Welcome to episode 261 of the Cloud Pod podcast – where the forecast is always cloudy! Justin, Matthew, and Ryan are your hosts this week, and there’s a ton of news to cover, including a slew of Azure and Oracle stories! This week the guys cover some new cost management strategies from FinOps, some Kubernetes updates, MS Build, and even fancy schmancy CoPilot PCs!
Titles we almost went with this week:
- Azure woke up and announced things
- AWS stops taking your IPv4 Money
- Well now everything has copilot
A big thanks to this week’s sponsor:
Big thanks to Sonrai Security for sponsoring today’s podcast! Check out Sonrai Securities’ new Cloud Permission Firewall. Just for our listeners, enjoy a 14 day trial at https://sonrai.co/cloudpod
AWS
00:57 AWS plans to invest €7.8B into the AWS European Sovereign Cloud, set to launch by the end of 2025
- Amazon is sharing more details about the AWS European Sovereign Cloud roadmap so that customers and partners can start planning.
- The first AWS European Sovereign Cloud is planning to launch its first AWS Region in the state of Brandenburg, Germany by the end of 2025.
- Available to all AWS customers, this effort is backed by a 7.8B Euro investment in infrastructure, jobs and skills development.
- Customers will get the full power of the AWS architecture, expansive service portfolio and API’s that customers use today.
- Customers can start building applications in any existing Region and simply move them to AWS European Sovereign Cloud when the first region launches in 2025.
- And how exactly will they do that, you might be wondering? If you mean there will be an easy button that’s awesome… do it everywhere else.
- if you mean update Terraform and redeployed Screw you, Amazon.
03:23 Ryan – “Yeah. It just seems so anti what they’re trying to set up with the sovereign region to begin with, right? Like, I guess copying data is fine in, but not out. Like it’s sort of, it’s like GovCloud, right? It’s completely separate. So strange.”
05:06 Application Load Balancer launches IPv6-only support for Internet clients
- ALB’s now allow you to provision load balancers without IPV4 for clients that can connect using just IPv6. Woot.
05:25 Ryan – “So the trick is for internal, the reason why we’re starting to see this more and more is that because you can address these huge spaces in IPv6, they’re not doing the equivalent of RFC 1918 address space. So that’s why these things become super important because they’ll configure an internal sort of networking path that’s only IPv6, but then you can’t use like a managed load balancer or something like that because there’s no IP space.”
08:37 Amazon WorkSpaces Web is now called Amazon WorkSpaces Secure Browser
- AWS is rebranding Amazon Workspace Web to Amazon Workspaces Secure Browser.
- With Workspace Secure Browser, users can access private websites and SaaS web applications, interact with online resources, or browse the internet from a disposable container. The service helps reduce the risk of data exfiltration by streaming web content – No HTML, DOM or Sensitive company data is transmitted to the local machine.
- This product just can’t stick to a name to save its life… this thing originally was Amazon Worklink, then Amazon Workspace Web, and now Amazon Workspaces Secure Browser.
11:13 Challenges of AI in Cloud Computing with Justin Brodley
- Last week Justin was the guest on the Screaming in the Cloud podcast, where he and host Corey Quinn discussed changes in cloud computing, and the repercussions of the current intense focus on AI, and Justin’s recent visit to Next.
- Want to listen in? Of course you do. Find the show page here.
- Want to watch it on Youtube instead? We’ve got that link for you too.
GCP
12:49 Cost Management Elevate your FinOps strategy: Optimize with FinOps hub, now GA
- Google is making FinOps Hub Generally Available, the new service allows you to supercharge your Finops Practices and optimize costs with intelligent insights and actionable recommendations.
- The GA includes the ability to rightsize resources, reduce waste, and optimize rates with CUDs so that you can invest those savings directly into innovation.
- Finops Hub comprehensive cloud optimization solution is designed to solve the biggest challenges faced by Finops teams.
- It blends rates and usage strategies with personalized prescriptions tailored to your business needs.
- Plus you can track your accomplishments with an easy-to-use realized savings ledger.
- Key features include:
- Quantify your savings opportunity
- Storing accomplishments in the savings ledger
- Cost Savings recommendations
- Benchmark your Finops maturity
- Quantify CuD optimization
13:28 Ryan – “I don’t know how many times I’ve worked with teams to, to work, bring down their costs. And then, you know, there’s another major initiative and they’re like, how much penny pinching do you expect me to do? Right. And then versus other teams who barely make any effort and are applying the same things. And so the ability to sort of call out teams and, and see that savings is amazing.
15:10 Announcing general availability of Ray on Vertex AI
- Google is excited to announce their seamless integration of Ray, a powerful distributed Python Framework, with Google Cloud Vertex AI is GA.
- This integration empowers AI developers to effortlessly scale their AI workloads on Vertex AI’s versatile infrastructure, which unlocks the full potential of ML, Data Processing and distributed computing.
- Ray’s distributed computing framework gives you a unified experience for both Generative AI and Predictive AI, which seamlessly integrates with Vertex AI infrastructure services.
