In 2009, Nutanix emerged to disrupt the enterprise IT infrastructure landscape. In four years, they reached a $1 billion valuation, officially earning the title of “unicorn startup”—then filed for the biggest IPO of 2016. Helping the likes of JetBlue and The Home Depot cut costs and simplify cloud computing, the San Jose-based company gives clients the flexibility to keep some data in-house and offload other pieces to the cloud.
Since going public, Nutanix has acquired a number of startups to bolster its platform. “Every single one was already working with GitHub,” said Jon Kohler, Technical Director, Engineering. Historically, these teams would be offboarded from GitHub into Gerrit and Jenkins. “It was so inconvenient for all the developers joining our family,” he said, “We were diametrically opposed to the agility and speed of a smaller startup with a couple dozen developers.”
Instead of forcing agile companies to fit their workflows into legacy products, Nutanix decided to rethink their strategy and become more agile themselves. They adopted GitHub Enterprise, hosting code in their data centers and also in the cloud on github.com. Soon, they signed up for 7,000 licenses and brought all their GitHub organizations under one account. And once the transformation took hold, they began migrating all of their projects to the cloud. Kohler added: “It was time to start kicking ass.”
Introducing GitHub and migrating to the cloud “opened up the floodgates.” Teams could integrate new developer tools and try out open source technologies—gaining the autonomy to define their own toolchains. To ensure it was easy for developers to use all of their tools in the cloud—even ones that don’t directly integrate with GitHub—Nutanix developed Canaveral, an in-house productivity platform that automatically applies any GitHub configurations users might need. As Software Architect Will Howell explained, “We’ve tried to maintain this policy: When any new service or platform comes online, it’s integrated with GitHub.”
For instance, it automatically deploys specific rules for branch protection, lays out a reference file structure, and sets up all third party service integrations such as build and artifact services. Then it applies some additional features, like ensuring that all code access controls are deployed to manage teams across GitHub. Kohler added, “GitHub is the foundation on which all of this rests.”
When combined with CircleCI, GitHub and Canaveral streamlines onboarding for new and legacy products. Kohler’s team recently set up a process that generates a crucial component, known internally as the GI, for Nutanix AOS which every single one of Nutanix’s 17,000 named customers relies on. Historically, the GI generation process has been manual, but with GitHub and CircleCI, their team was able to refactor the entire process quickly. “It just made it so much infinitely easier,” he explained. “I can’t even express the weeks we saved, not to mention the future time savings with this fully automated pipeline.”
Before, developers relied on admins to create repositories within Gerrit and Jenkins. In order for a branch to even be created, engineers had to first submit a Jira ticket to have that branch be fully integrated across the entire pipeline. “Now, when we move anyone to the Canaveral-GitHub-CircleCI process, there’s an element of shock and awe,” said Howell. “They can just click one button and they’re done.” Kohler explained that they call this the “just go nuts” experience for developers. “They’ve been restricted for so long, but now they can take control.”
Users on GitHub are twice as productive and deploy two to three times more than those who’re still using Gerritt.
Howell agreed, “It’s been really nice to give developers a sense that they’re in control of their own destiny when it comes to their repositories.” And since a majority of Nutanix developers have their own accounts, they leverage SSO with Okta, and developers can sign in with their existing credentials. This enables a “one developer, one account” policy in GitHub, reducing the friction of using GitHub in the cloud.
Any team can add a tool or create a repository, but the lack of restrictions hasn’t kicked up chaos. In fact, Nutanix developers are more productive than ever. Most internal commits now happen on GitHub and the difference between the team’s legacy tooling and their agile new workflow shows. “Users on GitHub are twice as productive and deploy two to three times more than those who’re still using Gerritt,” said Howell.
One of Nutanix’s foundational products, Prism, is a core platform that streamlines common datacenter workflows and manages the entire stack. “We really try to make products and platforms that delight our customers,” explained Kohler. “They light up when they use Prism.” Recently, the team hit a new milestone when they moved the entire Prism code base into GitHub. “Disaggregating it from the legacy codebase was a multi-year effort. Now we trust the entire thing to GitHub,” said Kohler.
GitHub Enterprise also gives Nutanix easy governance. “We simply turned on the SSO features at the business level, and now we’re done,” said Howell. They’ve removed administrative permissions from the entire population and can grant the same ability through code or Canaveral. “That makes our compliance audits super simple, because now when someone asks who has admin, the answer is nobody.” And because identity management is connected with GitHub Actions, teams can create and manage contributors internally and just audit them externally.
As part of moving new acquisitions under the Nutanix umbrella, they enabled Dependabot, which detects vulnerabilities and automatically triggers pull requests with recommended fixes. “We were able to immediately provide customer-facing product teams with critical CVE alerts, which we also publish to our executive chain,” explained Howell.
This was especially good timing: Nutanix was about to launch a product update to Calm, and immediately found two critical vulnerabilities they were able to fix before the shipping window. “It was a huge win for us,” said Howell. Similarly, the first time they used it on their Life Cycle Manager (LCM) product, Dependabot found an issue in 15 minutes. It was automatically tested by the Canaveral pipeline and approved by a developer for integration in under four hours. This happened without manual effort from their centralized product security team. “It’s impossible to get that level of velocity with traditional processes or some post-process scanner that runs once a week,” added Kohler.
And since a lot of Nutanix’s projects use open source code, Dependabot helps the team visualize and remediate dependencies quickly, “It’s done with two clicks. It’s just so easy,” said Kohler. “It’s been really nice to have rich security features that we can just plug into—versus building a massive mechanism to block users from doing something.”
Along with offering greater visibility into thousands of repositories, GitHub saves Nutanix from frustrating downtime which historically plagued the Gerrit and Jenkins infrastructure, cutting into developer productivity.
One of the things we really liked about going to GitHub Enterprise is that we can get the latest and greatest features without taking upgrade downtime,” said Kohler. “The uptime SLA has been significantly higher with GitHub.”
Third-party vendor relationships also benefit from the switch. Because Nutanix builds a hardware platform and has a list of certified equipment they work on, they can accept submissions from ecosystem partners like Lenovo, HPe, and Dell directly into their process. In what was previously a manual job, those teams can now push commits into their own private GitHub repository; Canavarel will then kick off a build job in an internal repository that integrates that data and turns on the appropriate tests. “That team was previously spending 50 to 60 percent of their time managing those vendor relationships, and they completely automated that with GitHub,” explained Howell.
The people behind Nutanix’s strategic acquisitions inspired them to shift their methodology and lean on flexibility, interactivity, and transparency. “We now meet our developers and partners where they already are: GitHub,” Kohler explained. This time-saving shift empowers employees across the company to take initiative and improve efficiencies, solidifying Nutanix’s leadership position in the hyper-converged infrastructure space.