Podcasts about open uk

Martin Woodward, vice president of developer relations at Github, discusses how the benefits of open source culture still exist in a hyper-capitalist society, but tech has moved away from the idealism of early open source, what the future of software development might look like and way coders don't necessarily have to be afraid that AI will take their jobs.  Github is a platform for software developers to collaborate, create and share projects. The service has over 150 million users globally and has been at the heart of countless software innovations. In 2018, the platform was acquired by Microsoft for $7.5bn. Woodward is both an executive at the company and a member of the British open source advocacy group OpenUK. 

How is open source shaping the future of technology, governance, and AI regulation? In this episode of Tech Talks Daily, I sit down with Amanda Brock, CEO of OpenUK, to explore the evolving role of open source in the age of AI, the shifting geopolitical landscape, and the ongoing push for diversity in tech. Since our last conversation, AI has taken center stage, raising urgent questions about transparency, intellectual property, and the future of open innovation. Amanda shares insights on how OpenUK advocates for open technology frameworks, the importance of sustainable funding for open-source projects, and the growing influence of standards in shaping global AI policy. She also discusses the UK's unique position between the EU's regulatory-heavy approach and the US's innovation-driven model—offering a glimpse into how policymakers grapple with the balance between governance and technological progress. With the episode airing on International Women's Day, we also dive into the state of diversity in tech. While open source has historically been a gateway for talent from all backgrounds, Amanda highlights the challenges ahead as many organizations scale back DEI initiatives. She shares how OpenUK fosters inclusivity through events like State of Open Con and why open source remains a critical entry point for aspiring developers worldwide. We also discuss the AI Action Summit and its impact on global AI policy, the rise of open-weight AI models, and why the phrase "tools, not rules" could define the future of AI governance.  Amanda also discusses her work on AI openness at AI for Good in Geneva and sustainability initiatives at COP30 in Brazil. She also shares how businesses and policymakers can contribute to a more open, collaborative future. How can open source drive innovation while ensuring accountability in AI? And what role will the UK play in shaping the global tech landscape? Tune in for a thought-provoking discussion with one of the leading voices in open technology.

Governments around the globe have been recognizing that open source code is a core dependency in every modern software solution. Whether or not it is a good thing that is still a question. But one thing is for sure, if you are involved in an open source project or selling a product or service that depends on one, this will affect you!In the commercial world, when something goes wrong with a product or service that a company provides, the company is liable for damages. So, what happens when a solution that contains open source code fails? And especially, what happens if the bug or vulnerability was introduced by the open source component? Who is liable? Is it the developer? Is it the open source community? Is it the company who used the code? Or?In this episode of the My Open Source Experience Podcast, Ildiko and Phil are chatting with Amanda Brock. Before becoming the CEO of OpenUK, Amanda used to be a lawyer. With that background, it is no surprise that she keeps a close eye on the legislations and regulations that governments have been creating around open source. The group talks about this ongoing work, and how this affects people and companies in the ecosystem.In this episode, you'll learn more about topics, such as:- CRA (Cyber Resiliency Act)- PLD (Product Liability Directive)- The challenges with some of the current regulations and what to look out forIt is crucial to help government officials and regulators understand the methods, processes and dynamics of open source communities and overall ecosystem. Everyone who's part of this ecosystem plays a role in educating those who don't have the expertise and the experience, including YOU!Amanda's books: https://amandabrock.com/books/ Hosted on Acast. See acast.com/privacy for more information.

How are modern cloud-native environments changing the way we handle security? Liz Rice, Chief Open Source Officer at Isovalent, explains why traditional IP-based network policies are becoming outdated and how game-changers like Cilium and eBPF, which leverage Kubernetes identities, offer more effective and readable policies. We also discuss the role of community-driven projects under the CNCF, and she shares tips for creating strong, future-proof solutions. What challenges should we expect next? Tune in to find out!Liz Rice is Chief Open Source Officer with eBPF specialists Isovalent, creators of the Cilium cloud native networking, security and observability project. She is the author of Container Security, and Learning eBPF, both published by O'Reilly, and she sits on the CNCF Governing Board, and on the Board of OpenUK. She was Chair of the CNCF's Technical Oversight Committee in 2019-2022, and Co-Chair of KubeCon + CloudNativeCon in 2018.She has a wealth of software development, team, and product management experience from working on network protocols and distributed systems, and in digital technology sectors such as VOD, music, and VoIP. When not writing code, or talking about it, Liz loves riding bikes in places with better weather than her native London, competing in virtual races on Zwift, and making music under the pseudonym Insider Nine.

(2:00) Our Pier-less Military — Needlessly Complex, Expensive FailuresThe Gaza Pier is Gone with the Wind — a boondoggle, Rube Goldberg project that necessitated by spineless politicians' subservience to Israel blockade of food aidWATCH the flotsam ruins and the mockeryStill no food deliveriesRussian jamming has completely destroyed the accuracy of "smart" munitions —  complex, expensive, and broken(27:58) The Only Border That is NOT a "National Security Interest" of the Empire is USA Southern BorderSpecial forces colonel engages 2 Chechens taking pictures of his home and family, kills oneTwo illegal aliens apprehended as they try to enter Marine base in Virginia(37:16) NATO's Pearl Harbor…passive aggressive war…aggressive abroad, passively leaving border openUK government tells citizens to prep — food, water, wind up torches, etcWhy now?  Is war coming?Rishi Sunak, already behind in the polls, pushes a military draft, an idea floated previously in response to RussiaIt's no longer a secret — openly talking about USA weapons used against Russia(54:59) Tim Pool Tries to Memory-Hole 2020 Trump TyrannyTrump will "consider" prosecuting FauciWATCH Trump says it was Biden who made Fauci King, but we've got the clips that show just the opposite.WATCH just before 2020 election, Trump supporters begged him to fire FauciWATCH why Trump didn't fire FauciWATCH Trump tries to sell the lie that Governors did it…here's the proof it was TrumpWATCH Trump says he stopped GOF — NO, he reinstated it after it had been stopped in 2014WATCH Trump pretends he will pardon Assange(1:36:09) How the Trump crew tried to rig the Libertarian ConventionPacking the houseStolen reserved seatsSecret Service confiscated rubber "debate chickens"Listener asks about Dr. Shiva(1:49:51) DEI Death Panels for Transplants A "diversity" point system of financial rewards and punishment to incentivize a racist allocation of kidney transplants (2:03:17) Strategic Shortages of Energy by Democrats at War with AmericaBiden to empty Strategic Petroleum Reserve, to temporarily lower gas prices over the 4th of July holiday for personal political gainNewsom's war on gasoline negatively impacts even neighboring Democrat statesEPA's "Clean Power Plan 2.0" — to ensure that you get "Net Zero" energy and "Net Zero" reliability(2:45:09) World Invocation Day and the UN's Occult Religion The pursuit of "spiritual energy", "ascended masters", "solar angels", in establishing global government.  How does "Theosophy" connect political figures of both parties — from Eleanor Roosevelt to Michael Flynn? The REAL Uni-Party (2:53:15) The UN is fine with Satanism and the Occult, but don't take out Christian ads on Washington, DC buses.  Lawsuit over DC hostility to and censorship of Christian speechFind out more about the show and where you can watch it at TheDavidKnightShow.comIf you would like to support the show and our family please consider subscribing monthly here: SubscribeStar https://www.subscribestar.com/the-david-knight-showOr you can send a donation throughMail: David Knight POB 994 Kodak, TN 37764Zelle: @DavidKnightShow@protonmail.comCash App at: $davidknightshowBTC to: bc1qkuec29hkuye4xse9unh7nptvu3y9qmv24vanh7Money is only what YOU hold: Go to DavidKnight.gold for great deals on physical gold/silverFor 10% off Gerald Celente's prescient Trends Journal, go to TrendsJournal.com and enter the code KNIGHT

Dawn Foster, Director of Data Science for the CHAOSS Project, joins us to discuss the pressing issue of open source project health and sustainability.  Dawn offers a look into the CHAOSS Project, aimed at improving open source project health through analytics and metrics. She emphasizes the importance of community participation, the challenges of maintaining project health, especially in the face of single organization dominance, and the issue of contributor sustainability. Dawn also touches on her academic research on the Linux kernel, exploring communication and collaboration within the project. The conversation underlines the significance of strategic contributor engagement from businesses to ensure the longevity and success of open source projects that are vital to their operations. 00:00 Introduction 00:17 Open Source and Data Science 02:25 the CHAOSS Project 03:22 Identifying and Addressing Project Health Red Flags 05:33 The Elephant Problem: Navigating Single Organization Dominance 09:32 CHAOSS Project Tools: Augur and GrimoireLab 12:56 The Importance of Data and Privacy in Open Source Communities 13:55 Insights from Research on the Linux Kernel Collaboration 21:24 The Future of Open Source: Sustainability and Viability 27:47 Closing Thoughts on Contributor Sustainability Resources: Home - CHAOSS Guest: Dr. Dawn Foster works as the Director of Data Science for CHAOSS where she is also a board member / maintainer. She is co-chair of CNCF TAG Contributor Strategy and an OpenUK board member. She has 20+ years of experience at companies like VMware and Intel with expertise in community, strategy, governance, metrics, and more. She has spoken at over 100 industry events and has a BS in computer science, an MBA, and a PhD. In her spare time she enjoys reading science fiction, running, and traveling.

Amanda Brock, the CEO of Open UK, took a decade too long to jump from her legal career to what she really craved - the frenzy of entrepreneurship. She stayed in law too long because she'd experienced a sobering failure years ago - running an event which lost half a million pounds. What happened? -- To get a better handle on your security, check out https://npsa.gov.uk/innovation and download their free Quick Start Guide.

In this compelling episode, we welcome back Kevin Bocek, VP of Ecosystem and Community at Venafi, along with Matt Barker, Global Head of Cloud Native Services at the same company. The conversation couldn't be more timely. With the AI Act debate reaching new heights, and Foreign Secretary James Cleverly making statements that AI challenges our basic assumptions about defense and deterrence, the insights Kevin and Matt bring are invaluable. Kevin introduces us to the groundbreaking concept of an identity-based "AI Kill Switch," a security measure that could be instrumental in making AI "safe and predictable by design," as James Cleverly emphasized at a recent UN meeting. The UK is gearing up to host the first global summit on AI, and Kevin argues that without incorporating identity into every line of code that makes up AI systems, principles of safety and predictability are mere pipe dreams. An identity-based approach can offer the kind of control and observability that could, for instance, thwart attempts to poison AI algorithms used for facial recognition on smartphones. Matt Barker steps into the discussion with his expertise in open-source innovation. Drawing from a paper he recently authored for Open UK, Matt discusses the impact of AI on open-source development. He also delves into the potentially stifling effects of the EU's Cyber Resilience Act on European innovation, highlighting lessons that the UK could learn to avoid similar setbacks. Throughout the episode, the importance of open-source models in driving AI innovation stands out as a recurring theme. Matt, Kevin, and I also discuss the challenges and opportunities posed by EU regulations on open-source development. The conversation doesn't stop at AI and extends to other cloud-native technologies like Kubernetes and MLOps. The significance of these technologies in the current AI landscape is examined, along with the unique potential of applying identity management across both cloud-native and traditional IT environments. As we wrap up, the episode leaves listeners with much to ponder. It serves as a deep dive into the complexities and intricacies of a future shaped by AI, identity management, and open-source technologies. Whether you're a business leader, a policymaker, or just a technology enthusiast, this episode offers a well-rounded understanding of the multi-dimensional challenges and opportunities at the intersection of these critical areas.

Explore the complex intersection of AI and open source with insights from experts in this illuminating discussion. Amanda Brock, CEO of OpenUK, reveals the challenges in labeling AI as open source amidst legal ambiguities. The dialogue, led by TNS host Alex Williams, delves into the evolution of open source licensing, its departure from traditional models, and the complications arising from applying open source principles to AI, which encompasses sensitive data governed by privacy laws.The focus turns to "Llama 2," a contentious example where Meta labeled their language model as open source, sparking confusion. Notable guests Erica Brescia, Managing Director at Redpoint Ventures, and Steven Vaughan-Nichols, founder of Open Source Watch, weigh in on this topic. Brock emphasizes that AI's complexity prevents it from aligning with the Open Source Definition, necessitating a clear distinction between open innovation and open source.Amidst these debates, the Open Source Initiative (OSI) is crafting a new definition tailored for AI, sparking anticipation and discussion about its implications. The necessity for an evolved understanding of open source and its licenses is underscored, as the rapid evolution of technology challenges established norms. The journey concludes with reflections on vendors transitioning from open source licenses to Server Side Public License (SSPL) due to cloud-related considerations, raising questions about the future of open source in a dynamically changing tech landscape.Learn more from The New Stack about open source and AI:Open Source May Yet Eat Google's and OpenAI's AI LunchOpen Source Movement Emerging in AI To Counter GreedHow AI Can Learn from the Struggles of Open Source

Will AI destroy open source because it will end up in the hands of a few companies that can afford it? Amanda Brock, CEO of Open UK - the UK organization for the business of open technology - is excited about working out how open source will survive as this mainstream thing and continue to be the bulk of our infrastructure so that it belongs to all of us instead of a few. -Join us at The DEVOPS Conference in Stockholm and Copenhagen In October 2023: https://hubs.li/Q01WFcS50 -Previous podcast episode with Rebecca Rumbul: Good software, built by happy, well-supported people: https://hubs.li/Q01WFdCW0

Today we have the one and only Robert McQueen, who at one point helped to cofound Collabora, but nowadays is the CEO of EndlessOS and the GNOME Board President but he has worn other hats over his years. ==========Guest Links========== Twitter: https://twitter.com/ramcq Website: https://ramcq.net/ OpenUK: https://openuk.uk/ EndlessOS: https://www.endlessos.org/ ==========Support The Show========== ► Patreon: https://www.patreon.com/brodierobertson ► Paypal: https://www.paypal.me/BrodieRobertsonVideo ► Amazon USA: https://amzn.to/3d5gykF ► Other Methods: https://cointr.ee/brodierobertson =========Video Platforms==========

