The New Stack Podcast

In deploying cloud-native sustainable foundation AI models, there are five key steps outlined by Huamin Chen, an R&D professional at Red Hat's Office of the CTO. The first two steps involve using containers and Kubernetes to manage workloads and deploy them across a distributed infrastructure. Chen suggests employing PyTorch for programming and Jupyter Notebooks for debugging and evaluation, with Docker community files proving effective for containerizing workloads.The third step focuses on measurement and highlights the use of Prometheus, an open-source tool for event monitoring and alerting. Prometheus enables developers to gather metrics and analyze the correlation between foundation models and runtime environments.Analytics, the fourth step, involves leveraging existing analytics while establishing guidelines and benchmarks to assess energy usage and performance metrics. Chen emphasizes the need to challenge assumptions regarding energy consumption and model performance.Finally, the fifth step entails taking action based on the insights gained from analytics. By optimizing energy profiles for foundation models, the goal is to achieve greater energy efficiency, benefitting the community, society, and the environment.Chen underscores the significance of this optimization for a more sustainable future.Learn more at thenewstack.ioPyTorch Takes AI/ML Back to Its Research, Open Source RootsPyTorch Lightning and the Future of Open Source AIJupyter Notebooks: The Web-Based Dev Tool You've Been SeekingKnow the Hidden Costs of DIY Prometheus Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

The concept of a software bill of materials (SBOM) aims to provide consumers with information about the components inside a software, enabling better assessment of potential security issues. Justin Hutchings, Senior Director of Product Management at GitHub, emphasizes the importance of SBOMs and their potential to facilitate patching without relying solely on the vendor. He spoke with Alex Williams in this episode of The New Stack Makers.Creating a comprehensive SBOM poses challenges. Each software package is unique, such as an Android application that combines the developer's code with numerous open-source dependencies obtained through Maven packages. The SBOM should ideally serve as a machine-readable inventory of all these dependencies, enabling developers to evaluate their security.Hutchings notes that many SBOMs fall short in being fully machine-readable, and the vulnerability landscape is even more problematic. To achieve the standards Hutchings envisions, several actions are necessary. For instance, certain programming languages make it difficult to inspect build contents, while the lack of a centralized distribution point for dependencies in languages like C and C++ complicates the enumeration and standardization of machine-readable names and versions. Addressing these issues across the entire software supply chain is imperative.SBOMs hold potential for enhancing software security, but the current state of implementation and machine-readability needs improvement, particularly concerning diverse programming languages and dependency management.Learn more at thenewstack.ioCreating a 'Minimum Elements' SBOM Document in 5 MinutesEnhance Your SBOM Success with SLSAHow to Create a Software Bill of Materials Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Angel Diaz, Vice President of Technology, Capabilities, and Innovation at Discover Financial Services, spoke with TNS Host Alex Williams at the Open Source Summit in Vancouver, BC. Diaz emphasizes the importance of learning and collaboration among software engineers. He leads The Discover Technology Academy, a community of 15,000 engineers, which he describes as a place where craftsmen come together rather than an ivory tower institution.Developers and engineers at Discover define and develop processes for software development. They start their journey by contributing atomic elements of knowledge, such as articles, blogs, videos, and tutorials, and then democratize that knowledge. Open source principles, communities, guilds, and established practices play a vital role in their work and discovery process.Discover's developer experience revolves around the concept of the golden path, which goes beyond consuming content and includes aspects like code, automation, and setting up development environments. Pair programming and a cultural approach to learning are also incorporated into Discover's talent system.Diaz highlights that Discover's work extends beyond their financial services company, as they share their knowledge and open source work with the external community through platforms like technology.discovered.com. This enables engineers to gain merit badges, such as maintainers or contributors, and showcase their expertise on professional platforms like LinkedIn.Learn more at thenewstack.ioThe Future of Developer CareersPlatform Engineer vs Software EngineerHow Donating Open Source Code Can Advance Your Career Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

The Linux Foundation's Open Source Security Foundation (OSSF) is addressing the challenge of timely software component updates to prevent security vulnerabilities like Log4J. In an interview with Alex Williams of The New Stack at the Open Source Summit in Vancouver, Omkhar Arasaratnam, the new general manager of OSSF, and Brian Behlendorf, CTO of OSSF, discuss the importance of making software secure from the start and the need for rapid response when vulnerabilities occur. In this conversation, they highlight the significance of Software Bill of Materials (SBOMs), which provide a complete list of software components and supply chain relationships. SBOMs offer data that can aid decision-making and enable reputation tracking of repositories. The interview also touches on the issues with package managers and the quantification of software vulnerability risks. Overall, the goal is to improve the efficiency and effectiveness of software component updates and leverage data to enhance security in enterprise and production environments.Learn more from The New Stack:Creating a 'Minimum Elements' SBOM Document in 5 MinutesEnhance Your SBOM Success with SLSA Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Apache Airflow is an open-source platform for building machine learning pipelines. It allows users to author, schedule, and monitor workflows, making it well-suited for tasks such as data management, model training, and deployment. In a discussion on The New Stack Makers, three technologists from Amazon Web Services (AWS) highlighted the improvements and ease of use in Apache Airflow.Dennis Ferruzzi, a software developer at AWS, is working on updating Airflow's logging and metrics backend to the OpenTelemetry standard. This update will provide more granular metrics and better visibility into Airflow environments. Niko Oliveria, a senior software development engineer at AWS, focuses on reviewing and merging pull requests as a committer/maintainer for Apache Airflow. He has worked on making Airflow a more pluggable architecture through the implementation of AIP-51.Raphaël Vandon, also a senior software engineer at AWS, is contributing to performance improvements and leveraging async capabilities in AWS Operators, which enable seamless interactions with AWS. The simplicity of Airflow is attributed to its Python base and the operator ecosystem contributed by companies like AWS, Google, and Databricks. Operators are like building blocks, each designed for a specific task, and can be chained together to create workflows across different cloud providers.The latest version, Airflow 2.6, introduces sensors that wait for specific events and notifiers that act based on workflow success or failure. These additions aim to simplify the user experience. Overall, the growing community of contributors continues to enhance Apache Airflow, making it a popular choice for building machine learning pipelines.Check out the full article on The New Stack:How Apache Airflow Better Manages Machine Learning Pipelines Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

