a16z Podcast - a16z Podcast: Infrastructure... Is Everything
Episode Date: February 24, 2016Infrastructure. It powers everything from cities to computing, yet is sometimes considered "boring" because it is so invisible to so many of us. But as software continues to eat the world, i...nfrastructure has come to the forefront. And some of the most exciting technology innovations are now happening at the infrastructure level: It's changing everything, observes a16z's newest general partner Martin Casado -- from how new tech is created to how new tech is sold. Casado -- one of the pioneers of "software-defined networking" -- joins this episode of the a16z Podcast with Sonal Chokshi and Michael Copeland to share his journey from Lawrence Livermore National Laboratory to Stanford to Nicira Networks to VMware to a16z. He also discusses the tradeoffs in theoretical v. applied computer "science", including lessons learned as a PhD and technologist who then had to run a startup through hard times. Finally, Casado shares what he thinks are the key vectors and trends in networking, what's coming next, how the "as-a-service"(ification) of infrastructure is creating entirely new patterns of buying tech, and how selling to developers is so different (hint: open source is a lot more important than you might think!).
Transcript
Discussion (0)
Hi everyone, welcome to the A6 and Z podcast. I'm Sonal, and today Michael and I are sitting down with
our newest general partner, Martine Casado, who's going to be covering all things infrastructure,
which sounds like it be a really boring topic, but it's actually a very interesting topic,
especially given his background, which started off at Lawrence Livermore Laboratories and then
went into infrastructure after 9-11. After we briefly cover his background, we talk about other
interesting themes, like the as-a-serviceification of everything, how open-source is actually more
important for reasons that we don't quite realize and why styling to developers is so
different. So at that, let's just get started. Martin, welcome.
Happy to be here. You just said that. You leaned into the mic and you said, happy to be here.
He is happy and he's going to get happier, I can tell you, as this interview goes on.
Or maybe the opposite as we start asking him lots of questions. Martin, you're our new general
partner and you are going to be covering everything infrastructure. The other areas you're also interested
than so focused on to begin with infrastructure and in general enterprise it's funny because
we were just joking about this because infrastructure i think is the sexiest topic on the planet but
i think the majority of the world and i'm rolling my eyes right yeah it's like the most boring
thing and yet it is really interesting has something changed in the evolution of computing
that infrastructure is suddenly sexy even outside of just this room i mean or have you been
hanging around with peter levin too much or kate our friend kate you know i actually think that the
reason that infrastructure doesn't get a lot of billing is because we don't see a lot of it,
right? I mean, like, we focus on consumers, we focus on what we buy and what we use day to
day. But anytime you shine a light on general infrastructure, whether it's IT or not, people
find it super fascinating. So this is going to sound really silly, but I'm going to give you two reasons.
Have you ever seen that TV show really big machines? Yes. I'm not. Yes. I mean, so TV show is
like, these are really big machines, right? And like, mining equipment from, you know, South Africa.
Exactly, right? It's like, it's like, boy, you put my daughter there and she thinks
the most amazing thing ever because, and this is just big pieces of infrastructure.
And the reality is the most amazing engineering and technical marvels go into infrastructure.
We just don't see it.
I mean, another example is I got a book on how to build a modern city.
It's unbelievable.
And this is infrastructure.
And if you look at kind of the shift that's happening in IT in Silicon Valley, of course, in the popular press, you see it from kind of the consumer viewpoint because that's what we think day to day.
But if you want to see where the really magic happens, and a lot of the big technical innovation,
happen to get the infrastructure level.
So I do think it's very sexy natively.
Did you always have a love affair with the infrastructure?
I mean, let's talk a little bit about your background.
Or did you, did you arrive at it later?
Yeah, exactly.
I mean, I doubt you woke up when you were like six years old and said,
I want to do infrastructure.
Yeah.
Actually, you know, I took a...
You did, no way.
No, no.
I mean, sort of.
Actually, I took a very crooked path in general to computer science and to infrastructure.
Actually, I'm kind of a failed microbiologist and then a failed physicist.
Well, I heard that you dabbled in microbiophysics, astronomy, and I was thinking, who dabbles in those things?
Is that so funny? Yeah. So actually, I did, actually, I started astronomy. I was at the local university, Northern Arizona University. I was taking classes, and I was doing research there.
The interesting thing is I'd spend tons of time in this lab, like, you know, and like, basically we'd have to, like, check how bacteria were growing every two hours, and I'd spend all this time in the lab.