Liz Rice, Chief Open Source Officer at Isovalent, joins Corey on Screaming in the Cloud to discuss the release of her newest book, Learning eBPF, and the exciting possibilities that come with eBPF technology. Liz explains what got her so excited about eBPF technology, and what it was like to write a book while also holding a full-time job. Corey and Liz also explore the learning curve that comes with kernel programming, and Liz illustrates why it's so important to be able to explain complex technologies in simple terminology. About LizLiz Rice is Chief Open Source Officer with eBPF specialists Isovalent, creators of the Cilium cloud native networking, security and observability project. She sits on the CNCF Governing Board, and on the Board of OpenUK. She was Chair of the CNCF's Technical Oversight Committee in 2019-2022, and Co-Chair of KubeCon + CloudNativeCon in 2018. She is also the author of Container Security, and Learning eBPF, both published by O'Reilly.She has a wealth of software development, team, and product management experience from working on network protocols and distributed systems, and in digital technology sectors such as VOD, music, and VoIP. When not writing code, or talking about it, Liz loves riding bikes in places with better weather than her native London, competing in virtual races on Zwift, and making music under the pseudonym Insider Nine.Links Referenced: Isovalent: https://isovalent.com/ Learning eBPF: https://www.amazon.com/Learning-eBPF-Programming-Observability-Networking/dp/1098135121 Container Security: https://www.amazon.com/Container-Security-Fundamental-Containerized-Applications/dp/1492056707/ GitHub for Learning eBPF: https://github.com/lizRice/learning-eBPF TranscriptAnnouncer: Hello, and welcome to Screaming in the Cloud with your host, Chief Cloud Economist at The Duckbill Group, Corey Quinn. This weekly show features conversations with people doing interesting work in the world of cloud, thoughtful commentary on the state of the technical world, and ridiculous titles for which Corey refuses to apologize. This is Screaming in the Cloud.Corey: Welcome to Screaming in the Cloud. I'm Corey Quinn. Our returning guest today is Liz Rice, who remains the Chief Open Source Officer with Isovalent. But Liz, thank you for returning, suspiciously closely timed to when you have a book coming out. Welcome back.Liz: [laugh]. Thanks so much for having me. Yeah, I've just—I've only had the physical copy of the book in my hands for less than a week. It's called Learning eBPF. I mean, obviously, I'm very excited.Corey: It's an O'Reilly book; it has some form of honeybee on the front of it as best I can tell.Liz: Yeah, I was really pleased about that. Because eBPF has a bee as its logo, so getting a [early 00:01:17] honeybee as the O'Reilly animal on the front cover of the book was pretty pleasing, yeah.Corey: Now, this is your second O'Reilly book, is it not?Liz: It's my second full book. So, I'd previously written a book on Container Security. And I've done a few short reports for them as well. But this is the second, you know, full-on, you can buy it on Amazon kind of book, yeah.Corey: My business partner wrote Practical Monitoring for O'Reilly and that was such an experience that he got entirely out of observability as a field and ran running to AWS bills as a result. So, my question for you is, why would anyone do that more than once?Liz: [laugh]. I really like explaining things. And I had a really good reaction to the Container Security book. I think already, by the time I was writing that book, I was kind of interested in eBPF. And we should probably talk about what that is, but I'll come to that in a moment.Yeah, so I've been really interested in eBPF, for quite a while and I wanted to be able to do the same thing in terms of explaining it to people. A book gives you a lot more opportunity to go into more detail and show people examples and get them kind of hands-on than you can do in their, you know, 40-minute conference talk. So, I wanted to do that. I will say I have written myself a note to never do a full-size book while I have a full-time job because it's a lot [laugh].Corey: You do have a full-time job and then some. As we mentioned, you're the Chief Open Source Officer over at Isovalent, you are on the CNCF governing board, you're on the board of OpenUK, and you've done a lot of other stuff in the open-source community as well. So, I have to ask, taking all of that together, are you just allergic to things that make money? I mean, writing the book as well on top of that. I'm told you never do it for the money piece; it's always about the love of it. But it seems like, on some level, you're taking it to an almost ludicrous level.Liz: Yeah, I mean, I do get paid for my day job. So, there is that [laugh]. But so, yeah—Corey: I feel like that's the only way to really write a book is, in turn, to wind up only to just do it for—what someone else is paying you to for doing it, viewing it as a marketing exercise. It pays dividends, but those dividends don't, in my experience from what I've heard from everyone say, pay off as of royalties on book payments.Liz: Yeah, I mean, it's certainly, you know, not a bad thing to have that income stream, but it certainly wouldn't make you—you know, I'm not going to retire tomorrow on the royalty stream unless this podcast has loads and loads of people to buy the book [laugh].Corey: Exactly. And I'm always a fan of having such [unintelligible 00:03:58]. I will order it while we're on the call right now having this conversation because I believe in supporting the things that we want to see more of in the world. So, explain to me a little bit about what it is. Whatever you talking about learning X in a title, I find that that's often going to be much more approachable than arcane nonsense deep-dive things.One of the O'Reilly books that changed my understanding was Linux Kernel Internals, or Understanding the Linux Kernel. Understanding was kind of a heavy lift at that point because it got very deep very quickly, but I absolutely came away understanding what was going on a lot more effectively, even though I was so slow I needed a tow rope on some of it. When you have a book that started with learning, though, I imagined it assumes starting at zero with, “What's eBPF?” Is that directionally correct, or does it assume that you know a lot of things you don't?Liz: Yeah, that's absolutely right. I mean, I think eBPF is one of these technologies that is starting to be, particularly in the cloud-native world, you know, it comes up; it's quite a hot technology. What it actually is, so it's an acronym, right? EBPF. That acronym is almost meaningless now.So, it stands for extended Berkeley Packet Filter. But I feel like it does so much more than filtering, we might as well forget that altogether. And it's just become a term, a name in its own right if you like. And what it really does is it lets you run custom programs in the kernel so you can change the way that the kernel behaves, dynamically. And that is… it's a superpower. It's enabled all sorts of really cool things that we can do with that superpower.Corey: I just pre-ordered it as a paperback on Amazon and it shows me that it is now number one new release in Linux Networking and Systems Administration, so you're welcome. I'm sure it was me that put it over the top.Liz: Wonderful. Thank you very much. Yeah [laugh].Corey: Of course, of course. Writing a book is one of those things that I've always wanted to do, but never had the patience to sit there and do it or I thought I wasn't prolific enough, but over the holidays, this past year, my wife and business partner and a few friends all chipped in to have all of the tweets that I'd sent bound into a series of leather volumes. Apparently, I've tweeted over a million words. And… yeah, oh, so I have to write a book 280 characters at a time, mostly from my phone. I should tweet less was really the takeaway that I took from a lot of that.But that wasn't edited, that wasn't with an overall theme or a narrative flow the way that an actual book is. It just feels like a term paper on steroids. And I hated term papers. Love reading; not one to write it.Liz: I don't know whether this should make it into the podcast, but it reminded me of something that happened to my brother-in-law, who's an artist. And he put a piece of video on YouTube. And for unknowable reasons if you mistyped YouTube, and you spelt it, U-T-U-B-E, the page that you would end up at from Google search was a YouTube video and it was in fact, my brother-in-law's video. And people weren't expecting to see this kind of art movie about matches burning. And he just had the worst comment—like, people were so mean in the comments. And he had millions of views because people were hitting this page by accident, and he ended up—Corey: And he made the cardinal sin of never read the comments. Never break that rule. As soon as you do that, it doesn't go well. I do read the comments on various podcast platforms on this show because I always tell people to insulted all they want, just make sure you leave a five-star review.Liz: Well, he ended up publishing a book with these comments, like, one comment per page, and most of them are not safe for public consumption comments, and he just called it Feedback. It was quite something [laugh].Corey: On some level, it feels like O'Reilly books are a little insulated from the general population when it comes to terrible nonsense comments, just because they tend to be a little bit more expensive than the typical novel you'll see in an airport bookstore, and again, even though it is approachable, Learning eBPF isn't exactly the sort of title that gets people to think that, “Ooh, this is going to be a heck of a thriller slash page-turner with a plot.” “Well, I found the protagonist unrelatable,” is not sort of the thing you're going to wind up seeing in the comments because people thought it was going to be something different.Liz: I know. One day, I'm going to have to write a technical book that is also a murder mystery. I think that would be, you know, quite an achievement. But yeah, I mean, it's definitely aimed at people who have already come across the term, want to know more, and particularly if you're the kind of person who doesn't want to just have a hand-wavy explanation that involves boxes and diagrams, but if, like me, you kind of want to feel the code, and you want to see how things work and you want to work through examples, then that's the kind of person who might—I hope—enjoy working through the book and end up with a possible mental model of how eBPF works, even though it's essentially kernel programming.Corey: So, I keep seeing eBPF in an increasing number of areas, a bunch of observability tools, a bunch of security tools all tend to tie into it. And I've seen people do interesting things as far as cost analysis with it. The problem that I run into is that I'm not able to wind up deploying it universally, just because when I'm going into a client engagement, I am there in a purely advisory sense, given that I'm biasing these days for both SaaS companies and large banks, that latter category is likely going to have some problems if I say, “Oh, just take this thing and go ahead and deploy it to your entire fleet.” If they don't have a problem with that, I have a problem with their entire business security posture. So, I don't get to be particularly prescriptive as far as what to do with it.But if I were running my own environment, it is pretty clear by now that I would have explored this in some significant depth. Do you find that it tends to be something that is used primarily in microservices environments? Does it effectively require Kubernetes to become useful on day one? What is the onboard path where people would sit back and say, “Ah, this problem I'm having, eBPF sounds like the solution.”Liz: So, when we write tools that are typically going to be some sort of infrastructure, observability, security, networking tools, if we're writing them using eBPF, we're instrumenting the kernel. And the kernel gets involved every time our application wants to do anything interesting because whenever it wants to read or write to a file, or send receive network messages, or write something to the screen, or allocate memory, or all of these things, the kernel has to be involved. And we can use eBPF to instrument those events and do interesting things. And the kernel doesn't care whether those processes are running in containers, under Kubernetes, just running directly on the host; all of those things are visible to eBPF.So, in one sense, doesn't matter. But one of the reasons why I think we're seeing eBPF-based tools really take off in cloud-native is that you can, by applying some programming, you can link events that happened in the kernel to specific containers in specific pods in whatever namespace and, you know, get the relationship between an event and the Kubernetes objects that are involved in that event. And then that enables a whole lot of really interesting observability or security tools and it enables us to understand how network packets are flowing between different Kubernetes objects and so on. So, it's really having this vantage point in the kernel where we can see everything and we didn't have to change those applications in any way to be able to use eBPF to instrument them.Corey: When I see the stories about eBPF, it seems like it's focused primarily on networking and flow control. That's where I'm seeing it from a security standpoint, that's where I'm seeing it from cost allocation aspect. Because, frankly, out of the box, from a cloud provider's perspective, Kubernetes looks like a single-tenant application with a really weird behavioral pattern, and some of that crosstalk gets very expensive. Is there a better way than either using eBPF and/or VPC flow logs to figure out what's talking to what in the Kubernetes ecosystem, or is BPF really your first port of call?Liz: So, I'm coming from a position of perspective of working for the company that created the Cilium networking project. And one of the reasons why I think Cilium is really powerful is because it has this visibility—it's got a component called Hubble—that allows you to see exactly how packets are flowing between these different Kubernetes identities. So, in a Kubernetes environment, there's not a lot of point having network flows that talk about IP addresses and ports when what you really want to know is, what's the Kubernetes namespace, what's the application? Defining things in terms of IP addresses makes no sense when they're just being refreshed and renewed every time you change pods. So yeah, Kubernetes changes the requirements on networking visibility and on firewalling as well, on network policy, and that, I think, is you don't have to use eBPF to create those tools, but eBPF is a really powerful and efficient platform for implementing those tools, as we see in Cilium.Corey: The only competitor I found to it that gives a reasonable explanation of why random things are transferring multiple petabytes between each other in the middle of the night has been oral tradition, where I'm talking to people who've been around there for a while. It's, “So, I'm seeing this weird traffic pattern at these times a day. Any idea what that might be?” And someone will usually perk up and say, “Oh, is it—” whatever job that they're doing. Great. That gives me a direction to go in.But especially in this era of layoffs and as environments exist for longer and longer, you have to turn into a bit of a data center archaeologist. That remains insufficient, on some level. And some level, I'm annoyed with trying to understand or needing to use tooling like this that is honestly this powerful and this customizable, and yes, on some level, this complex in order to get access to that information in a meaningful sense. But on the other, I'm glad that that option is at least there for a lot of workloads.Liz: Yeah. I think, you know, that speaks to the power of this new generation of tooling. And the same kind of applies to security forensics, as well, where you might have an enormous stream of events, but unless you can tie those events back to specific Kubernetes identities, which you can use eBPF-based tooling to do, then how do you—the forensics job of tying back where did that event come from, what was the container that was compromised, it becomes really, really difficult. And eBPF tools—like Cilium has a sub-project called Tetragon that is really good at this kind of tying events back to the Kubernetes pod or whether we want to know what node it was running on what namespace or whatever. That's really useful forensic information.Corey: Talk to me a little bit about how broadly applicable it is. Because from my understanding from our last conversation, when you were on the show a year or so ago, if memory serves, one of the powerful aspects of it was very similar to what I've seen some of Brendan Gregg's nonsense doing in his kind of various talks where you can effectively write custom programming on the fly and it'll tell you exactly what it is that you need. Is this something that can be instrument once and then effectively use it for basically anything, [OTEL 00:16:11]-style, or instead, does it need to be effectively custom configured every time you want to get a different aspect of information out of it?Liz: It can be both of those things.Corey: “It depends.” My least favorite but probably the most accurate answer to hear.Liz: [laugh]. But I think Brendan did a really great—he's done many talks talking about how powerful BPF is and built lots of specific tools, but then he's also been involved with Bpftrace, which is kind of like a language for—a high-level language for saying what it is that you want BPF to trace out for you. So, a little bit like, I don't know, awk but for events, you know? It's a scripting language. So, you can have this flexibility.And with something like Bpftrace, you don't have to get into the weeds yourself and do kernel programming, you know, in eBPF programs. But also there's gainful employment to be had for people who are interested in that eBPF kernel programming because, you know, I think there's just going to be a whole range of more tools to come, you know>? I think we're, you know, we're seeing some really powerful tools with Cilium and Pixie and [Parker 00:17:27] and Kepler and many other tools and projects that are using eBPF. But I think there's also a whole load of more to come as people think about different ways they can apply eBPF and instrument different parts of an overall system.Corey: We're doing this over audio only, but behind me on my wall is one of my least favorite gifts ever to have been received by anyone. Mike, my business partner, got me a thousand-piece puzzle of the Kubernetes container landscape where—Liz: [laugh].Corey: This diagram is psychotic and awful and it looks like a joke, except it's not. And building that puzzle was maddening—obviously—but beyond that, it was a real primer in just how vast the entire container slash Kubernetes slash CNCF landscape really is. So, looking at this, I found that the only reaction that was appropriate was a sense of overwhelmed awe slash frustration, I guess. It's one of those areas where I spend a lot of time focusing on drinking from the AWS firehose because they have a lot of products and services because their product strategy is apparently, “Yes,” and they're updating these things in a pretty consistent cadence. Mostly. And even that feels like it's multiple full-time jobs shoved into one.There are hundreds of companies behind these things and all of them are in areas that are incredibly complex and difficult to go diving into. EBPF is incredibly powerful, I would say ridiculously so, but it's also fiendishly complex, at least shoulder-surfing behind people who know what they're doing with it has been breathtaking, on some level. How do people find themselves in a situation where doing a BPF deep dive make sense for them?Liz: Oh, that's a great question. So, first of all, I'm thinking is there an AWS Jigsaw as well, like the CNCF landscape Jigsaw? There should be. And how many pieces would it have? [It would be very cool 00:19:28].Corey: No, because I think the CNCF at one point hired a graphic designer and it's unclear that AWS has done such a thing because their icons for services are, to be generous here, not great. People have flashcards that they've built for is what services does logo represent? Haven't a clue, in almost every case because I don't care in almost every case. But yeah, I've toyed with the idea of doing it. It's just not something that I'd ever want to have my name attached to it, unfortunately. But yeah, I want someone to do it and someone else to build it.Liz: Yes. Yeah, it would need to refresh every, like, five minutes, though, as they roll out a new service.Corey: Right. Because given that it appears from the outside to be impenetrable, it's similar to learning VI in some cases, where oh, yeah, it's easy to get started with to do this trivial thing. Now, step two, draw the rest of the freaking owl. Same problem there. It feels off-putting just from a perspective of you must be at least this smart to proceed. How do you find people coming to it?Liz: Yeah, there is some truth in that, in that beyond kind of Hello World, you quite quickly start having to do things with kernel data structures. And as soon as you're looking at kernel data structures, you have to sort of understand, you know, more about the kernel. And if you change things, you need to understand the implications of those changes. So, yeah, you can rapidly say that eBPF programming is kernel programming, so why would anybody want to do it? The reason why I do it myself is not because I'm a kernel programmer; it's because I wanted to really understand how this is working and build up a mental model of what's happening when I attach a program to an event. And what kinds of things can I do with that program?And that's the sort of exploration that I think I'm trying to encourage people to do with the book. But yes, there is going to be at some point, a pretty steep learning curve that's kernel-related but you don't necessarily need to know everything in order to really have a decent understanding of what eBPF is, and how you might, for example—you might be interested to see what BPF programs are running on your existing system and learn why and what they might be doing and where they're attached and what use could that be.Corey: Falling down that, looking at the process table once upon a time was a heck of an education, one week when I didn't have a lot to do and I didn't like my job in those days, where, “Oh, what is this Avahi daemon that constantly running? MDNS forwarding? Who would need that?” And sure enough, that tickled something in the back of my mind when I wound up building out my networking box here on top of BSD, and oh, yeah, I want to make sure that I can still have discovery work from the IoT subnet over to whatever it is that my normal devices live. Ah, that's what that thing always running for. Great for that one use case. Almost never needed in other cases, but awesome. Like, you fire up a Raspberry Pi. It's, “Why are all these things running when I'm just want to have an embedded device that does exactly one thing well?” Ugh. Computers have gotten complicated.Liz: I know. It's like when you get those pop-ups on—well certainly on Mac, and you get pop-ups occasionally, let's say there's such and such a daemon wants extra permissions, and you think I'm not hitting that yes button until I understand what that daemon is. And it turns out, it's related, something completely innocuous that you've actually paid for, but just under a different name. Very annoying. So, if you have some kind of instrumentation like tracing or logging or security tooling that you want to apply to all of your containers, one of the things you can use is a sidecar container approach. And in Kubernetes, that means you inject the sidecar into every single pod. And—Corey: Yes. Of course, the answer to any Kubernetes problem appears to be have you tried running additional containers?Liz: Well, right. And there are challenges that can come from that. And one of the reasons why you have to do that is because if you want a tool that has visibility over that container that's inside the pod, well, your instrumentation has to also be inside the pod so that it has visibility because your pod is, by design, isolated from the host it's running on. But with eBPF, well eBPF is in the kernel and there's only one kernel, however many containers were running. So, there is no kind of isolation between the host and the containers at the kernel level.So, that means if we can instrument the kernel, we don't have to have a separate instance in every single pod. And that's really great for all sorts of resource usage, it means you don't have to worry about how you get those sidecars into those pods in the first place, you know that every pod is going to be instrumented if it's instrumented in the kernel. And then for service mesh, service mesh usually uses a sidecar as a Layer 7 Proxy injected into every pod. And that actually makes for a pretty convoluted networking path for a packet to sort of go from the application, through the proxy, out to the host, back into another pod, through another proxy, into the application.What we can do with eBPF, we still need a proxy running in userspace, but we don't need to have one in every single pod because we can connect the networking namespaces much more efficiently. So, that was essentially the basis for sidecarless service mesh, which we did in Cilium, Istio, and now we're using a similar sort of approach with Ambient Mesh. So that, again, you know, avoiding having the overhead of a sidecar in every pod. So that, you know, seems to be the way forward for service mesh as well as other types of instrumentation: avoiding sidecars.Corey: On some level, avoiding things that are Kubernetes staples seems to be a best practice in a bunch of different directions. It feels like it's an area where you start to get aligned with the idea of service meesh—yes, that's how I pluralize the term service mesh and if people have a problem with that, please, it's imperative you've not send me letters about it—but this idea of discovering where things are in a variety of ways within a cluster, where things can talk to each other, when nothing is deterministically placed, it feels like it is screaming out for something like this.Liz: And when you think about it, Kubernetes does sort of already have that at the level of a service, you know? Services are discoverable through native Kubernetes. There's a bunch of other capabilities that we tend to associate with service mesh like observability or encrypted traffic or retries, that kind of thing. But one of the things that we're doing with Cilium, in general, is to say, but a lot of this is just a feature of the networking, the underlying networking capability. So, for example, we've got next generation mutual authentication approach, which is using SPIFFE IDs between an application pod and another application pod. So, it's like the equivalent of mTLS.But the certificates are actually being passed into the kernel and the encryption is happening at the kernel level. And it's a really neat way of saying we don't need… we don't need to have a sidecar proxy in every pod in order to terminate those TLS connections on behalf of the application. We can have the kernel do it for us and that's really cool.Corey: Yeah, at some level, I find that it still feels weird—because I'm old—to have this idea of one shared kernel running a bunch of different containers. I got past that just by not requiring that [unintelligible 00:27:32] workloads need to run isolated having containers run on the same physical host. I found that, for example, running some stuff, even in my home environment for IoT stuff, things that I don't particularly trust run inside of KVM on top of something as opposed to just running it as a container on a cluster. Almost certainly stupendous overkill for what I'm dealing with, but it's a good practice to be in to start thinking about this. To my understanding, this is part of what AWS's Firecracker project starts to address a bit more effectively: fast provisioning, but still being able to use different primitives as far as isolation boundaries go. But, on some level, it's nice to not have to think about this stuff, but that's dangerous.Liz: [laugh]. Yeah, exactly. Firecracker is really nice way of saying, “Actually, we're going to spin up a whole VM,” but we don't ne—when I say ‘whole VM,' we don't need all of the things that you normally get in a VM. We can get rid of a ton of things and just have the essentials for running that Lambda or container service, and it becomes a really nice lightweight solution. But yes, that will have its own kernel, so unlike, you know, running multiple kernels on the same VM where—sorry, running multiple containers on the same virtual machine where they would all be sharing one kernel, with Firecracker you'll get a kernel per instance of Firecracker.Corey: The last question I have for you before we wind up wrapping up this episode harkens back to something you said a little bit earlier. This stuff is incredibly technically nuanced and deep. You clearly have a thorough understanding of it, but you also have what I think many people do not realize is an orthogonal skill of being able to articulate and explain those complex concepts simply an approachably, in ways that make people understand what it is you're talking about, but also don't feel like they're being spoken to in a way that's highly condescending, which is another failure mode. I think it is not particularly well understood, particularly in the engineering community, that there are—these are different skill sets that do not necessarily align congruently. Is this something you've always known or is this something you've figured out as you've evolved your career that, oh I have a certain flair for this?Liz: Yeah, I definitely didn't always know it. And I started to realize it based on feedback that people have given me about talks and articles I'd written. I think I've always felt that when people use jargon or they use complicated language or they, kind of, make assumptions about how things are, it quite often speaks to them not having a full understanding of what's happening. If I want to explain something to myself, I'm going to use straightforward language to explain it to myself [laugh] so I can hold it in my head. And I think people appreciate that.And you can get really—you know, you can get quite in-depth into something if you just start, step by step, build it up, explain everything as you go along the way. And yeah, I think people do appreciate that. And I think people, if they get lost in jargon, it doesn't help anybody. And yeah, I very much appreciate it when people say that, you know, they saw a talk or they read something I wrote and it meant that they finally grokked whatever that concept was that that I was trying to explain. I will say at the weekend, I asked ChatGPT to explain DNS in the style of Liz Rice, and it started off, it was basically, “Hello there. I'm Liz Rice and I'm here to explain DNS in very simple terms.” I thought, “Okay.” [laugh].Corey: Every time I think I've understood DNS, there's another level to it.Liz: I'm pretty sure there is a lot about DNS that I don't understand, yeah. So, you know, there's always more to learn out there.Corey: There's certainly is. I really want to thank you for taking time to speak with me today about what you're up to. Where's the best place for people to find you to learn more? And of course, to buy the book.Liz: Yeah, so I am Liz Rice pretty much everywhere, all over the internet. There is a GitHub repo that accompanies the books that you can find that on GitHub: lizRice/learning-eBPF. So, that's a good place to find some of the example code, and it will obviously link to where you can download the book or buy it because you can pay for it; you can also download it from Isovalent for the price of your contact details. So, there are lots of options.Corey: Excellent. And we will, of course, put links to that in the [show notes 00:32:08]. Thank you so much for your time. It's always great to talk to you.Liz: It's always a pleasure, so thanks very much for having me, Corey.Corey: Liz Rice, Chief Open Source Officer at Isovalent. I'm Cloud Economist Corey Quinn, and this is Screaming in the Cloud. If you've enjoyed this podcast, please leave a five-star review on your podcast platform of choice, whereas if you've hated this podcast, please leave a five-star review on your podcast platform of choice, along with an angry comment that you have somehow discovered this episode by googling for knitting projects.Corey: If your AWS bill keeps rising and your blood pressure is doing the same, then you need The Duckbill Group. We help companies fix their AWS bill by making it smaller and less horrifying. The Duckbill Group works for you, not AWS. We tailor recommendations to your business and we get to the point. Visit duckbillgroup.com to get started.

