1 00:00:00,000 --> 00:00:02,520 Is infrastructure as code now widely adopted? 2 00:00:02,710 --> 00:00:05,090 Most organizations that are doing infrastructure, especially 3 00:00:05,090 --> 00:00:07,438 those using cloud infrastructure, are using 4 00:00:07,438 --> 00:00:10,554 infrastructure as code tools. Now, how they're using it, how 5 00:00:10,554 --> 00:00:12,660 effectively they're using it is a different matter. 6 00:00:12,720 --> 00:00:15,432 How come even though we have cloud now, things are still kind 7 00:00:15,432 --> 00:00:18,392 of like still complex? Code is kind of a painful way to 8 00:00:18,392 --> 00:00:21,027 work with, storing it in your Git repositories and all that 9 00:00:21,027 --> 00:00:23,290 kind of stuff. Why didn't cloud magically make 10 00:00:23,290 --> 00:00:26,015 it, so we can just have infrastructure when we need it 11 00:00:26,015 --> 00:00:28,390 and how we need it? Kief Morris is a Distinguished 12 00:00:28,390 --> 00:00:31,280 Engineer at ThoughtWorks, best known for his foundational book, 13 00:00:31,280 --> 00:00:34,134 "Infrastructure as Code". And Kief is back today to talk 14 00:00:34,134 --> 00:00:36,242 about the same book. But you know what, it's been in 15 00:00:36,242 --> 00:00:38,130 the third edition now. People working on infrastructure 16 00:00:38,130 --> 00:00:40,530 are kind of like, well, it's plumbing, right? 17 00:00:40,530 --> 00:00:41,940 It's often very disconnected, right? 18 00:00:41,940 --> 00:00:44,166 Business folks, "This is not what our business is, right? 19 00:00:44,166 --> 00:00:45,780 Our business is not infrastructure." 20 00:00:45,780 --> 00:00:48,690 They're very frustrated by finding that infrastructure and 21 00:00:48,690 --> 00:00:50,670 environments, and all that kind of stuff is kind of a 22 00:00:50,670 --> 00:00:51,930 bottleneck. It's kind of a friction point. 23 00:00:52,050 --> 00:00:54,420 What about AI in infrastructure as code space? 24 00:00:54,420 --> 00:00:56,190 So what do you see the trends coming? 25 00:00:56,250 --> 00:00:58,170 I don't think you wanna vibe code your infrastructure. 26 00:00:58,320 --> 00:00:59,460 You need to understand what's going on there. 27 00:00:59,460 --> 00:01:02,788 If you're using AI to kind of create infrastructure for you, 28 00:01:02,788 --> 00:01:05,789 or you create infrastructure code for you, having that 29 00:01:05,789 --> 00:01:07,559 knowledge, it's important to get the levels right. 30 00:01:07,559 --> 00:01:09,843 And I still hear an organization where the people were saying, 31 00:01:09,843 --> 00:01:12,930 "We can't automate this task because it's too sensitive, it's 32 00:01:12,930 --> 00:01:15,809 too compliance and stuff. We can't trust the 33 00:01:15,809 --> 00:01:17,659 automatedness." You trust humans, instead? 34 00:01:17,659 --> 00:01:20,588 Rather than saying, "We're gonna go slow and carefully inspect 35 00:01:20,588 --> 00:01:22,254 everything". And that's how we're gonna get 36 00:01:22,254 --> 00:01:23,800 good governance. In order to go fast, we have to 37 00:01:23,800 --> 00:01:25,470 get rid of governance. Actually, you can have both. 38 00:01:25,530 --> 00:01:43,119 That's the secret sauce. Hello, guys. 39 00:01:43,119 --> 00:01:46,034 Welcome back to another new episode of the Tech Lead Journal 40 00:01:46,034 --> 00:01:48,081 podcast. I'm very excited today to have 41 00:01:48,081 --> 00:01:50,675 another repeat guest. Today, I have Kief Morris with 42 00:01:50,675 --> 00:01:54,041 me. If you are a long time Tech Lead 43 00:01:54,041 --> 00:01:56,840 Journal listeners, you probably still remember Kief actually 44 00:01:56,840 --> 00:02:00,371 appeared in episode number five. That was almost like five years 45 00:02:00,371 --> 00:02:02,755 ago. So it's been a long, long time 46 00:02:02,755 --> 00:02:06,085 since our last conversation. And Kief is back today to talk 47 00:02:06,085 --> 00:02:08,896 about the same book that we talked about last time, 48 00:02:08,896 --> 00:02:11,606 Infrastructure as Code. But you know what, it's been in 49 00:02:11,606 --> 00:02:14,220 the third edition now. So when we talked back then, it 50 00:02:14,220 --> 00:02:16,709 was in the first edition. The second edition is kind of 51 00:02:16,709 --> 00:02:19,100 like up and coming. And now we are in the third 52 00:02:19,100 --> 00:02:20,574 edition. So hopefully we are gonna cover 53 00:02:20,574 --> 00:02:22,857 a lot of things that have changed in the infrastructure as 54 00:02:22,857 --> 00:02:25,817 code world and what are the things, the important things 55 00:02:25,817 --> 00:02:27,506 that we can learn from the new book. 56 00:02:27,506 --> 00:02:29,156 So Kief, welcome back to the show. 57 00:02:29,156 --> 00:02:31,326 Really excited to have you. Yeah, thanks a lot, Henry. 58 00:02:31,626 --> 00:02:34,713 I'm glad to be here. It was fun being in the early 59 00:02:34,713 --> 00:02:37,400 days of the podcast, so it's really, it's really cool to be 60 00:02:37,400 --> 00:02:39,282 back now that it's been going strong for so long. 61 00:02:40,242 --> 00:02:42,651 Right. Kief, maybe if you can, uh, just 62 00:02:42,651 --> 00:02:45,826 give us a little bit of, I don't know, like updates, what have 63 00:02:45,826 --> 00:02:49,186 you been up to in the last four to five years since our last 64 00:02:49,186 --> 00:02:50,672 conversation? Anything interesting that you 65 00:02:50,672 --> 00:02:52,970 have been working lately? Sure. 66 00:02:53,000 --> 00:02:55,520 Um, so yeah, so I'm still at ThoughtWorks. 67 00:02:55,550 --> 00:03:00,334 I've been and still in London. So I think my role has kind of 68 00:03:00,334 --> 00:03:02,838 evolved a bit as the company has grown. 69 00:03:03,195 --> 00:03:05,960 I'm now what's called a distinguished engineer. 70 00:03:06,407 --> 00:03:09,427 So basically my role, I get involved in projects. 71 00:03:09,427 --> 00:03:11,977 I get involved in talking to potential clients, existing 72 00:03:11,977 --> 00:03:14,584 clients, people outside, partners. 73 00:03:14,734 --> 00:03:18,182 Basically, it's all about, for me, it's all about exploring 74 00:03:18,182 --> 00:03:20,936 ideas, finding out about how people are doing things, what 75 00:03:20,936 --> 00:03:22,406 they're learning, and sharing that around. 76 00:03:22,960 --> 00:03:24,580 So yeah, I've really been enjoying that, 'cause it's just 77 00:03:24,580 --> 00:03:27,643 given me the opportunity to get involved with a lot of different 78 00:03:27,643 --> 00:03:29,811 teams and different situations. Right. 79 00:03:29,909 --> 00:03:32,606 So now your title is kind of like Distinguished Infra E 80 00:03:32,606 --> 00:03:34,086 ngineer, right? Distinguished Engineer. 81 00:03:34,086 --> 00:03:36,717 I know that in some companies they also have these kind of 82 00:03:36,717 --> 00:03:39,154 titles. In your view, what actually 83 00:03:39,154 --> 00:03:40,806 defines a Distinguished Engineer? 84 00:03:41,715 --> 00:03:44,115 I think it depends on the company, obviously in the 85 00:03:44,115 --> 00:03:46,167 organization. Um, it's mostly, so the other 86 00:03:46,167 --> 00:03:48,920 distinguished engineers are people like Neal Ford and, um, 87 00:03:48,920 --> 00:03:51,566 Birgitta Böckeler and James Lewis and a few others. 88 00:03:52,058 --> 00:03:55,479 And it would tend to be people who are sharing information 89 00:03:55,479 --> 00:03:58,061 externally, whether through books or speaking or, you know, 90 00:03:58,061 --> 00:04:01,097 combinations of things. So I think, for us, that's a big 91 00:04:01,097 --> 00:04:04,550 part of it is, it is kind of helping to kind of gather and 92 00:04:04,550 --> 00:04:08,236 synthesize ideas and, you know, new ideas as much as possible 93 00:04:08,236 --> 00:04:11,512 and sharing it, right? It's all about, yeah, sharing 94 00:04:11,512 --> 00:04:13,977 ideas, learning and sharing. Right. 95 00:04:13,977 --> 00:04:16,011 It is, again, my pleasure to have another Thoughtworker in 96 00:04:16,011 --> 00:04:18,774 the show. So, Kief, let's start to go 97 00:04:18,774 --> 00:04:20,750 discuss about the topics today, right? 98 00:04:20,750 --> 00:04:23,252 So infrastructure as code. I know that we talked about it 99 00:04:23,252 --> 00:04:25,916 last time, but maybe let's start with the definition again, 100 00:04:25,916 --> 00:04:28,015 right? Because, uh, maybe things have 101 00:04:28,015 --> 00:04:29,750 changed. Maybe you have a new definition. 102 00:04:29,750 --> 00:04:32,510 Maybe if you can define what is infrastructure as code today. 103 00:04:33,149 --> 00:04:36,202 Yeah, so I think usually when I describe it, I say it's 104 00:04:36,202 --> 00:04:39,387 something about using tools and techniques and practices and so 105 00:04:39,387 --> 00:04:42,250 on from software engineering and applying them to managing 106 00:04:42,250 --> 00:04:44,798 infrastructure. Now that's probably still 107 00:04:44,798 --> 00:04:46,694 accurate. I think there's a lot of 108 00:04:46,694 --> 00:04:49,490 interesting stuff going on now if you look at infrastructure 109 00:04:49,490 --> 00:04:52,330 management and automated infrastructure management, that 110 00:04:52,330 --> 00:04:56,576 kind of as code paradigm, there's a lot of kind of 111 00:04:56,576 --> 00:04:58,940 experimentation on trying different ways that aren't 112 00:04:58,940 --> 00:05:01,456 necessarily directly about code or used in different ways. 113 00:05:01,456 --> 00:05:05,050 So I think there's something about saying that, yeah, it is 114 00:05:05,050 --> 00:05:09,584 about using code as the means for specifying your 115 00:05:09,584 --> 00:05:12,804 infrastructure. And yeah, I think that's, that's 116 00:05:12,804 --> 00:05:15,386 probably a fair definition. I'm, I'm tending to kind of talk 117 00:05:15,386 --> 00:05:17,962 a little bit more now and use the phrase infrastructure 118 00:05:17,962 --> 00:05:21,636 automation and infrastructure orchestration just to kind of be 119 00:05:21,636 --> 00:05:23,789 a little bit more all encompassing of, of maybe some 120 00:05:23,789 --> 00:05:26,274 of the other kind of techniques and things that are emerging. 121 00:05:28,440 --> 00:05:30,270 Yeah, so when we speak about code, right? 122 00:05:30,270 --> 00:05:32,864 So, so many people would associate it to like programming 123 00:05:32,864 --> 00:05:35,569 language, you know, write kind of like scripts and things like 124 00:05:35,569 --> 00:05:37,620 that. I, I think in the last few years 125 00:05:37,620 --> 00:05:39,977 we can see the tools in infrastructure as code mostly 126 00:05:39,977 --> 00:05:41,550 are kind of like a yaml, you know. 127 00:05:41,670 --> 00:05:43,830 Some, some form of DSL and things like that. 128 00:05:44,130 --> 00:05:47,860 So maybe that's probably where, you know, some of the analogy of 129 00:05:47,860 --> 00:05:50,190 code maybe breaks. But although recently there are 130 00:05:50,190 --> 00:05:52,970 a lot of tools also written in programming languages. 131 00:05:52,970 --> 00:05:55,730 Things like Pulumi, CDK, and all that, right. 132 00:05:55,730 --> 00:05:57,740 So probably we'll talk about the tools later on. 133 00:05:58,130 --> 00:06:01,393 In your experience consulting with clients, you know, you've 134 00:06:01,393 --> 00:06:04,121 seen different parts of the world, is infrastructures as 135 00:06:04,121 --> 00:06:08,295 code now widely adopted or is it still something that is hard for 136 00:06:08,295 --> 00:06:10,566 people to practice? I think it is. 137 00:06:10,839 --> 00:06:13,165 I tried to do a little bit of research on this, but it's a 138 00:06:13,165 --> 00:06:15,407 little bit hard to find concrete numbers. 139 00:06:15,407 --> 00:06:18,437 I would say most organizations that are doing infrastructure, 140 00:06:18,437 --> 00:06:21,965 especially those using cloud infrastructure are using 141 00:06:21,965 --> 00:06:25,895 infrastructure as code tools. Now how they're using it, how 142 00:06:25,895 --> 00:06:28,296 effectively they're using it is a different matter. 143 00:06:28,296 --> 00:06:31,556 But, um, you know, I think it is pretty much the default these 144 00:06:31,556 --> 00:06:32,930 days. Right. 145 00:06:33,388 --> 00:06:35,278 So if you can elaborate a little bit more. 146 00:06:35,278 --> 00:06:37,378 You have written three editions of the book, right? 147 00:06:37,408 --> 00:06:39,388 Maybe what are some of the major changes? 148 00:06:39,388 --> 00:06:41,545 Maybe starting from the first to the second to the third. 149 00:06:41,659 --> 00:06:45,029 What are the key themes that you see changing such that you want 150 00:06:45,029 --> 00:06:46,683 to write a new edition? Yeah. 151 00:06:46,889 --> 00:06:50,129 So the first edition was 2016, second edition was 2020. 152 00:06:50,756 --> 00:06:54,378 And the first edition, it was like servers was a big part of 153 00:06:54,378 --> 00:06:55,826 it. And that was like the subtitle 154 00:06:55,826 --> 00:06:57,575 of the book was Managing Servers in the Cloud. 155 00:06:58,126 --> 00:07:01,174 And so Chef and Puppet and Ansible and these kind of things 156 00:07:01,174 --> 00:07:04,880 were the main thing, even though things like Terraform and 157 00:07:04,880 --> 00:07:07,640 CloudFormation had emerged and people were starting to use 158 00:07:07,640 --> 00:07:09,759 those. And that was, you know, that was 159 00:07:09,759 --> 00:07:12,283 part of, what I talked about in that first edition. 