[Music] hello and welcome back to the cube coverage of red hat summit 21 2021 i'm john furrier host of thecube it's virtual this year as we start preparing to come out of cove but a lot of great conversations here happening around technology this is the emerging technology with red hat segment we've got three great guests steve watt manager distinguished engineer at red hat hill singh senior software engineer red hat and luke heinz who's the senior software engineer as well that's a good thing we got the engineering team steve you're the the team leader emerging tech within red hat always something to talk about you guys have great tech chops that's well known in the industry and obviously now part of ibm you you've got a deep bench um what's what's your how do you view merging tech um how do you apply it how do you prioritize give us a quick overview of the emerging tech scene at red hat yeah sure it's quite a conflated term the way we define emerging technologies is that it's a technology that's typically 18 months plus out from commercialization and this can sometimes go six months either way another thing that about it is it's typically not something on any of our product roadmaps within the portfolio so in some sense it's often a bit of a surprise that we have to react to so no real agendas not i mean you have some business unit kind of probably a gym but you had to have first principles within red hat but for this you're looking at kind of the moon shot so to speak the big game changing shifts quantum you know you got now supply chain from everything from new economics new technology is that kind of getting it right yeah i think we we definitely use a couple of different techniques to prioritize and filter what we're doing the first is something will pop up and it'll be like is it in our addressable market so our addressable market is that we're a platform software company that builds enterprise software and so you know it's got to be sort of fit into that as a great example if somebody came up came to us with an idea for like a drone command center which is a military application it is an emerging technology but it's something that we would pass on yeah i mean actually makes sense but he also what's interesting is that you guys have an open source dna so it's you have also a huge commercial impact and again open source is one of the fourth fifth generation of awesomeness so you know the goodness is open source is well proven but as you start getting into this more disruption you got the confluence of you know core cloud cloud native industrial and iot edge and data all this is interesting right this is where the action is how do you guys bring that open source community participation you got more stakeholders emerging there before deep breakdown the the how that how you guys manage all that complexity yeah sure um so i think that the way i would start is that um you know we like to act on good ideas but i don't think good ideas come from any one place and so um we typically organize our teams around sort of horizontal technology sectors so you've got you know luke who's heading up security but i have an edge team a cloud networking team a cloud storage team uh cloud application platforms team so we've got these sort of different areas that um we sort of attack work and opportunities but you know the good ideas can come from a variety of different places so we try and leverage co-creation with our customers and our partners so as a good example of something we had to react to a few years ago was k-native right so the sort of a new way of doing serverless and eventing on top of kubernetes that was originated from google whereas if you look at quantum right ibm's the actual driver on quantum science and uh that that originated from ibm where peru will talk about exactly how we chose to respond to that some things are originated organically within the team so luke talking about sixth law is a great example of that but we do have a we sort of use the addressable market as a way to sort of focus what we're doing and then we try and land it within our different emerging technologies teams to go tackle it now you asked about open source communities which are quite interesting so typically when you look at an open source project it's it's there to tackle a particular problem or opportunity sometimes what you actually need commercial vendors to do is when there's a problem or opportunity that's not tackled by any one open source project we have to put them together to create a solution to go tackle that thing that's also what we do and so we sort of create this bridge between red hat and our customers and multiple different open source projects and this is something we have to do because sometimes just that one open source project doesn't really care that much about that particular problem they're motivated elsewhere and so we sort of create that bridge we've got two great um cohorts here and colleagues parole on the on the quantum side and you got luke on the security side peru i'll start with you quantum is obviously huge you mentioned ibm great leadership there quantum on openshift i mean come on just that's not coming together for me in my mind it's not the first thing i think of but it really that sounds compelling take us through you know um how this changes the computing landscape because you know heterogeneous systems is what we want and that's the world we live in but now with distributed systems and all kinds of new computing modules out there how does this make sense take us through this um yeah jones but before i think i want to explain something which is uh called quantum supremacy because it plays very important role in the roadmap that been working on so uh quantum computers they are evolving and they have been around but right now you see that they are going to be the next thing and we define quantum supremacy as let's say you have any program that you run or any problem that you solve on a