Nirmal Mehta - Docker Rules! Lessons about DevOps in the US Government
In this episode of DevOps Radio, we'll hear from Nirmal Mehta, chief technologist in the strategic innovations group at Booz Allen Hamilton. He shares with us how he got started at Booz Allen Hamilton, how to get started with Docker and the importance of adopting DevOps principles.
Andre Pino: You're listening to DevOps Radio, a podcast series that dives into what it takes to successfully develop, deliver and deploy software in today's ever-changing business environment. This show is sponsored by CloudBees, the enterprise Jenkins company and continuous delivery leader. Welcome to DevOps Radio. Today, we're joined by Nirmal Mehta, chief technologist in the strategic innovations group at Booz Allen Hamilton. Welcome, Nirmal. It's great to have you with us today.
Nirmal Mehta: Good to be here.
Nirmal: Thanks for having me.
Andre: So Nirmal, you've had a very distinguished career with Booz Allen Hamilton for over nine years now. Tell our audience, how you got started and how did you get to where you are today?
Nirmal: So when I was 11 years old, I got my first computer. I'm gonna go every year from that point forward. So – just kidding. So I had a – I got my first computer back when I was 11 years old and I started playing around with it. And that was when we – the first Macs started showing up in elementary schools and – I'm of that generation, so – kind of the gap generation where the internet was just coming up and we grew up with the internet in high school and further down. So from a very early age, I've already been playing around with computers and new technology. And I created PowerPoint decks back in the day and animated them. 'Cause that was a thing to do, 'cause you could animate PowerPoints back then really well. And I played around with that stuff. And I had a lot of really positive engineering influences in my life. My father was a electrical engineer, a power electrical engineer. So I went right into electrical engineering in college. Went – grew up in Maryland. Went to University of Maryland. And when I graduated, it was the winter – it was January of 2008. And so 2008 was a very interesting year. I graduated in January. And I got a job at Booz Allen right away through a reference from a friend of mine and started working in network communications and sat com for the Army. My career's changed dramatically since those days. I didn't stick around with sat com very long, but started on a team at Booz Allen that – cloud computing was this new concept. We – Booz Allen was just finishing up some work with NIST to define what cloud computing was. It was a very new concept. And I got put on a small core team under my – one of the VPs now at Booz, Munjeet Singh. And we started from scratch developing all the core capabilities around cloud computing.
Andre: So how does all of that convert into real either practice work or work for government agencies?
Nirmal: Absolutely. So we're really focused on finding clients that are pushing the edge and adopting new technologies. We're not necessarily focused on customers that are trying to do traditional kind of consolidation work or application migration work, but really looking for those clients that are not the – not necessarily the server huggers, but the fence sitters and the mavericks. We were very lucky in 2014 to respond and win a contract for the General Services Administration, the Integrated Award Environment, and I'll be talking about that a little later. But – and they were really pushing the edge so we got a chance to really innovate and push the edge. I mean, we're only as good as the clients that want to do that work. We do, in house, do a lot of new investment type of work and coming up with new ideas. But at the end of the day, we have to have someone to sell that to. So – to grab onto that.
Andre: That's pretty cool. You actually get – are able to take that research that you're doing on new technologies and apply it in a real world way to some of your client work.
Nirmal: Absolutely. And it's only been accelerating over the years. I think –we do still have customers that come to us asking, "What is cloud? How do I get to the cloud," which at this point, I've almost based my whole entire career around and seems like a very old question. But it takes time for enterprise customers and the government to adopt these new technologies and get comfortable with them. So when we really find these clients and customers that go to the same conferences we go to, see these new ideas, and adopt them and really drive those changes through their contracts, we're just making sure that we're ready to respond to that. And we wanna be the first, the best, and the most knowledgeable about the new ways to do application deployment, architecture, cloud, DevOps, you name it.
Andre: Sure. So you mentioned Docker earlier as – leading the relationship with Docker. Tell me more about how that got started and how you really fostered that relationship with Docker. I know you're pretty passionate about Docker _____.
Nirmal: Yeah. Yeah, I am. So as many of you know, Docker was open sourced in March 2013. And it kind of grew exponentially. It's one of the fastest growing open source projects, Jenkins notwithstanding.