And I'd spend all this time in the lab. And I actually didn't have a big background in computer. I was more of a math guy, and I just spent all of this time on the computer.
And so from then I said, okay, I was probably 20 at the time.
I decided to take computer science courses.
And because I had a physics background, I did mostly physics.
So I did kind of physics computation.
So my first job out of undergraduate was at Lawrence Livermore, which I was doing like massive physics simulation.
So at the time, I was in applied computer science in physics and not in infrastructure.
But I was there actually in the nuclear weapons program.
I was going to say, can you tell us what you were modeling or what physics you were going after?
So I was in the weapons program.
So I was doing like large simulations.
of all sorts of things that relates to the weapons program at the time.
And I was doing that through 2001 when 9-11 happened.
I was actually at Livermore when 9-11 happened.
And then like that moment, the entire temperament of the country changed, which is, if you think about the weapons program, it's kind of an anachronism.
It's kind of like this holdover from like the Cold War.
That's exactly right.
I mean, like, listen, it's a very different type of threat than what.
was now perceived as the modern threat.
And so the whole posture of the nation
moved away from this kind of anachronism to the intelligence.
And so I was in this position where I had my clearances
and I worked in a computation environment.
And by the way, the reason I ended up going to Stanford
is, I'm like, listen, I'm going into intelligence.
I don't understand networking.
So I started taking networking courses at Stanford.
I just have to back up because that makes no sense to me,
you know, modeling or simulating nuclear weapons programs
to intelligence.
How does one lead to the next?
aside from your clearance.
Here's my favorite thing about computer science.
And I'll always love computer science.
And this is going to sound like an aside,
but I'll bring it back to what you said.
So here's what it is.
Let's say that I write a program
and it solves grand unified field theory
and I've solved everything that's just all about physics.
Physics would disappear as a discipline.
I would have solved it.
You know what I would say?
I'd say that's one more application.
I'd go after biology.
And so in many ways,
I think that's so powerful about computer science
and so powerful that software,
you can apply it to so many different things.
And I've always been a guy about fundamentals.
So I was really interested in the fundamentals of computer science.
There's two mindsets with how people approach this whole topic of computer science as a new literacy.
One is that it's a language and you have to learn it just like English and mathematics and anything else.
And another is that it is a tool for solving problems that can be applied in any particular way.
And I think that's interesting because that leads to people thinking about it more as a means to an end versus the end in and of itself.
I mean, it's like you can apply that mindset to anything in life.
Yeah.
So I've always been exceptionally applied when.
when it comes to computer science.
Like, I've never thought of it as actual science.
I mean, we say computer science.
I've always thought of it as an engineering discipline.
And the goal has always been to solve a real world problem.
So let's back up.
You were working on intelligence.
You realize that, wait, I don't understand the fundamentals of networks and or maybe there's
a better way to do this.
The intelligence community is a lot about how people communicate, what they're communicating
the data, understanding how network infrastructure structures are, how do you break into systems,
how to use secure systems.
And so much of that is the network, right?
Systems are connected to the network.
And if you're going to break into something remotely,
you have to understand the network.
What was it and what made you realize
that you could head in a different direction?
Yeah, so I think the work in the last 10 years,
like as I'm giving this podcast,
the last 10 years have been trying to reimagine
the network with software.
And all of that was rooted in this experience
in the intelligence community.
Yeah, tell us more about that because I think
it's actually hard to even go back to it.
And you're right, people take a lot of stuff for granted.
Right, because it's different now.
And by the way, most people don't even see it, though.
Right, if it's visible.
Probably the first big aha was the following, which is if you're the government, you have deep pockets.
And you're going against some pretty intimidating adversaries, nation states, who also have deep pockets.
Normally, market forces doesn't create things that you can use.
So let's say I want to build a real secure infrastructure.
Well, on the compute side, you could buy computers, and then you could program them,
for what you needed to
for this very different environment,
this very different threat environment.
There's ways to do that.
And so the intelligence community would do this.
They would modify operating systems.
For example, SC Linux came out of this time.
But when it came to networking, it was very different.
So in networking, basically, whatever you bought, that's what you got.
And by bot, you mean...
With computers, you buy hardware,
but then there's a programming model
so that you can write software on top of that.
So you could, for example, buy a server,
get Linux and program Linux. But when it came to networking, you basically, you'd buy the hardware,
it would come with software that was already written by the vendor, and there was no model at all
for you to evolve it. One of my jobs was to look around and to determine whether different
networks and environments were secure, and how could you make them more secure? Many of the problems
came down to the networking piece. And to answer the question, how do you make it more secure?
