Archive for February 2010
What, exactly, is a "post-cloud" world?If you've bothered to read the Gluecon site, you've probably picked up on my techno-marketing-babble-jargon. Namely, the word "post-cloud." When I first wrote that, I wasn't sure what I meant, but I knew I was trying to convey what things are like on the other side of this "cloud debate." For the next 12-18 months, every technology conference and their cousin is going to "debate the benefits of the cloud," or talk about "the move to the cloud." I really just want to move past that, as so much of that will just be fluff. That was my motivation in writing "post-cloud," but now I'm starting to think my marketing-speak may actually hold some meaning. Traditionally, the development divide between web app developers and enterprise IT developers has been pretty wide. And over time, the tension in that gap grew until it strained (and maybe has broken). I mean, developing behind a firewall on a relational database for IT apps (or platforms or middleware) that has been put through the "lifecycle" ringer by some rather large system integrator before being signed off on by your CIO has always been pretty different from "we built a web app." But over the last 7-10 years, it turns out that building the web app is now where things get really hard. Scalability, high availability, interoperability -- when done at "internet-scale" these problems take on a meaning that's even *more* mind-bogglingly big than doing it inside of an enterprise (I'm not trying to downgrade the efforts of IT in the enterprise, just making a point). Increasingly, enterprise developers are turning to, or even becoming web app developers because the skills have met; the gap has started to close; in a "post-cloud" word, enterprise developers ARE web app developers (or even more scary: mobile web app developers). So, what is a "post-cloud" world in this light? It's the world where web app development skills and enterprise development skills meet. And you can see it in everyday news, like Twitter making the decision to move to NoSQL-based Cassandra. My business partner, Phil Becker, has a great saying (I'm paraphrasing) that if you want to know where the real money is getting made in software, look for the databases. Twitter now joins Facebook, Digg and others that are moving to what is increasingly the data model of choice for the "post-cloud" world - NoSQL. I don't know if a lot of enterprises are doing it yet, but I guarantee that enterprise guys are investigating, watching, kicking tires (Comcast, for example, uses Riak), and I'm sure that folks at Oracle have taken note. The point is that the interesting thing about the "move to the cloud" isn't about capex vs. opex, or any of the other silly "benefits" talks that you'll hear all over the place. The interesting thing is in the web app developer/enterprise developer skill set converging in a way that we've never seen before. It opens up whole new fields of innovation (ie, both parties can learn a lot from each other). THAT is the "post-cloud" world. And that is why you'll find everything from NoSQL (which is distinctly internet-scale stuff) to SAML (which is about as enterprise as a protocol gets) at Gluecon. Be sure to join us.
Hackathons and Cloud CampsI received a note yesterday asking about the differences between the Hackathon that we're having at Gluecon and the Cloud Camp we're having in conjunction with Gluecon. In my book, clarity is a lifesaver, so I thought I'd be overly clear about this one. The Cloud Camp at Gluecon is taking place on May 25th from 4-8pm on the same site as Gluecon. In fact, if you come to Cloud Camp, you will see us setting up (i.e., booths, banners, etc) for Gluecon. You DO NOT have to be registered for Gluecon to attend Cloud Camp (although, boy, that sure would make me happy), but you do need to register for Cloud Camp (it's free, but limited seating -- only 113 tix remain as of this writing). The flip side is also true: registering for Cloud Camp does not get you into Gluecon -- that's a separate registration (and, ideally, you'll choose to do both, as they offer very different things/benefits). The evening of May 26th (post-evening reception) at Gluecon, we'll be having a Hackathon. You must be a Gluecon attendee to attend the hackathon - and it's important to note that the hackathon and Cloud Camp are *very* different things. Cloud Camp is an unconference (with a semi-structured outline) that focuses on talking about cloud-related issues. The hackathon at gluecon begins at a set time, and goes however long it goes (all night?) with a clear focus on collaborative programming and building whatever it is that people want to build. I hope that helps. Bottom-line: you'd be foolish not to attend BOTH Cloud Camp and Gluecon. And in doing so, you'll open yourself up to a whole range of geeky possibilities. [sidenote: "louie1" still takes 10% off of the gluecon registration -- don't delay, as I may end that at any time for absolutely no reason whatsoever other than my whims. ]