- A unified development experience gives you an easy way to transition from interactive prototyping on local dev or in Vertex AI Collab Enterprise to production deployments on Vertex AI managed infrastructure with minimal code changes.
- Enterprise Grade Security, including Service Controls, Private Service Connect and CMEK.
17:18 Justin – “I’m not a huge fan of, like, I think we’re reaching the end of the transformer model era. Like, they’re gonna keep getting bigger and more contacts and more tokens. And then there’s gonna be a point where the return on these investments is gonna depreciate very quickly. And I think then we’re all gonna be like, well, what’s after transformer? Because that only did one thing and now we need more things. So, we’ll see how that works out over time.”
17:46 Google is named a Visionary in its first 2024 Gartner® Magic Quadrant for SIEM
- Google ends up in the Visionaries quadrant on the latest SIEM magic quadrant.
- This is a very crowded quadrant in general; Google is nearing the line to go into leaders, but just misses the mark against Splunk, Microsoft, IBM, Secoronix, Exabeam.
- AWS isn’t on the quadrant, nor is Oracle.
- Google gets high marks for its easy to use query interface, capabilities, and flexible cost model, but low marks for it only being a SaaS solution, reporting being provided by Looker and its complicated EUBA capabilities.
- Microsoft scored high marks with Sentinel, with strengths being its tightly integrated ecosystem, customizable solution and MITRE ATT&CK coverage – but cautions it has an over reliance on Azure, limited OOTB compliance reporting and its only a SaaS product.
20:31 100 things we announced at I/O 2024
- So Google announced 100 things at IO, and we already covered updates to LLM’s last week. But there were a few things we missed that I wanted to highlight real quickly.
- Project Astra is their new vision for the future of AI Assistants.
- Bunch of stuff for Android and other AI integrations.
- Project IDX is their new integrated developer experience for full-stack, multi-platform apps that is now open for everyone.
- Firebase released Firebase Data Connect, a new way for developers to use SQL with Firebase (via Google Cloud SQL).
Azure
21:58 The availability of Azure compute reservations will continue until further notice
23:04 Matthew – “It’s just like a AWS is where it’s more savings if you choose the exact instance types or virtual machine types, but they do have the savings plans, which does go across virtual machines and their app services. If you’re in a certain level, like a P three or above, I think. So like there’s, there’s some nuances there.”
23:41 Public preview: Change from serverless to provisioned capacity mode
- You can now change the capacity model of an Azure Cosmos DB account from serverless to provisioned capacity in place using the Portal or CLI.
- This couldn’t have been a launch feature?
24:54 Introducing Copilot+ PCs
- Microsoft has dropped the latest PC’s designed for AI, COpilot+ PCs.
- Copilot+ PC’s are the fastest and most intelligent windows PCs ever built. With new silicon capable of an incredible 40+ tops, all day batter and access to the most advanced models.
- Copilot+ PCs will enable you to do things you can’t do on any other PC – like having a button that says CoPilot! COOL!
- Aka… Microsoft is launching ARM based Surface computers again… but with Copilot.
25:54 Public preview: Kubernetes version 1.30 support in AKS
Generally Available: Azure Functions can now run on Azure Container Apps
- Azure Functions can now be used on Azure Container App environments to deploy your multitype services to a cloud native solution designed for centralized management and serverless scale.
- Azure Function’s host, runtime, extensions nd azure functions apps can be developed and deployed as containers using familiar functions tooling including Core Tools, AzCLI/Portal/Code-to-cloud with Github Actions and Devops tasks into the container apps compute environment.
28:50 Matthew – “So it’s all tied to the app service world. So this is taking the app functions and launching them directly in the app in the Azure container app service instead. So you’re able to essentially run a Lambda now in two different places, depending on what other infrastructure you have set up. So if you’re already leveraging app service plans and you have managed app service plans, so think like you have told AWS, I need X number of CPU and servers to run all my Lambda functions. You can now also run them in just the container form instead. So think your ECS or EKS cluster.”
29:50 Public Preview – Azure Compute Fleet
- Azure is announcing the preview of Azure Compute Fleet, a new service that streamlines the provisioning and management of Azure compute capacity across different VM types, availability zones and pricing models to achieve desired scale, performance and cost.
- Azure Compute fleet provides customers with many features to deploy and manage a diverse group of VMs at scale:
- Integration of multiple pricing models within a single fleet request
- Automated configuration of fleet of VMs to achieve the best mix of VM sizes, pricing models and performance based on current capacity availability.
- Adjustable settings to prioritize either deployment speed, operational cost or balance of both
- Capability to manage and deploy up to 10,000 VMs in a region with a single fleet
- Numerous options that allow users to automatically and programmatically control how fleets respond to changing variables, such as cost overruns, capacity shortages of specific VM sizes, or the eviction of spot VMs.
