Tuesday, June 16, 2020

“Vendor SLAs” - Customers VS Vendors 

(battle or partnership?)

Image is found at
My experience on both ends of enterprise IT should allow me to elaborate on the topic a little bit. It has come up recently in multiple public and private forums – the customers are not very happy with vendors and term “Vendor SLA” has been born. The term basically means – the technology vendors should be (financially) responsible for what was promised but not delivered due incompleteness of the product, bugs or wrongly set expectations.

There are my own clear memories of the days when our IT Department receives a shiny slideshow overview of the product, we setup PoC, test all features in our non-prod environment and let the vendor know that we’d like to proceed with the implementation but want to be cautious of the cost. Product arrives, provides basics and we ask for additional functionality that was described and demoed to us – we receive those “ah’s”– (a) ah it’s still in development, (b) ah it’s a separately sold functionality, (c) ah you need specific technology, hardware etc in your data center to take advantage of this. 

Obviously after awhile going via these experiences you learn how to better navigate via vendors marketing content but still it’s far away from perfect and makes it difficult to smile at vendors instead of expressing your real emotions.

On another end I’ve been working for the vendors and can see how (especially in startup environments) there is simply not enough resources that would allow in no time to bring the product to its perfection in terms of bugs and features. Sometimes a team of several people work for multiple weeks to deliver "an absolutely needed feature" for the specific customer use-case. The feature released and six months down the road you learn that there is no plans for customer to use the feature. Also because of its specifics the functionality can't be used by other customers and increase the value proposition of the product.

Would Vendor SLA help here – a customer was misled in regards of the timelines, quality of the product, functionality – they come and ask Vendor to pay. Lets say Vendor pays monetary amount for the impact to the customer business. Now - to recover its own financial impact – the vendor cuts more resources – that slows up development process and number of bugs will grow, number of features growth will slow down or stop. Who’s the winner?

I’m not saying the vendors are not responsible or innocent. Yes the vendors are bloody guilty on overstating the product ability to deliver everything. And unfortunately it’s how the technology revolution works since Edison selling light bulb long time before he could deliver it, same story with Elon Musk’s enterprises, same story but different ending with Theranos startup.

It comes back to the layer 8 of OSI model – human interactions – if vendors were open and transparent with customers and the customers had solid picture that they are investing in the future – we could move much smoother forward. However in today world it’s very difficult to trust each other and move forward. Unfortunately today the biggest successes are based on customer-vendor lies instead of productive relationships. Will we be able to change that ever and "break through to the other side"?

Thursday, March 5, 2020

Certified Kubernetes Administrator (CKA)

History of Petr's certification adventure ("journey" is overused these days)

Before focusing on specifics of CKA - there is a little bit of background that needs to be covered.

Since my first certification in 1995 (yes - makes me feel really old) - it has been permanent struggle between proving my credibility and being a certification junkie.

As a generalist - placing my hand on so many different technologies is normal as well as getting pretty technical - and it's an obvious natural move for an IT Professional to take a certification exam to assert your skill.

Also being part of multiple communities (VMware, Networking, Security etc) I've been on another side of the wall and participated in the exam preparation process for VMware Advanced Professional Exams and Nexus Security exams. (I'm almost got on ISC2 panel but they require a very extended distance with other certification preparation work). So it gave me of the internal view of the certification process that not necessary inspires to continue taking the certification exams.

Last few years I started dropping the certifications that require renewal - if someone doesn't believe you're good at networking after being CCNP for 15 years because you're not re-certified - it something that doesn't worth my time investment.

Also recent years was visible infrastructure shift for enterprises of validating the cloud models, building systems with the services oriented architecture (SOA) approach in mind, extensive use of API based solutions, wide adoption of the containers, continious move from "click-click-click" to automation and orchestration management of the complex enterprise systems.

Quoting a private conversation with a very respectful leader in the industry - "Kubernetes it's a technological shift that happens not more often than once a decade". Watching how AWS and Azure both are adopted Kubernetes following GCP - also makes me believe it's something huge and I don't want to miss the ship.

So when my colleague and a friend organized internal Study Group for CKA - it was no doubts that I should join and participate. My current employer also covers access to Linux foundation class LFS458 and CKA Exam - that is extremely helpful.

