268: Long Time Show Host is CloudPod’s first Casualty to AI (For This Week, at Least)

Episode 268 July 21, 2024 00:49:12
268: Long Time Show Host is CloudPod’s first Casualty to AI (For This Week, at Least)
tcp.fm
268: Long Time Show Host is CloudPod’s first Casualty to AI (For This Week, at Least)

Jul 21 2024 | 00:49:12

/

Show Notes

Welcome to episode 268 of the Cloud Pod Podcast – where the forecast is always cloudy! Justin says he’s in India, but we know he’s really been replaced by Skynet. Jonathan, Matthew, and Ryan are here in his stead to bring all the latest cloud news, including PGO for optimization, a Linux vulnerability, CloudFront’s new managed policies, and even a frank discussion about whether or not the AI Hype train has officially left the station. Sit back and enjoy! 

Titles we almost went with this week:

A big thanks to this week’s sponsor:

We’re sponsorless! Want to reach a dedicated audience of cloud engineers? Send us an email or hit us up on our Slack Channel and let’s chat! 

General News

00:56 Japan declares victory in effort to end government use of floppy disks

02:36 Jonathan – “Yeah, I remember a couple of years ago they started talking about this modernization they were doing and people started to panic because Japan’s the largest purchaser of floppy disks anymore, or three and a half inch disks anyway. And so I ended up buying some because I’ve still got a USB floppy drive and some machines that have floppy disks. And I wanted just to stock up on some for the future, just in case the price went through the roof if Japan finally cut them and they have.”

05:16 regreSSHion: Remote Unauthenticated Code Execution Vulnerability in OpenSSH server 

07:36 Jonathan – “Yeah. Qolus have a proof of concept or working hack, which they’re not releasing yet to give people time to patch, but it’d be super interesting to come back and look at it and see how it works and test it and play with it.”

AI Is Going Great – Or, How ML Makes All It’s Money

9:20  AI’s moment of disillusionment

11:49 Matthew – “You know it was the hype. It still is the hype. But it’s going to find its place. You know, despite us replacing Justin this week with AI, you know we figured out how to use it in different ways, and you know it’s not going to just overnight replace everyone in the world doing their job and fall into a matrix type.”

20:34 Declare your AIndependence: block AI bots, scrapers and crawlers with a single click

24:46 Ryan – “And this is the first time I’m hearing about ByteSpider, which just, you know, like is ByteDance trying to piss off the United States government? They’re already sort of on edge. Like, this is kind of crazy.”

AWS

25:12 AWS Lambda introduces new controls to make it easier to search, filter, and aggregate Lambda function logs

27:05 Ryan – “Makes you wonder what big government customer demanded this…’

30:36 Amazon S3 Access Grants now integrate with open source Python frameworks 

33:29 Amazon CloudFront announces managed cache policies for web applications 

34:42 Matthew – “I like that they’re kind of setting up these easy defaults for people to select. Because before even these managed cash policies, you had to go through like hundreds of different settings and figure it out yourself like what you wanted for these. So these easy buttons just help people select the right policy, kind of move on.”

GCP

36:18  Boost performance of Go applications with profile-guided optimization

38:44 Jonathan – “But how cool would it be to do this literally at runtime in production, just have this constantly collecting metrics from a running application and going back and then rebuilding it for the next release, or even automate that release process so it’s always running.”

40:04 Share your streaming data with Pub/Sub topics in Analytics Hub  

Azure

Just kidding. There’s no Azure news. But we do have some interesting articles for you to peruse at your leisure. 

10 ways to impact business velocity through Azure OpenAI Service 

Build your own copilot with Microsoft Azure AI Studio 

Plans on Microsoft Learn: Your online blueprint for building AI and Azure skills 

OCI

47:12  Oracle opens second cloud region in Singapore 

49:54 Ryan – “I just realized that we were talking about an OCI region announcement. So this is just, you know, a couple of servers in the back of a semi truck driving around anyway.”

Closing

And that is the week in the cloud! Visit  our website, the home of the Cloud Pod where you can join our newsletter, slack team, send feedback or ask questions at theCloud Pod.net or tweet at us with hashtag #theCloud Pod

