technology

Episode 68: Solomon Hykes, Co-Founder / CEO Dagger

Intro

Mike: Hello and welcome to Open Source Underdogs! I’m your host Mike Schwartz, Founder of Gluu, and this is episode 68 with Solomon Hykes, Co-Founder and CEO of Dagger, but also formerly the co-founder and CTO of Docker.

Back in February, I recorded this episode at the Civo Navigate conference in my hometown of Austin, Texas. If you want to hear the latest and greatest cloud native stuff and meet companies like Dagger, you should check out Civo Navigate. It looks like they are planning a US and Europe event each year.

This episode is a little on the long side because we cover some questions, relating both to Dagger and Docker. But if 45 minutes aren’t enough for you, there are a bunch of other interviews with Solomon, so just check the interweb.

And with that said, let’s just cut to the interview, so we can get to the main attraction. Here we go.

Y-Combinator Playbook?

Solomon, thank you so much for joining us on Open Source Underdogs.

Solomon: Thanks for having me.

Mike: I’m just going to dive into this with Dagger. Your approach seems very YC to me – who are the developers in pain that build Dagger?

Solomon: Yeah. Dagger came out of a process of talking to a lot of software teams about their pain, and the pattern we saw emerge was the problem of the deployment pipeline. You know, CICD, everything that happens after your code’s ready. But before your application is live, everything in between is just, painful, painful and complicated. And so, we’re focusing on making it a little less painful, a little less complicated. So, it is very YC, it’s the standard Y-Combinator playbook.

Community Lead Growth

Mike: What is the Daggerverse and Daggernauts, and what do you mean by community-led growth?

Solomon: Daggernauts are people who think of themselves as part of the Dagger community. Community is — I mean, it’s an overused word, but it’s really important to us, community-led growth is our business strategy. And the idea is, if you build a product for developers, and those developers are excited enough about it that they will not only use it, but show up on an online chat server to talk about it, come to meetups to talk about it, write blog posts about it, tell their friends, help each other – they become more than users.

You need a new word for that, so we use the word community, and then we market the product together. Sometimes we sell it together, and we write software for it together, so that that can become a way to grow as a business. It’s hard to do correctly, because you have to be authentic, you can’t fake it. Because a community will only form if there’s actually something in it for them, and it can’t be just transactional – they have to feel valued, respected, but when it does work clicks, then it’s very powerful.

Monetization?


Mike: As I understand it, you have an open-source project under the Dagger GitHub – your trademark – and your strategy is to monetize by selling a maybe cloud-controlled plane or dashboard, where enterprises can really see value. Am I on the right track?

Solomon: Yep, totally. Open-source engine, optional proprietary control plane.

Mike: What is the business value that enterprises are actually seeing, where they decide, “Okay. I want to go with the commercial offering.”

Solomon: Well, first of all, the commercial offering is very new. Our priority is adoption of the engine. If an enterprise can use both, that’s great. If they only use the engine, and they need to take a little more time to evaluate the commercial products, wait for a feature to be available, then, that’s totally fine. We’ve designed it that way.
For example, our cloud product does not have a self-hosted version yet. 

So, some customers do not care, and they’ll buy it today. And others are waiting for this self-hosted version. When we talk about the business value of Dagger, we’ll talk about the whole of the platform, open-source engine cloud for the buyer. Either it solves a business problem for them, as a complete platform, or it doesn’t.

Unique Features

Mike: There’s a number of tools in this area already, who are those super fans who say like, “I know about all that other stuff, but that’s not for me. I really need this Dagger.” Who are those people?

Solomon: Usually, in every software team, there is at least one person who’s the designated DevOps person, they’re the person who will have to fix the build, or make it faster, get the CI pipeline going, sort of support the developers in shipping. And then, over time, as the team grows, you’ll have more than one.

And in larger enterprises, you’ll have entire team, platform team, DevOps team, whatever – those people are typically the people who will get excited about Dagger because it makes their job easier.

Developers we help indirectly, the DevOps people we help directly. The main reason they get excited is because we don’t force them to throw away what they have, will improve the stack they have incrementally their terms – that just makes everything else easier.

Prioritizing Core v. Commercial?


Mike: Is there ever any friction when you’re figuring out how to allocate scarce resources at Dagger, on, “We should work on this core feature that is in the open source, or we should work on some features that improve the cloud offering, which will help us monetize.” And how do you balance those?

Solomon: Yeah, it does happen all the time. In fact, we’re small enough that it happens even within the open-source engine. Also, right now, we’re at an inflection point, where the core product is done – well, it’s not done, but it’s well-defined, and it’s well understood. And we have a community of people who are using it and want to use it more and more, which means they’re reporting bugs, they’re asking for features – there’s an incremental roadmap that we’re executing on.
Meanwhile, we’re building out this commercial product, which is, like I mentioned, it’s much newer, and it needs a lot of work. Resource contention is a problem. I don’t think we’ve found the solution. Honestly, focus is our friend here. For example, I mentioned we’ve prioritized adoption of the open-source engine.

So, to be honest with you, over the last six months, I think we got a little bit too ahead on the commercial products. We approached it like we could build both at full speed in parallel, but then we realized, when we looked at what people were asking for on both sides, we realized, okay, we can build both, but we cannot build both at the same level of priority. So, we’ve changed our text slightly, and we’ve decided to make it clear that we are prioritizing the core open-source engine at the moment.

And with the resources they are left with, we’re developing the commercial product. But we’re narrowing the scope of the features of the commercial product – in practice, that meant going from two flagship features to one flagship feature in the commercial product, for example. I think it’s just mostly being realistic and also being flexible adapting to changing circumstances.

Community v. Monetization?


Mike: I’ve noticed that with a number of start-ups, their initial focus is really on getting adoption and getting those super fans and then figuring out monetization later. I’ve also had guests who said they should have thought of monetization from day one and built around that. Where do you come out on that?

Solomon: I think there’s a balance to be found for sure. For example, I’ve just said, we had to sort of scale back a little bit on developing the commercial product. I’m still very glad we started developing it early, and we’re validating it, whether there is something that anyone is willing to pay for, and also, a million details along the way – how much to charge for it, is it cloud or on-prem, what market are we competing in, who are our competitors.

The clock starts the day you start building it. And I do think completely putting off even thinking about it for potentially years can be a mistake. So, we were pretty deliberate about starting early, but then, once you’ve started, you got to manage your priorities – that’s our approach.At Docker, it was all on community and think about monetization later for sure. And it worked. I’m not surprised when you say some people regret not working on monetization sooner. I completely understand.

Why Trademark is important

Mike: Actually, I would like to dive deeper into the monetization because that’s really interesting, but before we even get there, maybe just any thoughts about the use of the trademark, and how you’re approaching Dagger differently from a trademark perspective.

Solomon: At Docker, we underestimated the importance of protecting your trademark when you’re building an open-source platform. Ironically, the best example of doing that right is also the same company that abused our trademark the most – namely RedHat. RedHat really is a great model for how to be extremely open on your code. Red Hat has always been serious about open-source licenses, opening up even proprietary products from companies that they bought. They would open up the code. They really walked the walk on copyright on the license of the code itself, but the way they made it work is they’ve always been extremely strict and enforcing the use of the RedHat trademark.

It is the best model for an open-source business. The stricter you are on the trademark, the more open you can afford to be on the code. In practice, that means this is open source – you can fork all of it and redistribute it. It’s all fair game. You can take all of it or modify it and redistribute your modified version. But you can’t call it in our case Dagger, you have to call it something else.

Ideal Use of Trademark

Mike: What was the impact on Docker as a result of people, or organizations, using the trademark?

Solomon: The problem was the kleenex problem basically, that Docker washing became the problem. As Docker popularized containers, and containers became the hot new thing, Docker became the hot new thing, and the Docker brand became very valuable. You know, the whale logo, everything associated with it – something new, something exciting. This community that was just blowing up – we had I think 120 meetup groups around the world, hundreds of thousands of people physically coming every week to just show each other a cool stuff they were dealing with Docker.

That brand was basically very valuable, and anyone, any vendor could just take it and say, “Oh, yeah, we do that.” Of course, it meant that Docker as a business did not enjoy as exclusive a competitive advantage as it deserved.
And also, over time, it hurt the quality of the experience, because you could go to a random vendor and they tell you you’re getting Docker. So, you install their thing, and you think you’re getting Docker, but you’re getting some weird Frankenstein product that maybe there’s some Docker inside it somewhere.

But the experience is not up to my standards, or the standards of the Docker team. So, you’re going to walk away disappointed, it didn’t work properly, it wasn’t compatible. They said it would be portable, but it only works on this vendor system, whatever the problem is. And now you’re going to associate that negative experience with the Docker brand. So, losing control of your brand is a really terrible thing to experience. The way to not lose control of it is to enforce your trademark in a very strict way.

Mike: Although Dagger is open source, you don’t want anybody doing Dagger hosting, or introducing a Dagger powered product. What about the hosting side? We’ve heard a lot about open-source data. If somebody used just Dagger hosting, we’ve seen WordPress hosting here in Austin – where are the limits, or where are the boundaries?

Solomon: Our approach is, if you think Dagger hosting is a great thing to do, come talk to us, and we’ll partner. Actually, we’re having conversations now that actually becomes forcing function for designing it. Okay, let’s talk about what does Dagger hosting mean actually. What that experience will be is not as straightforward as hosting a database. There are questions of what’s going to run on the client, what’s going to run on the server – those things are still being worked out. So, now we get a chance by forcing people who want to sell hosting for Dagger to come to us.

Now, they’re part of the design conversation, now these potential partners, we are showing them the architecture we have in mind, we’re showing them the feedback we’re getting from our community what they want.

And now, we’re all going to design this together. And if it still makes sense in the end, and they’re still interested, then they’ll get a license to use a trademark. Or they could just say, “You know what? This is great. We don’t need your brand, we just want the code, and we’re just going to do hosting, or something – they change the name, and then they can host it now, they don’t need our permission for that. Keeps us honest at the same time.

Mike: Because they have the right to use the software.

Solomon: Exactly. Because it’s actually open source. There’s no special license or anything.

HashiCorp shows system worked?

Mike: There’s another company I thought you were going to mention when you mentioned RedHat, and I think RedHat’s also underappreciated. But I was thinking of HashiCorp. They actually did and continue to do a very good job of defending their trademark – TerraForm.

However, they did run into some friction with the community. Because, after a billion downloads of their software, they changed to a non-OSI approved license. And there was some blowback from the community. And I think they broke a social contract in a way. By your definition, they did it right, but is there anything they could have done better?

Solomon: I think that episode with HashiCorp was actually very useful for start-ups like Dagger that are earlier in the journey. We’re telling the markets, “Here’s our open-source product, here is our business model around it. And it’s a sound model, and you can trust us that everyone wins.


RedHat was very useful in standardizing part of that model. Okay, RedHat has opened everything, and they’ve been very strict on the trademark. And they’ve been successful, so that helps us make our case. But one question we can’t answer with only that example is, okay, but what if later you change your mind, what if later the founders leave, and the professional CEO takes over? Or, what if you sell? And you can’t say, “No, we won’t.” I mean, because you don’t know. And that’s what happened to HashiCorp.

And what’s wonderful about this example is that it turned out okay for the customers. Because what’s happening now is, there was a fork, it’s run by a foundation. Now, there’s one more option. After HashiCorp made this decision to break the social contract, basically they were punished or rewarded, depending on how you look at it, with a community-run alternative, which customers can now choose to switch to at any time.

Now, I get to say, well, we don’t plan on doing this, there’s no good reason for us to do that, but just in case, a few years in the future we change our mind for whatever reason, here’s what will happen: we’ll get forked, there’ll be a community-run alternative, and you’ll get to use that. So, it’ll be fine.

Mike: So, the system worked.

Solomon: Yeah. I think the system worked. I have no clue if in the end, this is good or bad for HashiCorp, if they made a mistake, or if it’s not that important. I mean, I don’t really have an opinion on that, but I know it helps us make the case for our model now.

Do we need a new OSI model?


Mike: We’ve recently attended SoCon, the State of Open Conference in London, and Bruce Perens gave a talk, where he suggested we need a new open-source definition. And we see open-source companies moving to other types of licenses that are slightly more restrictive. Do you have any thoughts about whether maybe we need some innovation in this area?

Solomon: I think we do. Honestly, the elephant in the room is this battle over what’s open AI – well, there you go [laughing], that’s the problem right now. What does it mean for AI to be open and what happens when the closed vendor has opened in the name, and then you have open-source models that have a closet says, you know, Apple can’t use it, or something. Neither open AI, nor so-called open-source models today, meet the OSI definition of open source. Is that okay or not, that’s the debate. But I think given just the enormous attention on AI right now, if anything causes the state-of-the-art in this area to change, it’s going to be that.

Every other ongoing point of contention is dwarfed by the focus on AI. That’s my opinion. Maybe that’s an opportunity to leverage that attention and that desire for change. And that those tensions channel it into constructive changes to the standard. It’s dangerous, because maybe what ends up happening is the standard shifts in the wrong direction.

It’s possible that we regress, that we actually instead of getting incremental improvement on the current OSI model, maybe we lose benefits of it that we take for granted at the moment. And on top of all of that, even the definition of software itself is called into question. Like, what if all the software is generated by a model anyway.
So, I’m glad it’s not my job to figure that stuff out. I’m glad I’m not the expert.

Does Open Source Pattern Match with a Tragedy of the Commons?


Mike: A professor here at UT, and we’re recording this at University of Texas, Austin, wrote a paper comparing open-source to tragedy of the commons. She asserts that actually open-source economics pattern matches with some of the things that go wrong in a tragedy of the commons and proposes some remedies.

Solomon: I completely agree with that analogy, but I also think it’s getting applied wrong. Because common use of a limited resource – that needs to be replenished, the land. But software doesn’t need to be replenished – it doesn’t matter if one person downloads it, or 10,000 people download it. The bits themselves, once shipped, are not a resource that needs to be replenished. But the maintenance effort, the support burden is. And so, I think the grazing is not when you download the open-source software and then you use it without paying back. I think that the grazing happens when you’re filing a bug on the GitHub repo, and you’re expecting a maintainer to read it and then answer your question.

Or, you are sending a patch that you really need to see merge for your own downstream needs, and you need a maintainer to review it and give you feedback on it, ideally merge it yesterday. That’s grazing.

So, the resource, the equivalent of the land is not the software. I think the equivalent of the land is the people maintaining it. Because those maintainers behind the scenes are burned out. They are holding the world on their shoulders, and a lot of times they’re volunteers. But even if they’re paid, we’ve had people burn out of Docker because the world showed up, and they all wanted the Docker engine, and they wanted this new thing merge, and they needed this bug fixed, and they all needed it yesterday. And some of them were very demanding.

And some of them had millions and millions in contracts on the line, and RedHat was a culprit in that, for example. And we had people burn out not just from Docker, but from tech. Because they just cannot take it. You know, I have great hair now, and I didn’t when I started as a maintainer of the Docker project. We need to solve that. And I think tragedy of the commons is a perfect analogy there.

How to Maintain a Mountain of Open Source?


Mike: You mentioned open AI, and when I look at open AI, I see that it’s built on a mountain of open source. But they have the connection to the customer, which gives them that sort of last mile that enables them to extract value. What I’ve noticed is that there’s an inexorable stream of CVEs. That, because my software is built on a mountain of open source, some of those dependencies are always getting a rear patching once a month, just to keep up with it.

And I think the expectation for an open-source project is not just that it’s open source, but almost like this social contract that you will continue to patch it forever. And when the next log4j happens, we expect you to do it tomorrow.

 Solomon: I agree. Yeah, that’s part of the problem. It’s like an open-source project is a service. The unspoken contract includes everything you’re talking about – ongoing maintenance, ongoing support, ongoing operations of the project itself, running the CI pipelines for it. There’s no system in place for doing that in a sustainable way. I think it’s an unresolved tension in our industry today.

I just think sometimes we go down the wrong rabbit hole, trying to solve it, because we just frame the problem – it’s not a software piracy problem, the problem is not that people are using the software for free to make money because that’s normal, that’s expected. If someone has to wake up at 4:00 a.m. because a really terrible security vulnerability was just discovered and they have to patch it because only they know how. And they were volunteers, and they have billion-dollar companies depending on it, and the billion-dollar companies are the ones calling them – that’s not okay. That’s like fundamental problem for everybody involved. And that’s an actual real-life scenario. That stuff happens. So, yeah, we got to figure that one out.

Lessons from Docker Monetization Battles


Mike: Yeah. This is a global problem, and it’s really hard to solve global problems. I’m going to switch back to Docker, and again, excuse my ignorance, I’m not a Docker expert, about the history either, but one thing I have noticed is that they seem to be doing a little better now.

Solomon: Oh, yeah, yeah.

Mike: And so, monetization and pricing you mentioned, I wasn’t even going to ask you about your price journey for Dagger because it’s too early. Whatever you think of now probably is going to change. But you do have some interesting perspective, I think, on having this incredibly, maybe epically, record-breaking popularity in terms of who loved the software, but then also challenges around monetizing. And then, also now, the ability to see what they’ve done. And I’m just curious if you had any thoughts on what they’re doing now?

Solomon: Of course. A very common thing I hear is, “Docker struggled as a business because they gave too much away for free.” And I really think that’s wrong, meaning Docker was correct to open source, and it never had to be backtracked. Docker never had to change its license and anything while I was there, and after. At no point did Docker have a regret open-sourcing something – there was no temptation to walk it back. I think that’s a victory.

And second thing, there were many, many opportunities to monetize on top of this immensely popular open-source project. And many companies successfully did that, pretty much the whole tech industry made buckets of money off of Docker, except for Docker, for a long time. And that’s not anybody’s fault other than Docker’s.
Docker failed to build a commercial product that was exciting enough for people to buy. That’s the reason Docker struggled. It was purely an execution problem. It was ours to lose, and we screwed it up. And all this typical startup failure ways lack of focus, which comes from an inability to say no to something, so you can actually focus on other things.

And it’s just lack of discipline on hiring and expenditure and strategy. So, ultimately, instead of shipping one great commercial product, we shipped eight average ones. If you look at the numbers, if you go up to the point where Docker got closest to that, and it got recapitalized and split in two, and the commercial part got sold off to Mirantis.

And the core assets, the brand, the open-source tools, the developer tools lived to fight another day. By that point, Docker had spent 300 million dollars to build a 60-million-dollar business. The math doesn’t work out. So, yeah, that was the main reason what caused Docker to be successful now, is a very simple – they had to downsize, sell off that failed enterprise business, they were left with the open-source Docker engine, Docker Hub and Docker for Mac, these desktop apps install Docker on your desktop. The simplest thing in the world. It just so happens that when we shipped that back in 2016, we did not make it open source. So, we have this really easy Mac application: click, click, you got Docker. We bundled that as a binary, and we did not open source it, and nobody cared. And it was free. And then, one day Docker said, “You know what? This application is still free unless you make this much in revenue as a business, and then you have to pay us now.”


And that was it. That turned Docker into a successful business pretty much overnight. So, not sure what lesson to take from that. The product that we ended up monetizing successfully in what, 2020 let’s say. It had been there for four years. You just had to put a price tag on it.

YC Twice?


Mike: So, you’re a new entrepreneur. Are you going to recommend going through the Y- Combinator?

Solomon: Yes. 100%.

Mike: On your second start-up, did you go through YC again?

Solomon: I did.

Mike: Can you talk a little bit about why? Like, you knew everything from the first time around, why did you do it again?

Solomon: It’s a complicated answer. The shorter version is, I joined a little bit later. It’s three of us co-founders at Dagger. My two co-founders, Sam and Andrea, they were first employees at Docker. They left, and they started something new. And I joined a little bit later. The reason I joined later is because I was taking a break, and I was a visiting partner at Y-Combinator for one batch. If you do this thing, they invite entrepreneurs to be a partner for a little while. At the same time, they were asking me the exact same question you asked me, “Hey, should we join YC?”, and I said, “Yeah, you should join YC totally. You’ll meet new people, you’ll get a lot of help.”, because they were first-time founders.


And they ended up assigned to me, so I was their partner, one of their partners. We spent a bunch of time together at YC. I was a partner, they were founders, and we talked about their idea what to do. And then, we got excited about it together. And at the end of the Y-Combinator batch, I joined as a founder, which means that now we’re a YC company, but like technically, I did not go through YC as a founder of the first time, if that makes sense. I did not have the opportunity to make that decision. But if I had had the opportunity, I would have done it.

Because I had been through YC, but my co-founders hasn’t. So, as a group of founders, we had not gone through it together. And that’s very valuable. And also, YC got better over time. New partners, new programs, new resources, and more importantly, more alumni.

So, the other founders in the batch are some of the smartest people you’ll meet. Being surrounded by other founders and talking about your founder problems with them, and then staying in touch and growing your network that way and helping each other after you leave Y-Combinator. That’s incredibly valuable. I always tell everyone, you should join YC if you can. And if you’re an outsider, or a first-timer, then even more so.
And if you say, “Okay. I’m a second-time founder, I’m not going to do it.”, I’ll still say you should do it, but I understand the way you’re not doing it. If you’re a first-time founder, there’s no reason not to go through YC, if you get a chance.

Advice for Open Source Founder?


Mike: Last question. Do you have any final advice for founders who want to use open source as part of their business model? Just some quick advice.

Solomon: Yeah. I would think of it as a tool in your toolbox, as a founder. It can be the perfect tool, or it can be the wrong tool. It really depends on your product, your positioning in the market, your strengths as a founding team. So, I would not blindly apply a playbook. And I would always make sure that if you’re open sourcing something you know why, especially for engineers, engineer founders.


There’s always a pressure to open-source everything, because you want to be loved and respected by your peers, giving things away. Open source is just a shortcut to that. Sometimes, the right answer is to not open source something to withhold it. And sometimes the answer is to open source. It really depends on the situation. So, be strategic about it, my general advice.

Closing Credits


Mike: Solomon, thank you so much for sharing all this with our audience, thank you so much.

Solomon: Thank you.

Mike: Thanks to the Dagger team for volunteering Solomon, to Alex from Resonance Public Relations for suggesting this interview, and to the CIVO Navigate team for the logistical help with the recording schedule.

Don’t forget to check out CIVO Navigate next year if you want to learn more about cloud native technology.

Cool graphics from Kamal Bhattacharjee. Music from Broke For Free, Chris Zabriskie and Lee Rosevere. 

Next episode, in a slight divergence from the format, we’ll hear from Patrick Bachmann of Open Ocean, in his role as Venture Capitalist that funds high-growth open-source software start-ups, informed by his roles at MySQL and MariaDB.

Until next time, thanks for listening.

