In our tech world, the idea of “open” has changed a lot in the past few years. Instead of it meaning “open to everyone,” the classic notion of “open source,” now it more means “open to everyone except our competitors.”
Running a high growth business on open source is difficult; you’re giving up on the easiest, most obvious thing to get paid for: the software itself. You can do an open core model where you are selling closed source software that uses/wrap around/ships with/improves/etc. the open source software. You can do the Red Hat thing where you sell support for your compiled open source project (and, I think, some closed-ish source “stuff” around it as well - this has become very confusing). But there’s not too much else. You have to come up with some excuse to charge people money for the free software. Or, the open source software can be part of an overall strategy that drives other revenue: the old razors and razor blades thing.
Once public cloud became mainstream, another model emerged: get paid to run and optimize the open source software. Run your Linux servers in the cloud, run your Postgres and Big Data stuff in the cloud, run your Spring Cloud stuff in the cloud, etc. This model works great for open source: the seller and the buyer get all of the benefits of open source and the seller can actually make money.
The problem is that running a public cloud is expensive. Paying for all that infrastructure is expensive, and paying for the people who keep it up and running is expensive. So if each vendor wants to do it, they’re kind of stuck. They need to enter a new kind of business, being a managed service provider…a public cloud. Many have figured out this out as evidenced by the many SaaSes that are out there. I think most of them just use one of the public clouds and run their stuff on-top of it.
However, you then get into the problem of those public clouds wanting your business. Because you have open source, they could do exactly what you’re doing: sell operating the open source project. One of the first cases of this was Amazon running Elastic search. And there’ve been more, and there will likely be more. If there’s enough demand for running an open source project, the public cloud providers see an easy business model. And compared to their resources, the public cloud companies likely are better positioned.
To prevent this, many open source projects have tinkered with their licensing to basically say “this is totally open, except if you’re Amazon, Azure, or Google Cloud. But totally open and free for other people to use.” There’s all sorts of ways of enforcing this: it’s just fine-print shit, so who cares to catalog it?
Recently, Red Hat did this move as well, except it doesn’t really seem to be about public cloud providers. It was more focused on the classic problem of distributed open source projects, here, Linux. There were several “cloners” who would take the Red Hat Enterprise Linux source code, build it, and then sell it as a cheaper RHEL. Red Hat found a loop-hole (though, you only call it a loop hold if you don’t like it, otherwise, you just call “the license terms”) that would allow them to prevent their competitors from easily getting the source code. A close reading of the GPL license they use says that you only have to give the source code to customers, not everyone. So, Red Hat can decide that its competitors can not be customers, and, therefore, can not get the source code. Well, you can imagine the likes of Oracle, SUSE, and the others quickly figured out some tricks to get around that…sort of mooting the whole move by Red Hat?
There’s another type of “open” that’s long been morphing. In the 2000s, the people building the web were very interested in open formats: XML, JSON…things that were basically plain text that you could read. They were also interested in fully open and free to use APIs for everything. Famously, Instagram used this openness to help build its social network. You’d create an Instagram account and you could use the Twitter API to suck in all your friends there. Over thousands and thousands of people, this means Instagram can start to duplicate all of the social networks inside Twitter, for “free.” Twitter no longer allows this, and few other social networks do as well.
And, most recently, Twitter has been just shutting down free API access.
In the post-Twitter world, there’s a lot of talking about ActivityPub (the open protocol used by Mastodon) and whatever alternate thing Bluesky uses. While ActivityPub works for Mastodon - and, like, is Mastodon - so far all the promises of open APIs in the mega post-Twitter Twitters has been just that: talk. Perhaps they’ll come out! When they do, we’ll need to see just how open and flexible they are. Could you write a complete clone of the Threads app with full functionality?
And, of course, Reddit also messed with its free APIs locking out alternate clients.
Most recently, Facebook opened its LLM framework, but if I heard right, only for people that have less than 700,000 active monthly users. This means people like IBM could take it and sell it to even their largest customers: JP Morgan Chase, for example, has “only” around 300,000 employees, which is, [checks math] much less than 700,000. (Well, OK, except for use by every solider in the US military, etc., and you’d have to slice up the US government “customer” into agencies and groups of agencies.) But, tp the public cloud companies and Facebook, it’s much more closed than open.
And when I use ChatGPT, the URL includes the phrase “OpenAI.” But…that’s not the type of “open” I knew in the 2000s. Here, I think “open” more means “has an API that you can pay to use.”
My sense, then, is that the nature of “open” is changing. There is much resisting from us old guard people, but you can start to see the Planck Principle playing out, perhaps not in a morbid way but more in “how much energy do I have left to give a shit” way:
A new scientific truth does not triumph by convincing its opponents and making them see the light, but rather because its opponents eventually die and a new generation grows up that is familiar with it
Here, there’s not a “scientific truth,” per se, but more a principle of how the web wants to be. Rather, how the people building the web want it to be.
It feels like those people increasingly aren’t really interested in open.
Here’s some long running experiments to test that hunch:
Will Red Hat revenue from RHEL increase? If so, the users of RHEL care a lot less about “open.”
What will ActivityPub look like in Threads, Tumblr, and other mega sites? Will it all naturally fit together with Mastodon, or be, like, weird? If it’s weird, both the people building the web and the users will care less about “open.”
Will there be more cloud providers who have no commercial relationship with open source projects they run? Same.
We’ll see!
We have a great Kubernetes management tool, Tanzu Mission Control. But it’s only been available as a SaaS up to now. In enterprise sales, you always - always - eventually need an on-premises, off the Internet version. Militaries and spies use this, but there’s plenty of people who are heavily on-premises (based on four years of IDC estimates, I’d say that at least 50% of enterprise workloads are on-premises).
Anyhow! The most recent version of Tanzu Mission Control can run on-premises now. Air-gap and all that shit! Here’s an article about it, as well. Check out this interview I did with Corey Dinkens on the release. If you don’t like video, you can listen to the podcast.
My co-worker Layla started a new .Net newsletter, “Hooked on .NET.”
Subscribe if that’s your thing!
From Nicole Greene at Gartner: “38% of respondents to that same Gartner Consumer Community survey stated that they are very comfortable or somewhat comfortable, with an additional 27% taking a neutral position on the use of genAI in Marketing. That means 65% of consumers are mostly ok with marketers using genAI, and there are a lot of low risk ways to bring genAI to your marketing team right now.”
If you listen to the opening of “Breezin'” at half speed there’s some new magical thing that happens. Somehow it did this by accident today, and I thought I’d put on some kind of super high quality setting that let you hear the studio for real. It was a slow waking up of the song, like morning coming up.
“I mean, even if the Pope uses it, isn’t the purchase a bit expensive?”
“A gentle breeze blows, Birds singing in harmony, Nature’s symphony. DevOps buzz abounds, But failures linger around, Words won’t fix the sound.” Here.
Also: “continuously devops microserverless. with software and humans.”
‘The lover of life makes the world his family,’ he wrote. ‘He is an “I”, insatiable in his appetite for the “not-I”.’ Here.
Lines of Code - When there’s no perfect and easy measure, you have to (“end up”?) use the ones you have that are good enough.
55 - AI-Powered Content Strategy, Claude 2 from Anthropic, and Major Google Bard Updates - A super-packed episode of using AI stuff for marketing.
CMOs Need to Give Generative AI a Chance, Before it’s Too Late - “In fact, 53% of respondents in a recent Gartner Consumer Community survey stated that they think that genAI will strongly or somewhat negatively impact society.” // But if you break it down by industry, as they do with a nice chart, things are slightly different.
People are getting fed up with all the useless tech in their cars - “Unsurprisingly, more people are choosing not to use their car’s native infotainment controls. Only 56 percent of owners prefer to use their vehicle’s built-in system to play audio, down from 70 percent in 2020, JD Power found. Less than half of owners said they like using their car’s native controls for navigation, voice recognition, or to make phone calls.” Meanwhile:
What connected-car services are consumers willing to pay for? - There’s some fun stated-preferences versus revealed preferences in there.
Change takes a long time - This is my new thing after five years of talking with large companies about digital transformation: it just takes a long time. There’s usually a lack of urgency, but this is a benefit for most of those large companies. The employees, management, and share holders want stability, predictability. Also, they don’t want to spend money unless they really, really…really…have to. Few people like change unless it’s needed.
How to Write a Book in Three Days: Lessons from Michael Moorcock - “There’s always a sidekick to make the responses the hero isn’t allowed to make: to get frightened; to add a lighter note; to offset the hero’s morbid speeches, and so on.”
What the Government Email Account Hack Says About the Future of Cybersecurity - Always be securing all the things.
personal organization - “Here’s my one piece of advice about personal organization: (calendars, tasks, planning, tracking): Think hard about your needs, pick a system, and then do not under any circumstances change it until at least one full year has passed.”
Things I had ChatGPT summarize for me: Identifying Key Industry Analysts; IBM Acquires Apptio for Hybrid Multi-Cloud FinOps; How Five Companies Built to Outcompete; Product and Platform Shift: Five Actions to Get the Transformation Right; Characterizing People as Non-Linear, 1st Order Components in Software Development; IncrementalOps: A New Approach to IT Operations; If Your Innovation Effort Isn't Working, Look at Who's on the Team; The GigaOm Pivot - Rebuilding the Analyst Business for the Digital Enterprise; What’s Wrong With the “What’s Wrong With Men” Discourse; China notes, July '23: on technological momentum; The New Media Goliaths; VMware’s Alex Barbato on How Agencies Could Enable DevSecOps Teams to Advance IT Modernization; VMware Tanzu Mission Control Self-Managed Announcement; Kubernetes: Innovation Enabler Or Implementation Detail?; Infosecurity Europe 2023, Forrester’s Thoughts; Is DevOps Tool Complexity Slowing Down Developer Velocity?; Dell Technologies Announces Intent to Acquire Moogsoft.
