Infrastructure as Code

Muji recently published an digging into where many of our companies are headed, enabling Infrastructure as Code.

My take:

Using the cloud and infrastructure as code (IaC) greatly opens the door to where enterprises (at first) and many SMBs may choose to enter for the clear prospect of increased productity. The value proposition is apparent when IaC replaces in demand talent. This then leads to increased demand for tool sets (many of our companies)which have evolved to make this increasing productivity by IaC more performant as they: manage (Snowflake, Cloudflare and soon Datadog…as they move more into orchestration), secure (Cloudflare, Zscaler, Crowdstrike), and observe (Datadog and soon Crowdstrike…Humio’s recently been renamed and relaunched as a module now called LogScale for observaility into the massive Siem market.).

I knew things were going to only get more complicated, when trying to follow many of the companies we invest into. Special thanks to one of our own, Muji.




Here’s the link to the article online.


Hi WillO2028,

I’m not sure what you mean by this. IaC doesn’t replace any demand in talent. In fact, it requires even more talent than physical infrastructure.

IaC certainly makes a lot of things easier and faster. However, it also now requires “unicorns” in the tech industry to come up with IaC. What I mean by that is, when building physical infrastructure, a company would have a team of people involved in the construction of the data center (we’ll ignore the power/cooling experts since they don’t apply in the cloud). There would be networking and systems architects, and networking and systems administrators (not at all the same thing), applications administrators, security experts for network, systems, and applications (all different specialities!). Lots and lots of different people would be involved in this.

But with IaC, you now need fewer people, but, that reduced team needs to cover EVERYTHING mentioned above AND they need to code as well. Understanding how to build infrastructure in the cloud is actually significantly more complicated than in a data center and is significantly more difficult to monitor and secure. But, all the old rules of networking and security still apply. So if you don’t know the basics of physical infrastructure and good network and systems design, you can’t even begin to write IaC for cloud deployments. I happen to be one of these unicorns. I’ve been building physical infrastructure and managing large scale complex networks for almost 30 years. When you read about shortages of personnel in high-tech, I can assure you that shortage is real! It’s not a matter of not enough people, it’s a matter of not enough people with the right skill sets. For the past 30 years the industry focus has been on java-based application development. Therefore, the universities have been churning out Java developers in large numbers with almost no focus at all on systems, networking, architecture, security, etc. Those skill sets were almost entirely developed by the few people with an interest in those areas. As a result, we now have an over-supply of application developers and a significant scarcity of infrastructure experts.

The flip side of that is, infrastructure people seldom, if ever, had to write code. Most infrastructure people know nothing about how to develop or write code for much at all. They might know how to write some really basic utility scripts to help automate certain things like updating routing tables etc. But typically they don’t know how to write code that scales in any way.

And yet, this term DevOps, the media keeps throwing around, which managers seem to be jumping onto, is supposedly exactly that unicorn; a Developer with Operations experience. Something which is almost entirely non-existent! (the reality is, DevOps is NOT a job description, title, or team name, but rather, a software development philosophy, in a similar way that Agile is a software development philosophy! We don’t have teams of “Agile developers” or an “Agile guy”, so why do we insist on having a “DevOps team”?! At my company, I’m known as “the DevOps guy”…! but I digress.)

So, to summarize, we now need unicorns which are required to know both infrastructure design and management, network and application security, AND how to write code in order to develop IaC. There is, contrary to your assertion above, more of a demand for talent than ever before, except where that talent used to be spread out among teams, it must now be concentrated in a much smaller number of people responsible for the infrastructure. And, whether you get application developers who need to learn infrastructure, or infrastructure people who need to learn to write code, you’re still attempting to create unicorns by forcing them to learn very different skill sets which are specialties in and of themselves which take years to master!

Again, this is not at all what our companies do. Not really. Each of these companies has a very particular place in a network infrastructure. At one time, monitoring was outsourced to special applications which monitored specific aspects of networks or application performance or security. More often than not a company would have several somewhat overlapping applications they would deploy to cover everything which needed to be monitored. And some of these were even home-grown applications, or open source applications.

What Datadog does is to provide a central dashboard to collate all the various things which used to be spread out across many different applications. Datadog doesn’t make anything “more performant”, though they do allow a company to outsource the very complex task of monitoring cloud-based infrastructures and applications to Datadog (for a VERY HEFTY price!). A lot of what Datadog does it to simply collect data and present it in a cohesive/easy to understand dashboard.

