Hello everyone and welcome back to NetApp on Air. Thank you so much for joining us. It's been a minute. I missed you guys. Uh we got have been getting things together for the last couple of months just to see as we head into insight season. Yes, it's that time again folks. Uh it's time for Insight. So we're getting everything lined up for the show later this year and uh it's we've been getting some of the shows but we're back. We got a great show ready lined up for you today. Uh this is not going to be for everyone. This is going to be a kind a little bit more of a specialist use case and if you've seen the title and seen that stuff, uh, you're going to know real quick whether this is for you. Uh, but I encourage you to stick around because some of the things we're going to be talking about today transcend what you can do with regards to AI and some of the products that F5 bring to havebrought to market uh, are pretty exciting. So, Idefinitely encourage everybody to stick around, ask questions, and enjoy the content regardless of whether you're doing this with an AI use case or not. Um, before we get started with that though, uh, I saw Drew had threw it up there. Let's talk about insight real quick. Just a little bit of housekeeping because early registration is open. So, you have until now till the end of the month as when we hit July, the price is going to go up about 300 bucks. So, if you want to get in now and you know you're going to be coming to the show, group rates are available, all of that stuff. Uh, you can save about 300 bucks off your registration by registering early right now. Okay? You got until about the end of the month. uh when we hit July, I'm told it's going to go up about $300. So, just a heads up for you guys. The dates also moved one day from when we announced last year at Insight. So, be aware of that. It is now Tuesday through Thursday. Uh because of I don't really know why. I'm assuming some scheduling snafoos or something like that with the venue. But either way, just understand that there's a little bit of a shift in the schedule this year. We're starting on Tuesday, October 14th, and we're going through Thursday, October 16th. whereas normally we would do like a Monday afternoon keynote kind of thing. Uh what does that mean for our community warm-up party? You might be asking. Well, TBD, what I will say is we do intend to have one. We are unsure of whether it would be on Sunday night or Monday night before the uh during the event. So, if you're making your travel plans now and getting everything set up now, I would just say try to plan on being there on Sunday just in case. just in case it happens. We will keep you posted the more we find out. It'sJune, guys. We don't really know the whole plan yet. Uh so, I just want to see everybody get registered. If you're going to start booking travel, keep that in mind. All right, so let's move on to our guest for today. Um I want to bring him on screen first and do a little introduction because uh we have two guests today, one NetApp, one not. and the we've been talking about doing this show for the last couple of months and how we would actually spin it to you guys um and tell you the story of all of this andbecause there's so many moving parts to it. But the first person I want to bring up is one of my teammates, one of my compatriots, uh Mr. Win Valkcamp. Win, you've been on the show before. How you doing, man? Good,How are you doing, Nick? I'm doing great. Thanks for coming back. And uh from what I understand, you've been side by side and a big part of this whole solution as it's been being built. Yeah, that's correct. That's right. Yeah. What uh what are some of your thoughts about it? What are who are the key people that this solution would really benefit? Uh just as a quick primer before we bring Steve up. Well, um it'scloudengineers, network engineers who I think uh but you're solving problems for from my perspective for the data engineers, data analysts and data scientists to get access to a lot of data that they it's right now it's kind of very difficult or impossible to get access to for a variety of reasons. So um you know there's a lot of information data stored on NetApp clusters all over the place uh around the world um and uh sometimes in you know well it's just difficult to transport them uhfrom some edge refinery or factory or some other remote site uh to get access to it. So opening this up to those uh data engineers, analysts and scientists uh extracts and untaps, no pun intended, uh a whole lot of uh value uh in your ONAP uh storage. Gotcha. Yeah, that's a great way to introduce it. Um Iwas a former big a big IP customer 20 years ago. Like we've F5's been around for as long as NetApp has. Yeah. And Ilook at this as one of those kind of better together sort of solutions that uh that have always worked. We used it for different web apps and things like that. But uh let's um let's bring Steve up um and get him on here so we can just introduce the man himself, Mr. Steve Gorman from F5. Steve, thanks for joining the show, man. Really appreciate it. No problem. I was at Insight last year and it was a great time. So I'm hoping to get the privilege of going again this year. Yeah, maybe we'll have you on the show this year while we're on the show floor there. Get any updates you might have after today. Yep, that sounds like a plan. So, Steve, uh, why NetApp? WhyNetApp and F5? And really, at the end of the day, Iwant to make sure that people I don't want to assume everybody knows everything about NetApp, ONTAP, and F5. What are youwere talking we were talking before the show and you did a really good job of like laying out what are F5's big pillars andwhere they work in and stuff. Introduce F5 for me. Sure. F5 I think in terms of age is very similar to NetApp late 90s lot of market share in where we play in the networking in the reverse proxy market so we're exposing key web typically web applications but it could be any application to your consumers and when you go into a wiring closet in any country you're going to see a big IP from F5 in all likelihood and you're going to see on tap or maybe storage grid from NetApp but quite often one is inhabited and managed by the net ops and you know you have storage admins taking care of the other product but there's a bunch of use cases that I and win have seen that we can bring these worlds together and just briefly I'd say F5 right now has three foundational technologies one is the tried andrue big IP server load balancer at some point we start calling them ADCs application delivery controllers so they'll always be big IPs yeah they exactlyA number of years ago we also acquired EngineX. So a lot of people know EngineX as a open source web server but we have it as a product and does a lot of