Talks I’ll be giving, places I’ll be, things I’ll be doing, etc.
July 19th Improving FinTech with cloud native think, speaking. July 19th Stop Tech Debt and Start Using Faster, More Secure Paths to Production. Sep 6th O’Reilly Infrastructure & Ops Superstream: Kubernetes, online, speaking. Sep 6th to 7th DevOpsDays Des Moines, speaking. Sep 13th, stackconf, Berlin. Sep 14th to 15th SREday, London, speaking Sep 18th to 19th SHIFT in Zadar, speaking. Oct 3rd Enterprise DevOps Techron, Utrecht, speaking.
See y’all next time!
Ever wonder why there’s not more t-shirts at tech conferences? Marketing people hate getting t-shirts for booths at conferences. In last week’s Tanzu Talk about platform marketing I went over why:
Tech conference attendees love t-shirts. They’re also good for brand- and idenity-marketing: if you’re wearing the shirt, you’re likely a fan. Or, at least, you tolerate the brand.
You don’t see a lot of t-shirts at tech conferences because marketing people usually hate t-shirts. Here’s why
First, t-shirts are expensive compared to, say, pencils or other weird, branded doo-dads. But, there are even more annoying aspects.
Second, you have to decide what’s on the t-shirt. Even if it’s more than just a simple name, do you put that centered on the front, on the sleeve, the back? Then there’s type: do you have a polo shirt, a t-shirt… will programmers wear a polo shirt? How about ops people? And if you want a new, custom design on your shirt: forget about it. That’s going to be a lot of meetings. It’s a bunch of bike shed meetings.
Third, how many of each sizes and styles do you get? Predicting the right distribution of sizes it tough. You have to anticipate how many of each size (XS, S, M, L, XL, XXL, XXXL, etc.) will be needed. Additionally, geographic factors must be taken into account as American sizing differs from that used in other parts of the world. Predictably, American sizes are larger than European sizes.
The cut of the shirts is a related issue: how many “regular” versus women’s cut do you get?
Back when I helped with the planning and booth staffing for DevOpsDays at Pivotal, I used to be pretty good at predicting the size and cut splits for DevOpsDays. But this was built up over years of experience for a specific conference for a specific type of attendee.
You can imagine picking a t-shirt cut adds another uncomfortable dimension to this planning: you have to think about people in terms of body size and gender, and predict how many will be at the conference. This is something our corporate training (and, you know, the general goal of trying to be a better person) tries to rip out of your brain and corporate decision-making machine. You’ll literally be talking with co-workers saying things like “well, this is the American mid-west, so we better order more XXL’s than we do for Amsterdam” or “well, this is Bologna, so order a lot less women’s cut than we would for San Francisco.” (And by the way, should I even be saying “women’s cut”? I guess “fitted”?)
Forth, shipping these t-shirts introduces even more potential problems. If your conference is outside of your country (or, like, the EU), you’re gambling that customs won’t hold up your shipment. Or, you’ve figured out how to pay customs, adding expense and complication. Also, the shipment might just get lost. I’ve seen both of these happen a lot over the years. In addition to being held up and the additional cost and cognitive load of dealing with customers, what do you do when the box does finally show up, days after the conference? Do you talk with the conference people and somehow ask them to ship it back? Will FedEx/DHL/etc. do that for you? Or just you abandon the t-shirts?
Speaking of, fifth, once the conference is over you, there's often a surplus of leftover t-shirts. These typically fall into the extreme size categories of XS or XXXL, leading to unnecessary waste and inefficiency. And, even if you got past customers, you need to figure out shipping the t-shirts back. This is actually the easiest part, really. Most conferences have a courier come to pick things up, or you can schedule the pick up. Then you just ship a return label with the box, ask the people doing the booth work to tape the label on (make sure to ship some packing tape and scissors in the box!), and make sure the box gets the courier.
T-shirts seem like a really good idea, but they’re super tedious and costly to do at a conference. It’s why you don’t see more of them. It does mean, however, that they’re one of the rarer and more valuable things. Also, the bigger and more mature the company, they more capabilities and knowledge they should have about t-shirts. Big companies should be the ones giving away the most! But, since they’re often so penny-pinching, big companies don’t give t-shirts away too much. Oddly, it’s the smaller companies, the startups. This is likely because they’re being asked to burn money (rather than save it), the marketing people are probably more, like, “go getters,” and they might just be a little naive about how annoying it all is.
I think a vendor should always have t-shirts. It’s worth all the problems to get that brand and “in the club” feel. But, I wouldn’t want to be the one in charge of it.
(I wrote a long post years back on designing tech conference t-shirts. I should find that!)
A4 Issue 1 July 2022 – Notes from the Drawing Board - This kind of thing is fantastic.
Throw someone a pep rally - Two thumbs up!
“that’s the American spirit!” - Yes, exactly this: “America’s public culture really does valorize pragmatic problem-solving.” As he writes, for example: “I remember going to Germany in, I think, 2009 with a small group of American journalists. We were in some eastern city in a van driving down a narrow alley when we had to stop because there was a Smart Car incorrectly parked in the alley, leaving us with no space to pass. Our van driver couldn’t back out and he couldn’t go forward, so he said we’d just have to wait. A middle-aged American woman in the group said that was absurd, and that yours truly and a few other younger guys on the trip could just get out, pick up the Smart Car, and move it. The driver said, “no, no, no, it’s not possible.” But she insisted that the four of us get out and move the car, and so we did, kind of like in the Mentos ad. We got back in the van, and she said to the driver very definitively, “that’s the American spirit!” // Now, that said: you have to also remember that after millenniums of war, Europe has been at peace for 78 years. So, things are going well on that front, perhaps the most important of all things.
202306 - ’If you take a single pull request (PR) that adds a new feature, and launch it without tests or documentation, you will definitely get the benefits of that PR sooner. Every PR you try to write after that, before adding the tests and docs (ie. repaying the debt) will be slower because you risk creating undetected bugs or running into undocumented edge cases. If you take a long time to pay off the debt, the slowdown in future launches will outweigh the speedup from the first launch. This is exactly how CFOs manage corporate financial debt. Debt is a drain on your revenues; the thing you did to incur the debt is a boost to your revenues; if you take too long to pay back the debt, it’s an overall loss.’ Also: “Tech debt, in its simplest form, is the time you didn’t spend making tasks more efficient. When you think of it that way, it’s obvious that zero tech debt is a silly choice.”
The Rise Of DIY In FinOps - “But some DIY efforts do work. These tools are generally powered by teams of between 15 and 45 engineers acting as a dedicated product and support team that builds new capabilities, maintains and updates the tool as new cloud services emerge, and troubleshoots any existing user issues. The most famous example is Target, which dedicates two teams focused on the data pipeline, data acquisition, dashboards, and engineer persona application and has built everything from the ground up.”
No one has an “appetite for risk” - “I think there is a better way to express what we aim to express when we say ‘risk appetite.’ What we are talking about is the organization’s failure tolerance. How often is it okay for the organization to experience security failures? How big can the failures be (impact) and still be tolerable?”
IT spending soars, generative AI investments barely leave a mark - These forecasts have been confusing in recent years. They’re always increasing, and yet the trends are always cost savings: ‘“Digital business transformations are beginning to morph,” said Lovelock. “IT projects are shifting from a focus on external-facing deliverables such as revenue and customer experience, to more inward facing efforts focused on optimization." The trend is reflected in where spending growth is highest. Gartner expects software, the fastest-growing segment, to achieve a double-digit growth rate of 14% on the year, as organizations reallocate spending to squeezing more value out of ERP and CRM applications, as well as other core platforms that deliver efficiency gains.’ // Also, yeah: with AI it’s way too early in the corporate planning and strategy cycle to be allocating lots of cash to it. It’ll just be small PoCs for at least a year.
Talks I’ll be giving, places I’ll be, things I’ll be doing, etc.
July 19th Improving FinTech with cloud native think, speaking. July 19th Stop Tech Debt and Start Using Faster, More Secure Paths to Production. Sep 6th to 7thDevOpsDays Des Moines, speaking. Sep 13th, stackconf, Berlin. Sep 14th to 15thSREday, London, speaking Sep 18th to 19th SHIFT in Zadar, speaking. Oct 3rd Enterprise DevOps Techron, Utrecht, speaking.
Tonight, I have my last online talk of the month - for a long time actually. It’s with Alvin from Forrester. They’ve put a lot of thinking into modeling and planning taking care of legacy IT stuff. We have it planned out as, you know, podcast-y discussion. I’m looking forward to learning a lot from him. Check it out!
After that, it’s hopefully time for a lot of content creation. Hopefully, this will mean helping out some of my marketing friends with stuff they need and plans for engagement and that shit. Also, I have a list of tiny videos I want to make. Do they work? WHO KNOWS. But, they’re fun and satisfying to make.