classical computer a quantum computer would be uh giving you the results faster so that is uh that is how we define quantum supremacy when the same workload are doing better on quantum computer than they do in a classical computer so the whole uh the whole drive is all the applications or all the companies they're trying to find avenues where quantum supremacy are going to change how they solve problems or how they run their applications and even though quantum computers they are there but uh it is not as easily accessible for everyone to consume because it's it's a very new uh area that's being formed so what what we were thinking how we can provide a mechanism that you can you know connect these two walls you have a classical world you have a quantum world and that's where uh a lot of thought process went and we thought okay so with openshift we have the best of the classical components you can take openshift you can develop deploy run your application in a containerized platform what about you provide a mechanism that the workloads that are running on openshift they are also consuming quantum resources or they are able to run uh the competition on quantum computers take the results and integrate them in their normal classical workloads so that is the whole that was the whole inception that we had and that's what brought us here so we took an operator-based approach and what we are trying to do is establish the best practices that you can have these heterogeneous applications that can have classical components talking to or interacting the results or exchanging data with the quantum components so i got to ask with the rise of containers now kubernetes at the center of the cloud native value proposition what workloads do you see benefiting from the quantum systems the most is there do you guys have any visibility on some of those workloads um so again it's it's a very new it's a very it's we are very early in the time and uh we talk with our customers and every customers they are trying to identify themselves first where uh these quantum supremacy will be playing the role what we are trying to do is when they reach there we should have a solution that they are that they could uh they use the existing infra that they have on openshift and use it to consume the quantum computers that may or may not be uh inside their own cloud well i might want to come back and ask you some of the impact on the landscape i want to get to luke real quick because you know i think security quantum breaks security potentially some people have been saying but you guys are also looking at a bunch of projects around supply chain which is a huge issue when it comes to the landscape whether it's components on a machine in space to actually handling you know data on a corporate database you guys have sig store what's this about sure yeah so sick store good way to frame sig store is to think of let's encrypt and what let's encrypt did for website encryption is what we plan to do for software signing and transparency so six store itself is an umbrella organization that contains various different open source projects that are developed by the six store community now sigstor will be brought forth as a public good non-profit service so again we're very much basing this on the successful model of let's encrypt six store will will enable developers to sign software artifacts bills and materials containers binaries all of these different artifacts that are part of a software supply chain these can be signed with six store and then these sign-in events are recorded into a technology that we call a transparency log which means that anybody can monitor sign-in events and a transparency log has this nature of being read-only and immutable it's very similar to a blockchain it allows you to have cryptographic proof auditing of our software supply chain and we've made sigstors so that it's easy to adopt because traditional cryptographic sign-in tools are a challenge for a lot of developers to to implement in their open source projects they have to think about how to store the private keys do they need specialist hardware if they were to lose a key then cleaning up afterwards the blast radius of the key compromise can be incredibly difficult so six stores role and purpose essentially is to make signing easy easy to adopt by projects and then they have the protections around there being a a public transparency log that could be monitored so this is all about open being open more open makes it more secure is the thesis very much yes yes it's that security principle of the more eyes on the code the better so let me just back up is this an open you said it's going to be a non-profit uh that's correct yes yes so all of the the code is developed by the community it's all open source anybody can can look at this code and then we plan alongside the linux foundation to launch a public good service so this will make it available for anybody to use it'd be a non-profit free to use service so luke maybe steve if you can weigh in too on this i mean this is goes back if you look back at some of the early cloud days but people were really trashing cloud as there's no security in cloud turns out it's more security now with cloud uh given the complexity and scale of it does that apply the same here because this i feel this is a similar kind of concept where it's open but yet the more open it is the more secure it is and then it and then might have a be a better fit for say an i.t security solution because right now everyone's scrambling on the i.t side um whether it's zero trust or endpoint protection everyone's kind of trying everything in sight this is kind of changing the paradigm a little bit on software security could you comment on how you see this playing out in traditional enterprises because if this plays out like the cloud open wins so luke why don't you take that and then i'll follow up with another lens on it which is the operate first piece sure yes so