160 00:07:12,600 --> 00:07:14,894 Servers had like, you know, multiple chapters covering 161 00:07:14,894 --> 00:07:17,263 servers. And then in the second edition, 162 00:07:17,263 --> 00:07:20,152 servers were still in there, but a lot more of the emphasis now 163 00:07:20,152 --> 00:07:22,948 is on what are these things you use to orchestrate, you know, 164 00:07:23,008 --> 00:07:25,728 cloud type, like multiple resources, including servers in 165 00:07:25,728 --> 00:07:28,558 the mix, but like all the kind of other things around it. 166 00:07:28,961 --> 00:07:30,956 So again, Terraform, CloudFormation, CDK, Pulumi, 167 00:07:30,956 --> 00:07:34,934 those were the kind of tools that were a big part of the 168 00:07:34,934 --> 00:07:37,273 focus. So the third edition, it's 169 00:07:37,273 --> 00:07:40,249 funny, so when I first kind of undertook to do the third 170 00:07:40,249 --> 00:07:42,123 edition, I was thinking, well, it probably doesn't need to 171 00:07:42,123 --> 00:07:44,488 change that much, you know, some refresh and updating and all 172 00:07:44,488 --> 00:07:46,775 that. But I found that actually there 173 00:07:46,775 --> 00:07:50,175 was a lot more to talk about than I'd expected. 174 00:07:50,175 --> 00:07:55,887 I think one of the things was around kind of thinking about 175 00:07:55,887 --> 00:07:59,677 how to align what we build with infrastructure to kind of 176 00:07:59,677 --> 00:08:01,902 business needs and business value and thinking a little bit 177 00:08:01,902 --> 00:08:03,482 more about that and bringing that more into it. 178 00:08:04,084 --> 00:08:05,329 It's become... Infrastructure and infra, you 179 00:08:05,329 --> 00:08:09,244 know, cloud and all this stuff has become a lot more pervasive. 180 00:08:09,244 --> 00:08:12,286 Whereas previously it was kind of something that maybe a, you 181 00:08:12,286 --> 00:08:15,870 know, one part of the business was doing or like, you know, 182 00:08:15,870 --> 00:08:17,706 startups and these kind of things. 183 00:08:17,706 --> 00:08:20,594 And now, it's become so much more pervasive that I think it's 184 00:08:20,594 --> 00:08:23,398 become really important. And also with kinda like the 185 00:08:23,398 --> 00:08:26,464 slowing of growth and so on where it used to be everybody 186 00:08:26,464 --> 00:08:29,595 going and building as much as they can and getting everything 187 00:08:29,595 --> 00:08:32,020 digital, you know, digital transformations and all that. 188 00:08:32,260 --> 00:08:35,304 And now, I think more recently there's been a lot of thinking 189 00:08:35,304 --> 00:08:37,160 about, well, how do we kind of reign it in a bit? 190 00:08:37,191 --> 00:08:40,345 How do we consolidate all of the different stuff that maybe we've 191 00:08:40,345 --> 00:08:43,354 chucked up on the cloud? So that's been one theme. 192 00:08:43,883 --> 00:08:47,250 Another theme was design of infrastructure and how to design 193 00:08:47,250 --> 00:08:50,658 more complex infrastructure states using code. 194 00:08:50,898 --> 00:08:55,157 And the third is what you could call kind of orchestration. 195 00:08:55,157 --> 00:08:59,759 So this is thinking about if you use Terraform or OpenTofu, you 196 00:08:59,759 --> 00:09:03,457 have, uh, these TACOS, this idea of things like, I dunno, 197 00:09:03,457 --> 00:09:06,621 Atlantis and Spacelift and Terrateam and loads of different 198 00:09:06,621 --> 00:09:10,148 things out there to help you to kind of manage your 199 00:09:10,148 --> 00:09:13,427 infrastructure code and deploy it, and update it and all of 200 00:09:13,427 --> 00:09:15,363 that. So I think that's been a big 201 00:09:15,363 --> 00:09:18,242 shift and we're still kind of underway, I would say in that, 202 00:09:18,242 --> 00:09:21,600 it used to be that we would write loads and loads of custom 203 00:09:21,600 --> 00:09:23,730 scripts to manage, like to, you know. 204 00:09:23,730 --> 00:09:26,354 So we might use a tool like Terraform, but we would be 205 00:09:26,354 --> 00:09:28,890 writing scripts, Makefile, shell scripts, Python scripts, 206 00:09:28,890 --> 00:09:32,508 whatever, to run the tool to kind of pull everything together 207 00:09:32,508 --> 00:09:34,020 and configuration and all of that. 208 00:09:34,491 --> 00:09:38,271 And so I think we're moving towards a little bit more, I 209 00:09:38,271 --> 00:09:40,491 think an aspiration to standardize that. 210 00:09:40,491 --> 00:09:43,233 So an aspiration that as a team you shouldn't have to hand roll 211 00:09:43,233 --> 00:09:46,321 all of that stuff. But I don't think we're quite 212 00:09:46,321 --> 00:09:48,286 there yet. So I talk a bit about things 213 00:09:48,286 --> 00:09:51,177 like, so what are some of the tools out there and the 214 00:09:51,177 --> 00:09:54,982 different angles and aspects of orchestration that they focus 215 00:09:54,982 --> 00:09:56,855 on. Also things like team 216 00:09:56,855 --> 00:09:59,981 structures, team topologies, I, you know, make a reference to 217 00:09:59,981 --> 00:10:04,422 and use their kind of, um, language and kind of visual ways 218 00:10:04,422 --> 00:10:07,392 of representing team shapes and interactions. 219 00:10:07,392 --> 00:10:09,818 Cause I think, again, that's important to think about so it 220 00:10:09,818 --> 00:10:12,407 all kind of comes together. How do you deploy it and deliver 221 00:10:12,407 --> 00:10:13,579 it? How do you organize your teams 222 00:10:13,579 --> 00:10:15,674 to use it? How do you design it? 223 00:10:15,794 --> 00:10:18,492 So yeah, so that's been kind of overall the theme of this third 224 00:10:18,492 --> 00:10:20,847 edition is all of those things and how they kind of 225 00:10:20,847 --> 00:10:22,086 interrelate. Right. 226 00:10:22,146 --> 00:10:24,565 Thanks for summarizing that. So definitely very interesting, 227 00:10:24,565 --> 00:10:27,009 those key themes, right? Hopefully we can get to cover 228 00:10:27,009 --> 00:10:28,935 most of them, if not all of them, right? 229 00:10:29,205 --> 00:10:31,761 So I think one of the interesting thing that you just 230 00:10:31,761 --> 00:10:34,814 mentioned is about... the theme about aligning infrastructure as 231 00:10:34,814 --> 00:10:37,391 code or infrastructure in general to the business value. 232 00:10:37,391 --> 00:10:40,757 So I think probably this is so rarely spoken about. 233 00:10:41,147 --> 00:10:43,467 Typically, people talk about application service, you know, 234 00:10:43,467 --> 00:10:45,737 architecture, microservice, monolith to the business value, 235 00:10:45,737 --> 00:10:47,357 domain-driven design and all that. 236 00:10:47,657 --> 00:10:50,871 But infrastructure, kind of like maybe lesser talked about with 237 00:10:50,871 --> 00:10:53,377 the business value. So maybe tell us a little bit 238 00:10:53,377 --> 00:10:56,277 what kind of, I don't know, like misalignment that happens in the 239 00:10:56,277 --> 00:10:59,127 industry or what kind of business value that is not 240 00:10:59,127 --> 00:11:01,077 driven yet by infrastructure as code. 241 00:11:01,536 --> 00:11:03,824 Yeah, I think it's often very disconnected, right? 242 00:11:03,824 --> 00:11:05,431 Because it's seems quite distant. 243 00:11:05,431 --> 00:11:08,155 So... and I think there's an aspiration we tend to want to 244 00:11:08,155 --> 00:11:10,514 think about. And people on both sides of like 245 00:11:10,514 --> 00:11:12,408 say business leadership, technology leadership, and then 246 00:11:12,408 --> 00:11:15,517 people working on infrastructure are kinda like, well, it's 247 00:11:15,517 --> 00:11:17,837 plumbing, right? It's, you know, it's basic stuff 248 00:11:17,837 --> 00:11:20,544 that doesn't really matter what it is that runs on it, you just 249 00:11:20,544 --> 00:11:22,300 kind of build the same, you know, servers, databases, 250 00:11:22,300 --> 00:11:25,300 networking structures, and then let somebody else come in and 251 00:11:25,300 --> 00:11:26,710 deploy their applications onto it. 252 00:11:27,009 --> 00:11:30,036 Or in the case of like business folks, it's just like, this is 253 00:11:30,036 --> 00:11:32,004 not what our business is, right? Our business is not 254 00:11:32,004 --> 00:11:33,666 infrastructure. It's whatever it may be. 255 00:11:34,068 --> 00:11:36,378 And so we just need to have stuff that works. 256 00:11:36,739 --> 00:11:39,532 And so I think that kind of gap, that kind of feeling of both 257 00:11:39,532 --> 00:11:42,442 sides that like, well, we don't really need to think about this 258 00:11:42,442 --> 00:11:45,740 too much, leads to mismatches. And that kind of manifests as if 259 00:11:45,740 --> 00:11:48,726 you talk to kind of business leaders and technology leaders 260 00:11:48,726 --> 00:11:51,819 and say product leaders, often they're very frustrated by 261 00:11:51,819 --> 00:11:55,113 finding that infrastructure and environments and all that kind 262 00:11:55,113 --> 00:11:56,373 of stuff is kind of a bottleneck. 263 00:11:56,373 --> 00:11:58,678 It's kind of a friction point. It's like, well, teams don't 264 00:11:58,678 --> 00:12:00,833 have the environments they need quickly enough, or the 265 00:12:00,833 --> 00:12:03,913 environments are very messy. Or the costs run outta control. 266 00:12:04,528 --> 00:12:06,388 Yeah, or things like expansion is a thing. 267 00:12:06,388 --> 00:12:09,787 So like I find that a lot of companies are looking to expand 268 00:12:09,787 --> 00:12:11,380 geographically and they think we're gonna deploy into all 269 00:12:11,380 --> 00:12:13,138 these different regions. Well, we use cloud so we can 270 00:12:13,138 --> 00:12:15,638 just use that. And then that becomes a big pain 271 00:12:15,638 --> 00:12:18,894 point where it becomes a kind of spaghetti of code managing all 272 00:12:18,894 --> 00:12:21,740 these different environments and different places and stuff isn't 273 00:12:21,740 --> 00:12:24,668 updated consistently, and you end up with more people... 274 00:12:24,668 --> 00:12:27,238 having to hire more people to keep stuff running. 275 00:12:27,682 --> 00:12:30,591 And so it kind of feels like, you know, why didn't cloud help? 276 00:12:31,161 --> 00:12:34,897 You know, why didn't cloud magically make it so we can just 277 00:12:34,897 --> 00:12:36,975 have infrastructure when we need it and how we need it? 278 00:12:37,494 --> 00:12:39,669 And I think, for me, it's just that there is that kind of piece 279 00:12:39,669 --> 00:12:40,999 in between of like, well, how do you assemble? 280 00:12:40,999 --> 00:12:43,728 So I think the cloud vendors have been very clever about 281 00:12:43,728 --> 00:12:46,620 they've worked out what is the undifferentiated stuff, you 282 00:12:46,620 --> 00:12:48,766 know, servers, you know, subnets and. 283 00:12:48,766 --> 00:12:50,746 You know, all these kind of like basic level things. 284 00:12:50,746 --> 00:12:53,965 Like those are the stuff that you can put behind an API and 285 00:12:53,965 --> 00:12:56,878 tell somebody go and, and use this API and it doesn't matter 286 00:12:56,878 --> 00:12:59,559 the people building it, being the cloud vendors don't need to 287 00:12:59,559 --> 00:13:01,774 worry about what you're gonna use it for exactly. 288 00:13:02,605 --> 00:13:04,761 But the stuff on top of that, then, well, how do you put it 289 00:13:04,761 --> 00:13:06,115 together? How do I run my application? 290 00:13:06,115 --> 00:13:09,055 How do I make updates and configuration changes to the 291 00:13:09,055 --> 00:13:11,394 things underneath it? I think this is why we get, you 292 00:13:11,394 --> 00:13:14,121 know, platform engineering is such a big topic and why I think 293 00:13:14,121 --> 00:13:17,386 it's a kind of a recurring theme with new names. 294 00:13:17,509 --> 00:13:21,437 We had DevOps and then we had SRE and then we have platform 295 00:13:21,437 --> 00:13:23,179 engineering and we have developer experience. 296 00:13:23,179 --> 00:13:25,882 And all of these things, I think, are ways of kind of 297 00:13:25,882 --> 00:13:28,935 pointing at, we need to figure out what come, you know, what to 298 00:13:28,935 --> 00:13:31,797 put in between, how to make that, those raw, you know, 299 00:13:31,797 --> 00:13:35,238 primitives that we get from the cloud vendors useful for getting 300 00:13:35,238 --> 00:13:38,684 work done without people having to spend loads and loads of time 301 00:13:38,684 --> 00:13:41,058 rolling things by hand and maintaining it by hand. 302 00:13:41,822 --> 00:13:44,457 So I think it's that gap. And so I, for me, the kind of 303 00:13:44,457 --> 00:13:47,192 key is to think about, well, what are we trying to do as a 304 00:13:47,192 --> 00:13:49,027 business? What, you know, is it again, is 305 00:13:49,027 --> 00:13:51,057 it geographical expansion? Because that means do you have 306 00:13:51,057 --> 00:13:54,142 to think about something? Do we expand by growing, you 307 00:13:54,142 --> 00:13:56,044 know, more infrastructure for each customer? 308 00:13:56,044 --> 00:13:58,404 Do they need dedicated infrastructure depending on the 309 00:13:58,404 --> 00:14:01,202 business model or not? Do we need to think about 310 00:14:01,202 --> 00:14:02,985 consolidation? Is it that we've grown so much 311 00:14:02,985 --> 00:14:05,202 and we have, you know, 50 different Kubernetes clusters 312 00:14:05,202 --> 00:14:07,998 built by different teams in different ways and we need to 313 00:14:07,998 --> 00:14:10,524 think about how do we kinda like, you know, reign that in? 314 00:14:10,869 --> 00:14:13,629 So I think thinking about what those kind of needs are, and 315 00:14:13,629 --> 00:14:15,996 then thinking about what happens, what's the kind of 316 00:14:15,996 --> 00:14:19,089 day-to-day things of like, what is a, you know, a, software team 317 00:14:19,089 --> 00:14:21,466 have to do? How often do they have to build 318 00:14:21,466 --> 00:14:23,856 new services and deploy them versus just making changes to 319 00:14:23,856 --> 00:14:26,109 existing services? How often are they building 320 00:14:26,109 --> 00:14:28,986 entirely new products? And so the, those differences in 321 00:14:28,986 --> 00:14:32,430 what people need to do, then affect how are you gonna design 322 00:14:32,430 --> 00:14:33,672 your infrastructure? Where are you gonna focus? 