Search the Community

Not that long ago, in a galaxy that isn’t remotely far away, a disturbance in the open source world was felt with wide-ranging reverberations. Imagine waking up one morning to find out that your beloved open source tool, which lies at the heart of your system, is being relicensed. What does it mean? Can you […]View the full article

Since I’ve been working with Azure OpenAI Service from a developer perspective as well, I’ve decided to build a sample application to help demonstrate not just the IaC deployment of Azure OpenAI Service and GPT models, but also to demonstrate some basic use cases of integrating AI into your own enterprise applications. Here’s a screenshot […] The article Introducing AIChatUI: Open Source AI Chat Sample with Azure OpenAI Service & GPT-3 / GPT-4 appeared first on Build5Nines. View the full article

A museum contends that MS-DOS 4 suffers from "git mutilation" due to being improperly open-sourced. View the full article

In today's fast-paced digital landscape, the ability to monitor and observe the health and performance of applications and infrastructure is not just beneficial—it's essential. As systems grow increasingly complex and the volume of data continues to skyrocket, organizations are faced with the challenge of not just managing this information but making sense of it. This is where Grafana steps in. In this blog post, we'll take a comprehensive look at what Grafana is and how it works. Let's get started! What is Grafana?Grafana is an open-source visualization and monitoring platform developed by Grafana Labs. It allows you to query, visualize, alert on, and understand your data from various data sources through highly customizable dashboards. Here are three key reasons why Grafana has gained significant popularity and widespread adoption among organizations of all sizes and industries: Fast: Grafana is known for its exceptional performance. The backend of Grafana is powered by Go, a programming language renowned for its speed and efficiency. Go's lightweight nature and native compilation enable Grafana to handle large volumes of data and render visualizations quickly. This means that even when dealing with massive datasets and complex dashboards, Grafana remains responsive and provides a smooth user experience.Versatile: Grafana follows a plugin architecture, which allows users to extend its functionality and integrate with a wide range of data sources. Whether you are working with NoSQL/SQL databases, project management tools like Jira, or CI/CD tools like GitLab, Grafana has you covered. Beyond data source plugins, Grafana also supports panel plugins for custom visualization types and app plugins that add new features and integrate applications directly into the Grafana ecosystem. This extensive collection of plugins ensures that Grafana can seamlessly integrate with your existing infrastructure and provide a unified view of your data. Open-source: Grafana is an open-source software. This means that you have complete access to the source code, allowing you to inspect, modify, and contribute to the project. The open-source nature of Grafana fosters a vibrant community of developers and users who actively collaborate to improve the platform. This community-driven approach ensures that Grafana remains at the forefront of innovation, with regular updates, bug fixes, and new features being added continuously. Additionally, being open-source eliminates vendor lock-in and gives you the freedom to customize Grafana to fit your specific requirements. Grafana Use CasesHere are some of the most common use cases of Grafana: Infrastructure monitoring Grafana is widely used to monitor IT infrastructure, including servers, networks, and storage systems. It can aggregate metrics such as CPU usage, memory utilization, disk I/O, and network traffic from various infrastructure components, offering a unified view of system health and performance. Furthermore, Grafana enables the setup of alerts based on predefined thresholds for these metrics. For instance, you can configure an alert to be triggered if CPU usage exceeds 80% for more than five minutes. By tracking resource utilization over time, Grafana aids in identifying trends and forecasting future infrastructure needs. To learn how to monitor infrastructure using the popular Grafana-Prometheus stack, check out our blog post: What Is Grafana & How to Use Grafana-Prometheus Stack for Monitoring? Application performance monitoring (APM)Grafana is a popular choice for monitoring the performance and health of applications, particularly in microservices architectures. A key APM use case is request tracing, where Grafana ingests distributed tracing data to visualize the end-to-end flow of requests through multiple services. This visualization aids in identifying bottlenecks and debugging latency issues. Error tracking is another crucial aspect of APM. Grafana excels at correlating logs and metrics, quickly identifying and diagnosing application errors and exceptions. When an issue arises, developers can view the relevant logs and metrics in context, making it easier to pinpoint the root cause and resolve the problem. User experience monitoring is also critical for ensuring application success. Grafana can track key frontend performance metrics, such as page load times, user journeys, and conversion rates. By visualizing this data in real-time, teams can identify potential issues before they impact users and make data-driven decisions to optimize the user experience. Business intelligence and analytics While often thought of as a tool primarily for technical users, Grafana is increasingly being adopted for business intelligence and analytics. This includes applications such as sales & marketing dashboards, IoT analytics, and financial reporting. Grafana can connect to both SQL and NoSQL databases to visualize key business metrics such as revenue, customer acquisition costs, and churn rates. Companies across various industries, including manufacturing, logistics, and utilities, utilize Grafana to analyze sensor data and monitor KPIs related to equipment uptime, asset utilization, and predictive maintenance. Thanks to its rich visualization capabilities, Grafana is also well-suited for creating executive dashboards and shareholder reports. Grafana Core Components: Dashboards and PanelsAt the heart of Grafana’s user interface are dashboards and panels. Dashboards provide a visual representation of data and are composed of individual panels arranged in a grid. The following image illustrates a sample Grafana dashboard that provides a comprehensive snapshot of website performance metrics: Example Grafana dashboardPanels are the building blocks of a Grafana dashboard, serving as containers for visualizing data. In the example dashboard above, there are nine distinct panels (highlighted in yellow) displaying various metrics and data points. Panels offer a wide range of visualization formats to present data in meaningful ways, such as: Time series graphsStats and gaugesTablesHeatmaps and histogramsAlert listsAnd many more...Each panel can display data from one or more data sources, enabling you to combine and correlate metrics from different systems in a single view. One of the key strengths of panels is their deep customization options. Beyond choosing data sources and visualization types, panels provide a rich set of configuration settings to fine-tune every aspect of their appearance and behavior. Some common panel customization options include: Queries and data transformations: Grafana's query editor allows you to extract and manipulate data from each data source. This enables complex data transformations to be performed on the data before visualization.Display options: Grafana provides various options to customize the appearance of panels. You can adjust the panel's size, title, background, borders, and other visual properties to achieve the desired look and feel.Field and override options: You can dynamically set colors, thresholds, value mappings, links, and more based on the data being displayed.Thresholds and alerts: You can define thresholds on the data to set boundaries for specific values or ranges. Additionally, you can configure rules that trigger alerts when certain conditions are met.By leveraging these customization options, you can create highly tailored, informative, and interactive dashboards that provide valuable insights into your systems and infrastructure. How Grafana Works: From Data Source to DashboardIn Grafana, the process of getting data from a data source and displaying it on a dashboard involves three main steps: #1 Data Source PluginA data source plugin in Grafana is a connector that allows Grafana to communicate with a specific data source. Grafana supports various types of data sources, such as databases (e.g., MySQL, PostgreSQL), time series databases (e.g., Prometheus, InfluxDB), cloud services (e.g., AWS CloudWatch, Google Cloud Monitoring), and more. Each data source has its own plugin that defines how Grafana interacts with it, This includes how to establish a connection, authenticate, and retrieve data. Given that each data source can have its own query language, authentication method, and data format, the plugin plays a crucial role in reconciling these differences. It understands the specifics of the data source and translates requests from Grafana’s query editor into queries that the data source comprehends. Once the data is retrieved, the plugin converts it into a data frame, a unified data structure used by Grafana to standardize and represent data internally. The plugin acts as the first step in the data transformation process, enabling Grafana to connect to and fetch data from the desired data source. #2 QueryOnce Grafana is connected to a data source through the plugin, you need to specify a query to retrieve the desired data. A query is a request for specific data from the data source. It defines what data you want to retrieve and how you want to filter or aggregate it. The query language and syntax may vary depending on the data source. For example, SQL databases use SQL queries, while Prometheus uses its own query language called PromQL. The query acts as the second step, allowing you to select and filter the data you want to visualize in your dashboard. #3 Transformation (optional)After the data is retrieved from the data source using the query, you have the option to apply transformations to the data before it is visualized on the dashboard. Transformations are operations that modify or enhance the queried data. They allow you to perform calculations, aggregations, filtering, or other manipulations on the data. Grafana provides a set of built-in transformations, such as renaming fields, filtering rows, joining data from multiple queries, calculating new fields, and more. The transformation step acts as the third and final step, enabling you to refine and customize the data before it is displayed on the dashboard. After the data passes through these three steps (data source plugin, query, and optional transformation), it is ready to be visualized on the Grafana dashboard. Grafana LGTM StackThe Grafana LGTM stack is an opinionated observability stack developed by Grafana Labs. LGTM stands for Loki, Grafana, Tempo, and Mimir, which are the key components of this stack. The LGTM stack aims to provide a unified solution for monitoring and troubleshooting modern applications and infrastructure by addressing the three pillars of observability: logs, metrics, and traces. To understand how each component contributes to the stack, let's take a closer look: Loki: A horizontally scalable and cost-effective log aggregation system designed to store and query logs from all your applications and infrastructure. It integrates seamlessly with Grafana, allowing users to query and visualize log data alongside metrics and traces.Want to learn more about Loki and how to use it to gather logs from your Kubernetes cluster and applications running on it? Check out the Grafana Loki course from KodeKloud. Grafana: The centerpiece of the LGTM stack. As discussed earlier, it provides a powerful and flexible platform for visualizing and analyzing data from various sources, including Loki, Tempo, and Mimir.Tempo: A distributed tracing system that enables developers to visualize the end-to-end flow of requests through a microservices architecture. By integrating with Grafana, Tempo helps identify performance bottlenecks, debug latency issues, and understand how different services interact.Mimir: A highly scalable, multi-tenant, time series database for long-term storage for Prometheus metrics. It allows users to store and query large amounts of metric data efficiently, making it an essential component of the LGTM stack.By combining these components, the LGTM stack provides a comprehensive and integrated observability solution. It allows you to collect, store, and analyze large volumes of logs, metrics, and traces without the complexity of managing multiple tools. ConclusionIn this blog post, we explored what Grafana is, its key use cases, and why it has become the preferred tool for organizations of all sizes across various industries for their visualization and monitoring needs. We also discussed panels and dashboards, the core components of Grafana, and the three steps —plugin, query, and transform—that data undergoes from a data source before being displayed on a dashboard. Finally, we looked at the Grafana Lab's LGTM stack, where Grafana serves as the central hub, aggregating and visualizing logs from Loki, metrics from Mimir, and traces from Tempo. Now, you should have a thorough understanding of what Grafana is and how it works. Practice monitoring infrastructure using the Grafana-Prometheus stack using KodeKloud’s Grafana and Prometheus playground. Want to master observability? Check out the Prometheus Certified Associate (PCA) course from KodeKloud. View the full article

