Holly mother of God. Mitchell was still on HN yesterday, as he was replying something about Backblaze IPO and its business. Today it is his IPO,
$259 million revenue. 2100+ Customers, 1500+ employees, $10 Billion Valuation.........
I mean I felt it wasn't that long ago Vagrant was "the" tool for the job.
How it all started, the submission on HN [1], quote:
>This project has been the love child of myself and John Bender (nickelcode.com) for the past 6 weeks. We're both daily HN readers and would like to use this as a starting point to show Vagrant to the public. Specifically, I'd like to open up to any questions and feedback, so that the HN community can get to know Vagrant. Your feedback is extremely valued. Thanks!
>A bit of background on this project: I work at a development company (citrusbyte.com) in LA. I see new projects almost every couple months, and I'm often working on multiple projects simultaneously due to work, freelance, and personal projects. Managing the development environments between many projects on a local machine became a huge burden and a coworker once mentioned developing in a virtual machine. I thought this was a great idea, and Vagrant was eventually born from it.
Really amazing achievement in such short space of time. Congratulations!
Edit: I wonder how many company started or partially started on HN that went on to IPO. I know Dropbox is one. Do we have a list somewhere?
If that’s $260M pa for 1500 employees then that works out as $40k revenue per employee per quarter.
Compare with APPL and FB doing [correction: over $600k] per employee per quarter.
Not a value judgment. But I only recently started noticing these numbers and it really puts the big players’ spending power into perspective. Hiring engineers away from FAANG is incredibly expensive.
Edit: thanks for the corrections in the replies. I read figures for FB and AAPL that are reported quarterly but missed that they are for a trailing 12 month period, not for the quarter itself.
The economy of scale - at FAANG(MAANG?) scale you can have extremely efficient money making features that only takes a few engineer to support thousands.
For things that are completely software, it does not surprise me that millions per employee in earnings is realized - that's just what happens when you operate at that scale. And that's accounting for all of the overhead in personnel that scale entails.
True. The number of engineers is not linearly correlated with the number of customers, but the number of features. If you have a relatively simple product and you can somehow still compete (niche market, patents etc), you can get away with a very low head count. WhatsApp famously had only 35 engineers and ~450M users when Facebook acquired them.
> which is probably what happened to them inside facebook anyways
I think initially they only expanded to ~50 engineers until 900M users. Even today they are estimated to have only ~500 employees (no idea what percentage of that are engineers).
LinkedIn lists 1823 people working at Whatsapp, not sure how accurate that number is, probably self-reported so could be lower/higher, but ~500 seems off. Employee count seems to grow 1-5% month-to-month.
Engineering is listed as 25% of those 1823, operations 8%, education 6% and business development 6%.
Every one of the Facebook companies is a household name with hundreds of millions of users. The same cannot be said for the Alphabet companies aside from Google.
You listed three Google products. Those are not alphabet companies. No one is trying to say Google is smalltime. Rather the point is, “Meta as an entity is comparable to Google, not Alphabet because it’s Units are Interesting”
I listed 4 actually, all with their OWN household name with plenty of users.
Under the Google umbrella or alphabet is the same. Just like under Facebook or Meta.
Nobody cares about the exact legal construction of those products. Plenty of people still say FANG, where it's short for Google and not Alphabet.
Nice nitpick, but you obviously mispositioned your initial comment by putting the emphasis on household names and not on the legal structure, which is a strange argument fyi.
While I'm doing a low-content post, here's a tangential fun fact: the Latin sequence "gn" (as in, say, "magna cum laude") was pronounced with the G nasalized. If magna were rendered in English spelling, it'd be "mangna". (Or, well, "mongna".)
I don’t know. I do know that “number of employees” metric is a shorthand way of measuring the operational weight of an organisation. As long as it is measured consistently, it’s a good proxy for size-of-tech-company. It might not work so well when comparing a pharmaceutical manufacturer to a main st retailer though.
Depends if you count Facebook's moderators, Uber's drivers, Apple's shop assistants, Netflix's film crews and so on.
Some of these measures make it look like Google's zero-customer-support approach is the 'efficient' way to run a business but for a lot of companies it'd be a false economy.
One might argue that those are costs, not head count. By the same logic we can also assume that they use contractors who bake pizzas for Facebook employees when they order from Domino's.
I guess a somewhat better metric would be "profit per employee" instead of revenue.
Maybe. But the point is, ad absurdum, you can do business with zero employees and all contractors, or with zero contractors and all employees. It's not possible to measure efficiency with a simple "revenue over employee count" metric.
>Compare with APPL and FB doing $2.5M per employee per quarter.
your math if off - FB is $500K/employee/quarter, APPL is ~600K/employee/quarter. That still of course a boatload of money allowing them to pay $600K+/year to the engineers.
Point stands, but I'm not sure how you get that much for FB and AAPL. In 2020 (4 quarters) they made, per employee, ~$1.2M and $0.7M in gross profit, $1.5M and $1.9M in revenue. I didn't cross check the table but did get the same number for FB.
> Hiring engineers away from FAANG is incredibly expensive.
That seems to be changing, as the employees at those companies are starting to re-evaluate the ethical choice of staying or leaving a company they thought was "good".
An additional data point (read: anecdote): I applied for a job at Hashicorp in early July of this year. I have yet to receive any reply, including a "thanks but no thanks"
For reference, I also have a friend who applied there in late 2019; he apparently _did_ get a "thanks but no thanks" email about a month later.
Perhaps all of the company is short-staffed, rather than just engineering.
Applied, rejected within a day, got an email from a hiring manager four weeks later asking me to re-apply, very sorry etc etc, bad screener he had to look over everything again.
I re-apply, two interviews, asked to do a presentation and then a video on strategic threats to the org, spent two days of my holiday doing it (tight schedule from Twitter), sent, no reply for two weeks, get an email back saying they wanted it to be more tactical.