32:34 Justin – “I’ve used it on a couple other projects, where I needed to provide, you know, some really spot instances and it, you know, the challenge that if you are doing a lot with spot instances now on Amazon is if it’s a instance type that could potentially be used for model training, a spot market dries up really quickly for certain instance types. so you have to really deploy fleets now for spot to really be, have any level of reliability and uptime. And so, I’ve had to use it a couple of times now and it’s still problematic, I would say, but not as problematic as it was many years ago when we first tried it.”
35:37 What’s next: Microsoft Build continues the evolution and expansion of AI tools for developers
- Build continues after the announcement of the Copilot PC’s with several new capabilities today
- Real Time Intelligence within Microsoft Fabric, in preview, can be helpful for analysts with simple low/no-code experiences, and it also can benefit pro developers with code-rich user interfaces.
- Workload Development Kit in Fabric makes it possible for developers and ISVs to extend applications with Fabric to create a unified user experience.
- Github Copilot extensions, allows developers and organizations to customize their Github Copilot experiences with preferred services like Azure, Docker, Sentry and more directly within Copilot Chat for Github.
- Using extensions like Github Copilot for Azure developers can explore and manage Azure resources, while also troubleshooting issues and locating relevant logs and code.
- Microsoft and Cognition are bringing their Autonomous AI software agent, Devin, To customers to help with complex tasks such as code migration and modernization projects.
- New Instance types include the new Azure ND MI300X v5 from AMD for training and inference needs, as well as the Cobalt 100 ARm-based VMs in preview.
- Cobalt 100 ARM-based virtual machines are custom silicon designed by Microsoft.
- New Team Copilot as an expansion of M365. You will be able to invoke CoPilot where you collaborate in Teams, Loop, Planner and More. Team Copilot can be a meeting facilitator, managing the agenda, tracking time and taking notes. It can act as a collaborator in chats by surfacing important information, tracking action items and addressing unresolved issues.
- Microsoft Copilot studio is a new agent capability, empowering developers to build copilots that can proactively respond to data and events.
40:42 Expanding extensibility model to Pulumi in Azure Deployment Environments
- Azure Development Environments now delivers a more seamless experience to customers, enabling them to leverage popular IAC frameworks quickly and easily with its extensibility model and perform or customize deployments based on their organizational needs.
- Azure now supports Pulumi through its extensibility model: In addition to being able to use Arm, Bicep, and Terraform already, customers can now easily perform deployments using Pulumi Azure API management Updates.
41:23 Matthew – “ARM is CloudFormation, Bicep is CDK.”
46:00 GA Load Balancer in Azure API Management & GA Circuit Breaker in Azure API Management
- General availability of the Load Balancer feature in Azure API Management is here along with new circuit breaker functionality.
- Customers can now effortlessly create pools of backends and efficiently distribute the load across multiple endpoints. By establishing backend pools, users can seamlessly balance the load across various backends when integrating multiple backends for an API.
- The innovation allows customers to spread the load across multiple backends, each equipped with individual backend circuit breakers, ensuring optimal performance and resilience.
- Circuit breaker properly within backend resources to protect their backend services from overload due to excessive requests. This allows customers to set specific rules for when the circuit breaker activates, including thresholds for failure occurrences within defined timeframes and identification of specific status codes indicating failure.
Oracle
47:55 Announcing IP Address Insights on Oracle Cloud Infrastructure
- Oracle is giving you a new IP Address Insights on OCI. This free service enables you to monitor and manage your IP addresses on OCI by providing a regional view of IP address usage (v4 and v6) across your tenancy with hierarchical visibility into virtual cloud networks, subnets and resources.
- You can finally get rid of all those terrible IP platforms – if you’re on Oracle.
48:58 OCI network load balancer enhancements for backends support
- OCI network load balancer has always supported backends in its local region. The backend can be in the same VCN as the network load balancer or a different VCN connected to the network load balancer VCN by local peering gateways.
- Now Oracle is expanding that support to connect a load balancer to anywhere reachable by the network load balancer through an OCI dynamic routing gateway. This allows for new scenarios, including:
- Cross-VCN Connectivity
- Cross-Region support
- On-Premise backends
49:46 Justin – “I would love to be able to use this on a cloud migration strategy. The dreams I have, like the day I can use it for that capability, like, I’m going to do a migration. I’m going to use the simple backend load balancer routing capability and some replication on the database. And we’re going to just do this overnight.”
50:55 Instance Security now available in Oracle Cloud Guard
- Oracle has a new instance security capability in Cloud Guard, that aggregates important security information about compute instances, such as security alerts, vulnerabilities and open ports.
- Instance security provides new Oracle-managed, OOTB detections and customer-managed queries that they can use for threat hunting. Plus customers can connect their own security information and event management (SIEM) or Cloud Security Posture Management (CPSPM) tools with OCI logging to ingest data collected via agents.
Closing
And that is the week in the cloud! Go check out our sponsor, Sonrai and get your 14 day free trial. Also visit our website, the home of the Cloud Pod where you can join our newsletter, slack team, send feedback or ask questions at theCloud Pod.net or tweet at us with hashtag #theCloud Pod