BREXIT! Nie ma chyba osoby w świecie biznesu, która nie słyszałaby o odłączeniu Wielkiej Brytanii od Unii Europejskiej.No cóż stało się i nie mnie oceniać czy to dobrze czy źle, ale faktem jest, że sporo firm zarówno po stronie Wielkiej Brytanii, jak i po stronie Polski przeszło i nadal przechodzi pewne perturbacje tym wywołane.Utrata kontaktów biznesowych, zatrzymanie łańcucha dostaw, wyhamowanie eksportu lub importu dóbr i usług i tak można wymieniać.Wydawać by się mogło, że na te straty nie ma lekarstwa.A jednak JEST!Tak się składa, że w Polsce jest KASA dla polskich firm za BREXIT!Co więcej jest tylko jeden podmiot, który realizuje ten program i wypłaca realne pieniądze dla tych firm, które ucierpiały z uwagi na BREXIT.Ten program to Re_Open UK i jest realizowany przez Łódzką Specjalną Strefę Ekonomiczną.Nic nie trwa wiecznie i program ten też ma swoje czasowe i finansowe ograniczenia, więc jeśli Wasze firmy straciły na BREXIT, to może warto sięgnąć po trochę kasy?Pieniądze są i czekają na ich podjęcie z Unijnej kasy.O programie Re_Open UK rozmawiam z Grzegorzem Grodkiem z Łódzkiej Specjalnej Strefy Ekonomicznej. Link do strony programu: https://reopen.biz/realizacja/Link do prezentacji programu: https://reopen.biz/wp-content/uploads/2023/03/17.03.2023-Brexit-bez-straty-rekompensaty-.pdfRe_Open UK na Facebook https://www.facebook.com/ReOpenUKRe_Open UK na LinkedIn - https://www.linkedin.com/company/re-open-uk/Dane kontaktowe dla osób zainteresowanych programem Re_Open UK:Tel. 42 275-50-89,Email: info@reopen.biz ****************************Nazywam się Wiktor Doktór i na co dzień prowadzę Klub Pro Progressio https://klub.proprogressio.pl/pl – to społeczność wielu firm prywatnych i organizacji sektora publicznego, którym zależy na rozwoju relacji biznesowych w modelu B2B. W podcaście BSS bez tajemnic poza odcinkami solowymi, zamieszczam rozmowy z ekspertami i specjalistami z różnych dziedzin przedsiębiorczości.Jeśli chcesz się o mnie więcej dowiedzieć, to zapraszam do odwiedzin moich kanałów w mediach społecznościowych:YouTube - https://bit.ly/BSSbeztajemnicYTFacebook - https://bit.ly/BSSbtFBLinkedIn - https://www.linkedin.com/in/wiktordoktor/Możesz też do mnie napisać. Mój adres email to - wiktor.doktor(@)proprogressio.pl ****************************Patronami Podcastu “BSS bez tajemnic” są:Marzena Sawicka ( https://www.linkedin.com/in/marzena-sawicka-a9644a23/ ),Przemysław Sławiński ( https://www.linkedin.com/in/przemys%C5%82aw-s%C5%82awi%C5%84ski-155a4426/ ),Damian Ruciński ( https://www.linkedin.com/in/damian-ruci%C5%84ski/ )Szymon Kryczka ( https://www.linkedin.com/in/szymonkryczka/ )Grzegorz Ludwin ( https://www.linkedin.com/in/gludwin/ ).Wspaniali ludzie, dzięki którym pojawiają się kolejne odcinki tego podcastu.Jeśli i Ty chcesz dołączyć do grona Patronów , to możesz to zrobić przez serwis Patronite - https://patronite.pl/wiktordoktor Możesz także wspierać rozwój tego podcastu przez Patreon - https://www.patreon.com/wiktordoktorJeśli podoba Ci się to co robię, możesz, przez ten link https://www.buymeacoffee.com/wiktordoktor , kupić mi kawę i tym samym wesprzeć rozwój tego podcastu.Chcesz pomóc mi zbudować domowe studio nagrań – tu jest odpowiednia zrzutka https://zrzutka.pl/j8kvar