A Note To My Colorado FriendsAs a guy who organizes two tech conferences that take place in Colorado, I'm in a bit of a weird place. I'm part of that "Colorado tech community" via my friends/cohorts/biz partners -- people like Brad Feld, Seth Levine, Andre Durand, Rob Johnson, Josh Fraser, John Minnihan, David Cohen, etc -- but I'm also not part of that community, as I don't get to be absorbed into all of the day to day stuff (by virtue of the fact that I don't physically reside in Colorado). However, I believe that Colorado (Boulder-Denver especially) is one of the best places in the country that you could "get involved" in the internet-software space. I've railed against the "if you're serious you move to Silicon Valley" myth so many times (and called the purveyors of that falsehood more names than I care to remember) that I can't even believe it still ever comes up. And, in some ways, I think this recession has really helped to expose people to the fact that there is so much good entrepreneurial activity happening outside of the valley. I mean, is there any *hotter* (trendy, successful, honest, fun) group of VCs than Union Square Ventures (Twitter, Zynga), Foundry Group (Zynga), Roger Ehrenberg (new fund on Big Data) and Howard Lindozon (Stocktwits)? Nope. Do *any* of them live in Silicon Valley? Nope. Places outside of "the valley" are where it's at right now (much to the dismay of some), and Colorado is leading that charge. Similarly, I often get asked why Glue (or Defrag) isn't located in the Bay Area. My answer is always the same, "don't you think the bay area has enough tech conferences?" The Bay Area really isn't the center of the universe. I know - shocking, right? The second question I always get is "why Colorado?" That answer is a bit more complex, but really it boils down to "because it rocks, that's why." (And it does Bay Area folks good to actually *go* to a conference sometimes.) It is in that spirit that I wanted to reach out specifically to everyone in Colorado in the software, internet, startup space. We're bringing some *amazing* people and sessions to your backyard for Glue, so I'm making my case early: If you live in Colorado, and are interested in software, you need to come. Now, let me explain why: 1. Speakers: Look, there is no shortage of genius in Colorado. But that doesn't mean that mixing that genius with other geographically different genius-types doesn't yield good things. With that in mind (and keeping in mind that the agenda is still a very early draft), let's look at the speakers that are already confirmed -- Doug Crockford (creator of JSON), Joe Shirrey (Azure team, Microsoft), Dwight Merriman (CEO, 10gen), Sunir Shah (Freshbooks), Scott McMullan (Google biz stuff), John Musser (Programmable Web), Clay Loveless (CTO, Mashery), Dave Smith (Basho), Jonathan Ellis (Rackspace), Mike Miller (Cloudant), Emil Eifrem (Neotechnology), Michael Barrett (CISO, PayPal), Chris Hoff (Director of Cloud, Cisco), Laura Merling (Alcatel-Lucent), Ryan Sarver (Director of Platform, Twitter), Jack Moffitt (Collecta), Jeff Lindsay (Webhooks), John Fallows (CTO, Kaazing), Brian Mulloy (Apigee), Jeff Lawson (Twilio), Rick Nucci (CTO, Boomi), Phil Windley (Kynetx), Joe Stump (SimpleGEO), David Recordon (Facebook), Eric Marcoullier (Gnip), Chris Messina (Open Web Advocate, Google), Eve Maler (PayPal) ...and that's the *early* draft. The agenda is probably 30% complete. 2. Topics: What about topics we'll be covering? Webfinger, User-managed Access, Federated Provisioning, Open/Linked Data, Cloud Data Management, Facebook's Open API, Understanding Twitter's APIs, MongoDB, Activity Streams, A6 (cloudaudit), OAuthWRAP, managing multiple APIs, XMPP, webhooks, PubSubHubBub, HTML5 websockets, cloud security, SAML, OpenID, Facebook Connect, NoSQL (Neo4J, Cassandra, Riak, CouchDB), API terms of service, State of the API marketplace, How to build your own computing cloud, AWS, Force.com, Windows Azure, Google App Engine, Web Oriented Architecture, and a ton more that we're still adding. 3. Price: You can register right now for Gluecon for under $475 bucks (just use "louie1" when registering) -- a price that's already cheaper than 80% of the conferences you'd attend in the Bay Area (and absolutely cheaper than any other "cloud" conference - which are running about $1895). Throw in the fact that the conference is in your backyard (ie, no travel expenses) and it becomes an unbeatable Colorado deal. Keep in mind, that price is covering your food, drink, evening reception, wifi - everything -- over 2 days. 4. And let's just say that $472.50 is still out of your price range - then at a minimum you should be registered for the Cloud Camp happening at Gluecon. It's free (and only has 140 tickets remaining, so don't wait), so there's no excuse there. Bottom-line: if you're doing internet-software-startup stuff in Colorado, Gluecon covers every possibility (price, topics, speakers, location). You literally have to work at it to come up with a reason NOT to go if you live in Colorado. I'm saying all of this for a very simple reason: My hope is that the Colorado "presence" at Gluecon is overwhelming this year. Last year, about 70% of our gluecon participants came from outside of Colorado. That just isn't right. So, my Colorado friends, you can stay home, not meet amazing people, not participate in hackathons, not get involved in a new project, not increase your knowledge and help your career, and wonder why it is that Silicon Valley gets to have all of the fun, OR you can realize that the Valley doesn't get to have all of the fun, and do something about it by participating in Gluecon. I really hope you'll choose the latter, because we're gonna have a blast.