value add like a reverse proxy. And then in the most recent uh pillar would be distributed cloud and distributed cloud at its heart it's just like a big IP. It's a it can be an ADC and expose your apps to audiences. The key difference is it's multi-sight. So I could have apps inside an Azure uh resource group. They could be in a private data center. It could even be aKubernetes service inside AKS or EKS. And then I'm going to expose it clients and I'm going to have a lot of fidelity here. I can expose that service to the entire internet through our distribution network or it could be delivered to a partner in their Kansas City office or in their Frankfurt data center. So we can talk in detail but it's basically distributed load balancing and that's the distributed cloud product in a nutshell. But it's also you guys are managing that distribution. Is that on your own backbone? Is that fair? Sure. So in a world of a big IP it's very simple. If you think of a box you have an inside with origin pool members. So maybe I have 12 web servers and on the outside I have a virtual server. A lot of people will call that a vit or they'll just call it an application. they'll say I have three or four apps on my big IP. With the uh distributed cloud, we can take it up a notch. We can have the origin pool be multiple physical locations. So maybe web a web server in Azure, a web server in AWS, but when we expose it, it's not a box and interface of virtual server. It can go right over any cast through the globe. We have about um 28 metro markets where we cover and through the magic of BGP. We can basically say this app this virtual service from maps to one single uniccast address. And if you're in um Perth, Australia, you're probably going to come in through Melbourne or Sydney. If you're in Brussels, you're probably coming in through Amsterdam or Frankfurt. So we do have a quite a large uh fabric. Um I call it a fabric. If you took all the links that interconnect this private fabric together, it would tally up to around 16 terabits per second. So, it's a pretty big global network. Nice. And I'm assuming theadoption of this uh new distributed cloud has been fairly robust. Yeah. One of the big claims is it's a SAS offering. So, kind of like maybe Blue XP would attract a new kind of audience. you're dealing with a single pane of glass and I can pro provision connectivity to apps that are in Google Azure um they could be in a private data center and it's always the same click ops and we also support things like terraform but for people who just want a simple way of providing connectivity it's there and then we have a universal w engine that runs on all of our products big IP engine x uh distribut cloud. So we have a lot of different signatures and bot detections and malicious user detections that are uniform. Awesome. Yeah, it's one of the So I use reverse proxy myself and it's one of the main reasons is one for certificates and two is for to you know it's almost like a secondary firewall in a way to where it can choke off any malicious intenders um without having any kind of access behind that. So it's really smart to do that kind of stuff. Um, so for people that are currently F5 customers, is like if they have a stack of big IPs in their data center, uh, is this something they can take advantage of today, is this a separate product line? Like walk me through that? Like if I'm an ex if I have an existing box already, can I turn this on? Sure. So for instance, if um, if you have a big IP today and you have something like a storage grid cluster, so it's an S3 object solution and it's a clustered technology, it's a perfect fit. We can basically treat each of the data nodes in storage grid as an origin pool member and we can basically we have I think 13 different load uh load spreading algorithms. So this becomes somewhat important in some AI use cases like model training where you need to move a lot of data and you need to move it in a hurry. uh using on an external load balancer is very popular and one other it's very rapidly evolving but one of the more recent uh ideas has been the rise of postquantum computing PQC for SSL. So F5 has always been verystrong in SSL interception. We can look, decrypt, apply security. We can even route traffic through an IPS if necessary. But we now have the ability to start dealing with quantum computing resistant um uh ciphering. So this is something that could be very useful because in the industry one of the fears is a concept of harvest now decrypt later. If I can store enough of your highv value data and in 2030 or 2035 quantum computing actually matures, I could retroactively go back and try to decrypt your traffic. So there's an impetus to start using quantum resistant uhbasic TLS mechanisms now and you can do that with a big IP today. That's fantastic. That'sactually the first time I've heard about that. Uh, thank you for sharing that because Iwas wondering where quantum was going to start showing its face in the cyber security world. That's interest that's Interesting that we're talking about 10 years from now you know retroactively going back and decryting stuff to be utilized 10 years from now. To be honest, it's why some of the messaging like Telegram and um iMessage from Apple have already gone to uh postquantum or quantum resistant TLS is to avoid someone looking at what they thought was secretive. Uh and actually it's really coming into play now because NIST is now NIST had basically took under consideration all sorts of algorithms but they've now chosen a few. There's one you might have heard of FIPS 203, there's FIPS 204. So the industry is uh standardizing on a bunch of algorithms and F5 is already um making this available on our big IP platform. Fantastic. And engine X. Well, that's a great exa. So we talked about the people that might be customers already and if they could take advantage of it. Um before we get into the meat of the talk, like what is the best way to get started? Where can people find something if they're not an F5 customer currently? Um, is there a logical place to start if they only want to use distributed cloud? Yeah. Um, in terms of distributed cloud, it's a SAS offering. You can basically trial this product. For the use cases that we're talking about in today's session, I've been collecting a bunch of technical articles on our Dev Central site. Dev Central is basically it's for ideas and for you almost like proofs of concept for the mind. So I've written a number of articles that use elements of NetApp and elements of uh of F5. So we'll get a we have a one link that takes you to all of those relevant articles and probably would be a good starting point. But I think AI and the ability to get rag systems and MP MCP systems together where the data is not where the actual