Curated topic

dist

Posts tagged with dist

Cloudflare BlogApr 13, 2026

Agents have their own computers with Sandboxes GA

Why it matters: Engineers building AI agents need secure, scalable environments to run untrusted code. Cloudflare Sandboxes solve the 'burstiness' and security risks of agentic workloads with a serverless-like pricing model and deep integration into the Workers ecosystem.

Cloudflare Sandboxes and Containers are now Generally Available, providing isolated environments for AI agents to execute untrusted code.
Secure credential injection uses a programmable egress proxy to allow agents to authenticate with services without accessing raw secrets.
Full PTY support enables real-time terminal sessions over WebSockets, allowing both agents and humans to interact with a real shell.
Active CPU Pricing ensures cost-efficiency by charging only for active compute cycles rather than idle standby time.
The platform supports persistent code interpreters for Python, JavaScript, and TypeScript, maintaining state across sessions.
Snapshots and filesystem watching allow for quick state restoration and faster iteration during agentic development tasks.

#mlp #security #dist

Read original

Cloudflare BlogApr 13, 2026

Durable Objects in Dynamic Workers: Give each AI-generated app its own database

Why it matters: This feature allows AI-generated or user-provided code to have its own persistent, low-latency database without manual provisioning. It bridges the gap between ephemeral serverless execution and stateful application needs in a secure, sandboxed environment.

Cloudflare introduced Durable Object Facets to provide persistent storage for code loaded via Dynamic Workers.
Dynamic Workers use isolates instead of containers, offering 100x faster load times and 1/10 the memory usage.
Durable Object Facets allow dynamic code to extend the DurableObject class and access a dedicated SQLite database.
A supervisor Durable Object acts as a controller, managing the lifecycle and requests for dynamic facets.
This architecture enables AI-generated applications to maintain long-lived state with zero-latency local disk access.

#dist #data #security

Read original

Cloudflare BlogApr 13, 2026

Dynamic, identity-aware, and secure Sandbox auth

Why it matters: Outbound Workers solve the 'untrusted agent' problem by moving auth logic out of the sandbox. This enables zero-trust security for AI workloads, allowing engineers to inject secrets and enforce granular RBAC at the network edge without exposing sensitive tokens to LLMs.

Cloudflare introduced outbound Workers for Sandboxes, acting as programmatic egress proxies for microVM-based environments.
These proxies enable zero-trust authentication by injecting secrets at the egress point, keeping credentials hidden from untrusted AI agents.
Developers can implement granular traffic control, allowing for logging, modification, or blocking of requests based on destination or method.
The system supports identity-aware routing, applying specific rules and credentials dynamically based on the sandbox's unique identity.
By executing on the same host as the sandbox, the proxy minimizes latency while remaining transparent to the sandboxed application.

#security #mlp #dist

Read original

Cloudflare BlogApr 12, 2026

Welcome to Agents Week

Why it matters: AI agents require a massive shift in infrastructure. Traditional containers are too heavy for the one-to-one scaling agents demand. Using V8 isolates allows for the ephemeral, high-concurrency execution needed to make agentic workflows economically and technically viable at global scale.

AI agents shift the cloud paradigm from one-to-many microservices to one-to-one execution environments tailored for specific tasks.
Traditional container-based infrastructure lacks the efficiency to handle the projected scale of millions of concurrent agent sessions.
V8 isolates provide a lightweight alternative to containers, offering ~100x faster startup times and ~100x better memory efficiency.
Cloudflare's Dynamic Workers enable on-demand execution environments that make the per-unit economics of agents viable for mass adoption.
The industry is moving toward structured protocols like Model Context Protocol (MCP) to replace agents navigating human-centric UIs.

#dist #mlp #finops

Read original

Cloudflare BlogApr 10, 2026

500 Tbps of capacity: 16 years of scaling our global network

Why it matters: This milestone demonstrates how massive-scale infrastructure can handle record-breaking DDoS attacks (31.4 Tbps) autonomously. It showcases the power of pushing security and compute to the edge using eBPF and XDP, allowing for high-performance, distributed application hosting.

Cloudflare reached 500 Tbps of external capacity across 330+ cities, supporting over 20% of the web.
Autonomous DDoS mitigation uses eBPF and XDP (l4drop) to drop malicious packets at line rate without human intervention.
The 'dosd' daemon samples traffic and broadcasts mitigation rules globally via Quicksilver, a distributed KV store.
Layer 4 load balancing is handled by Unimog, while flowtrackd provides stateful TCP inspection for enterprise traffic.
The network has evolved into a distributed developer platform (Workers) that now supports V8 isolates and edge containers.

