227: The Cloud Pod Peeps at Azure’s Explicit Proxy

Cloud Pod Header
227: The Cloud Pod Peeps at Azure’s Explicit Proxy
73 / 100

Welcome episode 227 of the Cloud Pod podcast – where the forecast is always cloudy! This week your hosts are Justin, Jonathan, Matthew and Ryan – and they’re REALLY excited to tell you all about the 161 one things announced at Google Next. Literally, all the things. We’re also saying farewell to EC2 Classic, Amazon SES, and Azure’s Explicit Proxy – which probably isn’t what you think it is. 

Titles we almost went with this week:

  • 🔵Azure announced a what proxy? 
  • 📨The Cloud Pod would like you to engage with our email.
  • 🤖Oracle Rover to Base… Come In Rover
  • 🗣️A snarky look at 160 Google Next Announcements
  • 📣Google Next’s got 161 Announcements and AI ain’t one
  • 🧮How high can you count, Google can count to 161
  • ⚖️The cloud pod would like to get consensus on the definition of light weight

A big thanks to this week’s sponsor:

Foghorn Consulting provides top-notch cloud and DevOps engineers to the world’s most innovative companies. Initiatives stalled because you have trouble hiring?  Foghorn can be burning down your DevOps and Cloud backlogs as soon as next week.

📰General News this Week:📰


00:36 Farewell EC2-Classic, it’s been swell

  • Werner has a blog post talking about the end of Ec2-classic, with the final EC2-Classic instance being turned off on August 15th, 2 years after the announcement
  • He points out that the reason it was “classic” is because of the network architecture. All instances launched on a giant flat network shared between all customers. 
  • The process for end users was simple, but it was highly complex for AWS at the time. 
  • The m1.small that launched was equivalent of 1 virtual CPU powered by a 1.7ghz Xeon processor with 1.75gb of ram, and 160gb of local disk, and 250mb/s of network bandwidth. For the low price of $0.10 per clocked hour. 
  • Werners blog even ran on the m1 small for 5+ years before he moved it to the Amazon S3 website feature.  
  • VPC’s introduced in 2013, allows AWS customers to have their own slice of the cloud.. But classic still lived for another decade. 
  • The EC2 team kept classic running until every instance was retired or migrated, providing the necessary documentation, tools and support from engineering and account management through the process. 
  • Werner shows that this is one of the best examples of delivering cloud for today’s workloads as well as tomorrow, and how AWS won’t pull the rug out from under you. 

02:08 📢 Ryan – “I think most people know who he was referring to there. But it is cool. I mean, the fact that they were able to actually retire a thing and not just turn it off on people is pretty amazing.”

03:38 Amazon SES now offers email delivery and engagement history for every email  

  • Amazon Simple Email Service (SES) has launched a new deliverability feature that helps customers troubleshoot individual email delivery problems, confirm delivery of critical messages and identify engaged recipients on a granular, single email basis.  
  • Senders can investigate trends in delivery performance and see delivery and engagement status for each email sent via SES.  
  • Potentially this makes it easier for customers to manage and optimize their delivery and campaign performance. 
  • You might actually pay a lot of money from other email providers for this service, and now available included in SES. So, cool. 
  • Want to learn more? You can check it out here

04:42 📢 Jonathan – “I can’t wait for them to start analyzing all the messages that you send and then give you some kind of metric based on engagement and the content. You know, I could use AI to advise on which style of messages were to what kind of language words and that kind of thing. Give you some useful feedback for marketing.”

05:13 📢 Ryan – “And then the next emails will write themselves!”


06:59  Hold onto your butts – ​All 161 things we announced at Google Cloud Next ‘23 – a recap 

