今日已更新 412 条资讯 | 累计 19972 条内容
关于我们

标签:#Cloud

找到 166 篇相关文章

工具

AWS Previews FinOps Agent for Cost Analysis and Optimization

Amazon has released AWS FinOps Agent in public preview, a managed service that automates several common FinOps workflows. The agent can investigate cost anomalies, correlate spend changes with AWS activity data, and integrate with tools such as Slack and Jira to route findings to resource owners. By Renato Losio

2026-06-28 原文 →
AI 资讯

Moving Your On-Premises Database to the Cloud

The decision to migrate an on-premises database to the cloud is rarely a simple one. It touches infrastructure, budget, team workflows, and application uptime all at once. Yet for most organizations, moving your on-premises database to the cloud is no longer a question of if but when — and more importantly, how to do it without bringing production systems to their knees. Whether you're running PostgreSQL on bare metal or SQL Server in a company-owned data center, the path to cloud-hosted data has predictable pitfalls and, when navigated carefully, significant payoffs. This guide walks through the full migration process: from pre-migration assessment to post-migration validation, with real configuration examples and the kind of hard-won detail that vendor documentation tends to skip. Why Organizations Make the Move On-premises databases carry hidden costs that compound over time. Hardware refresh cycles, licensing renewals, physical security, power, and cooling — these expenses are easy to underestimate when they're already baked into the operating budget. Cloud databases shift that burden to a consumption model, where you pay for what you use and scale without a procurement cycle. Beyond cost, there's the question of availability. Cloud providers like AWS, Google Cloud, and Azure run managed database services with built-in replication, automated failover, and point-in-time recovery that would take a dedicated DBA weeks to configure manually. A startup can get enterprise-grade durability out of the box. A mid-sized company can stop worrying about what happens when a hard drive fails at 2 a.m. Performance is another draw — though it comes with caveats. Managed cloud databases excel at read-heavy workloads and benefit from proximity to cloud-native application services. Latency-sensitive operations or highly custom storage configurations sometimes perform better on dedicated hardware. Knowing which category your workload falls into is the first real question to answer.

2026-06-28 原文 →
AI 资讯

Manage Sensitive Data In Application Code | 🏗️ Build A Secure Configuration Service

Exam Guide: Developer - Associate 🏗️ Domain 2: Security 📘 Task 3: Manage Sensitive Data In Application Code Managing Sensitive Data In Application Code is about keeping secrets out of your code, classifying data properly, and building applications that handle sensitive data safely. You need to know when to use Secrets Manager vs Parameter Store, how to mask PII in API responses and logs, and how to isolate data in multi-tenant applications. The ability to choose the right secret management service, implement data sanitization, and enforce tenant-level data boundaries, is vital. 📘Concepts Data Classification Understand data sensitivity levels and how each should be handled: Classification Examples Handling Requirements PII (Personally Identifiable Information) Name, email, SSN, phone number, address Encrypt at rest and in transit, mask in logs and API responses, restrict access PHI (Protected Health Information) Medical records, insurance IDs, lab results HIPAA compliance, encryption required, audit trail mandatory Financial Credit card numbers, bank accounts, transaction data PCI DSS compliance, tokenization, never store full card numbers Public Marketing content, public API docs No special handling needed 💡 If a scenario mentions compliance or audit trail , think encryption with KMS (for CloudTrail logging) and Secrets Manager (for automatic rotation). If it mentions PII in logs , think data masking and sanitization. Secrets Manager vs SSM Parameter Store Both store configuration and secrets. Feature Secrets Manager SSM Parameter Store Automatic rotation Yes (built-in for RDS, Redshift, DocumentDB) No (you build it yourself with Lambda) Cost $0.40/secret/month + $0.05 per 10,000 API calls Free (Standard tier), $0.05/advanced parameter/month Cross-account access Yes (via resource policy) Yes (advanced parameters only) Max size 64 KB 4 KB (Standard) / 8 KB (Advanced) Versioning Automatic (AWSCURRENT, AWSPREVIOUS labels) Yes (version history) Encryption Always encrypt

2026-06-27 原文 →
AI 资讯

Vercel Introduces Eve, an Open-Source Framework for Building AI Agents

Vercel has released Eve, an open-source framework for building, deploying, and operating AI agents in production. The framework uses a filesystem-based project structure to organize agent instructions, tools, skills, subagents, communication channels, and scheduled tasks, enabling developers to define agent behavior while reducing the amount of supporting infrastructure they need to implement. By Daniel Dominguez

2026-06-27 原文 →
AI 资讯

RAG Is Not a Chatbot Feature. It Is Production AI Infrastructure.

