Exploring Open-Source and Cloud-Native with Tracy Miranda
The Business of Open Source21 Loka 2020

Exploring Open-Source and Cloud-Native with Tracy Miranda

The conversation covers:


  • Tracy’s thoughts on how the relationship between open-source and cloud-native should be described.
  • The advantages and disadvantages to an organization using open-source.
  • Some of the major risks associated with using open-source, and why companies should approach with caution.
  • Why CI/CD is a rising security concern for open-source organizations.Tracy also provides her thoughts on how businesses are handling the CI/CD pipeline today, and where the trend is heading.
  • Some of the unresolved challenges related to continuous delivery that currently exist.
  • Tracy’s advice for companies that are just starting to develop an open-source contribution strategy.
  • How companies should approach topics like open-source strategizing and building open-source communities.
  • The common mistakes that individuals and companies make when nurturing open-source communities. Tracy also comments on mistakes that people are making with continuous delivery.

Links

Emily: Hi everyone. I’m Emily Omier, your host, and my day job is helping companies position themselves in the cloud-native ecosystem so that their product’s value is obvious to end-users. I started this podcast because organizations embark on the cloud naive journey for business reasons, but in general, the industry doesn’t talk about them. Instead, we talk a lot about technical reasons. I’m hoping that with this podcast, we focus more on the business goals and business motivations that lead organizations to adopt cloud-native and Kubernetes. I hope you’ll join me.



Emily: Welcome to The Business of Cloud Native. Today, I'm chatting with Tracy Miranda. Tracy, thank you so much for joining me.



Tracy: Hi, Emily. Thanks for having me. It's my pleasure.



Emily: So, as usual, I just want to start off with having you introduce yourself, both what you do, where you work, but also, like, some details, what does this actually mean? How do you actually spend your day?



Tracy: Yeah, so I'm the director of open-source CloudBees, and I'm also the board chair at the Continuous Delivery Foundation, which is an open-source foundation, which is home to projects like Jenkins, and Spinnaker, and Tecton, and Jenkins X. So, basically, I'm a big fan of all things open-source, which in day-to-day means I'm doing anything which is related to building communities. So, either involved with code, or building communities and through conferences, or sometimes just the boring governance stuff around open-source.



Emily: What is the boring governance stuff around open-source?



Tracy: So, I guess it is just trying to get folks moving in the same direction, and reminding people that it's sometimes more than just code. And whether it's updating a code of conduct, and one of the things we've seen and—okay, I wouldn't call this boring; it's actually taken over a bit in open-source communities, but it's sort of different from the code, but it's the whole terminology updates. We've seen a lot of open-source communities have become more aware about wanting to be better about using terms like ‘master’ and ‘slave’ and move away from that. That being said, it's not that easy, so there's a lot to do in getting people on the same page and ready to move forward even before you can start changing a line of code.



Emily: Since the topic of the podcast is cloud-native, obviously, open-source and cloud-native are related. In fact, some people think that cloud-native must be open-source. Where do you fall on that spectrum? How do you think the relationship between open-source and cloud-native should be described?



Tracy: Yeah, I think that they're pretty distinct things. So, cloud-native is all about using the Cloud effectively and having technology which takes advantage of modern architectures to give you things like rapid elasticity, or on-demand self-service. And that's distinct from open-source, which is around the licensing, and it's become more about communities, as well. But I think because Kubernetes has been the most successful cloud-native project that is open-source, I guess there's become this very, very strong association which, in my mind, is a very, very good thing because I think open-source communities are really the way to drive innovation very, very quickly across the industry.



Emily: And this may seem sort of obvious, but what are some of the advantages and disadvantages to an organization in using open-source?



Tracy: Yes. So, I think—well, lots—virtually every company uses open-source, and the first thing people can see as the benefits are just the engineering efficiencies. So, using technologies which, say aren’t core to the business, but then building on top of those and taking advantage of the features rather than dedicating their own engineering resources to developing them. I used to work as a consultant, and I would go from company to company, and usually, they would be adopting open-source when they wanted to get away from an in-house project where the people or person who had written it had left the company. So, I think there's a lot to be said, as well, for sustainability of technology: that communities and open-source communities are really good at sustaining projects over the long term, and therefore kind of the best bet for technology that's going to live on beyond individuals or even companies, acquisitions, or whatever.