i think in a lot of ways this has to be open this technology okay because this way we have we have transparency the code can be audited openly okay our operational procedures can be ordered openly and the community can help to develop not only our code but our operational mechanisms so we look to use technology such as kubernetes openshift operators and so forth six store itself runs completely in a cloud it is it is cloud native okay so it's very much in the paradigm of cloud and yet essentially security always it's it it operates better when it's open you know i found that from looking at all aspects of security over the years that i've worked in this realm okay so just just to add to that some some other context around six law that's interesting which is you know software secure supply chain so six store is a solution to help build more secure software secure supply chains or more secure software supply chain and um so um there's there's a growing community around that and there's an ecosystem of sort of cloud native kubernetes centric approaches for building more secure software i think we all caught the solarwinds attack it's sort of enterprise software industry is responding sort of as a whole to go and close out as many of those gaps as possible reduce the attack surface so that's one aspect about why sixth law so interesting another thing is how we're going about it so we talked about um you mentioned some of the things that people like about open source which is one is transparency so sunlight is the best disinfectant right everybody can see the code we can kind of make it more secure and then the other is agency where basically if you're waiting on a vendor to go do something if it's proprietary software you you really don't have much agency to get that vendor to go do that thing whereas open source if you don't if you're tired of waiting around you can just submit the patch um so um what we've seen with package software is with open source we've had all this transparency and agency but we've lost it with software as a service right where vendor or cloud service providers are taking package software and then they're making it available as a service but that operationalizing that software that is proprietary and it doesn't get contributed back and so what luke's building here as long along with our partners dan lawrence from google very active contributor in it the is the operational piece to actually run sigstor as a public service is part of the open source project so people can then go and take six store maybe run it as a smaller internal service maybe they discover a bug they can fix that bug contribute it back to the operationalizing piece as well as the traditional package software to basically make it a much more robust and open service so you bring that transparency and the agency back to the sas model as well luke if you don't mind before before i end this segment a portion of it the importance of immutability is huge in the world of data can you share more on that because you're seeing that as a key part of the blockchain for instance having this ability to have immutability because you know people worry about you know how things progress in this distributed world you know whether you know from a hacking standpoint or tracking changes immutability becomes super important and how it's going to be preserved in this uh new sig store way sure yeah so immutability essentially means cannot be changed so the structure of something is is set if if it is any way tampered or changed then it breaks the cryptographic structure that we have of our public transparency service so this way anybody can effectively recreate the cryptographic structure that we have of this public transparency service so this immutability provides trust that there is non-repudiation of the data that you're getting this data is data that you can trust because it's built upon a cryptographic foundation so it has very much similar parallels to blockchain you can trust blockchain because of the immutable nature of it and there is some consensus as well anybody can effectively download the blockchain and run it themselves and compute that the integrity of that system it can be trusted because of this immutable nature so that's why we made this an inherent part of sigstor is so that anybody can publicly audit these events and data sets to establish that they're tamper-free that's a huge point i think one of the things beyond just the security aspect of being hacked and protecting assets um trust is a huge part of our society now not just on data but everything right anything that's reputable whether it's videos like this being deep faked or you know or news or any information all this ties to security again fundamentally an amazing concept um really want to keep an eye on this great work um paul i got to get back to you on on quantum because again you can't i mean people love quantum it's just it it feels like so sci-fi and it's like almost right here right so close and it's happening um and then people get oh wait what does that mean for security we'll go back to luke and ask him we'll quantum you know hack crypto um but uh before we get started i wanted to i'm curious about how that's going to play out from the project because is it going to be more part of like a cncf how do you bring the open source vibe to quantum um so that's a very good question because uh that was a plan the whole work that we are going to do in related to operators to enable quantum uh managed by the open source community and that project lies in the cuskit so cuskit has their own open source community and all the modification oh by the way i should first tell you what excuse kid so cuskid is the sdk that you use to develop circuits that are run on ibm or honeywell backend so there are certain quantum computers back in that support uh circuits that are created using uh cuskid sdk which is an open source as well so there is already a community around this