I got pwned by my cloud costs

Oh exactly that.

Or if caching is your biggest priority then Fastly or Akamai will shine too.

But if you're balancing all considerations and want the cheap "good enough" caching with the DDoS protection, free TLS certs, and unmetered (assuming you aren't imgur or something)... then Cloudflare does a great job at being good enough. And for those sharp edges... drop in a proxy of your own, or layer your CDNs.

Will BunnyCDN reliably keep an 18gb file in cache without hitting origin? I use and like Bunny, but relying on that to not get a massive bill in the mail scares the shit out of me.

Azure has its own CDN. If one wants to do Cloudfare -> CDN -> Azure Storage, then at least let it be Azure CDN in the middle, not another cloud provider in the mix. ¯\_(ツ)_/¯

Or simply run everything on your own server. All those middlemen are going to kill any latency improvements you get from anycast edge servers.

Argo does not affect caching, only performance. You're maybe mistaking it for tiered caching or a custom caching topology.

Because Hetzner and Linode VPSs have fixed disk sizes, while Azure and AWS have basically infinite storage. You use your cheap commodity VPS as a cache, not a source-of-truth.

So that you incur as much downtime risk as possible, obviously.

I hate these 'cloud economics' optimizations that people tend to try.

You are not allowed to use Lightsail once you use more professional services on AWS atleast per ToS

Reducing CloudFlare to a CDN is a disservice. They have some amazing services like Bot Management and Workers that make them very appealing. The CDN is just a nice bonus.

Because its order pf magnitude more expensive like anything on the cloud really..

Azure CDN offers almost no discount on egress over Azure storage directly. The same is the case with Amazon's equivalent services.

Has anyone gotten access to R2 yet? I signed up but haven't heard back myself.

Would love to find out if you can write to any/every region and have things replicate, or if you have to write to a single region. BunnyCDN's edge storage solution looked interesting until I found out it only supported writes to a single region.

Hoping R2 might be my savior here, otherwise will probably have to roll my own active-active minio cluster, which I'm not looking forward to maintaining. Other suggestions welcome!

I always was a software developer first, but in the old days I spent enough time in the server rooms doing all sorts of sysadmin work, and those days I dabble in devops.

And, honestly, I miss the old days. Today, $cloud has some weird spasms where you suddenly get an influx of connection timeouts or tasks waiting for aeons to get scheduled and you just can't log in to a switch or a machine and figure out what the exact hell is going on. You just watch the evergreen $cloud status page, maybe file some tickets and pray someone bothers to investigate, or maybe live with those random hiccups "sorry $boss, everything is 100% good on our side, it's $cloud misbehaving today", adding more resilience -> complexity -> unreliability in the name of reliability to the system. Either way, with the clouds I feel handicapped, lacking the ability to diagnose things when they go wrong.

I don't miss those three days we spent fighting a kernel panic. Was about a decade ago - we outgrew the hardware and had to get a new one with a badass-at-the-time 10GB SFP+ NIC that worked nice for the first few weeks but then its driver suddenly decided to throw some tantrums on almost a hourly basis. I don't even remember the details - a lot of time flew since then, but thankfully we found some patch somewhere in the depths of LKML and the server was a perfect clockwork ever since. That wasn't fun, but that was an one-in-many years incident.

Either way, I do feel that in the ancient ages hardware and software used to be so much more simple and reliable. Like, today people start with those multi-node high-availability all-the-buzzwords Kubernetes-in-the-cloud monstrosities that still fail now and then (because there are so many moving parts shit's just bound to fail at incredible rate), and in the good old days people somehow managed to have a couple of servers in the rack - some proper, some just desktop towers sitting by - and with some duct tape and elbow grease those ran without incidents for years and years.

Have I turned old and sour? Or maybe it's just the nostalgia about the youth, and I've forgotten or diminished most the issues while warmly remembering all the good moments?

In between your two extremes are colocation (no managing buildings, power, cooling, racks, security, optionally network), dedicated servers (no managing/installing servers, disks, warranties) and basic VMs.

This reads like a software engineer being happy work caters lunch so he/she didn’t have to cook for the whole team anymore. Didn’t anyone discuss maybe hiring a cook?