Most enterprise RAG failures are not model failures. They are infrastructure failures. The demo works because the PDF is clean, the user is friendly, the permissions are simple, and nobody is measuring drift, latency, access control, source quality, or hallucination risk. Production RAG needs more than a vector database: Data pipelines that know what changed Identity-aware retrieval Source quality scoring Prompt and response guardrails GPU / inference cost controls Observability for retrieval, latency, grounding, and failed answers Human approval for high-risk actions The real question is not: Which LLM should we use? The better question is: What infrastructure makes this AI answer trustworthy enough for business use? Discussion question: If you were building an enterprise RAG system today, which layer would you harden first: data quality, access control, evaluation, observability, or cost governance? Tags: Enterprise AI, RAG, LLMOps, Cloud Architecture, AI Infrastructure, MLOps, Responsible AI, Generative AI.

2026-06-26 原文 →
AI 资讯

Introducing Cloud Compass: Cloud News, Concepts, and Insights Without the Overwhelm

👋 Hi DEV Community! I'm the creator of Cloud Compass , a newsletter dedicated to making cloud computing easier to understand. If you've ever felt overwhelmed by the constant stream of cloud updates, new services, documentation, and buzzwords, you're definitely not alone. I originally published this as the welcome issue of my newsletter, and I'm sharing it here because I hope it helps developers, students, and anyone starting their cloud journey. ☁️ Welcome to Cloud Compass Cloud news, concepts, and insights without the overwhelm. The cloud is moving fast. Let's make sure you're not left behind. Welcome to Cloud Compass — your guide to staying current with cloud computing while building real cloud knowledge, without feeling overwhelmed. Let's be honest. Keeping up with cloud technology is exhausting. Cloud providers release new services, features, and updates almost every week. Between official documentation, blog posts, YouTube videos, LinkedIn posts, and countless tutorials, it's difficult to know: What actually matters? What should you learn first? Where do you even begin? That's exactly why I started Cloud Compass . This isn't a newsletter written by AI or filled with copied announcements. It's written by someone who genuinely enjoys learning cloud computing and wants to make it easier for everyone else—whether you're: A developer trying to stay current A student entering the cloud world for the first time A professional who wants to understand cloud technology without spending hours reading documentation The goal is simple: Show up regularly with something that's actually useful. "I want Cloud Compass to feel less like reading tech news and more like having a conversation with someone who already read everything and saved you the time." Here's what you can expect 📰 Cloud News Roundup The most important updates from across the cloud industry—not just AWS, Azure, and Google Cloud, but the wider cloud ecosystem. No endless lists of links. No unnecessary hype. Just

2026-06-26 原文 →
开发者

5 Ways to Deploy Code (Without Making Your Users Mad)

Picture this: You just spent weeks building an awesome new feature. It's fully tested and ready to go. But when you hit "Deploy," your entire application goes down for 5 minutes, and your users are met with a blank loading screen. Not a good look. In the world of DevOps and Cloud Infrastructure, how you roll out updates matters just as much as the code itself. AWS Elastic Beanstalk gives us 5 distinct deployment policies to handle this smoothly. Let's break them down from simplest to most robust so you know exactly which one to pick for your next project. 1. All at Once (The Speed Demon) This is the simplest method. Elastic Beanstalk takes all your existing servers, shuts them down, deploys the new code, and boots them back up simultaneously. [ Old App ] ─> SHUTDOWN ALL ─> DEPLOY NEW ─> [ New App ] The Good : It’s incredibly fast. The Bad : Your app goes completely offline during the deploy. When to use it : Only in development environments where downtime doesn't matter. Never use this in production! 2. Rolling (The Line Worker) Instead of updating everything at once, Beanstalk splits your servers into batches (e.g., 2 at a time). It takes the first batch offline, updates them, brings them back online, and then moves to the next batch. Batch 1: [ Updating... ] Batch 2: [ Running Old App ] Batch 1: [ Running New App ] Batch 2: [ Updating... ] The Good : No total downtime! Your app stays online. The Bad : While a batch is updating, your overall server capacity drops. Plus, users might experience a "mixed state" where refreshing switches them between the old and new version. When to use it : Production environments that can handle a temporary dip in bandwidth. 3. Rolling with Additional Batch (The Safe Substitution) To fix the capacity problem of standard rolling, this policy launches a brand new batch of instances first. Once those new servers are healthy and running the updated code, Beanstalk starts rolling the update through the old servers. [Old Servers: 100% Capa