Andre: What's been happening with Dockers has been nothing short of amazing.
Nirmal: Exactly. And I think it's gonna be a trend around that kinda adoption. I think they open sourced it right before an inflection point in open sources. I think last year was a huge inflection point in open source overall, and they hit right before that. And that was a crucial moment, I think. So I went to the – one of the best conferences I enjoy going to, the O'Reilly Open Source conference, every year. And in July 2013, I went there and Solomon from Docker did a presentation on Docker, essentially. And I think it might've been the second or third presentation. There wasn’t many people there. It was kind of on the last day of the conferences in the morning, so a lotta people were hung over and not really paying attention. But at that point, it was already starting to grow tremendously in terms of adoption. Lots of other containerization technology and words and language were coming out at the same time. And I saw the demo. And there haven't been many times in my life where I've seen something that you have a gut feeling that you're seeing the future and the future is now, like, "I'm seeing something that's so mind-blowing" and so dramatically changes how you think about things. And that's the feeling. I was sitting there in the audience at 8:30 in the morning or whenever it was, and I was like, "What did I just see? This is one of the most amazing things." Now, I went back to Booz and I told a lotta folks about it. And I said, "There's this new thing called Docker. We need to be on top of it." But the problem is, like a lot of emerging technologies, our customers are not necessarily knocking on our door asking for it immediately. Even the most forward-thinking clients aren't gonna be immediately talking about that. And so we had to kinda sit on it for a while. I didn't have really any kinda hook onto that world yet. But I kept track of it. I educated myself and some other folks around what Docker is, kept track of the community. And then in August 2014, the GSA Integrated Award Environment contract dropped. And there was containerization language, modern application architecture languages. It looked almost like a reflection from some of the Netflix presentations that everyone's seen at every conference. And all those kinda principles plus very strong leadership from the GSA CTO, Sonny Hashmi at that time, kind of a – was a confluence point there, that we knew we had the ability and the knowledge to actually implement all these modern technologies. So we jumped on it, responded to it. And at the same time, we were growing our open source practice over – from 2013 to 2014. So we actually created an open source cloud-brokering project called Project Jellyfish. We established a relationship with Red Hat – a very strong relationship with Red Hat. And actually at this point, it's merged into and kinda combined with an upstream Red Hat community. So we were showing our client a commitment to open source just – beyond just knowing what open source technology is, but actually creating open source software, contributing to open source software, involved in open source communities. And since – at the GSA, one of their tenants was adopting open source technology first. I think that's why we kinda won. I'm not sure to this day why we won, but we're obviously the best choice. And from that, we got to integrate and built a relationship with the Docker folks. And they were a 30, 40 people company at that point. And so we started integrating their technology, getting support before they even had something to _____. And then we were their first customer. So when they had – when Docker trust registry came out, we were the ones to buy it the first, which is a first for all kinds of reasons. 'Cause the government usually isn't the first to buy anything, but…
Andre: You've done a lotta work around Docker. How would you suggest people get started with it?
Nirmal: So Booz Allen, through their partnership with Docker – we understood that there was a gap when we were talking to our customers, where they didn't know the immediate next step on how to even approach Docker – containerizing their application. So we created a new application. It's a SAAS service. It's completely free. It's called CodeLift.IO, where you log in with your GitHub credentials. You pull a repo that you have or an – of an application. It automatically scans your application, figures out what type of app it is – Java, Ruby, Node, whatever it is – and what databases and caches it's connecting to. And it automatically spits out a Docker file and a Compose file that you can get started to deploy your app as a container or multiple containers. So it's – we call it three clicks to Docker or three clicks to containerization. And once you do that, you can automatically adopt the whole entire Docker ecosystem, which includes piping your application through a more efficient Jenkins or CloudBees pipeline or delivering your application to security tools for review and just improving your development test and production environments very quickly.
Andre: Doesn't get much easier than that, does it?
Nirmal: No. And it's pretty slick technology. Check it out. CodeLIft.IO. Completely free.
Andre: And where would they find it? At CodeLift.IO?
Nirmal: CodeLift.IO – C-O-D-E-L-I-F-T.I-O.
