Ryan is joined by David Hsu, CEO and founder of Retool, to explore how AI is transforming the role of a software developer into a software architect, the increasing accessibility of coding for non-engineers, and the importance of placing guardrails and higher-level programming primitives on AI coding assistants.

This week, Whitney Lee joins us to discuss KubeCon news, Coding Assistants, and conference tips. Plus, vegan food and note-taking recommendations.

Watch the YouTube Live Recording of Episode 547

Rundown

• Slutty Vegan
• Cloud Native Rejekts
• Maintainer Summit
• Conference Parties
• Ingress NGINX Retirement: What You Need to Know
  • Linkerd Forever
  • Migrating from Ingress Resources

Conferences

• DevOpsDayLA at SCALE23x, March 6th, Pasadena, CA
  • Use code: DEVOP for 50% off. CFP open until Dec. 1st.

SDT News & Community

• Join our Slack community
• Email the show: questions@softwaredefinedtalk.com
• Free stickers: Email your address to stickers@softwaredefinedtalk.com
• Follow us on social media: Twitter, Threads, Mastodon, LinkedIn, BlueSky
• Watch us on: Twitch, YouTube, Instagram, TikTok
• Book offer: Use code SDT for $20 off "Digital WTF" by Coté
• Sponsor the show: ads@softwaredefinedtalk.com

Recommendations

• Brandon: GE Attic Mount Digital TV Antenna
• Whitney: Obsidian, Wispr Flow
• Coté: MacWhisper

Photo Credits

• Header

Special Guest: Whitney Lee.

Download audio: https://aphid.fireside.fm/d/1437767933/9b74150b-3553-49dc-8332-f89bbbba9f92/1bd9eabc-615f-4193-ad35-b170340cc2b2.mp3

Strategic Technology Consultation Services

This episode of The Modern .NET Show is supported, in part, by RJJ Software's Strategic Technology Consultation Services. If you're an SME (Small to Medium Enterprise) leader wondering why your technology investments aren't delivering, or you're facing critical decisions about AI, modernization, or team productivity, let's talk.

Show Notes

"There's a good chance it's not gonna flag for you that, you, know your point of sale system is on .NET six and is now vulnerable, you know. So to a certain extent, companies often aren't even aware and this is something I've learned to be in this space. They're not aware. If they are aware, they know they need to upgrade. They're not sure, you know, when they're gonna find the resources, the time, the capital to upgrade"— Hayden Barnes

Hey everyone, and welcome back to The Modern .NET Show; the premier .NET podcast, focusing entirely on the knowledge, tools, and frameworks that all .NET developers should have in their toolbox. I'm your host Jamie Taylor, bringing you conversations with the brightest minds in the .NET ecosystem.

Today, we're joined by Hayden Barnes to talk about HeroDevs and their Never Ending Support offering; a service where HeroDevs backport security fixes from later versions of dependencies, allowing companies to hold off on upgrading their important dependencies until they are ready to.

"In some cases we simply hire the upstream developer or the upstream development team and they can continue to work on new features and the latest versions while maintaining the post-EOL versions and backporting those security updates. In some cases, we hire that library maintainer on contract."— Hayden Barnes

Along the way, we talked about how the release schedule for .NET (one year per major release, with rolling support for up to 36 months) is a little to agile for some enterprise companies, and how HeroDevs can help. We also talked about how, where possible, HeroDevs actually hire the open source maintainers for packages to do the backporting, feeding funding back into the open source ecosystem.

We also mentioned that this support doesn't just apply to post-end-of-life for versioned software. We also talk about the very unfortunate position where a developer is suddenly unable to support their work. An example that I bring up is previous guest on the show Jon P Smith, who in 2024 was diagnosed with dementia; meaning that at some point his libraries will need to be passed on to other open source developers. During the recording, I couldn't remember Jon's name, and for that I apologise. Jon has a very in depth blog post about the start of his journey with dementia called "How to update a NuGet library once the author isn't available." Please go read his blog post when you have the chance.

Before we jump in, a quick reminder: if The Modern .NET Show has become part of your learning journey, please consider supporting us through Patreon or Buy Me A Coffee. Every contribution helps us continue bringing you these in-depth conversations with industry experts. You'll find all the links in the show notes.

Anyway, without further ado, let's sit back, open up a terminal, type in `dotnet new podcast` and we'll dive into the core of Modern .NET.