Episode 65: Scaling Data Pipelines with Nick Schrock, Founder/CTO of Dagster Labs

Intro


Mike Schwartz: Hello and welcome to Open Source Underdogs! I’m your host Mike Schwartz, and this is episode 65 with Nick Schrock, Founder and CTO of Dagster, a platform that helps companies create data pipelines, which is critical to transform and update data in order to make it useful, for example, to generate reports, content, or other actionable information.
Dagster might not be a blueprint you can emulate. Like all start-ups, there are some hard to replicate serendipity that enables Nick and his team to build this amazing company. But as Machiavelli says, “Great leaders need both – fortune and virtue.” In other words, you need to be good at what you do, i.e. virtue, but they also need some good old-fashioned luck.

But what separates a really successful founders, like Nick, is the ability to harness fortune and virtue and combine it with some deep insights about the market, and turn it into a profitable and fast-growing venture not easy to do.

So, with that said, let’s cut to the interview, and let Nick tell you, in his own words, how Dagster evolves.

Early Career

Nick Schrock: Great to be with you.

Mike: Nick, thanks for joining us today.

Mike: Can I just go back a little bit and ask you to share some of your story about how you ended from going from the University of Michigan Computer Science to working at Facebook? So, that early period – how that happened?

Nick: Oh, I wasn’t expecting to talk about the preface book days. I’ll do the quick version of that. I graduated from Michigan in 2003, and I actually went to work at Microsoft, right out of school. And Microsoft’s a great company, and they treated me well, but… 

And actually, the division I was in was the developer division. And I thought that they were just extraordinarily talented, but at that time of my life, that wasn’t for me, in terms of working at a big company.
I wasn’t actually sure if I wanted to do software anymore, so I went to the London School of Economics for a year, because I thought I might want to go more into finance, or even government service – you know, I was a young man kind of searching around.

But I ended up getting back into software. I worked for a healthcare start-up out of Ann Arbor, which is where Michigan is, for what – 2 and a half years.

And then, I went to Chicago to try to do a start-up. That was very quickly spun down because me and a friend, who had worked in the finance industry, we wanted to do it, but then, it was about 6 months before the financial crisis.

So, that was incredibly poor timing. I spun that down, and actually, turns out a friend of mine, who I knew from Microsoft, kind of heard that was on the open market, and he just reached out and was like, “Hey, I’m working at Facebook, it’s really a special place. You should consider looking at it.”

And I was looking at staying in finance in the Chicago area. And I flew out to Facebook, and it’s just the vibe difference between a place like Facebook and a hedge fund in Chicago cannot be overstated.

You know, everyone at Facebook was young, super excited, idealistic, the office was incredible – there was just all this energy versus all these miserable people working in the hedge fund. So, the choice was obvious from there. And then, off to the races after that.

Why was Facebook so innovative in 2009-2015?


Mike: So, what was it about Facebook in 2009 that made it such a hotbed of innovation? Like, what new problems were they trying to solve?

Nick: The engineering-driven culture there, combined with the actual product that was being built. So, the product grew at unprecedented rates, it was used in unprecedented ways and was data intensive also, in kind of an unprecedented way.

We were forced to kind of do a lot of innovation on the fly in incredibly constrained environments actually, both in terms of resources, timing – you know, we had to get stuff to work. And I think that it is true that those constraints do breed innovation.

And that time of period was interesting because in 2009 – how to put this – we weren’t really taken seriously as an engineering organization, I felt. And then, fast forward say 4 to 6 years, and we were taken very seriously as an engineering organization.
It was really cool to participate in that. And in the end, if you look at the output from that eng org at that time, it really is pretty extraordinary in terms of what systems were built internally as well as what was open-sourced.

Technical Origin

Mike: So, few years back in 2018, after being at Facebook for, I guess, maybe 8 or 9 years, you decide to start a company called Elementl, which becomes Dagster Labs. Can you talk a little bit about how that came about?

Nick: Near at the beginning of my tenure at Facebook, I helped create this team called Product Infrastructure, whose mission was to make our application developers more efficient and productive. So, concretely what that meant is that we build internal frameworks and abstractions for the engineers who actually built the site and the mobile apps to build product.

That team did a lot of great work, and we ended up externalizing about a bunch of that work in the form of open source. So, React came out of that group – I had nothing to do with React, but kind of the people across the hall from me, so to speak, produced React. And that obviously went on to be an extremely successful open-source framework. And then, what I’m personally more affiliated with is, I’m one of the co-creators of GraphQL.

I’ve lived and breathed developer tools for a long time and also seen the impact that open-source adoption at scale can have. So, that was definitely on the mind when I left Facebook in 2017, and figuring out what to do next.

And in fact, I was going around the Valley and talking to companies, both inside and outside the Valley actually, about what their biggest technical liabilities were.
And this notion of data, an ML Infrastructure kept on coming up over and over and over. And I decided to dig into this, and very quickly I discovered that this area kind of pattern matched to what I care about and the types of problems I want to work on, typically the things I like to work on is to share a bunch of properties.

One are just engineers in pain. Like their dev workflow is broken, they have bad abstractions, they’re not productive, and purely because of tooling and abstraction reasons – that actually kind of makes me angry and frustrated on their behalf. And on a personal level, I feel that is really motivating.

Second involved finding – yeah, I like to call it like “a problem that matters”. I like working on really broad horizontal problems that could potentially have impact on millions of developers, kind of core essential problems that matter.

I was data engineering adjacent at Facebook, I wasn’t a practitioner. Data pipelining is extraordinarily important actually. People like to dismiss it as data cleaning, or they are kind of data janitor work, but when I looked at it, from kind of fresh perspective and I really thought about it, I was like, listen, data pipeline, they produce these assets, these data assets that drive all analytics, all the dashboards that you work with, all the ML models.
And if you really think about it, these data assets drive a huge proportion of human decision-making and automated decision-making in our entire society. Who gets mortgages or not, how do we price health care, what kind of news do you see – these are fundamental essential things, and it needs to be built on solid foundations.

And the fact that it – in my opinion – like, it was not built on the appropriate tools and processes, and everyone felt it was like chaotic and out of control all the time, was deeply disturbing. So, things were fundamentally, and still, in some ways, are fundamentally broken in data ML engineering. So, that’s really motivating.

Another thing, another property is that I like working on technologies that are sort of a strategic point of leverage in an organization. GraphQL fits that bill. Because if you kind of can intermediate all client-server interactions with a common software layer that has rich scheme information and stuff like that, it’s like an enormous point of leverage for tooling.

And in the data space, I quickly gravitated towards the orchestration layer because I felt it had the same properties. You know, orchestration orchestrates data pipelines. That means, it invokes every single runtime, it touches every single storage system as a result. And then, likewise, any practitioner that wants to put a data asset or pipeline into production has to interact with orchestrator in some way shape or form. So, a strategic point of leverage, I thought that was super, super industry.

And then last, like some feeling that you have a technical insight that’s novel and interesting, and that’s kind of how we got to this notion of — at the beginning we called it Software Structure Data Sets, but now we call it Software-defined Assets in data pipeline.

And the basic idea is that instead of just writing a bunch of imperative tasks to string stuff together, you instead think about it, you write a software representation of the data asset that you end up wanting to ship to production and be consumed by our downstream stakeholders.

So, that was a very long answer, but I found a problem that kind of checked all the boxes, for what I like to work on. And it’s not just checking boxes – if those boxes are checked, I’m like deeplypassionate about it. That’s kind of how I got here.

Business Origin


Mike: You started working on this problem at Facebook, but then you said at some point, you sort of hit this critical mass of like pattern matching, like you said. And you’re like, “Okay. I’m going to start actually a business. Maybe in Silicon Valley, it’s not terrifying, but it’s a big step.” How did that actually work? When did you decide, “I’m going to start a company.”?

Nick: It’s funny. I’m struggling to recall exactly when it happened, but I knew founding company was definitely something I was very interested in doing. Both in terms of working on a product, but also building a culture, and especially engineering culture.

In terms of company building, that part was very motivating. In a lot of ways, I was talking about how I thought the kind of the output and culture of early Facebook engineering was pretty extraordinary. And replicating the good parts of that in an independent organization was super appealing to me as well.

I think I just started talking to people and my message and the problem I identified really resonated. And then, I was talking to some investors, actually not with the goal of doing a fund raise – it’s kind of funny how it works like that – but there was like, “Nick, you want to look at data pipelining, with your background and, you know, work on something, that we should really think about formalizing this with some capital and a company, so you can accelerate your progress.”

It’s one of those things that almost just kind of happened. And I’m a big fan of, “Be an opportunistic.” It’s also true that from the time I left Facebook, I knew that founding a company had a lot of appeal to me.

Transition to new CEO


Mike: One of the podcasts previous guests, Sytse Sijbrandij, once asked me, “Do you love the product, or do you love the business?” And it’s an interesting question. I think I know were you following that spectrum. And can you talk a little bit about how you came to work with Pete Hunt, the current CEO, and do you have any advice for founders on how to navigate when there’s a pivot in the leadership?

Nick: I might like the business more than you would expect. I obviously – I don’t want to put words in your mouth – but I’m assuming you think I like the product more than the business. Actually, I did a bunch of economics and business in college and then the grad year in LUC, and I thought about doing MBA, so I’m definitely a business-minded. I imagine I annoy our FinOps people because I always like dig in about all the financial metrics and whatnot.

Yeah, we can get to Pete. I knew Pete from the Facebook days. He was one of the co-creators of React. We didn’t work really in-depth with each other then, but we met each other socially and through each other’s work, and really kept in touch for a long time after Facebook.

He wrote a small seed check into the company. We also collaborated actually on some podcasts because we were kind of obsessed with this Facebook engineering culture, and we actually put together a podcast series, Software Engineering Daily, with like 15 ex Facebookers, and we learned a lot about each other during that process.

Pete had started a start-up and sold it to Twitter, and he was working on Twitter. And I was also talking to him on and off about the business. And I was in the market for a head of engineering in early 2022, and Pete and I discussed it. And I was privileged enough to bring him on board. And given his experience, formerly being a CEO of a Dev tools company, he had built a marketing organization, and the sales organization and scaled to $5 million ARR.

I knew he was going to be much more than a head of engineering – I even had super high expectations for that – but he really dramatically exceeded those expectations. And I think, it became very obvious to me that he was just way better operationally than I was, in terms of like the mechanics of management, organization building, managing marketing, managing sales – he had done it before, and it was pretty clear.

I, at the time – just to be transparent – I was solo founder CEO, I moved around the country a couple times, I had 2 little kids. Now they’re 2 and 4, but I’ve also started a family during the course of this journey – I just needed like a co-founder figure to share the load.

Because I didn’t have the time to work on what my superpowers are, which is kind of this cross-product of Engineering, Dev Rel and Marketing I think is where I excel. And the other stuff is like, he could do a much better job with that. So, it just made a ton of sense.

I think I’m very lucky in that I don’t think it’s a repeatable process for a lot of founders to do what I did. Because you need that other human, who you know well, who would have been I think if Pete had his own company at the time, we might have just co-founded something from day one, and had like enormous trust context in – like, the transition to bring him in and then move him to the CEO position was like super smooth. I think it was like super obvious to everyone they knew it wasn’t going to be like this massive culture shift. Because like Pete and I are still aligned on so many issues.

I think the entire team was super excited about it, and the transition was really smooth – no leadership changes, no attrition, the company started performing better. I think it was obvious pretty quickly that that is the right move.

Monetization


Mike: So, diving into the business a little bit, how does Dagster monetize? I see a cloud offering, is there also a license enterprise distribution?

Nick: No. We only do a cloud product. So, just for context for the audience, Dagster is a data orchestration platform. And you can think about it like, you write data pipelines in this Python framework for building data pipelines and orchestrating, meaning, ordering computations and modeling the assets that get produced by those computations.

You can install it open source, and people have deployed that to production – a ton of people, I should say we have thousands and thousands of users – but the cloud product allows us to do a ton of the hosting on your behalf.

Most of our enterprise customers have this hybrid product, where we host the control plane, which you think about it like everything is complicated – the metadata database and long-running processes that monitor things and whatnot. Then, they run their actual compute, it’s their data pipelines and their infrastructure.

So, yeah, there’s a cloud product you sign up for, we can host a bunch or all of the compute. And then, also, we add enterprise features on top of it – SSO, alerting, gobs and gobs of features that generally deal with complexity in the Enterprise that companies typically pay for.

So, that’s our primary business model: you sign up for Dagster cloud, you swipe your credit card or talk to our sales people, and you can have the best experience of a data orchestration platform in the world in our opinion.

Why sell small customers?

Mike: I noticed that Dagster sells to small teams – like you said, you can sign up for like 100 bucks – and also to large enterprise. I’m wondering does the small teams’ business actually add up to real revenue, or is it just a pipeline for enterprise customer?

Nick: I think in terms of what investors care about, and what the long-term trajectory of the business is, we certainly conceptualize it as mostly a driver of pipeline – yes – but a broader adoption as well. So, there’s tons of users that use our hosted product that wouldn’t use our open-source product. And simply because they don’t want to host their own computing infrastructure, which is totally reasonable.
So, I guess, if you kind of boil everything on the business, yes, there is – it is a source of enterprise leads, for sure, but it’s also a source of more adoption, which means more people talking about the product. More people having being passionate about the product.

Because an underlying flywheel adoption is also essential for the long-term commercial success of the company.

I think like that’s the most interesting component of it. It used to be, say 10 years ago, that you’d have an open-source product and you’d be like really pulling teeth to use the commercial or the hosted product.

I think the pendulum is really shifted now, where tons of people wouldn’t consider adopting an open-source technology if it didn’t have hosting options. Just because of the way that the entire world has shifted towards more hosted services, which is I think a win-win for everyone involved.

Pricing

Mike: One of the underappreciated challenges of a tech start-up is how to price your offering. I saw a note on the pricing page about an old plan and a new plan. The new plan’s a little complex – not being an expert, I couldn’t really quite follow it. Can you talk a little bit about the pricing journey and where and why you ended up where you are?

Nick: Totally. I like to say, if building an infrastructure company were a video game, pricing is the final boss. And that actually even undersells it. Because iterating on your pricing model is a continuous process, where you have to make sure that it’s working for everyone involved, that we can run a healthy business and that the customers feel like they’re getting a fair deal in terms of — because in the end, they need to get more value than they paid for.

You are correct to point out that the initial pricing was simpler than the current model. Initially, we started out where we wanted to have like no seats limit and just charge on consumption. I felt that a very fair way of doing consumption was to just charge on the number of minutes your pipelines run.

So, the issue with that – and I think this is a good takeaway for your audience – is that customers have to morally accept the pricing plan. Like, it has to make sense to the underlying way that they think. And the problem in a data pipeline solution, if you’re charging by, say by runtime, is that frequently what you’re doing in orchestration is that you are like calling out to Snowflake or Databricks or some other heavyweight computational system that does all the heavy lifting of the compute.
So, from the standpoint of the customer they’re paying us just to kind of wait for an API call to complete. That shifts the mind of the customer to think of us as just a compute hosting service.
And if you’re just doing that, the value proposition of our product doesn’t make sense.

So, the pricing impacts the way that the customer perceives the value of the product, which is obvious when you say it out loud, but isn’t obvious when you’re kind of in it.

We’ve really stepped back and looked at this – the real value in an orchestration system is in the kind of the control signals and the metadata. Like, concretely, you open up a orchestrator, or our orchestrator, and you see all these fancy Gantt charts of what’s going on, you have a ton of visibility, and then the words that our users often use is, “Ugh! Dagster is like the single pane of glass that consolidates my entire data platform, I have visibility into all this stuff.”

So, that’s where they perceive the value. They do not perceive the value like it’s a hosted compute service. That had the benefit of being simple, but didn’t actually align with the product value that the users perceived.

We switched to charging based on metadata and control plane events that drive our UI. I think the other thing is that for founders in the audience is that you have to have a pricing model that works for sales. And early on, you don’t have enough data to know how much consumption there’s going to be for a customer, for like say the next 12 months. And with the way sellers work, they have to hit their ARR number ― that adds up to their quota, that determines whether they can feed their children or not. So, it’s very important to the sales team.

We had to also add sort of a per seat component that effectively acts as a platform fee for our enterprise customers that allows us to kind of project and forecast ARR that would be appropriate to the value it’s going to deliver to the customer.

You also have to think about the internal incentives and how it’s going to work for sales people, who are reliant on selling your product in order to send their kids to college.

Why Audience Selection is Important?


Mike: I am going to pivot a little bit back to tech for a second, but really more to talk about the open-source community. What’s interesting about Dagster is that it reminds me a little bit about the battle between Perl and Python. They were open-source tools in your area that existed before, but they were a little bit hacky or more challenging.

Can you talk about what are some of the challenges of building an open-source community in an already competitive market, where you needed a lot of features just to get the baseline of functionality? And then, how did you focus on either getting new, or getting some of the developers to switch into your platform?

Nick: You need to make sure that you have an audience that cares about what you care about, and it is very differentiated on that dimension, to the point, where they are willing to take a risk to bet on you, to work around missing features or missing integrations that might exist in a more mature solution. So, identifying that small subset I think is extremely critical.

There’s now, I think, a kind of standard reading for Silicon Valley founders, which is Peter Thiel’s book Zero to One. And he talks about how you start with a small market and then dominate it, and then move on to progressively larger markets. And I think that really, really resonates with me, especially in developer tools.

One kind of approach – and this is kind of the nature of tools that I like to work on too – is that what you can do is pick the audience that you think has the most leverage in the organization. And for us, it’s like the data platform engineer. Like, there’s engineers whose entire job in life is to serve stakeholders who build data pipelines on top of a data platform that they build.

And a huge part of that is setting up a great developer workflow with CICD and testing, so you can actually maybe know if you’re going to break something before you push to production, which is very frequently not the case in data pipeline.

I think our early audience was really people who really got it that testing, and fast feedback loops, and developer life cycles, is like the baseline foundation of productivity. And productivity is just huge in working in the software. Because productivity is not just about doing tasks more efficiently, it’s about making an entirely new things possible.

So, yeah, I guess I kind of went for a field there, but to circle back to the beginning of the question, I think it’s audience selection and being deliberate about that, it’s really what’s important.

Governance

Mike: Recently HashiCorp has changed their license, and I see that Dagster’s published in its own GitHub repo, so you’re under the Dagster repo. Dagster is your trademark. How can you assure the community that if the board decides to sell the company to Oracle, for example, that they won’t change the license immediately? And have you considered moving the Dagster open-source project to community governance and making it safer to use for the future?

Nick: As someone who’s gone through a foundation process for another technology, we moved GraphQL to its own open-source foundation with community governance. I have a pretty deep understanding of the trade-offs here. I think it’s a question of maturity and life cycle. The risk that you said exists. There could be a boardroom coup, and I’m out and Pete’s out, and then, we’re sold to Oracle or something.

By the way, the probability of that is approximately zero, but let’s theoretically do it. And then, Oracle could change the license―that is possible. I don’t think that’s a realistic risk in any sort of near-term.
So, if we had community governance, it would eliminate that risk. However, community has a ton of it overhead. And where does the beginning of our journey for innovating, and we want to be able to move quickly and respond to feedback quickly, build features, have complete control in that way.

And that’s definitely the right trade-off for us right now. Compare and contrast that to the GraphQL story, with GraphQL, we open source the spec, a document that was meant to be very stable from day one, and evolved pretty slowly over time. So, in terms of the technical artifact there, it actually matched like having a foundation process and governance over it made a ton of sense. But for Dagster and the immediate future, we’re having more centralized control, and increased pace of execution definitely makes the most sense to us.

2023

Mike: I’m going to move to a temporal question about 2023. A lot of tech companies struggled in 2023. The Times reported that 3,200 venture-backed tech companies went out of business in 2023. Of course, I don’t know how many normally go out of business, but still it seems like a lot. I was wondering, was 2023 a good or a bad year for Dagster? Did you buck the trend and grow 100%, or did you also feel pressures on budgets from enterprise customers?

Nick: We had a great year. So, not only did we grow 100%, we grew 400%, and our NDR was north of 150%, which means, our existing customers were also increasing their contract sizes. I feel great about the business, especially being able to grow this quickly in this environment. I am also grateful that we didn’t raise round of financing in a wildly inflated valuation, with too much capital in the FED bubble in 2021.

Because, at the time, certainly, it was frustrating – a bunch of my peers were  — you know, all of a sudden, the CEO has a billion-dollar company, even though they in reality weren’t that far along in the journey.

Now, I think a lot of those people kind of are in a pretty tough spot, and they’ve had to do layoffs, and it’s painful. We kind of stuck to our fundamentals there, so, I feel very good about it.

I still think the pain is going to be very real for the industry through 2024, maybe even into ’25. Because, yes, there’s an advantage to raising a bunch of capital too, in that you have a long runway. A bunch of these companies, they have so much cash on the balance sheet, and the interest rates have gone up that their interest is actually a meaningful source of income too.

There are more waves of company death coming in ‘24 and ’25, I guess I’ll put it that way.

But we’re in a great trajectory, and I think we’ve raised an appropriate capital to the progress in the business. And we were able to raise a B in 2023, which was a very challenging process, but it felt great to be able to do that. Not many of the companies were able to do that.

Open Source R&D v. Commercial R&D


Mike: Here’s a question, and it’s a little bit about engineering priorities: you have an open-source project of which your team contributes a lot of code to, and you also have a commercial cloud product. Can you just talk sort of at a high level, from an R&D perspective, like how much of your budget gets invested into your product versus how much gets invested into the open source? And how do you balance those priorities?

Nick: It’s actually hard to tease apart. Because, if you’re an engineer who is working on a feature that will have manifestation in cloud, often you’re kind of spanning the entire stack and like working on the open source, but then also working with some proprietary features. So, it’s difficult to cleave it that way.

The other thing is that we reorganized the engineering, the R&D organization around company objectives fairly frequently. I actually can’t give you a precise number at any point, or historically/cumulatively, about how much we’ve devoted to both open source and the cloud product specifically.

I guess what I’ll say is that we still invest a ton of our eng resources. I would say like 40% of engineers effectively work exclusively on the open source, and then there’s another tranche that kind of spans the entire stack, and then there’s another tranche, like people who work on our cloud platform, and all the DevOps and SRS work around keeping that alive and operational.

I don’t know, I guess you can call 50/50, but it’s actually really difficult to put it even semi-processed number on it.

Dog Years


Mike: Well, it sounds like it’s really been an amazing journey. And I’d like to remind you that it really hasn’t been that long either. Only 2018 doesn’t seem that long ago to me.

Nick: Well, it seems like a long time to me, man! That’s the old joke. It’s like dog years in a start-up, one year feels like seven. I have to pinch myself. I only moved away from the CEO seat like 15 months ago or something. And it feels like a lifetime.

Founder Advice


Mike: We covered a lot of topics, but I guess, my last question is, is there any advice you have for entrepreneurs, who are launching a business around an open-source software, product or project?