I think this depends. For OPS people no longer having to physically go into a DC I agree but you've now pushed a bunch of work developers especially now will have a harder time as they used to make code and there was someone who sorted infrastructure now the devs themselves are kept up all nights with AWS stuff going up and down.

If cloud improved QOL for ALL employees I'd agree but I think it just shifts work around and costs more.

> Dealing with hardware failures ... it's all awful work

I've met plenty of datacenter technicians that loved they work and the opportunities for growth it provided.

Some companies really know how to manage a datacenter with minimum pain. Some don't.

It's not like all those jobs have been taken over by automation - someone still has to take care of these cloud servers ?

> Dealing with hardware failures, hardware vendors, confusing licensing, having to know SKUs, racking new cabinets, swapping hard drives, patching servers - it's all awful work.

Each to their own, but I think you'll find there's a fairly significant portion of sysadmins who love that work!

I keep hearing this argument against using your own infrastructure again and again, and I'm not sure how true it is.

I've worked with teams on both sides, and everyone is gonna have to deal with figuring out how to run at scale, it's just different ways of achieving that.

I've worked with teams that manage their own infrastructure with dedicated servers, and not having to think about scaling for a long time as the one beefy server could just take whatever load you threw at it.

I've also worked with teams who don't manage their own infrastructure and thought they were ready to scale without issues, but once the scale actually happened, it turned out there was more things to consider than just the amount of servers you run, race-conditions were everywhere but no one thought about that.

Definitely a case of "right tool for the right job", but I don't think it's as easy as "Self-managed: harder to scale, PaaS/Cloud: easy peazy to scale".

I don't disagree; but I think the cloud (AWS/Azure/GCP) have sort of shielded people from how cheap/powerful the underlying hardware has became.

For ~100eur/month on hertzner you can get a 16core Zen3, 128GB RAM with 8TB of NVMe SSD.

Unless your stack is horrendously badly optimised you can serve SO MUCH traffic off that - definitely billions of postgres records without breaking a sweat.

So the scale argument somewhat disappears - if anything, people end up adding much more complexity to the product to get round the high hardware costs of the cloud (complex caching systems for example, instead of just throwing loads of hardware at the problem).

> Or is your ten person team really going to figure out how to get Postgres to reliably run with billions of records, with encrypted backups, etc?

Actually AWS won't help you here. I have literally been on a 2 day training course or aurora with AWS and the explanation of how to scale was actually just the same as any traditional non-cloud explanation. Correct usage of indexes, partitioning data, optimising queries (especially any non trivial query output by an ORM) and read replicas.

In terms of explosive growth if you're talking about something like google or tiktok again slapping it all in AWS will not automatically just work. There is a lot of engineering that you'll need to get to their level.

I also think you haven't really looked at the SO link I sent through with thoughtful engineering they have huge user base with a tiny footprint.

> DigitalOcean or anyone of a number good providers of good old VPSes / Cloud-lite

Not sure why you are dunking on DO here they are a fully fledged cloud provider with much the same stuff you would need. You can also run up a huge bill on DO as well.

> I can see both sides. If you're a startup that needs to be able to scale quickly if product market fit is achieved, the cloud really saves your bacon.

Depends on the team size of the said startup [0]. In my opinion, tech-shops are better off using new-age cloud providers like fly.io / glitch.com / render.com / railway.app / replit.com / deno.com / workers.dev etc [1].

[0] https://tailscale.com/blog/modules-monoliths-and-microservic...

[1] https://www.swyx.io/cloud-distros/

> is your ten person team really going to figure out how to get Postgres to reliably run with billions of records, with encrypted backups, etc?

Most of the problems here will be DBA problems like understanding query plans and such. Even with AWS RDB, I’ve had to upload various setting files to tweak tunables to get things working.

Now they have 9.

They still serve a lot more traffic than I do and I have hundreds of instances; thousands of containers.

Most importantly, SO is extremely read-heavy, write-lite, and cache-friendly.

A similar “scale” e-commerce site would be significantly more load, have more dynamic data, and just be overall harder to run.

Looks like they have actually reduces their footprint. It not that they do run on a single webserver it's that they can run on one.

