OSPod #30: Edgar Magana of Workday
If there was an award for “The Nicest Guy in OpenStack” my vote would be coin toss between Edgar Magana from Workday and Tim Bell of CERN. Actually, Sean Lynch, Metacloud Co-founder is right up there, too, but since he’s technically my boss’s boss, he’s inelgible for my vote. But I digress….
Edgar’s story begins with his “low income” upbringing in Mexico, to an interest in computers, a PhD in Computer Science in Barcelona, and a great career as an authority on OpenStack at Workday. The most difficult part of Edgar’s journey? Learning English!
This episode was certainly one of the most pragmatic shows we’ve done. I expected to hear a bunch of enthusiam about OpenStack Neutron, but that wasn’t compeletely the case. Edgar, formerly of Cisco, shared his opinion on the readiness of Neutron for large-scale production workloads and where OpenvSwitch falls short (40-50 nodes, in case you’re wondering.) Edgar believes that from the operator perspective, Neutron still has shortcomings and more must be done to simplify networking for developers and operators.
Edgar was also kind enough to share information about how he and others have transformed the team at Workday to take advantage of the agility that cloud provides. Through training, labs, and bringing departments together, Edgar is biulding a private cloud suitable for scaling and deplying Workday’s data-sensistive applications. We closed out with Edgar’s willingness to build diverse teams—something Edgar is passionate about since he has one daughter and another on the way. (Congrats!)
If you follow Neutron, SDN, or networking in general, don’t pass this podcast up!
See past episodes, subscribe, or view the upcoming schedule on the OSPod website.
For a full transcript of this podcast, click “Read more,” below
Niki Acosta: All right. Good morning, good morning, good morning. This is Niki Acosta from Cisco. Jeff is off today, so he will not be joining us. However, he might be spying on us from an airplane. I’m not sure. We have an awesome guest with us today, Edgar Magana from Workday. Edgar, introduce yourself.
Edgar Magana: Hey, thank you and good morning everybody as well. My name is Edgar Magana, I’m the cloud operations architect here at Workday. We are one of the top 20 as companies here in the bay area. It’s an awesome place to work for. To be honest, it’s been a change in my role. I just work for networking companies such PLUMgrid or Cisco, and now I’m in the operator side, so it’s very, very excited.
Niki Acosta: Edgar, we typically start the podcast by asking about you. How did you get into tech? Obviously, you have an accent. Tell us where you’re from and how you got to OpenStack.
Edgar Magana: Absolutely. This is a lot of fun. I was always curious about technology since I was a kid. I just broke every single toy that I have when I was a kid, because I wanted to find out how they really work. I knew I wanted to be an engineer, something like that. My daughter, who is 4 years older than me, suffered the most, because I use to broke their toys as well, because they were more fancy than mine. Sorry about that. Sorry sister. Anyway, as I start growing up, when I was at elementary school, this is something that really changed my life because I was lower than average student, but I was smart, kind of.
Anyway, the thing is the principal in my school, who was a very good guy, told me one day and said, “Do you like computers?” I was like, “I guess so. I like video games. I never really played with a computer.” I hear about it, but no idea, right? Early ’80s. He was like, “Okay. I can make a deal with you. If you actually get better grades, I can let you play with my computer.” I don’t know, 20, 30 days later, everything was an A, everything. I came back to him and he actually let me play with the first computer that I ever touch in my life. I was playing chess, and it was awesome. From that moment, I decided that I wanted to be involved with computers from whatever.
I’m originally from Mexico. The technology over there is a little bit behind of what we have here, so I had read everything in a different language with terminology that I didn’t even know about it. I tried to take as many magazines that I could get, as many … Internet at that time was not even something, especially for me. Whenever I could have the chance to get my hands in some electronic device, I did it. My first computer was a Commodore 64, and I was having a lot of fun with it. Before high school, I was able to play with my first program in language, which was Logo. I don’t know if you ever knew about that one, but it was a lot of fun. That’s where I’m coming from, very proud of the roots and the things that I’ve been doing so far.
Niki Acosta: I’m from El Paso which technically almost makes me from Mexico. My dad was born in the Philippines and my mom is a Caucasian. Culturally, I think my twin sister and I are more Mexican than anything else.
Edgar Magana: Your last name is a typical Spanish last name.
Niki Acosta: I know. I have to explain how Spain invade the Philippines, and made people pick names out of a book, and they’re like, “Oh, okay.” Good times on that. That’s interesting. Growing up in Mexico and learning, did you teach yourself English by way of tech as well?
Edgar Magana: I always say to everybody, the hardest single thing for me was actually English. As you can tell that I’m still having trouble pronouncing some words. It’s very hard for somebody who’s coming from a low-income family in Mexico, because you don’t have access to good teachers. Most of the people that you learn from … There were some other countrymen that came here in America, learn some English, and they went back to get a job. You’re accent is even worse, because you’re learning from somebody who doesn’t even speak properly, but this is what you have. I’ve been always in English courses, I don’t know, my entire life. Well, not anymore. I just talk to people here and that’s my keep training.
It was very hard. As soon as I have the opportunity to move to a different country, I did it. When I grad from school, I went to Spain, Barcelona specifically, to start a master and a PhD on computer science. I know Spain speaks Spanish, the same thing, but actually was an internal PhD, so I did collaborated with a lot of people from Europe in general, like France, UK, et cetera. I start taking more courses over there. Now my teachers were from UK, so I could speak a little bit more proper English. It was a very fun journey actually.