Emily: Do you think there are any risks to using open-source? I'm even interested in hearing if there are risks that are not real, but that are perceived risks. And then even maybe some risks that people don't think about, but that are in fact, quite real.



Tracy: Yes, yeah, no, absolutely there are risks. So, it's wise for companies to approach with caution. I think the risks sort of depend on which side—like, are you looking to just use open-source that someone else has written, or are you contributing something, which might be key to your company, but then you’re saying, “Okay, I'm going to do this in an open way,” which brings us to one of those common perceived myths, that someone, like a cloud provider, is then going to take your open-source software and do a better job of making money around it, so thereby just ruining your entire business model.



And I think the other area where we tend to see a lot of dialogue around, is always around open-source security. For a long time, people used to, sort of, make out that this was different from closed source security, somehow. Security through obscurity meant that closed-source was better than open-source, which is clearly not the case. You can have secure open-source software, not secure open-source software. It just really depends on the project and the practices.



Emily: And then also, I thought we'd talk a little bit specifically about this CI/CD work that you do. How important is CI/CD, do you think, in the pursuit of being cloud-native?



Tracy: Yes, no, I think CI/CD h...

Jaksot(267)

David and Goliath in the CMS Market with Thomas Schedler

David and Goliath in the CMS Market with Thomas Schedler

This week on The Business of Open Source, I spoke with Thomas Schedler, co-founder and CEO of Sulu. Sulu is a small, bootstrapped company that spun out of an agency; Thomas was recommended by someone to me as a guest, but when I first reached out to him he was skeptical about coming on the show because he wasn’t sure he was a good fit. But there’s a bunch to learn from this episode! Spinning out from an agency —> in my experience, one of the most common ways for open source companies to be bootstrapped, or even to be go on to raise venture capital, is to start out as a web development agency that uses a lot of open source tools.They are working on moving away from services and getting more revenue from the product; and Thomas talked about the advantages that they get from providing both services and developing a product-based business strategy.The CMS market is crowded! And everyone is open source, so being an open source company doesn’t differentiate the product at all. So how does Sulu differentiate itself in the market? Thomas talked about it. I loved that Thomas talked about how important opinions and technology choices are in differentiating themselves on the market. I also loved that Thomas talked about keeping some things out of the product as a way to differentiate themselves from others. Sometimes more features can deliver less value to users. How being small can allow you to move quicker, and that gives Sulu and advantage over the huge players in the CMS market.Why differentiation and knowing your niche is so important when you’re a small company competing again large players. Do you need to differentiate yourself in a crowded market? You might want to work with me.

28 Touko 35min

Open Source Firmware for EV Charging Stations with Marco Möller

Open Source Firmware for EV Charging Stations with Marco Möller

This week on The Business of Open Source I spoke with Marco Möller, CEO and co-founder of Pionix. This was a fabulous conversation about a company that’s in a very different market from the usual open source company: They make firmware for EV charging stations, and are behind the EVerest project, which is part of LF Energy. So who is part of the community open source projects that are so connected to hardware? Here’s what we talked about. There aren’t many hobbyists in the community — but there are a lot of people who have professional interests in the electric vehicle industry. EVerest doesn’t focus on what Marco considers “personal” or “hobbiest” features. This was a great discussion about how understanding the target market, including for the project, leads to different feature decisions. How does Pionix money? It doesn’t yet :), but we talked about various plans the company has for monetization in the future. How being involved with the LF Energy has helped build trust, which is very important for a company that is only going to be selling to large companies and governments. Why Marco thinks that the huge vision he has for creating firmware for EV charging stations is only possible with open source, and how he makes sure that he’s able to fund the large mission without hurting the community. The balancing act with getting investors who specialize in the energy market but who don’t have experience with open sourceStruggling with positioning your project or figuring out how to best monetize? You might want to work with me.

