Home
Blog
Managed Kubernetes with GPU Worker Nodes for Faster AI/ML Inference

Managed Kubernetes with GPU Worker Nodes for Faster AI/ML Inference

By Gcore

November 23, 2023

6 min read

Managed Kubernetes with GPU Worker Nodes for Faster AI/ML Inference

Currently, 48% of organizations use Kubernetes for AI/ML workloads, and the demand for such workloads also drives usage patterns on Kubernetes. Let’s look at the key technical reasons behind this trend, how AI/ML workloads benefit from running on GPU worker nodes in managed K8s clusters, and some considerations regarding GPU vendors and scheduling.

Why Kubernetes is Good for AI/ML

A number of features make Kubernetes popular and effective in the AI/ML realm:

Scalability. K8s enables seamless, on-demand scalability of AI/ML workloads. This is especially critical for inference workloads because they are more dynamic regarding resource utilization than training workloads, and can be resource-intensive. The latter means they often require frequent scaling up or down based on the volume of data being processed.
Automated scheduling. The ability to automatically schedule AI/ML workloads reduces the operational overhead for MLOps teams. It also improves the performance of AI/ML applications by ensuring they are scheduled to the nodes that have the required resources.
Resource utilization. K8s can help to optimize physical resource utilization for AI/ML workloads. It can dynamically and automatically allocate the required amounts of CPU, GPU, and RAM resources. This is critical due to the resource-intensive nature of these workloads and the potential for cost reduction.
Flexibility. With K8s, you can deploy AI/ML workloads across multiple infrastructures, including on-premises, public cloud, and edge cloud. This feature also makes Kubernetes a good option for organizations that need to deploy AI/ML workloads in hybrid or multicloud environments.
Portability. You can easily migrate Kubernetes-based AI/ML applications between different environments and installations. This is critical for deploying and managing AI/ML workloads in a hybrid infrastructure.

Use Cases

Here are some examples of how companies have adopted Kubernetes (K8s) for their AI/ML projects:

OpenAI has been an early adopter of K8s. In 2017, the company was running machine learning experiments on K8s clusters. With the K8s autoscaler, OpenAI could deploy such a project in a few days and scale it up to hundreds of GPUs in a week or two. Without the Kubernetes autoscaler, such a process would take months. As a result, OpenAI increased the number of AI experiments tenfold. In 2021, the company expanded its K8s infrastructure to 7,500 nodes for large ML models such as GPT-3, DALL-E and CLIP.
Shell uses a K8s-based platform Kubeflow to run tests and quickly experiment with ML models on laptops. Engineers can move these workloads from the test environment to production, and the workloads will function just the same. With Kubernetes, Shell builds thousands of ML models in two hours instead of a month. The time to write the underlying code is reduced from two weeks to four hours.
IKEA has developed an internal MLOps platform based on K8s to train ML models on-premises and get inference in the cloud. This allows the MLOps team to orchestrate different types of trained models and, ultimately, improve the customer experience.

Of course, these examples are not broadly representative. Most companies are not fully AI-focused like OpenAI and are not as large as IKEA. They can’t afford to train large AI/ML models from scratch, which takes time and money, but instead run pretrained models and integrate them with other internal services. In other words, these companies use AI/ML inference, not training.

Inference workloads tend to be more dynamic regarding resource utilization than training workloads because production clusters are more likely to experience user and traffic spikes. In such cases, the infrastructure needs to scale up and down quickly, whereas AI/ML training typically requires gradual scaling. Therefore, for AI/ML models that are already trained and deployed, the scalability and dynamic resource utilization of K8s are especially beneficial.

Why GPU Is Better than CPU for Worker Nodes

GPU worker nodes are a better fit for containerized AI/ML workloads than CPU worker nodes for the same reasons as for non-containerized workloads: GPU offers parallel processing capabilities and higher performance for AI/ML than CPUs.

Inference for AI/ML workloads running on GPU worker nodes can be faster than those running on CPU worker nodes due to the following factors:

The GPU’s memory architecture is specifically optimized for AI/ML processing, enabling higher memory bandwidth than CPUs.
GPUs often provide better computational performance than CPUs for AI/ML training and inference because they have more transistors to process data.

Kubernetes adds its own performance benefits to those of GPUs. In addition to hardware acceleration, AI/ML workloads running on GPU worker nodes get scalability and dynamic resource allocation. Kubernetes also includes plugins for GPU vendor support, making it easy to configure GPU resources for use by AI/ML workloads.

Figure 1. The simplified K8s cluster architecture with GPU worker node

With Kubernetes, you can manage GPU resources across multiple worker nodes. Containers consume GPU resources in essentially the same way as they consume CPU resources.

GPU Vendors Comparison

There are three GPU vendors available for Kubernetes: NVIDIA, AMD, and Intel. When choosing GPU vendors for worker nodes, it’s important to keep in mind that their compatibility with Kubernetes, tool ecosystem, performance, and cost can vary.