Open-source software security is crucial in today's cloud-native world. Learn about vulnerabilities, dependencies, and tools to improve security in this in-depth blog post. The post Open-Source Software Security appeared first on Security Boulevard. View the full article

When I start something new, I love to jump right in and get my feet wet (though, preferably in the Great Barrier Reef). As the new Environmental Sustainability lead at GitHub, this meant within the first few days of my job I was hearing directly from some of the incredible organizations that are leveraging tech to protect the environment. Coming from Australia, my love for the ocean runs deep, as does my concern for how a changing climate is changing life for all of us around the world. So, I was thrilled to have a chance to speak with Kakani Katija, Principal Engineer at the Monterey Bay Aquarium Research Institute (MBARI), to see how her team is using open source to research our changing oceans. Moving above ground, I also spoke with co-founders, Lassor Feasley, CEO, and Scott Schwartz, CTO at Renewables.org. There’s huge potential for solutions that both mitigate carbon and accelerate green power, as well as support the adaptation and resilience of communities that are going to feel the impact of climate change. Renewables.org encompasses this idea, and is using tech to bring it to life. The future of our changing climate is tied inextricably to tech, and these leaders are showing how we can use open source to fight back. Paull Young Environmental Sustainability Senior Program Manager // GitHub Diving into Monterey Bay Aquarium Research Institute Paull (GitHub): Kakani, I would love for you to tell us about MBARI’s FathomNet project and the work you’re currently doing. Kakani (MBARI): MBARI cares about building technology and approaches that allow us to study a changing ocean. FathomNet, in particular, is really focused on how to monitor biological systems at scale in the ocean. This is incredibly important when talking about sustainability and climate change, as we have no idea how the blue economy and blue energy projects that are being pushed into the ocean will impact these existing biological communities. We hope that FathomNet will unleash the power of AI in the ocean, enabling the future of conservation, exploration, and discovery. Paull: I saw that you’ll be coming out with a mobile game soon—what’s the story behind that and how does it tap into the work you’re already doing? Kakani: We have actually created a game that will be launching in May called FathomVerse. We’ll be pushing data with machine-generated proposals to players who will identify what these different images are, and then community consensus labels will be created and pushed to FathomNet. This was created because there are a limited number of experts in the world that can identify an animal down to a species or genus level from a visual or an image. But there are actually quite a few individuals in the world—from ocean enthusiasts to people who took a marine biology course—that could identify things that would have value to the research community. Paull: Do you need any training for that or can anyone download it and help contribute to your mission? Kakani: You’ll get training through the game and feedback throughout. FathomNet is a source of labeled data and this is mixed in with the unlabeled data in the game. So, you’ll get instant feedback when you’re right or wrong or miss something, but then you’ll also receive delayed feedback on how you compared to the rest of the community consensus. Paull: I love this. It’s the nature of open source data that’s underpinning this entire game and experience. Reflecting on Renewables.org Paull (GitHub): What’s happening with Renewables.org is really exciting; can you tell me more about what your mission is and how your model works? Lassor (Renewables.org): Renewables.org is the online solar investing nonprofit that’s so far helped finance about a dozen solar projects across the Global South, including India and Africa. We’ve chosen to finance projects in these regions because they’re the places where you have the highest carbon impact per dollar—there’s literally no other product or investment we’ve evaluated that has a higher carbon impact. Anyone can come to our site and buy a $25 share in one of our projects, and we pay it back monthly over five years. So, if you buy one panel, you’ll start earning back your investment 42 cents at a time and you get fully repaid over five years. As you earn those repayments back, you can either withdraw them back to your personal account or use them to subsidize the purchase of even more panels and have an even greater investment. This idea came about with one of our board level co-founders, Premal Shah. He’s famous for having helped build Kiva.org—a very popular anti-poverty microfinance crowdfunding website. Paull: I know you’re still in the earlier stages of your organization and the implementation of open source, but what do those next steps look like? Scott (Renewables.org): We’ve been identifying open source data we’d like to integrate into the site—things like electricity maps—and we’re currently getting solar irradiation data from OpenWeather. We’re now planning for scale and would like to move towards an API-first setup for the site. Currently, we’re using the standard features within GitHub (source control, issue tracking), but GitHub Copilot has come in handy as it’s been many years since I worked with PHP and to say I’m rusty would be generous. The role and culture of open source in sustainability Paull: Why is open source so important to the work that MBARI’s FathomNet is doing and how are you engaging with that community? Kakani: Open data is incredibly important because data is collected in silos in the oceanographic community. It’s often limited to individual groups or institutions that have access to the ocean through advanced robotics, research vessels, or something similar. But by making data public and more available following the FAIR data principles, we can democratize access to the ocean. So, that’s one of the reasons why FathomNet exists—as a mechanism for people to evaluate imagery that’s being collected and generate a data set of ocean life that we can build upon as a community and grow over time. Paull: Do you see any culture shifts happening where this type of data is trending more towards open source? Kakani: There is a **shift happening where people are starting to recognize that working in open source and making the data open and available is far more valuable to more people. **But it’s a cultural change that takes time. I think we’re kind of in that middle ground where there are still a lot of people waiting to see what happens before they’re going to fully throw themselves and their data into the pipeline and process. I’m hopeful that what we’ve done with FathomNet already and now with this game, we’ll be able to create massive engagement at scale that will help get us over that fence and get a lot of people contributing within our community. Paull: How do you imagine open source will further the work Renewables.org is already doing? Lassor: We have created a methodology in open source around how we prove that these are the highest carbon impact per dollar solar projects that we could possibly fund. And the methodology has three parts: How much more carbon intensive is the project we’re investing in than a typical U.S.-based project (usually two or three times)? How much more sunshine is there each year (typically there’s about 20% more)? How many watts do you build per dollar (two or three times more watts for every dollar that you invest)? This comes out to about five times more carbon impact invested per dollar on Renewables.org than if you invested the same money in the United States. Scott: We’ve been committed to making our calculator open source because trust is built with transparency, but also, if the community has a better way to estimate impact, we want to hear it! We want people to have faith in the platform and in the numbers that we’re producing, and the community is great at vetting and improving this work. How developers and communities shape your work Paull: How have users or people interested in these topics shaped the work that you do? Kakani: We’ve had more than a thousand unique players beta test FathomVerse, the game, and what we keep hearing is that they’re really excited about this positive use of AI.There’s a lot of negativity around AI and how information is being extracted as new models are trained. But because we’re so transparent about where the source of the data is coming from, what its use is, and also what the goal is, game players have had a really positive response. Lassor: We learned a lot from Kiva.org—they have an incredibly engaged community that wants a huge amount of transparency. One thing that we learned from them before we even got started is that climate and sustainability related investments are the most in-demand feature. That’s part of what gave us the confidence to do this. There are different groups on Kiva.org that collaborate to fund certain types of loans, and the largest and most active one is called Climate Pilots. And we’ve been able to engage that community and recruit some of the very first Renewables.org users. We’ve also been able to more broadly draw marketing insights by watching them and responding to what their needs are. From the sun to the depths of the ocean, the utilization of tech and open source in a changing climate is far-reaching. These two organizations show us just how big of an impact we can make by leveraging tech for good. To get involved with FathomNet, visit their website or repository. To support Renewables.org’s work, check out their website or add comments to their impact multiplier. This is just a slice of open source innovation that is helping the Earth. Check out our new series, Coding Sustainability, to learn how The Ocean Cleanup uses innovative technology and data-driven approaches to tackle the Great Pacific Garbage Patch.

