Podcasts about cloud build

Arnaud et Emmanuel discutent des nouvelles de ce mois. On y parle intégrité de JVM, fetch size de JDBC, MCP, de prompt engineering, de DeepSeek bien sûr mais aussi de Maven 4 et des proxy de répository Maven. Et d'autres choses encore, bonne lecture. Enregistré le 7 février 2025 Téléchargement de l'épisode LesCastCodeurs-Episode-322.mp3 ou en vidéo sur YouTube. News Langages Les evolutions de la JVM pour augmenter l'intégrité https://inside.java/2025/01/03/evolving-default-integrity/ un article sur les raisons pour lesquelles les editeurs de frameworks et les utilisateurs s'arrachent les cheveux et vont continuer garantir l'integrite du code et des données en enlevant des APIs existantes historiquemnt agents dynamiques, setAccessible, Unsafe, JNI Article expliques les risques percus par les mainteneurs de la JVM Franchement c'est un peu leg sur les causes l'article, auto propagande JavaScript Temporal, enfin une API propre et moderne pour gérer les dates en JS https://developer.mozilla.org/en-US/blog/javascript-temporal-is-coming/ JavaScript Temporal est un nouvel objet conçu pour remplacer l'objet Date, qui présente des défauts. Il résout des problèmes tels que le manque de prise en charge des fuseaux horaires et la mutabilité. Temporal introduit des concepts tels que les instants, les heures civiles et les durées. Il fournit des classes pour gérer diverses représentations de date/heure, y compris celles qui tiennent compte du fuseau horaire et celles qui n'en tiennent pas compte. Temporal simplifie l'utilisation de différents calendriers (par exemple, chinois, hébreu). Il comprend des méthodes pour les comparaisons, les conversions et le formatage des dates et des heures. La prise en charge par les navigateurs est expérimentale, Firefox Nightly ayant l'implémentation la plus aboutie. Un polyfill est disponible pour essayer Temporal dans n'importe quel navigateur. Librairies Un article sur les fetch size du JDBC et les impacts sur vos applications https://in.relation.to/2025/01/24/jdbc-fetch-size/ qui connait la valeur fetch size par default de son driver? en fonction de vos use cases, ca peut etre devastateur exemple d'une appli qui retourne 12 lignes et un fetch size de oracle a 10, 2 a/r pour rien et si c'est 50 lignres retournées la base de donnée est le facteur limitant, pas Java donc monter sont fetch size est avantageux, on utilise la memoire de Java pour eviter la latence Quarkus annouce les MCP servers project pour collecter les servier MCP en Java https://quarkus.io/blog/introducing-mcp-servers/ MCP d'Anthropic introspecteur de bases JDBC lecteur de filke system Dessine en Java FX demarrables facilement avec jbang et testes avec claude desktop, goose et mcp-cli permet d'utliser le pouvoir des librarires Java de votre IA d'ailleurs Spring a la version 0.6 de leur support MCP https://spring.io/blog/2025/01/23/spring-ai-mcp-0 Infrastructure Apache Flink sur Kibernetes https://www.decodable.co/blog/get-running-with-apache-flink-on-kubernetes-2 un article tres complet ejn deux parties sur l'installation de Flink sur Kubernetes installation, setup mais aussi le checkpointing, la HA, l'observablité Data et Intelligence Artificielle 10 techniques de prompt engineering https://medium.com/google-cloud/10-prompt-engineering-techniques-every-beginner-should-know-bf6c195916c7 Si vous voulez aller plus loin, l'article référence un très bon livre blanc sur le prompt engineering https://www.kaggle.com/whitepaper-prompt-engineering Les techniques évoquées : Zero-Shot Prompting: On demande directement à l'IA de répondre à une question sans lui fournir d'exemple préalable. C'est comme si on posait une question à une personne sans lui donner de contexte. Few-Shot Prompting: On donne à l'IA un ou plusieurs exemples de la tâche qu'on souhaite qu'elle accomplisse. C'est comme montrer à quelqu'un comment faire quelque chose avant de lui demander de le faire. System Prompting: On définit le contexte général et le but de la tâche pour l'IA. C'est comme donner à l'IA des instructions générales sur ce qu'elle doit faire. Role Prompting: On attribue un rôle spécifique à l'IA (enseignant, journaliste, etc.). C'est comme demander à quelqu'un de jouer un rôle spécifique. Contextual Prompting: On fournit des informations supplémentaires ou un contexte pour la tâche. C'est comme donner à quelqu'un toutes les informations nécessaires pour répondre à une question. Step-Back Prompting: On pose d'abord une question générale, puis on utilise la réponse pour poser une question plus spécifique. C'est comme poser une question ouverte avant de poser une question plus fermée. Chain-of-Thought Prompting: On demande à l'IA de montrer étape par étape comment elle arrive à sa conclusion. C'est comme demander à quelqu'un d'expliquer son raisonnement. Self-Consistency Prompting: On pose plusieurs fois la même question à l'IA et on compare les réponses pour trouver la plus cohérente. C'est comme vérifier une réponse en la posant sous différentes formes. Tree-of-Thoughts Prompting: On permet à l'IA d'explorer plusieurs chemins de raisonnement en même temps. C'est comme considérer toutes les options possibles avant de prendre une décision. ReAct Prompting: On permet à l'IA d'interagir avec des outils externes pour résoudre des problèmes complexes. C'est comme donner à quelqu'un les outils nécessaires pour résoudre un problème. Les patterns GenAI the thoughtworks https://martinfowler.com/articles/gen-ai-patterns/ tres introductif et pre RAG le direct prompt qui est un appel direct au LLM: limitations de connaissance et de controle de l'experience eval: evaluer la sortie d'un LLM avec plusieurs techniques mais fondamentalement une fonction qui prend la demande, la reponse et donc un score numerique evaluation via un LLM (le meme ou un autre), ou evaluation humaine tourner les evaluations a partir de la chaine de build amis aussi en live vu que les LLMs puvent evoluer. Decrit les embedding notament d'image amis aussi de texte avec la notion de contexte DeepSeek et la fin de la domination de NVidia https://youtubetranscriptoptimizer.com/blog/05_the_short_case_for_nvda un article sur les raisons pour lesquelles NVIDIA va se faire cahllengert sur ses marges 90% de marge quand meme parce que les plus gros GPU et CUDA qui est proprio mais des approches ardware alternatives existent qui sont plus efficientes (TPU et gros waffle) Google, MS et d'autres construisent leurs GPU alternatifs CUDA devient de moins en moins le linga franca avec l'investissement sur des langages intermediares alternatifs par Apple, Google OpenAI etc L'article parle de DeepSkeek qui est venu mettre une baffe dans le monde des LLMs Ils ont construit un competiteur a gpt4o et o1 avec 5M de dollars et des capacites de raisonnements impressionnant la cles c'etait beaucoup de trick d'optimisation mais le plus gros est d'avoir des poids de neurores sur 8 bits vs 32 pour les autres. et donc de quatizer au fil de l'eau et au moment de l'entrainement beaucoup de reinforcemnt learning innovatifs aussi et des Mixture of Expert donc ~50x moins chers que OpenAI Donc plus besoin de GPU qui on des tonnes de vRAM ah et DeepSeek est open source un article de semianalytics change un peu le narratif le papier de DeepSkeek en dit long via ses omissions par ensemple les 6M c'est juste l'inference en GPU, pas les couts de recherches et divers trials et erreurs en comparaison Claude Sonnet a coute 10M en infererence DeepSeek a beaucoup de CPU pre ban et ceratins post bans evalués a 5 Milliards en investissement. leurs avancées et leur ouverture reste extremement interessante Une intro à Apache Iceberg http://blog.ippon.fr/2025/01/17/la-revolution-des-donnees-lavenement-des-lakehouses-avec-apache-iceberg/ issue des limites du data lake. non structuré et des Data Warehouses aux limites en diversite de données et de volume entrent les lakehouse Et particulierement Apache Iceberg issue de Netflix gestion de schema mais flexible notion de copy en write vs merge on read en fonction de besoins garantie atomicite, coherence, isoliation et durabilite notion de time travel et rollback partitions cachées (qui abstraient la partition et ses transfos) et evolution de partitions compatbile avec les moteurs de calcul comme spark, trino, flink etc explique la structure des metadonnées et des données Guillaume s'amuse à générer des histoires courtes de Science-Fiction en programmant des Agents IA avec LangChain4j et aussi avec des workflows https://glaforge.dev/posts/2025/01/27/an-ai-agent-to-generate-short-scifi-stories/ https://glaforge.dev/posts/2025/01/31/a-genai-agent-with-a-real-workflow/ Création d'un générateur automatisé de nouvelles de science-fiction à l'aide de Gemini et Imagen en Java, LangChain4j, sur Google Cloud. Le système génère chaque nuit des histoires, complétées par des illustrations créées par le modèle Imagen 3, et les publie sur un site Web. Une étape d'auto-réflexion utilise Gemini pour sélectionner la meilleure image pour chaque chapitre. L'agent utilise un workflow explicite, drivé par le code Java, où les étapes sont prédéfinies dans le code, plutôt que de s'appuyer sur une planification basée sur LLM. Le code est disponible sur GitHub et l'application est déployée sur Google Cloud. L'article oppose les agents de workflow explicites aux agents autonomes, en soulignant les compromis de chaque approche. Car parfois, les Agent IA autonomes qui gèrent leur propre planning hallucinent un peu trop et n'établissent pas un plan correctement, ou ne le suive pas comme il faut, voire hallucine des “function call”. Le projet utilise Cloud Build, le Cloud Run jobs, Cloud Scheduler, Firestore comme base de données, et Firebase pour le déploiement et l'automatisation du frontend. Dans le deuxième article, L'approche est différente, Guillaume utilise un outil de Workflow, plutôt que de diriger le planning avec du code Java. L'approche impérative utilise du code Java explicite pour orchestrer le workflow, offrant ainsi un contrôle et une parallélisation précis. L'approche déclarative utilise un fichier YAML pour définir le workflow, en spécifiant les étapes, les entrées, les sorties et l'ordre d'exécution. Le workflow comprend les étapes permettant de générer une histoire avec Gemini 2, de créer une invite d'image, de générer des images avec Imagen 3 et d'enregistrer le résultat dans Cloud Firestore (base de donnée NoSQL). Les principaux avantages de l'approche impérative sont un contrôle précis, une parallélisation explicite et des outils de programmation familiers. Les principaux avantages de l'approche déclarative sont des définitions de workflow peut-être plus faciles à comprendre (même si c'est un YAML, berk !) la visualisation, l'évolutivité et une maintenance simplifiée (on peut juste changer le YAML dans la console, comme au bon vieux temps du PHP en prod). Les inconvénients de l'approche impérative incluent le besoin de connaissances en programmation, les défis potentiels en matière de maintenance et la gestion des conteneurs. Les inconvénients de l'approche déclarative incluent une création YAML pénible, un contrôle de parallélisation limité, l'absence d'émulateur local et un débogage moins intuitif. Le choix entre les approches dépend des exigences du projet, la déclarative étant adaptée aux workflows plus simples. L'article conclut que la planification déclarative peut aider les agents IA à rester concentrés et prévisibles. Outillage Vulnérabilité des proxy Maven https://github.blog/security/vulnerability-research/attacks-on-maven-proxy-repositories/ Quelque soit le langage, la techno, il est hautement conseillé de mettre en place des gestionnaires de repositories en tant que proxy pour mieux contrôler les dépendances qui contribuent à la création de vos produits Michael Stepankin de l'équipe GitHub Security Lab a cherché a savoir si ces derniers ne sont pas aussi sources de vulnérabilité en étudiant quelques CVEs sur des produits comme JFrog Artifactory, Sonatype Nexus, et Reposilite Certaines failles viennent de la UI des produits qui permettent d'afficher les artifacts (ex: mettez un JS dans un fichier POM) et même de naviguer dedans (ex: voir le contenu d'un jar / zip et on exploite l'API pour lire, voir modifier des fichiers du serveur en dehors des archives) Les artifacts peuvent aussi être compromis en jouant sur les paramètres propriétaires des URLs ou en jouant sur le nomage avec les encodings. Bref, rien n'est simple ni niveau. Tout système rajoute de la compléxité et il est important de les tenir à mettre à jour. Il faut surveiller activement sa chaine de distribution via différents moyens et ne pas tout miser sur le repository manager. L'auteur a fait une présentation sur le sujet : https://www.youtube.com/watch?v=0Z_QXtk0Z54 Apache Maven 4… Bientôt, c'est promis …. qu'est ce qu'il y aura dedans ? https://gnodet.github.io/maven4-presentation/ Et aussi https://github.com/Bukama/MavenStuff/blob/main/Maven4/whatsnewinmaven4.md Apache Maven 4 Doucement mais surement …. c'est le principe d'un projet Maven 4.0.0-rc-2 est dispo (Dec 2024). Maven a plus de 20 ans et est largement utilisé dans l'écosystème Java. La compatibilité ascendante a toujours été une priorité, mais elle a limité la flexibilité. Maven 4 introduit des changements significatifs, notamment un nouveau schéma de construction et des améliorations du code. Changements du POM Séparation du Build-POM et du Consumer-POM : Build-POM : Contient des informations propres à la construction (ex. plugins, configurations). Consumer-POM : Contient uniquement les informations nécessaires aux consommateurs d'artefacts (ex. dépendances). Nouveau Modèle Version 4.1.0 : Utilisé uniquement pour le Build-POM, alors que le Consumer-POM reste en 4.0.0 pour la compatibilité. Introduit de nouveaux éléments et en marque certains comme obsolètes. Modules renommés en sous-projets : “Modules” devient “Sous-projets” pour éviter la confusion avec les Modules Java. L'élément remplace (qui reste pris en charge). Nouveau type de packaging : “bom” (Bill of Materials) : Différencie les POMs parents et les BOMs de gestion des dépendances. Prend en charge les exclusions et les imports basés sur les classifiers. Déclaration explicite du répertoire racine : permet de définir explicitement le répertoire racine du projet. Élimine toute ambiguïté sur la localisation des racines de projet. Nouvelles variables de répertoire : ${project.rootDirectory}, ${session.topDirectory} et ${session.rootDirectory} pour une meilleure gestion des chemins. Remplace les anciennes solutions non officielles et variables internes obsolètes. Prise en charge de syntaxes alternatives pour le POM Introduction de ModelParser SPI permettant des syntaxes alternatives pour le POM. Apache Maven Hocon Extension est un exemple précoce de cette fonctionnalité. Améliorations pour les sous-projets Versioning automatique des parents Il n'est plus nécessaire de définir la version des parents dans chaque sous-projet. Fonctionne avec le modèle de version 4.1.0 et s'étend aux dépendances internes au projet. Support complet des variables compatibles CI Le Flatten Maven Plugin n'est plus requis. Prend en charge les variables comme ${revision} pour le versioning. Peut être défini via maven.config ou la ligne de commande (mvn verify -Drevision=4.0.1). Améliorations et corrections du Reactor Correction de bug : Gestion améliorée de --also-make lors de la reprise des builds. Nouvelle option --resume (-r) pour redémarrer à partir du dernier sous-projet en échec. Les sous-projets déjà construits avec succès sont ignorés lors de la reprise. Constructions sensibles aux sous-dossiers : Possibilité d'exécuter des outils sur des sous-projets sélectionnés uniquement. Recommandation : Utiliser mvn verify plutôt que mvn clean install. Autres Améliorations Timestamps cohérents pour tous les sous-projets dans les archives packagées. Déploiement amélioré : Le déploiement ne se produit que si tous les sous-projets sont construits avec succès. Changements de workflow, cycle de vie et exécution Java 17 requis pour exécuter Maven Java 17 est le JDK minimum requis pour exécuter Maven 4. Les anciennes versions de Java peuvent toujours être ciblées pour la compilation via Maven Toolchains. Java 17 a été préféré à Java 21 en raison d'un support à long terme plus étendu. Mise à jour des plugins et maintenance des applications Suppression des fonctionnalités obsolètes (ex. Plexus Containers, expressions ${pom.}). Mise à jour du Super POM, modifiant les versions par défaut des plugins. Les builds peuvent se comporter différemment ; définissez des versions fixes des plugins pour éviter les changements inattendus. Maven 4 affiche un avertissement si des versions par défaut sont utilisées. Nouveau paramètre “Fail on Severity” Le build peut échouer si des messages de log atteignent un niveau de gravité spécifique (ex. WARN). Utilisable via --fail-on-severity WARN ou -fos WARN. Maven Shell (mvnsh) Chaque exécution de mvn nécessitait auparavant un redémarrage complet de Java/Maven. Maven 4 introduit Maven Shell (mvnsh), qui maintient un processus Maven résident unique ouvert pour plusieurs commandes. Améliore la performance et réduit les temps de build. Alternative : Utilisez Maven Daemon (mvnd), qui gère un pool de processus Maven résidents. Architecture Un article sur les feature flags avec Unleash https://feeds.feedblitz.com//911939960/0/baeldungImplement-Feature-Flags-in-Java-With-Unleash Pour A/B testing et des cycles de développements plus rapides pour « tester en prod » Montre comment tourner sous docker unleash Et ajouter la librairie a du code java pour tester un feature flag Sécurité Keycloak 26.1 https://www.keycloak.org/2025/01/keycloak-2610-released.html detection des noeuds via la proble base de donnée aulieu echange reseau virtual threads pour infinispan et jgroups opentelemetry tracing supporté et plein de fonctionalités de sécurité Loi, société et organisation Les grands morceaux du coût et revenus d'une conférence. Ici http://bdx.io|bdx.io https://bsky.app/profile/ameliebenoit33.bsky.social/post/3lgzslhedzk2a 44% le billet 52% les sponsors 38% loc du lieu 29% traiteur et café 12% standiste 5% frais speaker (donc pas tous) Ask Me Anything Julien de Provin: J'aime beaucoup le mode “continuous testing” de Quarkus, et je me demandais s'il existait une alternative en dehors de Quarkus, ou à défaut, des ressources sur son fonctionnement ? J'aimerais beaucoup avoir un outil agnostique utilisable sur les projets non-Quarkus sur lesquels j'intervient, quitte à y metttre un peu d'huile de coude (ou de phalange pour le coup). https://github.com/infinitest/infinitest/ Conférences La liste des conférences provenant de Developers Conferences Agenda/List par Aurélie Vache et contributeurs : 6-7 février 2025 : Touraine Tech - Tours (France) 21 février 2025 : LyonJS 100 - Lyon (France) 28 février 2025 : Paris TS La Conf - Paris (France) 6 mars 2025 : DevCon #24 : 100% IA - Paris (France) 13 mars 2025 : Oracle CloudWorld Tour Paris - Paris (France) 14 mars 2025 : Rust In Paris 2025 - Paris (France) 19-21 mars 2025 : React Paris - Paris (France) 20 mars 2025 : PGDay Paris - Paris (France) 20-21 mars 2025 : Agile Niort - Niort (France) 25 mars 2025 : ParisTestConf - Paris (France) 26-29 mars 2025 : JChateau Unconference 2025 - Cour-Cheverny (France) 27-28 mars 2025 : SymfonyLive Paris 2025 - Paris (France) 28 mars 2025 : DataDays - Lille (France) 28-29 mars 2025 : Agile Games France 2025 - Lille (France) 3 avril 2025 : DotJS - Paris (France) 3 avril 2025 : SoCraTes Rennes 2025 - Rennes (France) 4 avril 2025 : Flutter Connection 2025 - Paris (France) 4 avril 2025 : aMP Orléans 04-04-2025 - Orléans (France) 10-11 avril 2025 : Android Makers - Montrouge (France) 10-12 avril 2025 : Devoxx Greece - Athens (Greece) 16-18 avril 2025 : Devoxx France - Paris (France) 23-25 avril 2025 : MODERN ENDPOINT MANAGEMENT EMEA SUMMIT 2025 - Paris (France) 24 avril 2025 : IA Data Day 2025 - Strasbourg (France) 29-30 avril 2025 : MixIT - Lyon (France) 7-9 mai 2025 : Devoxx UK - London (UK) 15 mai 2025 : Cloud Toulouse - Toulouse (France) 16 mai 2025 : AFUP Day 2025 Lille - Lille (France) 16 mai 2025 : AFUP Day 2025 Lyon - Lyon (France) 16 mai 2025 : AFUP Day 2025 Poitiers - Poitiers (France) 24 mai 2025 : Polycloud - Montpellier (France) 24 mai 2025 : NG Baguette Conf 2025 - Nantes (France) 5-6 juin 2025 : AlpesCraft - Grenoble (France) 5-6 juin 2025 : Devquest 2025 - Niort (France) 10-11 juin 2025 : Modern Workplace Conference Paris 2025 - Paris (France) 11-13 juin 2025 : Devoxx Poland - Krakow (Poland) 12-13 juin 2025 : Agile Tour Toulouse - Toulouse (France) 12-13 juin 2025 : DevLille - Lille (France) 13 juin 2025 : Tech F'Est 2025 - Nancy (France) 17 juin 2025 : Mobilis In Mobile - Nantes (France) 24 juin 2025 : WAX 2025 - Aix-en-Provence (France) 25-26 juin 2025 : Agi'Lille 2025 - Lille (France) 25-27 juin 2025 : BreizhCamp 2025 - Rennes (France) 26-27 juin 2025 : Sunny Tech - Montpellier (France) 1-4 juillet 2025 : Open edX Conference - 2025 - Palaiseau (France) 7-9 juillet 2025 : Riviera DEV 2025 - Sophia Antipolis (France) 18-19 septembre 2025 : API Platform Conference - Lille (France) & Online 2-3 octobre 2025 : Volcamp - Clermont-Ferrand (France) 6-10 octobre 2025 : Devoxx Belgium - Antwerp (Belgium) 9-10 octobre 2025 : Forum PHP 2025 - Marne-la-Vallée (France) 16-17 octobre 2025 : DevFest Nantes - Nantes (France) 4-7 novembre 2025 : NewCrafts 2025 - Paris (France) 6 novembre 2025 : dotAI 2025 - Paris (France) 7 novembre 2025 : BDX I/O - Bordeaux (France) 12-14 novembre 2025 : Devoxx Morocco - Marrakech (Morocco) 28-31 janvier 2026 : SnowCamp 2026 - Grenoble (France) 23-25 avril 2026 : Devoxx Greece - Athens (Greece) 17 juin 2026 : Devoxx Poland - Krakow (Poland) Nous contacter Pour réagir à cet épisode, venez discuter sur le groupe Google https://groups.google.com/group/lescastcodeurs Contactez-nous via X/twitter https://twitter.com/lescastcodeurs ou Bluesky https://bsky.app/profile/lescastcodeurs.com Faire un crowdcast ou une crowdquestion Soutenez Les Cast Codeurs sur Patreon https://www.patreon.com/LesCastCodeurs Tous les épisodes et toutes les infos sur https://lescastcodeurs.com/

