CloudPro #16: Cloudflare Workers AI, Amazon Bedrock GA, Redhatš¤Oracle, new AWS Certification DEA-C01
Bite-sized actionable content, practical tutorials, and resources for cloud professionals.
Welcome to a brand new edition of the CloudPro! We know how much you love your weekly dose of our handpicked cloud resources, tutorials, and secret knowledge. Thatās why in todayās issue, we discuss A Curated Set of Amazon EKS Add-ons, Self-Managed Kubernetes Tutorial, 3 Steps to Secure Your CI/CD Pipelines, how to use IRSA to grant AWS service permissions to microservices applications running in a Kubernetes cluster, and Containers vs. Pods - Taking a Deeper Look.
In this issue, we will also focus on Cloudflare Workers AI, which is a serverless GPU-powered network for AI applications. It lets you run for AI models on Cloudflareās network. Find out more about this launch in todayās newsletter.
In this issue, we also highlight Amazon Bedrock is Generally Available, Red Hat OpenShift comes to Oracle Cloud Infrastructure, new certification by AWS called Certified Data Engineer ā Associate (DEA-C01), and Amazon MSK Introduces Managed Data Delivery from Apache Kafka to Your Data Lake.
But thatās not all! Weāve also curated the best cloud GitHub repos for you to use and test like Hubble, the Network, Service & Security Observability for Kubernetes using eBPF and the Automated Kubernetes Configuration Editing tool called kpt.
Cheers,
Shreyans Singh
Editor-in-Chief
PS: I hope you will enjoy today's newsletter! Iām all ears for your thoughts ā the good, the great, and the "meh." Share your feedback and snag a free Packt eBook. It's a win-win. Can't wait to hear what you think!
Share your feedback and get a free Packt eBook!
ā MasterClass: Tutorials & Guides
āAmazon EKS Add-ons: A Curated Set of Software for Managing Your Kubernetes Clusters: Amazon EKS Add-ons are like specialized tools for your Kubernetes cluster. These add-ons simplify cluster management and ensure seamless interaction with AWS resources, making your cluster more secure and stable.
āSelf-Managed Kubernetes: This tutorial guides you through setting up a self-managed Kubernetes cluster on virtual private servers (VPS) using QEMU and HAProxy as a load balancer.
āThis article provides a comprehensive guide on securing Kubernetes environments through the use of server and client certificates. It explains the importance of authentication and authorization in Kubernetes, details the role of server and client certificates, outlines the steps for generating these certificates, discusses various types of server certificates used in Kubernetes, and highlights best practices for securing and managing these certificates to enhance cluster security.
āThis article discusses the increasing risks associated with CI/CD pipelines and presents a three-step framework for securing them, which includes Security in the Pipeline (SIP), Security of the Pipeline (SOP), and Security Around the Pipeline (SAP).
āThis article explains how to use IAM Roles for Service Accounts (IRSA) to grant AWS service permissions to microservices applications running in a Kubernetes cluster, including steps for setting up IRSA, creating IAM roles, attaching policies, configuring service accounts, and deploying applications.
šSecret Knowledge: Learning Resources
šThis story highlights how a tech lead's understanding of networking fundamentals, including iptables, packet routing, and NAT, enabled them to save thousands of dollars in cloud costs, specifically by replacing GCP's Cloud NAT service with a self-hosted NAT solution while ensuring high availability and fault tolerance.
šDuring a system outage in an Azure Kubernetes Service (AKS) environment, the author observed container network packet drops leading to network connectivity problems, which were later linked to CPU core utilization imbalances handling interrupts. They identified the issue, performed manual mitigation by balancing interrupts, and developed an automated solution involving metrics and node labeling while waiting for a permanent fix from Azure engineering, highlighting the importance of understanding the internals of managed Kubernetes clusters.
šThe article discusses the differences between containers and Kubernetes Pods. Containers are lightweight virtualization units, but they typically run a single process per container. Kubernetes Pods, on the other hand, group multiple containers and provide them with shared resources like network namespaces, allowing them to communicate like traditional VMs.
šThis article discusses the challenges of upgrading Kubernetes beyond a simple one-click update, focusing on how a team had to adapt their strategy, migrate workloads, and address complexities to keep up with Kubernetes versions while maintaining their platform.
šThis article explores various open-source tools for Kubernetes AIOps, including k8sgpt, Kubernetes ChatGPT bot, kubectl-ai, kubectl-gpt, kopilot, kopylot, kube-copilot, and others, which use AI to assist with troubleshooting, auditing, manifest generation, and more to simplify Kubernetes operations.
šThis guide explains how to build a serverless application for entity detection on AWS using the Go programming language, AWS CDK, and AWS CLI. It involves creating an S3 bucket, a Lambda function for entity detection using Amazon Comprehend, and a DynamoDB table to store the results. You can upload text files to the S3 bucket, and the Lambda function will extract entities and store them in the DynamoDB table.
ā” TechWave: Cloud News & Analysis
ā”Cloudflare Workers AI: Serverless GPU-Powered Network: Cloudflare is opening up its global network for AI applications. They're making it easier for companies to use AI by introducing serverless AI features. The first part is called Workers AI, and it lets you run AI models on Cloudflare's network, which is spread all over the world. This means AI tasks can happen faster and closer to the user, which is great for things that need quick responses.