I pointed out what they said (it needs to be strategic), they come back two weeks later, very sorry etc, they would love to move me to next stage, one week later hiring manager doesn't turn up for interview, two days later apologises, asks me to meet with his senior manager in two weeks. I agree.
Recruiter then turns around and says, sorry not what they are looking for. No other explanation. Next day emails me asking would I apply for another position. I say, "Hmmm not so sure. Perhaps. What's the comp?" He says "Great, I think you will fit well. I will go check it." Then ghosted...
Was a cool role. But still. I'm in a position were I am also interviewing the people on the other side of the table. I'd love to have helped build something they needed about that fusion and analysis.
But sorry, in that context, just not good enough. That's my first dealing with your company. Why should I trust anything else will be better?
Hahaha Twitter in Seattle at least is infamous for experiences like this from my acquaintances and friends. I somehow got into an on-site there once only to find that the team I’m interviewing for doesn’t unit test anything or write any Scala, they’re not familiar with consistent hashing, and a bunch of other curious things that contradict what I had been told about the job and the company.
Seems like they’ve never improved their process. I was put through an interview gauntlet and then ignored. The experience prompted lively discussion three years ago.
> I mean I felt it wasn't that long ago Vagrant was "the" tool for the job.
Vagrant is my safety hatch, in case Docker goes under and aspect of it that's "the best centralized, cross-distro, server-oriented Linux package manager repository around" is, at least temporarily, thrown into disarray. Back to picking a distro and contorting it into what I need, in that case.
And it's still better than Docker if you're really in a hurry and need to get some pile of undocumented shit running locally ASAP.
Docker at this point is just a wrapper around OCI spec… why would you go back to Vagrant rather than just using any of the other tools that can build OCI images? Vagrant and Docker seem like fundamentally different tools to me.
At least 80% of Docker's value to me is as a consistent-everywhere, very complete server daemon package manager. Serious packages for work? They're there, and up-to-date. Screwing-around stuff for home (Minecraft server, Jellyfin, et c.)? It's all there, same interface, just a couple minutes to add and configure another daemon at approximately its latest version, and I don't even have to think about which distro I'm running.
It's the container registry that I'd miss, not the actual container functionality, and that's what would have me reaching for Vagrant and distro packages again until something similarly good arose (or maybe there already is a viable replacement, which I'd find via search in short order if I actually needed it)
I wonder what sort of container registry are you looking for. There are a few alternatives to Docker Hub nowadays. For instance, GCP’s is quite affordable and straightforward.
I don't mean for hosting custom images—I mean for using it as a cross-distro (indeed, cross-OS) very up-to-date, server-oriented package manager. That's most of what I get out of it, right now. It's currently, maybe, my favorite Linux package manager + package repository, even if that's not its core purpose.
Vagrant can use containers, making it also a wrapper around OCI-compatible runtimes. In addition, it also supports VirtualBox, Hyper-V, VMWare, bare metal, SSH targets, and various cloud providers.
The real conclusion from your logic would be: why would you go to Docker rather than just using Vagrant?
> The real conclusion from your logic would be: why would you go to Docker rather than just using Vagrant?
I use Docker as a nigh-universal package repository and package manager, with a huge and up-to-date selection of packages. It gives me a consistent way to run daemons my software depends on, nearly everywhere, including pinning the version and ensuring they all use the same config. It's docker-hub, really, that provides most of the value I get from Docker on a day-to-day basis, and that's the part I'd miss. I know there are other ways to create images and run containers, but I almost never create—or even modify—them myself.
>Mitchell was still on HN yesterday, as he was replying something about Backblaze IPO and its business. Today it is his IPO
Maybe that is because he stepped down from leadership to become an IC again? We could speculate that he didn't want to go public, or had no desire to do the S-1 work so he stepped down.
> I wonder how many company started or partially started on HN that went on to IPO. I know Dropbox is one. Do we have a list somewhere?
There are only a few places where you can easily promote your saas company, it makes sense that Saas startups that IPO now were promoted when they launched ...
> Edit: I wonder how many company started or partially started on HN that went on to IPO. I know Dropbox is one. Do we have a list somewhere?
Let's not make whether a company went public a metric for assessing quality. Going public is mostly a matter of how much a company expects the public to pay to get a share for the company. Also, it is a matter of how much the bank which facilitates the offering expects to make. Currently, the markets are sky high, so even not so good companies will make crazy amounts of money for the bank and the company which went public. Just look at the dot com bubble and the IPOs for more information.
2100 customers seems low? I've personally worked for 3 companies in the last 3 years who had Vault Enterprise licenses, and in the grand scheme of things, these are pretty small companies in a single, pretty small country (Belgium)
Absolute legend, rocket ship human Mitchell Hashimoto.
I still remember the excitement from Vagrant back in the day (which I think started it all). Here's the 1.0 announcement in 2012. [1]
The tools and vision they created after, just amazing coming from a small scrappy startup crew. Which, IMO, is totally wild given the offerings clearly tend to target bigger Enterprise who have bigger teams/apps/ops demand.
Then to walk away from $50MM barely older than drinking age. [2]
Seriously congratulations to them and the Hashicorp team. Will likely invest and hold for a long time.
He shared his dev setup at Dev Tool Time (https://srcgr.ph/mitchell-hashimoto) which shows how passionate he is about engineering. Going from CEO -> CTO -> IC solidifies his genuineness.
TBH what I got out of this is that he’s got a simple solid setup that works for him. He clearly doesn’t burn time changing his setup often and that makes sense.
On the face of it not, no. But when you consider the immense power and versatility of it (you can do anything from setting up simple virtual envs to automatically deploying a multi-container setup on AWS), it starts to become a lot simpler than the sum of all the other tools that it replaces. Nix is a single principled idea, but can be used in so many different contexts.
You can buy the stock on the first day of trading. If you want to try and get an allocation of shares at IPO price, various brokerages have different processes where you apply. I use E*Trade mostly, but Robinhood does have the best IPO center of any brokerage I have seen.