The answer was like, well, with the current technology, you kind of can't. So it started this
just very simple thought in my head. It's like, you know, on the on the compute side, I can take it and I can program it to do whatever I want. But when it comes to networking, I can't. And this was the seed of what, you know, became SDN and all the work that we did. And so by SDN, you mean software defined networking. Sorry, software defined networking. And so define networking. Well, at this point, I think the terms become so deluded as to be meaningless. So if you hear the term software defined networking now, it's now the byproduct of a bunch of marketing departments that will apply it to everything, right? And so even I don't know what it means anymore.
But at the time, it meant something very simple.
So when I did this work at Stanford for my PhD, we just said the following.
A, there's no programming model for networking.
It just doesn't exist.
And so there's kind of two things that you want to do to get one.
One of them is you want to make the networking hardware sufficiently general purpose so that you have like an instruction set.
You have like the X86 for networking so that you can program a single switch.
The second thing is because most networking problems don't deal with just one switch.
They deals with networks of switches.
They deal with networks of things, is you want to have a discipline or a way of programming, a collection of these things that you can show some stronger properties than you could before.
So we kind of said two things.
You said, one, make an individual switch more general and programmable.
And two, let's focus on a programming model that would go across them so you can do things like security, things like mobility, things like operational simplicity.
It reminds me of what happened earlier a couple of generation ago in the field of robotics, where people use.
to hardcode everything into the actual robot, and then they had this realization where
you can actually make the hardware itself more generic, to your point, sort of using just as an
analogy, and then use a software to manipulate everything together.
That's fantastic.
I think there's a bunch of analogies.
That's a great one.
So I think the classic analogy is back in the 70s, you bought a mainframe, the mainframe had
everything in it, you know, and that's what you got.
And then the PC revolution came where you decoupled the operating system.
You could write your own operating system like Linus did.
The robotics one is fantastic.
If you go 20 years ago, if you wanted to make a robot, like, you had to have a machine shop.
And today you can get a 3D printer.
And to get the components way back when, like to get a sensor would cost tons of money.
And today, because of the advent of the iPhone, you know, I mean, these things are pennies on the dollar.
So it's the ability to make your own components and then the components become very cost effective.
The exact same thing is happening in networking.
So before, to get a router, you know, you'd pony up $100,000 bucks.
And, like, basically, you couldn't modify it.
Today, I mean, you can get 48 ports of 10 gigs for $2,000, and you can run your own software on it.
So we're seeing the exact same type of renaissance happening.
Generations of companies that were hugely valuable, Cisco being the most obvious, but, you know, companies that made switches that were, you know, just billions upon billions of dollars in sales.
And that all went away, I don't know if it's thanks to you, but because the switch became generic and that whole layer of gear became generic.
Well, I think we're seeing this playing out in real time.
I mean, you know, there's been some very active competition, you know, at the hardware level right now.
But we've seen, like, a big change in, you know, the value these physical switch vendors will talk about providing the way that they market and even the way that they sell because of this effort.
And so I don't think we've seen the end.
And I don't think we really understand the broad impact.
But I do think that we understand that it's massive.
It's changing the conversation with customers.
It's changing buying patterns.
It's changing how we think of the technology.
And indeed, it's changing how we create the technology.
And if you went back 10 years when this all started, it's a different planet.
So where is the significance of the company that you co-founded with Nick McKeown and Scott Shanker?
It was a three of you guys.
And it was NICRA.
And it was acquired by VMware, which is where you just came from.
That's right.
What was the significance of NOSRA?
So SDN, you can think of as a high-level architecture.
It's not a product.
It's not something that you create and give to somebody.
It's an architecture.
And in many ways, it's a way to think about things, right?
And networking scientists, by the way, really love architecture.
I mean, it's what your job is, but it's really funny because every time I talk to a networking scientist, they have like a new way.
It's about the architecture.
Blank, blank, blank architecture.
I've defined a new architecture.
Anyway, but it's just, you know, I happen to know a lot of networking people.
It's so true.
Like, they're obsessed about the ways of thinking of things.
Right.
But you're saying it's just an architecture.
Well, yeah, yeah.
So it's just like, you know, programming isn't a thing.
You know, programming is a way to think about creating things.
So SDN is, yeah, it's an architecture.
It's a high level thing.
So there was two kind of ahas that we went through.
