Episode 15

Analytics for Open Source Maintainers with Avi Press

00:00:00
/
00:35:35

June 28th, 2021

35 mins 35 secs

Your Hosts
Special Guest
Tags

About this Episode


Sponsored by Reblaze, creators of Curiefense

Panelists

Justin Dorfman | Richard Littauer

Guest

Avi Press

Show Notes

Hello and welcome to Committing to Cloud Native Podcast! It’s the podcast by Reblaze where we talk about open source maintainers, contributors, sustainers, and their experiences in the Cloud Native space. We are super excited to have as our guest today, Avi Press, Co-Founder and CEO of Scarf. We learn all about Scarf, how it works, and what it has to do with Cloud Native. Also, Avi tells us about the newest product, The Scarf Gateway, how Linkerd and Rocket.Chat are using it, and a new longer-term project they are working on called Nomia. Avi shares what he’s most excited about for Scarf in the future, his mission for Scarf, resources Scarf is providing to users, and he tells us more about why they are focusing more on the tooling right now and not the monetization. Download this episode now to find out more from Avi!

[00:01:10] Avi tells us what Scarf is, how it works, and what it has to do with Cloud Native.

[00:02:28] We learn how Linkerd is using the new product, Scarf Gateway, and what they’re doing.

[00:05:23] Justin asks if there’s a company or something they do at Scarf, that tracks uptime of different container rate registries. Avi explains one of things they are working on with the Gateway.

[00:06:11] Avi talks about their infrastructure and CloudStack.

[00:07:43] AWS billed Scarf for $482 for the “support” needed to fix their original monthly bill and Avi explains.

[00:09:25] Since Scarf is the middle layer for interfacing with other large cloud providers that gives more data to the users, Richard wonders why the cloud providers are working with Avi and why doesn’t AWS just block all of their ports and requests.

[00:11:51] Richard is curious to know Avi’s perspective on the Legion aspect and wonders how Avi helps show Google is using his product and how does he connect people to people at Google without violating GDPR or other massive privacy concerns.

[00:14:25] If you’re a developer who’s running a Cloud Native project, find out how easy it is to set up the process to start using Scarf. Justin mentions some of Scarf’s users and Avi talks about Rocket.Chat using the Gateway.

[00:16:38] Avi fills us in on a new longer-term project they are working on called Nomia.

[00:18:54] Avi tells us how they found Shea and all about his vision when he came to Scarf.

[00:21:59] Besides Nomia, Avi shares what he’s most excited about for Scarf in the future and Justin asks him how his friend Havi Hoffman is doing.

[00:25:32] Avi talks about how they’re focusing on the growth of their tooling right now, not the monetization.

[00:26:24] Justin asks Avi to describe his company in five words, or more, his mission, and what it would be like.

[00:28:27] Richard asks what Avi is doing to ensure that he’s not myopically focused on helping developers only focus on what companies that they can get something out of, how is he making sure that the tools he builds empower disempowered communities of developers and people of color and women, and what is he doing to make sure that these users are also being cared for and are a priority in what he’s doing.

[00:29:35] Avi tells us what he’s doing to listen to other voices in how he develops these dev tools. He also tells us what resources Scarf is providing to users.

[00:34:14] Find out where you can follow Avi online.

Quotes

[00:10:03] “And so in that way, we’re basically an element of letting projects and companies choose the best registry.”

[00:10:44] “And so by being an agent of shifting some of that leverage back to the project owners we are creating a space where the best registry should win and not the registry that’s just most established should continue to win.”

[00:18:21] “And so our goals for Nomia is that by offering a very generic framework and ecosystem around resource management, we can help maintainers with even more information about how their dependencies that they maintain the distributor getting used kind of regardless of how and where and from what registries, etc.”

[00:19:10] “Can Scarf help me monetize it and like figure out how I can make a sustainable business out of Nomia?”

[00:22:07] “I think in the long run what I’m really excited about for Scarf’s future is how we can really help the businesses behind a lot of these Cloud Native projects and help them be more successful.”

[00:23:49] “And I think that the secret to that success is really not anything that I’m doing, but really just the problem we’re working on and trying to solve these problems in open source of how we share data with each other and how that can be a driving force for change and improvement in the Open Source and Cloud Native spaces is something that resonates with a lot of people.”

[00:25:00] “You can never really put enough effort into the docs.”

[00:25:36] “We’re really focusing right now on the growth of our tooling.”

