Arun Gupta

SE Radio 579: Arun Gupta on Open Source Strategy and Community

Arun Gupta, Vice President and General Manager of Open Ecosystem Initiatives at Intel Corporation, discusses open-source strategy and community with SE Radio host Kanchan Shringi. They explore the business case and business model for why and how big tech participates in the open-source ecosystem. Arun describes ways to foster a culture of engagement with open source within companies such as Intel, Amazon, and Apple. They then consider how the principles can be applied to closed-source software within a company. Finally, they discuss some of the benefits that Intel has gained from more than 20 years of open source contributions and look at the company’s plan for the year ahead.

Show Notes

Related Episodes


Transcript brought to you by IEEE Software magazine and IEEE Computer Society. This transcript was automatically generated. To suggest improvements in the text, please contact [email protected] and include the episode number and URL.

Kanchan Shringi 00:00:19 Hi all. Welcome to this episode of Software Engineering Radio. Today we have Arun Gupta discussing open source strategy and community. Arun holds the position of vice president and general manager of Open Ecosystem initiatives at Intel Corporation. Arun has over two decades of experience as an open source strategist, advocate, and practitioner. He has successfully guided companies like Apple, Amazon, and Sun Microsystems in adopting open source principles. Welcome to the show, Arun. Is there anything else you’d like to add to the bio before we get started?

Arun Gupta 00:00:51 No Kanchan, I’m super happy to be here and very excited.

Kanchan Shringi 00:00:55 Awesome. So our goal today is to really drill into how big tech participates in the open source ecosystem, and I’d really like to first start with telling our listeners about some episodes that we have that they might want to listen to that handle and talk about open source. These are episode 94 on Open Source Business Models, episode 327 on Developer Productivity and episode 192 on Open Source Development Perspectives. So can we start with the business model and the business case? Why does big tech participate in the open source ecosystem?

Arun Gupta 00:01:37 Yeah, having done open source at a wide range of companies like Apple, Amazon, Suns, which are really big tech companies and rather smaller company like Couchbase, their business cases are very different. And I’ve seen very clearly that the reason that they participate in open source, it only sustains if it is very clearly tied to the business case. Like take a look at Amazon for example, right? At Amazon, I was part of the open source strategy team where I was on the loan to different service teams, helping them build and craft their open source strategy. So to begin with, I was with the containers team, this is the time when we were starting Amazon EKS. Amazon EKS is directly built on top of Kubernetes. So it’s very essential, very critical that we participate in the Kubernetes community because the issues that Amazon was facing at that point of time were very specific to Amazon because you’re building a managed service.

Arun Gupta 00:02:40 The scale is very different, the problems are very unique. And so in an open source community, you can’t just file a bug and say somebody else will fix it up. There is no magical community. The magical community actually consists of all these people from these different vendors that are making the community move forward. So you have to understand the social dynamics, you have to understand what are the key players in the community, what is it that is of priority in the community, just like any other commercial entity, you got to do that in your own company. But now you got to do that in a very open, transparent manner in the community. And that’s sort of the strategy is what I was building for Amazon. So Amazon is very customer obsessed company in that sense. They were contributing to the open source projects where their customers wanted them to be successful.

Arun Gupta 00:03:32 So more often than not, they will create integrations with their existing services and that’s where they will contribute to the open source projects. So that pick an open source project, my SQL, Postgres, Kubernetes, Kafka, Cassandra, they will make that run on a scale. In order to run it on their scale, they need to make sure there is no technical debt inside Amazon and all the work that they’re doing is contributed upstream so that it stays up in the community as well. So that’s the reason Amazon was doing it. If you think in terms of Apple, the reason Apple was contributing to open source is because a lot of open services at Apple runs using Java. So they need to make sure that they can bring in the latest changes from Java and run it in the most optimal manner. A lot of the services run on Kubernetes, same thing.

Arun Gupta 00:04:26 You don’t want to maintain an internal fork if Kubernetes has more than 4,000 developers, rather more than 60,000 contributors coming from over 4,000 companies. You can’t have that level of engineering resources inside the company. And the core product of Apple is very different. So it helps them with that undifferentiated heavy lifting that lets bring that collective wisdom, collective power, collective knowledge of the community and bring it in home and then leverage it. 90% of the job is already done out there. We just need to do 10% more as opposed to doing it in-house. Let’s do that in the community so that we can continue to leverage the latest innovation that is happening in the community. Here I’m at Intel. Intel has been a long-time contributor to open source for over 20 years actually. Just about the time that I was joining the open source movement.

