Fargot Password? / Help


The NoSQL Sessions at Gluecon

I was emailing with Brad this morning about some of the NoSQL stuff that we're doing at Gluecon, and it made me think that a quick blog update might be useful. I currently have five sessions "on the board" around NoSQL: 1. An Overview session ("NoSQL - channeling the data explosion") given by Dwight Merriman. 2. A session that digs into specific examples of NoSQL (Riak, Hbase, CouchDB, Neo4j). 3. A session that provides a deep technical dive into MongoDB. 4. A session that provides a deep dive into Cassandra (which Twitter just announced they're adopting). 5. A session that talks about the "Apache Cloud Stack" (Hadoop, Hbase, Zookeeper, etc). (note: not all of these sessions are listed yet, so if you don't see them online - fear not.) In addition, I'm looking at adding another 1-2 sessions that provide hands-on examples of how to build things out in NoSQL land (ie, examining metrics around horizontal scalability, etc). So, while Gluecon isn't soley devoted to NoSQL, it is clearly one of the main themes (hat tip to Ross Bates for urging me to dig into this one). If you're building anything that requires horizontal scalability (internet scale), you owe it to yourself to get up to speed on NoSQL (and quick). And we're gonna help you do that at Gluecon (in addition to digging into identity protocols, linked data, APIs, cloud security and architecture, and so much more). I hope you'll join us.

What, exactly, is a "post-cloud" world?

If you've bothered to read the Gluecon site, you've probably picked up on my techno-marketing-babble-jargon. Namely, the word "post-cloud." When I first wrote that, I wasn't sure what I meant, but I knew I was trying to convey what things are like on the other side of this "cloud debate." For the next 12-18 months, every technology conference and their cousin is going to "debate the benefits of the cloud," or talk about "the move to the cloud." I really just want to move past that, as so much of that will just be fluff. That was my motivation in writing "post-cloud," but now I'm starting to think my marketing-speak may actually hold some meaning. Traditionally, the development divide between web app developers and enterprise IT developers has been pretty wide. And over time, the tension in that gap grew until it strained (and maybe has broken). I mean, developing behind a firewall on a relational database for IT apps (or platforms or middleware) that has been put through the "lifecycle" ringer by some rather large system integrator before being signed off on by your CIO has always been pretty different from "we built a web app." But over the last 7-10 years, it turns out that building the web app is now where things get really hard. Scalability, high availability, interoperability -- when done at "internet-scale" these problems take on a meaning that's even *more* mind-bogglingly big than doing it inside of an enterprise (I'm not trying to downgrade the efforts of IT in the enterprise, just making a point). Increasingly, enterprise developers are turning to, or even becoming web app developers because the skills have met; the gap has started to close; in a "post-cloud" word, enterprise developers ARE web app developers (or even more scary: mobile web app developers). So, what is a "post-cloud" world in this light? It's the world where web app development skills and enterprise development skills meet. And you can see it in everyday news, like Twitter making the decision to move to NoSQL-based Cassandra. My business partner, Phil Becker, has a great saying (I'm paraphrasing) that if you want to know where the real money is getting made in software, look for the databases. Twitter now joins Facebook, Digg and others that are moving to what is increasingly the data model of choice for the "post-cloud" world - NoSQL. I don't know if a lot of enterprises are doing it yet, but I guarantee that enterprise guys are investigating, watching, kicking tires (Comcast, for example, uses Riak), and I'm sure that folks at Oracle have taken note. The point is that the interesting thing about the "move to the cloud" isn't about capex vs. opex, or any of the other silly "benefits" talks that you'll hear all over the place. The interesting thing is in the web app developer/enterprise developer skill set converging in a way that we've never seen before. It opens up whole new fields of innovation (ie, both parties can learn a lot from each other). THAT is the "post-cloud" world. And that is why you'll find everything from NoSQL (which is distinctly internet-scale stuff) to SAML (which is about as enterprise as a protocol gets) at Gluecon. Be sure to join us.