[00:26:49] “We want to empower open source developers to have sustainable businesses and projects.”

[00:31:05] “And so, I think that’s what I would point to that not everything that we try is going to be popular or stick, and what we do is we just listen, and we adapt, and that’s how documentation insights came to be.”

Links

Curiefense

Curiefense Twitter

Cloud Native Community Groups-Curifense

community@curiefense.io

Reblaze

Justin Dorfman Twitter

Richard Littauer Twitter

Tzury Bar Yochay Twitter

SustainOSS Podcast-Avi Press and Scarf-Episode 70

Avi Press Website

Avi Press Twitter

Avi Press Linkedin

Avi Press-GitHub

Scarf

Scarf Blog

The Scarf Gateway

The New Stack-“Scarf Takes Aim at Package Manager Lock-In with Scarf Gateway.”

Rocket.Chat

“Announcing Nomia and the Scarf Environment Manager,” Scarf Blog by Shea Levy

Credits



Transcript

Avi [00:00]: A lot of projects will even go publish containers to multiple places. And it's good to do that because registry sometimes go down and depending on what you're pushing out there, like that could be a runtime dependency that might may or may not be depending on kind of the nature of how people run their containers, but being robust to that and being able to actually understand usage across those registries and being able to switch what you need to, is something that ultimately just gives maintainers more control and more ownership of our software.

Richard [00:31]: Hello, and welcome to Committing to Cloud Native, the podcast where we talk about the confluence of open source and cloud native technology. Super excited to have a guest on today. Justin Dorfman and I, Justin is the other panelists, have already talked to Avi Press before on another podcast called Sustain, about his amazing company. Avi is the co-founder and CEO of Scarf spelled like scarfing something down or like the fancy neck wear, which he is unfortunately not wearing today is open department. Avi, how are you doing?

Avi [01:07]: I'm doing well, how are you?

Richard [01:09]: Doing great. Could you give us like a two minute pitch for what Scarf is and how it works?

Avi [01:14]: Yeah. So Scarf as a company, that's all about trying to help open source developers and projects and get better understanding of how their software is being used and to connect with their commercial users. We're all about trying to help open source developers support themselves and helping businesses leverage open source dependencies as effectively as possible. And just connecting the two sides of that.

Richard [01:35]: What does this have to do with cloud native?

Avi [01:36]: The initial product that we are working really hard on right now is a very cloud native focused technology, where we try to help specifically anyone that distributes Docker containers, understand how are your Docker containers getting pulled? How are they being used, which companies are using them. And this is something that the open source supply chain right now, I think is a very hot topic with some of the responsibilities that have come up. And I think this is really highlighting the conversation that I think the cloud is really exacerbating. That's, you know, we're pulling in dependencies from all over the place and that leads to both security implications, as well as just data sharing problems and reliability problems and how we deliver software to each other. And so we're kind of right in the heart of that right now, by trying to help open-source projects actually distribute those containers to their users directly and having more control over how they distribute those containers.

Richard [02:31]: I know that Linkerd is using this new product. Can you kind of go into how they're using it and what they're doing?

Avi [02:41]:Yeah. So they're users of the Scarf Gateway, Linkerd and Buoyant, the company behind it. So all of their Docker containers, you fetch them through a Linkerd domain that they own, that domain is connected to the Scarf gateway. And so Linkerd uses Scarf really for two things. So one is that the gateway is redirecting traffic tour, wherever those containers live. And now, if in the future Linkerd wants to move their container registry from one place to another, they can do that. It's a their domain that you're fetching from. And then all the stats associated as something that, you know, I think it's kind of the original reason they wanted to get on board with it.

[03:19] So even knowing like what versions of what tags of the container are actually getting pulled over time, where in the world are they coming, and which companies and which clouds and container runtimes? All these sorts of things, that your registry has that data. They don't share it with you for a myriad of reasons. And we at Scarf think that maintainers should have that information. That's very helpful, both from project maintenance to know, did people get the bug fix that were just pushed out, who's using it, but also to support the businesses behind these projects, to know here's the commercial users.

[03:50] I think one of the very common business models here is having an open source project and like say an enterprise grade cloud service that you try to upsell those users to and having an understanding of which companies use the open source version, is really helpful for your lead gen, for kind of just assessing project health. I think we tend to heavily weight stars on GitHub in a lot of cases, but that's not really actually as important as, well, how many companies are using this in production?

