Azure has an edge over AWS at big companies, Goldman Sachs survey says

Hacker News Discussion Jan 2020

moksly 8 hours ago [-] I work for a Danish municipality with roughly 10,000 employees. I’m not sure if you know, but our public sector has been competing with Estonia at being the most digitised in the world for a decade. We operate an estimated 300-500 different IT-systems, some of them enterprise sized SAP solutions deployed on old IBM mainframes with multiple layers of APIs to make their fronts somewhat web-based (don’t ask). Others are minor time registration systems or automated vacation-payouts. I said estimated because a day-care institution is free (though advices not to) buy it-systems without talking with any part of the centralised organisation. Microsoft has been one of our better partners in all of this. They aren’t cheap, but they listen to us when we need something. We have a direct line to Seattle, and parts of what we ring up at tickets have made it into the global 365 infrastructure. Stuff like making it easier to hide teams-emails from the company-wide outlook address-book. More than that though, our tech-team is trained and certified in Microsoft technologies. The combination of in-house staff and a 30+ year long good business relationship makes Azure such an obvious choice for cloud. Some of the co-municipal systems we buy through a joint-owned organisation called KOMBIT operate in AWS (support and operations is handled by private sector companies), and it’s not like we’re religious about not using AWS or something other, but we’d need to build a relationship and retrain staff to do so. reply dustinmoris 5 hours ago [-] > We have a direct line to Seattle, and parts of what we ring up at tickets have made it into the global 365 infrastructure. This is great for one business, but bad for the whole of businesses IMHO. Microsoft shoehorns every little thing into their products, never asking themselves if they should. As long as they think they can they will. This leads to stupid things like Durable (aka stateful) Azure Functions. Durable functions is a product of a business either not knowing how to use FaaS properly, or they were misusing FaaS for something where they should have chosen a different tech. But Microsoft being Microsoft will try to accommodate any stupidity they can as long as it will please some big customer. In the beginning they get away with it, but over the years that's how they always end up with half baked, slow and buggy products which are inconsistent, incoherent and just awful to use. Azure is certainly on that trajectory from everything I've seen so far and I use Azure every day at a client at the moment so I know what I'm speaking of. reply rjzzleep 4 hours ago [-] Microsoft is here to stay mainly because once you got your foot in the door at the big companies you will stay forever. The reasoning is indeed since we already have Microsoft guys Azure will fit us well but in practice none of these Microsoft guys will be able to help you on any Azure issue. So when Azure is involved in a big corp, accenture is usually not far behind. The experience with the solutions this doom duo comes up with are absolute hell to deal with. In upfront cost Azure looks better but in general that's rarely the case. All the azure API's seem half baked. Once you're doing anything more advanced you will run into issues, just look at the terraform azure provider issue tracker for a bunch of issues that people run into because it's not clear until you actually try out the apis. Here's another example if you want to use shared storage on kubernetes with any reasonable iops, the azurefile premium storage increases IOPS per Gigabyte allocated. So if you want any kind of reasonable experience/price you have to easier spin up your own nfs server, use azure netapp or allocate 10TB shared premium filesystem per share, which is something like 70k a year. reply oblio 2 hours ago [-] I like AWS, but AWS EFS has the same problem. They've improved it a bit through some recent changes, but it's not much better. The way it would work: they gave you absolutely pitiful base IOPS credits for EFS and everything else was related to disk space used. So more disk space used (and paid), more IOPS. After that they'd completely detroy your IOPS if you used up all the credits. By destroy I mean IOPS at the level of a HDD from 1995. I set up a Jenkins using EFS and initially it went well. It barely had any activity and after about 2 weeks it used up all the credits. After that even the login page would take 20 seconds to load. reply sciurus 1 hour ago [-] I think it's throughput credits that EFS gives you (e.g r/w MiB/s), not IOPS. AFAIK they don't document the IOPS available at all. In my experience the latency for an individual i/o operation on EFS is always at the "HDD from 1995" level regardless of available burst