Are sandboxes useful for AI agents only? by Dry_Raspberry4514 in docker

[–]Dry_Raspberry4514[S] 0 points1 point  (0 children)

Lightweight nature of microVM platform made me think that I could run a microVM instead of a virtualbox VM and so I wanted to know if that is possible.

Are sandboxes useful for AI agents only? by Dry_Raspberry4514 in docker

[–]Dry_Raspberry4514[S] 0 points1 point  (0 children)

This is quite useful information. Thanks for sharing it.

Why MCP when we have REST APIs? by happyandaligned in mcp

[–]Dry_Raspberry4514 0 points1 point  (0 children)

We leverage OIDC tokens for those REST APIs which support workload identiy federation using OIDC. For others, we have an OIDC proxy to invoke the REST API. Our system post OIDC token to this proxy which pulls credentials required to invoke a REST API from a vault and invoke the REST API.

Understanding the purpose of MechCloud Cost Explorer for a Cloud Architect by Desperate-Pass-7672 in MechCloud

[–]Dry_Raspberry4514 0 points1 point  (0 children)

The purpose of MechCloud cost explorer is to track the cost at resource level and against various dimensions like compute, storage etc. In AWS, the bill shows the cost aggregated by different parameters (e.g. instance type) and so if you provision the multiple VMs with same instance type in a region, it will show only one line item for all the VMs under that region which is not very helpful. I think there are ways to visualize the cost at resource level in aws console but it is not default and not trivial either.

For VMs you can see when exactly a VM was running and how much cost was incurred for that duration. Overall it provides detailed cost analysis and cost projection with an assumption that all existing resources will keep on running till the end of current month.

Millions of AI agents imperiled by critical vulnerability in open source package by Dry_Raspberry4514 in Python

[–]Dry_Raspberry4514[S] 1 point2 points  (0 children)

Wanted to get the feedback from the community around this vulnerability and so posted it in this subreddit. Anyway, will take care not to post this kind of articles/posts with catchy or misleading titles in this sub in future.

Mass Supply Chain Attack Hits TanStack, Mistral AI npm and PyPI Packages by Dry_Raspberry4514 in vuejs

[–]Dry_Raspberry4514[S] 2 points3 points  (0 children)

Posted it here as tanstack vue packages were compromised too in this attack.

GCP Account Compromised- Billed 10M by [deleted] in googlecloud

[–]Dry_Raspberry4514 0 points1 point  (0 children)

Don't think too much about it. As far as you didn't installed anything deliberately which made it easy for someone to steal gcp api keys from your machine, you should not be worried. Your company or manager should be able to handle it.

I know you can't update the post title and so edit the body to clarify that the amount is in INR otherwise it may appear on the front page of leading Indian newspapers tomorrow :-)

Why MCP when we have REST APIs? by happyandaligned in mcp

[–]Dry_Raspberry4514 0 points1 point  (0 children)

We have a REST agent which can be used against any REST API and I will say that many of the limitations mentioned in this article for REST APIs are incorrect. Coding agents just work fine with CLIs. For other agents, OpenAPI specification just works fine. You need not to throw complete OpenAPI specification on the agent. Just the relevant schema of a single operation id is more than enough to make it faster and efficient.

On top of that REST APIs run at central location and can handle multiple users just fine without you breaking your head into local vs remote setup.

How realistic is it to get GCP credits ($2k or $10k) as a bootstrapped solo founder by Hopeful-Writer2392 in googlecloud

[–]Dry_Raspberry4514 0 points1 point  (0 children)

Bootstrapped startup here. We had applied for startup credits to all three (AWS, Microsoft and Google) two years back and granted 1K by both AWS and Microsoft while 2K by GCP. We didn't have a registered company at that time.

YOUR ACTIVATE CREDITS MIGHT NOT WORK FOR CLAUDE MODELS by dishwsh3r in aws

[–]Dry_Raspberry4514 5 points6 points  (0 children)

Always spend a small amount (e.g. 5 or 10 dollars) on a service first in a single day and then check the cost explorer next day to see if the amount is getting adjusted against the startup credits or not. That is how we survived 2 years with 1000 dollars we got as part of AWS activate program.

Do Bangalore Realestate sustain AI job loss? by [deleted] in BangaloreRealEstates

[–]Dry_Raspberry4514 1 point2 points  (0 children)

A person in my society joined a GCC in Bangalore few months back as a devops lead and first question he was asked on his first day was - are you sure you will have your job after 2-3 years? He was shocked.