Richard [04:19]: I'm such a star person, you know, like this is just such a vanity metric. However, if you look in your GitHub stat and you see clone per day, that's where I'm like, oh, holy moly. That's pretty, pretty cool. And so yeah, stars are cool, but they don't really tell you that much. I think if I remember correctly all Oliver the CTO said, it's the missing admin dashboard for container hosting? Is that something like, how he said it? I thought it was like dead on.

Avi [04:50]: Yeah. And I think, cause you know, a lot of projects will even do a published containers to multiple places and it's good to do that because registering sometimes go down and depending on what you're pushing out there, like that could be a runtime dependency. It may or may not be depending on kind of the nature of how people run their containers, but being robust to that and being able to actually understand usage across those registries and being able to switch when you need to. And that's something that ultimately just gives maintainers more control and more ownership of their software.

Richard [05:23]: Is there a company or is it something that you do that tracks uptime of different container rate registries?

Avi [05:31]: It's not something that we are actively tracking right now, but one of the things that we are working on with the gateway is basically detecting when the registry goes down and automatically failing over to one of our mirrors and the gateway largely just redirects to wherever the registry. But in some cases, certain container runtimes don't actually respect those redirects. And then we have the proxy. Then when we proxy, we have our own like pull through caches that we use.

[05:56] And the idea is that if we detect the [05:58 inaudible] to that cache, which is kind of a neat way to have just, you know, more robust, just another layer of redundancy. And when we have the automatic mechanisms will come in just by default. We're tracking that kind of thing as well.

Richard [06:11]: Well, can you go more into that? Like what's your infrastructure? Like if someone's going to switch your service, what are you doing? What's your cloud stack, whatever.

Avi [06:20]: Yeah. We've spent a lot of time on this infrastructure as we keep building out, it's ever more complex. So basically if you use the Scarf gateway, you just really sign up on our site. It's fully managed by Scarf, though we will be open sourcing the actual like core things. You can run it yourself if you want. Our stack is a very robust thing.

It's all on AWS and in multi-region. So it's kind of fast regardless of where you are in the world. And the idea is that when someone says, Docker pull your domain.com/whatever your image identifier is, first it hits us. And then we look up and like a redirect caches, well where is this container actually? And then by default, we just issue a redirect and the client just follows that redirect and pulls the container and we log that it happened. And then we can process all that data downstream and expose that to the project owners.

[07:08] There's a bit more complexity in terms of just making sure that stuff is always available. So we use Kubernetes very heavily to orchestrate, you know, the actual app servers running. We have like a global readiness cache that is keeping track of these things and all the backups to make sure that stuff never goes offline.

Richard [07:25]: Have you ever considered multi-cloud?

Avi [07:28]: It is something that we are considering for the long run. I think right now, especially at our size multicloud is definitely challenging to do right now, both for just like implementation complex and also just costs. But it's definitely something that we aspire to do.

Richard [07:43]: Speaking of cost, I think AWS literally billed you for $482 for support, for fixing your original monthly bill. Please go into that. I saw it on Twitter.

Avi [07:55]: I mostly Tweet about, yeah I thought it was funny. They're resolving it. I think it's going to be okay. So it's a really hard throw shade at AWS, but I thought it was funny cause we've been moving towards this more global infrastructure for the gateway. At the end of the day, if this is where your containers host, it needs to be like fast, everywhere available at the time and stuff.

[08:14]: So we put a lot of investments into making sure that infrastructure is robust. And so yeah, we had a few resources that just didn't get for whatever reason, just like didn't get cleaned up and we're kind of just sitting around and we just saw this huge bill that was alarming. We contacted them and they took care of it and it was fine. But then they left us with just another bill for the support to do that, which was kind of crazy and I just tweeted and kind of something to make a joke about it. But in all seriousness, AWS has been great. And yeah, the instruction and building out is very rock solid as a result of all the tooling they put out there. So perhaps AWS, they do a great job. I think they're easy to gang on in kind of these ways, because they're just so successful, but for good reasons.

Richard [08:59]: Yeah,****there's a reason they're number one. It's because you can't get fired for choosing AWS.

Avi [09:05]: I think the multi-cloud thing is definitely very interesting for us in the long run because, yeah, you want to be as redundant as you can be. And so for us at this point in time, being multi-region was kind of the middle ground that gives us that redundancy and speed around the globe but was not quite as complex to take on at our size because we're still a startup.

