Rajat Bhargava – CEO of JumpCloud

Rajat Bhargava, CEO of JumpCloud, was kind enough to sit down with DevOpsAngle and talk about his experience in the cloud with DevOps. Through JumpCloud he has given a tool to the industry that has been quickly pulling in developers of all stripes. The necessity of powerful tools to virtualize servers, abstract away hardware and heavy lifting is being ever keenly felt in the cloud server community especially for startups.

Below is a series of questions involving developer concerns about the cloud, how security and compliance fit in with expectations. And finally we get to learn what mascot Raj thinks best fits the cloud!

Since DevOpsAngle is all about developers and DevOps, let’s open with: Where do you think DevOps and the cloud sit in the current industry and where do you see it going?

Perhaps the best word to use with DevOps is ‘accelerating’. I don’t think that it is a mainstream trend yet, but it is definitely gaining momentum and a lot of it. Of course new tech companies are living DevOps and some of the largest tech companies are as well – e.g. Google, Facebook, Twitter, etc., but not mainstream enterprises. Not yet, at least. My sense is that they are interested, they may be tinkering at the edges, but aren’t all in yet. With DevOps, ultimately to get the value, they will need to be all in. DevOps isn’t a set of tools or technology, it’s a methodology, a culture. For new organizations just getting going, it’s relatively easy for them to adopt the culture and live it from the inception. For existing organizations it’s a new culture. It’s sort of rebooting the OS of the company. For companies at large scale that’s a monumental task and one that doesn’t happen overnight. Companies are seeing enormous benefits from DevOps, but its early in the lifecycle. There needs to be a lot more data, proof points before we have more enterprise adoption. It will come, but just may take some time.

Cloud feels like it is ahead of where DevOps is as a trend. The challenges and issues that we used to hear about the cloud not being secure, it’s too exposed, and it doesn’t have enough control are issues of the past. Not all of those issues are completely solved, but there is enough momentum that companies of all sizes are adopting cloud for production workloads, not just dev and test. Organizations have enough confidence in the cloud to adopt it and use it for mission critical activities. This is happening across the board. There is still likely more hosting done outside of the cloud – in private or 3^rd party data centers, but that will shift here soon. The cloud infrastructure freight train is continuing to gain steam.

The cloud is an important piece of the overall DevOps picture and the strong cloud adoption is really a core component of the acceleration of DevOps. There are other pieces to the DevOps puzzle that are critical too that are fundamental underpinnings. One of those is cross-functional integration. Again, this goes back to culture, but organizations need to set themselves up in a way that they can work better across functional areas. Another key piece of DevOps is automation. In order for organizations to quicken their pace and introduce new capabilities quicker, automation is critical.

How much time do you think the usual DevOps team spends in managing cloud-based servers and instances out of their usual workflow?

A significant portion of their time is being spent on management. Our view of the DevOps lifecycle is provisioning, configuration, monitoring and management. Provisioning has gone from procuring hardware, racking it, and getting it on the network, to as simple as an API call. Configuration also used to be a manual task, but that is moving to a programmatic approach with a whole host of configuration automation tools. Monitoring technology continues to improve as well, with better automation, correlation, and notification capabilities. DevOps pros are spending less time chasing false alerts. Unfortunately, management of servers is still largely done by hand or through scripts. Both of these methods take a great deal of time to execute. Admins end up spending time managing users, patching, security, and compliance among many other tasks. Automating these tasks has been somewhat harder because many of them require decisions based on various inputs. They aren’t ‘fire-and-forget’ items, and as a result have been harder to automate.

When conceiving JumpCloud how did you see it providing DevOps teams an advantage when working with the cloud for streamlining and easing their workflow?

Absolutely. While our product can easily work with on-prem servers or data center environments, it particularly shines with the cloud. You can autoscale our product as your infrastructure scales as well as drive the product through our REST APIs. The cloud and DevOps are fundamentally changing the way IT is done and we want JumpCloud to be driving that change through automation. Historically, developers and admins have had to manually tackle server management tasks. Provisioning was manual. Configuration was manual. And, management was manual. Every sector of the DevOps server lifecycle is being automated and that was a core tenet of our company from inception.

If you look overall at how business and IT is changing, everything is moving much quicker. Major new technology products are being created in very short time frames, so companies are focused on driving more and more innovation. Everybody in an organization needs to spend their time on activities that drive that versus tasks that are “maintenance” and management related. If those can be automated through technology, developers and ops people can spend more time on driving their product.

What kind of current automation tools—testing, configuration, etc.–can be integrated with JumpCloud?