So we knew that SDN provided a nice way to think about things, but we wanted to apply it to solve a real problem.
So people could actually do something with it.
That's right. That's right. To actually create a product have some real impact and look back and say, you know, the world is different because of this specific thing that we did.
And so there were two trends that we took advantage of. And they kind of just helped describe what we did.
So the first one is if you looked at megadetac centers, you know, the Googles, the Amazon, the Facebooks, they were building networks very different than anybody else.
And so if you look at what they did,
they're building very, very simple physical networks,
and they're removing things that we typically put in networks,
like security and load balancing,
and a lot of the operations in management, fault isolation.
Instead of having that in the hardware,
they're removing it to the edge and doing it in software.
This is a massively big difference.
So now they can just buy any simple switch that they want,
configure it very, very simply.
And then at the application, they were evolving it to have all this functionality.
So that's to be an SDN-level shift.
So that was the first thing we noticed.
And these were by far, by far, the most efficient data centers on the planet run by, you know, I would consider some of the most technically savvy people.
And nobody sold them that architecture.
Like they, I mean, they basically looked at the problem and said this is the best way to solve it.
And at the time, and still to this day, it was like their secret.
Like that's what differentiated them from everyone.
Exactly.
Yeah.
So, I mean, I consider Google and Amazon to be pretty much the leaders.
And, you know, this is 10 years ago that they were doing this stuff.
And they'd really realize that you could just build very simple physical networks and put everything in software at the edge.
So that was the first big vector that we're looking at.
I'm like, wow, you know, the rule's going to change once this gets out everywhere.
The second one was compute virtualization.
So at the time, computer virtualization was really, I mean, it was somewhat mature, but it was still in this hypergrowth phase.
I mean, like, you know, VMware went public around this time.
And the interesting thing about compute virtualization is for every virtual machine, there's a virtual.
port, which is a network port, and these are running on servers at the edge.
And I remember once looking at, I'm like, you know what, within a couple of years,
VMware is going to have more virtual ports than Cisco has physical ports, which totally
blew my mind, right?
That's right, because you're like, listen, these things are on the server in software.
The most rad data centers on the planet have taken the application in software and changed
them to consume these things.
And the majority of workloads are going to be on virtualization, and they're going to
have software ports.
So what we thought to do at Nassira is to take virtualization, build out networking functionality in software so that any enterprise, not just the Googles and Amazon's, could take advantage of this architecture.
The only reason that Googles and Amazon's can do what they did is because they own the application.
They could rewrite the application.
But for Citibank or J.P. Morgan Chase that has tens of thousands of applications written by third parties, written by Microsoft, written by whoever, we could provide that software layer.
that allows them to run very simple physical switches
and move everything in software.
So it was a really alignment of two massive, massive vectors
we took advantage of.
It's an amazing shift,
and then you were acquired by VMware.
When we launched the company,
actually went public with the company,
not like public as in the stock market,
but we actually came out of stealth.
We had AT&T, NTT, eBay, Rack space, and Fidelity.
So like five of the largest companies.
So was your thesis true?
I mean, did they get that immediately that,
Hey, the world's headed this way and we'll actually pay you to help us get there?
You know, I am still to this day so surprised by not only how quickly they got it, but how fundamentally they understood it.
Some of the people that I was working with then, Toby Ford, J.C. Martin, Eric Carlin, I think now looking in retrospect, we're such visionaries in understanding this change.
This is a huge risk.
Oh, yeah.
I agree. In fact, in some ways, arguably even more.
so because it's a lot tougher for someone inside a captive system who already has a point
of view on how to do things to embrace something new and different than for someone who's creating
something new. Yeah, exactly. Yeah. So acquiring a technology they didn't build and when the rest of
the world didn't get it. Because again, this is a time nobody said SDN. Right. From a vendor, no one
had heard of. I mean, it didn't rhyme with IBM or anything. No, it's exactly right. Yeah. No, right.
No, the term SDN, like, either hadn't been coined or like, you know, wasn't around very long. And, I mean,
these people really did see it, understand it, consume it. And many of them, I think most of them, or all of them, are still large customers. And so we did that. We started getting very good traction. And then in 2012, we got acquired by VMware.
An interesting little anecdote is that during, because of that, VMware was actually in Gartner's famous quadrant noted as a visionary in networking.
Well, so I mean, yeah, there's many remarkable things about that. Number one, this is a hardware quadrant. It's the only peer-place side.
software company ever.
How does security play into all of this?
