Comment by bambax
Comment by bambax a day ago
We already have excellent cloud providers in Europe. But most importantly, most businesses using the cloud would be better off with simple on-prem solutions. So much cheaper to operate and control.
Comment by bambax a day ago
We already have excellent cloud providers in Europe. But most importantly, most businesses using the cloud would be better off with simple on-prem solutions. So much cheaper to operate and control.
Listened to a story about a fairly large company that switched to cloud and then back to on-premise. When they went cloud they quickly found out that they needed employees to manage the cloud infrastructure. The employee costs were similar for both setup.
Compliance and security testing does not go away just because you use cloud. The steps and questions will be different, but regulations like NIS and GDPR have extensive requirements regardless if you implement it yourself or buy it from an external supplier.
I would also not recommend to go with a single cloud solution with no backup solution and overall redundancy, unless a $5 voucher is good enough compensation for the service being down a whole day. The general recommendation after the latest waves of outages was for cloud users to use multiple cloud providers and multiple backup solution. It is just like how on-premise solutions need off-premise backups.
> Compliance and security testing does not go away just because you use cloud. The steps and questions will be different, but regulations like NIS and GDPR have extensive requirements regardless if you implement it yourself or buy it from an external supplier.
That’s a bit disingenuous. If I don’t operate a physical server rack, I also do not need to take care of physical access control, fire suppression policies, camera monitoring, key handling, and a wide range of other measures I would be otherwise obliged to take care of under GDPR. You can absolutely outsource classes of problems. What’s true is that that doesn’t lift the responsibility from you to check your cloud provider fulfils these obligations, but that’s very different from having to fulfil them yourself.
Go through a security review. It not as simple as just saying "we outsource that so we have no idea what they do or how they manage the data". It is disingenuous to claim that people can just outsource the whole problem and not care.
This would be part of the responsibility of the cloud managers, which need to be hired, paid and trained, on top of the cost of paying the cloud providers. There is no free lunch.
But you can rent on-prem servers in some datacenter near you where all that is done for you.
Most European "cloud" providers sell "wood": https://berthub.eu/articles/posts/dear-hosting-providers-you...
Exactly. People used to think that aws is somehow convenient(partially true) and much cheaper which it absolutely isn't. Hooking on anything trendy and pretending it solve all the issues is tech illness.
For example micro services. You do not need infrastructure heavy software paradigms for large majority of use cases but it was just blindly accepted as new standart which we are now, again, moving away.
Right, but have you tried recruiting someone recently who is capable of running a pair of local servers (including organizing redundant power feeds), upgrading the OS on them with no downtime, and arranging for off-site backups of the enterpris's data?
These used to be the skills of a generalist sysadmin for a small-site with on-prem services.
Those skills are no longer available on the market. Students in the local apprenticeship program have one class about hardware, and they don't even touch it, just talk about it.
> We already have excellent cloud providers in Europe.
Please provide a list, no sarcasm. And please don’t put Hetzner on it, as it is not a cloud provider.
In my book a cloud provider is a provider where you can spin up VMs at scale, offers multiple geographic regions across the world, offers managed complementary services such as S3, CDN, GLB, IAM, Managed Databases, backup & restore, FaaS, container registry, managed K8s or another container orchestration platform, PoPs around the world.
Hetzner has an S3 compatible offering, a VPS offering and that's it. Their core business is renting physical servers. And I see lately they offer a load balancing service.
You know, we used to have a single tech company providing essentially an entire tech stack to its customers. Its core enterprise pricing provided a platform with impressive compute capabilities, high redundancy, global support, strong backward compatibility and the backing of a company providing consulting and an ecosystem made of a lot of other software products. That company is still alive and well, although that product is probably less appealing now to new customers.
I'm talking about IBM mainframes.
Eventually, as the Internet (networking) and open source technologies (like Git and Linux) become more and more widespread, people realized they could build their services by combining products from different vendors (not to mention FOSS). I'm talking about the 1990s-2000s.
Now, after 20-30 years, we're thinking that the same company must provide the entire tech stack or lose relevancy as a provider.
To be clear, AWS and mainframes are pretty different from a technical standpoint, but I do wonder if we're kinda repeating the same cycle over and over. Asking the same company to provide everything and then build stuff with different products, to then find a new company which can provide everything and so on.
Not sure I follow.
It's one thing to say that a lot of AWS/Azure/Google users take advantage of many managed services.
But saying something is not a cloud provider because they don't provide a specific SaaS is kinda weird, especially if you read the NIST definition of cloud computing or when you consider that not every AWS user is using more than a handful of services (does that make AWS a cloud provider only for more "advanced" users?).
Sure, smaller cloud providers don't usually have all those services, but this doesn't mean they are not cloud providers. They cannot attract users who are more familiar with specific managed services, but they can probably satisfy the needs of other users who are more than happy with a smaller feature set.
Also, limiting yourself to a smaller portion of AWS/Azure/GCP services can facilitate migrations to other cloud platforms (think AWS -> Azure or viceversa), because you're less tied to specific proprietary tooling.
> So much cheaper to operate and control.
Until you factor in the salaries of the new employees you have to hire now, the cost of that hiring process, the compliance and security implications of operating servers on your premises, the ongoing maintenance of the software and operating systems, the new infrastructure to maintain, including but not limited to backup power supply and overall redundancy, the need to manage the lifecycle of the new hard- and software, the documentation for all of this… I could go on for a while.
It's not like these cloud solutions are just solving laziness.