Arun Gupta 00:05:22 So they’ve been doing it longer than that as a matter of fact. Our primary Intel is a silicon company and the primary means our customers consume our product, which is an Intel silicon, whether it’s in the client, in the Edge, in the data center, in the private Cloud whatever, the primary means they consume it is using all of these open source projects, hundreds of open source projects. So in order for them to make sure that that open source project continues to run in a most optimized manner, that’s exactly the reason Intel contributes to these open source projects. Because we have new instruction set coming out in a chip we have new features coming out in the chip, we want to make sure like those features are available in Linux kernel in open JDK, which is a Java reference implementation in Python, in TensorFlow, in Cassandra, in Kafka, you pick a project, Intel contributes to 300 plus such projects.

Arun Gupta 00:06:22 So if you see the primary reason these companies, just like Intel is contributing, is to be aligned with their business case. And that’s the only way I’ve seen it sustained. And there are places where I’ve seen where you are contributing on the fringes, and it stays on the fringes and it doesn’t become either your strategy or a culture is sort of a tactic to handle it. And I’m really excited that I am at Intel here because, the leadership truly gets it. Thatís why we contribute to open ecosystem, why it matters to us.

Kanchan Shringi 00:07:01 Okay, makes sense. You mentioned community knowledge, so that’s adding to the knowledge of people within the company. So it’s intellectual knowledge, but what about intellectual property?

Arun Gupta 00:07:16 Yeah, so I mean if you think about it and that’s where you think in terms of intellectual knowledge versus intellectual property. So if you’re doing a closed source project, you’re more likely to have a seamless, streamlined experience. You got to figure out some value that you are adding as part of that closed source project, and that is probably your IP. That is where you file an intellectual property. But the part that I really enjoy about open source community is sort of building that intellectual knowledge. And that’s not just inside the company that’s really outside the company. Let’s take the example of Kubernetes once again. Now the fact that there are over 4,000 companies, 60,000 contributors giving back to Kubernetes. What that means is the knowledge, the intellectual knowledge is spread across that many companies. Now, if I need a SRE skillset, if I need a development skillset, if I need some other skillset in Kubernetes, that is more likely already available.

Arun Gupta 00:08:19 What that means is there are so many blogs, there are so many horror stories, there are so many war stories, there are so many debugging stories, there are so many tools, there is such a wide large ecosystem that is available. So I’m really tapping into that intellectual knowledge. Whereas opposed to intellectual property, which is only a few people inside my company knows, but with intellectual knowledge, you’re really tapping into that wide range of YouTube tutorials, stack overflow posts, conference talks, blog posts, which generally is not possible if you’re holding onto the intellectual property because you are the only one that knows about it. I think that community collective knowledge is really, really fundamental here, which is what allows you to move at a faster pace.

Kanchan Shringi 00:09:08 So you’ve also added as we are discussing the why, you’ve also added the availability of talent. So in relation to hiring to the business case. Sounds like while we are on the why, can we talk about security? Something that I’ve heard on many discussions on open source is that it’s open source code is more secure when one of the reasons is that it has many eyeballs and the more the eyeballs, the less the bugs and hence vulnerabilities are likely to be discovered and fixed quickly by the community. How true is that? The number of eyeballs can vary a lot depending on the code base. Isn’t that true?

Arun Gupta 00:09:53 That is very true. And this is actually what you quoted is just the Lean’s law, which basically says, given significant number of eyeballs on a code base, all bugs are shallow. And that’s what this really reference to. If you think about yes, I mean that is absolutely the nature if it’s a hobby project of mine that only I am maintaining them, I’m the only eyeball, then that’s not to improve the quality of the bug because that is only one narrow parochial perspective. As opposed to look at something like Linux kernel look at something like Kubernetes, that diversity, that inclusive nature of the project that, as I say in Open source, we stand on the shoulder of giants and the giants like for a project like Kubernetes are companies like Google and Red Hat and Microsoft and Intel and Amazon and all because each of these, these are scratching their specific itch.