credits. Something that does lots of small random I/O like checking out got repos on Jenkins workers is basically worst case for EFS. https://docs.aws.amazon.com/efs/latest/ug/performance.html reply angry_octet 20 minutes ago [-] It's NFS, so the bad latency isn't surprising. The problem is that they don't have anything faster -- it tops out at 2GBy/s or something, even with hundreds of TB, even with multiple clients. You have to share your data over multiple EFS volumes, or build your own virtual gluster, which are extremely shit options. Also makes any kind of bug data HPC impractical. Bezos, if you're listening, fire someone. You should have next generation pNFS or lustre like protocols by 2016. reply oblio 1 hour ago [-] Throughput credits, you're right, my bad. The agents were in ECS with no persistent storage, so that wasn't the problem. I was just running the Jenkins master off of EFS, for the persistent configuration storage. And I don't think it's the latency that's killing EFS usage, it's the throughput. While the credits were there, everything went smoothly, once the credits ran out, the base throughput was fit for IO meant for the 90s. reply spydum 2 hours ago [-] That sounds like exactly like AWS though doesn't it? EFS iops scale with data size allocation. reply moksly 3 hours ago [-] I agree, but I think that’s on Microsoft. I’m not sure they’ve ever adopted any suggestions from us that weren’t universally wanted. When teams first became available in 365, it was automatically enabled for everyone. Today it’s not, we requested this change, but I really doubt we were alone in that. That’s not really what’s important to us, but I should have made that more clear. What is important is the direct line, so that we can call Microsoft and get updates directly from the techs working on the issue when something breaks. Amazon also has genuinely great support, they were even quicker to resolve the GDPR issues that made sure no one outside of the EU will ever access any of our data, not even through logs. But other companies let you talk to automated scripts, and take days to get back to you. So that’s why we like the direct line to Seattle, because it’s better support than most of their competition. reply dmix 2 hours ago [-] Microsoft also has one of the best and most effective sales machines in the world. Those direct lines help with customer retention and expansion of services just as well as it provides technical assistance. Even if AWS has some tech or price superiority, good luck prying those sales teams away from the big orgs and convincing them to go elsewhere - especially after significant ecosystem lock in. Which is another thing Microsoft is better at. Microsoft simply has the enterprise sales machine completely dominanting and optimized. It was fascinating watching them role out Azure with the full force of their developer and CTO focused marketing machine which kept hitting me even though I’d never use Microsoft, their ability to penetrate markets was fascinating to watch as an outsider. This is something Google will never be able to catch up with. And a very important part of these cloud wars which get overlooked while we debate the merits of Microsoft’s engineering yes-to-everything the managers ask approach. reply Pigo 16 minutes ago [-] I'm not managing anything near what you, and many people on here, do in your job. But from the perspective of a developer who has worked with several cloud platforms, Azure and Devops make the barrier for entry very easy, and the functionality available keeps growing. For personal stuff I like using Firebase, but that's just because it's free. I just feel like you get what you pay for with Azure, and even for a small team like mine, someone at MS has always gotten back to us quickly when we need them. reply ailideex 5 hours ago [-] > They aren’t cheap, but they listen to us when we need something Yet amazingly their interfaces and quality is incredibly horrible. Azure like most other things Microsoft makes feels like a half baked and over fitted platform with serious quality issues. reply moksly 1 hour ago [-] I don’t really like the admin interfaces or CLIs of either AWS or Azure. I’ve had an easier time with Azure than AWS for my personal projects, but maybe that’s just from being used to the Microsoft way. I’m not sure why they are so much harder to use than the smaller services like heroku or digital ocean. You’d think the big guys would have the best and easiest services, but they sure don’t. reply GordonS 5 hours ago [-] I completely disagree - I find the Azure interface, delightful to work with. And best of all, it's consistent, which can't be said for AWS' UI, which mostly looks very dated and differs from service to service. Years ago the Azure UI was a bit slow (but still beautiful to look at), but those issues were solved long ago. reply eropple 8 minutes