	NVIDIA GPU worker nodes	AMD GPU worker nodes	Intel GPU worker nodes
Compatibility with K8s	Excellent	Good	Good
Tools ecosystem	Excellent	Good	Fair
Performance	Excellent	Good	Fair
Cost	High	Medium	Medium

Let’s compare the three vendors.

Compatibility with Kubernetes: NVIDIA is the most compatible with K8s. The company provides CUDA drivers, various container runtimes, and other tools and features that simplify GPU integration and management. AMD and Intel support for K8s is less mature and often requires custom configuration.
Tools ecosystem: NVIDIA has the best ecosystem of tools for AI/ML, thanks to software such as the GPU Operator and Container Toolkit, and ML frameworks adapted for NVIDIA GPUs, such as TensorFlow, PyTorch, and MXNet. AMD and Intel also have tools for AI/ML, but they are not as comprehensive as NVIDIA’s.
Performance: NVIDIA GPUs are known for their high performance on AI workloads, outperforming the competition on most MLPerf benchmarks. NVIDIA GPUs are ideal for demanding tasks such as deep learning and high-performance computing.
Cost: NVIDIA GPUs are the most expensive type of GPU worker node.
Flexibility: NVIDIA offers several features that make its GPU-based K8s clusters highly flexible in terms of management and resource utilization compared to its competitors:
- Multi-instance GPU (MIG) mechanism for NVIDIA A100 GPU to allow a GPU to be securely partitioned into up to seven separate instances for better GPU utilization
- Multicloud GPU clusters, which can be seamlessly managed and scaled as if deployed in a single cloud
- Heterogeneous GPU and CPU clusters to simplify the training and management of distributed deep learning models
- GPU metrics monitoring with Prometheus and visualization with Grafana
- Support for multiple container runtimes, including Docker, CRI-O, and containers

In summary, NVIDIA GPU worker nodes are the best choice for AI/ML workloads in Kubernetes. They offer the best compatibility with K8s, the best tools ecosystem, and the best performance. That’s why we chose NVIDIA GPUs for Gcore Managed Kubernetes. Our customers get all the benefits of NVIDIA, including the highest performance level for faster training and inference of their AI/ML workloads.

Important Specifics of GPU Scheduling in Kubernetes

To enable GPU scheduling and allow pods to access its resources, you need to install a vendor-specific device plugin from your chosen GPU vendor — NVIDIA, AMD, or Intel.

Pods request GPU resources in the same way they request CPU resources. However, Kubernetes is less flexible with GPU than with CPU when it comes to configuring `limits` and `requests`. With `requests`, you set the amount of resources that a pod is guaranteed to get, such as a minimum quantity. With `limits`, you set the amount of resources that won’t be exceeded, for instance, a maximum quantity. When configuring a pod manifest for GPU requests, `limits` and `requests` should be equal, meaning that a pod won’t get more resources than guaranteed if, for example, the application needs them.

Also, by default, you can’t allocate part of a GPU or multiple GPUs to a container because of the way CPU allocation works. You can only allocate one full GPU per container. This limitation doesn’t help with resource economics. But NVIDIA has managed to overcome this. With its GPU, you can use either use:

Time-sharing GPUs, which work by sequentially assigning time intervals to shared containers on a physical GPU. This works for all NVIDIA GPUs.
Multi-instance GPUs, which allow a GPU to be divided into up to seven instances for better GPU utilization. This only works with the NVIDIA A100 GPU.

These two features help you to use NVIDIA GPU resources more efficiently and save money on renting GPU instances in the cloud. This is also a significant advantage over other GPU vendors.

Managed Kubernetes vs. Vanilla Kubernetes with GPU

A managed Kubernetes service can offer several advantages over vanilla (open source) Kubernetes for AI/ML workloads running on GPU worker nodes:

Flexible choice of GPUs. Managed K8s services typically provide support for GPU instances with various specifications. This makes it easier to choose the appropriate level of GPU acceleration for your AI/ML workloads.
Reduced operational overhead. Managed Kubernetes handles the everyday responsibilities of overseeing a Kubernetes cluster, like managing the control plane and implementing K8s updates. This enables you to focus on creating, deploying and managing AI/ML applications.
Scalability and reliability. Managed K8s services are typically designed with a strong focus on scalability and reliability, ensuring that your AI/ML workloads can adeptly handle fluctuating traffic and spikes in resource demand.

Gcore Managed Kubernetes with NVIDIA GPU Workers

Gcore Managed Kubernetes helps you to deploy Kubernetes clusters fast, without the need to maintain the underlying infrastructure and Kubernetes backend. The Gcore team controls the master nodes while you control only the worker nodes, reducing your operational burden. Worker nodes can be Gcore Virtual Machines or Bare Metal servers in various configurations, including those with NVIDIA GPU modules.