Preparation summary:

Going through LFS458 wasn't a really walk through the park - so many topics and examples - keeping the focus is almost an impossible task - my external trips were - Project Calico Hard WayKubernetes Hard Way by Kelsey Hightower and also many resources on orchestration to support my lab deployment in GCP via Terraform (that I might do as a series of separate posts).

One thing that everyone agrees with me - for some reasons Kubernetes is not the technology that sticks in your head - it's not like - learn to swim or ride bicycle once and you will never forget. If you don't touch yaml-files or kubectl for a couple of weeks - it requires a complete retraining.

As a last piece of a resource I took a privately offered Advanced Kubernetes class provided by VergeOps - it was shocking discovery that every day something new was learnt - highly recommend to contact them!

Exam logistics and experience:

You can take this exam from your desk (quiet room with no others presented in the room). - the idea of not going to test center was awesome!

The exam requires a camera that the exam proctor uses to monitor you're following their instructions. you run computer pre-check software when register however the process does not include camera checks. I use my external camera daily for multiple Zoom meetings and assumed it was functional.

However it hasn't worked when my exam started inside of the examination browser plugin. The only advice I got was to use a different computer next time.

It actually looks that this test was able to demonstrate to me the exact problem - it turned out to be bios setting of my builtin camera that conflicted with the external one.

After you get all your screen shared and your camera working you need to confirm your ID (place your government document in front of the camera), show the proctor the surroundings and close all applications on your computer and then you're allowed to proceed with the exam.

Important items about the exam itself:
  • no multi-choice - you're given a task and you need to complete it (different environments are provided - commands to connect to the right environment are part of every question) - someone said it's very similar to VMware VCAP Deployment exams - 100% agree - if you ever taken that lab - it will be very similar
  • points you're getting for the question are also specified at the question (helpful i.e. if your strategy to do large items first)
  • there is no order - all questions are independent - complete them in any order you prefer, move back-and-forth as much as needed
  • you are allowed to access to https://kubernetes.io/docs/ make sure you are able to navigate your way through different sections and easily find a piece of .yaml that needed 
  • Even multiple monitors are allowed (I had 3 monitors and shared all of them - it's a requirement) - when I looked at one of the monitors I was reminded that "the student need to front-face the camera" - so ended up using mostly one monitor that is placed directly under the camera.
  • you do not get your results immediately - a common agreement that it's 36 hours (24 hours to validate your lab + 12 processing time) - mine were sent/received at 10 PM PST sharp the day after the exam (I clicked the submit button at 2-15 PM PST the previous day (maybe there is a batch they are running?)

After all - I've read the statements such as "CKA is toughest exam I ever took" - can't agree here - the exam is very fair and fun as it's not just answering questions but actually doing stuff.

Next steps:

it's obvious to me that I can do well with Kubernetes vanilla deployment however the ecosystem is so wide - different environments, plugins etc - that to become a real kubernetes guru you need to work very hard daily.

I'll try to be on that track and work with native Kubernetes implementations in public clouds and being a network and security guy - Istio is a really big on my radar

Wednesday, January 8, 2020

2019 in review

Just realized that I haven’t blogged for the whole year. The blogging is a therapy for me and certainly considering so many changes – returning to this professional hobby is necessary.

So what happened since December, 2018:

  • Google Cloud Certification – certainly getting there was an interesting experience, exam was different than any exams that I ever took before – which I really liked (maybe partially because I passed it?)
  • Cisco Live in San Diego in June:
  • Foo Fighters performing at Cisco Live 2019 Customer appreciation event

    • San Diego is the place that certainly makes me feel great
    • Keynotes, announcements and some of the sessions that I managed to attend certainly not as nearly exciting and interesting as my last Cisco Live event in 2010 – it seemed no one really understood why they are attending or presenting at the event
    • Foo Fighters at the customer appreciation event – was the best concert I’ve ever been. Dave Grohl has crazy amount of energy that I’ve never witnessed before!
    • Last day of the show – Avi Networks acquisition news came that completely derailed me for the rest of the year – as I never could predict to be VMware employee again
  • Bangalore, India trip:
    • In July I was presented with a unique opportunity to visit Avi Networks office in Bangalore
    • It was my first visit to India, and it was an absolutely incredible experience to meet in person many of the exceptional Avi Engineers that have worked with my customers
    • It was no cultural shock for me as many things in Russia are similar to what I could see in India. Friendly honking with no face expression was the newest thing for me
  • Back to VMware:
    • It has been two years and a couple of months since my departure from the company and it’s shocking to see all that changes
    • It’s really great to reconnect with my old friends 
    • Avi is still in the early stages of the integration and so far we all action as before – all together as part of NSBU (Network and Security Business Unit)