In this episode featuring Nima Negahban, CEO of Kinetica, the potential impact of generative AI tools like ChatGPT on businesses and organizations is discussed. Negahban highlights the transformative potential of generative AI when combined with data analytics. One use case he mentions is an "Alexa for all your data," where real-time queries can be made about store performance or product underperformance in specific weather conditions. This could provide organizations with a new level of visibility into their operations.Negahban identifies two major challenges in the generative AI space. The first is security, especially when using internal data to train AI models. The second challenge is ensuring accuracy in AI outputs to avoid misleading information. However, he emphasizes that generative AI tools, such as GitHub Copilot, can bring a new expectation of efficiency and innovation for developers.The future of generative AI in the enterprise involves discovering how to orchestrate these models effectively and leverage them with organizational data. Negahban mentions the growing interest in vector search and vector database capabilities to generate embeddings and perform embedding search. Kinetica's processing engine, coupled with OpenAI technology, aims to enable ad hoc querying against natural language without extensive data preparation, indexing, or engineering.Check out the episode to hear more about how the integration of generative AI and data analytics presents exciting opportunities for businesses and organizations, providing them with powerful insights and potential for creativity and innovation.Read more about Generative AI on The New StackIs Generative AI Augmenting Our Jobs, or About to Take Them?Generative AI: How to Choose the Optimal DatabaseHow Will Generative AI Change the Tech Job Market?Generative AI: How Companies Are Using and Scaling AI Models Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

In this episode of The New Stack Makers from KubeCon EU 2023, Rob Barnes, a senior developer advocate at HashiCorp, discusses how their networking service, Consul, allows users to incorporate containers or virtual machines into their workflows without imposing container usage. Consul, an early implementation of service mesh technology, offers a full-featured control plane with service discovery, configuration, and segmentation functionalities. It supports various environments, including traditional applications, VMs, containers, and orchestration engines like Nomad and Kubernetes.Barnes explains that Consul can dictate which services can communicate with each other based on rules. By leveraging these capabilities, HashiCorp aims to make users' lives easier and software more secure.Barnes emphasizes that there are misconceptions about service mesh, with some assuming it is exclusively tied to container usage. He clarifies that service mesh adoption should be flexible and meet users wherever they are in their technology stack. The future of service mesh lies in educating people about its role within the broader context and addressing any knowledge gaps.Join Rob Barnes and our host, Alex Williams, in exploring the evolving landscape of service mesh and understanding how it can enhance workflows.Find out more about HashiCorp or the biggest news from KubeCon on The New Stack:HashiCorp Vault Operator Manages Kubernetes SecretsHow HashiCorp Does Site Reliability EngineeringA Boring Kubernetes Release Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

What did software engineers at KubeCon say about how AI is coming up in their work? That's a question we posed Taylor Dolezal, head of ecosystem for the Cloud Native Computing Foundation at KubeCon in Amsterdam. Dolezal said AI did come up in conversation."I think that when it's come to this, typically with KubeCons, and other CNCF and LF events, there's always been one or two topics that have bubbled to the top," Dolezal said.At its core, AI surfaces a data issue for users that correlates to data sharing issues, said Dolezal in this latest episode of The New Stack Makers.Read more about AI and Kubernetes on The New Stack:3 Important AI/ML Tools You Can Deploy on KubernetesFlyte: An Open Source Orchestrator for ML/AI WorkflowsOvercoming the Kubernetes Skills Gap with ChatGPT Assistance Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Kubernetes release 1.27 is boring, says Xander Grzywinski, a senior product manager at Microsoft.It's a stable release, Grzywinski said on this episode of The New Stack Makers from KubeCon Europe in Amsterdam."It's reached a level of stability at this point," said Grzywinski. "The core feature set has become more fleshed out and fully realized.The release has 60 total features, Grzywinski said. The features in 1.27 are solid refinements of features that have been around for a while. It's helping Kubernetes be as stable as it can be.Examples?It has a better developer experience, Grzywinski said. Storage primitives and APIs are more stable. Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

The mystery and miracle of flight sparked Ev Kontsevoy’s interest in engineering as a child growing up in the Soviet Union.“When I was a kid, when I saw like airplane flying over, I was having a really hard time not stopping and staring at it until it's gone,” said Kontsevoy, co-founder and CEO of Teleport, said in this episode of the Tech Founders Odyssey podcast series. “I really wanted to figure out how to make it fly.”Inevitably, he said, the engineering path led him to computers, where he was thrilled by the power he could wield through programming. “You're a teenager, no one really listens to you yet, but you tell a computer to go print number 10 ... and then you say, do it a million times. And the stupid computer just prints 10 million. You feel like a magician that just bends like machines to your will.”In this episode of the series, part of The New Stack Makers podcast, Kontsevoy discussed his journey to co-founding Teleport, an infrastructure access platform, with TNS co-hosts Colleen Coll and Heather Joslyn. Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.