Arun Gupta 00:10:50 Each of these is truly saying that, okay, here are the concerns that matter to our customers, we are going to fix it. And then they’re doing that in a very collective manner out there. And it’s not just feature development. So what that means is if there is a CVE or a vulnerability happening, they are looking into that deeply. Each of these companies for, as a matter of fact, have a deep security team. Like I know at Intel, we have a very as a matter of fact literally last earlier this week actually, I was reading an article by Forbes where Intel is voted as the most cyber secure company. So we have a very deep security team. And when we are looking at sort of that code for Kubernetes, we look at it from that very deep angle. And if there is a vulnerability that occurs in any of the open source projects, most of the open source projects do have a very clearly defined security mechanism, processability before public disclosure, let’s send to an opportunity for the project to fix the vulnerability.

Arun Gupta 00:11:56 And once you’re able to fix it, then, then you can announce it and release it and that, hey, here’s a vulnerability found here is what is patched. So that effectively in the downstream distros, which is like the other managed distribution of the open source project, they can fix it up as well. So I truly believe that more eyeballs make all bugs shallow because it’s that diverse perspective. We go back to the intellectual knowledge because everybody has that unique perspective that they care about. And when they look at the particular bug fakes, they’re truly looking at it from their perspective. And every grammatical mistake that is updated in the open source project makes that open source project that much better. So I think that is truly how it operates.

Kanchan Shringi 00:12:46 So the, the way you describe it, it’s very intentional. It takes a lot of management, it takes a lot of process to build us. So let’s talk about the how next. So you mentioned open source culture within the company, and then strategy two, how do you contrast those two?

Arun Gupta 00:13:06 Yeah a lot of companies can have a strategy for open source that, oh, we have an open source strategy, which is sort of the top down, the CEO says so, or in the case of a startup company, the governing VC say so, or the board of directors say so. Unless there is a culture in the company that it’s not going to happen. And let me explain that a little bit more. You might have heard that code, which says, culture eats strategy for breakfast. So no matter what your strategy is, if the culture is not there, if the processes are not there, I mean, as they say, right willpower is overrated you can have a willpower for whatever you want to do, but unless there are mechanisms that are built into the company that truly unfolds, that enforce is the wrong word, but that truly enable that Open source methodologies, you’re not going to be successful over there.

Arun Gupta 00:14:05 And by that, that’s exactly what the culture is where engineers are incentivized to do open source work. They are given time to do open source work, they are given time to really help out in the community. In an open source community, code is often considered as glorious work, but that’s probably 10% of the effort. 90% of the effort really is about the non- glorious work where somebody got to review the pull request, somebody got to put the code, so somebody has to fix the dog, somebody has to triage the issue, somebody has to do the project management. Somebody like CubeCon is happening. At CubeCon Amsterdam there were what 10,000 developers know, but somebody’s running that show. A lot of it is supported by Linux Foundation. But then if you think about it, somebody has to review the talk, somebody has to create the tracks, somebody has to make sure all other things happen as well.

Arun Gupta 00:15:04 And that again, that is something done by the volunteers of the community. So that’s a lot of chop wood carry water work. And my point is, if that culture is not there in the company where, I mean I’m on the CNCF governing board, I’m the chairperson as well. So a good part of my time goes towards that role. There are lots of people from Intel that are in lots of leadership positions, like Kathy Zang is on the CNCF Technical Oversight Committee. Marlo Ston, she’s the CNCF tax sustainability co-chair, Probe is on the open SSF Technical Advisory Council and now chair as well. These are non-code jobs, but that truly requires you to be out there in the community and do the work unless there is support from the management. And that’s exactly the culture piece of it. So Pat might say open ecosystem matters to us, but it truly kind of falls down from Pat to Greg to everybody in the management chain. That is the culture. If that culture doesn’t happen, if that culture doesn’t exist, no matter what your strategy is.

Kanchan Shringi 00:16:14 So let’s say effort is made to create that culture, developers are given time, encouraged. How do you sustain that? What else do you do to make sure that that continues?

Arun Gupta 00:16:28 Yeah, a bunch of things actually need to happen. For example, open source program office, if your company doesn’t have an open source program office, I highly recommend to get that set up. And truly the main purpose of that open source program office is to create that open source culture. They, of course, do the compliance, they do the license verification, they make sure that the open source coming into the company and the open source going out of the company is dealt in a reasonable manner. So all of those not a reason, in the right manner. So all of those things are really truly done by OSPO or the Open Source Program Office. OSPO also kind of helps you create that processes inside the company really where they can talk to different business units that, hey, you are trying to do this in open source manner, here is how the right thing to do is and they build that. They truly enable that culture inside the company. And I would highly recommend if you have an OSPO or if you don’t have an OSPO and want to get started with it, take a look at the to-do group by Linux Foundation. They have a very extensive guide on how your OSPO could look like. Where could the OSPO sit like, what the size of the OSPO would be, what the charter of the OSPO should be. All of those are in details kind of highlighted as part of that.

