Cloud Computing news and developer summaries

The author shares their experience migrating a digital stack to European-based services to achieve digital sovereignty. By replacing US-centric tools with alternatives like Scaleway, Matomo, and Mistral, the author demonstrates that professional, reliable infrastructure is achievable in Europe. The post emphasizes prioritizing data control and alignment with personal values over mere convenience, despite occasional migration challenges.

A former AWS advocate describes his transition from an early supporter to a critic due to excessive complexity, high egress costs, predatory behavior toward open-source, and poor support. His recent attempt to use AWS highlights ongoing frustrations with account management and vendor lock-in, reinforcing his decision to exit their ecosystem entirely.

In the United States, citizens and organizations can register free locality domains (e.g., somename.city.state.us). The process involves finding a delegated registrar, acquiring free nameservers via Amazon Lightsail, submitting the Interim .US Domain Template, and configuring DNS records to point to a chosen web host.

Concerns over GitHub's integration into Microsoft's CoreAI division, US jurisdiction risks, and mandatory AI training data usage prompted a shift toward digital autonomy. The Dutch government and the author have adopted self-hosted Forgejo to reclaim control. This move requires careful management of CI runners, emphasizing KVM isolation, weekly rebuilds, and egress filtering for security.

On May 19, 2026, a wrongful Google Cloud account suspension triggered an eight-hour platform-wide outage for Railway. The incident cascaded from Google Cloud to AWS and Railway Metal environments because the network control plane depended on a single Google-hosted API. Railway is now decentralizing its infrastructure and removing single vendor dependencies to improve resilience.

Railway is recovering from a significant service disruption caused by a Google Cloud account suspension. The team successfully restored access to their compute workloads but is actively addressing persistent networking issues. Service is gradually returning, with temporary build throttling in place for non-enterprise users to ensure stability during the recovery process.

OpenAI rearchitected its WebRTC infrastructure to support low-latency voice AI at scale. By implementing a 'relay plus transceiver' model, they decoupled packet routing from protocol termination. This design allows for global ingress, reduces public UDP surface area in Kubernetes, and preserves standard WebRTC behavior for clients while ensuring stable session ownership and minimal latency.

This digest highlights critical trends in cybersecurity, AI integration, and enterprise software. Key topics include evolving API-based AI attacks, data sovereignty challenges, ransomware recovery, and legal scrutiny regarding data breaches. Additionally, it addresses infrastructure modernization with Kubernetes, AI policy within open-source projects, and industry-wide shifts in data center energy management and cloud computing strategies.

Tilde provides a secure, versioned, and transactional environment for running autonomous AI agents. By utilizing an isolated, composable filesystem, Tilde allows developers to execute agents that interact with real-world data while ensuring operations are reversible. Features include granular RBAC, network isolation, and comprehensive audit trails, enabling safe, risk-free agent deployment against production systems.

Infomaniak has transferred majority voting rights to an independent, public-interest foundation to ensure its long-term independence and commitment to digital sovereignty, privacy, and environmental sustainability. This governance structure protects the company from hostile takeovers and mandates its mission, allowing for future growth without compromising its core values or Swiss identity.

A new method secures initial SSH connections to VMs by injecting a temporary SSH host key via cloud-init. This approach enables secure verification before retrieving long-term keys, preventing MITM attacks that occur during the standard Trust On First Use process while protecting private key material from unauthorized access via userdata leaks or SSRF vulnerabilities.

Docker Engine 29.0+ defaults to the containerd image store, which utilizes snapshotters instead of legacy graph drivers. This enables multi-platform builds, attestations, and Wasm support, though it increases disk usage by storing both compressed and uncompressed image layers. Users can enable it via daemon.json or experimental migration features.

This guide outlines the infrastructure components for Let's Encrypt API and portal environments, including production and staging endpoints. It provides configuration details for integrating third-party notification services like Microsoft Teams and Slack, alongside necessary contact information for managing subscriptions to these service endpoints.

The authors explain how decoupling compute and storage in managed Postgres, specifically through a 'lakebase' architecture, allows for offloading Full Page Writes (FPW). By moving image generation to the storage layer, they eliminated a major performance bottleneck, resulting in 5x higher write throughput, 50% lower read latency, and 94% less WAL traffic without requiring restarts.

Ghostbox provides disposable, temporary workstations for developers and AI agents by leveraging spare compute from global sources like GitHub Actions. It allows users to run builds, manage agents, and expose web apps securely without persistent infrastructure, ensuring a clean, ephemeral development environment that disappears after use.