Niki Acosta: It’s so cool that you made that journey, most certainly, like you said, coming from a low-income family in Mexico, and then getting to do a PhD. What was your PhD dissertation on?
Edgar Magana: That’s a funny part. I knew I like working. When I joined the PhD, the research team at the UPC in Barcelona, it’s the University, it was around network management. The hot topic at that time was distributing systems, and the hot topic inside this distributing system was great computing. If you ever view what is great computing about, it’s actually a lot of foundation of what we have right now with cloud computing. My PhD was policy waste management system for great computing.
Niki Acosta: Probably coming full circle now. That seems to be a hot topic currently inside of the Neutron Project, right?
Edgar Magana: Exactly. It’s coming back.
Niki Acosta: Yey. That’s cool. It’s worth it. At the end of the day, you did learn something that was applicable to what you’re doing in your career which is different than most people we talk to on the podcast, kind of interesting.
Edgar Magana: Yeah. The foundation about policy waste management, it’s been there for probably 15 years now. It’s nothing new. Having these what we call PDP, policy decision points, PEP, policy enforcement point, they’ve been there forever. Now they call it [inaudible 00:07:01] points or something different, but actually the idea behind them, it’s nothing new. Now, what is new is actually the backend technology. Moving from cord networks, physically wired, to these virtual networking, it’s what is different. Obviously, some of the terminology needs to be adjust and adapted to this new backend systems.
Niki Acosta: You work at Workday as a … You’re a cloud operations architect, right?
Edgar Magana: Mm-hmm (affirmative).
Niki Acosta: What is Workday doing with OpenStack?
Edgar Magana: Well, that’s a good question. As any other sales company, we host obviously all our application. Our data centers are really becoming huge. Workday is one of those companies who decide to invest on their own people, their own application. We design everything from scratch, internally. Every single Workday application, which are right now oriented to finance, human resources, recruitment, analytics, et cetera, is being designed from scratch here. Everything has been working nicely on the bare metal side. We are growing. We are getting more and more customer. Our projection for this year and the next ones are really, really impressive, which means our operations planning for our hosting services should grow.
What’s the problem? The problem is running on bare metal will identify that we are just consuming probably 20, 30% of the CPU for every single server that we have in our data center. On the top of that, in memory, we consume no more than 50% for the server. We have typical use case that we need. We urgently need to virtualize services for both, our dev environments and also for our customer’s environment. I [inaudible 00:09:03] back in June last year. They already have a project to create what is the project that is called WPC, Workday Private Cloud. They already have an engagement with OpenStack.
They did some POCs. They like it. They like the APIs. They like the OpenStack foundation, that it was not a crazy open source project just hanging around. They invited me to be the chief architect for this WPC. Since I joined, we’re just working on creating the new data center from scratch again. We are not extending our data center. We’re actually creating new ones, physically located in the same places, but the cord network, the aggregation network, and obviously the virtualized layer is all new, and it’s a very amazing and awesome project.
Niki Acosta: Are you guys using any public cloud resources at all, or for security reasons, can you not do that? Is that an option?
Edgar Magana: We do it for development. For our customers, we cannot do it obviously for security reasons, as you said, and also for compliance. We manage very confidential information from our customers, and obviously we keep everything very secure. Even myself, chief architect, I don’t have access to our customer’s data. We just use public clouds like Amazon Web Services for our dev environments. We went to be as fast and dynamic. I don’t know if you notice, but one of those few companies that we deliver a new patch every Friday night. Every Friday night the software is updated for all our customers at the same time, in a very short period window.
Niki Acosta: How are you guys currently handling that, versus how you will handle … I don’t know. Are you running OpenStack in production today?
Edgar Magana: Not yet.
Niki Acosta: Not yet.
Edgar Magana: Very soon, otherwise I would get fired. We’re very close to do that. It’s a huge project. We have integration of 3 different teams, our cloud [inaudible 00:11:12] team, which is focusing on the software development. We have our dev ops team, which is focused on the Chef deployment of OpenStack. We have Chef base companies, so we extended all the stack for open source Cookbooks for OpenStack deployment. The third team is obviously our infrastructure team, which actually help us to move out of our nice, very well-designed dev environment into the real world, which is the data centers, with minimal connections, a lot of security requirements. It’s not easy, believe me. Going to production has been a very good challenge, but we’re almost there.
Niki Acosta: Tell me about the cultural aspects. I’m asking that because when I go and I talk to big companies about cloud deployments, it seems like the traditional infrastructure teams are almost at odds with some of these developers who are writing next-generation super-scalable applications. Are you finding it easy to navigate and walk that line in between traditional infrastructure teams, people who are comfortable using bare metal or VMWare and now ushering in this new platform for everything moving forward?
Edgar Magana: Yeah. That’s actually an amazing question. I’ll tell you why. The good thing about Workday is it’s still a young company. We just [inaudible 00:12:47] a couple of weeks ago. Most of the teams are very young and they are very open to learn now things. However, we manage very important information. The most difficult thing to deal with is security. It’s not because they are not nice guys or they want to be mean with us. It’s because they know how important it is to keep that zero number about security breaches that we have had so far. None so far. We want to keep it that way. They are sniffing every single piece of code that we write. They actually pen test, penetration test, for all the OpenStack code. We found very good things. We’re planning to provide all these information back to the OpenStack community obviously.