We’re back from a three day weekend in London for our anniversary. I tried very hard to eliminate all “productivity,” so I have very little to say today. I did want to ADVERTISE for a thing I have tomorrow. So I’ve gathered up some waste book for you today.
We should revise the Peter Principle not to be insulting (reached the level of your incompetence), but burnout driven: reached the level of being able to put up with more bullshit.
“I know my price. Because I developed my identity outside of work, there’s a cost that comes when work infringes upon it—if it ever costs me a larger part of my identity and my life, I know it’s not worth it.” Here.
I like systems that can be successfully applied, with only medium effort. It must be executable by many organizations, not just the exceptional ones. This principle weeds out the systems that sound good, but can never be done widely. It can be hard for the genius to come up with the perfect systems, but should be easy for us regular folk to implement it. This applies to individuals as well. Related:
If you’re so smart, why are we all still so dumb?
There’s tasks that need to be done by a date. And then there are tasks that have the potential to help me meet goals I don’t even know I have yet.
In praise of source cream - It is good. Despite growing up eating Tex-Mex, it is something I never really got into until recently.
Travel hack: you only have to keep the tray table up during landing and take off. So if you’re waiting for the plane to load and take off, you can put it down. I like to hunch over while I’m waiting, you know reading books or news or whatever. So I put the tray table down to lean on it.
This is a good book, and I enjoyed reading it.
Tomorrow Darran Rice and I are going to be talking about how cloud native apps can make your financial services strategy better. Plus, a little security, legacy software fixes, etc. Watch it live, July 19th at 3pm Amsterdam time, and you can ask questions. Or, just save it to watch later.
Talks I’ll be giving, places I’ll be, things I’ll be doing, etc.
July 19th Improving FinTech with cloud native think, speaking. July 19th Stop Tech Debt and Start Using Faster, More Secure Paths to Production. Sep 6th to 7th DevOpsDays Des Moines, speaking. Sep 13th, stackconf, Berlin. Sep 14th to 15th SREday, London, speaking Sep 18th to 19th SHIFT in Zadar, speaking. Oct 3rd Enterprise DevOps Techron, Utrecht, speaking.
See y’all next time!
Here are three charts.
First, while everyone is freaking out about AI, it’s had little impact thus far:
Second, since 2020, usage of cloud seems to have leveled off at a 50/50 split between on-premises and public cloud:
But don’t worry, everyone is planning to move more to public cloud in the next three years. At least that’s been the case for the past seven years:
There are some rules of thumb for the impact of new enterprise technology here:
It will probably take much longer than you think.
The business value you achieve will probably be less than you think.
There’s not as much urgency to “transform” as us vendors would like you to believe.
The AI craze is an especially interesting case for me. It is clearly a big deal. I never used Docker, but the first usage of ChatGPT is what it must have been like to use Docker. You don’t believe what’s happening, it’s so effortless, and you can immediately start getting value from it.
For enterprises, however, things are more complicated. Just as you wouldn’t want your developers doing whatever they wanted with Docker - especially just downloading images of the Internet and, like, using them to run your paycheck processing, missile guidance, or just where to ship this box of celery systems - you don’t want ChatGPT just running around willynilly inside your enterprise. Even more: it can’t. You can’t just upload everything to ChatGPT and have it do wonderful things. Believe me: I’ve tried!
You can imagine all sorts of stupendous improvements to how a company operates if they unleash AI on everything. But, it will be less stupendous that we think, and take much longer. First, you’ll need to make sure all the governance and (as we’d say in the consumer world) privacy concerns are taken care of. This isn’t just about annoying lawyers and security people being annoying, it’s often to comply with regulations and laws. And it’s often a good idea!
Then, you have to figure out a way to actually load all that data into THE AI MACHINE. Access to all that corporate data across old ERP systems, CRM systems, Salesforce, email, Sharepoint, Google Docs, etc., etc. is already fraught and difficult. We’ve tried “data lakes” and…well? One of the main issues here is paying for all of that.
If you’ve ever tried to do what seems like simply pulling information from Salesforce or other ERP systems, you know what I mean. You rarely can just do what should be simple. First, you need access. And you’re going to have a get budget for that. Second, you need to actually understand the format the data is in. Third, you need the skills to actually find, clean, transform, and build reports out of that data. What this means is that you can’t do it alone: you always need to know “a guy” who can do it on the side for you. (Sidenote: if you’re working in a big company, always be looking out for this “guy.” If you see some really good charts or data in a presentation, ask who put that together and take that person to lunch so that you can ask them for help in the future.)
ChatGPT like systems could make this all much, much better. But it will take time, and it might not just, like happen as fast or as broadly as you think. Compare that to the public cloud usage in the above charts. We all know that using public cloud makes totally sense for any given apps. We all know that there are very few technical reasons to do it. We all know that the costs are, at worst, net-neutral. And yet…it’s going to take us three years to get there, apparently.
This emerging technology adoption ass-dragging is driven by numerous things. The price to use new technologies and switch over to use them is often too high to easily deal with. If you’re serious about building an app platform on-top of Kubernetes, you’re going to pay a lot more money than you think. For a the smallest enterprises (let’s say, 5,000 to 10,000 people or more), you’re talking about millions of dollars a year. That can be either in staff if you want to DIY, buying vendor/public cloud services, etc. Just paying for the operating systems - a “free,” open source operating systems! - is going to cost millions. I have no idea how RHEL pricing works at this scale, but if you look at Salesforce’s numbers (moving 200,000 servers to RHEL), they feel like what big banks, large retailers, large government agencies, and other enterprises would face. That’s got to be, again, millions of dollars a year.
These costs are often worth it. You need computers and I’ve heard software is eating the world. However, when you introduce a brand new technology with such a steep price, you’re talking 12 to 18 months to get going. Enterprises work on annual budgeting cycles. If they’re using a regular calendar year for their fiscal year, you start “socializing” your budget needs around October, figuring out what you need, making deals with peers, sniffing out what your budget approvers actually value and will approve, getting your PowerPoints all prettied up with arts and crafts. Then you pitch it towards the end of the year. The budget is approved, then everyone disappears for two to three weeks for the December holidays. You come back in January, sort of putter around for a couple of weeks, and then you start finish talking with your vendors and public cloud people (who, hopefully, you started talking with back in October), finally selecting one to go with. Then you need to install the thing. But first you’ll need to talk with he networking and storage admins. The compliance and security people are going to want to see things. Also, you’ll need to update some training in the cloud center of excellence. And before you know it, a quarter has passed. You’ll have to spend a week or so preparing your quarterly review - more arts and crafts - to report on the status of it.
And so forth. (Also, I forget dealing with procurement. It’s hard enough to get an enterprise to pay for a $100/year expense, let alone $1.4 million.)
Then October rolls around again. Us vendors are like, “hey, how’s your consumption of this stuff: I gotta maintain the ARR, do some LTV farming…could you introduce me to that other group? I they’d like some steak dinners….”
Then, all of the sudden, those goofballs in the bond department screwed up their inflation estimates, and next thing you know another bank is buying you. “We’ve got some other things we need to handle now,” you tell your steak dinner friend.
You’ll get the stuff going eventually. You’ll get benefits from the new technology for sure - just ask us vendors to carpet bomb you with case studies! This shit is for real. It’s just that it’s for real once you get it all setup and learn how to do it.
It’ll take a lot longer than you think.
The Gartner hype cycle describes another phenomena here: inflated expectations. You’ve heard that AI (or public cloud, or cloud native, or CRM systems) is stupendous, revolutionary. There’s case studies from early adopters. But you haven’t actually used it yet. The hundreds (thousands, even) of people in your organization haven’t used it yet. You customers have not experienced its effects yet, and so forth.
Until you actually get your hands on it, at scale (not just some early PoC’s) you won’t know how stupendous it is in your organization working within your constraints and taking advantage of your capabilities. Getting to that point takes at least a year, often more to get more organization wide usage.
You can certainly get a better and better sense as you go along. You have to build in bureaucratic humbleness that is willing to learn and observe itself in action to get that sense. You have to be careful with your first impressions. What the hype cycle is telling you is that they’ll be inflated.
ChatGPT is a good example here. Once you use it day in and day out for months, you adjust your astonishment at it. It is amazing! But it’s now where near the level of earth shattering that the anti-AI people make it out to be.
Listen, it sounds like I’m being a wet-sandwich here. But it’s the opposite. The hype cycle has another mind-trick in it. After the peak of inflated expectations, everyone gets disappointed and you go into the trough of disillusionment. You get upset! You get letdown! (And when it comes to public cloud, all the on-premses vendors smell the delicious disappointment at migrating to the new and swarm - steak dinners galore!)
If you know that expectations are false, that it will take a long time to get the stupendous returns, you won’t get disillusioned. You’ll be smarter, reality will be revealed.
The other thing you have to keep on eye on is spending too much attention on the stupendous new thing. Meanwhile, you have the existing business to run, the existing systems to operate and optimize. I suspect that most of the benefits you can achieve from IT come just from doing what you’re currently doing better. For example, if you look at how you do software development, you probably call it “agile,” but most people are probably not following the actual practices.
A cool trick is to ask these agile teams how frequently they ship software. If it’s not at least monthly, you can probably do some improvements. And the improvement is probably just putting in some automation, talking with auditors to show them that that automation means they can trust you systems more and, thus, have less meetings about each release. Are you actually doing pair programming? What are your test coverage numbers? Are you actually standing up in your stand-up meetings?