14 Touko 33min

AI-generated Code Copied from Open Source with Julian Coccia

AI-generated Code Copied from Open Source with Julian Coccia

This week on The Business of Open Source, I spoke with Julian Coccia, CTO of ScanOSS, about selling access to data while making open source software. Of course, we also talked about being an open source company that is also deep in the open source world, helping companies understand their reliance on open source code and how open source is used in their codebase. Several things that we talked about: AI and open source code. This is a topic that’s slightly tangential to business, but very interesting to me. If you’re using an AI code generator, you are almost certainly putting verbatim copies of open source code into your codebase, but without realizing you’re doing so and without any understanding of the license requirements. This is a huge compliance risk. 2% of code generated by AI is a verbatim copy of open source code. How the biggest challenges isn’t necessarily monetizing, but getting visibility into the sales funnel. It can feel random and sudden; a company appears out of nowhere ready to sign a contract because they’ve been using the open source project for months. This is the last week to get tickets for Open Source Founders Summit, so if you want to join other leaders of open source companies May 19th and 20th in Paris, get your tickets now!

7 Touko 35min

How to be Successful when Donating a Project to the CNCF with Liz Rice

How to be Successful when Donating a Project to the CNCF with Liz Rice

Today on The Business of Open Source I spoke with Liz Rice, Chief Open Source Officer at Isovalent, which is now part of Cisco. We addressed two subjects: How to be successful as a company that donates their project to the CNCF, and the story of Isovalent’s acquisition by Cisco and the role open source played in that acquisition. We talked about: Trademarks. This is a very important part of what you donate when you donate a project to the CNCF (or other foundations). We talked about what you can and can not do with the name and logo of “your” project when it becomes part of the CNCF, and what that means for the competitive landscape you’re a part of. How to best take advantage of the marketing benefits that being part of the CNCF brings. How to create a link between the CNCF project and the company that donated it. The role that Cilium and eBPF played in Isovalent’s acquisition by Cisco. Why Isovalent’s relationship with open source is valuable to Cisco in and of itself. How open source companies can increase the likelihood that they’ll be able to continue investing in open source post-acquisition. Why it’s so important to find opportunities for collaboration. Want help making the link between your CNCF project and your commercial product? You might want to work with me.

30 Huhti 40min

Open Source Manifestos with Vincent Untz

Open Source Manifestos with Vincent Untz

This week on The Business of Open Source I talked about Open Source Manifestos with Vincent Untz, CTO of Centreon. The entire conversation focused on this idea of open source manifestos, which Vincent is going to talk about at Open Source Founders Summit — and I had never heard of before. The idea to create an open source manifesto came about because internally there was a lot of frustration around Centreon’s relationship with open source. A lot of people, especially those who didn’t come from an engineering background, would routinely ask why the company invested so much in open source. At the same time, there was a feeling among the engineering team that the company’s commitment to open source — and the concrete development time spent on open source — was slipping. After creating the manifesto, the doubts about why open source mattered went away immediately — there hasn’t been a single conversation calling into question why open source matters since the manifesto was finished. Now conversations about open source are different. Externally, there’s been a huge change in conversations around open source. People say things like “Centreon is back in the game.” It’s hard to point to concrete financial results as a result of the manifesto, but there have been differences in relationships with partners for sure, and it has helped get more companies to contribute to the project. Want to see what the Centreon Open Source Manifesto looks like? Check it out here.