LLM is. The data isn't a locked down address 10.xxx XXX private IP data center. This is really where I think the most momentum is. So that's where I'm was thinking we might talk a bit about these solutions today. Yeah. And win I'll throw it back over to you. Same question. So for people that might be looking for this kind of stuff maybe not directly from F5 like we know on has a built-in load balancer but that's not necessarily what it's derived for. It's not meant to load balance external web applications like some something like you know big IPs can. Um so where do we guide ONTAP users and customers inthis sort of conversation? Where do we tell them to get started? Well, where Steve and I have been working together uh a lot is on u distributing these S3 endpoints. Um it'sAI uses a lot of uh it almost exclusively uses object storage. uh ONTAP supports S3 um and you know you can light up your existing NAS volumes with S3 justmulti-protocol add to it uh and then of course onap is the cluster internally is distributing the data but there's going to be an S3 uh endpoint that's going to be presented from ONAP but you're going to have all these different clusters around withall these S3 endpoints andF5 can um can unify that can distribute that across wherever it is So it it's kind of uh I think the easy button from a network perspective on how to get to all theseendpoints. So you can just give yourURL URI endpoint to your data scientist analyst engineer whoeverwants access to that data uh and then they just plug it into theircode. Uh and through the magic of F5, it just it can get there. Um it's going to pull in everything that thebig IP has access to effectively, right? The F5 stuff has Yeah. So that's cool. So they'renot just hitting one particular storage system. They're hitting whatever is behind right that. So they don't have to care about the storage stuff behind the scenes. They just they hit an endpoint that's doesn't matter to them whether it's an SVM or whether it's an F5 big IP. It's that's what they're hitting, but they're getting all of the data that's been collected behind it collectively including uh software defined. So you know ontap edge uh running of course that's what we've been doing a lot of testing on actually and uh but on prim cloud volumes on tap um all of that uh anywhere you need it thisis can be veryhandy uh there'sa lot of big organizations you I think oil and gas that operate in very remote areas um that don't have access honestly to a near the nearest cloud region uh might be uh you know um, United Arab Emirates or South Africa if you're in West Africa. Uh, but they have a lot of data that they need to get access to that's not easy to transport. So,thisbrings the kind of thealgorithm thequery to the uh to thedata there andbe able to catalog it andinventory that data so you can you know what you've got. That's fantastic. Yep. It'svery handy. Steve, anything we missed there you wanted to cover before we jump into the presentation? I uh think that's very good interpretation. I think you win. W's a smart dude. We've had him. Wekeep him around. What are you at? 20 years yet. When 20 years, August. That's right. 20 years. There there's a few of you left. Yeah. You and Toby and Mecca and there's a few of you. Yeah.All right. Well, let me pull the slides up here real quick, guys. Hang tight. We're going to go through a couple of slides and then we're going to show a demo and we're going to talk more about it as we go through this stuff. Um Steve, I'll just hand the baton to you and take it away. Sure. Do you want me to build this all the way out for you? Yeah, why not? Go for Yeah, just build it out. Um so what we have here is a use case. This has been built up in reality and documented where you want to use some AI that you want to host. So we're talking in that green bubble. Typically, you're going to have some Linux boxes. You're going to go to um use Python, grab from hugging face some models. You might also use something uh you might do LM Studio, you might do Olama. But the point is there's a place where you're running this. And this diagram, the green bubbles in Los Angeles,the CE is a piece of hardware or software from F5. It's called the customer edge. and it lets the inside interface of that CE which is touching that green bubble be the point of consumption and that what's being consumed are in those purple circles those are netapp volumes so we have examples of volumes in the data center in Seattle we have it in Denver we also have NetApp in cloud Azure AWS and what we can do is we can do a couple of different techniques one technique is to develop deploy um a distributed load balancer as mentioned before. So the origin pool would technically be any of those NetApp um sites. So if it's NFS or it's SMB, it works with a TCP load balancer. But if you take your ONTAP and turn on the S3 license to project those files as objects, that can be a layer 7 HTTPS load balancer. And basically the uh the virtual server to use the nomenclature of a big IP what I call the publication of those apps, those NAS protocols. The publication is the Los Angeles CE inside interface. So it lets me mount on that Linux box where I'm running my LLM. can mount volumes uh you know NFS mount minus t commands and the second application here is how do you expose the AI interface whether it be uh something like a Jupyter notebook or it's a chatbot how do I expose that to my users well that could be a layer 7 load balancer and the consumers are in that black circle and those could be on the internet so that could be basically the service the web interface to that LLM box is going to be projected as an anycast address around the world to any of our rees. So those are really two different use cases of the distributed cloud. One is for kind of the backend bringing data making it accessible to the LLM for rag so it can be indexed and the second use case is to expose the AI interface for users of the AI system which are in the uh the black circle right there. So quick question for you like so Iunderstand like the crosscloudprovider crosscloud provider uh usability of this thevalue of it. What if somebody's just all AWS? Doesn'tAWS doesn't Azure doesn't Google cloud all offer this kind of sort of backbone service already? Is this really for people that want to be multicloud or is there some additional value add above and beyond like what the native cloud providers offer? Right. So let me give you an example. Let's say I'm all Azure and I have AzureVPN gateway. So I have sightto-sight layer 3VPN. I would say that it's probably not as attractive if I'm 100% Azure. But that's really just all typically a connectivity solution. Where if I'm doing S3, where is the web application firewall? Where is the rogue user detection? Where is