Coming back to the insights, the technology that they are running on the data center has been designed locally. Now, here comes this guy who looks like came from South America, Central America, whatever, they don’t even know where he’s coming from, with this open source project, and they have lot of questions. It’s been part of my job to do a lot of evangelizations inside of Workday, explaining, educating, actually motivating people to get in love, as I am, with OpenStack. They are getting it. It’s been a little bit difficult at the beginning as any change. The inertia, the beginning is very hard. Then you release a little bit of friction, and then you have all the way for the transition. We are in that mood right now. The company is ready. They are yelling at us, “When can I get it? Where can I have that API code that is going to give me [inaudible 00:14:46] and all that dynamic, all the networking?”
It’s so funny. Workday is a typical company who designed everything very well, very structured, but at the same time, it wasn’t very dynamic. Every time that they, each team, receive a ticket about “I need to have this new port open” the typical networking case, “I have to have this new application running now. I need a new port open.” It will take 2 or 3 weeks to get that. Security has to approve it. [Inaudible 00:15:22] has to test it. There are changes in 5, 6 routers in 10 different switches [inaudible 00:15:29] enabled. It was a nightmare. We were transitioning from that model to the new virtual network model, and everybody is in love with it. Just one guide, review the policy, send in to our network management system, deploy it into the inside. We do some validation down. The ticket can be closed the same day it was opened.
Niki Acosta: That’s amazing. [Inaudible 00:15:56] something that took 2 or 3 weeks to a day. It has to be positive for the business.
Edgar Magana: Absolutely. We are growing really, really fast. Our [inaudible 00:16:07] team should keep that momentum, should keep growing at the same side. We like to grow up in a way that we are making our customers still very, very happy. Aneel who is our CEO, he always say to the whole company, “The most important things for us is the customer’s satisfaction.” We are on the top 98, 99, the last time that we were review. He doesn’t want that number to go low for any [inaudible 00:16:37] reason. We’ll review everything 2 or 3 times. We do a lot of testing. We keep things very seriously, but we also have our very good environment.
I will tell you, the 100% software development environment is very different today. Infrastructure of the operation environment, these guys, they know how to have fun for sure. The cloud environment is more introverted environment. The infrastructure operation is thorough extroverted, and I enjoy in being part of both. It’s so amazing.
Niki Acosta: I’m sure they’re benefiting from your expertise. Let’s talk about that a little bit. You mentioned having worked at PLUMgrid, having worked at Cisco, now very much still involved as a core contributor to Neutron, how’s the Neutron Project going?
Edgar Magana: It’s going very well. It’s been a very difficult journey for all the networking people at OpenStack. The first networking project, when it started back in the Santa Clara Summit 2012, which actually was the very first summit I attended at. It was I think the third summit. It was a bunch of people coming from Reseda, now VMWare, Citrix, Cisco, Entity, and a few other companies that we came together to say, “Yeah, nova network looks great.” I think it’s natural as the other projects involved, nova volume and [inaudible 00:18:17], et cetera, into its own project.
We have, at that time, 2 main objectives. The first objective was to keep power to the tenants. With nova network, it’s a cloud operator who provides the networking to their tenants. The tenants, they don’t have any power to actually create their own networking, so the network isolation is limited to certain technology like VLAN. Our first goal was to provide that power to the tenants, so they can create any kind of rich topology for their own applications. The second part was how can we make these systems pluggable. We have a lot of backend technology, so we want you to have it in such a way that we can connect Linux bridges, or Open vSwitch, or for instance, a [inaudible 00:19:13] router, or something else, anything that we can grab it from the open source, or even vendor specific technology.
We create these quantum project at that time. As you know, we have to change the name for some law issues because we were like … I don’t know. The Quantum company wasn’t very happy with the name, so we chose the Neutron. It was just the main reason everybody knows about that. It’s been, from the [inaudible 00:19:46] are very challenged project. We have different vendors who has different ideas. We implement technology in different ways. Trying to make a project isolated 100% of any vendor specific idea, it was very hard, but we did it as much as possible. Then it was a point of how we really make it that we can replace this simple nova network. We ended up having a trade-off. What did you want? Do you want complexity, assuming that you will need to train your own operation people on the network in side, or do you want to keep it in the simplest case where you cannot extend it as much as you can do it with the Neutron?
It’s been a discussion. Everybody called this discussion the nova network replacement as being forever. We’ve been trying to duplicate nova network for many summits. Every time that we provide a migration patch, we find out that it’s not very easy. We probably miss a little thing that it makes nova network guys to slow down the migration and the deprecation. It’s nobody’s fault. It’s just we ended up having 2 very different technologies and 2 very different ways to do things that maybe it make sense to keep it both. Why not? If I just want to have a simple flat networks, I don’t care really about isolation between my tenants, because I chose them, because it’s just a dev environment. Who cares about that? Maybe nova network, it’s good to know. You don’t need to go to the Neutron side.
We didn’t make Neutron complex just because we like complexity. It was an evolution of where we had a hand to actually provide the same kind of functionality that we already have in nova network and also extend it for vendor specific. What was available at that time, just simple Linux switches without the tables, and then we extend it onto main spaces to provide more routing functionality. It’s a very nice architectural design. Whoever it’s reviewing that, it will say, “Wow.” It’s highly complex, but it’s also highly functional in terms of the features that it can provide, tenant isolation, routing, flooding IP addresses, security groups, you name it. Now it’s extend through services.
