As KubeCon + CloudNativeCon 2024 approaches, GitLab is preparing to showcase its comprehensive AI-powered DevSecOps platform, offering developers and platform engineers a unified solution for streamlining software development, security, and deployment.
In an exclusive interview with VMblog, Daniel Helfand, a developer advocate at GitLab, shared critical insights into the company's innovative approach to solving modern software development challenges, highlighting emerging trends in cloud-native technologies, AI integration, and developer productivity.
VMblog:
If you were giving a KubeCon attendee a quick overview of the company, what
would you say? How would you describe the company?
Daniel Helfand: GitLab is
the most comprehensive AI-powered DevSecOps platform for software innovation.
Our open-core software development platform enables organizations to increase
developer productivity, improve operational efficiency, reduce security and
compliance risk, and accelerate digital transformation.
The
GitLab platform has the flexibility to work with many of the tools in the Cloud
Native Computing Foundation community. There are built-in features to make it
easier for developers to create continuous integration pipelines, set up
continuous delivery to Kubernetes, enable security scanners for infrastructure
as code and containers, troubleshoot infrastructure with a dashboard focused on
Kubernetes, and much more. GitLab is proud to be part of the cloud-native
community and collaborate with so many incredible organizations and community
members worldwide.
VMblog:
How can attendees of the event find you? What do you have planned at your
booth this year? What type of things will attendees be able to do at your
booth?
Helfand: KubeCon
attendees can find us at Booth #H1. Stop by our booth to ask GitLab team
members questions about GitLab, watch a demo, and learn about opportunities to
contribute to GitLab projects.
We will
have Lego-like sets for the swag seekers to build the GitLab Tanuki
mascot, wireless chargers, and tickets for a raffle to win prizes.
VMblog:
Have you sponsored KubeCon + CloudNativeCon in the past? If so, what is
it about this show that keeps you coming back as a sponsor?
Helfand: This is
GitLab's seventh year sponsoring KubeCon. The event is a great way to engage
with users and customers, stay connected with the cloud native community, learn
more about where the community is headed, and incorporate new ideas into our
products. GitLab also supports several open-source projects within the cloud
native community and uses many of the technologies in our platform.
VMblog:
Do you have any speaking sessions during the event? If so, can you give
us the details?
Helfand: GitLab
team members will be participating in booth talks on the show floor. Matt
Genelin, senior solutions architect at GitLab, will speak at the Google Cloud
booth on Secure, Fast, and Painless GKE Deployments with GitLab.
Some
great talks will also feature GitLab, including "How We Made OpenTelemetry Be Our Fitness Tracker for Your
CI/CD Pipelines!" and "On-Premise and SaaS CI/CD Large-Scale Production
Automation with Argo Services."
VMblog:
What are you personally most interested in seeing or learning at KubeCon +
CloudNativeCon?
Helfand: I am very
interested in the talks around supply chain security and continuous delivery. I
also look forward to hearing updates from open-source communities and user
groups such as Flux and the Kubernetes CLI Special Interest Group (SIG).
VMblog:
What kind of message will an attendee hear from you this year? What will
they take back to help sell their management team and decision makers?
Helfand: KubeCon
attendees will learn how GitLab can help them ship secure software faster with
AI throughout the entire software development lifecycle. Attendees will also
learn how GitLab enables all teams involved in software development to
collaborate via a single platform to shorten cycle times, reduce development
costs, and increase developer productivity.
VMblog:
Can you double click on your company's technologies? And talk about the
types of problems you solve for a KubeCon + CloudNativeCon attendee.
Helfand: GitLab's 2024 Global DevSecOps Report
highlights that only 21% of developers' time is dedicated to writing new code.
The remaining time is consumed by maintenance, understanding existing code, and
administrative tasks. The main challenges GitLab helps developers solve are
being more productive, easily collaborating, and being more proactive in
addressing potential risks. Additionally, the report reveals a common security
barrier, 58% of security-focused respondents struggle to prioritize
vulnerability remediation. By empowering development teams with time and tools,
GitLab can help security teams proactively address vulnerabilities early in the
development process.
For
platform engineers, GitLab offers a unified platform for managing CI/CD,
security, and infrastructure across multiple cloud environments. Its
flexibility and compatibility with existing tools make it adaptable to various
infrastructure setups. GitLab's ongoing integration of AI capabilities will
further enhance its features, providing even more time savings for developers
and engineers throughout the software development lifecycle.
VMblog:
While thinking about your company's solutions, can you give readers a few
examples of how your offerings are unique? What are your
differentiators? What sets you apart from the competition?