Once a company has decided to use datadog, the IaC people and application developers still need to build code which contains the ability to send those data streams to Datadog so they can monitor the correct things. That alone is a lot of work. Then comes the customization of those dashboards into something useful.

So, while a company may have off-loaded/out-sourced the building of monitoring services to Datadog, they still have a lot of work left to make the financial cost of this service worthwhile.

Cloudflare, Crowdstrike, and ZScaler are in many ways similar. A company may well outsource their security to these companies, which indeed do leverage cloud technologies, but the company still needs IT security experts to manage these applications. And these companies through their use of IaC, are in fact now competing with their own customers for the very IaC unicorns I mentioned above.

Snowflake is doing to database storage what Datadog is doing to monitoring and observability. Companies still need database and storage experts, but now they need experts who both know and understand database infrastructure AND how to code database applications, since, what Snowflake really offers, is an interface for applications to access different types of database storage. Without the combined skillsets of database infrastructure, database design, AND database application development, a company won’t be able to effectively leverage something like Snowflake.

Things are getting INSANELY complex. And skillsets are getting compressed down from being spread out across large teams with niche experts into many smaller teams of expert generalists who are both a mile wide and a mile deep in a variety of skillsets.

When looking at our companies, the thing to understand about what they do is that they essentially create a monopoly position in one small niche of expertise. Datadog owns the observability market, Snowflake owns the database storage and analysis tools market, CRWD, NET, and ZS own the endpoint and network security markets.

These companies have created niches where there isn’t a whole lot of competition (sure it exists, but our companies are the big dogs!). CRWD, NET, and ZS all compete a little with each other, but mostly, offer complimentary services.

In other areas, companies are trying to do the same thing. For example, Atlassian (TEAM) is the big-dog in the software development project tracking/management market. But they’re also competing in the more general market of providing “developer tools”. TEAM competes with Gitlab, Git Hub, and JFrog. Each of those companies claims to have a special niche but are aggressively adding on toolsets to compete with all the others.

TEAM currently provides:

  • A Git repository (Bitbucket)
  • A Wiki (Confluence)
  • A project tracker (Jira)
  • A CI/CD automation platform (Bitbucket pipelines)

Gitlab also provides all of the above (an IMO, their CI/CD platform is the best of breed).

GitHub (owned by Microsoft) provides all the above as well, and is the defacto standard for open source projects (which is their opening into the enterprise).

JFrog also provides all of the above, but their claim to fame is the “artifact repository”, i.e. a place to store your final, compiled/built product package. (GitLab and GitHub also have artifact repositories, but they’re not as good as JFrog’s).

I’ve seen a lot of discussion on these boards, and across TMF, about these last few companies. Personally, being in the industry, and familiar with all of them, I choose not to invest in any of them precisely because not a single one of them offers anything unique, and they all do more or less the same things, just differently. Each has their primary skill, and adds on everything else slightly less well than one of their competitors.

In closing:

  • The companies most often mentioned/followed on this board offer the opportunity to invest in a monopoly situation in their niche.
  • They all leverage IaC to provide that monopolistic offering.
  • Every company is now building a SaaS product using IaC.
  • All of these companies are now also competing with each other for the same combination of skillsets which they need to find in individuals instead of spreading those skills out across teams.
  • IaC makes a lot of things easier and faster, but simultaneously make them significantly more complex.



Hi Paul,
Thanks for your reply. I first want to apologize for the horrific formatting of my September Portfolio Summary. Wow, I rolled the dice when I couldn’t find the preview function and I lost. Please feel free to delete. I’m going to have to recreate the whole of it a third time, this time hopefully Google doc formatting will work better.

I also see how In my attempt to condense down a very complicated topic, I was not as clear as I could have been. Thanks to Smorgasbord for posting the link where Muji is I’m sure more clear.

Paul, I do see, in your closing remarks here

  • In closing:
  • The companies most often mentioned/followed on this board offer the opportunity to invest in a monopoly situation in their niche.
  • They all leverage IaC to provide that monopolistic offering.
  • Every company is now building a SaaS product using IaC.
  • All of these companies are now also competing with each other for the same combination of skillsets which they need to find in individuals instead of spreading those skills out across teams.
  • IaC makes a lot of things easier and faster, but simultaneously make them significantly more complex.*
    …many of the same take aways. So, I don’t think I have any substantial disagreements with you post.




Hi Flix: This is intended to be a private reply to you – I hope it doesn’t end up on the board. I work in tech, and have a small degree of familiarity with much of what you write. It was an excellent comment. thx