Full Show Notes

The full show notes, including links to some of the things we discussed and a full transcription of this episode, can be found at: https://dotnetcore.show/season-8/hayden-barnes-on-net-nes-why-we-need-a-new-approach-to-open-source-maintenance/

Useful Links:

• How to update a NuGet library once the author isn't available
• HeroDevs
  • on X
  • on YouTube
  • on LinkedIn
• Hayden
  • on X
  • on LinkedIn
  • on his blog

Supporting the show:

• Leave a rating or review
• Buy the show a coffee
• Become a patron

Getting in Touch:

• Via the contact page
• Joining the Discord

Remember to rate and review the show on Apple Podcasts, Podchaser, or wherever you find your podcasts, this will help the show's audience grow. Or you can just share the show with a friend.

And don't forget to reach out via our Contact page. We're very interested in your opinion of the show, so please get in touch.

You can support the show by making a monthly donation on the show's Patreon page at: https://www.patreon.com/TheDotNetCorePodcast.

Music created by Mono Memory Music, licensed to RJJ Software for use in The Modern .NET Show.

Editing and post-production services for this episode were provided by MB Podcast Services.

Download audio: https://traffic.libsyn.com/clean/secure/thedotnetcorepodcast/807-Hayden-Barnes.mp3?dest-id=767916

Welcome to episode 329 of The Cloud Pod, where the forecast is always cloudy (and if you’re in California, rainy too!) Justin and Matt have taken a break from Ark building activities to bring you this week’s episode, packed with all the latest in cloud and AI news, including undersea cables (our favorite!) FinOps, Ignite predictions, and so much more! Grab your umbrellas and let’s get started! 

Titles we almost went with this week

• Fastnet and Furious: AWS Lays 320 Terabits of Cable Across the Atlantic
• No More kubectl apply –pray: AWS Backup Takes the Stress Out of EKS Recovery
• AWS Gets Swift with Lambda: No Taylor Version Required
• Breaking Up Is Hard to Do: Microsoft Splits Teams from Office
• FinOps and Behold: Google Automates Your Cloud Budget Nightmares
• AMD Turin Around GCP’s Price-Performance with N4D VMs
• Azure Gets Territorial: Your Data Stays Put Whether It Likes It or Not
• AWS Finally Answers “Is It Available in My Region?” Before You Build It 
• Getting to the Bare Metal of Things: Google’s Axion Goes Commando
• Azure Ultra Disk Gets Ultra Serious About Latency
• Container Size Matters: Azure Expands ACI to 240 GB Memory 
• Google Containerises Chaos: Agent Sandbox Keeps Your AI from Going Rogue
• AWS Prints Money While Amazon Prints Pink Slips: Q3 Earnings Beat

Follow Up 

02:08 Microsoft sidesteps hefty EU fine with Teams unbundling deal

• Microsoft avoids a potentially substantial EU antitrust fine by agreeing to unbundle Teams from the Office 365 and Microsoft 365 suites for a period of seven years. 
• The settlement follows a 2023 complaint from Salesforce-owned Slack alleging anticompetitive bundling practices that harmed rival collaboration tools.
• The commitments require Microsoft to offer Office and Microsoft 365 suites without Teams at reduced prices, with a 50 percent larger price difference between bundled and unbundled versions. 
• Customers with long-term licenses can switch to Teams-free suites, addressing concerns about forced adoption of the collaboration platform.
• Microsoft must provide interoperability between competing collaboration tools and its products, plus enable data portability from Teams to rival services. 
• These technical requirements aim to level the playing field for competitors like Slack and Zoom in the European enterprise collaboration market.
• The settlement applies specifically to the European Union market and stems from Microsoft’s dominant position in productivity software. 
• Organizations using Microsoft 365 in the EU will now have a genuine choice in selecting collaboration tools without being locked into Teams through bundling.
• This decision sets a precedent for how cloud software vendors can package integrated services, particularly when holding dominant market positions. 
• The seven-year commitment period and mandatory interoperability requirements could influence how Microsoft and competitors structure product offerings globally.