Matt Barker, President and co-founder of Jetstack, has been involved in open source and Kubernetes since the early days of its development. With a long list of open source projects behind him, he decided to hone in on Jestack and with its success, share the knowledge he's gained over the years as an OpenUK Entrepreneur in Residence.In this episode of The Business of Open Source, Matt joins me from the State of Open Con and shares his initial vision for Jestack and reviews the projects that helped him get the company to where it is today. As Jestack is a fully bootstrapped company, Matt shares his perspective on how that impacts a founder's decisions. We also discuss the importance of sharing your knowledge with the next generation of founders through mentorship as Matt does with OpenUK. Highlights: Matt introduces himself and Jestack (0:48) Matt's open source projects (3:39) Choosing one project to focus on (8:24) Matt explains why it seems easier for bootstrapped companies to niche down (10:42) Matt reflects on his early mistakes as an entrepreneur and what he's learned from them (16:40) Matt explains his role as OpenUK Entrepreneur in Residence (19:30) Links:Matt LinkedIn: https://www.linkedin.com/in/mattbarks/ Company: https://www.jetstack.io/ OpenUK: https://openuk.uk/

As businesses and individuals, we rely increasingly on digital services in our everyday lives. Our lives have become dependent on technology, from cloud services to mobile phones and streaming sites to the apps we use. And behind these technologies lies open source software. Open source software has become a vital part of building digital services. It has made it possible for developers to collaborate and share code, making it faster and more cost-effective to build software. But with this increase in use, the importance of security planning and governance has also grown. Amanda Brock, CEO of OpenUK, is a leading open-source software and governance expert. She has been an advocate for open source software for over a decade and has seen its impact on the industry. Amanda shares where we are with open source and why we must care about how our software gets put together and where it comes from. Amanda discusses the importance of understanding the source of the code and the licenses used. With the rise of open source software, it is essential to be aware of potential legal issues and ensure compliance with licensing requirements. She also highlights the importance of building and maintaining trust with open source communities and contributing back to them. Amanda also emphasizes the role of governance in ensuring the security and reliability of open source software. She points out that open source projects must have a strong governance structure to ensure that contributors are held accountable and that the code is secure. As Amanda notes, open source software has become too important to ignore. We must ensure that we are not only using it but also contributing to it and supporting its continued growth.  By understanding where our software comes from and its governance structure, we can ensure the security and reliability of the technologies we rely on daily. As businesses and individuals, we must recognize the importance of open source software and take steps to ensure its continued growth and success. Sponsored VPN Offer https://www.piavpn.com/techtalksdaily

Panelists Richard Littauer | Pia Mancini | Ben Nickolls Show Notes Hello and welcome to Sustain! The podcast where we talk about sustaining open source for the long haul. This is a short episode today because we are headed to London in early February for a Sustain event. Why are we going to London? Well, it's the State of Open Con 2023, February 7-8, an event that is all things open source, including legal, governance, technology itself, hardware, and data, put on mainly by Amanda Brock and Open UK, and funded by IEEE SA and many other sponsors. You'll find out all the details on this event, how to get tickets, and the two-day session Sustain is having that they would love for you to join in on. Download this episode now to learn more! [00:00:44] Ben gives all the details on what's going on in London with State of Open Con 2023. [00:02:29] Find out how you can get your hands on some tickets to the event, and if you need any financial assistance, they are offering it, but it is limited. [00:04:13] Pia fills us in on why she's going to this event and the two-day sessions they are having for Sustain about different topics, and they would love for everyone to join them. [00:05:26] Since FOSDEM 2023 is happening February 4-5 in Brussels, Ben points out there will probably be a lot of people traveling from that event to this one by train, so try to make plans for a rest day before this event kicks off. [00:06:40] If you're going to FOSDEM, get in touch with Justin Dorfman or Abigail Mayes because they're putting on an awesome event there. Links SustainOSS (https://sustainoss.org/) SustainOSS Twitter (https://twitter.com/SustainOSS?ref_src=twsrc%5Egoogle%7Ctwcamp%5Eserp%7Ctwgr%5Eauthor) SustainOSS Discourse (https://discourse.sustainoss.org/) podcasts@sustainoss.org (mailto:podcasts@sustainoss.org) hello@opencollective.com (mailto:hello@opencollective.com) hello@oscollective.org (mailto:hello@oscollective.org) podcast@sustainoss.org (mailto:podcast@sustainoss.org) Richard Littauer Twitter (https://twitter.com/richlitt?ref_src=twsrc%5Egoogle%7Ctwcamp%5Eserp%7Ctwgr%5Eauthor) Pia Mancini Twitter (https://twitter.com/piamancini?lang=en) Ben Nickolls Twitter (https://twitter.com/BenJam?ref_src=twsrc%5Egoogle%7Ctwcamp%5Eserp%7Ctwgr%5Eauthor) State of Open Con 2023 (https://stateofopencon.com/) Sustain Podcast- 2 Episodes with guest Amanda Brock (https://podcast.sustainoss.org/guests/amanda-brock) Sustain Podcast-Episode 98: Silona Bonewald and her long-term vision for IEEE and open source (https://podcast.sustainoss.org/98) FOSDEM 2023 (https://fosdem.org/2023/) Justin Dorfman Twitter (https://twitter.com/jdorfman?ref_src=twsrc%5Egoogle%7Ctwcamp%5Eserp%7Ctwgr%5Eauthor) Abigail Cabunoc Mayes Twitter (https://twitter.com/abbycabs?ref_src=twsrc%5Egoogle%7Ctwcamp%5Eserp%7Ctwgr%5Eauthor) Credits Produced by Richard Littauer (https://www.burntfen.com/) Edited by Paul M. Bahr at Peachtree Sound (https://www.peachtreesound.com/) Show notes by DeAnn Bahr Peachtree Sound (https://www.peachtreesound.com/)