which is dq skid open source community and we have uh push the code and all the maintenance is taken care by that community uh to answer your question about uh if we are going to integrate it with cncf that is not in the picture right now we are uh it has a place in its own community and it is also very niche to people who are working on the quantum so right now you have like uh uh the contributors who who are from ibm as well as other uh communities that are specif specifically working on quantum so right now i don't think so we have the map to integrated with cncf but open source is the way to go and we are on that trajectory you know we joke here at the cube that a cube bit uh is coming around the corner can help but weave that in you know different with a c but um luke i want to ask you one of the things that while you're here your security guru i wanted to ask you about quantum because a lot of people are scared that quantum's going to crack all the keys on on encryption um with this power and more hacking you just comment on that what's your what's your reaction to that sure yes that's an incredibly good question this will occur okay and i think it's really about preparation more than anything now one of the things that we there's a principle that we have within the security world when it comes to coding and designing of software and this aspect of future cryptography being broken as we've seen with the likes of md5 and sha-1 and so forth so we call this algorithm agility so this means that when you write your code and you design your systems you make them conducive to being able to easily swap and pivot the algorithms that you use so the encryption algorithms that you have within your code you do not become too fixed to those so that if as computing gets more powerful and the current sets of algorithms are shown to have inherent security weaknesses you can easily migrate and pivot to a stronger algorithm so that's imperative really is that when you build code you practice this principle of algorithm agility so that when sha256 or shah 512 becomes the shah one you can swap out your systems you can change the code in a very least disruptive way to allow you to address that flaw within your within your code in your software projects you know luke this is mind bender right there because you start thinking about what this means is when you think about algorithmic agility you start thinking okay software counter measures automation you start thinking about these kinds of new trends where you need to have that kind of signature capability you mentioned with this project you're mentioning so the ability to actually who signs off on these this comes back down to the paradigm that you guys are talking about here yes very much so there's there's another analogy from the security world they call it turtles all the way down which is effectively you always have to get to the point that a human or a computer establishes that first point of trust to sign something off and so so it is it's a it's a world that is ever increasing in complexity so the best that you can do is to be prepared to be as open as you can to make that pivot as and when you need to pretty impressive great insight steve we could talk for hours on this uh panel emerging tech with red hat just give us a quick uh summary of what's going on obviously you've got a serious brain trust going on over there real world impact when you talk about the future of trust future software future of computing all kind of going on real time right now this is not so much r d as it is the front range of tech give us a quick overview yeah sure so yeah sure the first thing i would tell everyone is go check out next.redhat.com that's got all of our different projects uh who to contact if you're interested in learning more about different areas that we're working on and it also lists out the different areas that we're working on but just as an overview um so we're working on software defined storage cloud storage sage wheel the creator of ceph is the person that leads that group we've got a team focused on edge computing they're doing some really cool projects around very lightweight operating systems that and kubernetes you know openshift-based deployments that can run on uh you know devices that you screw into the sheetrock you know for that's that's really interesting um we have a cloud networking team that's looking at ovn and just intersection of ebpf and networking and kubernetes and then you know we've got an application platforms team that's looking at quantum but also sort of how to advance kubernetes itself so that's that's the team where you got the persistent volume framework from in kubernetes and that added block storage and object storage to kubernetes so there's a lot of really exciting things going on um our charter is to inform red hat's long-term technology strategy uh we work the way my personal philosophy about how we do that is that red hat has one product engineering focuses on their product roadmap which is by nature you know then six to nine months and then the longer term strategy is set by both of us and it's just that they're not focused on it we're focused on it and we spend a lot of time doing disambiguation of the future and that's kind of what we do we love doing it i get to work with all these really super smart people it's a fun job well great insights it's super exciting emerging tech within red hat obviously the industry you guys are agile you're open source and now more than ever open source is a productization of open source is happening at such an accelerated rate steve thanks for coming on parole thanks for coming on luke great insight all around thanks for sharing um the content here thank you our pleasure thank you okay we were more more red hat coverage after this this video obviously emerging tech is huge watch some of the game-changing action here at red hat summit i'm john furrier thanks for watching [Music] you
2021-05-03