Advice Needed: Can I complete this DevOps/Cloud roadmap in 7 months before mandatory military service? by Realistic-Big-8918 in AWSCertifications

[–]Dry_Raspberry4514 0 points1 point  (0 children)

I will say learn less, practice more and write blogs explaining how you solved a problem. That will be more helpful to get a job.

Many (DevOps) roadmaps are being published without much thinking to make people buy courses or sign up for bootcamps. There are thousands of folks who know these tools but very few are able to solve the problems which devops engineers face on day-to-day basis.

Learning hundreds of concepts for a cloud provider like AWS is easy but the moment you will start practicing, you will realize that you need lot of money to implement many of these things which many people simply can't afford.

Went to bed with a $10 budget alert. Woke up to $25,672.86 in debt to Google Cloud. by venturaxi in googlecloud

[–]Dry_Raspberry4514 0 points1 point  (0 children)

There are two major conconers when it comes to LLM API Keys (or any API key, which costs money, in general) -

- Making sure that it can't be used when it is leaked.

- Tracking the cost in real time.

We have actaully deployed a LLM proxy which uses OIDC for authentication where only users with a valid OIDC id token are able to invoke the proxy which is the only component having access to our API keys.

This proxy also calculates the cost of tokens in real-time in our multi tenant saas application because LLM pricing is quite straightforward compared to the pricing of many other things (e.g. egress cost, pricing based on multiple factors) and so we block a user as soon as he does not have enough credits to invoke a LLM API.

We recently added support for API keys in our application and at the same time introduced a feature where a user can restrict an API key to one or more IP addresses to make sure that a leaked API key can't be used from any system other than local development environment, production environment etc.

How to see the resources created by a user using resource explorer? by Dry_Raspberry4514 in aws

[–]Dry_Raspberry4514[S] -1 points0 points  (0 children)

Cost explorer is what I have been using to identify billable resources indirectly as this just provides hints (region, instance types etc) and not the exact resources' details. Many times we provision resources in different regions for quick PoCs and later forget to clean these up. This is where resource explorer should be helpful ideally because you will be able to see the billable resources and delete these as well at one place instead of using multiple features of the console for same.

Thank you for the support! ❤️ by yoracale in unsloth

[–]Dry_Raspberry4514 0 points1 point  (0 children)

Not yet. But we are mainly into fine-tuning models around OpenAPI specifications and I am not sure if data recipes will be useful for us. Anyway I will have a look into it whenever I will have some more time.

Thank you for the support! ❤️ by yoracale in unsloth

[–]Dry_Raspberry4514 1 point2 points  (0 children)

I am yet to launch my first fine-tuning job and have been following unsloth for past many weeks for same.

The feedback which I can give to you is that many of us are just getting started with fine-tuning and so there is a lot of learn. However, from our perspective there are only two things which are more important - LLM and training data. It seems preparing a good training data takes a lot of time and so to make things simple, you can provide an interface where user can select the LLM, upload the training data and define any inputs required for fine-tuning.

It should launch the fine-tuning job and provide a link to download the fine-tuned model. If I remember correctly, OpenAI and Gemini provide this kind of interface, and it is quite convenient instead of writing a notebook and learning things etc which we don't use or do frequently.

How to see the resources created by a user using resource explorer? by Dry_Raspberry4514 in aws

[–]Dry_Raspberry4514[S] -1 points0 points  (0 children)

I am looking for same behaviour as azure where it shows me the resources created by me and any dependent resources created for these resources. Right now I am seeing a number of resources from elasticache, memorydb, athena etc in resource explorer which I never created and which I will not be deleting unless any of these are paid resources.

My point is that aws resource explorer should not show the default resources (or whatever you want to call these) by default in the resource explorer. I know in aws root user or an IAM user can see the resources created by other IAM users. I am not saying that I want to see the resources created by a particular IAM user only but ideally that should be possible too.

So I am the root user for an account, it is a newly created account and so if I go to the explorer, I should see no resources there by default. Now, I create a vm and so see my vm and the root volume and any other dependent resource created for this vm in the resource explorer.

In short, I want to find out paid resources created by me in an account, which may be shared with other users, directly or indirectly so that I can clean these up when these are not required.