Solr is an open-source, highly scalable search platform built on top of Apache Lucene. It provides powerful capabilities for searching, indexing, and faceting large amounts of data. Here are 10 real use cases of Solr: Apache Solr is an open-source search platform built on Apache Lucene, which is a high-performance, full-text search engine library. Solr is widely used for enterprise search and analytics purposes because it provides robust full-text search, hit highlighting, faceted search, dynamic clustering, database integration, and rich document (like Word and PDF) handling capabilities. It is designed to handle large volumes of text-centric data and provides distributed search and index replication functionalities. Solr is also known for its scalability and fault tolerance, making it a popular choice for large-scale search applications. Here are ten real use cases of Solr: E-commerce Product Search: Solr is commonly used in e-commerce platforms to provide advanced search capabilities over a vast inventory of products. It helps in delivering relevant search results, supporting facets and filters (like brand, price range, and product features) to enhance user experience. Content Management Systems (CMS): Integrating Solr with CMSs allows websites to manage and search through large repositories of content such as articles, blogs, and other media types efficiently. Enterprise Document Search: Companies use Solr to index and search through extensive collections of documents, including emails, PDFs, Word documents, and more, making it easier for employees to find the information they need quickly. Social Media Analytics: Solr can process and index large streams of social media data for sentiment analysis, trend tracking, and monitoring public opinion, enabling businesses to gain insights into customer perceptions. Geospatial Search: Solr supports location-based searches, which can be used in applications like real estate listings and location-specific services to find entities within a given distance from a geographic point. Data Collection and Discovery: Research institutions use Solr to manage, search, and analyze large datasets, facilitating data discovery and academic research. Job and Resume Searching: Job portals utilize Solr to match candidates with jobs effectively. It indexes job listings and resumes, providing powerful search and filtering capabilities. News and Media Sites: Media outlets use Solr to manage and retrieve news content and articles based on various attributes like publication date, relevance, keywords, etc. Healthcare Information Systems: Solr is used in healthcare for indexing medical records, research papers, treatment histories, and other data, improving access to information and supporting better healthcare outcomes. Recommendation Systems: Solr’s ability to handle complex queries and analyze large amounts of data helps in building recommendation engines that suggest products, services, or content based on user preferences and behavior. The post What is Solr? appeared first on DevOpsSchool.com. View the full article

Commonhaus is taking a laissez-faire approach to open source group management.View the full article

Anaconda and Teradata have unveiled a new integration to bring the most popular and widely used Python and R packages to Teradata VantageCloud through the Anaconda Repository. The integration with ClearScape Analytics, a powerful engine for deploying end-to-end artificial intelligence (AI) and machine learning (ML), is designed to provide enterprises with the ability to deploy... Read more » The post Anaconda and Teradata partner to enhance open-source support for AI innovation appeared first on Cloud Computing News. View the full article

RudderStack is an open-source customer data platform tool. It collects, routes, processes data from your websites, apps, cloud tools, and data warehouseView the full article