I’ve studied the problem of rotting, neglected systems in large enterprises for the past two years and it is a big, big problem. One of my co-workers said at his previous job, at a big bank, they were spending near 50% of their time just on fire-fighting, upkeep, and dealing with compliance. As he said, time spent on that is time stolen from making the business better. And, also as he said, there’s well known, proven practices and technologies that could improve that 50%…you’d just have to actually decide to do it.
The issue with this rotting core is that (a) it’s boring compared to, like, AI, and, (b) it’s really hard to make a business case for addressing rot in your IT systems and software. It’s not going generate direct revenue, so unless your organization thinks in terms of running more efficiently (speeding the workflows your software does - for example, speeding up approving insurance applications or doing case management) and values agility, the business case is going to be difficult. Corporate strategy is a zero-sum game: those who win take from those who lost. There’s only so much budget and time that a company has. So if you’re pitching “just do what we do now, but better” versus “implement AI to revolutionize our business!”…it’s going to be tough.
Most corporate strategy think doesn’t value well maintained software. The people making strategy decisions in enterprises seem to of software as one-off, install it and forget it projects. You have to think about your overall IT estate as a factory. Just as a you would spend a lot of time maintaining and optimizing your factory, you have to do the same with your IT “factory.”
I suspect that many organizations could get huge improvements just by getting better at what they’re currently doing.
That’s seemed to be the case business wise in the past decade. For example, banking startups were supposed to destroy traditional banking. Instead, existing banks just got better…without really changing how their business functions and what they do. And, as the public cloud charts show above. Well. That hasn’t rocked the world (but it will over the next three years!)
There’s two things going on right now that you can immediately apply this to.
First, make sure you get realistic expectations about Kubernetes. The overall ecosystem has hyped the shit out of it, myself included many times. But if you look at actual adoption, it’s incredibly small. There’s probably about 10% of enterprise applications running in containers now, less in Kubernetes. There simply has not been enough use of kubernetes in enterprises to know if it’s a good or bad idea, let alone how much of a good or bad idea it is.
Don’t let Kubernetes migrations become a distraction from just improving how you currently work.
Instead, you need to setup a system - a culture, if you’re a DevOps fan - of learning and experimenting to figure out if Kubernetes will work for you. There’s a huge knowledge and experience vacuum when it comes to Kubernetes, and the strategic engineering move now to is fill that vacuum and then start making big decisions.
Second, make sure you understand what platform engineering is before you launch big plans to transform how you do everything. Platform engineering is just DevOps under a new name. (At least that’s what I think this week.) At most, platform engineering just adds in internal developer collaboration tools (in the form of IDPs). Platform engineering might include building and running your platform-as-a-service…eventually.
But if you think through all the things in the umbrella of platform engineering, it’s too much. In a large enterprise (or even a small one), one group doesn’t have enough time, enough cognitive load to manage the tools developers use, the runtime environment they use, the middleware they use, and also do all that magic DevSecOps (pardon me, I mean PlatformEngineeringSecOps), and…all the other stuff. If you have a mature, proven platform like the Cloud Foundry ones, sure. There’s all sorts of people building platforms like that on-top of Kubernetes right now - so you can start with one of those instead of building your own. (You could also just short-circuit all of that and hand over the platform building and running to the public cloud - the dream!)
But people in enterprise IT are obsessed with building custom, bespoke platforms. I mean, builders like to build.
Most every enterprise I’ve ever talked with has numerous reasons why they’re different, why they can’t just use an off-the-shelf platform, and, thus, why they need to customize it. For the most part, their reasons are false. And, in most cases, they’re very common reasons that all of their peers and other enterprises have. And, as such, those reasons have been taken care of in the off-the-shelf platforms. Rather than change the unique constraints that drive the need to build their own platforms, these organizations work keep those constraints and are forced to build around it. It’d be like if you had to build a custom bed around an old radiator instead of just removing the radiator.
With the DIY platform mentality, you’re building a complex system, and you’re going to need a complex meatware system to manage it. “Complex systems build complex systems.” You’re probably already in a flywheel of doom made up of two complex systems - your software and your meatware - that’s making things more and more complex as the quarters tick by.
In that kind of system, you’re always going to need separate developer tools groups and separate platform operations groups. You can only break down silos if you put, as we used to say, an opinionated platform in place that standardized and centralizes what you do.
So if you’re launching a Kubernetes and/or platform engineering, uh, “strategy” or “program,” figure all that out. Don’t have inflated expectations. It’s probably better to just, like, call in the DevOps Engineering team and the application development team, let’s see, the infrastructure management team, the security team…hell, get all the silos in one room, and ask them “so, tell me some daily tasks that we could be doing better. Are y’all actually standing up in your stand-up meetings?”
You’ve got to keep an eye on the new stupendous stuff. You should always be doing several projects to try it out. Not just “pilot” it or do a “PoC,” but to actually do real work and make sure you’re following a process to learn from it. If you think AI is going to be a big deal, spin up three projects that are directly connected to how the business runs and check in every month to learn what works and doesn’t work. You can’t do a business case for that. You just have to do it.
But, at the same time, spend a lot of your time just improving how you’re currently working. Remember, five years ago you did all of that transformation work, right? Maybe it’s time to go back and make sure you’re still following the practices and doing the things. That you haven’t just reverted to the old habits.
You know, instead of sitting, try actually standing up in your next stand-up meeting.
If you’re into the above kind of stuff, you should subscribe to my newsletter. It’s full of topics like these a few times a week, plus links I’ve found and other fun oddities to look at.
Talks I’ll be giving, places I’ll be, things I’ll be doing, etc.
July 19th Improving FinTech with cloud native think, speaking. July 19th Stop Tech Debt and Start Using Faster, More Secure Paths to Production. August 21st to 24th SpringOne & VMware Explore US, in Las Vegas. Sep 6th to 7th DevOpsDays Des Moines, speaking. Sep 13th, stackconf, Berlin. Sep 14th to 15th SREday, London, speaking Sep 18th to 19th SHIFT in Zadar, speaking. Oct 3rd Enterprise DevOps Techron, Utrecht, speaking.
I’ve got what I hope will be a podcast-y type version of a webinar series I just wrapped up. I don’t know: something like a after show special where we talk about the series?
It’ll be live next week, on July 19th at 3pm Amsterdam time (check you local listings).
We did a good job in the series talking about how cloud native apps and thinking gives banks and other financial organizations new capabilities, how it changes, for the better, how you do security and compliance, and how to start thinking about modernizing all those legacy applications.
You can watch it in LinkedIn, or YouTube if you prefer that. Come with some questions! We didn’t get any during the webinar series.
I think I accidentally worked out the outline for my keynote at DevOpsDays Des Moines!
Finding an estimate of how many developers there are in the world is difficult. Oh, there’s plenty of people making estimates, but those estimates vary so much that the estimates are suspicious.
For example:
Microsoft/GitHub recently said they now have 100 million developers using GitHub.
“We estimate that, as of Q1 2023, there are 35.6 million active software developers in the world,” says Slashdata (who the CNCF uses for surveys).
Evans Data (by way of Statista) estimated that 25.6 million in 2021 and forecast 27.7 million in 2023.
In 2022, IDC said: “worldwide professional developer census, which IDC places at just under 16 million in 2022.” This is up from 11 million in their estimate for 2014.
Those spreads are pretty bonkers, huh!
Out of those, I’d trust IDC the most. This isn’t exactly apple-to-apples: IDC’s numbers are for paid developers, not just “hobbyists.” That’s fine, though, because when I’m interested in this number, I’m usually wearing my “pay the bills” hat and am only interested in professional developers.
If I could find the breakout between pro and hobbyists in the Evans data, I’d probably go with the Evans data. I usually go with IDC on any IT estimates, but Evans specialize in developers and have for years.
If you look back at IDC’s 2014 estimate, as summarized in The Register then you can get a sense for the hobbyiests: “11 million working as software developers and a further 7.5 million ‘hobbyist’ [as] developers.” So if we take those percentages, it’s 40%/60% between hobbyists and pros. Applied to the 2022 estimate, that’d get you, like, 26.6 million developers total. And, then, that lines up well enough with Evans' too.
(You could make an argument that since 2014 interest in programming has risen, access to computers and education has gone up, etc., etc., and say that the hobbyist share has grown, but, whatever: I’m a round numbers, “smells about right” kind of person once things get into the tens of millions.)
So, if I was going to use something, I’d say “around 16 million professional developers, probably something like 26 million total developers if you include people doing unpaid farting around.”
I’ve got what I hope will be a podcast-y type version of a webinar series I just wrapped up. I don’t know: something like a after show special where we talk about the series?
It’ll be live next week, on July 19th at 3pm Amsterdam time (check you local listings).
We did a good job in the series talking about how cloud native apps and thinking gives banks and other financial organizations new capabilities, how it changes, for the better, how you do security and compliance, and how to start thinking about modernizing all those legacy applications.
You can watch it in LinkedIn, or YouTube if you prefer that. Come with some questions! We didn’t get any during the webinar series.
Security Team Culture Matters - Being in security should be a happy job. // “Security and risk teams are more motivated and purpose-driven than others. As a 25-year cybersecurity veteran, this totally checks out for me. Almost everyone I know in [IT security] is mission- and purpose-driven. They took on this job to protect others!”