Conclusion

Managed Kubernetes with GPU worker nodes is a powerful and flexible combination for accelerating AI/ML inference. By taking advantage of both Kubernetes and GPUs, managed Kubernetes with GPU worker nodes can help you improve the performance and efficiency of your AI/ML workloads. The service also frees you from the need to maintain the underlying GPU infrastructure and most Kubernetes components.

Gcore Managed Kubernetes can boost your AI/ML workloads with GPU worker nodes on Bare Metal for faster inference and operational efficiency. We offer a 99.9% SLA with free production management and free egress traffic—at outstanding value for money.

Explore Managed Kubernetes

Gcore and Orange Business launch innovation program piloting joint solution to deliver sovereign inference as a service

Gcore and Orange Business have kicked off a strategic co-innovation program with the mission to deliver a scalable, production-grade AI inference service that is sovereign by design. By combining Orange Business’ secure, trusted cloud infrastructure and Gcore’s AI inference private deployment service, the collaboration empowers European enterprises and public sector organizations to run inference workloads at scale, without compromising on latency, control, or compliance.Gcore’s AI inference private deployment service is already live on Orange Business’ Cloud Avenue infrastructure. Selected enterprises across industries are actively testing it in real-world scenarios. These pilot customers are exploring how fast, secure, and compliant inference can accelerate their AI projects, cut deployment times, and reduce infrastructure overhead.The prototype will be demonstrated at NVIDIA GTC Paris, at the Taiga Cloud booth G26. Stop by any time to see it in action.The inference supercycle is underwayBy 2030, inference will comprise 70% of enterprise AI workloads. Telcos are well positioned to lead this shift due to their dense edge presence, licensed national data infrastructure, and long-standing trust relationships.Gcore’s inference solution provides a sovereign, edge-native inference layer. It enables users to serve real-time, GPU-intensive applications like agentic AI, trusted LLMs, computer vision, and predictive analytics, all while staying compliant with Europe’s evolving data and AI governance frameworks.From complexity to three clicksEnterprise AI doesn’t need to be hard. Deploying inference workloads at scale used to demand Kubernetes fluency, large MLOps teams, and costly trial-and-error.Now? It’s just three clicks:Pick a model: Choose from NVIDIA NIMs, open source, or proprietary libraries.Choose a region: Select one of Orange Business’ accredited EU data centers.Deploy: See your workloads go live in under 10 seconds.Enterprises can launch inference projects faster, test ideas more quickly, and deliver production-ready AI services without spending months on ML plumbing.Explore our blog to watch a demo showing how enterprises can deploy inference workloads in just three clicks and ten seconds.Sovereign by designAll model data, logs, and inference results are stored exclusively within Orange Business’ own data centers in France, Germany, Norway, and Sweden. Cross-border data transfer is opt-in only, helping ensure alignment with GDPR, sector-specific regulations, and the forthcoming EU AI Act.This platform is built for trust, transparency, and sovereignty by default. Customers maintain full control over their data, with governance baked into every layer of the deployment.Performance without trade-offsGcore’s AI inference solution avoids the latency spikes, cold starts, and resource waste common in traditional cloud AI setups. Key design features include:Smart GPU routing: Directs each request to the nearest in-region GPU, delivering real-time performance with sub-50ms latency.Pre-loaded models: Reduces cold start delays and improves response times.Secure multi-tenancy: Isolates customer data while maximizing infrastructure efficiency.The result is a production-ready inference platform optimized for both performance and compliance.Powering the future of AI infrastructureThis partnership marks a step forward for Europe’s sovereign AI capabilities. It highlights how telcos can serve as the backbone of next-generation AI infrastructure, hosting, scaling, and securing workloads at the edge.With hundreds of edge POPs, trusted national networks, and deep ties across vertical industries, Orange Business is uniquely positioned to support a broad range of use cases, including real-time customer service AI, fraud detection, healthcare diagnostics, logistics automation, and public sector digital services.What’s next: validating real-world performanceThis phase of the Gcore and Orange Business program is focused on validating the solution through live customer deployments and performance benchmarks. Orange Business will gather feedback from early access customers to shape its future sovereign inference service offering. These insights will drive refinements and shape the roadmap ahead of a full commercial launch planned for later this year.Gcore and Orange Business are committed to delivering a sovereign inference service that meets Europe’s highest standards for speed, simplicity, and trust. This co-innovation program lays the foundation for that future.Ready to discover how Gcore and Orange Business can deliver sovereign inference as a service for your business?Request a preview