I mean, I know we hear about security in a very different way now than we ever did even
two years ago.
Yeah.
But networking at the security level, are they the exact same thing?
I mean, I almost feels like, can you even separate those two topics anymore?
Yeah, that's an exceptional, exceptional question.
So, so the simple, so one of the simple answers is, is networks have to touch everything
and security has to touch everything, right?
And so just as you could put networking in the hypervisor and touch every single workload,
you could put security there and have security services.
And many security services operate at the network level, which is basically who can or cannot talk to who.
Traditionally, security has been done on the perimeter of data centers, right?
So the 80% of the security spend is at the perimeter of a data center, even though a minority of the traffic actually ever leaves the data center,
which means if you get beyond that, like when I worked, you know, in the,
intelligence agencies, if you get beyond the perimeter, you have unfettered access to all the
data and all the compute. So I'm going to tell one quick anecdote. So, okay, as the time of this
recording, I'm 39 years old. When I got turned 37 on my birthday, my sister sent me an email.
And it was a great email. I was like, you know, happy birthday brother. I'm so happy you're my
brother. There was pictures of us when we were kids.
Ooh, sounds like a spearfishing attack. Yeah. I'm getting there.
You know, but, you know, it was pictures of us. And then she said, you know, I'm very happy to
have hung out with you last week. We did hang out last week and, you know, you know, click on
this thing for my birthday. It was awesome. And like, my first thought was, was, was not your thought.
My first thought was like, that's so sweet. My sister's never remembered my birthday before.
That's the be your first sign that you're about to be spirificent out.
I know. She decides to write me this very sweet note. Nothing like ego and vanity, but I'm like,
this is just so sweet. Seriously. Like, I've been waiting for this, you know, moment all my life.
I'm like, sister to recognize that I'm getting older.
And, yeah, no, but for the reason, you know, but then I'm like, okay, this is, this is a little,
this is a little strange, even though there is pictures of, of us when we're kids or so far.
And, like, and so I looked at the mailheaders, and of course, it had come from Russia.
But listen, if my sister was not forgetful, like, you might have been fooled into thinking
that was real.
And I wasn't, like, a semi-technical dude, right?
Like, if either of those two things weren't, weren't true.
Like, I was wondering what your sister was doing in Russia, so.
I would have clicked on the link.
I'm telling you.
But the reason I say this is at the time that that email came in and I was reading it,
I was actually logged in behind the firewall in the data center.
I was, like, at work.
And so if I would have been infected, that would have been infected behind the data center.
And like so many of the attacks that happened recently, that would have been game over.
Pretty much whoever would have gotten in would have gotten behind the data center.
So, you know, I just testified in front of Congress.
two weeks ago on exactly this problem, which is you need to push security all the way into
the data center.
So no longer just securing the perimeter.
Not just the perimeter.
And you need to do it in the way that's, you know, reasonably secure from a computer stance
standpoint.
And, you know, this SDN type approach, I believe, provides viable underpinnings for doing that.
Isn't going deeper into the data center for security actually inviting more vulnerabilities?
It depends on how you do things.
So the first one is I wouldn't have.
get rid of the perimeter. The perimeter is great. So the job of the perimeter is to keep
every sociopath from the planet outside of your data center. Right. But it may or may not be
effective. So you still want to keep the perimeter there, right? It's like, um, it's on either or
thing. I get that. That's exactly right. So, so you want to add things to the data center also. So,
so, so it's purely additive in that sense. Um, but you don't want to add it at like an application
level. You don't want to like change the application. And you do want to have application security,
but that isn't sufficient because once an application is attacked, then that's like putting like an
on-off switch on the outside of a house or something right, that for.
an alarm system. So once the applications attack, you could just turn that off.
So you want to have an infrastructure level that is outside of the hands of the attacker.
That's a different attack surface that provides ubiquitous security within the data center.
I mean, that's the idea.
In some sort of medieval castle model, you know, there's multiple walls, right?
But do you just keep building walls?
No, no. So I love this analogy.
How did we, like, build cities in the 1300s?
We built these really big walls and these moats and then basically hoped that nobody came over them.
Right.
But then, like, you know, in the modern day of, like, airplanes and, you know, whatever, like, those turned into imaginal lines.
If you, you know, like, you know, World War II, right?
You know, you just kind of fly over them.
You parachute down.
So you basically need to put a century at every house, right?
Right. By the way, this is not, this is not any company or product-specific thing.
This is a general attitude.
A mindset, right?