Lucene query cheatsheet Basic Search Single Term:term Finds documents containing term. Phrase Search:"exact phrase" Finds documents containing the exact phrase. Boolean Operators AND:term1 AND term2 Both terms must be present. OR:term1 OR term2 At least one of the terms must be present. NOT:NOT term Documents must not contain term. Combination:(term1 AND term2) OR term3 Complex boolean logic can be applied by combining operators. Wildcard Searches Single Character Wildcard:te?t Matches text with one character replaced. Multiple Character Wildcard:test* Matches text with zero or more characters. Wildcard at Start:*test Not supported directly but can be used in certain contexts. Fuzzy Searches Fuzzy:term~ Matches terms that are similar to the specified term. Proximity Searches Proximity:"term1 term2"~N Matches terms that are within N words of each other. Range Searches Range:[start TO end] Finds documents with terms within the specified range. Exclusive Range:{start TO end} Excludes the exact start and end values. Regular Expressions Regex:/regex/ Matches terms by regular expression. Boosting Terms Boost:term^N Increases the relevance of a term by a factor of N. Field-Specific Searches Specific Field:fieldname:term Searches for the term within a specific field. Grouping Group Queries:(query1) AND (query2) Groups parts of queries for complex searches. How to search Apache HTTPD using Lucene These examples assume that the logs have been indexed in a Lucene-based system like Elasticsearch, and they demonstrate how to utilize various Lucene query features to filter and search log data effectively. Note that the specific fields used in these examples (ip, timestamp, response, request, etc.) should correspond to the fields defined in your Lucene schema for Apache HTTPD logs. // 1. Find logs for a specific IP address ip:"192.168.1.1" // 2. Search logs within a specific date range timestamp:[20230101 TO 20230131] // 3. Identify logs with 4xx client error response codes response:[400 TO 499] // 4. Locate logs for requests to a specific URL request:"GET /index.html HTTP/1.1" // 5. Filter logs by a specific user-agent string agent:"Mozilla/5.0 (Windows NT 10.0; Win64; x64)" // 6. Search for logs with a specific referrer referrer:"http://example.com/" // 7. Find all logs of GET requests request_method:GET // 8. Filter logs resulting in 5xx server errors response:[500 TO 599] // 9. Identify requests to a specific directory request:"/images/*" // 10. Locate requests taking longer than 2 seconds duration:>2000 // 11. Exclude logs from a specific IP address -ip:"192.168.1.1" // 12. Find requests for a specific file type (.jpg) request:"*.jpg" // 13. Identify logs from a specific day timestamp:20230115 // 14. Search logs with responses in a byte range bytes:[1000 TO 5000] // 15. Filter logs by HTTP method and response code request_method:POST AND response:200 // 16. Search for failed login attempts (custom log message) message:"Failed login attempt" // 17. Find logs from a range of IP addresses ip:[192.168.1.1 TO 192.168.1.100] // 18. Identify logs with a 200 OK response response:200 // 19. Search for logs with specific query parameters request:"*?user=john&*" // 20. Locate logs with a 404 Not Found response response:404 The post Apache Lucene Query Example appeared first on DevOpsSchool.com. View the full article

Amidst push from Tiny Corp and the rest of the community, AMD is open-sourcing more of its GPU documentation and firmware in hopes of making its hardware truly-competitive with Nvidia in the AI space, and potentially more. View the full article

How this open source LLM chatbot runner hit the gas on x86, Arm CPUsView the full article

Malicious xz backdoor reveals fragility of open sourceView the full article

Arm China continues to silently strengthen its product stack, now has an AI developers board and open-source drivers for its NPU design. View the full article

It’s not often we step outside of our careers and busy everyday lives and pause to say, “Hey, what is this all about? Am I fulfilled? Am I finding meaning in what I’m doing day to day?” As the Head of Commercial Legal at GitHub, I have quite a unique role. Most of my career was spent in a law firm until I transitioned into tech. I came from a male-dominated workplace and saw tech as a new environment (though still male-dominated) where ideas flourished and folks were allowed to be themselves in a safe space. But this month—March is Gender Equality Month and celebrates Women’s Day—gave a reason to pause and reflect on my own journey, as well as ask what people and organizations are doing every day to empower women. So, I sat down with Felicitas Heyne, co-founder of Audiopedia Foundation, as well as Nadine Krish Spencer, Head of Product and Experience at Chayn. We discussed how tech is aiding organizations fighting for gender equality, what it means to be a woman in tech and the world today, and what advice and learnings they’d like to share with others. I hope you find as much inspiration from their mission, work, and stories as I did. Jiyon Yun Head of Commercial Legal // GitHub Getting to know Audiopedia Foundation Jiyon (GitHub): The work Audiopedia Foundation is doing is truly remarkable, and I would love to hear in your own words why these efforts are so essential and how you came to help found this organization. Felicitas (Audiopedia): Audiopedia Foundation works to empower women in the global south through access to information in an audio format. We work with NGOs around the world to bring different forms of tech—from solar-powered audio players to WhatsApp to loudspeakers—to local communities based on their unique needs. I had never dreamt of leading an organization doing social impact work all over the globe. But I have a hard time realizing there is an injustice and not doing anything about it. I’ve always been passionate about empowering women and when we started to dive into the topic, we realized that 500 million women in the world are illiterate—and these are just the official numbers. There are also more than 7,000 languages in the world, half of which don’t even have a written language. We tried to come up with an idea to bring information to these women—including topics like health, economics, human rights—which sparked the idea of Audiopedia nine years ago. Getting to know Chayn Jiyon (GitHub): I think we could all take away some learnings from Chayn—from your values to the way you operate. Could you tell me about Chayn’s mission? Nadine (Chayn): Chayn is a tech-forward nonprofit that aims to support survivors of sexual abuse, assault, and domestic violence with healing. We use technology to further accelerate that mission. Jiyon: What really stood out for me about Chayn is how survivors are supporting other survivors. Can you speak a little bit more about that? How are women empowering other women to heal, find peace, and move forward? Nadine: It’s definitely a powerful part of our organization. We are all women in the organization at the moment and that’s different, especially if you come from the tech world. It was something that really drew me to Chayn and I thought, “Wow, I really want to see whether this survivor focus—we call it a trauma-informed way of working—is actually possible.” And to be totally transparent, we’re still figuring out the answer to that because we do have a lot of survivors on the team. It’s not something that people have to disclose, but it’s a constant awareness for us. And even if people aren’t survivors, quite often people close to them have experienced abuse. That adds an extra layer of understanding to the people we’re trying to reach and helps further our mission. The role of tech in social impact work Jiyon: What is the role of tech and open source in helping social impact organizations tackle global issues? Felicitas: Tech is really a big opportunity to make a change. We’ve been doing development work for decades now and still, every third woman can’t read or write. These numbers haven’t changed despite all of the work from NGOs and that’s because the scalability and impact aren’t sufficient. But we can leapfrog this problem now with tech. That’s why tech is such a big opportunity. We can solve problems that we haven’t been able to solve for decades. And we can solve them quickly, so we don’t have to take another 300 years to reach gender equality. Nadine: As somebody coming from the tech world, there was an assumption that moving into the charity or nonprofit sector might mean that it’s less progressive or less advanced in tech. But last year we were part of the DPG Open Source Community Manager Program and worked with a community manager who we’ve now gone on to employ. It has been instrumental having somebody who really got it from the tech side; we had tried to set up our own tech volunteer program before, but we saw it as quite a heavy lift to manage a tech community. And I think what she has really helped us to see is that there are people out there who just want to come in and help, without having met you or even getting credit. They do it because they’ve got an itch they want to scratch or they see this as a way to contribute to social good, and that is really unique. I don’t know if another industry operates like that where strangers come in and essentially perform random acts of kindness. Sources of inspiration Jiyon: As a woman leader, what inspires you? Who inspires you? Felicitas: Any woman who’s willing and able to overcome obstacles. Becoming a victim is easy for a woman, but it’s very inspiring to see how women overcome and even grow from these challenges. Women are the largest untapped potential in the world in my point of view. We’ve had 2,000 years of patriarchy behind us, and I’d really love to see what would happen with 2,000 years of matriarchy ahead of us. When we were in Morocco, we went to a women’s shelter and I listened to many women’s stories. As I listened to them, I had no idea how they could overcome and survive what they went through, but they were there, many with their children, moving forward. It was so impressive and I realized that anything I could do to make it easier for them and women like them is an obligation. I didn’t earn my privilege; it was mere luck. So, I have a strong need to help those who aren’t as privileged. It’s a question of justice in my eyes; inequality drives me crazy. Advice for women in tech Jiyon: If you looked back 5 years ago, 10 years ago, or when you were starting your career, what advice would you give women who aren’t in tech right now but who want to follow that path? Nadine: Tech holds the power to try and do things differently. And we’re at a point where it would be easy for women to retreat. In the same way that sometimes we retreat from other male-dominated spaces; the wider world of tech could become one of those places. When I was in the commercial world, I tried my best as one of two women on a floor with maybe 100 men. I joined the company when it was only 35 people as a product manager and saw them scale to around 450 people by the time I left. Because I was able to climb so quickly as the company scaled, I struggled a lot with imposter syndrome. People would tell me to “break down the imposter syndrome,” especially because I was a woman. But the idea of just “breaking it down” is really tough, and it made me think even more that I wasn’t cut out to do this, which was really hard to shake. But as the company grew and I was surrounded by more women, I actually realized the better advice is: find your allies. Having allies—of any gender—helps you start to shake the imposter syndrome naturally and you become a lot more confident when you’re not in a place of isolation. Where we go from here Jiyon: What can women and other leaders do to contribute to and inspire change? Felicitas: The key is empathy. If you start to look to the global south, you very quickly realize that most of the things we take for granted in our lives aren’t granted for billions of people, especially women. It’s important to question your position in the world, recognize your privileges, and use your empathy to drive action. Nadine: It’s really important to get some “balcony time” where you step out and look over what’s going on in your life and all around you. It’s really difficult to juggle everything in your day-to-day life and to just stop and reflect. And the second part is then to act on those realizations and start doing things for other people. It’s taking the time to acknowledge the people in your life and to say, “I see you there and I see how you’re showing up for other people.” Recognition and support are things we’ve got to do for each other. Speaking with both Felicitas and Nadine moved me in a way I wasn’t expecting. It was a good reminder to take that “balcony time” and step outside of my every day, reflect on what I can do to impact others, and take steps to do that. I hope you found some inspiration from their stories as well. If you want to learn more or support these causes, visit Audiopedia Foundation’s website and repository and Chayn’s website and repository. You can also contribute to Chayn’s frontend, backend, and soulmedicine work.