Creating an open product was a fundamental theme from us from the inception. DevOps is about bringing many different capabilities together into one coherent workflow / process / methodology. Any company in this space is going to have to have open APIs, webhooks, etc. JumpCloud has those and it has enabled our customers to integrate it with providers such as AWS and SoftLayer. Configuration automation tools such as Chef or Puppet can be used by default with JumpCloud. Many of our customers are using us in conjunction with New Relic.

Our users are managing a broader set of tasks than just servers. They are focused on driving innovation for their company. Our job at JumpCloud is to make it as easy as possible for them to manage their servers and get back to developing or building new capabilities. Making it easy for them to integrate us into their current environment or workflow is critical so that they aren’t wasting time figuring out how to get all of their chosen systems to work together.

How do developers interact with and develop for JumpCloud?

Developers and ops folks can leverage our REST APIs easily to do what they need to do. They are all located in our knowledgebase section on our Web-site — http://support.jumpcloud.com/knowledgebase. Our developers will routinely answer questions and post material that is helpful to our users. For those that want to quickly try the product, they can download it from our site — www.jumpcloud.com and it takes about 2 or 3 minutes to get it installed on a server. For those that want to roll it out with Chef or Puppet, we include template scripts that customers can use and embed into their configuration automation solution of choice.

I hear you have a background in the security world, how have you leveraged the knowledge you gained in your career into producing a management product such as JumpCloud?

Yes, a number of the JumpCloud founders have strong security backgrounds. A key objective for us with JumpCloud is to make security just part of the fabric of our product and ultimately the fabric of an organization’s DevOps approach. We have embedded great security in our product, but our product isn’t about security – it’s about driving innovation at your company. You just want to know that while you are doing that, you are safe. That’s probably the most critical message that we can tell our customers – build security into your DevOps process through your approach and great tools that don’t force you to do tremendous amounts of re-work, additional work, and spend significant dollars. The very best organizations we’ve seen out there just have it woven in and when they do it from the beginning, it is a lot cheaper and stronger.

How do you think that security changes for cloud-based customers when they’re using cloud services such as AWS and what parts of JumpCloud can developers take advantage of to mitigate new challenges?

After working for many years in the security world, I think the cloud fundamentally changes the security model. You are going from a model where previously the customer owned the physical and network layer in addition to the server and application layers. Data centers and hosting companies changed that by taking ownership of the physical layer and they build strong, comprehensive physical security controls into the facilities. The network layer was still owned by the customer. Cloud providers are now taking that over. Customers don’t control the traffic coming in now and don’t own the equipment related to that: the providers do. You can’t go put security appliances into AWS and in some providers you can’t easily route the traffic through “soft” appliances very easily. The networking model has changed.

This is where JumpCloud comes in. The new atomic unit in our mind is the server instance. That’s where organizations need to focus a great deal of their attention. Previously, organizations believed that if they could stop attacks at the gates, if you will, they could get away with not having as deep security on each server. The perimeter is completely gone now or at least one perimeter is done. Each server has its own perimeter and needs to be protected. This new structure simply requires a similarly new and innovative security approach. JumpCloud is enabling developers and admins to manage some of their key security issues in a different model. By embedding security into the management of your servers, we believe that it will deliver better results. For example, our user management functionality doesn’t store any credentials on the local filesystem – they are all stored in memory. All logins are reviewed and behavioral anomalies are flagged. All privileged commands are reviewed for security issues or mistakes. JumpCloud doesn’t feel like a traditional, complex security solution, because security is woven into the fabric of management.

What security tools do you see people making the most use of with JumpCloud and what can it outsource to?

We already see our customers integrating JumpCloud with the log aggregation systems and security event management solutions. Effectively, they are taking the telemetry that we generate and including it with other event data that they generate to create more visibility on their infrastructure. We also believe that other complementary tools such as data encryption will be critical components for our customers. Network security based tasks such as reviewing traffic will ultimately be handled differently than they are today as the network is owned by the provider. These fundamental shifts will change how organizations think about security. We also believe that there will be greater focus on detection of compromises and recovery. Cloud and virtualization are making it easier to recover from issues and that path will be one that organizations leverage.

Image: Kirby inhaling (c) Nintendo Co. from http://kirby.wikia.com/wiki/File:KRtDL_Kirby_Inhale.png

If you were to assign a plush animal or even a Pokemon to the “cloud industry”, what would it be?

Haha! I think Kirby denotes “inflated expectations” around the cloud. Although, I’m actually convinced that the cloud and DevOps will deliver on the expectations – I’m just not sure that it will happen in the timeframe that everybody wants!