323 00:14:33,672 --> 00:14:36,342 Are you gonna focus on being able to spin up new environments 324 00:14:36,342 --> 00:14:39,898 for new services very quickly? Or is it more kind of 325 00:14:39,898 --> 00:14:42,581 optimization or other things? Yeah, definitely very 326 00:14:42,581 --> 00:14:44,042 interesting and, makes sense, right? 327 00:14:44,042 --> 00:14:46,794 Because, again, it's kind of like applying engineering 328 00:14:46,794 --> 00:14:49,777 practices such that you can kind of like scale much, much faster, 329 00:14:49,777 --> 00:14:51,445 right? Rather than having to do it 330 00:14:51,445 --> 00:14:54,097 manually one by one or even like error prone, ClickOps, those 331 00:14:54,097 --> 00:14:56,579 kind of stuff, right? So I think definitely makes 332 00:14:56,579 --> 00:14:58,663 sense, right? So investing in automation, you 333 00:14:58,663 --> 00:15:01,816 know, kind of like codifying the infrastructure, definitely is 334 00:15:01,816 --> 00:15:03,877 very, very important for business. 335 00:15:03,937 --> 00:15:06,511 So I was kind of like a little bit laughing when you say that, 336 00:15:06,511 --> 00:15:09,179 how come even though we have cloud now, things are still kind 337 00:15:09,179 --> 00:15:11,947 of like still complex. And I think the trend these 338 00:15:11,947 --> 00:15:13,910 days, like there's so many advancement, you know, maybe 339 00:15:13,910 --> 00:15:17,303 from cloud itself, like it used to be like infrastructure as a 340 00:15:17,303 --> 00:15:19,145 service, right, so like VMs and all that. 341 00:15:19,565 --> 00:15:23,027 Now comes to the cloud native era, like containers, 342 00:15:23,027 --> 00:15:25,828 Kubernetes, serverless. But I feel still complex if you 343 00:15:25,828 --> 00:15:28,364 kind of like wanna build like a more distributed architecture 344 00:15:28,364 --> 00:15:30,820 kind of systems, right? Especially when you have 345 00:15:30,820 --> 00:15:33,648 multiple teams working together. Security, compliance and all 346 00:15:33,648 --> 00:15:36,569 that comes into place. So with all these new 347 00:15:36,569 --> 00:15:39,630 advancement, maybe tell us a little bit more, what kind of 348 00:15:39,630 --> 00:15:41,055 complexities are we dealing with? 349 00:15:41,237 --> 00:15:44,747 It seems like the technology is supposed to make life easier for 350 00:15:44,747 --> 00:15:48,947 us, but how come it's still kind of like challenging for us, even 351 00:15:48,947 --> 00:15:50,672 though we also apply infrastructure as code and 352 00:15:50,672 --> 00:15:53,206 things like that? I think it's in how it's 353 00:15:53,206 --> 00:15:55,180 presented. So if you look at it where I 354 00:15:55,180 --> 00:15:57,676 think it's useful to start when you're kind of looking at the, 355 00:15:57,676 --> 00:15:59,644 in what infrastructure and how to design it, you look at the 356 00:15:59,644 --> 00:16:01,968 workloads you're gonna be running on and how are those 357 00:16:01,968 --> 00:16:04,572 structured and what are their requirements, and so on. 358 00:16:05,212 --> 00:16:08,377 And so I think, what often happens is if you're looking at 359 00:16:08,377 --> 00:16:11,360 that level and like, so one of the kinda ideals, um, that I 360 00:16:11,360 --> 00:16:14,024 think we have as well, and maybe developers can build their own 361 00:16:14,024 --> 00:16:17,256 infrastructure, right? And so this is kind of one of 362 00:16:17,256 --> 00:16:20,083 the motivations behind tools like CDK and Pulumi where it's 363 00:16:20,083 --> 00:16:22,277 like, well, let's give them programming languages that 364 00:16:22,277 --> 00:16:24,756 they're comfortable with to be able to work with 365 00:16:24,756 --> 00:16:27,543 infrastructure. I think where that kind of falls 366 00:16:27,543 --> 00:16:29,971 down is because that the language isn't, I don't think, 367 00:16:29,971 --> 00:16:31,663 really the challenge. It's one of the things that's 368 00:16:31,663 --> 00:16:33,951 maybe a little bit off-putting to see, like you say like YAML 369 00:16:33,951 --> 00:16:35,341 or whatever, or some declarative language. 370 00:16:35,722 --> 00:16:38,197 But I think the really challenging thing is an 371 00:16:38,197 --> 00:16:40,306 understanding, you know, those nuts and bolts of the 372 00:16:40,306 --> 00:16:42,127 infrastructure. I've gotta set up VPC and 373 00:16:42,127 --> 00:16:44,548 subnets network routes and all these kind of things. 374 00:16:44,548 --> 00:16:48,130 And that becomes, you know, figuring out how to put all that 375 00:16:48,130 --> 00:16:50,094 together, even something as simple as an S3 bucket. 376 00:16:50,094 --> 00:16:51,864 There's zillions options on an S3 bucket. 377 00:16:51,864 --> 00:16:53,514 You can configure it completely differently depending on what 378 00:16:53,514 --> 00:16:55,864 you're gonna use it for, right? Are you gonna be storing 379 00:16:55,864 --> 00:16:57,798 sensitive data? Are you gonna be doing analytics 380 00:16:57,798 --> 00:16:59,851 on it? Are you gonna be, is it just 381 00:16:59,851 --> 00:17:01,454 storing static content to serve, you know? 382 00:17:01,454 --> 00:17:03,943 So each of these kinda different use cases you would want to kind 383 00:17:03,943 --> 00:17:05,523 of configure and tune it differently. 384 00:17:05,854 --> 00:17:08,700 You also need to think about how to kind of, the security 385 00:17:08,700 --> 00:17:10,634 policies you should have and governance and so on. 386 00:17:10,634 --> 00:17:12,164 And so there's a lot of complexity. 387 00:17:12,513 --> 00:17:15,165 And so for a developer to have to think about that, it's going 388 00:17:15,165 --> 00:17:17,512 into a lot of detail that maybe you don't wanna have to think 389 00:17:17,512 --> 00:17:20,839 about at that point in time. So I feel like one of the things 390 00:17:20,839 --> 00:17:24,250 that we need to focus on is those kind of interaction modes 391 00:17:24,250 --> 00:17:28,032 or those, say, abstractions. So as a developer, I know I need 392 00:17:28,032 --> 00:17:30,530 an S3 bucket. Probably a few questions you can 393 00:17:30,530 --> 00:17:32,702 answer as to like what am I gonna use it for? 394 00:17:32,732 --> 00:17:36,526 I'm gonna use it to store static files for website hosting. 395 00:17:36,526 --> 00:17:38,806 Okay, that's it. Pretty clear use case. 396 00:17:38,806 --> 00:17:41,940 Once you know that, you can then kind of roll out, okay, here's 397 00:17:41,940 --> 00:17:43,321 what needs to go into the S3 bucket. 398 00:17:43,621 --> 00:17:45,391 Or a few questions about, again, what kind of data? 399 00:17:45,391 --> 00:17:48,429 Is it personalized data, is it regulated data and so on that 400 00:17:48,429 --> 00:17:50,581 might be on there? What are the access patterns? 401 00:17:50,581 --> 00:17:53,653 So I think providing these things, you know, providing 402 00:17:53,653 --> 00:17:56,365 something for developers to be able to just kind of like 403 00:17:56,365 --> 00:17:59,066 specify in terms it makes sense to them and that makes sense to 404 00:17:59,066 --> 00:18:00,803 the use case, you know, and they care about. 405 00:18:01,255 --> 00:18:04,984 And then say, fine, you know, this stuff will be provisioned 406 00:18:04,984 --> 00:18:07,596 for you accordingly. I think that's really useful. 407 00:18:07,726 --> 00:18:10,174 With the caveat by the way that when we talk about abstractions 408 00:18:10,174 --> 00:18:12,797 that can become very dangerous when there's something that hide 409 00:18:12,797 --> 00:18:14,806 or like stop you from accessing it. 410 00:18:14,806 --> 00:18:19,298 So to my mind, it's about kind of headspace or, you know, 411 00:18:19,298 --> 00:18:21,330 cognitive context. So it's like, okay, I'm working 412 00:18:21,330 --> 00:18:23,186 on my application. I care about this level of 413 00:18:23,186 --> 00:18:25,174 stuff. At some point, it might be, 414 00:18:25,174 --> 00:18:27,402 okay, now I'm finding and see the performance isn't what I 415 00:18:27,402 --> 00:18:29,652 need it to be. I need to be able to then go and 416 00:18:29,652 --> 00:18:31,992 look down and drill into that. I need to be able to do that. 417 00:18:31,992 --> 00:18:35,089 So it's not about hiding stuff from people, but just kind of 418 00:18:35,089 --> 00:18:37,323 saying when I need it, I want to be able to get at it. 419 00:18:37,383 --> 00:18:39,717 When I don't need it, I don't want to have to think about it 420 00:18:39,717 --> 00:18:42,804 and spend a lot of time on it. Yeah, thanks for adding that 421 00:18:42,804 --> 00:18:44,626 plug, right, because abstraction can be dangerous. 422 00:18:44,626 --> 00:18:48,469 In my experience last time also, like for example, I, there's a 423 00:18:48,469 --> 00:18:51,249 Kubernetes platform, but we are not exposed to any of the 424 00:18:51,249 --> 00:18:54,640 kubectl, you know, or any kind of a Kubernetes native way of 425 00:18:54,640 --> 00:18:56,400 working. So I think that kinda like 426 00:18:56,400 --> 00:18:59,496 defeats the purpose, right? But I think an abstraction with 427 00:18:59,496 --> 00:19:02,660 some kind of like an opinioned way is something that probably 428 00:19:02,660 --> 00:19:04,722 can help organizations, especially when they grow 429 00:19:04,722 --> 00:19:06,888 larger, right? Because if everyone is doing the 430 00:19:06,888 --> 00:19:09,639 same thing in the different flavors, definitely, it's gonna 431 00:19:09,639 --> 00:19:12,618 be difficult. So you talk a little bit about 432 00:19:12,618 --> 00:19:15,934 the tools itself, right? So obviously when we hear about 433 00:19:15,934 --> 00:19:18,778 infrastructure as code, many people associate, you know, 434 00:19:18,778 --> 00:19:22,258 things like Terraform, maybe now kind of like CDK or Pulumi are 435 00:19:22,258 --> 00:19:24,322 kind of like into the trend as well. 436 00:19:24,592 --> 00:19:27,503 But what do you think are kind of like some of the go-to tools 437 00:19:27,503 --> 00:19:29,993 that people are using these days for infrastructure as code? 438 00:19:30,370 --> 00:19:33,513 And what are the, some of the new inventions in infrastructure 439 00:19:33,513 --> 00:19:34,938 as code that people should know about? 440 00:19:35,102 --> 00:19:35,752 Yeah. Okay. 441 00:19:35,817 --> 00:19:37,077 This is, this is an interesting one, yeah. 442 00:19:37,107 --> 00:19:41,372 So I think Terraform and, for some folks, OpenTofu, are still 443 00:19:41,372 --> 00:19:43,167 often the go-to for a lot of people. 444 00:19:43,663 --> 00:19:45,173 Probably, the one I'm most familiar with. 445 00:19:45,792 --> 00:19:48,116 We look at things like CDK, that's gonna tend to be like 446 00:19:48,116 --> 00:19:49,998 platform specific. So if you're working with AWS, 447 00:19:49,998 --> 00:19:53,060 you might go that way unless you've got kind of skills on the 448 00:19:53,060 --> 00:19:55,371 other tools. I think Pulumi is quite 449 00:19:55,371 --> 00:19:58,520 interesting, not just because of the languages and the fact that 450 00:19:58,520 --> 00:20:00,471 it lets you use different languages to write your 451 00:20:00,471 --> 00:20:04,038 infrastructure code. But I think the kind of tool set 452 00:20:04,038 --> 00:20:07,425 and services that they're creating around it, so things 453 00:20:07,425 --> 00:20:10,547 like ESC for environment management, and some of the 454 00:20:10,547 --> 00:20:12,702 automation things and some of the stuff they're doing with 455 00:20:12,702 --> 00:20:14,939 kind of development portals. That goes back to what I was 456 00:20:14,939 --> 00:20:16,430 saying before about orchestration and I think that's 457 00:20:16,430 --> 00:20:20,038 where a big, that's what we kind of need to work on next, right? 458 00:20:20,038 --> 00:20:23,419 So I think as much as thinking about the specific tool, you 459 00:20:23,419 --> 00:20:25,493 know, that you're gonna be coding in, if you think about 460 00:20:25,493 --> 00:20:27,501 like what I was just saying about abstraction, so how are 461 00:20:27,501 --> 00:20:28,906 you gonna provide that to people, right? 462 00:20:28,906 --> 00:20:32,148 What options do you have? So being able to kind of create 463 00:20:32,148 --> 00:20:34,956 a package, S3 bucket package with the parameters that's 464 00:20:34,956 --> 00:20:38,347 useful or that can be referred to even in code, application 465 00:20:38,347 --> 00:20:40,405 code, I think that's really handy. 466 00:20:40,405 --> 00:20:41,875 And then having the ecosystem around it. 467 00:20:41,875 --> 00:20:44,527 So that's one of the reasons why, and I've, you know, I'm 468 00:20:44,527 --> 00:20:46,438 talking about Pulumi. I talked with those guys a lot 469 00:20:46,438 --> 00:20:48,005 and I'm doing a couple of events with them. 470 00:20:48,005 --> 00:20:51,922 So that's kinda like, I guess, a disclaimer of yeah, I, that 471 00:20:51,922 --> 00:20:54,419 approach is I think quite useful and quite interesting. 