Hackathons and Cloud Camps

I received a note yesterday asking about the differences between the Hackathon that we're having at Gluecon and the Cloud Camp we're having in conjunction with Gluecon. In my book, clarity is a lifesaver, so I thought I'd be overly clear about this one. The Cloud Camp at Gluecon is taking place on May 25th from 4-8pm on the same site as Gluecon. In fact, if you come to Cloud Camp, you will see us setting up (i.e., booths, banners, etc) for Gluecon. You DO NOT have to be registered for Gluecon to attend Cloud Camp (although, boy, that sure would make me happy), but you do need to register for Cloud Camp (it's free, but limited seating -- only 113 tix remain as of this writing). The flip side is also true: registering for Cloud Camp does not get you into Gluecon -- that's a separate registration (and, ideally, you'll choose to do both, as they offer very different things/benefits). The evening of May 26th (post-evening reception) at Gluecon, we'll be having a Hackathon. You must be a Gluecon attendee to attend the hackathon - and it's important to note that the hackathon and Cloud Camp are *very* different things. Cloud Camp is an unconference (with a semi-structured outline) that focuses on talking about cloud-related issues. The hackathon at gluecon begins at a set time, and goes however long it goes (all night?) with a clear focus on collaborative programming and building whatever it is that people want to build. I hope that helps. Bottom-line: you'd be foolish not to attend BOTH Cloud Camp and Gluecon. And in doing so, you'll open yourself up to a whole range of geeky possibilities. [sidenote: "louie1" still takes 10% off of the gluecon registration -- don't delay, as I may end that at any time for absolutely no reason whatsoever other than my whims. ;-) ]

