Chef announced this week a slew of updates across its software suite, focused on the enterprise and bringing the InSpec compliance platform to AWS and Azure. Computerworld UK sat down with CEO Barry Crist to discuss what this means for the industry in general and promoting the company’s devops messaging in particular.
Chef Automate now integrates with compliance platform InSpec and application supervisor technology Habitat. InSpec, meanwhile, will now allow for automated compliance across AWS, Microsoft Azure, and VMware’s vSphere.
“I think for years, what we’re really selling is velocity,” says Barry Crist, speaking with Computerworld UK. “Looking through that lens got us to continue on that platform, it’s not about doing automation once, it’s really about change - have you embraced change to make it so you’re continually representing and updating change through software? That also goes to compliance. We were reluctant about getting into the compliance business but we saw again and again that was the friction point for velocity.”
So Chef will further head down the road of focusing on infrastructure-centric IT and agility. Crist calls this vision an “outcome-focused industry” that uses the principles of agile and lean IT to trim waste and allow developers to focus on what they would probably like to be focusing on anyway.
Computerworld UK also spoke with Dominik Richter, product manager for Inspec at Chef, who said increasingly security will not be able to be siloed off from the rest of a business.
Crist is reticent to say that the investments in compliance mean that Chef is a security company now. Instead he views security as one piece that’s part of achieving faster deployments overall. He explains: “I’d probably rather describe us as that automation company, and describe that compliance and security is just a necessary part of automation,” he explains. “There’s two big benefits you should be able to get using Inspec with Chef. The first is known vulnerabilities, they’re causing such an annoyance for most companies and sometimes very deep business issues.
“As I said, we think about these things less as security issues and more as agility issues - that sort of last-generation IT which never updates things because they're afraid it will break. They’re afraid of change and it’s hitting them disproportionately hard as opposed to modern companies. So, is it a security issue or an agility issue?
“I think we’re coming at it in a unique way, it’s not just printing some audit reports, this is legitimately improving the security footing of companies. I guess we are partially a security company.”
One aspect that Chef is keen to hammer home about its success as a business is the open source foundation of its technology and the community side that contributes to this. Crist believes that as it is successful in open source, this should also drive commercial success for the business while also reinforcing open source more generally.
“We’ve been successful financially over the past four years; we’ve gone from one significant open source project - Chef - to now two others, Inspec, and of course, Habitat.
“It used to be that Enterprise Chef Server was closed, but we opened it all up, so our foundational open source projects we want everyone to use, and sell our commercial product, Chef Automate on top of that,” he says. “The really open published APIs forces us to add value, if we don't do a good job adding value that’s on our shoulders and our base is free to use other things, build other things, and we’ve just found the more open we are the more successful we have been commercially.”
Could that open source foundation begin to change the vendor-customer relationship more generally?
“I think it will,” Crist says. “All our foundational technology is open source and if we don’t do a good job, we are a subscription-based business - you can turn us off, but keep running our open source stuff and through those APIs do it in a way that suits your business.
“There’s going to be a lot of shifts in technology and the modern enterprise needs to be able to move through those shifts quickly. We found the more open we are, and remove friction for both getting on and off our platform, this actually drives and increases broader adoption.
“What’s in there as a business model for us, is we have to continue to add and drive value, otherwise it would be very easy to move away from us. That idea of low friction in and out of our platform is one of the fundamental things we think about when we design our products.”
Crist says the open source model creates a sense of “constructive insecurity” - compared to the old ways of perpetual licensing, where there wasn’t “much incentive to listen to your install base”. This model pushes Chef into being more responsive and resolving problems for its customer base more quickly, along with the other benefits that open source brings.
After years of pushing organisational change to deliver deployments quicker, it appears that devops as a cultural movement is well and truly mainstream, with traditionally more resilient organisations in sectors like retail and banking now adopting the principles.
“I do think three or four years ago, it was sort of an out-there, on-the-edge point of view,” Crist says. “But I think the cultural stuff is not that controversial any more, it is becoming very mainstream. It’s not just companies like Chef, but also the big systems integrators, companies like IBM and HP. Everybody is reinforcing that message out there, and it doesn’t mean it’s always easy, because you’re changing from one way of working to another way of working. As humans, that can be hard.”