  • 161 things were announced… but not all on the main stage, or that we covered last week.
    • Because of this, Justin is determined to read all 161 for you…and these are the ones that struck him as the most interesting. Consider this the Tl;dr for Next – with an addition of SNARK. ✨You’re welcome.✨
  • (07:37) Reinforcement learning with Human Feedback (RLHF) is now in public preview. See Skynet you may still need us in the future. 👍
  • (07:49) Grounding in Vertex AI roots generative outputs in your enterprise data – to increase confidence in your generative AI search and conversational applications – see Ryan? It’s not about electricity!
  • (09:07) Med-Palm 2, their medically tuned version of Palm 2, will be available as a preview to more customers in the healthcare and life sciences industry.  Med Palm is a relative of Napalm, thrice removed. Sort of. Maybe? Someone give me my Palm Pilot back . 
  • (09:29) Duet AI is in preview across a variety of products in the data analytics including Looker BigQuery and Dataplex.  I appreciate being able to blame the data on someone other than me… “its my duet partner I swear” 
  • (09:45) Hey now.. support Hudi and Delta Lake within BigLake, and added performance acceleration for Apache Iceberg… sadly there were no hoodies at the conference…. And ICEBERG AHEAD!
  • (09:59) BigLake can now be your single lakehouse, with cross-cloud materialized views and cross-cloud joins in BigQuery Omni. Seems like a pretty lonely big lake with only one lakehouse… We don’t like neighbors anyway, so 🤷
  • (10:17) BigQuery Data clean rooms can help you understand your Google and Youtube campaign performance. If only it could help us figure out our podcast performance. 
    • There’s no hope anyway. 
  • (10:29) Now you can access thousands of datasets from hundreds of providers including Acxiom, Bloomberg, Equifax, Nielsen and Zoominfo directly in BigQuery. Or, how my crazy Uncle points out that Google is biased by the left. The youths and all their data! 
  • (10:46) Cloud Spanner Data Boost, now in GA, lets you analyze your spanner data via services such as BigQuery, Spark on Dataproc or Dataflow with virtually no impact to your transactional workloads. **And your CFO wept.**  If we had a dollar for everytime someone said “virtually no impact” we’d all retire. Yesterday. 
  • (11:07) A new BigQuery export to bigtable reverse ETL feature in preview lets you serve analytical insights from your applications without having to touch an ETL tool. Thank God – the only thing worse they could have done was announce their own version of Glue.
  • (11:44) Fully managed memorystore for Redis cluster in preview.  Easy to use open source compatible Redis cluster service that provides up to 60 times more throughput than memorystore for Redis, with microsecond latencies.  “Please reset the cache… mmmmhmmm which one?”
  • (12:05) Bigtable change streams feature allows you to capture data changes to Bigtable table as the changes happen, letting you stream them for processing or analysis.  Don’t cross the Kafka Streams!!
  • (12:19) Cloud Bigtable request priorities, in preview, let you execute large workloads that are not time sensitive, as low priority jobs on the Bigtable cluster, and minimizing the impact of batch processing on serving workloads.  
    • If the query ran when I wasn’t staring at the console, did it really happen? 
  • (12:42) Looker Studio users now have native access to the alteryx designer cloud for data preparation, and enhanced cloud connectivity, starting with Excel and CSV files from storage formats including sharepoint and Onedrive. If you or a loved one is suffering from Dashboard Envy… try Alteryx. Side effects may include dizziness, nausea, vomiting, and unhappiness with data displayed. 
  • (13:06) New Multislice technology in preview lets you scale AI models beyond the boundaries of physical TPU pods, with tens of thousands of Cloud TPU v5e or TPU v4 chips. This also produces bills beyond the boundaries of your CFO’s imagination. 
  • (13:28) Arm based C3A, powered by AmpereOne processors  will be in preview next month.  Hey guys, remember when ARM was all the rage? This year they didn’t even make main stage. OUCH. How the mighty have fallen.
  • (13:43) C3 VMs support for Hyperdisk Extreme is now in preview and supports 500k IOPS.  Cha-CHING
  • (14:06) Hyperdisk storage pools now in preview, allow customers to provision capacity and performance in aggregate pools, and then thinly provision hyperdisk volumes.  I’m HYPER excited to troubleshoot this.
  • (14:22) VMs have new uptime SLAs, a 99.95% for Memory Optimized VMs, and 99.9% for all other VM families.  This is google… and we know those numbers are a dream anyways. 
  • (14:36) Future reservations, now in preview, is a new compute engine feature that allows you to reserve compute capacity for a future date. Now, Google doesn’t like it when Justin says they’re not very cloudy…. but come on – when you make it this easy!
  • (14:54) VMWare Engine nodes have been upgraded with 2TB ram options and 64-128 VCPus and up to 50tb storage for google cloud vmware engine, as well as three new storage options — Netapp Volumes, Filestore and Storage-only (vsan) nodes.  Finally the VMware offering has matched the last servers I purchased to run VMWare at scale at a job 12 years ago.
  • (15:19) New Service Extension callouts for cloud load balancers let you customize services such as specialized monitoring, logging, traffic steering or authentication. I don’t have a joke for this. i’m here for this feature. 
  • (15:33) But then there is this Automation solution toolkit for Google Cloud Load Balancer global front ends that lets you integrate and automate products including Cloud Armor, Cloud load balancing and Cloud CDN into popular CI/CD platforms. It supports Jenkins. GTFO Google.
  • (15:52) Broadcom is integrating its Secure Web Gateway natively into Google cloud.  You mean the guys who own VMware… yeah i’m gonna pass.
  • (16:03) Elasticsearch, MongoDB Enterprise Advanced and SAP on Google Distributed Cloud are available via Google Cloud Marketplace. You’re really scratching at the bottom of the barrel on these 161 Google. 
  • (16:18) New Bastion Host on GDC edge, in preview, enables you to easily view and control google cloud access to GDC edge for troubleshooting purposes, supporting you with operational sovereignty and compliance requirements.  “Ah crap Google Edge is down… call Google and get them to fix their shit, but they say they can’t log in. Crap the bastion is down!!!!”
  • (16:39) They partnered with Gitlab to offer secure devops solutions with integrated source management, artifact management, CI/CD and Enhanced security. At least someone still finds Gitlab relevant.
  • (16:52) The Google Maps platform team introduced environment APIs for Solar, Air Quality and Pollen Details.  Bless You. 
  • (17:00) Agentless Vulnerability scanning by Tenable integrated into SCC.  SHENANIGANS there was no mention it was powered by Tenable last week! 
  • (17:18) We expanded the coverage footprint of our Sensitive Data Protection Offerings with enhanced integration for Dataplex and Dialogflow and Cloud SQL.  This is really to protect these services from Ryan who is not sensitive in this regard. 
  • (17:31) The Google Cloud Certified Professional Cloud Security Engineer Exam Guide is now Available.  Step 1. Its GCCPCSE certification… you will be quizzed. 
    • No, seriously. I hope you’re taking better notes than these. 
  • (17:44) Google Chat now supports up to 500,000 participants in a single space, to help build thriving communities, even in the largest organizations. They will of course need you to use AI or Pub/Sub to build processing to keep up with the onslaught of messages. 
  • (18:17) Duet AI for Google Workspaces can create a whole new presentation in slides; complete with text, charts, and images based on your relevant content in Drive and Gmail.  Man, could you imagine the presentation based on my google spam folder? Would be epic! 
  • (18:35) Duet AI in Google Meet helps you look and sound your best with new AI-powered enhancements, including studio look, studio lighting, and studio sound, as well as dynamic tiles and automatic face detection so remote attendees can see everyone in a meeting room, with each in-person attendee getting their own video tile with their name — I have 0 notes on this other than if you didn’t force RTO you wouldn’t have needed this.
  • (19:01) We announced the winners of our Google cloud customer awards 