Rhyming HistoryI must be getting old (er). In my pursuit to have even a beginner's grasp of what's going on around this cloud stuff this year, I've joined about 300 "groups" (what us old guys used to call "mailing lists"). One of those groups is the A6 working group -- spearheaded by Gluecon keynoter Chris Hoff. Hoff just pointed out that there's now a group forming in the UK that consists of 24 vendor types that's seeking to provide the Common Assurance Metric (CAM). This "CAM" sounds an awful lot like the things already being worked on by groups like A6 and the Cloud Security Alliance, and Hoff is reaching out to them in hopes that we don't end up with multiple groups re-inventing the wheel. Unfortunately, if history is our guide, the prospects aren't bright. Take, for instance, identity protocols (something I've had a front row seat to) -- things like SAML, IDFF, OpenID, etc. Back in 2007, I did a quick "history" of identity protocols -- you'll notice when you read it that I could've just as easily written it in 2009. Yea, not good. Bottom-line: the dominant "enterprise" identity protocol is SAML. But even SAML 1.0 only came about only because a research analyst publicly browbeat the vendors into bringing together four or five competing yet similar efforts. And even once SAML existed, a whole boatload of companies still formed the Liberty Alliance. And then IBM and Microsoft went off and did the WS-* complex. And because we *still* didn't have what we needed for identity protocols, OpenID happened. But wait - that wasn't enough either, so we had to give birth to Facebook Connect. And then, because it isn't all about authentication, we had to come up with OAuth. Whoops - almost forgot, OAuth is now being expanded to OAuthWRAP. Timeline of that paragraph: 8 YEARS. The good news is that none of that dithering stopped the identity "industry" from selling an awful lot of identity management software to enterprises. From SAML 1.0 to present day we still haven't really solved "internet identity for the masses" - but, you know, we feel like we're getting warmed up and starting to get our feet underneath us. I fully believe that groups like the Cloud Security Alliance and A6 working group are completely necessary for the "cloud industry" to mature. But that doesn't make me optimistic that we'll get through this whole process without it getting very messy. How do you sort it all out? Insert "you should come to gluecon" pitch here.
APIs, TOS, and building a hooked webLet me throw some things against the wall and see if anything sticks. This week I confirmed Chris Messina (of OAuth, and now Activity Streams fame) and Jeff Lindsay (who gave an awesome talk on Webhooks last year) to speak at Gluecon. Simultaneously, I've been reading blog posts like this -- where the punch-line is:
"Jump to the future when all of your favorite sites implement programmable hooks. The pipedream, holy grail, end result is that you no longer even need Twitter, because it’s become a protocol. Just like blogs happily send pingbacks, you can install a Twitter-speaking, open sourced package on a Slicehost account that is your own personal Twitter...It’s a decentralized, pluggable architecture, and it integrates with any site using web hooks. At your service."Further, we're starting to see news around Twitter and OAuth Delegation. Add it all up and what do you get? The power lies in the API. Or maybe, more pointedly, in the terms of service that large players choose to impose on their API. LinkedIn is famous in some circles (no names) for not playing so nice with their API. According to their terms, you can't store anything other than a profile or ID --which is to say you can't store the most powerful/useful thing about LinkedIn -- the connections. Beyond that, their TOS says that you can't use their API and "compete" (though it never defines what that is). And, to put the icing on top, they gain the right to "audit" you if you use their API. Are these things reasonable? Do they compare unfavorably with Facebook, Twitter, etc? I don't know. But it's a conversation worth having. You see, the goal of "the cloud" isn't simply putting all of your stuff into some stored space for access. It's connecting your "stuff" -- your apps, data, networks, etc. The how, if, why, when and where of that connecting (you could call it, for lack of a better word, "glue") is wholly dependent on the terms of service around APIs. Here's what I'm not suggesting: I'm not suggesting that companies don't have to right to limit how you use their API (of course they do). I'm also not suggesting we build a "standard TOS for APIs" (although I have little doubt that some working group in some association somewhere is talking about just that). I am suggesting that it's time to start digging into what all of this means for actually building things. So while guys like Chris and Jeff are out building the guts of how to do callbacks and streams and whatever else, we also need to be thinking through what "terms of service" really means in a "post-cloud" world. And we're gonna do that at Gluecon.