CloudPro #3: AWS’ $100 Million Generative AI Innovation Center, Kubernetes Workload Management, AWS CloudTrail Cheat Sheet
Join the Microsoft Learn AI Skills Challenge
Learn and develop essential AI skills with the Microsoft Learn AI Skills Challenge. Join the technical community in your region and attend live sessions while progressing through the challenges. The challenge begins on July 17th and runs through August 14th. Preview the topics by signing up today.
Hello,
“[We aim to] help enterprises turn their own valuable data into custom generative AI models to power groundbreaking new applications — right from the cloud platform that they use to run their businesses.”
-Jensen Huang, Founder and CEO of NVIDIA
Cloud platforms are undergoing a disruptive transformation with the introduction of newer Generative AI. Welcome to this week’s issue of our newsletter which brings you the latest developments in the field of Cloud Computing, Cloud Architecture, Identity and Access Management, CI/CD, Cloud Security, and adjacent fields!
In this edition, we’ll talk about new Azure Cosmos DB features, Microsoft’s plans to move Windows fully to the cloud, IBM’s acceleration of hybrid cloud, Nvidia bringing its AI computing platform to cloud, and AWS’ launch of a $100M program to fund Generative AI initiatives.
We’ve also handpicked some great Cloud resources, secret knowledge, and tutorials on Azure Kubernetes Service (AKS) forensics & incident response, scaling microservices, Kubernetes workload management using Karpenter, and AWS CloudTrail cheat sheet.
What do you think of today’s issue? Please consider taking the short survey below to share your thoughts and you will get a free PDF of the “The Python Workshop” eBook upon completion.
Tell Us What You Think. Get a Packt eBook for Free
Writer’s Credit: Special shout-out to Vidhu Jain for her valuable contribution to this week’s newsletter content!
Cheers,
Editor-in-Chief, Packt
⚡ TechWave: Cloud News & Analysis
New Azure Cosmos DB Features to Boost Performance and Optimize Cost: Microsoft has introduced new features for Azure Cosmos DB to improve cost efficiency and performance. These features include burst capacity to handle traffic spikes, hierarchical partition keys for optimal data distribution, serverless container storage of up to 1 TB, and priority-based execution. These updates enhance the elasticity and scalability of Azure Cosmos DB, Microsoft's globally distributed database service.
AWS Announces Generative AI Innovation Center: Amazon Web Services (AWS) is investing $100 million in the Generative AI Innovation Center to support customers in building and deploying generative AI products and services. The program connects AWS AI and ML experts with customers to help them leverage generative AI technology. The investment aims to catch up with Microsoft's Azure and Google in the Generative AI market. Early program users include Twilio, Highspot, Lonely Planet, and Ryanair.
Microsoft Wants to Move Windows Fully to the Cloud: Microsoft is aiming to move Windows fully to the cloud, not only for commercial customers with Windows 365 but also for consumers. An internal presentation from June 2022 reveals Microsoft's plan to enable a full Windows operating system streamed from the cloud to any device. Windows 365, which currently streams Windows to devices for commercial customers, will be integrated into Windows 11 with features like Windows 365 Boot and Windows 365 Switch.
Nvidia Brings its AI Computing Platform to Cloud Data Firm Snowflake: Snowflake and Nvidia have announced a partnership to enable customers to develop AI models using their own data. The collaboration involves integrating Nvidia's NeMo platform into Snowflake's Data Cloud, allowing customers to leverage their data for AI model training and development. The move signifies a shift towards bringing compute to the data instead of transferring data to the computer. This advancement empowers organizations to make data-driven decisions while retaining control over their valuable assets.
Alkira Launches Extranet-as-a-service to Simplify Cloud Networking: Cloud networking vendor Alkira is offering an extranet-as-a-service (EaaS) solution as part of its cloud networking platform. The EaaS offering leverages Alkira's Cloud Exchange Points (CXPs) and allows users in different locations to access shared resources. Automating manual cloud networking tasks, the solution reduces onboarding time for new partners or customers from months to hours. Alkira's EaaS simplifies the setup and operation of cloud-based extranets, addressing the limitations of traditional approaches.