Richard [09:27]: If you're just the middle layer for like interfacing with other large cloud providers that just gives more data to the user, why are the cloud providers working with you? Why doesn't AWS just block all of your ports, all of your request?

Avi [09:40]: Why don't they just block everything that we're doing? So I think there are a few things behind this. I mean, one is that, if you are a cloud provider say of like a registry service, so yeah, AWS has their own public container registry products. Anyone using the Scarf gateway, using their own domains to distribute their containers is more easily able to switch between the providers. And so in that way, we're basically an element of letting projects and companies choose the best registry. So if you believe we have the best registry and we want to actually like make the case, well you should switch to us because we offer the best product gateway, Scarf users are more easily able to switch. And I think that's a problem right now because if you're on a hosting provider that introduces a new feature that makes their product worse or, you know, makes it more expensive or in any way makes it so that, you would want to move, their incentive is to just lock you in.

[10:38] And the mechanism of that lock-in is that the URL is theirs and not yours and everything about your hosting is at their discretion and not one that you have any control over. And so by being an agent of shifting some of that leverage back to the project owners, we are creating a space where the best registry should win and not the registry that's just most established should continue to win. And so I think that's a really key thing that we provide. And having more of that data downstream, I mean even though the registries have this information or holding onto it, we are also processing that and building tooling on top of it, which I think is valuable even to really anyone but not something that those registries do now.

Richard [11:23]: You mentioned helping out with Legion as well. This is something where like, NPM, for example, doesn't tell you all the people who download your package, but they know that stuff. And then they can use that internally to figure out what [11:34] best and the best tool [11:35 inaudible] space. It's probably even better with large monopoly, like companies like Google or Amazon, which has the ability and the developer teams to say, okay, this is better, so let's go there or let's take over that project, et cetera, et cetera. NPM probably doesn't have that sort of cloud yet, although they might in certain circumstances. Well, I think NPM will [11:51 inaudible] Microsoft anyway, so yeah, sure. But one of the things which I'm curious about from your perspective is, the lead gen aspect. How do you help show that Google is using your product and how do you connect people to people at Google without violating GDPR or like other massive privacy concerns?

Avi [12:10]: So we addressed these privacy concerns by not actually holding on to any personally identifiable information. So when someone pulls a container through Scarf, we do look up metadata associated with the IP address, which can tell us like, oh, this was from a company or this happened from this cloud provider, et cetera, which we then expose to the maintainers, but then we just delete the actual IP address. So like we can't tell you, Justin went and downloaded this, here's Justin's email. That's not something that we can do. That's not something that we're trying to do. But just knowing that someone from the company is downloading is useful.

[12:47] And I think the way that we phrase this, is that Scarf try and track companies, we're not trying to track people and in a world where it's usually the other way around, I just love that that's something that we can do, that we can kind of just track companies on behalf of people and organizations and open source.

Richard [13:01]: Well, you're not providing as much value then because the people, companies is the people you want to reach. I don't want to reach Google's letterhead. I want to reach John Schmidt or something. I don't know, Eric Schmidt, you know, I want his email so I can be like, please fund us.

Avi [13:13 ]:. And there's plenty of services that help with that information. So given a company and there's lots of third-party services that can say like, well, depending on the role that you're trying to reach, like here are the emails that we know, and those are on our roadmap to have those kinds of integrations with Scarf is planned. But that doesn't mean that from a privacy perspective, that does not mean that we're like actually kind of capturing that and then raw exposing literally that we help you identify downstream from that.

Richard [13:42]: Is your stuff open source as well?

Avi [13:44]: The gateway itself is not quite open source yet. Although it definitely, it needs to be because, we're not really trying to lock in maintainers into doing anything, we're trying to free them up. And so it is important that we do open source it and that is planned. Other parts of the Scarf tool, chain, bits and pieces are open. So we open source everything that we can. So we have like a JavaScript library that we've open source. We're in the long run, working on package managers and components for package managers that will be open source. But right now a lot of the value that Scarf provides is the infrastructure of what we've built, which is kind of less useful on itself to open source. But as we build out the feature set and that stuff stabilizes, it is very much on the roadmap for those components to be open-sourced as well.

Richard [14:28]: So if I'm a developer who is running a cloud native projects, how easy is it to set up process for me to start using Scarf?