The impact Vagrant has had on my business is nearly immeasurable (and for free, no less). We're a small startup, and I haven't had the time (or motivation) to learn what Docker, Kubernetes, containers, etc are. Seems overly complex.
But, virtual servers I can understand. I've been using Vagrant since 2013 and it ... just works. We've built our own custom box to standardize our development environment as well.
If there is one company and person I'd like to mimic, it's Hashicorp and Mitchell. Work to build an amazing product or products, get it ready for a sale or IPO, and then transition into an IC to continue doing what I love: hacking.
You can basically just treat it like a package manager and config-assistant. It's often easier(!) to configure a Docker image than the corresponding package, or set of packages, in your typical distro. In part this is because documenting where all the config files and data live just kinda falls naturally out of creating a half-decent image, and in part because good images often put commonly-modified config options—which may correspond to multiple changes in the config files—in single environment variables, for common use cases.
The main gotchas are making sure you've mapped any data directories to something outside the image (which is trivial to do with command-line options, if you prefer writing bash scripts, or in docker-compose yaml, and very easy to test—add some data, destroy the image, bring it back up, is your stuff there? Yes? Good, you got it) so data isn't lost if the image is replaced or destroyed, and making sure your port mapping isn't doing anything dumb like exposing ports it shouldn't on a public interface.
You don't have to use swarm or even actually learn how images work. You can run your application outside of it and just use pre-built official images from PostgreSQL, or whatever, and enjoy a nice, cross-distro, also-sorta-works-on-Mac-and-Windows, consistent set of project daemon dependencies, with an interface that's the same on Red Hat or Gentoo or Arch or wherever, and far more up-to-date than major stable distros (so you could use Debian Stable for simplicity and reliability, for example, but run the latest MySQL or ElasticSearch or whatever on it without mucking with the distro's packages).
I find this massively simplifies server config scripts (Ansible, or bash, or whatever) since I can confine those to fairly generic housekeeping things and put daemon config in much-tidier Docker scripts or yaml.
It's like git. You can get by for a while but when anything out of ordinary happens your understanding needs to go from 2% to 95% very quick. With apps that are really good at package management I fail to see need of docker. Ie node, and go lang.
Oh no, I practically never package my "app" with docker. I use it to install stuff like postgresql, and ensure it's at the same version & configured the same everywhere, regardless of the underlying distro (or even OS), using the same tools no matter where it's running.
It's often easier(!) to configure a Docker image than the corresponding package, or set of packages, in your typical distro.
My original reply was going to be something along the lines of "Bwahahahaha" followed by a comparison of how many seconds it takes to `pip3 install torch` vs how many hours you'd rip your hair out trying to get that running in Docker, let alone on a GPU, and let alone in a way that you can actually develop on it.
Perhaps it's easier to say, "We're not smart." Like Racket, Docker is a marvelous tool, and I'm sure a lot of smart people use it in some incredible ways.
I'll be 34 in Feb. Do I want to spend a month trying to force myself to use Docker for no apparent reason?
At my first job (gamedev), one of my coding heroes happened to work there. One thing he said really bugged me: "Shaders are a young person's game." By "hero" I mean that he single handedly wrote most of the Planetside 1 client code, as well as having developed many other titles that I grew up playing on MPlayer. (God help you if you know what MPlayer was.)
I tried explaining to him, no no, you see, it's not so bad! You can do it! I believe in you. Once you put in a little effort, you'll understand all the parts, and you'll see there's really not that much to it.
Yeah, uh, I was 19. He was like 40. I get it now.
I've personally deployed multiple services to production whose reliability can be measured in years: https://status.shawwn.com/
Sure, none of those are too impressive. Except the one I can't talk about, ha. But they're all variations on "get the server running, make sure the process is simple, make sure it's fail-safe, and put failsafes in place to notice if it breaks."
To my surprise, they almost never break. Isn't that marvelous? Here's me, someone inching closer and closer over the hill, delivering robust software that lasts years. Hell, you can even see for yourself: https://tags.tagpls.com/uptime
508d 00h 04m 14s
Not bad.
Sure, I'm being unfair. Because you'll rightly say that there's a world of difference between this and the situations DOcker's designed to solve.
And yet, as I go from company to company, I keep being surprised to find zero people using Docker. Isn't that strange? My wife just got a job at a YC co. I'll ask her whether anyone there uses Docker either. Maybe they do.
Docker's stolen days of my life for no gain. Painful days, because they were days when I was really into hacking, and I could've been busily building a big beaver dam instead of learning infrastructure that none of my colleagues ended up using.
Docker is a time vampire. It's "Nerd Snipe: The Game." You'll want to play with it, and it'll give you just enough happiness to keep you going. But, like a cat, the love is one-way. If Docker were a person, they would totally ditch you on your birthday.
It was much more satisfying to write this than to spend that time staring at yet another damn variation of "how do I forward the port properly?" torrent of blog posts from the legions of developers that Docker has managed to curse, by making the impressive decision to eschew simplicity in favor of being Smart with a capital-S.
But hey, Docker will be around longer than I will, I'm sure. So it'll get the last laugh. In seriousness though, you can get by without it, which is pretty remarkable -- almost as remarkable as it was to try out vagrant and discover that it's the polar opposite of Docker's philosophy.
The difference is easy to spot: Vagrant just works.
Oh no, I agree that it's not worth learning to package your "app" with docker that way unless you're planning to make it a big part of your processes, to reap the benefits.
It's just excellent for replacing other methods of installing & configuring daemons you're dependent on, especially if you're already in a "doing things wrong" kind of space (and hey, you and me both).
Very nearly all of my use of it doesn't involve modifying or customizing containers at all, and just lets me use one set of commands to manage packages across most platforms and pin them to my desired version without having to care much about the underlying OS, for dependencies like database systems, entire software packages that I don't need to modify aside from config (as in my personal use of it for things like Jellyfin and a Minecraft server), et c.
My server at home runs Debian Stable. Very little of what I use it for is available in the official repos at all. Docker, though? They're all available at the latest version, with a bunch of older versions available too, just as easily. And if I switch distros out from under them, or upgrade Debian, nothing happens. I just run the same stuff, and it works.