Back in the Boston Summit we were talking about services insertion for the first time. I remember I was leaving that session, and everybody was like, “Is this an API? What is this?” It was too soon for services insertion, but we knew at that time that we had to extend Neutron to be able to provide functionality for other so-called advance network functions like load balancing as a service, Firewall as a service, et cetera. I do not believe they are advance features, networking features. They are just network functions. Now they are very well known as NFEs. We are able to extend our APIs to actually adapt those things. It’s a very rich project, has lot of functionality, has a lot of components. Obviously, we extend the [inaudible 00:23:34] system, we extend the agents. We have obviously the API server.
It’s been a very, very nice and also challenging role so far, but it’s very enjoyable. The team is also willing to fix bugs, to collaborate more. We’re trying to finally getting a very specific document about networking. Hopefully, for Vancouver, we will be able to release the networking guide just specifically for Neutron.
Niki Acosta: Yey. That will be awesome.
Edgar Magana: Yeah. Got 2 patches there.
Niki Acosta: Yeah. Look, I would say probably without a shadow of a doubt, the project that’s probably most intimidating, to me at least, and I know that there’s others that shares this sentiment is the Neutron Project. Just STN in general is a quantum leap from what people are accustomed to doing in the network space. I want to ask you anther question, because I hear both sides of this argument, and I know you did a talk with Randy about it a while back. Is Neutron ready for production? Is it stable enough? Does it scale enough? Is it a project that you feel comfortable telling people you can trust this today?
Edgar Magana: Back in time when I was in San Francisco, with Randy, my answer to that question, if I recall probably, was just for private clouds, not for public clouds. Especially because the public cloud supports a higher level of security between the tenants. It was very difficult to provide that with the native tools that we are implementing in Neutron. I just mentioned to them I have the tables inside our main spaces. This combination between having a Linux switch and then an Open vSwitch bridge, and then creating [inaudible 00:25:31] to create tunnel, like end to end connections in order to provide these security groups. I believe for production system, that is not going to work 100%. We need to have a better way to handle these things.
I’m not saying it doesn’t work. Ultimately, it works, and it will scale. I’m telling you, as an operator, if I have to debunk an issue there, I need to have 10 of my guys who are an expert in network virtualization, bedsides to be experts in network, in order to find where the packet has been dropped. Then I need to run tools like TCP dump in 4 or 5 different interfaces. Is that really what I want for my data center? Now in a position, let me wear my … Let me take away my hat as an OpenStack Neutron developer, and I put in my hat as an operator. My answer was, “Come on, no way. I need to find another solution.”
Fortunately, Neutron provides a way to do that. We have a highly pluggable system. We have a very good technology out there that will mitigate that nightmare. One of the first controllers plug-ins that we have at Neutron was the openflow plug-in. It’s been extended to a certain level. We have also other open source plug-ins like the OpenContrail one, who provides that held to the operator, besides to provide an extra level of backend technology. Every time that I’ve been asked about Neutron in production, I’d say “How is the network [inaudible 00:27:22] layer will be provide?” It’s just going to use OVS and you will figure out everything, or Linux bridge, and you will try to figure out everything by yourself. Good luck with that. I think you need an extra help solving to provide you the information in a centralize point. It could be as simple as slot system in the backend, or as complicated as a fancy UI, proving some graphics about the nova functionality. We tried to collect analytics and let you predict some failures in the network.
This is what the operator wants. We don’t want something as [inaudible 00:27:58] if I need to open 10 different screens to find where the backend system dropping. There’s nothing wrong with Neutron. We are using all the open source tool that we have available. The data, somebody came out with that open source dynamic configurable turning mobile to do routing, and switching, and security groups altogether, we will replace where we are right now, and it’s going to be much more simpler, but right now it doesn’t exist.
Niki Acosta: When do you think that will happen if you had to predict? Who’s going to come out with that first?
Edgar Magana: Obvious is it’s being working on that for a while. I think any time soon, they will release a new version. We’ll make the ACLs configuration much more simpler. That will simplify the network configuration a lot, especially on the Neutron side. We will start that alignment of having to use, or the need to use Open vSwitch. Now the Open vSwitch will provide much of that functionality. As soon as that system is … My concern on that system will be the performance. So far, and I’m talking in behalf of Workday, we test Open vSwitch at the highest scale and the performance was really bad after 40, 50 nodes. We have our concerns that we actually decided to not use it because of that. It’s about also not just about providing other features, also it will scale properly and the performance would now be degraded.
Niki Acosta: What’s the best bet right now for large-scale cloud users that want to go down the Neutron path? I’m hearing from you that as an operator, that it definitely has some short comings. If I wanted to go that route now, what should I look at? What should I be evaluating? What kind of skills do I need on my team to be able to validate that my implementation is going to work?
Edgar Magana: It was funny. When I came to what they … There were a lot of confusion about the use cases. It’s funny to think about that, but sometimes the operator itself doesn’t know very well the use case, or there are a lot of confusion about it. There were people asking me, “Do we really need this Neutron thing?” I would say, “Hell, you need it. Otherwise, you won’t be able to fulfill even the simplest use case that we have here at Workday.” I found that a lot of times they need to understand that our use case is first. Do we really need security between tenants? What level of security do we need, at the port level, at the back level? Why don’t you have all those questions answered? You need to find it out what are your requirements of them of performance. Maybe over the years, we’ll be good for you, we’ll be enough, and you can try to implement it, and now you need to look for other alternatives.