the antibbot? So distributed cloud is giving you not just multicloud support and a single pane of glass. It's also giving you a lot of security that's layered on. So it's a network and security play. Yeah, it goes higher than layer four like you would typically get with like a link light, you know, whatever data layer you're going to be at with the native services, the native VPN connectivity, like you're missing out on some of that higher level application security that you guys are providing. Yeah. And I want to point out one other real key feature. um what I've been describing is a distributed load balancer whether it's L4 or L7 depending whether it's NAS or whether it's S3 and that's very useful but there are times such as snap mirror where I actually want to have NetApp to NetApp for snap mirror replication preferably what you want there is a pure layer three connectivity so we have a mode called network connect and if you look at all the CES that I've deployed and the CE technology is Kubernetes based It's the exact technology of the re most solutions in the internet there would be like the provider technology and the edge technology it's the same technology but if I turn up a CE in 20 sites I can have them boot up dual attach to the closest re so if I'm in Belgium maybe I attach with IPS to Amsterdam and to Frankfurt it's all autoconnect you don't need to know what an IPSC essay is you don't need to understand Ike it turns up it dials in if there's a problem with IPSec, it'll use TLS. But this gets even better is they autodiscocover each other with a few clicks and set up a multi-sightto-sightVPN.So all of my 20 sites, the inside interfaces of my CES can all talk to each other. I can ping servers in any of the other locations. So, okay, that's layer three mode and it's called network connect and I've used that quite often with snapmir use cases because snap mirror doesn't like things like NAT doesn't like going through load balancers. So, it's like it's almost like having a management interface on your networking gear. Like you've got a management network of sorts behind the scenes like that. And if I didn't mention it, you never touch your routing protocol. You're saying, "Well, what about the route tables?" It's all part of the SAS mentality. boot dual connect and that's activeso you'll get the bandwidth kick from both of those connections to our re pops and then the routes are taken care of by themselves if you need to do a snat option you could but basically it's veryeasy to set up sight to-sight VPNs with manysites using that technology and is that five managing the BGP configuration and stuff like that on all of these as well it's a full now you can come in and you can if you want to go to the next level you could peer CE so that you bring in more routes that will get automatically propagated, but um I guess it's a long way to answer your question. It's a simpler experience for the end users. You can Ibelieve you can do more with less technical data I think is the term. Um also just one last one. Let's say you are just an AWS shop and you really understand AWS sightto-sightVPNs,but you do have to get into Azure because you're an independent software vendor. your wares are what you're trying to move and you have a consumer says unfortunately wedon't deal with AWS for our own reasons we only deal with data on Azure you can get your data you could replicate to Azure or replicate to Google without going and learning those layer three VPN technologies I don't have to train myself it's the same workflow on any of the hyperscalers yeah and it sounds like that you could facilitate uh data transfers between onap and on ONAP in either of the cloud providers. Yeah, wedid a pretty good study on using uh Blue XP and or Cloud Manager. I don't know when uh it slapped me. Icall it cloud manager, but I think the names could be somewhat fluid and it's a couple years ago we changed it. Yeah, that's right. Yeah, because it's SAS first and it's very similar. It's cohesive. people who are traditional NetApp users who understand system manager and the CLI, they can take a load off and use that SAS approach to doing replications. And then one thing that I really like in the world of AI is okay, I've replicated to Azure, Google or AWS is I can do a clone. I can get a readwrite copy of my data that doesn't cost me anything in terms of storage from the in moment of inception and I can start doing my data science projects on that clone. So there's lots of interesting use cases. Yeah. I mean youcould even have yourdevelopment or unit testing or one thing in one cloud and your actual production in another cloud. Like I look at use cases like that. We I see that quite often because they'll do use something like Azure or virtual desktops uh for enduser workstations but maybe they run production web services out of AWS. Right. That'sone of the typical use cases I see people doing. Another doing. Another use case I can think of is uh I see this quite often uh ispartnerships or joint ventures uh where there's between businessto business and they're sharing like um you know largeoil fields for example are rarely operated by one uh oil company. They're a joint venture and they have to share information on exploration. Uh and it'svery complicated to get these uh shared environment set up because you got you know company A and company B and maybe company C but they all need to have access. But they each have components of things. Media and entertainment is another one. Healthcare is another one. Uh andyou know company A may be entirely operating in Azure. Company B may be entirely operating out of uhAWS and company C may be entirely on prim. Interconnecting that isa nightmare. Uh andgetting that uh andcloud teams, infrastructure teams uh that's something they wrestle with quite a bit. and also getting access to outside external data sources like banking um and being able to transport that data if you need to do queries. You know, you get access to it, but you got to be able to build the link uh between the two. This could go a long way towards uh making that a lot easier. Yeah, former federal contractor here. I could see the infinite use cases that all of the agencies might want to use with something like this. Um military especially, FOBs and things like that. Um I you said media and entertainment as well. That one really struck me because most modern DAWs uh or uh editors are have some sort of built-in cloud collaboration mechanism now at least in the last two or three years. I've seen most of them whether it's Da Vinci Resolve or Premiere or I don't know if Final Cut's got anything like that but we're talking about big post houses. I know Avid does which is the gold standard of all like post-production houses. So, I'm looking at this going, you