View Full Transcript

Episode Transcript

[00:00:07] Speaker A: Welcome to the cloud pod, where the forecast is always cloudy. We talk weekly about all things aWs, GCP, and Azure. [00:00:14] Speaker B: We are your hosts, Justin, Jonathan, Ryan, and Matthew. [00:00:18] Speaker A: Episode 268 recording for the week of July 9, 2024. It's with a sad heart, I say that longtime show host Justin is Cloud Pod's first casualty to AI, for this week, at least. [00:00:34] Speaker B: Too bad we didn't have time to, like, you know, deep fake his voice. [00:00:39] Speaker A: It's coming. [00:00:40] Speaker B: Yeah. [00:00:43] Speaker C: That'S the after show. [00:00:44] Speaker B: Yeah. [00:00:46] Speaker A: We always talk about automating yourself out of a job, but we can automate ourselves out of a podcast soon enough. [00:00:51] Speaker B: Yeah, wrong way, dude. Wrong way. [00:00:56] Speaker A: All these jokes about it, automating the fun stuff and not the actual grunt work people have to do. I can agree with that. Okay, we'll start with some general news. Japan declares victory in an effort to end government use of floppy disks it's a little bit of nostalgia meets modernization. Japan's government has finally phased out the use of floppy disks in all its systems. The digital agency has scrapped over a thousand regulations related to their use, marking a significant step in their effort to update government technology. And Japan is way behind. Bizarrely. Best tech in the world, worst bureaucracy in the world. Digital Minister Taro Kono, who has been on a mission to modernize Japan's government tech, announced his victory this week. It's been part of a larger push to digitize Japan's notoriously paper heavy bureaucracy, which became glaringly apparent during the Covid-19 pandemic. Japan's digitization efforts have hit some bumps along the way, including issues with contact tracing app and slow adoption of their digital id system. It's just a reminder that modernizing legacy systems isn't just about replacing old hardware. It's a complex process that involves changing long standing processes and especially people's minds. [00:02:08] Speaker B: I am fascinated by the fact it's 2024 and they're just making this announcement. I haven't really thought about it. That'd be a long time. My kids don't even know what a floppy disk is. [00:02:23] Speaker C: I mean, most people don't know what the save icon is. [00:02:26] Speaker B: Yeah, it's built off of a thing. Yeah, it's kind of crazy. And so to think you have that much process that requires, I assume, storage very small in a non performant medium. [00:02:42] Speaker A: Yeah, I remember a couple of years ago they started talking about this modernization they were doing, and people started. It's a panic because Japan's the largest purchaser of floppy disks anymore, or three and a half inch disks anyway. And so I ended up buying some because I've still got a USB floppy drive and some machines that have floppy disks. And I wanted just to stock up on something for the future just in case the price went through the roof if Japan finally got rid of them. And they have. So we'll see. [00:03:09] Speaker B: Oh, that's hilarious. [00:03:10] Speaker C: There's a lot of technology that people don't realize. It still runs on this. Yeah, read like the 747. Airplanes still have the use floppy disrupting navigation. You know, there was an article I think, a couple of years ago. Yeah, they're like the nuclear missile silos in the US still run on floppy disks, like five and a half or seven and a half inch, not three and a half. So, you know, sometimes I guess people have built insecurity through obscurity. But, you know, like I said here, it's large. It's not just the technology, it's really making sure the underlying process that is what you're modernizing with it. And as part of this wasn't just floppy dis, I think they're still working on like getting your fax machines, which for some reason the world still thinks fax machines are more secure than everything else in the world, which still fascinates. [00:04:02] Speaker A: Me and Ryan broaching the mortgage industry for years. And fax is so fundamental to a lot of that business still, it's crazy. [00:04:12] Speaker B: And we were specifically trying to automate and modernize the mortgage industry. And so it was this really fun transition of taking these ancient technologies and processes and automating them through having a faxback ad. And that could do OCR and translation and document routing. That's. [00:04:33] Speaker A: Yeah, it's kind of funny because, you know, encrypt everything. Fax machine is not encrypted. [00:04:39] Speaker C: Healthcare yourself to fax stuff. And it's like, yep. Anyone can, anywhere on the line can just tap it by literally putting a splitter and just copying half the data out. Like this is not, this is the easiest way to get data. And like, especially like if you're anywhere in New York or any major city with a lot of the financial stuff, like you said, it's all done still through that because they need the wet signature. I'm like, cool. But it's still then scanned and sent over a fax. How is it wet? What's the difference? Speaking of encryption, last week there was a regression vulnerability in the OpenSSH server. So remote authentication code execution vulnerability. The qualist threat research team just dropped a bombshell. They've discovered that a remote code execution vulnerability in the openssh that affects millions of Linux systems. The vulnerability, dub regression, allows unauthenticated attackers to execute code as root on the vulnerable system. Root access is the ultimate prize for hackers. Qualys estimates that over 14 million sshead servers are potentially at risk. If you're running an OpensSh on Linux, on a Glib C based Linux system, please listen in. Interestingly enough, this vulnerability is a regression of a bug that was patched way back in 2006. A fix from 17 years ago accidentally got undone during the recent OpensSh update. It's like the software eventually said, oops, I did it again. And we have a new vulnerability. If exploded, attackers can take full control, install malware, exfiltrate data, and pretty much do whatever they want with your system because they own it at that point. So what you, what can you do first? We can patch it. Most of the providers, I think as of late last week, have fully released full patches. Otherwise there are some other mitigations in the SHD config that you are able to do. Additionally, you should be watching your networks, see if there's any suspicious traffic happening. [00:06:55] Speaker B: This is crazy. Like, it's such a weird sort of thing when you go through the details of this and there's not enough data about how it is actually regressed, or at least I haven't read any. Like I'm more interested in that. Like what was it, a refactoring? I want to understand that because something as basic as opensSh, it's an underlying library of many applications, and so you could have