[ale] [ALE] So the winner is?

Thu May 20 18:18:28 EDT 2021

On 5/20/21 3:43 PM, Leam Hall via Ale wrote:
> 3. Economics pays.
> 
> Servers turn money into heat, unless you have an application running.
> Let's use the standard 3 tier app; database, middleware, and
> webserver. For security, each of those needs to be a separate server.

Or separate VMs or separate containers. Just depends.

> If you want bare metal, you're talking three servers. But that means
> you have three single points of failure unless you double the server

Who would use bare metal these days? In 2005, where I worked mandated that all new deployments go into virtualized systems.

> count and make your application highly available. Now, that means you
> need someone with OS skills as well as a few years of experience, HA
> don't come cheap. Don't forget the network engineer for your

On Linux, HA isn't expensive, but the skills to make it work are.

> firewalls, routers, and switches. You also need a management server
> (Ansible) unless you're going to build and maintain all these
> snowflakes by hand, so you're up to 7 physical servers, one firewall,
> and a couple network devices. You probably want a NAS for drive

No, no, no.  If someone did that, they should be fired.  
Clearly, buy 4 VM servers and place 2 in separate DCs, each hosting 50 VMs.  Now you have the cost of 4 servers, but HA for 30-50 applications.
Scale where needed buying 1 more VM server per location.  Running servers at 65-85% utilization really does work, BTW.  Need overflow during peak parts of the sales year?  Fine, but most apps don't.

> storage and a backup server for, well, backups. More hardware. Sadly,
> most physical boxes are only at 5-10% utilization. So you have an
> RHCE level person, a CCNA level person, and you're probably at a
> dozen physical devices and a quarter mil per year for salary and
> benefits. Until you realize that being one deep puts you at risk, so
> you get two each. That doesn't even count your developer staff, this
> is just infrastructure.

Of course, if your business runs on 5 applications and needs 2 servers, no HA, then having 2 local servers and a relatively cheap NAS can do that.  Pay consultants to set it up, check in monthly and be happy. Have your desktop support guy deal with the consultants - or did desktops get outsourced too?  BTW, I've seen that as well.

I'd bet that around the time your AWS monthly bill hits $20K-40K, would be a good time to look at pulling back your outsourced infrastructure in-house again. If the applications are so bug-optimized as to need lots of hand-holding, then 
a) you need better developers
b) it isn't the infrastruture's fault
c) I shutter to imaging the security failures in the code - perhaps having shit code running on someone else's infrastructure **is** a viable security policy?

There's certainly no 1 "right" answer, but assuming **every** business should be deploying applications to cloudy service providers isn't a "right" answer either.