can have editors all over the world now collaborating on a single edit, single timeline over a network like this without having to buy some super crazy subscription from one of them um or depending on them to provide that. Now, you have a reliable enterprise networking solution, global sort of load balance distributed solution that's protected, all of that stuff. I think media and entertainment should pay a lot of attention to this kind of stuff. Yeah, even for staging game deployments. Um, there's all kinds of use cases that you could get around for this. I remember many years ago uh when uh they were talking about uh when they were making theStar Wars prequels regardless of your opinion of the Star Wars, but uh you know George Lucas talking about how they had to pull basically pull fiber because theywanted to do they wanted to shoot they wanted to get that started into editing uh like immediately. uh and they paid a lot of money to getnetwork connectivity out to, you know, Tunisia uh in the middle of the desert where they were shooting. Thismight facilitate and make that a little easier. You have your last mile issues, of course, but uh um yeah, this would certainly make it a much easier prospect. Yeah. All right, Steve. Anything else on this one or you want to move on to the next one? No, I think that's good. I mean there's so many onelast thing that comes to mind is if you're doing S3 uh availability you know we can we're user aware so if there's auser who's biting off more than they should uh basically abusive of their the number of transactions we can do selectively throttling so we can send an HTTP 429 message back saying you had too many requests you've exceeded 50 requests in a minute so that would be another use case of making you're getting more mileage for the buck out of your storage grid is by implementing rate limiting on um S3. And is that a knob that you can dial in to whatever you really want to? Exactly. It's uh different endpoints could be unaffected by that and certain key endpoints could have very aggressive rate limits. Just one more stream of consciousness kind of thing. But let's say I have a bit it's a web service but in the nation of Fiji there's a this uh shouldn't traffic should not be coming to the global instance. It should be incountry. We have geo rules. So we can say hey to get to this uh S3 service unfortunately Fiji you go this way the rest of the world goes this way. This is the kind and there's just a multitude of these security aspects that you probably wouldn't get with your vanilla sight to-sightVPN solution from onevendor. Yeah, datasovereignty rules are a big deal in a lot of I mean I think Malaysia is another one that you can't export data out in Germany. That's right. Germany has its own cloud uh thing. So, right. We have a use case where we have a EU user and they're traveling in the US. So when they connect they would connect through New York City or maybe Ashurn in Virginia but we can make it such that the actual SSL interception which is really what you're concerned about that's where the security is that's where the deep visibility is we can make that happen in EU. So that could be a use case around data sovereignty just becomes atrace hop at that point and you're carrying it over to wherever the destination is. That'scool. Ireally think that's understated a little bit if I'm being honest. I think that's one of the I think data sovereignty and the security aspects above and beyond like layer 4 that you guys are providing are the value here. Not necessarily that you've created a sort of global distributed network, but thestuff that you're doing above and beyond that isthe real value here. Um when I wanted to ask you one more, maybe both of you um we talked about storage grid, but ONAP has S3 too now. That's correct. where how does that fit into the picture here? Is the same stuff available in there or are we depending on the native load balancers in ONAP? Uh no, same thing applies. Uh of course once the data gets into onap um it's using its own load balancing andS3 buckets. Uh let me back up. ONTAP has two kind of modes of operating withS3. There's NAS buckets which is you're adding S3 to an addition to an existing uh NFS SMB volume. And then there's S3 buckets which is just purely S3. uh when you deploy an S3 bucket, it deploys a flex group for you and itkind of manages all that under the covers, grows it, shrinks it. Uh it'sverynice. But the abstraction here is the S3 bucket. Uh the S3 it'sthat's the API is universally accept accessible. Uh and you don't Yeah. But is the bucket the endpoint that we would connect to with this? Okay. That's right. So we're not using the internal load balancing mechanisms of ontap on across the buckets in any way. No, that's right. No, it's just the internal for the all the flex groups uh and where the data gets loaded, but that's abstracted fromyou what and where F5 is on the front end. It can distribute that to all these different S3 eachSVM is an S3 server and then there are buckets associated with that. So, um that's your root URL. Um and then the bucket is, you know, theremainder remaining part of that. Yep. Awesome. All right, let's kick over here. And uh Steve, I know you said this was the other one you wanted to go over. Well, to be honest, I think we've kind this was just a little bit how the sausage is made slide. It's a little bit more on one use case where basically in the red box, we have the two functions that F5 is delivering with distri distributed cloud. One is basically giving you remote access to your users through our uh international global network to get to the Jupyter notebook or to get to the web interface to do their AI task. Number two is basically in this lab that I built up, we're basically using the layer three methodology to uh bring um traffic from an ONAP um onap select is in the Redmond Washington lab and we were bringing it up to Azure to a resource group, a V-Net within um a resource group andthat basically is done by creating amount as mount andin the uh article I went on to basically vectorize data from a you know from a bunch of different uh folders and volumes inthe on tap box. So I think we pretty much covered all that. So one of the things that wepitched this show to be about kind this episode I should say about AI and cloud. Um I don't want to not talk about that in any way uh from a solution and a use case perspective. Um, we've talked about like the fundamentals of the distributed cloud itself and how all of that works, but like for the AI heads out there, where does this really like benefit them in a big way? Where what are the when you have these LLM inferencing use cases um using Rag uh across multiple endpoints around the globe to bring it all into one main model? Like what's the cell