Deploying the Swift Method to Modernize a Singapore Government Legacy System - Good description of what it feels like to be stuck in the legacy trap: “The [Singapore] government agency in this case study faced a similar issue with a legacy system that supported critical business processes, integrated with other business-critical applications, and was developed and maintained by third-party vendors. Over time, the codebase had become highly coupled within different business domains and contexts, making it difficult for developers to work on. This situation led to product development squads being slowed down by dependencies on the support team for this legacy system. The development squads also lacked confidence to make changes to this system themselves—given the low automated test coverage—and faced uncertainty about what they would be able to deliver for their own work streams independently.” You can see the original talk this is based on here.
More: The importance of on-premises applications and infrastructure; Managing negative emotions and cultivating happiness; VMware Tanzu and VMware Aria adapting to multi-cloud industry trends; Potential discussion on DevOps trends; WE CAN VIRAL IT FOR YOU WHOLESALE.
Talks I’ll be giving, places I’ll be, things I’ll be doing, etc.
July 19th Improving FinTech with cloud native think, speaking. July 19th Stop Tech Debt and Start Using Faster, More Secure Paths to Production. August 21st to 24th SpringOne & VMware Explore US, in Las Vegas. Sep 6th to 7th DevOpsDays Des Moines, speaking. Sep 13th, stackconf, Berlin. Sep 14th to 15th SREday, London, speaking Sep 18th to 19th SHIFT in Zadar, speaking. Oct 3rd Enterprise DevOps Techron, Utrecht, speaking
Now that summarizing is working again in ChatGPT, I thought I’d try putting in a list of things I asked it to summerize, but did not bookmark to list an official link. That’s what the “More” paragraph is in the links section above. It’s like that Matt Levine/Harper’s style of mashing it all together. An “official link” means I’ve extracted some quote and/or added a comment of my own, bookmarked it, posted it to my blog and Mastodon, and probably promoted it on some other social holes. These ones are from the cutting room floor.
Only 22% of software developers say they have a clear understanding of what they need to do to comply with security policy, to make sure the applications they're writing for their organization, are good in a security sense.
Now, it'd be easy to say the developers are just dopes and they don't know what they're up to. But I think what this is indicating is that figuring out how to practically do security policy at the software layer is difficult.
And that's where this concept of “shift left” comes in.
The idea of shift left comes the Extreme Programming and agile world where you are bringing unit testing closer to developers, and then from DevOps where you’re doing the same with automation and configuration, and even releasing and managing software.
You're bringing it all of that “left” into the application lifecycle, close to when the app code is being written.
That kind of literally makes sense. But nowadays, when you start hearing about shift left for security, that shouldn’t mean having the developers take on even more responsibilities.
If only 22% of them even know what they should be doing, you should probably not ask them to do security things. My colleague Darran recently called this “shift left and leave.” Instead, I think you need to “shift left and stay.”
What shift left means in a security and compliance context nowadays is moving your security and compliance activities closer to that part of the application lifecycle, where the coding is actually done.
What this often means is automating a lot of the checks, and also enforcing a lot of the compliance you have. You do this by using things like default templates and setting up for your developers to take full advantage of how cloud native architectures let you split up and divide things. Darran and I discussed what that means in our talk today.
There's another thing that Richard Seroter, mentioned recently, which is the idea of “shifting down,” which is to say, if you have the opportunity to just build something like security and compliance into the platform, to just remove it from anyone's concern, you should definitely focus on that. As analogies, you can think about at a very basic layer like file services, networking, even the way that UIs are rendered on screens. All of these have been “shifted down” into the stacks that app developers use. This was not always the case!
So if you're thinking about shifting security left - which people sometimes talk about is “DevSecOps” or even “secure software supply chains” - don't assume that means having your developers do a lot of work. Remember: only about 22% of them really know what that means!
Instead think about how you can go back into the application lifecycle and add security earlier in the application lifecycle. There’s a lot of new capabilities you’ll have if you’re using cloud native architectures, platforms, and thinking.
In the face of volatility, CFOs—and their organizations—adapt- Belt-tightening watch. Lots of micromanagement and management by finance metrics ahead: “In the year ahead, CFOs plan to increase their focus on operational value drivers, management of KPIs, cash management, and capital structure. Other priorities have decreased in importance since Q3 2022.”
IBM takes on AWS, Google, and Microsoft with Watsonx - If it works, and also, it lets enterprises build up huge, custom trained models, and it has enough governance controls, it’d be a big deal for IBM. They key things learned from ChatGPT is that it has to be super easy, frictionless to get started with. That’s difficult for enterprises software makers, and it’s also hindered by governance, access control, and pricing per seat and data access. To be valuable to individuals, a company will need to put as much of their data into their models as possible. If you’re just querying your own email and files, it won’t be impressive enough to show long-term value to individuals. And if you restrict the model to just a handful of people (as is done with most corporate data), then it also will be hard to show long-term value. This will freak out security people and lawyers. Back in the 2000’s when file sharing in enterprises (like SharePoint and intranet search) became popular, there was a wave of people freaking out that previously hidden in plain sight documents were now findable.
Beware the Digital Whiteboard - The assertion: writing with whiteboarding/Sticky notes is not good, and can lead to leaky abstractions. Seem more like a “right tool for the job” thing, plus the usual garbage in, garbage out, regardless of the tool used to process the garbage.
Talks I’ll be giving, places I’ll be, things I’ll be doing, etc.
July 19th Improving FinTech with cloud native think, speaking. July 19th Stop Tech Debt and Start Using Faster, More Secure Paths to Production. August 21st to 24th SpringOne & VMware Explore US, in Las Vegas. Sep 6th to 7th DevOpsDays Des Moines, speaking. Sep 13th, stackconf, Berlin. Sep 14th to 15th SREday, London, speaking Sep 18th to 19th SHIFT in Zadar, speaking. Oct 3rd Enterprise DevOps Techron, Utrecht, speaking
I’m writing the MC script for our upcoming SpringOne conference keynote session, it’s part of VMware Explore this year. And I’ll be co-MC’ing it as well. Writing a script like this is fun, and unique, sort of. You have tiny slices of time between talks where you follow a pretty basic format: (1) wow, how about that!, and, (2) here’s what’s coming next! There’s the opportunity to throw in a couple of fun easter eggs (I snuck two into last year’s SpringOne MC script). And then at the end, of course, you tell people when and where the free drinks and snacks party is.
I don’t write scripts much, at all, so doing that in the past few years has been something new to learn. Also, for the last SpringOne I worked on our CEO’s talk, which was especially educational. It’s interesting to put yourself in the head of someone else by learning their presentation style, mixing it in with what you know they like talking about and that they can talk about well, putting in the company strategy and then adding your own perspective and, like, “spin” on it. Then you see (as with the CEO and the two MCs) them present it, and you close out a very educational feedback loop.
Anyhow! You should come to SpringOne this year to see it all gel together :)
Our final talk in our software stuff for financial organizations is coming up tomorrow. Above is a little anecdote that Darran made to me as we were working on it. If you’re into security, compliance, that kind of thing, check out the third part of our series: “How Cloud Native Improves & Ensures Security, Governance, and Trust in Finance.”
Recently, I’ve been complain that I can't use ChatGPT to summarize things anymore because it won't pull from URLs. This was what I ChatGPT for the most when it first came out. It was amazing! It’d good for more than just summarizing. I’d also use it to see if I wanted to spend the time to actually read the article in more detail; the ChatGPT summaries are a little shallow, of course, but they’d be good at telling me if it’d be worth reading more. Second, if you use the same chat session for multiple summarization requisitions, you can keep a log of things you’ve looked at and ask things like “make a list of things I summarized today” or “what are some common themes, etc.”
Anyhow, this stopped working several months ago.
But, now you can do dit again! If you have plugins, enable Link Reader, and then it'll work again.
Instead of creating a new chat window for each article, I create one chat window every day or so where I just keep getting summarys. I'll rename the chat something like "20230710 tl;dr" with the theory that I'll go back and look at these some days.
Here's the prompt I've been starting the chats with: "When I paste a link here, retrieve the text of the article and summarize the article in detail using bullet points. Simplify and clarify the writing. Output in rendered markdown. Start by listing the title of the article and make the title of the article a link to the URL. Then write a paragraph summarizing the most interesting/novel points, and then make a bullet point summary of the article."
With that, I can just copy-paste a URL in there and get summaries.
Headstone: “Ran out of Takes.”
We think of the hype cycle more in terms of time and maturity of new tech. A neglected point of it is that most new technology has unrealistic hopes and dreams, like 20x reality. That is: most new tech will be a lot less group breaking than you think. Thus, when the new tech fails to deliver on its promises, the new tech isn’t so much a “failure” as your early calibration on its outcomes.
Pulling On Threads - I forgot about the “bring your whole self” thing.
Unleash developer productivity with generative AI, McKinsey survey - Their survey says it’s good in four areas: Expediting manual and repetitive work, Jump-starting the first draft of new code, Accelerating updates to existing code, Increasing developers' ability to tackle new challenges.
Adopt Platform Engineering to Scale Application Security Practices - “Gartner Survey Data Reveals a Missed Opportunity - Platform teams focus on improving developer experience, developer productivity, software quality and delivery speed. According to Gartner’s 2022 Software Engineering Leaders Role Survey, only 25% of respondents cited “reduced security risks’’ as one of the top three goals for platform engineering and only 6% ranked it as the topmost goal.” // Here we are, about to finally have a moment that’s just focused on making appdev better, and of course security has to come in and try to grab all the attention. This already happened with Kubernetes in the past few years. And: maybe it was a good idea to keep all this stuff separated in its own team so that each team can focus.