On all the LCN space, I will also recommend operators to look for who’s really changing the way things will work in the data center. There are few LCN companies that they rely on the OVS, which mean your backend technology is [inaudible 00:31:25] OVS. You need to think about OVS performance in other stages just Linux switch. You need to think about the Linux switch performance. For the ones who wants more functionality and they’re looking for this controller, LCN controller base, well, you need to find it out if that LCN really change the backend technology, if this is a new model, and how it’s going to perform.
Back into the operator’s training and technology aspects, most of these guys, they … I’m finding it out. They are very good at the core level, at the core technology. They do understand very well fabric switches and routers. When we move from that environment to the virtualize, they get a little bit lost. I always recommend to held them into that transition. I do not recommend to create 2 teams, the one to focus on the physical layer, and the one that is focused on the virtual layer, because you are creating 2 different teams, and they will start fighting each other for every single thing. You need to converge your physical networking team into a virtual networking working team. It’s a transition that will take time and training, but the limit, it’s money that is worth it to invest for your team, for your people.
Also, they will actually come out with better solutions that you cannot even imagine, because they will bring that core knowledge into the virtualize, and they will start asking so naïve questions that actually will make people think like, “well that’s interesting. Do we really need that part? What if we don’t need it?” It’s like when we talk about IPv6. The naive people tell they just want to replace IPv6 with IPv4. They want to replace all the network functions that we have there, DHCP, NAT, and all those things. Sorry, but that is stupid. IPv6 is a highly extendable protocol that will let you replace all those functions. You don’t need DHCP. You have N number of IP addresses, who do you need to have a DHCP system? Just let the MAC and IP address connect to there, and you have a unique IP address. That’s it. You don’t need that, because you don’t know how the concept of private networks and external network. Everything has come to be an external network. You have enough IP address to handle it that way.
When you convince the networking people to convert to be able to get into the new technology, amazing things happens. I’m explaining that by myself. I’m learning a lot from the senior guys from the networking team here. Again, it’s an investment that I would recommend every single operator to go through.
Niki Acosta: In terms of that investment, what are you actually doing in terms of training? Are you using existing training that’s offered by a vendor out there? Are you trying to … Is it more of a mentorship type of thing? From what I can see, there’s probably a good lack of resources for people who are traditional network architects, admins, for them to make that path to cloud, and to virtualization, and to SDM. That’s a big jump. How do you recommend people make that jump?
Edgar Magana: I think having in-person training here in the company was really good, but it wasn’t enough. [Inaudible 00:35:07] wondering, yes we have Mirantis and they help us to have some training in-house. We have good connection with them, but it’s not enough. What we did is to create dev environments for everybody. We create a way very similar to DevStack. It’s not actually source codes running your laptop, and it is actually as Chef based deployment of OpenStack that anybody could get their hands in it.
The 3 or 4 days of the training, a lot of thing happen. It’s really fast. You cannot get everything, and especially on the latter part. You get into the API, you’ve run some commands, you create some networks, you spin off some VMs, and everything works, and what works properly … What happened when you try by yourself, nothing works. Why? Because you may miss a configuration file, because a number of things. That is when the fun, that’s when you start learning. No, nothing in the training. The training is just to get familiar with the concept, with the architecture, with all the projects, et cetera, just to be able to speak the same language.
If I try to train these people in OpenStack, I probably will confuse them more, because I will start using terminology that they are not familiar with. They will start mixing compute components with [inaudible 00:36:37] components, with other previous components. It’s going to be very difficult, ended up we’re going to be speaking 2 different languages. Once they are familiar with the terminology, with the components, we can’t get in closer to speak the same language. We can provide them with the environment that they can just play, like a sandbox. Go destroy it, kill it. Explaining also how to get it back to a safest state that they actually they can do more testing, and it’s working very well for everybody.
Actually, in Vancouver, you might have the opportunity during the new transition. We’re having a [inaudible 00:37:13] talk about [inaudible 00:37:14] that we created for the [inaudible 00:37:18] people, which is basically a [inaudible 00:37:21] VM with docker containers, which each one of these docker container runs in a specific OpenStack role at what they will use OpenContrail. We even have OpenContrail running the containers. It’s very amazing. Everybody now is like, “I create this network and now I know what is a floating IP address. Now I know why we need this NAT and not DNAT”, and all these kind of things start coming to light. You can see in people, their eyes is wide open.
In my past job at PLUMgrid, I just visit a lot of customers, trying to give them demos about an OpenStack. It was funny because I always end up having 2 kind of reaction. The reaction for people never tried OpenStack, and they were like, “That is very complicated. What is that? Neutron, compute, and now you need to repeat Neutron and put this thing to make it easier. No, no, no. It’s highly complicated.” Certainly, because they never tried it by themselves. Now, I have the customers that actually they did try it, and their eyes were wide open and said, “I don’t need that agent. I don’t need to do that. I don’t need to … Oh my goodness. How can I extended it?”