Nick: I think one of the things that founders need to think about — I mean, this could be an entire hour podcast about all the advice that I would say, but couple things to think about: one is, know when to go slow and know when to go fast, especially when you’re talking about so-called “one-way doors” in Jeff Bezos speak, where you’re making decisions that are either extremely costly or impossible to undo. Company branding is challenging to change in terms of the specifics of open source and dev tools, API decisions, especially in open source, last forever. You need to be deliberate on that.

And a commercial product, you can actually iterate extremely quickly. So, I think it actually is important to kind of have two cultural muscles. One is much more upfront design-oriented and collaborative with community, and deliberate and thoughtful on API design, but you still want to have that super-fast feedback and development when you’re developing the commercial components to your product that are hosted.

The other thing I would optimize for – if I was traveling back in time and talked to myself – is optimize for getting yourself into a situation where you can have a super-fast feedback loop, with early users and customers, where you still have the opportunity to change things, and do so quickly.

If you’re in a super-fast feedback loop with a single customer, you can make API changes much more easily. And the ideal situation still is, if you are working on a technology internally at a company, where you have access to all the code that uses it, that is just super valuable.

You’re also basically getting a seed round for free, because, often you’ll have people around you, and you’ll be working on it.

So, I don’t think I truly internalize what an advantage that was, to have it done the core R&D internal at a company. Yeah, I think like there’s a little more resistance now to open source the internal tech with kind of — it’s a less idealistic environment these days. But those are kind of the top-level things that come to mind.

Closing Notes

Mike: Well, great. Thank you so much for taking time out of your day, Nick, and best of luck with Dagster Lab.

Nick: Thanks. It was really a joy to be on this podcast. Thanks, Mike.

Mike: Special thanks to the Dagster PR team for reaching out and helping with logistics. Cool graphics from Kamal Bhattacharjee. Music from Broke For Free, Chris Zabriskie and Lee Rosevere. Next episode recorded at the State of Open Conference. Peter Farkas, Co-founder and CEO of FerretDB. Hopefully, I’ll have that out in the next week or so. So, until then, thanks for listening.

Episode 64: API Service Mesh with Idit Levine, CEO and Founder of Solo.io

Intro


Mike: Hello and welcome to Open Source Underdogs! I’m your host Mike Schwartz, and this is episode 64 with Idit Levine, Founder and CEO of Solo.io, an API Gateway and Service Mesh company with a product called Gloo – not to be confused with Gluu – the company that I lead, who sponsors this podcast.
I’ve been trying to get Idit on the podcast for many years ever since I spoke with her at an Open Source Conference in 2019, and finally, her PR agent reached out to me a few months back, and, of course, I agreed immediately.

Solo is not your typical startup journey, it’s sort of a miracle it got off the ground, but once it did, they didn’t waste any time – they’re already breaking 10 million in sales.

To avoid spoiling the story, I should just stop here, so let’s cut to the interview.
Idit, thank you so much for joining us today.

Idit: Thank you so much for having me, Mike.

Did Solo Join an Incubator?


Mike: My first question, and this is sort of a different one, but it’s something I’ve been thinking about, is when you first started Solo.io – which was not that long ago, I think five or six years ago – did you join an incubator and why or why not?

Idit: I did not. I wasn’t even aware that they exist, honestly. When I started the company, what I knew is that I had some “technical” friends that I knew that I can start it, and basically started doing this – the software was more about the technology. So, I needed to learn that while I was raising money, and so on.
Honestly, Mike, I think the first VC that I met, they asked me about a pitch, and I asked, “What is a pitch, what am I supposed to do?” I really didn’t know much, I needed to learn.
I wasn’t aware of a long incubation, definitely not in those days, because it’s not very popular.
I just basically started the company around software and just tried to get some money in order to kind of like bootstrap the company. But that’s basically the things I would do. Honestly, mainly because I wasn’t aware of it.

Mike: Do you think if you could do it again, you’d use an incubator?

Idit: No. Now, I feel that they learn so much from those processes. I think it’s very good if a first founder maybe is not aware of a lot of stuff, that’s really helpful to be kind of like protected by team that has done it before and knows how to help you and guide you.

Today, I think I learned enough of the process, and I’m doing it for a while right now. I made a mistake, I learn from them, so now, I’m feeling that I’m more free to actually do it myself again, if I need to.

State of Company at Seed Funding

Mike: At the time you raise your seed funding, was the open-source project started, did you have any technology, did you have any initial customers or team? Like, what was the state of the business when you closed, let’s say, that seed round?


Idit:  No, there was nothing, honestly. Before that, I worked in the EMC. Part of the EMC, my job was to basically do cool stuff on open source. I was in business, I was in the city office, and my job was to basically, if I had a new technology and we had to figure out how we can play that. Basically, we did a lot of open source and invent development. We immediately knew that we were playing back then, in Kubernetes, Mesosphere and Mesos, and all that great kind of technology. Docker was just a new thing back then, so, again, playing in that ecosystem was immediately a thing that we’ve done.

When I started the company, there were two things that I started pitching in the beginning. The first thing that I was pitching was unikernel. It took me a few months to understand that that’s something that I would not be able to ever raise money on. Probably for good reasons.

By the time we were at home, I was pretty bored, so I built another open-source project called Squash. And that was an open-source project that related to debug microservices in Kubernetes.

And that was relatively successful project, but mainly, as I said, I think that there is a good money on it because the work that I was doing before in the open-source, I literally built a reputation of someone who is capable of doing a cool project.

How Many VC’s Pitched?


Mike: How many VC’s did you pitch in your initial seed funding round?

Idit: Oh, man, a lot. I mean, as I’ve said, again, you remember, I was on the east coast, but once I decided to do it seriously, I left the EMC, and then, I basically went to the west coast, where there is VC that is more in that space and that, yeah, I got a lot of those, a lot. I think like every founder as well.

Products?


Mike: I don’t want to go too deep into the tech, but when I look at the Solo website, I see there are a few products. I am wondering if there’s like an 80/20 rule here, where one of the products accounts for 80% of the revenues?

Idit: We don’t have 20/80, actually, that’s interesting. I think it’s probably 50/50. And the reason is because of the packages, a lot of time we’re selling them together. If you look at all the projects, the main two markets that we’re going after is, the Gateway and the Mesh market. We started with a Gateway mainly because the Mesh wasn’t — you know, we couldn’t sell it.

So, we started from the Gateway, and we knew that this is kind of like an entry point and kind of like a stepping stone to a Service Mesh, so that felt very in the area. And I believe that in the future the Mesh will grow more.

First Customer

Mike:  So, one of the challenges of a start-up is always the first customer, especially if you’re selling in the Enterprise space. How did you convince this customer to be first? What did they actually buy? And whatever they bought, does that resemble your current offering today?

Idit: Yes, actually, as I said, we started selling the Gateway, and that was a flagship product of the company. When we started, basically what we did is, we had three design patterns in a way. I didn’t do it the regular way, we did it from open source. We didn’t go and talk to customers and say, “What do you want us to build?” And then, we built it. We were more like, we’re in the open-source and kind of like say, “Okay, that seems like the right thing to do.”

Kubernetes came, you needed a new API Gateway, you wanted probably an Envoy – that’s what we believed people wanted – and then, we went to pitch.  And a lot of those customers came to us from the open-source community.

So, we learned a lot from that process. What we did, and we did it differently, because we are coming from open source, we basically managed all our relationships with our customers through Slack. Then, understood what we need to do in order to make that very, very successful in their infrastructure. And we basically got all those requirements and built them into the product. It’s very different to build an open-source project versus an Enterprise environment.

Value Prop


Mike: So, what would you say is the most important thing that motivates your customers to buy your product?

Idit: I think that today Solo is kind of like three things that we are very good at. Number one is, we really, really understand the marketing really, really well, and the technology in it, so we know what’s coming up. We know what is 20 and what is not, we’re looking at adoption – we really understand that very well.

So, we always compromise with the customer that we will bring them to the edge of the technology. If there is a new technology that is relevant, we’ll probably put it in our product. I think that’s one thing that customers like, so the perception of Solo is that it is an innovative company, which it is – it’s what we are.

The second one I think is customers in sales, which was always one of the things that is the most important to us. This work with Slack, when I started it, everybody told me that’s not going to scale. And surprisingly today, when we have hundreds of customers, it is still scaling, and the technology itself, if you look at it right now, there was a lot of shifts in the market in terms of the infrastructure that you’re running, most likely running in something like Kubernetes.

So, it makes sense that you would have a Cloud native Gateway, and when you start scaling and scaling and scaling, it makes sense that you will take care of something like MPLS and Security and Zero-Trust and Observability, and all those microservices – it’s just that this is the needed technology when you are going to scale. And that’s where the market of microservices like Kubernetes is right now.

Is Solo a Distribution of existing Open-Source Components?


Mike: Solo is an interesting company in that, in a way, you write software, you write a lot of software. But you also have a curated distribution of open-source components that you give your customers a control plane to manage and take advantage of. So, it’s not just the software that you’re writing, but without Envoy and without Kubernetes and without Cilium, you really maybe couldn’t even build a product. So, do you think that maybe this is a new model, where you add a little software on top of this huge curated distribution of other very complicated components?


Idit: Instead of creating the open-source project – we do have one, for instance, Gloo Edge is a technology that is an API Gateway based on our technology, and it is based on Envoy. I think that what we were good at was identifying, pretty much at the beginning, which of those technology would be better on Envoy, when honestly Envoy was relatively a very small community no one really knew about it, and NGINX was the chosen proxy.
We chose Istio, even though we could have competed like everybody else and tried to build a better service mesh, but I knew that that will be the choosing mesh, even though when we looked at it, it was pretty messy, and we knew that it would take you a while to get there.

I was very, very aggressive to my team saying we are not going to be competitive, we are going to use that.

And the reason is because the software that wins is not always the best software. It is the software that most people are leaning to because they will make it eventually the best software. And I think that that was something that Solo has recognized very well. All that technology, all those products that we are doing is basically we are building – and I will not say a little – we are building quite a lot of logic, ease of use and enhanced technologies on top of those — let’s call it basic component that you need.

There is a lot of complexity actually in the control plane, way more than in the data plane, for instance. But, yeah, as I said to you, this is my model, hopefully sellers will succeed with it, but yeah, I believe that open source is building an amazing technology, and that we should leverage the best.

We are also contributing a lot of those technologies. I mean, if you look at the Istio right now, the new thing that we did with Ambient that we and Google contributed to it, it’s mainly we are the main contributor to it. And Istio, we are contributing a lot to it, we have a full team that is responsible to contribute to it. If you look at this, probably I think the most engineers that are working today on Istio are coming from Solo.

How to Decide What Features Are Open Source?


Mike: I was looking at the open-core model, but I’m actually more curious about, there’s always this friction between what do we put in the community version and what do we open-source. What’s the decision process behind deciding whether a plug-in will be commercial or non-commercial?

Idit: In the beginning when we started, we had nothing, we put everything in the open source, but then at one point, we understood that that’s a problem. Because eventually, somehow, you’re not going to exist as a company if you are not going to make a little bit money at least. So, we needed to figure out that what we’re putting on to double it will make sense, we are not hard to open source because it’s very important to us that open source will be successful.

It’s why we continue contributing constantly to the open source, but we also need to make sure that we will have something that differentiates it on top of it. And the decision in the beginning when we thought about it, the Enterprise feature that people actually really, really wanted to have a provider helping them was security or stuff that will let that do. You know, Enterprise feature like HA.

So, that’s the stuff that we put in Enterprise. The question is, you are usually around technology, would it make sense to be in the core open-source project because that is where it belongs. It’s kind of like a core feature, or it’s actually an extension to that open-source project.
And therefore, it’s going to be that Enterprise edition. To us, it was very important that the core should be open. That’s the way we’re doing it.

Pricing

Mike: I always worn entrepreneurs that pricing is one of the most challenging aspects of a tech start-up in particular. Can you share maybe some of the lessons you learned about how to price in the first few years, did you get pricing right initially, did you have to do a major pivot – what was your experience there, and do you have any lessons learned in pricing?

Idit: As I said to myself, okay, maybe the real unit of contribute for instance in the Gateway is supposed to be the API call, but honestly, that will take a lot of time for me, and it’s also going to be a pain for my customers, so how can I still value how much they use it, without actually interfering too much with the customer and with my engineering team.

And what I came with in the beginning is that the data plane is usually a good assumption, because if you have a lot of call, you’d probably want to scale that data plane. And in the data plane, it’s easy to call, the customer tells me I have five clusters, this is a data plane I am using – it is very easy to measure it and if people use it more, that’s fine.


So, that was the beginning. When we added the service mesh, there was a way more data plane and there was also a way more potentially change. Because you have cycles, and the cycle is basically going directly with the application, the microservices. The microservices going up and down, so very hard to basically figure it out. We needed to change that model and we went to the cluster model.

We said, just let’s keep it simple, we don’t want it – again, it’s all about keeping it simple. That’s what was important to me. I don’t want my customer to need to have a PhD in order to understand the way we were pricing.

That’s what I did. And again, it’s probably cost me some money. I probably left some money on the table and that was fine. But again, it was all about and it is still all about Solo as the partnership. It’s all about the relationship that we have with our customers, it is a real partnership, we are seriously the extension of their team.

But, you know, stuff changing all the time, so you always need to adjust. And honestly, you are learning that from your customer. So, for instance, what we saw right now is that some of the customers that are basically using us, it is more like advanced development center kind of thing.


Innovation centers like city offices or the innovation center on the ITN, and when they are starting, usually what they want, their job is to basically build something to offer to the businessmen. So, the question is, the money is not going to come from them, you cannot expect them to have tons of budget to pay you to run it.

So, what they really want is more of the consumption model. What they want is to create something and get the platform available everywhere, without paying millions of dollars, but then, they will basically enable teams to come after. And that’s different. The model should be different, it can be how much clusters you’re running. Because it could be that you’re running an empty cluster in the beginning. So, we needed to adjust based on the customers. So, it’s always moving kind of like we are learning from the customer how we can make it better.

But again, to me, the way I’m looking at this and that’s always my motto – whether it is truthful building, writing software or selling product – I want to take the challenges on my team. For instance, I prefer right now to build a sophisticated metering that will make the best customer end-user experience for my customer, even if it’s harder.

How to Maintain High Growth

Mike: You know, I was reading an article, and it said that you were projecting five to six times growth for the next year, what is a key to obtaining this high rate of growth? How is that possible?

Idit: First of all, the market – and that’s very, very important. Like for instance, when we started, we had the Gateway that was very popular and everybody needed it, and then the Mesh came, but it took us a while until Mesh would be everywhere. Right now, there is a lot of stuff that is going really, really well for us, and that’s what is allowing us to go.


What number one is, for instance, that is still going to the graduation. So, we actually choose the right service mesh, and not only this, it is going right now to graduation which has shown maturity.
So, that by itself means that there is more demand from the market. You just need to have the right market product to sell, and when a customer wants it, it would be really lazy to grow. But I’m not going to say that there are no challenges, in economy, it could be that we have an amazing product, we have tons of money – that’s not really helpful if our customer doesn’t have money. They’re not going to buy it. Again, that point – you need to make sure that the product is a necessary, that people will need to spend money for it.

Just, again, listen to the market, make sure that you have the right market fit, which I think is the most important, thinking about the packaging, make it very, very easy for people to consume your product.

Metrics and Data?

Mike: You’ve mentioned that you’re data-oriented, and I’m wondering, what are some of the most important metrics that you track?

Idit: This is a good question. I mean, if you ask my CFO, who is a very, very data-oriented person, a lot of the metrics that is running is metrics is numbers – how many VCs we are doing, how much of it is in production and that kind of stuff. Data that I’m looking at is different than the data that my CFO, the metrics that they’re looking at. I think in every business, it’s all about people, it’s all about the people in the business, it is all about the people in the market. Why has AWS decided to do this, why has Google decided to do this, what’s going on inside this organization – all this information is not metrics, but it’s data that you need to collect in order to make the right decision.

How do I predict it five or six years ago that there is going to be a lot of clusters and that people will need a service mesh for each and Istio will be that service mesh. That was pretty crazy to do five years ago.


But I had enough data that would lead me to believe, a lot of data that would lead me to believe that this is the direction that we need to go. So, we do have the metrics of how many customer success, otherwise you cannot scale – you need to know when something is wrong and, you know, big enough organization right now that “I’m not everywhere and I don’t know everything anymore.”

What Gives You Joy as CEO?


Mike: What gives you the most joy as a CEO?

Idit: It is always your job to basically kind of like try to cover the gap that you have in the company. As in the beginning, we had engineers, but we didn’t have anybody to do evangelism, and kind of like after that, we grow, and then we got that evangelism, so I’m not doing evangelism anymore. You are always doing more stuff, and to me, the way I’m looking at this, honestly, when I’m waking up in the morning is, what is the next fire that I need to put off, like where do I have a problem with, what is not working well the way it is working right. It is seriously like that’s how you should think about it – where is the next fire will come from and how am I covering it.

And to me, I’m a person that is easily being bored, so, I like learning, I like seeing what the problem is, I’m dangerous in every position in the company, potentially. I’m dangerous enough now after six years that I learned all of those.

So, I think that, the fact that it’s never boring, but I wish it was a little bit more boring. I mean, I heard a joke from someone that said, “A founder that started a company in the last five years, what did they need to overcome?” We needed to overcome Covid, we needed to overcome the SVB with the Silicon Valley Bank fall, we needed to overcome the fact that all our competitors suddenly could have raised 100 million dollars, you know, like crazy variations with seed money.

And so, there was a lot to overcome since then and it is never boring. And I think that as someone that likes challenges, that drive “I want to be the best, I want to win.”, so, that’s what I’m enjoying.

And I’ve got an advice from Diane Greene, who was the founder of VMware. And she was one of the people that started Google Cloud, so, one of the feedbacks that she gave me when I started. She basically said to me, “You can decide which type of CEO you should be.” Keep the stuff that you really like to do or you really feel that you’re a huge differentiator. And my guess is, it is that technology is the strategic, that is my strength.

And bring strong people next to you to cover the stuff that you can give away. So, my advice is to go to market. That to me is kind of like the way I’m looking at this, but honestly as a CEO, you really do a lot of the stuff that you don’t want. I mean, your job is to fix the problem or to cover stuff and to enable the other teams. If I need to help my engineers, I will do that if I need. You know what I mean? I will do everything I need to enable the team base. That is I think very important.

What Advice Would You Give Yourself If You Could Go Back in Time?

Mike: If you could go back five years or six years and give Idit some advice, what would that advice be? It doesn’t have to be at the very founding, it could be in the early stages too.

Idit: Wow. I learned so much. It’s very challenging to run a big team and make everybody aligned. As the company’s growing more and more and more – that’s become more than another. I think that the advice that I would tell my younger Idit is basically, just follow your instincts, listen to people, but eventually, make your own decision. I think the thing that I was doing wrong in the company was, a lot of times, I’d hire a leader for market and he’d go to market. And I knew that this is not my strength.

So, even though I didn’t believe always that what they thought were doing is wrong, I let them do it because I said, “Look, they are the expert. I’m not an expert in marketing, so let them do this.” I paid a big price for it because I felt that actually a lot of times, they were wrong and it’s within the company.
So, I think that what I learned today and why I think that I would be a better leader than I was back then is because I’m going to die or succeed on my mistake, honestly. Because there’s nothing faster than us to come and take responsibility for someone else’s mistake.

Again, it doesn’t mean that you’re not going to listen, but after all the data at the beginning, if you believe, like trust your instincts, don’t assume that someone else knows your business better than you. I think that this is something that I made a mistake a lot of time, actually multiply times. Before I said, “Okay, that’s it.”

Close

Mike: Idit, thank you so much for sharing all that experience and know-how and best of luck with Solo. Although it doesn’t look like you need it, you look like you’re doing amazing, so, congrats.

Idit: You always need more luck, but thanks.

Mike: Special thanks to Idit and the Solo team for reaching out. Cool graphics from Kamal Bhattacharjee. Music from Broke for Free, Chris Zabriskie and Lee Rosevere.

Next episode’s expected Jan of 2024, an interview with Nick Schrock of Dagster. I’m slowing down a little bit, but I’m still trying to do four episodes a year.
Don’t forget the State of Open Conference is returning to London, Feb 6th and 7th. So, until next time, this is Mike Schwartz, and thanks for listening to Open Source Underdogs.

Episode 63: EBPF Networking Isovalent with Liz Rice – Chief Open Source Officer

Intro

Mike: Hello and welcome to Open Source Underdogs! I’m your host, Mike Schwartz, and this is episode 63, with Liz Rice, Chief Open Source Officer at Isovalent, the software startup behind Cilium, an eBPF-based Networking, Security and Observability project. 

This episode was recorded in early February at the inaugural State of Open Source Conference or SoCon, which was held in London at the QEII Center in Parliament Square. The force of nature behind SoCon was Amanda Brock, CEO of Open UK and editor of the essential book Open Source Law, Policy and Practice, 2nd edition. Check it out on Amazon if you’re an open-source founder. Don’t miss SoCon next year in 2024, especially if you’re already in Europe for FOSDEM.


If you think eBPF or enhanced Berkeley Packet Filter sounds like a geeky low-level technology that you don’t need to know about – well, you’d probably be wrong. It enables developers to safely write code that runs in the Linux kernel. And safely is the key word here, because if you crash the Linux kernel, everything on the whole server goes down, all the containers, and everything else running on that server.


However, by exposing the power of the Linux kernel, developers can write code that runs faster and consumes less energy, and faster and cheaper has always been an attractive feature. Cilium combines three products into one. It’s like an old-fashioned firewall, an API Gateway and Wireshark, and it’s Kubernetes pod aware. It’s used by a number of successful products like Teleport for access management or Solo.io Service Mesh.
Simply said, eBPF is going to fundamentally change our infrastructure.


I met Liz at the SoCon conference, and after learning a little about Cilium, I was really impressed, and I asked her if she would come on the podcast, and luckily, she said yes. So, here we are with the interview.

Mike: Liz, thank you so much for joining me today.

Liz: Thanks for inviting me.

Tech Overview


Mike: As I understand it, Isovalent leverage’s a kernel technology to build a product called Cilium Enterprise. The upstream Cilium project on GitHub has over 22,000 commits and 14,000 stars – these are really impressive numbers for a project that started in 2016. How did this happen and how does this relate to the origin story of Isovalent?


Liz: Yeah. So, Cilium is built on a platform called eBPF, which is the kernel technology that you referred to. And eBPF allows us to run programs that are triggered by events that happen in the kernel, and those events could be Network packets, they could be a system call being made by user application – pretty much any sort of event in the kernel can be used to trigger an eBPF program.