> And yet, as I go from company to company, I keep being surprised to find zero people using Docker.
Well that's pretty astounding. I work on a service at a Very Large Company that intercepts each docker container as it passes into our production-deployable repos and it inspects about 100 containers per hour. This isn't every build, it's every actual prod deployment. Mind you, we have lot of services doing deployments, but the ones that aren't using docker are in the vast, vast minority.
I think one thing docker brings you is consistency. At our level of scale, you can't be doing "pip install"s on random hosts or you'd never be able to say what state everything is in. Docker isn't the only way to do this, of course, but it's one way. And I'm super happy that other teams the produce tools built on piles of python now package them as docker containers on a standard base so I can just run them rather than spend a day untangle my completely-hosed python environment every few months.
When HashiCorp first got announced I thought "How is he going to make a company out of Vagrant?" I was definitely wrong and on my own projects I'm using lots of their products from packer to nomad. Super cool to see someone/people create something like HashiCorp out of what I originally thought would be a single product.
To me, the more astonishing thing is, "How did HashiCorp excel where Docker failed". I'd pay to read a case-study on it, if there's one.
Edit: May be this comment from Mitchell sheds some 1st-party perspective on why it may be so:
> ...Terraform is WORKFLOW agnostic, not TECHNOLOGY agnostic. This is a key part of our product philosophy that we make the 1st element of our Tao: https://www.hashicorp.com/tao-of-hashicorp
> I don't think we've ever claimed cloud portability through "write once run anywhere;" that isn't our marketing or sales pitch and if we ever did make that claim please let me know and I'll poke some teams to correct it. Our pitch is always to just learn one workflow/tool and use it everywhere, but you explicitly WILL rewrite cloud-specific modules/code/etc.
I think a big part of it is that Docker failed to expand much beyond their initial offering. They tried, but weren't able to get much traction. HashiCorp probably wouldn't be IPOing with a multi-billion dollar valuation if they continued to focus mainly on Vagrant.
It wasn't until they launched Vault that I saw where they were going commercially. Their other tools were excellent, but I wouldn't be surprised if Vault would be their #1 cash-cow, it's a massively useful tool in environments that require a support umbrella and love paying for expensive licensing.
Congratulations! The IPO is a confirmation of what many of us in this field already knew: Hashicorp makes amazing tools. I love Consul so much. I'm glad the larger world will appreciate the great work Hashicorp has done as well.
My thoughts not facts. I know that there are more products then I mention.
I fail to see in what segment Hashicorp will remain relevant over time.
Terraform is the tool I mostly see companies pay for. Over time cloud vendors will make Terraform obsolete. In fact it is already a problem to use Terraform since it can not move at the same pace as major cloud vendors.
Vault is an extremely complicated niche tool, most companies should not use.
Consul, the service discovery tool is mostly not needed in cloud environments. Don't think any cloud vendor today have Consul as a service on their agenda even though this has been announced years ago which is a warning sign. Personally I really like Consul and the way you can set up ACL for instance.
Vagrant, use whatever.
Nomad has lost the battle with Kubernetes a long time ago. I never trusted Nomad and I never will but I can see that if you really want to orchestrate a lot of containers Nomad may be the right tool.
When selecting an identity platform you mainly have to go along with the corruption in the industry...
I really wish Hashicorp good luck on this journey though.
- Vault is not niche - it’s THE way to manage pki and credentials if you’re half serious about security.
Which is why you’re now are starting to see managed vault.
- Consul - EVERYONE should use service discovery, cloud or not. It’s indispensable for numerous reasons. If you doubt it’s relevance, check out the Kubernetes integration work - there’s a reason for that focus.
You need service discovery if you operate at any sort of scale, spanning multiple providers and teams (Azure have a managed consul offering btw).
- “Trust” nomad? The team and I have used it since 0.4 and 0.6 in full production at two different companies. K8s as well, but it lacks the unix vibe of “one thing, and do it well”, which is something you get with nomad, consul & vault.
Nomad has been rock solid and I’ve so far had no reason to not “trust” it, 100s of thousands of deploys later.
- terraform spans many providers. It’s a good tool, not without it’s quirks. But I’d rather have one quirky tool than multiple quirky vendor ones. Also, we use TF for basically everything - even the stuff we host in-house through lxc and postgres for example, and through home grown providers as well.
All major clouds have better alternatives to Vault. Vault is mostly for really large companies that want to run things like this by themself.
There is no need for service discovery in the cloud in general.
I have also used Nomad a lot. Maybe it is because we always needed the cutting edge features in general, but in general not very good quality. Core features always worked though. People should use Kubernetes instead in most cases.
There is simply no way Terraform and the HCL2 will survive for cloud environments. For other use cases I do not know.
AWS Secrets Manager gives me everything I want, for no effort, and costs rounds-down-to-zero. I cannot begin to imagine what Vault could even offer that would tempt me to switch.
Say you want to increase security by issuing short lived accounts and passwords in a database, and make these accessible on demand for apps needing them.
The app instance authenticates using the cloud providers key vault and from here it’s allowed to use a policy claiming tokens granting rights to a specific db role.
These tokens are short lived and are automatically renewed.
This is just one case - vault have a lot of useful integrations that let you “float above” any cloud:
I like to keep my concerns separated. That way we can use any cloud as IaaS and keep the platforming part ourselves. Vault is at the heart of achieving something like this.
“People should use Kubernetes instead” is an interesting take considering your first paragraph. :)
You’ve perhaps not had to troubleshooting issues in a more advanced k8s setup - that is something that is not “for most people”.
Keeping services discoverable, with service health-checks and configuration data at hand in the k/v is not needed in the “cloud”? I guess a lot comes down to how you opt to manage you services…
It’s what etc does, but worse (imo), for k8s. My usual work with larger infrastructure spans more than k8s or a single provider, hence consul is a given.