And a mindset that I've, yeah, about security that's being adopted kind of broadly right now.
And you see many, many companies going down this approach.
But we do have to change security.
And to me, the best way to articulate the objective is the following.
I believe the best security follows something called the principle of least privilege.
What is the principle of least privilege?
I think I was raised like that.
The principle of least privilege is the following.
You can get access to exactly what you need to get the job done and nothing more.
So normally, so let's take the case.
You're talking about permissioning, kind of like almost like permission levels.
Well, I'm just saying that I will only give you access to exactly what you need to get the job done and nothing more.
So in the case of the data center, if I'm a server, I should really only have to talk to other servers that I need to talk to and nothing else.
But the reality is, is, you know, if I'm able to compromise a server, I can talk to anything that I want.
And so we need to move infrastructure to this principle of least privilege so that, for example, if I do compromise a server, I'm limited to only the things that that server can talk.
And so that's, for me, the right mental mind frame from an infrastructure perspective to build more secure systems.
But the reality is that because of things like virtualization and everything else, applications are not neatly contained in like this linear way.
Like there's a single server set up for a single application.
That model has gone away.
So how do you then get from the principle of least privilege to match the reality of how applications are built today?
This is a brilliant question.
It's a brilliant question.
So like the way that I think, no, seriously.
So the way that I think of it is the following, which is the application has evolved into a network.
I really believe that.
So an application used to be like, I'm running Pac-Man.
but that's no longer the case.
Now, like, think about, like,
think about, like, one query to Google, man.
Like, you're literally touching hundreds of compute nodes,
you know, databases, load balancers, firewalls,
all of these things are touched in order to get that one request done.
And as a result, you need to evolve infrastructure
from a point solution like a firewall
to something that underlies every one of those components.
So have that, have the security infrastructure model adapt to how applications
are actually built today versus trying to do.
take on this thing that would be impossible to change, which is how to design how applications
are built. Yeah, that's right. So I think, so the application has moved from a single instance
to a network of things. It's kind of tightly coupled network of things, or even loosely
coupled network of things. You want the infrastructure to have enforcement points that can
wrap around all of those. So you can treat the entire thing as a whole and secure the entire
thing as a whole, no matter how distributed it is. I mean, infrastructure is a service discipline,
right? You know, like we build sidewalks and buildings.
And cities. I mean, that's what we do. So, so, but we wanted to adapt to the populace is the
populace. It's a great analogy. Our populace is the application. So the application has
moved to this distributed thing in data centers. Now we need to evolve the infrastructure to have
the same type of kind of flexibility and so forth to be able to map to that. And though that is
why you're seeing this massive renaissance, I believe, in infrastructure is because we're at a
dead run to keep pace with the application guys. The whole, I mean, I think it is important to take
a step back. And I should talk about how computing has changed so much.
Things that we take for granted.
I mean, we have way more data than ever before.
It's real time and faster than ever before.
Talk about what's coming next.
Like, what do you think is how things are changing?
Like, one thing that fascinates me is microservices architecture.
That is, of course, the question.
And I actually think the major vectors aren't necessarily technical in the way we like to think.
So I think it's cool.
And listening, I mean, like, you know, being a CTO for a long time and having a technical background,
I love to think about, like, all the cool new stuff.
that's happening. But if I look at what are the major shifts in the industry, it's not super
technical in as much as the following. We're seeing this massive shift. And then I asked me,
what is this shift? Well, it seems to me that we're seeing a couple of trends. Number one, app
developers are starting to consume infrastructure as pieces of software. That's not really a technical
thing as much as a shift in responsibility away from something that used to be operated by one guy
to becoming basically an object in a program created by another guy, right?
Like Amazon, for example, or Google or whomever.
Yeah, exactly.
So these guys are actually, so the developers are starting to become those that, like,
create infrastructure and they're becoming part of programs.
That's a massive shift to the industry.
For example, vendors, right?
Vendors are used to selling to IT people, and now...
They sell to everyone.
Now they have to sell to everyone.
And now the buyer is different.
And developers are very different than IT folks, right?
Developers love open source.
They love as a service.
They've got a different aesthetic.
They've got a different way of thinking about the world.
And so if you're used to like, I mean, the traditional IT sales model is like sales guy, huge expense account, briefcase.
And so we're seeing this massive shift, you know, towards the developer.
We're seeing, and as part of that, you know, open source becomes very important.
Why does open source become so important?
Because as part of their aesthetic, right?