Kanchan Shringi 00:17:53 So you mentioned some of the open source foundations, I believe you mentioned OSSF or Open Source Security Foundation. Can you talk a little bit about this one and what is the purpose and how does the company collaborate with them to maybe to improve the security posture?

Arun Gupta 00:18:14 Yeah, absolutely. Now, foundations play a critical role to build that open source culture. Foundations is where a lot of the leading edge work happens. So if you think about Kubernetes, the project Kubernetes is part of the CNCF Foundation. That foundation was created over seven years ago. Intel has been part of the CNCF Foundation from the very beginning. Linux Foundation has, over 700 plus projects across multiple foundations. So similarly there is Apache Foundation we talked about open source security foundation. So there are a lot of these foundations. Now, typically, if you take a look at the foundation, we’ll have a governing board that is responsible for the administrative financial aspect of the foundation. And then there is a technical committee which would really provide the technical guidance and the direction to the foundation itself.

Arun Gupta 00:19:11 Now Intel is part of over 700 plus foundations and standard bodies, and they range from a very wide I mean all the way from Intel is a big company. So we have, we really, truly think from all the way from silicon to application. So we are part of lots and lots of hardware standard foundations and all the way to app foundations as well. So as I said, we have leadership positions in both sides. We are, I myself on the CNCF Governing Board and the chair of the Governing Board. I’m on the open SSF governing board as well. And I also help out with the Linux Foundation governing board. In addition, I mentioned a few names. Dan Middleton, as a matter of fact, is part of the Confidential Computing Technical Advisory Council, and he’s a Chair for that.

Arun Gupta 00:20:01 And the other names I mentioned already. So there are lots and lots of people who are out there. And the reason it’s important to join these foundations, because it truly allows you to be on the leading edge of what that needs to be done around the technology landscape, that’s where all of the work is happening. That’s where you are networking with your peers, with your customers in the industry. That really helps you define where the technology is going to go. And the reason Intel participates in these foundations and standard bodies is truly to represent our customers interest over there. We truly believe that our customers hold us responsible for making sure the direction that the technology is taking is going to meet their interest, and we also need to align it with our business interests. That’s the reason we participate in all of this.

Arun Gupta 00:20:52 Now, specifically about open SSF, Intel has been part of it for a very long time. The foundation is about three years old, so we have been very much part of it from the beginning. I’m on the governing board as I mentioned. Crowe is on the Technical Advisory Council and the chair of the Technical Advisory Council. Catherine Druckman is on the marketing committee and the co-chair of it as well. So we have a few leadership positions here where we are truly trying to make sure we take the foundation forward, working with the rest of our colleagues and partners in the foundation itself. The main charter of the open SSF foundation is truly to improve the security posture of open source. So to that extent, they have several projects that they have done. And the most visible project that you would probably have heard of is the open SSF scorecard.

Arun Gupta 00:21:39 What it does is it takes a look at your GitHub project and then it’ll tell you what your open source security posture going to look like. And then it’ll take a look at multiple elements of your project and then it’ll give you a scorecard. And the scorecard varies from zero to 10, and then it gives you a recommendation that oh you know what? Or it gives you a detailed report that why your scorecard is in a certain number and what are the missing pieces for that. So it truly gives you very specific detailed information that in order to improve your score, here is how you should take a look at it, and here is what you need to do. So it truly works in that direction. Lots and lots of similar discussions happening within open SSF and it’s quite an exciting time honestly.

Arun Gupta 00:22:28 Something else that open SSF also defined last year we had a meeting with the, at the White House for Open Source Security Summit, particularly with the, given the presidential mandate on the white security, given the lock 4J debacle that happened. And so they define our 10-point work stream, essentially an open SSF scorecard is one of those work streams that came out of that work stream. But there are these 10-point work streams that are looking at it, how do we improve the CICD? How do we improve the packet managers? How do we improve the education? How do we improve the enablement? So it’s truly looking at it in a holistic manner. So really the 10-point work stream bio-open SSF and driving that in the future direction is really the way to go.

Kanchan Shringi 00:23:15 That’s very interesting. Very, very educational. Thank you for that. So can any open source project owners submit their project to get the scorecard to open SSF?