this vulnerable version and not even know it, because it's just a dependency. So that's kind of crazy. [00:07:30] Speaker A: Qalys have a proof of concept or working hack which they're not releasing yet to give people time to patch. But it'd be super interesting to come back and look at it and see how it works and test it and play with it. [00:07:44] Speaker B: I have never once before been happy that the SFTP service that I own, that's open on the Internet, which does use OpenSSA libraries, but it runs on the Windows OS, which I have never once been a fan of. And now all of a sudden I'm like, oh, okay. [00:08:03] Speaker A: Something else interesting from the blog post was that FreeBSD is not vulnerable. Apparently they, they fixed it a different way years ago and it's perfectly safe. [00:08:14] Speaker B: Interesting. [00:08:15] Speaker C: Yeah, it was interesting. Like which ones were affected? Because I think like Ubuntu 624 I think I saw wasn't affected if you hadn't updated, you know, it's like. So it depends, like when you patch, because there was a regression that got added in. So it's like a very specific timeframe that you had to do that you could be comfortable to do it. [00:08:39] Speaker A: Many sleepless nights for somebody. [00:08:41] Speaker C: I mean, the fix is actually pretty simple. You know, one, you can patch it, but two, the quick mitigation was the log grace time set to zero and you could just throw that into SSH and it would restart your server. So, you know, if restarting a service doesn't scare you on your server, then it was a pretty easy fixed grow out there. [00:09:04] Speaker B: Have we reached the beginning of the end for AI exuberance? God, I hope so. According to Infoworld's Mattis, a currently head of developer relations at MongoDB and former AWS principal, the AI hype train has officially derailed. We've reached what he calls the trough of disillusionment, where all those grandiose promises about AI replacing humans and solving all of our problems have crashed headfirst into reality. Yeah, well, who wrote our show notes? Remember when people were saying AI would take your job, write all your code, and basically do everything but your laundry? Yeah, not so much. So he points out that AI is the magic bullet that everyone thought it was. I'm not surprised are you? Say also cites a recent IEEE study that found when it comes to coding tools like chat GPT struggle with problems that require information. After we training, data is cut off. For instance, GPT 3.5 success rate for easy coded problems problems plummeted from 89% to 52% when it encountered topics after 2021. And for hard problems, it went from a 40% success rate to a measly 0.66. [00:10:18] Speaker A: Ouch. [00:10:19] Speaker B: That's pretty low. He quotes one comment commentator who said chat GPT lacks the critical thinking skills of a human and can only address problems that it has previously encountered. In other words, it's great at pattern matching, but not so much at actual reasoning or problem solving. But here's SA argues that we shouldn't be surprised. It's a circle of hype, and disillusionment is par for any new technology. And he reminds us, with cloud computing, you're supposed to cloud computing was supposed to solve all of our woes, and really it's just brought new technologies with different woes. Serverless is going to make kubernetes obsolete. Yeah, I wish for that too, to be honest. The reality is technologies will find their niche. They don't solve everything, but they do solve some things really well. And what he believes where he believes we're heading for AI, companies are treating. Companies are treating it as a silver bullet, are failing, but those using it as a complementary tool alongside their existing processes are destined for success. [00:11:20] Speaker C: I mean, I agree with this. You know, it was the hype. It still is the hype, but it's going to find its place. You know, despite us replacing Justin this week with AI, you know, we. [00:11:33] Speaker A: We. [00:11:34] Speaker C: We figured out how to use it in different ways, and you're not. It's not going to just overnight replace everyone in the world doing their job and fall into a matrix type world where we're just, you know, it's gonna. It's gonna have its niche that will work well in. And I think you've kind of seen it over time where it's an augmented tool for, you know, your main product or for something else. It's not gonna be just like your core product, and you're not gonna be able to say, here. Here is my rough business problem. Go solve it for me with code and develop my full application. It's definitely going to be something that you still need the human to think through and think through the business problem, like we talked about above with. It's not really above, but earlier about Japan and the floppy disk, it's not just solving the technical problem. You got to solve the business problem associated with it. [00:12:31] Speaker A: I think we're in this weird bubble, not just the bubble of disillusionment, but an interesting tech bubble, because everyone seems to be so hyper focused on, can it replace programmers? Can it write code for us? Can it do this? It's either code or it's, let's make an AI assistant for our website or our product. Those are two really quite small areas of use, I think, for large language models. I think there are many, many more things, which it is incredibly good at. And just chatting to it to learn about a new subject is one of them. I could put my son, who's nine, in front of it. What do you want to know? Just start asking questions. And, you know, what? If it gets something a little bit wrong, I trust that the guardrails that are in place are sufficient to, you know, not tell them to go and drink bleach to cure Covid or anything else. [00:13:25] Speaker B: But, I mean, you let your son ask me questions, I bet you my success rate is a lot lower than 0.66. [00:13:31] Speaker C: I really hope it's a little bit higher than that. [00:13:34] Speaker A: I don't even have to pay Ryan $20 a month. Yeah, I'm just saying it's like, this is such a small case that people are hyper focusing on. And I understand that developers are very concerned for their employment in the future, but I think there's many more use cases that really doesn't matter whether or not it's got information from 2021. If you're talking about studying history or studying philosophy or studying anything else, it has a wealth of information which is still highly valuable. You know, the Goldman Sachs report that came out this week kind of panning AI and LLMs for being basically a waste, I kind of disagree with. I found it really useful. [00:14:14] Speaker C: I wish I was in school when we had spark notes to read the short and give me the TL doctor of the books, you know, now I can just send it over to here. [00:14:23] Speaker A: Yeah. [00:14:23] Speaker C: But, like, I have my, my day job. I have my team reading or rereading the Phoenix project, the Unicorn