOS, Docker, and Kubernetes? I suggest:
- Portable platform strategies to avoid lock in, gain control or manage costs
- Agility in continuous development and/or deployment
- Team independence for quality or speed of development and resolving DevOps friction
- Better security through isolation of services or rapid patching or upgrading
- Automation of availability and performance regardless of tech stack
- Meet or prepare for large scale an arch
Sounds great! So how do we get there?
Why Do We Want GIFEE, Really
It’s easy to assume that GIFEE is all about making really hard stuff easy - like who wouldn’t want to have a platform that worked like Google’s?
Hugely powerful, infamously efficient and crazy resilient, Google’s approach to infrastructure is the stuff of corporate and tech legend: a competitive edge that drives their leadership position in everything from internet search and maps, to voice recognition, artificial intelligence and self driving cars.
But I don’t think “easy massive scale” is the main value of GIFEE.
Most infrastructure consumers will never be nearly as big as Google and there are plenty of software makers and services companies out there to make hard stuff easier (for a price).
Instead, the big promise of GIFEE is all about security. It’s about building a better, more secure internet and doing so with the future in mind. A future of tons of software, a pace of rapid innovation and even larger threats. Packet was founded to Build a Better Internet -- so it’s no wonder we enjoy hanging with the CoreOS crew so much (whose mission is to Secure the Internet)!
How do you Secure the Internet? It’s the Enterprise, silly!
So how do you get the biggest bang for your buck when trying to secure a huge and wild place like the internet? From a technology approach, CoreOS decided to start as far down at the bottom of the stack as it could with a minimal Operating System (any lower and they’d be in the Packet.net land of physical hardware and switches!).
But if you want to make the biggest impact on the internet, you need to solve for the biggest - and to some extent the most vulnerable - users. The place to target isn’t the super savvy tech startups, but with Enterprises who control the vast majority of infrastructure, handle the most sensitive data and who have tended to be a bit...uh….slow to deal with security. Remember the response to heartbleed?
So the answer is: you bring GIFEE to the Enterprise.
With the Enterprise squarely at the center of GIFEE, it made perfect sense to me that CoreOS Fest Berlin was a lot more suits and ties than fanboy t-shirts and enthusiasm. With nearly 500 people, the conference was busy but not a zoo. In fact, it had a very ‘getting down to business’ feel to it. This group wanted to get to work on production grade issues and ideas on hand. Luckily, that’s exactly why I took a red-eye from New York to join Alex on stage.
Three clicks to Kubernetes (3 clicks to k8s!)
Well, if you really want to embrace GIFEE, you’ll need Kubernetes (the open source container cluster manager based upon Google’s Borg that reached 1.0 last summer) at the heart of it. The problem is, it is still kinda hard to implement, especially if you want to use advanced features like specific networking stacks or security functionality.
In short, the act of launching a Kubernetes deployment was slowing companies down from getting started with GIFEE. If we were going to democratize GIFEE and press forward on building a better / more secure internet, we needed to make it WAY easier to take the first step, and to show users how this could help make them (and the internet) more secure.
So a few months back, I put my head together with Alex Polvi of CoreOS and Matt Baldwin of StackPointCloud to try and make “GIFEE” a reality. At the end of a few late night IRC sessions, with about 8 weeks left before CoreOS Fest Berlin, we decided to work together to develop an “easy button” for Kubernetes that included TPM-enabled Trusted Compute. Our goal was simple: “3 clicks to k8s”.
Announcing On-Demand Trusted Computing
Last week (after two months of hustling - including cycling out hundreds of existing servers and installing TPM chips in them!) our efforts culminated in the launch of the first on-demand Distributed Trusted Computing solution during the CoreOS Fest keynote.
The “easy button” was StackPoint’s web-based provisioning platform, coupled with the latest Tectonic distribution and Packet’s TPM-enabled bare metal compute nodes. (You can try your own cluster in about ~30 minutes by going to www.stackpoint.io.)
To be honest, this was probably the most exciting product announcement I've ever made. And the reason is because the announcement wasn’t about TPM chips - those have been around for 10 years - but about shining a light on an entirely ignored level of internet security and making it easier and more valuable for Enterprises to embrace Cloud Native infrastructure. We're doing big things here, and I'm proud and honored to see the direction of the open source community.
Oh yeah, and we had an awesome after party at the coolest outdoor lounge in Berlin. Who said Linux can’t be sexy?
The Long Road to GIFEE Starts in 2016
In my opinion, we may just look back on 2016 and say “that’s when it all started.
With leaders in the free software community like CoreOS and those of us that play supporting roles in the stack of Cloud Native Computing working together, this year is shaping up to be the one where GIFEE gets democratized.
It’ll be a long road to deploy millions of applications in a more secure manner and I’m sure we’ll make plenty of wrong turns -- but we at Packet are proud to be doing our part to make it easy and consumable enough that all users, from Enterprises to Startups, can start building a more secure, scalable Internet.