Curated topic

dist

Posts tagged with dist

GitHub EngineeringApr 16, 2026

How GitHub uses eBPF to improve deployment safety

Why it matters: Circular dependencies can paralyze recovery during outages. By using eBPF and cGroups, engineers can enforce network isolation for deployment scripts without impacting production traffic, ensuring that critical infrastructure remains deployable even when primary services are offline.

GitHub uses eBPF to mitigate circular dependencies where deploying a fix requires access to the service currently experiencing an outage.
They identified three dependency types: direct (explicit script calls), hidden (automatic tool updates), and transient (downstream API dependencies).
The solution utilizes BPF_PROG_TYPE_CGROUP_SKB to hook into network egress specifically for processes within a targeted Linux cGroup.
This approach allows granular network filtering, blocking deployment scripts from accessing github.com while allowing production traffic to continue normally.
The system was implemented using the cilium/ebpf Go library to load and manage custom programs within the Linux kernel.

#sre #dist #security

Read original

Engineering at MetaApr 16, 2026

Post-Quantum Cryptography Migration at Meta: Framework, Lessons, and Takeaways

Why it matters: Quantum computing threats like Store Now, Decrypt Later jeopardize current encryption. Meta’s framework provides a scalable roadmap for organizations to transition to PQC standards, ensuring long-term data security without compromising system performance or incurring excessive costs.

Meta is proactively migrating to Post-Quantum Cryptography (PQC) to defend against Store Now, Decrypt Later (SNDL) attacks.
The migration framework introduces three maturity levels: PQ-Aware (inventory/risk), PQ-Ready (technical capability), and PQ-Enabled (full protection).
Meta utilizes NIST-standardized algorithms including ML-KEM (Kyber) and ML-DSA (Dilithium), while co-authoring the HQC algorithm.
The strategy prioritizes internal infrastructure first, balancing security needs with performance overhead and cost efficiency.
Practical guidance focuses on risk assessment, cryptographic inventory, and establishing guardrails to prevent regression to legacy standards.

#security #dist

Read original

Cloudflare BlogApr 16, 2026

Cloudflare’s AI Platform: an inference layer designed for agents

Why it matters: Building agentic AI requires chaining multiple models, which increases latency and failure risks. Cloudflare’s unified API simplifies multi-provider management, provides cost transparency, and offers a low-latency path for custom and third-party models at the edge.

Cloudflare has unified AI Gateway and Workers AI into a single inference layer, allowing developers to call third-party models like OpenAI and Anthropic via the AI.run() binding.
The platform supports over 70 models from 12+ providers, enabling multimodal applications involving text, image, video, and speech through a single API and credit system.
A new 'Bring Your Own Model' feature leverages Replicate’s Cog technology to containerize and deploy custom fine-tuned models directly to Cloudflare's global network.
AI Gateway provides centralized cost management and observability, allowing teams to track AI spend using custom metadata like team IDs or specific application workflows.
The infrastructure is optimized for agentic AI, featuring automatic retries on upstream failures and low-latency paths to minimize time-to-first-token in chained model calls.

#mlp #dist #finops

Read original

Cloudflare BlogApr 16, 2026

Building the foundation for running extra-large language models

Why it matters: This article provides a blueprint for optimizing LLM infrastructure by decoupling inference stages. It demonstrates how to maximize expensive GPU utilization and reduce latency for long-context agentic applications through clever software engineering and cache management.

Implemented Prefill Decode (PD) disaggregation to separate compute-bound prefill tasks from memory-bound decode tasks, maximizing GPU efficiency.
Developed a token-aware load balancer that estimates in-flight tokens to spread load evenly across prefill and decode endpoint pools.
Achieved a 3x improvement in intertoken latency, reducing p90 time per token from ~100ms to 20-30ms.
Utilized x-session-affinity headers to improve prompt caching, increasing input token cache hit ratios from 60% to 80%.
Integrated Moonshot AI’s Mooncake Transfer Engine to facilitate efficient KV cache sharing across multiple GPUs for extra-large model instances.
Optimized infrastructure specifically for agentic workflows which involve high input token volumes and long-context system prompts.

#mlp #dist #sre

Read original

Cloudflare BlogApr 16, 2026

Cloudflare’s AI Platform: an inference layer designed for agents

Why it matters: This unified inference layer simplifies building complex AI agents by eliminating provider lock-in and centralizing cost management. It allows engineers to switch models with one line of code while ensuring high reliability and low latency across distributed global infrastructure.

Cloudflare AI Gateway now offers a unified API (AI.run) to access 70+ models from 12+ providers including OpenAI, Anthropic, and Google.
Centralized cost management allows developers to monitor AI spend across multiple providers using custom metadata for granular usage tracking.
New 'Bring Your Own Model' support leverages Replicate’s Cog technology to containerize and deploy custom or fine-tuned models to Workers AI.
Built-in reliability features include automatic retries on upstream failures and zero-setup default gateways to mitigate provider outages.
The platform is optimized for agentic workflows, reducing latency in multi-step inference chains through Cloudflare's global edge network.