About AerinAerin is a Cloud Sustainability Advocate and neurodiverse founder in tech on a mission to help developers understand the real impact that cloud computing has on the world and reduce their carbon emissions in the cloud. Did you know that internet and cloud computing contribute over 4% of annual carbon emissions? Twice that of the airline industry!Aerin also hosts "Public Cloud for Public Good," a podcast targeted towards developers and senior leaders in tech. Every episode, they also donate £500 to charities and highlight organisations that are working towards a better future. Listen and learn how you can contribute towards making the world a better place through the use of public cloud services.Links Referenced: Twitter: https://twitter.com/aerincloud LinkedIn: https://www.linkedin.com/in/aerinb/ Public Cloud for Public Good: https://publicgood.cloud/ duckbillgroup.com: https://duckbillgroup.com TranscriptAnnouncer: Hello, and welcome to Screaming in the Cloud with your host, Chief Cloud Economist at The Duckbill Group, Corey Quinn. This weekly show features conversations with people doing interesting work in the world of cloud, thoughtful commentary on the state of the technical world, and ridiculous titles for which Corey refuses to apologize. This is Screaming in the Cloud.Corey: This episode is sponsored in part by our friends at Uptycs, because they believe that many of you are looking to bolster your security posture with CNAPP and XDR solutions. They offer both cloud and endpoint security in a single UI and data model. Listeners can get Uptycs for up to 1,000 assets through the end of 2023 (that is next year) for $1. But this offer is only available for a limited time on UptycsSecretMenu.com. That's U-P-T-Y-C-S Secret Menu dot com.Corey: Cloud native just means you've got more components or microservices than anyone (even a mythical 10x engineer) can keep track of. With OpsLevel, you can build a catalog in minutes and forget needing that mythical 10x engineer. Now, you'll have a 10x service catalog to accompany your 10x service count. Visit OpsLevel.com to learn how easy it is to build and manage your service catalog. Connect to your git provider and you're off to the races with service import, repo ownership, tech docs, and more. Corey: Welcome to Screaming in the Cloud. I'm Corey Quinn and I am joined what feels like roughly a year later by a returning guest, Aerin Booth. How long have you been?Aerin: I've been really great. You know, it's been a journey of a year, I think, since we sort of did this podcast even, like, you know, a year and a bit since we met, and, like, I'm doing so much and I think it's doing, like, a big difference. And yeah, I can't wait for everything else. It's just yeah, a lot of work right now, but I'm really enjoying it. So, I'm really well, thank you.Corey: Normally, I like to introduce people by giving their job title and the company in which they work because again, that's a big deal for an awful lot of people. But a year ago, you were independent. And now you still are. And back when I was doing my own consulting independently, it felt very weird to do that, so I'm just going to call you the Ted Lasso of cloud at this point.Aerin: [laugh].Corey: You've got the mustache, you've got the, I would say, obnoxiously sunny disposition. It's really, there's a certain affinity right there. So, there we go. I feel like that is the best descriptor for what you have become.Aerin: I—do know what, I only just watched Ted Lasso over Christmas and I really found it so motivational in some ways because wow, like, it's not just who we'd want to be in a lot of ways? And I think, you know, for the work that I do, which is focused on sustainability, like, I want to present a positive future, I want to encourage people to achieve more and collaborate, and yeah, basically work on all these problems that we need to be worked on. And yeah, I think that's [laugh] [crosstalk 00:02:02]—Corey: One of the challenges of talking to you sometimes is you talk about these depressing things, but there's such a—you take such an upbeat, positive approach to it that I, by comparison, invariably come away from our conversations during, like, I'm Surly McBastard over here.Aerin: [laugh]. Yeah, you can be the bad cop of cloud computing and I'll try and be the good cop. Do you know, you say that the stuff I talk about is depressing, and it is true and people do worry about climate change. Like I did an online conference recently, it's focused on FinOps, and we had a survey, “Do you worry about climate change?” 70% of the people that responded said they worry about it.So, we all know, it's something we worry about and we care about. And, you know, I guess what I'm really trying to do is encourage people to care a bit more and start taking action and look after yourself. Because you know, when you do start taking action towards it, when you join those communities that are also working on it, it is good, it is helpful. And, you know, I've gone through some ups and downs and some of this, like, just do I throw in the towel because no one cares about it? Like, we spoke last year; I had attended re:Invent for the first time.This year, I was able to speak at re:Invent. So, I did a talk on being ethical in tech. And it was fun, it was good. I enjoyed what I delivered, but I had about 35 people sign up to that. I'm pretty sure if I talked about serverless or the next Web3 blockchain product, I would have got hundreds more. But what I'm starting to realize is that I think people just aren't ready to, sort of, want to do this yet. And yeah, I'm hoping that'll change.Corey: Let's first talk about, I guess, something that is more temporally pressing than some other things. Not that it is more important than climate change, mind you, but it feels like it's on a shorter timeline which is, relatively soon after this recording, there is a conference that you are kicking off called The State of Open. Ajar, Aerin. The State of Open is ajar. What is this conference? Is it in person? Is it virtual? Is it something where you and three friends are going to show up and basically talk to each other? How big? How small? What is it? What's it about? Tell me more, please. I'm riveted.Aerin: So, State of Open conference is a conference that's been in the works now for maybe about two weeks, a little bit longer in the planning, but the work we've been putting in over the last two weeks. It'll be on the seventh and eighth of February in London as a physical event in the QEII Conference Centre, but it will also be available online. And you know, when we talk about the State of Open, it's that question: what is the State of Open? The state of open-source, the state of open hardware, and the state of open data. And it is going to be probably the first and hopefully the biggest open-source conference in the UK.We already have over 100 confirmed guest speakers from Jimmy Wales, the co-founder of Wikipedia, to many of our great guests and headliners who haven't even announced yet for the plenary. So, I'm really excited. And the reason why I wanted to get involved with this is because one of the coolest things about this conference—compared to some others like re:Invent, for example—is that sustainability and diversity run through every single thing that we do. So, as the content director, I reviewed every single CFP for both of these things. I mean, you couldn't get a better person than someone like me, who's the queer person who won't shut up about sustainability to sort of do this thing.So, you know, I looked after those scorings for the CFPs in support of the CFP chairs. And now, as I'm working with those individual speakers on their content and making sure that diversity is included in the content. It's not just the diversity of the speaker, for example it's, who were the other people whose voice you're raising? What other people if you worked on this? Are there anyone that you've mentored, like, you know, actually, you know, let's have this as a wider conversation?Corey: Thank God. I thought you were about to say diversity of thought, and I was about to reach through the screen to strangle you.Aerin: [laugh]. No, no. I mean, we're doing really well, so of the announced speakers online, we are 40% non-male and about 18% non-white, which to be honest, for a fair sheer conference, when we didn't really do that much to specifically call this out, but I would probably raise this to Amanda Brock, who is the CEO of OpenUK, you know, she has built a community in the UK and around the world over the last few years which has been putting women forward and building these links. And that's why we've had such a great response for our first-year conferences, the work she's put in. It's hard.Like, this isn't easy. You know, we've had to do a lot of work to make sure that it is representative, at least better than other conferences, at least. So, I'm really excited. And like, there's so much, like, open-source is probably going to be the thing that saves the world. If we're going to end up looking at two different futures with monopolies and closed systems and all the money going towards cloud providers versus a fair and equitable society, open-source is the thing that's going to get us closer to that. So yeah, this conference will be a great event.Corey: Is it all in person? Is it being live-streamed as well? What is the deal here?Aerin: So, in person, we have loads of different things going on, but what will be streamed online if you sign up for virtual ticket is five different tracks. So, our platform engineering track, our security track, government law and policy, open data, and open hardware. And of course, the keynote and plenaries. But one of the things I'm also really proud about this conference is that we're really focusing on the developer experience, like, you know, what is your experience at the conference? So, we also have an unconference, we have a sub-conference run by Sustain OSS focused on workshops related to climate change and sustainability.We have loads of developer experience halls in the event itself. And throughout the day, over the two days, we have two one-hour blocks with no speaking content at all so that we can really make sure that people have that hardware track and are out there meeting each other and having a good time. And obviously, of course, like any good conference, the all-hands party on the first night. So, it really is a conference that's doing things differently from diversity to sustainability to that experience. So, it's awesome.Corey: One of the challenges that I've seen historically around things aiming at the idea of open conferences—and when we talk open-source, et cetera, et cetera—open' seems like it is a direction parallel to, we haven't any money, where it's, “Yes, we're a free software foundation,” and it turns out conferences themselves are not free. And you wind up with a whole bunch of folks showing up to it who are, in many cases, around the fringes of things. There are individual hobbyists who are very passionate about a thing but do not have the position in the corporate world. I'm looking through the lengthy list of speakers you have here and that is very much not this. These are serious people at serious companies. Not that there are not folks who are individual practitioners and passionate advocates and hobbyists than the rest. This is, by virtually any way you look at it, a remarkably diverse conference.Aerin: Mmm. You know, you are right about, like, that problem in open-source. It's like, you know, we look at open and whether we want to do open and we just go, “Well, it won't make me any money. I can't do that. I don't have the time. I need to bring in some money.”And one of the really unique things, again, about this conference is—I have not even mentioned it yet—we have an entrepreneurship room. So, we have 20 tables filled with entrepreneurs and CEOs and founders of open-source companies throughout the two days where you can book in time to sit at that table and have conversations with them. Ask them the questions that you want to ask about, whether it's something that you want to work on, or a company you want to found, and you'll be able to get that time. I had a very similar experience in some ways. It was re:Invent.I was a peer talk expert and you know, I had 15 or so conversations with some really interesting people just because they were able put that time in and they were able to find me on the website. So, that's something we are replicating to get those 20 also entrepreneurs and co-founders out to everyone else. They want to be able to help you and support you.Corey: That is an excellent segue if I do say so myself. Let's talk about re:Invent. It's the one time of the year you and I get to spend time in the same room. One thing that I got wrong is that I overbooked myself as I often do, and I didn't have time to do anything on their peer talk expert program, which is, you more or less a way that any rando can book time to sit down and chat with you. Now, in my case, I have assassination concerns because it turns out Amazon employees can read that thing too and some of them might work on billing. One wonders.So yeah, I have to be a little careful for personal reasons but for most people, it's a non-issue. I didn't get as much time as I wanted to talk to folks in the community. That is not going to repeat itself at the end of this year. But what was your take on re:Invent, because I was in meetings for most of them?Aerin: So, comparing this re:Invent to the re:Invent I went to, my first re:Invent when we met in 2021, you know, that was the re:Invent that inspired me to get into sustainability. They'd announced stuff to do with the shared responsibility model. A few months later, they released their carbon calculator, and I was like, “Yeah, this is the problem. This is the thing I want to work on and it will make me happy.” And a lot of that goes into, you know, finding a passion that keeps me motivated when things aren't that great.When maybe not a lot of money is coming in, at least I know, I'm doing everything I can to help save the world. So, re:Invent 2021 really inspired me to get involved with sustainability. When I look at re:Invent 2022, you might have Adam Selipsky on the main stage saying that sustainability is the problem of our generation, but that is just talk and bluster compared to what they were putting out in terms of content and their experience of, like, let's say the sustainability—I don't know what to call it—tiny little square in the back of the MGM Grand compared to the paid hall in the expo. Like, you know, that's the sort of thing where you can already see the prioritization of money. Let's put the biggest sponsors and all the money that we can bring it in the big hall where everyone is, and then put the thing we care about the most, apparently—sustainability—in the back of the MGM.And that in itself was annoying, but then you get there in the content, and it was like a massive Rivian van, like, an advert for, “Oh, Amazon has done all this to electrify Rivian and deliver you Prime.” But where was the people working on sustainability in the cloud? You know, we had a couple of teams who were talking about the customer carbon footprint tool, but there was just not much. And I spoke to a lot of people and they were saying similar things, like, “Where are the announcements? Where are the actual interesting things?” Rather than just—which is kind of what I'm starting to realize is that a lot of the conversations about sustainability is about selling yourself as sustainable.Use me rather than my competitors because we're 88% more, kind of, carbon neutral when it comes to traditional data centers, not because we are really going to solve these problems. And not to say that Amazon isn't doing innovative, amazing things that no one else can't do, because that is true, and cloud as part of the solution, but you know, sustainability shouldn't be about making more sales and growing your business, it should be about making the world a better place, not just in terms of carbon emissions, but you know, our life, the tech that we can access. Three billion people on this planet have never accessed the internet. And as we continue to grow all of our services like AI and machine learning and new Web3, bloody managed services come online, that's going to be more carbon, more compute power going towards the already rich and the already westernized people, rather than solving the problems we need to solve in the face of climate change.So, I was a little bit disappointed. And I did put a tweet thread out about it afterwards. And I just hope it can be different next year and I hope more people will start to ask for this. And that also what I'm starting to realize is that until more Amazon customers put this as their number one priority and say, “I'm not going to do business with you because of this issue,” or, you know, “This is what we really care about,” they're not going to make a change. Unless it starts to impact their bottom lines and people start to choose other cloud providers, they're not going to prioritize it.And I think up until this point, we're not seeing that from customers. We're kind of getting some people like me shouting about it, but across the board, sustainability isn't the number one priority right now. It's, like what Amazon says, security or resiliency or something else.Corey: And I think that, at least from where I set, the challenge is that if you asked me what I got out of re:Invent, and what the conversations I had—going into it, what are my expectations, and what do I hope to get and how's it going to end up, and then you ask you that same question—though maybe you are a poor example of this—and then you ask someone who works out as an engineer at a company that uses AWS and their two or three years into their career, why don't you talk to a manager or director or someone else? And the problem is if you start polling the entire audience, you'll find that this becomes—you're going to wind up with 20 different answers, at least. The conference doesn't seem like it has any idea of what it wants to be and to whom and in that vacuum, it tries to be all things to all people. And surprise, just like the shooting multifunction printer some of us have in our homes, it doesn't do well with any of those things because it's trying to stand in too many worlds at the same time.Aerin: You know, let's not, like, look at this from a way that you know, re:Invent is crap and, like, do all the work that everyone puts it is wasted because it is a really great event for a lot of different things for a lot of different people. And to be honest, the work that the Amazon staff put into it is pretty out of this world. I feel sorry though because you know, the rush for AWS sell more and do this massive event, they put people through the grinder. And I feel like, I don't know, we could see the cracks in some of that, the way that works. But, you know, there's so many people that I speak to who were like, “Yeah, I'm definitely not going again. I'm not even going to go anywhere near submitting a talk.”And, sort of, the thing is, like, I can imagine if the conference was something different; it was focused at sustainability at number one, it was about making the world a better place from everything that they do, it was about bringing diverse communities together. Like, you know, bringing these things up the list would make the whole thing a lot better. And to be honest, it would probably make it a lot more enjoyable [laugh] for the Amazon staff who end up talking at it. Because, you know, I guess it can feel a bit soulless over time is all you're doing is making money for someone else and selling more things. And, yeah, I think there's a lot more… different things we can do and a lot more things we can talk about if people just start to talk about, like you know, if you care about this as well and you work at Amazon, then start saying that as well.It'll really make a difference if you say we want re:Invent to look different. I mean, even Amazon staff, [laugh] and we've not even mentioned this one because I got Covid straight after re:Invent, nine days and staring at a wall in hotel room in Vegas was not my idea of a good time post-conference. So, that was a horrible, horrible experience. But, you know, I've had people call it re:Infect. Like, where are the Covid support?Like, there was hardly any conversation about that. It was sort of like, “Don't mention it because oh, s”—whatever else. But imagine if you just did something a little bit differently to look like you care about your customers. Just say, “We recommend people mask or take a test,” or even provide tests and masks. Like, even if it's not mandatory, they could have done a lot more to make it safer for everyone. Because, yeah, imagine having the reputation of re:Infect rather than re:Invent?Corey: I can only imagine how that would play out.Aerin: Only imagine.Corey: Yeah, it's it feels like we're all collectively decided to pretend that the pandemic is over. Because yeah, that's a bummer. I don't want to think about it. You know, kind of like we approach climate change.Aerin: Yeah. At the end of the day, like, and I keep coming across this more and more, you know, my thinking has changed over the last year because, like, you know, initially it was like a hyperactive puppy. Why are we caring about this? Like, yeah, if I say it, people will come, but the reality is, we have to blinker ourselves in order to deal with a lot of this stuff. We can't always worry about all of this stuff all of the time. And that's fine. That's acceptable. We do that in so many different parts of our life.But there comes to a point when you kind of think, “How much do I care about this?” And for a lot of people, it's because they have kids. Like, anyone who has kids right now must have to think, “Wow, what's the future going to look like?” And if you worry about what the future is going to look like, make sure you're taking steps to make the world a better place and make it the future you want it to look like. You know, I made the decision a long time ago not to have kids because I don't think I'd want to bring anyone into the world on what it might actually end up being, but you know, when I speak to people who are older in the 60s and they're like, “Oh, you've got 100 years. You don't need to worry about it.” Like, “Maybe you can say that because you're closer to dying than I am.” But yeah, I have to worry about this now because I'll still be eighty when all this shit is kicking off [laugh].Corey: This episode is sponsored in part by our friends at Strata. Are you struggling to keep up with the demands of managing and securing identity in your distributed enterprise IT environment? You're not alone, but you shouldn't let that hold you back. With Strata's Identity Orchestration Platform, you can secure all your apps on any cloud with any IDP, so your IT teams will never have to refactor for identity again. Imagine modernizing app identity in minutes instead of months, deploying passwordless on any tricky old app, and achieving business resilience with always-on identity, all from one lightweight and flexible platform.Want to see it in action? Share your identity challenge with them on a discovery call and they'll hook you up with a complimentary pair of AirPods Pro. Don't miss out, visit Strata.io/ScreamingCloud. That's Strata dot io slash ScreamingCloud.Corey: That I guess is one of the big fears I have—and I think it's somewhat unfounded—is that every year starts to look too much like the year before it. Because it's one of those ideas where we start to see the pace of innovation is slowing at AWS—and I'm not saying that to piss people at Amazon off and have them come after me with pitchforks and torches again—but they're not launching new services at the rate they once did, which is good for customers, but it starts to feel like oh, have we hit peak cloud this is what it's going to look like? Absolutely not. I don't get the sense that the world is like, “Well, everything's been invented. Time to shut down the patent office,” anytime soon.And in the short term, it feels like oh, there's not a lot exciting going on, but you look back the last five years even and look at how far we've come even in that period of time and—what is it? “The days are long, but the years are short.” It becomes a very macro thing of as things ebb and flow, you start to see the differences but the micro basis on a year-to-year perspective, it seems harder to detect. So longer term, I think we're going to see what the story looks like. And it's going to be satisfying one. Just right now, it's like, well, this wasn't as entertaining as I would have hoped, so I'm annoyed. Which I am because it wasn't, but that's not the biggest problem in the world.Aerin: It's not. And, you know, you look at okay, cool, there wasn't all these new flashy services. There was a few things are announced, I mean, hopefully that are going to contribute towards climate change. One of them is called AWS Supply Chain. And the irony of seeing sort of like AWS Supply Chain where a company that already has issues with data and conversations around competition, saying to everyone, “Hey, trust us and give all of your supply chain information and put it into one of our AWS products,” while at the same time their customer carbon footprint tool won't even show the full scope for their emissions of their own supply chain is not lost on me.And you do say, “Maybe we should start seeing things at a macro level,” but unless Amazon and other cloud hyperscalers start pulling the finger out and showing us how they have got a vision between now and 2040, and now in 2050, of how they're going to get there, it kind of just feels like they're saying, “It'll all be fine as long as we continue to grow, as long as we keep sucking up the market.” And, you know, an interesting thing that just kicked off in the UK back in November was the Competition and Markets Authority have started an investigation into the cloud providers on how they are basically sucking up all these markets, and how the growth of things that are not hyperscale is going. So, in the UK, the percentage of cloud has obviously gone up—more and more cloud spending has gone up—but kind of usage across non-hyperscalers has gone down over that same period. And they really are at risk of sucking up the world. Like, I have got involved in a lot of different things.I'm an AWS community builder; like, I do promote AWS. And, you know, the reason why I promote cloud, for example is serverless. We need serverless as the way we run our IT because that's the only way we'll do things like time shifting or demand shifting. So, when we look at renewable energy on the grid if that really high, the wind is blowing and the sun is shining, we want more workloads to be running then and when they're tiny, and they're [unintelligible 00:21:03], and what's the call it serverless generally, uh—Corey: Hype?Aerin: Function as a Code?Corey: Function—yeah, Function as a Service and all kinds of other nonsense. But I have to ask, when you're talking about serverless, in this context, is a necessary prerequisite of serverless that scale to zero when it's [unintelligible 00:21:19].Aerin: [laugh]. I kind of go back to marketing. What Amazon releasing these days when it relates to serverless that isn't just marketing and saying, “Oh, it's serverless.” Because yeah, there was a few products this year that is not scaled to zero is it? It's a 100-pound minimum. And when you're looking at number of accounts that you have, that can add up really quickly and it excludes people from using it.Corey: It's worse than that because it's not number of accounts. I consider DynamoDB to be serverless, by any definition of the term. Because it is. And what I like about it is I can have a separate table for every developer, for every service or microservice or project that they have, and in fact, each branch can have its own stuff like that. I look at some of the stuff that I build with multi-branch testing and whatnot, and, “Oh, wow. That would cost more than the engineer if they were to do that with some of the serverless offerings that AWS has put out.”Which makes that entire philosophy a complete non-starter, which means that invariably as soon as you start developing down that path, you are making significant trade-offs. That's just from a economics slash developer ergonomics slash best practices point of view. But there's a sustainability story to it as well.Aerin: Yeah. I mean, this sustainability thing is like, if you're not going to encourage this new way of working, like, if you're not going to move everyone to this point of view and this is how we need to do things, then you kind of just propagating the old world, putting it into your data center. For every managed service that VMware migrated piece of crap, just that land in the cloud, it's not making a real difference in the world because that's still going to exist. And we mentioned this just before the podcast and, you know, a lot of focus these days and for a lot of people is, “Okay, green energy is the problem. We need to solve green energy.”And Amazon is the biggest purchaser of power purchase agreements in renewable energy around the world, more than most governments. Or I think that the biggest corporate purchaser of it anyway. And that all might sound great, like, “Oh, the cloud is going to solve this problem for me and Amazon is going to solve it for me even better because they're bigger.” But at the end of the day, when we think about a data center, it exists in the real world.It's made of concrete. You know, when you pour concrete and when you make concrete, it releases CO2. It's got racks of servers that all are running. So, those individual servers had to be made by whoever it is in Asia or mined from rare earth metals and end up in the supply chain and then transported into the data centers in us-east-1. And then things go wrong. You have to repair you have to replace and you have to maintain them.Unless we get these circular economies going in a closed system, we can't just continue to grow like this. Because carbon emissions related to Scope 3, all those things I've just been talking about, basically anything that isn't the energy, is about 80 to 90% of all the carbon emissions. So, when Amazon says, “Oh, we're going to go green and get energy done by 2030”—which is seven years away—they've then got ten years to solve 90% of the problem. And we cannot all just continue to grow and think of tech as neutral and better for the world if we still got that 90% problem, which we do right now. And it really frustrates me when you look at the world and the way we've jumped on technology just go on, “Oh, it must be good.”Like Bitcoin, for example. Bitcoin has released 200 million metric tons of CO2 since its inception. And for something that is basically a glorified Ponzi scheme, I can't see how that is making the world a better place. So, when cloud providers are making managed services for Web3 and for blockchain, and they're selling more and more AI and machine learning, basically so they can keep on selling GPU access, I do worry about whether our path to infinite growth with all of these hyperscalers is probably the wrong way of looking at things. So, linking back to, you know, the conference, open-source and, you know, thinking about things differently is really important in tech right now.And not just for your own well-being and being able to sleep at night, but this is how we're going to solve our problems. When all companies on the planet want people to be sustainable and we have to start tackling this because there's a financial cost related to it, then you're going to be in the vogue. If you're really good developer, thinking about things differently can be efficient, then yeah, you're the developer that's going to win in the future. You might be assisted by ChatGPT three or whatever else, but yeah, sustainability and efficiency can really be the number one priority because it's a win, win, win. We save the world, we make ourselves better, we sleep better at night, and you just become a better developer.I keep monologuing at this point, but you know, when it comes to stuff like games design, we look at things like Quake and Pokemon and all these things when there's like, “How did they get these amazing games and these amazing experiences in such small sizes,” they had boundaries. They had boundaries to innovate within because they had to. They couldn't release the game if they couldn't fit into the cartridge, therefore, they made it work. When the cloud is sold as infinitely scalable and horizontally scalable and no one needs to worry about this stuff because you can get your credit card out, people stop caring about being innovative and being more efficient. So yeah, let's get some more boundaries in the cloud.Corey: What I find that is super helpful, has been, like, if I can, like, descri—like, Instagram is down. Describe your lunch to me style meme description, like, the epic handshake where you have two people clasping hands, and one side is labeled in this case, ‘sustainability advocates,' and the other side should be labeled ‘cloud economists,' and in the middle, it's, “Turn that shit off.” Because it's not burning carbon if it's not running, and it's not costing you anything—ideally—if it's not running, so it's one of those ideas where we meet in the middle. And that's important, not just because it makes both of us independently happy because it's both good for the world and you'll get companies on board with this because, “Wait. We can do this thing and it saves us money?” Suddenly, you're getting them aligned because that is their religion.If companies could be said to have a religion, it is money. That's the way it works. So, you have to make it worth money for them to do the right thing or you're always going to be swimming upstream like a depressed salmon.Aerin: I mean, look at why [unintelligible 00:27:11] security is near the top: because there's so many big fines related to security breaches. It will cost them money not to be secure. Right now, it doesn't cost companies money to be inefficient or to release all this carbon, so they get away with it or they choose to do it. And I think that's going to change. We see in regulations across you're coming out.So, you know, if you work for a big multinational that operates in Europe, by next year, you'll have to report on all of your Scope 3 carbon emissions. If you're a customer of AWS right now, you have no ability to do that. So, you know, this is going to be crunch time over the next 18 months to two years for a lot of big businesses, for Amazon and the other hyperscalers, to really start demonstrating that they can do this. And I guess that's my big push. And, you know, I want to work with anyone, and it's funny because I have been running this business for about, you know, a couple of years now, it's been going really well, I did my podcast, I'm on this path.But I did, last year, take some time, and I applied into AWS. And you know, I was like, “Okay, maybe I'll apply for this big tech company and help Amazon out.” And because I'll take that salary and I'll do something really good with it afterwards, I'll do my time for three years and attend re:Invent and deliver 12 talks and never sleep, but you know, at the end of it, I'll say, “Okay, I've done that and now I can do something really good.” Unfortunately, I didn't get the role—or fortunately—but you know, when I applied for that role, what I said to them is, “I really care about sustainability. I want to make the world a better place. I want to help your customers be more sustainable.”And they didn't want me to join. So, I'm just going to continue doing that but from the outside. And whether that means working with politicians or developers or anyone else to try and make the world better and to kind of help fight against climate change, then, yeah, that's definitely what I'm doing.Corey: So, one last question before we wind up calling it an episode. How do we get there? What is the best next step that folks can take? Because it's easy to look at this as a grand problem and realize it's too big to solve. Well, great. You don't need to solve the entire problem. You need take the first step. What is that first step?Aerin: Individuals, I would say it's just realizing that you do care about it and you want to take action. And you're going to say to yourself, “Even if I do little things, I'm going to move forward towards that point.” So, if that is being a more sustainable engineer or getting more conversations about climate change or even just doing other things in your community to make the world a better place than it is, taking that action. But one thing that I can definitely help about and talk a bit more of is that at the conference itself, I'll be running a panel with some great experts called the, “Next Generation of Cloud Education.” So, I really think we need to—like I said earlier in the podcast—to think differently about the cloud and IT.So, I am doing this panel and I'm bringing together someone like Simon Wardley to help people do Wardley Mapping. Like, that is a tool that allows you to see the landscape that you're operating in. You know, if you use that sort of tool to understand the real-world impact of what you're doing, then you can start caring about it a bit more. I'm bringing in somebody called Anne Currie, who is a tech ethicist and speaker and lecturer, and she's actually written some [laugh] really great nonfiction books, which I'd recommend everyone reads. It starts with Utopia Five.And that's about asking, “Well, is this ethical? Can we continue to do these things?” Can't—talks about things about sustainability. If it's not sustainable for everyone, it's not ethical. So, when I mentioned 3 billion people currently don't use the internet, it's like, can we continue to just keep on doing things the same way?And then John Booth, who is a data center expert, to help us really understand what the reality is on the ground. What are these data centers really look like? And then Amanda Brock, from OpenUK in the conference will joining as well to talk about, kind of, open-source and how we can make the world kind of a better place by getting involved in these communities. So, that'll be a really great panel.But what I'm also doing is releasing this as an online course. So, for people who want to get involved, it will be very intimate, about 15 seats on each core, so three weeks for you to actually work and talk directly with some of these experts and me to figure out what you want to do in the world of climate change and how you can take those first steps. So, it'll be a journey that even starts with an ecotherapist to help us deal with climate grief and wonder about the things we can do as individuals to feel better ourselves and be happier. So, I think that'd be a really great thing for a lot of people. And, yeah, not only that, but… it'll be great for you, but it also goes towards making the world a better place.So, 50% of the course fees will be donated, 25%, to charity, and 25% supporting open-source projects. So, I think it kind of just win, win, win. And that's the story of sustainability in general. It's a win, win, win for everyone. If you start seeing the world through a lens of sustainability, you'll save money, you'll sleep better at night, you'll get involved with some really great communities, and meet some really great people who care about this as well. And yeah, it'll be a brighter future.Corey: If people want to learn more, where can they find you?Aerin: So, if you want to learn more about what I'm up to, I'm on Twitter under @aerincloud, that A-E-R-I-N cloud. And then you can also find me on LinkedIn. But I also run my own podcast that was inspired by Corey, called Public Cloud for Public Good talking about cloud sustainability and how to make the world a better place for the use of public cloud services.Corey: And we will, of course, put a link to that in the [show notes 00:32:32]. Thank you so much for your time. I appreciate it, as always.Aerin: Thank you.Corey: Aerin Booth, the Ted Lasso of cloud. I'm Cloud Economist Corey Quinn, and this is Screaming in the Cloud. If you've enjoyed this podcast, please leave a five-star review on your podcast platform of choice, whereas if you've hated this episode, please leave a five-star review on your podcast platform of choice, along with an angry and insulting comment that I will immediately scale to zero in true serverless fashion.Corey: If your AWS bill keeps rising and your blood pressure is doing the same, then you need The Duckbill Group. We help companies fix their AWS bill by making it smaller and less horrifying. The Duckbill Group works for you, not AWS. We tailor recommendations to your business and we get to the point. Visit duckbillgroup.com to get started.Announcer: This has been a HumblePod production. Stay humble.