here? Yeah, I'll give you one example. It's uh to make a basically an empowered uh support desk worker where they need engineering they need the some of the knowledge that's contained within release notes within engineering specifications within user manuals internal KB articles and if you're a distributed technology company that resides in some probability on NetApp volumes in multiple locations there's no appetite or regulatory uh advice to move that into the cloud in this example you want to reach in and just get remote access to it to empower the AI decision making so that when someone asks a very complex question which might be above the skill set of the operator they can have an empowered response. So what we're doing is we're doing um rag basically garborates your data all the PDFs all the docx documents withthe knowledge required into small chunks and then basically a semantic meaning an a an embedding model will assign it a vector. So the vector typically is over seven or 800 digits long. It's got a direction to it pointing out into space as it's usually depicted. Yeah.And that's kept in a vector database. When the inference comes in, the operator types in the user's query, the same the very same embedding LLM creates a vector on your inference on your question. And using semantic similarity, we try to find four, five, six chunks in all of your data which is originating in all these different sites around the world that are coherent with it, that are aligned with it, are semantically somewhat similar. that's given to the main uh generative AI LLM as sort of hints. We call them augments there. We aug augmented is the a in rag. And basically theLLM can come up with a better hopeful hopefully can come up with a better more meaningful response because it's been infused with basically paragraphs of data from all around the world in your data sites. I don't know if that's kind of helpful in any way or leads to more questions. Oh, absolutely. Oh, absolutely. Oh, absolutely. No, oh, it leads to a bunch of other questions. Uh, win, I was going to throw it over to you and ask like howhave we uh built this with some of the, you know, some of the team work that your team's doing with you and Sibu and um and Will.Yeah. So, I mean, if you think about it, if uh you got to get to the data one way or the other, right, tomake this work. So the data is out uh kind of at the edge or at a remote site. The vector database is uh and theengine for the rag is maybe centrally located somewhere else. You'reeither going to have be able to have to go out to get the data to so that you know you can or you're going have to move that data in and pipeline it in. Um that's a very expensive timeconuming operation. PIP data pipelines arecan be expensive. Uhbut that'sone where you're not talking about tiny amounts of data. It'smassive amounts of data. So you're maybe you're going to have to build a whole in like well maybe we snap mirror it in. We can there'sa whole well it would be a lot easier if we could just reach out and touch that data anduh and vectorize it and then theLLM reaches it over the network uh with and then it stays in place. It removes a lot of governance issues like we talked about earlier. Uh there's no wait time. Um, we can use ontap uh S3 just light it up. Imay have kind of undersold the importance of uh lighting up S3 on your existing NAS volumes eliminates an entire class of data pipelines. You don't have to do it anymore, which means all the cost, all the wait time, all the infrastructure, compute, network, storage infrastructure to get that data pipelineed into wherever you're trying to go, it goes away. And thatequates to potentially millions of dollars a year. This is another one of those uh thing where F5 is enabling you to get to the data without having to move it um with all the risk uh and cost involved. Yeah, that's huge. Yeah.Well, Steve, I understand we have avideo. I want to make sure we had time to watch that to show the actual demo here. Um anything you want to say to uh to set that up before we jump into it? No, if we just play it, maybe we can speak to it. The I think the only the key value is you would see the verysimple configuration from the F5 distributed cloud how we build and it'll actually do a demonstration where we um we do rag with NetApp gear. Gotcha. Remind me was it two or three? Uh two.Got it. All right. So I'll let it play. It's muted right now. I'll just let you talk over it if we want to pause. Sure. It's the uh let me know. Just as an aside, we have a show like Insight. It's called Appworld World and ours is in, strangely enough, was in Las Vegas, but a different hotel. Um, so I showed this demo on one of those big screens out of our version of Insight. So that's why you're seeing some words go by. Basically, the first minute is just a recap of the architecture.While that's doing it, another architecture that I recently did was using FSXN for um ONTAP using AWS where the LLMs are in a private VPC or access to the bedrock LLMs are in a private VPC but we drop a C node in there and then with FSXM we start doing snap mirror. we actually start doing data protection volumes in FSN X FSXN and that's where the consumption of the vectors can happen. So we there are mo many ways to do these architectures but in that case distributed cloud is giving you private access to your private data centers that are on those 10 or 192 168 200 networks that are not available to the world but we can securely feed uh you know snap mirror sessions into the AWS environment. There's a similar Google play with vertex AI. So this is by far and away not the only way of doing it but it's one that I recently read wrote. So this it's a bit small but basically what we're doing here is we're bringing uh S3 objects from uh San Jose. They're on storage grid. They're actually behind the big IP and big IP has some value there but it could be done without the big IP. and we're going to do some inf inferencing in uh Seattle. So, this is the SAS interface to distributed cloud. So, it's a bit different than the big IP uh TMUI that you might have remembered from 20 years ago. Uh but basically,we're going to give it a domain name. Now, if this was a live service going to the internet, you can give us your DNS uh rights. We can administer do the NS records for any domain that you might have bought on route 53 or from Google domains but this is an internal use case from one internal data center in San Jose to another internal data center in Seattle. So we're using a private DNS uh always you know a demo is private DNS when somebody ends it in internal but what we're doing is HTTPS because this is at three and we have an Acme v2 solution that's using let's encrypt so we can spin up a an actual customer accepted instantly or you can use