Avi [14:36]: It's pretty quick. So it's just making an account on our site. For the gateway it's literally just, tell us where the container is, tell us where you'd like it to be, and then you're done. You can optionally tell us what [14:46] you'd like to use. And then you got to go to your DMS and actually set that C name up. By default we give you a URL to use, but we encourage projects to connect their own domain because that way you're not even locked into using us. So that's really about it. I think that often when we talk to projects, like they can get set up in like 10 or 15 minutes and they're off to the races.

Justin [15:07]: Yeah. It's something we're evaluating after we fixed some other things that are more pressing, but we had a call with Avi and that's how we got on this podcast. One thing I was looking at the Scarf gateway, you do have some really good users. I mean, as I said, you have linkerd, which is Buoyant and then Rocket Chat, which I haven't heard from for a while, but I know they still have activity. Are they just using Docker things?

Avi [15:35]: Yeah, they're using the gateway right now. So I think that's their main installation for Rocket Chat if you're hosting yourself, just pull the container down and run it. And so, yeah, Rocket Chat has been using it in that capacity as well. They have people from different parts of the organization that are all checking Scarf to just see activity and use it however they want to make decisions.

[15:55]: That's a really exciting one. I think that I love when companies like that have a host it yourself option and especially for something like chat where like having it locked down in your own cloud is such a valuable thing for a lot of different domains. And so being able to actually empower those companies to actually understand their software usage, but in a way that doesn't actually sacrifice the privacy of the users, is really is what keeps me getting up every day, really excited about what we're doing.

Justin [16:19]: That's pretty awesome. And you have like a new open source project.

Avi [16:24]: Oh yeah. Nomia.

Justin [16:25]: The****White paper was really impressive. I mean, it kind of went over my head, but still, by our VP of engineering I believe, go into what it is and what the future of it is.

Avi [16:37]: Yeah. Nomia is a longer term project, that we are working on kind of alongside everything else that we're doing. We brought on Shay, who's now our VP of engineering to work on. And it's a project he's been kind of stewing on for over a decade. He's been a core maintainer of the next package manager. If you're not familiar, Nix is a purely functional package manager and it takes a lot of, kind of the, you know, the cutting edge research from package management and makes it so that packages can be deterministic from their inputs, like given a set of inputs that go into a package, you know, that you're going to build the exact package output, given the inputs.

[17:10]: And so what Nomia does is it generalizes those ideas from Nix. The Inputs here are all packages and here's how you build them. And here's the derivation for the packages. What Nomia does is generalize those ideas so that you can really express much more arbitrary things at different levels of abstraction. So you could think of kind of the exact ways that one package might be a product of several inputs or dependencies. You can kind of take those same ideas and then extend it to the spinning up cloud services of, here's all of the, you know, my database and these different Nomia services. I just kind of want to send them all. I want to have a developer environment with all of these packages implemented and here's how those compose.

[17:54] And so Nomia is really this very generic engine for how you references resources, how you compose them and how you can just spin up an environment, whatever that might mean, given those resources and so in the long run Nomia is something that we will be building our package management tools on top of and will be available for other people to build package managers and build systems, et cetera, service managers on top of. And so our goals for Nomia is that by offering a very generic framework and ecosystem around resource management, we can help maintainers with even more information about how their dependencies that they maintain and distributor getting used kind of, regardless of how and where, and from what registries, et cetera.

[18:40] So it's a very ambitious and long-term project, but it takes a lot of the very cool ideas that have come out of Nix and even things like Git use these like content addressable, deterministic principle, and applied them to very broad sets of domains.

Justin [18:53]: And how did you find Shay? I mean, he seems like a unicorn.

Avi [18:58]: So he actually came to us probably about a year ago and said, here's an open source project that I want to build, Nix [19:06 inaudible] for a really long time, I want to generalize them with this project. Can Scarf help me monetize it and like figure out how I can make a sustainable business out of Nomia? And the more we thought about it, the more we realized how much Shay's vision for Nomia overlap with what we were trying to do. Help people distribute their software and understand how it's being used and connect with their commercial users. The more it became clear that she should be building Nomia at Scarf, and we should kind of align them and combine forces and kind of just put that forward and get it out there. And so we brought them on to build it for Scarf.