Cilium was the first networking project to take advantage of eBPF. And it was always designed with the idea of container networking in mind. And the folks who started it are the founders of Isovalent, as well as being the originators of the Cilium project. So, Thomas Graf, Daniel Borkmann, who’s a kernel maintainer looking after eBPF, within the kernel.

And eBPF and Cilium, particularly eBPF in Networking and Cilium, kind of grew hand in hand since 2016 thereabouts, as we – the many, many contributors to the Cilium project – as it grew and as it gained functionality, sometimes that’s required additional capabilities in eBPF.

So, it’s been really almost like a long game. I think when Daniel and Thomas and Dan, the CEO, when they were first thinking about using eBPF, it was such a cutting-edge kernel technology – nobody was using it in production.

You know, when we add something to the kernel today, people won’t be using it in production for probably three, four, five years to come, so really, anticipating what the future was going to be.

I first saw Thomas presenting Cilium and the underlying eBPF technology back in 2017, and at the time I thought, “Well, this is revolutionary, this can change so many things.” Because not only can we see Network packets being manipulated by eBPF programs, we’ve also got this incredibly performant way of observing those Network packets and reporting on them that we can use for observability tooling. And like you mentioned network policy – we can implement network policy in eBPF.
Just making policy decisions about whether an individual Network packet is permitted or denied by policy, based on Kubernetes identities – this is the other real strength of Cilium.


It knows the Kubernetes identities, the labels of every pod. And so, you’re no longer just looking at network flows in terms of IP addresses and the port numbers you’re actually looking at them in terms of “this is a flow between service X and service Y.” It is so much more meaningful for a Kubernetes’ user.

Why the name Cilium

Mike: Just out of curiosity, do you know what Cilium means?

Liz: I think they’re little hairs in the inner ear – I’m not entirely sure why that was used as the name for the project.

Origin


Mike: I understand the eBPF technology is mind-blowing – Cilium is quite a project as I said. I mean, you’re not one of the co-founders, but do you know anything about how did it become actually a business?


Liz: I think pretty early on, as Cilium, the project, was getting established, and this sort of understanding that eBPF was going to be a really great foundation for efficient networking. That idea of building a company around this technology was probably in Thomas’s mind right from the get-go – I don’t know that for sure, but I imagine it was. And he and Dan Wendlandt, who I mentioned earlier – this is Thomas Graf and Dan Wendlandt – Dan had the background in software-defined networking, he’d worked at Nicira.


And I think they really saw the future of container networking being built on eBPF, so it was kind of natural to build a company. But, for the first few years, really the focus was on building the Cilium open-source projects, getting that really well-established and really well-known in the Kubernetes community.

It’s now been adopted by the CNCF, so we’ve actually contributed the project to CNCF, we’ve recently applied for graduation status there. It’s probably the most widely adopted in production networking plugin for Kubernetes now.

That kind of path from open-source projects, we really need to see this widely adopted, and then, a business that can provide, not just support, but also some Enterprise features that really large adopter is going to need. And just makes a lot of sense.

What does a Chief Open Source Officer do?


Mike: Your title is Chief Open Source Officer, and that’s a title I’ve never actually heard before. How is that role defined at Isovalent and why were you so excited to take on this mission?

Liz: It’s a particularly interesting title in a company where the vast majority of the engineering is open-source engineering, but I don’t run the engineering teams. My role is much more about how do we continue adoption of the open-source project, and how do we interface with the foundations, the community – I do a lot of work with the CNCF as well. How do we both act as good citizens towards that community and do the right thing in the open-source world. But also make sure that we’re taking advantage of everything we can.

You know, foundations like this offer us a lot of roots to speak to people who might become users and how we can do that in a way that is beneficial for people who want to learn about Cilium, or who want to learn about eBPF. So, that kind of educational role also falls within my team.

Open source v. Enterprise

Mike: This may sound like a silly question because Cilium was so powerful, but from a business perspective, what would you say are the main value propositions of the software?


Liz: So, from the open-source perspective, it’s a highly performant networking solution with built-in observability and security features. And we could dive into more details on what those are. From our perspective, it’s fantastic. If people are satisfied using the open-source version of the code – that’s great – we never want to make it such that — we don’t want to curtail the functionality, so that it always wants to be useful to open-source users.

That said, there are some features that particularly larger Enterprises are particularly interested in that you won’t need if you’re not a big Enterprise. So, for example, integrating with Legacy workloads. Some high availability features that you don’t really need unless you’re at a certain scale – those are the kind of features that we provide in the Enterprise distribution at Cilium.

Isovalent v. Sysdig?


Mike: Do you see yourselves competing with a company like Sysdig?

Liz: On the security front – yes. There is an element of competition there. I think we’re sort of speaking with slightly different customers there. Because, to my understanding, Sysdig is very much a security focused solution, whereas Cilium really applies more to a platform team who’s establishing, I would say Networking first, with this incredible set of security capabilities that you can then show to the security team, these amazing capabilities that they’ll get all that they already have by using Cilium.

I think we’re probably talking to different people within our respective customer organizations, but there is a certain amount of overlap around particularly the kind of runtime security, which we have a sub-project of Cilium called Cilium Tetragon. And there’s the ability to create profiles for the kind of things like accessing sensitive files or running certain executables, privilege escalation, suspicious network activity – these are the kind of things that we can detect at runtime using eBPF.

Why contribute project to the CNCF?

Mike: You mentioned that Cilium was contributed to the CNCF. What was the reason you brought the project to the CNCF? Also, what does that mean for the governance of the project?

Liz: It’s a big step to contribute a project. Because we hand over the intellectual property to the CNCF. That is something that Isovalent used to own and no longer owns. And the governance of the project really needs to be in the hands of the community. So, Isovalent remains the most prolific contributor, but – and this is again part of my role – encouraging more people and more organizations to get involved in not just code contributions and not just documentation contributions, but also the kind of broader evangelism of what Cilium is and the advantages of Cilium.

So, yeah, we’ve really embraced that community. And I think the phrase that we’ve used internally is “paved the world with Cilium”.

And the best way to pave the world with Cilium is to give it to as many people as possible, and the CNCF gives us a really great route to reaching all those people who are using Kubernetes. It gives those people confidence that it doesn’t matter what happens to Isovalent, the Cilium project is in the hands of a much, much bigger organization at this point.

And then, you know, that subset of people who are using Cilium, but then, find themselves needing Enterprise features. We won’t necessarily be the only Enterprise distribution, but there’s no doubt in my mind that we have the greatest expertise. So, hopefully, we will be the obvious choice for someone looking for Enterprise features or Enterprise support agreements around Cilium.

Trademark


Mike: This actually leads into my next question, which is that CNCF actually owns the trademark for Cilium, but your product, the Isovalent product is called Cilium Enterprise. And so, hypothetically, another company could make a product called Cilium Pro. I mean, I looked at the contributors and I went down eight contributors, they all work for Isovalent, I didn’t have time to go any further, but, obviously, your company has a lot of expertise, but still, the prospect that company spent a lot of money defending their trademarks, I almost never heard of anything like that – is it sort of terrifying, though?

Liz: I mean, at one level, yes, it is kind of terrifying. And Cilium is a brand name that is better recognized today than Isovalent is. And that’s a challenge that we have to embrace. And there are rules around what you can and can’t use – I think that there are probably still a few instances of documentation and use of the word Cilium, which we’re not really allowed to do any more, that we haven’t managed to tidy up everything.

There’s limitations on what you can and can’t use around a name based on what is now a Linux Foundation trademark. But everybody understands there’s a transition between us having a trademark and then giving it to the foundation. It obviously takes a little while to tidy up all that options around that, yeah. So, Isovalent Cilium Enterprise is the Isovalent distribution of what is a CNCF-owned community project.

Outside Contributors


Mike: I mentioned that there’s a lot of Isovalent engineers who are contributing code, but are there other engineers who are also contributing?

Liz: Absolutely! Google is quite a prolific contributor, Cilium is actually used in Google’s Dataplane V2, we have maintainers from Datadog, again a huge adopter who has been using it. Enormous scale – there’s some really good talks from Datadog talking about the scale of which they’ve deployed Cilium, we have contributors from Palantir.
Yeah, there’s several what we call committees, so maintainers of the project, who come from lots of different organizations. And then we have – I think it’s around 700 contributors in total. Isovalent today is just over a hundred people. The contributor base is much, much wider than just Isovalent. That said, we probably have the largest group of people working full-time at Cilium.

Market Segmentation?


Mike: On the commercial side, for infrastructure, the marketing is very horizontal, but have some natural segments worked out in terms of the customers who convert from open source to a commercial relationship with Isovalent? And are you figuring out that there’s any ways to segment the market here or the messaging?


Liz: I think that’s something we’re learning – I have just mentioned that we’re about a hundred people now, so we’re growing in our capabilities for how we target different customers and different verticals. We’ve had a lot of success in financial verticals media, quite a few transport, strangely enough. Yeah, so there’s a pretty wide breadth of Enterprises who have adopted this. I guess, the prerequisite for nearly all cases is that there are Cloud Native Kubernetes users, or that we do have some users who are using Cilium in a standalone load balancer scenario.

Have we figured out how to market to all of these different types of businesses? We’re absolutely still evolving and learning. But I think the fact that we’ve for many years had this very community-based focus, a very community-based approach, means that we can establish relationships and have trusted sharing expertise on a technical level that then encourages those engineering teams to recommend us internally.

And when it comes to making a choice about an Enterprise product or whether they need commercial support, those engineering teams already know who the experts are, and have potentially already had help from our team through the open-source community.

Team Location


Mike: Is there an Isovalent headquarters office where engineers go in, or is everyone like spread around the world?

Riz: We are fully distributed. We do have offices in Zurich, where Thomas is based, and in the Bay Area, where Dan is based. And I think that the timing, you know, really around the pandemic, just at the point as Isovalent was growing was sort of around the same time as the pandemic hit. So, inevitable that we were going to be remote based.

And as people have joined, they joined from countries all around the world. We have people from as far as long as Japan, or Alaska, Australia, throughout Europe and across the U.S. So, our team is really now fully distributed, and the culture has to embrace that. So, we’re very much focused on being remote first.

We do get the team together, and we try to get the whole company together, at least once a year. And we have a lot of encouragement around getting teams together in what we call hive time. Because we’re all about kind of bee-related metaphors.

Monetization: What features are enterprise?

Mike: I’m curious about monetization. It sounds like it’s open core, and what are the extra bits that you’re offering, I guess, in the Enterprise? And how do you decide what to make open source and what to add as an extra feature in the Enterprise distribution?

Riz: I see that the term open-core can sometimes come with a bit of a negative connotation. Sometimes people think of it as an open-source software that’s got some kind of, you know, been cut off at the knees, and that’s absolutely not what we believe in.

We absolutely believe in the open-source product being genuinely usable, and there are some pretty large organizations who continue to use just the open-source version. The kind of things that people will come to us for will be — there are some high availability features, there are things like BGP support for connecting into your legacy data center workloads, some Telco specific protocols that we’ve worked on – we very much don’t want people to feel that there’s something that’s core to their basic use case that they can’t do with Cilium.

Unless they are big enough that they’re the kind of organization that wants to pay anyway. You get to a certain size of organization, where you really don’t want to be just relying on open source with no sense of who’s going to support it when anything goes wrong. And they may come to us for features, they may come to us because they just want to know that somebody will be there to help them, you know, with a contract in place, should anything be needed.

Features for Growth


Mike: We mentioned that Cilium is a really broad product. Is there one particular product feature that you see driving the most growth, going forward in the next couple of years?

Liz: That’s a really great question, because we do have you know really, really powerful features in a number of different axes. So, for example, we just did a partnership with Griffon, where we’re building some really great dashboards, again a big part of this is available, completely open source.

There are also going to be some additional Enterprise features here. Perhaps the thing that strikes people is that they get this amazing visibility. And you know, that could be the moment when they realize, “Huh, look at the power of Cilium!” And the fact that we can see all these latency metrics or security information being shown in a visual way. So, that could be one thing that really drives growth.

It could be Service Mesh. We have a very efficient approach to doing sidecars Service Mesh in Kubernetes. Service mesh is one of those features that when it first started being talked about in probably 2018 – huge hype, huge excitement – the reality of people adopting Service Mesh, they found that it’s actually quite resource-heavy, there are issues, instrumenting all your workloads with these Service Mesh sidecars.

I think some of the realities of deploying Service Mesh had not quite lived up to the initial expectations. And then, last year, we announced the sidecarless approach that Cilium can bring. And mostly through the power of eBPF, it’s incredibly efficient. We can shortcut a lot of the path that a network packet has to take through the Service Mesh.

So, I think that’s another area that can be a real driver for growth, as people realize they can get all the benefits of Service Mesh, but without the overhead that they’ve come to associate with it.

And then, finally – security. I think I mentioned earlier the runtime security tooling that we’re able to provide through eBPF and through the Tetragon project, combining in a really performant, efficient security tooling. At the moment, everybody’s focus in security seems to be on supply chain, but they also still have firewalls. I’m quite a big believer that we have runtime security, everybody has runtime security in the form of firewalls.

We just were on the cusp of people understanding how powerful this new generation of runtime security tools can be to essentially firewall, not just Network packets, but things like bad executables or unexpected privilege escalations, that kind of thing.

Mike: Does the breadth of the product ever feel like a curse? Wouldn’t it be so much easier if there was just one application, and we can focus the marketing message and the sales, and all is just this one thing?

Liz: I’m sure the marketing team tasked with coming up with a tagline would find it a curse, yes.

Lessons for Open Source Startups?

Mike: So you’ve been in the techs business for a long time, taking off your Isovalent hat for a second and just as an observer of the startup scene, and other than the open-source scene in, do you have any advice for particularly entrepreneurs? Because this podcast is really designed first for founders, any advice for founders?

Liz: Yeah. This is actually something I’m getting increasingly interested in and I’m working with the CNCF on how we can encourage businesses on how to operate and be successful with open-source based businesses. There’s two sets of vendors who I would say have quite a lot to learn, particularly if they come into like a Cloud Native community audience.

There’s one class of vendor who is open-source based, they have an open-source project that they’re building their business around. The second class is people who are not open-source, but they have a product that they want to sell into the primarily open-source based Cloud Native community.

I think for both those sets of people, really understanding how powerful community is, Cloud Native community is kind of where I’ve lived for the last, I don’t know, half a dozen years. And it’s incredibly powerful, the relationships that you can build up – not just between individuals, between organizations, can be a really solid foundation for the business relationships that you then build on top of that.

And I think the real lesson for a lot of vendors is: don’t just expect to turn up at an event, pay for a booth or a table, and expect people to come and buy your software. Invest in time as well, invest in contributing, get involved in our project, get involved in the cigs and tags.

Don’t just expect people to immediately think that your open-source project is the one true amazing solution. Take the time to learn what other people are doing around that, and then, have those conversations about why your solution is great and what its strengths and potentially weaknesses might be. Learning to get involved in a community is really, really important.

Closing Notes


Mike: Well, I think that brings us to a close. Liz, thank you so much for sharing and best of luck with Isovalent and Cilium.

Liz: Thank you so much.

Mike: Again, special thank you to Amanda Brock and the whole open UK team for launching the State of Open Conference, where we recorded this episode. Cool graphics from Kamal Bhattacharjee, music from Broke For Free, Chris Zabriskie and Lee Rosevere.

Remember how Liz said that eBPF and Cilium are really good for Service Mesh? Well, remember that, because next week’s guest is Idit Levine the founder of Solo.io.

Until next time, this is Mike Schwartz, and thanks for listening to Open Source Underdogs.

Episode 62: Amandine Le Pape, Element CO-Founder / COO, Messaging and Collaboration

Almandine Le Pape is the Co-Founder and CEO of Element, the the company behind the Matrix protocol, which deines a “chat” and collaboration protocol that enables federation across Slack, Rocket.Chat, Element, and many other implementations.

Episode 55 – Miguel Valdés Faura, CEO and Co-Founder of Bonitasoft

Intro



Mike Schwartz: Hello and welcome to Open Source Underdogs. I’m your host, Mike Schwartz, and this is Episode 55, with Miguel Valdés Faura, CEO and Co-Founder of Bonitasoft.

Not every tech company follows the same trajectory to success. Hypergrowth is great if your market supports it, but the world of infrastructure software is diverse, and hypergrowth can subject your business to unreasonable risk.

To me, Bonitasoft was a reminder that a CEO’s responsibility can transcend shareholder value. While the primacy of shareholder value seems axiomatic in Silicon Valley, it’s worthwhile for entrepreneurs to weigh that risk. Miguel and his team did just that, and their success validates the idea that business models are not a one-size-fits-all proposition.

As a side note, as I was doing my research, I noticed that Miguel has interviews in Spanish, English and French. American CEOs are lucky to speak two languages, but three is pretty exceptional. Anyway, I hope you enjoy the interview. This was the last of 2020. So, without further ado, here we go.

Miguel, thank you so much for joining the podcast today.

BPM Market Overview

Miguel Valdés Faura: Thank you, Mike, for having me.

Mike Schwartz: So, although this is a business podcast, you’re a technical founder, and sometimes, it helps to have a high level of understanding of the market. Business Process Management, or BPM, it’s still an important way to think about how to apply technology, but the technology landscape has changed so much since 2001, I guess when you started the project, and even since 2011, when you started Bonitasoft. Why is BPM still a good way for companies to think about how to build applications?

Miguel Valdés Faura: Good question. So, it’s because companies – I like to say that it is all about processes, a ton of processes that are required to run a company, some that are more critical than others, but BPM technology has been here for a while to help companies, to rethink, re-invent and automate their processes, whatever, they are critical or not. Also, I think it is something that is here for a wider dimension, and of course, the market is evolving because also the needs of those processes are changing in organizations.

Project History

Mike Schwartz: So, the Bonita project itself started at the French National Institute for Research in Computer Science. The project was transferred to the Bull Group, and then, in 2009, you started BonitaSoft with Charles Souillard and Rodrigue Le Gall?

Miguel Valdés-Faura: Exactly.


Mike Schwartz: And also, over the years, how is the community grown? Is the Bull Group still involved, and are there other important contributors in the ecosystem?


Miguel Valdés Faura: BullGroup, which is now part of Atos, at the origin, is involved, but as a partner. It is one of those hundred employees, partners that we have – I’m talking about Consulting and System Integrators Partners that helps customers worldwide with the Bonita implementation, but nothing more, meaning that over the years, Bonita self has grown into an international community that goes beyond specific companies, but, also, having individuals working sometimes as freelance models, as part of the bigger companies.

And I think that’s one of the main achievements now. We have now a community of around 150,000 individuals working with Bonita, not all of them of course are contributing, it is only a small portion of this contributing code, but there is people participating in answering questions in the forum, or translating the products – there is a lot of activity in the Bonita community that is not relied only on one company.

Why No-Code Is No-Go?

Mike Schwartz: In an interview a few years back, you said that the no-code approach does not open the possibility for developers to write code that meets business needs. Can you expand on that? Don’t business people love drag-and-drop GUIs, to build BPM workflows?

Miguel Valdés-Faura: Yeah, a good one. So, probably, it was referring that with this new trend of local done, this new kind of developers, the thing some analysts were calling business developers, at some point, we were facing with people that are not skilled in development to build some complex applications, and at some point, they’re going to face some limitations. Of course, a lot of people like to build on applications, using drag-and-drop, as I mentioned, or visual tools, but when the application gets more complex, or when you need to customize a little bit more the application, at some point, developers need to be part of the game as well.

So, I’m not saying that it’s not useful to have business people participating in the development projects. I’m not saying that the local movement is not something that is real, I’m just saying that we need to find a balance between things that can be done graphically, and first that require code, and it’s about how those two different skill sets can collaborate, how business people or people without development skills, can also work on the same project with developers.

Probably, those two personas are not going to use the same thing.

Customer Profile

Mike Schwartz: Thousands of organizations use Bonitasoft, but switching to the business side a little bit, from a revenue perspective do you see the 80/20 rule, where 20% of your customers make up 80% of your revenues? And if so, what does that 20% segment look like, with regard to use cases or industry verticals?

Miguel Valdés-Faura: In terms of the verticals, of course, I think it’s not only something  -particularly Bonitasoft, all BPM vendors, you know, have a lot of traction in market that are highly competitive. So, for example, insurance, banking, telecommunications, because there is a lot of pressure to do better than the competition, because there is a lot of processes that are related about how you provide better services to your customers, and how are you going to retain those customers by providing good services.

So, those will be probably the main four sectors in which Bonitasoft is evolving and getting customers, and also, potentially the ones, in which other vendors are also evolving. In terms of the split or the size of the customers that we have, we have this idea from the very beginning to focus on medium and large organizations.

So, there are some BPM vendors that are focusing on smaller implementations, we are really focusing on complex implementations and meet large organizations. So, the majority of our customers, like 75% of our customers, will match that criteria. And the majority of the project implementation inside those projects are either core or critical to their business. We usually don’t start working with a customer in less critical business process, but this is part of our strategy. And, of course, our product is better suited for those complex implementation.

Value Proposition

Mike Schwartz: Kind of a basic question, but what would you say are the most important value propositions for your customers?


Miguel Valdés-Faura: First of all, we are selling a platform, not a product, so, what we want is like to bring together those two personas that I was referring in a previous question, so business people or less skilled people, in terms of technical skills, and how developers can work together. So, we have a platform, in which you have clearly separated the visual programming capabilities versus the coding capabilities. So, in a sense, we are taking the benefits of the majority of things that we see in an open-source project. So, extensibility, open architecture, which APIs, compatibility with other open-source technologies that are things that appeal to developers. And at the same time, we have an integrated platform, a unified platform, that is also providing visual capabilities to less technical people. And, also, this clear separation in which, depending on the skills that you have, you can use some of the capabilities of the platform, and depending of your skills, you can use some others – these are the things that make us different, and that people like about our solution.

Monetization

Mike Schwartz: Bonita project is open source, and Bonitasoft has a platform built around that – how exactly do you monetize?

Miguel Valdés Faura: So, we sell subscriptions – package additional capabilities to the open-source version, and also, some professional services. And those subscriptions, minimum is an annual subscription, are sold either for people that are deploying the Bonita platform on premise, or people that are using our cloud offering now. But, in two situations, we are basically adding capabilities on top of the open-source solution, like for example, monitoring capabilities and scalability. And we package that together with a professional support, SLAs, contractor warranties, as part of this subscription. Also, it’s a 100% of our probably related revenue is a recurring revenue.

Cloud Strategy

Mike Schwartz: Cloud hosting is really a great business model, and I heard you mention that you have a hosted offering. How has the hosted offering evolved over the years, and do you see that becoming sort of the most important way that you deliver the software? Would you say self-hosted is still going to be more important from a revenue standpoint?