projects. And, you know, we're going through the hit list of top books, you know, in our world, and we actually use it because we're reading like, two chapters a week or whatever. And my problem is I immediately started the book, and because I live in this world so much, I just can't put it down. So I just am so far ahead, which is the problem then talking with my team about it. So, you know, one of my people actually just figured out, hey, tell me what chapter five and six are about this book, and that becomes our blurb, you know, something like that. It's just, it's very useful. [00:15:04] Speaker A: For how relevant do you think that book is always years later? [00:15:10] Speaker B: I think it's still, I mean, I still see it in my current day job, for sure. [00:15:17] Speaker C: Yeah. I mean, the exact things are no longer there, but really it's a play, the concepts to it, if that kind of makes sense. So, like, while they're talking about a data center moving to the cloud in the Phoenix project towards the end, because they don't have the hardware, they're talking about doing everything with code or with, or building templates and building, build systems and building processes. Right. Well, even if you have those, really still the underlying concept of, you know, having a repeatable, reusable, you know, architectures and everything still is there. And so everything's kind of pivoted. And I've read the book. I don't even know how many times. Every time I pull out different pieces of information. Really? Also based on what my day job. [00:16:05] Speaker B: Is at that point, yeah, my biggest takeaway from the Phoenix project is a little tangential in the sense that, you know, the, the, the thing that caught me the most was, you know, the, the way that the executive teams sort of had to get aligned and, and the fact that they weren't. And then this sort of, you know, fallout from that. I thought that was super important to carry out. That I think is, you know, it's sort of timeless in technology world because it is a problem that affects a lot of businesses and a lot of, you know, people developing apps. Like if you had people going off in different directions, not, not an effective team. [00:16:45] Speaker A: Yeah, it's funny. I kind of, I try not to, but it's been a while since I've read it, although I thought it was old and actually is, it's only twelve years old apparently, but it feels like 30 years old. That's just working in it. [00:16:59] Speaker B: That's just the last twelve years of our lives or different time scale Covid era. [00:17:05] Speaker A: It's just like, it's just interesting to move to a new company and you start realizing, oh, hes Brent or youre Patty, the director of it or youre Bill Palmer or whatever, you can start putting people into these boxes and then once you understand the problems they face, put the book and per business as usual, you can start taking knowledge from the book and using it to influence things. And it's still, yeah, I think it's irrelevant. It doesn't matter. The exact technology isn't the same anymore, but the problems are timeless. [00:17:46] Speaker B: Yep. [00:17:47] Speaker C: There was a new one they released that, you know, obviously, you know, once, you know, to me they kind of all build on top of each other, but there was a new one, I think about a year and a half ago or what feels like a year and a half ago could be six years ago. I have no idea anymore in life called Investors Unlimited, which is about compliance and security and DevOps and everything and how it integrates. So I still think they're building on it and I think that kind of seeing the evolution and really watching how all these things kind of tie together is still very relevant. [00:18:21] Speaker B: Yeah, I've been meaning to read that one since it was announced because automating compliance is for some reason some sort of, you know, pet passion of mine. And so like I'm curious to, to read that take specifically. Right. [00:18:37] Speaker C: So one of the things I used, you know, was I like, I read that book right when I started my current day job and we're resetting up and moving to a new git provider. And the first thing I did was I just did it all with code and which they kind of talk about a little bit in that book about, like showing that you can't go around it because it's in your pipeline, it's in your code. And it made my audit so much easier because they were like, well, show us this. I'm like, they're all literally the same. Here's the code that's built on. You could walk, look at any of these. It's all going to be done the same way. So it was nice to be able to literally prove that via that and actually see like, things from a book in real life, too. [00:19:18] Speaker A: I haven't read that yet. [00:19:19] Speaker C: Maybe that's what we should do as an after show. At one point, we'll all jointly read the books together and like talk about them or swear about them. One or two. [00:19:29] Speaker B: What did our audience do to you? [00:19:34] Speaker A: The cloud pub book club? [00:19:39] Speaker C: Well, just as you're talking about how we get, like, the Apple plus subscribers, maybe people want to listen to us talk about these things more. I don't know why they would, but they might. [00:19:49] Speaker B: I have questions. [00:19:53] Speaker A: Well, you can declare your AI independence. Finally. Block AI bots, scrapers and crawlers with a single click Cloudflare has introduced a new one click feature to block AI bots that scrape content from websites, including those that do so dishonestly. That's if you've got a robot subtext file and they're not following the instructions as provided. As Matt as I discussed above, the demand for content to train models has skyrocketed, leading to increased bot activity from companies like Bytedance, Amazon, and Antropic. According to Cloudflare's data, the most active AI bots in terms of request volume are Bytespider, Amazon bot, clawed bot, and GPT bot byte spiders operated by Bytedance, which leads in the extent of its crawling and the frequency with which it's blocked. GPT bot is managed by OpenAI, ranked second in both categories. Cloudflare's analysis found that while around 39% of the top million Internet properties were accessed by AA bots in June, only 2.98% took measures to block or challenge those requests. The more popular a website is, the more likely it is to be targeted by bots and to block such requests. Some bot operators attempt to evade detection by spoofing user agents, but Cloudflare's machine learning models can identify this activity as coming from bots. The company leverages global signals to calculate a bot score, which helps them detect and flag traffic from evasive AI systems. Cloudfro set up a reporting tool for customers to submit reports about bots scraping their sites without permission, and they plan to continue evolving its bot detection and blocking capabilities to help content creators maintain control of their