Why on-premises AI is making a comeback

In recent years, cloud AI infrastructure has soared in popularity. With its scalability and ease of deployment, it’s no surprise that organizations rushed to transfer their data to the cloud in a bid to become “cloud-first.”But now, the tide is turning.As AI workloads grow more complex and regulatory pressures increase, many companies are reconsidering their reliance on cloud and turning back toward on-premises AI infrastructure.Rather than doubling down on the cloud, organizations are diversifying—adopting multi-cloud models, sovereign cloud environments, and even hybrid or fully on-prem setups. The era of a single cloud provider handling everything is coming to an end. Why? Control, security, and performance are hard to find in the public cloud.Here’s why more businesses are bringing AI back in-house.#1 Enhanced data security and controlData security remains one of the most urgent concerns driving the return to on-prem infrastructure.For sensitive or high-priority workloads—common in sectors like finance, healthcare, and government—keeping data off the cloud is often non-negotiable. Cloud computing inherently increases risk by exposing data to shared environments, wider attack surfaces, and complex supply chains.Choosing a trusted cloud provider can mitigate some of those risks. But it can’t replace the peace of mind that comes from keeping sensitive data in-house.With on-premises AI, organizations gain fine-grained access control. Encryption keys remain internal and breach exposure shrinks dramatically. It’s also much easier to stay compliant with privacy laws when data never leaves your own secure perimeter.For industries where trust and confidentiality are everything, on-prem solutions offer full visibility into where and how data is stored and processed.#2 Performance enhancement and latency reductionLatency matters—especially in AI.On-premises AI systems excel in environments that require real-time performance and heavy compute loads. Processing data locally avoids the physical delays caused by transferring it across the internet to a cloud data center.By eliminating long-haul network hops, companies get near-instant access to computing resources. They also get to fine-tune their internal networks—using private fiber, low-hop switching, and other low-latency optimizations that cloud customers can’t control.Unlike multi-tenant cloud platforms, on-prem resources aren’t shared. That means consistently low, predictable latency.This is vital for use cases where milliseconds—or even microseconds—make a difference: autonomous vehicles, real-time analytics, robotic control systems, and high-speed trading. Fast feedback loops and localized processing enable better outcomes, tighter control, and faster decision-making at the edge.#3 Regulatory compliance and data sovereigntyAround the world, data privacy regulations are tightening. For most organizations, compliance isn’t optional.On-premises infrastructure helps keep data safely inside the organization’s network. This supports data sovereignty, ensuring that sensitive information remains subject only to local laws—not the policies of another country’s cloud provider.It's also a powerful hedge against geopolitical instability.While hyperscalers operate globally, they’re always headquartered somewhere. That makes their infrastructure vulnerable to political shifts, sanctions, or changes in international data law. Governments may require them to restrict access, share data, or cut off services entirely—especially to organizations in sanctioned or adversarial jurisdictions.Businesses relying on these providers risk disruption when regulations change. On-premises infrastructure, by contrast, offers reliable continuity and greater control—especially in uncertain times.#4 Cost control and operational benefitsCloud pricing may look flexible, but costs can escalate quickly.Data transfers, storage, and compute spikes all add up—fast. In contrast, on-premises infrastructure provides a predictable Total Cost of Ownership (TCO). Although upfront CapEx is higher, OpEx remains more stable over time.Organizations can invest in high-performance hardware tailored to their specific needs and amortize those costs across years. That means no surprise bills, no sudden price hikes, and no dependence on vendor pricing models.Of course, running on-prem infrastructure comes with its own challenges. It demands specialized teams for deployment, maintenance, and support. These experts are costly to recruit and retain—but they’re critical to ensure uptime, security, and performance.Still, for companies with relatively stable compute and storage needs, the long-term savings often outweigh the initial setup effort. On-prem also integrates more smoothly into existing IT workflows, without the need for internet access or additional network setup—another operational bonus.#5 Proactive threat detection and automated responsesOn-premises AI sometimes enables smarter, more customized security.Advanced platforms can continuously analyze live data streams using machine learning to detect anomalies and predict threats. When something suspicious is flagged, the system can respond instantly by quarantining data, blocking traffic, and alerting security teams.That kind of automation is essential for minimizing damage and downtime.With full infrastructure control, organizations can deploy bespoke monitoring systems that align with their threat models. Deep packet inspection, real-time anomaly detection, and behavioral analytics can be easier to configure and maintain on-prem than in shared cloud environments.These systems can also work seamlessly with WAAP and DDoS tools to detect and neutralize threats before they spread. The key is flexibility: whether on-prem or cloud-based, AI-driven security should adapt to your architecture and threat landscape, not the other way around.End-to-end visibility can give security teams a clearer picture and faster response options than generic, one-size-fits-all public cloud security tools.How to combine eon-premises control with cloud scalabilityLet’s be clear: on-premises AI isn’t perfect. It demands upfront investment. It requires skilled personnel to deploy and manage systems. And integrating AI into legacy environments takes thoughtful planning.But today’s tools are helping bridge those gaps. Modern platforms reduce the need for constant manual intervention. They support real-time updates to threat models and detection logic. As a result, security teams can spend more time on strategy and less on maintenance.Meanwhile, the cloud still plays an important role. It offers faster access to new tools, software updates, and next-gen GPU hardware.That’s why many organizations are opting for a hybrid model.Our recommendation: Keep your sensitive, high-priority workloads on-prem. Use the cloud for elastic scale and innovation. Together, they deliver the best of both worlds: performance, control, compliance, and flexibility.Secure your digital infrastructure with Gcore on-premises AI inferenceWhether you’re protecting sensitive data or running high-demand workloads, on-premises AI gives you the control and confidence you need. Securing sensitive data and managing high-demand workloads requires a level of control, performance, and predictability that only on-premises AI infrastructure delivers.Gcore Everywhere Inference Private Deployment makes it easier than ever to bring powerful serverless AI inference capabilities directly into your physical environment. Designed for scalable global performance, Everywhere Inference enables robust and secure multi-tenant AI inference deployments across on-prem and cloud environments, helping you meet data sovereignty requirements, reduce latency, and streamline deployment.Talk to us about your on-prem AI plans