General News 

08:30 It’s Earnings Time! (Warning: turn down your volume) 

Amazon’s stock soars on earnings, revenue beat, spending guidance

• Yes, we know there’s a little delay in our reporting here, but it’s still important! (To Justin, anyway.) 
• AWS grew revenue 20% year-over-year to $33 billion in Q3, generating $11.4 billion in operating income, which represents two-thirds of Amazon’s total operating profit. 
• While this growth trails Google Cloud’s 34% and Azure’s 40%, AWS maintains its position as the leading cloud infrastructure provider.
• Amazon increased its 2025 capital expenditure forecast to $125 billion, up from $118 billion, with CFO Brian Olsavsky indicating further increases expected in 2026. 
• This spending exceeds Google, Meta, and Microsoft’s capex guidance and signals Amazon’s commitment to AI infrastructure despite concerns about missing out on high-profile AI cloud deals.
• Amazon’s Q4 revenue guidance of $206-213 billion (midpoint $209.5 billion) exceeded analyst expectations of $208 billion, driven by strong performance in both AWS and the digital advertising business, which grew 24% to $17.7 billion. 
• The company’s overall revenue reached $180.17 billion, beating estimates of $177.8 billion.
• The company announced 14,000 corporate layoffs this week, which CEO Andy Jassy attributed to organizational culture and reducing bureaucratic layers rather than financial pressures or AI automation. 
• Amazon’s total workforce stands at 1.58 million employees, representing a 2% year-over-year increase despite the cuts.

06:14 Justin – “There’s a lot of investors starting to question some of the dollars being spent on (AI). It’s feeling very .com boom-y. Let’s not do that again.”

06:46 Alphabet stock jumps 4% after strong earnings results, boost in AI spend

• Alphabet increased AI infrastructure spending guidance to $91-93 billion for the year, up from $85 billion previously, driven by strong Google Cloud demand. 
• CEO Sundar Pichai reported a $155 billion backlog for Google Cloud at quarter’s end, with CFO signaling significant capex increases expected in 2026.
• Google Cloud contributed to Alphabet’s first-ever $100 billion revenue quarter, with total Q3 revenue reaching $102.35 billion and beating analyst expectations by $2.5 billion. 
• The company’s earnings of $3.10 per share significantly exceeded the $2.33 analyst consensus.
• Google Search revenue grew 15% year-over-year to $56.56 billion, indicating that AI integration in search is proving to be an opportunity rather than a threat to the core business. 
• Analysts noted this addresses previous concerns about AI disrupting Google’s search dominance.
• Wall Street analysts raised price targets substantially following the results, with Goldman Sachs increasing from $288 to $330 and JPMorgan raising from $300 to $340. 
• Deutsche Bank characterized the earnings as having virtually no negative aspects across any business segment.

08:03 Matt – “The 15 % of revenue for Google search year over year feels like a massive growth, but I still don’t really understand how they track that. It’s not like there’s 15 % more people using Google than before, but that’s the piece I don’t really understand still.”

08:27 Microsoft (MSFT) Q1 2026 earnings report

• Microsoft Azure revenue grew 40% year-over-year in Q1 fiscal 2026, beating analyst expectations of 38.2% growth and driving the Intelligent Cloud segment to $30.9 billion in total revenue. 
• The company’s AI infrastructure investments continue to pay off as Azure cloud services reached over $75 billion in annual revenue for fiscal 2025.
• Microsoft took a $3.1 billion accounting hit to net income this quarter related to its OpenAI investment, equivalent to 41 cents per 41-cent-per-share impact on earnings. 
• Despite this, the company still beat earnings expectations at $3.72 per share versus the expected $3.67, with overall revenue reaching $77.67 billion.
• Capital expenditure spending came in at $34.9 billion for the quarter, and CFO Amy Hood indicated that capex growth will accelerate throughout fiscal 2026 rather than slow down as previously suggested. 
• This aggressive infrastructure spending caused the stock to drop 4% in after-hours trading despite the strong revenue performance.
• Microsoft now holds a 27% stake in OpenAI’s for-profit entity worth approximately $135 billion, following the company’s restructuring announcement. 
• This formalized partnership structure clarifies the relationship between the two companies as Azure continues to serve as the primary infrastructure platform for OpenAI’s services.
• The quarter’s results were overshadowed by a significant Azure and Microsoft 365 outage that occurred on the same day as earnings, affecting various websites and gaming services for several hours. Microsoft expects full recovery by evening, but the timing highlights ongoing reliability concerns as the company scales its cloud infrastructure.