On this Screaming in the Cloud Summer Replay, we revisit our conversation with Aparna Sinha, the Head of AI Product at Capital One. As a former Director of Product Management at Google Cloud, Aparan joins Corey to talk about GCP and how Corey was surprised to find that, in some ways, it was “its own universe.” She offers up why folks can expect a developer user-friendly experience when using GCP, and how it differentiates them from the litany of cloud providers out there. From focusing on developing, to a vast array of customers, GCP is bringing their best forward. Check out their conversation on how GCP is keeping its focus on the user!Show Highlights:(0:00) Intro(0:48) Duckbill Group sponsor read(1:21) Role of a Director of Outbound Product Management(2:43) Developer experiences on Google Cloud(8:47) The philosophy of courting developers(11:38) The shift to serverless(17:17) Cloud Run observations(22:59) Duckbill Group sponsor read(23:43) Customer involvement with Google Cloud(28:55) Cloud Build vs. Cloud Deploy(32:50) Google and cloud security(38:45) Where you can find AparnaAbout AparnaAparna Sinha is Senior Vice President and Head of Enterprise AI/ML products at Capital One. She is also a startup investor / advisor at PearVC. Aparna has a track record of successful P&L ownership, creating new revenue streams and building $B+ businesses through technical and go-to-market innovation. She was Sr. Director of Developer Products at Google Cloud leading a 100+ member PM, UX, and DevRel Engineering team responsible for >40 cloud services and open source tools. She was an early contributor to Kubernetes, built the team and grew Google Kubernetes Engine 100x into a Top 3 revenue generator for Cloud. Prior to Cloud Aparna worked on Android, ChromeOS and Play. Previously at McKinsey & Company she was a leader in the business technology office, working with CIOs on server virtualization strategy, pricing, and SaaS.Aparna holds a PhD in Electrical Engineering from Stanford, and a patent from Google. She served as Chair of the Governing Board of the Cloud Native Computing Foundation (CNCF).Links:DevOps Research Report: https://www.devops-research.com/research.htmlTwitter: https://x.com/aparnabsinhaOriginal Episode:https://www.lastweekinaws.com/podcast/screaming-in-the-cloud/building-a-user-friendly-product-with-aparna-sinha/Sponsor:The Duckbill Group: https://www.duckbillgroup.com/

RCE in ssh-agent forwarding, finding zero-days in CTFs, Node's vm2 can't be secured, NPM packaging ambiguities, privilege escalation in Google's Cloud Build, putting satellite security into low-earth analysis, FCC proposes a trust mark, and more!   Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-248 

RCE in ssh-agent forwarding, finding zero-days in CTFs, Node's vm2 can't be secured, NPM packaging ambiguities, privilege escalation in Google's Cloud Build, putting satellite security into low-earth analysis, FCC proposes a trust mark, and more!   Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-248 

On this week's show Patrick Gray and Adam Boileau discuss the week's security news. They cover: Microsoft's weasel-word response to the State Department email hack JumpCloud got owned, maybe by DPRK Citrix 0day is getting stuff rekt Two more spyware firms sanctioned by USA Scammers list fake phone numbers for major airlines on Google Maps Much, much more This week's show is brought to you by security focussed enterprise browser maker Island. Dan Amiga, Island's CTO and co-founder, is this week's sponsor guest. He talks about why widespread enterprise browser deployment is inevitable. Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that's your thing. Show notes China-based hackers breach email accounts at State Department Microsoft hardens key issuance systems after state-backed hackers breach Outlook accounts | Cybersecurity Dive Microsoft takes pains to obscure role in 0-days that caused email breach | Ars Technica Stealth Mode: Chinese Cyber Espionage Actors Continue to Evolve Tactics to Avoid Detection | Mandiant Hackers target Pakistani government, bank and telecom provider with China-made malware Risky Biz News: JumpCloud compromised by APT group Exploited 0-days, an incomplete fix, and a botched disclosure: Infosec snafu reigns | Ars Technica CISA warns of dangerous Rockwell industrial bug being exploited by gov't group Rockwell Automation, Honeywell warned of critical vulnerabilities in industrial products | Cybersecurity Dive CISA gives US civilian agencies until August 1 to resolve four Microsoft vulnerabilities Google fixes ‘Bad.Build' vulnerability affecting Cloud Build service White House unveils consumer labeling program to strengthen IoT security | Cybersecurity Dive Senate bill crafted with DEA targets end-to-end encryption, requires online companies to report drug activity Two more foreign spyware firms blacklisted by US Phone numbers for airlines listed on Google directed to scammers By criminals, for criminals: AI tool easily generates ‘remarkably persuasive' fraud emails Itamar Golan

On this week's show Patrick Gray and Adam Boileau discuss the week's security news. They cover: Microsoft's weasel-word response to the State Department email hack JumpCloud got owned, maybe by DPRK Citrix 0day is getting stuff rekt Two more spyware firms sanctioned by USA Scammers list fake phone numbers for major airlines on Google Maps Much, much more This week's show is brought to you by security focussed enterprise browser maker Island. Dan Amiga, Island's CTO and co-founder, is this week's sponsor guest. He talks about why widespread enterprise browser deployment is inevitable. Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that's your thing. Show notes China-based hackers breach email accounts at State Department Microsoft hardens key issuance systems after state-backed hackers breach Outlook accounts | Cybersecurity Dive Microsoft takes pains to obscure role in 0-days that caused email breach | Ars Technica Stealth Mode: Chinese Cyber Espionage Actors Continue to Evolve Tactics to Avoid Detection | Mandiant Hackers target Pakistani government, bank and telecom provider with China-made malware Risky Biz News: JumpCloud compromised by APT group Exploited 0-days, an incomplete fix, and a botched disclosure: Infosec snafu reigns | Ars Technica CISA warns of dangerous Rockwell industrial bug being exploited by gov't group Rockwell Automation, Honeywell warned of critical vulnerabilities in industrial products | Cybersecurity Dive CISA gives US civilian agencies until August 1 to resolve four Microsoft vulnerabilities Google fixes ‘Bad.Build' vulnerability affecting Cloud Build service White House unveils consumer labeling program to strengthen IoT security | Cybersecurity Dive Senate bill crafted with DEA targets end-to-end encryption, requires online companies to report drug activity Two more foreign spyware firms blacklisted by US Phone numbers for airlines listed on Google directed to scammers By criminals, for criminals: AI tool easily generates ‘remarkably persuasive' fraud emails Itamar Golan

The US Federal government issues voluntary security guidelines. Possible privilege escalation within Google Cloud. An APT compromises JumpCloud. FIN8 reworks its Sardonic backdoor and continues its shift to ransomware. Ben Yelin looks at privacy legislation coming out of Massachusetts. Our guest is Alastair Parr of Prevalent discussing GDPR and third party risk. And some noteworthy Russian cyber crime–they don't seem to be serving any political masters; they just want to get paid. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/135 Selected reading. Biden-Harris Administration Announces Cybersecurity Labeling Program for Smart Devices to Protect American Consumers (The White House) The Biden administration announces a cybersecurity labeling program for smart devices (AP News)CISA Develops Factsheet for Free Tools for Cloud Environments (Cybersecurity and Infrastructure Security Agency CISA) Free Tools for Cloud Environments (CISA) NSA, CISA Release Guidance on Security Considerations for 5G Network Slicing (Cybersecurity and Infrastructure Security Agency CISA) ESF Members NSA and CISA Publish Second Industry Paper on 5G Network Slicing (National Security Agency/Central Security Service) Bad.Build: A Critical Privilege Escalation Design Flaw in Google Cloud Build Enables a Supply Chain Attack (Orca Security) Orca: Google Cloud design flaw enables supply chain attacks (Security | TechTarget)  Google fixes ‘Bad.Build' vulnerability affecting Cloud Build service (Record) JumpCloud discloses breach by state-backed APT hacking group (BleepingComputer) JumpCloud: A 'state-sponsored threat actor' compromised our systems (Computing)  JumpCloud says nation-state hackers breached its systems | TechCrunch (TechCrunch) JumpCloud, an IT firm serving 200,000 orgs, says it was hacked by nation-state (Ars Technica) [Security Update] Incident Details - JumpCloud (JumpCloud) July 2023 Incident Indicators of Compromise (IoCs) (JumpCloud) FIN8 Uses Revamped Sardonic Backdoor to Deliver Noberus Ransomware (Symantec by Broadcom) RedCurl hackers return to spy on 'major Russian bank,' Australian company (Record) 