2026-06-26 原文 →
开发者

Cloudflare Ships Agent Skills for Zero Trust Deployment and Migration

Cloudflare released the Cloudflare One stack, an open-source library of agent skills for planning, deploying, and managing Zero Trust environments. The skills include automated migration logic for Zscaler and Palo Alto Networks, the same logic used in Cloudflare's Descaler program that has moved enterprise customers in hours rather than months. By Steef-Jan Wiggers

2026-06-25 原文 →
AI 资讯

Escaping Cloud Lock-In: Building a real DORA exit strategy ☁️

If a regulator asks how you would move off your current cloud provider tomorrow, "we would figure it out" is no longer an acceptable answer. Most modern cloud deployments are deeply tied to provider-specific services, creating invisible dependencies that make true portability feel out of reach. Multi-cloud runtime approaches are expensive and complex, requiring duplicated infrastructure and operational teams. What you actually need is standardized portability. Here is how you can tackle it: Define your entire application environment using a single configuration file. Keep your infrastructure definition provider-agnostic, versioned, and auditable right inside your Git repository. Recreate the environment on another infrastructure provider without redesigning the deployment model or rewriting code. By decoupling your application from specific cloud consoles, you eliminate infrastructure re-architecture and give compliance teams a concrete blueprint. Check out our full technical write-up to see how to build an actionable exit strategy: Portable cloud architecture for DORA compliance | Upsun Discover how financial institutions can meet DORA exit strategy requirements by avoiding vendor lock-in with a portable cloud architecture. upsun.com

2026-06-25 原文 →
开发者

Using Zstd Frames to Egress Partial Parquet Files

Jump Tables, TLV Footers, and the Real Cost of Reading What You Don't Need You're paying for bytes you never read. A data engineer on a busy pipeline touches dozens of Parquet files a day: schema discovery, predicate pushdown, column pruning, metadata scrapes for a data catalog sync. In each case, the application needs maybe 200 KB of context from a file that is 4 GB on disk. Without a seekable archive format and a jump table to find the right frame, your HTTP client fetches the whole thing, and your cloud egress invoice reflects every unnecessary gigabyte. This post quantifies the problem, then walks through how HuskHoard uses seekable Zstd frames, a per-volume jump table, and TLV-encoded footer metadata to make partial egress a first-class citizen across multi-volume archives — disk, cloud, and LTO tape alike. The Problem, In Dollars S3 standard egress runs $0.09/GB. GCS is $0.08/GB. Even Cloudflare R2, which is free for egress from R2 to the internet , still costs you in latency and API call count when you cannot bound the range of bytes you need. Here is a representative read pattern for a cold analytics archive: Operation Bytes Needed Bytes Fetched (naïve) Ratio Schema discovery ~50 KB (Parquet footer) 1–8 GB (full file) ~1:16,000 Single column scan ~200 MB (one column chunk) 4 GB (full row group) 1:20 Data catalog sync (1M files) ~50 GB (footers only) ~4 PB (full files) 1:80,000 Selective restore (1 row group) ~128 MB 4 GB 1:32 On 100 TB of cold Parquet data with $0.09/GB egress: Full read for schema sync : 100 TB × $0.09 = $9,216 Partial read (footers only, avg 100 KB/file, 1M files) : ~100 GB × $0.09 = $9.00 Savings per catalog sync: $9,207 — 99.9% reduction Even a conservative column-scan scenario (pulling 15% of each file's bytes) cuts a $9,216 monthly read bill to $1,382 . The ceiling on savings is determined entirely by how precisely you can address the bytes you actually need. That precision is what frames and jump tables buy you. Zstd Frames: What They

2026-06-24 原文 →
AI 资讯

Cinema Seat Reservation System — Part 2: Transitioning To Production-Scale and Deploying on Azure Cloud

Introduction This is the second part of sharing my journey to create a microservices-based backend system, in the previous part, I introduced the system and its services. In this part I am going to mention the main things that happened with me from then until now. Transitioning to online DBaaS platforms The first main thing was to transition my databases from my local device to accessible over the internet. I used Neon and MongoDB Atlas . Although performance-wise it is better to deploy the database on the same server that the whole system so all services can access the databases without network overhead , This solution is better from a point, that is avoiding consuming the free VM instance that I got to host my main services, as with DBaaS platforms I will not require storage for databases or additional overhead to handle the DBMS on a free small resources-constrained VM. Observability Observability is one of the main concerns in any system, it gives the ability for the system to expose what happens inside it without any need to guess and manually trace the code to determine where the error may happened. I utilized OpenTelemetry , as I found it is most used and accepted tool to log, trace and collect metrics about the system and the traffic. Also, I loved that it is not related to specific framework, that is .NET by the way, I loved the idea that it is standalone tool. But logging and tracing and metrics collection will not be beneficial if we do not see it actually and can achieve monitoring from those telemetry data, so I used Grafana Cloud to export the telemetry data to some place that is accessible online and a tool that can generate dashboards and visualizing for the metrics ( Prometheus ), and UI that can show all the telemetry data easily. Deployment Until this point, we have a system that is fully functional and have consistent docker configuration for its services via Docker Compose, and it database is already there and available. Now this is the point at