09:27 Azure Front Door RCA

• What happened: Azure Front Door and CDN experienced an 8+ hour outage (Oct 29-30, 2025), causing connection timeouts and DNS failures across numerous Azure and Microsoft services, including Azure Portal, Microsoft 365, Entra ID, and many others.
• Root cause: A valid customer configuration change exposed a latent bug when processed across different control plane versions, creating incompatible metadata that crashed data plane services. 
• The crash occurred asynchronously (~5 minutes delayed), allowing it to pass through safety checks undetected.
• Why it spread globally: The defective configuration propagated to all edge sites within 4 minutes (15:39 UTC) and was mistakenly saved as the “Last Known Good” snapshot before crashes began appearing at 15:41 UTC, making rollback impossible.
• Recovery approach: Rather than reverting to the corrupted LKG, Microsoft manually removed problematic configurations and performed a careful phased redeployment across all edge sites, completing full mitigation by 00:05 UTC (~8.5 hours total).
• Prevention measures: Microsoft has completed synchronous config processing, added pre-canary validation stages, reduced recovery time from 4.5 hours to 1 hour, and is working on traffic isolation and further improvements through mid-2026.
• Are you interested in the video version of this information? You can find that here. 

14:23 PREDICTIONS FOR IGNITE

Matt

1. ACM Competitor – True SSL competitive product
2. AI announcement in Security AI Agent (Copilot for Sentinel)
3. Azure DevOps Announcement

Justin

1. New Cobalt and Mai Gen 2 or similar
2. Price Reduction on OpenAI & Significant Prompt Caching
3. Microsoft Foundational LLM to compete with OpenAI

Jonathan (who isn’t here)

1. The general availability of new, smaller, and more power-efficient Azure Local hardware form factors
2. Declarative AI on Fabric: This represents a move towards a declarative model, where users state the desired outcome, and the AI agent system determines the steps needed to achieve it within the Fabric ecosystem.
3. Advanced Cost Management: Granular dashboards to track the token and compute consumption per agent or per transaction, enabling businesses to forecast costs and set budgets for their agent workforce.

How many times will they say Copilot: 

• Jonathan
• Justin: 35
• Matt: 40

Honorable Claude:

• Claude for Azure AI
• Autonomous Agent Platform

23:00 Matt – “

Cloud Tools  

26:47 Apptio expands its FinOps tools for cloud cost control – SiliconANGLE

• IBM-owned Apptio launches Cloudability Governance with Terraform integration to provide real-time cost estimation and policy compliance at deployment time. 
• Platform engineers can now see cost impacts before deploying infrastructure through version control systems like GitHub, addressing the problem where 55% of business leaders lack adequate visibility into technology spending ROI.
• Kubecost 3.0 adds GPU-specific monitoring capabilities through Nvidia’s Data Center GPU Manager exporter, providing utilization and memory metrics critical for AI workloads. 
• The container-agnostic platform works across on-premises and cloud Kubernetes environments, with bidirectional integration into Cloudability’s FinOps suite for unified cost visibility.
• The platform addresses common tagging blind spots by automatically identifying resource initiators and applying ownership tags when teams forget. It also supports synthetic tags that map to business units, processing trillions of rows of cost data monthly to detect over-provisioning and committed instance discount opportunities.
• AI workload acceleration has increased the velocity of cloud spending rather than creating new blind spots, with GPU costs potentially reaching thousands of dollars per hour. 
• Real-time visibility becomes essential when infrastructure costs can scale this rapidly, making proactive cost governance more important than reactive monitoring.
• The Terraform integration positions Apptio to intercept infrastructure deployments before they happen, shifting FinOps from reactive cost analysis to proactive cost prevention. 
• This represents a meaningful evolution in cloud cost management by embedding financial controls directly into the infrastructure provisioning workflow.

33:03 Matt – “I’ve set these up in my pipelines before… It’s always nice to see, and it’s good if you’re launching net new, but for general PR, it’s just more noise.  It kind of needed these tools.” 

AWS 

28:44 AWS rolls out Fastnet subsea cable connecting the U.S. and Ireland

• AWS announces Fastnet, a dedicated transatlantic subsea cable connecting Maryland to County Cork, Ireland, with 320+ terabits per second capacity when operational in 2028. 
• The system uses unique landing points away from traditional cable corridors to provide route diversity and network resilience for AWS customers running cloud and AI workloads.
• The cable features advanced optical switching branching unit technology that allows future topology changes and can redirect data to new landing points as network demands evolve. This architecture specifically targets growing AI traffic loads and integrates directly with AWS services like CloudFront and Global Accelerator for rapid data rerouting.
• AWS’s centralized traffic monitoring system provides complete visibility across the global network and implements millions of daily optimizations to route customer traffic along the most performant paths. 
• This differs from public internet routing, where individual devices make decisions with limited network visibility, helping avoid congestion before it impacts applications.
• The infrastructure investment includes Community Benefit Funds for both Maryland’s Eastern Shore and County Cork to support local initiatives, including STEM education, workforce development, and sustainability programs. 
• AWS worked with local organizations and residents from project inception to align the deployment with community priorities.
• With this addition, AWS’s global fiber network now spans over 9 million kilometers of terrestrial and subsea cabling across 38 regions and 120 availability zones. The automated network management tools resolve 96 percent of network events without human intervention through services like Elastic Load Balancing and CloudWatch.

