VMblog: If you were giving a KubeCon attendee a quick overview of the company, what would you say? How would you describe the company?
Fernando Diaz: GitLab is the most comprehensive AI-powered DevSecOps platform for software innovation. Our open core software development platform enables organizations to increase developer productivity, improve operational efficiency, reduce security and compliance risk, and accelerate digital transformation.
VMblog: How can attendees of the event find you? What do you have planned at your booth this year? What type of things will attendees be able to do at your booth?
Diaz: KubeCon attendees can find us at Booth M1. We have a lot of exciting programming planned for our booth this year including informative lightning talks on topics such as AI, DevSecOps, observability, and developer experience from GitLab team members, as well as partners like Oracle and Nutanix.
VMblog: Have you sponsored KubeCon + CloudNativeCon in the past? If so, what is it about this show that keeps you coming back as a sponsor?
Diaz: Yes, this is GitLab's 6th year sponsoring KubeCon. These events provide a great opportunity to engage with the developer community, learn about new technologies, and get inspired. As an all-remote organization, we value any opportunity to get face-to-face time with our broader community, partners, team members, and contributors.
I particularly love getting to connect with the GitLab community, and hear what they have to say about the product. Having so many fans makes me very happy to be working at GitLab, knowing we make a positive impact on the developer experience.
VMblog: What do you attribute to the success and growth of this industry?
Diaz: The open source community continues to grow due to its strong focus on innovation, community building, and diversity.
GitLab began as an open source project, and has grown to where it is today by staying true to its foundational open source values. The company wasn't founded with a grand plan or ambitious vision-it began with the intent to provide a simple solution for developers, and grew through iteration, contributions from inside and outside the company, and collaboration.
It's wonderful to see the industry-wide commitment to these principles shine through at KubeCon + CloudNativeCon.
VMblog: What are you personally most interested in seeing or learning at KubeCon + CloudNativeCon?
Diaz: I am interested in seeing and learning so much at KubeCon + CloudNativeCon. A few highlights include:
- The progress made on the Kubernetes Ingress-Nginx Controller. I used to be a top contributor to that project and would like to see all the improvements made since then.
- I'd love to attend the SecurityHub, the Security Unconference, to learn more about the latest security best-practices involving Kubernetes!
- Learning how to Contribute to some of CNCF projects from maintainers and the greater community at Contribfest.
I look forward to seeing all of our customers and community contributors at the booth to learn how they are using GitLab and how we are making their life easier. Also, excited to make friends and have fun!
VMblog: Can you double click on your company's technologies? And talk about the types of problems you solve for a KubeCon + CloudNativeCon attendee.
Diaz: There are several different types of challenges that GitLab can help solve that attendees would be interested in. Some key solutions that GitLab provides are:
- Tool consolidation: When organizations begin implementing DevSecOps, they often experience toolchain sprawl by linking together multiple point solutions. GitLab provides organizations with a single, comprehensive DevSecOps platform for development, which includes all the tools needed to Plan, Build, Secure, Deploy, Monitor, and Govern.
- AI for software development: AI is integrated into the complete software development lifecycle, providing users with features that can assist you in writing and understanding code, explain potential vulnerabilities, and identify the best team member to review code, which can increase developer productivity.
- Built-in security and governance: GitLab enables better software supply chain security by providing security scanners and controls to suit customers needs in detecting, managing, and helping remediate vulnerabilities. Furthermore, we can assist in adhering to compliance with granular security policies.
- Cloud agnostic Kubernetes integrations: GitLab is extremely flexible by giving users the ability to leverage any cloud deployment model they wish to use.
VMblog: Where does your company fit within the container, cloud, Kubernetes ecosystem?
Diaz: GitLab works alongside Kubernetes in three distinct ways. These can all be used independently or together:
- Deploying software from GitLab directly to Kubernetes allows you to have oversight into what is running on your cluster directly from code changes (GitOps).
- Using Kubernetes to manage runners attached to your GitLab instance allows you to autoscale by creating a pod for each GitLab Job.
- Running the GitLab application and services on a Kubernetes cluster to take advantage of all of Kubernetes benefits (ex. Horizontal Scaling) making your GitLab instance easy to manage.
These features are native to GitLab and support various Kubernetes Cloud Providers (GKE, AKS, etc.).
VMblog: With regard to containers and Kubernetes, is there anything holding it back from a wider distribution? If so, what is it? And how do we overcome it?
Diaz: While containers and Kubernetes (Container Orchestration) have become extremely popular in modern deployments, there are several items holding it back from wider distribution which include:
- Complexity or knowledge required to operate
- Limited team size
- Small scale service
- Monolithic applications
Organizations can overcome these hurdles by partnering with vendors and suppliers that provide support for Kubernetes, and implementing training for developers. It's also important to note that not everyone requires Kubernetes and that's ok. You must first assess if Kubernetes will benefit your organization. An example of when to leverage Kubernetes is when you have a large set of containerized microservices in which Kubernetes can be used to easily manage scaling, self-healing, storage, load-balancing, rollouts, etc.
VMblog: Are companies going all in for the cloud? Or do you see a return back to on-premises? Are there roadblocks in place keeping companies from going all cloud?
Diaz: Many companies are going all in on cloud. In fact, GitLab's 2023 DevSecOps report found that more than two thirds (68%) of organizations have a hybrid or multi-cloud approach for application deployments. This is likely due to the vast amount of advantages over traditional on-premise deployments, such as:
- Predictable cost
- Infrastructure is maintained by the cloud provider
- Security is implemented and maintained by the cloud provider
However, there is still a big need for on-premise deployments for the following key reasons:
- Requirement of air-gapped or limited internet connectivity environments, usually seen in high security organizations such as defense, energy, banking, etc.
- Requirement of complete control over the infrastructure
- Legacy systems which are hard to migrate
Migration is usually a heavy-lift and requires planning, but the benefits of the cloud outweigh the challenges of migration: GitLab's research found that organizations with at least 25% of their apps in the cloud are 2.2x more likely to be releasing software faster than they were a year ago.
VMblog: The keynote stage will be covering a number of big topics, but what big changes or trends does your company see taking shape as we head into 2024?
Diaz: 2023 was a big year for AI adoption in software development. While AI in code generation has been dominating press cycles, we've heard from our customers, as well as the broader GitLab community, that more and more DevSecOps teams are using AI for more than just writing code. They're using it for code reviews, vulnerability explanations, testing, value stream mapping, and more. In 2024, we look forward to seeing the fruits of this year's AI adoption, and anticipate that more companies will integrate AI into all functions of their DevSecOps workflows, unlocking the true power of AI.
VMblog: Are you giving away any prizes at your booth or participating in any prize giveaways?
Diaz: You can swing by the GitLab Booth (M1) to learn about the new AI and DevSecOps features we are implementing, chat with GitLab experts, and even grab some great swag! I will be hosting an AI trivia game at the booth, where you can come compete and win some cool prizes.
VMblog: Is your company sponsoring any type of party or get together during the event that you'd like to notify attendees about?
Diaz: We sure are! You can join us for an evening filled with food, drinks, music, and networking opportunities with fellow KubeCon attendees at DevApps & Brews held at AceBounce on November 8, 2023 from 6:00 pm - 9:00 pm CST.
Click here to RSVP.
VMblog: Do you have any advice for attendees of the show?
Diaz: KubeCon is a great opportunity to learn more about Kubernetes and the Cloud, but it's even more important to network with such an amazing and diverse community!