2026-06-24 原文 →
AI 资讯

Azure Key Vault: Where Every Secret in This Blog Actually Lives

I have written some version of "never hardcode secrets, store them in Key Vault instead" in at least five of my last nine posts on this blog. I never actually stopped to explain what that means in practice. This post fixes that, using the real secrets this very blog depends on: a database connection string, an admin panel password, and a set of GitHub deployment credentials. What Azure Key Vault Actually Is Azure Key Vault is a managed service for storing secrets, encryption keys, and certificates securely in the cloud. Instead of a password sitting in a configuration file or a public GitHub repository where anyone with read access can see it, the password lives in Key Vault - encrypted, access-controlled, and logged every single time it is read. Picture your code as a house with see-through walls - anyone looking at the repository can see everything inside, including any password left lying on the kitchen table. Key Vault is a bank vault a few streets away. Your code does not hold the password directly; it holds a key card that lets it walk over and request the password at the exact moment it is needed. Lose the key card, and you still cannot get into the vault without proper identity verification on top of it. Three Things Key Vault Stores Secrets are plain string values - passwords, connection strings, API keys, tokens. Keys are cryptographic keys used for encrypting and decrypting data, or for signing and verifying it. Certificates are X.509 certificates used for TLS or client authentication between services. Most applications, including this one, primarily use the Secrets feature. An Honest Admission About TechStackBlog's Own Setup This blog does not actually use Key Vault directly today. The database password lives in Azure App Service Configuration. The admin panel password and deployment credentials live in GitHub Secrets. For a single-application personal project, this is a perfectly reasonable and secure setup. Key Vault earns its place once you have multi

2026-06-22 原文 →
AI 资讯

AWS EC2 vs ECS for Spring Boot Deployment — When Should You Use Which?

Building a Spring Boot application is only half the journey. At some point, every backend project reaches the next question: Where should this application actually run? If you are deploying on AWS, two common options are: Amazon EC2 Amazon ECS Both can run the same Dockerized Spring Boot application. But they are not the same kind of deployment model. EC2 gives you a server. ECS gives you container orchestration. Choosing between them is less about which one is “better” and more about which one fits the stage of your application. Starting with EC2 EC2 is the most direct way to run a Spring Boot application on AWS. You create a virtual machine, install what you need, and run your application. For a Dockerized Spring Boot app, the flow often looks like this: GitHub Actions ↓ SSH into EC2 ↓ Pull latest code or image ↓ Build / run Docker container ↓ Spring Boot app runs on EC2 The mental model is simple: One server One Docker container One Spring Boot application That simplicity is useful. Especially when you are launching an MVP, a freelancer project, an internal tool, or your first production version. Why EC2 Works Well for Many Spring Boot Apps EC2 is not outdated just because newer deployment platforms exist. For many applications, EC2 is enough. It works well when: traffic is predictable the application is small or medium-sized you want full control over the server you want simple debugging through SSH you do not need multiple replicas yet you want to keep infrastructure easy to understand A common setup might be: Spring Boot Dockerfile Docker Compose GitHub Actions EC2 That setup can be production-ready for many early-stage apps. It gives you: a real deployment target repeatable Docker builds automated deployment through GitHub Actions simple logs direct server access For a solo developer or small team, that matters. You can understand the entire deployment flow without needing a full container orchestration platform. The Tradeoff With EC2 The tradeoff is that you

2026-06-22 原文 →
AI 资讯

AWS Graviton5 Reaches General Availability with 192 Cores and Formally Verified VM Isolation

AWS made Graviton5-powered EC2 M9g and M9gd instances generally available with 192 ARM cores, formally verified VM isolation via the Nitro Isolation Engine, and DDR5-8800 memory. ClickHouse reported 36% better performance with zero code changes. Meta committed tens of millions of cores. On-demand pricing is 9% above Graviton4, translating to roughly 15% better price-performance. By Steef-Jan Wiggers

2026-06-22 原文 →