By investing in open source frameworks and LGTM tools, SRE teams can effectively monitor their apps and gain insights into system behavior.View the full article

Open-source software is used throughout the technology industry to help developers build software tools, apps, and services. While developers building with open-source software can (and often do) benefit greatly from the work of others, they should also conduct appropriate due diligence to protect against software supply chain attacks. With an increasing focus on managing open-source software supply chain risk, both Citi and Google strive to apply more rigor across risk mitigation, especially while choosing known and trusted suppliers where open source components are sourced from. Key open source attack vectors The diagram above highlights key open source attack vectors. We can divide the common software supply chain security attacks into five main types: Attacks at runtime leveraging vulnerabilities in the code Attacks on the repositories, tooling and processes Attacks on the integrity of the artifacts as they progress through the pipeline Attacks on the primary open source dependencies that customers applications leverage Attacks throughout the inherited transitive dependency chain of the open source packages Application security experts have seen their work increase and get harder as these attacks have increased in recent years. Open-source components often include and depend on the functionality of other open-source components in order to function. These components can have two types of dependencies: direct and transitive. Generally, the interactions work like this: The application makes an initial call to a direct dependency. If the direct dependency requires any outside components for it to function, those outside components are the application’s transitive dependencies. These types of dependencies are notoriously difficult to remediate. This is because they are not readily accessible to the developer. Their code base resides with their maintainers, rendering the application entirely dependent upon their work. If the maintainer of one of these transitive dependencies releases a fix, the amount of time before it makes its way up the supply chain to impact your direct dependency could be a while. Thus, the management of vulnerabilities needs to be extended to the full transitive dependency chain as this is where 95% of the vulnerabilities are found. Maintaining a regular upgrade and patching process for your software development lifecycle (SDLC) tooling is now a must; as is upgrading the security of both your repositories and processes combined with active security testing of each. Tamper-evident provenance and signing can increase confidence in the ability to maintain artifact integrity throughout the pipeline. And mapping and understanding the full transitive dependency chain of all external components and depending on only known and trusted providers for these components becomes a required condition. Recent guidance from CISA and other government agencies supports the focus on appropriately selecting and testing open source software ahead of ingestion from a trusted source. While some organizations load built software artifacts directly from public package repositories, others with a more restrictive security risk appetite will require more stringent security controls requiring the use of curated open-source software providers. They may opt to only leverage open-source software they themselves have built from source, although this would be prohibitively expensive for most. But if they chose to use a curated third party, what checks must they look for before delegating that critical authority? There are three main criteria to evaluate a curated OSS vendor: 1. High level of security maturity A trusted supplier must demonstrate a high level of security maturity. Common areas of focus are to examine the security hygiene of the supplier in particular. Look for details of the vulnerability management culture and ability to quickly keep up to date with patching within the organisation. They should also have a well trained team, prepared to quickly address any incidents and a regular penetration testing team, continuously validating the security posture of the organisation. The trusted supplier should be able to demonstrate the security of their own underlying foundational infrastructure. Check that they: Have an up-to-date inventory of their own external dependencies. Demonstrate knowledge and control of all ingest points. Leverage a single production build service so that they can maintain a singular logical control point. Meet best practice standards for managing their infrastructure including: Well designed separation of duties and IAM control Built-in organizational policy and guard rails to secure Zero Trust network design Automated and regular patching with associated evidence Support for these posture controls with complementary continuous threat detection with detection, logging and monitoring systems. Bonus points if they operate with "everything as code" and with hermetic, reproducible and verifiable builts. 2. High level of internal SDLC security The security of the SDLC used within the trusted supplier must be extremely high, particularly around the control plane of the SDLC and the components that interact with the source code to build the end product. Each system must be heavily secured and vetted to ensure any changes to the software is reviewed, audited, and requires multi-party approvals before progressing to the next stage or deployment. Strong authentication and authorisation policies must be in place to ensure that only highly trusted individuals could ever build, or change the vendor infrastructure. The SDLC security also needs to extend to the beginning of the ingestion of the source code material into the facility and to any code or functionality used within the control plane of the system itself. 3. Effective insider threat program As the trusted supplier is a high value target, there will be the potential for an insider threat as an attack vector.Therefore, the curated vendor would be expected to have an active and effective insider threat program. This personnel vetting approach should also extend to ensuring the location of all staff are within approved proximity and not outsourced. Trust but verify It is also important that the trusted supplier provide supporting evidence and insights. This evidence includes: Checkable attestations on infrastructure security and processes via third party certifications and/or your own independent audit. Checkable attestations for the security posture and processes for their SDLC against a standard framework like SLSA or SSDF. Cryptographic signatures on the served packages and any associated accompanying metadata so that you can verify source and distribution integrity. The actual relevance and security risk of an issue in a package is the combination of inherent criticality of in isolation, the context it's used in, the environmental conditions in which its deployed, any external compensating controls, and decreased or increased risk in the environment. The figure below shows the interrelationship and interaction between vulnerabilities and threats in the application and those from the underlying infrastructure. 4. Enhanced security and risk metadata that should accompany each served package to increase your understanding and insights to both the inherent component risk of the code or artifact as well as how that risk can change in context of your specific application and environment. Key metadata can include: Standard SBOM with SCA insights - vulnerabilities, licensing info, fully mapped transitive dependencies and associated vulnerability and licensing risk. VEX statements for how the inherited vulnerabilities from transitive dependencies affect the primary package being served. Any related threat intelligence specific to the package, use case, or your organization. The ability of the supplier to provide this type of enhanced data reinforces the evidence that they have achieved a high level of security and that the components they serve represent assured and more trustable ingredients you can employ with greater confidence. Better control and balancing benefits of open source components Leveraging open source components is critical to developer velocity, quality and accelerating innovation and execution. Applying these recommendations and requirements can enable you to better control and balance the benefits of using open source components with the potential risk of introducing targetable weak points in your SDLC and ultimately reduce your risk and exposure. Google Cloud’s Assured Open Source Software (Assured OSS) service for Java and Python ecosystems gives any organization that uses open source software the opportunity to leverage the security and experience Google applies to open source dependencies by incorporating the same OSS packages that Google secures and uses into their own developer workflows. Learn more about Assured Open Source Software, enable Assured OSS through our self-serve onboarding form, use the metadata API to list available Python and Java packages and determine which Assured OSS packages you want to use. View the full article