content. [00:21:28] Speaker C: I mean, this just feels like another bot that these providers or any laugh. It's really going to have to start blocking if you don't want private data, you know, out there or anything along those lines, or if you just don't. [00:21:43] Speaker B: Want your content being part of a model. Right. Like, I think it's nice that, that, you know, Cloudflare is coming up with a way to build a switch in where people can choose, right. Because right now they don't really have the option. You know, they didn't think they needed to protect it in the same way that from AI. And now that AI is a thing, they're realizing, like, you know, after the fact that a lot of those things were built upon those models. And so, like, I, you know, and I think giving the people a choice is the right thing. [00:22:10] Speaker C: Yeah, I feel like anything I put out there I just expect is no longer mine. Somewhere public out there and is used for whatever company wants to get even with these bot protections enabled. [00:22:24] Speaker B: Oh, yeah. I take personal responsibility for the, the AM almost dropping to 0.66% success rate because they clearly just got to my repos. [00:22:32] Speaker C: I was going to say, ryan, why? I thought we told you to make your repos private. You're ruining the Internet. [00:22:38] Speaker A: There's a missed show title opportunity right there. We gotta start writing the titles at the end of the show. [00:22:44] Speaker B: We really should. I don't know why we write them the time. [00:22:47] Speaker A: It's interesting. I kind of, I kind of figured, well, you know, once it's on the public Internet and you're paying to serve that content, it's kind of a risk, because if you run a shop and you run out of widgets, you don't have any more to sell. It doesn't cost you any money to have a customer come in and ask. But on the Internet, if somebody hammers your site a million times, there's a potential cost associated with that. Especially if you're more complex and have APIs on the back end and things like that, which drive up compute costs and things. Having said that, I doubt the bots are making millions of requests. They're probably very efficient. They read each page once. They may or may not download the images. They probably care more about text than anything else. I don't know. It's a useful tool to have, but ultimately I think the bots will get smarter and this tool will have to keep getting better. I wonder if the proof of personhood is becoming more and more irrelevant, I think, to technology. Now. If you're using a browser, you should be able to prove that you're a person using a browser rather than a machine, and I can see that being a trend in the future. [00:23:52] Speaker B: This is the first time I'm hearing about Bytespider, which is Bytedance trying to piss off the United States government like I didn't. They're already sort of on edge. Like this is kind of crazy. [00:24:09] Speaker C: Yep, onto AWS AWS Lambda introduces new controls to make it easier to search, filter and aggregate lambda function logs. [00:24:21] Speaker B: Oh thank God. [00:24:22] Speaker A: Yay. [00:24:23] Speaker C: Why all the different streams wasn't, you know, your cup of tea and everything else along those lines? Anyway, let me actually read the story before you comment. AWS Lambda has introduced new features to enhance logging capabilities for serverless applications. With these updates, developers can access sorry, can capture logs in a JSON format, adjust log levels, and select which specific Cloudwatch log group for their lambda functions. Their JSON format allows logs to be structured as a key value pair and make it easier to search filter analyze the function logs. This eliminates the need for developers to bring their own logging libraries. Additionally, developers can control the log levels of their lambda without making code changes. This enables them to like the desired logging granularity for their functions, reducing the need to sift through large log volumes when debugging and troubleshooting, and then getting yelled at for your lambda log or sorry, cloudwatch log costs. Lastly, developers can choose cloud watch log groups to which to send their logs. This makes it easier to aggregate logs from multiple functions within an application and apply security, governance and retention at the application level. These advanced login controls which I pushing the word advanced there can be selected using the lambda API console CLI Sam cloudformation and soon coming to terraform. This feature is actually for once available in Govcloud regions at launch with no additional costs. [00:26:03] Speaker B: Makes you wonder what big government customer demanded this. Yeah, this not being able to name the cloud watch log groups and it was always named after the function. All that has just been a nightmare. Also the logging separation. You can exercise your logs in the Cloudwatch logs console, but while doing debugging directly in the lambda console, it's always been this terrible experience and so I'm hoping this part of that they fix this too. I do like the idea of, I never thought of the idea of using the the log filters to be sort of a control option for log level. That is a neat idea. [00:26:54] Speaker A: Yeah, I like moving the log level control outside the app. So now you don't need to make an app change or an environment where we'll change, or any other janky way of sending a signal to the app to generate more logs if there's an issue. So that's really cool. And I guess you could dynamically sample, if things are running really well, you can just turn down the logging and just sample a smaller percentage of logs on some of the nodes maybe, or some of the functions. So yeah, that's cool. But yeah, trawling through complex applications built of multiple functions and trying to correlate events across them is just such a mess. So dumping them all into a single log group now would be great. [00:27:33] Speaker C: Yeah, the single log group, especially for multiple lambdas, when you think like step functions and stuff like that, is very nice because it always was like, okay, this is the lambda that failed. Or if you had lambdas that launched other lambdas too, it was like figuring out which lambda and which logged which of everything else failed and tying it all together. So now you could just say this whole step function or all the lambdas associated with it, go to this one location, do a quick search on it, and kind of call it a day. [00:28:01] Speaker B: Yeah. [00:28:02] Speaker C: So, you know, I really like that feature. [00:28:04] Speaker B: Yeah. It actually help you with cost too, because I know that Cloudwatch logs can be expensive to store data and so you monkey with their attention. But when you have a distributed app and like you said, step functions with many, many different lambdas, it can be kind of difficult and they add up. And so this is kind of nice to see it. You'd see it all in one place. And as you can