29:24 Matt – “The speed of this is ridiculous. 320 plus terabytes per second – that is a lot of data to go at once!” 

30:20 Introducing AWS Capabilities by Region for easier Regional planning and faster global deployments | AWS News Blog

• AWS launched Capabilities by Region, a new planning tool that lets you compare service availability, API operations, CloudFormation resources, and EC2 instance types across multiple AWS Regions simultaneously. 
• The tool addresses a common customer pain point by providing visibility into which AWS features are available in different Regions and includes forward-looking roadmap information showing planned launch quarters.
• The tool helps solve practical deployment challenges like ensuring compliance with data residency requirements, planning disaster recovery architectures, and avoiding costly rework from discovering Regional limitations mid-project. You can filter results to show only common features available across all selected Regions, making it easier to design portable architectures.
• Beyond the web interface, AWS made the Regional capability data accessible through the AWS Knowledge MCP Server, enabling automation of Region expansion planning and integration into CI/CD pipelines. 
• The MCP server is publicly accessible at no cost without requiring an AWS account, though it is subject to rate limits.
• The tool provides detailed visibility into infrastructure components, including specific EC2 instance types like Graviton-based and GPU-enabled variants, helping you verify whether specialized compute resources are available in target Regions before committing to an architecture. 
• This level of granularity extends to CloudFormation resource types and individual API operations for services like DynamoDB and API Gateway.

30:36 Justin – “Thank you. I’ve wanted this for a long time. You put it in a really weird UI choice, but I do appreciate that it’s there.” 

32:10 Secure EKS clusters with the new support for Amazon EKS in AWS Backup | AWS News Blog

• AWS Backup now supports Amazon EKS clusters, providing centralized backup and restore capabilities for both Kubernetes configurations and persistent data stored in EBS, EFS, and S3. This eliminates the need for custom scripts or third-party tools that previously required complex maintenance across multiple clusters.
• The service includes policy-based automation for protecting single or multiple EKS clusters with immutable backups to meet compliance requirements. During restore operations, AWS Backup can now provision a new EKS cluster automatically based on previous configuration settings, removing the requirement to pre-provision target infrastructure.
• Restore operations are non-destructive, meaning they apply only the delta between backup and source rather than overwriting existing data or Kubernetes versions. Customers can restore full clusters, individual namespaces to existing clusters, or specific persistent storage resources if partial backup failures occur.
• The feature is available in all AWS commercial regions except China and in AWS GovCloud US, where both AWS Backup and Amazon EKS are supported. 
• Pricing follows standard AWS Backup rates based on backup storage consumed and data transfer, with costs varying by region and storage tier.
• Salesforce highlighted the business impact, noting that losing a Kubernetes control plane due to software bugs or accidental deletion can be catastrophic without proper backup capabilities. This native integration addresses a critical resiliency gap for organizations running production EKS workloads at scale.

33:07 Matt – “It’s the namespace level that they can deploy or backup and restore to that, to me, is great. I could see this being a SaaS company that runs their application in Kubernetes, and they have a namespace per customer, and having that ability to have that single customer backed up and be able to restore that is fantastic. So while it sounds like a minor release, if you’re in the Kubernetes ecosystem, it will just make your life better.”