#mlp #dist #finops

Read original

Cloudflare BlogApr 16, 2026

Artifacts: versioned storage that speaks Git

Why it matters: Artifacts provides a scalable, programmable Git-compatible storage layer. It solves state persistence for AI agents and serverless apps by treating Git's data model as a primitive for time-travel, forking, and versioning any data at massive scale.

Artifacts is a distributed, versioned filesystem supporting the Git protocol, optimized for the high-volume storage needs of AI agents.
It enables programmatic repository creation via REST and native Workers APIs, facilitating repo-per-session or repo-per-sandbox architectures.
The platform supports standard Git operations including cloning, forking, and importing from external remotes like GitHub within serverless workflows.
Built on Cloudflare Durable Objects, the system scales to millions of isolated, stateful repository instances.
The core Git engine is written in Zig and compiled to a 100KB Wasm binary, ensuring high performance and low memory overhead.

#dist #data #mlp

Read original

Cloudflare BlogApr 16, 2026

AI Search: the search primitive for your agents

Why it matters: Building RAG pipelines is complex, requiring manual chunking, indexing, and hybrid search logic. This tool abstracts that infrastructure, allowing engineers to deploy isolated, searchable context for agents at scale without managing separate database clusters or complex pipelines.

Cloudflare AI Search (formerly AutoRAG) is a plug-and-play search primitive designed for agentic AI workflows.
Supports hybrid search by running semantic vector matching and BM25 keyword search in parallel with result fusion.
Features built-in storage and indexing, eliminating the need to manually configure R2 buckets or Vectorize indexes.
The new ai_search_namespaces binding allows developers to dynamically create, delete, and manage search instances at runtime.
Enables multi-instance querying, allowing agents to search across shared knowledge bases and private per-customer history in one call.
Integrates directly with the Cloudflare Agents SDK and Workers AI to provide a streamlined RAG implementation.

#mlp #data #dist

Read original

Cloudflare BlogApr 16, 2026

Artifacts: versioned storage that speaks Git

Why it matters: Artifacts provides a Git-compatible versioned filesystem designed for the scale of AI agents. By leveraging Durable Objects and a custom Zig-based Git engine, it enables programmatic, high-performance state management, allowing developers to treat versioning as a first-class primitive.

Artifacts is a distributed, versioned filesystem that implements the Git protocol for programmatic use by AI agents and serverless functions.
The system is built on Cloudflare Durable Objects, allowing for the creation of millions of isolated, stateful repository instances.
The core Git engine was written in Zig and compiled to a 100KB WebAssembly binary to ensure high performance and manual memory management.
It supports native Workers and REST APIs, enabling repository creation, branching, and forking without requiring a traditional Git client.
Beyond source control, it is designed for persisting sandbox states, session history, and time-traveling through application data.
Developers can bootstrap repositories from existing sources like GitHub using an import API for isolated agent workflows.

#dist #data #mlp

Read original

Cloudflare BlogApr 16, 2026

Deploy Postgres and MySQL databases with PlanetScale + Workers

Why it matters: This integration simplifies full-stack development by combining edge computing with managed relational databases. Unified billing and Hyperdrive-powered performance optimization reduce operational overhead and latency, making it easier to build scalable, data-intensive applications.

Cloudflare Workers now supports direct creation and management of PlanetScale Postgres and MySQL databases via the dashboard and API.
Unified billing allows users to pay for PlanetScale databases directly through their Cloudflare account, utilizing existing credits or committed spend.
Integration with Hyperdrive provides automatic database connection pooling and query caching to optimize performance and reliability.
Developers can use explicit placement hints to run Workers in data centers closest to their centralized PlanetScale databases, minimizing network latency.
Support for Postgres extensions like pgvector enables building AI-driven applications with vector search capabilities directly on the edge.

#data #dist #finops

Read original

Cloudflare BlogApr 16, 2026

Cloudflare Email Service: now in public beta. Ready for your agents

Why it matters: Email is a universal interface. By providing native sending and routing within Workers, Cloudflare enables engineers to build stateful, secure, and asynchronous AI agents that interact with users via standard email, removing the complexity of SMTP management and external API integrations.

Cloudflare Email Service enters public beta, offering native Email Sending via Workers bindings without the need for API key management.
The service automates SPF, DKIM, and DMARC configurations to ensure high deliverability and low latency via Cloudflare's global network.
Integration with the Agents SDK enables bidirectional, asynchronous email communication for AI agents using the onEmail hook.
Developers can maintain stateful conversations across emails using Durable Objects, allowing agents to remember context without external databases.
Secure reply routing is implemented using HMAC-SHA256 signed headers to prevent unauthorized access to specific agent instances.
New developer tools include an Email MCP server, Wrangler CLI commands, and an open-source agentic inbox reference application.

#mlp #dist #security

Read original

Page 3 of 30

Prev 1 2 3 4 5...30 Next