see, the cost of one object versus many, that'd be kind of cool. [00:28:31] Speaker C: Yeah. And even just like, you know, the worst part was like, oh, you know, somebody launched their terraform to create their lambda or launch cloudformation, but didn't launch the cloud watch log associated with it. Therefore, all of a sudden now you can never, you either would have to import it into state or delete it, or you just ended up with these logs that lasted for forever, that nobody could ever go clear out in your production account because it would auto create these logs or these log cloud watch log groups and then the streams and everything. So just even keeping the environment clean is also nice. [00:29:10] Speaker A: Yeah, and they all have their retention policy or no retention policy. If you're unfortunate enough to not have set one up and you suddenly realize that your cost of logging has gone up and up and up over time and, yeah, I, this is useful around. [00:29:25] Speaker B: Amazon s three access grants now integrates with open source Python frameworks Amazon s three access groups, which maps the identities and directories such as active directory or AWS identity and access management splits directly to datasets in s three access. France now offers integration with open source Python frameworks through the AWS SDK for Python, which is otherwise known as boto three. This integration simplifies the process of managing data permissions by mapping identities in identity providers directly to defined users in your s three access. By importing the boto three plugin into your client, you eliminate the need for any custom code that was previously required to manage those data permissions, which is cool because then you can seamlessly use s three access groups directly and popular open source private framework search as django, Tensorflow, numpy pandas and more, which is super important for data science and AI. [00:30:27] Speaker A: Yeah, can't get through a story without mentioning AI. Come on. [00:30:32] Speaker B: Yeah, yeah, I was going to save it for the end. So now importing this plugin, you now have the simplicity of the client authentication and caching. The credentials and the refreshing was built into photo three natively and it very quickly allows codified permissions definitions directly in code, which is crucial for s three data. Now that we've got these giant data lakes with massive amounts of data and the need to sort of partition off some of it so that you control who gets access to what. [00:31:09] Speaker A: Well, cool. Amazon, sorry, access grants are new to me, I've not used them. [00:31:14] Speaker B: Yeah, no, I learned about them today as well. Like this is neat because it's, yeah, it's kind of a neat idea that I hadn't really thought of. I'm sure we talked about it when it was announced, but yeah, tune Justin out. [00:31:28] Speaker A: It's definitely not a file system, but it's getting more and more like a file system every day. [00:31:37] Speaker C: I take us sideways on that topic and just ask why is it photo three? Was there photo one and two? I've always wondered that. Never looked it up, though. [00:31:46] Speaker A: That can be an after show. [00:31:49] Speaker C: The origin of Bodo. [00:31:53] Speaker A: Amazon Cloudfront announces managed cache policies for web applications Cloudfront has introduced two new managed cache policies. Use origin cache control headers and use origin cache control headers, query strings designed for dynamically generated websites, applications that return cache control headers. The policies allow cloud front to cache content based on the headers returned by the origin and default to not caching when no cache control header is present. Previously the functionality was only available to customers who created custom cache policies, and now it's available out of the box for everybody with the click of a button. Before the update, customers had two main options, caching optimize, which always caches unless disallowed by caching directives, and caching disabled, which disables all caching. It does exactly what it says on the tin. For all of the use cases, customers have to create custom cache policies with the new managed policies, customers can use a single policy for websites backed by content management systems like WordPress or dynamically generated content that has a mix of cacheable and non cacheable content. The new cache policies are available for immediate use at no additional cost and can be enabled by the Cloudfront console SDK and CLI. [00:33:04] Speaker C: I like that they're setting up these easy defaults for people to select because before even these managed cache policies, you had to go through with the hundreds of different settings and figure it out yourself of what you wanted for these. So these easy buttons just help you like the right policy kind of move on. [00:33:25] Speaker B: Yeah, I don't know how many times I've seen people just define sort of an all capturing cache policy just because of the complexity of just doing it for images or just doing it for this content over that content. [00:33:40] Speaker A: Yeah, and it's such a pain to have to clear a cache on Cloudfront and it's such a slow process. I imagine this is a great step in the direction of not having to do that anymore. [00:33:50] Speaker C: I think a couple of years ago they said that like 98% of all cloudfront creation, like anything to do with like the actual infrastructure cloudfront now was in, done under seven minutes, which was like mind blowing because I remember when like creating a cloudfront distribution would be anywhere from, you know, 15 minutes, like an hour and a half. So yeah, I'm hoping they continue that improvement down the line. [00:34:20] Speaker A: I definitely, definitely sped it up a few years ago. Cool. All right, onto GCP boost performance of. [00:34:28] Speaker C: Goa applications profile guided optimizations Google with collaboration with Uber to introduce profile guided optimization PGO in GO 1.21, which allows developers to provide runtime profiles to the Go compiler for smarter code optimization decisions. Uber has already rolled out PGO fleetwide, resulting in a reduction in cpu utilization across many of their services, hopefully to increase the other ones. Is it pgo or is it pco? I'm gonna go Pico now. Sego works by collecting profiles of your applications at runtime, which the compiler then uses to make better informed decisions when optimizing your code. This includes more aggressively optimizing frequently used functions and more accurately selecting common cases within a function. The pogo in your go application is straightforward. You can find detailed steps in your blog post. We've linked in the show notes below, but essentially you can collect profiles of your applications under typical load, then use the profile to build in your next build. The Go tool chain automatically enables pogo when it finds the profile in the right location. Using pro code