3 clicks, 10 seconds: what real serverless AI inference should look like

Deploying a trained AI model could be the easiest part of the AI lifecycle. After the heavy lifting of data collection, training, and optimization, pushing a model into production is where “the rubber hits the road”, meaning the business expects to see the benefits of invested time and resources. In reality, many AI projects fail in production because of poor performance stemming from suboptimal infrastructure conditions.There are, broadly speaking, two paths developers can take when deploying inference: DIY, which is time and resource-consuming and requires domain expertise from several teams within the business, or the ever-so-popular “serverless inference” solution. The latter is supposed to simplify the task at hand and deliver productivity, cutting down effort to seconds, not hours. Yet most platforms offering “serverless” AI inference still feel anything but effortless. They require containers, configs, and custom scripts. They bury users in infrastructure decisions. And they often assume your data scientists are also DevOps engineers. It’s a far cry from what serverless was meant to be.At Gcore, we believe real serverless inference means this: three clicks and ten seconds to deploy a model. That’s not a tagline—it’s the experience we built. And it’s what infrastructure leaders like Mirantis are now enabling for enterprises through partnerships with Gcore.Why deployment UX matters more than you thinkServerless inference isn’t just a backend architecture choice. It’s a business enabler, a go-to-market accelerator, an ROI optimizer, a technology democratizer—or, if poorly executed, a blocker.The reality is that inference workloads are a key point of interface between your AI product or service and the customer. If deployment is clunky, you’re struggling to keep up with demand. If provisioning takes too long, latency spikes, performance is inconsistent, and ultimately your service doesn’t scale. And if the user experience is unclear or inconsistent, customers end up frustrated—or worse, they churn.Developers and data scientists don’t want to manage infrastructure. They want to bring a model and get results without becoming cloud operators in the process.Dom Wilde, SVP Marketing, MirantisThat’s why deployment UX is no longer a nice-to-have. It’s the core of your product.The benchmark: 3 clicks, 10 secondsWe built Gcore Everywhere Inference to remove every unnecessary step between uploading a model and running it in production. That includes GPU provisioning, routing, scaling, isolation, and endpoint generation, all handled behind the scenes.The result is what we believe should be the default:Upload a modelConfirm deployment parametersClick deployAnd within ten seconds, you’re serving live inference.For platform teams supporting AI workloads, this isn’t just a better workflow. It’s a transformation.With Gcore, our customers can deliver not just self-service infrastructure but also inference as a product. End users can deploy models in seconds, and customers don’t have to micromanage the backend to support that.Dom Wilde, MirantisSimple frontend, powerful backendIt’s worth saying: simplifying the frontend doesn’t mean weakening the backend. Gcore’s platform is built for scale and performance, offering the following:Multi-tenant GPU isolationSmart routing based on location and loadAuto-scaling based on demandA unified API and UI for both automation and accessibilityWhat makes this meaningful isn’t just the tech, it’s the way it vanishes behind the scenes. With Gcore, Mirantis customers can deliver low-latency inference, maximize GPU efficiency, and meet data privacy requirements without touching low-level infrastructure.Many enterprises and cloud customers worry about underutilized GPUs. Now, every cycle is optimized. The platform handles the complexity so our customers can focus on building value.Dom Wilde, MirantisIf it’s not 3 clicks and 10 seconds, it’s not really serverlessThere’s a growing gap between what serverless inference promises and what most platforms deliver. Many cloud providers are focused on raw compute or orchestration, but overlook the deployment layer. That’s a mistake. Because when it comes to customer experience, ease of deployment is the product.Mirantis saw that early on and partnered with Gcore to bring inference-as-a-service to CSP and enterprise customers, fast. Now, customers can launch new offerings more quickly, reduce operational overhead, and improve the user experience with a simple, elegant deployment path.Redefine serverless AI with GcoreIf it takes a config file, a container, and a support ticket to deploy a model, it’s not serverless—it’s server-less-ish. With Gcore Everywhere Inference, we’ve set a new benchmark: three clicks and ten seconds to deploy AI. And, our model catalog offers a variety of popular models so you can get started right away.Whether you’re frustrated with slow, inefficient model deployments or looking for the most effective way to start using AI for your company, you need Gcore Everywhere Inference. Give our experts a call to discover how we can simplify your AI so you can focus on scaling and business logic.Let’s talk about your AI project