The revolution in generative AI (gen AI) and large language models (LLMs) is leading to larger model sizes and increased demands on the compute infrastructure. Organizations looking to integrate these advancements into their applications increasingly require distributed computing solutions that offer minimal scheduling overhead. As the need for scalable gen AI solutions grows, Ray, an open-source Python framework designed for scaling and distributing AI workloads, has become increasingly popular. Traditional Ray deployments on virtual machines (VMs) have limitations when it comes to scalability, resource efficiency, and infrastructure manageability. One alternative is to leverage the power and flexibility of Kubernetes and deploy Ray on Google Kubernetes Engine (GKE) with KubeRay, an open-source Kubernetes operator that simplifies Ray deployment and management. “With the help of Ray on GKE, our AI practitioners are able to get easy orchestration of infrastructure resources, flexibility and scalability that their applications need without the headache of understanding and managing the intricacies of the underlying platform.” - Nacef Labidi, Head of Infrastructure, Instadeep In this blog, we discuss the numerous benefits that running Ray on GKE brings to the table — scalability, cost-efficiency, fault tolerance and isolation, and portability, to name a few — and resources on how to get started. Easy scalability and node auto-provisioningOn VMs, Ray's scalability is inherently limited by the number of VMs in the cluster. Autoscaling and node provisioning, configured for specific clouds (example), require detailed knowledge of machine types and network configurations. In contrast, Kubernetes orchestrates infrastructure resources using containers, pods, and VMs as scheduling units, while Ray distributes data-parallel processes within applications, employing actors and tasks for scheduling. KubeRay introduces cloud-agnostic autoscaling to the mix, allowing you to define minimum and maximum replicas within the workerGroupSpec. Based on this configuration, the Ray autoscaler schedules more Kubernetes pods as required by its tasks. And if you choose the GKE Autopilot mode of operation, node provisioning happens automatically, eliminating the need for manual configuration. Greater efficiency and improved startup latencyGKE offers discount-based savings such as committed use discounts, new pricing model and reservations for GPUs in Autopilot mode. In addition, GKE makes it easy to taking advantage of cost-saving measures like spot nodes via YAML configuration. Low startup latency is critical to optimal resource usage, ensuring quick recovery, faster iterations and elasticity. GKE image streaming lets you initialize and run eligible container images from Artifact Registry, without waiting for the full image to download. Testing demonstrated containers going from `ray-ml` container image going from `ContainerCreating` to `Running` state in 8.82s, compared to 5m17s without image streaming — that’s 35x faster! Image streaming is automatically enabled on Autopilot clusters and available on Standard clusters. Automated infrastructure management for fault tolerance and isolationManaging a Ray cluster on VMs offers control over fault tolerance and isolation via detailed VM configuration. However, it lacks the automated, portable self-healing capabilities that Kubernetes provides. Kubernetes excels at repeatable automation that is expressed with clear declarative and idempotent desired state configuration. It provides automatic self-healing capabilities, which in Kuberay 2.0 or later extends to preventing the Ray cluster from crashing when the head node goes down. In fact, Ray Serve docs specifically recommend Kubernetes for production workloads, using the RayService custom resource to automatically handle health checking, status reporting, failure recovery and upgrades. On GKE, the declarative YAML-based approach not only simplifies deployment and management but can also be used to provision security and isolation. This is achieved by integrating Kubernetes' RBAC with Google Cloud's Identity and Access Management (IAM), allowing administrators to finely tune the permissions granted to each Ray cluster. For instance, a Ray cluster that requires access to a Google Cloud Storage bucket for data ingestion or model storage can be assigned specific roles that limit its actions to reading and writing to that bucket only. This is configured by specifying the Kubernetes service account (KSA) as part of the pod template for Ray cluster `workerGroupSpec` and then linking a Google Service account with appropriate permissions to the KSA using the workload identity annotation. Easy multi-team sharing with Kubernetes namespacesOut of the box, Ray does not have any security separation between Ray clusters. With Kubernetes you can leverage namespaces to create a Ray cluster per team, and use Kubernetes Role-Based Access Control (RBAC), Resource Quotas and Network Policies. This creates a namespace-based trust boundary to allow multiple teams to each manage their Ray clusters within a larger shared Kubernetes cluster. Flexibility and portabilityYou can use Kubernetes for more than just data and AI. As a general-purpose platform, Kubernetes is portable across clouds and on-premises, and has a rich ecosystem. With Kubernetes, you can mix Ray and non-Ray workloads on the same infrastructure, allowing the central platform team to manage a single common compute layer, while leaving infrastructure and resource management to GKE. Think of it as your own personal SRE. Get started with Kuberay on GKEIn conclusion, running Ray on GKE is a straightforward way to achieve scalability, cost-efficiency, fault tolerance and isolation for your production workloads, all while ensuring cloud portability. You get the flexibility to adapt quickly to changing demands, making it an ideal choice for forward-thinking organizations in an ever-evolving generative AI landscape. To get started with Kuberay on GKE, follow these instructions. This repo has Terraform templates to run Kuberay on GPUs and TPUs, and examples for training and serving. You can also find more tutorials and code samples at AI/ML on GKE page. View the full article

The post 8 Best Open-Source Disk Cloning & Backup Tools for Linux (2024) first appeared on Tecmint: Linux Howtos, Tutorials & Guides .Disk cloning is the process of copying data from one hard disk to another. While you can perform this task using copy-and-paste methods, it’s important The post 8 Best Open-Source Disk Cloning & Backup Tools for Linux (2024) first appeared on Tecmint: Linux Howtos, Tutorials & Guides.View the full article

Years of SaaS innovation and disruption threaten the profitability of vendor-driven open source projects, forcing licensing changes.View the full article

Fix: Developer Chasm To Engage More Devs With My Open Source Project Wish I could push that git commit to move beyond initial developer engagement. A developer chasm means getting stuck with open-source community growth after initial engagement. In this article, I will share the insights that helped me successfully move open-source projects from the initial developer engagement stage to the category leader stage with community-led growth. I learned from my developer community-building work and developer relations consultant work for open-source projects. View the full article