It’s the same here. There were core people that they never see, the [inaudible 00:38:41] working or any other LCN technology, and they’re like, “That’s too much. I want to go back to my vLance. I was having fun with that. [inaudible 00:38:51] but we are familiar with it.” No more [inaudible 00:38:56], no more vLance [inaudible 00:38:58] all the way. It’s so beauty. Now they’re getting it. Now they are like, “Oh men. Now I want to do this. Now we can actually extended our data center to … Have 2 different size connected to a sentry point, and do this fancy stuff.” I say, “Wait, wait, wait. Don’t go so crazy. Let’s walk a little bit more, and then we start running a little bit more, and then we can run faster.” It’s a very grateful experience.
Niki Acosta: This is probably due to my … I’m not a Neutron person, which is funny because I work at Cisco now, so you think I know a lot more about this than I actually do. Explain what happens to an application developer, versus the current role of the network administrator. How are those 2 going to work together in the cloud world? Who’s going to control the policies? Is it going to be a policy that is drafted by the core networking team that are going to be exposed to the application folks, and then they can pick and choose from a list? Are you going to set some guard rails and let the application developers do what they think is best? How is that going to change in the Neutron model?
Edgar Magana: Regardless of the Neutron model, I always believe that we should provide the power to the application developers. We shouldn’t be the networking guys sitting off everything and just keep things updated, and updating, and updating to make happy the application developer, because it’s like a back and forth cycle. I’m trying something. Now I found a close door, I need to go to the networking guy. He came back to me maybe in one day, maybe in 4 weeks, who knows? That’s a lot of interaction that we can actually eliminate. We have a different way to deploy the application. You provide the application developer an extensive API that they can understand. I’m not talking about ports. I’m not talking security groups. I’m talking about I have my application that work in this layer, and I want to communicate with my database. It’s a language thing they know.
There are a few projects out there that actually trying to cover that part, like the Congress Project. Provide that higher level language for the applications. I’m totally involved with those kinds of projects where you should provide this may be called policy based language, finally come back to my roots, where you say, “Look, I have my application. It should work in this environment, and it should not work in that.” That is a policy. You figure out how to deploy it, you figure out how you do it. [Inaudible 00:41:52] to answer your question will be it’s a little bit out of this [inaudible 00:41:56] Neutron, because we don’t want Neutron to become the master and commander of the data center. It’s not the goal. We’re not building here a global network management system for all your networking components. It should be as close as possible at the low level virtual network APIs, or primitive commands. An issue extend its functionality, but not its scope. We can have complementary projects to provide that connection with the application.
Coming back to your question, I do believe it should be the application driving how the networking is wired, but being agnostic to that. Coming back to the time I was learning about great computing, everybody or every single article that you read about great computing, they were making the connection with the power grid. You just turn on the switch and you have light. It’s coming from the nuclear plant, you don’t know. It’s coming from a different place, you don’t even know, but you have lights. What is going to happen for that light to be fully distributed across the building, without providing load balancing, all those kind of thing. You don’t know, it has to be agnostic. That’s what I’m talking about, and higher level of language for the application developer. We should talk their language. They shouldn’t talk our language.
SCC, we’ll get in there. I think we’re not far away from that. I will expect after the liberty cycle, probably the end cycle, to have a fully application driven language for all the networking. Hopefully that will happen.
Speaker 3: If someone who’s a … I’ll put my pseudo networking admin hat on. What happens to my job? If I’m going to give developers control, and I’m not logging into a box anymore, and responding to a ticket, and someone else can do that with an API, then what am I doing? Does my job go away? I think that’s a fear that’s out there. What am I focusing on now?
Edgar Magana: Yeah. It is. I remember when I was starting with SCN, I was like, “What is the point of having a CCNA? I don’t understand. Should I need to have a CCNA in the future?” I think things were changed. There will be new certification. There will be new concept that people should learn. We need to think in different words. Now we need to think about the performance. An application developer will never know or able to understand what is a performance issue. It’s the networking guy. As networking guys, we need to provide or develop the tools to understand a problem. Our jobs will become more into the tuning and also the scaling and performance. How now we connect our extend set of private networks in to a different insight, into a different infrastructure. How can I provide the higher level of security to these guys on the performance side?
Right now performance is scaling up. I find an issue, I just create another UI server, I put a load balancer, and things should work well. Automatically, they will work, but all the wiring, all the connection, even if the SCN is doing the right things, I need to be aware of that. I need to have a nice tool that will give me all that information. My job is to make the correlation with all the tools, or source of information to understand the behavior of my network. I’m pretty sure the next job or the next set of activities will be like …
Niki Acosta: We’re back.
Edgar Magana: Yeah. We get disconnected for a minute, no problem. What was the last thing you hear me say?
Niki Acosta: Keeping the lights.
Edgar Magana: Yes. At the 3 layers now, the physical layer, the virtual layer, and also the correlation layer. Trying to understand why things are happening, correlated information across the different source of information.
Niki Acosta: This is all great. Are there any good videos out there that you would recommend or any good resources? For networking people, I’m sure that these concepts are pretty relatively easier to understand than, let’s say, the pointy-haired business guys and gals out there who are just like, “What? You’re telling me that I’m going to need this SDN thing and I’m going to need this.” What do you tell the business people to give them some level of comfort as to this new model and why they need to start thinking about that?
Edgar Magana: About learning Slideshare, you will find a lot of good presentation about virtual networking. I always recommend to go to the latest ones, because things are changing even faster than before, seriously. Go to the last year, no older than that, search in to that one, the same for YouTube videos or things like that. In terms of how to communicate this change of how to make this [inaudible 00:47:47] people to get into the virtual level layer, I made this exercise one day. It was a very funny reaction from my coworker His name is Jean.