Run AI inference faster, smarter, and at scale

Training your AI models is only the beginning. The real challenge lies in running them efficiently, securely, and at scale. AI and reality meet in inference—the continuous process of generating predictions in real time. It is the driving force behind virtual assistants, fraud detection, product recommendations, and everything in between. Unlike training, inference doesn’t happen once; it runs continuously. This means that inference is your operational engine rather than just technical infrastructure. And if you don’t manage it well, you’re looking at skyrocketing costs, compliance risks, and frustrating performance bottlenecks. That’s why it’s critical to rethink where and how inference runs in your infrastructure.The hidden cost of AI inferenceWhile training large models often dominates the AI conversation, it’s inference that carries the greatest operational burden. As more models move into production, teams are discovering that traditional, centralized infrastructure isn’t built to support inference at scale.This is particularly evident when:Real-time performance is critical to user experienceRegulatory frameworks require region-specific data processingCompute demand fluctuates unpredictably across time zones and applicationsIf you don’t have a clear plan to manage inference, the performance and impact of your AI initiatives could be undermined. You risk increasing cloud costs, adding latency, and falling out of compliance.The solution: optimize where and how you run inferenceOptimizing AI inference isn’t just about adding more infrastructure—it’s about running models smarter and more strategically. In our new white paper, “How to Optimize AI Inference for Cost, Speed, and Compliance”, we break it down into three key decisions:1. Choose the right stage of the AI lifecycleNot every workload needs a massive training run. Inference is where value is delivered, so focus your resources on where they matter most. Learn when to use pretrained models, when to fine-tune, and when simple inference will do the job.2. Decide where your inference should runFrom the public cloud to on-prem and edge locations, where your model runs, impacts everything from latency to compliance. We show why edge inference is critical for regulated, real-time use cases—and how to deploy it efficiently.3. Match your model and infrastructure to the taskBigger models aren’t always better. We cover how to choose the right model size and infrastructure setup to reduce costs, maintain performance, and meet privacy and security requirements.Who should read itIf you’re responsible for turning AI from proof of concept into production, this guide is for you.Inference is where your choices immediately impact performance, cost, and customer experience, whether you’re managing infrastructure, developing models, or building AI-powered solutions. This white paper will help you cut through complexity and focus on what matters most: running smarter, faster, and more scalable inference.It’s especially relevant if you’re:A machine learning engineer or AI architect deploying models across environmentsA product manager introducing real-time AI featuresA technical leader or decision-maker managing compute, cloud spend, or complianceOr simply trying to scale AI without sacrificing controlIf inference is the next big challenge on your roadmap, this white paper is where to start.Scale AI inference seamlessly with GcoreEfficient, scalable inference is critical to making AI work in production. Whether you’re optimizing for performance, cost, or compliance, you need infrastructure that adapts to real-world demand. Gcore Everywhere Inference brings your models closer to users and data sources—reducing latency, minimizing costs, and supporting region-specific deployments.Our latest white paper, “How to optimize AI inference for cost, speed, and compliance”, breaks down the strategies and technologies that make this possible. From smart model selection to edge deployment and dynamic scaling, you’ll learn how to build an inference pipeline that delivers at scale.Ready to make AI inference faster, smarter, and easier to manage?Download the white paper