Miguel Valdés Faura: Yeah, a good question. I think in our space, the BPM space, and particularly because of the nature of the projects that we target in our customers, as I was referring as core or critical, we still have a lot of people using the on-premise version, especially in banking insurance that are sectors that are still using a lot of on premise, or they are starting their cloud movement, using public clouds, but not really externalizing everything to SaaS solutions. So, on-premise is still really a big majority, but we have released our cloud service 18 months ago, and we already see a traction. So, there is more and more customers also embracing that new offering – I will say today is more like 80/20. We expect that this is going to change.

It took us a while to offer a Bonita Cloud version because we didn’t show a lot of demand previously. We, as I mentioned, we started seeing some companies that are more and more interested. We really believe that it’s going to be maximizing in the next years, but again, the on-premise is still the number one option today for our customers.

Prioritization Of R&D

Mike Schwartz: So, how do you prioritize your R&D effort, because you’re still contributing to the open-source project, but you are also building your commercial like extra features. And how do you prioritize R&D?

Miguel Valdés Faura: That’s a tricky one for every open-source company. Because you need to make also clear rules about what are the developments that are going to go open source versus the ones that are going to go commercial, and the same applies to the teams – do you have the same organization working on the two kind of features, do decide to have different organizations?

So, we have evolved over the years, but one thing hasn’t changed is that we have defined from the very beginning clear rules about what is open source and what is not. For example, we didn’t want our open-source version to be something that cannot be put into production, because that was not the essence for us, the essence for us as open source.

So, the open-source solution at Bonitasoft you can develop, and you can put it into production, however, for example, as soon as you’re talking about scaling – if you need to CCP, if you want to do clustering, those are the kind of things that, from the very beginning, have only been available in the commercial version.

Also, first of all, is about defining the rules, so, your development team knows what goes into one edition versus the other. Not only your development team, but also of course the community, the community using the open-source version and also your customers – it needs to be really clear. Secondly, over the years, we have evolved, also, in terms of how the development team is a structure, to be more focused on one product, one edition, meaning, one set of people for developers working, one part of the product that is either open source, or is commercial, which, of course, is a way simpler to manage from a management point of view.

Cloud Native Opportunity

Mike Schwartz: In the Cloud Native world, scaling is sort of table stakes, like Kubernetes out of the box is clustered, and my company Gluu, we’ve decided that we’re going to make scaling sort of part of the open-source, just because it seemed like it’s hard to get adoption in the Cloud Native world unless you support Kubernetes, and Kubernetes has clustering.

Do you see a similar trend in the BPM market? And are any challenges or opportunities around Kubernetes and the move to Cloud Native?


Miguel Valdés Faura: Even before Kubernetes, the move that we saw was the adoption of Docker. So, four years ago, we started to demand Docker super, as a way to use and deploy Bonita. So, that’s one of the first that we did. So, to certify a Docker image for people wanted to start their projects, it took us depending of the geography some time, we got that traction from the US, a little bit less in Europe in terms of adoption of the Docker image. Now, it’s a reality – there are more and more people using that. And, of course, those people are also asking now, “Okay, let’s combine that with Kubernetes.”

We have decided that Bonitasoft, that this is part of the kind of the capabilities that we can provide as part of our Cloud Edition. So, the elasticity capabilities that are offered to our Cloud customers is based on Kubernetes. And I think that the value to the customer is that we are able to manage that automatically for them.

This is something that we are at Bonitasoft proposing in our Cloud offering. But if someone wants to do it on premise, and they want integrate, the current Bonita on-premise version without the Kubernetes and manage Elasticity, they can do it.

But at Bonitasoft, we have a package to make it really simple for people who want to use the Cloud service.

Growth While Pivoting

Mike Schwartz: As you know, investors are super-focused on top-line growth. They want growth, growth, growth, but when there are major technology shifts, like from 2011 to today, seems like a different world. It’s hard enough to survive, let alone to grow a 100% per year. Can you talk about some of the challenges of achieving this high level of growth, especially if you have to pivot at the same time, like you probably did over the last couple of years?


Miguel Valdés Faura: A really good question. I mean, you know, it looks like hopefully things are changing, but when we started Bonitasoft off in 2009, and especially in the years that follows, looks like everyone needs to become a hyper-growth company. And of course, I really was trying to raise a lot of money, and we did it as well as Bonitasoft. And, of course, raising a lot of money means also at some point delivering really high growth. But things are changing, and I think that that’s okay, and that’s possible in some situations, it’s something you need to also be willing to do.

We wanted, at some point, growing the company that way at Bonitasoft, especially at the beginning, we decided to change. We decide to change because we wanted to build a more sustainable business, and of course, the level of research you take, if you are always following the hype- growth is a big risk. Because, of course, you are depending a lot of on money from investors, usually high-growth means high losses. So, you need to raise money. Of course, missing some of your targets can put the company at risk.

So, we decided five years ago to change, and embrace what we call a sustainable growth business model, in which profitability scheme for us, in which we try to grow as much as we can, if the company is profitable, and learn in environment in which people are enjoying their day-to-day work.

Now, we have to switch from one to the other, and I think that the pandemic that we are living these days is also reminding us that potentially that’s also a model that some other companies should consider..

Transition From Growth To Profitability

Mike Schwartz: That’s very interesting that you’re saying, “switch to high-growth as long as its profitable”, but how did you manage a relationship with your investors? Were they on board with that, or was there some friction around, saying, “We don’t want to accept this high level of risk?”


Miguel Valdés Faura: You mean, at the beginning, or when we decided to change to a more sustainable growth model?

Mike Schwartz: When you decided to change.

Miguel Valdés Faura: I think they were happy to see that after seven years of existence, we wanted to start looking to profitability. I think at some point that’s important for a company. And so, they were okay with that. And, then, of course we think that we have another kind of discussion with them because we are not asking any more money, the company is profitable for the last four years. So, then, do we need to deal with all the things like, okay, are we looking for an exit, are we looking to grow and do some acquisitions that we want to continue to grow the business organically – but, in any case, you are not forced to raise money which I think is good for us, and in some situations also good for investors.

Building The Sales Team

Mike Schwartz: So, it’s the technical founder one who’s been on the business side for a long time. Building a sales organization is really challenging – is there anything you’ve learned about building the sales team that you’d like to share with startup founders?


Miguel Valdés-Faura: Yes. It’s maybe because I’m also an engineer by training, but, of course, we did a lot of adjustments in the sales organizations over the years, and we’ve made a lot of mistakes and we’ve learned a couple of things. We made some great success, but you know, for the last four years, we are operating with sales methodology that probably you know this, it’s called Customer Centric Selling methodology, which is really focus on the value that you can bring to the customer, that is more focused on quality versus quantity, in which you do, not a lot of prospection, but you are really trying from a marketing perspective to have people really interested in having a discussion with you, and spending a little bit more time and trying to provide a solution that is, as I mentioned, to the problem.

So, then, you can surely acquire a new customer, but also make sure you can renew over the years. And this is one of the big things that we did. And we did it by having a mix in the sales team, people that are coming from different backgrounds, including engineering.

And I think that’s one of my first learning is that you can’t have people that have an engineering background that are doing exceptionally with that, and I think we’re seeing that with more and more companies.

Second, you need a methodology that is really focusing on providing value and delivering value to the customers. And this methodology needs to also be shared with marketing, and needs to be shared with the rest of the organization, including product teams know. And that has been a big change for us. Of course, we didn’t need that from one day to the other, but that move to this new methodology, having the right mix of people and focusing more on content and maturity of our leads than on quantity and prospection, has made a big difference for us.

Partner Strategy

Mike Schwartz: You mentioned that Atos was still a partner, and perhaps, there are other partners who are either bringing you business or you see as critical. But can you talk about like the role of like how the partner strategy has evolved over the years?


Miguel Valdés Faura: Today, we have three different kind of partners – we were talking about Atos, we have a category that we call Consultants and Systems Integrators Partners. As I mentioned, we have something like a hundred and plus of those partners, so, including CGI, including Atos, including Sopra, and then, other things that you in the U.S., you call it more boutique-like partners, or people that are more specialized in one particular sector. So, implementing projects in insurance or in banking. For example, in the U.S. people like Evoke, in Latin America people like Indra – this is one category. Those kind of partners are helping us either to identify new opportunities and also to do the implementation.

By the way, 62% of our new business is influenced by those consulting partners. Second category will be the technology partners. So, there’s no surprise here, this is about integration of our product with other products in a similar market. So, for example, we have those kind of partnerships with the UAiPath in the RPA space. We have this kind of partnership with a DocuSign. So, basically that means bi-directional integration between the two products. And I joined go-to-market, in which we think that the two products combined can bring more value to the customer.

And the third type of partners that we have are OEM Partners. So, it’s people or companies that are embedding our technology and reselling as part of their product. So, to name one that is more representative. Talend is doing that, Talend is that integration leader that is embedding Bonita as one of their offerings. So, those are the three kind of partners. And of course, this thing has been evolved, and has been over the years. So, we started with putting a lot of effort on Consulting and System Integrators Partners, and then we started to focus, in a second step, on more of the technology side of the story.

OEM Patnerships?

Mike Schwartz: You mentioned OEM partnership, which is interesting for open source, because I think that companies who want OEM can use the open source and become part of the ecosystem. What is the driver for a company to OEM in open-source product?

Miguel Valdés Faura: A good question. I think is that the nature of the technology that you are embedding, if you are embedding just Log4j for logging – that was, at least, used 15 years ago, – or Hibernate for persistence. Potentially, it’s the same done embedding, BPM engine or Workflow engine.

So, if you are embedding a solution, that is more like a project or a platform, that is in some way critical to the other solution that is embedding, potentially you’re going to look for, not only can I do it from a license perspective, but also, potentially, you are going to contact the other company to do a partnership. So, that’s what’s happening a lot in our ecosystem – embedding a VPN engine or embedding the whole platform, embedding a workflow solution is something that’s potentially going to be used for mission-critical things.

So, if that is the case, even if the license allows you to do it, potentially, you are going to also look for some help from the company that is building that. And of course, then, it could be also an issue with the license. You know, some of the licenses, for example, the GPL license are not allowed to embed directly without having an OEM equipment in place or changing the license. So, it could be either a license issue, or it could be that you need some helping if something goes wrong.

Licensing

Mike Schwartz: I normally don’t ask about license because I’ve actually been thinking about doing a whole another podcast, or maybe in a season or something, just on licensing, because it’s a complex topic.

Miguel Valdés Faura: Yeah.

Mike Schwartz: And, of course, Bonitasoft’s project’s been around for a long time, but is it GPL license – can you just talk for a second about the open-source license that you’re using, and maybe why?

Miguel Valdés Faura: The open-source project is really under the GPL license, and it’s more historical reasons, this is how we started the project. You know, at that time, it was the time when MySQL was – those kind of projects were appearing, it was the time of Enterprise middleware – so, we kept that license because that was also all discussions around open-core business model. And we didn’t change the scene that, for example, we are now also launching new ones, new products in which, we are also moving to some other license like Apache or MIT. But we kept, for the Bonita project, the GPL license because this is the one that get everything started.

Mike Schwartz: It sounds like the less permissive license actually has benefited you. But I think there’s sort of a knee-jerk reaction or policy among entrepreneurs these days to use permissive license, like MIT or patchy, but it sounds like GPL actually helped you in this case.

Miguel Valdés-Faura: Yeah, it kind of helped, for example, we’re talking about the OEM, it can help the OEM space, some of the people are going to see that there are some restrictions, and then, of course, there is this debate about, okay, but if I’m burying a GPL library, it’s going to be contaminating my project, but usually when you have that issue is because the project that you are building is usually something that you want to follow the open source, you want to commercialize something, just by liberating all those people work in open source, so, yeah, as you mentioned it, it’s always a complex discussion.

But, yeah, I think there are some benefits of using GPL, there are potentially some drawbacks depending of what do you want to build with that license – I think it depends. So, it is not magical rollover for what is the best license to use in your next project.

Keys To Growth In 2021

Mike Schwartz: So, there’s a lot going on today. We have the pandemic, moved to Cloud Native, changes in paradigms, like continuous delivery. What do you think are the keys to growth in the next few years?

Miguel Valdés Faura: I think nobody knows. I think we need to be humble, especially with everything and all those things that are going on, that are going on these days. But you know what, I will be back to my – what I was talking about the sustainable growth. I think that more than ever, being in a business, running a business in which you know that you are profitable, that you are of course trying to maximize, and you are ambitious to maximize the growth, if you are still profitable, having a strong customer base that this renewing year after year is what makes a big difference, especially when there are some situations that they want to do, are facing now.

Because, of course, if you don’t have that, and for some reason, you just stop signing new customers, or signing the new customer database that you were signing before. If you have a strong customer base, you’re going to suffer more than others. So, I will be back to that concept of sustainable growth because I think it’s what makes the company less risky, more sustainable in the long run.

Advice For Entrepreneurs

Mike Schwartz: You know, startups are roller-coasters. I personally don’t recommend starting a company, especially a tech company, to anyone who’d asked me, but for those people crazy enough to dive into entrepreneurship – do you have any advice for new entrepreneurs who are launching a business around open-source product?

Miguel Valdés Faura: I will have one. It’s obvious that I think it is good that we remember that from time to time, which is, there are no two companies that are alike, so, the same applies to founders. Don’t pretend to be somebody else. Of course, listen and learn from others in your ecosystem, but be yourself. And if you create a company, as you mentioned, if you are crazy enough to create the company, try to be surrounded by people that share the culture that you have in mind, the strategy that you have in mind. Don’t pretend to be a CEO that you are not. And that’s – I go back to – not all the companies need to be the same, not all the companies need to be unicorn, not all the companies need to follow the same business model, but you need to be really comfortable about the choices that you make, otherwise, it is going to be even harder than you know it simple journey.

Closing

Mike Schwartz: It’s 55 podcast. I always ask that question at the end – no one’s actually given that answer yet, but I have to say I agree with that a100%. So, thank you for being the 55th guest, and best of luck this year. And thank you so much for being on the podcast, Miguel.

Miguel Valdés Faura: Thank you very much, Mike, for inviting me. It was a real pleasure.

Mike Schwartz: Special thanks to the Bonitsoft team for helping us to schedule the interview. Editing by Ines Cetenji. Transcription by Marina Andjelkovic. Cool graphics from Kemal Bhattacharjee. Music from Broke For Free, Chris Zabriskie and Lee Rosevere.

This is the last episode of 2020. Next year, I’ll keep going, although probably at a somewhat slower rate. If you have any ideas for the direction the podcast should go in 2021, I’d love to hear your feedback. You can contact me on the website opensourceunderdogs.com. Happy holidays, founders! Hang in there, and keep an eye out for new Season 4 episodes after the New Year.


Episode 52: Melissa Di Donato, CEO of SUSE

Intro


Michael Schwartz: Hello and welcome to Open Source Underdogs. I am your host, Mike Schwartz, and this is episode 52 with Melissa Di Donato, CEO of SUSE. SUSE really needs no introduction except to say that as one of the oldest open-source companies in the industry, it maybe has more traction than most people give it credit for, particularly in Europe.

As you’d expect for the CEO of SUSE, Melissa has had a stellar career as a developer and business leader, had many large and small firms, including Oracle, PWC, IBM, Salesforce, and SAP. I was particularly looking forward to this interview because SUSE has such a long and interesting history, and it’s reinventing itself right now to play an important role in the next phase of the open-source revolution. Some of you may have read about the recent announcement to acquire Rancher. This was a brilliant tier in my opinion and shows that they really understand the market and how SUSE can add value.

Before we get started, I have a quick request – we all want to help open-source founders and startups. I make the podcast, but I need your help to get the word out, so tell your friends, post on LinkedIn, tweet out a link, post on Hacker News, or follow me and share one of my posts on LinkedIn. whatever you think makes sense, go for it. With that said, I know you’re not here to listen to me, let’s get on with the real star of the episode, Melissa DiDonato, CEO of SUSE.

Melissa, it’s great to have you on the podcast today.

Melissa: Mike, thank you so much for having me.

Career Path To Leading SUSE?

Mike: Maybe before we get into the official questions, I’m sure many of our listeners are curious about your career path to becoming CEO of the world’s largest independent open-source company. What were some of the pivotal experiences that prepared you for this role?

Melissa: I feel like every role I’ve ever had has led me to become the CEO of SUSE. It’s really funny, it wasn’t any and particular spot or position or role that I had that led to being the CEO of SUSE. Last 20 years, I worked predominantly in my entire life with ERP and CRM, predominantly ERP companies, like IBM, Salesforce, SAP, just to name a few.


So, one might even questioned further, “Well, okay, so if you spent your whole life proprietary software, in companies, very big enterprises, like IBM and SAP, how did you find your way to SUSE?” And the past really helped me build the foundation for the future.

So, I have a unique experience and perspective for SUSE. I came in as a user. So, I started my career as an R3 developer, an SAP R/3 developer. So, I started as a coder, and I started creating SAP applications to sit on top of the first Linux systems. And the very first partnership we had 25 years ago was SAP and SUSE.

So, how did I get into technology in the first instance was on the recommendation of a mentor. A mentor I had at the time said, “Have you thought about getting into SAP? It’s really beginning to catch on.” And from that moment forward, I never left, so I’ve got more than 25-year history, in technology, starting out as a developer, with all BOP and Bases code to create applications to sit on top of SUSE.

Every move I’ve made throughout my career has been typically based on the recommendation insights or thought leadership of the people around me, particularly my mentors. So, my mentors have played a really, really big role in my past of which to create the future. And of course, like I say, coming into SUSE was a really unique journey. Having spent my entire career in proprietary software, now making my way into, from a user of open-source and SUSE specifically, into becoming the CEO of this great company. So, it’s been an interesting journey.

Initial Priorities

Mike: So, leading a 25-plus-year-old technology company is a daunting task for any business leader. But joining as a new team member, or maybe you could say an outsider, has both pluses and minuses. Why did you take this on, and coming from the outside, what were your first priorities for the business and culture, and how do you do take the reins to align the company with these new priorities?

Melissa: It’s a really good question. So, how does someone like me find their way in, and once I get in, how do I create some new momentum? When I did the analysis from the outside, when I was speaking to EQT about the role of being CEO of SUSE, I spent my time to do some research. I interviewed some members of the community, the open-source community, I interviewed some customers, some employees, I’ve interviewed customers that had left SUSE in favor of another technology. And never saying of course why I was asking them the questions I was asking, but I poked around quite a bit. And when I realized is that SUSE is at the cusp of historic shift, I really felt the movement of open-source now becoming a very critical part of any thriving enterprises, core business strategy.

When I looked at SUSE, it seemed like the power that enabled these mission-critical business operations, to surge, to grow, to deliver. So, I thought, “Okay, this is very, very interesting company. We will be well positioned to emerge as a clear leader, as this shift as well as because of the innovation and the products that we have to offer. The ability to — I guess power the digital transformation for our customers – and this was of course pre-coronavirus, but I saw the digital transformation root coming onto a main part of play for our customers.

The ability to deliver this digital transformation at our customers pace, but to make sure that we stood as an agile, enterprise-grade, open-source innovation across the enterprise Edge, Core, Cloud – that seemed to me to be something I really wanted to be part of.

And when I began to dig into the fans of SUSE, the community, it was extensive. And I think it was even more so recently with our recent news of our acquisition, people went wild over the fact that, you know, they watched SUSE, and supported SUSE, and we’re going to do anything for the innovation and the growth of our future.

So, then I looked at this company, 28-year SUSE has been around a world-class, engineering-led business, producing rock-solid IT infrastructure, with a huge amount of success. And I thought, “Well, what do I need to do as, you said, what were my priorities when I joined?” So, when I decided to join, then, what should I need to do?” I think when I joined last summer, it’s been — I just passed my one-year anniversary, Mike, so I’m more than 365 days old, and I looked at what areas do I want to impact immediately and first, and what are the areas I wanted to empower and enhance.

So, first for impact. I realized, when I sort of was talking about SUSE more and more, that our brand awareness did not correspond with our success. When I mentioned SUSE, I got a lot of, “Who???”, and I said, “Oh, the green chameleon.” And they said, “Oh, yes, of course.” But there was no connection. I felt it was really important to start amplifying the brand, to show just how successful we are, and how big, and how innovative, and how much of a thought leader we are in the industry.

So, to address this, we rebranded SUSE. We then had a platform to tell our story in a much, much better way. Our new brand, our new tagline, our new story is the power of many, and I think it’s important probably, Mike, for many of your listeners, because the power of many celebrates our open-source heritage, and showcases the power of community-led innovation.

And this rebrand has been a big part of who we are in the last six months. It took us some time to actually launch, but I believe wholeheartedly that the power of many really describes who we were, who we are, and who we will continue to be.

The second thing I wanted to focus on was growth and expansion. SUSE had, and has now ever more so ambitious growth targets. When I came on board, I announced that we would double our revenue in three years, partially by organic, partially by inorganic. And a large part of my first year would be on that, really ensuring that our organic strategy was enterprise-grade in way of sales and go-to-market, and that we had an inorganic growth strategy to execute on.

Within my first year, as you know, we announced our intent to acquire Rancher or Labs, which is the market leading, Enterprise Kubernetes management vendor. So, I think we’ve managed to take a couple of those boxes and we’ve had some incredible results. We ended our Q2 with more than 30% year-over-year growth. So, incredible big ambitions, but great success around growth and innovation and expansion. And then, I think lastly, I wanted to enhance SUSE’s focus much more so on our customers and our partners.

In my first 100 days, I don’t know if you read about this, but it got out quite a bit that in my first 100 days, I set out the target to meet 100 customers. During that time, I got to 97, I didn’t quite get to a 100, almost there, failed by three. But those meetings were absolutely pivotal and crucial in developing our near and mid-term strategy. We began to shift our entire go-to-market focus on customer success and creating for the very first time customers for life team, ensuring that we cared for our customers, we nurtured our customers, and literally created a customer relationship for life.

And I think the last bit is that I knew – we had talked about this, Mike, before – I knew that I wanted to enhance what SUSE’s culture already stood for. We have a very, very strong and unique culture that’s based on ethos originated in open source. We wanted to add to that culture, we wanted to contribute to the culture by mentoring, by having employee groups around diversity and inclusion, so we launched our very first mentoring group for employees. We’ve also launched women in technology, and we also launched, prior to SUSE, amongst many others, like GoGreen and loads of other programs, because we wanted to make sure that we embraced and enhanced and grew and depended upon this incredibly strong culture here at SUSE.

Message Sent By Rancher Acquisition Announcement?

Mike: In order to prepare for this interview, I listened to a talk from Nils Brauckmann, your predecessor, from SUSECON 2019, and he mentioned that SUSE was looking to acquire orchestration and management tools that sit above Kubernetes. And hindsight’s 2020. So, now I hear that, as we’re looking to buy Rancher, but now that the acquisition’s been announced, and can you help us understand the message that SUSE is sending to both the internal team and the world about your goals and aspirations?