Nate Avery, Outbound Product Manager at Google, joins Corey on Screaming in the Cloud to discuss what it's like working in the world of tech, including the implications of AI technology on the workforce and the importance of doing what you love. Nate explains why he feels human ingenuity is so important in the age of AI, as well as why he feels AI will make humans better at the things they do. Nate and Corey also discuss the changing landscape of tech and development jobs, and why it's important to help others throughout your career while doing something you love. About NateNate is an Outbound Product Manager at Google Cloud focused on our DevOps tools. Prior to this, Nate has 20 years of experience designing, planning, and implementing complex systems integrating custom-built and COTS applications. Throughout his career, he has managed diverse teams dedicated to meeting customer goals. With a background as a manager, engineer, Sys Admin, and DBA, Nate is currently working on ways to better build and use virtualized computer resources in both internal and external cloud environments. Nate was also named a Cisco Champion for Datacenter in 2015.Links Referenced: Google Cloud: https://cloud.google.com/devops Not Your Dad's IT: http://www.notyourdadsit.com/ Twitter: https://twitter.com/nathaniel_avery LinkedIn: https://www.linkedin.com/in/nathaniel-avery-2a43574/ TranscriptAnnouncer: Hello, and welcome to Screaming in the Cloud with your host, Chief Cloud Economist at The Duckbill Group, Corey Quinn. This weekly show features conversations with people doing interesting work in the world of cloud, thoughtful commentary on the state of the technical world, and ridiculous titles for which Corey refuses to apologize. This is Screaming in the Cloud.Corey: It's easy to **BEEP** up on AWS. Especially when you're managing your cloud environment on your own!Mission Cloud un **BEEP**s your apps and servers. Whatever you need in AWS, we can do it. Head to missioncloud.com for the AWS expertise you need. Corey: Welcome to Screaming in the Cloud. I'm Corey Quinn, and my guest today is Nate Avery, who's an outbound product manager over at Google Cloud. Nate, thank you for joining me.Nate: Thank you for having me. This is really a pretty high honor. I'm super thrilled to be here.Corey: One of my questions that I have about any large company when I start talking to them and getting to know people who work over there, pretty quickly emerges, which is, “What's the deal with your job title?” And it really doesn't matter what the person does, what the company is, there's always this strange nuance that tends to wind up creeping into the company. What is an outbound product manager and what is it you say it is you do here?Nate: Okay. That's an interesting question because I've been here for about a year now and I think I'm finally starting to figure it out. Sure, I should have known more when I applied for the job, [laugh] but there's what's on the paper and then there's what you do in reality. And so, what it appears to be, where I'm taking this thing now, is I talk to folks about our products and I try to figure out what it is they like, what it is they don't like, and then how do we make it better? I take that information back to our engineers, we huddle up, and we figure out what we can do, how to do it better, how to set the appropriate targets when it comes to our roadmaps. We look at others in the industry, where we are, where they are, where we think we can maybe have an advantage, and then we try to make it happen. That's really what it is.Corey: One of the strange things that happens at big companies, at least from my perspective, given that I've spent most of my career in small ones, is that everyone has a niche. There are very few people at large companies whose job description is yeah, I basically do everything. Where do you start? And where do you stop because Google Cloud, even bounding it to that business unit, is kind of enormous? You've [got 00:02:47] products that are outbound that you manage. And I feel like I should also call out that a product being outbound is not the same thing as being outgoing. I know that people are always wondering, what's Google going to turn off next, but Google Cloud mostly does the right thing in that respect. Good work.Nate: [laugh]. Nice. So, the products I focus on are the DevOps products. So, those are Cloud Build, Cloud Deploy, Artifact Registry, Artifact Analysis. I also work with some of our other dev tooling such as Cloud Workstations. That's in public preview right now, but maybe by the time this goes to air, it'll actually be in general availability.And then I also will talk about some of our other lesser-known tools like Skaffold or maybe on occasion, I'll throw out something about minikube. And also, Cloud Code, which is a really deep browser plugin for your IDE that gives you access to lots of different Google tools. So yeah, that's sort of my area.Corey: Well, I'm going to start with the last thing you mentioned, where you have Cloud Code as an IDE tooling and a plug-in for it. I'm relatively new to the world of IDEs because I come from the world of grumpy Unix admins; you never know what you're going to be remoting into next, but it's got VI on it, so worst case, you'll have that. So, I grew up using that, and as a result, that is still my default. I've been drifting toward VS Code a fair bit lately, as I've been regrettably learning JavaScript and TypeScript, just because having a lot of those niceties is great. But what's really transformative for me has been a lot of the generative AI offerings from various companies around hey, how about we just basically tab-complete your code for you, which is astonishing. I know people love to argue about that and then they go right back to their old approach of copying and pasting their code off a Stack Overflow.Nate: Yeah. That's an interesting one. When it works, it works and it's magical. And those are those experiences where you say, “I'm going to do this thing forever and ever I'm never going to go back.” And then when it doesn't work, you find yourself going back and then you maybe say, “Well, heck, that was horrible. Why'd I ever even go down this path?”I will say everyone's working on something along those lines. I don't think that that's much of a secret. And there are just so many different avenues at getting there. And I think that this is so early in the game that where we are today isn't where we're going to be.Corey: Oh, just—it's accelerating. Watching the innovation right now in the generative AI space is incredible. My light bulb moment that finally got me to start paying attention to this and viewing it as something other than hype that people are trying to sell us on conference stages was when I use one of them to spit out just, from a comment in VS Code, “Write a Python script that will connect to AWS pricing API and tell me what something costs, sorted from most to least expensive regions.” Because doing that manually would have taken a couple hours because their data structures are a sad joke and that API is garbage. And it sat and spun for a second and then it did it. But if I tell that story as, “This is the transformative moment that opened my eyes,” I sound incredibly sad and pathetic.Nate: No, I don't think so. I think that what it does, is it… one, it will open up more eyes, but the other thing that it does is you have to take that to the next level, which is great. That's great work, gone. Now that I have this information, what do I do with it? That's really where we need to be going and where we need to think about what this AI revolution is going to allow us to do, and that's to actually put this stuff into context.That's what humans do, which the computers are not always great at. And so, for instance, I see a lot of posts online about, “Hey, you know, I used to do job X, where I wrote up all these things,” or, “I used to write a blog and now because of AI, my boss wants me to write, you know, five times the output.” And I'm thinking, “Well, maybe the thing that you're writing doesn't need to be written if it can be easily queried and generated on the fly.” You know? Maybe those blog posts just don't have that much value anymore. So, what is it that we really should concentrate on in order to help us do better stuff, to have a higher order of importance in the world? That's where I think a lot of this really will wind up going is… you know, just as people, we've got to be better. And this will help us get there.Corey: One area of nuance on this, though, is—you're right when I talked about this with some of my developer friends, some of their responses were basically to become immediately defensive. Like, “Sure, it's great for the easy stuff, but it's not going to solve the high-level stuff that senior engineers are good at.” And I get that. This ridiculous thing that I had to do is not a threat to a senior engineer, but it is arguably a threat to someone I find on Upwork or Fiverr or whatnot to go and write this simple script for me.Nate: Oh yeah.Corey: Now, the concern that I have is one of approachability and accessibility because. Senior engineers don't form fully created from the forehead of some God somewhere that emerges from Google. They start off as simply people who have no idea what they're doing and have a burning curiosity about something, in many cases. Where is the next generation going to get the experience of writing a lot of that the small-scale stuff, if it's done for them? And I know that sounds alarmist, and oh, no, the sky is falling, and are the children going to be all right, as most people my age start to get into. But I do wonder what the future holds.Nate: That's legit. That's a totally legit question because it's always kind of hanging out there. I look at what my kids have access to today. They have freaking Oracle, the Oracle at Delphi on their phone; you know, and—Corey: If Oracle the database on their phone, I would hate to imagine what the cost of raising your kids to adulthood would be.Nate: Oh, it's mighty, mighty high [laugh]. But no, they have all of this stuff at their hands and then even just in the air, right? There's ambient computing, there's any question you want answered, you could speak it into the air and it'll come out. And it'll be, let's just say, I don't know, at least 85% accurate. But my kids still ask me [laugh].Corey: Having my kids, who are relatively young, still argue and exhaust their patience on a robot with infinite patience instead of me who has no patience? Transformative. “How do I spell whatever it is?” “Ask Alexa,” becomes a story instead of, “Look it up in the dictionary,” like my parents used to tell me. It's, “If I knew how to spell it, I would need to look it up in the dictionary, but I don't, so I can't.”Nate: Right. And I would never need to spell it again because I have the AI write my whole thing for me.Corey: That is a bit of concern for me when—some of the high school teachers are freaking out about students are writing essays with this thing. And, yeah, on the one hand, I absolutely see this as alarmism, where, oh, no, I'm going to have to do my job, on some level. But the reason you write so many of those boring, pointless essays in English class over the course of the K through 12 experience is ideally, it's teaching you how to frame your discussions, how to frame an argument, how to tell a compelling story. And, frankly, I think that's something that a lot of folks in the engineering cycle struggle with mightily. You're a product slash program manager at this point; I sort of assume that I don't need to explain to you that engineers are sometimes really bad at explaining what they mean.Nate: Yeah. Dude, I came up in tech. I'm… bad at it too sometimes [laugh]. Or when I think I'm doing a great job and then I look over and I see a… you know, the little blanky, blanky face, it goes, “Oh. Oh, hold on. I'll recalibrate that for you.” It's a thing.Corey: It's such a bad trope that they have now decided that they are calling describing what you actually mean slash want is now an entire field called prompt engineering.Nate: Dude, I hate that. I don't understand how this is going to be a job. It seems to be the most ridiculous thing in the world. If you say, “I sit down for six hours a day and I ask my computer questions,” I got to ask, “Well, why?” [laugh]. You know? And really, that's the thing. It gets back—Corey: Well, most of us do that all day long. It's just in Microsoft Excel or they use SQL to do it.Nate: Yeah… it is, but you don't spend your day asking the question of your computer, “Why.” Or really, most of us ask the question, “How?” That's really what it is we're doing.Corey: Yeah. And that is where I think it's going to start being problematic for some folks who are like, “Well, what is the point of writing blog posts if Chat-GIPITY can do it?” And yes, that's how I pronounce it: Chat-GIPITY. And the response is, “Look, if you're just going to rehash the documentation, you're right. There's no point in doing it.”Don't tell me how to do something. Tell me why. Tell me when I should consider using this tool, that tool, why this is interesting to me, why it exists. Because the how, one way or another, there are a myriad ways to find out the answer to something, but you've got to care first and convincing people to care is something computers still have not figured out.Nate: Bingo. And that gets back to your question about the engineers, right? Yeah. Okay. So sure, the little low-level tasks of, “Hey I need you to write this API.” All right, so maybe that stuff does get farmed out.However, the overall architecture still has to be considered by someone, someone still has to figure out where and how, and when things should be placed and the order in which these things should be connected. That never really goes away. And then there's also the act of creation. And by creation, I mean, just new ideas, things that—you know, that stroke of creativity and brilliance where you just say, “Man, I think there's a better way to do this thing.” Until I see that from one of these generative AI products, I don't know if anyone should truly feel threatened.Corey: I would argue that people shouldn't necessarily feel threatened regardless because things always change; that's the nature of it. I saw a headline on Hacker News recently where it said that 90% of my skills are worthless, but 10% of them are 10x what they were was worth. And I think that there's a lot of truth to that because it's, if you want a job where you never have to—you don't have to keep up with the continuing field, there are options. Not to besmirch them, but accountants are a terrific example of this. Yes, there's change to accountancy rules, but it happens slowly and methodically. You don't go on vacation for two years as an accountant—or a sabbatical—come back and discover that everything's different and math doesn't work the way it once did. Computers on the other hand, it really does feel like it's keep up or you never will.Nate: Unless you're a COBOL guy and you get called back for y2k.Corey: Oh, of course. And I'm sure—and now you're sitting around, you're waiting because when the epic time problem hits in 2038, you're going to get your next call out. And until then, it's kind of a sad life. You're the Maytag repair person.Nate: Yeah. I'm bad at humor, by the way, in case you have noticed. So, you touched on something there about the rate of change and how things change and whether or not these generative AI models are going to be able to—you know, just how far can they go? And I think that there's a—something happened over the last week or so that really got me thinking about this. There was a posting of a fake AI-generated song, I think from Drake.And say what you want about cultural appropriation, all that sort of thing, and how horrible that is, what struck me was the idea that these sorts of endeavors can only go so far because in any genre where there's language, and current language that morphs and changes and has subtlety to it, the generative AI would have to somehow be able to mimic that. And not to say that it could never get there, but again, I see us having some situations where folks are worried about a lot of things that they don't need to worry about, you know, just at this moment.Corey: I'm curious to figure out what your take is on how you see the larger industry because for a long time—and yes, it's starting to fade on some level, because it's not 2006 anymore, but there was a lot of hero worship going on with respect to Google, in particular. It was the mythical city on the hill where all the smart people went and people's entire college education was centered around the idea of, well, I'm going to get a job at Google when I graduate or I'm doomed. And it never seems to work out that way. I feel like there's a much more broad awareness these days that there's no one magical company that has the answers and there are a lot of different paths. But if you're giving guidance to someone who's starting down that path today, what would it be?Nate: Do what you love. Find something that you love, figure out who does the thing that you love, and go there. Or go to a place that does a thing that you love poorly. Go there. See if you can make a difference. But either way, you're working on something that you like to do.And really, in this business, if you can't get in the door at one of those places, then you can make your own door. It's becoming easier and easier to just sort of shoehorn yourself into this space. And a lot of it, yeah, there's got to be talent, yeah, you got to believe in yourself, all that sort of thing, but the barriers to entry are really low right now. It's super easy to start up a website, it costs you nothing to have a GitHub account. I really find it surprising when I talked to my younger cousins or someone else in that age range and they start asking, like, “Well, hey, how do I get into business?”And I'm like, “Well, what's your portfolio?” You know? And I ask them, “Do you want to work for someone else? Or would you like to at least try working for yourself first?” There are so many different avenues open to folks that you're right, you don't have to go to company X or you will never be anything anymore. That said, I am at [laugh] one of the bigger companies and do there are some brilliant people here. I bump into them and it's kind of wild. It really, really is.Corey: Oh, I want to be very clear, despite the shade that I throw at Google—and contemporary peers in the big tech company space—there are an awful lot of people who are freaking brilliant. And more importantly, by far, a lot of people who are extraordinarily kind.Nate: Yeah. Yeah. So, all right, in this business, there's that whole trope about, “Yeah, they're super smart, but they're such jerks.” It doesn't have to be that way. It really doesn't. And it's neat when you run into a place that has thousands of people who do not fit that horrible stereotype out there of the geek who can't, you know, who can't get along well with others. It's kind of nice.But I also think that that's because the industry itself is opening up. I go on to Twitter now and I see so many new faces and I see folks coming in, you know, for whatever reason, they're attracted to it for reasons, but they're in. And that's the really neat part of it. I used to worry that I didn't see a lot of young people being interested in this space. But I'm starting to notice it now and I think that we're going to wind up being in good hands.Corey: The kids are all right, I think, is a good way of framing it. What made you decide to go to Google? Again, you said you've been there about a year at this point. And, on some level, there's always a sense in hindsight of, well, yeah, obviously someone went from this job to that job to that job. There's a narrative here and it makes sense, but I've never once in my life found that it made sense and was clear while you're making the decision. It feels like it only becomes clear in hindsight.Nate: Yes, I am an extremely lucky person. I am super fortunate, and I will tell a lot of people, sometimes I have the ability to fall ass-backwards into success. And in this case, I am here because I was asked. I was asked and I didn't really think that I was the Google type because, I don't know what I thought the Google type was, just, you know, not me.And yet, I… talked it out with some folks, a really good, good buddy of mine and [laugh] I'll be darned, you know, next thing, you know, I'm here. So, gosh, what can I say except, don't limit yourself [laugh]. We do have a tendency to do that and oh, my God, it's great to have a champion and what I'd like to do now, now that you mention it and it's been something that I had on my mind for a bit is, I've got to figure out how to, you know how to start, you know, giving back, paying it forward, whatever the phrase it is you want to use? Because—Corey: I like, “Send the elevator back down.”Nate: Send the elevator back down? There you go, right? If that escalator stopped, turn it back on.Corey: Yeah, escalator; temporarily, stairs.Nate: Yes. You know, there are tons of ways up. But you know, if you can help someone, just go ahead and do it. You'd be surprised what a little bit of kindness can do.Corey: Well, let's tie this back to your day job for a bit, on some level. You're working on, effectively, developer tools. Who's the developer?Nate: Who's the developer? So, there's a general sense in the industry that anyone who works in IT or anyone who writes code is a developer. Sometimes there's the very blanket statement out there. I tend to take the view that a developer is the person who writes the code. That is a developer, that's [unintelligible 00:21:52] their job title. That's the thing that they do.The folks who assist developers, the folks who keep the servers up and running, they're going to have a lot of different names. They're DevOps admins, they're platform admins, they're server admins. Whatever they are, rarely would I call them developers, necessarily. So, I get it. We try to make blanket statement, we try to talk to large groups at a time, but you wouldn't go into your local county hospital and say that, “I want to talk to the dentist,” when you really mean, like, a heart surgeon.So, let's not do that, you know? We're known for our level of specificity when we discuss things in this field, so let's try to be a little more specific when we talk about the folks who do what they do. Because I came up on that ops track and I know the type of effort that I put in, and I looked at folks across from me and I know the kind of hours that they put in, I know all of the blood sweat and tears and nightless sleeps and answering the pagers at four in the morning. So, let's just call them what they are, [laugh] right? And it's not to say that calling them a developer is an insult in any way, but it's not a flex either.Corey: You do work at a large cloud company, so I have to assume that this is a revelation for you, but did you know that words actually mean things? I know, it's true. You wouldn't know it from a lot of the product names that wind up getting scattered throughout the world. The trophy for the worst one ever though, is Azure DevOps because someone I was talking to as a hiring manager once thought that they listed that is a thing they did on their resume and was about to can the resume. It's, “Wow, when your product name is so bad that it impacts other people's careers, that's kind of impressively awful.”But I have found that back when the DevOps movement was getting started, I felt a little offput because I was an operations person; I was a systems administrator. And suddenly, people were asking me about being a developer and what it's like. And honestly, on some level, I felt like an imposter, just because I write configuration files; I don't write code. That's very different. Code is something smart people write and I'm bad at doing that stuff.And in the fullness of time, I'm still bad at it, but at least now unenthusiastically bad at it. And, on some level, brute force also becomes a viable path forward. But it felt like it was gatekeeping, on some level, and I've always felt like the terms people use to describe what I did weren't aimed at me. I just was sort of against the edge.Nate: Yeah. And it's a weird thing that happens around here, how we get to these points, or… or somehow there's an article that gets written and then all of a sudden, everyone's life is changed in an industry. You go from your job being, “Hey, can you rack and stack the server?” To, “Hey, I need you to write this YAML code that's going to virtually instantiate a server and also connect it to a load balancer, and we need these done globally.” It's a really weird transition that happens in life.But like you said, that's part of our job: it morphs, it changes, it grows. And that's the fun of it. We hope that these changes are actually for the better and then they're going to make us more productive and they're going to make our businesses thrive and do things that they couldn't be before, like maybe be more resilient. You know, you look at the number of customers—customers; I think of them as customers—who had issues because of that horrible day in 9/11 and, you know, their business goes down the tube because there wasn't an adequate DR or COOP strategy, you know? And I know, I'm going way back in the wayback, but it's real. And I knew people who were affected by it.Corey: It is. And the tide is rising. This gets back to what we were talking about where the things that got you here won't necessarily get you there. And Cloud is a huge part of that. These days, I don't need to think about load balancers, in many cases, or all of the other infrastructure pieces because Google Cloud—among other companies, as well, lots of them—have moved significantly up the stack.I mean, people are excited about Kubernetes in a whole bunch of ways, but what an awful lot of enterprises are super excited about is suddenly, a hard drive failure doesn't mean their application goes down.Nate: [Isn't that 00:26:24] kind of awesome?Corey: Like, that's a transformative moment for them.Nate: It totally is. You know, I get here and I look at the things that people are doing and I kind of go, “Wow,” right? I'm in awe. And to be able to contribute to that in some way by saying, “Hey, you know what, we'll be cool? How about we try this feature?” Is really weird, [laugh] right?It's like, “Wow, they listened to me.” But we think about what it is we're trying to do and a lot of it, strangely enough, is not just helping people, but helping people by getting out of the way. And that is huge, right? You know, because you just want it to work, but more than it just working, you want it to be seamless. What's easier than putting your key in the ignition and turning it? Well, not having to use a key at all.So, what are those types of changes that we can bring to these different types of experiences that folks have? If you want to get your application onto a Kubernetes cluster, it shouldn't be some Herculean feat.Corey: And running that application responsibly should not require a team of people, each making a quarter million bucks a year, just to be able to do it safely and responsibly. There's going to be a collapsing down of what you have to know in order to run these things. I mean, web servers used to be something that required a month of your life and a fair bit of attention to run. Now, it's a checkbox in a cloud console.Nate: Yeah. And that's what we're trying to get it to, right? Why isn't everything a checkbox? Why can't you say, “Look, I wrote my app. I did the hard part.” Let's—you know, I just need to see it go somewhere. You know? Make it go and make it stay up. And how can I do that?And also, here's a feature that we're working on. Came out recently and we want folks to try it. It's a cloud deploy feature that works for Cloud Run as well as it does for GKE. And it's… I know it's going to sound super simple: it's our canary deployment method. But it's not just canary deployment, but also we can tie it into parallel deployment.And so, you can have your new version of your app stood up alongside your old version of the app and we can roll it out incrementally in parallel around the world and you can have an actual test that says, “Hey, is this working? Is it not working?” If it does, great, let's go forward. If it doesn't, let's roll back. And some of the stuff sounds like common sense, but it's been difficult to pull off.And now we're trying to do it with just a few lines a YAML. So, you know, is it as simple as it could be? Well, we're still looking at that. But the features are in there and we're constantly looking at what we can do to iterate and figure out what the next thing is.Corey: I really want to thank you for taking the time to speak with me. If people want to learn more, where's the best place for them to find you?Nate: Best place for them to find me used to be my blog, it's Not Your Dad's IT, However, I've been pretty negligent there since doing this whole Google thing, so I would say, just look me up on Twitter at @nathaniel_avery, look me up on Google. You can go to a pretty cool search engine and [laugh]—Corey: Oh, that's right. You guys have a search engine now. Good work.Nate: That's what I hear [laugh].Corey: Someday maybe it'll even come to Google Docs.Nate: [laugh]. Yes, so yeah, that's where to find me. You know, just look me up at Nathaniel Avery. I think that handle works for almost everything, Twitter, LinkedIn, wherever, and reach out.If there's something you like about our DevOps tools, let me know. If there's something you hate about our DevOps tools, definitely let me know. Because the only reason we're doing this is to try and help people. And if we're not doing that, then we need to know. We need to know why it isn't working out.And trust me, I talk to these engineers every day. That's the thing that really keeps them moving in the morning is knowing that they're doing something to make things better for folks. Real quick, I'll close out, and I think I may have mentioned this on some other podcasts. I come from the ops world. I was that guy who had to help get a deployment out on a Friday night and it lasted all weekend long and you're staring there at your phone at some absurd time on a Sunday night and everyone's huddled together and you're trying to figure out, are we going to rollback or are we going to go forward? What are we going to do by Monday?Corey: I don't miss those days.Nate: Oh, oh God no. I don't miss those days either. But you know what I do want? I took this job because I don't want anyone else to have those days. That's really what it is. We want to make sure that these tools give folks the ability to deploy safely and to deploy with confidence and to take that level of risk out of the equation, so that folks can, you know, just get back to doing other things. You know, spend that time with your family, spend the time reading, spend that time prompting ChatGPT with questions, [laugh] whatever it is you want to do, but you shouldn't have to sit there and wonder, “Oh, my God, is my app working? And what do I do when it doesn't?”Corey: I really want to thank you for being as generous with your time and philosophy on this. Thanks again. I've really enjoyed our conversation.Nate: Thank you. Thank you. I've been a big fan of your work for years.Corey: [laugh]. Nate Avery, outbound product manager at Google Cloud. I'm Cloud Economist Corey Quinn and this is Screaming in the Cloud. If you've enjoyed this podcast, please leave a five-star review on your podcast platform of choice whereas if you hate this podcast, please leave a five-star review on your podcast platform of choice along with an angry, insulting comment that you had Chat-GIPITY write for you in YAML.Corey: If your AWS bill keeps rising and your blood pressure is doing the same, then you need The Duckbill Group. We help companies fix their AWS bill by making it smaller and less horrifying. The Duckbill Group works for you, not AWS. We tailor recommendations to your business and we get to the point. Visit duckbillgroup.com to get started.

On the show this week, Carter Morgan and Anu Srivastava talk about AI and ML data analytics with Dataiku VP of Platform Strategy, Jed Dougherty, and Head of Product Marketing, Dan Darnell. Dataiku is an AI platform targeted for business team collaboration. The low and no code environments make it easy for developers and not so tech savvy employees to work together on analytics projects. It strives for everyday AI, making these normally highly technical data processes more accessible. Our guests detail the tools Dataiku provides customers, including ML Ops features for efficient models. Dataiku's managed offering allows businesses to concentrate on the model while Dataiku takes care of things like the deployment processes behind the scenes. We hear about the partnership between Dataiku and Google Cloud and Dataiku's integration with AlloyDB. Through a real example, our guests run us through the use of these two tools together. Jed talks about why Google Cloud works so well with Dataiku, especially for businesses looking for cutting edge technology. Jed Dougherty Jed is the VP of Platform Strategy at Dataiku. In this role he acts as a strategic technical advisor to Dataiku customers and prospects. He also works tightly with Engineering and Product stakeholders in order to ensure that all technical platform requests are properly followed, scoped and implemented. Dan Darnell Dan has over 20 years of experience in the analytics industry at established software companies, hyper-growth technology companies, and small technology start-ups. As the Head of Product Marketing at Dataiku, he owns positioning, evangelism, and content creation for product offerings and education on products for customers and partners. Cool things of the week Google Cloud supercharges NLP with large language models blog Practicing the principle of least privilege with Cloud Build and Artifact Registry blog Interview Dataiku site Dataiku YouTube videos BigQuery site Kubernetes site GKE site AlloyDB for PostgreSQL site Accelerate AI Adoption: 3 Steps to Deploy Dataiku for Google Cloud Platform blog Implementing Dataiku with BigQuery docs GCP Podcast Episode 238: ASML with Arnaud Hubaux podcast GCP Podcast Episode 229: Lucidworks with Radu Miclaus podcast What's something cool you're working on? Anu is working on interesting speech use cases and Google's Speech to Text. Join in with this tutorial! Carter is working on getting organized and working on something super cool! Hosts Carter Morgan and Anu Srivastava

DevOps is a concept that has exploded in the past few years, allowing software development teams to release software and automate the process. This decreases time to market and speeds up learning cycles. Continuous Integration and Continuous Delivery (CI/CD), automates the software delivery pipeline, continuously deploying new software releases in an automated fashion. But when we deploy code quickly, it's imperative that we don't ignore the security aspect from the beginning. Ideally, we shift security left and incorporate it into the pipeline right from the start. This reduces software vulnerabilities and makes sure our cloud resources are configured following the best practices in terms of security. Google Cloud Principle Architect Anjali Khatri and Google Cloud Solutions Engineer Nitin Vashishtha join the show to discuss DevOps, DevSecOps, the shift left movement, and how to use Google Cloud to create a secure CI/CD pipeline. Topics: How has the cloud changed the way people need to think about architecting secure systems? How does the scale of cloud potentially impact the scale of a security or privacy issue? What is DevOps? Why is this area so hot right now? What problems has the DevOps movement helped solve that were traditionally difficult or impossible to address? How does the Shift Left movement for security relate to what's happening in DevOps? What is DevSecOps? How does DevSecOps fit into a company's overall security and privacy program and strategy? When it comes to things like CI/CD, what are the common mistakes people can make when it comes to security, privacy, or compliance? Cloud Build is a serverless CI/CD platform, why do I need something beyond this to automate my pipeline? What other Cloud tools and components should I be using to make sure my CI/CD system is not only able to support my team's day to day development but is actually secure? Can you talk about Artifact Registry and what that product means in terms of security? How does Cloud's Binary Authorization system work? Why would I use it and how does that improve my security posture? Does the addition of security as part of say my CI/CD pipeline impact performance in a meaningful way? Can you walk me through what the CI/CD process looks like using the combination of Cloud tools and resources? How much knowledge and experience do I need to set this up? How does a combination of tools like this play with configuring Cloud resources directly within the Google Cloud Console? Are there Cloud products that help me lock down my source code? Are there Cloud products that automatically scan my code for security or privacy vulnerabilities? What are your thoughts on the future of cloud security? Are there technologies in this space that you are particularly excited about? Where should someone looking to learn more DevSecOps and cloud security? Resources: Building a secure CI/CD pipeline using Google Cloud built-in services Introducing Google Cloud's new Assured Open Source Software Service Software Delivery Shield overview Cloud Workstations Identity & Security Google Cloud Security Best Practices

Forrest Brazeal joins Stephanie Wong today on the second day of Google Cloud Next ‘22. We're talking about all the exciting announcements, how the conference has changed in recent years, and what to expect in the days ahead. The excitement and energy of the first in-person Next since 2019 was one of the best parts for Forrest. With 1300 releases in just half the year, a lot has happened in BigQuery, AI, Looker, and more. Next includes announcements in many of these areas as well, as Google Cloud expands and makes Cloud easier for all types of projects and clients. Strategic partnerships and development have allowed better use of Google Cloud for the virtual work world and advancements in sustainability have helped Google users feel better about their impact on the environment. New announcements in compute include C3 VMs, the first VM in the cloud with 4th Gen Intel Xeon scalable processors with Google's custom Intel IPU. MediaCDN uses the YouTube infrastructure and the new Live Stream API optimizes streaming capabilities. Among many other announcements, Network Analyzer is now GA allowing for simplified network configuration monitoring and Google Cloud Armor has been extended to include ML-based Adaptive Protection capabilities. Software Delivery Shield and Cloud Workstations are recent offerings to help developers in each of the four areas of software supply chain management. Advancements in Cloud Build include added security benefits, and new GKE and Cloud Run logging and security alerts ensure projects remain secure through the final stages of development. The best way to ensure secure, optimized work is with well-trained developers. And in that vein, Google Cloud is introducing Innovators Plus to provide a new suite of developer benefits under a fixed cost subscription. Forrest tells us about #GoogleClout and the challenges available in the Next portal for conference-goers. Assured Workloads helps with data sovereignty in different regions, Confidential Space in Confidential Computing provides trust guarantees when companies perform joint data analysis and machine learning training, and Chronicle Security Operations are some of the exciting security announcements we saw at Next. On the show next week, we'll go in depth on data announcements at Next, but Steph gives us a quick rundown of some of the biggest ones today. She talks briefly about announcements in AI, including Vertex AI Vision and Translation Hub. Forrest wraps up by talking about predictions for the future of tech and cloud. Forrest Brazeal Forrest Brazeal is a cloud educator, author, speaker, and Pwnie Award-winning songwriter. He is the creator of the Cloud Resume Challenge initiative, which has helped thousands of non-traditional learners take their first steps into the cloud. Cool things of the week Unlock biology & medicine potential with AlphaFold on Google Cloud video Interview Google Cloud Next ‘22 site Google Cloud Innovators site What's next for digital transformation in the cloud blog New cloud regions coming to a country near you blog The next wave of Google Cloud infrastructure innovation: New C3 VM and Hyperdisk blog 20+ Cloud Networking innovations unveiled at Google Cloud Next blog Introducing Software Delivery Shield for end-to-end software supply chain security blog Developers - Build, learn, and grow your career faster with Google Cloud blog Advancing digital sovereignty on Europe's terms blog Introducing Confidential Space to help unlock the value of secure data collaboration blog Introducing Chronicle Security Operations: Detect, investigate, and respond to cyberthreats with the speed, scale, and intelligence of Google blog What's new in Google Cloud databases: More unified. More open. More intelligent. blog Building the most open data cloud ecosystem: Unifying data across multiple sources and platforms blog Introducing the next evolution of Looker, your unified business intelligence platform blog Vertex AI Vision site New AI Agents can drive business results faster: Translation Hub, Document AI, and Contact Center AI blog Open source collaborations and key partnerships to help accelerate AI innovation blog Google Cloud Launches First-of-Its-Kind Service to Simplify Mainframe Modernization for Customers in Financial Services, Retail, Healthcare and Other Industries article Project Starline expands testing through an early access program blog What's something cool you're working on? Steph is working on the developer keynote and DevFest and UKI Google Cloud Next Developer Day. Check out her Next talk “Simplify and secure your network for all workloads”. Hosts Stephanie Wong

#CloudNClear is ON-DEMAND NOW!