in my case my ownerts that I created in OpenSSL and now this is where we're tying it to the origin pool. So the origin pool is going to be located in San Jose. So this is the key. It's not in the same place where this service will be consumed. It's in another location in San Jose. And you can see I'm giving it the IP address. It's a 10 uh xxx address. So it's a private address. Uh we could this is storage grid. We could do SSL offload and talk to it without SSL, but we'll do SSL on both sides of the service. And at that point, you basically have yourself a distributed load balancer that's tying together two sites. And we're going to turn on, if we want, web application firewall. And we can turn on API protection. So if I see something in the API traffic that it's supposed to be JSON, but it's actually a JPEG file, we can actually block that. So we can do contentaware API security as we're an inline solution. We're not an outofline solution. We're an inline solution. And then this is finally the most probably the most important screen is where are we going to project the service? So the service is not going to go to the internet. The service is going to the inside interface in Seattle. Once I'm in Seattle on that LLM Linux box, if I if this was NFS, this is the typical way I would grab my data to start doing the garbberating uh the chopping and uh vectorizing. But I'm using the fuse approach. So, with Fuse, you can actually use uh S3 and user space to do the same sorts of remote access. I'm going to grab a couple I need at least two LLMs. I need an embedding LLM to do the vector uh creations and I'm going to need an actual generative text LLM to do the actual answering of my inferencing questions. So, in this case, you can see I'm using Nomic embed is the embedding LLM. And this just de demonstrates that I'm sitting in my Seattle office using S3 browser, which lets me visually verify that I can get to um to my remote uh storage grid um buckets. And as you can see, it's working. Otherwise, I wouldn't be showing you the video. But uh just as an example, the example I'm going to show is you probably have a lot of consumer devices that are aged out in your house. probably about four digital cameras, maybe some uh blenders or air fryers that but you have a bunch of paper documents for the manual. So, the idea here is I made PDFs of a bunch of household devices. I'm going to ask a question about a lawnmower. This is coming right out of a PDF document, the user manual for this lawnmower. So, by asking this question, the response is using the files that are on storage grid in San Jose has found that there's a chunk. It even tells me what page in the PDF says the concern about this lawnmower is the heat of the muffler you probably uh need to keep away when this thing has been running for a few minutes. So it's a verysimple example of rag but it's conceptually the sameconcepts that you would be using for financial industry or medical devices medical appliances is basically bring that secured data into the equation empower your LLM to consider lots of different sources when it formulates a answer and then it can give you a meaningful answer at that point. Nice.That's basically the uh gist of the uh of the demonstration. Awesome. We did have one question come in. Um let me pull this down on screen here. Uh what is XC? Yeah, XC stands for distributed cloud. I imagine calling it DC would have caused a world of hurt because uh so it stands for distributed cloud. That's what it stands for. It's basically, if I had to explain what it is, it's the uh it's the addition of it's a global network of sites that are running a you know an intelligent L4 to7 solution that's Kubernetes-based and you can expand it into your VPC and into your data center by using a Customer edge uh instance of that. It can actually run inside Kubernetes clusters. So you can actually run it as a it's a pod a container and then you I was going to ask is it like Cloudflare D? Is it just a little instance uh kind of a reverse instance? Itit's a it's I wouldn't call it a reverse proxy just because that would eliminate that smart network connect mode. I would just call it a smart layer 3 to 7 Kubernetesbased solution and the keys are that we'll give you a secure global network that we've built up with those 16 terab per second. That's not one link, that's all the links. And why that's very important also is when you use anycast and you get to talk to a node that's close to me, the TCP flight times become very low. You're you you're going to be able to get to a larger TCP window more quickly if you have a slower time to get to I use Montreal and Toronto as my uh points of ingress. And also the fact that I can take the technology and turn it up as a instead of being a an RE, I can turn it up as a CE, which is customer edge in my own office or in inside my own Kubernetes clusters.Nice.Uh we did have one more. Thank you for the question, Tangel. Uh I and thank you, Steve, for the answer there. We had one more video we wanted to try and sneak in. Do we still want to try and do that? Couldyou go for number three? I think it'sgood. It'll give you the warm and comfortable feeling about big IP and it's using big IP and how we use it with um again in this case it happens to be storage grid. We're going to be working on some big IP plus net app collateral soon. But um what we want to do is in this example we want to be able to read and write massive amounts of data and we a typical use case for that would be in model training which is not going to be in everyone's bailick but it is in some key institutions are building their own models. I you know the world is basically accepting S3 because it'smulti-threaded. There's concurrency with HTTP that doesn't exist so much in SMV world where it's more of a serial set of operations. Yeah. Takes longer basically to move files with SMV for things like opportunistic file locks. There's a lot of control plane activities that are sequentially done. S3 goes like fast and um with this we can use something like the big IP which has been doing web reverse proxy for 20some years and we also have that ability to do lots of high-speed SSL interception. We also have hardware assist. So we do have an FPGA when you're using one of our modes called fast L4 mode. We can actually harness hardware and FPGAs to go even faster. So one of the nice things about this is that we have a lot of builtup security features. So you might recall I rules where we can write some u tickle tk. It's like tickle scripts that manipulate the data plane and at veryhigh speed. We can do API authentication. So this is the tmui. I think it's like system manager. It doesn't change quickly. So Nick, if you used an F5 big IP, you probably This looks very familiar. He looks very