Arun Gupta 00:23:25 Yeah, absolutely. So open SSF scorecard is open GitHub repo. They have GitHub actions, all sorts of stuff. You can just clone the repo or, you can just use a GitHub action, really bring the GitHub action as part of your GitHub project. And that really allows you to kind of generate the source scorecard and say, here’s my scorecard. And then take a look at the report and then say, how can I improve that?

Kanchan Shringi 00:23:50 Do the open source foundation help with establishing other standards as well?

Arun Gupta 00:23:56 Absolutely. Well, if you think about it, the process has evolved over the years, right? About 15, 20 years ago. Those standard bodies are still relevant, like W3C, OSS, those that are still very relevant. But over a period of time what has happened is standards have their place, but Kubernetes is not the de jure standard, but it’s a defacto standard. What I mean by that is it is used so widely, so pervasively, similarly, docker is not a standard, but is the defacto standard. If you’re building a container application, that means people would use the word container and docker synonymously. So by that I mean is that the technologies are so widely available and used that’s where foundations like CNCF have become very relevant because what they’re saying is it’s not a standard, but it is a standard in that sense. I think in that sense, yes, it very well helps define, let’s think of it this way. Let’s think of a common way by which different vendors have agreed to create a compute layer, right? Because that is for the benefit of the customer, not necessarily a standard, but still very commonly, very heavily adopted all across the board.

Kanchan Shringi 00:25:16 So what you really reference to is creating framework or a platform for collaboration between vendors. So one of the things that I’ve had in mind recently is the use of Kubernetes, and maybe it’s not standards, but best practices for, let’s say use by SaaS applications. I do, I couldn’t find a lot of material on that as an example, especially discussing is it better to run multi-tenant, single-tenant. So where is that kind of discussion facilitated by some of these foundations or other methodologies, maybe facilitating events or any other ways of encouraging collaboration?

Arun Gupta 00:26:02 Yeah, absolutely. I mean, that is really one of the core focus areas for these foundations. If you think about it. Now we talk about events, so let’s get to that in a second. But before that one of the things that CNCF does is there are focus groups. For example, there are SIGs where folks of different interests, similar interests, rather they gather together. So for example, there is end user working group, or SIG, not a SIG really, but end user community in CNCF. Now these are customers who are using cloud native technology as opposed to being a vendor of a Cloud native technology. So I was at Amazon, Amazon is a vendor of a Cloud native technology, very much like Intel because we sell chips where cloud native applications run. Apple on the other hand, is an end user of an end native technology.

Arun Gupta 00:26:55 So they bring these end users together and these end users can then truly discuss, like, I don’t want to see vendor pitches or sales pitches here. I truly just want to hear what end user concerns are. What tools are you using? What technologies are you using? So those kind of discussions happen. Last week, last time when I was at Yukon, Amsterdam, there was a discussion about how do we run Edge native application using Cloud native? So that’s again like a special interest group where popular are talking about how do I bring Kubernetes to the Edge? What does it take, what are the concerns? Are there similar because on Edge your memory compute footprint is very different than data center. So how are the concerns different? So I think that becomes a very interesting conversation. So these foundations truly bring, given the fact there are 10,000 people at Yukon, Amsterdam, their people are all different kind of interests, and they create their own self forming communities where they talk about these things.

Arun Gupta 00:27:58 Events is exactly how they enable it. A lot of the discussion I would say happen online because it’s such a global phenomenon essentially, but events are truly becoming an anchor point. Like if you think in terms of the Kubernetes community, there’s a KubeCon that happens in North America, which happened in Detroit last year happening in Chicago this year. There is a KubeCon that happened in Europe, happens in Amsterdam couple of months ago, happening in Paris next year. And then KubeCon is also going back to Shanghai this year. So think of these are three different big geographies where people will gather together and in addition to that, there are these Kubernetes community days that happens that are organized by local folks a little bit smaller as opposed to 10,000 people, maybe 500 people get together in multiple cities.

Arun Gupta 00:28:52 So enabling that is super important. And I would say equally important is running these events inside your company because given the economic climate, not everybody is allowed or able to travel to all of these fancy places. So that’s where running those internal events, building that internal community is super important. Like at Intel, we did the open ecosystem summit a couple of months ago. We had over 2,500 people that joined that open ecosystem summit. And what enabled us is we are talking to anybody and everybody that is doing open ecosystem work at Intel and truly really be able to talk to each other. There are a lot of self-forming communities. As I was talking about external events, nothing happens internally as well, but that happens a lot more freely because now you are within the company constraints and you can talk a lot more openly because when you’re externally, then you can talk only so much thing that needs to be approved and all that stuff. But in the company there is a little bit more freedom, so to say. I’m not saying that you can talk completely free, but there is a little bit more freedom by which you can share those things. You can look at the logs, you can look at the source code, all of that. So I think as much as external events are important, it’s super important to continue with the internal events as well.

