Episode 94: The Donnie Berkholz Episode, "Freedom in health-care: a regular 'heck of a job, Comey' situation," DevOps & security, & Canonical's IPO ambitions

In a too rare spate of social commentary, we start talking about the price of hipster avocados in Australia and US health insurance. With one of our favorite analysts moving over the enterprise side, we talk about what it'd be like going through that door. We then wrap up talking about Canonical's IPO talk, related OpenStack market discussion, and then use CyberArk's acquisition of Conjur to discuss the state of privileges access management (PAM). We end, as always, with recommendations, including some CostCo discussion.

See the full show notes at http://www.softwaredefinedtalk.com/94

Mid-roll

• DevOpsDays MSP, July 25th to 26th: get 20% off registration with the code SDT (Thanks, Bridget!).
• Coté: CF Summit June 13 to 15, 2017.
  • 20% off registration code: cfsv17cote
• Coté: Want 2 days of Spring knowledge? Check out SpringDays
  • SpringDays.io
  • Get half-off with the code SpringDays_HalfOff
  • Chicago (May 30th to 31st)
  • New York (June 20th to 21st)
  • Atlanta (July 18th to 19th)
• Matt:
  • ChefConf May 22-24 NEXT WEEK!

The news from Australia

• Y'all gotta get your avocado pricing under control. $1.50 for a large one is about the ceiling 'roind here.
• As ever, the first step of your life-plan should be to become independently wealthy in your early 20s. Go work in a coal-mine otherwise.
• Also, pro-tip: if you're rich, your default position on social commentary should generally by STFU.
• Matt needs a driver's license

Health-insurance choices

• HSA is probably a good idea.
• Better get a FAX machine.
• This is a trigger issue for Coté, beware.

Donnie Berkholz at Carlson Wagonlit

• He Tweetered it: "to help them with their DevOps journey."
• He's a VP! - exec level #AchievementUnlocked
• He says: " With an all-new CEO and CPO/CTO, we're making a major pivot to become a software company focused on travel, rather than a travel agency with some apps."
• It'll be fun to see (hopefully!) what his group actually procures, uses, and does.
• He's already on that "welcome to enterprise software" shit: "Current status: Hating on vendors that don't publicly post pricing."
• Conference, travel, expenses? - like Concur/Amex travel?
• I recall using them for a lot of travel in the analyst days.
• Checks out: "Headquartered in Amsterdam, the company reported $23 billion in total transaction values[2] in 2016 and recorded almost 59 million transactions. The company has over 18,000 employees across nearly 150 countries."
• Their owner, Carlson (yes, of hotel fame, but also used to own things like TGI Friday's [from 1975 to 2014]) is in MN.
  • But then the hotels were bought by a Chinese group, HNA?
  • So now, Carlson Group is mostly just Wagonlit?

Canonical Eying an IPO?

• Coté's notebook on the topic.
• Link: "in the last year, Ubuntu cloud growth had been 70 percent on the private cloud and 90 percent on the public cloud." In particular, "Ubuntu has been gaining more customers on the big five public clouds." 5?
• Still, there is "no timeline for the IPO." First, Shuttleworth wants all parts of the slimmed down Canonical to be profitable. Then "we will take a round of investment." After that, Canonical will go public.
• The S1 filing is going to be fascinating.
• Mirantis still into OpenStack, Coté was straigh-up wrong: "The new platform allows users to deploy multiple Kubernetes clusters side-by-side with OpenStack — or separately."

CyberArk Buys Conjur

• "DevOps" is used 19 times in the press release.
• Coté: so, is this like "vault" type stuff in cloud-native land?
• Coté talked with a CyberArk SE at DevOpsDays Austin, they had a booth!
• 451 report from Garrett Bekker:
  • "privileged access management (PAM)"
  • "Conjur [founded in 2013] marks CyberArk's third acquisition, following the 2015 pickups of endpoint security vendor Cybertinel for an undisclosed sum and Windows least privileged management and application whitelisting firm Viewfinity for $30m. CyberArk paid $42m in cash and we estimate a multiple slightly north of 10x trailing revenue, potentially boosted by a competitive bid. Once the transaction closes, 20 Conjur employees will join CyberArk."
  • Conjur's "three core products are Privileged Access Management for managing 'secrets' such as SSH keys, Dynamic Traffic Authorization for controlling and brokering access to resources, and Compliance Monitoring for real-time reporting."
  • Founded in 1999, CyberArk "went public in September 2014 and is currently valued at about $1.7bn, with 2016 revenue of $216m."
• JJ on avoiding SSH, Coté Show #21.

BONUS LINKS! Not covered in the show. GNU GPL Stands Up In Court

• Keith Collins, Quartz write-up.
• Appears willful, embedding GPL software implicitly accepts the license.
• It's over: "Ghostscript—an interpreter for the PostScript language and the Adobe Portable Document Format (PDF)." It has dual-licensing, a la MySQL and friends.
• "Hancom issued a motion to dismiss the case on the grounds that the company didn't sign anything, so the license wasn't a real contract."
• "[Judge Jacqueline Scott Corley] denied the motion, and in doing so, set the precedent that licenses like the GNU GPL can be treated like legal contracts, and developers can legitimately sue when those contracts are breached."
• This has come up for Artifex as well, back in 2008.
• Not sure what this lawyer-cant is, but: "A few aspects of the decision are of particular interest to the open source community. For example, Hancom argued that Artifex could not plead breach of contract for violation of GPL and could not request specific performance of the terms of GPL. Hancom also argued that copyright damages were not available because the GPL grants royalty-free rights."
• More: "Here, in denying a motion to dismiss, the District Court only holds that the claims may proceed on the theories enunciated by Artifex, not necessarily that they will ultimately succeed."
• More history and context from Kieren McCarthy, at The Register, which Coté didn't really read.

DevOpsDays Austin Recap?

• Coté's main talk ("Not Actually a DevOps Talk"), and then Ignite (not up yet, but here's slides).
  • Also, a rare chance to see me setting up for a talk, with all the cord shit and all.
• Nicole Forsgren's slides
• Kelsey Hightower's talk, very personal and a great story.
• Videos are sort of up, just not cut-up.

WannaCry

• Windows XP still?
• Realish-time twitter bot watching ransomware payments into the BitCoin accounts.
• Find it with InSpec and fix it.

Linux in the Microsoft Store - Pigs seen flying over Redmond "Straightening" Out the Moby Story

• Coté: at the end of this, it seems like a pretty small deal to normals, only vendors should care…?
• From Lee Calcote at TheNewStack. ## Rackspace + Dell EMC Doing OpenStack
• Partnership

Recommendations

• Brandon:
  • Nobel Sandwich, in Austin, esp. breakfast/brunch.
  • Freakonomics episode: "Why is my life so hard"
• Matt:
  • Catastrophe Season 3 - profane, realistic comedy with Rob Delaney and Sharon Horgan (Amazon/BBC)
  • Fuzzes search engines to prevent them from profiling you.
• Coté:
  • Early on use, but, Google Photos - the XKCD perspective](https://xkcd.com/1832/) on photo management. Coté's Apple photo management rant in episode 22 of the Coté Show.
  • Also, butterfly your CostCo chicken breasts (eating just one half, or both) and cook to about 150-155 degrees, letting it heat up to 165 on the plate. Much better than figuring out the wicked problem of cooking a full, thick breast.