Edge AI is transforming the way that devices interact with data centres, challenging organisations to stay up to speed with the latest innovations. From AI-powered healthcare instruments to autonomous vehicles, there are plenty of use cases that benefit from artificial intelligence on edge computing. This blog will dive into the topic, capturing key considerations when starting an edge AI project, main benefits, challenges and how open source fits into the picture. What is Edge AI? AI at the edge, or Edge AI, refers to the combination of artificial intelligence and edge computing. It aims to execute machine learning models on interconnected edge devices. It enables devices to make smarter decisions, without always connecting to the cloud to process the data. It is called edge, because the machine learning model runs near the user rather than in a data centre. Edge AI is growing in popularity as industries identify new use cases and opportunities to optimise their workflows, automate business processes or unlock new chances to innovate. Self-driving cars, wearable devices, security cameras, and smart home appliances are among the technologies that take advantage of edge AI capabilities to deliver information to users in real-time when it is most essential. Benefits of edge AI Nowadays, algorithms are capable of understanding different tasks such as text, sound or images. They are particularly useful in places occupied by end users with real-world problems. These AI applications would be impractical or even impossible to deploy in a centralised cloud or enterprise data centre due to issues related to latency, bandwidth and privacy. Some of the most important benefits of edge AI are: Real time insights: Since data is analysed real time, close to the user, edge AI enables real time processing and reduces the time needed to complete activities and derive insight.Cost savings: Depending on the use case, some data can often be processed at the edge where it is collected, so it doesn’t all have to be sent to the data centre for training the machine learning algorithms. This reduces the cost of storing the data, as well as training the model. At the same time, organisations often utilise edge AI to reduce the power consumption of the edge devices, by optimising the time they are on and off, which again leads to cost reduction.High availability: Having a decentralised way of training and running the model enables organisations to ensure that their edge devices benefit from the model even if there is a problem within the data centre.Privacy: Edge AI can analyse data in real time without exposing it to humans, increasing the privacy of appearance, voice or identity of the objects involved. For example, surveillance cameras do not need someone to look at them, but rather have machine learning models that send alerts depending on the use case or need.Sustainability: Using edge AI to reduce the power consumption of edge devices doesn’t just minimise costs, it also enables organisations to become more sustainable. With edge AI, enterprises can avoid utilising their devices unless they are needed. Use cases in the industrial sector Across verticals, enterprises are quickly developing and deploying edge AI models to address a wide variety of use cases. To get a better sense of the value that edge AI can deliver, let’s take a closer look at how it is being used in the industrial sector. Industrial manufacturers struggle with large facilities that often use a significant number of devices. A survey fielded in the spring of 2023 by Arm found that edge computing and machine learning were among the top five technologies that will have the most impact on manufacturing in the coming years. Edge AI use cases are often tied to the modernisation of existing manufacturing factories. They include production scheduling, quality inspection, and asset maintenance – but applications go beyond that. Their main objective is to improve the efficiency and speed of automation tasks like product assembly and quality control. Some of the most prominent use cases of Edge AI in manufacturing include: Real-time detection of defects as part of quality inspection processes that use deep neural networks for analysing product images. Often, this also enables predictive maintenance, helping manufacturers minimise the need to reactively fix their components by instead addressing potential issues preemptively. Execution of real-time production assembly tasks based on low-latency operations of industrial robots. Remote support of technicians on field tasks based on augmented reality (AR) and mixed reality (MR) devices; Low latency is the primary driver of edge AI in the industrial sector. However, some use cases also benefit from improved security and privacy. For example, 3D printers3d printers can use edge AI to protect intellectual property through a centralised cloud infrastructure. Best practices for edge AI Compared to other kinds of AI projects, running AI at the edge comes with a unique set of challenges. To maximise the value of edge AI and avoid common pitfalls, we recommend following these best practices: Edge device: At the heart of Edge AI are the devices which end up running the models. They all have different architectures, features and dependencies. Ensure that the capabilities of your hardware align with the requirements of your AI model, and ensure that the software – such as the operating system – is certified on the edge device.. Security: Both in the data centres and on the edge devices there are artefacts that could compromise the security of an organisation. Whether we talk about the data used for training, the ML infrastructure used for developing or deploying the ML model, or the operating system of the edge device, organisations need to protect all these artefacts. Take advantage of the appropriate security capabilities to safeguard these components, such as secure packages, secure boot of the OS from the edge device, or full-disk encryption on the device.Machine learning size: Depending on the use case, the size of the machine learning model is different. It needs to fit on the end device that it is intended to run, so developers need to optimise the model size dictate the chances to successfully deploying it.Network connection: The machine learning lifecycle is an iterative process, so models need to be periodically updated. Therefore, the network connection influences both the data collection process as well as the model deployment capabilities. Organisations need to check and ensure there is a reliable network connection before building deploying models or building an AI strategy.Latency: Organisations often use edge AI for real-time processing, so the latency needs to be minimal. For example, retailers need instant alerts when fraud is detected and cannot ask customers to wait at the cashiers for minutes before confirming payment. Depending on the use case, latency needs to be assessed and considered when choosing the tooling and model update cadence.Scalability: Scale is often limited to the cloud bandwidth to move and process information. It leads to high costs. To ensure a broader range of scalability, the data collection and part of the data processing should happen at the edge. Remote management: Organisations often have multiple devices or multiple remote locations, so scaling to all of them brings new challenges related to their management. To address these challenges, ensure that you have mechanisms in place for easy, remote provisioning and automated updates. Edge AI with open source Open source is at the centre of the artificial intelligence revolution, and open source solutions can provide an effective path to addressing many of the best practices described above. When it comes to edge devices, open source technology can be used to ensure the security, robustness and reliability of both the device and machine learning model. It gives organisations the flexibility to choose from a wide spectrum of tools and technologies, benefit from community support and quickly get started without a huge investment. Open source tooling is available across all layers of the stack, from the operating system that runs on the edge device, to the MLOps platform used for training, to the frameworks used to deploy the machine learning model. Edge AI with Canonical Canonical delivers a comprehensive AI stack with all the open source software organisations need for their edge AI projects. Canonical offers an end-to-end MLOps solution that enables you to train your models. Charmed Kubeflow is the foundation of the solution, and it is seamlessly integrated with leading open source tooling such as MLflow for model registry or Spark for data streaming. It gives organisations flexibility to develop their models on any cloud platform and any Kubernetes distribution, offering capabilities such as user management, security maintenance of the used packages or managed services. The operating system that the device runs plays an important role. Ubuntu Core is the distribution of the open source Ubuntu operating system dedicated to IoT devices. It has capabilities such as secure boot and full disk encryption to ensure the security of the device. For certain use cases, running a small cloud, such as Microcloud enables unattended edge clusters to leverage machine learning. Packaging models as snaps makes them easy to maintain and update in production. Snaps offer a variety of benefits including OTA updates, auto rollback in case of failure and no touch deployment. At the same time, for managing the lifecycle of the machine learning of the model and the remote management, brand stores are an ideal solution.. To learn more about Canonical’s edge AI solutions, get in touch. Further reading 5 Edge Computing Examples You Should Know How a real-time kernel reduces latency in telco edge clouds MLOps Toolkit Explained View the full article