To my knowledge no other secrets solution exists that cover all the things vault does, and at the same lets you stay provider agnostic.
It integrates well with the major cloud providers though!
What I am saying is that Kubernetes has become the mainstream tool to use. You have to put up good reasons or custom needs to use something else.
A thing I like about Consul is that you can also use it as a KV. Something I lack in the cloud.
The Vault in Azure is the Keyvault which is all around terrible but Keyvault in conjunction with how Azure works in general is sufficient to build secure infrastructure.
Vault is the real money cow here, for sure. It is an industry standard in a space that is becoming ever-more important. Honestly, I'm not even sure HC knew how big it would become, but it is huge.
Could you elaborate on the service discovery part? If you're in kubernetes, you have kube-dns which in effect is service discovery right? What does consul provide over this?
Kubernetes works on it’s own if all you use is in k8s.
I’ve yet to set foot in a bigger place with distributed teams and services that only use k8s and nothing else.
In these settings there’s a need to interconnect and monitor everything.
I’ve even at one time registered mainframe stuff in consul, as an external service, with a rather complex health checks in place.
This alone improved observability and reliability for a lot of the distributed consumers.
There are many scenarios where it's useful, but I will illustrate a simple and important one.
When you do a rolling upgrade, a new service must be assigned to an available port different to the existing one. After starting you'll probably run some health checks, and once satisfied you'll want to switch traffic over to the new instance and halt the old. How do you tell the rest of your infrastructure what the new port is? Service discovery.
What you’re describing took place with on-prem iron as well - nothing cloud about it. At all.
Service discovery is in part DNS with low ttl, but there’s a part of it that ties in to configuration management, monitoring and observability as well.
If you “update dns” that means you’re doing a part of what consul does (only f ex nomad does it for you). Nothing magic, but you still “need it”.
Tags and metadata is a large part of it though, as well as configuring things automatically based on state of the SD and K/V.
Many services, many teams. Coupled with health-checks, monitoring and tracing it’s an important piece of the puzzle if you want to move quick in a distributed setting - which most large organisations are.
A lot of big finance companies use Nomad for all their compute scheduling. Citadel, for instance. They desire the ability to schedule Windows workloads, containers, regular processes, etc. through a common interface. They might not want or need to go all-in on containers.
Vault has a similar target market. Big high-paying institutions. It's not the average market of your tech company, and 100-200 person startups generally won't need it. If you're in the fintech space, maybe you do.
I would suggest that you reevaluate Nomad. It solves basically every one of (many) problem with Kubernetes in an elegant and reasonable way, at a scale Kubernetes is by no means capable of.
Further the idea that cloud vendors will make Terraform irrelevant is laughable. None of them have any impetus to provide a consistent workflow across multiple clouds. The shortcomings of CloudFormation in particular are unlikely ever to be overcome.
I really don´t feel K8S have won this battle. I agree people talk more about K8S but i have seen a trend in people that are disappointed with K8S and move against Nomad instead. I guess K8S is too messy. It´s like taking a 2015 enterprise vsphere datacenter environment and containerizing it. Too many layers..
But of course, there´s no fully managed Hashicorp offer for all products in GCP or AWS, Azure....
I do not really understand why people run so many things in containers in the first place. Sure, for sand-boxing and sometimes resource utilization, but the large services I worked on have always been on 10+ dedicated high-end servers with 200GB+ memory each. Absolutely zero need for any additional abstractions. You can also design solutions that use a lot of memory in contrast to containers.
I have actively used Vagrant, Consul, Terraform, and Vault and I really have never understood all the fanboyism for Hashicorp. Their products are OK but easily replaceable and often redundant in modern cloud providers. Wish them luck on their attempt to cash in but I for one do not intend to buy any stock.
I actually tend to agree, and am surprised that the discussion in this post is so breathless. Having used (and continuing to use) multiple Hashicorp products fairly extensively, they tend to have a lot of warts, just fewer warts than the alternatives.
Terraform is a great example:
* It's slow, and new versions often get slower.
* Apart from the most serious ones, bugs often don't get fixed for years, and GitHub issues and pull requests (both for TF itself and the biggest providers) are a swamp of thousands of issues and hundreds of PRs dating back 4+ years. Issue triage is erratic and often fails to fully read or comprehend the reported issue.
* There are some design deficiencies that seem hard to fix. For example: first-class support for providers that are configured based on other resources in the same Terraform state. This usually doesn't work correctly without hacks like `-target`. The "right way" to do this is to have separate TF states for different "layers" of your infra, which is fine and ends up pretty tidy for large infra, but nobody really talks about this (not even the TF docs), so invariably things will not be architected that way at the start and by the time the TF config has grown, refactoring it to split out the layers will be a deeply unpleasant time-suck. (The awful experience that is refactoring large TF configs being another major negative all by itself.) This fundamental issue is the root cause of hundreds of TF GitHub issues.
* The major Hashicorp-maintained (or co-maintained) providers are often massively underresourced, leading to delays before new cloud features are supported, forcing users of TF to maintain those resources outside of Terraform, which is a mess. If a user of, say, the AWS provider tries to rectify the situation by sending a PR, it will just be lost in the sea of ~3000 open issues and ~500 open PRs unless they put in significant time and effort to get attention to it.
Despite all of this, we still use Terraform heavily because it's less crap than the alternatives, but I can hardly muster the love for it that is expressed elsewhere in these comments.
No, state refresh is justifiably slow, it's a lot of API calls, which can only be done so quickly, and it can be skipped (with care) if desired.
Once you eliminate that with `-refresh=false` most of the time is taken building the graph. For our largest config that can take almost 5 minutes for each run, and throwing hardware at it doesn't really help; it doesn't seem to make much use of more than one core. Some TF version updates improve it, but more often the performance gets worse.
Judging by https://github.com/hashicorp/vagrant/issues/7263, I would say that they are the "GNOME" of devops tooling. The quickstart is great, and you feel empowered when your use cases are supported. Beyond that, good luck.