He actually draw on the whiteboard, the coordinate topology. He actually have a router and a couple of switches and things like that, and he start drawing things. I said, “Okay, stop there.” Then I take the pen and I draw a big box enclosing the whole thing he draw. That’s virtual network, that’s it. As simple as that. He was like, “What the hell are you talking about? [Inaudible 00:48:27]” You have a process, a Linux process that actually will provide that switching functionality, and you will have a virtual router. You name it vRouter from Contrail, or you name it [inaudible 00:48:40] or Bert, it’s just a software component.
At the first time they glance, and they’re like, “You’re freaking crazy.” Then they start like, “Well, if that happens, then I don’t need to do these. Then I don’t need to do … I should do it different.” It was a funny experience. On the business model for the non-technical people, it’s a little bit different. I’m [inaudible 00:49:09] on that part. In this new role, I’m talking with more VPs and senior managers [inaudible 00:49:17] used to be. They just want to be sure that things will be operable. I don’t want to say that we’re able to spend tons of money, but they say … My concern is not about the money that I will spend. My concern is about keep my costumers happy. I don’t want to have downtime over, I don’t know, 30 minutes. Even your [inaudible 00:49:46] over your migration should be in max 1 hour window. Is that even possible?
It just suggest they will ask you, “Well, show me how?” You need to present how the technology is changing the way we’re doing things, and they’re getting it. They’re getting it. It’s a little bit more … I would say sometimes a little bit more difficult for the business people, because again, it’s not just about money. It’s about making sure that things will keep working as they are working right now.
Niki Acosta: [inaudible 00:50:18] that’s data protection, security, being able to roll out features faster, their customers, being able to migrate customers, right?
Edgar Magana: Absolutely.
Niki Acosta: That’s a big jump for sure. You’re really motivating me to find someone inside of Cisco or spend some time with you at the summit, just sit down and get my head wrapped around how things used to be versus what they’re going to look like the future. What is the future of networking look like, Edgar? What is utopia for you?
Edgar Magana: That’s good. I will like to see a more automated system. I’m talking about … I don’t want to do marketing for anyone. For instance, Cisco acquired a company [inaudible 00:51:04] who actually provides a very good network administration layer. We do have that kind of technology, a little bit more open source. They open source technology that we have other virtual network layer, and we connect it together. Man, we will control the data centers from your, I don’t know, from your laptops, sitting in front of a beer in Hawaii or whatever you prefer, the beach, and with 3 or 4 screens, not 20 displays, and be able to do amazing things.
We do technology because we want to enhance people’s … the quality of their life. We don’t want [inaudible 00:51:53] stress that is happening, for instance, in Workday. We know, Fred and I, for the [inaudible 00:52:00] people, it’s who are in on-call. It’s not that they’re under stress, but they actually know that they need to be sharp for that potential call if something is happening. We want to reduce that kind of thing. We want to provide that system that will let them have a … Even that they’re on call, going out with their family, have a dinner, the pager will be on, but they [inaudible 00:52:26] anytime.
That’s I want to things. I want to have people happy with their jobs, going to the next level, reducing the stress, reducing the overhead on the network configuration, trying to [inaudible 00:52:45] to a higher level.
Niki Acosta: Simplification and more sleep, it sounds like.
Edgar Magana: More beer.
Niki Acosta: More beer. That’s inspiring, Edgar. I’ve had the opportunity to play a little bit with the [inaudible 00:53:02] box, and I was like, “Okay. Cool.” I’m not a networking genius, but I’m like, “Cool. I can do this.” This is not outside of the realm of possibilities and I can say that, “Hey, I want to block all of these websites that are on this list out on the internet, so that my kid can’t access all of these websites.” Cool. I get that.
Looking at home automation too. It’s simple enough for me to load this and that and decent geofencing stuff, which I never thought before would be possible. I see a lot of simplification coming down the pipe for not only consumers of technology, but the people who are building and architecting. That’s super inspiring. I think the easier that you can make it, the easier innovation becomes in all aspects, which is cool, and talking about internet of things and connected the devices. It’s real, it’s happening, and it’s … It can be overwhelming.
On some ways I look at my grandfather who just got a smartphone after my grandmother passed away a year ago. Now he’s texting and downloading apps. I’m like, “You never want to touch that stuff a year ago”, but it’s gotten so simple for him that it’s not intimidating anymore. I see a lot of that same sentiment happening within the networking world, and being able to connect together devices and data centers, and how important the role of people who understand this stuff is. I’m assuming that Workday is hiring.
Edgar Magana: Absolutely. A lot. We have-
Niki Acosta: What is on Edgar’s list? You’re such a nice guy. What are you looking for?
Edgar Magana: I’m looking for cool guys. I’m one of those guys that I don’t-
Niki Acosta: Or gals?
Edgar Magana: Or gals, sorry. I actually would like to increase the number of females engineers in my team for sure. I’m talking from the very beginning, I have 2 daughters and I have to 2 nieces. I just got 1 sister, and she also have 2 girls. I’m going to be surrender for girls, so I want to get the power to the girls. I don’t expect from that person to be an expert. On the contrary, what I like the most is that willingness to learn and to be part of a team. I truly believe that somebody could be an expert if that person is willing to learn, to listen, to read, to share, and that’s what I’m looking for most of the time.