Justin [19:39]: That's awesome. This reminds me of the MRNA pioneer, Dr. Kericho I believe it is. And she had a really interesting, it's kind of similar to Shay's story, where she spent decades of her life working on MRNA, failing, not getting grants, took demotions just to continue the research. And they finally found the CEO of, I think it was the German company that hooked up with Pfizer on the newest vaccine. She was the lead on that. And I think this is kind of similar where you have this passion of an engineer of 10 plus years of going into this. I think this could turn out to be like the MRNA story of the package ecosystem.

Avi [20:31]: I really hope it does turn out that way. It's very early days for Nomia, like in terms of the scope of the ambitions of the project, really just getting started with it. Nomia, have already had a lot of good interest from a lot of the Nix community and as we kind of build this stuff forward and see how it takes shape. It's really exciting  to see how it evolves, it's a very ambitious vision.

Richard [20:49]: Must****be a lot of GX, which was a package manager built by Jeremy Johnson at protocol labs, which uses Merkle trees to identify package managers or any packages that you have. So you can use the entire IPFS ecosystem basically to pull down packages.

Avi [21:04]: That's super cool. Yeah. I feel like [21:06 crossword] so many applications to this. Yeah. The content addressability story for package management generally is just a really good idea. And like Docker makes really heavy use of that with great success for like, you know, how you can cache different layers for caching in the container space is so, so important.

Justin [21:26]: And expensive I'm in the CDN business. I know how expensive that can get.

Richard [21:31]: I think it's one of the benefits of using a package manager that basically runs on top of IPFS, it's centralized. So anyone who has that package makes it easier for other people to get it faster, including closer to you geographically. So it's sort of just invalid as a whole CDN model right now and also the cloud native model, where you end up with people going towards the major three companies. But instead, it sort of just, whoever's using a thing. We can use the thing too. So I'd be curious to watch Nomia evolve. I don't know if you'll be able to answer questions right now. What's different about it or so on, but that does leave me on to another question, which is besides Nomia, what are you most excited about for scarf in the future?

Avi [22:06]: I mean, I think in the long run, what I'm really excited about for Scarf's future is how we can really help the businesses behind a lot of these cloud native projects and help them be more successful. So the tooling that we're going to be building out, to help with those businesses, you know, like things like support agreement facilitation, and selling of licenses and all sorts of commerce downstream from open source, I think is really going to just help the overall ecosystem in the long run to just be more sustainable. This is what, you know, we got into on the Sustain podcast a lot. But yeah, I think what I want to say is just that the sustainability issues that face the open source community as a whole are equally crucial for the cloud native community as well.

[22:47] I think that open source powers of cloud native, like just directly, all this stuff is open source all the way down and whatever we do to help the businesses and people and projects in this space are just going to yield to better and better software for everybody up and down. And so by empowering both users and the people building this stuff, that's how we get a vibrant community.

Richard [23:08]: I couldn't agree more, like I don't know where to go after that. That was just perfect.

Justin [23:11]: I do have a very important question. And that question is, how is my friend Hovi Hoffman doing? Is she doing good?

Avi [23:19]: She's doing great. She's been really helpful as we've been getting just kind of a Scarf community going. She's been kind of spearheading that charge for us and all of our content efforts and stuff. It's all her.

Justin [23:32]: I mean, you got some really great talent. Like you got Hovi, you have Shay. I mean, you seem to have a knack for getting people that really get things done. That's pretty awesome. It's a good skill.

Avi [23:45]: Yeah. I'm really proud of the team that we've put together already. And I think that the secret to that success is really not anything that I'm doing, but really just the problem we're working on and trying to solve these problems in open source of, you know, how we share data with each other and how that can be a driving force for change and improvement in the open source and cloud native spaces.

It's something that resonates with a lot of people. And I think, yeah, this is just a hot topic in general, open source sustainability and have better incentive structures to enable that, is something that, it just attracts a lot of good talent and we're doing that by building off dev tools. And that's the other thing too, building fun dev tools and helping people out, like it's an easy sell.

Justin [24:28]: Yeah. You got the JSS, TK I believe. I think that's what it comes down to, is who has the best tooling and the developers get attractive through there. Yeah. I think this is really great, also great documentation, which I saw you have good documentation as well.

Avi [24:46]: That's an ongoing one to do.

Justin [24:47]: It never stops. It's never done.