with Google Cloud with cloud run and cloud profiler is easier than ever. Also, it just got added. You can deploy your go application to cloud run like the profile using cloud profiler and redeploy it with the optimized build. Cloud Run metrics dashboard automatically lets you monitor improve in a billable container instance time and container cpu utilization to learn more about Go services at Google Cloud, check out the quick start big star guy that they have. [00:36:26] Speaker A: That's cool. Not even a mention of AI again, it's like third story today. This is crazy. [00:36:33] Speaker B: Something tells me you might have called some of those. [00:36:40] Speaker A: I'm kind of burned out on the AI, although I'm pretty sure if PGo V two comes out it will be with AI. [00:36:47] Speaker B: Yeah, sure. [00:36:48] Speaker A: But how cool would it be to do this? Literally at runtime in production, just have this constantly running, collecting metrics from a running application and going back and then rebuilding it for the next release or even, or even automate that release process. So it's always running in an optimized way according to the way your customers are using a service. That's great. [00:37:08] Speaker B: What's funny is I struggle to even understand this one just because I haven't used a whole lot of compiled languages and definitely not deep enough where I'm thinking about the performance that's happening, you know, at the compiler level. Like it's usually like did it compile? Sweet that I'm a little bit with. [00:37:28] Speaker C: You on that one. What I will say is we missed like a really good show tile around like pogo sticks or something like that. I haven't quite figured it out yet. [00:37:37] Speaker A: I thought about Pogo but they didn't call it pogo. I did have a funny pogo show title but didn't fit. [00:37:46] Speaker B: All of my ideas. Would have got us a little explicit tag. [00:37:51] Speaker C: We've done a pretty good job keeping our titles not explicit. [00:37:54] Speaker B: You're right. Google Cloud has introduced the public preview of pub sub topic sharing in analytics hub, enabling organizations to curate, share and monetize their streaming data assets. This integration combines the strengths of pub sub Google Cloud scalable and reliable global messaging service with analytics Hub, the data exchange platform built on bigquery sharing pubs topics through analytics hubs offer several benefits, including the ability to curate and share the topics data externally with your customers or internally with other teams. Centrally manage the accessibility of all your organization streaming data and search to subscribe to other valuable pub sub topics shared by other organizations. Streaming data has various use cases across industries such as retailers sharing real time inventory levels with CPG in prices, financial services, enterprises sharing and monetizing financial data with customers and advertising enterprises sharing real time campaign effectiveness, or even healthcare professionals providing predictive algorithms to monitor patients and analyze risk. I don't like that one. To get started sharing pub sub topics and analytics apps, follow the steps outlined in this blog post. We've linked in the show notes. It involves creating an exchange, selecting, creating a pub sub topic, and publishing the listing. Subscribers can then search for other shared topics and create their own linked pub sub subscriptions. Start consuming the data I got to. [00:39:26] Speaker A: Find out how to monetize streams of data now because that sounds really cool. [00:39:30] Speaker B: Does, right? [00:39:30] Speaker A: Yeah, I mean, it's one thing having a GCS bucket or an s three bucket full of terabytes of data and you can, you can sell that because that's been a feature for a couple of years now, access to data, but access to real time data is even more valuable. That's cool. [00:39:44] Speaker B: And think about the event driven application options. I want to know. I don't have any good examples, but it seems neat to trigger automation or trigger application based off events from another company and parsing the content. That's pretty sweet. [00:40:02] Speaker A: Yeah, if they. [00:40:05] Speaker C: There's a few different ways, but like an easy example is just log data from your application, like automatically triggering, hey, we got more error logs in the stream to normal. Raise a flag like feeling from the SRE perspective everything and monetizing it. Or even just cross company like, hey, we put this that we used to do like via s three, but like here's this perpetual stream of data. Like of all of our clients, you know, you know how often they're interacting with something or anything else like that and just sell that out, which is terrified, which is, you know how all of our data is no longer private. [00:40:41] Speaker A: What about the weirdest thing that somebody's going to try and monetize on pub subby is going to be. [00:40:47] Speaker C: We should take bets as a non GCP person is, is analytics hubs just like a tool to share with, you know, other people? [00:40:58] Speaker A: Yes. Yeah, it is. [00:41:00] Speaker C: So it's kind of, I guess equivalent or not equivalent, but like Azure fabric is trying to kind of get in there where they'll have abilities to their data or sell it. So it's kind of that same type of thing. [00:41:14] Speaker B: Yeah. [00:41:15] Speaker A: It's a weird name for what it does. I think if they named it this year, it would have had a lot more to do with data science and, you know, AI training sets than, than the name would have it. That would imply at this point we'll. [00:41:29] Speaker C: Kill the service in a few years and just start a new one. [00:41:32] Speaker A: Probably. Yeah. [00:41:34] Speaker B: I mean, it's a crossover with Google Analytics that everyone uses for tracking website traffic. I was like, is this part of that? I'm glad it's not a sister service to Bigquery. [00:41:47] Speaker A: Yeah, it's like the librarian that keeps track of where all your datasets are and who they shared with. [00:41:54] Speaker C: Yeah. And onto Azure news. And onto Oracle news. [00:42:00] Speaker B: Yeah. [00:42:04] Speaker C: No, it's, it's remarkable. I actually, like, looked back because I have like a day job feed of Azure news and then like, we have the cloud pod feed in slack and they really haven't released anything real that aren't just things about like, and new ways to use copilot or OpenAI service. So I'm hoping that they have a whole lot stacked up somewhere and everyone's using their holiday right now and PTO at Azure and either dealing with tech debt, if they're working and stabilizing the platform, or using PTO. Enjoy time off, because there's been no real news for weeks. [00:42:43] Speaker A: Yeah, they're all busy patching openssh on the Linux servers. [00:42:47] Speaker B: Yeah. [00:42:49] Speaker A: I predict one each. It'll only take us three years. [00:42:52] Speaker C: To be