Right now, when this OpenStack, because it’s a new one. A lot of people is looking for an expert on SDM, an expert on that. You need to have key people in your team to be successful. You need to have these 3, 4 senior experts, architects, whatever you want to call it, to drive things. In order to sustain the whole system to developers, we’re doing here, we’re doing contributions to the Cookbook and the [inaudible 00:55:58]. We’re doing contribution in the [inaudible 00:56:00], obviously we’re doing contribution in Neutron. We’re going to do contributions for enhancing the security. I was telling you that we did some penetration test on the open source code. We found some funny things that we want to contribute back.
I was telling the guys, so we started having a system engineering team. Now we are more like a real cloud development team, because now we have the full deployment, fully automated, everybody can do it form their laptops. Now what? How can we make it better? Things like that. We’re having that [inaudible 00:56:32] is willing to transform the way they are just to the things that they like to collaborate, that they have curiosity on their compute side, and the storage side, and the networking part. We deploy everything here at Workday. By everything I mean, we are touching every single OpenStack project, the core ones. We are extending to see [inaudible 00:56:58] very soon.
We are also very interested on containers. If you are one of those guys or gals that actually interested on containers and new technologies, right now we’re [inaudible 00:57:13] because we’re looking for that kind of personal …
Niki Acosta: Attitude over aptitude, it sounds like, willingness to learn, willingness to help, willingness to collaborate, those are skill sets that are hard to teach, right?
Edgar Magana: Yeah, exactly. All in the technology, I’m pretty sure you can learn it. That motivation to actually be talking to people, knocking doors, and experimenting your own time and things like that, or even when you’re here it sounds interesting, more natural. I’m very thankful of the career that I have so far. I believe that one of the most important things is because I’ve always been curious and brave enough to ask questions and talk to people. I like to say yes a lot of time, my wife is killing me because I should spend more time at home. I promised, Rocio, you’re looking at me, I will do it, but it’s because I like to help, I like to learn from other people. It’s is amazing when you really collaborate.
We have a lot of technology for collaboration and communication, and all those things for what? To be in the bars and everybody looking at their phones and not talking to each other. That shouldn’t be the case. It should be the case that actually we use technology for things like our families, so they [inaudible 00:58:35] people that we cannot have them next door, so they can actually see our families grew up, and my daughter start looking at the [inaudible 00:58:43], something like that. This is why we build technology. It’s pointing hands at communication, not really for blocking the communication across everybody.
Niki Acosta: Dang, Edgar, you got me all teary eyed. I’m not going to lie. It’s cool to see what you’ve done with your team, and I can understand why. I mean, look, you like to help other people and it’s really cool to see how far a positive attitude can impact technology. At the end of the day, technology automation, all this stuff, at the end of the day, it still comes back to people. It’s really inspiring to hear you talking about that, and the inclusion of wanting women on your team is also spectacular. Thank you for that.
We’re running close to time. We’re actually a little bit over. 2 things, number 1, you have … Your trip at the OpenStack Summit is going to be cut short. Do you want to tell us why?
Edgar Magana: Yes. I’m expecting my second daughter, June time frame, so I don’t want to be away from home. You’ll never know what’s going to happen. I just want to make it a very short trip, arriving on Monday and leaving on Friday. Just want to be close to my family as much as possible.
Niki Acosta: Okay. Maybe there’s 3 things. Second question. This will be put up on the internet somewhere and maybe one day you’re daughters will be Googling your name and this will come up. What words do you have for your girls?
Edgar Magana: I just want them to follow their own dreams. I don’t want them to follow my steps. I just want them to follow their own steps, their own dreams, whatever they wanted to be. I just really wanted to do it with all the effort, with a lot of love, with a lot of patience. It doesn’t matter. For me, it’s not important. I will helping them, and I will supporting them, no matter what they decide. My role as a dad is just to provide a role model for them. My role model is not about technology. It’s about passion for the things that I do and love for the things that I’m doing. I’m also enjoying it along the [inaudible 01:00:57], so I wanted to do the same.
Niki Acosta: Wow. Great words. Finally, 1 or 2 people do you want to see on the podcast?
Edgar Magana: I would like to see my ex-boss, Lou. I’m inviting you here. Probably I’m not the first one inviting you to this thing, so [inaudible 01:01:13] for sure. I think he will bring this seniority, that experience to the podcast. I also would like to see [inaudible 01:01:22]. I would like [inaudible 01:01:24] Emily Macky. He is working on the deployment, on [inaudible 01:01:29]. As far as I remember, maybe I’m making a mistake, but I think he’s still working for Inovance. I will like to see the 2 sides of the coin.
Niki Acosta: Awesome. For those of you who don’t know, I did put it out on Twitter, but we will be bringing this podcast to the Vancouver Summit. If you’re interested in participating, I think we have 24 slots total. If we can’t get to you at the summit, hopefully we can get to you after the summit in the longer format, one hour shows that we’re doing, like this one here. I look forward seeing that. Edgar, I cannot tell you how awesome it is. I’ve seen you passing, I said “Hi.” Really, really great to see the awesome work you’re doing and how others are going to benefit from the contributions, both from yourself and your team, coming out of Workday. Thank you so much for joining us today, and I guess that’s it. Everyone have a good day.
Edgar Magana: Bye bye everybody. Thank you Niki.
Niki Acosta: All right. You’re welcome.