Melissa: What Rancher did in the announcement with us is that we showed the world that we are relevant, that we want to create, modern, innovative technologies to deliver against and solve the problems against our customers’ business problems. And it really reinvigorated the spirit.

I mean, the people that came out of the woodwork and applauded about this acquisition was pretty incredible. I mean, it was a real following and a real uptake in SUSE and the interest in us and made us very, very relevant. I think what it’s done is it puts us on the map to solve real business problems that are customers, are depending upon us to help them solve.

And that’s what I learned in the first few months was that I had customers coming to me, constantly saying, “I need more from SUSE. I want more. I want more innovation, I want more modernization, I want you to help me modernize my legacy applications. I want you to modernize my infrastructure. I want you to start thinking about how you can help me accelerate my business, and how do I get on this digital transformation journey.

And together SUSE and Rancher do just that. We help our customers simplify first, and then what we help them do is to simplify and optimize their apps, their data, their environment, their infrastructure. And we’re really trying to make IT, non-stop IT reality for them, and they’re depending on that from us. The second that they kept asking us for is what our intended acquisition does. Does it help leverage the Cloud and bring their IT infrastructure, customers’ IT infrastructure into a modern computing world?

And a lot of our customers have come to us and said, “Well, how do I start? How do I modernize, where do I go?” And with Rancher together, that’s our ambition to help them modernize their legacy applications, utilizing containers, getting to the Cloud, and then being able to leverage edge technologies for the future.

Our customers want to achieve all the benefits from the Cloud, but they want to remain in control, and they want to remain open. And with Rancher and SUSE together, we can do that. We offer – well, soon – we’ll offer a platform to manage our customers’ different environments, as if they were one. And that’s really important for our customer base. Because having been in business for 28 years, you could probably imagine that a vast majority of our customers are what we call traditionalists, the kind of customers that have built a very stable, complex environment on-prem that are beginning now to depend on their partners and vendors to help them modernize. And that could be the Cloud, whether it’s hybrid or multi-cloud or whatever it may be, bit of on-prem, bit of Cloud, and we can help them do that.

And that’s our ambition with Rancher, to be able to together offer the digital transformation journey and be able to reap the benefits of the Cloud, while remaining in control. And what that does is, it helps our customers accelerate their business. And that’s what we’re all after. We’re after success in the end game for our customers.

We can help our customers, with Rancher together, accelerate our customers digital journey, our digital transformation, and help them scale, so they can get their products and services to the market faster. That’s the ambition of the two together.

Value Prop

Mike: So, when I read articles about SUSE, I almost always see Red Hat mentioned. What’s the plan to differentiate SUSE from Red Hat and other Linux distributions, like Ubuntu, or maybe I could say, what’s the value proposition for SUSE?

Melissa: You know, I get that question a lot, and I get – because SUSE is known, our success has been hugely around being a Linux distributor. As I mentioned earlier, and you’ve said a couple of times, Mike, that we are the largest independent open-source company in the world – that’s a differentiator in and of itself. I think that our customers want and need to transform their business via digital innovation. They can’t do it in the most expected but yet most unexpected way is now mainstream.

They understand that a flexible IT infrastructure, that is ready to support their transformation, their digital transformation, rapidly but yet securely, is going to be very key in a world that is, as we all know more now than ever, in constant change. I mean, year and a half ago, when I was looking around the world seeing an SAP, I never thought a year-and-a-half later I’d be the CEO of an open-source company that has navigated extraordinarily well through a pandemic.

The world is in constant change. And I think that constant change has driven, it’s exacerbated the need for our customers to not be locked into just one vendor, or one technology, or one direction, or one solution set, because that just limits their pass. It reduces the ability for them to have choice, and doesn’t allow them to preserve flexibility, and not as a big differentiator. When you’re talking about our competitors, our competitor, the one that you mentioned first is, they want to own the entire stack – that’s not our thesis.

In fact, we’ve supported our competitive technologies before, and with Rancher we will continue to do that. We will continue to be open and agnostic in a way of offering a broad set of portfolio, product portfolio that takes and combines industry-leading solutions across Core, Edge and Cloud, but not locking anyone in. And that is a really big differentiator for us, a really big differentiator for us.

And I think that, also knowing that our customers – having a differentiating IT infrastructure cannot be invented behind closed doors. And they need the best possible infrastructure, services support by – as I mentioned earlier – the power of many. And that’s where open source comes in. And we’re much more than it is a distributor. We’re much more an orchestrator of the power of many to deliver the most innovative solutions that open source can offer in the world.

And being the largest now independent open-source provider, we’re going to bring all of these technologies, all of this innovation, and all this true openness to bear, to be able to provide the most flexible solutions for our customers. And that is what really differentiates us from the marketplace.

How To Create An Enterprise Grade Sales Program?

Mike: I was looking at your resume on LinkedIn, and I noticed that you were Chief Revenue Officer at SAP/ ERP cloud. And I think many open-source companies underestimate the challenge of building a great sales organization – how’s the sales organization involved since you change? And do you have any advice for startups on how to think about building the sales team and sales processes?

Melissa: Yes, Mike. We’ve done a lot, specifically in the sales motion here at SUSE. So, in addition to being the CEO of SUSE, I also serve on the board. I’m the executive in residence at a venture fund called Notion Capital. And at Notion, although their startups have always asked the executives and residents like myself, to specialize in go-to-market, how do we scale, how do we create a sales organization, for not just scale and depth but high growth, and what kind of tidbits and ways we go to market to be really hyper focus on value, but also on customer success.

I do this quite a bit, and I like to think that I’m not just well-educated, but I do a lot of research on this topic of sales – how do we create a sales motion that can change dependent on where the motion originates. For example, is it an existing install customer? Is it partner-led? Is it indirect? Is it direct? Does the customer know anything about SUSE? Have they ever heard of SUSE before? Is it a net new brand, or someone we’ve sold to in the past but then lost?

Each one of these questions lead to a motion that will change also depending upon the solution and the complexity of the challenge and the problem we’re looking to solve. Every sales engagement, every communication with our customers always needs to start first with what problem and what challenge are we looking to solve for our customer.

So, sales motion changed a lot since I started. We invited, first step, our sales organization to be bold, to think differently, to think big, to go after the largest and most complex digital transformation challenges that our customers were looking to solve, and to inspire our customers to solve those challenges with SUSE.

This is why we’re much more value-focused, we’re much more interested on why our customers need to do something, why they want to do something and the why is really important here, because we can only provide our best guidance when we understand the why. In some cases, for example, this means we won’t pursue an opportunity. If I don’t have the solutions and the offerings to be able to solve the problem for the customer, then we’re not the best fit. And sometimes we don’t.

But it also means that we need to spend a significant amount of time doing discovery work. So, understanding why our customers are where they are, what they want to achieve and what are the consequences of doing so.

And it’s much more hyper-focused on the consultative side of understanding our customers that it is driving just a drop in sales solution. Today, we’re very point of view driven – I guess I could say point of view driven – meaning that we’ve developed through research customer experience, customer visits, understanding of what works and what does not. So, it’s really developed a nice point of view that allows us to proactively challenge our customers on their journey. And then be able to be a trusted advisor in which to add value to that journey.

We involve our account executives throughout every sales engagement, every sales motion, every sales call, obviously it’s important for SUSE, that each of our execs in the field can bring back our customers and partners viewpoints. So, even when we have an indirect sale, we include an account executive. And to collect the data, to understand the data, to understand the viewpoints of our customers, so we can learn and build a database of experience to build on that for the future. And I think, not just for me, but I think for the world, we had hundreds of people in field sales in January.

We have hundreds of people in digital sales right now – we’ve all moved to a much more digitally enabled sales cycle than we’ve ever have in the past, ever. I mean, in 25 years, I’ve never seen anything become so digital so fast as sales has. And I think that’s kind of going dark.

When I look at a partner perspective, so a big part of our business, I think you know Mike’s channels, when I look at that sales motion and that go-to-market, it’s a little — you know, we’re also changing how we work, how do we work with the traditional hardware vendor. Or how do we work now with the new cloud service providers or the MSPs or a partner who wants to use SUSE as an embedded solution.

Those have been a very, very big part of our success. Each of these partner types are critical to our go-to-market and really truly a testimony to our ability to create an ecosystem that significant but very robust. How we go to market with them has changed. We look for ways now instead to co-innovate, to co-market and to co-invest. So, the three “co’s.” And we do that because we feel that one plus one plus one is 50. We feel that if we can co-innovate, co-market, co-invest with our partners, we will get to the best amount of success for our customers.

And just like any even customer engagement, we put a significant amount of effort into understanding our partners as well, collecting the data, what problems they’re seeing, what solutions they are trying to solve and sell and add value and be relevant. And I think that’s probably — that’s a lot of advice I’ve now given to a lot of our startups in the community that want to create an enterprise-grade sales team, go-to-market function.

You know, at the end of the day, if we are just focused and honing in on the most important thing is customer success and helping them solve their business problems, everything else will follow.

Market Segmentation

Mike: SUSE is in a very horizontal, global market. From a tactical sales and marketing perspective, do you segment the market or how do you think about breaking that horizontal market apart?

Melissa: We didn’t segment much before I came, but since I’ve come, we’ve now really got into great detail about segmenting our customers and prospects by industry and by size. So, we’ve had delineation between what’s Tier 1 enterprise, upper mid-market, lower mid-market, and SMB. And it’s really important, you know, being able to communicate with our customers, it’s really important to understanding and predicting what their issues are going to be, because obviously that varies by size.

Mike: And does that drive the way that you interact with these customers? Like, I know it’s hard to serve the SMB market, you need a more automated way of interacting, and what’s the impact of that being on sort of the customer relationship?

Melissa: Oh, my god, I love to say that, you know, today was the same as it was six months ago, but you’re right, I mean servicing an SMB in an old world was predominantly digital. The way in which we service, I was mostly online, you know, in fact, a lot of SMBs are not necessarily in an office all the time, and they’re out and they’re remote in different locations, so the ability to get to them physically was even harder.

But now, the world’s changed, now everyone’s a digital sales engine. So, even our Tier 1 Enterprise customers, the last six months we’ve been servicing them through a lot of online video calls and through the telephone and other means, but, yeah, the way we service them is very different. In the old world, Tier 1 was high touch and SMB was low. And now, everything is high touched, but only a digital high touch.

Pricing

Mike: Pricing is really hard for open-source companies. I think it’s hard for all companies actually, do you participate in pricing strategy as CEO? And do you have any advice on how to build a process to find the right price, especially as the business environment is changing?

Melissa: So, one might think sometimes that getting involved in pricing is too detailed for a CEO, but I’ve been called worse where I get into the details of the business and I think, yes I do get engaged, and yes, I do ask a lot of questions. I want to be able to have the best value for my customers at the best price, and that doesn’t mean cheap. What it means is that I want to be able to sell for value, and that’s going to be based on the value of my customers see on price. It kind of goes hand in glove.

And pricing is an important topic, particularly right now when you look around IT industry, when you look at open source. I’d first say, how do we evolve pricing as the business environment changes, how do we set the right price. So, I think the first thing is that we have to price the value always, as I mentioned. The second thing is, we want to understand and be very clear about the problems that we’re looking to solve. So, what are the business challenges? Some customers are willing to pay for things like support, and that could be a main revenue stream for some open-source businesses.

And for others, they want to get everything for free, they don’t feel like they should have to pay. Or that it is not warranted. The value of paying for supporters is not worthy, it’s not warranted. And the case like SUSE, where so many of our customers are running mission-critical applications, the support, and the QA that we provide, and the assurance policy that we provide of the software we deliver is critical. It’s mission critical. And we look at that kind of problem, and what an outage can cause, and how complex it could be. There’s value there. So, the complexity of your product solves a problem, and how severe, and how big that problem is on behalf of your customers. And the market will be very, very key to a pricing strategy.

And that’s all of course based on, we said earlier, which is research. Research is key – understanding third parties, having customer advisory boards, testing our pricing with different customers’ and partners’ segments – that works. And, in fact, you know, we’ve got a big business in Latin America, where it’s being very, very impacted by currency changes. The currency in the pricing strategy you have for certain countries, and coupled again with emerging markets, could be different. So, you know, the research and understanding the customers’ business problems, what you’re looking to solve, what’s going on in the industry, the economy, and the market is all going to formulate the basis for a very strong pricing strategy and approach.

And one point I do want to call out is that pricing is also very much about being confident of who your company is and what your company does. Pricing gives value. The value it derives, and sticking to the beliefs and the nature of the value that you deliver is going to be linked to your pricing, because at the end of the day, customers will pay, like they do for SUSE, like they do for Rancher. They’re going to pay for a solution, for a technology that reduces costs, optimize performance, and improves their time-to-market to be able to service their customers better. Reducing risk is something that all customers are willing to pay for, and that insurance policy is very, very valuable.

How To Prioritize R&D?

Mike: A diverse group of engineers must have a ton of good ideas – how do you prioritize your R&D investments, and how do you balance investments in open-source projects versus investments in software that you monetize directly?

Melissa: So, this is another good one. And being a newbie, I’m only 365 days in into open source, or 370 days, and now I guess to open source, I’m coming from proprietary, and I think, “Oh, my goodness me! How do you balance, how do you prioritize the investments in open source, what the community wants, what your customer wants, how do you invest, where do you invest, and how do you prioritize that from an R&D perspective?”

And we get so many incredible ideas from engineers and from various teams across SUSE. We really live and breathe this culture of collaboration, not just outside the community, but in an extended community inside of our company. We also get loads of ideas from our — what’s now become over 28 years a very rich and vibrant partner ecosystem. We get loads of ideas from our customers via the customer executive councils.

And of course, we depend heavily on all of our communities, in the open-source community. So, we have several mechanisms in place to encourage, to fuel, to really get new ideas going, regardless of where they come from. Because we have many sources. But then, how do we prioritize and get these ideas? The ideas that have potential.

First, for us, go into a Convocation center, where the prototypes are developed and tested. So, we gather, collect and pull together all of these incredible ideas across all of our main areas, ecosystem, customers, partners, communities, developers, engineers, and we put them into a prototyping system and then test it.

In terms of R&D , because you asked for about R&D as well, Mike, we prioritize our investments in innovation, specifically in innovation that matters. We focus first on where we can create and enable, a concrete value for our customers that they couldn’t get before. So, thanks to new technologies or bridging existing technologies and new ways. So, that’s really important from a priority perspective.

This can also be said as well for innovation related to the operational or support improvements that we deliver, documentation and trainings and services, just give you a few. As we think about investments, we’re really fortunate in that we do not have to balance open-source investments with what we monetize. By nature, all of our software is open source, everything is based on open source. So, the balance for us occurs where and how and when and what we contribute to the open-source community.

For instance, how we select and engage in a specific project or technology is really where our balance comes in. And in SUSE, we focus on contributing to the projects that we feel will solve real-life IT needs and real-life IT problems for our Enterprise customers. Because we always got our customers’ needs and insight in the end.

Diversity

Mike: The list of female CEOs of open-source software companies, and that you can really say of tech companies in general is pretty short. What can we do as an industry to enable more gender diversity? And can open-source companies play a more prominent role?

Melissa: There’s no better industry in the world than to be diverse and inclusive than open source. There’s no better industry. This is the most inclusive, most collaborative, most open industry or – being IT – a sub-segment of IT being open source. I think what’s happening, the overall socio-economic environment is going to have wide-ranging impacts in the way we work and live, and not just gender diversity, but true openness, true collaboration, truly be inclusive.

I’ve always tried to do my part to affect change and drive impact in the world around me, but I mean, I’m bringing this into perspective in every role I do, and here at SUSE, as a CEO, I get a little bit of a bigger, maybe broader, maybe louder platform, but it’s certainly no different. I’ve gone on a career-long mission to ensure that technology is – which obviously has been traditionally male-dominated – becomes as inclusive and diverse as we possibly can. In fact, as I mentioned earlier, I was only one of the very, very small handful of female software developers at my first job.

Women – can you believe it, we’re even encouraged not to wear trousers, pants suits, we had to look like a woman back then – I’m not that old, by the way – so, if you look at my picture hopefully I look young, but I’m not even that old. But with that said, you know, I echoe your point that companies need to have diversity and inclusion at every level of their organization.

And every level, it needs to be executive leadership but down to the very corner of the company. It’s not just about enhancing performance and innovation. And of course, making your workplace attracted to top talent, but being diverse and inclusive also ensures and assures employees that they’re valued and that their voices can be heard. Businesses that recruit a more diverse workforce by getting open-source technology into the hands of students as an example is a great way to start building and fostering a talent pipeline.

So, at SUSE, we’ve got an academic program, it’s tripled in size – I’m very proud, very, very proud – I’m tripled in size, year over year, growing to include over 800 academic institutions globally, and there are students in the program over 71 countries. We have main low-resource areas of priority, focusing on places like Africa, where I spent some time, India as well, and I was trying to equip students everywhere, of all genders, with free tools and the necessary training to be successful in tech.
The SUSE academic program is just one example of the vast array of training courses we offer, virtual labs, curriculums, etc. in the latest open-source technologies delivered by SUSE, and that’s no cost at all for the academic community.

So, what we’ve tried to do with training, with certification, with extending the reach, it’s to be role model. I live by the thesis – you can’t be what you can’t see. There’s this thing called birds of a feather, and what we live to do here at SUSE is to stand up, to be visible, to be present. Just show the world what true innovation, coupled with diversity and inclusion can mean, not just for open source, but for the world at large.

And I think the beauty of open-source is what it does is, it breaks down barriers and breaks down gender, extends across every bit of geography gender, political affiliation, life experience – we are the borderless industry in every way. In that same spirit, SUSE will always celebrate openness and diversity. We embrace all principles of diversity and not just gender, but diversity of thought, diversity of experience, diversity of leadership of options and innovation.

And if we want to live this mantra of growing, of being, of open, of openness, of diversity and inclusion, every single way, inside and outside of SUSE, and we hope that we can get back to our open-source community, to encourage more women coming into the industry into open source and to be much more inclusive.

Advice For Open Source Founders?

Mike: So, the last question. And thank you for being so generous with your time.  We’re running a tad over, but I promised this is the last question. I guess, putting on your entrepreneur hat more than your SUSE CEO hat, do you have any advice for entrepreneurs who are launching a business around an open-source software product?

Melissa: I know we’ve gone over. I get quite enthusiastic, Mike. I’m sorry, I’m going to make this one quick. So, entrepreneurs, you ask for advice around entrepreneurs that want to launch a business around open source. So, first and foremost, as I started out, the very first question that you asked me, and I’m going to end on the same note, and that’s, first and foremost fundamental – your trust. Nearly every career move I’ve made, and has been either on the advice of a mentor or in concert was discussing with my mentor, and I’ve had various mentors, I haven’t had the same one for the last 25 years, but mentorship and sponsorship are not just crucial for starting and growing a business, but they also play a hugely prominent role in tackling the lack of diversity in tech. We just talked about, by providing support and advocacy and highlighting different career paths and growth opportunities for everyone across the industry. It’s really important to find the right sponsorship, the right mentors early on. I recommend finding a couple of mentors, diverse backgrounds, diverse industries.

If you’re in tech, finding someone for finance is a really interesting perspective because really, really well-rounded views. Secondly, I’d make sure that you build meaningful relationships. I’ve realized this is a very, very, very small industry. The tech industry is about relationships just as much as it is about skills, if not more. And depending upon those relationships throughout the lifetime of your journey is going to be really important. I think last, build a strong trusted network that’s open, collaborative, inclusive, and then, be the person that you can trust yourself. That would be my last bit of advice.

Closing

Mike: Melissa, thank you so much for sharing all this wisdom and experience with us today.

Melissa: Thank you so much for having me, and thank you again for showing so much interest in SUSE, and constantly being an advocate for us in open source. We’re very grateful to you, Mike. Thank you so much.

Mike: Well, there’s so much to unpack there. You might have to listen to this again and take notes. Thanks to the SUSE team for all the help scheduling and getting this episode to the finish line. Audio editing by Ines Cetenji. Transcription and episode website by Marina Andjelkovic. Cool graphics by Kemal Bhattacharjee. Music from Brooke For Free, Chris Zabriskie and Lee Rosevere.

Next week, we have our first podcast from India. Don’t miss Rajoshi Ghosh, co-founder of Hasura. It’s a really fascinating company that has created a GraphQL interface for your existing data. Until next time, stay safe and thanks for listening.

Episode 51: Cloud Native Agility, Reliability and Stability with Weaveworks CTO Cornelia Davis

Interview with Cornelia Davis, CTO of Weaveworks, a leader in the cloud native infrastructure open source software ecosystem.

Episode 50: DataStax NoSQL solutions built on Apache Cassandra with Kathryn Erickson, Open Source and Ecosystem Strategy

Intro


Mike Schwartz: Hello and welcome to Open Source Underdogs. I’m your host, Mike Schwartz, and this is episode 50 with Kathryn Erickson who helps lead open-source strategy at DataStax. Founded in 2010 and currently employing about 500 people, DataStax was one of the first and most successful companies in the Apache Cassandra big data Ecosystem.


Kathryn has an engineering background. You can listen to some of her great deep dives into the tech on the DataStax website. In her role on the strategy team, she’s helping to lead the company into its next phase of growth and community engagement. I hope you’ll enjoy this episode. And if you do, don’t forget to share a link on social media. You can find all the episodes on opensourceunderdogs.com, or you can retweet our announcement by following us on Twitter. Our handle is @fosspodcast. So, without further ado, let’s carry on with the interview.

DataStax Origin

Mike Schwartz: Kathryn, thank you for joining us today.

Kathryn Erickson: Sure, of course, thank you.

Mike Schwartz: Most of our listeners probably know about Apache Cassandra, one of the most popular databases for big data, but how did DataStax evolved in relation to the Cassandra project.

Kathryn Erickson: DataStax was founded by Jonathan Ellis and Matt Pfeil, both employees of Rackspace. Jonathan, being contributor to Apache Cassandra and Project Share as well, was considering leaving Rackspace, and Matt Pfeil went to talk to him and say, “Hey, there’s some really cool stuff going on here, you should really consider staying.” And by the end of the conversation, they were founding a company together.

And so DataStax was founded to support Apache Cassandra. Over time, we began adding Enterprise features and selling an Enterprise distribution of the database with these features added, and then, of course, more recently, the cloud platform as a service offering as well.

Evolution Of Support Offering

Mike Schwartz: Actually, I didn’t realize that you started out providing support. Because when I first ran into DataStax, I guess I had just known it as a distribution of Cassandra. And now, I see that you’re also providing support for the open-source distribution. Can you talk a little bit about how that’s evolved over time? Has it always been there or has there been a focus on for or against doing that?