Helfand: Built as
a comprehensive DevSecOps platform, GitLab has the end-to-end context of an
organization's entire software development and deployment process. It provides
a unified experience and insights that enable customers to ship secure software
faster. A few of my favorite features include:
- CI/CD Catalog:
The CI/CD Catalog allows developers to treat CI/CD much like any other
piece of software by breaking down pipelines into modular pieces. It
enables development teams to easily discover existing CI/CD processes and
fully reuse an existing CI/CD pipeline or selectively build a pipeline
using existing components (e.g., build, test, and deploy stages) to create
unique pipelines for various teams.
- Root Cause Analysis:
As part of GitLab Duo, the company's suite of AI-powered capabilities,
root cause analysis enables users to debug CI/CD pipeline failures easily.
Instead of digging through endless CI/CD logs, an AI-generated message
helps pinpoint the root cause of a failed job and provides suggestions on
how to remediate.
- Dashboard for
Kubernetes: The dashboard allows developers to
visualize their Kubernetes infrastructure directly from GitLab projects.
The dashboard integrates with Flux CD to help development teams manage
Kubernetes infrastructure in GitLab projects using GitOps workflows. In
the GitLab user interface, users can go from merging changes into their
projects to being able to visualize and troubleshoot any issues with their
deployments.
VMblog:
Where does your company fit within the container, cloud, Kubernetes ecosystem?
Helfand: The
GitLab DevSecOps platform helps simplify building, securing, deploying, and
monitoring services running on Kubernetes. Some of GitLab's key focus areas in
the cloud native ecosystem include:
- Cloud
Agnostic:
GitLab can run on any cloud or on-premise infrastructure. Whether users
need to scale GitLab CI/CD or their GitLab instance, the platform can be
easily scaled using Kubernetes' autoscaling capabilities.
- CI/CD: GitLab's CI/CD
pipelines make it easy for developers to build and push container images
to any registry, including the GitLab image registry associated with
projects within the platform. Security scanners and controls enable users
to detect, manage, and help remediate vulnerabilities in containers and
infrastructure as code.
- Kubernetes
Deployment and Monitoring: GitLab helps simplify deployment and
monitoring of Kubernetes by allowing users to manage code, configuration,
and infrastructure directly in GitLab projects.
VMblog:
Are companies going all in for the cloud? Or do you see a return back to
on-premises? Are there roadblocks in place keeping companies from going
all cloud? And if so, what are they, and how do they address that
challenge?
Helfand: In
GitLab's 2024 Global DevSecOps Report, respondents reported that cloud
computing is a top 5 IT investment priority. The report also revealed a
significant decrease year over year in the number of respondents who said they
are running less than half of their apps in the cloud (68% in 2023 to 43% in
2024).
This data
shows that organizations value moving toward the cloud, but on-premise
workloads will remain a priority. Companies will likely support workloads using
a hybrid cloud approach for the foreseeable future. This approach helps address
concerns around security, compliance, and cost savings.
To help
organizations across industries make the best decision to fit their needs, the
community can continue to share use case stories for the different cloud
strategies - public cloud and hybrid. KubeCon is a great example of how we can
continue to show the benefits of the cloud and support organizations wherever
they are in their journey.
VMblog:
The keynote stage will be covering a number of big topics, but what big changes
or trends does your company see taking shape for 2025?
Helfand: Over the
next year, we will continue to see organizations using or planning to use AI in
the software development lifecycle (SDLC). GitLab's 2024 Global DevSecOps Report shows
that 39% of DevSecOps professionals reported their organization is using or
planning to use AI in software development workflows. The survey also reveals
that DevSecOps professionals are looking for AI to assist with more specific
use cases, such as forecasting productivity numbers and anomalies across the
SDLC, resolving security vulnerabilities, implementing code review suggestions,
and fixing CI/CD pipelines. As use cases around AI become clearer in software
development, we foresee increased adoption of generative AI to help improve
developer productivity.
VMblog:
Is your company sponsoring any type of party or get together during the event
that you'd like to notify attendees about?
Helfand: GitLab,
Google Cloud, and Sysdig will be hosting a party to celebrate the graduation of
the Falco project's graduation
as a CNCF project. The party will be at Keys on Main on November 12th from
6:30-10 pm. Attendees will receive two drink tickets and be able to request
songs and listen to piano music from 7:30-9:30 pm. There will also be a photo
booth with a themed green screen for attendees to take pictures to remember
their experiences at KubeCon. To register for the event, fill out the form on the Sysdig website.
VMblog:
Do you have any advice for attendees of the show?
Helfand: KubeCon
is a great event that brings together incredible community members and
organizations. The best advice I can give is to take advantage of being around
such great minds and ideas. Attend as many talks as possible and have
conversations with all the talented people within the community.
If you
have the time, I recommend creating a trip report so that people within your
organization, school, or community can see the conference through your eyes. I
always enjoy creating these reports because they allow me to reflect on
everything I have learned and help me begin turning ideas into action.
##