Again you don’t seem to understand what a feature is; and that goes for 129-147 on this list. And 148-152- it’s just the same thing but with startups. Padding the numbers, much? 

  • (19:12) Partners get covered from 153-160…no one cares. And that is Google Next 👍


19:59 Generally Available: Azure Monitor VM Insights using Azure Monitor Agent

  • Azure continues to release weird insight tools for things that we* thought* already gave insights, but VM Insights provides a quick and easy method to monitor the client workloads on your Azure virtual machines and virtual machine scale sets as well as Azure arc enabled servers running on-premises or multi-cloud.

20:24📢 Justin – “It did note in the article that if you’re using the old legacy Azure log agent, that’s a bit deprecated and you should move to this, which is not clear in the title of this at all. It’s about logs. So I appreciate that.”

20:38 Azure Firewall: Explicit Proxy is now in public preview  

  • Azure Firewall now supports Explicit proxy mode on the outbound path.
  •  With this enabled, you have the option to configure a proxy setting directly on the sending application, such as a web browser, with Azure firewall acting as the designated proxy. 
  • This configuration allows traffic from the sending application to be directed to the private IP address of the firewall, facilitating direct egress from the firewall without the need for a UDR. And no, that’s not a weird disease you learned about in 9th grade. 

21:19📢 Justin – “Basically what it is, instead of setting the proxy at the server level, so all traffic routes through the firewall as your outbound proxy, you can now tell the web browser or the application using web browser settings to now use the proxy that you specified in the browser to access the internet. So you don’t have to set that as all default traffic out through the firewall.”

22:19📢 Jonathan – “I mean, I guess the cool feature is that Azure Firewall now supports being a proxy for applications which have supported having proxy settings for 30 years.”