33:53 Jupyter Deploy: Create a JupyterLab application with real-time collaboration in the cloud in minutes | AWS Open Source Blog

• Jupyter Deploy is an open source CLI tool from AWS that lets small teams and startups deploy a fully configured JupyterLab environment to the cloud in minutes, solving the problem of expensive enterprise deployment frameworks. 
• The tool automatically sets up EC2 instances with HTTPS encryption, GitHub OAuth authentication, real-time collaboration features, and a custom domain without requiring manual console configuration.
• The CLI uses infrastructure-as-code templates with Terraform to provision AWS resources, making it simple to upgrade instance types for GPU workloads, add storage volumes, or manage team access through a single command. Users can easily scale from a basic t3.medium instance to GPU-accelerated instances when they need more compute power for deep learning tasks.
• Real-time collaboration is a key differentiator, allowing multiple team members to work simultaneously in the same JupyterLab environment after authenticating through GitHub, eliminating the security and access limitations of running Jupyter locally on laptops. The tool includes cost management features like the ability to stop instances when not in use while preserving state and file systems.
• The project is vendor-neutral and extensible, with AWS planning to add Kubernetes templates for Amazon EKS and welcoming community contributions for other cloud providers, OAuth providers, and deployment patterns. 
• Templates are distributed as Python libraries that the CLI automatically discovers, making it easy for the community to create and share new deployment configurations. 

34:51 Justin – “A lot of people, especially in their AI workloads, they don’t want to use SageMaker for that necessarily; they want their own deployment of a cluster. And so there was just some undifferentiated heavy lifting that was happening, and so I think this helps address some of that.”

GCP

35:09 Agentic AI on Kubernetes and GKE | Google Cloud Blog

• Agent Sandbox is a new Kubernetes primitive designed specifically for running AI agents that need to execute code or use computer interfaces, providing kernel-level isolation through gVisor and Kata Containers. 
• This addresses the security challenge of AI agents making autonomous decisions about tool usage, where traditional application security models fall short.
• On GKE, Agent Sandbox delivers sub-second latency for isolated agent workloads through pre-warmed sandbox pools, representing up to 90% improvement over cold starts. 
• The managed implementation leverages GKE Sandbox and container-optimized compute for horizontal scaling of thousands of ephemeral sandbox environments.
• Pod Snapshots is a GKE-exclusive feature in limited preview that enables checkpoint and restore of running pods, reducing startup times from minutes to seconds for both CPU and GPU workloads. 
• This allows teams to snapshot idle sandboxes and suspend them to save compute costs while maintaining the ability to quickly restore them to a specific state.
• The project includes a Python SDK designed for AI engineers to manage sandbox lifecycles without requiring deep infrastructure expertise, while still providing Kubernetes administrators with operational control. Agent Sandbox is available as an open source CNCF project and can be deployed on GKE today, with documentation at agent-sandbox.sigs.k8s.io.
• Primary use cases include agentic AI systems that need to execute generated code safely, reinforcement learning environments requiring rapid provisioning of isolated compute, and computer use scenarios where agents interact with terminals or browsers. The isolation model prevents potential data exfiltration or damage to production systems from non-deterministic agent behavior.

36:49 Matt – “Anything that can make these environments, especially if they are ephemeral, scale up and down better so you’re not burning time and capacity on your GPUs – that are not cheap – is definitely useful. So it’d be a nice little money saver along the way.”

37:09 Ironwood TPUs and new Axion-based VMs for your AI workloads | Google Cloud Blog

• Google announces Ironwood, its seventh-generation TPU, delivering 10X peak performance improvement over TPU v5p and 4X better performance per chip than TPU v6e for both training and inference workloads. 
• The system scales up to 9,216 chips in a superpod with 9.6 Tb/s interconnect speeds and 1.77 petabytes of shared HBM, featuring Optical Circuit Switching for automatic failover. Anthropic plans to access up to 1 million TPUs and reports that the performance gains will help scale Claude efficiently.
• New Axion-based N4A instances enter preview, offering up to 2X better price-performance than comparable x86 VMs for general-purpose workloads like microservices, databases, and data preparation. 
• C4A metal, Google’s first Arm-based bare metal instance, will launch in preview soon for specialized workloads requiring dedicated physical servers. Early customers report 30% performance improvements for video transcoding at Vimeo and 60% better price-performance for data processing at ZoomInfo.
• Google positions Ironwood and Axion as complementary solutions for the age of inference, where agentic workflows require coordination between ML acceleration and general-purpose compute. 
• The AI Hypercomputer platform integrates both with enhanced software, including GKE Cluster Director for TPU fleet management, MaxText improvements for training optimization, and vLLM support for switching between GPUs and TPUs. According to IDC, AI Hypercomputer customers achieved 353% three-year ROI and 28% lower IT costs on average.
• The announcement emphasizes system-level co-design across hardware, networking, and software, building on Google’s custom silicon history, including TPUs that enabled the Transformer architecture eight years ago. Ironwood uses advanced liquid cooling deployed at a gigawatt scale with 99.999% fleet-wide uptime since 2020, while the Jupiter data center network connects multiple superpods into clusters of hundreds of thousands of TPUs. 
• Customers can sign up for Ironwood, N4A, and C4A metal preview access through Google Cloud forms.