familiar. So we can see that we have an origin pool of three nodes and if we jump into u the storage gridmanager we see those three nodes. So at this point all we really need to do is build avirtual server or as I've said some people will call this define an app. So we're going to give that a name. We're going to give it an IP address that's on the outside of the box sort of projected to consumers and we're going to use port443. We're going to do full SSL interception. We're also going to repackage it up as SSL forstorage grid. You could do an offload, get somewhat higher performance on your storage grid perhaps if you did offload. And at this point, we're just going to use we're in the data center. We're just using that same store um uh browser application that uh it's called S3 browser. And we can just peruse the different buckets that are on storage grid. I'm just going to quickly download um a bunch of objects. They're files, but I guess in S3 they're really just objects. And if I go into my Windows browser, I can see lo and behold, there they are. Wow. Um so that's basically in a nutshell. I want to show one more thing here is let's look at the origin pool members and you can see that there really was a load balancing operation. It's a bit hard to see here, but you can see two of the three data nodes got utilized in that demo. Well, one of them was idle and two were used. So, it does prove that there's a spreading of the traffic across the cluster. So, I'mlooking at that as a use case of if you have buckets that are spread out all over the place, whether they're individual users or individual sites or individual assembly lines or whatever they'reused for. This can be you they can be added to a pool that can be used to ingest into a central location for inferencing for example. Well yeah in that particular demo that really is a onprem it's not really a multi-sight solution. It's for it's really designed for people who need to go veryfast. So if you're basically trying to feed GPUs that are building a model they need data and they need it fast. So you might have tieredstorage. So tier one is you know blockbased veryhigh-speed technologies but it itself has to be fed by another tier where the S3 objects are and that big IP can allow the movement of S3 objects at higher speed than a individual node would allow and like I mentioned there is a hardware assist mode called EPVA which can make it even go faster. Iremember it was one of my favorite pieces of gear to work with. That was 2008. Yeah. 2007 maybe. Um, and all we did was we created we had a single web app that was used across the country, you know, hospitals across the country and it had we had one IP that basically we pointed our application at and that was to the big IP and inside of the big IP we had the pool and behind the pool I had virtual machines that were very stripped down standardized perfected templates of web servers and I had a script that I would every time and we got to this point where it was automated but we could automate the pool based on load and I can't remember exactly what rule we were using what load balancing algorithm we were using right but it would stand up additional nodes automatically kind of how Kubernetes does before Kubernetes was Kubernetes we were doing that automation quite often people used lease connections so at any moment in time server is holding the least state the lowest TCP established sessions they get it that's kind of the typical one but there's actually 13 different algorithms. And just one last note, if you're a big IPO only shop, um, and you're not a distributed cloud shop, you can do multi-sight, it's a GSLB. So if I have a four data centers around the world and they're filled with web servers that are mission critical and I have big IP in front of each one, we have a GSLB solution that will point you to the best one in terms of cost. And if that whole site goes down, the GSLB has health checks. So health checks are looking at your origin pool members and if it sees this is really a site that's suffering, it can redirect traffic based on health check information to other sites.Nice. Iwould love to revisit big IP, you know, if we can figure out how to, you know, get one to added to data center dudes data center back here. I can certainly put it through its paces and already being familiar with it, you know, if you got one laying around, Steve, let me know. Yeah. Well, one of the cutting edges for big IP is running it on DPU. So, running it in a Kubernetes environment. So, it's amicros service on you DPU technology. So, Nvidia would obviously be one that we came to market with recently. So, um is there a virtual version of it too, right? hardware that's already on there there's a virtual version of it too, right? You can run it as a VM. Absolutely. Yeah. It's been around for many years. It's called virtual edition. So, I guess it would be analogist to on top select. Yeah. top select. Yeah. Awesome.Well, guys, this has been amazing. Thank you so much. Um Ireally appreciate the time today and all of the demos and the thoroughess of it all. Um I ifanybody we didn't have many questions come in today, but I think this is one of those topics that tends to creep outside the scope of our typical audience of on tap and hardware. Um but Ilove that we've got this out here on the channel for anybody that can come and look for this stuff for anybody that might be looking for solutions with F5. Uh they they'll likely stumble across this video. Um but yeah, thank you for all of the time today. Look forward to having you back and look forward to seeing you at Insight. Great. Thanks a lot, Win. Thank you as well as always. Thank you. All right. Well, that's it, guys. Uh, that's our show for today. Thank you so much forjoining us. We really appreciate it. If you have any questions about this, check the description below. We're going to leave some links. Uh, make sure you come and join the Discord community over at netappdisord.com.Um, just click join, sign up. If you've already, if you're already in Discord, it's a quickjoin. Uh, walk through our onboarding, make sure you get set up the right way. Uh, we have almost 6,000 people in there now. It's crazy howthat's grown over the last couple of years. Uh, a last reminder, get registered for Insight. It's happening. Uh, and you've got till the end of June to get take advantage of a $300 discount off of your registration for early bird registration goes up in July. So, don't say I didn't tell you. Um, we'll be back soon with more stuff, but until then, my name is Nick Howell. Thank you so much for joining us and we will see you guys next time. Take care.
Steve Gorman from F5 joins us to go over the awesome partnership between F5 and NetApp to enable secure RAG and Inferencing workloads.