> They are the de-facto standard in DevOps tooling
Im in cloud automation 8+ years. No they are not de-facto standard. For AWS projects, I much prefer Cloudformation. App devs use venv or similar, not Vagrant.
I’d use their CI/CD if they had one, like GitLab, but looks like they don’t?
I've used terraform in 50% of my jobs over recent years.
But even in the companies where I've used AWS and cloudformation we still use Hashicorp tooling. For example we use cloudformation at the current company to handle our AWS infrastructure, but the AMIs launched are generated with packer.
I could probably find more, but many (most?) large tech companies use one or more of the Hashicorp suite. I don't think it's unfair to say that they are the standard toolset for certain roles.
It is true that tools can be emulated (RedHat doing podman as a docker replacement, with same flags) but it is also work.
I wonder whether in the Cloud world, the fan factor is a sign of credibility in a market that is looking for tooling that works across cloud providers.
There have been hundreds of crazy tech success stories in the last few years, but as someone who considers himself an engineer at heart, this one gives me the greatest amount of joy and optimism. Both founders are industry-wide leaders in their field and still treat writing code and solving complex technical problems as their primary job.
Ever since Vagrant, everything Hashicorp has developed has been outstanding! Furthermore, their open core model and this S1 is an inspiration. I wish all the best for Mitchell, Armon and the team!
I have a couple emails from Mitchell H circa 2014. He was doing front line customer support for the Vagrant VMWare Workstation provider -- I think it was just about their first paid offering. I was impressed that the head of the company would take time to help me troubleshoot my busted setup. Incredibly technical and incredibly hard working.
Pretty funny to see this less then a week after Roblox had a huge extended downtime due to issues with their HashiCorp platform (https://news.ycombinator.com/item?id=29044500). Obviously the two events are almost certainly unconnected, but it must have been a very busy week at HashiCorp nonetheless
Met Mitchell at a smaller Perth conference in 2019 where he did a talk on how Vault came to be.
Could tell how much he enjoyed what he was working on and the obvious passion for making better software, actually being down in the weeds and writing innovative things.
Does anyone have an idea regarding when the stock (HCP) will be tradable? It doesn't look like an IPO date has been announced. Perhaps, once an S-1 is filed, the IPO is usually X weeks after that?
I love HCP tools, especially the "lesser known" ones like Vagrant and Nomad.
Bearish on the now-public company, though. I think they grew too fast and the leadership will squeeze revenue out of their current headline "cloud glue" products (Terraform, Vault, Consul) without having incentive to push their other products.
Nomad in particular has a ton of potential but why push it when you can just provide services to enterprise K8s customers. Was major Roblox outage Nomad-related?
I have a feeling that someone will come along with a set of CUE-driven tools that have better UX than HCP tools and HCP will go the way of Oracle.
Mitch has always struck me as a singularly sincere and dedicated individual. His passion for the end user experience show in his every product decision. As a developer, I've enjoyed using his tools more than I should. Most enterprise software is designed by committee. Hashicorp's products feel like they were designed by one person -- or perhaps they know their users extremely well.
It's fascinating to see so many IPOs happen in the past two years. Apparently there have been more IPOs in the past two years than 2014-2019 combined (https://stockanalysis.com/ipos/statistics/) in spite of the pandemic.
I guess it's because there's just so much money swishing around - why not?
The VCs need their exits to pay their funders back and the markets are very “hungry” at the moment so they are cashing out the only route they have available
I wish I could take the time to analyze findings and correlate; could this be due to a period of fundings reaching a peak many years ago?
I recall there was a time it seemed a lot of celebrities were suddenly dying and there was an article that came out pointing that many of them simply belonged to an era of media growth (or something along those lines). So they were all roughly from the same age group and were well… For lack of a better way to put it, reaching their expected age range of demise together.
I recall that years back when I was in uni, the software funding market was becoming super active and people were predicting (and denying) a bubble back then. This was in the 2008 to 2012 time period I think. Are we just seeing a lot of these companies now all “graduating” together? It feels like it matches the timeline of around 10-12 years or so which is when they might be expected to IPO?
PS: I feel like a lot of what I said is based on vague memories of things I’ve read over the years so I apologize if any of that is untrue.
M1 money supply + endish of a bull cycle of tech companies founded early 2010s (coming out of the 10 year VC timeline) and also SPACs (Assuming SPACs are included that would be the driving reason)
There was actually a big decline in IPOs during that period. I honestly can’t say why but I remember it was starkly lower than average. Perhaps for regulatory concerns?
Successful companies seem to be more likely to be started during lean times, and startups take 10+ years to mature. We were in the recession aftermath ten years ago.
Yeah, because the end result is people pointing to it as though it's some extraordinary change. My guess would be it was easier and they're lazy bureaucracy.
I've been using Terraform since 2018 and I love it. A benefit of using Terraform to explore AWS features is that I basically have the peace of mind that everything I create can be easily deleted when I'm done. That alone is huge. Plus, when I create cloud configuration via text, I seem to have a better mental understanding than clicking things in the console.
2. Because being a CEO of a public company comes with a lot of rules around disclosure of material public information and equal access. It takes a special kind of person to disregard general consel and just shitpost on twitter with zero review while directly responsible to shareholders. I don't know what kind of safe harbor Elon thinks Twitter offers but I doubt it applies to Github code review.
If I was to guess, he wants to write code and he started the company so he could write code. He just had to do those jobs along the way to get to the point where he could just focus on writing code and solving problems.
CEO of a publicly traded company is a vastly different job than CEO of a private startup. Your job is to make money for shareholders, not pursue a vision. It's not something everyone wants to do and is likely a lot less rewarding for someone who successfully creates a technology company.
He was a class or so above me in university and, being a public university, it was competitive to get into courses. There were more student interest than class availability, so slots filled up quick. Students also squatted spots for their buddies then during the 3am off-hours would play tradesies. The school website were not immediately up to date, either.
