Moreover RIPE NCC is hide information about - what are cloud provider - what are services will be used from this provider - what are data will be stored in cloud and WHERE will be stored physically - how RIPE NCC select this cloud provider? (because from 3rd party its looks like a some corruption things...) - why RIPE didnt want to use local cloud? (40M EUR per year is small for these???) - how much hardware from colocation will be replaced in cloud and what are excatly will be moved to cloud? - how much in finance its will be cost? On 10.11.2024 9:31, Tobias Fiebig via members-discuss wrote:
Moin,
to scratch of some more color-scraps of that little remaining pink in the world... if this is your threat model (and, don't get me wrong, I may or may not have recently noted to someone that a 2y-budget sized reserve may be reasonable for some essential association... in case of a full loss of fees for an extended time period... and replied to the "ah, that would never happen" with "well, imagine full scale invasion"... which just triggered a rather somber "oh..."):
A big issue with the use of clouds is the loss of capability (read: Mostly _knowledge_ and people _who know how_) to built and maintain.
Under your threat model, binding oneself to 'some big clouds with controlling entities all in one jurisdiction' bears similar risks. The example you bring out worked under specific political conditions.
Consider instead---purely hypothetical example---a change in a country's foreign policy that motivates policies to restrict access to cloud infrastructure used by another country to 'motivate' said other country to take unfavorable steps in negotiations with an invading neighbor, after that country moved essential infrastructure into clouds controlled by the country experiencing a change in foreign policy.
In that situation, it will be essential to have the capability to-- worst case--fill a couple of racks and pull up infrastructure in another location (on potentially extremely short notice).
"Moving to the cloud" nibbles on said capabilities.
In the 'best' case, cloudification leads to an economic dependence on the cloud provider(s). In the worst case, it opens oneself up for (in severity varying levels of) blackmail by either the jurisdiction the cloud provider is located in, or by the cloud provider itself (we had some arguments about lead in the environment a few decades ago... companies also didn't always play fair then).
In the end, the question is which risk-appetite for these things can be found in the membership (that has to provide the funds necessary for the certainly more expensive path to resilience; With people usually being the most expensive part); If we want to have said resilience, we need to pay for it. Otherwise, the NCC will look for ways to cost- optimize (leaving the argument whether the cloud is _actually_ cheaper out of scope).
If shit hits the fan, though, and we find us unable to keep infrastructure running... for one reason or another... well, that is then what we chose by loudly calling for the cuts we called for (as a more general we, not me personally).
With best regards, Tobias
On Sun, 2024-11-10 at 00:39 +0200, Serg Gal wrote:
Hi,
He brings up another one not less important issue.
And therefore I would move services to the clouds. Preferably intercontinental, or with data centers not only in the EU.
This is what saved Ukrainian banks during blackouts and destruction of data centers.
If someone thinks that I am exaggerating and this will never happen, then we also thought so until February 24, 2022.
Just saying.
P.S. Sorry, if too toxic for your pink world.
On 9 Nov 2024, at 00:28, Toni Mueller <ripe@oeko.net> wrote:
Hi,
On Tue, Nov 05, 2024 at 01:15:12PM +0300, sdy@a-n-t.ru wrote:
I would like to understand what RIPE NCC will do if, at the next round of sanctions, access to the cloud or mail servers becomes completely closed from a number of countries, for example Russia. We have already faced the fact that a huge number of Western services have limited access to their resources and as the war with the Russian Federation is lost, the number of blockages is only growing.
I fully agree with Timo, but Dimitry brings up another important issue: Sanctions. Russia is not the only country in the RIPE NCC service area that is being targeted with sanctions, and I can imagine much more problematic scenarios for sanctions, too. In analogy to other sanctions, where eg a German drugstore chain suddenly found themselves without Paypal due to them selling some Cuban cigars, I could imagine the RIPE NCC being pressured to not serve those "unfriendly countries" anymore, or that RIPE NCC members who do have dealings with any "unfriendly country", eg. possibly China in the near future, will be blackmailed, or, if that fails, that RIPE NCC will be blackmailed to cut off those members.
Just saying.
From my point of view, RIPE NCC should operate as autonomous and as much based on Open Source, as possible. I'm not sure about how "the cloud" saves money, and how much, but for all the things that a RIPE NCC guy mentioned below, I am aware of imho low-maintenance Free Software products that could be used, and for fluctuating workloads, one could investigate whether batching might be a solution. There's Open Source software for that as well.
Kind regards, Toni Müller
----- To unsubscribe from this mailing list or change your subscription options, please visit: https://mailman.ripe.net/mailman3/lists/members-discuss.ripe.net/ As we have migrated to Mailman 3, you will need to create an account with the email matching your subscription before you can change your settings. More details at: https://www.ripe.net/membership/mail/mailman-3-migration/
— Serg Galat
----- To unsubscribe from this mailing list or change your subscription options, please visit: https://mailman.ripe.net/mailman3/lists/members-discuss.ripe.net/ As we have migrated to Mailman 3, you will need to create an account with the email matching your subscription before you can change your settings. More details at: https://www.ripe.net/membership/mail/mailman-3-migration/