  • Technical blogging – there is a draft list of topics that I’m planning to turn to a separate blog posts (most likely on Packet Pushers community site)
    • Kubernetes and Security solutions
    • Distributed systems paradoxes in SDN (was just published)
    • Fingers crossed - it will much more to come! 

Wednesday, December 5, 2018

Re:Invent 2018

I’m getting poked by colleagues and industry friends on the frequency of the post on my page here. I had a lot of exciting things happening with my job at Avi Networks and also a wonderful family expansion that certainly took away any second from an opportunity to write any blog posts.

There are few highlights as follow up of the biggest conference I’ve ever attended

  • The most important – the company and the product that is the center of my existence for the last year was presented on the expo floor and I had an incredible opportunity to talk to the existing and potential customers and learn a lot of great things in terms of emerging technologies and unique use-cases
  • The second important thing was contribution in the strong vExpert community by giving talk around  "API as a foundation of Datacenter operations" at VMware {code} booth organized by vBrownBags and meeting a lot of great technologies via that community. (most of them first time). The post covering my talk is published on PacketPushers community blog page.
  • Also I learned of the new unique and hype food called Eggslut.

Monday, June 4, 2018

Linux Northwest and other news

It has been three busy months since my last blog post which is difficult to accept. Before - we were almost on weekly blog post schedule.. However it doesn’t mean the professional life is boring. There are few things that require a reflection:

  • Linux Northwest Fest – probably the best community event I have ever attended. (well it was my fourth time here). It’s so crazy to get to know the crowd that drives open source projects and get more information around the projects themselves. In many cases I’m not able to easily accept that the majority of the projects will be successful, but some of the ideas are great and the common motivation of making the world freer is appealing to me. Here are few details to share:
    • The best session I had was “Automation with Ansible” – where Mark Foster (ExtraHop Networks) was able to demonstrate on how to build and test Ansible automation on your local machine. It inspired me so much that on my return I was able to automate Avi Networks deployment on my own (Avi Networks has official playbooks on Github but it’s always fun to do it on your own from the scratch)
    • Another favorite session “Harness the power of Kubernetes and Istio” by Spencer Krum (IBM) – the session was alive lab that was all done on IBM cloud. The biggest discovery was that IBM Cloud actually has its own native support of Kubernetes.  So now GCP, AWS, Azure and IBM Cloud all have Kubernetes support which makes it an official public cloud docker orchestration platform in my view
    • Actually Azure part has been confirmed by another session from Arun Chandrasekhar (Microsoft) that was called “Hybrid multi-cloud infrastructure as code using Terraform” and basically reassured that Azure is pretty serious about orchestration and infrastructure as a code.
  • The other item that I would like to touch on is Openstack summit in Vancouver and couple of the technologies that sounded new to me. The Summit was in Vancouver (which is local to me) and Avi Networks had a booth on the expo floor. I’m covering the details here on Packet Pushers blog
  • Another event that is coming soon and I'm heavily involved with VMUG Usercon - very successful annual event, and as Vancouver VMUG Leader - I'm happy to help with it
  • Lastly, I’ll do my best to be more active here on the CrispyFog page with more periodic blog posts and also Avi Networks is hiring – ping me if you’re interested – we’re looking for all kinds of smart people – the full list is here  and also more TAMs (certainly I can tell you everything about that role)

Friday, March 2, 2018

Newsletter - March 2, 2018

February wasn’t very socially active month for me – due travel and getting up to speed at work, family obligations and a bit of traveling made it pretty quiet. 

Also Vancouver with the most of the planet got cold which made me to try to limit any possible commutes including events participation.

