Red Hat's acquisition by IBM was surprising to many, not only because of the economics of the transaction, but also because it propels Big Blue into position as a leading contender in the open source cloud landscape. But it doesn't come as a surprise to Nimesh Bhatia who is the Program Director in the Open Technology group at IBM where he heads a team that contributes to many open source projects. Nimesh tells us how the company engages with open source and how the acquisition fits nicely into IBM's cloud and container-centric efforts.

ADMIN: How is IBM engaging with open source?

Nimesh Bhatia: IBM has a long history of contributing to open source projects, and we engage with open source in three different ways. One, we are engaging with various open source communities in terms of joining the foundations and contributing there. We are the biggest open source contributor, if you combine all of our code contributions to open source. We have various teams who are contributing code, participating as leaders in those communities, and bringing enterprise use cases to these communities. That's the second aspect. We bring enterprise requirements and enterprise needs to the open source projects. When we go and talk to our customers and they share the areas they are focusing on and say they have a need for security or performance improvement or certain integration between two technologies, for example, we bring those requirements to the open source communities. We dedicate our engineering teams to solving those use cases and producing code in an open way. And the third aspect is we are helping developers. When we go and talk to our customers, 94% of our customers are saying that they deploy the workloads on multiple clouds. So when you are deploying applications on multiple clouds, you need to have a certain level of conformance of the APIs. You have to have the testing done for various platforms, etc. We engage with developers in educating them on all these aspects.

ADMIN: One of the resources for developers you mentioned in our discussions earlier was the IBM developers' website.

NB: We have a wonderful website called IBM Developer [1], where we provide various ways to educate developers. You can go and read about the blogs of people who are directly contributing and building new use cases or solving new problems in open source. You can also watch their videos, and hear podcasts. IBM has a wonderful podcast as well.

And the biggest asset that I feel helps developers is code patterns. Code patterns are actual use case solutions that are open sourced. Code patterns integrate various technologies, software code to solve a particular use case, which are available on the IBM Developer website. It includes the integration scripts and step-by-step instructions to do the installation, integration, and building of the application, and all the source code is available on GitHub. So if you are a developer who is building an app or trying to solve a problem, and if you find the code pattern that matches close to what you are trying to do, you don't have to start from scratch. With code patterns you get something that you can build on it.

ADMIN: How many code patterns do you have?

NB: We have over 250 code patterns. And these are some very good resources for developers. At present we have over 4 million active developers on the IBM Developer website.

ADMIN: And many of them are non-IBMers?

NB: Almost all of them are non-IBMers.

ADMIN: How does IBM contribute to the broader open source ecosystem?

NB: In our group, which is the Open Technology group, we have three areas where we broadly contribute. The first one is my focal area, which is cloud and containers. It is the hottest technology area at the moment, with Kubernetes being one of the biggest projects. In addition, we are contributing to the Istio [2], Knative [3], and Cloud Foundry [4] projects.

The second area is languages and runtime, which is very fundamental to the broader developer community, NodeJS being the biggest with the most developers. IBM is a big supporter of NodeJS; our VP Todd Moore is on the board of the NodeJS foundation. The third area, which is emerging and very hot right now, is Data and AI [artificial intelligence], where IBM is not only supporting the existing communities like TensorFlow  [5], Kubeflow [6] and Onyx [7], but we are also enabling the adoption of AI and machine learning [ML] in enterprises.

ADMIN: AI and ML in enterprises?

NB: Yes, we have created a platform for communities to contribute AI models as they're building them. We call it the Model Asset eXchange  [8]. When we were talking to our customers about the Model Asset eXchange and models that they can consume, a need arose around, "How am I going to validate my model? I'm building the model, but how am I going to validate it against the data sets? So do you have data sets?" That conversation led to the launch of the Data Asset eXchange [9], where there are open data sets that we have published, like weather data, some product catalogs, fashion catalogs, etc., where you can take those data sets to build and test your models you have created. And, like Todd Moore talked about this morning – the trust in AI models [10]: How do you build the trust? How do you explain what your model is doing? All these are current and real problems in AI that our group is solving. There is a center for open data and AI. We call it CODAIT (pronounced co-day ) [11], which is addressing and engaging all these aspects of open data and AI.

ADMIN: What kinds of conversations do you have in your meetings? Are they only focused on developers?

NB: When we go and talk to developers, the first and foremost thing that they are always looking for is how to make their life easier. There are multiple ways you can make their life easier. As I mentioned, the IBM Developer website addresses the need of learning. Then the second aspect is how we can make things easier and faster. When we talk to enterprise customers, they give their needs like, "Hey, I need to address these issues. How can IBM help?" So we work with them and collaboratively solve their problem. When we are having business conversations, we talk about solving business challenges, current trends of the industry, and how they can leverage IBM given where their business is going. So, three of the projects I mentioned in the AI space came from those conversations. They are mostly around technology.

