After Kubernetes, Heptio, and VMware, the Kubernetes co‑creators are betting that securing AI workflows and agents is the next big infrastructure problem — but they’re doing it with a VMware‑inspired hybrid open source play.
Joe Beda has signed on as CTO at the two year old startup Stacklok, which is trying to tame cybersecurity in the age of AI. This puts Beda back under the same company roof as Craig McLuckie, the company’s co-founder and CEO. The two share a history going back to 2013.
“It took a lot for me to exit ‘semi-retirement,'” Beda wrote in a LinkedIn post last week. “I was recovering from burnout and learning how to slow down. But this was just too good of an opportunity for me to pass up.”
This might be a little bit inside baseballish to those who are either newcomers to Linux and open source or who work outside of enterprise tech, but to anyone who’s been working in DevOps or CI/CD circles since the early days of Docker and containers, this is big news. Beda and McLuckie have been a big part of the cloud-native environment since the term was first used.
“I joined Stacklok for multiple reasons,” Beda continued in his post. “First, if I’m going to call myself a software engineer in good faith, I have to learn and embrace this new world we find ourselves in. More than that, I want to help invent it! Exploring these new tools on my own would happen at a slower pace, but digging in as Stacklok’s CTO alongside an amazing team of Applied AI Engineers and platform builders is the best way to make this happen.”
Getting to the Fork in the Road
While Docker largely introduced containers to the world, Beda, McLuckie, and Brendan Burns made them easier to manage. They were the three Google developers behind Kubernetes, which largely replaced Docker’s Swarm as the go-to way to wrangle — or more properly “orchestrate” — containers. They were also insistent that Google make the platform universally available, by insisting it be released under an open source license.
The trio started to split from Google in 2015 when Beda moved on in May of that year, with Burns quiting in the summer of 2016, ending up at Microsoft. McLuckie followed Burns, leaving that October. A month after that — in November — he and Beda co-founded Heptio, a Kubernetes-focused startup, with McLuckie occupying the CEO office and Beda as CTO. Heptio never got out of its startup phase, being acquired by VMware two years later in a $550 million cash and equity deal that was many times larger the funding it had raised — so something of a windfall for the founders.
McLuckie and Beda both went to VMware as part of the deal and stayed until the company was acquired by Broadcom, when they both walked. Again, Beda left first — in June of 2022. McLuckie left in November and co-founded Stacklok six months later, taking the reins as CEO. Co-founder Luke Hinds took the CTO seat, which he vacated last May, and which Beda will now be filling.
“I can’t be more excited to be working with Craig again,” Beda told me in a message exchange shortly after his LinkedIn post. “We work incredibly well together and have through our time together building out GCE, starting Kubernetes or the entire Heptio journey. I’m not sure where Stacklok will take us but I’m excited to find out!”
Together Again — but Differently
Beda seems to relish the prospect of working in Stacklok’s specialized security arena, which seeks to secure and govern AI agents and their access to tools and data, even though this puts him in territory that’s very different from Kubernetes. As far as he sees it, this is something of a logical next step after all those years making distributed systems easier to handle.
“What has me most excited about what we are doing at Stacklok is melding the infrastructure and distributed systems mindset that Craig and I bring through our experience building things like Kubernetes and applying that to the AI space,” he said. “Enterprises of all sizes are struggling with how to apply AI in an effective and safe way and Stacklok is providing answers.”
Indeed, Stacklok has already been doing a lot of heavy lifting in this space.
Back in 2024, the startup donated its open source Minder Platform, at the time its flagship offering, to Open Souce Software Foundation, a Linux Foundation project. It’s also released CodeGate, an open source, locally deployed security proxy for AI-assisted coding workflows that’s designed to sit between developers’ IDEs and AI coding tools such as ChatGPT, Claude and the like.
There is a bugaboo in the wash, however. As open as Stacklok’s software is not 100% open.
Open and Closed Doors
Stacklok should not be considered an open source company. It’s no SUSE or Ubuntu, which releases all of their core software under open source licenses, even if they do ship some proprietary tooling on the side. It’s not even a Red Hat, which releases all of its software under open source licenses, but takes draconian measures to protect its source code. It’s more of a hybrid company, with much of the underlying software it releases covered under open source licenses, while the platform that ties these components together is proprietary. In other words, it’s open core more than it’s open source.
“The core of Stacklok’s offering is open source currently with Toolhive,” Beda said when I asked him about Stacklok’s commitment to open source. “As we evolve, I’m sure that open source will play a major role in what we are doing.”
Fair enough, I guess. Open source Toolhive is the backbone to Enterprise MCP Platform, which these days is Stacklok’s proprietary flagship platform.
Anyway, this song is dedicated to a reunited Joe Beda and Craig McLuckie…
Christine Hall has been a journalist since 1971. In 2001, she began writing a weekly consumer computer column and started covering Linux and FOSS in 2002 after making the switch to GNU/Linux. Follow her on Twitter: @BrideOfLinux
Be First to Comment