A Note To My Colorado Friends

As a guy who organizes two tech conferences that take place in Colorado, I'm in a bit of a weird place. I'm part of that "Colorado tech community" via my friends/cohorts/biz partners -- people like Brad Feld, Seth Levine, Andre Durand, Rob Johnson, Josh Fraser, John Minnihan, David Cohen, etc -- but I'm also not part of that community, as I don't get to be absorbed into all of the day to day stuff (by virtue of the fact that I don't physically reside in Colorado). However, I believe that Colorado (Boulder-Denver especially) is one of the best places in the country that you could "get involved" in the internet-software space. I've railed against the "if you're serious you move to Silicon Valley" myth so many times (and called the purveyors of that falsehood more names than I care to remember) that I can't even believe it still ever comes up. And, in some ways, I think this recession has really helped to expose people to the fact that there is so much good entrepreneurial activity happening outside of the valley. I mean, is there any *hotter* (trendy, successful, honest, fun) group of VCs than Union Square Ventures (Twitter, Zynga), Foundry Group (Zynga), Roger Ehrenberg (new fund on Big Data) and Howard Lindozon (Stocktwits)? Nope. Do *any* of them live in Silicon Valley? Nope. Places outside of "the valley" are where it's at right now (much to the dismay of some), and Colorado is leading that charge. Similarly, I often get asked why Glue (or Defrag) isn't located in the Bay Area. My answer is always the same, "don't you think the bay area has enough tech conferences?" The Bay Area really isn't the center of the universe. I know - shocking, right? The second question I always get is "why Colorado?" That answer is a bit more complex, but really it boils down to "because it rocks, that's why." (And it does Bay Area folks good to actually *go* to a conference sometimes.) It is in that spirit that I wanted to reach out specifically to everyone in Colorado in the software, internet, startup space. We're bringing some *amazing* people and sessions to your backyard for Glue, so I'm making my case early: If you live in Colorado, and are interested in software, you need to come. Now, let me explain why: 1. Speakers: Look, there is no shortage of genius in Colorado. But that doesn't mean that mixing that genius with other geographically different genius-types doesn't yield good things. With that in mind (and keeping in mind that the agenda is still a very early draft), let's look at the speakers that are already confirmed -- Doug Crockford (creator of JSON), Joe Shirrey (Azure team, Microsoft), Dwight Merriman (CEO, 10gen), Sunir Shah (Freshbooks), Scott McMullan (Google biz stuff), John Musser (Programmable Web), Clay Loveless (CTO, Mashery), Dave Smith (Basho), Jonathan Ellis (Rackspace), Mike Miller (Cloudant), Emil Eifrem (Neotechnology), Michael Barrett (CISO, PayPal), Chris Hoff (Director of Cloud, Cisco), Laura Merling (Alcatel-Lucent), Ryan Sarver (Director of Platform, Twitter), Jack Moffitt (Collecta), Jeff Lindsay (Webhooks), John Fallows (CTO, Kaazing), Brian Mulloy (Apigee), Jeff Lawson (Twilio), Rick Nucci (CTO, Boomi), Phil Windley (Kynetx), Joe Stump (SimpleGEO), David Recordon (Facebook), Eric Marcoullier (Gnip), Chris Messina (Open Web Advocate, Google), Eve Maler (PayPal) ...and that's the *early* draft. The agenda is probably 30% complete. 2. Topics: What about topics we'll be covering? Webfinger, User-managed Access, Federated Provisioning, Open/Linked Data, Cloud Data Management, Facebook's Open API, Understanding Twitter's APIs, MongoDB, Activity Streams, A6 (cloudaudit), OAuthWRAP, managing multiple APIs, XMPP, webhooks, PubSubHubBub, HTML5 websockets, cloud security, SAML, OpenID, Facebook Connect, NoSQL (Neo4J, Cassandra, Riak, CouchDB), API terms of service, State of the API marketplace, How to build your own computing cloud, AWS,, Windows Azure, Google App Engine, Web Oriented Architecture, and a ton more that we're still adding. 3. Price: You can register right now for Gluecon for under $475 bucks (just use "louie1" when registering) -- a price that's already cheaper than 80% of the conferences you'd attend in the Bay Area (and absolutely cheaper than any other "cloud" conference - which are running about $1895). Throw in the fact that the conference is in your backyard (ie, no travel expenses) and it becomes an unbeatable Colorado deal. Keep in mind, that price is covering your food, drink, evening reception, wifi - everything -- over 2 days. 4. And let's just say that $472.50 is still out of your price range - then at a minimum you should be registered for the Cloud Camp happening at Gluecon. It's free (and only has 140 tickets remaining, so don't wait), so there's no excuse there. Bottom-line: if you're doing internet-software-startup stuff in Colorado, Gluecon covers every possibility (price, topics, speakers, location). You literally have to work at it to come up with a reason NOT to go if you live in Colorado. I'm saying all of this for a very simple reason: My hope is that the Colorado "presence" at Gluecon is overwhelming this year. Last year, about 70% of our gluecon participants came from outside of Colorado. That just isn't right. So, my Colorado friends, you can stay home, not meet amazing people, not participate in hackathons, not get involved in a new project, not increase your knowledge and help your career, and wonder why it is that Silicon Valley gets to have all of the fun, OR you can realize that the Valley doesn't get to have all of the fun, and do something about it by participating in Gluecon. I really hope you'll choose the latter, because we're gonna have a blast.