Avi [24:52]: We've been putting more and more investment into it. And the farther we go, the farther I'm like the more I think, wow, we have such a long way to go with docs. You can really never put enough effort into the docs. That's what Havi has been really helpful with as well. She is now just like just opening [25:07 inaudible] requests all the time, improvement docs across our various repos and yeah cannot put enough resources into that. One of the things that we do is trying to just help create a blueprint of how you have a commercially viable open source project. And I think a piece of that is just docs, docs, docs, just keep going on the docs. If you think you've put enough resources into it, just put a little bit more probably is the way to go.

Justin [25:31]: Already cache positive?

Avi [25:34]: I hope we get there soon. We're really focusing right now on the growth of our tooling. And so the monetization of that has not really been the focus right now because the strategy here, is that by building on a really good foundation developer tools and software distribution tools and analytics, that puts us in a good position to actually start to help these projects, you know, monetize with their commercial users. But it's not what we've focused on so far. I mean, now we're kind of getting into a little bit of more startup in business ideas, but yeah, I think at our size we just really have to focus on what we do, rather than try to do a bunch of things all at once.

[26:08] And so right now, dev tools let's make good dev tools. And so the gateway has been the main thing that we're putting our efforts behind and, you know, right now it's containers, but we'll be expanding it to just arbitrary kinds of packages behind it as well. So we can just broaden the reach and we can help with it.

Justin [26:28]: If you can describe your company in five words for your mission, I guess I'm trying to get at what would it be? What's the north star that all your team members are marching towards. I guess what I'm trying to say. And it doesn't need to be five words. I don't know, talking about arbitrary is horrible.

Avi [26:47]: We want to empower open source developers to have sustainable businesses and projects.

Justin [26:51]: That resonates with me.

Avi [26:54]: And our approach I think is what makes us different. There are a lot of companies and a lot of efforts to try to build more sustainable, open source. Our approach is start with the distribution of that software, help the people who build that software understand how it's being used. And that's the wedge to, how do we connect them to the commercial users? And then it all starts with the data, the distribution layer.

Justin [27:18]: You know what I just thought of, do you know Patrick and Josh over at Orbit? Are you familiar with them?

Avi [27:25]: Yeah. Yeah. I met Patrick a few months back at his [27:27 inaudible]. I think they just raised more money.

Richard [27:30]: Yeah, he raised a 15 million A round. It's very awesome, I'm really proud of them. I think you guys could probably hook up and have you already been in talks with that?

Avi [27:41]: We talked about it very initially like nine months ago. I think that if you're looking at the health of your community, I think the missing piece of that as well, who's actually using it, not just, I mean the contributions and stars, it's just like, these are all pieces of the puzzle. And so the better view that we can give to these maintainers, the better off they'll be and the better off their users will be.

Justin [28:05]: Yeah. I mean, I use Orbit every single day. I mean, five days a week. And just looking at the dashboard, it would be amazing to see what stats scarf is giving me because they emphasize a lot on organizations and individuals that are using your thing, your projects. So if this gives another data point, I think.

Richard [28:26]: What are you doing to ensure that you're not myopically focused on helping developers only focus on what companies that they can get something out of? How are you making sure that the tools you build actually empower disempowered communities of developers, people of color women, what are you doing to make sure that these users are also being cared for and are a priority in what you're doing?

Avi [28:46]: I love that question. And I think what I'll say is that I see our mission as directly aiding that, because there's a whole group of people who would be working on open source more if it was sustainable for them to do so. And so by building tools that help them actually jump into an open source project, you work on it full time because there's actually a living on the other side of it. That is directly what is going to help more underrepresented people get into more cloud native technologies, not just like, can you get a job at a company doing that? So I think the more we empower sustainable open source, the more we are going to get in all kinds of people into open source.

Richard [29:29]: So I really liked that answer. And I agree with you, one of my, I guess, questions, concerns, thoughts, is you said that your approach is different. How are you ensuring that your approach isn't directed by the kind of thinking that led to the problem in the first place, which the people thinking that what they do will help out, like what are you doing to listen to other voices in how you develop these dev tools?

Avi [29:49]: What I would point to is how much we've been listening to the feedback and community about our analytics strategies. It's no secret that analytics and open source has not been the norm thus far and in a lot of contexts, extremely unpopular. And so with our initial analytics tools, the JavaScript library that we offer, Scarf JS, we ran into a lot of pushback with some very big maintainers that were using Scarf. And the feedback that we had around that was a extreme distaste for a third party hook, phoning home in a context where you weren't otherwise.