ago [-] Having functionality splattered all through the god-awful, inexplicably horizontally-scrolling interface is not my idea of “delightful”. Parts of it are URL-stateful, other parts aren’t, and there’s no rhyme or reason for the difference. AWS might look “dated”, but I can’t imagine the mindset that cares about that. If a console is how you’re evaluating your cloud provider you are several steps behind where you need to be. And, great news: in addition to having a really dire console, Azure’s APIs are just no good, particularly if you have to step into the shitshow that is Azure AD (and paying even more for Microsoft Graph, which should just be included) or IAM, and they don’t step to either AWS or GCP to a degree that I just won’t work for an Azure company again. Trying to get anything done in those environments makes me feel stupid and personally bad for having the temerity to try, between inscrutable errors where the Microsoft support is barely English-literate even when you’re paying for it and the aforementioned API barf, and that’s a bad way to live one’s life. reply arethuza 4 hours ago [-] The change over from the "old" Azure portal to the new one was a bit painful at the time - but that was a while ago now and the current one is, I think, pretty good . reply polskibus 6 hours ago [-] At this scale, why not invest in your own datacenter, since you already have a lot of servers to maintain? I understand you have to use Office 365, but what is the value prop of Azure to you beyond that ? reply chairmanwow1 5 hours ago [-] I say this as someone who used to firmly agree with this position, but in the last year my mind has been changed without reservation. The time where this was a good idea has genuinely passed. There is no earthly way that any reasonable organization will be able to provide even the security that is present by relying on a large-scale cloud provider. There is no way they will come out on top money-wise either. The big cloud players have a _absurd_ number of servers that _teams_ of some of the best CA talent the globe has to offer stressing to improve KPIs for. 10k employees in a municipality is small potatoes to what azure / AWS / GCP have dedicated to their products. reply vidarh 3 hours ago [-] I have literally never seen a setup where cloud came out less than ~twice the cost of dedicated hosting. I have seen instances where dedicated hosting comes out cheaper than putting your own equipment in a colo, but even that depends on being in a location where energy and property prices (and so colo rental costs) are high. And this does factor in devops - when doing consulting I earned consistently more (because of more hours) from clients that went for cloud setups; often they'd end up spending more times solving problems that generally didn't exist in the first place in a dedicated setup. I do see lots of people that keep assuming that the cloud players must be cheap because they're so big, but I just have never seen that bear out in practice - in part because of that attitude, the margins they can charge are far higher. Cloud providers are great for ease and for the number of services they provide, but they are generally an expensive step up. reply blaird 3 minutes ago [-] I think this will always be the case when looking at the base cost of infrastructure itself (price of a compute/GB of storage in the cloud vs on prem) However, the cost of cloud pays off so dramatically (in my past experience across companies) when you can see what new things the company can do with IaaS/PaaS and how quickly its done. I've been at a large bank and a small startup that was forced to use an external datacenter, but the result was the same until we went to AWS/GCP: Infra needs were highly manual and often required purchase orders to scale that took months. As soon as we moved to the cloud and embraced infra as code things started to move 5x faster and we could focus on building software and products, not fighting legacy IT teams reply dcolebatch 2 hours ago [-] I suspect you’re doing it wrong, or there’s some niche type of computing you specialize in. In general purpose IT, looking across an enterprise portfolio of applications, we consistently see customers of Tidal Migrations replatform their applications to cloud and save 95+% in OpEx vs dedicated on-premise hosting. IMO, The first step to realizing those cost benefits is recognizing that the cloud is not your datacenter and you need to architect differently. Yes, cloud spend can grow as you open up access to more developers, but that’s why we have a plethora of tools and governance people to help make that manageable. I believe the business benefit of the agility gains that come from instant and decentralized resource provisioning will always trump any cloud bill... especially if you’re in a competitive industry & don’t want to get left behind. reply