Guest Amanda Brock Panelists Richard Littauer | Justin Dorfman | Ben Nickolls Show Notes Hello and welcome to Sustain! The podcast where we talk about sustaining open source for the long haul. Today, we have an amazing guest and she's been on this podcast before. Joining us is Amanda Brock, who's the CEO of OpenUK, which is an industry organization about the business of open technology. She's also a Board Member, keynote speaker, and author, with a new book coming out soon called, Open Source Law, Policy and Practice, that we'll hear all about today. We'll also be learning more about OpenUK and the policy work they do, Amanda tells us about the All Things Open (ATO) tech conference where she'll be launching her book with some incredible panelists, and we hear some goals from Amanda for an event she'll be attending to create a broader engagement across UK government, where they'll focus on security, technical issues, and security policy issues. Go ahead and download this episode now! [00:01:27] Amanda tells us about OpenUK, the difference between OpenUK and the Software Sustainability Institute (SSI), and the policy work OpenUK does. [00:04:37] We learn if OpenUk's mission has changed since Brexit, now that the UK is more of an independent body as a national group and how that's influenced how we think about tech in Britain. [00:07:13] Amanda tells us all about her book coming out called, Open Source Law, Policy and Practice, that includes several authors, and the launch of her book at ATO. [00:12:06] One of the chapters in Amanda's book is on sustainability and open source and since it's relevant to this podcast Amanda explains more about this chapter. [00:13:52] Amanda explains some goals they have for the meeting that's happening on the17th of October called, “Open Source Software: Infrastructure Curation and Security, Thought Leadership Event.” [00:18:28] Ben asks Amanda if she thinks anything is going to happen within the government from now until February and what she thinks of the government's response in the US with the executive order around expenditure on open source in government departments and guidance around a software bill of materials and better understanding of what components are in software that's using governments. [00:22:00] Richard wonders if there's been a conversation about what happens if one part of the dependency stack doesn't want to be included or bother with having a SBOM, dealing with the government, and refuses to do any work. [00:35:10] We hear a mad insurance scheme Amanda had a long time ago that's she's going to get some people to revisit. [00:37:02] Find out where to follow Amanda and OpenUK online. Quotes [00:17:13] “I think it's really important that governments also see the level of engagement across our communities as strong, and that we are largely united at least body, that wants to see them understand how they do a much better job of curating open source software and ensuring that when they're using it, they're giving back both in terms of contribution and economic contribution.” [00:20:41] “In the US, the survey showed over 70% of organizations that are using SBOMs now.” [00:21:45] “You should not be taking on liability for the open source code. You should be taking on liability for the work you're paid to do.” [00:24:02] “Coding to me is a freedom of speech.” [00:24:27] “My personal view is they'll be public private enterprises or initiatives, and they will hold code that is sanitized or curated for usage in the public sector.” [00:24:38] “I think we'll see governments wanting that and it's not an OSPO, it's a hybrid. It's somewhere between a foundation and an OSPO.” [00:27:40] “Chainguard started creating their own Docker images with their own version of Nginx and Linux, and I think we're going to see that trend continue.” [00:28:29] “What we don't want is for governments to get everything from companies, because if they do, they're going to end up back in a situation of vendor lock-in.” [00:35:58] “In the US at one time, you couldn't buy insurance around open source because it was too unknown. I think there's going to be a big space there where we can also manage some of this risk and some of the government money can go into that too and help protect the bigger picture.” Spotlight [00:37:58] Justin's spotlight is opensauced.pizza founded by Brian Douglas. [00:38:30] Ben's spotlight is Stellarium 1.0. [00:39:25] Richard's spotlight is Collins Bird Guide and the app. [00:40:39] Amanda's spotlight is Eddie Jaoude, a GitHub All-Star. Links SustainOSS (https://sustainoss.org/) SustainOSS Twitter (https://twitter.com/SustainOSS?ref_src=twsrc%5Egoogle%7Ctwcamp%5Eserp%7Ctwgr%5Eauthor) SustainOSS Discourse (https://discourse.sustainoss.org/) podcast@sustainoss.org (mailto:podcast@sustainoss.org) Richard Littauer Twitter (https://twitter.com/richlitt?ref_src=twsrc%5Egoogle%7Ctwcamp%5Eserp%7Ctwgr%5Eauthor) Justin Dorfman Twitter (https://twitter.com/jdorfman?ref_src=twsrc%5Egoogle%7Ctwcamp%5Eserp%7Ctwgr%5Eauthor) Ben Nickolls Twitter (https://twitter.com/BenJam?ref_src=twsrc%5Egoogle%7Ctwcamp%5Eserp%7Ctwgr%5Eauthor) Amanda Brock-OpenUK (https://openuk.uk/profiles/amanda-brock/) Amanda Brock Twitter (https://twitter.com/amandabrockuk) Amanda Brock LinkedIn (https://uk.linkedin.com/in/amandabrocktech?trk=people-guest_people_search-card) OpenUK (https://openuk.uk/) OpenUK Twitter (https://twitter.com/openuk_uk) OpenUK LinkedIn (https://uk.linkedin.com/company/openuktechnology) All Things Open Twitter (https://twitter.com/AllThingsOpen) All Things Open-2022 (https://2022.allthingsopen.org/) Sustain Podcast-Episode 49: What OpenUK does with Amanda Brock & Andrew Katz (https://podcast.sustainoss.org/49) Open Source Law, Policy, and Practice by Amanda Brock (https://global.oup.com/academic/product/open-source-law-policy-and-practice-9780198862345?cc=gb&lang=en&) Neil Chue Hong (https://www.software.ac.uk/about/staff/person/neil-chue-hong) Software Sustainability Institute (https://www.software.ac.uk/) OpenForum Europe (https://openforumeurope.org/) Ecosyste.ms (https://ecosyste.ms/) OpenSauced (https://opensauced.pizza/) Stellarium 1.0 (https://stellarium.org/release/2022/10/01/stellarium-1.0.html) Collins Bird Guide (https://en.wikipedia.org/wiki/Collins_Bird_Guide) Collins Bird Guide App (https://apps.apple.com/gb/app/collins-bird-guide-ultimate/id868827305) Eddie Jaoude Twitter (https://twitter.com/eddiejaoude?ref_src=twsrc%5Egoogle%7Ctwcamp%5Eserp%7Ctwgr%5Eauthor) Eddie Jaoude GitHub (https://github.com/eddiejaoude) Credits Produced by Richard Littauer (https://www.burntfen.com/) Edited by Paul M. Bahr at Peachtree Sound (https://www.peachtreesound.com/) Show notes by DeAnn Bahr Peachtree Sound (https://www.peachtreesound.com/) Special Guest: Amanda Brock.