Kathryn Erickson: It hasn’t always been there. When DataStax was founded 10 years ago, there wasn’t really a playbook for how to build and run a successful open-source company.
We were founded around the premise of providing support and consulting for Apache Cassandra. Over time, we did, all for the Enterprise Edition, but what you see with most Enterprises is that they have a mix of the Enterprise version and open source. For some customers, that’s dependent on the criticality of the data, and for other customers, it’s dependent on the features or the distribution, being the as-a-service offering or self-installed on-prem.

And so, what we saw in the last year was that there were some obvious things that we weren’t doing, and our customers needed support and consulting around open-source Cassandra. We are beginning to open-source a lot more of the features that would build Cassandra abundance, and so, it made sense to bring those offerings back.

Astra – DataStax Cloud Offering

Mike Schwartz: Okay, and you mentioned that DataStax launched a new hosted service called Astra. Do you see that product as a driver for revenue, or is it just an easier path for customers to test drive the product?

Kathryn Erickson: I think that will evolve over time. I think at launch, it is the easiest way to learn Apache Cassandra. And I think as we launched the hybrid option, I believe that’s later this year, that would become a more significant line of revenue.

Pricing

Mike Schwartz: Most of the revenue today I guess is from the license Enterprise product, so focusing on that, a lot of open-source businesses are moving towards consumption-based pricing. And I’m wondering, what kind of metrics do you use to determine what is consumption?

Kathryn Erickson: You know, a cloud-based offering consumption is based on capacity. And with our licensed product and with Luna, the open-source support offering, our focus this year has been around simplification of the pricing model. And we revisit that each year.

With the Enterprise product, we previously charged for the Enterprise license, and then, an optional additional fee for advanced workloads, like Spark analytics and graph. That’s confusing for the customer, they just want a simple pricing mechanism. So, we collapse that pricing. And then, of course, for larger deals ,we would have ELAs, or special terms to accommodate those customers.


Mike Schwartz: That consumption is based on, like, per CPU, per server, or how do you actually figure out what is the size?

Kathryn Erickson: It’s true capacity-based, the size of the data set being stored. And as we move to Astra hybrid, which will be that offering on-prem, I think we’ll consider that pricing option there as well.

Market Segmentation

Mike Schwartz: Data persistence is like the most horizontal market on the planet. Every company basically needs to store data. When you can sell to everyone, it’s sort of a blessing and a curse. Do you segment the market at all vertically or by use case, or do you just not segment the market?


Kathryn Erickson: It’s hard to segment when you’re serving a pretty broad market. What we try to do is have as easy of an on-ramp for the different verticals as possible. We see data models look similar between IoT use cases, inventory and messaging data models would be similar.
So, we don’t segment the market for go-to-market strategies, but we try to find places of repeatable consulting efforts to speed up the successes for those customers.

Partnerships

Mike Schwartz: When you took on the role of director of strategic Pprtnerships, you probably did a survey of the range of partnerships that exist. Can you talk about like what is the partner landscape look like at DataStax?

Kathryn Erickson: I ran our technology partner program, and there’s two other sides of that, SI partners and the cloud partners. On the technology side, you want to make it easy as possible for customers to consume your product.

So, in a technology partner program, you want to understand the user journey to get to your product, and make sure that those adjacent technologies have the simplest most repeatable easy to build, easy to test integrations as possible over time. If you want to think about specific companies and integrations, every database needs an ODBC and JDBC connector. And customers want those for BI, for reporting, for simple ways to move data in and out of the system, but in the last few years, most customers also want to see Kafka connectors and more high-speed ingest Pub/Sub integrations.  So, we want to accommodate those as well.

Mike Schwartz: Coming on the System Integrator side, you know, at Gluu, we found that those have been essential for us, to be able to focus on innovating the product versus getting involved in specific projects. But there’s such a broad range when you’re serving a global market of the System Integrators. Do you consider them channel partners or integration partners?


Kathryn Erickson: We usually consider them strategic partners when we take those types of partnerships on. And the goal is usually to help us penetrate markets that we don’t currently have field team in, or packaged, or cookie-cutter solutions. If you look at some of the stuff that we’ve done with VMware and with partnerships at Dell, we want to assert that the product stack works as recommended for customers that are used to seeing these reference architectures from these larger integrators and technology companies.

Most Important Partnerships For Driving Revenues

Mike Schwartz:  Which partnerships, do you think are the most important for actually driving growth?

Kathryn Erickson:  Deloitte’s been in a role to our federal business, they know that space better than any startup could hope. VMware for helping to modernize Enterprise platforms. Enterprises that are looking at Cassandra and looking at DataStax are usually going through some type of digital transformation. And the product that they already have in place is VMware. So, everything that we could do to make that migration to know SQL smooth was helpful to those customers. VMware has been a pretty big partner in my journey.

Open Source Strategy

Mike Schwartz: Some of the companies we’ve interviewed are moving to a 100% open-source strategy, specifically Chef and Cloudera. In the past, the value property DataStax, it had improved distribution of Cassandra.But do you see DataStax maybe moving more in the direction of open-sourcing its platforms and some of that technology it’s developed?

Kathryn Erickson: We are open-sourcing a lot more. We try to stick to simple rules for open sourcing, simple rule is, it’s a Harvard Business review article, simple rules for a complex world.
And so, simple rules for open source, if it increases adoption Cassandra, it should be open-sourced. And if it’s Enterprise feature that’s more specific to Enterprise customers, like security features or advanced replication options, then that would be kept proprietary.

And then, where should something be open-sourced? Well, if it makes a change to the core of Cassandra, of course it should go to the Apache project. And if it increases abundance, but it’s not impactful to the core of the project, then it still should be open-sourced, but maybe able to exist in a DataStax repo or different foundation.

Does Open Source Help?

Mike Schwartz: Do you think the wider open-source community A Cassandra helps DataStax too?

Kathryn Erickson: Of course, open source is all about positive sum games. I think it was Thomas Jefferson that said, “If use my light to light your torch, then we both have light.” And that’s how open-source works. The more communities and more companies that you can move from being other to being self, the larger the positive sum game that you’re playing. So, it’s open source, and open-source abundance is absolutely essential to the success of any open-source company.

Thoughts About Open Source Foundations?



Mike Schwartz: Any thoughts about Cassandra being hosted at the Apache Foundation versus perhaps Linux Foundation or the CMSF?

Kathryn Erickson:  I don’t have any opinions on the other foundations, but I think that Apache Cassandra will always be at home with the ASF. They have their simple rules for what it means to protect the open-source nature of a project, and they don’t waiver. And for a vendor backing an open-source project, that can be like a Northern Light, you can lose your way, and you can always look back up and reorient towards the community.

But you know, there’s nice things when you see CNCF, you know, the marketing wing, and the power of the CloudNative messaging that’s there. But there’s no reason that projects can’t have pieces that exist in different foundations either.

We see ourselves and others that build communities operators or management APIs or drivers is an example, they should live in a project, but management tooling that exists that the maintainers of the project wouldn’t want entry. So, something like that maybe should live in a CNCF type of foundation that’s focused on CloudNative. But no Apache Cassandra will remain Apache, and that’s a tome.

Industry Changes In The Last 10 Years

Mike Schwartz: So, DataStax is one of more mature, well-established companies in the open-source ecosystem today. What are some of the challenges you think that you are looking at now that were different than when you got started?

Kathryn Erickson: When I started a DataStax, it didn’t always feel like we had a lot of competition. And I think as other good distributed databases emerged, we adjusted to having competition. I think the obvious answer that most people would expect is pressure from the public Cloud vendors. But if you stay oriented on the positive sum nature of open source, then that becomes easy to embrace as well.

So, there’s changes in understanding the virtuous cycles of open-source, understanding how to build software as-a-service more quickly as Kubernetes has matured that’s become a lot easier. So, I think the ecosystem around us has matured a lot, the playbooks around how to build a company around open source have matured. And there are more senior projects that kind of exist in our ecosystem that we can work with and learn from as well.

Is Open Source Table Stakes For Databases?

Mike Schwartz: You know, most of the databases that have been released in the last, let’s say five to eight years or so, have been open source. Is being open source basically like table stakes now? So, is it a non-differentiator in the database market?

Kathryn Erickson: I think that if you’re moving from a proprietary relational system, and moving towards NoSQL, then you’re obviously moving into an open-source world. And if you can choose something that has a security life, security blanket that you know will outlive any vendor behind it, then you should consider those options first.

I think that it would be hard to start proprietary databases without the support of the community and of these foundations. I think Snowflake has done an exceptional job and is kind of the exception to the open-source game. But, you know, they were disruptive in a much different way. NoSQL in general is an open-source family.

Data Platform Trends

Mike Schwartz: Just a general database question about the database market. So, we’ve interviewed a probably more database companies on this podcast than any other type of company, but have you ever seen a real shift in the way that customers think about databases.

In the old days, I think you just used to get one database and hope it did everything, but have you seen a sort of on the technology side a shift in the way that companies are thinking about data and databases now, with more SaaS hosted offerings and more database offerings, like in general.

Kathryn Erickson: Yes. I think I think this is definitely the age of data platforms. With Cassandra, we see customers considering NoSQL when they’re using the relational system. And it can’t support the throughput that they need anymore, or they need to replicate more geographies, or exist in a multi-cloud or hybrid environment.

And so, that’s when you consider Cassandra. If you look at when you might consider Mongo, you want to get quick start with a developer friendly environment that’s great for mobile. What you start to see is that there’s a certain fit for purpose that the different NoSQL databases have. We’ve started to see an emergence of multi-model systems that move forward. And consolidating those capabilities, we have that with our Enterprise products and their integrations for graph analytics and search, we want to help customers build high-growth applications, high-speed transactional applications are the sweet spot of any Cassandra deployment.

Advice For Startup

Mike Schwartz: This is a question, a sort of a generic question for entrepreneurs who want to launch a business around an open-source product. I’m wondering if you have any advice, for let’s say, startups? And it could be general and it could be about partnerships.

Kathryn Erickson: You don’t have to invent a path to success, you can listen to the A16 podcast, you can look at other companies that are out there. You can go through so many success stories on podcasts like this, you can listen to Cockroach, and there are Open Source Underdogs podcast talk about how they’re thinking about licensing other companies. You know, having similar conversations, really understand what has made other companies successful, and don’t try to invent that yourself.

How To Improve Tech Diversity?


Mike Schwartz: Last question. As you’ve might noticed, there aren’t enough women in the tech business, including there haven’t been enough women on my podcast, so thank you for joining. What can we do to reverse that trend?

Kathryn Erickson: I think there’s a lot that we can do. as You are on the side of making mistakes, just try things, and if it’s not the right thing or if it doesn’t work, try something else. We’re going to do a program at DataStax, you know, Jumpstart, if you’re a woman or a person of color, and you want to learn Cassandra, and you don’t know where to start, just hit the button, sign up. Somebody from the team will meet with you for 30 minutes and help you get started. That might work, that might fall flat, but we’re going to just start trying stuff. And I think everyone should just start trying the ideas that they have, and we should all tell each other what’s working.

How’D You Get Started?

Mike Schwartz: How did you get started in the tech industry?

Kathryn Erickson: Well, my dad taught Computer Science, Community College, and I was going to be a DNA researcher. And I just wasn’t very good at it, and I thought, “You know what dad’s over Computer Science, we’ve been playing with computers all of our lives.” That sounds more like playing then working, it’s been that way ever since. It feels more like playing than working every day,

Mike Schwartz: That’s great. Thank you so much for joining us today, Kathryn, and sharing your insights. And best of luck at DataStax.

Kathryn Erickson: Sure. Thank you.

Closing

Mike Schwartz: Thanks to the DataStax PR team for helping us to schedule some time with Kathryn.

Editing by Ines Cetenji. Transcription by Marina Andjelkovic. Cool graphics by Kamal Bhattacharjee. Music from Broke For Free, Chris Zabriskie and Lee Rosevere.

Next episode we’re excited to have Cornelia Davis, author of Cloud Native Patterns, a Manning book that needs to be on every software architect’s bookshelf. She’s also the CTO of Weaveworks. She was fantastic, so don’t miss it. Until next time, thanks for listening, and stay safe.

Episode 49: Open Source API Management with Martin Buhr, Founder / CEO of Tyk

Intro


Mike Schwartz: Hello and welcome to Open Source Underdogs. I’m your host, Mike Schwartz, and this is episode 49 with Martin Buhr, CEO of Tyk. API Management is a hyper-competitive market–there are commercial, open-source and SaaS products from which to choose. This makes Tyk’s success even more impressive. I think they’ve done a lot of basic things right: keep it simple, provide great support, make sure customers are happy. That’s enabled Tyk to grow organically, with a relatively small amount of outside investment.

This interview, it’s a little bit on a long side, so, let’s just get on with it. Here we go!

Mike Schwartz: Martin, thank you so much for joining today.

Martin Buhr: Hi, yeah, Mike, thanks for having me.

Origin

Mike Schwartz: In 2016, the API Gateway and Management market was already pretty well-saturated, you could say, with existing well-funded competitors. Why were you crazy enough to jump into this shark tank?

Martin Buhr: Well, the origin story, it’s a bit of a Cinderella story actually. I needed to make a gateway for the platform I was running as a side business, besides my regular job. And the existing solutions that were around were either large enterprise monoliths, SaaS platforms or open-source platforms – there was one or two – but they were getting really, really big. There wasn’t anything small and tactical to just use — I mean, I could use like NginX or something as a proxy, but I needed more than that.

I had just rebuilt my existing services with API first, and the platform itself, I didn’t want to write my own authentication code and I thought, “Well, that’s what API gateway’s for.” And I couldn’t find one, and I thought, “Well, what the heck, why don’t I just build one?”, which is probably a stupid thing to do, but it turned out okay.

So, that’s why I ended up with the Gateway. It was really small tactical at first. Work with my platform was really meant to sort of easy to inject into other ecosystems, without having too much deep integration. And I kind of built on it, to get more metrics out of it and understand how people were using my service. Until eventually, I realized that the side business I was running was awful. It was just costing me more money than it was fun to run.


So, I closed that down and open-sourced the Gateway because I thought why not, it is a pretty decent piece of software. And that’s how I ended up in a market, it was almost accidental. And at the start, I had this dashboard which was the UI for the system, and also gave me some analytics. And I thought, “Okay, I will close-source that and I’ll sell it.” The Gateway itself will be open-source, and I’ll sell them, the dashboard.

I sold the initial version of the dashboard for something like 400£ for a lifetime license because I wanted to take my wife to – I was living in London at the time – I wanted to take my wife to Gordon Ramsey in London, which is this super restaurant.

And their average meal per head is 400£, that’s how the meal cost, which is a stupid amount of money, but it’s a very good food, and anyway. So, I wouldn’t say that I started with a great business model – I just wanted to take my wife to lunch.

Origins Continued

Mike Schwartz: The open-source project started before the company. At what point did you say, well, I think we can really scale this, and what was your plan for sort of scaling the business?

Martin Buhr: After that initial sort of launch phase and sticking up the project on Hacker News with the small website, it got a lot of attraction, lots of people were interested, and loads and loads of different companies came along and emailed me, amongst which some of them were — we had Home Depot, Viacom, and a couple others. Some Fortune 500 sort of emailed me saying, “Oh, hi, yeah. We’d love to try your platform out, can you tell me more, can we get a call?”

But I was having those conversations at six o’clock in the morning because I was in the UK and they were in the US. And there I was in my pajamas, trying to convince them to spend some money with me, and they would tell me, “Well, how does your support work, and how are you going to scale this business, and how is this going to work long-term, why should we onboard this?”

It was the first spur to say, “Well maybe there’s a bit of a traction in this, and maybe I need some help. You know, I’m quite technical, but I’ve not run a business successfully, and marketed it and sold it properly, you know.”
Once we got the initial traction, and I saw a lot of interest, I managed to talk to an old friend of mine, I used to work with, into joining. And he came on – his name’s James – he came on as a CEO, commercial guy, and sort of helped me shape the whole thing. He shaped the business, he shaped the product offering and the marketing, and I shaped the product.


And that was a good team, because we used to work together at the agency, and we were project managers together, so he was very much on the commercial side of things and the operation side, and I was very much on the technical side of things, but we pitched together a lot.

So, we kind of knew each other’s flow, so when it came to — I think one of the first people we had to pitch to was Eurostar in London, which is the link between Britain and France, the train that goes up through the channel tunnel. And when we went there, it was our first real pitch as a company. And that’s sort of how it moved from being an open-source project that had some interest to being something viable. I think one of the things I’d really came back that they sort of told me that we were annoying people or, you know, poking them in the eye with this project was when one of our competitors, and they are not the only ones actually, three of our competitors offered to buy us or acquire us.

And this happened early on, when they came along and said, “Oh, don’t you want to work in Silicon Valley? Don’t you want to do this, don’t you want to do that?” And that kind of thing tells you quite a lot about the business having viability. So, at that point, we thought, “You know, let’s do this.”

Our first real sort of tangible money spending client wasn’t even a client, it was a company in the US in Texas that wanted to try us out, and James sort of talked them into doing an onboarding and training session with, so that we could try it out, and so we could do the integration for them.

So, they paid for the tickets in the per diem for us to go visit Dallas, spent a week there, I learned how to two-step. It was pretty cool, a far too much Tex-Mex food. And we actually never got the client, they changed teams halfway through, so we never actually got the deal, but we did get this real validation. And it was on that trip, where James turned around to me, and he said, “When I get home, I’m going to quit my job.”, because we both had day jobs at the time. And that was it. He was employee zero.

So, that’s kind of the way that panned out. We kind of stumbled into it, and then went into it full-on once we felt we had real traction. It was something there that showed growth. We had people who were actually willing to spend money on the product and spend money on us, so, yes. Does that answer your question?

Mike Schwartz: Yeah, definitely.

Value Prop / Open-Source Strategy

Mike Schwartz: So, today, what would you say is the most important value proposition for your customers?

Martin Buhr: When people come to us for API Management, there’s multiple outcomes they come to us for. They might be breaking down a monolith into a microservice architecture, they might be adopting Kubernetes, they might be looking at functions as a service, or they might be looking at the old-school API economy stuff. So, you know when you said earlier how the market was saturated with solutions, those solutions are built on the premise that users wanted to sell their back office.

So, they had existing service that they wanted to monetize them. That was the API economy. And all those business premises were on that, where it’s actually — I feel like API management now is much, much more than that. It is all about managing internal services usage, external service usage, integration – it goes all over the place in terms of the actual market. You know, sometimes we have customers going to us for integration problems, which aren’t API Management problems.

We also get a lot of folks that are just moving vendors, but the main value proposition for us is, Tyk is small, lean, really efficient. I mean, we get benchmarked against NginX and OpenResty all the time. So, you know, latency matters a lot when it comes to high-volume APIs. So, all of those boxes are ticked. Being an open-source product, we’re not open core, we’re open source. It’s just a big distinction between those two things.


So, we spent a lot of time, effort and money on engineering team working on the open-source project, to make sure that it has all the features you need to get the job done. Most open-core products will just give you an empty shell and then sell you the bits you need. We don’t do that, we don’t hide the ball. That’s a big change for us, and I think one of the largest pieces for us is that when folks come to us we have a really unique way of engaging with customers. You know, James and I are from the agency world, and it’s slightly different in terms of how you handle your customers to have a normal B2B sales works.


And I think our customers see that, and it’s created this — we have this amazing reputation for customer support. We’re always rated best of the best in Forrester and Gartner every single time. Our customers are extremely satisfied with dealing with us as a company. We are extremely good handling our customers and handling our relationship. And that’s a great value proposition, because it means, once they meet us, they go, “Oh, this is a bit different.” And then they look at the product, and they go, “Oh, this product actually says what it does on the tin.” And that’s a big differentiator for us.

We were also – and this is slightly different aspect, but when we entered this market, one of the main things we did was say, when somebody wants to install a critical infrastructure, like an API Gateway, they do not want to worry about security concerns, that software phoning home, worrying about external access to it, or external access to those laws.


So, right from the back, our software does not phone home, our licensing system doesn’t check on whether your license is valid – it’s all cryptographically done. And that puts us at a bit of a risk. It puts us at risk to make sure that we are selling something that will not bring us any income revenue, but at the same time, it gives our customers that satisfaction that they can actually create their infrastructure behind the firewall, lock it in the cave somewhere, and it will still keep ticking over. And that’s really important, especially when you go into heavily-regulated markets like healthcare, banking, insurance, and things like that.

Because these organizations, they need to be able to file out their solutions, and make sure that they have full control. So, we kind of revived this on-premise business model, where everybody’s moving to SaaS, we said, “No, no, go on-prem.”, because a lot of organizations need this, especially B2Bs.

You know, for the smaller stuff, we see a lot of companies coming to us for our SaaS, and we were one of the first companies to offer a hybrid SaaS solution, so you could go into our cloud, you could run your traffic via our cloud or, you could run your gateway locally and localize your traffic, but have all of the management infrastructure, which is the more expensive part of the infrastructure sitting in our cloud. And that was a bit of a big deal at the time.

And we took that capability, and we made that into a product, and now that became our Enterprise product. We called it rather imaginatively multi-data center bridge. It doesn’t really roll out of the tongue, but that piece of software is our big, big ticket item. And it’s closed-source. But all it really does is it enables the user to manage their API ecosystem and their gateway fleets across multiple data centers, firewalls, regions, without having to worry about latency uptime of connectivity, they can fail independently, and they scale it independently, and that’s all built into a base platform.

So, it’s quite powerful. When you get out of the box, it’s super powerful. And then, if you add all value-add that we have, that’s closed-source on top of it, it’s worth the money.  So, when it comes to open source, a lot of people try to monetize open source through support, and that’s when it’s hard to scale. You know, when you scale support, you’re scaling the margin you have and your time.

So, your customer base gets bigger, and you’ll look at your own, let’s say, your customer base comes in, they join in, the organization, they’re trying to integrate your number of support calls and the usage of SLA peaks over let’s say maybe six weeks. So, they’re getting their money’s worth on what they pay for support.

But then, once everything’s working, and they got the hang of the product, that tails off again. And that’s great because, obviously, it frees you up to do more support work, but it also means that the value they’re getting out of it, goes down. And then, it becomes more of an insurance policy, and expensive insurance policy, which means, it’s one of the first things that gets caught, especially when your software works really well. You know, as you grow, you then hire more support engineers to help you make sure you can manage SLA.

But as that support tails off, where your business stops growing so quickly, those margins you’re making on someone’s time, just aren’t sustainable, and they scale really badly. Whereas selling a product, so selling a physical thing, you know, the old school put it in a box and sell it to the end-user – that has a huge margin, because you sell a thing, you’re dealing with unit economics. And that’s much, much easier business to run.


So, when we came to the open-source conclusion, we said, “Okay, so we’re going to hamstring ourselves by giving away a free product that’s incredibly powerful. And then, we’re going to have all these value-add products that sit on top of it that are geared towards the enterprise. But those will be closed-source. And that is what we will sell. But it’s worked for us, because the thing is the value-add stuff that large organizations want to pay for is the kind of stuff that gives them those insurance policies.