They like to maintain things.
They like to understand what they're developing.
So I think that's one of the big, like a huge shifts.
another huge shift is very similar
as a service.
Shipping software is so hard
because you give the software to them
and then you can have all these versions out there
and then you have to maintain
then you have to update that
and if there's a problem
you have to go on site to find that.
Doing it as a service
it's so much easier
because it's localized, right?
Which is why infrastructure services
is taking off so much.
So, I mean, like these different ways
of delivering software,
these different ways,
you know, the different buying centers,
I think this is kind of
where a lot of this change is happening.
And so, like, I'm really, you know, like, you know, having been at VMware for almost four
years and being across thousands of customers, I mean, it's just so apparent that this shift
is happening.
Yeah, I think actually, I'm really glad you pointed that out because we have a tendency to get
so caught up in the technological aspects of things that we forget the business model
and organizational structural implications of things like software as a service, how it reshapes
companies, buying processes, sales, everything around it.
And I also think it's really interesting.
You focused on something we're really interested in,
which is talking about selling to developers as a new class of sales.
What are some of the other things about selling to developers you've noticed?
Well, I mean, it's just everything about it is different.
Like, marketing is different, right?
It's no longer about, you know, like a marketing campaign where you go out there
and you bring a bunch of customers in and you give them a class or so,
things like actually having open source out there that developers are going to use on their own when they're at home.
Oh, there's a way to demo and test and buy, it's part of the buying process?
Yeah, oh, absolutely.
It's part of sourcing.
So open source becomes very viable marketing because you're like...
Open source is marketing.
I never even thought of it that way.
No, but it totally is, right?
I mean, it's, I mean, think about how many companies have been created out of successful open source projects.
Right. Yeah, it's a trap before you buy it, yeah.
Yeah, before you're willing to pay for something.
But also does, yeah, yeah.
I mean, it basically creates your early customer base, your, or, you know,
It does all of the sourcing for you, but it also gives you the credibility.
Like a traditional IT sale, briefcase, walk in, talk to the IT buyer, do some ROI calculations, have a nice dinner, a great bottle of wine.
You know, you try and figure it out.
You get a deal done.
Talking to the developer, I mean, they have to understand the technology, right?
This is their livelihood to, like, integrate these in their things.
They have to maintain it all the time.
So generally, if they don't know what you're selling a developer, they haven't used it before, they don't understand the implications.
It's hard.
But if you wrap it around an existing open source project, they'll have seen it already.
No, I think that's so fascinating because what you said about how many companies, what you guys are saying about how many companies have been built on open source, what you're saying is actually more precise because most people have a tendency to conflate an open source project with, oh, it didn't really lead to this company.
Well, what you're really saying is something very nuanced and different about open source as a vector to the buying process.
It's such a different mindset.
And what's interesting about this is there's implications as to what type of.
of company you build as a result. I still believe the entire industry is trying to understand
what it means from a business model perspective. So you kind of solve your sourcing problem with
open source. You know, you can source, I mean, from a marketing sample, you can source, you can get
early customers, you get traction. It solves the insertion problem. What's the insertion
problem specifically? Well, the typical insertion problem is very hard to get inserted. Like if they
don't, if you don't have an existing relationship, if you're not IBM and you don't have IBM account
control, you're not Cisco, you don't have Cisco account control. Actually getting inserted is very, very
hard. Open source often
solves the insertion problem. They're already dealing
with, you know, like the developer is already using
it at home and using it in Amazon and
using it anywhere else. So you're already there.
Or used it at their last job or whatever. That's right.
You're already inserted. You're already there. It's a massive
marketing thing.
But there's implications on the
back end, which is how do you build a viable business around
that? Like Silicon Valley loves
software companies because you get a repeatable product
to market with a really high margin
and high multiples. But if you start
looking around a lot of the open
source business models, it looks a little bit like a PSO company, which is lower margins and harder
to scale. What's the PSO company? Sorry, professional services company. It looks more like, you know,
here's the software is for free, but we're going to give you professional services as part of that
engagement. That's a much more expensive thing to do, right? It's harder to scale from a company
standpoint. And so I believe the entire industry is going through this kind of this, this, this,
this period of inquiry where we all realize that open source is part of the buying process.
if you want to ship software
what does that mean to the business model standpoint
which I think is a fascinating question
now as a service
is really nice because you look like
a software company and you don't have to do a PSO model
so maybe the answer is that most things will become
as a service over time
tell us a little bit about your transformation from PhD
to CTO a lot of our founders
go through that very process
where they've been doing something they're really passionate
about it whether it's through school or they just
immerse themselves in it by just learning
by doing and then to actually
become the leader, like a major leader at the company. Like, was that a big shift for you?