472 00:20:55,048 --> 00:20:57,360 And then I think there's some kind of things coming out that 473 00:20:57,360 --> 00:21:00,323 are being worked on as kind of next generation, probably a 474 00:21:00,323 --> 00:21:02,482 post-code. So you have the System 475 00:21:02,482 --> 00:21:06,026 Initiative which is led by Adam Jacob who made Chef and a few 476 00:21:06,026 --> 00:21:09,654 other people. There's a similar ish, you know, 477 00:21:09,654 --> 00:21:13,181 conceptually, some of the folks behind Weaveworks and Kubernetes 478 00:21:13,181 --> 00:21:16,452 itself and Google, have created a startup called ConfigHub, 479 00:21:16,452 --> 00:21:19,536 which I know less details of. The Systems Initiative stuff, I 480 00:21:19,536 --> 00:21:21,919 have had a chance to play with. It's, you know, they've got an 481 00:21:21,919 --> 00:21:23,465 open beta. But essentially, these premise 482 00:21:23,465 --> 00:21:27,581 of these things are like, code is kind of a painful way to work 483 00:21:27,581 --> 00:21:30,791 with, storing it in your Git repositories and all that kind 484 00:21:30,791 --> 00:21:32,623 of stuff. And that kind of, especially 485 00:21:32,623 --> 00:21:35,313 that kind of lag between, okay, you've got what's in your code, 486 00:21:35,313 --> 00:21:38,055 what's the reality, and then these kind of interim things 487 00:21:38,055 --> 00:21:40,918 that you might have state files or you might have, you know, 488 00:21:40,918 --> 00:21:44,027 when you run the tool then it kind of creates a desired state 489 00:21:44,027 --> 00:21:46,507 and does comparison and things can get out of sync. 490 00:21:46,527 --> 00:21:49,727 And so I think the premise of this kind of new generation of 491 00:21:49,727 --> 00:21:53,867 tools is to say, let's look at the model, the data structures 492 00:21:53,867 --> 00:21:57,063 that represent, you know, the real infrastructure and work 493 00:21:57,063 --> 00:21:58,954 with that. It's almost like if you take on, 494 00:21:58,954 --> 00:22:01,155 say a Terraform state file and you say, let's make that live. 495 00:22:01,361 --> 00:22:04,189 Let's make that the thing. And so then you can kind of 496 00:22:04,189 --> 00:22:07,095 update the state file, you know, or compare it with what's in the 497 00:22:07,095 --> 00:22:09,335 reality and decide what you wanna do when they deviate. 498 00:22:09,992 --> 00:22:11,792 And then you can kind of work with it through whatever 499 00:22:11,792 --> 00:22:14,280 interfaces, including code. You can write code that then 500 00:22:14,280 --> 00:22:16,184 updates that model. Visual interfaces. 501 00:22:16,184 --> 00:22:18,812 So certainly, system Initiative there kind of the thing that you 502 00:22:18,812 --> 00:22:20,908 see there is a kind of drag and drop interface. 503 00:22:21,260 --> 00:22:23,327 And then you can write code that reacts so it becomes a little 504 00:22:23,327 --> 00:22:26,538 bit more event driven. And so Adam talks about graph, I 505 00:22:26,538 --> 00:22:29,217 think he said infrastructure as graph, I think he said at one 506 00:22:29,217 --> 00:22:30,636 point. Which is interesting because 507 00:22:30,636 --> 00:22:33,570 it's those relationships between the different elements. 508 00:22:33,970 --> 00:22:35,300 And so I think all that's really cool. 509 00:22:35,390 --> 00:22:37,316 And I think, you know, that can be really powerful. 510 00:22:37,932 --> 00:22:40,177 And it's gonna change completely how we think about, you know, 511 00:22:40,177 --> 00:22:43,588 building these things. I think it still needs to, so in 512 00:22:43,588 --> 00:22:46,526 itself, that still comes down to, well, how am I gonna wire 513 00:22:46,526 --> 00:22:48,690 together all my low level resources of infrastructure into 514 00:22:48,690 --> 00:22:50,654 something useful? And so I think it's really 515 00:22:50,654 --> 00:22:52,814 important still to have, and this is when every time I see 516 00:22:52,814 --> 00:22:55,514 Adam I kind of go on about this, needs to have that kind of, you 517 00:22:55,514 --> 00:23:00,083 know, whether it's a component model or whatever it is, to help 518 00:23:00,083 --> 00:23:03,023 people who understand the guts, you know, the nuts and bolts to 519 00:23:03,023 --> 00:23:05,356 build these kind of components that then somebody else can make 520 00:23:05,356 --> 00:23:06,936 use of. You know, again, the developers 521 00:23:06,936 --> 00:23:09,607 can say, gimme a couple of those and here's the parameters I 522 00:23:09,607 --> 00:23:11,720 want. So I think it's gonna be really 523 00:23:11,720 --> 00:23:13,238 important, it's still gonna be really important to have that. 524 00:23:13,238 --> 00:23:15,608 That's my hobby horse these days is like I think that's what we 525 00:23:15,608 --> 00:23:18,623 really need to focus on. So I haven't heard those two. 526 00:23:18,623 --> 00:23:21,103 So System Initiative and ConfigHub, so definitely people 527 00:23:21,103 --> 00:23:23,989 can check them out. It sounds to me a little bit 528 00:23:23,989 --> 00:23:25,673 more like how the way Kubernetes works as well. 529 00:23:25,673 --> 00:23:27,293 I mean it's kinda like declarative, right? 530 00:23:27,357 --> 00:23:30,060 And you have like, I dunno, like a control loop that keeps on 531 00:23:30,060 --> 00:23:31,907 checking whether the state that isn't... 532 00:23:32,407 --> 00:23:35,317 Yeah, it's quite related to that infrastructure as data thing 533 00:23:35,317 --> 00:23:38,575 where you're using the controller, you know, in 534 00:23:38,575 --> 00:23:41,144 Kubernetes, defining your infrastructure code as like CRDs 535 00:23:41,144 --> 00:23:43,772 and those kind of things, so you can just refer to it. 536 00:23:43,792 --> 00:23:46,543 And I quite like that as a model conceptually of like, because, 537 00:23:46,543 --> 00:23:48,837 again, I can deploy my application and say, oh, my 538 00:23:48,837 --> 00:23:51,314 application by the way, it needs a database instance, it needs 539 00:23:51,314 --> 00:23:53,971 some message queues or whatever. And then the system kinda works 540 00:23:53,971 --> 00:23:55,939 out, okay, now I'll go and provision that for you. 541 00:23:56,412 --> 00:23:57,492 And so I think, yeah, I think you're right. 542 00:23:57,492 --> 00:24:00,169 I think it's a natural kind of next step beyond that really. 543 00:24:00,979 --> 00:24:03,812 So definitely, uh, the next thing to check out, right, for 544 00:24:03,812 --> 00:24:06,028 people who like to... Because I know that infra 545 00:24:06,028 --> 00:24:08,479 people, whenever they hear new tools, they will check it out 546 00:24:08,479 --> 00:24:11,086 and, you know, see how does it work, how cool that is, and 547 00:24:11,086 --> 00:24:13,400 things like that. So speaking about Terraform, 548 00:24:13,400 --> 00:24:15,624 right? So I think still it's the 549 00:24:15,624 --> 00:24:18,367 biggest, you know, majority people still use kinda like 550 00:24:18,367 --> 00:24:21,293 Terraform and now we have OpenTofu as well, and they kind 551 00:24:21,293 --> 00:24:24,924 of like diverge, I think has been a while since the fork and 552 00:24:24,924 --> 00:24:28,510 the diverge of the version. So what is your take here, for 553 00:24:28,510 --> 00:24:31,916 people who are, I dunno, still using Terraform mainly, right? 554 00:24:31,916 --> 00:24:34,626 So should they stick with Terraform or should they change 555 00:24:34,626 --> 00:24:36,176 to OpenTofu? What is your view? 556 00:24:36,706 --> 00:24:37,946 Yeah, I think it's an interesting one. 557 00:24:37,976 --> 00:24:42,428 I mean, I can certainly see a case for sticking to Terraform, 558 00:24:42,428 --> 00:24:45,131 particularly, if that's if you're in that kind of ecosystem 559 00:24:45,131 --> 00:24:46,846 with the HashiCorp tools and so on. 560 00:24:47,684 --> 00:24:50,966 You know, the licensing change was a bit unsettling for a lot 561 00:24:50,966 --> 00:24:53,255 folks and working out like, what does this mean for me? 562 00:24:53,866 --> 00:24:57,324 I think one of my concerns with the licensing change was that it 563 00:24:57,324 --> 00:25:00,540 would impact, so even if you as a user, so this was as a 564 00:25:00,540 --> 00:25:03,002 consultant like I was concerned with, okay, what does this mean 565 00:25:03,002 --> 00:25:05,519 for my clients? Well, most of my clients aren't 566 00:25:05,519 --> 00:25:06,869 affected because they're essentially end users. 567 00:25:06,869 --> 00:25:10,323 They're not building like a service to provide kind of 568 00:25:10,323 --> 00:25:11,967 Terraform hosting. So those kind of TACOS servers 569 00:25:11,967 --> 00:25:14,155 and those kind of things are the one really that I think, 570 00:25:14,155 --> 00:25:18,694 licensing changes were aimed at. But I think it has an indirect 571 00:25:18,694 --> 00:25:22,098 impact of, or, you know, my concern is, well, what's the 572 00:25:22,098 --> 00:25:25,200 ecosystem of tools look like as a end user still? 573 00:25:25,530 --> 00:25:28,006 It's like am I gonna have the ecosystem of tools available to 574 00:25:28,006 --> 00:25:32,573 me or are they, those vendors gonna be maybe not providing as 575 00:25:32,573 --> 00:25:36,108 much support for Terraform because of the potential cost or 576 00:25:36,108 --> 00:25:38,028 liability or whatever they may have from that? 577 00:25:38,753 --> 00:25:43,671 So I think OpenTofu, I'm still, I'm not kind of up on exactly 578 00:25:43,671 --> 00:25:45,769 where OpenTofu is at in terms of adoption. 579 00:25:45,769 --> 00:25:49,193 Like how widely is it used? It's supported by most of the 580 00:25:49,193 --> 00:25:52,343 vendors of these kind third party tools that were originally 581 00:25:52,343 --> 00:25:55,143 kinda the Terraform ecosystem and have kind of, as you say, 582 00:25:55,143 --> 00:25:57,336 they've kind of diverged, they've kind of forked, not just 583 00:25:57,336 --> 00:26:00,323 the, core tool, but like the ecosystem is potentially, you 584 00:26:00,323 --> 00:26:01,983 know, forking and diverging there. 585 00:26:02,299 --> 00:26:05,221 So I think there's a lot of vendors and people and, you 586 00:26:05,221 --> 00:26:07,805 know, an ecosystem there that is behind it. 587 00:26:08,214 --> 00:26:09,834 And so I think it's quite promising from that. 588 00:26:10,081 --> 00:26:12,942 I would kind of like say it's something to experiment with and 589 00:26:12,942 --> 00:26:14,449 look at and see how well it suits you. 590 00:26:14,449 --> 00:26:17,279 It'll be interesting to see how it, how it does diverge, right? 591 00:26:17,279 --> 00:26:19,379 Because I think one of the kind of, I think there was a little 592 00:26:19,379 --> 00:26:22,160 bit of mixed messaging from the OpenTofu folks originally 593 00:26:22,160 --> 00:26:25,817 around, well, is it gonna be kind of like a drop in 594 00:26:25,817 --> 00:26:28,751 replacement for Terraform. But I think, inevitably, what's 595 00:26:28,751 --> 00:26:32,149 happened is like, well there's a desire for new features, for 596 00:26:32,149 --> 00:26:34,541 maybe features that Terraform wasn't gonna support. 597 00:26:34,601 --> 00:26:36,665 Things around kind of encrypting secrets where it's like they 598 00:26:36,665 --> 00:26:39,334 want you to use the hosted platform and so they OpenTofu 599 00:26:39,334 --> 00:26:41,458 folks are like, well, we'll just build it into the client. 600 00:26:41,548 --> 00:26:43,532 So there's a lot of things like that where it is gonna start to 601 00:26:43,532 --> 00:26:46,124 diverge more and more. And HashiCorp as well I think 602 00:26:46,124 --> 00:26:49,279 are building a lot of features into Terraform that integrate 603 00:26:49,279 --> 00:26:51,729 with, you know, their cloud platform. 604 00:26:51,729 --> 00:26:53,829 They really want you to be using the cloud platform, so things 605 00:26:53,829 --> 00:26:57,653 like Terraform Stacks and so on. And so this is, I, you know, I, 606 00:26:57,653 --> 00:26:59,881 I think people are gonna have to pick a horse. 607 00:26:59,983 --> 00:27:01,811 Originally there was kinda this idea, hopefully, we can just 608 00:27:01,811 --> 00:27:03,873 kind of like use OpenTofu or switch back and forth or 609 00:27:03,873 --> 00:27:05,865 whatever we need to do. And it'll all be compatible. 610 00:27:06,105 --> 00:27:08,620 But I think I don't think that's gonna, you know, it can't do 611 00:27:08,620 --> 00:27:10,834 that in the long run. And really that's gonna be the, 612 00:27:10,834 --> 00:27:13,782 I think, the compelling thing for the Open Tofu users is gonna 613 00:27:13,782 --> 00:27:16,506 be the things that they can offer for maybe more, um, 614 00:27:16,506 --> 00:27:18,985 inexpensively or what have you than they could get from 615 00:27:18,985 --> 00:27:20,427 Terraform. Yeah. 616 00:27:20,427 --> 00:27:22,197 So definitely something to watch out, right? 617 00:27:22,197 --> 00:27:25,092 So over the time, so I'm still using Terraform by the way as 618 00:27:25,092 --> 00:27:27,192 well. So am I, for most of my either 619 00:27:27,192 --> 00:27:29,634 small projects that use it mostly, and whatever my clients 620 00:27:29,634 --> 00:27:32,066 use. And most of my clients are still 621 00:27:32,066 --> 00:27:34,833 more Terraform, the CDK. I can't think of having certain, 622 00:27:34,833 --> 00:27:37,093 I haven't worked in a project where it's OpenTofu. 623 00:27:37,113 --> 00:27:38,631 Not yet. Yeah. 624 00:27:38,631 --> 00:27:41,484 So one thing you mentioned just now as well is about the 625 00:27:41,484 --> 00:27:43,191 orchestration or kinda like deployment, right? 626 00:27:43,191 --> 00:27:45,681 So like applying the infrastructure changes, right? 627 00:27:46,011 --> 00:27:49,421 So definitely the trend that you picked is kind of like 628 00:27:49,421 --> 00:27:52,362 orchestration tools and things like that, maybe in a way that 629 00:27:52,362 --> 00:27:55,919 applying like CI/CD pipeline or kind of like GitOps model for 630 00:27:55,919 --> 00:27:59,301 applying infrastructure changes. So what trend do you see around 631 00:27:59,301 --> 00:28:01,166 this? So, because I think many people 632 00:28:01,166 --> 00:28:02,471 still in different maturity, right? 633 00:28:02,471 --> 00:28:05,321 Some kind of like just applying it from their local. 