23:41 PIR – Services Impacted after power/cooling issue – Australia East

  • On August 30th 8:41 UTC to 6:40 UTC on September 1st customers using Azure, M364 and Power services were out. 
  • The issue was caused by a utility power sag in Australia East Region which tripped a subset of cooling units offline in one datacenter, within one of the Availability Zones.  
  • While working to restore cooling, temperatures in the datacenter increased “so we proactively power down a small subset of selected compute and storage scale units, in an attempt to avoid damaging hardware.” 
  • Due to the size of the datacenter campus, the staffing of the team at night was insufficient to restart the chillers in a timely manner. We have temporarily increased the team size…I guess, thanks?
  • The EOP for restarting chillers is slow to execute for an event with such a significant blast radius, and they are looking to improve the automation. 

25:11📢 Matthew – “It was tied to one availability zone in Azure terms, but it did affect other zones, which still confuses me. I’m still trying to get to the bottom of that, but they did do a good job communicating along the way, so I will give them that. Like the alerts across the way were really good. But a lot of times it was just like, we have no update, which I get, they don’t necessarily have a full update. Things did recover pretty quickly. So I think really by about four or five hours, things were back up. If I remember correctly, but they’re the long tail of getting the last couple services, and I think even at the end of this, where they called the end of the outage at like six 40 UTC. There were still like over 99% of storage accounts and 99% of CosmoDB are up and then they kind of just said, ‘we’re stable and we’re working on fixing the last couple of customers’.”


30:05 Oracle Roving Edge Infrastructure now available in UK 

  • Oracle continues to expand my favorite service of their Roving Edge. 
  • Now it is roving all over the beautiful green fields and English countryside. 
  • Oracle Roving Edge is of course, their version of Azure Arc, which brings core cloud services to anywhere in a remote location.  These hardened units provide a 2U rack-mountable server and a lightweight until that comes with a battery-operated device.  

30:48📢 Ryan – “Since we all know that Oracle sites are just riding around the back of trucks, I find it very cute that they just productize this feature of their data centers.”

Continuing our Cloud Journey Series Talks

31:43 Tech Works: How to Fill the 27 Million AI Engineer Gap 

  • There is a massive AI engineering talent gap in the market.
  • To fill these gaps you will need to retain a lot of technologists, and this article details a few things to think about to get that done.
  • Short Term Solution: Prompt Engineers
    • Engineering is basically scientific, and so most of them are experimenting with AI already.  Taking advantage of things like Github copilot and ChatGPT> 
    • The natural step is to become a prompt engineering who is tasked with:
      • Understanding the limitations of the model
      • Designing a prompt in natural language
      • Evaluating performance
      • Refining when necessary
      • Deploying over internal data
    • However the belief is prompt engineering is a temporary solution to address limitations of current AI models. 
  • Longer term…
    • Machine Learning skills, Python and More.  
    • LLM with the Transformer model and knowing how to build and train models with text data
    • Core Skills language paired with engineering… Non-technical people are often better at getting outputs than technical people.  

After Show

38:42 Meta’s Next AI Attack on OpenAI: Free Code-Generating Software

Microsoft Plans AI Service With Databricks That Could Hurt OpenAI  

  • Apparently the big thing in AI is attacking Open AI with both Meta and Microsoft apparently working on hurting Open AI in some way. 
  • Meta of course has Llama 2, which is open source and could compete with bigger paid LLM models from Open AI, Google or Microsoft. 
  • Meta releasing the coding model publicly is seen as a sharp contract switch to Open AI who has been heavily secretive about its model and how it is built. 
  • Coding assistants are very popular, with Llama being rolled into a few different coding assistants including CodeCompose and Code Llama.  So far Meta isn’t planning to release it for public use, yet.
  • Microsoft has hitched its wagon to Open AI in the forms of billions of dollars of investments and likely Azure credits. But they’re cozying up with a second horse in the AI race: Databricks, which is positioning itself as an anti-OpenAI. 
  • Microsoft plans to sell a new version of Databricks software that will help a customer make AI apps for their businesses, according to three people with direct knowledge of the plan.  

46:47 Sad State of Podcast Advertising

  • Thoughts on Subscriber models?
  • Would you be interested? We could do exclusives or other stuff that makes it worth your money…
  • We’d love to get thoughts and ideas from our listeners! Hit us up on our Slack channel or whatever Musk is calling Twitter this week. 


And that is the week in the cloud! We would like to thank our sponsors Foghorn Consulting. Check out our website, the home of the cloud pod where you can join our newsletter, slack team, send feedback or ask questions at thecloudpod.net or tweet at us with hashtag #thecloudpod

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.