So, so PCA to CTO, it was straightforward. It's becoming a business leader. I'm a GM now, right?
I mean, like I'm a business manager for, you know, nearly a thousand people, six hundred
million dollar run rate business. And that's the transformation that's been more difficult.
Tell us about that. And so, I mean, I think here, I think I was actually basically forged in a
volcano. And let me kind of describe that, which is, uh, that sounds like the ring of
I was kind of looking at it like, I was forged in the fires of Mordor.
Yeah, no, look.
So in Ph.D., which is just, I mean, it's just school, right?
And you're just spending a tremendous amount of time thinking about one thing.
But the problem is while you're doing that, you get very refined on what you think about, right, you know?
And so you go to do a startup company, and again, this was the heady days of 2007 raising money was so easy.
We didn't really know, like we had this idea, but we didn't really exactly know what that looks like.
And then I just got, you know, hit in the face by a change.
saw when the market imploded. So here I had 12 people. I'd convinced them to join. They had
families. They were having kids. And it was my responsibility. And it was a really hard time.
I mean, Sequoia had released their rest in peace, good time slide deck. So many companies were
going out of business. Like every week, another one was going out of business. The unemployment shot
up. It was the worst housing market since the Great Depression. And at that point in time,
I basically had a real, I basically had to go through the realization that everything I
learned in the PhD was a distraction. And I really mean that as a distraction, which is pretty much
every motion, every motion of mind needed to be doing something incremental and doing something
concrete to keep people fed, which is exactly the opposite. So PhD is about, I'm going to do a
Hail Mary. And honestly, maybe three generations ahead of somebody will care. But like, if someone
cares now, it's not novel enough. And then I was stuck in a situation where I felt so deeply
responsible for a set of people. And I knew that every motion had to be something that was
obvious, low risk, and was incremental. And it was that... And that would get you customers, basically.
Get us customers. Get us funding. You know, I mean, it was just such a different shift between
let's do something just so abstract that, you know, finding people to care is hard to, here's how we're
going to stay viable. And so we spent two years at about 12 people. We didn't grow at all. We
stayed very focused. And I mean, so many times I was in the tailspin, so many times it was in
the void, not knowing how we're going to pull it out. But through that experience, I became
exceptionally practical about it. And then I think having the experience of the PhD and on the
technical side just became something that I can use when I need to, but I certainly don't use
it a way to guide my thinking, especially not with building companies. And so now I find that
a much, much more practical and much more focused on the business side just because of that.
In some sense, this is a little bit like a homecoming.
Ben and Mark invested in Nysirah before and Dresen Horst was even formed, I guess.
And so what's it like coming home and why?
Like, you moved out.
Like, why come home again?
How did they make the decision to invest in you?
I mean, you were a student, weren't you at the time?
No, no, we just spun out.
We were still a research group.
You know, what's interesting is the time that they had.
invested in us was during the nuclear winter of 2008, if you guys remember. And so, like,
you know, I kind of popped out of school in the heady days of 2007. The implosion happened
in the end of that year. And then I met Mark and Ben after that. In fact, I met Mark for the first
time in Ning. I sat down with him and, you know, he had that little notepad that he still carries
around today. I didn't know how to dress at the time. I was like this like new PhD kind of naive
guy. And I sat down and I basically said, listen, like, um, uh, networking is going to change.
I can, I can show you all of these things. If you, if you lift, you know, if you look behind
the curtain at Google, or if you look at what's happening with virtualization, it's going to
happen for sure. And he listened, uh, very, very well, took very good notes. But then he said,
listen, you know, we think that, you know, this is interesting. So they invested. This is before the
fund even existed. Honestly, the, the reason to come back to answer your question is, is my excitement
and the reason I'm going into VC is because you want to, you know,
transformation this size comes, you can decide to participate along one particular vector or across it.
And I've decided I want to have a broad participation. I want to help fund the next transformation
that's going to happen and be deeply involved in that. And then the way that I want to do this
is the model that Andrews and Horowitz did, just because I believe so fundamentally in the model,
having been a product of it. Martin, we look forward to work with you more and talking more.
And thanks for joining the A16Z podcast for the first end of many times. Yes, thank you. Welcome.
Thank you, guys. This is great.