The second part is Vectorize, a special database that helps developers create AI-based apps using Cloudflare's systems. It works alongside Workers AI and brings AI closer to where people are using it. And to keep an eye on how AI is working, Cloudflare offers something called AI Gateway, which helps you see how your AI apps are doing and save on costs.
Cloudflare is teaming up with big companies like Microsoft, Databricks, and AI startup Hugging Face to make all of this happen. They want to make AI more accessible for everyone and believe their network is the best place to run AI. So, whether you're a developer or a company, Cloudflare is making AI easier and more affordable for you to use.
ā”Amazon Bedrock Is Now Generally Available ā Build and Scale Generative AI Applications with Foundation Models: Amazon Bedrock is a service on AWS that simplifies building generative AI applications using foundation models from leading AI companies. It offers tools to customize these models with your data and create managed agents without coding. The service is serverless, eliminating the need to manage infrastructure.
You can access foundation models through the AWS Management Console, SDKs, or open-source frameworks. Amazon Bedrock's console allows you to explore models and use interactive examples for different use cases. Prompt engineering techniques and inference configuration parameters let you tailor model responses. The service provides APIs for easy interaction with models.
CloudWatch tracks usage metrics, and billing is based on processed input and output tokens, with options for on-demand or provisioned throughput pricing. It offers powerful capabilities for generative AI application development, making it easier and more accessible for developers and businesses to leverage AI.
ā”Red Hat and Oracle Expand Collaboration to Bring Red Hat OpenShift to Oracle Cloud Infrastructure: Red Hat and Oracle have joined forces to give customers more options for deploying their applications on Oracle Cloud Infrastructure (OCI). This partnership means that Red Hat OpenShift, a popular hybrid cloud application platform, will be officially supported and certified to run on OCI.
This allows customers to confidently install and run their workloads on Red Hat OpenShift within OCI's cloud environment, and it also simplifies the process of moving OpenShift environments from on-premises data centers to OCI. The partnership includes joint support from both Red Hat and Oracle to assist customers with any issues that may arise.
OCI's distributed cloud spans more than 100 services across 45 public cloud regions, offering various options for OCI Compute shapes that will be certified with Red Hat OpenShift.
This flexibility allows customers to choose the best location for their OpenShift environment based on factors like regulatory compliance, performance, and cost-effectiveness. The certification and support for Red Hat OpenShift on OCI complement the earlier announcement of Red Hat Enterprise Linux's availability on OCI, further expanding the range of supported configurations for customers.
šFrom the Cloud World:
šAWS has introduced a new certification called the AWS Certified Data Engineer ā Associate (DEA-C01). This certification is designed for individuals with 2-3 years of experience in data engineering and 1-2 years of hands-on experience with AWS services. It validates skills in core data-related AWS services, data pipeline implementation, monitoring and troubleshooting, and cost and performance optimization.
šIBM Cloud for VMware as a Service now offers a multitenant consumption model that allows businesses to request VMware resources on-demand with no upfront commitment (billed hourly) or take advantage of guaranteed capacity and discounted pricing with the Reserved billing option (billed monthly), providing flexibility and cost efficiency for running VMware workloads in the cloud.
šCloudflare says big cloud providers are taking control of IT and security from organizations, making it hard to move data, and introduces a 'connectivity cloud' to help regain control.
šThe world's fastest-growing major cloud vendors are Oracle, Google Cloud, and ServiceNow, with each experiencing significant growth in their cloud revenues, while other cloud providers are grouped into categories based on their growth rates.
šIBM is introducing a suite of AI offerings for IBM Z, designed to help businesses implement enterprise AI across various use cases and industries, including improving the accuracy of insurance policy recommendations and enhancing anti-money laundering controls, with a focus on accelerating the adoption of AI frameworks and tooling, and making use of low-latency inferencing through IBM Telum on-chip AI accelerator.
šAmazon Managed Streaming for Apache Kafka (Amazon MSK) now allows continuous data transfer from Apache Kafka to Amazon Simple Storage Service (Amazon S3) using Amazon Kinesis Data Firehose, offering a managed, serverless solution for data transformation and transfer without the need for code or infrastructure management.
š ļøHackHub: Trending Tools
š ļøcilium/hubble: Hubble - Network, Service & Security Observability for Kubernetes using eBPF
š ļøricoberger/vault-secrets-operator: Create Kubernetes secrets from Vault for a secure GitOps based workflow.
š ļøoceanbase/oceanbase: OceanBase is an enterprise distributed relational database with high availability, high performance, horizontal scalability, and compatibility with SQL standards.
š ļøharness/gitness: Gitness is an Open Source developer platform with Source Control management, Continuous Integration and Continuous Delivery.
š ļøkptdev/kpt: Automate Kubernetes Configuration Editing
Technology Operating Models for Cloud and Edge offers guidance on achieving cloud goals like cost savings and faster time to market. It shows how to adapt these goals for edge computing, considering factors like culture, leadership, and technology choices. It includes a step-by-step case study and helps you create a tailored technology operating model for your organization.
Ā Rate todayās newsletter Ā
lowest 1 Ā 2 Ā 3 Ā 4 Ā 5 Ā 6 Ā 7 Ā 8 Ā 9 Ā 10 Ā highest
š¢ If your company is interested in reaching an audience of developers and, technical professionals, and decision makers, you may want toĀ advertise with us.
If you have any comments or feedback, just reply back to this email.
Thanks for reading and have a great day!