Kanchan Shringi 00:30:14 It’s interesting. So now you’re talking internal events within the company. So I’m wondering, can other best practices of open source be brought to closed source? Has Intel done that?

Arun Gupta 00:30:29 Absolutely. I think one of the key elements of that is sort of the inner source part of it. So if you think about open source, there are a lot of good practices out there, like how people collaborate together. How there is a common code base, how companies that are competing for the same space but truly are co-opting in the open source space. But that means they’re collaborating, but yet competing on their own implementation element of it. How there is a test-driven methodology. How there is common CICD mechanism by which anybody can submit a pull request, how there is a governance model that not one company will have all the maintainers, but the demand maintainers are diversified truly across multiple companies. So those are some of the really good practices of open source community. And if you bring those inside your company, that truly becomes your inner source element.

Arun Gupta 00:31:29 And Intel has done that very effectively over the years. I would say over the last few years, we have truly been focusing on building that inner source community essentially. And that inner source community truly allows us to improve the discoverability of the code inside the company. And by that, what I mean is really, let’s say a team needs to solve a particular problem. They don’t have to start it from ground up because we have a unified CICD system across the company and a particular naming mechanism, oh, I want to start an infrastructure application in this domain. And you search into that common code base and you can see what work is happening in that space. And you can say, ah you know what? This project already serves maybe 60 to 80% of my needs. And if I just put maybe one or two maintainers on that project by looking at the governance model, it could be very effective, very much like open source, but just inside the company.

Arun Gupta 00:32:31 It improves the discoverability, and because you are running inside the company, it also becomes your single point by which you can incorporate a lot of good hygiene. You can improve the security posture. Things like open SSF scorecard could be injected into that CICD system where not every project has to do it by themselves. You just, because it’s a unified CICD, if you just update the CICD system, one boom, everybody is now automatically getting their scorecard. You can start telling them about SBOM generation for example, right? And not everybody has to worry about SBOM generation. We know the language that you’re using. We are going to inject this as part of your CICD pipeline and boom, the SBOM generation is happening. Or at least we’ll tell you if you’re not doing SBOM generation. So I think you can really bring a lot of good hygiene as part of that and truly bringing the best of open source practices inside the company. And Intel has done that changes over the last few years, and we have a long road ahead of us. We’re very excited in terms of how this road looks like.

Kanchan Shringi 00:33:33 So how do you start with encouraging developers to participate either in the structure you’ve created within the company or for open source? Is there a prescribed methodology or a path or you wait for developers to approach the program office?

Arun Gupta 00:33:52 Yeah, no, I think it really goes back and forth. As I was talking about, you could do sort of little fires around the company where you are doing this in your own silo, in your corner, but truly when it makes a difference is when like a leader of a big business unit says, we’re going to go all in on this, or we are going to take this as a methodology that truly, truly helps. And in that sense, I consider myself very lucky because in my management chain all the way up to Pat, I don’t have to explain what open ecosystem is. My management chain is pushing me to define a better definition of open ecosystem. How do we do better? How do we push the boundaries? How do we make this work for Intel and for our customers in that sense. I think that really goes a long way. Doing those internal events.

Arun Gupta 00:34:48 As I was talking about the open ecosystem summit, with 2,500 developers from all across the company, they truly start discovering that, there are so many like-minded people who are actually thinking on the same lines and is really breaking that ice by doing that event. A couple of months ago, we also did internal open source hackathon, really successful. We got a very wide range of diversified contributors. There were maintainers who were ready to mentor other new developers. They called out that, okay, here is the language we need, here is the skillset we need. Here is a good first issue that you can fix. Let us walk you through what that journey would look like. And the reason it becomes very incentive is a good incentive for a new developer is, because you can practice that inner source skill inside your company, and that skill is very transferable to outside.