Steve McQueen by, John Dominis - That guy made being cool look easy.
Island Series: 6 Pack - These look like more amazing notebooks from a boutique shop.
Threads, The Fastest Growing Product Since ChatGPT - ’Threads, it hit 30 million sign-ups in less than 24 hours, which would be 60x faster than the 60 days it took ChatGPT to hit 30 million (as I hit send, I’m seeing rumors its passed 50 million, but nothing’s been confirmed yet)’ // This characterization is a little unfair. If Threads had just been a feature added to the Instagram app, no one would be calling those sign-ups. A sign-up should imply that people wanted something so bad that they put up with the friction of creating a new account. But, whatever: the point is still valid. // Also, this is a take if Threads with a positive tone instead of the usual shit-all-over-it mission.
ChatGPT web traffic falls 10%, analytics show - Indeed. I think I’ve found the limitations. The main one is the limit in the text you can feed it. If I could build up my own training data, that’d be something! The Link Reader plugin solves the summarizing web pages problem that I was having. What needs to happen now is just to get it integrated into enterprise software, and all the data ownership privacy stuff that goes with that. That’ll take at least six month, if not a year, to get through the security, legal, etc. people. So, check back in in 2025?
Scratch Pad: Fireworks, Bootlegs, Spock - “I remain convinced that most categories of online services are akin either to hair salons, to grocery stores, or to movie theaters.”
Porter’s Five Forces and the social web - There’s something interesting to do here in applying Porter to contemporary tech.
Talks I’ll be giving, places I’ll be, things I’ll be doing, etc.
July 11th How Cloud Native Improves & Ensures Security, Governance, and Trust in Finance, online talk. July 19th Stop Tech Debt and Start Using Faster, More Secure Paths to Production. August 21st to 24th SpringOne & VMware Explore US, in Las Vegas. Sep 6th to 7th DevOpsDays Des Moines, speaking. Sep 13th, stackconf, Berlin. Sep 14th to 15th SREday, London, speaking Sep 18th to 19th SHIFT in Zadar, speaking. Oct 3rd Enterprise DevOps Techron, Utrecht, speaking
See y’all next time!
A bonus Sunday episode!
Waking up this morning, my first thought was how different my job is now with less travel. Like many tech companies, we have smaller budgets for travel. The means I can only take three or so trips a quarter unless I get someone else to pay for it, or for customer/sales visits.
I dropped down a level in airline status due to decreased travel over the past year (and the lack of KLM maintaining your status to make up for COVID-times for several years). Yes, yes, “must be nice” and all that. I do a lot more at the desk work: writing, webinars and online talks, plus just general meetings/consulting about stuff.
That mix should have more videos, but as I mentioned awhile ago, after three years I don’t think my topic area works for videos. What do “executives” actually read and act on?
The explosion of social media is a huge blow to the developer advocate and tech marketing world. Surveys asking where developers got their info used to show that Twitter was up there.
Maybe I’m supposed to write more books? Arrange more online chats and panels in, like, LinkedIn? I was invited to an online CTO, like, salon last week. It was late on Friday night for me (living in Amsterdam), so I didn’t attend. That format is interesting…?
Is less travel better for my work, for my career, for my well-being? It must be better for, like, the environment.
Over the years, I’ve seen thought leader types…not so much burn out, as reach an end of their willingness to travel for work, or, maybe at the effectiveness of travel. You sort of run out of things to say at some point; you fill your audience’s idea-bucket. And once you start feeling like you’re repeating yourself, it’s hard to think all the effort you put in it worth it.
I’m not really sure what these grounded thought-leaders shift to doing instead. It used to be that you could just shoot out some clever tweets weekly to keep your thought leadering up, but that’s all dead now.
When I try to work on more content, there’s two problems I encounter.
As mentioned above, I can’t get the kind of eyeballs I would at a conference, just presenting to a room full of people. I spoke at a conference in Utrecht awhile back, and the number of people who followed my CTA and downloaded my book was huge compared to, like, the Internet as an audience on any given day. What do people in my field even read? I have no idea. Talking to people face-to-face is still incredibly effective.
Two, if I work on more official, marketing department run content or pop in other flows, it takes so long to get anything out the door…and then it just encounters the lack of eyeballs problem.
Despite all of that, people seem to think my content flows are fine. One of the more interesting analogies people make is that I’m like my own little company, managing all aspects of content flow and my work. They say this about my co-worker Josh, who is even more so. Another co-worker of mine, Dan, has done an amazing job at this over the past year as well. And Whitney has built one of the most unique concepts I’ve seen in the years.
That analogy is good, and it means I need to build up more “flows” that I “own” rather than having them done by others.
For example, one of the reasons I moved to Europe in 2018 was to do more executive engagement. “Executive engagement” means doing thought leadership with, let’s say, enterprise architects, to VP of operations or applications, to “C-level.” It’s a lot of talking about culture, swapping stories about how larger organizations change how they manage software. And so forth.
I was incredibly lucky that Hinada was running that in marketing when I got here. Even before I moved here, she’d had me do several. Over about four years, including during the pandemic, we did something like 40 of these events. Maybe more. They were great: small rooms of people where one or two resulted in actual business. By the metrics, they worked. Plus, I mean, it was just fun to meet and talk with people. But, as organization and budget shifts happened, as they do in large organizations, and especially when she left, that dried up. What happened is that I did own that flow. I didn’t establish my own ongoing contact with that group of people, a “club.”
That’s what you have to build up as a thought leader: your own “following.” For over a decade, you could more or less rely on Twitter for that. During the pandemic, and maybe a little before, it switched over the YouTube. There’s newsletters now, and all the various post-Twitter things. Those post-Twitter things are way too new, though. We’ll have to wait several years to see which ones work. For me, LinkedIn is where I should be trying to build a following more and more…but even that is…weird. I don’t have enough analytics to know if the following I have is all vendors, or includes enough “customers” to care. If I look at who likes and otherwise engages in my content on LinkedIn, it’s mostly co-workers. This is great, of course, I appreciate it very much. My point is not that that’s “bad,” it’s that I want to make sure I have “customers” in that following as well.
(This leads to an intriguing theory: if my large LinkedIn follower base - at least, the subsection that engages with my stuff there - is vendors, then perhaps I should start thought-leaders for vendors more.)
What I don’t have figured out yet is the medium and the content type that works for me and also for that “executive audience.” I’ve really enjoyed doing this series of financial industry talks with my co-worker Darran. It’s been very satisfying. Maybe I can give that kind of thing fine, and focus a lot of my “own little company” efforts on promoting them.
And, a little side-note on how mercantile my word choice is here: “customers,” “eye-balls,” “promotion.” I mean, yeah, sure - pure as the driven snow and stuff. If I were an independent book author (hopefully, not of the take-down-able airport book variety), perhaps I’d be saying “readers” and “consulting engagements.” A thought-leader mostly exists to drive business of some kind, whatever words or obsequious phrasing you’re using. I prefer to just be plain-spoken and open about it. I work at a company that sells stuff! I’m part of the funnel, and even lead-gen.)
Anyhow, so long as I can use the priority lines at Schiphol when I need to travel, I should be fine.
Talks I’ll be giving, places I’ll be, things I’ll be doing, etc.
July 11th How Cloud Native Improves & Ensures Security, Governance, and Trust in Finance, online talk. August 21st to 24th SpringOne & VMware Explore US, in Las Vegas. Sep 6th to 7th DevOpsDays Des Moines, speaking. Sep 13th, stackconf, Berlin. Sep 14th to 15th SREday, London, speaking Sep 18th to 19th SHIFT in Zadar, speaking. Oct 3rd Enterprise DevOps Techron, Utrecht, speaking
I was going to include this in the regular episode today, but the mix of reviewing a podcast and two cups of coffee into the morning thinking seemed discordant. I’ve been thinking about the above a lot recently: the changing nature of the work I do driven by the constraints I now have. So - there it is!
I listen to a lot of podcasts, and have for, I don’t know, over 20 years. I’ve made and make a lot of podcasts. You might call me both a podcast listening and podcast creating expert. In the classic sense: a critic. I should review podcasts more frequently!
A few times I year I try to eliminate all the bad vibes media from my life. You know what I’m talking about: there’s all sorts of things out there whose whole deal is to have a negative take. CringePub.
That’s what happened to If Books Could Kill after I listened to the initial episodes. The whole point of the podcast is to take down airport books. Their analysis of books like Freakonomics and Men Are From Mars, Women Are From Venus were pretty perfect. With a lot of these airport books (you know, super popular advice books and what can only be described as the “turn out,” Malcom Gladwell genre), you’re often left thinking two things (1) but now what I am I supposed to do differently, (2) I don't know, that all sounds a little too clever and kind of fishy?
Each episode delivers on that intuition perfectly. And the two hosts are meticulous in their research and structuring the take down. If you’re familiar Michael Hobbes’ years on You’re Wrong About, you’ll know exactly what to expect.
They actually read the book Well, often just one of them does. But this creates a good narrative tools:
The co-host who read the book has to give a good overview of it. The other one who didn’t read it acts as a sort of narrative straight man.
The co-host who did not read the book is a proxy for us, the audience who may not have read the book.
Hearing the real-time reaction and thinking that the co-host who did not read the book adds another dimension of analysis (and content).