Rhyming History

I must be getting old (er). In my pursuit to have even a beginner's grasp of what's going on around this cloud stuff this year, I've joined about 300 "groups" (what us old guys used to call "mailing lists"). One of those groups is the A6 working group -- spearheaded by Gluecon keynoter Chris Hoff. Hoff just pointed out that there's now a group forming in the UK that consists of 24 vendor types that's seeking to provide the Common Assurance Metric (CAM). This "CAM" sounds an awful lot like the things already being worked on by groups like A6 and the Cloud Security Alliance, and Hoff is reaching out to them in hopes that we don't end up with multiple groups re-inventing the wheel. Unfortunately, if history is our guide, the prospects aren't bright. Take, for instance, identity protocols (something I've had a front row seat to) -- things like SAML, IDFF, OpenID, etc. Back in 2007, I did a quick "history" of identity protocols -- you'll notice when you read it that I could've just as easily written it in 2009. Yea, not good. Bottom-line: the dominant "enterprise" identity protocol is SAML. But even SAML 1.0 only came about only because a research analyst publicly browbeat the vendors into bringing together four or five competing yet similar efforts. And even once SAML existed, a whole boatload of companies still formed the Liberty Alliance. And then IBM and Microsoft went off and did the WS-* complex. And because we *still* didn't have what we needed for identity protocols, OpenID happened. But wait - that wasn't enough either, so we had to give birth to Facebook Connect. And then, because it isn't all about authentication, we had to come up with OAuth. Whoops - almost forgot, OAuth is now being expanded to OAuthWRAP. Timeline of that paragraph: 8 YEARS. The good news is that none of that dithering stopped the identity "industry" from selling an awful lot of identity management software to enterprises. From SAML 1.0 to present day we still haven't really solved "internet identity for the masses" - but, you know, we feel like we're getting warmed up and starting to get our feet underneath us. I fully believe that groups like the Cloud Security Alliance and A6 working group are completely necessary for the "cloud industry" to mature. But that doesn't make me optimistic that we'll get through this whole process without it getting very messy. How do you sort it all out? Insert "you should come to gluecon" pitch here. ;-)

APIs, TOS, and building a hooked web

Let me throw some things against the wall and see if anything sticks. This week I confirmed Chris Messina (of OAuth, and now Activity Streams fame) and Jeff Lindsay (who gave an awesome talk on Webhooks last year) to speak at Gluecon. Simultaneously, I've been reading blog posts like this -- where the punch-line is:
"Jump to the future when all of your favorite sites implement programmable hooks. The pipedream, holy grail, end result is that you no longer even need Twitter, because it’s become a protocol. Just like blogs happily send pingbacks, you can install a Twitter-speaking, open sourced package on a Slicehost account that is your own personal Twitter...It’s a decentralized, pluggable architecture, and it integrates with any site using web hooks. At your service."
Further, we're starting to see news around Twitter and OAuth Delegation. Add it all up and what do you get? The power lies in the API. Or maybe, more pointedly, in the terms of service that large players choose to impose on their API. LinkedIn is famous in some circles (no names) for not playing so nice with their API. According to their terms, you can't store anything other than a profile or ID --which is to say you can't store the most powerful/useful thing about LinkedIn -- the connections. Beyond that, their TOS says that you can't use their API and "compete" (though it never defines what that is). And, to put the icing on top, they gain the right to "audit" you if you use their API. Are these things reasonable? Do they compare unfavorably with Facebook, Twitter, etc? I don't know. But it's a conversation worth having. You see, the goal of "the cloud" isn't simply putting all of your stuff into some stored space for access. It's connecting your "stuff" -- your apps, data, networks, etc. The how, if, why, when and where of that connecting (you could call it, for lack of a better word, "glue") is wholly dependent on the terms of service around APIs. Here's what I'm not suggesting: I'm not suggesting that companies don't have to right to limit how you use their API (of course they do). I'm also not suggesting we build a "standard TOS for APIs" (although I have little doubt that some working group in some association somewhere is talking about just that). I am suggesting that it's time to start digging into what all of this means for actually building things. So while guys like Chris and Jeff are out building the guts of how to do callbacks and streams and whatever else, we also need to be thinking through what "terms of service" really means in a "post-cloud" world. And we're gonna do that at Gluecon.

CloudCamp at Gluecon

Gluecon has a different "feel" to it. Having been around tech conferences for a decade now, you can tell when something just has that different "mojo" about it. Gluecon has it. I don't know exactly what that means, but the energy is different. And when I feel that mojo, I know the BEST thing I can do is get as many different communities involved as possible. It doesn't matter whether those are topical communities, or trade associations, or whatever -- the more ingredients I can put in the stew, the better off I am in the long run. And so I am super-overjoyed to announce that we're bringing the very first CloudCamp to Colorado by having CloudCamp at Gluecon. I'm working with Ben Kepes and Dave Nielsen to pull it all together, but basically, the afternoon/early evening before Gluecon starts (May 25th from 4pm to 8pm MST), we'll be having a CloudCamp on the same site as where Gluecon will take place over the following two days (the 26th/27th). CloudCamp, for those that don't know, is an unconference-style of event that is free to registrants. You'll still have to register if you want to come to Gluecon (which I KNOW you're gonna want to do), but basically, Glue is gonna help with space, wifi, etc, and provide a cool community driven event pre-our event. ;-) Stay tuned for more details!