Arun Gupta 00:35:47 So you are practicing that in a safe zone, so to say, inside the company now, because oftentimes the fear people have is if I’m operating in open
source shoot if I do a bad code, I’m going to look bad. That’s not the point at all, actually I mean, as a matter of fact, that’s the beauty of it. If you write a bad code, people aren’t going to judge you, but they’re going to give you feedback and make you better. And if you don’t judge yourself, then let not others judge you, I think. But inner source kind of gives you that safe zone by which you can practice this. I think there are a lot of ways I’ve seen across the company, I’ve done these kind of inner source movements at multiple companies, the hackathons, the internal events I’ve done at a wide range of companies, and I’ve always found them to be extremely successful.

Kanchan Shringi 00:36:34 I think what you’re saying is that as developers, sometimes, at least in my experience, developers like to have all the answers . But I think what you’re kind of saying is that it’s more important to have questions that you can then discuss with your group, not just within your immediate team, but first within the company and then externally, and then build your knowledge base as well.

Arun Gupta 00:36:59 Absolutely, right. Because nobody has answers all the time or any of the time. As a matter of fact, you may know, you may think that maybe your answer, but really coming up with questions is the tough one. Coming up with the right questions and maybe you don’t know, maybe you only know your end goal, that this is where I want to get to, that this is how I aspire to be and have that discussion. I really apply mindfulness practice over there, do that discussion in a nonjudgmental way and that’ll take you a long way that, okay you know what, this is what I want to achieve. This is what I’ve done. And if somebody says it’s crappy, don’t get emotional about it. It’s like, yeah, okay, it’s crappy. Tell me why it’s crappy. Here are three things broken.

Arun Gupta 00:37:46 Okay, how do I fix those three things? Just because you have built it and somebody is giving you quote unquote a judgment on it, don’t feel emotional about it, or don’t feel defensive about it. Rather, emotion is the wrong word. Don’t feel defensive about it, but say, okay, tell me how can I make it better? If you approach it that way, one step at a time, you will be successful. And for new developers, my advice usually is don’t have that imposter syndrome. My son is doing internship right now at Disney. And literally yesterday night we were talking about, he’s saying, dad, I’m working on a very extreme complex code base, and when I look into one part of the code base, it goes to another part, then another part, then another part. And I feel weird asking questions to my mentor. I said, no, that’s not the way it works. That’s exactly the way it works rather. You have to go ask questions because if you’re not going to ask questions, you’re going to go that toilet vortex very soon. So ask questions, don’t be afraid. And honestly, as somebody who has mentored a lot of people, I love people who ask questions because if you ask questions, I genuinely think that you are interested and you care about the project.

Kanchan Shringi 00:38:59 Makes a lot of sense. So let’s focus a little bit on a lot of things you said about Intel. So you talked about 300 plus community managed projects, and I think you’ve mentioned membership in more than 700 foundations and standards bodies. How does Intel then measure the return on this investment? Is there a way or is just organic over the years you’ve seen benefits?

Arun Gupta 00:39:30 Yeah, no, I think we have been constantly at the forefront of innovation for the last several decades as a matter of fact. And what Intel is committed to is to drive collaboration, standardization, and inter-operability in open source software from the beginning. And we truly believe in catalyzing community innovation among developers. There’s a letter that Pat Gelsinger wrote about nine months after he joined the company and he said that he has a strong bias for open source. And when I read that letter, I was like, dude, I wish that was my CEO. I was not part of Intel at that point in time, but that truly struck a chord with me. He talked about how and why open ecosystem matters because it truly allows you to build trust, deliver choice, and ensure interoperability from our industry.

Arun Gupta 00:40:24 We are the largest corporate contributor to Linux kernel since 2007. That is the reason we continue to contribute because we have truly seen that when we make contribution to the upstream kernel, from there it goes to midstream kernels like Ubuntu for example. And then from there it goes to downstream kernel, like Canonical, which is an actual distribution. And I was in China last week. There are lots and lots of midstream kernels like Open Uler, Open Cloud OS, then lots of midstream kernels over there. And they all pick their optimizations from the upstream. And the fact that Intel is contributing to upstream, that truly allows us to scale. That I don’t have to work with each and every vendor and give them our optimization. We just push our optimization upstream and voila, it just spreads out from there to all of the midstream and the downstream distribution.