travbrack 12 minutes ago [-] Parent is probably comparing the cost of on prem to running VMs 24x7. Most IT departments are running software they did not write and don’t have the luxury of even getting access to the source code. If these customers want to do cloud they have to do it ‘wrong’ reply eeZah7Ux 2 hours ago [-] It's amazing how people fail to see that public cloud is the equivalent of a hotel. It's far cheaper than buying a house... in the short term. Cloud providers are not getting hardware, datacenters, electricity and labor for free. You are still paying for it. reply castlecrasher2 24 minutes ago [-] Public cloud is only the equivalent of renting a hotel if buying a house means hiring the builders full-time for continued maintenance. reply dx034 3 hours ago [-] Maybe not own dc, but colocation could still make sense? You don't need to be more efficient than Azure & Co. They have pretty solid profit margins, even being 30% less efficient should still be cheaper for you. And beyond a few thousand servers, I'm not even sure if scale matters that much (for server virtualization only). reply fulafel 2 hours ago [-] This varies by case - Office365 phishing breakins have been a bad epidemic for a long time now and the anti-phishing measures have not kept up well enough. I think MS still doesn't support any phishing resistant 2FA method there... reply username90 48 minutes ago [-] Public institutions usually have a lot of systems but not a lot of traffic (if we compare to tech companies), so it makes sense for them to put things in the cloud instead of building everything themselves. Also public institutions rarely get top talent and instead do everything via contractors, do you really think it is cheaper to get government contractors to build and run infrastructure instead of letting Microsoft do it? reply moksly 5 hours ago [-] Our setup is mixed, all our own servers are virtual on rented space at a local server rental shop. I’m not a hardware tech, so I’m afraid that’s as technical I can get. So our SQL cluster, and most of our web applications run on our own iron. Anything external as well as a lot of managed services run in Azure where the added security and operations dev-tools are invaluable compared to what we had when we self-hosted. We do make a conscious choice about everything that moves to the cloud. We’ve spent a lot of time figuring out if buying new rental space for our SQL cluster would be cheaper than moving it to Azure. With the current political climate, we’re also a little more hesitant about moving things to clouds operated by American companies, because there is risk attached, in that we may have to move it back rather suddenly. Not something we expect will ever happen, but we don’t like risk in the public sector. So my post wasn’t so much a “we run everything in Azure” as it was “well Azure is the obvious choice for the things we do operate in the cloud”. The relationship Microsoft has with enterprise, and the expertise staff has with their products means they become the best choice for a lot of enterprise. Unless Microsoft solutions are radically more expensive than their competitors, they simply have an advantage by already being a big, and typically well liked, player in most large organisation. reply christophilus 1 hour ago [-] My experience with home-rolled solutions suggests there are plenty of hidden costs. Got a new project, and want to spin up some experimental servers? Gotta wade through a bunch of IT guys. Documentation and training around Azure, etc is also going to be better than homegrown alternatives, most likely. Things like that. It’s hard to put a monetary figure on the frictions costs, but they are there. reply sergiosgc 19 minutes ago [-] You're comparing one extreme (public cloud) to another extreme (sysadmin-managed infrastructure). The alternative, today, is either a private or a hybrid cloud, which have all the advantages of short-circuiting sysadmins that public clouds have. reply nprateem 6 hours ago [-] Haha. Here's another one: "At this scale, why not write your own OS, since you already have a lot of servers to maintain?" reply corporateslave5 5 hours ago [+1] fulafel 6 hours ago [-] An potential problem is that now half of your IT recruits go to reinventing this stuff instead of working on domain problems. There aren't that many it staff per 10k municipal employees. (Of course this is assuming Azure specific hassles take much less staff time than running your own infra, not a given...) reply ptd 6 hours ago [-] One point(though I will admit this is the cynical part of my brain speaking) immediately jumps to mind. If the server goes down, you can blame Microsoft. Even the least technical person can’t blame you for that. If you create your own data center however, if it goes down, you may potentially be on the chopping block if service is interrupted. Self