Hosts Carter Morgan and Anthony Bushong are in the studio this week! We're talking about Prometheus with guests Lee Yanco and Ashish Kumar and learning about the build process for Google Cloud's Managed Service for Prometheus and how Home Depot uses this tool to power their business. To begin with, Lee helps us understand what Managed Service for Prometheus is. Prometheus, a popular monitoring solution for Kubernetes, lets you know that your project is up and running and in the event of a failure, Prometheus lets you know what happened. But as Kubernetes projects scale and spread across the globe, Prometheus becomes a challenge to manage, and that's where Google Cloud's Managed Service for Prometheus comes in. Lee describes why Prometheus is so great for Kubernetes, and Ashish talks about CNCF's involvement helps open source tools integrate easily. With the help of Monarch, Google's Managed Service stands above the competition, and Lee explains what Monarch is and how it works with Prometheus to benefit users. Ashish talks about Home Depot's use of Google Cloud and the Managed Service for Prometheus, and how Home Depot's multiple data centers make data monitoring both trickier and more important. With Google Cloud, Home Depot is able to easily ensure everything is healthy and running across data centers, around the world, at an immense scale. He describes how Home Depot uses Managed Service for Prometheus in each of these data center environments from the point of view of a developer and talks about how easy Prometheus and the Managed Service are to integrate and use. Lee and Ashish wrap up the show with a look at how Home Depot and Google have worked together to create and adjust tools for increased efficiency. In the future, tighter integration into the rest of Google Cloud's suite of products is the focus. Lee Yanco Lee Yanco is the Product Management lead for Google Cloud Managed Service for Prometheus. He also works on Monarch, Google's planet-scale in-memory time series database, and on Cloud Monitoring's Kubernetes observability experience. Ashish Kumar Ashish Kumar is Senior Manager for Site Reliability and Production Engineering for The Home Depot. Cool things of the week Cloud Next registration is open site Introducing Parallel Steps for Workflows: Speed up workflow executions by running steps concurrently blog How to think about threat detection in the cloud blog GCP Podcast Episode 218: Chronicle Security with Dr. Anton Chuvakin and Ansh Patniak podcast Interview Prometheus site PromQL site Google Cloud Managed Service for Prometheus docs Kubernetes site CNCF site Monarch: Google's Planet-Scale In-Memory Time Series Database research Cloud Monitoring site Cloud Logging site Google Cloud's operations suite site What's something cool you're working on? Carter is focusing on getting organized, managing overwhelm, and comedy festivals. Anthony is testing a few new exciting features, working with build provenance in Cloud Build, jobs and network file systems in Cloud Run. Hosts Carter Morgan and Anthony Bushong

Full Description / Show Notes Steren and Corey talk about how Google Cloud Run got its name (00:49) Corey talks about his experiences using Google Cloud (2:42) Corey and Steven discuss Google Cloud's cloud run custom domains (10:01) Steren talks about Cloud Run's high developer satisfaction and scalability (15:54) Corey and Steven talk about Cloud Run releases at Google I/O (23:21) Steren discusses the majority of developer and customer interest in Google's cloud product (25:33) Steren talks about his 20% projects around sustainability (29:00) About SterenSteren is a Senior Product Manager at Google Cloud. He is part of the serverless team, leading Cloud Run. He is also working on sustainability, leading the Google Cloud Carbon Footprint product.Steren is an engineer from École Centrale (France). Prior to joining Google, he was CTO of a startup building connected objects and multi device solutions.Links Referenced: Google Cloud Run: https://cloud.run sheets-url-shortener: https://github.com/ahmetb/sheets-url-shortener snark.cloud/run: https://snark.cloud/run Twitter: https://twitter.com/steren TranscriptAnnouncer: Hello, and welcome to Screaming in the Cloud with your host, Chief Cloud Economist at The Duckbill Group, Corey Quinn. This weekly show features conversations with people doing interesting work in the world of cloud, thoughtful commentary on the state of the technical world, and ridiculous titles for which Corey refuses to apologize. This is Screaming in the Cloud.Corey: Welcome to Screaming in the Cloud. I'm Corey Quinn. I'm joined today by Steren Giannini, who is a senior product manager at Google Cloud, specifically on something called Google Cloud Run. Steren, thank you for joining me today.Steren: Thanks for inviting me, Corey.Corey: So, I want to start at the very beginning of, “Oh, a cloud service. What are we going to call it?” “Well, let's put the word cloud in it.” “Okay, great. Now, it is cloud, so we have to give it a vague and unassuming name. What does it do?” “It runs things.” “Genius. Let's break and go for work.” Now, it's easy to imagine that you spent all of 30 seconds on a name, but it never works that way. How easy was it to get to Cloud Run as a name for the service?Steren: [laugh]. Such a good question because originally it was not named Cloud Run at all. The original name was Google Serverless Engine. But a few people know that because they've been helping us since the beginning, but originally it was Google Serverless Engine. Nobody liked the name internally, and I think at one point, we wondered, “Hey, can we drop the engine structure and let's just think about the name. And what does this thing do?” “It runs things.”We already have Cloud Build. Well, wouldn't it be great to have Cloud Run to pair with Cloud Build so that after you've built your containers, you can run them? And that's how we ended up with this very simple Cloud Run, which today seems so obvious, but it took us a long time to get to that name, and we actually had a lot of renaming to do because we were about to ship with Google Serverless Engine.Corey: That seems like a very interesting last-minute change because it's not just a find and replace at that point, it's—Steren: No.Corey: —“Well, okay, if we call it Cloud Run, which can also be a verb or a noun, depending, is that going to change the meaning of some sentences?” And just doing a find and replace without a proofread pass as well, well, that's how you wind up with funny things on Twitter.Steren: API endpoints needed to be changed, adding weeks of delays to the launch. That is why we—you know, [laugh] announced in 2018 and publicly launched in 2019.Corey: I've been doing a fair bit of work in cloud for a while, and I wound up going down a very interesting path. So, the first native Google Cloud service—not things like WP Engine that ride on top of GCP—but my first native Google Cloud Service was done in service of this podcast, and it is built on Google Cloud Run. I don't think I've told you part of this story yet, but it's one of the reasons I reached out to invite you onto the show. Let me set the stage here with a little bit of backstory that might explain what the hell I'm talking about.As listeners of this show are probably aware, we have sponsors whom we love and adore. In the early days of this show, they would say, “Great, we want to tell people about our product”—which is the point of a sponsorship—“And then send them to a URL.” “Great. What's the URL?” And they would give me something that was three layers deep, then with a bunch of UTM tracking parameters at the end.And it's, “You do realize that no one is going to be sitting there typing all of that into a web browser?” At best, you're going to get three words or so. So, I built myself a URL redirector, snark.cloud. I can wind up redirecting things in there anywhere it needs to go.And for a long time, I did this on top of S3 and then put CloudFront in front of it. And this was all well and good until, you know, things happened in the fullness of time. And now holy crap, I have an operations team involved in things, and maybe I shouldn't be the only person that knows how to work on all of these bits and bobs. So, it was time to come up with something that had a business user-friendly interface that had some level of security, so I don't wind up automatically building out a spam redirect service for anything that wants to, and it needs to be something that's easy to work with. So, I went on an exploration.So, at first it showed that there were—like, I have an article out that I've spoken about before that there are, “17 Ways to Run Containers on AWS,” and then I wrote the sequel, “17 More Ways to Run Containers on AWS.” And I'm keeping a list, I'm almost to the third installation of that series, which is awful. So, great. There's got to be some ways to build some URL redirect stuff with an interface that has an admin panel. And I spent three days on this trying a bunch of different things, and some were running on deprecated versions of Node that wouldn't build properly and others were just such complex nonsense things that had got really bad. I was starting to consider something like just paying for Bitly or whatnot and making it someone else's problem.And then I stumbled upon something on GitHub that really was probably one of the formative things that changed my opinion of Google Cloud for the better. And within half an hour of discovering this thing, it was up and running. I did the entire thing, start to finish, from my iPad in a web browser, and it just worked. It was written by—let me make sure I get his name correct; you know, messing up someone's name is a great way to say that we don't care about them—Ahmet Balkan used to work at Google Cloud; now he's over at Twitter. And he has something up on GitHub that is just absolutely phenomenal about this, called sheets-url-shortener.And this is going to sound wild, but stick with me. The interface is simply a Google Sheet, where you have one column that has the shorthand slug—for example, run; if you go to snark.cloud/run, it will redirect to Google Cloud Run's website. And the second column is where you want it to go. The end.And whenever that gets updated, there's of course some caching issues, which means it can take up to five seconds from finishing that before it will actually work across the entire internet. And as best I can tell, that is fundamentally magic. But what made it particularly useful and magic, from my perspective, was how easy it was to get up and running. There was none of this oh, but then you have to integrate it with Google Sheets and that's a whole ‘nother team so there's no way you're going to be able to figure that out from our Docs. Go talk to them and then come back in the day.They were the get started, click here to proceed. It just worked. And it really brought back some of the magic of cloud for me in a way that I hadn't seen in quite a while. So, all which is to say, amazing service, I continue to use it for all of these sponsored links, and I am still waiting for you folks to bill me, but it fits comfortably in the free tier because it turns out that I don't have hundreds of thousands of people typing it in every week.Steren: I'm glad it went well. And you know, we measure tasks success for Cloud Run. And we do know that most new users are able to deploy their apps very quickly. And that was the case for you. Just so you know, we've put a lot of effort to make sure it was true, and I'll be glad to tell you more about all that.But for that particular service, yes, I suppose Ahmet—who I really enjoyed working with on Cloud Run, he was really helpful designing Cloud Run with us—has open-sourced this side project. And basically, you might even have clicked on a deploy to Cloud Run button on GitHub, right, to deploy it?Corey: That is exactly what I did and it somehow just worked and—Steren: Exactly.Corey: And it knew, even logging into the Google Cloud Console because it understands who I am because I use Google Docs and things, I'm already logged in. None of this, “Oh, which one of these 85 credential sets is it going to be?” Like certain other clouds. It was, “Oh, wow. Wait, cloud can be easy and fun? When did that happen?”Steren: So, what has happened when you click that deploy to Google Cloud button, basically, the GitHub repository was built into a container with Cloud Build and then was deployed to Cloud Run. And once on Cloud Run, well, hopefully, you have forgotten about it because that's what we do, right? We—give us your code, in a container if you know containers if you don't just—we support, you know, many popular languages, and we know how to build them, so don't worry about that. And then we run it. And as you said, when there is low traffic or no traffic, it scales to zero.When there is low traffic, you're likely going to stay under the generous free tier. And if you have more traffic for, you know, Screaming in the Cloud suddenly becoming a high destination URL redirects, well, Cloud Run will scale the number of instances of this container to be able to handle the load. Cloud Run scales automatically and very well, but only—as always—charging you when you are processing some requests.Corey: I had to fork and make a couple of changes myself after I wound up doing some testing. The first was to make the entire thing case insensitive, which is—you know, makes obvious sense. And the other was to change the permanent redirect to a temporary redirect because believe it or not, in the fullness of time, sometimes sponsors want to change the landing page in different ways for different campaigns and that's fine by me. I just wanted to make sure people's browser cache didn't remember it into perpetuity. But it was easy enough to run—that was back in the early days of my exploring Go, which I've been doing this quarter—and in the couple of months this thing has been running it has been effectively flawless.It's set it; it's forget it. The only challenges I had with it are it was a little opaque getting a custom domain set up that—which is still in beta, to be clear—and I've heard some horror stories of people saying it got wedged. In my case, no, I deployed it and I started refreshing it and suddenly, it start throwing an SSL error. And it's like, “Oh, that's not good, but I'm going to break my own lifestyle here and be patient for ten minutes.” And sure enough, it cleared itself and everything started working. And that was the last time I had to think about any of this. And it just worked.Steren: So first, Cloud Run is HTTPS only. Why? Because it's 2020, right? It's 2022, but—Corey: [laugh].Steren: —it's launched in 2020. And so basically, we have made a decision that let's just not accept HTTP traffic; it's only HTTPS. As a consequence, we need to provision a cert for your custom domain. That is something that can take some time. And as you said, we keep it in beta or in preview because we are not yet satisfied with the experience or even the performance of Cloud Run custom domains, so we are actively working on fixing that with a different approach. So, expect some changes, hopefully, this year.Corey: I will say it does take a few seconds when people go to a snark.cloud URL for it to finish resolving, and it feels on some level like it's almost like a cold start problem. But subsequent visits, the same thing also feel a little on the slow and pokey side. And I don't know if that's just me being wildly impatient, if there's an optimization opportunity, or if that's just inherent to the platform that is not under current significant load.Steren: So, it depends. If the Cloud Run service has scaled down to zero, well of course, your service will need to be started. But what we do know, if it's a small Go binary, like something that you mentioned, it should really take less than, let's say, 500 milliseconds to go from zero to one of your container instance. Latency can also be due to the way the code is running. If it occurred is fetching things from Google Sheets at every startup, that is something that could add to the startup latency.So, I would need to take a look, but in general, we are not spinning up a virtual machine anytime we need to scale horizontally. Like, our infrastructure is a multi-tenant, rapidly scalable infrastructure that can materialize a container in literally 300 milliseconds. The rest of the latency comes from what does the container do at startup time?Corey: Yeah, I just ran a quick test of putting time in front of a curl command. It looks like it took 4.83 seconds. So, enough to be perceptive. But again, for just a quick redirect, it's generally not the end of the world and there's probably something I'm doing that is interesting and odd. Again, I did not invite you on the show to file a—Steren: [laugh].Corey: Bug report. Let's be very clear here.Steren: Seems on the very high end of startup latencies. I mean, I would definitely expect under the second. We should deep-dive into the code to take a look. And by the way, building stuff on top of spreadsheets. I've done that a ton in my previous lives as a CTO of a startup because well, that's the best administration interface, right? You just have a CRUD UI—Corey: [unintelligible 00:12:29] world and all business users understand it. If people in Microsoft decided they were going to change Microsoft Excel interface, even a bit, they would revert the change before noon of the same day after an army of business users grabbed pitchforks and torches and marched on their headquarters. It's one of those things that is how the world runs; it is the world's most common IDE. And it's great, but I still think of databases through the lens of thinking about it as a spreadsheet as my default approach to things. I also think of databases as DNS, but that's neither here nor there.Steren: You know, if you have maybe 100 redirects, that's totally fine. And by the way, the beauty of Cloud Run in a spreadsheet, as you mentioned is that Cloud Run services run with a certain identity. And this identity, you can grant it permissions. And in that case, what I would recommend if you haven't done so yet, is to give an identity to your Cloud Run service that has the permission to read that particular spreadsheet. And how you do that you invite the email of the service account as a reader of your spreadsheet, and that's probably what you did.Corey: The click button to the workflow on Google Cloud automatically did that—Steren: Oh, wow.Corey: —and taught me how to do it. “Here's the thing that look at. The end.” It was a flawless user-onboarding experience.Steren: Very nicely done. But indeed, you know, there is this built-in security which is the principle of minimal permission, like each of your Cloud Run service should basically only be able to read and write to the backing resources that they should. And by default, we give you a service account which has a lot of permissions, but our recommendation is to narrow those permissions to basically only look at the cloud storage buckets that the service is supposed to look at. And the same for a spreadsheet.Corey: Yes, on some level, I feel like I'm going to write an analysis of my own security approach. It would be titled, “My God, It's Full Of Stars” as I look at the IAM policies of everything that I've configured. The idea of least privilege is great. What I like about this approach is that it made it easy to do it so I don't have to worry about it. At one point, I want to go back and wind up instrumenting it a bit further, just so I can wind up getting aggregate numbers of all right, how many times if someone visited this particular link? It'll be good to know.And I don't know… if I have to change permissions to do that yet, but that's okay. It's the best kind of problem: future Corey. So, we'll deal with that when the time comes. But across the board, this has just been a phenomenal experience and it's clear that when you were building Google Cloud Run, you understood the assignment. Because I was looking for people saying negative things about it and by and large, all of its seem to come from a perspective of, “Well, this isn't going to be the most cost-effective or best way to run something that is hyperscale, globe-spanning.”It's yes, that's the thing that Kubernetes was originally built to run and for some godforsaken reason people run their blog on it instead now. Okay. For something that is small, scales to zero, and has long periods where no one is visiting it, great, this is a terrific answer and there's absolutely nothing wrong with that. It's clear that you understood who you were aiming at, and the migration strategy to something that is a bit more, I want to say robust, but let's be clear what I mean when I'm saying that if you want something that's a little bit more impressive on your SRE resume as you're trying a multi-year project to get hired by Google or pretend you got hired by Google, yeah, you can migrate to something else in a relatively straightforward way. But that this is up, running, and works without having to think about it, and that is no small thing.Steren: So, there are two things to say here. The first is yes, indeed, we know we have high developer satisfaction. You know, we measure this—in Google Cloud, you might have seen those small satisfaction surveys popping up sometimes on the user interface, and you know, we are above 90% satisfaction score. We hire third parties to help us understand how usable and what satisfaction score would users get out of Cloud Run, and we are constantly getting very, very good results, in absolute but also compared to the competition.Now, the other thing that you said is that, you know, Cloud Run is for small things, and here while it is definitely something that allows you to be productive, something that strives for simplicity, but it also scales a lot. And contrary to other systems, you do not have any pre-provisioning to make. So, we have done demos where we go from zero to 10,000 container instances in ten seconds because of the infrastructure on which Cloud Run runs, which is fully managed and multi-tenant, we can offer you this scale on demand. And many of our biggest customers have actually not switched to something like Kubernetes after starting with Cloud Run because they value the low maintenance, the no infrastructure management that Cloud Run brings them.So, we have like Ikea, ecobee… for example ecobee, you know, the smart thermostats are using Cloud Run to ingest events from the thermostat. I think Ikea is using Cloud Run more and more for more of their websites. You know, those companies scale, right? This is not, like, scale to zero hobby project. This is actually production e-commerce and connected smart objects production systems that have made the choice of being on a fully-managed platform in order to reduce their operational overhead.[midroll 00:17:54]Corey: Let me be clear. When I say scale—I think we might be talking past each other on a small point here. When I say scale, I'm talking less about oh tens or hundreds of thousands of containers running concurrently. I'm talking in a more complicated way of, okay, now we have a whole bunch of different microservices talking to one another and affinity as far as location to each other for data transfer reasons. And as you start beginning to service discovery style areas of things, where we build a really complicated applications because we hired engineers and failed to properly supervise them, and that type of convoluted complex architecture.That's where it feels like Cloud Run increasingly, as you move in that direction, starts to look a little bit less like the tool of choice. Which is fine, I want to be clear on that point. The sense that I've gotten of it is a great way to get started, it's a great way to continue running a thing you don't have to think about because you have a day job that isn't infrastructure management. And it is clear to—as your needs change—to either remain with the service or pivot to a very close service without a whole lot of retooling, which is key. There's not much of a lock-in story to this, which I love.Steren: That was one of the key principles when we started to design Cloud Run was, you know, we realized the industry had agreed that the container image was the standard for the deployment artifact of software. And so, we just made the early choice of focusing on deploying containers. Of course, we are helping users build those containers, you know, we have things called build packs, we can continuously deploy from GitHub, but at the end of the day, the thing that gets auto-scaled on Cloud Run is a container. And that enables portability.As you said. You can literally run the same container, nothing proprietary in it, I want to be clear. Like, you're just listening on a port for some incoming requests. Those requests can be HTTP requests, events, you know, we have products that can push events to Cloud Run like Eventarc or Pub/Sub. And this same container, you can run it on your local machine, you can run it on Kubernetes, you can run it on another cloud. You're not locked in, in terms of API of the compute.We even went even above and beyond by having the Cloud Run API looks like a Kubernetes API. I think that was an extra effort that we made. I'm not sure people care that much, but if you look at the Cloud Run API, it is actually exactly looking like Kubernetes, Even if there is no Kubernetes at all under the hood; we just made it for portability. Because we wanted to address this concern of serverless which was lock-in. Like, when you use a Function as a Service product, you are worried that the architecture that you are going to develop around this product is going to be only working in this particular cloud provider, and you're not in control of the language, the version that this provider has decided to offer you, you're not in control of more of the complexity that can come as you want to scan this code, as you want to move this code between staging and production or test this code.So, containers are really helping with that. So, I think we made the right choice of this new artifact that to build Cloud Run around the container artifact. And you know, at the time when we launched, it was a little bit controversial because back in the day, you know, 2018, 2019, serverless really meant Functions as a Service. So, when we launched, we little bit redefined serverless. And we basically said serverless containers. Which at the time were two worlds that in the same sentence were incompatible. Like, many people, including internally, had concerns around—Corey: Oh, the serverless versus container war was a big thing for a while. Everyone was on a different side of that divide. It's… containers are effectively increasingly—and I know, I'll get email for this, and I don't even slightly care, they're a packaging format—Steren: Exactly.Corey: —where it solves the problem of how do I build this thing to deploy on Debian instances? And Ubuntu instances, and other instances, God forbid, Windows somewhere, you throw a container over the wall. The end. Its DevOps is about breaking down the walls between Dev and Ops. That's why containers are here to make them silos that don't have to talk to each other.Steren: A container image is a glorified zip file. Literally. You have a set of layers with files in them, and basically, we decided to adopt that artifact standard, but not the perceived complexity that existed at the time around containers. And so, we basically merged containers with serverless to make something as easy to use as a Function as a Service product but with the power of bringing your own container. And today, we are seeing—you mentioned, what kind of architecture would you use Cloud Run for?So, I would say now there are three big buckets. The obvious one is anything that is a website or an API, serving public internet traffic, like your URL redirect service, right? This is, you have an API, takes a request and returns a response. It can be a REST API, GraphQL API. We recently added support for WebSockets, which is pretty unique for a service offering to support natively WebSockets.So, what I mean natively is, my client can open a socket connection—a bi-directional socket connection—with a given instance, for up to one hour. This is pretty unique for something that is as fully managed as Cloud Run.Corey: Right. As we're recording this, we are just coming off of Google I/O, and there were a number of announcements around Cloud Run that were touching it because of, you know, strange marketing issues. I only found out that Google I/O was a thing and featured cloud stuff via Twitter at the time it was happening. What did you folks release around Cloud Run?Steren: Good question, actually. Part of the Google I/O Developer keynote, I pitched a story around how Cloud Run helps developers, and the I/O team liked the story, so we decided to include that story as part of the live developer keynote. So, on stage, we announced Cloud Run jobs. So now, I talked to you about Cloud Run services, which can be used to expose an API, but also to do, like, private microservice-to-microservice communication—because cloud services don't have to be public—and in that case, we support GRPC and, you know, a very strong security mechanism where only Service A can invoke Service B, for example, but Cloud Run jobs are about non-request-driven containers. So, today—I mean, before Google I/O a few days ago, the only requirement that we imposed on your container image was that it started to listen for requests, or events, or GRPC—Corey: Web requests—Steren: Exactly—Corey: It speaks [unintelligible 00:24:35] you want as long as it's HTTP. Yes.Steren: That was the only requirement we asked you to have on your container image. And now we've changed that. Now, if you have a container that basically starts and executes to completion, you can deploy it on a Cloud Run job. So, you will use Cloud Run jobs for, like, daily batch jobs. And you have the same infrastructure, so on-demand, you can go from zero to, I think for now, the maximum is a hundred tasks in parallel, for—of course, you can run many tasks in sequence, but in parallel, you can go from zero to a hundred, right away to run your daily batch job, daily admin job, data processing.But this is more in the batch mode than in streaming mode. If you would like to use a more, like, streaming data processing, than a Cloud Run service would still be the best fit because you can literally push events to it, and it will auto-scale to handle any number of events that it receives.Corey: Do you find that the majority of customers are using Cloud Run for one-off jobs that barely will get more than a single container, like my thing, or do you find that they're doing massively parallel jobs? Where's the lion's share of developer and customer interest?Steren: It's both actually. We have both individual developers, small startups—which really value the scale to zero and pay per use model of Cloud Run. Your URL redirect service probably is staying below the free tier, and there are many, many, many users in your case. But at the same time, we have big, big, big customers who value the on-demand scalability of Cloud Run. And for these customers, of course, they will probably very likely not scale to zero, but they value the fact that—you know, we have a media company who uses Cloud Run for TV streaming, and when there is a soccer game somewhere in the world, they have a big spike of usage of requests coming in to their Cloud Run service, and here they can trust the rapid scaling of Cloud Run so they don't have to pre-provision things in advance to be able to serve that sudden traffic spike.But for those customers, Cloud Run is priced in a way so that if you know that you're going to consume a lot of Cloud Run CPU and memory, you can purchase Committed Use Discounts, which will lower your bill overall because you know you are going to spend one dollar per hour on Cloud Run, well purchase a Committed Use Discount because you will only spend 83 cents instead of one dollar. And also, Cloud Run and comes with two pricing model, one which is the default, which is the request-based pricing model, which is basically you only have CPU allocated to your container instances if you are processing at least one request. But as a consequence of that, you are not paying outside of the processing of those requests. Those containers might stay up for you, one, ready to receive new requests, but you're not paying for them. And so, that is—you know, your URL redirect service is probably in that mode where yes when you haven't used it for a while, it will scale down to zero, but if you send one request to it, it will serve that request and then it will stay up for a while until it decides to scale down. But you the user only pays when you are processing these specific requests, a little bit like a Function as a Service product.Corey: Scales to zero is one of the fundamental tenets of serverless that I think that companies calling something serverless, but it always charges you per hour anyway. Yeah, that doesn't work. Storage, let's be clear, is a separate matter entirely. I'm talking about compute. Even if your workflow doesn't scale down to zero ever as a workload, that's fine, but if the workload does, you don't get to keep charging me for it.Steren: Exactly. And so, in that other mode where you decide to always have CPU allocated to your Cloud Run container instances, then you pay for the entire lifecycle of this container instances. You still benefit from the auto-scaling of Cloud Run, but you will pay for the lifecycle and in that case, the price points are lower because you pay for a longer period of time. But that's more the price model that those bigger customers will take because at their scale, they basically always receive requests, so they already to pay always, basically.Corey: I really want to thank you for taking the time to chat with me. Before you go, one last question that we'll be using as a teaser for the next episode that we record together. It seems like this is a full-time job being the product manager on Cloud Run, but no Google, contrary to popular opinion, does in fact, still support 20% projects. What's yours?Steren: So, I've been looking to work on Cloud Run since it was a prototype, and you know, for a long time, we've been iterating privately on Cloud Run, launching it, seeing it grow, seeing it adopted, it's great. It's my full-time job. But on Fridays, I still find the time to have a 20% project, which also had quite a bit of impact. And I work on some sustainability efforts for Google Cloud. And notably, we've released two things last year.The first one is that we are sharing some carbon characteristics of Google Cloud regions. So, if you have seen those small leaves in the Cloud Console next to the regions that are emitting the less carbon, that's something that I helped bring to life. And the second one, which is something quite big, is we are helping customers report and reduce their gross carbon emissions of their Google Cloud usage by providing an out of the box reporting tool called Google Cloud Carbon Footprint. So, that's something that I was able to bootstrap with a team a little bit on the side of my Cloud Run project, but I was very glad to see it launched by our CEO at the last Cloud Next Conference. And now it is a fully-funded project, so we are very glad that we are able to help our customers better meet their sustainability goals themselves.Corey: And we will be talking about it significantly on the next episode. We're giving a teaser, not telling the whole story.Steren: [laugh].Corey: I really want to thank you for being as generous with your time as you are. If people want to learn more, where can they find you?Steren: Well, if they want to learn more about Cloud Run, we talked about how simple was that name. It was obviously not simple to find this simple name, but the domain is https://cloud.run.Corey: We will also accept snark.cloud/run, I will take credit for that service, too.Steren: [laugh]. Exactly.Corey: There we are.Steren: And then, people can find me on Twitter at @steren, S-T-E-R-E-N. I'll be happy—I'm always happy to help developers get started or answer questions about Cloud Run. And, yeah, thank you for having me. As I said, you successfully deployed something in just a few minutes to Cloud Run. I would encourage the audience to—Corey: In spite of myself. I know, I'm as surprised as anyone.Steren: [laugh].Corey: The only snag I really hit was the fact that I was riding shotgun when we picked up my daughter from school and went through a dead zone. It's like, why is this thing not loading in the Google Cloud Console? Yeah, fix the cell network in my area, please.Steren: I'm impressed that you did all of that from an iPad. But yeah, to the audience give Cloud Run the try. You can really get started connecting your GitHub repository or deploy your favorite container image. And we've worked very hard to ensure that usability was here, and we know we have pretty strong usability scores. Because that was a lot of work to simplicity, and product excellence and developer experience is a lot of work to get right, and we are very proud of what we've achieved with Cloud Run and proud to see that the developer community has been very supportive and likes this product.Corey: I'm a big fan of what you've built. And well, of course, it links to all of that in the show notes. I just want to thank you again for being so generous with your time. And thanks again for building something that I think in many ways showcases the best of what Google Cloud has to offer.Steren: Thanks for the invite.Corey: We'll talk again soon. Steren Giannini is a senior product manager at Google Cloud, on Cloud Run. I'm Cloud Economist Corey Quinn and this is Screaming in the Cloud. If you've enjoyed this podcast, please leave a five-star review on your podcast platform of choice, whereas if you've hated this podcast, please leave a five-star review on your podcast platform of choice. If it's on YouTube, put the thumbs up and the subscribe buttons as well, but in the event that you hated it also include an angry comment explaining why your 20% project is being a shithead on the internet.Corey: If your AWS bill keeps rising and your blood pressure is doing the same, then you need The Duckbill Group. We help companies fix their AWS bill by making it smaller and less horrifying. The Duckbill Group works for you, not AWS. We tailor recommendations to your business and we get to the point. Visit duckbillgroup.com to get started.Announcer: This has been a HumblePod production. Stay humble.