Arun Gupta 00:41:24 Same thing with open JDK. Java has over 12 million developers around the world and how do we reach out to these developers and make sure that when they’re running JDK on the latest Intel platform is super optimized, it’s the most optimized JDK that they’ve ever experienced with. So we have our open JDK team that contributes all of those optimizations straight to the main branch of open JDK, open source. From there it goes to the downstream distribution, whether it’s an Oracle JDK, whether it’s Amazon Corretto or Eclipse Opti, doesn’t matter. So the Intel optimizations are available over there. PyTorch, same thing. PyTorch doesn’t have a downstream distribution, but we contribute all our optimizations to PyTorch upstream. Literally this morning I learned that PyTorch we have multiple maintainers in the PyTorch main project, but this morning I learned that we had a docathon that was just done recently, and several Intel folks were recognized as part of that docathon, and that’s the chop wood carry water work I was talking about.

Arun Gupta 00:42:30 So we have truly seen direct benefits, our customer telling us that, hey, what? We have run this open source project or this distribution on Intel hardware, and we believe it runs the best over there. The total cost is the best for us, and that’s why we enjoy this, and that’s why we’re going to keep investing into it and expand our footprint. So we call that as a silicon pull through revenue, that the reason we are investing in these open source projects because then customers use the downstream distribution and then they’re buying more and more silicon from us. So I think it makes that total business sense, and that’s why Pat and Greg Lavender, our CTO keeps talking about and why we want to invest in the open ecosystem community. In addition to that we believe that the community led projects that benefit everyone, not just Intel and that truly goes back to what Intel has been all along.

Kanchan Shringi 00:43:32 Sounds very, very interesting. So on that note, can you share maybe what Intel has planned for the years ahead, maybe the image at year ahead? Is there any key changes or open source initiatives that Intel is watching out for?

Arun Gupta 00:43:48 Yeah, no, I mean, we are always on the lookout for what is the latest and the greatest happening in the industry. Intel, like we have been involved with all of these foundations, standard bodies, open source projects,Pytorchcontinues to gain more moment. So we are definitely keeping our investment, only adding more people over there. Hopefully we are definitely looking to engage more in the AI element of it. Intel is committed to the true democratization of AI from the Cloud to the network and to the Edge by enabling broader access to solutions and more cost-effective deployments through an open ecosystem approach. When we talk to our customers, they tell us that they don’t like the closed approach of CUDA, and we believe that open ecosystem that truly allows you to run your pen source software on a platform of your choice and know on.

Arun Gupta 00:44:44 And by that I mean ACPU or a GPU or, XPU, no matter where it is. So we want to make sure that along with delivering heterogeneous architectures for AI workloads, Intel also delivers, also offers actually advanced software as well as its investment in a holistic end-to-end systems level approach to AI software. But I think that’s definitely where you’re going to see a lot more communication from Intel. And we of course have Intel innovation coming up in September. We continue to participate in all the major open source events. We continue to participate in the partner events. For example, I spoke at Microsoft Build a month ago. We talked about how Intel and Microsoft are partnering on confidential computing. So I think you’ll continue to see a lot more emphasis on AI security open ecosystem approach. That’s continues to be a very key element of what Intel has been all along.

Kanchan Shringi 00:45:43 So how can our listeners follow this progress? How can they maybe follow you and maybe even contact you?

Arun Gupta 00:45:50 Yeah, absolutely. is the team website where you can learn anything and everything about open ecosystem, essentially. You can also follow us at open@Intel, that is a Twitter handle where we tweet regularly about our event presences, our blog posts, our podcast appearances, wherever we are going. If you want to connect with us in person, you can always send them a message. If you want to talk, you can always reach out to me. My DMs are open on Twitter, ArunGupta, one word. So shoot me a message. I always love to hear from listeners, see what they like, what they don’t like, what would they like to hear more about. So we’re always listening for that feedback.

Kanchan Shringi 00:46:35 Arun, is there any topic today that you’d like to cover that we have not?

Arun Gupta 00:46:42 I guess the only thing that I would say is, we talked about that briefly where we said open source really stands on the shoulder of giants. If you are getting new into the industry, or if you are relatively new to the industry, don’t be afraid. I give you the power to stand up and ask all those questions, because we truly want to enable the next generation of developers. I’m happy to mentor, I’m happy to advise. I’m happy to guide. Just like me, there are lots and lots of people who are in the open source community that are very kind, very generous and very helpful. So consider this as an open invitation to the open source community. Come join us. We cannot do this without you.

Kanchan Shringi 00:47:30 Thank you so much, Arun. This was very interesting and very educational. I hope our listeners enjoy it as well.

Arun Gupta 00:47:36 Thank you so much for having me here.

[End of Audio]

Join the discussion

More from this show