Edge AI is transforming the way that devices interact with data centres, challenging organisations to stay Edge AI is transforming the way that devices interact with data centres, challenging organisations to stay up to speed with the latest innovations. From AI-powered healthcare instruments to autonomous vehicles, there are plenty of use cases that benefit from artificial intelligence on edge devices. This blog will dive into the topic, capturing key considerations when starting an edge AI project, the main benefits, challenges and how open source fits into the picture. What is Edge AI? AI at the edge, or edge AI, refers to the combination of artificial intelligence and edge computing. It aims to execute machine learning models on connected edge devices. It enables devices to make smarter decisions, without always connecting to the cloud to process the data. It is called edge, because the machine learning model runs near the user rather than in a data centre. Edge AI is growing in popularity as industries identify new use cases and opportunities to optimise their workflows, automate business processes or unlock new chances to innovate. Self-driving cars, wearable devices, Industrial assembly lines, and smart home appliances are among the technologies that take advantage of edge AI capabilities to deliver information to users in real-time when it is most essential. Benefits of edge AI Algorithms are capable of understanding different inputs such as text, sound or images. They are particularly useful in places occupied by end users with real-world problems. These AI applications would be impractical or even impossible to deploy in a centralised cloud or enterprise data centre due to issues related to latency, bandwidth and privacy. Some of the most important benefits of edge AI are: Real time insights: Since data is analysed real time, close to the user, edge AI enables real time processing and reduces the time needed to complete activities and derive insight.Cost savings: Depending on the use case, some data can be processed at the edge where it is collected, so it doesn’t all have to be sent to the data centre for training the machine learning algorithms. This reduces the cost of storing the data, as well as training the model. At the same time, organisations often utilise edge AI to reduce the power consumption of the edge devices, by optimising the time they are on and off, which again leads to cost reduction.High availability: Having a decentralised way of training and running the model enables organisations to ensure that their edge devices benefit from the model even if there is a problem within the data centre.Privacy: Edge AI can analyse data in real time without exposing it to humans, increasing the privacy of appearance, voice or identity of the objects involved. For example, surveillance cameras do not need someone to look at them, but rather have machine learning models that send alerts depending on the use case or need.Sustainability: Using edge AI to reduce the power consumption of edge devices doesn’t just minimise costs, it also enables organisations to become more sustainable. With edge AI, enterprises can avoid utilising their devices unless they are needed. Use cases in the industrial sector Across verticals, enterprises are quickly developing and deploying edge AI models to address a wide variety of use cases. To get a better sense of the value that edge AI can deliver, let’s take a closer look at how it is being used in the industrial sector. Industrial manufacturers struggle with large facilities that often use a significant number of devices. A survey fielded in the spring of 2023 by Arm found that edge computing and machine learning were among the top five technologies that will have the most impact on manufacturing in the coming years. Edge AI use cases are often tied to the modernisation of existing manufacturing factories. They include production scheduling, quality inspection, and asset maintenance – but applications go beyond that. Their main objective is to improve the efficiency and speed of automation tasks like product assembly and quality control. Some of the most prominent use cases of Edge AI in manufacturing include: Real-time detection of defects as part of quality inspection processes that use deep neural networks for analysing product images. Often, this also enables predictive maintenance, helping manufacturers minimise the need to reactively fix their components by instead addressing potential issues preemptively. Execution of real-time production assembly tasks based on low-latency operations of industrial robots. Remote support of technicians on field tasks based on augmented reality (AR) and mixed reality (MR) devices; Low latency is the primary driver of edge AI in the industrial sector. However, some use cases also benefit from improved security and privacy. For example, 3D printers3d printers can use edge AI to protect intellectual property through a centralised cloud infrastructure. Best practices for edge AI Compared to other kinds of AI projects, running AI at the edge comes with a unique set of challenges. To maximise the value of edge AI and avoid common pitfalls, we recommend following these best practices: Edge device: At the heart of Edge AI are the devices which end up running the models. They all have different architectures, features and dependencies. Ensure that the capabilities of your hardware align with the requirements of your AI model, and ensure that the software – such as the operating system – is certified on the edge device.. Security: Both in the data centres and on the edge devices there are artefacts that could compromise the security of an organisation. Whether we talk about the data used for training, the ML infrastructure used for developing or deploying the ML model, or the operating system of the edge device, organisations need to protect all these artefacts. Take advantage of the appropriate security capabilities to safeguard these components, such as secure packages, secure boot of the OS from the edge device, or full-disk encryption on the device.Machine learning size: Depending on the use case, the size of the machine learning model is different. It needs to fit on the end device that it is intended to run, so developers need to optimise the model size and dictate the chances to successfully deploy it.Network connection: The machine learning lifecycle is an iterative process, so models need to be periodically updated. Therefore, the network connection influences both the data collection process as well as the model deployment capabilities. Organisations need to check and ensure there is a reliable network connection before building deploying models or building an AI strategy.Latency: Organisations often use edge AI for real-time processing, so the latency needs to be minimal. For example, retailers need instant alerts when fraud is detected and cannot ask customers to wait at the cashiers for minutes before confirming payment. Depending on the use case, latency needs to be assessed and considered when choosing the tooling and model update cadence.Scalability: Scale is often limited to the cloud bandwidth to move and process information. It leads to high costs. To ensure a broader range of scalability, the data collection and part of the data processing should happen at the edge. Remote management: Organisations often have multiple devices or multiple remote locations, so scaling to all of them brings new challenges related to their management. To address these challenges, ensure that you have mechanisms in place for easy, remote provisioning and automated updates. Edge AI with open source Open source is at the centre of the artificial intelligence revolution, and open source solutions can provide an effective path to addressing many of the best practices described above. When it comes to edge devices, open source technology can be used to ensure the security, robustness and reliability of both the device and machine learning model. It gives organisations the flexibility to choose from a wide spectrum of tools and technologies, benefit from community support and quickly get started without a huge investment. Open source tooling is available across all layers of the stack, from the operating system that runs on the edge device, to the MLOps platform used for training, to the frameworks used to deploy the machine learning model. Edge AI with Canonical CaCanonical delivers a comprehensive AI stack with all the open source software which your organisation might need for your edge AI projects. Canonical offers an end-to-end MLOps solution that enables you to train your models. Charmed Kubeflow is the foundation of the solution, and it is seamlessly integrated with leading open source tooling such as MLflow for model registry or Spark for data streaming. It gives organisations flexibility to develop their models on any cloud platform and any Kubernetes distribution, offering capabilities such as user management, security maintenance of the used packages or managed services. The operating system that the device runs plays an important role. Ubuntu Core is the distribution of the open source Ubuntu operating system dedicated to IoT devices. It has capabilities such as secure boot and full disk encryption to ensure the security of the device. For certain use cases, running a small cloud, such as Microcloud enables unattended edge clusters to leverage machine learning. Packaging models as snaps makes them easy to maintain and update in production. Snaps offer a variety of benefits including OTA updates, auto rollback in case of failure and no touch deployment. At the same time, for managing the lifecycle of the machine learning of the model and the remote management, brand stores are an ideal solution. Get Started with edge AI Explore the Canonical solution further with our MLOps Toolkit to discover the key factors to consider when building your machine learning toolkit which includes: Hardware and software that is already tested and validated on the marketOpen source machine learning tools for data processing and models buildingContainer solutions for orchestrationCloud computing with multiple optionsProduction-grade solutions that can be rolled out within an enterprise Download the MLOps Toolkit here. To learn more about Canonical’s edge AI solutions, get in touch. Further reading 5 Edge Computing Examples You Should Know How a real-time kernel reduces latency in telco edge clouds MLOps Toolkit Explained View the full article

If you're contemplating the daring act of open sourcing your projects, here are some things to know before you set out. View the full article