One thing hasn't changed yet

Post #441,496 by drook 5/18/22 9:11:19 AM 5/18/22 9:11:19 AM Reply	One thing hasn't changed yet Economies of scale are still real, so resources keep getting bigger, and (usually) shared by more people. Which means when there's a problem it affects more people. And when it's a security issue, just identifying the potential scope requires searching a much larger surface. Real question: What lesson should they have learned in the 80s that would have prevented this? -- Drew
Post #441,497 by boxley 5/18/22 10:39:04 AM 5/18/22 10:39:04 AM Reply	data is not math "Science is the belief in the ignorance of the experts" – Richard Feynman
Post #441,498 by drook 5/18/22 12:27:28 PM 5/18/22 12:27:28 PM Reply	And what would they have done differently if they'd learned that? -- Drew
Post #441,500 by boxley 5/18/22 1:15:35 PM 5/18/22 1:15:35 PM Reply	quit using spreadsheets as a database "Science is the belief in the ignorance of the experts" – Richard Feynman
Post #441,501 by drook 5/18/22 3:26:17 PM 5/18/22 3:26:17 PM Reply	How does that prevent an outage when your host shuts down to respond to an attack? -- Drew
Post #441,503 by boxley 5/18/22 5:27:56 PM 5/18/22 5:27:56 PM Reply	it doesn't "Science is the belief in the ignorance of the experts" – Richard Feynman
Post #441,504 by CRConrad 5/19/22 2:18:01 AM 5/19/22 2:18:01 AM Reply	That not putting all your eggs in someone else's single basket beats economies of scale, IMO.
Post #441,506 by malraux 5/19/22 10:15:33 AM 5/19/22 10:15:33 AM Reply	In my experience that cloud basket is better than a company's single basket Especially with availability zones and multiple regions. Most companies don't have the capital or expertise to set up a local equivalent that even remotely approaches the robustness of a big cloud provider. The enormous cost savings of not owning multiple physical plants (you need at least two, separated far enough geographically that they're on separate electrical grids and in different natural disaster regions) can be spent on hardening your cloud presence, with plenty of money left over for other things. If you're truly concerned about a single provider, use Terraform or Serverless to spread your infrastructure across multiple providers. Complexity goes way up, however, and the incremental benefit over using multiple regions in a single provider probably isn't worth the investment. As an example, Google's SRE discipline is aimed at hitting 99.99% reliability. Anything over that isn't going to be noticed by users and the incremental improvements are cost-scaled way out of proportion to the improvements. Companies I've worked for have had issues from 3rd party SaaS vendors way more often than the IaaS cloud providers. In the past 8 years I can think of 2 times where we were directly affected by a cloud provider's issues, and maybe 2 or 3 times indirectly. Having said that, avoid AWS' us-east-1 as most of the issues seem to happen in that region. Regards, -scott Welcome to Rivendell, Mr. Anderson.
Post #441,510 by drook 5/19/22 11:32:02 PM 5/19/22 11:32:02 PM Reply	Pretty sure we're using us-east-1 Got anything you can point to showing why we shouldn't? -- Drew
Post #441,511 by malraux 5/20/22 9:32:56 AM 5/20/22 9:32:56 AM Reply	Most of the big failures I've seen have been there Like the big December '21 outage: https://www.zdnet.com/article/aws-heres-what-went-wrong-in-our-big-cloud-computing-outage/ Regards, -scott Welcome to Rivendell, Mr. Anderson.
Post #441,514 by drook 5/20/22 6:27:33 PM 5/20/22 6:27:33 PM Reply	Thanks, got some people I'll forward this to -- Drew
Post #441,517 by malraux 5/21/22 11:23:14 AM 5/21/22 11:23:14 AM Reply	There's a 3rd party vendor we recently rejected Their availability averaged 96% over the past 6 months, and a number of the outages and degradations were either caused by or exacerbated by AWS issues, all in us-east-1. Regards, -scott Welcome to Rivendell, Mr. Anderson.
Post #441,521 by crazy 5/21/22 11:32:17 PM 5/21/22 11:32:17 PM Reply	2 weeks of downtime per year That's really bad.
Post #441,520 by static 5/21/22 10:37:57 PM 5/21/22 10:37:57 PM Reply	I think us-east-1 is their original location. So there must be some hardware build decisions left over from when it was first created.
Post #441,526 by malraux 5/22/22 3:11:58 PM 5/22/22 3:11:58 PM Reply	Yes, there are a number of oddities with that region. They finally removed the weird "S3 buckets are global, but really they're just in us-east-1" problem, but there are still a number of global API endpoints that are hosted there. This can make locking down regions that can create new resources difficult if one of those regions isn't us-east-1. Regards, -scott Welcome to Rivendell, Mr. Anderson.

Welcome to IWETHEY!