Andre: So let's talk DevOps for a moment. We hear all the time on the commercial side of the world that CTOs and chief information officers are being driven to deliver more quickly. Is it a similar thing within the federal government agencies – departments?
Nirmal: Absolutely. Absolutely. So the government space is a – the federal space is a little bit different, where we don’t have the same business incentives that the commercial sector has. It's not necessarily about reducing costs all the time or getting more profit. But it's the same – the incentives can be – there's analogous kind of incentives. So one is there's considerable budget pressure. We have a political situation where budgets are kind of in flux all the time. Mikey Dickerson, at O'Reilly Open Source conference last year, he did a keynote and –
Andre: For our audience, who is Mikey Dickerson?
Nirmal: Mikey Dickerson is the subject matter expert, former Google employee, and site reliability engineer that came – was asked by the White House to come and fix Healthcare.gov. And he was the center point for the creation of what's called the US Digital Services team, which is a combination of that team that helped fix Healthcare.gov plus the concept that the UK government was working on, which is this digital server that – kind of a tiger team that the government could use to inject emerging technologies and new ways of doing IT or whatever into their different agencies. And from there, there's a mandate to create USDS Digital Services teams within each department in the government, right? So Department of Energy's suppose to have one, DOL is supposed to have one, and the GSA has one and that's called 18F. And they took a really interesting spin on that. They made it like a government run startup. So it's located at 1800F, but their space is very much startup-like. And they have – they work on kinda some of the thorny policy and small projects, kind of being mavericks to show and give confidence to the bigger IT projects that they can do that. And they're – and since it's a government run project, it – they can really get – push things through quickly.
Andre: So they're the tip of the arrow?
Nirmal: Yeah, they're the tip of the arrow. And this USDS team kind of goes around all over the government and kind of injects and helps and moves things along. So there's a lotta space there to kind of improve how we deliver IT services. I don’t wanna get too philosophical, but it's part of our democracy, right? So it's your – it's our taxpayer money that’s being wasted. And we have a strong – these agencies and government departments, they have a strong mission to support the citizen or whoever. And as being part of the millennial generation – cough, cough, right? – we're used to just doing everything on the internet and with technology. And that's the next wave of citizens that are gonna be interacting with the government in some capacity. And if they're not keeping up with how to interact with that, then our democracy doesn't really work very well after a certain point.
Andre: People are gonna lose their jobs.
Nirmal: Yeah, and people lose their jobs or opportunities are wasted or you constantly wanna drive better engagement with the government in a civic kind of way. So…
Andre: So related to that, how would you characterize the adoption of DevOps principles amongst the government agencies?
Nirmal: I would say the GSA, and there's some other customers that we support that have been really huge advocates of DevOps. I think DevOps is very well suited for the large IT kind of contracts that the government operates. And if there's strong leadership somewhere in this chain of command at these places, then they can really drive dramatic change and cut through bureaucracy to adopt DevOps principles. So I think it's still at the early – very early days. The conversation is joined together with application, consolidation, monitoirzation, and then going to the cloud. And at Booz Allen, we wrap that into a broader DevOps conversation. Because we think just going to the cloud or just doing an application rationalization is really doing a disserve without the DevOps pieces. 'Cause the culture is really what needs to change. And the agencies and the programs that are getting that and are starting to release contracts that have a lot more DevOps language in it will – you'll see them performing much better and delivering much better value at the end of the day. And so I think that's where that pressure comes from. We'll get there. It's still early days.
Andre: So Nirmal, some of these agencies are huge. How do you, as a consultant, talk to them about starting that change within their departments? Any suggestions that you've learned from interacting with these agencies and helping them in their transformation that you might be able to impart upon our listeners?
