@rysiek Are you surprised? They are global service providers not local ISPs. The complexity is unavoidable. Failure is an inherent trait of complex systems. You can reduce the risk but cannot eliminate it.
2
Discussion
Loading...
Discussion
@rysiek I think the best way to keep things stable is the Debian strategy of never being on the bleeding edge.
Cloudflare is... not that. I can't tell you how many times I've learned that a new web standard is in development from a Cloudflare blog post about how they've implemented it.
@rysiek one could almost think the complexity introduced by gigantic corporations inevitably leads to utterly embarrassing failures the gigantic corporations originally promised to prevent by introducing said complexity...
1
@danielsreichenbach one could, couldn't one! 
@rysiek A bit unfair to compare Wikipedia to AWS or Cloudflare. Huge difference in complexity and profile of services. Network services are the most unforgiving to any mistakes. Barely anyone would notice if Wikipedia had a brief downtime. Networks have to be up 100% of the time which is a huge effort.
1
@emilion you do realize that Wikipedia runs on infrastructure – including networking infrastructure – and that infrastructure is run and maintained by Wikimedia Foundation, right?
https://wikitech.wikimedia.org/wiki/Wikimedia_infrastructure
And I assure you if Wikipedia went down that would a global story as well.
1
@rysiek Does this invalidate my argument on complexity?
1
@emilion if your argument is that CloudFlare, AWS, Azure had become too complex to be reliable, we can agree.
1
@rysiek Are you surprised? They are global service providers not local ISPs. The complexity is unavoidable. Failure is an inherent trait of complex systems. You can reduce the risk but cannot eliminate it.
2
The key problem is choices made by system architects with the help of GAFAM+CF marketing departments:
- GAFAM hosted and CF “protected” website is now the default mode of deploying websites, whatever size, starting from school - that’s 100% marketing, it’s not driven by any rational need
- by doing that, GAFAM+CF certainly gain user base and groom it to reproduce these choices in corporate environments
- this in turn dramatically increases complexity of GAFAM+CF services which now handle not only traffic of relatively small paid user base who actually need them, but also millions of free tier users whose only business goal at GAFAM+CF side is… marketing and user grooming
- it remains the fact, that 99% of websites hosted CF do not need neither AWS or CF, they use the former as a fancy alternative to simple cloud VM while the latter as… well, fancy extra proxy layer doing nothing
I’ve had a lot of these discussions in the enterprise I’ve worked for. After the initial layer of some architects’ deeply internalised irrational habits (“YOU CAN’T BUILD A WEBSITE WITHOUT AWS AND CF!!!”) was broken, everyone promptly agreed on a consensus that CF really only makes sense for DDoS avoidance, but even in that role it should be only switched on frontends that actually need it and doesn’t need to be enabled 100% of the time, only when an actual attack happens.
1
1 more replies (not shown)
@emilion I am not surprised. I am saying this is simply unacceptable.
They made the decision to put themselves in a central, critical position for innumerable services, and as you say it is entirely obvious it's impossible to keep being reliable on that level of complexity and scale.
Instead of justifying these failures, we should recognize this and remove them from that central, critical position. Instead of 5 or so huge companies that can't manage their complexity, we need hundreds that can.
2
2+ more replies (not shown)
@rysiek you’re comparing apples to tractors, my friend. The complexity is vastly different
1
@dovydas looks pretty complex to me:
https://wikitech.wikimedia.org/wiki/Wikimedia_infrastructure
But if you're saying CloudFlare, AWS, and Azure have become too complex to remain reliable, I'd agree.
@rysiek toxic workplaces produce toxic products or toxic services.
bonfire of thepocolips
come over, warm up. coffee?
Automatic federation enabled