634 00:28:05,321 --> 00:28:08,429 Some apply it in a CI/CD pipeline or maybe some other 635 00:28:08,429 --> 00:28:10,097 things. So what do you think people 636 00:28:10,097 --> 00:28:12,399 should do if they wanna start IAC the right way? 637 00:28:13,218 --> 00:28:16,654 Yeah, I think it's important. So I think one of the things 638 00:28:16,654 --> 00:28:19,539 that's useful to kinda distinguish is the actual 639 00:28:19,539 --> 00:28:21,815 deployment. So I think a lot of the tools 640 00:28:21,815 --> 00:28:23,715 that are out there that like we're gonna help, you know, 641 00:28:23,715 --> 00:28:25,651 deploy your infrastructure code and all that kind of thing, they 642 00:28:25,651 --> 00:28:29,213 tend to be very focused on just the deployment part and maybe 643 00:28:29,213 --> 00:28:32,156 directly running a plan and then a deploy or those kind of 644 00:28:32,156 --> 00:28:33,908 things, which I think is useful and important. 645 00:28:33,908 --> 00:28:36,194 So the GitOps thing or the infrastructure as data or what 646 00:28:36,194 --> 00:28:39,110 have you, where there's like the code and then your tool is 647 00:28:39,110 --> 00:28:42,502 making a, you know, the control loop kind of make sure that, you 648 00:28:42,502 --> 00:28:44,774 know, drift happens and is, or drift is corrected right away. 649 00:28:45,461 --> 00:28:47,151 So that's one part of the equation. 650 00:28:47,516 --> 00:28:50,076 And then I think the other part is, well, how do you get, how do 651 00:28:50,076 --> 00:28:52,703 you deliver changes to your infrastructure code across 652 00:28:52,703 --> 00:28:55,264 environments where you have, whether those are environments 653 00:28:55,264 --> 00:28:58,861 to test software, testing and QA environments, and staging and so 654 00:28:58,861 --> 00:29:00,706 on. Or the environment you use to 655 00:29:00,706 --> 00:29:03,448 test the infrastructure code itself before you put it out to 656 00:29:03,448 --> 00:29:06,028 developers. So I think it's something I 657 00:29:06,028 --> 00:29:08,856 think that we've struggled with in the infrastructure industry 658 00:29:08,856 --> 00:29:11,968 and infrastructure as code kind of field, is how to make that 659 00:29:11,968 --> 00:29:15,767 work nicely so that we don't end up with essentially separate 660 00:29:15,767 --> 00:29:19,457 copies of infrastructure code for each environment and kind of 661 00:29:19,457 --> 00:29:22,912 copying and pasting changes from one, say one repository to 662 00:29:22,912 --> 00:29:24,317 another. Or even merging branches. 663 00:29:24,317 --> 00:29:26,771 Often, you know, it becomes messy. 664 00:29:27,490 --> 00:29:30,533 So I think that's the part that's still a little bit tricky 665 00:29:30,533 --> 00:29:34,031 in that, you know, again, some of those kind of tools out there 666 00:29:34,031 --> 00:29:36,507 that do the orchestration, you know, in promoting across 667 00:29:36,507 --> 00:29:38,983 environments, some of those are addressing that and providing 668 00:29:38,983 --> 00:29:41,602 different ways to do that. But I think it's still very much 669 00:29:41,602 --> 00:29:44,402 in flux in kind of like this, there's not like an established, 670 00:29:44,402 --> 00:29:47,488 okay, this is the one right way to do it, the pattern that most 671 00:29:47,488 --> 00:29:49,965 people agree on. And so I think that's where 672 00:29:49,965 --> 00:29:51,930 things tend to get and, you know, most of the clients I've 673 00:29:51,930 --> 00:29:53,043 worked with, that's where things are messy. 674 00:29:54,951 --> 00:29:57,393 Yeah, so I could imagine like these kind of things definitely 675 00:29:57,393 --> 00:30:00,754 is kind of like the details of implementation that differs 676 00:30:00,754 --> 00:30:04,357 across organization, right? So some people like to, I dunno, 677 00:30:04,357 --> 00:30:07,607 create modules that can be reusable, but you know, like 678 00:30:07,607 --> 00:30:09,407 modules itself has to evolve, right? 679 00:30:09,557 --> 00:30:11,087 Especially if you make some changes. 680 00:30:11,237 --> 00:30:13,900 And then how do you backport it to existing infrastructure and 681 00:30:13,900 --> 00:30:16,076 things like that. So that's always kind of like 682 00:30:16,076 --> 00:30:17,987 difficult. And writing tests, right, for 683 00:30:17,987 --> 00:30:21,077 infrastructure as code. I'm not sure how many people do 684 00:30:21,077 --> 00:30:22,982 that diligently. Because like there will be 685 00:30:22,982 --> 00:30:25,682 resources that gets created or maybe if you use some kind of, I 686 00:30:25,682 --> 00:30:27,680 don't know, like mock things like that, maybe that could 687 00:30:27,680 --> 00:30:29,464 happen. But ideally, it also never 688 00:30:29,464 --> 00:30:32,815 tested in the real world, right? So I think definitely these kind 689 00:30:32,815 --> 00:30:34,989 of things tends to be the challenge for people. 690 00:30:35,442 --> 00:30:37,452 And you mentioned about platform engineering, right? 691 00:30:37,452 --> 00:30:40,643 So I think these days everyone is talking about platform 692 00:30:40,643 --> 00:30:42,403 engineering. What is platform engineering in 693 00:30:42,403 --> 00:30:44,815 your view? Because I think this term, kind 694 00:30:44,815 --> 00:30:47,623 of like DevOps and all that, right, being used 695 00:30:47,623 --> 00:30:50,934 interchangeably to describe certain things, especially from 696 00:30:50,934 --> 00:30:53,398 vendors, right? So maybe in your view, what is 697 00:30:53,398 --> 00:30:54,714 platform engineering? Yeah. 698 00:30:54,909 --> 00:30:59,662 I think for me, it's about providing the things that 699 00:30:59,662 --> 00:31:03,145 software teams and developers, and also people who do support 700 00:31:03,145 --> 00:31:06,118 operations of software. What do they need in order to 701 00:31:06,118 --> 00:31:08,169 get their jobs done? And particularly... 702 00:31:08,169 --> 00:31:12,008 So it's A, it's about making their, you know, easier for 703 00:31:12,008 --> 00:31:14,486 them, empowering them. And this is where we go back to 704 00:31:14,486 --> 00:31:15,830 like we were talking earlier about abstraction. 705 00:31:16,293 --> 00:31:18,520 Because, you know, one of the things a platform can do when it 706 00:31:18,520 --> 00:31:20,888 goes wrong is disempowering and making it difficult for people 707 00:31:20,888 --> 00:31:23,264 to get their job done. So it really is about empowering 708 00:31:23,264 --> 00:31:26,455 as a number one thing. And then there's also that thing 709 00:31:26,455 --> 00:31:29,155 of kind of sharing implementations and resources. 710 00:31:29,155 --> 00:31:31,731 So like, not every team needs to build their own monitoring tool 711 00:31:31,731 --> 00:31:33,769 set. Not every team needs to kind of 712 00:31:33,769 --> 00:31:35,732 build their own databases from the kinda low level. 713 00:31:36,185 --> 00:31:38,925 What can we share? And all this has to be like in a 714 00:31:38,925 --> 00:31:40,495 way that is useful and helpful, you know. 715 00:31:40,495 --> 00:31:42,643 So it's not like, well, you're not allowed to use a different 716 00:31:42,643 --> 00:31:44,563 tool because we are providing this tool, even though it 717 00:31:44,563 --> 00:31:47,323 doesn't do what you want and the way that you need it to work and 718 00:31:47,323 --> 00:31:49,525 so on like that. It is about what's truly 719 00:31:49,525 --> 00:31:51,555 helpful. And I think that's the reason 720 00:31:51,555 --> 00:31:54,345 why platform engineering is such a big topic and there's so much 721 00:31:54,345 --> 00:31:55,591 out there about it, 'cause it's hard. 722 00:31:55,831 --> 00:31:58,651 It's hard to do that well. I mean, it's so easy to fall 723 00:31:58,651 --> 00:32:01,537 into traps or I think one of the big traps is you try to do too 724 00:32:01,537 --> 00:32:02,817 much, right? So you wanna, I'm gonna provide 725 00:32:02,817 --> 00:32:05,462 this platform that will do all things for our developers, and 726 00:32:05,462 --> 00:32:07,407 it's, you know, it's too ambitious. 727 00:32:07,857 --> 00:32:10,809 And so you end up not, you know, building a small piece, small 728 00:32:10,809 --> 00:32:13,337 piece and not having enough, and then people turn elsewhere. 729 00:32:13,809 --> 00:32:15,739 Or you're just, you know, it's too restrictive and people can't 730 00:32:15,739 --> 00:32:18,703 get what they need done. And so like there's a lot of 731 00:32:18,703 --> 00:32:20,264 kind of traps, I think, from that. 732 00:32:20,264 --> 00:32:24,544 So to me, the way to kind of succeed at it is to think about 733 00:32:24,544 --> 00:32:28,861 it in terms of how to enable other people to build, say, 734 00:32:28,861 --> 00:32:30,763 platform services. So rather than saying one team 735 00:32:30,763 --> 00:32:32,983 needs to build all the services, it's like, well, if different 736 00:32:32,983 --> 00:32:35,599 teams or the database team that's an expert on that, and 737 00:32:35,599 --> 00:32:38,535 another monitoring team that's focused on that, how can they 738 00:32:38,535 --> 00:32:41,421 build stuff and how can we provide them with the things to 739 00:32:41,421 --> 00:32:44,266 kind of easily connect those things together nicely and to 740 00:32:44,266 --> 00:32:47,471 kind of manage the things that, again, those teams don't 741 00:32:47,471 --> 00:32:49,142 necessarily need to build everything from scratch 742 00:32:49,142 --> 00:32:50,477 themselves. Like what do they need? 743 00:32:51,046 --> 00:32:52,843 And so I think that's the interesting challenge. 744 00:32:53,827 --> 00:32:55,927 Yeah, and especially the underlying platform itself 745 00:32:55,927 --> 00:32:58,165 evolve, right? So let's say if you use cloud as 746 00:32:58,165 --> 00:33:00,217 the basis, right? So the cloud itself also change. 747 00:33:00,277 --> 00:33:02,707 New features, new changes, new deprecation. 748 00:33:03,067 --> 00:33:05,639 So definitely supporting those things are kind of like 749 00:33:05,639 --> 00:33:08,844 difficult as well. And I think when you mention 750 00:33:08,844 --> 00:33:10,499 about building platform engineering, right? 751 00:33:10,499 --> 00:33:13,387 So some people kind of like also associate this with like 752 00:33:13,387 --> 00:33:15,629 internal developer platform or something like that. 753 00:33:16,032 --> 00:33:18,955 So the idea is kind of like build tools and, you know, 754 00:33:18,955 --> 00:33:21,304 services and platforms such that other people can use it. 755 00:33:21,334 --> 00:33:24,334 Maybe in the team topologies is like enabling team, platform 756 00:33:24,334 --> 00:33:28,520 team as well in a sense, right? So have you ever seen, you know, 757 00:33:28,520 --> 00:33:31,560 success stories of people building such team and 758 00:33:31,560 --> 00:33:34,340 capability? And if so, what do you think are 759 00:33:34,340 --> 00:33:36,342 the key recipes for them to succeed? 760 00:33:36,536 --> 00:33:39,948 Yeah, I think, I mean, I have, and I think, I think the key 761 00:33:39,948 --> 00:33:42,351 things are really focusing on the user. 762 00:33:42,351 --> 00:33:45,702 So this is where the kind of platform as product comes into 763 00:33:45,702 --> 00:33:47,980 play. So again, pitfall is, okay, I'm 764 00:33:47,980 --> 00:33:50,814 gonna build this platform or this component of a platform, 765 00:33:50,814 --> 00:33:52,985 whatever, and I'm gonna just go away and build it cause I know 766 00:33:52,985 --> 00:33:54,235 what it, what it should be, right? 767 00:33:54,235 --> 00:33:56,738 So I'm gonna go and build the Kubernetes cluster to rule all 768 00:33:56,738 --> 00:33:59,378 the Kubernetes clusters, and I'm gonna go away and build that. 769 00:34:00,022 --> 00:34:03,588 But I think it's important to really have that understanding 770 00:34:03,588 --> 00:34:06,306 of how are the teams using it and what are they using it for, 771 00:34:06,306 --> 00:34:07,926 and what are their journeys and what's common. 772 00:34:08,286 --> 00:34:10,896 So you see oftentimes people will optimize for things that 773 00:34:10,896 --> 00:34:13,518 don't happen all that often. So you'll see like, okay, we're 774 00:34:13,518 --> 00:34:15,485 gonna make this way so that it's easy. 775 00:34:15,485 --> 00:34:18,710 We're gonna have like a, just to create a new application, right? 776 00:34:18,710 --> 00:34:22,161 A new server application. And so we're gonna have the, you 777 00:34:22,161 --> 00:34:24,433 know, the template project. You can go to your developer 778 00:34:24,433 --> 00:34:26,925 portal and click a button and you get a new repository created 779 00:34:26,925 --> 00:34:30,116 in a new pipeline and all that. And then, you know, you look at 780 00:34:30,116 --> 00:34:32,264 it and you go and talk to the teams and it's like, yeah, we do 781 00:34:32,264 --> 00:34:36,016 that maybe twice a year. But we have these other things 782 00:34:36,016 --> 00:34:38,225 that are painful for us and like, you know, and so it's, 783 00:34:38,225 --> 00:34:40,248 okay, let's look at what's painful for the teams and what 784 00:34:40,248 --> 00:34:42,904 they're doing very often and try to solve that. 785 00:34:42,904 --> 00:34:44,750 And so I think the teams that are most successful in doing the 786 00:34:44,750 --> 00:34:46,964 kind of platform, you know, developer platform or whatever 787 00:34:46,964 --> 00:34:50,378 you call it, wanna call it, is that just that really kind of 788 00:34:50,378 --> 00:34:52,666 close relationships with the software teams, the development 789 00:34:52,666 --> 00:34:54,145 teams. Often they're, these stuff comes 790 00:34:54,145 --> 00:34:56,321 outta the development teams. So they might be embedded with 791 00:34:56,321 --> 00:34:58,645 the development teams and working on stuff that is a, just 792 00:34:58,645 --> 00:35:01,133 that team is using. And then over time, okay, here's 793 00:35:01,133 --> 00:35:03,293 something that maybe can get another team needs. 