Hosts Anthony Bushong and Kaslin Fields welcome Bowei Du and Abdelfettah Sghiouar to talk about the Gateway Controller, a tool that helps developers use the Gateway API in GKE. Bowei starts the show with a thorough explanation of how and why the Gateway Controller was developed. Compared to tools like Ingress, Gateway Controller allows engineers to implement more expressive solutions. While providing developers with portability has been an important part of Gateway Controller, it also gives developers freedom to use non-portable features in a structured, consistent environment and helps manage tenancy across different teams. Bowei and Abdel describe the difference between Ingress and Service and how these tools fit in with Gateway Controller. Abdel walks us through how a company would use the Gateway Controller for optimal tenancy management across name spaces and how this is an improvement over Ingress and Service. He gives examples of how companies are using this new tool. We hear more about the GKE Gateway Controller and how its fully-managed deployments and integration with other Google APIs make it so easy to use. Bowei tells us how Gateway helps with the unification of mesh and non mesh environments through the standardization of noun describers in both instances. A handy edge to mesh tutorial is available to help developers. Abdelfettah Sghiouar Abdel is a Cloud Dev Advocate with a focus on Cloud native, GKE, and Service Mesh technologies. Bowei Du Bowei is tech lead on Gateway Controller and a specialist in distributed systems and networking. Cool things of the week Strengthening your DevOps muscle site Interview Kubernetes site GKE site GKE Gateway API docs Kubernetes Gateway API site Ingress docs Service docs From edge to mesh: Exposing service mesh applications through GKE Ingress docs Google Cloud Armor site Kubernetes Slack site Slack channel: #sig-network-gateway-api GKE Networking Recipes GitHub repo site The evolution of Kubernetes networking with the GKE Gateway controller blog What's something cool you're working on? Kaslin is working on KubeCon EU. Anthony is working on software supply chain security with Cloud Build. Kaslin and Anthony are working together on the GKE Essentials Series Hosts Anthony Bushong and Kaslin Fields