Mitchell ran a paid service where you get a text message when courses opened up. This would give you a 30-60 second advantage to frontrun the thousand of other students who were concurrently refreshing the course availability page.
"UW Robot was registering 70-80% of the undergraduate student body and 'was pulling in about half a million dollars a year' for an automation program he only spent a few hours a year maintaining."
I think I read about him in the school paper. His parents were not keen on him studying Computer Science, and even after showing the financial success of this one app, they were still reluctant about Computer Science. This resonated with me because my family was actively discouraging me from studying Computer Science. Boy were they wrong.
> Hashimoto's dad, who he describes as "a very nice but very strict" Japanese father, didn't think much of his son's love of computers. The cease and desist letter didn't help. His parents limited him two hours a week of computer time. He had to sneak in his coding after they went to bed... $500,000 And Dad Still Isn't Thrilled
I recently realized Taiwan has 1/5th the population of Japan, yet disproportionately has 33 billionaires versus Japan's 45. I'm actually living in Japan right now and experiencing first hand the cultural aspect of risk aversion. I fell in love Kyoto and want to be base my startup venture here. It's not the financing gating me. I'd have to quit my employment for I.P. reasons, but then I don't have the visa status to stay in Japan. The business visa is too restrictive, but I actually qualify for permanent residency, which is the ideal legal status in terms of flexibility. The only bit I need to flip is a guarantor rep for P.R., but once again the cultural aversion to risk gets in the way. This makes me appreciate Masayoshi Son because his ventures are quite antithetical to the Japanese modus operandi. But I digress, just some thoughts on cultural aversion to risk and entrepreneurship
That's curious that his parents and your family discouraged him/you from computer science. I would've thought most parents would be happy about that choice of major for their kids.
He started the major in 2007. In my experience, CS only started being a famously lucrative major around ~2016. Before then, parents especially weren't up to date and still considered medicine and law to be the good careers. And of course, after reading the article:
'When Hashimoto went to college, his dad told him he had one year to pursue "that computer thing."
"If I couldn’t prove to him in a year it was useful in some way, I either had to pay for college myself or become a lawyer or doctor," Hashimoto says.'
Just my N+1 anecdata, but knowing what I know now I'd never encourage a young person to step into the tech industry. It's genuinely brutal, people should focus on specializations instead of assuming that knowing how to code will make you a valuable asset.
> As of July 31, 2021, we served 2,101 customers spanning organizations of a broad range of sizes and industries, compared to 1,473 and 831 customers as of January 31, 2021 and 2020, respectively.
> over 300 of the Forbes Global 2000 were our customers
>As of January 31, 2020, January 31, 2021, July 31, 2020, and July 31, 2021, our last four quarter average net dollar retention rate was 131%, 123%, 128%, and 124%, respectively.
> over 44% of our customers with $100,000 or greater ARR were licensing more than one product
Right now, I don't see the point - It makes sense to use a special language, with a relatively short learning curve, to develop infra as opposed to executable code. But maybe I'm not thinking big enough.
Did not know it existed, extremely cool indeed! By skimming it I still think Pulumi might have a better Dev UX, but surely Terraform is still catching up
Congrats to HashiCorp for their IPO and for building an awesome suite of tools.
I attended a Papers We Love meetup back in 2015 where Armon Dadgar, HashiCorp's CTO, gave the main talk on Bloom filters and HyperLogLog (interested parties can watch a recording of the talk here: https://www.youtube.com/watch?v=T3Bt9Tn6P5c). It was an awesome, very educational talk (on a topic I was previously unfamiliar with), and based on my very limited impression, Armon struck me as a really smart, intellectually curious and nice person. Great to see Armon/Hashicorp achieve such a huge, positive milestone.
I love the products but that S1 didn't exactly blow my socks off. They are hemorrhaging cash and their growth strategy is pretty WeWork-ish. Seems to boil down to "Get more customers", "HCP is probably going to make money", and finally "the rest of the world needs hashicorp too"
They're making hundreds of millions of dollars per year. They have software economics, not commercial real estate economics. Most software companies are "hemorrhaging cash" by the time they file an S1, because if you invent a machine that turns nickels into dimes, the obvious thing to do is spend all your money making as many of those machines as you can, not cranking a small number of them for a small, consistent stream of dimes.
You are right, and this is a decent analogy, but isn't it a lot easier to say:
Look at YE 2021, they spent $140 mill on sales and marketing. Next year they could turn that down to $20 million and they would be instantly profitable and almost certainly grow a little bit too. They could also likely slash R&D and G&A by 30-40% without affecting current products. They are very valuable as is, but growing significantly (which isn't free) makes them even more valuable (most likely).
Your explanation had roughly the same number of words but included multiple figures and acronyms while saying the same thing. I don't think that's easier.
Given their proven track record with new products, it makes a lot of sense to keep spending on R&D. Mostly they’re a classic enterprise software business (with developer-led marketing) and so the wider array of products they have to sell, the better their future cash flow will be with subscriptions/maintenance. $100M and $1B in annual revenue tend to be important thresholds in the enterprise software biz, and they’re well past $100M.
G&A will of course get wrung out by professional managers.
> They have software economics, not commercial real estate economics.
I don't believe this. Snowflake for instance could be profitable if they chose and they have almost no debt. Furthermore their expenses grow logarithmically with their revenue. It doesn't cost much more to have 2 customers as it does to have 1, but the revenue doubles. Their services are an add-on that supplements the revenue from the platform. Its the growth in platform adoption that moves the earnings number.
>They're making hundreds of millions of dollars per year.
No they are losing 10's of millions of dollars a year. Revenue is not earnings. Wework had revenue of billions of dollars a year and but the cost of that revenue meant they had no path to profitability.
I see the same thing here. The bulk of their revenue come from selling services on top of their software. Services have a high COGS. For every service contract you sell you have to pay someone to service the contract. Your costs grow linearly with your revenue. This is the trap yelp fell into. Making billions by paying 95-105 cents for every dollar because opening a new market meant building all the infrastructure for that market.