Also, they do extra research to look up claims. For example, in the Atomic Habits one, they do a lot of double turns out’ing on the cutesy anecdotes and “studies” that are used to prove out the habits theories.
Finally, they’re good at spotting simple writing and structural nonsense. And, as they read more and more of these books, they’ve started to find the common tropes, structures, and, therefore, warning signs. In the Atomic Habits one, they come up with a grand theory of the structure for these turns out, airport books.
What makes them credible (in addition to reading the book and being able to summarize it, and the research) is that they point out the parts they agree with. And, in one of their first episodes, talking about Bobos in Paradise, they get really close to concluding something in the spirit of you’re not (completely) wrong, David Brooks, you’re just an asshole.
There’s also some great moments when they’re discussing the absurdly taken for granted things in some the premise of some books. For example, one one episode they shit-on The Game, a book about pick-up artist techniques. The whole premise of this book is that it’s hard for men to have casual sex with women. At one point in the discussion, Hobbes, who’s a gay man, says something like: wow, I never realized sex was such a fraught, stressful thing in the straight world. The implication being: this book only exists because those weird morals in the straight world.
But, like I said, it got to be too much negative vibes pouring into my overfilling, cracked bucket of a mind. At a certain point, especially when Hobbes is the straight-man (hah! pun!), they go overboard with just adding more and more shit-layering on the book. The shitting-on can make your brain-teeth start like too much frosting on a cake. And I was doing the spreading! So I stopped.
This week, Brandon reminded me of it, so I went back to it, listening to them do their shit-on show with Atomic Habits (hence all my references to it above). It suffered from the too much shit-frosting problem, but overall it was great.
If you read this newsletter, you’d probably like it!
(Sidenote: what is wrong with Wikipedia that the page for the podcast doesn’t seem to contain a link to the actual podcast? At least one that’s easy to find.)
Speaking of podcasts, this week Software Defined Talk is back to our usual format of the three of us going over tech stuff: This week we discuss RHEL licensing changes, check the vibe of DevOps and some thoughts on programing language. Plus, has ChatGPT already become boring? Listen in!
Talks I’ll be giving, places I’ll be, things I’ll be doing, etc.
July 11th How Cloud Native Improves & Ensures Security, Governance, and Trust in Finance, online talk. August 21st to 24th SpringOne & VMware Explore US, in Las Vegas. Sep 6th to 7th DevOpsDays Des Moines, speaking. Sep 13th, stackconf, Berlin. Sep 14th to 15th SREday, London, speaking Sep 18th to 19th SHIFT in Zadar, speaking. Oct 3rd Enterprise DevOps Techron, Utrecht, speaking
It’s the weekend, so here is your suggested outro song to listen to as a cold beverage melts in your hand and you watch the golden hour horizon:
All of the worrying about cheating with ChatGPT is hiding its biggest potential: being a teacher. As an “expert” (or, at least, well read) in digital transformation, DevOps, cloud native, blah blah, when I ask ChatGPT to do things for me, it’s mostly smell-free garbage, kindergarten stuff. But, when I ask it to tell me about something I don’t know about, it’s great.
For example, I’ve been reading Against Purity, which does the community thing of using a bunch of jargon without explaining it. One word was “syncretism,” which ChatCPT did a good job explaining it to me. What was especially magical about this little moment was that I used the text grabbing feature on my iPhone’s camera app to just copy and paste the text from an actual book into ChatGPT. Magic!
ChatGPT also great at simplifying dense text and ideas I don’t understand. It can be brutal in making a concept overly simplistic, removing all the artful phrasing that experts will use to describe something. Experts tend to either over explain an idea or over explain it.
For example, I talk a lot about legacy software, and the need to modernize it. Here’s the slide I used to give a definition of it:
The longer definition is pretty good for people who are vaguely familiar with software. In focusing on the outcome (what it means), it doesn’t really tell you why legacy software causes these negative problems, nor wha to do about. But, someone knowledgable with software already knows why and what to do about it. Anne is just giving a good definition we can all agree on. Which is very important: just imagine if we all agreed on one defining characteristic/metric for “DevOps” or “platform engineering” (I’d suggest app deploy frequency) and we could move on with our lives.
The Michael Feathers one is an example of stripping away everything but the essence of a definition and make it into a tool. A developer who reads that will say “yes, I get it now. Legacy software is risky to change because you can’t verify that your changes don’t break things.” And then, those seven words also tell you what to do to escape the legacy trap: write tests.
And then my definition - the title of the slide - is just me being cute.
But to an outsider, I’d imagine these definitions aren’t very good. Here’s a definition from ChatGPT. I asked it to reduce a longer answer into a paragraph:
Legacy software refers to outdated or obsolete systems that are critical to an organization's operations but haven't been updated due to high costs or potential disruptions. Despite their antiquated nature, they are often maintained because they fulfill essential business functions. However, these systems pose increasing risks over time, such as system failure, security vulnerabilities, and integration issues, while their maintenance becomes more challenging due to the dwindling expertise in the old languages or hardware they use.
After a little bit of priming, I then asked ChatGPT to explain the Michael Feather’s definition to a CFO who is making decisions about budgets and doesn’t understand legacy software:
This definition highlights an important aspect of legacy software from a technical perspective. In modern software development, "unit tests" are like mini exams we give to bits of code to make sure they're doing their job correctly. If a piece of software doesn't have these tests, it means its functionality hasn't been assured in a systematic, automated way. This could be a risk as it makes the software more prone to undetected errors. So when we say "legacy code is code without unit tests," we're saying it's older software that hasn't been built with these modern safety nets, making it more challenging and risky to maintain or update. For a CFO, it means these systems could lead to unexpected costs and disruptions if they fail or need to be changed.
Coming at from another direction, you a developer could ask ChatGPT to explain things to CFO is an expert at! With a little bit of going back and forth, I had it come up with an explanation a CFO might give for putting off legacy modernization:
As the CFO, I see the value in upgrading our legacy software, but we must prioritize the most impactful investments to meet Wall Street's expectations this year.
Our existing vehicle fleet, which is progressively more expensive to maintain, is a point of concern for both us and financial analysts. Investing in an updated, efficient fleet reduces these costs, satisfies eco-conscious customers, and offers a more immediate return on investment.
Now, when I mention increased amortization, I'm referring to the process of spreading the cost of this fleet upgrade over the useful life of the vehicles. While this means we'll see an increase in our expenses in the short-term due to the costs associated with the new vehicles, this is far outweighed by the long-term benefits.
This immediate capital investment boosts our operational efficiency by reducing the ongoing expenditure related to fleet maintenance. Moreover, newer vehicles would lead to an uptick in customer satisfaction and usage, directly contributing to our net earnings.
These factors should collectively improve our stock value, addressing Wall Street's expectations for prudent management of our capital resources and strong earnings performance.
Regarding the software modernization, it remains an important long-term project. But given the higher and more immediate returns from updating our fleet, I recommend postponing major software upgrades to the next fiscal year. We'll continue necessary maintenance to keep our systems running smoothly and securely until we're ready to invest in a full upgrade. I hope this offers a clearer picture of our financial strategy for this year.
I bolded the most important thing that the developer might not be considering: yes, but my job is to increase the share price as a function of being a responsible steward of our investors money.
The CFO’s explanation is much longer than the corresponding legacy modernization pitch to the CFO. I tried shortening it (scroll down to the CFO part of the chat I’ve been doing here), but then I realized a fun point: my need to have it longer is because I’m not an expert on this stuff and I need that extra simplification and expanding it out. That’s the whole point I’m making here! If I tried to piece that together from wikipedia, Investopedia. reading some CFO Weekly trade publications, or even people commenting on a TwitterMastodonBlueskyThreads question…I don’t think I’d get as good an explanation.
(All y’all DevOps-heads out there can fancy this up by name checking the Dunning–Kruger effect. As a side note, if you look at the part of my chat session [towards the end] where I try to get ChatGPT to use all of this an example of Dunning-Kruger, you can see another fun teaching moment: an explanation that is totally unexpected [by me] due to different framing that I’ve been taught to have when it comes to Dunning-Kruger. That is, in the DevOps world, you often invoke behavioral economics and cool psychology tricks when you want to point out problems, be sarcastic, and otherwise be negative.)
Teachers are in short supply, and it’s impossible to search for answers like this, let alone ask for a new explanation, ask for clarification, etc. And yet, there’s so much worrying about ChatGPT ruining education. As with so many tools that can automate “the basics,” the initial freak-out reaction misses the benefits of doing away with bullshit work. When comes to education, there’s another benefit: scaling teaching, trying break the constraint of the supply of human teachers.
One of the most eye opening things I learned as a student was that to be a good student you have to learn how school works…how to do the actions of student-ing. There are deadlines for turning in work. You will be told what needs to be in your history paper (the KPIs/MBOs/OKRs!). You must write your citations in this one format. You need to show your work in math. You can read a 400 page novel easily if you just read a little bit of each day. You should be taking notes as you read that book, and in class…especially if the teacher has told you what needs to be in your essay at the end. When you take a test, go through any answer all the questions you know the answer to first and skip over the ones you don’t know; that is, don’t get blocked on question three out of ten, when you know the answers to questions 4 to ten.
I don’t think we exactly know how to integrate something like ChatGPT into that “student-ing.” I mean, it’s only been in the mainstream discussion for, let’s say, five months. There hasn’t been enough time to learn what works and doesn’t work.