Amanda Brock, CEO of Open UK, joins me for an engaging conversation on best practices in founding an open-source company. In this episode, Amanda and I chat about the various business models available for building a company around open-source technology, the common pitfalls and crossroads open-source founders find themselves facing, and how to do open-source in a way that leads to long-term success and profitability. Highlights: What is Open UK? (00:40) The various business models for building a company around open-source technology (04:09) Which business models Amanda feels work best and why (08:07) The importance of founders prioritizing open-source communities (14:07) How and why to do open-source the right way (17:04) What is the true cost of founding an open-source company compared to traditional business models? (26:44) Who are you building for, and how do you get to profitability? (30:35) Links: LinkedIn: https://www.linkedin.com/in/amandabrocktech/ Twitter: www.twitter.com/amandabrocktech Open UK www.twitter.com/openuk_uk Company: www.openuk.uk

In this episode of the podcast, Grizz interviews Dawn Foster, Director Open Source Community Strategy at VMware. This is the beginning of our series on the bedrock benefits of open source. Dawn and Grizz talk about how collaboration breeds creativity, how to be a good corporate citizen in open source, and also about Dawn's path, and how she's been able to turn her fascination in open source communities into a career. Dawn's Info | https://www.linkedin.com/in/dawnfoster/ Dawn's OSFF London Talk | https://resources.finos.org/znglist/osff-london-2022-video-recordings/?c=cG9zdDoxNzE5 Dawn is Director of Open Source Community Strategy within VMware's OSPO. She is a Governing Board member / maintainer for CHAOSS, Steering Committee member for the TODO Group, co-chair of the CNCF Contributor Strategy TAG, and OpenUK board member. She has 20+ years of experience at companies like Intel and Puppet with expertise in community building, strategy, open source software, governance, metrics, and more. Dawn holds a PhD from the University of Greenwich along with an MBA and a BS in Computer Science. She has spoken at over 100 industry events, including many Linux Foundation events, KubeCon, OSCON, SXSW, FOSDEM and more. In her spare time she enjoys reading science fiction, running, and traveling. CFP - submit your talks for OSFF NYC by September 12: https://events.linuxfoundation.org/open-source-finance-forum-new-york/program/cfp/ Register - Early bird ends September 14 (Members attend for free, but register early to be entered to win FINOS swag): https://events.linuxfoundation.org/open-source-finance-forum-new-york/register/ OSFF London Videos & Pics: https://resources.finos.org/znglist/osff-london-2022-video-recordings/?c=cG9zdDo5OTA2MjA= Grizz's Info | https://www.linkedin.com/in/aarongriswold/ | grizz@finos.org ►► Visit FINOS www.finos.org ►► Get In Touch: info@finos.org

In this episode of The New Stack's On the Road show at Open Source Summit in Austin, Amanda Brock, CEO and founder of OpenUK, talked with The New Stack about revenue models for open source and how those fit into building a sustainable project.Funding an open source project has to be part of the sustainability question — open source requires humans to contribute, and those humans have bills to pay and risk burnout if the open source project is a side gig after their full time job. That's not the only expenses a project might accrue, either — there might be cloud costs, for example. Brock says there are essentially eight categories of funding models for open source, of which really two or three have been proven successful. They are support, subscription and open core.So how do we define open core, exactly? “You get different kinds of open core businesses, one that is driven very much by the needs of the company, and one that is driven by the needs of the open source project and community,” Brock said. In other words, sometimes the project exists to drive revenue, sometime the revenue exists to support the project — a subtle distinction, but it's easy to see how one or the other orientation could change a company's relationship with open source.Are both types really open source? For Brock, it all comes down to community. “It's the companies that have proper community that are really open source to me,” she said. “That's where you've got a proper project with a real community, the community is not entirely based off of your employees.”

In this episode we speak to Liz Rice, Chief Open Source Officer at Isovalent, the company behind the open source eBPF product Cilium. We discuss why it's such a revolutionary approach to developing low-level kernel applications, how BPF can be used for observability, networking and security, how developers should think about application security, and why all of these technologies are open source.About Liz RiceLiz Rice is Chief Open Source Officer at eBPF pioneers Isovalent, creators of the Cilium project, which provides cloud native networking, observability and security. Prior to Isovalent she was VP Open Source Engineering with security specialists Aqua Security. She is also Chair of the CNCF's Technical Oversight Committee, has co-chaired the KubeCon / CloudNativeCon and is an Ambassador for Open UK.Other things mentioned:IsovalentBerkeley labDave ThalerKubernetesFirecrackerLambdaM1 MacbookVS CodeLet us know what you think on Twitter:https://twitter.com/consoledotdevhttps://twitter.com/davidmyttonhttps://twitter.com/lizriceOr by email: hello@console.devAbout ConsoleConsole is the place developers go to find the best tools. Our weekly newsletter picks out the most interesting tools and new releases. We keep track of everything - dev tools, devops, cloud, and APIs - so you don't have to. Sign up for free at: https://console.devRecorded: 2022-05-05. 

This episode I take a look at open source censorship in China, wether forms spelled the end of the WWW and I speak with Amanda Brock of Open UK about their projects and their current state of open survey. The survey - https://bit.ly/OpenUKStateofOpen2022 --- Send in a voice message: https://anchor.fm/chinchillasqueaks/message

Ukrainian refugees are now beginning to arrive in Britain under the Homes for Ukraine Scheme. Money Box has been contacted by two host families having difficulty helping their guests open UK bank accounts. Karina, a doctor, escaped from Kyiv and with her mother and her 5 year old daughter. They then travelled 1,700 miles to London. They are being hosted by Roger Corke and his family. They need a bank account to get benefits and give them some financial independence. We'll hear about their experiences and get a response from the banks and the government. Energy company bosses have been grilled in Parliament this week by MPs unhappy about price rises that critics are warning could push millions of people into fuel poverty by the end of this year. Also discussed at the same meeting was the issue of credit balances - when suppliers hold onto customers' money above and beyond what they actually owe. We'll hear from a listener about that and discuss plans by the energy regulator Ofgem to put in place more regulation to protect credit balances. Also, one listener's experience of opening a new bank account and his shock at realising he also had access to three accounts from another couple. We'll investigate that. Presenter: Paul Lewis Reporter: Dan Whitworth Researcher: Sandra Hardial Editor: Jess Quayle

Queen Elizabeth will not open UK Parliament tomorrow due to mobility problems. Listen for more details. To learn more about how CNN protects listener privacy, visit cnn.com/privacy

Hear from Amanda Brock, CEO of Open UK, a not-for-profit that champions open source collaboration. In this episode we learn who inspired Amanda to become an advocate for open technology and how she's using a digital gloves to improve the education system. Be sure to listen to the very end of the episode for bonus material.You can find out more about Amanda and Open UK here:Website: https://openuk.uk/Personal Twitter: https://twitter.com/AmandaBrockUKOpenUK Twitter: https://twitter.com/openuk_ukInstagram: www.instagram.com/openukcamp/A transcription of each episode, as well as guest profiles and much more, is available on our website www.sondership.comCreditsTitle music - Buddha by Kontekst https://soundcloud.com/kontekstmusicCreative Commons — Attribution-ShareAlike 3.0 Unported — CC BY-SA 3.0Free Download or Stream: http://bit.ly/2Pe7mBNMusic promoted by Audio Library https://youtu.be/b6jK2t3lcRs Support the show

Rich Gall (@richggall) and Jennifer Riggins (@jkriggins) talk with the CEO of OpenUK Amanda Brock about the role of open technology in the UK's tech industry and wider economy.Amanda explains the work of Open UK and highlights some of the work the organisation does to promote open technology. She also discusses exactly why this work matters so much, and suggests that the UK doesn't always do as good a job as it could in talking about the extent to which it contributes to the global communities of developers and other practitioners making use of open technologies and data.We also talk about some of the challenges facing the open movement, and Amanda also highlights some of confusion that the increasingly complex world of software licensing has caused. Finally, we also touch on the State of Open report which provides some detailed insights on the importance and role of open in the UK right now, and the Open Awards, which celebrates the people that are making an impact in the field. Follow Amanda Brock on Twitter: @AmandaBrockUKLearn more about Open UKRead OpenUK's State of Open report

Guest Kavita Kapoor Panelists Eric Berry | Eriol Fox | Alyssa Wright | Richard Littauer Show Notes Hello and welcome to Sustain! The podcast where we talk about sustaining open source for the long haul. Our special guest today is Kavita Kapoor, Founding Member and Strategy Director of the Federation of Humanitarian Technologists. Kavita tells us all about the Federation of Humanitarian Technologists, how things are going there since they started, and a project they started. We learn from Kavita why she thinks it's important that children learn about technology, she gives incredible advice on how a tech person can get involved with the humanitarian efforts, and why it's important to live your mission and visions. She also tells us her perspective and shares a personal story on the lack of gender diversity in tech jobs, as well as not enough LGBTQ plus spaces for the tech community especially in the UK. Kavita is amazing, so go ahead and download this episode to hear more! [00:03:11] Kavita tells us all about her herself, her involvement in the Shorinji Kempo martial art, and how she met Mike Nolan, who is the other Founding Member of the Federations of Humanitarian Technologists. [00:05:45] We learn all about the Federation of Humanitarian Technologists. [00:07:45] Kavita talks about how they hired their first Humanitarian Aid Director and how everything is going there. [00:09:55] Eric wonders where those lines cross in open source versus what Kavita is working with humanitarian efforts. [00:13:00] Eriol asks Kavita if open source software and the open source community offer more opportunities for these Non-governmental organizations and charities to build capacity around their technology. [00:15:24] Find out why Kavita thinks it's important that children learn about technology, and whether open source can be part of that education and how early should it be. [00:19:13] Richard wonders why Kavita is so interested in the membership organizations such as OpenUK and the Federation of Humanitarian Technologists. [00:21:33] Eric tells Kavita she is a powerhouse and wonders how she has time to do the things that she's doing and also wonders if she has any other passions. [00:22:30] From the technologist side, Kavita tells us how a tech person can get involved with the humanitarian efforts such as hers and do that in a sustainable way for them, emotionally as well as financially. [00:26:43] Eriol asks to hear Kavita's perspective on things that she's witnessed when people with tech skills do get engaged with these kinds of projects, but the barriers that she's perceived and the ones that she's tried to knock down so they can participate. She talks about gender diversity and not enough LQBTQ plus spaces for the technology community, especially in the UK. [00:31:54] Find out where you can follow Kavita online. Quotes [00:06:40] “And I think it's what we all realized when we work for organizations of different scales is that it's really difficult sometimes to scale up and have the infrastructure, especially when you're working on projects that are all funded for the end goal, for the end impact.” [00:17:31] “So I went off and became COO of the Micro:bit Educational Foundation and we went around the world. We went to into sixty countries during my tenure. We went from a million devices in the UK that was given away free, four million devices around the world, and some of the kids that we worked with were incredible.” [00:19:59] “But actually, when I've been working for profit organizations, I've never felt that I could have the impact that I wanted to have or have the access to the power structures that I wanted to have so that we could actually do more good.” [00:20:25] “But the bottom line is always about where the money is.” [00:20:43] “You have to live your mission and visions.” [00:23:41] “I find it crazy at the moment that we've got so many people out of work who have tech skills and so many open tech positions and I'm trying to figure out what that gap is.” [00:24:44] “It is really where your starting point is, but you can always do something, and you can always negotiate with your teams at work to get some bandwidth.” Spotlight [00:32:24] Eric's spotlight is a new program that just launched called FundOSS. [00:33:53] Eriol's spotlight is a project called Chayn. [00:34:42] Alyssa's spotlight is being thankful that her computer is working. [00:35:02] Richard's** **spotlight is the National LGTB Chamber of Commerce (NGLCC). [00:35:58] Kavita's spotlight is Software Conservancy. Links SustainOSS (https://sustainoss.org/) Kavita Kapoor Website (https://kavitakapoor.org/) Kavita Kapoor Twitter (https://twitter.com/kavitakapoor) Kavita Kapoor Linkedin (https://www.linkedin.com/in/kavitakapoor/) OpenUK (https://openuk.uk/) International Rescue Committee (https://www.rescue.org/) Shorinji Kempo (https://www.shorinjikempo.net/en/about-shorinji-kempo/what-is-shorinji-kempo/) Federation of Humanitarian Technologists (https://www.federationof.tech/) The Federation of Humanitarian Technologists-GitHub (https://github.com/FederationOfTech/) BBC Micro Games Archive (http://www.bbcmicro.co.uk/) Micro:bit (https://microbit.org/) Project Implicit Harvard (https://implicit.harvard.edu/implicit/) Project Implicit Test (https://www.projectimplicit.net/) Lesbians Who Tech Pride Summit 2021 (https://lesbianswhotech.org/pridesummit2021/) FundOSS (https://fundoss.org/) Chayn (https://chayn.co/) National LGBTQ Chamber of Commerce (https://www.nglcc.org/) Software Freedom Conservancy (https://sfconservancy.org/) Sustain Podcast-Episode 69-“Humanitarian Open Source” with Michael Nolan. (https://podcast.sustainoss.org/69) Sustain Podcast-Episode 49-“What OpenUK Does” with Amanda Brock & Andrew Katz (https://podcast.sustainoss.org/49) Sustain Podcast-Episode 68-“Introducing FundOSS.org: A new way of funding open source, by Gitcoin x Sustain” with Kevin Owocki. (https://podcast.sustainoss.org/68) Credits Produced by Richard Littauer (https://www.burntfen.com/) Edited by Paul M. Bahr at Peachtree Sound (https://www.peachtreesound.com/) Show notes by DeAnn Bahr at Peachtree Sound (https://www.peachtreesound.com/) Special Guest: Kavita Kapoor.