794 00:35:03,687 --> 00:35:06,275 And so you kind of evolve it. It's reusability rather than 795 00:35:06,275 --> 00:35:09,649 trying to start out by here's a, you know, a feature that we're 796 00:35:09,649 --> 00:35:11,434 gonna provide, a platform service that we're gonna provide 797 00:35:11,434 --> 00:35:14,290 on demand and easy click, which is a, again, a very ambitious 798 00:35:14,290 --> 00:35:16,180 thing to build. And actually, their first 799 00:35:16,180 --> 00:35:18,621 iteration is just, well, here's some documents and outlines of 800 00:35:18,621 --> 00:35:21,544 how to build it so that you know, like, okay, how do I use 801 00:35:21,544 --> 00:35:23,529 RDS to create my database, right? 802 00:35:23,529 --> 00:35:27,242 We don't have to necessarily create a wrapper around the RDS 803 00:35:27,242 --> 00:35:29,955 service, you know, as a platform service, but we can just kinda 804 00:35:29,955 --> 00:35:32,491 say, here's how to do it and here's some example code maybe 805 00:35:32,491 --> 00:35:35,439 that you can use and modify. That's kind of the first step. 806 00:35:35,709 --> 00:35:39,218 And so I think thinking about, you know, those progressions and 807 00:35:39,218 --> 00:35:42,564 evolution of maturity of a service and how kind of more 808 00:35:42,564 --> 00:35:46,351 polished you can make it as it gets adopted and used more and 809 00:35:46,351 --> 00:35:49,249 you've learned more about how teams are using it. 810 00:35:49,459 --> 00:35:51,596 I think that's important. Yeah. 811 00:35:51,596 --> 00:35:53,846 So thanks for mentioning, you know, platform as a product 812 00:35:53,846 --> 00:35:57,318 definitely is kind of like the way, the go-to way to build 813 00:35:57,318 --> 00:36:00,258 proper platform, right? And yeah, and the other message 814 00:36:00,258 --> 00:36:02,814 is about, you know, don't be that ambitious, right? 815 00:36:02,814 --> 00:36:05,757 So sometimes, we, you know, we engineer likes to build, you 816 00:36:05,757 --> 00:36:08,512 know, gold plated solutions. You know, one click everything 817 00:36:08,512 --> 00:36:10,041 automated. It's that classic incremental, 818 00:36:10,041 --> 00:36:12,451 iterative delivery. It's hard to do with 819 00:36:12,451 --> 00:36:15,019 infrastructure and platform services because like, even if 820 00:36:15,019 --> 00:36:17,117 you take a simple application and you look at, okay, what's 821 00:36:17,117 --> 00:36:20,169 the vertical slice of platform and infrastructure you need for 822 00:36:20,169 --> 00:36:21,787 that? It tends to be, you know, it's 823 00:36:21,787 --> 00:36:24,007 like an iceberg, right? You need to build a lot of stuff 824 00:36:24,007 --> 00:36:27,393 just to get there. So I'll often do things like 825 00:36:27,393 --> 00:36:29,993 starting with... like monitoring is one of my favorite examples. 826 00:36:29,993 --> 00:36:32,704 It's like, okay, you know, we're starting out and like we wanna 827 00:36:32,704 --> 00:36:34,699 use Prometheus. But like building a Prometheus 828 00:36:34,699 --> 00:36:37,356 cluster and all that kind of stuff is gonna take, you know, a 829 00:36:37,356 --> 00:36:39,345 lot of work. So we might just start with 830 00:36:39,345 --> 00:36:41,563 CloudWatch or whatever we can get out of the box. 831 00:36:41,833 --> 00:36:44,791 And yes, it's not as nice to use, but it'll get us up and 832 00:36:44,791 --> 00:36:46,323 running quickly. And the software team, the 833 00:36:46,323 --> 00:36:47,433 development team can start working. 834 00:36:47,553 --> 00:36:50,343 And then over time, as we get to it, we put that on our backlog. 835 00:36:50,523 --> 00:36:52,734 And we're gonna reach a point where it's like, okay, now we 836 00:36:52,734 --> 00:36:54,716 really need to do the fuller featured, you know, Prometheus 837 00:36:54,716 --> 00:36:57,335 or whatever it may be at that time, might even change, because 838 00:36:57,335 --> 00:36:59,940 we're starting to hit the limits of what we can do. 839 00:37:00,613 --> 00:37:03,039 So yeah, but it's hard. It's really hard and really 840 00:37:03,039 --> 00:37:04,594 challenging to identify that thin slice. 841 00:37:04,594 --> 00:37:07,138 And then, yeah, as you say, to resist that temptation of like, 842 00:37:07,138 --> 00:37:10,174 man, you know, I really wanna mess with Prometheus. 843 00:37:10,414 --> 00:37:13,259 Wanna learn how to set it. Sure, I can do it. 844 00:37:13,379 --> 00:37:15,843 At least, in my weekend. Yeah. 845 00:37:15,843 --> 00:37:17,433 Resume-driven development, right? 846 00:37:17,433 --> 00:37:20,103 So speaking about application, right? 847 00:37:20,103 --> 00:37:23,013 So I think this is also one key consideration, right? 848 00:37:23,013 --> 00:37:26,141 So when you build a team, right, do you have infrastructure 849 00:37:26,141 --> 00:37:29,509 engineer also together as part of the team building the kind of 850 00:37:29,509 --> 00:37:31,674 like infrastructure as code together with the software 851 00:37:31,674 --> 00:37:34,509 features and things like that? Or do you have a separate team? 852 00:37:34,865 --> 00:37:37,615 And do you actually run the CI/CD pipeline together, 853 00:37:37,615 --> 00:37:40,265 application and infra, or are they different pipelines? 854 00:37:40,295 --> 00:37:43,207 So maybe these are some opinions that, uh, we can learn from you 855 00:37:43,207 --> 00:37:45,925 as well. Yeah, but I think the answer is 856 00:37:45,925 --> 00:37:48,497 that it varies, it depends, maybe where the organization is, 857 00:37:48,497 --> 00:37:51,871 the size of the team and what they are doing and the kind of 858 00:37:51,871 --> 00:37:54,381 maturity. So I would say, in the early 859 00:37:54,381 --> 00:37:57,027 days, for smaller, um, organizations, it makes sense to 860 00:37:57,027 --> 00:37:59,636 have them combined, right? So having, if you have like one 861 00:37:59,636 --> 00:38:02,023 development team working on, you know, a handful two pizza team 862 00:38:02,023 --> 00:38:05,188 or whatever you wanna call it. So one team working on the 863 00:38:05,188 --> 00:38:08,225 software development. Having a separate team building 864 00:38:08,225 --> 00:38:10,575 infrastructure might not be the right approach. 865 00:38:10,817 --> 00:38:13,341 Because they're not developing, they shouldn't be developing a 866 00:38:13,341 --> 00:38:15,532 reusable platform that is gonna serve the needs of a lot, and, 867 00:38:15,532 --> 00:38:18,046 you just need, what's the minimum infrastructure we need 868 00:38:18,046 --> 00:38:21,841 for this application right now? Build it in a way that you can 869 00:38:21,841 --> 00:38:24,031 evolve it, um, and replace it and swap things out. 870 00:38:24,031 --> 00:38:26,791 So, you know, use good design and good implementation. 871 00:38:26,791 --> 00:38:29,926 And so this is where, yeah, pipelines and automated tests I 872 00:38:29,926 --> 00:38:33,521 think have really helped to kind of make it easier later on as 873 00:38:33,521 --> 00:38:37,069 that starts to kind of like, okay, now we've got three teams, 874 00:38:37,069 --> 00:38:38,761 four teams, five teams developing things. 875 00:38:38,761 --> 00:38:41,942 And becomes, you know, you can't really kind of replicate 876 00:38:41,942 --> 00:38:43,910 infrastructure specialists across all of those teams. 877 00:38:43,910 --> 00:38:47,135 And also think about how to, you know, how can we be sharing 878 00:38:47,135 --> 00:38:49,469 knowledge and expertise across those teams better and so on. 879 00:38:49,649 --> 00:38:52,147 So that's where you say, okay, maybe let's kinda split some of 880 00:38:52,147 --> 00:38:55,435 those into another team. And there, again, I think it's 881 00:38:55,435 --> 00:38:57,281 really important to think about what's the interaction model 882 00:38:57,281 --> 00:38:59,005 there. So even with the smaller 883 00:38:59,005 --> 00:39:00,755 organizations, we have a few teams. 884 00:39:01,209 --> 00:39:04,737 I think still, you know, high, you have opportunity to do high 885 00:39:04,777 --> 00:39:07,916 communication kind of stuff. And so I think the best models 886 00:39:07,916 --> 00:39:10,768 are ones where when you look at like what is the development 887 00:39:10,768 --> 00:39:13,521 team trying to get done? How can they just kind of get on 888 00:39:13,521 --> 00:39:16,083 with it and not have to then wait for somebody else or put 889 00:39:16,083 --> 00:39:18,561 things in somebody else's backlog or what have you? 890 00:39:18,911 --> 00:39:20,665 And so you look at, you know, you're just looking for those 891 00:39:20,665 --> 00:39:22,026 things. Okay, what are we doing a lot of 892 00:39:22,026 --> 00:39:23,185 now? What are we having to wait a lot 893 00:39:23,185 --> 00:39:25,309 of now? How can we make that easier for 894 00:39:25,309 --> 00:39:27,992 people to manage themselves? And so I think that's where you 895 00:39:27,992 --> 00:39:30,236 start getting more into the kind of more sophisticated things of, 896 00:39:30,236 --> 00:39:32,798 right, we're gonna have something that's a little bit 897 00:39:32,798 --> 00:39:35,435 more self-service for these tasks, or we're gonna start 898 00:39:35,435 --> 00:39:37,904 making more tasks self-service again, as it gets bigger. 899 00:39:37,904 --> 00:39:41,248 It's like, you know, more things get folded into that. 900 00:39:41,788 --> 00:39:45,057 And where that, you know, going back to what I was saying before 901 00:39:45,057 --> 00:39:47,762 on platform teams they should be doing, again, it isn't 902 00:39:47,762 --> 00:39:49,988 necessarily that one team is building all these things. 903 00:39:50,408 --> 00:39:52,508 But it's like, okay, so what is that motive? 904 00:39:52,508 --> 00:39:55,238 How does a developer specify my application needs this? 905 00:39:55,837 --> 00:39:58,902 And so you'll see like, teams might be using a, you know, a 906 00:39:58,902 --> 00:40:01,831 platform or framework, something like Kratix or Humanitec or what 907 00:40:01,831 --> 00:40:05,660 have you, where it's like, okay, these are kind of ways to let 908 00:40:05,660 --> 00:40:08,725 different teams build platform services and share them in 909 00:40:08,725 --> 00:40:10,397 interaction. Or they might be doing something 910 00:40:10,397 --> 00:40:11,717 in-house a little bit more simply... 911 00:40:12,317 --> 00:40:14,027 Like the pipelines, I think it's interesting. 912 00:40:14,727 --> 00:40:17,567 I think, as an application goes through its pipeline, it's 913 00:40:17,567 --> 00:40:21,228 useful for it to be able to trigger the actions that it 914 00:40:21,228 --> 00:40:22,803 needs in terms of infrastructure. 915 00:40:22,828 --> 00:40:25,313 And so particularly where you wanna get to as, you know, as 916 00:40:25,313 --> 00:40:28,427 you have a lot going on, is it's like you wouldn't necessarily 917 00:40:28,427 --> 00:40:30,973 wanna be kind of sharing environments or having static 918 00:40:30,973 --> 00:40:32,803 environments. You might wanna be able to kinda 919 00:40:32,803 --> 00:40:34,732 spin up infrastructure, a minimum set of infrastructure to 920 00:40:34,732 --> 00:40:36,538 test what I need to test at this point. 921 00:40:36,893 --> 00:40:40,181 And so having a way of triggering that from the 922 00:40:40,181 --> 00:40:43,251 pipeline, saying my application needs this, can you, you know, 923 00:40:43,251 --> 00:40:45,885 and it gets provisioned, that I think becomes useful. 924 00:40:45,885 --> 00:40:51,007 And so where I kind of, to my mind, a good kind of mature way 925 00:40:51,007 --> 00:40:53,717 of working in pipelines for this is the components, the 926 00:40:53,717 --> 00:40:55,745 infrastructure components have their pipeline and you treat it 927 00:40:55,745 --> 00:40:59,033 almost like a library or a tool or what have you, where is, 928 00:40:59,033 --> 00:41:02,179 okay, here's the component that builds, you know, my S3 bucket 929 00:41:02,179 --> 00:41:03,279 that I keep talking about, right? 930 00:41:03,307 --> 00:41:04,499 So here's the component for that. 931 00:41:04,861 --> 00:41:06,472 Bring a couple of different components for different types 932 00:41:06,472 --> 00:41:08,131 of S3 buckets doing different things. 933 00:41:08,853 --> 00:41:11,650 And so you have a pipeline that as that infrastructure code, 934 00:41:11,650 --> 00:41:14,310 test it, try, you know, in different scenarios and then 935 00:41:14,310 --> 00:41:18,090 kind of stamps it and puts it into a repository within the 936 00:41:18,090 --> 00:41:21,259 application, teams then can pull it, you know, into their 937 00:41:21,259 --> 00:41:22,975 applications or into their pipelines and so on. 938 00:41:22,975 --> 00:41:25,867 So they then have the ability to kind of provision their own 939 00:41:25,867 --> 00:41:28,951 infrastructure, not be held up. But you also have another, one 940 00:41:28,951 --> 00:41:32,053 of the big concerns that often comes up around all this, these 941 00:41:32,053 --> 00:41:34,769 things is governance. You don't want your, all of your 942 00:41:34,769 --> 00:41:36,478 development teams kind of building their own S3 buckets 943 00:41:36,478 --> 00:41:39,414 because they might do it wrong. They might forget to set the 944 00:41:39,414 --> 00:41:42,479 encryption option or what have you, or just not do it in the 945 00:41:42,479 --> 00:41:44,361 best way. And so saying, okay, we're gonna 946 00:41:44,361 --> 00:41:46,442 have an expert team provide something that, you know, has 947 00:41:46,442 --> 00:41:48,762 the stamp, it has passed the kind of, you know. 948 00:41:48,762 --> 00:41:51,798 And then we have, we can validate and show to, um, 949 00:41:51,798 --> 00:41:54,334 compliance, you know, regulators and auditors, if we need to. 950 00:41:54,816 --> 00:41:56,947 That's quite powerful. Yeah. 951 00:41:56,947 --> 00:41:59,675 I think it's also a good segue. You brought up the topics about 952 00:41:59,675 --> 00:42:01,700 governance, right? So definitely, an extension of 953 00:42:01,700 --> 00:42:03,989 infrastructure as code. So many people talk about, you 954 00:42:03,989 --> 00:42:05,321 know, shifting left, you know, security. 