In the UK/Europe yes:

https://uk.indeed.com/jobs?q=System%20Administrator&vjk=5149...

Probably not at FAANG level salaries but I doubt there are many sysadmins working for FAANG companies anymore.

DevOps btw are more expensive and infact in the UK DevOps can be higher paid that a developer. I suspect most of the DevOps working for this company are on £65k+. According to:

https://ifs.org.uk/tools_and_resources/where_do_you_fit_in

That puts those earners in the top 3% or from that website:

" In the below graph, the alternatively shaded sections represent the different decile groups. As you can see, you are in the 10th decile group.

In conclusion, Your income is so high that you lie beyond the far right hand side of the chart. "

£200k / year, in the UK? That's about 2-5 depending on experience.

A 20% reduction would result in ~£800k/yr.

> I reached out to a friend at Cloudflare and shortly thereafter, the penny dropped

Another advantage is his big network that he can ask for help. There's also a chance that his blog post will reach the right person in Azure and he'll get a reduced bill.

As someone who doesn't have the same network or the "fame", I am concerned about what would have happened to me in that situation.

Remember when no-sql came out and everyone was rushing to it because "rdbms don't scale"? I'm beginning to feel the same way towards "cloud" in the Azure or AWS sense. You can go really really far with standard issue VMs from linode or digital ocean and so on. I wonder how many are overpaying for Cloud services so far above and beyond what their actual needs are.

How are you teaching yourself?

Also the billing alerts is just that an alert. They should have something in place to put a hard cap on monthly spend. That way his free website would go offline when he's spent > $X.

As you say they make it hard deliberately.

Edit: Turn out Azure have this:

https://docs.microsoft.com/en-us/azure/cost-management-billi...

Dark patterns - this sounds like a colour scheme you don't care for.

"Predatory death-trap pricing" captures the spirit of the thing with rather more clarity. It is wholly intentional after all.

Get a VPS from linode for $5 a month and it costs $5 a month.

If I leave my water running then go on vacation I'll have a huge water bill too. I don't conclude my water company is intentionally trying to overcharge me. The more reasonable conclusion is: building an alert system that addresses every customer need is hard. Most enterprises (where all the customer focus is) want minimal downtime above other considerations, including cost.

>Every cloud makes this mistake easy!

Funny enough...Oracle (OCI) makes it better, you can buy oracle"coins" 1to1 with $ and load your account just with what you think you need.

Hetzner's cloud offer is limited but they limit your possible spending by default and it's very easy to set up billing alerts. I guess they mostly do it to ensure they get the money at the end of the month, but it's equally useful for their users.

> I am still waiting for a cloud without these dark patterns.

This is how mobile and landline phone companies made enormous fortunes before flat rate billing. It’s called post-paid vs pre-paid billing.

He's an Azure MVP. He already has 13 k in credits/yr, which could absorb the costs ( just guessing here)

> Correct me if I'm wrong, but Troy Hunt is a person focusing on security, not infrastructure, deployments or development even.

Eh, I don't know - either way he is a Microsoft Regional Director and MVP for Cloud (as well as security), runs courses on cloud deployment on Pluralsight, and has done speeches on Azure and reducing cloud bills, so if a he can get stung it doesn't say a whole lot good about my chances.

The underlying issue is that the cloud console is owned by a single product team, and THEY decide what gets exposed - not the underlying product teams for the individual services. At least that's the case for AWS.

The result is that you get a lowest common denominator type of dashboard. And hence a whole industry of providing just a prettier dashboard on top of AWS / GCP / Azure metrics.

Datadog started with a prettier dashboard for Cloudwatch data.

Cloudability started with a prettier dashboard for the Cost and Usage Report.

And also works the other way around. The individual product teams buy development environments to circumvent the console restrictions.

For example, a few years ago, the Redshift team purchased "DataRow".

The guy behind 'Have I been pwned', a website where you can check if your login credentials to some website have been leaked.

https://haveibeenpwned.com/

I meant to emphasize frequency, not eval period. Apologies. That said I took a look at the pricing docs and didnt see frequency mentioned, so hopefully I am in the wrong about the price.