About AparnaAparna Sinha is Director of Product for Kubernetes and Anthos at Google Cloud. Her teams are focused on transforming the way we work through innovation in platforms. Before Anthos and Kubernetes, Aparna worked on the Android platform. She joined Google from NetApp where she was Director of Product for storage automation and private cloud. Prior to NetApp, Aparna was a leader in McKinsey and Company's business transformation office working with CXOs on IT strategy, pricing, and M&A. Aparna holds a PhD in Electrical Engineering from Stanford and has authored several technical publications. She serves on the Governing Board of the Cloud Native Computing Foundation (CNCF).Links: DevOps Research Report: https://www.devops-research.com/research.html Twitter: https://twitter.com/apbhatnagar TranscriptAnnouncer: Hello, and welcome to Screaming in the Cloud with your host, Chief Cloud Economist at The Duckbill Group, Corey Quinn. This weekly show features conversations with people doing interesting work in the world of cloud, thoughtful commentary on the state of the technical world, and ridiculous titles for which Corey refuses to apologize. This is Screaming in the Cloud.Corey: This episode is sponsored in part by our friends at Redis, the company behind the incredibly popular open source database that is not the bind DNS server. If you're tired of managing open source Redis on your own, or you're using one of the vanilla cloud caching services, these folks have you covered with the go to manage Redis service for global caching and primary database capabilities; Redis Enterprise. Set up a meeting with a Redis expert during re:Invent, and you'll not only learn how you can become a Redis hero, but also have a chance to win some fun and exciting prizes. To learn more and deploy not only a cache but a single operational data platform for one Redis experience, visit redis.com/hero. Thats r-e-d-i-s.com/hero. And my thanks to my friends at Redis for sponsoring my ridiculous non-sense.  Corey: You know how Git works right?Announcer: Sorta, kinda, not really. Please ask someone else.Corey: That's all of us. Git is how we build things, and Netlify is one of the best ways I've found to build those things quickly for the web. Netlify's Git-based workflows mean you don't have to play slap-and-tickle with integrating arcane nonsense and web hooks, which are themselves about as well understood as Git. Give them a try and see what folks ranging from my fake Twitter for Pets startup, to global Fortune 2000 companies are raving about. If you end up talking to them—because you don't have to; they get why self-service is important—but if you do, be sure to tell them that I sent you and watch all of the blood drain from their faces instantly. You can find them in the AWS marketplace or at www.netlify.com. N-E-T-L-I-F-Y dot com.Corey: Welcome to Screaming in the Cloud. I'm Corey Quinn. We have a bunch of conversations on this show covering a wide gamut of different topics, things that I find personally interesting, usually, and also things I'm noticing in the industry. Fresh on the heels of Google Next, we get to ideally have conversations about both of those things. Today, I'm speaking with the Director of Product Management at Google Cloud, Aparna Sinha. Aparna, thank you so much for joining me today. I appreciate it.Aparna: Thank you, Corey. It's a pleasure to be here.Corey: So, Director of Product Management is one of those interesting titles. We've had a repeat guest here, Director of Outbound Product Management Richard Seroter, which is great. I assume—as I told him—outbound products are the ones that are about to be discontinued. He's been there a year and somehow has failed the discontinue a single thing, so okay, I'm sure that's going to show up on his review. What do you do? The products aren't outbound; they're just products, and you're managing them, but that doesn't tell me much. Titles are always strange.Aparna: Yeah, sure. Richard is one of my favorite people, by the way. I work closely with him. I am the Director of Product for Developer Platform. That's Google Cloud's developer platform.It includes many different products—actually, 30-Plus products—but the primary pieces are usually when a developer comes to Google Cloud, the pieces that they interact with, like our command-line interface, like our Cloud Shell, and all of the SDK pieces that go behind it, and then also our DevOps tooling. So, as you're writing the application in the IDE and as you're deploying it into production, that's all part of the developer platform. And then I also run our serverless platform, which is one of the most developer-friendly capabilities from a compute perspective. It's also integrated into many different services within GCP. So, behind the title, that's really what I work on.Corey: Okay, so you're, I guess, in part responsible for well, I guess, a disappointment of mine a few years ago. I have a habit on Twitter—because I'm a terrible person—of periodically spinning up a new account on various cloud providers and kicking the tires and then live-tweeting the experience, and I was really set to dunk on Google Cloud; I turned this into a whole blog post. And I came away impressed, where the developer experience was pretty close to seamless for getting up and running. It was head and shoulders above what I've seen from other cloud providers, and on the one hand, I want to congratulate you and on the other, it doesn't seem like that's that high of a bar, to be perfectly honest with you because it seems that companies get stuck in their own ways and presuppose that everyone using the product is the same as the people building the product. Google Cloud has been and remains a shining example of great developer experience across the board.If I were starting something net new and did not have deep experience with an existing cloud provider—which let's face it, the most valuable thing about the cloud is knowing how it's going to break because everything breaks—I would be hard-pressed to not pick GCP, if not as the choice, at least a strong number two. So, how did that come to be? I take a look at a lot of Google's consumer apps and, “This is a great user experience,” isn't really something I find myself saying all that often. Google Cloud is sort of its own universe. What happened?Aparna: Well, thank you, first of all, for the praise. We are very humble about it, actually. I think that we're grateful if our developers find the experience to be seamless. It is something that we measure all the time. That may be one of the reasons why you found it to be better than other places. We are continuously trying to improve the time to value for developers, how long it takes them to perform certain actions. And so what you measure is what you improve, right? If you don't measure it, you don't improve it. That's one of our SRE principles.Corey: I wish. I've been measuring certain things for years, and they don't seem to be improving at all. It's like, “Wow, my code is still terrible, but I'm counting the bugs and the number isn't getting smaller.” Turns out there might be additional steps required.Aparna: Yes, you know, we measure it, we look at it, we take active OKRs to improve these things, especially usability. Usability is extremely important for certainly the developer platform, for my group; that's something that's extremely important. I would say, stepping back, you said it's not that common to find a good user experience in the cloud, I think in general—you know, and I've spent the majority of my career, if not all of my career, working on enterprise software. Enterprise software is not always designed in the most user-friendly way; it's not something that people always think about. Some of the enterprise software I've used has been really pretty… pretty bad. Just a list of things.Corey: Oh, yeah. And it seems like their entire philosophy—I did a bit of a dive into this, and I think it was Stripe's Patrick McKenzie who wound up pointing this out originally, though; but the internet is big and people always share and reshare ideas—the actual customer for enterprise software is very often procurement or a business unit that is very organizationally distant from the person who's using it. And I think in a world of a cloud platform, that is no longer true. Yeah, there's a strategic decision of what Cloud do we use, but let's be serious, that decision often comes into play long after there's already been a shadow IT slash groundswell uprising. The sales process starts to look an awful lot less like, “Pick our cloud,” and a lot more like, “You've already picked our cloud. How about we formalize the relationship?”And developer experience with platforms is incredibly important and I'm glad to see that this is a—well, it's bittersweet to me. I am glad to see that this is something that Google is focusing on, and I'm disappointed to admit that it's a differentiator.Aparna: It is a differentiator. It is extremely important. At Google, there are a couple of reasons why this is part of our DNA, and it is actually related to the fact that we are also a consumer products company. We have a very strong user experience team, a very strong measurements-oriented—they measure everything, and they design everything, and they run focus groups. So, we have an extraordinary usability team, and it's actually one of the groups that—just like every other group—is fungible; you can move between consumer and cloud. There's no difference in terms of your training and skill set.And so, I know you said that you're not super impressed with our consumer products, but I think that the practice behind treating the user as king, treating the user as the most important part of your development, is something that we bring over into cloud. And it's just a part of how we do development, and I think that's part of the reason why our products are usable. Again, I shy away from taking any really high credit on these things because I think I always have a very high bar. I want them to be delightful, super delightful, but we do have good usability scores on some of the pieces. I think our command line, I think, is quite good. I think—there's always improvements, by the way, Corey—but I think that there are certain things that are delightful.And a lot of thought goes into it and a lot of multi-functional—meaning across product—user experience and engineering. We have end-developer relations. We have, sort of this four-way communication about—you know, with friction logs and with lots of trials and lots of discussion and measurements, is how we improve the user experience. And I would love to see that in more enterprise software. I think that my experience in the industry is that the user is becoming more important, generally, even in enterprise software, probably because of the migration to cloud.You can't ignore the user anymore. This shouldn't be all about procurement. Anybody can procure a cloud service. It's really about how easily and how quickly can they get to what they want to do as a user, which I think also the definition of what a developer is changing and I think that's one of the most exciting things about our work is that the developer can be anybody; it can be my kids, and it can be anyone across the world. And our goal is to reach those people and to make it easy for them.Corey: If I had to bet on a company not understanding that distinction, on some level, Google's reputation lends itself to that where, oh, great. It's like, I'm a little old to go back to school and join a fraternity and be hazed there, so the second option was, oh, I'll get an interview to be an SRE at Google where, “Oh, great, you've done interesting things, but can you invert a binary tree on a whiteboard?” “No, I cannot. Let's save time and admit that.” So, the concern that I would have had—you just directly contradicted—was the idea that you see at some companies where there's the expectation that all developers are like their developers.Google, for better or worse, has a high technical bar for hiring. A number of companies do not have a similar bar along similar axes, and they're looking for different skill sets to achieve different outcomes, and that's fine. To be clear, I am not saying that, oh, the engineers at Google are all excellent and the engineers all at a bank are all crap. Far from it.That is not true in either direction, but there are differences as far as how they concern themselves with software development, how they frame a lot of these things. And I am surprised that Google is not automatically assuming that developers are the type of developers that you have at Google. Where did that mindset shift come from?Aparna: Oh, absolutely not. I think we would be in trouble if we did that. I studied electrical engineering in school. This would be like assuming that the top of the class is kind of like the kind of people that we want to reach, and it's just absolutely not. Like I said, I want to reach total beginners, I want to reach people who are non-developers with our developer platform.That's our explicit goal, and so we view developers as individuals with a range of superpowers that they've gained throughout their lives, professionally and personally, and people who are always on a path to learn new things, and we want to make it easy for them. We don't treat them as bodies in an employment relationship with some organization, or people with certain minimum bar degrees, or whatever it is. As far as interviewing goes, Corey, in product management, which is the practice that I'm part of, we actually look for, in the interview, that the candidate is not thinking about themselves; they're not imposing themselves on the user base.So, can you think outside of yourself? Can you think of the user base? And are you inquisitive? Are you curious? Do you observe? And how well do you observe differences and diversity, and how well are you able to grasp what might be needed by a particular segment? How well are you able to segment the user base?That's what we look for, certainly in product management, and I'm quite sure also in user experience. You're right, on engineering, of course, we're looking for technical skills, and so on, but that's not how we design our products, that's not how we design the usability of our products.Corey: “If you people were just a little bit smarter slash more like me, then this would work a lot better,” is a common trope. Which brings us, of course, to the current state of serverless. I tend to view serverless as largely a failed initiative so far. And to be clear, I'm viewing this from an AWS-centric lens; that is the… we'll be charitable and call it pool in which I swim. And they announced Lambda in 2015; that's great. “The only code you will ever write in the future is business logic.” Yeah, I might have heard that one before about 15 other technologies dating back to the 60s, but okay.And the expectation was that it was going to take off and set the world on fire. You just needed to learn the constraints of how this worked. And there were a bunch of them, and they were obnoxious, and it didn't have a learning curve so much as a learning cliff. And nowadays, we do see it everywhere, but it's also in small doses. It's mostly used as digital spackle to plaster over the gaps between various AWS services.What I'm not seeing across the board is a radical mindset shift in the way that developers are engaging with cloud platforms that would be heralded by widespread adoption of serverless principles. That said, we are on the heels here of Google Cloud Next, and that you had a bunch of serverless announcements, I'm going to go out on a limb and guess you might not agree with my dismal take on the serverless side of the world?Aparna: Well, I think this is a great question because despite the fact that I like not to be wishy-washy about anything, I actually both agree and disagree [laugh] with what you said. And that's funny.Corey: Well, that's why we're talking about this here instead of on Twitter where two contradictory things can't possibly both be true. Wow, imagine that; nuance, it doesn't fit 280 characters. Please, continue.Aparna: So, what I agree with is that—I agree with you that the former definition of serverless and the constrained way that we are conditioned thinking about serverless is not as expansive as originally hoped, from an adoption perspective. And I think that at Google, serverless is just no longer about only event-driven programming or microservices; it's about running complex workloads at scale while still preserving the delightful developer experience. And this is where the connection to the developer experience comes in. Because the developer experience, in my mind, it's about time to value. How quickly can I achieve the outcome that I need for my business?And what are the things that get in the way of that? Well, setting up infrastructure gets in the way of that, having to scale infrastructure gets in the way of that, having to debug pieces that aren't actually related to the outcome that you're trying to get to gets in the way of that. And the beauty of serverless, it's all in how you define serverless: what does this name actually mean? If serverless only means functions and event-driven applications, then yes, actually, it has a better developer experience, but it is not expansive, and then it is limited, and it's trapped in its skin the way that you mentioned it. [laugh].Corey: And it doesn't lend itself very well to legacy applications—legacy, of course, being condescending engineering-speak for ‘it makes money.' But yeah, that's the stuff that powers the world. We're not going to be redoing all those things as serverless-powered microservices anytime soon, in most cases.Aparna: At Google Cloud, we are redefining serverless. And so what we are taking from Serverless is the delightful user experience and the fact that you don't have to manage the infrastructure, and what we're putting in the serverless is essentially serverless containers. And this is the big revolution in serverless, is that serverless—at least a Google Cloud with serverless containers and our Cloud Run offering—is able to run much bigger varieties of applications and we are seeing large enterprises running legacy applications, like you say, on Cloud Run, which is serverless from a developer experience perspective. There's no cluster, there is no server, there's no VM, there's nothing for you to set up from a scaling perspective. And it essentially scales infinitely.And it is very developer-focused; it's meant for the developer, not for the operator or the infrastructure admin. In reality in enterprise, there is very much a segmentation of roles. And even in smaller companies, there's a segmentation of roles even within the same person. Like, they may have to do some infrastructure work and they may do some development work. And what serverless—at least in the context of Google Cloud—does, is it removes the infrastructure work and maximizes the development work so that you can focus on your application and you can get to that end result, that business value that you're trying to achieve.And with Cloud Run, what we've done is we've preserved that—and I would say, actually, arguably improved that because we've done usability studies that show that we're 22 points above every other serverless offering from a usability perspective. So, it's super important to me that anybody can use this service. Anybody. Maybe even not a developer can use this service. And that's where our focus is.And then what we've done underneath is we've removed many of the restrictions that are traditionally associated with serverless. So, it doesn't have to be event-driven, it is not only a particular set of languages or a particular set of runtimes. It is not only stateless applications, and it's not only request-based billing, it's not only short-running jobs. These are the kinds of things that we have removed and I think we've just redefined serverless.Corey: [unintelligible 00:17:05], on some level, the idea of short-lived functions with a maximum cap feels like a lazy answer to one of the hard problems in computer science, the halting problem. For those not familiar, my layman's understanding of it is, “Okay, you have a program that's running in a loop. How do you deterministically say that it is done executing?” And the functional answer to that is, “Oh, after 15 minutes, it's done. We're killing it.” Which I guess is an answer, but probably not one that's going to get anyone a PhD.It becomes very prescriptive and it leads to really weird patterns trying to work around some of those limitations. And historically, yeah, by working within the constraints of the platform, it works super well. What interests me about Cloud Run is that it doesn't seem to have many of those constraints in quite the same way. It's, “Can you shove whatever monstrosity you've got into a container? You can't? Well, okay, there are ways to get there.”Full disclosure, I was very anti-container; the industry has yet again proven to me that I cannot predict the future. Here we are. “Great, can you shove a container in and hand it to some other place to run it where”—spoiler, people will argue with me on this and they are wrong—“Google engineers are better at running infrastructure to run containers than you are.” Full stop. That is the truism of how this works; economies of scale.I love the idea of being able to take something, throw it over a wall, and not have to think about the rest of it. But everything that I'm thinking about in this context looks certain ways and it's the type of application that I'm working on or that I'm looking at most recently. What are you seeing in Cloud Run as far as interesting customer use cases? What are people doing with it that you didn't expect them to?Aparna: Yeah, I think this is a great time to ask that question because with the pandemic last year—I guess we're still in the pandemic, but with the pandemic, we had developers all over the world become much more important and much more empowered, just because there wasn't really much of an operations team, there wasn't really as much coordination even possible. And so we saw a lot of customers, a lot of developers moving to cloud, and they were looking for the easiest thing that they could use to build their applications. And as a result, serverless and Cloud Run in particular, became extremely popular; I would say hockey stick in terms of usage.And we're seeing everything under the sun. ecobee—this is a home automation company that makes smart thermostats—they're using Cloud Run to launch a new camera product with multi-factor authentication and security built-in, and they had a very tight launch timeline. They were able to very quickly meet that need. Another company—and you talk about, you know, sort of brick and mortar—IKEA, which you and I all like to shop [laugh] at, particularly doing the—Corey: Oh, I love building something from 500 spare parts, badly. It's like basically bringing my AWS architecture experience into my living room. It's great. Please continue.Aparna: Yeah, it's like, yeah—Corey: The Swedish puzzle manufacturer.Aparna: Yes. They're a great company, and I think it just in the downturn and the lockdown, it was actually a very dicey time, very tricky time, particularly for retailers. Of course, everybody was refurbishing their home or [laugh], you know, improving their home environment and their furniture. And IKEA started using serverless containers along with serverless analytics—so with BigQuery, and Cloud Run, and Cloud Functions—and one of the things they did is that they were able to cut their inventory refresh rate from more than three hours to less than three minutes. This meant that when you were going to drive up and do some curbside pickup, you know the order that you placed was actually in stock, which was fantastic for CSAT and everything.But that's the technical piece that they were able to do. When I spoke with them, the other thing that they were able to do with the Cloud Run and Cloud Functions is that they were able to improve the work-life balance of their engineers, which I thought was maybe the biggest accomplishment. Because the platform, they said, was so easy for them to use and so easy for them to accomplish what they needed to accomplish, that they had a better [laugh] better life. And I think that's very meaningful.In other companies, MediaMarktSaturn, we've talked about them before; I don't know if I've spoken to you about them, but we've certainly talked about them publicly. They're a retailer in EMEA, and because of their use of Cloud Run, and they were able to combine the speed of serverless with the flexibility of containers, and their development team was able to go eight times faster while handling 145% increase in digital channel traffic. Again, there are a lot more digital channel traffic during COVID. And perhaps my favorite example is the COVID-19 exposure notifications work that we did with Apple.Corey: An unfortunate example, but a useful one. I—Aparna: Yes.Corey: —we all—I think we all wish it wasn't necessary, but here's the world in which we live. Please, tell me more.Aparna: I have so many friends in engineering and mathematics and these technical fields, and they're always looking at ways that technology can solve these problems. And I think especially something like the pandemic which is so difficult to track, so difficult with the time that it takes for this virus to incubate and so on, so difficult to track these exposures, using the smartphone, using Bluetooth, to have a record of who has it and who they've been in contact with, I think really interesting engineering problem, really interesting human problem. So, we were able to work on that, and of course, when you need a platform that's going to be easy to use, that's going to be something that you can put into production quickly, you're going to use Cloud Run. So, they used Cloud Run, and they also used Cloud Run for Anthos, which is the more hybrid version, for the on-prem piece. And so both of those were used in conjunction to back all of the services that were used in the notifications work.So, those are some of the examples. I think net-net, it's that I think usability, especially in enterprise software is extremely important, and I think that's the direction in which software development is going.Corey: Are you building cloud applications with a distributed team? Check out Teleport, an open source identity-aware access proxy for cloud resources. Teleport provides secure access to anything running somewhere behind NAT: SSH servers, Kubernetes clusters, internal web apps and databases. Teleport gives engineers superpowers! Get access to everything via single sign-on with multi-factor. List and see all SSH servers, kubernetes clusters or databases available to you. Get instant access to them all using tools you already have. Teleport ensures best security practices like role-based access, preventing data exfiltration, providing visibility and ensuring compliance. And best of all, Teleport is open source and a pleasure to use.Download Teleport at https://goteleport.com. That's goteleport.com.Corey: It's easy for me to watch folks—like you—in keynotes at events—like Cloud Next—talk about things and say, “This is how the world is building things, and this is what the future looks like.” And I can sit there and pick to pieces all day, every day. It basically what I do because of deep-seated personality problems with me. It's very different to say that about a customer who has then taken that thing and built it into something that is transformative and solves a very real problem that they have. I may not relate to that problem that they have, but I do not believe that customers are going to have certain problems, find solutions like this and fix them, and the wrong in how they're approaching these things.No one sees the constraints that shape things; no one shows up in the morning hoping to do a crap job today unless you know you're the VP of Integrity at Facebook or something. But there's a very real sense of companies have a bunch of different drivers, and having a tool or a service or a platform that solves it for them, you'd better be very sure before you step up and start saying, “No, you're doing it wrong.” In earlier years, I did not see a whole lot of customer involvement with Cloud Next. It was always a, “Well, a bunch of Googlers are going to tell me how this stuff works, and they'll talk about theoretical things.”That's not the case anymore. You have a whole bunch of highly respectable reference customers out there doing a whole lot of really interesting things. And more to the point, they're willing to go on record talking about this. And I'm not talking about fun startups that are, “Great, it's Twitter, only for pets.” Great. I'm talking banks, companies where mistakes are going to show and leave a mark. It's really hard to reconcile what I'm seeing with Google Cloud in 2021 than what I was seeing in, let's say, five or six years ago. What drove that change?Aparna: Yes, Corey, I think you're definitely correct about that. There's no doubt about it that we have a number of really tremendous customers, we really tremendous enterprise references and so on. I run the Google Cloud Developer Platform, and for me, the developers that I work with and the developers that this platform serves are the inspiration for what we do. And in the last six or seven years that I've worked in Google Cloud, that has always been the case. So, nothing has changed from my perspective, in that regard.If anything, what has changed is that we have far more users, we have been growing exponentially, and we have many more large enterprise customers, but in terms of my journey, I started with the Kubernetes open-source project, I was one of the very early people on that, and I was working with a lot of developers, in that case, in the open-source community, a lot of them became GKE customers, and it just grew. And now we have so many [laugh] customers and so many developers, and we have developed this platform with them. We are very much—it's been a matter of co-innovation, especially on Kubernetes. It has been very much, “Okay, you tell us,” and it's a need-based relationship, you know? Something is not working, we are there and we fix it.Going back to 2017 or whenever it was that Pokemon Go was running on GKE, that was a moment when we realized, “Oh, this platform needs to scale. Okay, let's get at it.” And that's where, Corey, it really helps to have great engineers. For all the pros and cons, I think that's where you want those super-sharp, super-driven, super-intelligent folks because they can make things like that happen, they can make it happen in less than a week, so that—they can make it happen over a Saturday so that Pokemon Go can go live in Japan and everybody can be playing that game. And that's what inspires me.And that's a game, but we have a lot of customers that are running health applications. We have a customer that's running ambulances on the platform. And so this is life-threatening stuff; we have to take that very seriously, and we have to be listening to them and working with them. But I'm inspired, and I think that our roadmap, and the products, and the features that we build are inspired by what they are building on the platform. And they're combining all kinds of different things. They're taking our machine learning capabilities, they're taking our analytics capabilities, they're taking our Maps API, and they're combining it with Cloud Run, they're combining it with GKE. Often they're using both of those.And they're running new services. We've got a customer in Indonesia that's running in a food delivery service; I've got customers that are analyzing the cornfields in the middle of the country to improve crop yield. So, that's the kind of inspiring work, and each of those core, each of those users are coming back to us and saying, “Oh, you know, I need a different type of”—it's very detailed, like, “I need a different type of file system that gives me greater speed or better performance.” We just had a gaming company that was running on GKE that we really won out over a different cloud in terms of performance improvements that we were able to provide on the container startup times. It was just a significant performance improvement. We'll probably publish it in the coming few months.That's the kind of thing that drives it, and I'm very glad that I have a strong engineering team in Google Cloud, and I'm very glad that we have these amazing customers that are trying to do these amazing things, and that they're directly engaging with us and telling us what they need from us because that's what we're here for.Corey: To that end, one more area I want to go into before we call this a show, you've had Cloud Build for a little while, and that's great. Now, at—hot off the presses, you wound up effectively taking that one step further with Cloud Deploy. And I am still mostly someone with terrible build and release practices that people would be ashamed of, struggle to understand the differentiation between what I would do with Cloud Build and what I would do with Cloud Deploy. I understand they're both serverless. I understand that they are things that large companies care about. What is the story there?Aparna: Yeah, it's a journey. As you start to use containers—and these days, like you said, Corey, containers, a lot of people are using them—then you start to have a lot of microservices, and one of the benefits of container usage is that it's really quick to release new versions. You can have different versions of your application, you can test them out, you can roll them out. And so these DevOps practices, they become much more attainable, much more reachable. And we just put out the, I think, the seventh version of the DevOps Research Report—the DORA report—that shows that customers that follow best practices, they achieve their results two times better in terms of business outcomes, and so on.And there's many metrics that show that this kind of thing is important. But I think the most important thing I learned during the pandemic, as we were coming out of the pandemic, is a lot of—and you mentioned enterprises—large banks, large companies' CIOs and CEOs who basically were not prepared for the lockdown, not prepared for the fact that people aren't going to be going into branches, they came to Google Cloud and they said that, “I wish that I had implemented DevOps practices. I wish that I had implemented the capability to roll out changes frequently because I need that now. I need to be able to experiment with a new banking application that's mobile-only. I need to be able to experiment with curbside delivery. And I'm much more dependent on the software than I used to be. And I wish that I had put those DevOps practices.”And so the beginning of 2021, all our conversations were with customers, especially those, you know you said ‘legacy,' I don't think that's the right word, but the traditional companies that have been around for hundreds of years, all of them, they said, “Software is much more important. Yes, if I'm not a software company, at least a large division of my group is now a software group, and I want to put the DevOps practices into play because I know that I need that and that's a better way of working.”By the way, there's a security aspect to that I'd like to come back to because it's really important—especially in banking, financial services, and public sector—as you move to a more agile DevOps workflow, to have security built into that. So, let me come back to that. But with regard to Cloud Build and Cloud Deploy is something I've been wanting to bring into market for a couple of years. And we've been talking about it, we've been working on it actively for more than a year on my team. And I'm very, very excited about this service because what it does is it allows you to essentially put this practice, this DevOps practice into play whereas your artifacts are built and stored in the artifact repository, they can then automatically be deployed into your runtime—which is GKE Cloud Run—in the future, you can deploy them, and you can set how you want to deploy them.Do you want to deploy them to a particular environment that you want to designate the test environment, the environment to which your developers have access in a certain way? Like, it's a test environment, so they can make a lot of changes. And then when do you want to graduate from test to staging, and when do you want to graduate to production and do that gradual rollout? Those are some of the things that Cloud Deploy does.And I think it's high time because how do you manage microservices at scale? How do you really take advantage of container-based development is through this type of tooling. And that's what Cloud Deploy does. It's just the beginning of that, but it's a delightful product. I've been playing around with it; I love it, and we've seen just tremendous reception from our users.Corey: I'm looking forward to kicking the tires on it myself. I want to circle back to talk about the security aspect of it. Increasingly, I'm spending more of my attention looking at cloud security because everyone else has, too, and some of us have jobs that don't include the word security but need to care about it. That's why I have a Thursday edition of my newsletter, now, talking specifically about that. What is the story around security these days from your perspective?And again, it's a huge overall topic, and let's be clear here, I'm not asking, “What does Google Cloud think about security?” That would fill an encyclopedia. What is your take on it? And where do you want to talk about this in the context of Cloud Deploy?Aparna: Yeah, so I think about security from the perspective of the Google Cloud Developer Platform, and specifically from the perspective of the developer. And like you said, security is not often in the title of anybody in the developer organization, so how do we make it seamless? How do we make it such that security is something that is not going to catch you as you're doing your development? That's the critical piece. And at the same time, one of the things we saw during 2020 and 2021 is just the number of cyberattacks just went through the roof. I think there was a 400 to 600% increase in the number of software supply chain attacks. These are attacks where some malicious hacker has come in and inserted some malicious code into your software. [laugh]. Your software, Corey. You know, you the unsuspecting developer is—Corey: Well, it used to be my software; now there's some debate about that.Aparna: Right. That's true because most software is using open-source dependencies; and these open-source dependencies, they have a pretty intricate web of dependencies that they are themselves using. So, it's a transitive problem where you're using a language like Python, or whatever language you're using. And there's a number of—Corey: Crappy bash by default. But yes.Aparna: Well, it was actually a bash script vulnerability, I think, in the Codecov breach that happened, I think it was, in earlier this year, where a malicious bash script was injected into the build system, in fact, of Codecov. And there are all these new attack vectors that are specifically targeting developers. And whether it's nation-states or whoever it is that's causing some of these attacks, it's a problem that is of national and international magnitude. And so I'm really excited that we have the expertise in Google Cloud and beyond Google Cloud.Google, it's a very security-conscious company. This company is a very security-conscious company. [laugh]. And we have built a lot of tooling internally to avoid those kinds of attacks, so what we've done with Cloud Build, and what we're going to do with Cloud Deploy, we're building in the capability for code to be signed, for artifacts to be signed with cryptographic keys, and for that signing, that attestation—we call it an attestation—that attestation to be checked at various points along the software supply chain. So, as you're writing code, as you're submitting the code, as you're building the containers, as you're storing the containers, and then finally as you're deploying them into whatever environment you're deploying them, we check these keys, and we make sure that the software that is going through the system is actually what you intended and that there isn't this malicious code injection that's taking place.And also, we scan the software, we scan the code, we scan the artifacts to check for vulnerabilities, known vulnerabilities as well as unknown vulnerabilities. Known vulnerabilities from a Google perspective; so Google's always a little bit ahead, I would say, in terms of knowing what the vulnerabilities are out there because we do work so much on software across operating systems and programming languages, just across the full gamut of software in the industry, we work on it, and we are constantly securing software. So, we check for those vulnerabilities, we alert you, we help to remediate those vulnerabilities.Those are the type of things that we're doing. And it's all in service of certainly keeping enterprise developers secure, but also just longtail an average, everybody, helping them to be secure so that they don't get hacked and their companies don't get hacked.Corey: It's nice to see people talking about this stuff, who is not directly a security vendor. But by which I mean, you're not using this as the fear, uncertainty, and doubt angle to sell a given service that, “We have to talk about this exploit because otherwise, no one will ever buy this.” Something like Cloud Deploy is very much aligned with a best practices approach to release engineering. It's not, strictly speaking, a security product, but being able to wrap things that are very security-centric around it is valuable.Now, sponsors are always going to do interesting things at various expo halls, and oh, yeah, saw the same product warmed over. This is very much not that, and I don't interpret anything you're saying is trying to sell something via the fear, uncertainty, and doubt model. There are a lot of different areas that I will be skeptical hearing about from different companies; I do take security words from Google extremely seriously because, let's be clear, in the past 20 however many years it has been, you have established a clear track record for caring about these things.Aparna: Yeah. And I have to go back to my initial mission statement, which is to help developers accelerate time to value. And one of the things that will certainly get in the way of accelerating time to value is security breaches, by the nature of them. If you are not running a supply chain that is secure, then it is very difficult for you to empower your developers to do those releases frequently and to update the software frequently because what if the update has an issue? What if the update has a security vulnerability?That's why it's really important to have a toolchain that prevents against that, that checks for those things, that logs those things so that there's an audit trail available, and that has the capability for your security team to set policies to avoid those kinds of things. I think that's how you get speed. You get with security built in, and that's extremely important to developers and especially cloud developers.Corey: I want to thank you for taking the time to speak to me about all the things that you've been working on and how you view this industry unfolding. If people want to learn more about what you're up to, and how you think about these things, where can they find you?Aparna: Well, Corey, I'm available on Twitter, and that may be one of the best ways to reach me. I'm also available at various customer events that we are having, most of them are online now. And so I'll provide you more details on that and I can be reached that way.Corey: Excellent. I will, of course, include links to that in the [show notes 00:38:43]. Thank you so much for being so generous with your time. I appreciate it.Aparna: Thank you so much. I greatly enjoyed speaking with you.Corey: Aparna Sinha, Director of Product Management at Google Cloud. I'm Cloud Economist Corey Quinn, and this is Screaming in the Cloud. And that sentence needed the word ‘cloud' about four more times in it. And if you've enjoyed this episode, please leave a five-star review on your podcast platform of choice, whereas if you've hated this podcast, please leave a five-star review on your podcast platform of choice along with a loud angry comment telling me that I just don't understand serverless well enough.Corey: If your AWS bill keeps rising and your blood pressure is doing the same, then you need The Duckbill Group. We help companies fix their AWS bill by making it smaller and less horrifying. The Duckbill Group works for you, not AWS. We tailor recommendations to your business and we get to the point. Visit duckbillgroup.com to get started.Announcer: This has been a HumblePod production. Stay humble.