955 00:42:05,321 --> 00:42:08,049 Right now, people talk about policy as code, compliance as 956 00:42:08,049 --> 00:42:10,121 code, everything becoming a code now. 957 00:42:10,491 --> 00:42:12,748 Governance is definitely very hard and challenging, right? 958 00:42:12,748 --> 00:42:15,618 There are so many things that we could change and that there's so 959 00:42:15,618 --> 00:42:19,113 many things that are insecure and maybe less in terms of 960 00:42:19,113 --> 00:42:21,575 compliance, in terms of organization policies, right? 961 00:42:21,845 --> 00:42:24,557 So what is the approach here that you would advise people in 962 00:42:24,557 --> 00:42:28,355 terms of creating infrastructure but still kind of like govern 963 00:42:28,355 --> 00:42:31,377 and compliant to the standards that organizations have? 964 00:42:31,626 --> 00:42:34,481 Yeah, I think there's a couple of places where that can fit in. 965 00:42:34,878 --> 00:42:37,249 And so like, one of it, as I say, if you have components that 966 00:42:37,249 --> 00:42:40,008 are reusable and you can have kind of tests on that and 967 00:42:40,008 --> 00:42:42,098 validation that like, yes, it passes these things. 968 00:42:42,416 --> 00:42:45,656 That's a good point. Tests that can be run in, in the 969 00:42:45,656 --> 00:42:48,038 application pipelines as changes are going through, again, making 970 00:42:48,038 --> 00:42:50,784 sure, you know, nothing can happen that shouldn't happen. 971 00:42:51,075 --> 00:42:53,466 Things are in place. Also recording changes who made 972 00:42:53,466 --> 00:42:56,341 changes and all those kind of things can be really useful 973 00:42:56,341 --> 00:42:58,429 there. I think you also have the things 974 00:42:58,429 --> 00:43:00,802 that you build into your kind of infrastructure at runtime or, 975 00:43:00,802 --> 00:43:02,879 you know, whether it's monitoring or other kind of 976 00:43:02,879 --> 00:43:05,561 mechanisms that can detect something's been deployed. 977 00:43:05,681 --> 00:43:07,491 Hey, you know, I'm able to access a port. 978 00:43:07,491 --> 00:43:09,741 I shouldn't access what's going on there, right, raise a flag. 979 00:43:10,031 --> 00:43:12,741 I think there's those kind of different layers of protections 980 00:43:12,741 --> 00:43:15,297 and so on. I think a key thing is like, for 981 00:43:15,297 --> 00:43:17,919 the people, so the, you know, the experts, say your security 982 00:43:17,919 --> 00:43:20,201 experts, your governance experts and so on. 983 00:43:20,411 --> 00:43:23,161 Even people in other kind of areas of expertise like 984 00:43:23,161 --> 00:43:26,878 performance and so on. I think a lot of, you know, 985 00:43:26,878 --> 00:43:30,250 still to this day for a lot of people, their way of exercising 986 00:43:30,250 --> 00:43:33,970 their governance, the control and all that, is still based on 987 00:43:33,970 --> 00:43:36,754 kind of manual inspection and gatekeeping of changes. 988 00:43:37,599 --> 00:43:41,872 And I think the kind of the trick for these people is to 989 00:43:41,872 --> 00:43:43,970 understand how to use the automation tools. 990 00:43:44,278 --> 00:43:46,239 Again, you know, the, should I say policy as code? 991 00:43:46,239 --> 00:43:47,929 How do you kind of write policy checks? 992 00:43:48,179 --> 00:43:50,571 How do you make sure that those are implemented and that those 993 00:43:50,571 --> 00:43:53,492 are acting as gates in pipelines and production deployments and 994 00:43:53,492 --> 00:43:56,829 where else they need to? So how do you make sure that the 995 00:43:56,829 --> 00:43:59,391 right things are in place and to make sure that they're running 996 00:43:59,391 --> 00:44:02,367 so that you don't need to inspect every change to make 997 00:44:02,367 --> 00:44:04,605 sure it's compliant and you have the kind of confidence? 998 00:44:04,875 --> 00:44:07,551 And I think, you know, these things get you to the point 999 00:44:07,551 --> 00:44:10,974 where it's like you actually have more control and more, you 1000 00:44:10,974 --> 00:44:14,012 know, it's much more rigorous, the old ways. 1001 00:44:14,012 --> 00:44:16,756 And I still hear, I heard just the other week, an organization 1002 00:44:16,756 --> 00:44:19,190 where the people were saying, well, we can't automate this 1003 00:44:19,190 --> 00:44:22,382 task because it's too sensitive. It's too compliance and stuff. 1004 00:44:22,382 --> 00:44:24,082 It's... We can't trust the 1005 00:44:24,082 --> 00:44:26,102 automatedness. Like, you, you trust humans 1006 00:44:26,102 --> 00:44:30,610 instead, you know? So yeah, I think it's just that 1007 00:44:30,610 --> 00:44:33,664 mindset thing of just like, you know, this stuff can make for 1008 00:44:33,664 --> 00:44:35,826 much more. It's actually, it is interesting 1009 00:44:35,826 --> 00:44:38,971 thing because it's kind of flips that trade off rather than 1010 00:44:38,971 --> 00:44:41,786 saying, well, you know, we're gonna go slow and carefully 1011 00:44:41,786 --> 00:44:44,765 inspect everything and that's how we're gonna get good 1012 00:44:44,765 --> 00:44:46,479 governance. Or else if we get rid governance 1013 00:44:46,479 --> 00:44:48,748 so we can go, you know, in order to go fast we have to get rid of 1014 00:44:48,748 --> 00:44:49,743 governance, we have to loosen up on it. 1015 00:44:50,033 --> 00:44:52,659 Actually, you can have both, because the automation can run 1016 00:44:52,659 --> 00:44:54,429 very fast. It can run on every change, tell 1017 00:44:54,429 --> 00:44:56,606 you much more quickly if something is wrong, tell you 1018 00:44:56,606 --> 00:44:59,093 much more quickly where things have gone wrong. 1019 00:44:59,093 --> 00:45:03,013 So it's easier to kind of fix. And so it can be more rigorous 1020 00:45:03,013 --> 00:45:05,291 and faster. And I think that's the kind of 1021 00:45:05,291 --> 00:45:08,130 secret sauce that people need to, you know, need to realize is 1022 00:45:08,130 --> 00:45:09,981 an advantage rather than something to be scared of. 1023 00:45:10,704 --> 00:45:13,824 Yeah, and I think this space also kind of like advances quite 1024 00:45:13,824 --> 00:45:15,939 rapidly, right? So security, compliance and all 1025 00:45:15,939 --> 00:45:18,060 that. And I know there are a lot of 1026 00:45:18,060 --> 00:45:19,768 tools that can do even automated scanning, right? 1027 00:45:19,768 --> 00:45:21,688 So sometimes when you wanna govern, right? 1028 00:45:21,688 --> 00:45:23,848 It doesn't necessarily mean you have to do it like a gate 1029 00:45:23,848 --> 00:45:26,053 keeping check, you know, like check whether this can go 1030 00:45:26,053 --> 00:45:28,669 through or not. Sometimes you can detect kind of 1031 00:45:28,669 --> 00:45:32,356 like drift to your policy or maybe violations to some rules 1032 00:45:32,356 --> 00:45:35,497 or compliant things, right? And you kind of like detect and 1033 00:45:35,497 --> 00:45:37,897 raise that to the team. I think that can also work 1034 00:45:37,897 --> 00:45:40,136 sometimes, right? Because all I find, you know, 1035 00:45:40,136 --> 00:45:43,276 with engineers these days, there are so many things that people 1036 00:45:43,276 --> 00:45:46,411 need to understand and know, and it is very, very challenging to 1037 00:45:46,411 --> 00:45:49,060 understand everything, right? So I think having these kind of 1038 00:45:49,060 --> 00:45:51,661 tools that gives you the signals, the clues will 1039 00:45:51,661 --> 00:45:54,688 definitely be helpful. So I was kind of like laughing 1040 00:45:54,688 --> 00:45:57,225 as well when you mentioned like, those people trust human 1041 00:45:57,225 --> 00:45:59,431 instead. These days there's an AI 1042 00:45:59,431 --> 00:46:02,342 element, right? So what about AI in 1043 00:46:02,342 --> 00:46:05,505 infrastructure as code space? So what do you see the trends 1044 00:46:05,505 --> 00:46:07,726 coming? There's interesting stuff. 1045 00:46:07,726 --> 00:46:11,444 I mean there's a whole category of how you can use it in 1046 00:46:11,444 --> 00:46:12,912 operations side, in troubleshooting and monitoring 1047 00:46:12,912 --> 00:46:14,739 and all that, which I think is very interesting. 1048 00:46:15,129 --> 00:46:17,379 But for the actual kind of building of infrastructure and 1049 00:46:17,379 --> 00:46:19,029 automating it, I think there's a couple of angles. 1050 00:46:19,029 --> 00:46:24,927 So one is, so I think the code assistance, like as we have with 1051 00:46:24,927 --> 00:46:27,668 regular programming, um, being able to have something whereas 1052 00:46:27,668 --> 00:46:31,029 you are working in a code is kind of advising you doing auto 1053 00:46:31,029 --> 00:46:34,941 complete and coming up with solutions to things, can be 1054 00:46:34,941 --> 00:46:37,866 helpful with all the caveats that covers software development 1055 00:46:37,866 --> 00:46:39,881 there. It's like, you know, I don't 1056 00:46:39,881 --> 00:46:41,771 think you wanna vibe code your infrastructure. 1057 00:46:41,831 --> 00:46:45,451 Um, I think you wanna, you know, you want to, you need to 1058 00:46:45,451 --> 00:46:46,431 understand what's going on there. 1059 00:46:46,431 --> 00:46:48,079 Yeah, you can have something that generates some code, but 1060 00:46:48,079 --> 00:46:50,101 you like, you really need to understand what it's doing. 1061 00:46:50,923 --> 00:46:53,079 And so I think it comes back to what I was, you know, again, 1062 00:46:53,079 --> 00:46:55,321 what I was saying earlier around, like there's that 1063 00:46:55,321 --> 00:46:58,972 knowledge thing. And so I think if you're using 1064 00:46:58,972 --> 00:47:02,596 AI to kind of create infrastructure for you or even 1065 00:47:02,596 --> 00:47:06,091 create infrastructure code for you, you still, you know, having 1066 00:47:06,091 --> 00:47:09,300 that knowledge, you know, it's important to get the levels 1067 00:47:09,300 --> 00:47:11,425 right. And so I think there probably 1068 00:47:11,425 --> 00:47:13,285 still is. So there's a couple of things. 1069 00:47:13,315 --> 00:47:16,809 So one thing I've seen people experimenting with is using kind 1070 00:47:16,809 --> 00:47:19,786 of chat bots to say like, okay, provision me that S3 bucket, and 1071 00:47:19,806 --> 00:47:23,133 then it provisions it for you. And I think that the challenges 1072 00:47:23,133 --> 00:47:25,980 there are the same things we have with, you know, goes back 1073 00:47:25,980 --> 00:47:27,753 in infrastructure. And so I was, I was looking at 1074 00:47:27,753 --> 00:47:30,002 this and tools that do these kind of things, and now is... 1075 00:47:30,002 --> 00:47:32,860 I went back to the book, right, already like the, you know, 1076 00:47:32,860 --> 00:47:35,072 third edition just came out. But I wanna like, double check 1077 00:47:35,072 --> 00:47:37,352 like the things that I said in the early chapters of the book 1078 00:47:37,352 --> 00:47:40,087 where I talk about principles. I was like, oh, I have to 1079 00:47:40,087 --> 00:47:42,423 rethink these in the light of how you might be using AI in 1080 00:47:42,423 --> 00:47:44,239 these, right? Part of it actually hold up. 1081 00:47:44,239 --> 00:47:46,473 Those early level, you know, the core principles are things like 1082 00:47:46,473 --> 00:47:50,013 you need to make sure that you can do things repeatedly, you'll 1083 00:47:50,013 --> 00:47:52,299 have consistency in, you know, across environments. 1084 00:47:53,086 --> 00:47:55,663 And that there's transparency so you can understand what's going 1085 00:47:55,663 --> 00:47:58,265 on. And so this is where I'm kinda 1086 00:47:58,265 --> 00:48:01,152 less keen on something that is like, make me an S3 bucket and 1087 00:48:01,152 --> 00:48:02,912 it does it, and then the S3 bucket is there. 1088 00:48:02,912 --> 00:48:05,847 Like you know, I wanna see how it's done and I also wanna know 1089 00:48:05,847 --> 00:48:06,967 that, like, it could be repeated. 1090 00:48:06,967 --> 00:48:09,037 So, okay, I have my S3 bucket in my dev environment. 1091 00:48:09,037 --> 00:48:11,017 Now I'm gonna wanna put it in the QA environment, the staging 1092 00:48:11,017 --> 00:48:13,757 environment and production. I don't want it to kind of come 1093 00:48:13,757 --> 00:48:16,065 out differently every time because, even with the same 1094 00:48:16,065 --> 00:48:17,800 prompt. Even if you're reusing the 1095 00:48:17,800 --> 00:48:19,358 prompt and promoting your prompt, 'cause you could do 1096 00:48:19,358 --> 00:48:20,800 that, right? Put a prompt in the code and 1097 00:48:20,800 --> 00:48:22,828 then, you know, mark down file or whatever, and promote that. 1098 00:48:23,338 --> 00:48:26,308 It can still do different things in those different environments. 1099 00:48:26,638 --> 00:48:29,830 And so I think there's something about, my kind of like picture 1100 00:48:29,830 --> 00:48:33,398 of how I see it being used in this, as a part of this, is kind 1101 00:48:33,398 --> 00:48:36,217 of similar to what you might be doing with like a developer 1102 00:48:36,217 --> 00:48:38,449 portal or with these things that I've mentioned. 1103 00:48:38,449 --> 00:48:40,697 Let's say you have like a descriptor as an application 1104 00:48:40,697 --> 00:48:43,918 developer that says, I need a secure S3 bucket that I'm gonna 1105 00:48:43,918 --> 00:48:47,038 store, you know, personal data in and do analysis on. 1106 00:48:47,466 --> 00:48:49,866 And so it's that level of like, okay, what do I care about? 