Socrates famously thought writing was a terrible technology that was going to destroy society. Like so many things, he was being an arrogant dumb-ass. Never mind video games, I think calculators were going to destroy society, and people think that having a computer in your pocket and access to the Internet is going to destroy society. I’m pretty sure people thought type writers were going to destroy society, and for a couple centuries, printing a book always ran the risk of being burned at the stake.
Instead of worrying about students using ChatGPT to cheat, and, thus, destroy society, maybe we should all focus on how to use it as a new tool. That’s what the history of everyday technology would teach us.
We’ve soft launched a new business selling enterprise support for Spring. If you’re involved in software and IT in a large organization, I guarantee you you’ll be interested in this. If you know what Spring is, you know why: it probably runs huge chunks of your business.
If you work in IT, even if you have no idea what I’m talking about, you should be interested. Pretty much every large organization builds and runs Java app, as RedMonk shows every year. This means most of them use Spring. Spring is everywhere and runs a large portion of the world as we know it.
As with anything that helps run there world, as versions of Spring (and especially the wildly poplar Spring Boot) come and go, you’ll want to get bug and security patches, including for very old versions that aren’t exactly supported well for free by the open source community. Plus, you’d like someone to call when you have questions, and it’s always cool to have training and certifications.
Anyhow!
You can buy Spring support now, just on its own, very straight forward and easy. It also includes tcServer, Tomcat, OpenJDK support. Don’t hold me all of this: I haven’t, like, taken the training to know the official menu. I’m just going off the web page.
And, yeah, this is enterprise software so you can’t just put your credit card into gumroad or something: you have to contact us to talk with an enterprise sales rep. I mean, you’re probably going to need to deal with your EA compliance cabal, and, then, procurement department, so, like, we’re already in the enterprise sales game zone. Also, make sure to ask them for a fancy steak dinner (unless you work for the government, I guess). And don’t miss out: ask before and after you close the deal.
I’m writing about this at length because I’m excited about it, both on its own, but as a strategy experiment. Pivotal and, now, VMware1 haven’t really directly monetizing the Spring Framework as much as they (rather, “we,” since I work here) could - as much I thought they should.
This is largely on purpose: the Spring open source community there has done well to remain, like, “pure.” Things have been fin! I work there, so I’ve seen plenty of second-order monetization over the years, both by us and others. Spring runs fantastically in the Tanzu Application Service (previously called Pivotal Cloud Foundry) and is first in line for support in our Kubernetes platform toolkit, the Tanzu Application Platform. And, you pay for Spring directly when you use the Microsoft Azure Spring Apps service. (With all my “hold on, this Kubernetes thing might be going too far?” waffling, I’m starting to think that some of the people I talk with who want want to make Kubernetes easier to use for developers just use that and get on with their lives.)
However, all the time, every year, we encounter the basic question “can I pay for Spring support?” Strategically, it’s also a fun experiment: it’s selling directly to developer groups, a very simple value-proposition (versus the very valuable, but very big and complex platform products we have), and, you know, kind of obvious. It’ll be fun to see how to turns out.
I don’t really understand all of this, but there’s also a lot of stuff going on in the Java world in at the moment (and through the next year) that creates a market window. That’s the seller-side way of putting it. On the buy side: there are some decisions to be made about how you use and get support for enterprise Java applications coming. Some of these are pure business, and some of them are just standard upgrade cycle events.
DevOps Thought Leader: if you have a group called "DevOps Engineering," you have no idea what DevOps is. You should at least feel bad if it’s your title. [Crowd laughs.]
Platform Engineering Thought Leader: Got it. Here, hold my beer. [Squints and grins]What if we called the group "Platform Engineering."
DevOps: Wait, hold on, that's not what I meant...
Platform Engineering: Hey, sorry, I was busy. Just launched a Slack and conference. posted 20 sponsored articles on The New Stack, and my O'Reilly book is coming out next week. Gotta go finish that post on Backstage sprawl now.
DevOps: …
Platform Engineering: oh, also: could you retweet my thread on “ten things you’ll got wrong about platform engineering”?
Has business travel decreased, or it just me (and the tech world)? Ask perplexity: “Overall, it seems that while corporate travel budgets are recovering to pre-COVID levels, the number of trips taken is still lagging behind. Spending on international business trips is expected to pick up in 2023, but the frequency of work trips is unlikely to fully recover.”
Culture is impossible, tools are easy.
“I would dearly love a world full of these things. It takes me back to the days of a more creative time on the early internet, and makes me wish for a future that has more of this in it.” Here.
What’s the 2023 take on the ethics of being annoyed? Not like, offended and hurt, just, like, annoyed in the way a kid if upset when you serve the Brussels sprouts.
“I need a respite for my mind.” Dear John Letters #23
I’ve been using HEY! again for email. I almost am there in liking it. I can’t wrap my mind around the idea of no archiving, and I don’t really like the way it lists The Feed. I want my newsletter subscribers to show up as one line and hide the ones I’ve already read. But, as I said to Dave Briggs when he asked me about it: “I have this ongoing theory in my digital life, though, that I should stop using tools that are too perfect, and instead use tools that seem to embody (or limit you to) a certain world view or life-style that looks good. Hey certainly seems like that. It's a kind of attitude about email that's a little less perfectionist/completionist. It doesn't value email as much? I don't know.” This is a twist on the #DefaultsLifeStyle.
Also, he started a newsletter. You should try it out!
Amazon Prime Video’s Microservices Move Doesn’t Lead to a Monolith after All - The New Stack - At this point, who knows anymore? I think the secret to being a grey beard in tech is to never say “oh, that’s just like SOA!” but instead to just nod and say “wow, that’s a great idea!”
Facebook’s Threads is so depressing - Fantastic writing!
Five Nos - “‘yeses’ matter more than ‘nos,’ and taking more chances generates more of each. While there’s a near equal chance of getting told ‘no’ in our endeavors, in virtually all cases, there is no penalty for that rejection beyond some brief discomfort or embarrassment. On the other hand, when you get a ‘yes,’ there is likely a positive outcome on many fronts.”
How legacy tech can kill recruiting efforts, increase attrition and ruin the employee experience, Conner Forrest - “451 Research’s Voice of the Enterprise: Workforce Productivity & Collaboration, Employee Lifecycle & HR 2023 survey listed ‘candidates expect software or tools we haven’t adopted’ as the top recruitment challenge (52%) they face. To put that into context, the next-highest response was expectation of flexible work (42%) and then compensation expectations being too high (40%).”
Rocky Linux project details how it will live on - “Nobody chooses RHEL because it’s state of the art. It isn’t. In fact, it’s about as far away from state of the art as it’s possible to be, and in the rapidly changing world of open source, that’s a very desirable attribute for a certain type of purchaser. They choose it because one specific version will be supported for a decade plus, and that in turn is why vendors support RHEL, and often nothing but RHEL.” // Also, the tricky way one of the clones plans to get the RHEL source code to make their clone distro.
Gartner Survey Finds 79% of Corporate Strategists See AI and Analytics as Critical to Their Success Over the Next Two Years - This seems very true: “Strategists said that, on average, 50% of strategic planning and execution activities could be partially or fully automated; currently only 15% are.” And if you established a stranded memo format, even more so. And you could have it generate presentations for you. Key will be, as always, getting access to the market and internal data needed.
Talks I’ll be giving, places I’ll be, things I’ll be doing, etc.
July 11th How Cloud Native Improves & Ensures Security, Governance, and Trust in Finance, online talk. August 21st to 24th SpringOne & VMware Explore US, in Las Vegas. Sep 6th to 7th DevOpsDays Des Moines, speaking. Sep 13th, stackconf, Berlin. Sep 14th to 15th SREday, London, speaking Sep 18th to 19th SHIFT in Zadar, speaking. Oct 3rd Enterprise DevOps Techron, Utrecht, speaking
Of course I have a Threads account now. Having seen the meager uptake of other social networks over the years, I’m overly pessimistic, but I give this one a 70% chance of being wildly successful. If they actually do good stuff with whatever open standard, it’ll be like a new type of RSS. If they let me merge my Mastodon account, that’d be amazing. (Is that a thing you do with Mastodon? I know you can move to a new account, but you can merge your old account into your existing new account?)
Tomorrow I have the first installment (hey, it could always be the last installment if I get bored with the idea or just forget I was going to do it) of The Podcast Review. Here is the premise I was talking about (also) with Brandon this week:
I listen to a lot of podcasts, and have for, I don’t know, over 20 years. I’ve made and make a lot of podcasts. You might call me both a podcast listening and podcast creating expert. In the classic sense: a critic. I should review podcasts more frequently!
Make sure you’re subscribed so that you’ll get it!
Actually, it was VMware that bought SpringSource way back in 2009. This was baffling to everyone, including me, at the time. It turns out it was baffling to VMware at the time too, who in 2013, eventually bundled it with Cloud Foundry (and Greenplum and Pivotal Labs from VMware’s parent company, EMC) to spin out Pivotal. Now it’s back under the same roof! If you do the annual fiscal year planning math, this means that sometime around early 2008 at the earliest, VMware thinking “we gotta get into this developer world stuff.” That was way too early for them, at least under the structure and strategy that Wall Street was valuing their stock price on (and, perhaps, VMware’s capabilities to put grow SpringSource revenue by putting place sales synergies - the only synergy that really matters). And now, a few years after acquiring Pivotal back, the time is finally right for to add on the developer business. At least I think so: I work there after all!