ADMIN: Does solving "business challenges" mean pitching open source solutions as well?

NB: We want to enable the open culture and solve customer problems, so if there is a particular open source project that a customer wants to use, we can help them in many ways. On the IBM Developer website, we focus on teaching technologies rather than IBM products particularly. We have code patterns, which show how you can use open source to solve problems. Lots of IBM products are based on open source, and that gives comfort to our customers because they're based on open source, there is no vendor lock-in, and if there are any issues, they will be taken care of by IBM and the community in general. We are promoting open culture with our customers and you see a lot of enterprises are now participating in open source projects as well.

ADMIN: Are you personally involved in those interactions with the customers? Have you noticed a change? Are they more open to open source?

NB: Yes, there is a lot of open source acceptance from enterprise customers. If you look at foundations like CNCF (Cloud Native Computing Foundation), where IBM is heavily involved, their end-user members are growing quite rapidly, and you see a lot of open source contributions are coming from these members.

ADMIN: Since cloud is your focal area, could you talk about some of your team's Kubernetes-related work?

NB: Kubernetes is becoming the de facto standard for cloud-native applications, and when we have conversations with our enterprise customers, they are saying, "OK, Kubernetes is the foundation now, but I need to enable and containerize my application." So they have a journey that they go through, starting from the infrastructure and containerization platform. Now, when you go up the stack, and you are building cloud-native applications, the challenges are: How am I going to containerize my code? How am I going to deploy this containerized application? How am I going to establish the CI/CD [continuous integration/continuous delivery] pipeline?

To address this, we have launched a new project called Kabanero [12], which has three components. The first one is Codewind, the second one is Appsody, and the third one is Tekton for CI/CD. Together they address the complete app development lifecycle. And it's all based on Kubernetes. IBM recently acquired Red Hat, and they have a wonderful platform called OpenShift. So all these things can sit on Kubernetes and OpenShift to manage your container and the full lifecycle of your containerized application clusters, and then Kabanero and Appsody tooling enables developers to go through the full life cycle of the containerization journey.

ADMIN: Apart from Kabanero, do you have any other hot topic that the team is currently working on that you can talk about?

NB: Besides Kabanero, I mentioned that AI is another hot area. Model Asset eXchange we launched last year. Data Asset eXchange is a relatively very new project that we launched this year, which is addressing real needs. In the Kubernetes ecosystem, we are currently contributing a lot in Istio and Knative projects.

ADMIN: You had also mentioned earlier that one of the key areas that gets lots of attention and work is around cloud security. Can you please elaborate?

NB: Security is one of the hottest topics in cloud computing and especially the cloud-native ecosystem right now. IBM's involvement in this area is broad and covers both "here and now" scenarios as well as future ideas and work around various aspects of cloud computing.

In open source communities, we are working with Red Hat on the newly formed Confidential Computing Consortium (CCC) on trusted execution environments and secure enclaves. We are also directly involved in the CNCF SIG-Security [CNCF Special Interest Group on Security], working on common problems in the cloud-native community in a collaborative way.

IBM Research is bringing the capability to encrypt container layers, which includes proposals for Kubernetes, the OCI image spec, and popular runtimes like containerd and cri-o [13]. This work made great strides in 2019, with adoption of the core code into both containerd and cri-o and dependent libraries.

Our work on mainframe Z systems and Z Crypto accelerator HSMs [Hardware Security Modules] has brought about offerings for our cloud that offers the highest rated FIPS 140-2 compliance [14] for storing secrets and keys in a public cloud environment. Our secure computing environments, offered via Z Systems in the cloud, provide the highest level security controls for sensitive workloads.

ADMIN: Phew! Keeping track of all this seems like quite a task. What's your average day like?

NB: My average day, besides checking emails, is to work very closely with our developers and open source communities. I have a responsibility of leading several maintainers in various communities, such as Kubernetes, Cloud Foundry, containerd, Istio, and Knative.

ADMIN: These developers are all IBM employees?

NB: All these developers are IBM employees. They are leading various aspects of these open source projects. They are maintainers and developers in those communities.

ADMIN: How do you work with them?

NB: I work very closely with them to understand what their needs are, what the community needs are, where the gaps are, and what the challenges are that we are facing. Working in an open source community is a fine balance of not only understanding what your needs are, but also where the community needs are. On a typical day, we have in-depth discussions on how we're going to address those challenges. In addition, I attend various community meetings, especially Kubernetes working group meetings, Kubernetes architecture meetings, SIG conformance meetings, etc., to keep me updated.