Most engineers don’t want user interfaces, they don’t want human intervention, but their managers do. That VP of marketing wants to be able to go in and look at a chart. And they need that full back control, where they can manually intervene, without having to worry about a DevOps pipeline, or something like that.

And then, there’s that piece, obviously analytics is a very big piece. And then, last but not least is simple things that all businesses want, single sign-on, role-based access control multi-tenancy. Those are the kind of things that large enterprises just salivate over. And if you can take that, bundle that into your enterprise value-proposition, that’s the bit you sell. And you’ll see actually, if you look at most open-source solutions these days, you’ll see that there’s an open-source product. And then all of those businessy things are the bits they sell for an extortion amount of money.

Is Tyk Open Core?

Mike Schwartz: Actually, I wanted to roll back a little bit to something that you said. You mentioned that you’re open source, you’re not open core, would you say that there’s a core product, or let’s say, that’s open source, and then, there are additional components which are commercially licensed – how does it work?

Martin Buhr: The bit that does all the heavy lifting is the gateway. It’s a proxy, traffic goes in, gets managed, traffic goes out the back end. And that’s where all the hard work happens. So, not only does it move the traffic, but also it applies things like rate limits, quotas, it gathers analytics, it might transform the request in some way, it might run some plug-in middleware – all kinds of transformational or validation elements that you need to do to your traffic. That’s where your authentication lives, where your authorization layers live.

That component is sort of the key bit, that’s what you want. That’s the thing that you want to put in front of you, into your DMZ, in front of your traffic to secure your services. That part is completely open source, and all of the components you need, all the features you need, to manage your traffic, is part of that component.

If I went out and I said, “Okay, I am large business A, and I want to spend no money on my traffic management, my API gateway and my API management.” I could do all of that, with our gateway. The only difference is, there’s no UI, you have to do it all programmatically, with our API, and with files, and all that kind of good standard, you know, unixy way. So, that’s fully functional. We don’t hobble our product at all. But then, we have the components that go on top of that that are the value-adds. So, there’s a separate service called our Tyk dashboard. That’s the management UI. It’s also the management API.

So, the dashboard is a single-page web app. It consumes the dashboard API, the dashboard API is much larger and granular, it’s multi-tenanted, you can have users, RBAC, and all of that good stuff. It also has a developer portal, which you can expose to let your developers that self-serve access to various services in the organization or even externally.

And so, that part, that whole application is closed-source, and that takes a license key. And that license key is essentially a cryptographically signed object, we use a private key to sign it, the public key is embedded in the binary, so all we need to do is validate the signature. If the signature is valid, we can trust the claims inside it, and that then says what you’re allowed to do with the dashboard.

And it has an expiry set, so we know that, let’s say, it’s a one-year license, and then the software will lock you out after one year because that’s expired.

Good thing about that is, it doesn’t need to call home, we don’t need to actually validate the license because all that stuff happens in the software in quite a safe way. It’s hard to break unless we lose our private key obviously. So, that’s one component, and then the second component that I talked about, this multi-data center bridge, also has a license with a separate key because it’s an add-on. So, you can kind of build out your ecosystem with Tyk. You can start with the gateway, which is open source. “Okay, this is great. I like this, but I actually want a UI, and I want all this cool RBAC functionality.”


So, you buy the dashboard, and you just tell the gateway to be managed by the dashboard. So, now, you extended out your installation. And now, I actually need gateways in six different locations or six different networks. Okay, I can’t do that with one dashboard because of latency problems, database problems and things like that, so I’ll buy the multi-data center bridge. It’s an add-on, you point the bridge at your dashboard, and you point your gateways at the bridge. And it then takes care of handling your fleet.

So, we basically license those components, and within the dashboard, there are feature flags, you know, for role-based access control, multi-tenancy, things like that, single sign-on. Those are feature flags we can switch on and off in the license, so we can start with a base license, and then build up on the pricing tiers from there. And we leave that up to – it’s not a software decision, that usually goes to the commercial team. They’ll sort of know what levers they see coming out of the interactions with potential customers and saying, “Okay, well, these are the things that people want. Let’s figure out how we can price those.”

So, there’s always this evolution in how we price our software, but that’s essentially how we manage it. It basically means that somebody could go along, they go to our dashboard installation, they run that for a year, and they’re like, “Okay, we can’t afford this anymore.” They don’t actually have to take away this out – they just simply have to take the configurations out, put them into the open-source system and take away the dashboard, and they can keep running. That’s the important bit.

Whereas with an open-core system, the core thing, doing all the work is hobbled. Because, if you no longer own the components that are doing the work, like your rate limiting, or managing open ID connect, or something like that, then actually, the whole thing is broken. So, you can’t continue, you have to shift.

Products

Mike Schwartz: So, of the pre-products that you mentioned, there’s the self-managed, the enterprise, and the SaaS. From a revenue perspective, which of those is the most important today?

Martin Buhr: At the moment, on-prem, the self-managed is the one with the best margin, because we don’t take on any of the costs of running the software. SaaS is a tricky business, you have to run it, you have to put a margin on top, and you scale accordingly. So, there’s quite a lot of cost of just getting everything running.

We’re about to launch the brand new version of our SaaS, which basically takes all of the stuff you get with the on-prem version, all the good stuff, like our plug-in capability and things like that, and makes it into a multi-region SaaS, so you can say, “Oh, I want to have my dashboards in…”, but that’s mainly on data sovereignty because we operate in Europe, and we operate in Australia and Singapore. You find these data sovereignty levels get more and more and more strict. And that’s why on-prem is really popular.

But the first thing that gets cut during recession is your DevOps team. So, the last thing you really want to do is manage people that manage software, so they all go for SaaS. But then, if your SaaS offering is enough to scratch, you lose them at that point. So, we’re building our SaaS to basically be just as competitive as our on-prem solution, and just as capable in terms of where you locate it, where you run it, and doing it all by a managed controller, to make that work. But essentially, to answer the question, yeah, the wholly-owned system is the one with the biggest margin, and the one we currently see the most interesting.

Sales Motion

Michael Schwartz: So, on your website, I didn’t see any particular vertical, marketing focus. Are the sales opportunities primarily inbound, like i.e people find the open source and then, they reach out to Tyk?

Martin Buhr: It’s a bit of a mix, mostly inbound, yes. People do reach out to us, we don’t necessarily have to go banging on doors, which is good. The way people find us are a few. Yeah, there’s google looking for the open-source software, trying that out. But actually, interesting, a lot of stuff that drives us is, whenever there is a comparison, we’re always in the mix these days with our largest competitors.

And Gartner and Forrester run reports on full lifecycle API management. And we were lucky enough, six months into launch of the company, to be featured in both. I think we were an honorary mention in the first Forrester because we didn’t quite have the revenue they needed for open source, but we did manage to get in there.

So, we’ve been on the radar for a while. Nowadays, it’s more about when people look for, you know, they’re looking to do a proof of concept or some kind of RFP that will hit us off just by default. And then, they reach out to us and say, “Tell us more about your software.”

You know, the other sort of big inbound market is – especially in Asia actually – is partner marketing. So, we have a whole bunch of integration partners out there since our business is mainly the use case for an API Management solution is ultimately an integration problem.

So, we have all these systems integrators that will look to us to provide a solution. And they might be more vertical focused. So, you’ll have NSI that’s healthcare, or you know, government, or things like that. And they’ll specialize in that sector for us. They’ll build on top of our platform.

Partner Development

Mike Schwartz: Did you actively recruit and identify the system integration partners, or did they find you?


Martin Buhr: We hired a really, really good sales guy in Singapore, and he knew how that market worked out there. So, he courted them initially, it was a bit of a mix of inbound and courtship, and usually what happens is, it’s a bit more opportunistic. The problem with legacy providers at the moment is they already have all these partner relationships set up, but they’re also extremely expensive. So, when it comes down to trying to cut costs or trying to streamline things like government spending, looking at the value, those solutions add, becomes problematic for most, especially if they’re closed-source. The open-source model always feels cheaper, so that tends to be a big driver as well.

I’m not saying that open source is cheaper, but open source is perceived as less costly because it doesn’t come with the overhead of training and a sales cycle that comes with it. Because you go and try and get a trial of a large enterprise piece of software, you have to go through three layers of account managers, sales peoples and technical representatives before you can get your hands on the software. And that’s bad accessibility can be a real problem, buying off the back of a data sheet.

Is It Worth It To Serve Smaller Customers?

Mike Schwartz: I’m gathering that enterprise customers are most important from a revenue standpoint, but have you found a way to serve small organizations, i.e through the SaaS? And is serving those smaller organizations actually like materials of the business? Is it worth the effort?


Martin Buhr: It’s definitely worth the effort. I mean, we started off as a community business, still are. The people that pay our bills are the large Enterprise customers. Those are the ones we really try and court, but those are six-month, twelve-month deals. You know, selling into the enterprise takes forever, not just from just getting in the door, but also just getting contract signed and making sure that the invoicing is correct, and going through all their procurement coops. So, that’s all well and good.

That’s the bit that sustains you, but at the end, it’s the smaller engineer, the side project, the hacker that drives interest, that pushes the platform a bit, that actually will probably contribute back. Especially in the open-source place world, and so we do. I mean, as our SaaS version is relatively less costly than the on-prem version, and we do obviously offer discounts for charities or small businesses and things like that.

So, we do have ways in to use the software without paying us a fortune. And we do sometimes say, “Here, you have the dashboard to be filtered free.” But most importantly, what I said is, “If you’re working with a smaller customer, is we can enable them through our community support or through discounting, to make sure that they get what they need.

We don’t actively go after those customers. Instead, actually, almost every single time, you engage in a sale, especially in our market, it’s an integration sale. There’s a lot of expertise required – they’ll have their own identity provider, they’ll have their own databases they want to use, they’ll have different service types that they want to use, they’ll have specific integration problems that they need to solve, and they need your help with.

You know, that’s the old fight of how good is your documentation versus how much help do you want to give on a personal level. In this case, that person’s time is really expensive, so we have to be very careful where we spend that time, but we do make sure that all of our engineers, for example, are on our community forum and are actively engaged in helping the community, make sure that they can do what they need to do and work with the software. We’re not exclusively focused on the enterprise, we just can’t spend a huge amount of time on customers that don’t sustain us.

We do ultimately have bills to pay, and developers got to eat. We have something like 74 people on staff now, in 22 different countries. And, well, it’s lovely to be able to offer an open-source piece of software to the community, and take the position that we will never hide the ball. And you know, it’ll be a fully functioning piece of software forever. The bits that are the value-add, we do need to charge for, and we just need to make sure we can keep the doors open.

One of the things I think that really puts a lot of people off of starting an open-source project is, there’s a lot of entitlement that comes with folks that use open-source software that they don’t quite understand. You know, the person building it is doing this out of love or, you know, because they enjoy it. It’s rare that an open-source project becomes a business. And once it becomes a business, your viewpoint has to change. So, it’s a sort of double-edged sword of how much do you put up with users that feel like you owe them something versus trying to run a business profitably.

Hybrid Cloud Pricing

Mike Schwartz: Hybrid cloud API proxies are hard to price. Some companies are pricing per transaction, but transaction value varies widely based on the line of business per server. And CPU models are tough because in the Cloud Native world with auto scaling, compute can be a moving target. I heard MuleSoft has a pricing model based on per container hour gig of RAM. So, I’m wondering, have you figured out what are the gates you’re using to figure out how do you price for this type of service in the enterprise space?

Martin Buhr: Hybrid’s tough because you’re not actually running the traffic either. So, if you’re telling a user, “Oh, no, you run all the infrastructure, and we’ll charge you for the traffic.” It’s problematic at best. So, what we do is, for us, when somebody comes along and says, “Okay, we want to use the hybrid.”, they are basically using — you have to remember that everybody that uses our software, no matter the large enterprise to the smallest user are all using the same open-source gateway.

So, if you use our hybrid offering, you’re actually using our open-source gateway in the configuration, so it works with our hybrid cloud. So, the nice thing is, we can basically say, “Look, here’s the container, it’s public, do what you want with it. Just make sure you configure it this way. And the way we price is pretty straightforward – you basically pay us for your account. It’s a monthly subscription, and that subscription comes with data retention limits. So, that’s the most expensive part.

We don’t run any of the traffic. The traffic is going through hybrid gateway, so we are just collecting and storing and processing analytics, and that IS expensive.

So, we say, okay, so per gig, per — we actually do it by number of days we store it for. You know, you get seven days, or 30 days, or 100 days, plus the additional features in the dashboard because all the value-add stuff, so single sign-on, role-based access control – all that stuff that lives in the cloud bit, whereas the hybrid gateway itself is fully featured, so they just simply need to configure it.

So, actually the way we offer is just a subscription model, where we don’t charge by scale. If they want to run 100 gateways, that’s absolutely fine. I mean, admittedly it’s a bit of a surprise to us when people do it, but we have had it before where we had one Malaysian customer who was — they were a huge ecommerce provider out there. So, big sort of eshop, mobile shop. And they were running millions of requests today, through our hybrid infrastructure. And they must have had 100 or 150 gateways spun up in their architecture. I think they were using mesosphere.

Yeah, it just sort of, it stood up, as long as we didn’t have to store it, it was okay. So, for our hybrid instead, we’ve actually parceled it as part of our overall SaaS solution. So, if you pay our cloud price, we throw hybrid in, just as part of it, because it’s meant to be a flexible proposition – it shouldn’t be either/or.

Self-Hosted Pricing

Mike Schwartz: I see, what about on the self-managed piece, how do you price that?

Martin Buhr: Well, if it scales according to how many gateways the dashboard has to manage. So, you could for example, have 10 gateways running open source – fine, no problem. But as soon as you introduce the dashboard, we limit that down to how many things can actually connect to it. So, customers come to us and say, “Okay, I have this much traffic, I have this kind of size of server, these are my requirements for a high availability and failover.” And we can then put a package together for them saying, “Okay, well, you need two gateways, or you need five gateways, or you need ten gateways to manage that.” And then the license is built accordingly.

So, they then install the license, and it allows ten gateways to connect. If you try to add an eleventh, the one that rejects the connection, that gateway doesn’t boot basically.

What Is Tyk Doing To Grow The Community?

Mike Schwartz: It sounded, like you were saying, that you actually had good community interactions on the support forums. Are you planning to foster growth of the open-source community and ecosystem, and how are you planning to do that?

Martin Buhr: Yeah, we just hired a full-blown community manager – I think he came to us from Mozilla to help us build out our open-source offering. So, it’s one of those things that gets neglected as you get bigger. You kind of go, “We’re making money, uuu, let’s focus on that.” And then, you sort of forget about all these free users that are sitting there, giving you all this free feedback on what your product needs.

So, we do a couple of things. One, we have an open-source community forum, and all of our engineers are on there, all of our consulting engineers, so these are kind of like post-sales technical architects are on there, plus our support managers are on there to make sure that there is coverage. So, you do actually get access to the staff, it’s not just the community helping itself. So, we do actively do that. It’s obviously a bit slower than our SLA approach, but, nonetheless, it is there.

And then, as a sort of a community manager is focusing quite heavily on what we can do better in Github, managing tickets, managing visibility of the roadmap, managing pull requests, and also in general, figuring out how we can shift from being an open-source project that we mainly drive to becoming more of a platform that people can build on top of.

We are currently investigating ways of doing that to make that really work, because as I said, you know, systems integrators and partners, they will have large companies like Accenture or Tata Consulting, or Capgemini, you know, they do have industry vertical professionals. And those guys will go in there with the product that they’ve got internally around HIPAA compliance or HR compliance, or open banking, or whatever. And they’ll want to build products around that.

So, the more customizable your solution is, to handle an industry, handle a vertical, the better, because they can build products out of your platform, and both people win. You win because you sell a license, they win because they’ve now cornered a vertical with this particular solution that happens to be based on yours. So, that’s sort of where I’d like to see it go.

And we’ve seen it here and there, you know, it’s hard to track them because as I said, we don’t call home, so we don’t actually know where any of these open-source gateways are running. But when they do pop up, you do find some really interesting stuff.


We had a customer in Thailand that said, “Okay.”, that the guys they brought it into the company, they eventually left, and they started their own thing. And they just recently shared with us like, “Oh, look, we’ve done all this extra work, and now it integrates with this, and we have all these plugins.” And they’re literally running a business off of that. And I love to see that, it’s amazing. They’re doing this all open-source work, and we’ve seen a couple of integrators, partners, individual open-source contributors, just taking the product a little bit further. And that’s wonderful to see. So, I actually like to see more of that and have more visibility of it.

As we said, we don’t at the moment, because we don’t really force it to call home, so we can’t really just sort of poke a user and say, “What are you doing?”

Open Source Ecosystem Duplicating Enterprise Features?

Mike Schwartz: How would you feel if somebody took the open source, or some company took the open source and built a sort of platform around it, and there was some overlap, maybe with some of the features that you were offering? Would you see that as a positive or negative for the company?


Martin Buhr: It depends. If they’re taking business away from us. It’s a positive most of the time because they’re doing something with it that we can’t do. If they’re doing full-blown overlap, like they’re taking our dashboard and copying it and adding services on top, and then saying, “Okay, this is a cheaper version of the version you can get from the vendor.” I would be a little bit irritated because it’d be reverse engineering, some APIs we’ve got. BUT, it is the price you pay for being an open-source market, for being an open-source product. It is part of the risk.

You see a lot of people moving into the business source license, and we considered that for a while to think, “Okay, well how do we stop people trying to edge into our market.” And at the moment, it’s not so serious. I mean, if you were a database, like Mongo or Redis, it’s a much bigger problem because your footprint is much bigger, in terms of usage. And it’s this whole thing, it’s sort of API theft, or Driver theft.

And you can see it in some businesses as well that they are API based, where, all of a sudden, they’ll go, “Oh, we support the Uber API for our car service.”, which means, you can just point at a different endpoint, and your SDKs will continue to work, or all your integrations will continue to work. Or, you can just drop in a new driver, you can use the same Redis driver to connect to ElasticCache as you can to run fast. That’s just mean.

It’s really taking advantage of interfaces, and I think it’s part of the open-source problem, it’s a real issue if you become very successful in open source. You know, you become a kind of standard, I mean, we don’t have that yet. I would love that, but we don’t have it yet. But, it’s like MySQL, or Redis is a great example, they have this wire protocol, if somebody wants to launch a competing product, they just need to implement this wire protocol because it’s open source. And all of a sudden, they can say, “Oh, no, we’re driver compatible.”

Cockroach Labs, for example, is driver compatible with Postgres, let’s interface that.” It’s just a way of acquiring users through somebody else’s hard work, which is — it’s a risk, it’s a real, real risk. And that’s why things like the business source license exist. But I think the only time you need to look at something like that is when you do actually have people building out large-scale, high-visibility platforms that are competing with yours.

Most of the time, there should be enough space in the market for you both to coexist, so it’s a bit tricky. There is no answer I think. I’m not sure if that answers your question.

Advice For Startups

Mike Schwartz: So, last question. Any advice for entrepreneurs who are launching a business around an open-source product?

Martin Buhr: The first thing is, try and figure out what are the bits that are valuable in your product, because that’s the thing you’re going to need to protect and monetize. A great example actually is the Caddy Project, a really, really good web server with some really strange monetization options. And they changed their tune several times, from enabling access to a built server, to removing headers, to doing all kinds of stuff with their proprietary version. And it’s because the entire product was open source.

What you need to kind of figure out, if you look at like Kibana or even NginX, you kind of want to say, “Well, if you’re going to try and monetize an open-source project, you can’t monetize the actual open-source piece because that’s always going to be free and open, and you don’t really want to be hobbling your own open-source software.

So, you have two choices: you have the choice of either forking and creating a second branch that has all the value-add stuff that you want to sell, or going open core, where you then sell the plugins and things like that. Or maybe go like us, where you say, “We have an open-source offering, we’re going to continue providing that, it’s fully functional.” But, if you’re a big business, you’re going to want all this extra stuff. That’s the stuff that’s instead of baking it into the core, we’ve created different separate services for it, and we charged for those. That makes it more sustainable.

The other thing is, I guess, if you’re starting an open-source business, you need to really figure out who you want to sell to, because mass market is hard. If you’re looking at investment, mass market is great. So, if you’ve got something that’s got really high penetration – a good example might be, like Postman or Visual Studio Code, that gets a lot of adoption, it gets a lot of adoptions. It means you have access to millions of users. And that’s really valuable because you can eventually monetize that and mine it for that 10-20% that’ll actually pay you some money.

When you’re going mass market, you have to go for as much penetration as possible. If you’re going B2B, and you want to go into the enterprise layer, and you want to start charging those big bucks, you need to really start thinking about your sales process. I think most startups, when they get into the B2B industry, even if it’s open source or not, selling to a business is hard, it takes forever. If you don’t have the experience of working in that environment and dealing with the red tape, the context, the process, and the flow, you’re going to have a really hard time to break it.

So, that’s the second thing, it’s probably easier for an open-source product to go from mass appeal rather than B2B, but B2B is where all the money is. With the mass appeal product, if you’re going to say, “Okay, I’ve got a new code editor, or a driver, or a really cool data stitching API or whatever, if you get a lot of users for that, that’s great, but you’ll need to monetize them down the line.

And one, that means you have to alienate your community, two, it means that actually your value will be in that network, which means you’re going to be trying to sell on that network. And open-source business is that we are relying on a network need funding. So, eventually, you’re going to have to get funding in order to monetize the network, in order to get to a point, where you’re profitable.

At Tyk, we were really, really lucky because we managed to build the business really organically from the start. We started with zero employees, then one, then two, then three, then seven, and that was off of the back of a little bit of Angel money and actual real deals. We were making cash, and we were in the black. And then we grew slowly.

We only took funding last year, but that was so that we could go aggressively into the American market and open an office there because that costs a fortune. You know, you can’t build that organically. So, you kind of need to really figure out where you want to go with your project if you’re going with open source. That’s a lot of weird advice, I guess.

Mike Schwartz: That’s great. Martin, thank you so much for spending all the time with us today, and congratulations, and best of luck.

Martin Buhr: Thanks, Mike.

Mike Schwartz: And thanks to the whole Tyk team for collaborating on this podcast. Editing by Ines Cetenji. Transcription by Marina Andjelkovic. Cool graphics from Kamal Bhattacharjee. Music from Broke For Free, Chris Zabriskie and Lee Rosevere.

Don’t forget to follow us on Twitter. The handle is @fosspodcast. You can also follow me personally on LinkedIn. I always post a link to the episodes, and you can share it from there too. Next episode we have Kathryn Erickson from DataStax, one of the leaders in the Cassandra ecosystem. Hope you enjoyed this episode. Until next time, thanks for listening.