38:57 Automate financial governance policies using Workload Manager | Google Cloud Blog

• Google has enhanced Workload Manager to automate FinOps cost governance policies across GCP organizations, allowing teams to codify financial rules using Open Policy Agent Rego and run continuous compliance scans. 
• The tool includes predefined rules for common cost management scenarios like enforcing resource labels, lifecycle policies on Cloud Storage buckets, and data retention settings, with results exportable to BigQuery for analysis and visualization in Looker Studio.
• The pricing update is significant, with Google reducing Workload Manager costs by up to 95 percent for certain scenarios and introducing a small free tier for testing. 
  • This makes large-scale automated policy scanning more economical compared to manual auditing processes that can take weeks or months while costs accumulate.
• The automation addresses configuration drift where systems deviate from established cost policies, enabling teams to define rules once and scan entire organizations, specific folders, or individual projects on schedules ranging from hourly to monthly. Integration with notification channels, including email, Slack, and PagerDuty, ensures policy violations reach the appropriate teams for remediation.
• Organizations can use custom rules from the GitHub repository or leverage hundreds of Google-authored best practice rules covering FinOps, security, reliability, and operations. 
• The BigQuery export capability provides historical compliance tracking and supports showback reporting for cost allocation across teams and business units.

40:06 Matt – “Having that very quick, rapid response to know that something changed and you need to go look at it before you get a 10 million dollar bill is critical.” 

Azure

41:50 Generally Available: Azure MCP Server

• Azure MCP Server provides a standardized way for AI agents and developers to interact with Azure services through the Model Context Protocol. 
• This creates a consistent interface layer across services like AKS, Azure Container Apps, App Service, Cosmos DB, SQL Database, and AI Foundry, reducing the need to learn individual service APIs.
• The MCP implementation allows developers to build AI agents that can programmatically manage and query Azure resources using natural language or structured commands. 
  • This bridges the gap between conversational AI interfaces and cloud infrastructure management, enabling scenarios like automated resource provisioning or intelligent troubleshooting assistants.
• The server architecture provides secure, authenticated access to Azure services while maintaining standard Azure RBAC controls. 
  • This means AI agents operate within existing security boundaries and permissions frameworks rather than requiring separate authentication mechanisms.
• Primary use cases include DevOps automation, intelligent cloud management tools, and AI-powered development assistants that need direct Azure service integration. Organizations building copilots or agent-based workflows can now connect to Azure infrastructure without custom API integration work for each service.
• The feature is generally available across Azure regions where the underlying services operate. Pricing follows standard Azure service consumption models for the resources accessed through MCP, with no additional charge for the MCP Server interface itself.

42:50 Matt – “So I like the idea of this, and I like it for troubleshooting and stuff like this, but the idea of using it to provision resources terrifies me. Maybe in development environments, ‘Hey, I’m setting up a three-tier web application, spin me up what I need.’ But if you’re doing this for a company, I really worry about speaking in natural language, and consistently getting the same result to spin up resources.”

45:50 A new era and new features in Azure Ultra Disk

• Azure Ultra Disk receives substantial performance and cost optimization updates focused on mission-critical workloads. 
  • The service now delivers an 80% reduction in P99.9 and outlier latency, plus a 30% improvement in average latency, making it suitable for transaction logs and I/O-intensive applications that previously required local SSDs or Write Accelerator.
• New flexible provisioning model enables significant cost savings with workloads on small disks, saving up to 50% and large disks up to 25%. 
• Customers can now independently adjust capacity, IOPS, and throughput with more granular control, allowing a financial database example to reduce Ultra Disk spending by 22% while maintaining required performance levels.
• Instant Access Snapshot feature enters public preview for Ultra Disk and Premium SSD v2, eliminating traditional wait times for snapshot readiness. New disks created from these snapshots hydrate up to 10x faster with minimal read latency impact during hydration, enabling rapid recovery and replication for business continuity scenarios.
• Ultra Disk now supports Azure Boost VMs, including Ebdsv5 series (GA with up to 400,000 IOPS and 10GB/s) and Memory Optimized Mbv3 VM Standard_M416bs_v3 (GA with up to 550,000 IOPS and 10GB/s). 
• Additional Azure Boost VM announcements are planned for 2025 Ignite with further performance improvements for remote block storage.
• Recent feature additions include live resize capability, encryption at host support, Azure Site Recovery and VM Backup integration, and shared disk capability for SCSI Persistent Reservations. 
• Third-party backup and disaster recovery services now support Ultra Disk for customers with existing tooling preferences.