fair, they were the ones that found the X C vulnerability. That was, that would have been real bad. That one. A few weeks ago. A few months ago. It feels like weeks, probably months. [00:43:03] Speaker B: So I bristled at the one where it's like, build your own copilot because they're like, aren't there enough copilots? Why wouldn't he want to build our own? [00:43:13] Speaker A: And you realize that it's not really a copilot so much as it's just another bot. Oh, yeah, it's just building, it's just. [00:43:19] Speaker B: It'S a chat bot. [00:43:21] Speaker A: They're just trying to get the brand awareness of copilot by getting people to use it when they mean a domain assistant on a website. [00:43:30] Speaker C: Hey, hey, they have a security copilot that I think I could only pay a couple thousand dollars a month for. Yes, it's copilot. So it must be smart, Jonathan. [00:43:40] Speaker A: They must be. [00:43:41] Speaker B: And then you can also have the code one for an extra $3,000 per user, you can office 365 copilot, which that's the only one I actually want. Like reply to these emails, you know, like, that's the automate myself out of a job that I want. [00:43:59] Speaker C: I have it at work and it is pretty useful. I'm like, write this. Like, I just be like, no, we are not doing this. It writes this nice paragraph that's so much more business appropriate than what I would do. [00:44:15] Speaker B: So that's what we, it's the anger translator, but in reverse. [00:44:20] Speaker A: This is awesome. I must have this. Well, we need, we need to build the other way around service now. And that AI service, that takes fancy business language and tells you what, yeah, what do they mean by this bunch of jargon? [00:44:34] Speaker B: Well, that'd be useful. [00:44:36] Speaker A: Well, our final story for today is from Oracle, who are opening a second cloud region in Singapore. I didn't realize Singapore was big enough for two cloud regions, but indeed they're opening a second cloud region in Singapore to meet the growing demand for AI and cloud services in Southeast Asia. The new region enables customers and partners to migrate mission critical workloads to Oracle cloud infrastructure while addressing data residency and sovereignty requirements. With the two regions in Singapore now, customers can access a wide range of cloud services, including AIH, of course, data and analytics offerings. Oracle is the only hyperscaler capable of delivering a full suite of over 100 cloud services across dedicated public and hybrid cloud environments. So they say. OCI's network of fast connect partners offers dedicated connectivity to Oracle cloud regions, providing a cost effective way to create private network connections and with higher bandwidth and lower latency. The new region is part of Oracle's distributed cloud strategy, which includes public cloud, dedicated cloud, hybrid cloud and multi cloud options. [00:45:39] Speaker C: No, we were going the same way. You can, you can take this one. [00:45:42] Speaker B: So the circumference, according to Wikipedia of Singapore, is 120 miles around it. [00:45:48] Speaker C: Yeah, I was literally going on Wikipedia to live. Figure that out as you were starting stuck. [00:45:56] Speaker B: Yeah, it's crazy. They must just be, you know, for throwing away the sort of, uh, regional separation requirements of, you know, having a secondary region and just, just going for the hopefully power network is far enough away. Also, like, it's very close. [00:46:16] Speaker A: I mean, well, if it was like 20 miles across. [00:46:21] Speaker B: Yeah, yeah. [00:46:24] Speaker C: The problem is, is like Azure's paired region, which is like how they kind of pierce stuff together. It's like these two regions, like, if you say like back up my dad, like automatically back up to prepared region is, I want to say it's like Taiwan and it's like, yes, but I might not want my dad there. So like, you know, and there are, you know, I have helped with my day job, like of trying to get a company to use us. And they were like, well, you need doctor in Singapore. I'm like, how do I have doctor in a country that is 85 miles wide? Like it doesn't even make sense or whatever the metric was. There's not a doctor. Less if I guess I replicated to another cloud provider. But if a tsunami comes, feel like I'm not going to be a winner here. [00:47:14] Speaker B: I just realized that we were talking about an OCI region announcement. So this is just a couple servers in the back with semi truck driving around anyway. [00:47:21] Speaker A: So yeah, most likely, apparently they have 25 power plants in Singapore in that, in that area. [00:47:30] Speaker B: Wow. [00:47:31] Speaker A: Insane. [00:47:32] Speaker B: Okay. [00:47:34] Speaker C: I'm more worried about the natural disaster. [00:47:37] Speaker A: Well, I mean, if the sensors get wiped out, then chances are your customers have been wiped out too. So less of an issue. [00:47:45] Speaker C: Okay. [00:47:46] Speaker B: Or at the very least I will have other problems. Right. [00:47:49] Speaker C: But I mean, I say that about a cloud region in general. I still have my doctor, I still do my BCp, but I'm like, if Azure AWs or Google has a full cloud outage in our region that they are not recovering the data from. Probably the least of a lot of my customers concerns. If there's larger issues happening out there, most likely we're in world war three. [00:48:14] Speaker B: Yeah, know I'm calling in sick that day. I know that. [00:48:17] Speaker C: Yeah. [00:48:20] Speaker A: All right. That is the news this week. [00:48:23] Speaker B: We made it and we recorded. [00:48:25] Speaker A: We did. We did hit record. I did hit record. Nobody reminded me. Despite the despite. [00:48:34] Speaker B: Oh, yeah, we clearly forgot. [00:48:36] Speaker C: I saw the countdown. [00:48:39] Speaker B: I didn't. [00:48:40] Speaker A: All right, guys, I'll catch you next week. [00:48:42] Speaker C: See you later. Bye, everybody. [00:48:47] Speaker B: And that is the week in cloud. Check out our website, the home of the cloud pod, where you can join our newsletter, slack team. Send feedback or ask [email protected]. or tweet us with the hashtag hash poundthecloudpod.

Other Episodes

Episode 242

January 13, 2024 00:44:48
Episode Cover

242: DoH: DNS over HTTPS - or One More Way For It To be DNS Fault

Welcome to episode 242 of the The Cloud Pod podcast - where the forecast is always cloudy. This week your hosts Justin, Ryan, Matthew,...

Listen

Episode

February 19, 2020 00:42:48
Episode Cover

The Cloud Pod goes to Mars – Episode 59

Peter’s returned from his trip to Asia and the band’s back together on this episode of The Cloud Pod. A big thanks to this...

Listen

Episode 131

August 27, 2021 01:18:59
Episode Cover

131: The Cloud Pod relaxes and has an AWS data brew

On The Cloud Pod this week, everyone’s favorite guessing game is back, with the team making their predictions for AWS Summit and re:Inforce —...

Listen