How to comply with NIS2: practical tips and key requirements

The European Union is boosting cybersecurity legislation with the introduction of the NIS2 Directive. The new rules represent a significant expansion in how organizations across the continent approach digital security. NIS2 establishes specific and clear expectations that impact not just technology departments but also legal teams and top decision-makers. It refines old protocols while introducing additional obligations that companies must meet to operate within the EU.In this article, we explain the role and scope of the NIS2 Directive, break down its key security requirements, analyze the anticipated business impact, and provide a checklist of actions that businesses can take to remain in compliance with continually evolving regulatory demands.Who needs to comply with NIS2?The NIS2 Directive applies to essential and important organizations operating within the European Union in sectors deemed critical to society and the economy. NIS2 also applies to non-EU companies offering services within the EU, requiring non-EU companies that offer covered services in the EU without a local establishment to appoint a representative in one of the member states where they operate.In general, organizations with 50 or more employees and an annual turnover above €10M fall under NIS2. Smaller entities can also be included if they provide key services, including energy, transport, banking, healthcare, water supply, digital infrastructure, and public administration.4 key security requirements of NIS2Under the NIS2 Directive, organizations are required to have an integrated approach to cybersecurity. There are 10 basic measures that companies subject to this legislation must follow: risk policies, incident handling, supply-chain security, MFA, cryptography, backups, BCP/DRP, vulnerability management, security awareness, crypto-control, and “informational hygiene”. In this article, we will cover the four most important of them.These four are necessary steps for limiting disruptions and achieving full compliance with stringent regulatory demands. They include incident response, risk management, corporate accountability, and reporting obligations.#1 Incident responseUnder NIS2, a solid incident response is required. Companies must document processes for the detection, analysis, and management of cyber incidents. Additionally, organizations must have a trained team ready to respond quickly when there's a breach, reducing damage and downtime. Having the right plan in place can make the difference between a minor issue and a major disruption.#2 Risk managementContinuous risk evaluation is paramount within NIS2. Businesses should constantly be scouting out internal vulnerabilities and external dangers while following a clear, defined risk management protocol. Regular audits and monitoring help businesses stay a step ahead of future threats.#3 Corporate accountabilityNIS2 emphasizes corporate accountability by requiring clear cybersecurity responsibilities across all management levels, placing direct oversight on executive leadership. Additionally, due to the dependency of most organizations on third-party suppliers, supply chain security is paramount. Executives need to check the security measures of their partners. One weak link in the chain can destroy the entire system, making stringent security measures a prerequisite for all partners to reduce risks.#4 Reporting obligationsTransparency lies at the heart of NIS2. Serious incidents need to be reported promptly to maintain the culture of accountability the directive encourages. Good reporting mechanisms ensure that vital information is delivered to the concerned authorities in a timely manner, akin to formal channels in data protection legislation such as the GDPR.What NIS2 means for applicable organizationsSome of the potential implications of NIS2 include an increased regulatory burden, financial and reputational risks, and operational challenges. These apply to all businesses that are already established in the European Union. With compliance now becoming mandatory in all member states, businesses that have lagged behind in implementing effective cybersecurity measures will be put under increased pressure to improve their processes and systems.Increased regulatory burdenFor most firms, the new directive means a huge increase in their regulatory burden. The broadened scope of the directive applies to more industries, and this may lead to additional administrative tasks. Legal personnel and compliance officers will need to sift through current cybersecurity policies and ensure all parts of the organization are in line with the new requirements. This exercise can entail considerable coordination between different departments, including IT, risk management, and supply chain management.Financial and reputational risksThe penalty for non-compliance is steep. The fines for failure to comply with the NIS2 Directive are comparable to the GDPR fines for non-compliance, up to €10 million or 2% of a company's worldwide annual turnover for critical entities, while important organizations face a fine of up to €7M or 1.4% of their global annual turnover. Financial fines and reputational damage are significant risks that organizations must take into account. A single cybersecurity incident can lead to costly investigations, legal battles, and a loss of trust among customers and partners. For companies that depend on digital infrastructure for their day-to-day operations, the cost of non-compliance can be crippling.Operational challengesNIS2 compliance requires more than administrative change. Firms may have to make investments into new technology when trying to meet the directive's requirements, such as expanded monitoring, expanded protection of data, and sophisticated incident response protocols. Legacy system firms can be put at a disadvantage with the need for rapid cybersecurity improvements.NIS2 compliance checklistDue to the comprehensive nature of the NIS2 Directive, organizations will need to adopt a systematic compliance strategy. Here are 5 practical steps organizations can take to comply:Start with a thorough audit. Organizations must review their current cybersecurity infrastructure and identify areas of vulnerability. This kind of audit helps reveal areas of weakness and makes it easier to decide where to invest funds in new tools and training employees.Develop a realistic incident response plan. It is essential to have a short, actionable plan in place when things inevitably go wrong. Organizations need to develop step-by-step procedures for handling breaches and rehearse them through regular training exercises. The plan needs to be constantly updated as new lessons are learned and industry practices evolve.Sustain continued risk management. Risk management is not a static activity. Organizations need to keep their systems safe at all times and update risk analyses from time to time to combat new issues. This allows for timely adjustments to their approach.Check supply chain security. Organizations need to find out how secure their third-party vendors are. They need to have clear-cut security standards and check periodically to help ensure that all members of the supply chain adhere to those standards.Establish clear reporting channels. Organizations must have easy ways of communicating with regulators. They must establish proper reporting schedules and maintain good records. Training reporting groups to report issues early can avoid delays and penalties.Partner with Gcore for NIS2 successGcore’s integrated platform helps organizations address key security concerns relevant to NIS2 and reduce cybersecurity risk:WAAP: Real-time bot mitigation, API protection, and DDoS defense support incident response and ongoing threat monitoring.Edge Cloud: Hosted in ISO 27001 and PCI DSS-compliant EU data centers, offering scalable, resilient infrastructure that aligns with NIS2’s focus on operational resilience and data protection.CDN: Provides fast, secure content delivery while improving redundancy and reducing exposure to availability-related disruptions.Integrated ecosystem: Offers unified visibility across services to strengthen risk management and simplify compliance.Our infrastructure emphasizes data and infrastructure sovereignty, critical for EU-based companies subject to local and cross-border data regulation. With fully-owned data centers across Europe and no reliance on third-party hyperscalers, Gcore enables businesses to maintain full control over where and how their data is processed.Explore our secure infrastructure overview to learn how Gcore’s ecosystem can support your NIS2 compliance journey with continuous monitoring and threat mitigation.Please note that while Gcore’s services support many of the directive’s core pillars, they do not in themselves guarantee full compliance.Ready to get compliant?NIS2 compliance doesn’t have to be overwhelming. We offer tailored solutions to help businesses strengthen their security posture, align with key requirements, and prepare for audits.Interested in expert guidance? Get in touch for a free consultation on compliance planning and implementation. We’ll help you build a roadmap based on your current security posture, business needs, and regulatory deadlines.Get a free NIS2 consultation