Nirmal: Sure. So it's not any different than any other large enterprise. So I'll take a step back. But we do commercial consulting, as well. And you'd think that the commercial sector would be a little bit ahead, but they're both the same. Forward-leaning government organizations and large enterprise commercial contracts are at the same spot. And so the advice is the same. It's a mix of technology adoption and understanding, education, and then also a cultural change within an organization. It's about empowering all the folks on your team to be able to be accountable and also be able to make decisions. That's a huge piece that I think is one of the biggest challenges, is that there seems to be a lack of leadership at times. And so it's about finding the leadership and finding the people that can – are willing to take on the decision making and then creating that wake or that space that allows all the people that are actually doing the devs and the operations to be able to have confidence in making the right decisions to improve the processes overall instead of just protecting their jobs or their roles or their servers or their networks or their IP addresses or whatever. You wanna get – you wanna flip that around and say, "Okay. Everyone's now on the same team." It can get tricky when you're – when you have different contractors or different contracts that support different aspects of your IT infrastructure. So one big thing – I know that the USDS has provided guidance around this, too – is that that should be revised. In the next contract wave, it should all be kind of not separated and segregated as just operations or development team. It should be all kind of one unified thing moving forward. Or they – those certain teams provide services, but they're all like a unified service provider. So that's one place. The other piece of advice is that it doesn't take much to get started. You carve out a little bit of space. If you have a development environment or a test environment, start automating. Start trying to adopt these processes. You don't have to go right to production. If you still need to have gates there or a big approval process, that's fine. But start in your dev environment, if it's on the cloud, or you can move that to the cloud and start automating it and start adopting new tools and get the authorities to do that. You'll start to – your teams will start to understand how to develop the – how to work in those processes. And that’s the grassroots way of doing it. So it's no different than any other organization at the end of the day. Mostly, the biggest change that needs to happen is contracts need to change. And they need to incentivize us, Booz Allen, to drive that cultural change with these – in that organization. If we're not incentivized to do that, if that's not part of our requirements or what we need to deliver, we'll still do it because we think it's the best way to work. But it's better if we were incentivized to do that and change that. So it'll happen over time.
Andre: So switch subjects for just a minute. As you look into your technology crystal ball, what do you see coming down the line?
Nirmal: So not to spill all my secrets, but I think one of the biggest shakers right now is when Amazon web services released Lambda last year. And that was a technology they spent six years creating, in a kinda skunkworks way. And when they released it, this idea of a serverless configuration list, kind of event-driven application system, if you will, is super fascinating. We've been testing it out at Booz Allen for certain things. And it's reduced the cost of maintaining an application or certain pieces of functionality dramatically by orders of magnitude, right? So there was some – ChronJobs or some other services that you just kept running all the time. Amazon Lambda and the serverless kind of way of looking at things is only – you're only spinning up and responding to actual events. So you're only paying for the resources to respond to that exact event. It's a one-for-one re-usage – resource usage, right? And so some services that used to cost maybe $160 a month or $200 a month are now $20 a month or $10 a month.
Andre: 'Cause you don't need the whole server there fulltime.
Nirmal: Exactly. So I think the – so I'll be attending Serverless Conference in New York at the end of the month, which is kind of the beginning of the wave of conferences around this topic. I'm very interested to see what the world outside of Amazon Lambda looks like, where that's gonna go. It's still very early days. At the same time, the concept of a unikernal is kind of not orthogonal, but in parallel with serverless. I think the idea of spinning up services in microsecond and nanosecond timescales and how to orchestrate that and respond to that is super fascinating. It's kind of like we're going very, very large, full circle back to a really old school way of doing computing, but at a scale of the internet. And the idea of just having an application existing only to respond to an event and then it's not there anymore, from a security, from a resource, and other kind of perspective, it's very fascinating. So I'm keeping an eye on that. We're trying new things out in that space. I'm very excited to see where that's gonna go.
Andre: Very interesting.
Andre: So Nirmal, we talked a lot – about a lotta topics today. What else is near and dear to your – to your heart?