Cloud Security News this week 20 October 2021 Google Cloud is adding new features to their zero trust access solution, BeyondCorp Enterprise which will enable identity and context-aware access to non-web applications running in Google Cloud and non-Google Cloud environments. They also claim to be making it easier for admins to diagnose access failure, triage events, and unblock users with the new Policy Troubleshooter feature. If you are familiar with XDR - which allows for Extended Detection and Response (XDR) across endpoints, networks, cloud and workspaces. Google also announced a new collaboration with Cybereason to deliver a cloud-native XDR solution . The intent is to automate prevention for common attacks, guide analysts through security operations and incident response, and enables arguably faster threat hunting. They are also enhancing the integration between Chronicle (a SaaS SIEM built on core Google infrastructure that provides security analytics at the speed) and Security Command Center (SCC) on GCP to allow for centralized alerts and investigative workflows across the two platforms, and enables threat-specific pivots by enriching SCC alerts with intelligence on associated threat actors and entities. Google is also strengthening their protection of sensitive data through Automatic DLP (data loss prevention) which is in preview and ensuring encryption of data in transit using Ubiquitous Data Encryption, External Key Management, and Cloud Storage products. Google launched a new Build Integrity feature for Cloud Build which allows to automatically generates a verifiable build manifest that includes a signed certificate describing the sources that went into the build, the hashes of artifacts used, and other parameters. For Google Workspaces they have also introduced new security features. Episode Show Notes on Cloud Security Podcast Website. Podcast Twitter - Cloud Security Podcast (@CloudSecPod) Instagram - Cloud Security News If you want to watch videos of this LIVE STREAMED episode and past episodes, check out: - Cloud Security Podcast: - Cloud Security Academy:

Cloud Security News this week 20 October 2021 Google Cloud is adding new features to their zero trust access solution, BeyondCorp Enterprise which will enable identity and context-aware access to non-web applications running in Google Cloud and non-Google Cloud environments. They also claim to be making it easier for admins to diagnose access failure, triage events, and unblock users with the new Policy Troubleshooter feature. If you are familiar with XDR - which allows for Extended Detection and Response (XDR) across endpoints, networks, cloud and workspaces. Google also announced a new collaboration with Cybereason to deliver a cloud-native XDR solution . The intent is to automate prevention for common attacks, guide analysts through security operations and incident response, and enables arguably faster threat hunting. They are also enhancing the integration between Chronicle (a SaaS SIEM built on core Google infrastructure that provides security analytics at the speed) and Security Command Center (SCC) on GCP to allow for centralized alerts and investigative workflows across the two platforms, and enables threat-specific pivots by enriching SCC alerts with intelligence on associated threat actors and entities. Google is also strengthening their protection of sensitive data through Automatic DLP (data loss prevention) which is in preview and ensuring encryption of data in transit using Ubiquitous Data Encryption, External Key Management, and Cloud Storage products. Google launched a new Build Integrity feature for Cloud Build which allows to automatically generates a verifiable build manifest that includes a signed certificate describing the sources that went into the build, the hashes of artifacts used, and other parameters. For Google Workspaces they have also introduced new security features. Episode Show Notes on Cloud Security Podcast Website. Podcast Twitter - Cloud Security Podcast (@CloudSecPod) Instagram - Cloud Security News If you want to watch videos of this LIVE STREAMED episode and past episodes, check out: - Cloud Security Podcast: - Cloud Security Academy:

In this episode, Abass and I discuss connecting medical devices to the cloud, the debate of building your own vs. using an already established one, maintenance of each, safety and security concerns, and more. Abbas Dhilawala LinkedIn Galen Data Website Giovanni Lauricella LinkedIn Project Medtech LinkedIn Project Medtech Website

On The Cloud Pod this week, the team is back in full force and some are sporting fresh tan lines. Also, it's earnings season, so get ready for some big numbers — as well as some losses.                A big thanks to this week's sponsors: Foghorn Consulting, which provides full-stack cloud solutions with a focus on strategy, planning and execution for enterprises seeking to take advantage of the transformative capabilities of AWS, Google Cloud and Azure. JumpCloud, which offers a complete platform for identity, access, and device management — no matter where your users and devices are located.  This week's highlights

This week on the show, Lorin Price and Stephanie talk about the differences between traditional and service networking with guest Ryan Przybyl. Ryan starts the show telling us how customer needs and advancing cloud technologies have shifted the conversations he has with customers from a traditional networking focus to an emphasis on cloud services. Ryan describes how he helps different sized companies approach networking, whether they’re cloud native or shifting to a cloud approach from a traditional background. For example, companies that take advantage of Google Cloud and its services can deploy environments quickly, allowing developers to work without infrastructure constraints. Enterprise companies using more traditional networking that move into the cloud will need to make some changes, Ryan says, comparing apples to oranges. They want to move in a way that takes advantage of the cloud without negatively impacting performance. Later, Ryan tells us all about service-oriented networking and how it’s possible for companies to choose pieces to shift to a service-oriented architecture without re-doing the entire project. We learn about Google’s Private Service Connect which handles things like routing for companies connecting to third party services. Ryan offers some advice for companies considering this move and regales us with interesting anecdotes from his time helping clients. Ryan Przybyl Ryan Przybyl is a Networking Specialist at Google Chicago, and has held roles in both Cloud Customer Engineering and Google’s Network Operations. Prior to Google, Ryan was the Senior Director of Sales Engineering for Level 3 Communications. Ryan’s focus is on helping customers understand Google Cloud’s networking technologies while ensuring customers make use of Google Cloud best practices. When not talking with customers, Ryan is usually working with product and engineering teams to ensure Google Cloud is developing the right networking products for the future. Cool things of the week Private Service Connect is GA site Securing the software development lifecycle with Cloud Build and SLSA blog Container Security: Building trust in your software supply chain site Introducing Cloud Build private pools: Secure CI/CD for private networks blog Interview Google Cloud Networking Products site Private Service Connect docs Private Service Connect and Service Directory: A revolution to connect your application in Cloud video Migration to Google Cloud: Getting Started docs What’s New in Networking videos What’s something cool you’re working on? Lorin is working on Private Service Connect docs.

This week on the podcast, hosts Stephanie Wong and Bukola Ayodele speak with Nikhil Kaul and Victor Szalvay about security in the software supply chain. Cloud OnAir will be offering a virtual event on supply chain software security on July 29th, and our guests start the show by telling us more about it. The recent cyber attacks on US companies have brought to light the importance of cyber security. A new set of guidelines for securing these components and software as a whole will be released soon, impacting not just software developers but the users as well. The Cloud OnAir event will breakdown these new guidelines and educate attendees on steps to take to ensure more secure software and software components. Internally, Google has been optimizing their software supply chain security for years with solutions like BeyondCorp and internally developed solutions that Google has since adapted for their clients. These solutions will be discussed in detail in the Cloud OnAir event. Victor goes on to explain the three areas of supply chain security and how they fit into the overall security of online platforms. Software projects are often built using many small pieces of software sourced from third parties, which can create vulnerabilities. The new guidelines will help ensure quality and security at all levels of development for software and its pieces, thus strengthening security at every level of the supply chain. Nikhil and Victor talk about issues that contribute to supply chain security, including the risks that a microservices architecture can introduce and the use of open source software and their dependencies. We hear about Google’s contributions to the supply chain security effort, like OpenSSF that strives to bring the open source community together toward the goal of cyber security. Our guests give listeners tips on starting the supply chain security journey. Join the Cloud OnAir talk to learn more! Nikhil Kaul Nikhil leads a team of product marketers focused on driving and building messaging, positioning, and go-to-market strategy for Google Cloud’s DevOps portfolio. Victor Szalvay Victor is an Outbound Product Manager with Google Cloud focused on helping customers get the most from the cloud. Previously he has been a tech entrepreneur and leader, with a concentration on DevOps and app dev team productivity. Cool things of the week Helping you pick the greenest region for your Google Cloud resources blog Optimizing your Google Cloud spend with BigQuery and Looker blog Interview Container Security: Building trust in your software supply chain site OpenSSF site Deps site SLSA site Cloud Build site BeyondCorp site Binary Authorization for Borg docs GKE Autopilot docs GCP Podcast Episode 251: BeyondCorp with Kiran Nair and Ameet Jani podcast What’s something cool you’re working on? Bukola is working on the new season of Security Command Center set to be released next month!

ML in machinery is our main topic this week as Mark Mirchandani and Brian Dorsey talk with Arnaud Hubaux, development lead for ASML. Our good friend, fellow Googler, and ML specialist Dale Markowitz joins the conversation as well! With a potent combination of physics and Machine Learning, ASML develops machines that build the chips powering our essential devices. These highly refined machines optimize production for each specific customer, detect defects, and make corrections quickly and accurately by harnessing the power of Machine Learning. The machines also effectively train themselves to ensure the intense accuracy required is sustained over time. Arnaud describes the process these machines go through in order to accomplish these goals, including how they build and train their ML models with the help of physics. Arnaud tells us how the machine’s closed ML system works from zero to train the particular job it will do. By taking a minimum spec chip that has already been created, the machine learns the process for creating that chip and continues to improve that process. These machines are not only able to detect problems but can figure out why these issues are occurring, decreasing production downtime. Recently, ASML moved to Google Cloud. We talk about the products they use, why they chose Google Cloud, and their journey to the cloud. Arnaud Hubaux Arnaud Hubaux is development lead for Artificial Intelligence and Machine Learning products at ASML. He works with the world’s biggest chip manufacturers on AI-driven solutions to solve problems like optimizing production yield. As a trailblazer, Arnaud and his team implemented the first ASML AI application development pipeline on Google Cloud. With a PhD on applied constraint solving, Arnaud has deep experience as an architect of software platforms and product lifecycle management. Cool things of the week Cloud migration: What you need to know (and where to find it) blog All together now: Fleet-wide monitoring for your Compute Engine VMs blog SRE Classroom: exercises for non-abstract large systems design blog gVisor: Protecting GKE and serverless users in the real world blog Interview ASML site ASML in One Minute video Zoom in on the chip in your smartphone video KubeFlow site BigQuery site AI Platform Notebooks site Cloud Build site Introduction to Kubeflow video Intro to Kubeflow Pipelines video How to Build a Kubeflow Pipeline video Tip of the week We have a super cool tip on combining AI and WTH with meetings and webcams! Check out the Level Up - AI Director and Level Up - Real-Time Video Translation with AR Subtitles videos! What’s something cool you’re working on? Mark is working on some upcoming Kubernetes content. Brian is working on an upcoming series of GCE videos with Carter Morgan.

Hoy en nuestra temporada de #GCP hablamos de #CloudBuild. Un servicio serverless para hacer CI y CD. Recuerda compartir si crees en la comunidad.

The first Boyum Cloud module, Build, helps the product development and production departments to manage requirements and specifications for new products, plan and keep track of progress of relevant development tasks, and add finished products to SAP Business One.REQUEST A TRIAL

Aja Hammerly and Brian Dorsey are here this week to start off a new year of podcasts! In an interview with Google Developer Advocate Katie McLaughlin, we talk about the advantages of Python 3 and why version 2 has been retired, as well as the cool things you can do with Django. Later, Katie discusses the complexities of deployment and how she makes it work smoothly with GCP, and we have some fun with emojis! Katie McLaughlin Katie has worn many different hats over the years. She is currently a Developer Advocate at Google Cloud, and a Director of the Python Software Foundation. When she’s not changing the world, she enjoys making tapestries, cooking, and seeing just how well various application stacks handle emoji. Cool things of the week Running workloads on dedicated hardware just got better blog Container security summit is going on as we record this site Easily upgrade Windows Server 2008 R2 while migrating to Google Cloud blog Launch of the BigQuery Weekly Data Challenge! site New data engineering learning path site Interview Python Software Foundation site PyCascades site Django Demo site Emojipedia site App Engine site Compute Engine site Cloud Run site Cloud Build site Secrets Manager site Kakapo Mountain Parrot site The Power ⚡️ and Responsibility 😓 of Unicode Adoption ✨ video Question of the week I need to run something later, but Cron isn’t a good fit. What do I do? Where can you find us next? We’ll be at Cloud Next in San Francisco in April! Katie will also be at PyCon US in April! Sound Effects Attribution “African Gray” by Jmagiera of Freesound.org

This month we thought we would take a break from our usual episode format and have ourselves as the guests. Listen to us reflect on our year volunteering with PyDataMCR. We talk about what we did this year, including Google Next! We also talk a little about learning to rank. We realise this is an insider view, so this months meetup will be an open retro so have a think about what you want from next year. Request: If you know about recording events for YouTube, and can help us out, feel free to dm us (see our social channels below). Sponsors LadBible - ladbible.com/ Cathcart Associates - cathcartassociates.com/ Horsefly Analytics - horseflyanalytics.com/ Our Collaborators: HER+data - meetup.com/HER-Data-MCR/ Pyladies - twitter.com/pyladiesnwuk Django Girls - djangogirls.org/ Python NW - meetup.com/Python-North-West-Meetup/ Open Data Manchester - opendatamanchester.org.uk/ Lambda Lounge - http://lambdalounge.org.uk/ What we’ve done this year… hacktoberfest - hacktoberfest.digitalocean.com blog posts - tinyurl.com/tnkzafr tinyurl.com/urn8twp tinyurl.com/too86wj Learning to rank resources Reinforcement Learning to Rank with Markov Decision Process- http://bigdatalab.ac.cn/~junxu/publications/SIGIR2017_RL_L2R.pdf Reinforcement Learning to Rank in E-Commerce Search Engine: Formalization, Analysis, and Application arxiv.org/abs/1803.00710 medium.com/@alitech_2017/unlocking-insights-from-multi-round-searches-with-reinforcement-learning-74f7143acf08 youtube.com/watch?v=AXa3CW68xks Matt Crooks Medium: Louvain clustering - medium.com/@DrMattCrooks Google NEXT Google NEXT - cloud.withgoogle.com/next/uk/ Cloud Build - cloud.google.com/cloud-build/ Cloud Run - cloud.google.com/run/ Trifactor - trifacta.com Cloud Dataprep by Trifactor - cloud.google.com/run/ Tool Great Expectations - github.com/great-expectations/great_expectations Social Meetup - meetup.com/PyData-Manchester/ Slack - http://bit.ly/35KGOgR Twitter - @PyDataMCR

Our guests Matthew Tamsett and Ravi Upreti join Gabi Ferrara and Aja Hammerly to talk about data science and their project, Qubit. Qubit helps web companies by measuring different user experiences, analyzing that information, and using it to improve the website. They also use the collected data along with ML to predict things, such as which products users will prefer, in order to provide a customized website experience. Matthew talks a little about his time at CERN and his transition from working in academia to industry. It’s actually fairly common for physicists to branch out into data science and high performance computing, Matthew explains. Later, Ravi and Matthew talk GCP shop with us, explaining how they moved Qubit to GCP and why. Using PubSub, BigQuery, and BigQuery ML, they can provide their customers with real-time solutions, which allows for more reactive personalization. Data can be analyzed and updates can be created and pushed much faster with GCP. Autoscaling and cloud management services provided by GCP have given the data scientists at Qubit back their sleep! Matthew Tamsett Matthew was trained in experimental particle physics at Royal Holloway University of London, and did his Ph.D. on the use of leptonic triggers for the detection of super symmetric signals at the ATLAS detector at CERN. Following this, he completed three post doctoral positions at CERN and on the neutrino experiment NOvA at Louisiana Tech University, Brookhaven National Laboratory, New York, and the University of Sussex UK, culminating in a EU Marie Curie fellowship. During this time, Matt co-authored many papers including playing a minor part in the discovery of the Higgs Boson. Since leaving academia in 2016, he’s worked at Qubit as a data scientist and later as lead data scientist where he lead a team working to improve the online shopping experience via the use of personalization, statistics and predictive modeling. Ravi Upreti Ravi has been working with Qubit for almost 4 years now and leads the platform engineering team there. He learned distributed computing, parallel algorithms and extreme computing at Edinburgh University. His four year stint at Ocado helped developed a strong domain knowledge for e-commerce, along with deep technical knowledge. Now it has all come together, as he gets to apply all these learnings to Qubit, at scale. Cool things of the week A developer goes to a DevOps conference blog Cloud Build brings advanced CI/CD capabilities to GitHub blog Cloud Build called out in Forrester Wave twitter 6 strategies for scaling your serverless applications blog Interview Qubit site Qubit Blog blog Pub/Sub site BigQuery site BigQuery ML site Cloud Datastore site Cloud Memorystore site Cloud Bigtable site Cloud SQL site Cloud AutoML site Goodbye Hadoop. Building a streaming data processing pipeline on Google Cloud blog Question of the week How do you deploy a Windows container on GKE? Where can you find us next? Gabi will be at the Google Cloud Summit in Sao Paulo, Brazil. Aja will be at Cloud Next London. Sound Effect Attribution “Small Group Laugh 6” by Tim.Kahn of Freesound.org

stdout.fm 45번째 로그에서는 서비쿠라 님 블로그 수익, 22일 깃헙 장애, Nand2Tetris, 클라우드 런 버튼 등에 대해서 이야기를 나눴습니다. 게스트: @subicura, han 참가자: @seapy, @nacyo_t, @raccoonyy 주제별 바로듣기 준비중 서비쿠라 님 블로그 수익 Subicura’s Blog Docker - Google 검색 kubernetes - Google 검색 초보를 위한 도커 안내서 - 도커란 무엇인가? - Subicura 왜 굳이 도커(컨테이너)를 써야 하나요? - 컨테이너를 사용해야 하는 이유 | 44bits.io 쿠버네티스 시작하기 - Kubernetes란 무엇인가? - Subicura 웹사이트로 온라인에서 수익 창출 | Google 애드센스 – Google Google Ads - 손쉬운 온라인 광고로 더 많은 고객을 유치하세요 22일 깃헙 장애 GitHub Status on Twitter: “We are investigating reports of issues affecting a number of services. https://t.co/2N4cXhg6B3” GitHub Status Choosing an Executor Type - CircleCI GitHub Status Enterprise · A smarter way to work together Asynchronous stand-up meetings in Slack | Geekbot #1 Slack Standup Bot for Project Management Automation Pull Panda: Tools for teams using GitHub 깃헙 웹사이트 지문 인증 지원 GitHub supports Web Authentication (WebAuthn) for security keys - The GitHub Blog Web Authentication: An API for accessing Public Key Credentials Level 1 Firefox 다운로드 — 자유로운 웹 브라우저 — Mozilla piroor/treestyletab: Tree Style Tab, Show tabs like a tree. Firefox Multi-Account Containers –

Jon Foust and Mark Mirchandani are joined by Adé Mochtar to discuss the IT learning platform, Instruqt and how they create and manage the platform with the help of Google Cloud. Sandeep of Google stops in with the info on the Instruqt arcade games we saw at Google Next ‘19. Instruqt’s main philosophy is that people learn best by doing, and their courses encourage immersion right off the bat. Developers are asked coding questions and allowed to work in sandbox environments to fully expose them to the subject. Instruqt checks the student’s work as they continue through the program to ensure the material is being properly learned. But learning should be fun, too! By putting developer challenges on old-style arcade machines, developers can test their coding skills, learn new things, and have fun at the same time. At conferences, this has been a great way to engage their target audience. Google Cloud games were run on the Instruqt platform at Next ‘19, and conference attendees came back day after day to try to get on the high score leaderboard. It was a super fun way to get people using Google Cloud technologies! Adé Mochtar Adé is Co-Founder and CTO of Instruqt, a hands-on learning platform for IT technology. Before starting Instruqt, he was an engineer and consultant in Cloud and DevOps-related topics. A big part of that job was to educate organizations on how to adopt new technology. With Instruqt, he tries to achieve the same but on a larger scale. His mission is to make learning DevOps and Cloud more effective and fun. At Instruqt, Adé mainly focuses on back-end and infrastructure engineering using Terraform, Go, and (probably too much) Bash. Cool things of the week Step up your interviewing game with Byteboard blog Gartner names Google Cloud a leader in its IaaS Magic Quadrant blog Real-time bikeshare information in Google Maps rolls out to 24 cities blog Run Visual Studio Code in Cloud Shell blog Interview Instruqt site Instruqt on Slack site Kubernetes site Cloud Functions site Hashi Corp site Instruqt Arcade at Next ‘19 video Google Developer Advocate - Sandeep Dinesh on Instruqt video Go site React site Terraform site GKE site Cloud SQL site Cloud Build site Firebase site Question of the week I want to be more familiar with Google Cloud, how do I navigate the space for material? Learn more with Qwiklabs and Coursera. Get Certified. Where can you find us next? Instruqt arcade games will be at GopherCon and Cloud Summits! Jon will be speaking at Pax Dev and Pax West. Mark will be hanging on the East Coast, then meeting with customers in Austin. Sound Effect Attribution “Red Arrows Flyby.wav” by Figowitz of Freesound.org “crowd laugh.wav” by Tom_Woysky of Freesound.org “Alien_Scream.wav” by Syna-Max of Freesound.org “Laser Gun7.wav” by Burkay of Freesound.org “Scratch2.mp3” by Feveran of Freesound.org “BumbleBeeShort.mp3” by CGEffex of Freesound.org “ComedyRimshot.wav” by XTRgamr of Freesound.org

Ann Wallace and Michael Wallman are here today to teach Aja and Mark about Professional Services Organization (PSO) at Google Cloud. PSO is the “post sales” department, helping clients come up with solutions for security, data migration, AI, ML, and more. Listen in to this episode to learn more about the specifics of the PSO! Ann Wallace Ann Wallace is the Global Security Practice Lead for Google PSO. She has spent the last 6 months building out the security practice. Ann is passionate about inclusion in tech. She is the West regional lead for Google Cloud EDII and a volunteer with Women Who Code Portland. Before Google Ann spent 14 years at Nike in various engineering and architecture roles. CloudNOW named her one of the top 10 Women in Cloud in 2015. When not working, Ann can be found ultra-trail running around the world. Michael Wallman Michael Wallman is a TPM, working on Cloud Migration for internal Alphabet companies and acquisitions. He also serves as the America’s infrastructure practice lead. He is in his 3rd year at Google. Prior to Google, Michael is Cloud “OG”, and spent almost 5 years growing the AWS Professional Services organization from 5 to 700+. Before sticking his head in the clouds, Michael helped found 2 start-ups: Aspera and SensysNetworks. Outside of work Michael spends his time chasing his 2 toddlers and mountain lions around the Berkeley Hills. Ann and Michael actually met 5 years ago, working on Nike’s first cloud migration project. This encompassed reverse engineering a custom Perl configuration management system. (Who doesn’t love Perl?) It’s a small cloud world. Cool things of the week Amy built an app that uses Cloud Vision to identify key features of images texted to it link Want to Change the Game? Design your own with Google Play blog Change the Game site The team based game of life app we demoed during the keynote is still up site How we search for bow wows and meows blog Why do cats and dogs…? site Interview G Suite site Chrome site GKE site Kubernetes site Anthos (the new Cloud Services Platform) site Pub/Sub site GCS site GCS Dual-Region Buckets site Grafeas site CRDS site Exploring container security: Digging into Grafeas container image metadata blog CRE site SRE site Cloud Consulting Services site Question of the week How do I cache files between builds in Cloud Build? Cloud Builders Community site Where can you find us next? Mark will be at IO, Open Source in Gaming Day which is co-located with Open Source North America Summit, and CFP. Aja will be online! She has blog posts coming on assessing coding during interviews, using Ruby + GCP for weird stuff, and many other things. Our guests will be at Kubecon EU.