1107 00:48:50,136 --> 00:48:53,016 And then something that then, okay, I'm gonna provide that. 1108 00:48:53,106 --> 00:48:54,699 And so that thing is a repeatable thing. 1109 00:48:54,699 --> 00:48:57,156 So you built a component, maybe you used an AI assistant to help 1110 00:48:57,156 --> 00:49:00,549 you to kind of write the code or whatever it is that is a 1111 00:49:00,549 --> 00:49:02,394 component that will create the S3 bucket. 1112 00:49:02,394 --> 00:49:06,223 But every time that that is executed to create a, you know, 1113 00:49:06,223 --> 00:49:10,042 an instance of that bucket, it's done in a deterministic way. 1114 00:49:10,072 --> 00:49:12,634 So I know in every environment it'll build it the same way and 1115 00:49:12,634 --> 00:49:14,923 the same options. And then for the person using 1116 00:49:14,923 --> 00:49:17,423 it, it might be, say a developer, it's like it might 1117 00:49:17,423 --> 00:49:18,593 give them the kind of coaching things. 1118 00:49:18,593 --> 00:49:20,683 It might say, hey, I noticed you're using, you know, I'm 1119 00:49:20,683 --> 00:49:23,293 looking at your, you know, I'm an assistant that knows you 1120 00:49:23,293 --> 00:49:25,673 application code base, and I see that you're storing something. 1121 00:49:25,973 --> 00:49:27,353 Maybe you should use an S3 bucket. 1122 00:49:27,353 --> 00:49:29,767 Or maybe there's a different storage thing, you know, option 1123 00:49:29,767 --> 00:49:32,065 that you should consider. And here's the library of things 1124 00:49:32,065 --> 00:49:34,542 that have been kind of provided, you know, to help you pick 1125 00:49:34,542 --> 00:49:35,964 between those and understand how to use them. 1126 00:49:36,609 --> 00:49:40,114 But still having that kind of different layers of abstraction, 1127 00:49:40,114 --> 00:49:42,607 I dunno if that's quite the right thing, but that interface, 1128 00:49:42,607 --> 00:49:45,497 right, and, you know, all that. So I think it's exciting, right? 1129 00:49:45,497 --> 00:49:47,661 I don't think stuff is there, like even for the coding 1130 00:49:47,661 --> 00:49:50,697 assistants, most of the, the a, you know, the AI coding 1131 00:49:50,697 --> 00:49:53,193 assistants for that work with application code aren't great. 1132 00:49:54,296 --> 00:49:57,513 Yeah, so I, I have that experience as well. 1133 00:49:57,513 --> 00:50:01,082 So even though I use Terraform, which I assume like many open 1134 00:50:01,082 --> 00:50:03,156 source projects are having Terraform code, right? 1135 00:50:03,179 --> 00:50:05,944 Still kind of like doesn't perform as good as programming 1136 00:50:05,944 --> 00:50:09,166 languages like typical JavaScript or Java and all that. 1137 00:50:09,586 --> 00:50:13,304 So I think there's a like gap in terms of using coding assistant. 1138 00:50:13,334 --> 00:50:16,138 And I don't know whether we can even vibe code infrastructure as 1139 00:50:16,138 --> 00:50:20,942 code, you know, like just, you know, ask AI to keep on creating 1140 00:50:20,942 --> 00:50:23,865 resources, you know, spin up, spin down and all that, right? 1141 00:50:23,865 --> 00:50:25,215 Because also, there's a risk, right? 1142 00:50:25,215 --> 00:50:28,809 If it's misconfigured and if you have data loss, I think it's a 1143 00:50:28,809 --> 00:50:30,926 big challenge for the organization. 1144 00:50:31,256 --> 00:50:34,975 So apart from coding assistant, probably people use it for, I 1145 00:50:34,975 --> 00:50:37,909 don't know, like you mentioned, monitoring, support and all 1146 00:50:37,909 --> 00:50:39,508 that. Are these tools advanced enough 1147 00:50:39,508 --> 00:50:42,405 now that you can actually use it to kind of like troubleshoot, 1148 00:50:42,405 --> 00:50:44,905 figure out the root cause analysis and things like that? 1149 00:50:45,832 --> 00:50:47,198 I think it could be helpful for sure. 1150 00:50:47,644 --> 00:50:50,182 And it's, as with anything with this stuff, it's around the 1151 00:50:50,182 --> 00:50:52,750 data, you know, make sure it has the data available and then 1152 00:50:52,750 --> 00:50:55,242 getting the kind of prompts right and the queries right. 1153 00:50:55,837 --> 00:50:59,234 But yeah, I know, and it's a skill also like again with you 1154 00:50:59,234 --> 00:51:00,604 have to learn how to use it well. 1155 00:51:01,202 --> 00:51:02,752 But yeah, I definitely see people using it. 1156 00:51:02,752 --> 00:51:05,710 And we've got people in ThoughtWorks in our demo group, 1157 00:51:05,710 --> 00:51:08,929 which is about operations, where they're working on some kind of 1158 00:51:08,929 --> 00:51:11,788 an agent based system that pulls this stuff together and they're 1159 00:51:11,788 --> 00:51:15,775 like, you know, even having stuff where it might be able to 1160 00:51:15,775 --> 00:51:18,239 generate like a pull request to correct an issue and all of 1161 00:51:18,239 --> 00:51:20,018 that. I don't know how, I'm not as 1162 00:51:20,018 --> 00:51:22,490 close enough to say I, you know, is that how much of that's being 1163 00:51:22,490 --> 00:51:25,204 used in anger and all of that. But I, you know, I definitely 1164 00:51:25,204 --> 00:51:27,398 know it's being used for things like, again, those kinda logs 1165 00:51:27,398 --> 00:51:29,959 and metrics and all that and, you know, to answer questions. 1166 00:51:30,493 --> 00:51:32,828 It's, you know, human in the loop, still. 1167 00:51:33,740 --> 00:51:36,150 Yeah, so definitely always involve humans still. 1168 00:51:36,510 --> 00:51:39,654 So Kief, we have talked a lot about the new stuff in 1169 00:51:39,654 --> 00:51:41,892 infrastructure as code. Is there anything that left out 1170 00:51:41,892 --> 00:51:44,070 maybe that you think we should cover as well? 1171 00:51:44,724 --> 00:51:47,529 Um, I think we've covered a lot. I'm sure there is, but I think 1172 00:51:47,529 --> 00:51:49,489 we've covered all of the cool stuff. 1173 00:51:50,040 --> 00:51:51,870 Right. So I have one last question for 1174 00:51:51,870 --> 00:51:53,400 you. I think if you still remember 1175 00:51:53,400 --> 00:51:55,380 back then, I asked you this same question, right? 1176 00:51:55,380 --> 00:51:57,570 I call this the three technical leadership wisdom. 1177 00:51:57,810 --> 00:52:00,000 So maybe if you can think of it just like an advice that you 1178 00:52:00,000 --> 00:52:02,491 wanna give to the listeners. What kind of three tech lead 1179 00:52:02,491 --> 00:52:04,203 wisdom that you wanna share for us today? 1180 00:52:04,617 --> 00:52:05,007 Yeah. Okay. 1181 00:52:05,007 --> 00:52:07,100 I don't know if I, I don't know if I have it as like three 1182 00:52:07,100 --> 00:52:08,668 items, but I think it's kind of a broad thing. 1183 00:52:08,668 --> 00:52:13,738 So one of the things I've found as I kind of change and grow in, 1184 00:52:13,738 --> 00:52:16,420 in my career and roles and how I relate to. 1185 00:52:16,420 --> 00:52:18,420 So like, you know, first, there's that like becoming a 1186 00:52:18,420 --> 00:52:21,020 team leader and then there's becoming maybe somebody who's 1187 00:52:21,020 --> 00:52:22,990 managing multiple teams, managing team leaders. 1188 00:52:23,290 --> 00:52:25,612 A lot of what I'm doing these days is kind of advisory to 1189 00:52:25,612 --> 00:52:27,606 teams. So I'm in teams in a very senior 1190 00:52:27,606 --> 00:52:30,480 role and as a kind of a leadership role, but I'm not 1191 00:52:30,480 --> 00:52:32,600 necessarily in that kind of line of command. 1192 00:52:33,290 --> 00:52:38,916 I think it's really important to think about what your role is 1193 00:52:38,916 --> 00:52:41,966 now in the, and, you know, what is it that you need to be doing? 1194 00:52:42,313 --> 00:52:43,633 Because it is very different, right? 1195 00:52:43,633 --> 00:52:46,249 It's very different that that first step of going to being a, 1196 00:52:46,249 --> 00:52:48,769 a team lead, a tech team lead, is now very different because 1197 00:52:48,769 --> 00:52:50,814 it's not up to you to code all the things. 1198 00:52:50,814 --> 00:52:52,886 You want other people to do that, and you wanna get outta 1199 00:52:52,886 --> 00:52:54,368 their way from that. And that's always the hard 1200 00:52:54,368 --> 00:52:56,682 thing, right? How to get out of the way of the 1201 00:52:56,682 --> 00:52:58,905 things that you're comfortable doing that you see people doing 1202 00:52:58,905 --> 00:53:01,369 and maybe they're not doing right or they're not doing in 1203 00:53:01,369 --> 00:53:02,883 the way that you would want or whatever. 1204 00:53:03,273 --> 00:53:04,848 And how do you kind of step back from that? 1205 00:53:04,907 --> 00:53:07,705 That's a thing. And then as you get into the, 1206 00:53:07,705 --> 00:53:09,846 where you're managing people who are themselves, team leads, 1207 00:53:09,846 --> 00:53:12,433 again, that becomes different. And the things that you're doing 1208 00:53:12,433 --> 00:53:15,131 as a team lead of like, you're caring about the quality of the 1209 00:53:15,131 --> 00:53:17,123 code and you're coaching your developers on that. 1210 00:53:17,475 --> 00:53:19,732 As you move up, it's like, okay, I'm doing less of that now, 1211 00:53:19,732 --> 00:53:21,165 right? And I'm, you know, I'm more 1212 00:53:21,165 --> 00:53:23,374 focused on, you know, maybe again, it's that kind of 1213 00:53:23,374 --> 00:53:24,967 business. You know, what is it, you know, 1214 00:53:24,967 --> 00:53:26,471 we're looking for in terms of kinda business problems that 1215 00:53:26,471 --> 00:53:28,442 we're having to solve? How do we go about doing that? 1216 00:53:28,442 --> 00:53:30,062 How do we coordinate across teams? 1217 00:53:30,542 --> 00:53:33,360 That becomes a thing. When you're in kinda an advisory 1218 00:53:33,360 --> 00:53:35,942 role like me, it's a little bit like I'm stepping aside and I'm 1219 00:53:35,942 --> 00:53:38,977 kind of noticing things and noticing, okay, this is the 1220 00:53:38,977 --> 00:53:40,916 thing. And it varies by situation a 1221 00:53:40,916 --> 00:53:43,147 lot, right? Okay, this team needs my help 1222 00:53:43,147 --> 00:53:45,715 for these aspects. Oh, and then now another team 1223 00:53:45,715 --> 00:53:48,080 I'm with, they've actually got those aspects down pretty good. 1224 00:53:48,080 --> 00:53:50,639 Like so, you know, maybe it's making the technology decisions 1225 00:53:50,639 --> 00:53:52,968 or the architecture decisions and designing the overall 1226 00:53:52,968 --> 00:53:54,567 solution. You know, maybe one team needs 1227 00:53:54,567 --> 00:53:56,559 more guidance on that because they have less experience with 1228 00:53:56,559 --> 00:53:58,526 that. And now I'm with a team where 1229 00:53:58,526 --> 00:54:00,987 they're, they've got that down, but it's like, well, there's a 1230 00:54:00,987 --> 00:54:03,134 lot of challenges with stakeholders and so I need to 1231 00:54:03,134 --> 00:54:05,479 kind of work on, okay, how do we communicate to the stakeholders 1232 00:54:05,479 --> 00:54:07,732 what's going on and how do we kind of bridge that? 1233 00:54:08,002 --> 00:54:11,521 So I think it's kind of like one answer that I think encompasses, 1234 00:54:11,521 --> 00:54:14,879 there are different things in there of like letting go of what 1235 00:54:14,879 --> 00:54:18,108 you used to be doing and being attuned to what, what's needed 1236 00:54:18,108 --> 00:54:21,376 now, and where you can, where you can bring your kind of 1237 00:54:21,376 --> 00:54:23,021 strengths and experiences into the mix. 1238 00:54:23,952 --> 00:54:26,070 Wow! Thank you for such a great 1239 00:54:26,070 --> 00:54:28,975 elaboration of this, uh, you know, intermixed, I would say 1240 00:54:28,975 --> 00:54:30,982 intermixed kind of attributes that you need as a leaders. 1241 00:54:31,042 --> 00:54:32,492 So I think that's really important. 1242 00:54:32,942 --> 00:54:36,356 So Kief, if people would like to contact you, ask you about the 1243 00:54:36,356 --> 00:54:38,849 books, or maybe ask you follow up questions, is there a place 1244 00:54:38,849 --> 00:54:43,571 where they can reach out to you? Yeah, so, um, I've got my 1245 00:54:43,571 --> 00:54:45,101 website infrastructure-as-code.com with 1246 00:54:45,101 --> 00:54:48,514 the dashes in between the words. And there's like kind of contact 1247 00:54:48,514 --> 00:54:51,240 stuff on there. Probably LinkedIn is the main 1248 00:54:51,240 --> 00:54:55,155 social that I'm on these days. And so yeah, you can kind of 1249 00:54:55,155 --> 00:54:57,442 ping me there. I'm occasionally on Bluesky and 1250 00:54:57,442 --> 00:55:00,457 stuff, but not as active. Um, I tend to be more in Slacks 1251 00:55:00,457 --> 00:55:02,909 these days, more kind of community, you know, technical 1252 00:55:02,909 --> 00:55:06,648 community Slacks seems to be in as some of the big social media 1253 00:55:06,648 --> 00:55:10,612 sites that I used to do a lot, I've kind of pulled back from. 1254 00:55:11,031 --> 00:55:13,291 So now it seems to be more the, the smaller communities, which 1255 00:55:13,311 --> 00:55:16,348 is an interesting phenomenon, but a topic for another day 1256 00:55:16,348 --> 00:55:18,897 maybe. Right. 1257 00:55:19,107 --> 00:55:21,807 So always a pleasure, uh, learning from you, the new stuff 1258 00:55:21,807 --> 00:55:24,563 about infrastructure as code. I think you are like one of the 1259 00:55:24,563 --> 00:55:27,002 forefront in this area. So definitely thanks for this 1260 00:55:27,002 --> 00:55:28,922 conversation and yeah, goodbye for now. 1261 00:55:29,161 --> 00:55:29,996 Okay. Thanks a lot. 1262 00:55:29,996 --> 00:55:30,536 Appreciate it.