preservation is a strong motivator, perhaps the strongest in a business environment. reply adev_ 4 hours ago [-] > Self preservation is a strong motivator, perhaps the strongest in a business environment. And it's the most bullshit one. Outsourcing the risk does not mean avoiding it, it means however putting it out of control. This is a typical manager bullshit attitude "nobody got fired to buy IBM" that generally lead to adopt unadapted, bloated, overpriced solutions to trivial problems. Just because they do not have the balls to do things properly. Running out of its responsibilities should be a criteria to get fired when things go badly wrong. The outsource of the 737 MAX MCAS code to India today is a perfect example of that reply jtwaleson 2 hours ago [-] Agreed that outsourcing risk does not free you from the responsibilities. However, for many many services you have to rely on others to provide the service better than you could do yourself, as you are limited in time, money and other resources. For running production grade databases at startups, it's much more cost-efficient to run on AWS RDS than to hire a systems engineering team with 24/7 standby. For more trivial systems you might be right and managers might be cowards. However, you have to realize it's a spectrum. Whether you're running it yourself or you outsource it, things will go wrong at some time. When this happens, and you run it yourself, you also have to explain why it went wrong in a post-mortem or RCA. The problem is that your customers have no point of reference for your explanation (how likely is it that this occurs again?). In my experience, the following message goes down a lot smoother: "This is an Azure/AWS/GCP outage which affected not just us, but 1000s of other companies. We rely on {provider} to continuously learn from their mistakes and improve their service and they've shown this in the past. Here's their post-mortem report about this outage.". Note that not all cloud providers fit this bill. reply scarface74 4 hours ago [-] Yes, surprisingly enough, people look out for their own self interests. What makes outsourcing hardware different from the dozens of other software as a service vendors that most companies depend on? Why spend the time developing competency in managing servers if that doesn’t give you a competitive advantage. But, going with the biggest most stable vendor is usually good. If you bought IBM hardware in the 70s you can still buy new hardware that supports your software. If you went with their competitors - not so much. reply vsareto 2 hours ago [-] >that generally lead to adopt unadapted, bloated, overpriced solutions to trivial problems. There's almost no meaningful business downside for choosing poorly. Most businesses just don't care that someone else thinks they didn't use the right tool for the job. Should it be that way? Definitely not. But it won't change unless there's consequences (and when that happens, those products will die off quickly) reply coredog64 1 hour ago [-] Boeing didn’t outsource MCAS to India. The outsourcing contract was for display software. reply lotsofpulp 3 hours ago [-] Bullshit means something is not true. People choosing to go with a vendor to avoid the risk of being blamed for failure, thereby reducing their chances of being fired, is a true phenomenon. And one that works. So how is it bullshit? reply jeswin 6 hours ago [-] Active Directory, Domain Services, Exchange Server and SharePoint Servers (which can use integrated Windows auth). Also many internal Enterprise apps are integrated with AD for auth and permissions. reply luckydata 6 hours ago [-] It would be a tremendous hassle for little to no payoff as they probably don’t have the skill set to actually run a data center, and probably their size is actually not that large, they just run a lot of software I suppose (that’s usually the case in the public administration). It would be rampant malpractice to open your own data center for something like that. reply sgt101 5 hours ago [-] At this scale why not contact all your neighbouring or peer municipalities and go for a joint cloud migration? reply JohannesH 4 hours ago [-] As someone who worked in the very same municipality... one word; bureaucracy. More specific reasons were. Legal boundaries between ownership and taxpayer money separation. Of cause GDPR is also a big obstacle in joining forces on this scale. I worked on a project which tried to make a joined venture between several municipalities. I'm not sure if that partnership has ended yet, but overall you could only progress if there were people on both sides collaborating with a "better ask forgiveness, than permission" mindset. As soon as the municipality lawyers or their security officers got involved, all progress stopped immediately. reply scarface74 3 hours ago [-] Or not dealing with infrastructure gatekeepers. reply