Mark Mirchandani is our Mark this week, joining new host Michelle Casbon in a recap of their favorite things at Next! The main story this episode is Cloud Run, and Gabi and Mark met up with Steren Giannini and Ryan Gregg at Cloud Next to learn more about it. Announced at Next, Cloud Run brings serverless to containers! It offers great options and security, and the client only pays for what they use. With containers, developers can use any language, any library, any software, anything! Two versions of Cloud Run were released last week. Cloud Run is the fully managed, hosted service for running serverless containers. The second version, Cloud Run GKE, provides a lot of the same benefits, but runs the compute inside your Kubernetes container. It’s easy to move between the two if your needs change as well. Steren Giannini Steren is a Product Manager in the Google Cloud Platform serverless team. He graduated from École Centrale Lyon, France and then was CTO of a startup that created mobile and multi-device solutions. After joining Google, Steren managed Stackdriver Error Reporting, Node.js on App Engine, and Cloud Run. Ryan Gregg Ryan is a product manager at Google, working on Knative and Cloud Run. He has over 15 years experience working with developers on building and extending platforms and is passionate about great documentation and reducing developer toil. After more than a decade of working on enterprise software platforms and cloud solutions at Microsoft, he joined Google to work on Knative and building great new experiences for serverless and Kubernetes. Cool things of the week News to build on: 122+ announcements from Google Cloud Next ‘19 blog Mark’s Favorite Announcement: Network service tiers site Michelle’s Favorite Announcements: Cloud Code site Cloud SQL for Postgres now supports v11 release notes Cloud Data Fusion for visual code-free ETL pipelines site Cloud AI Platform site AutoML Natural Language site Google Voice for G Suite blog Hangouts Chat in Gmail site Kubeflow v0.5.0 release site Interview Cloud Run site Knative site Knative Docs site Firestore site App Engine site Cloud Functions site GKE site Cloud Run on GKE site Understanding cluster resource usage site Docker site Cloud Build site Gitlab site Buildpacks site Jib (Java Image Builder) site Pub/Sub site Cloud VPC site Google Cloud Next ‘19 All Sessions videos Question of the week If I want to try out Cloud Run, how do I get started? Get started with the beta version by logging in site Quicklinks site Codelab site Where can you find us next? Gabi is at PyTexas Jon and Mark Mandel are at East Coast Game Conference Michelle & Mark Mirchandani will be at Google IO in May Michelle will be at Kubecon Barcelona in May

Node.js is our topic this week as Mark and first-time host, Jon Foust, pick the brain of Myles Borins. Myles updates us on all the new things happening with Node.js, including the new .dev site that holds a ton of documentation to help people get started. Node.js now integrates with Cloud Build, the Node.js foundation has some new developments, and Google App Engine supports Node.js. The group has also been working on serverless containers. Myles Borins Myles Borins is a developer, musician, artist, and maker. They work for Google as a developer advocate serving the Node.js ecosystem. Myles cares about the open web and healthy communities. Cool things of the week Google Cloud Next ‘19 session guide now available blog Introducing scheduled snapshots for Compute Engine persistent disk blog Reliable task scheduling on Compute Engine with Cloud Scheduler site How to make a self-destructing VM on Google Cloud Platform article Making AI-powered speech more accessible—now with more options, lower prices, and new languages and voices blog Interview GCP Podcast Episode 105: Node.js with Myles Borins podcast Node.js site Introduction to Node.js site Nodejs.dev on Github site Cloud Build site Firebase site Node.js Foundation site JS Foundation site Linux Foundation site Foundation Bootstrap Team on Github site App Engine site G Suite site Apps Script site BigQuery site JSON site The hilarious misadventures of being a platform downstream from your language video Node.js Versions - How Do They Work? video Open Source Leadership Summit site Black Girls Code site Scripted site Girls Who Code site Question of the week How do I get google cloud APIs to work within Unity? Add packages from NuGet to a Unity project and read more in the Unity docs here Where can you find us next? Mark will be at GDC in March, Cloud NEXT, and ECG in April. Jon will be at GDC, Cloud NEXT, ECG, and Vector 2019.

Melanie and Mark talk with Google Cloud’s VP of Engineering, Melody Meckfessel, this week. In her time with Google Cloud, she and her team have worked to uncover what makes developers more productive. The main focus of their work is DevOps, defined by Melody as automation around the developer workflow and culture. In other words, Melody and her team are discovering new ways for developers to interact and how those interactions can encourage their productive peak. Melody and her team have used their internal research and expanded it to collaborate with Google Cloud partners and open source projects. The sharing of research and products has created even faster innovation as Google learns from these outside projects and vice versa. In the future, Melody sees amazing engagement with the community and even better experiences with containers on GCP. She is excited to see the Go community growing and evolving as more people use it and give feedback. Melody also speaks about diversity, encouraging everyone to be open-minded and try to build diverse teams to create products that are useful for all. Melody Meckfessel Melody Meckfessel is a hands-on technology leader with more than 20 years experience building and maintaining large-scale distributed systems and solving problems at scale. As VP of Engineering, she leads the team building DevOps tools and sharing DevOps best practices across Google and with software development and operations teams around the world. Her team powers the world’s most advanced continuously delivered software, enabling development teams to turn ideas into reliable, scalable production systems. After graduating from UC Berkeley, Melody programmed for startups and enterprise companies. Since joining Google in 2004, Melody has led teams in Google’s core search systems, search quality and cluster management. Melody is passionate about making software development fast, scalable, and fun. Cool things of the week Mark is back from vacation! We are at 2 million downloads! tweet Greg Wilson twitter and github Open source gaming: Agones - 0.6.0 - site Open Match - 0.2.0 RC - site What’s new at Firebase Summit 2018 blog Interview GCP Podcast Episode 137: Next Day 1 podcast Stackdriver site GitLab site Google SRE site Borg site Cloud Spanner site Go site GKE On-Prem site Skaffold site Minikube site DORA site Cloud Build site Bazel site Question of the week If I want to configure third party notifications (such as Slack or Github) into my Cloud Build configuration - how can I do that? Sending build notifications Configuring notifications for third-party services Where can you find us next? Mark will be at KubeCon next week. Melanie will be at NeurIPS this week. She’ll be attending Queer in AI, Black in AI, and LatinX this week as well.

Hybrid cloud is a reality, but is anyone really making any money providing cloud solutions and services? How can partners bridge the compensation gap moving from a new license to an annuity model? Join cloud veterans from Commvault, Microsoft and Arrow as they discuss how the market is changing and opportunities for both seasoned cloud partners and those considering entering this space. Compare John Austin Global Practice Leader - Hybrid Cloud, Arrow John Austin has over 30 years of experience in the IT industry. His channel experience ranges from building a channel program from the ground up for several start-up companies, to managing a channel program for IBM Global Services, to all aspects of building and managing a cloud services organization with Arrow Electronics. Austin is focused on channel sales and building strategic relationships with channel partners transitioning to a cloud services business. Austin helped develop Arrow’s Cloud Enablement program, which helps traditional channel partners make the pivot to a subscription-based cloud business. His experience also spans the delivery of end-of-cloud services and managing relationships with cloud delivery partners in the cloud services space. This includes suppliers delivering IaaS, SaaS, backup and disaster recovery and managed services. Austin lives in Castle Rock, Colorado, with his wife, Raissa. His daughter is a sophomore at the University of Georgia studying nursing and is a member of the nationally ranked swim and dive team. Hosts Vibhu Ranjan Director of Partner Strategy and Planning , Microsoft Vibhu Ranjan is a director of partner strategy and planning in the Worldwide One Commercial Partner team at Microsoft. He is responsible for the overall partner strategy, sales plays and value propositions for partners in the Applications and Infrastructure Solution Area to drive partner-led Azure business growth. He brings a wealth of industry, business and technology experience across Microsoft and Microsoft partners like Citrix, Deloitte Consulting and F5 Networks. During his nine years at Microsoft, Ranjan has held a variety of corporate and field/partner-facing marketing and sales roles. Randy De Meno Chief Technologist – Microsoft Products and Microsoft Relationship, Commvault A more than 24-year Commvault veteran, De Meno led Commvault’s entry to heterogeneous data management and pioneered Commvault’s Windows Centric software solution, while spearheading the strategic partnership with Microsoft. De Meno holds dozens patents for Commvault technology, including E-Discovery and Granular Application Integration. In 2013, CRN tabbed De Meno as a Top 100 Executive and Top 25 Innovator in the computer industry, and in 2016, Wagner College named him their “Alumni Fellow” recipient for distinguished careers. De Meno is married with three children and leads the Commvault Hockey Helping Kids program, which has helped raise over $1.5 million dollars for various children’s charities, while enabling children to have unique experiences in NHL settings with ex-NHL players and USA Women Olympic Team members. He is a staunch advocate for families working with Autism.

Hybrid cloud is a reality, but is anyone really making any money providing cloud solutions and services? How can partners bridge the compensation gap moving from a new license to an annuity model? Join cloud veterans from Commvault, Microsoft and Arrow as they discuss how the market is changing and opportunities for both seasoned cloud partners and those considering entering this space. Compare John Austin Global Practice Leader - Hybrid Cloud, Arrow John Austin has over 30 years of experience in the IT industry. His channel experience ranges from building a channel program from the ground up for several start-up companies, to managing a channel program for IBM Global Services, to all aspects of building and managing a cloud services organization with Arrow Electronics. Austin is focused on channel sales and building strategic relationships with channel partners transitioning to a cloud services business. Austin helped develop Arrow’s Cloud Enablement program, which helps traditional channel partners make the pivot to a subscription-based cloud business. His experience also spans the delivery of end-of-cloud services and managing relationships with cloud delivery partners in the cloud services space. This includes suppliers delivering IaaS, SaaS, backup and disaster recovery and managed services. Austin lives in Castle Rock, Colorado, with his wife, Raissa. His daughter is a sophomore at the University of Georgia studying nursing and is a member of the nationally ranked swim and dive team. Hosts Vibhu Ranjan Director of Partner Strategy and Planning , Microsoft Vibhu Ranjan is a director of partner strategy and planning in the Worldwide One Commercial Partner team at Microsoft. He is responsible for the overall partner strategy, sales plays and value propositions for partners in the Applications and Infrastructure Solution Area to drive partner-led Azure business growth. He brings a wealth of industry, business and technology experience across Microsoft and Microsoft partners like Citrix, Deloitte Consulting and F5 Networks. During his nine years at Microsoft, Ranjan has held a variety of corporate and field/partner-facing marketing and sales roles. Randy De Meno Chief Technologist – Microsoft Products and Microsoft Relationship, Commvault A more than 24-year Commvault veteran, De Meno led Commvault’s entry to heterogeneous data management and pioneered Commvault’s Windows Centric software solution, while spearheading the strategic partnership with Microsoft. De Meno holds dozens patents for Commvault technology, including E-Discovery and Granular Application Integration. In 2013, CRN tabbed De Meno as a Top 100 Executive and Top 25 Innovator in the computer industry, and in 2016, Wagner College named him their “Alumni Fellow” recipient for distinguished careers. De Meno is married with three children and leads the Commvault Hockey Helping Kids program, which has helped raise over $1.5 million dollars for various children’s charities, while enabling children to have unique experiences in NHL settings with ex-NHL players and USA Women Olympic Team members. He is a staunch advocate for families working with Autism.

We bring on our Google Cloud expert and explore the fundamentals, demystify some of the magic, and ask what makes Google Cloud different. Plus how Google hopes Roughtime will solve one of the web’s biggest problems, some great emails, and more! Special Guest: Matt Ulasien.

GKE / Google Kubernetes Engine Cloud Source Repositories Cloud Build

"Harness that peer pressure for good” This week we cover all the important announcements from the Google Next conference including: GKE On-Prem, Knative and “serverless containers.” Plus, an important parenting discussion on tying shoes. Relevant to your interests Google Next GKE On-Prem | Google Cloud (https://cloud.google.com/gke-on-prem/) Google answers 'Why Google Cloud?' with services and spectacle (https://www.theregister.co.uk/2018/07/24/google_cloud_next/) Knative Enables Portable Serverless Platforms on Kubernetes, for Any Cloud (https://thenewstack.io/knative-enables-portable-serverless-platforms-on-kubernetes-for-any-cloud/) IBM, Google Give Birth to Knative Serverless Cloud Project (http://www.eweek.com/development/ibm-google-give-birth-to-knative-serverless-cloud-project) Google’s Cloud Functions serverless platform is now generally available (https://techcrunch.com/2018/07/24/googles-cloud-functions-serverless-platform-is-now-generally-available/) Google announces Cloud Build, its new continuous integration/continuous delivery platform (https://techcrunch.com/2018/07/24/google-announces-cloud-build-its-new-continuous-integration-continuous-delivery-platform/) Google CEO confirms Target as big cloud customer, continuing retail moves toward AWS competitors (https://www.geekwire.com/2018/google-ceo-confirms-target-big-cloud-customer-continuing-retail-defections-aws/) Portable Cloud Programming with Go Cloud (https://blog.golang.org/go-cloud) (Supports AWS and GCP) Matt’s skeptical https://deltacloud.apache.org/ https://libcloud.apache.org/ https://github.com/fog/fog Bonkers Azure bookings give Microsoft a record-breaking $110bn year (https://www.theregister.co.uk/2018/07/19/microsoft_huge_2018_q4/) Google, Facebook, Microsoft and Twitter unite to simplify data transfers (https://www.engadget.com/2018/07/20/google-facebook-microsoft-data-transfer-project/) IBM stock rises after earnings beat (https://www.cnbc.com/2018/07/18/ibm-earnings-q2-2018.html) SolarWinds | SolarWinds Acquires Trusted Metrics (https://www.solarwinds.com/company/press-releases/2018-q3/solarwinds-acquires-trusted-metrics?mc_cid=8b3259d8a3&mc_eid=825c180d0b) Cisco, networking stocks drop on a report Amazon Web Services is considering selling network devices (https://www.cnbc.com/amp/2018/07/13/aws-network-devices-report-cisco-juniper-fall.html) Exclusive: Apple to deploy 1Password to all 123,000 employees, acquisition talks underway (https://www.google.com/amp/s/bgr.com/2018/07/10/apple-1password-acquisition-deal/amp/) Amazon Web Services crosses the $6 billion mark in quarterly revenue, up 49 percent (https://www.geekwire.com/2018/amazon-web-services-crosses-6-billion-mark-quarterly-revenue-49-percent/') Sponsored by Datadog This episode is sponsored by Datadog, a monitoring platform for cloud-scale infrastructure and applications. Built by engineers, for engineers, Datadog provides visibility into more than 200 technologies, including AWS, Chef, and Docker with built-in metric dashboards and automated alerts. With end-to-end request tracing, Datadog provides visibility into your applications and their underlying infrastructure—all in one place. Sign up for a free trial (https://www.datadoghq.com/ts/tshirt-landingpage/?utm_source=Advertisement&utm_medium=Advertisement&utm_campaign=SoftwareDefinedTalkRead-Tshirt) at www.datadog.com/sdt (http://www.datadog.com/sdt) This week DataDog is pleased to announce that Datadog APM has officially released support for monitoring Node.js applications, which joins our existing support for Java, Ruby, Python and Go. Read their announcement blog. (https://www.datadoghq.com/blog/node-monitoring-apm/) Important nonsense I got the beer you asked for (https://reddit.app.link/lNcM81P9BO) Conferences, et. al. Sep 24th to 27th - SpringOne Platform (https://springoneplatform.io/), in DC/Maryland (crabs!) get $200 off registration with the code S1P200_Cote. Also, check out the Spring One Tour - coming to a city near you (https://springonetour.io/)! SDT news & hype Join us in Slack (http://www.softwaredefinedtalk.com/slack). Buy some t-shirts (https://fsgprints.myshopify.com/collections/software-defined-talk)! DISCOUNT CODE: SDTFSG (40% off) Send your name and address to stickers@softwaredefinedtalk.com (mailto:stickers@softwaredefinedtalk.com) and we will send you a sticker. Brandon built the Quick Concall iPhone App (https://itunes.apple.com/us/app/quick-concall/id1399948033?mt=8) and he wants you to buy it for $0.99. Recommendations Brandon: The Sinner (http://www.usanetwork.com/thesinner/blog/season-1-of-the-sinner-streaming-on-netflix) on Netflix Home Depot text message shortcut: Text the this message “121 hammer” to 24564 and you will get a link to the a map of the store showing the section for hammers. Replace "121” with the store number you are in and replace “hammer” with the item you are searching for to make new queries. You will likely have to ask a Home Depot Associate what the store number is or find it online. This is an internal tool used by Home Depot Associates to find stuff when customers ask them. Matt: https://www.synology.com/en-global/products/RT2600ac https://pqrs.org/osx/karabiner/ photo credit (https://www.flickr.com/photos/chefranden/241215585/in/photolist-ehUp3w-7SxrtA-njhZp-573GUS-cCYit-bDSQx-f6dDAs-23pXxU7-f6dyqQ-2FeTSt-6gt5NM-3KqSC-8sJDib-2SENLL-jUSMBZ-9Ftikz-f6dCd5-HSmQ1-f6dAco-87rJB2-f6do9Y-f6dqUS-f6dmaC-f5Y9Kn-f6dshY/)

On this very special episode of the Google Cloud Platform Podcast, we have live interviews from the first day of NEXT! Melanie and Mark had the chance to chat with Melody MeckFessel, VP of Engineering at Google Cloud and Pavan Srivastava of Deloitte. Next we spoke with Sandeep Dinesh about Open Service Broker and Raejeanne Skillern of Intel. Melody Meckfessel Melody Meckfessel is a hands-on technology leader with more than 20 years experience building and maintaining large-scale distributed systems and solving problems at scale. As VP of Engineering, she leads the team building DevOps tools and sharing DevOps best practices across Google and with software development and operations teams around the world. Her team powers the world’s most advanced continuously delivered software, enabling development teams to turn ideas into reliable, scalable production systems. After graduating from UC Berkeley, Melody programmed for startups and enterprise companies. Since joining Google in 2004, Melody has led teams in Google’s core search systems, search quality and cluster management. Melody is passionate about making software development fast, scalable and fun. Pavan Srivastava Pavan is a technology leader with 20 years of experience in developing strategies and implementation of SAP focused technology solutions. Pavan leads Deloitte’s SAP technology capability that focuses on helping clients adopt innovative technology solutions such as cloud and SAP HANA to improve business efficiencies. Pavan has led several engagements helping clients develop strategy, architecture and implement SAP on the cloud and SAP HANA platform. Sandeep Dinesh Sandeep Dinesh is a Developer Advocate for Google Cloud. He blends and creates new opportunities for businesses and people by leveraging the best technology possible. Raejeanne Skillern Raejeanne Skillern is the VP of Data Center and General Manager of Intel’s cloud service provider (CSP) business. Her goal is to make it easier, more cost-effective and more efficient for CSPs to build new infrastructure and services. She is privileged to lead an exceptional team that manages Intel’s business, products and technologies for cloud infrastructure deployments and works closely with the world’s largest cloud providers to ensure Intel’s data center products are optimized for their unique needs. Interviews Cloud AutoML site GKE On-Prem site Melody Meckfessel’s Speaking Schedule at NEXT site DevOps site Google Open Source site Cloud Build site Spinnaker site Kubernetes site Stackdriver site Application Performance Management site OpenCensus site Deloitte site SAP site Deloitte and Google Cloud blog Google Cloud Platform Service Broker site Open Service Broker site Pub/Sub site Cloud Spanner site Intel Cloud Computing site Intel Xeon site Intel Optane DC Persistent Memory site Partnering with Intel and SAP on Intel Optane DC Persistent Memory for SAP HANA blog Where can you find us next? We’ll both be at Cloud NEXT in Moscone West on the first floor! Come by and say hi!

Join Mic, Jake, and Sean as they delve in Unity cloud services such as ads and Cloud Build, before moving on to discuss the asset store, some popular 3rd party assets, and wonder how great the Xcode ecosystem could be if Apple took the same approach as Unity. The post Unity Cloud Services, and the Unity Asset Store – Podcast S06 E09 appeared first on Ray Wenderlich.

Cloud computing continues to gain momentum across organizations of all sizes.  IDC estimates that 80% of IT service organizations will move to hybrid cloud environments by the end of 2017. What does a hybrid cloud do for your business?  What are the real business benefits?  More important, once you have determined that a hybrid deployment is the right cloud for you, where do you start?  How do you order a cloud?  How do you build a cloud?  What options are there?  Principled Technologies recently published an in-depth research report focused on uncovering the real-world value of a hybrid cloud deployment.  The report “IT service transformation with hybrid cloud: Buy or Build?”, details the journey of an average company’s path to a hybrid cloud.  The report includes a detailed breakdown of 3 year cost savings and all associated costs for both building and buying the required infrastructure.  The full report is available here and in EMC The Source App under bonus material for this episode. I recently spoke to Kevin Gray, Sr Manager of EMC Engineered Solutions, Kevin was part of the EMC Team behind the white paper.  Where did the savings come from, what did we learn?  Find out this week on “EMC The Source”. Don’t miss “EMC The Source” app in the App Store.  Be sure to subscribe to The Source Podcast on iTunes or Stitcher Radio and visit the official blog at thesourceblog.emc.com EMC: The Source Podcast is hosted By Sam Marraccini (@SamMarraccini)

In this episode we chat to the guys from Unity Cloud build and discuss their amazing tech that allows builds to be made on the fly. If you are an Agile methodology zealot, today is your lucky day! We also touch on AES encryption between Unity and PHP as well as JSON.NET.Support the show