If hashicorp can't find a way to make the growth in adoption of their software directly influence their earnings I don't think this is a good investment.
No. The bulk of HashiCorp's revenue comes from licensing and support. Professional services is a tiny percentage of their revenue. Preemptively: support subscriptions != consulting services.
I don't know if HashiCorp is a good investment or not. I'm not investing. But their economics are not Yelp's or WeWork's.
What are you on about? When I say "service" I mean people doing things for you. In order to have good economics you have to make money buy selling physical or digital goods. Its because physical and digital goods are intrinsically high margin. Its hard to make a support engineer twice as productive, but it's not hard to halve production costs by leveraging economies of scale. Furthermore, Saying "support != services" is ridiculous. Do you know what you would charge Hashicorp with if they failed to render the promised support you paid for?
This S1 does not say how many shares they expect to sell, so at this time its unclear what percentage of the company new investors will hold. Presumably before the IPO date, it will be updated so investors have an understanding of what they are buying.
The PO in IPO is public offering, meaning new shares are created. So generally speaking, the amount raised goes to the company. Dilution is a factor of what's raised and the vaulation. If you raise a 10% round, you dilute by 10%, so 10% is sold. It varies by company and preference. Existing shareholders can typically sell after the lockup (for common share holders, like founders and employees) and at any time (for preferred share holders, whose shares convert into unrestricted common shares as part of the IPO).
IPOs sometimes sell shares held by existing shareholders. The final S-1 should disclose any sales by existing shareholders. When you see them in roadshow, check for the final S-1.
Statements that proceeds will go to the company are not necessarily correct.
Slightly off-topic, if I wanted to buy some HashiCorp's stocks as a non-US resident, what would be my best options? Any good services allowing me to do that somehow, legally and easily?
Find a broker/platform in your country that lets you trade in the stock market they are listing on (if UK then IG and Hargreaves Lansdown are good), join, fill out the W-8BEN so you are able to buy US stock through the platform (they usually make this a 2 minute job) and then place an order when it’s live. You’ll be paying more than the true IPO price as the bank etc get preferential rates I believe but it’s as good as you’ll get
You're absolutely right. I took a look at a handful of recent IPOs (Snowflake, Unity, Gitlab) and they all basically had just a month lag between S-1 filing and IPO date.
Hashicorp makes some incredible software and I love their open source culture. Pretty much everyone I know genuinely enjoys using their tools. Congrats to Mitchell, Armon, and the whole team.
Awesome, I'm excited for this. Does anyone know of any services where I could add HashiCorp to a watchlist and get an email notification before/after their IPO? (I'm sure I'll see it on HN or other sites but I want to make sure I don't miss it.)
Personally we don't use it in my org, and the mix of on-prem Kubernetes and GKE is just a shitshow.
I recently started learning Nomad, and Nomad (+ Terraform for cloud) is the only thing that makes sense (for our use cases). That said, I think higher management is too highly invested in K8s and they won't backtrack on this.
Love HashiCorp, though not sure what to think about Sales&Marketing to R&D ratio, which is 2:1 (141kk vs 65kk in 2021). Maybe people who read S1s more often can tell if this a normal ratio? Seems pretty high to me.
It will be interesting to watch what new products the launch.
I guess a monitoring solution would be next. Netdata could be a good fit with agent-first approach.
When Armon giggled then laughed at me as I asked him about DigitalOcean buying Hashi back in the day, I knew they'd be a billion dollar company. Armon and Mitchell are as good as they come, certainly two of my favourite people I've met on my startup journey.
I'm beaming with joy at the prospect of becoming a shareholder. Well done team, well done.
Lots of interesting tidbits in here, not least that Armon Dadgar, who basically built most of the their revenue generating software, is paid considerably less than their CRO.
That's often the case when they have to bring a new executive on for the latter years of a company before going public... Look at page 174 though, Armon owns over 18M shares, the CRO owns 400k.
Assuming a share price of even $10/share, the $4M difference in 2021 comp will swing slightly in Armon's direction when his equity stake is worth $175M more than the CRO's.
Holy smokes.. Yeah, I didn't have a basis for the $10/share, it was just a random number since I didn't have valuation detail... but wow. So Armon's shares would be worth something like $535M more than the CRO's. I suspect he's okay making a bit less in W2 income this year!
Comparing salary is irrelevant when one person has a founder ownership stake while the other was hired as an employee a lot further down the line. Dadgar would be perfectly fine with $1/yr.
You are comparing salary when you should be comparing ownership. CRO has little ownership vs Armon who doesn't really care about his salary but rather the worth of his ownership position.
Also you are comparing an owner vs an employee, not apples to apples.
I think we need to see how it performs in the public markets for a couple years to define success of the model. At this point it is certainly a success for the early investors / co-founders.
Lots of IPOs out there (~3x the normal number). Looks like companies are betting hard times are ahead and trying to create cash floats to sail the rough waters.
$259 million revenue. 2100+ Customers, 1500+ employees, $10 Billion Valuation.........
I mean I felt it wasn't that long ago Vagrant was "the" tool for the job.
How it all started, the submission on HN [1], quote:
>This project has been the love child of myself and John Bender (nickelcode.com) for the past 6 weeks. We're both daily HN readers and would like to use this as a starting point to show Vagrant to the public. Specifically, I'd like to open up to any questions and feedback, so that the HN community can get to know Vagrant. Your feedback is extremely valued. Thanks!
>A bit of background on this project: I work at a development company (citrusbyte.com) in LA. I see new projects almost every couple months, and I'm often working on multiple projects simultaneously due to work, freelance, and personal projects. Managing the development environments between many projects on a local machine became a huge burden and a coworker once mentioned developing in a virtual machine. I thought this was a great idea, and Vagrant was eventually born from it.
Really amazing achievement in such short space of time. Congratulations!
Edit: I wonder how many company started or partially started on HN that went on to IPO. I know Dropbox is one. Do we have a list somewhere?
[1] https://news.ycombinator.com/item?id=1175901