47:38 Matt – “There wasn’t any encryption at the host level? Clearly I make bad life choices being in Azure, but not THAT bad of choices.” 

48:21 Announcing General Availability of Larger Container Sizes on Azure Container Instances | Microsoft Community Hub

• Azure Container Instances now supports container sizes up to 31 vCPUs and 240 GB of memory for standard containers, expanding from the previous 4 vCPUs and 16 GB limits. 
• This applies across standard containers, confidential containers, virtual network-enabled containers, and AKS virtual nodes, though confidential containers max out at 180 GB memory.
• The larger sizes target data-intensive workloads like real-time fraud detection, predictive maintenance, collaborative analytics in healthcare, and high-performance computing tasks such as climate modeling and genomic research. Organizations can now run fewer, larger containers instead of managing multiple smaller instances, simplifying scaling operations.
• Customers must request quota approval through Azure Support before deploying containers exceeding 4 vCPUs and 16 GB, then can deploy via Azure Portal, CLI, PowerShell, ARM templates, or Bicep. The serverless nature maintains ACI’s pay-per-use pricing model, though specific costs for larger SKUs are not detailed in the announcement.
• This positions ACI as a more viable alternative to managed Kubernetes for workloads that need substantial compute resources but don’t require full orchestration complexity. The enhancement particularly benefits scenarios where confidential computing is required, as those containers can now scale to 31 vCPUs with 180 GB memory while maintaining security boundaries.

49:40 Generally Available: Geo/Object Priority Replication for Azure Blob

• Geo Priority Replication is now generally available for Azure Blob Storage, providing accelerated data replication between primary and secondary regions for GRS and GZRS storage accounts with an SLA-backed guarantee. This addresses a longstanding customer request for predictable replication timing in geo-redundant storage scenarios.
• The feature specifically targets customers with compliance requirements or business continuity needs that demand faster recovery point objectives (RPO) for their geo-replicated data. Organizations in regulated industries like finance and healthcare can now better meet data availability requirements with measurable replication performance.
• This enhancement works within the existing GRS and GZRS storage account types, meaning customers can enable it on current deployments without migrating to new account types. The SLA backing represents a shift from best-effort replication to guaranteed performance metrics for secondary region data synchronization.
• The announcement appears truncated with incomplete SLA details, but the core value proposition centers on reducing the uncertainty around when data becomes available in secondary regions during normal operations. This matters for disaster recovery planning, where organizations need to calculate realistic RPO values rather than relying on variable replication times.
• Pricing details were not included in the announcement, though this feature likely carries additional costs beyond standard GRS or GZRS storage rates, given the performance guarantees involved. Customers should review Azure pricing documentation for specific cost implications before enabling geo priority replication.

Closing

And that is the week in the cloud! Visit our website, the home of the Cloud Pod, where you can join our newsletter, Slack team, send feedback, or ask questions at theCloudPod.net or tweet at us with the hashtag #theCloudPod

Download audio: https://episodes.castos.com/5e2d2c4b117f29-10227663/2235457/c1e-v0z0c7446jfodw79-gp91qd0kix3w-7tv11m.mp3

In this episode, we dive deep into AWS Builder Center, the new community platform designed to consolidate all AWS developer resources into one central hub. Roopal Jain, Software Development Engineer on the Builder Center team, explains how this platform brings together previously scattered AWS community properties like re:Post, Skill Builder, and community.aws into a unified experience for builders. Beyond exploring what Builder Center offers - from articles and events to toolboxes organized by programming language - we take a technical deep dive into how the team built this large-scale web application. Rupal shares the architectural decisions behind their serverless microservices approach, the challenges of integrating Neptune graph database for social features like user following, and creative solutions for handling dual authentication methods in API Gateway. The conversation reveals real-world implementation challenges that many developers face, from VPC networking complexities to service-to-service authentication patterns. We also discuss Builder ID, AWS's new individual identity system, and get a glimpse of what's coming next for the platform.

With Roopal Jain, Sr. Software Developer, AWS

Builder center

Download audio: https://op3.dev/e/dts.podtrac.com/redirect.mp3/developers.podcast.go-aws.com/media/191.mp3

---