There are only two event to cover today:
  •  I’m happy to report that as new VMware User Group leaders in Vancouver – Carlo and myself had our first VMUG meeting. All credits go to Carlo as the organizer and the presenter. Also it was very dangerous to have non-sponsored VMUG meeting, but at the end of the day it was complete success. We have a couple of ideas for the next group meetings, but please feel free to reach out to us with your own ideas. Also thank you to Fortinet for providing us with a great meeting space and taking us on a tour around the facility afterwards.
  • The only other meeting that I got invited to was Nutanix User Group. I have no idea how I got invited, but since I’ve never been to one – I registered. The meeting was in a different format with much more networking activity and almost no death-by-powerpoint side. Also Veeam as a sponsor was great in their very condensed presentation. I don’t think I’ll go back as (a) I’m not a Nutanix user and (b) the experience was good but there is no need for a repetition.

 What really shocks me when I attend local Vancouver technology meetings on
  • how legacy technologies rooted in so many datacenters that there is no way to escape unless you rip everything off and re-architect your DC from scratch
  • negative discussion about public cloud – c’mon it’s 2018 – everyone should accept it’s a question of ‘when’ not ‘if’
  • cost discussion around the first two items. How it can be really done precisely when you have risks, regulations, security concerns, unpredictable loads and surprising requirements of the applications that business decided to onboard. All cost discussion reminds me a quote from “Security Metrics” by Andrew Jaquith – “you can use the numbers to proof any statement you’d like”. Do you want to keep your DC – look numbers prove that, you want to go to the cloud – look number prove that you’re right again!

I personally tired of wasting my time on interesting but pointless problems that public cloud already figured out for you and would like to spend my time on something that has value and unique for my customer or employer. Today my article is on ChatOps – if you’ve heard of the term in 2017 – you’re ahead of me and can skip my blog post on Packet Pushers web-site.

Monday, January 29, 2018

Petr's new beginning

Mostly evidence that I'm writing it on my way from Europe

It’s been awhile since my last post, and I owe explanation where I spent my last 2.5 months. Now on my flight back from Europe I finally have time to put an update together. I hope for a short update, however can’t guarantee it.

2017 was an awesome year for me, I had an opportunity to stop my career from stalling and eventually following of the cliff to the miserable state when you go to work for one single reason, called “paycheck”. My family and myself are so lucky that currently we can afford such pause in career and find something that interests me.

The goal was to take few months easy, work 20-30 hours a week, blog, spend time with my beautiful baby and wife. It was surprising to find such a high demand in the IT security market in Vancouver. So needless to say – it was difficult to balance between lucrative contract opportunities, family and continuous learning.

When I was asked if I want to start a permanent job – it was close to impossible to explain to recruiters, HR people etc, that I would go for another full time permanent job if it’s the right company – meaning awesome and modern product, culture of doers (not a paycheck collectors), and ability to be an influencer of the product direction.

My job dating game was going for a long time, but it wasn’t a right fit, right opportunity, right location (or working remotely possibility) or right skillset. And again, because I didn’t have an urge to land a new job, I took it at as a quest for perfection. Interview questions (or mostly at this level – great conversations with my peers and industry influencers) allowed me to rethink what I want to do and formulate my ideal job.

And my patience was rewarded when first through innocent tweet around “BADaaS” t-shirt I found
an exciting company AVI Networks and their ADC (Application Delivery Controller – next generation of Load balancers). Everything about the product excites me – SDN architecture, support of multiple Public Clouds, Native Container form factor and support of container orchestration engines, integrations with VMware NSX and Openstack. Also company culture and very interesting set of customers confirm that it’s a dream place for me to be.

My role with AVI Networks becoming one of the first TAMs – where I can bring my past TAM experience and contribute in building the strongest TAM program in the industry. People I met at AVI Networks are all superstars and together we’re able to make AVI Customers the happiest customers in the industry.

I started on December 4th and drinking out of firehose. Due my previous plans and obligation we’re away for family vacation for two weeks, then it was Christmas and now I spent another 10 days in Europe dealing with a long unfinished business in Russia. (I can't call it a vacation)

Now I’m done with my travels and look forward to focus on AVI Customers, Product and TAM Program.  Please excuse me but my blogging in the next little while will be all around AVI Vantage platform, integrations and use cases. If you want to join AVI – here is an URL and email me directly if you’re interested.