As an aside, their (Azure's) pricing docs are written in the same fishy way their technical docs are written (my opinion only)...

But surely CloudAlarm relies on the same data as Azure's alerts do? Azure support told me that data is only updated daily.

Also, Azure has an option to alert you beforehand if it looks like you'll go over; struggling to see how your service is any better.

I'd say that it definitely depends on the business.

If you are selling you product via your web site and you're suddenly on TV with millions watching and accessing your site, you definitely don't want the server to go downand autoscaling + a bit higher cost would be great.

But... they do implement limits.

AWS can send you alerts when it looks like you will go over your budget for the period, before you're way over your projections, which is a nice feature.

I truly believe they want you to use a lot of their resources on a consistent, long-term basis; they don't get long-term value from people having short, one-off anomalies, so budgets and monitoring are aligned with their customers - just not total cost of ownership calculations :)

Every online course that requires you to use a public cloud to deploy something should first have you set up a billing alert that notifies you when costs start to creep past something reasonable, like $20 or $50 (depending on the course and work involved).

Op is Troy hunt, an ms MVP. You can bet there are people from MS doing it for him as soon as they got wind

Very true. And in terms of cloud computing, it would mean that alerts and notifications and limits are worth absolutely nothing if it's on the customer to set them up in the correct way for every scenario imaginable. Which is nearly impossible. The tomato supplier's human alerting system is a catch-all-system which would be easily implementable as well.

I'll bet Sysco would deliver $10k worth of canned tomatoes to your restaurant without checking.

In this scenario though you’ve used tonnes of tomatoes and they’re now asking you to pay

The big difference in case of gas or electric (or even telephone) is that you and only you are in control. Someone would have to physically break into your house or steal your phone to rack up a huge bill.

In contrast, with the cloud the bill is directly proportional to the amount of inbound requests from the Internet, with no out of the box way to implement a limit (I guess you could install Apache/Nginx and enforce a limit there, but doesn't that kinda defeat the whole point of the cloud?).

> A gas or electric bill works a bit like this

Just ask Texans.

If you have a bug that renders your product unusable and refunds are in order, the flexibility of handling traffic peaks which a cloud provider offers won't solve that problem for you. It could even aggravate it. If a show-stopping bug is introduced, it would probably be preferable to fail quickly.

> It was much more common to over provision and have machines and bandwidth being unused for years.

But the overprovisioned server might still be a lot cheaper than the cloud bill. It can be totally reasonable to have a server running at 1-5% load 98% of the time if you really need the capacity for the remaining 2%.

Also, neither "scaling up" as in "re-deploying the same setup on a beefier instance" nor "scaling out" as in "let's expand to the US and have a server there" is too difficult if the setup is automated (Ansible).

It's funny that even Hetzner can do that and AWS can't. Shows that there's no interest from AWS to prevent these things from happening.

I just looked at my AWS account and there seems to be a way to set budget, attach alerts to it and attach actions to alerts. For example there is an action to stop EC2 instances. Not sure if other AWS services have something similar, but at least you can kill your instances if something weird happens.

Actions weren't there last time I checked (few years ago).

Kill switches in lambda I believe is possible, running when the alert is triggered

I 100% work for a large enterprise and we would absolutely like spending policies in place. After all, we have fixed OPEX budgets planned in advance of the quarter.

This piqued my interest, but a few quick searches (using a search engine--the Oracle Cloud site search only turned up press releases...), indicate that quotas just prevent you from spinning up new instances. That's helpful, but I was hoping for some sort of way to cap my bill (for hobby projects), even if that requries deleting resources.

Oracle Cloud has an enticing free tier, but I'm too afraid to use it because it requires a credit card and I don't see any way to put a monthly cap on my budget. (I'm sure hobby projects with ~$5 - 10/month budgets isn't their target market, but I can dream :)

Edit to add the page I was reading: https://docs.oracle.com/en/cloud/get-started/subscriptions-c...

I guess big guys don't want they service to suddenly stop, so they probably would not use this... But it's just a guess

Yes ;)

https://news.ycombinator.com/newsguidelines.html

He's a "Microsoft Regional Director and MVP" so Microsoft pays the bill one way or another. I expect that he has reduced Azure rates as well.