Securing vibe coding: balancing speed with cybersecurity

Vibe coding has emerged as a cultural phenomenon in 2025 software development. It’s a style defined by coding on instinct and moving fast, often with the help of AI, rather than following rigid plans. It lets developers skip exhaustive design phases and dive straight into building, writing code (or prompting an AI to write it) in a rapid, conversational loop. It has caught on fast and boasts a dedicated following of developers hosting vibe coding game jams.So why all the buzz? For one, vibe coding delivers speed and spontaneity. Enthusiasts say it frees them to prototype at the speed of thought, without overthinking architecture. A working feature can be blinked into existence after a few AI-assisted prompts, which is intoxicating for startups chasing product-market fit. But as with any trend that favors speed over process, there’s a flip side.This article explores the benefits of vibe coding and the cybersecurity risks it introduces, examines real incidents where "just ship it" coding backfired, and outlines how security leaders can keep up without slowing innovation.The upside: innovation at breakneck speedVibe coding addresses real development needs and has major benefits:Allows lightning-fast prototyping with AI assistance. Speed is a major advantage, especially for startups, and allows faster validation of ideas and product-market fit.Prioritizes creativity over perfection, rewarding flow and iteration over perfection.Lowers barriers to entry for non-experts. AI tooling lowers the skill floor, letting more people code.Produces real success stories, like a game built via vibe coding hitting $1M ARR in 17 days.Vibe coding aligns well with lean, agile, and continuous delivery environments by removing overhead and empowering rapid iteration.When speed bites backVibe coding isn’t inherently insecure, but the culture of speed it promotes can lead to critical oversights, especially when paired with AI tooling and lax process discipline. The following real-world incidents aren’t all examples of vibe coding per se, but they illustrate the kinds of risks that arise when developers prioritize velocity over security, skip reviews, or lean too heavily on AI without safeguards. These three cases show how fast-moving or under-documented development practices can open serious vulnerabilities.xAI API key leak (2025)A developer at Elon Musk’s AI company, xAI, accidentally committed internal API keys to a public GitHub repo. These keys provided access to proprietary LLMs trained on Tesla and SpaceX data. The leak went undetected for two months, exposing critical intellectual property until a researcher reported it. The error likely stemmed from fast-moving development where secrets were hardcoded for convenience.Malicious NPM packages (2024)In January 2024, attackers uploaded npm packages like warbeast2000 and kodiak2k, which exfiltrated SSH keys from developer machines. These were downloaded over 1,600 times before detection. Developers, trusting AI suggestions or searching hastily for functionality, unknowingly included these malicious libraries.OpenAI API key abuse via Replit (2024)Hackers scraped thousands of OpenAI API keys from public Replit projects, which developers had left in plaintext. These keys were abused to access GPT-4 for free, racking up massive bills for unsuspecting users. This incident shows how projects with weak secret hygiene, which is a risk of vibe coding, become easy targets.Securing the vibe: smart risk mitigationCybersecurity teams can enable innovation without compromising safety by following a few simple cybersecurity best practices. While these don’t offer 100% security, they do mitigate many of the major vulnerabilities of vibe coding.Integrate scanning tools: Use SAST, SCA, and secret scanners in CI/CD. Supplement with AI-based code analyzers to assess LLM-generated code.Shift security left: Embed secure-by-default templates and dev-friendly checklists. Make secure SDKs and CLI wrappers easily available.Use guardrails, not gates: Enable runtime protections like WAF, bot filtering, DDoS defense, and rate limiting. Leverage progressive delivery to limit blast radius.Educate, don’t block: Provide lightweight, modular security learning paths for developers. Encourage experimentation in secure sandboxes with audit trails.Consult security experts: Consider outsourcing your cybersecurity to an expert like Gcore to keep your app or AI safe.Secure innovation sustainably with GcoreVibe coding is here to stay, and for good reason. It unlocks creativity and accelerates delivery. But it also invites mistakes that attackers can exploit. Rather than fight the vibe, cybersecurity leaders must adapt: automating protections, partnering with devs, and building a culture where shipping fast doesn't mean shipping insecure.Want to secure your edge-built AI or fast-moving app infrastructure? Gcore’s Edge Security platform offers robust, low-latency protection with next-gen WAAP and DDoS mitigation to help you innovate confidently, even at speed. As AI and security experts, we understand the risks and rewards of vibe coding, and we’re ideally positioned to help you secure your workloads without slowing down development.Into vibe coding? Talk to us about how to keep it secure.