IBM Accelerates Hybrid Cloud, Acquires Apptio Inc.: IBM has announced its acquisition of Apptio Inc., a leader in financial and operational IT management and optimization software, for $4.6 billion. The acquisition will enhance IBM's IT automation capabilities and allow enterprise leaders to deliver increased business value through technology investments.The acquisition will drive synergies in automation, AI, Red Hat, and consulting, and Apptio will bring valuable IT spend data to IBM.
📚 Secret Knowledge: Learning Resources
AWS CloudTrail Cheat Sheet: This is an attempt to document CloudTrail events that are "interesting" for incident responders or detection engineers. Use this cheat sheet to perform faster triage and identify ‘interesting’ activity in CloudTrail logging. The cheat sheet also consists of the different Mitre ATT&CK phases and the Event names of interest.
How to Enable GCSFuse on GKE: The article explains how to enable GCSFuse (Google Cloud Storage FUSE) on GKE (Google Kubernetes Engine) to mount Cloud Storage buckets as directories/volumes within GKE pods. It provides step-by-step instructions, including enabling the Cloud Storage FUSE CSI driver on the GKE cluster and granting permissions to the service account. The article emphasizes the benefits of GCSFuse, such as accessing large datasets and running machine learning models stored in Cloud Storage.
Cloud Architect Accelerated Learning Path for AWS professionals: This official learning path helps AWS professionals translate their existing AWS knowledge to Google Cloud knowledge, while also preparing them for the Professional Google Cloud Architect Certification. Upon completion, you’re invited to continue your multicloud education with the several relevant courses and skill badges.
Reduce Your Kubernetes Cost with the Time Bomb Solution: The Time Bomb solution aims to reduce Kubernetes costs by shrinking the cluster size and deleting expired PODs using a timer-based approach. It allows for the deletion of specific artifacts without affecting others, and it offers the ability to warm up apps again by patching the validity annotation. Learn more about this solution and how it is beneficial for scenarios where app requests are high, multiple development environments exist, or temporary test apps need to be cleared.
Kubernetes Security Basics Series: Part II - Container Security: Containers share the same kernel and potential vulnerabilities can pose risks to the host and other containers. Implementing security measures like namespace partitioning, control groups, seccomp, AppArmor, SELinux, and vulnerability scanning can help mitigate these risks. This post dives deeper into container security and why it should be your top priority.
Azure Kubernetes Service (AKS) Forensics & Incident Response: The article discusses Azure Kubernetes Service (AKS) and its use in containerized application deployment. AKS is a managed Kubernetes service that simplifies the management of Kubernetes by leveraging Azure cloud. Read the article to know more about Cado Response as a solution for acquiring forensic data from AKS by retrieving container disk or files over the Kubernetes Control plane.
🔍 MasterClass: Tutorials & Guides
Google Cloud CDMC Reference Architecture: This guide provides the detailed instructions and technical artefacts required to stand up a Google Cloud architecture compliant with the 14 Controls of the EDMCouncil Cloud Data Management Capabilities (CDMC). This architecture should be seen as an example guide. If you wish to work towards CDMC compliance for your organisation, you will need to customize the architecture to your requirements.
How to Spot and Troubleshoot AWS S3 Bucket Object Traversal Issues: The article discusses how to detect and troubleshoot object traversal issues in AWS S3 buckets. Addressing object traversal issues enhances the security of AWS S3 storage. These issues can arise from incorrect ACL and policy configurations. Learn how to fix ACL misconfigurations. The Selefra tool is a powerful means to quickly identify these issues, providing detection strategies and executing SQL queries to find at-risk resources. It also offers a chatGPT feature for querying Selefra directly.