Nirmal: So there's many topics that are very near and dear to my heart, but one of them is the education of DevOps principles in university settings. So one of the biggest gaps that we see when we hire folks from – undergraduates is that they have a lot of great programming or development skills, often no operation skill, no system administrations kills at all, and no understanding of how real application deployment processes work. And DevOps is part of _____ – DevOps is continuously teaching and learning and transparency and gathering knowledge. And so a good friend of mine, Tom McGonagle, and myself, we started this thing called UniOps, which is – it's a nonprofit organization focused on integrating DevOps curriculum as an associate's degree in universities in the university space. And I don't know if you – you're familiar with John Willis from Docker. He's like a DevOps historian, essentially, and a guru in my book. And he does this great presentation on the history – why DevOps is happening right now, what was the history of it and where it came form. And he starts all the way from demming, pre-demming the idea of process improvement and manufacturing process improvement and using math and statistics and all that kind of real science to improve how organizations deliver X. And DevOps is basically all those principles that have been around for almost a century, or a little less than a century, and applying 'em to IT. I don't know why it took so long, because IT seems like the most ripe, automatable area for that. But here we are. And so this is a great opportunity to actually integrate that into a college or university environment to train folks around how to – if they're learn – if they wanna learn how to do development or become developers, but also bolt on all of these topics that we've been talking about for almost ten years, which is cloud, infrastructure as a service, platform as a service. It's about these continuous integration, continuous deployment processes. It's about containerization, microservices architectures, things like that, which are wholeheartedly, straight, one-for-one applicable for their roles when they actually come into the workforce. And as a kind of way to address the cultural changes that need to happen within our organization, if you have some young undergraduates that are coming into your organization and they've been trained on these concepts and have some experience working in that environment, they have the energy, the motivation, and the drive to actually change your culture in your organization if you let them. So why not just give them the tools and let that naturally grow out and evolve as they gain experience within the organization?
Andre: Makes perfect sense and seems like a natural thing that should be happening.
Nirmal: Absolutely. Absolutely. And I think there's also a space within the academic area for furthering the theory of DevOps in the sense of we talk about information management in business school. We talk about statistics and probability and how to measure the performance of an organization. Why not be – why not have that as part of DevOps? Why not –
Andre: Why not prepare them for a real world, right?
Nirmal: Not only that, but just the field of – the field of IT needs a little bit more concrete process improvement stuff to hang their hat on. And that – this is a way to potentially do that.
Andre: Sounds great. So we're podcasting today from the CD Summit and Jenkins Days in Boston. And you've got a talk tomorrow. Can you tell us what that's about?
Nirmal: Sure. So the talk I'm doing tomorrow is a adaptation and a – and a slight update to the talk I did to – at DockerCon 2015 last year. And it's around what the GSA Integrative Award Environment Common Services platform is about, what problems we were trying to solve, and how a modern architecture – or how we brought all the modern architectural pieces that are out there now to solve those problems and what really – how we created a DevOps kinda workflow in this project. It's not super complicated. And that's the real message. It's that none of this stuff is really hard from a technology standpoint. Jenkins has been around for a long time. All the other pieces of the puzzle get – all that other stuff has been around for a while. It's just integrating it all together and showing a way to easily do that and – as a starting point. And then also some of the lessons learned adopting Docker in production, being – integrating emerging technology while you're still responsible for meeting service level agreements and things like that, and some often challenges around that. So it's really about giving the audience confidence that their organizations can adopt a very simple workflow to get started, using containerization and Jenkins and some other tools.
Andre: Sounds great. Hopefully you'll inspire some people to get on with it.
Nirmal: Yeah, I hope so. And I just injected some Star Wars stuff into it because this week is Star Wars week. So I have this whole entire spiel about how IT organizations go through the same levels of suffering that Yoda talks about. When the new technology comes – well, you have to come to the session to find out. But traditional IT shops, they react the same way that Yoda talks about, where there's fear and then there's anger and it all leads to suffering. And DevOps is really a way to cut through that. So –
Andre: I can't wait to – can't wait to listen to it tomorrow.
Nirmal: Yeah. So that's kind of what I'll be talking about. And hopefully if I have enough time, I'll do a quick demo. But I've noticed that a lot of the – last year when I did this demo, it was very new, deploying Docker containers with Jenkins in a continuous way. Super new stuff. And now I think there was three training sessions around the same thing. So I might not even demo it, because they're probably already sick of it by now. But just showing that it's not that hard. Just start somewhere.
Andre: That's great. That's great. Nirmal, thanks so much for speaking with us today. It's been wonderful.
Nirmal: Absolutely. It was a real, real pleasure. And I'm excited to see where this podcast goes in the future. And congratulations on getting this started.
Andre: Thank you. Like what you've heard today? Don't miss out on our next episode. Subscribe to DevOps Radio on iTunes or visit our website at CloudBees.com. For more updates on Dev Ops Radio and industry buzz, follow CloudBees on Twitter, Facebook, and LinkedIn.