#security #dist #sre

Read original

PlanetScale Tech BlogApr 10, 2026

Keeping a Postgres queue healthy

Why it matters: Using Postgres for queues is convenient but risky. High-churn tables generate dead tuples that can bloat indexes. If long-running transactions block autovacuum, I/O overhead can degrade the entire database's performance, potentially bringing down the application.

Postgres queues offer transactional consistency but are prone to performance degradation from high row churn.
MVCC creates dead tuples upon deletion, which persist in heap pages and indexes until vacuumed.
Accumulated dead tuples force index scans to traverse unnecessary entries, increasing I/O and latency.
Autovacuum efficiency is globally constrained; a single long-running transaction can block cleanup for all tables.
Implementing FOR UPDATE SKIP LOCKED enables high-concurrency job processing without worker interference.
Database health requires monitoring transaction age to prevent runaway bloat in transient tables.

#data #sre #dist

Read original

Salesforce EngineeringApr 9, 2026

Building a Distributed Persistent Queue That Scaled AI Workloads 5x Under LLM Rate Limits

Why it matters: Managing shared infrastructure limits is critical when scaling LLM applications. This architecture demonstrates how to balance high-volume autonomous agents with human-in-the-loop workflows, ensuring fairness and prioritizing high-value tasks without hitting rate-limit failures.

Engineered a distributed persistent queue to orchestrate AI and human workflows within strict LLM rate limits of 300 RPM.
Implemented a fair-share distribution mechanism using round-robin allocation to prevent any single agent or user from monopolizing capacity.
Developed a three-tier priority system (Replies, Intros, Nudges) to ensure high-value business interactions are dispatched first.
Utilized an adaptive backfill strategy to maintain 100% slot utilization by filling unused high-priority capacity with lower-priority tasks.
Achieved a 5x scale in AI workload throughput while maintaining system reliability and preventing gateway failures.

#dist #mlp #sre

Read original

Engineering at MetaApr 9, 2026

Escaping the Fork: How Meta Modernized WebRTC Across 50+ Use Cases

Why it matters: Meta's approach provides a blueprint for maintaining large open-source dependencies without getting stuck in permanent forks. By using dual-stack architectures and namespace mangling, they enabled safe upgrades and A/B testing for critical infrastructure serving billions of users.

Meta migrated from a divergent WebRTC fork to a modular architecture based on the latest upstream version to escape the 'forking trap'.
A dual-stack architecture with a shim layer was implemented to allow simultaneous execution and A/B testing of legacy and upstream versions.
To avoid C++ One Definition Rule (ODR) violations, Meta used automated namespace mangling to rename symbols in the secondary library copy.
The shim layer approach achieved an 87% reduction in binary size impact compared to duplicating higher-level orchestration libraries.
A 'Patch-First' workflow was established in the monorepo to automate the rebasing of internal optimizations onto new upstream releases.

#dist #mobile #sre

Read original

GitHub EngineeringApr 9, 2026

GitHub availability report: March 2026

Why it matters: This report highlights how minor configuration errors, cache stampedes, and credential management issues can cause massive service disruptions. It provides a blueprint for improving resilience through killswitches, infrastructure isolation, and automated monitoring of dependencies.

A bug in a cache-reduction deployment triggered a global cache recalculation, causing replication delays and high failure rates for API and Git operations.
Misconfigured Redis load balancers during infrastructure updates led to significant delays and failures in GitHub Actions workflow runs.
Authentication failures between the Copilot Coding Agent and its datastore caused near-total service outages, requiring manual credential rotation.
An upstream dependency failure disrupted GitHub event notifications for Microsoft Teams integrations.
GitHub is implementing architectural changes, including moving caching to dedicated hosts and adding killswitches to prevent cascading failures.
Improved automation and alerting are being developed to catch load balancer misconfigurations and credential lifecycle events before user impact.

#sre #dist

Read original

Salesforce EngineeringApr 8, 2026

How an AI CRM System Generated 1M+ Recommendations While Maintaining Data Integrity Using Agentforce

Why it matters: Scaling AI agents for enterprise datasets requires balancing throughput with strict governance. This architecture shows how to overcome rate limits and latency issues while maintaining the explainability and security essential for autonomous CRM systems.

Implemented a message queue-driven architecture to bypass platform limits of 300 requests per minute and manage high concurrency during overnight processing.
Optimized LLM processing by narrowing data retrieval to recent signals and implementing fast-fail mechanisms for transcripts, reducing latency from 1.35s to 600ms.
Ensured data integrity and trust by attaching explicit reasoning and citations to every AI recommendation, allowing users to trace outputs back to source signals.
Developed a layered security model that uses elevated context for background processing while enforcing strict user-level access checks before surfacing recommendations.
Created a unified, persistent platform entity for AI-generated actions to standardize how recommendations are stored and surfaced across multiple agents and interfaces.

#dist #mlp #data

Read original

Page 5 of 30

Prev 1...3 4 5 6 7...30 Next