Deliver WordPress with KusionStack on Kubernetes and Clouds within 5 Minutes: This tutorial demonstrates how to deploy a WordPress application using KusionStack, which combines Kubernetes and cloud provider resources. The tutorial provides instructions for prerequisites, project structure and configuration codes, delivering the WordPress application, verifying it, modifying the configuration, and deleting it. Learn how KusionStack simplifies application deployment and management by abstracting and encapsulating resources, allowing collaboration between teams, and providing compliance checks.
Achieve Multi-tenancy in Monitoring with Prometheus & Thanos Receiver: This blog post discusses how to achieve multi-tenancy in monitoring distributed systems using Prometheus and Thanos receiver. Thanos is an OSS tool that enables a highly available Prometheus setup with long-term storage capabilities. The Thanos receiver, which is now fully supported, addresses the challenge of implementing multi-tenancy.The blog post provides a step-by-step guide for setting up a multi-tenant monitoring setup using Prometheus and Thanos receiver.
Kubernetes Workload Management using Karpenter: Karpenter is an open-source provisioner tool for Kubernetes that improves efficiency and cost-effectiveness. Unlike Cluster Autoscaler, Karpenter doesn't use node groups and can handle various instance types and purchase options. It optimistically binds pods to nodes, offers right-sizing flexibility, and supports GPU node provisioning. Learn how to deploy Karpenter, applying custom resource definitions, and the consolidation feature can be enabled to reduce costs.
Scaling Microservices: A Comprehensive Guide: Scaling microservices presents challenges in service coordination, data consistency, performance optimization, infrastructure selection, monitoring, service resilience, deployment complexity, and security. Learn how to optimize performance through profiling and resource utilization and choose the right infrastructure based on workload, skills, cost, and scalability.
✨ HackHub: Trending Tools
K8s-Control-Panel-Using-Streamlit: The Kubernetes Control Panel is a web-based interface made with the help of 'Streamlit' that allows you to manage deployment scaling as well as various pod operations.
inherd/uncode: Uncode is a conceptual IDE designed for cloud development, also a cloud-native low-code software development environment.
surf: Escalate your SSRF vulnerabilities on Modern Cloud Environments.
Automated Audit Log Forensic Analysis (ALFA) for Google Workspace: You can use this tool to acquire all Google Workspace audit logs and to perform automated forensic analysis on the audit logs using statistics and the MITRE ATT&CK Cloud Framework.
dimpu47/advancedGoCloud: Building Go microservices for Cloud Development using latest Go Libraries. Docker, Kubernetes, Consul, RabbitMQ, Kafka, JSON, gRPC etc.
goodrain/rainbond: Cloud-native multi cloud application management platform that makes application management and delivery easier.
teamcode-inc/kubeorbit: Test your application on Kubernetes in a brand new simple way.
📇 Concept of the Week: Green Cloud
What is it? Green cloud computing refers to the environmental benefits that cloud-based services offer by maximizing energy efficiencies, promoting the use of recyclable materials, and minimizing the use of hazardous components.
How does it work? Cloud computing achieves energy efficiencies through optimized resource provisioning, multi-tenancy advantages, and dematerialization, resulting in cost savings and reduced carbon emissions.
How can you adopt it? Strategies for migrating to sustainable green cloud computing include virtualization, cloud optimization tools, and selecting carbon-aware cloud service vendors.
What tools can you use?
Tools like Parallels RAS, a virtual desktop infrastructure solution that supports a carbon-neutral future by enhancing energy efficiencies, extending hardware lifecycle, and enabling flexible working models can be useful. It integrates with Azure, GCP, and AWS.
Oracle Cloud Infrastructure (OCI) is a high-performance and sustainable cloud solution that prioritizes green practices. OCI operates in a high-density computing environment powered by renewable resources, promoting the circular economy and offering a clean cloud solution.
📢 If your company is interested in reaching a highly-technical audience of developers, engineers, cloud professionals, and decision makers, you may want to advertise with us.
If you have any comments or feedback, just respond to this email!
Kind Regards,
Kartikey