[30:30]: And we really dug in with them, with people who were like, you know, thinking like this is the worst thing that you could be doing. Why would you do this? And when we dug in and talked about it with them, came to a few conclusions and agreements, actually, which is that A, even people who really, humanly don't like that, CUY maintainers might need this information and how it can help them. I don't think that there's a lot of disagreement about that. It's more about like, okay, well, how are you actually collecting this information? It's also the case that the registries already have this data. Like even right now, they just don't share it. So like, well, how do we bridge this gap? And so I think that's what I would point to that, like not everything that we try is going to be popular or stick.

[31:12] And what we do is we just listen, we adapt. And that's how documentation insights came to be, which is interesting I think. People don't like a very transparent, like, the Scarf jazz logs where it's like, Hey, Scarf Jazz is here. Here's the dependency that's using it. Here's what it's reporting. Here's how you can opt out. Here's another way you can opt out. People were not okay with it. Pixel tracking on the other hand, something that I think is a lot more subversive and, opaque in a lot of ways, it's in line with people's expectations and therefore they were okay with it. So we offer pixel tracking now. And I think what was a bigger learning of that is, people are okay with the fact that registries have this information. So that's really one of the things that had us lean in on the Scarf gateway as much as we have, which is that this integrates with the registry, there's no additional like phoning home that needs to happen.

[32:02] All that needs to be is that the registry and the maintainer people who actually distribute software through that registry need to be aligned and need to have incentives that are aligned. And so as a business, we align with the maintainers as much as we can. And we align with the people who use that software as much as we can. And the result is that actually this data is something that's useful and we're going to expose it.

Richard [32:22]: Awesome. Good answer. How are you doing viral marketing? How are you making sure that it's not just Scarf, but actually having users go out and be like, okay, you should use Scarf. Like what resources are you providing to those users?

Avi [32:35]: One line of product features that we're kind of just getting started with right now, is tools to help projects market themselves with their usage data. So we just launched a dynamic, read me badges that can either show like here's how many times these packages have been downloaded, but also here's how many control users are being identified each month. And the idea being that, you know, a lot of projects have a logo wall on their read me. And we think that's a really great approach and highly recommended if you have commercial users using your cloud native open source project, then having kind of dynamic tools that help aid that, is something that also markets Scarf as well. Like here's all the great companies that use my project. Also, we got this data from Scarf and other people come in and say, oh, actually I want that information too. Why don't I have that?

Richard [33:20]: Well, you just launched Buttons recently, didn't you?

Avi [33:24]: Yeah, the read me badges is, we just launched there. We'll have more tooling around this as well, just so you can kind of dynamically market yourself and use Scarf data to power it.

Richard [33:35]: Where can people find out about that tooling and where can they read more about Scarf on the web?

Avi [33:38]: So check us out online. We are at scarf.sh. We have a blog there, I highly recommend everyone, take a look at and you can read more about our ideas on this topic and what we're building in the space. And we also have a newly launched slack community where people can come and discuss both Scarf products, but also just as well, like open source and cloud native technologies as a whole. And you know how that fits into sustainability and just making your project successful.

Richard [34:03]: Can I talk about giraffes, I'm just curious.

Avi [34:08]: You can always talk about giraffes.

Richard [34:09]: Excellent. I believe Avi, last name Press that your website is still avi.press. I that accurate?

Avi [34:18]: That's my first name.

Richard [34:19]: I said it once and I'll say it again, it's the best domain in the world.

Avi [34:24]:  Thank you. Thank you. I'm glad you think so. When I first saw that dop press TLDs came out. I think I was in college at the time. I stopped what I was doing.

Richard [34:35]: I hope you bought them for all of your family members as well, every single person.

Avi [34:40]: I didn't but I should. No, I need.

Richard [34:45]: You're so selfish Avi.

Avi [34:47]: I am and*m*y brother has a birthday coming up and that's what I'm getting him.

Richard [34:55]: My website is of course Richard.liptower. No it's not Richard is not a CLP. Avi this was great, thank you so much for coming on and talking to us any last message you want to leave with the listeners about Scarf?

Avi [35:11]: I think my last message would be that if you distribute software to anyone on any technology, drop us a line, tell us how we can help, whether it's analytics, whether it's commercialization, whether it's just want to chat about open source. We are here if you want to talk. So yeah. Drop us a line.

Richard [35:26]: Awesome. Thank you so much. Cool. Thank you guys.