Abstract of the talk… Kubernetes is a powerful set of abstractions, but it's flexibility and configurability means it's pretty insecure by default. In this hands on talk, I'll show how an attacker can expand the blast radius of an exploit from a vulnerable web application in a container to owning the entire cluster. I'll also cover some ways in which you can prevent this happening to you ! Bio… Matt Jarvis is a Senior Developer Advocate at Snyk. Matt has spent more than 15 years building products and services around open source software, on everything from embedded devices to large scale distributed systems. Most recently he has been focused on the open cloud infrastructure space, and in emerging patterns for cloud native applications. Matt is a regular speaker at conferences across the world, including Open Infrastructure Summit, FOSDEM and All Things Open, a past winner of the OpenStack Outstanding Community Contributor award, and in 2021 was named one of the Top 100 influencers in Open Technologies in the UK. Matt is also a board director of OpenUK, and the founder of Cloud Native Manchester and Cloud Natives UK. Key take-aways from the talk… Kubernetes security considerations

Jonathan Riddell, who created and leads KDE Neon, gives Doc Searls and Simon Phipps the fascinating backstory of the project and what makes it distinctive. Here's a clue, it was inspired by surfing. The conversation also ranges across the past and future of Linux on desktops and laptops, KDE's Akademy, OpenUK and its awards and much more. Hosts: Doc Searls and Simon Phipps Guest: Jonathan Riddell Download or subscribe to this show at https://twit.tv/shows/floss-weekly Think your open source project should be on FLOSS Weekly? Email floss@twit.tv. Thanks to Lullabot's Jeff Robbins, web designer and musician, for our theme music. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsor: Melissa.com/twit

Jonathan Riddell, who created and leads KDE Neon, gives Doc Searls and Simon Phipps the fascinating backstory of the project and what makes it distinctive. Here's a clue, it was inspired by surfing. The conversation also ranges across the past and future of Linux on desktops and laptops, KDE's Akademy, OpenUK and its awards and much more. Hosts: Doc Searls and Simon Phipps Guest: Jonathan Riddell Download or subscribe to this show at https://twit.tv/shows/floss-weekly Think your open source project should be on FLOSS Weekly? Email floss@twit.tv. Thanks to Lullabot's Jeff Robbins, web designer and musician, for our theme music. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsor: Melissa.com/twit

Jonathan Riddell, who created and leads KDE Neon, gives Doc Searls and Simon Phipps the fascinating backstory of the project and what makes it distinctive. Here's a clue, it was inspired by surfing. The conversation also ranges across the past and future of Linux on desktops and laptops, KDE's Akademy, OpenUK and its awards and much more. Hosts: Doc Searls and Simon Phipps Guest: Jonathan Riddell Download or subscribe to this show at https://twit.tv/shows/floss-weekly Think your open source project should be on FLOSS Weekly? Email floss@twit.tv. Thanks to Lullabot's Jeff Robbins, web designer and musician, for our theme music. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsor: Melissa.com/twit

Jonathan Riddell, who created and leads KDE Neon, gives Doc Searls and Simon Phipps the fascinating backstory of the project and what makes it distinctive. Here's a clue, it was inspired by surfing. The conversation also ranges across the past and future of Linux on desktops and laptops, KDE's Akademy, OpenUK and its awards and much more. Hosts: Doc Searls and Simon Phipps Guest: Jonathan Riddell Download or subscribe to this show at https://twit.tv/shows/floss-weekly Think your open source project should be on FLOSS Weekly? Email floss@twit.tv. Thanks to Lullabot's Jeff Robbins, web designer and musician, for our theme music. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsor: Melissa.com/twit

Jonathan Riddell, who created and leads KDE Neon, gives Doc Searls and Simon Phipps the fascinating backstory of the project and what makes it distinctive. Here's a clue, it was inspired by surfing. The conversation also ranges across the past and future of Linux on desktops and laptops, KDE's Akademy, OpenUK and its awards and much more. Hosts: Doc Searls and Simon Phipps Guest: Jonathan Riddell Download or subscribe to this show at https://twit.tv/shows/floss-weekly Think your open source project should be on FLOSS Weekly? Email floss@twit.tv. Thanks to Lullabot's Jeff Robbins, web designer and musician, for our theme music. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsor: Melissa.com/twit

Jonathan Riddell, who created and leads KDE Neon, gives Doc Searls and Simon Phipps the fascinating backstory of the project and what makes it distinctive. Here's a clue, it was inspired by surfing. The conversation also ranges across the past and future of Linux on desktops and laptops, KDE's Akademy, OpenUK and its awards and much more. Hosts: Doc Searls and Simon Phipps Guest: Jonathan Riddell Download or subscribe to this show at https://twit.tv/shows/floss-weekly Think your open source project should be on FLOSS Weekly? Email floss@twit.tv. Thanks to Lullabot's Jeff Robbins, web designer and musician, for our theme music. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsor: Melissa.com/twit

Jonathan Riddell, who created and leads KDE Neon, gives Doc Searls and Simon Phipps the fascinating backstory of the project and what makes it distinctive. Here's a clue, it was inspired by surfing. The conversation also ranges across the past and future of Linux on desktops and laptops, KDE's Akademy, OpenUK and its awards and much more. Hosts: Doc Searls and Simon Phipps Guest: Jonathan Riddell Download or subscribe to this show at https://twit.tv/shows/floss-weekly Think your open source project should be on FLOSS Weekly? Email floss@twit.tv. Thanks to Lullabot's Jeff Robbins, web designer and musician, for our theme music. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsor: Melissa.com/twit

Jonathan Riddell, who created and leads KDE Neon, gives Doc Searls and Simon Phipps the fascinating backstory of the project and what makes it distinctive. Here's a clue, it was inspired by surfing. The conversation also ranges across the past and future of Linux on desktops and laptops, KDE's Akademy, OpenUK and its awards and much more. Hosts: Doc Searls and Simon Phipps Guest: Jonathan Riddell Download or subscribe to this show at https://twit.tv/shows/floss-weekly Think your open source project should be on FLOSS Weekly? Email floss@twit.tv. Thanks to Lullabot's Jeff Robbins, web designer and musician, for our theme music. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsor: Melissa.com/twit

Extended Berkeley Packet Filter (eBPF) allows us to tap into the kernel to implement monitoring, observability, networking, and security.  In this episode, we invited Chris Kranz and Liz Rice to discuss the usage and adoption of eBPF within Cloud Native solutions.Referenceshttp://www.brendangregg.com/https://nathanleclaire.com/https://github.com/iovisor/bpftracehttps://ebpf.io/what-is-ebpfhttps://github.com/lizrice/ebpf-beginnerseBPF for Windows: https://www.youtube.com/watch?v=LrrV-eo6fugCommunity: http://slack.cilium.io/eBPF Summit 2021https://ebpf.io/summit-2021/Please visit our YouTube Channel to see Chris present in our June 2021 Gathering (monthly meet-up).Guest SpeakersChris KranzChris supports the Sales Engineering team in EMEA at Sysdig, helping make cloud native easier and more secure for Sysdig customers. Before joining Sysdig, he spent time building microservices and cloud applications with various end users, and before that lived a life of cloud, virtualisation and storage!https://www.linkedin.com/in/ckranz/@ckranzLiz RiceLiz is focused on containers, cloud native technologies, security and distributed systems, and  heavily involved in open source as the chair the Technical Oversight Committee of the Cloud Native Computing Foundation (CNCF), and an ambassador for OpenUK.https://www.linkedin.com/in/lizrice/@lizriceYour HostsMichael Man: https://www.linkedin.com/in/mman/Glenn Wilson: https://www.linkedin.com/in/glennwilson/DevSecOps - London GatheringKeep in touch with our events associated with this podcast.https://www.meetup.com/DevSecOps-London-Gathering/https://twitter.com/DevSecOps_LGhttps://www.youtube.com/c/DevSecOpsLondonGathering

In this episode, I chat with Amanda Brock, the CEO of Open UK. Amanda is a key driver of open source in the UK as she coordinates technology, business, and industry. I think this podcast will be useful to anyone who wants to know more about the state of open source in the UK and Europe. Some of the other interesting topics we cover include: The Open Invention Network which is the largest patent licensing community in the world for open source software The importance of defensive patent strategies for enterprises And how contributing to open source communities gives a company power to influence the projects direction Link to the State of Open: The UK in 2021 report by Open UK: https://openuk.uk/stateofopen/ Follow OpenTeams on: Twitter: https://twitter.com/openteamsinc LinkedIn: https://www.linkedin.com/company/openteams Facebook: https://www.facebook.com/openteamsinc Instagram: https://www.instagram.com/openteams/ Support this podcast by liking this video and subscribing to OpenTeams’ YouTube channel: https://bit.ly/2ZBPGnt You can also show support for this podcast by leaving a rating and review for the podcast on Apple Podcasts. Link to podcast channel: https://apple.co/3itAzne Thanks for listening!

On this week’s show we have a return visitor in Amanda Brock from Open UK. We talk to Amanda about open business models, a research project on the UK Open Technology market, and COP26. You can find our more about Open UK’s work at https://openuk.uk/ This week’s automated transcription: Intro Chris: Welcome back everybody. After […]

On this week’s show we have a return visitor in Amanda Brock from Open UK. We talk to Amanda about open business models, a research project on the UK Open Technology market, and COP26. You can find our more about Open UK’s work at https://openuk.uk/ This week’s automated transcription: Intro Chris: Welcome back everybody. After […]

This week we are joined by Amanda Brock, CEO at Open UK, for a discussion around the growing prominence of Open technologies in both corporate and governmental digital strategies. We cover common misconceptions about Open Source and dig into how tech leaders should frame the use of Open when building their digital strategies.

Creating Ecosystems around open source standards and the Commons is a challenging task that has been taken strategically by many of the dominating brands of our times - such as Google with Android.    For this reason, we wanted to feature one iconic project on the podcast that we often use as a yardstick when debating opportunities to develop truly open ecosystem strategies: the Open Compute Project Foundation, initiated by Facebook in 2011.    Details on what OCP is and does will be shared directly during the podcast by our guests: Steve Helvie, VP of Channel, and Archna Haylock, Community Director at OCP.    In his role, Steve helps to educate organizations on the benefits of open source hardware designs and the value of “community-driven” engineering for the data center. Archna, on the other hand, is responsible for the global community, and involved directly in its governance processes.    In this inspiring conversation - we touch upon the topics of innovation, collaboration and industry change - and our two guests show how openness can provide solutions to an increasing set of global challenges. We explore what’s needed for organizations to collaborate in an open source way, how to view competitors in the ecosystem, and how the definition of a data centre has changed through emerging needs for circularity and sustainability. Remember that you can always find transcripts and key highlights of the episode on our Medium publication: https://platformdesigntoolkit.com/podcast-S2E15-Steve-Helvie-Archna-Haylock    To find out more about Archna’s and Steve’s work:   > Archna’s LinkedIn: https://www.linkedin.com/in/archnahaylock > Archna’s Twitter: https://twitter.com/ArchnaOCP  > Steve’s LinkedIn: https://uk.linkedin.com/in/steve-helvie-37935712 > Steve’s Twitter: https://twitter.com/stevehelvie > Website: https://www.opencompute.org/  Other references and mentions:   > Boundaryless Whitepaper, New Foundations of Platform-Ecosystem Thinking — Designing Products and Organizations for a changing world, 2020: https://platformdesigntoolkit.com/DOWNLOAD-NF   > Building Complex Organizations through Simple Constraints: Zappos — with John Bunch: https://stories.platformdesigntoolkit.com/building-complex-organizations-through-simple-constraints-zappos-with-john-bunch-a2aaa916663e   > Open Networking Foundation: https://opennetworking.org/    > Telecom Infra Project (TIP): https://telecominfraproject.com/    > The Linux Foundation: https://www.linuxfoundation.org/   > IEEE: https://www.ieee.org/   > Mozilla, Open Source Archetypes: A framework For  Purposeful Open Source, 2018: https://blog.mozilla.org/wp-content/uploads/2018/05/MZOTS_OS_Archetypes_report_ext_scr.pdf   > GAIA-X: https://data-infrastructure.eu/   > OpenUK: https://openuk.uk/   > Future of Sustainable Data Alliance: https://futureofsustainabledata.com/   > OCP Future Technologies Symposium: https://www.opencompute.org/summit/ocp-future-technologies-symposium   > Kubernetes:https://kubernetes.io/    Find out more about the show and the research at Boundaryless at www.platformdesigntoolkit.com/podcast   Thanks for the ad-hoc music to Liosound / Walter Mobilio. Find his portfolio here: www.platformdesigntoolkit.com/music   Recorded on 7 April 2021.

Data is a vital commodity in modern business, but there's a growing movement based on openly sharing it for mutual benefit. This trend has neatly intersected with the ongoing coronavirus crisis, in the form of the track and trace efforts which are being used to measure and limit the spread of the virus - but how exactly is open data being used to fight the pandemic, and what lessons can we learn about the use of open data in a business setting?In this week's episode, we're joined by Amanda Brock, CEO of industry body Open UK, to find out more about how open data is contributing to relief efforts, the pitfalls of poorly-planned strategies, and how organisations can collaborate on data initiatives.For links to everything we've spoken about this week, check out http://bit.ly/ITPP-opendata.

Da un articolo di Amanda Brock, CEO di OpenUK che ci racconta cosa è successo nel mondo open source nel 2019Trovate l'originale quihttps://www.information-age.com/7-game-changing-moments-open-source-technologies-2019-123486710/Se vuoi associarti ad Enterprise OSS segui questo link: https://www.enterpriseoss.com/open-source-network/