2 Huhti 39min

How a Rebrand Increased Sales with Lukas Gentele

How a Rebrand Increased Sales with Lukas Gentele

This week on The Business of Open Source, I spoke with Lukas Gentele, the CEO and co-founder of LoftLabs. Here’s some of the things we covered: There are many open source projects at LoftLabs. We talked about what the team did differently the second time round, when they’d had the experience of creating the first project under their belt, and why they continued creating additional projects after that. How they make roadmap decisions to decide what goes in the OSS versus what goes in the enterprise editionHow they thought about the benefits to the business from open sourcing vCluster, the second project they released, and whether or not the theory about how it would benefit the business ended up being correct. Whether or not open code is necessary for community building, and why. In particular, we talked about the difference in how people feel ‘ownership’ of open source projects when they contribute to them. The pros and cons of building different brands around your project, your product and your company; and of having different brands around your different projects. We talked about this a lot; LoftLabs has a different company brand from any of the products or projects, but they discovered that if the project and product do not have the same brand, people get so confused that they ultimately do not buy. If you need to figure out how to brand your project and product, you might want to work with me. If you want an opportunity to talk with other founders about branding, community building, and more, you should join us at Open Source Founders Summit May 19th and 20th in Paris.

26 Maalis 42min

Fundraising and M&A for Open Source Companies with Daniel Jarjoura

Fundraising and M&A for Open Source Companies with Daniel Jarjoura

This week on the Business of Open Source I spoke with Daniel Jarjoura, an investor at Avolta who specializes in developer-facing companies, and who writes a newsletter on developer-facing startups and also collects data on investments in open source companies. We spoke about the overall state of investment for open source companies and specifically the state of investment in open source companies in Europe. Here’s what we talked about: Differences between venture funding for OSS companies in Europe and in NAHow open source companies were relatively stable in terms of getting venture funding, even as the entire venture funding ecosystem was in free-fall.How it might be true that European investors don’t understand open source companies, but on the other hand plenty of North American investors invest in European companies. Do developers trust open core companies? We had a discussion about whether or not open source companies have a trust problem…How important communication is for open source companies, something that I think is very true — a lot of the problems that open source companies run into when they either adopt an open core model or even when they do a license change. How founders can do a better job communicating with their VCs, including how to do a better job targeting appropriate investors. What do optimizing for in the VC relationship … and spoiler alert, that is for money. You might want a perfect VC who can make introductions, give you advice, give you money, be nice, etc. But the most important thing is the cash; focus on that. The second most important is the introductions. But advice isn’t something you should count on from VCs, and that really isn’t a VCs job, anyway. We finished the conversation with a discussion about M&A for open source companies. If you want good advice about your open source company, you might want to work with me. If you want an opportunity to talk with other founders about things like M&A for open source companies, communicating with VCs, and other topics specific to open source companies, you should join us at Open Source Founders Summit May 19th and 20th in Paris.

19 Maalis 43min

Products, consulting, and open source with Andrew Martin

Products, consulting, and open source with Andrew Martin

This week on The Business of Open Source I spoke with Andrew Martin, CEO and founder of Control Plane. Control Plane is ultimately a consulting company, as Andrew introduced it. But the company also created and maintains KubeSec, and also has an enterprise version of Flux CD that it licenses. That gives this conversation a slightly different flavor from the usual. Here’s some of the things we talked about: The business ROI that Andrew expected to get from releasing KubeSec, and whether or not he as actually seen those expected results play outThe difference between bootstrapping a company by offering services and by offering consulting — specifically what the difference between services and consulting is. The problem with “drive-by” feature development in open source projects — when people contribute features but don’t commit to the ongoing maintenance of the projectWhy Control Plane decided to release an enterprise version of FluxCD, and how the enterprise version of Flux is differentiated from the pure open source project. Why underinvesting in marketing, especially in marketing for the open source projects, was a mistakeJoin us at Open Source Founders Summit if you want more conversations about how companies are built around open source projects, from consultancies to large corporations.

12 Maalis 36min

Suosittua kategoriassa Liike-elämä ja talous

sijotuskasti
mimmit-sijoittaa
psykopodiaa-podcast
puheenaihe
rss-rahapodi
ostan-asuntoja-podcast
rss-lahtijat
pomojen-suusta
rss-rahamania
rss-startup-ministerio
rss-turvacast
taloudellinen-mielenrauha
rss-neuvottelija-sami-miettinen
rahapuhetta
rss-h-asselmoilanen
oppimisen-psykologia
kasvun-kipuja
sijoituspodi
hyva-paha-johtaminen
rss-40-ajatusta-aanesta