Exploring the in-between

Yesterday provided an interesting cross-section of the spectrum of technology. On one side, you had Apple's launch of the iPad. On the other side, you had Oracle's press conference detailing the setting of Sun. It occurred to me this morning, as I poured over endlessly similar pieces about both events, that the two ends really highlight a huge ecosystem around "the cloud." On the Apple side, we're clearly moving into the era of internet devices (smart phones, netbooks, iPads). Where the primary defining characteristic are apps that are accessing information stored in the cloud. It almost seems trivial at this point, but in the larger sweep of history, I don't think it's trivial at all. For all of my "forward looking" conference stuff, I still (out of force of habit) open up a desktop based spreadsheet and save it locally, versus using Google docs. The shift to the cloud has already occurred for every consumer under the age of 30. The rest of us are the "tweeners" that are just running to catch up. On the Oracle side, you have a company that perfectly encapsulates a saying my friend and business partner Phil Becker has (I'm paraphrasing) - "all of the real money in enterprise software gets made selling databases." Oracle announced yesterday that they have "no intention" of operating public clouds for enterprises. They are, however, deeply interested in selling the databases and middleware that will be needed to run those clouds. Of course. So we have the consumer-facing move to cloud devices on the one hand, and the enterprise software company that will sell "picks and shovels" to cloud companies all day long. As is usually the case, the "in-between" is where things get interesting. At the end of the day, EVERYTHING in software is about applications. You can have the greatest infrastructure in the world, but without 7 gajillion people using the email application, it's all for nothing. And so it will be with "the cloud." The interesting debate, the interesting hack, the place will developers will migrate to isn't the "public/private/hybrid cloud" question, nor is it the "economic benefits of the cloud and CAPEX" question. Value in this chain migrates to the in-between between the apps themselves. Security, identity, scalability, high availability, interoperability, open data (data portability), non-relational database models, APIs, RESTful protocols and standards -- THESE are the places that value (interest) migrates to; between the apps running on the iPad and the behemoth software company selling databases is an ecosystem. And everything in that ecosystem is connected -- or will be; or should be. That "connection" is the tough piece. The piece that will take us years to get right. The piece that Gluecon is really focused on. It's early in this game. And we're early into planning for Glue. But just because we're early doesn't mean there's not already meat on these bones. Early confirmed speakers include: Michael Barrett, CISO, PayPal -- talking security in the cloud Chris Hoff, Director of Cloud Solutions, Cisco -- on "Cloudifornication" Doug Crockford, creator JSON -- on Gluing apps together in the cloud Ryan Sarver, Director of Platform, Twitter -- on the state/nature of things. A bunch of NoSQL folks talking Riak, Cassandra, MongoDB, CouchDB, Neo4j Identity folks talking SAML, OpenID, User Managed Access, Federated Provisioning and OAuth/WRAP Sessions on integration, open data, Facebook's openness, building APIs, activity protocols, HTML5 websockets, mobility in the cloud, and on and on. And while I'm at it, I should round-up our early sponsors: Boomi, Gnip, Rackspace, Ping Identity, Alcatel-Lucent, enStratus, 10gen, Gist, Cloudbook, the Cloud Security Alliance, Programmable Web, and the Kantara Initiative. And I'm just getting started. I hope you'll join us as we explore the in-between at Gluecon.

An early, early, early draft

Here we go. An early, early, early first draft of an agenda. It comes with all of the normal caveats: topics can change, I've got people in the wrong format (in some cases), things are all screwy and subject to change -- but, at the very least, it'll start to give you a general idea of where this is headed. More importantly, it'll give everyone an opportunity to tell me where I'm going wrong, and what needs to be added, deleted, accentuated, etc. Please do so (either via comments or enorlin AT A couple of notes: 1. You'll see "ingredient for a peer discussion" on morning 1. This is an attempt to do some seeding of the open space that immediately follows. Not that it will preclude other topics being talked about - just suggestions. 2. In the breakouts, you'll see three tracks - strategic/business, technical 1 and technical 2. I'm probably gonna drop the "business" tag from the strategic track, because the early feedback I'm getting is that the "strategic" track really is that - "strategic" (in a technical, architectural and business sense). 3. You'll also see some breakouts that have the 10 minute "point of view" blasts. That format might change -- but essentially, that's an attempt to not overload on panel formats, and really give speakers a dedicated amount of time to discuss their point of view. You'll also see some more traditional panel/breakout slots. 4. The stuff that's really important to me at this point (for feedback) isn't format, or who should be in what slot, but the topics themselves. So - Strategic: Moving to the Cloud; Building a Cloud Framework; Cloud Architecture and Security; Integrating in a SaaS environment; Managing Complexity in a Cloud World; Selling in a Cloud (billing, metering, sales, analytics, etc). Tech 1: Major Platform Providers (Azure, Google App Engine, AWS,; Digging into other Platforms (rackspace, heroku, eucalyptus, etc); NoSQL specific examples (Riak, MongoDB, Neo4j, Cassandra), Protocols, Gluing together Data, Open/Linked Data, Hacking Identity. Tech 2: NoSQL why's and why not's; NoSQL Data Stores (types, use cases); APIs (scalability), Identity (SAML, OpenID, FB Connect), OAuth/WRAP, Standards (A6, OCCI, etc); Activity Protocols (activity streams, PUSH, etc); Mobility in the Cloud (gluing together mobile apps). ...and you'll see a lot of blank spots (yep, work to do). Lastly, you'll see our currently locked down keynoters: Doug Crockford (of JSON fame, Senior Architect, Yahoo!), Michael Barrett (CISO, PayPal), Chris Hoff (Dir. of Cloud, Cisco - with perhaps the best keynote title ever), and Ryan Sarver (Dir. of Platform, Twitter). I'm still hard at work on a *bunch* of stuff for keynotes - again, it only gets better from here. There's a lot of blank stuff, and a lot of framework, but I hope this at least begins to give folks a sense of where we're headed. Lemme know what you guys think (either here, on twitter or in a private thread).

Putting meat on the bones

While we're working on getting a readable first draft of the agenda up (hang tough, it'll be up shortly), I wanted to list our early sponsors as a way to illustrate how things are beginning to flesh out. So - Boomi describes themselves as the "integration cloud" company; think integration as a service for applications. It's a very interesting space, and one that Boomi is very unique in, in that they're so concentrated on the problem that they really don't have head-on "competitors." Gnip is relaunching in February, so I can't point you to exactly what they do, but if you're in the whole "real-time data" arena, Gnip is important to you. Alcatel-Lucent is making a push into the "cloud" space, and I'm glad they've chosen Glue as an appropriate venue for doing so. Ping Identity works in the "internet identity" space. I've personally been involved with Ping since it's earliest days (I was employee #1), and I've watched with pride as Andre and crew have become the absolute leaders in this space. enStratus is a great startup out of the Twin Cities (love the Twin Cities) that is focused on creating "confidence" (i.e., security and reliability) in the cloud. 10gen is the company behind the open source MongoDB (NoSQL) project. Gist are those crazy guys (T.A., Robert) that have been hanging out around our conferences for years. Along the way, they started this awesome company that focuses on aggregating your personal data sources in ways that make your contacts much more valuable (I use gist all of the time). So, the cool part about looking at these sponsors is that it starts to form a nice outline of what we're going to talk about -- namely: Application integration Real-time data Cloud infrastructure Identity in the Cloud Cloud security and reliability Projects for internet-scale data (NoSQL) Linked Data Great start -- and there's more on the way. Stay tuned for the first draft of the agenda --- and make sure to get your butt registered.