Draft Cloud Strategy Framework

Dear colleagues, Following the recent discussion on this list, we have published an article on RIPE Labs with principles, requirements and a new draft strategy framework for our use of cloud providers: https://labs.ripe.net/author/felipe_victolla_silveira/ripe-ncc-and-the-cloud... <https://labs.ripe.net/author/felipe_victolla_silveira/ripe-ncc-and-the-cloud-draft-principles-requirements-and-strategy-framework/> We gave an overview of this at the interim session of this WG last week. You can find the recording and minutes from that session here: https://www.ripe.net/participate/ripe/wg/active-wg/services/minutes/ripe-ncc... <https://www.ripe.net/participate/ripe/wg/active-wg/services/minutes/ripe-ncc-services-working-group-interim-session-minutes> The chairs of the working group have been kind enough to schedule a second interim WG session for 6 September where we can discuss this framework in more detail. Until then, we look forward to hearing what you think on this mailing list. Kind regards, Felipe Victolla Silveira Chief Operations Officer RIPE NCC

Felipe Victolla Silveira wrote on 03/08/2021 10:18:
Following the recent discussion on this list, we have published an article on RIPE Labs with principles, requirements and a new draft strategy framework for our use of cloud providers: https://labs.ripe.net/author/felipe_victolla_silveira/ripe-ncc-and-the-cloud...
Hi Felipe, This looks pretty good as an outline policy framework - thanks for publishing it! One comment: in the no-provider-downtime / five-9s requirement item, structural failure is an inherent behavioural pattern of all engineered systems, so aiming towards fail-safe mechanisms, reducing time-to-recovery and reduction of collateral damage will usually result in better overall system performance, particularly in cases where there are complex downstream dependencies (and in the case of RPKI, downstream-upstream interdependencies). Nick

This looks pretty good as an outline policy framework - thanks for publishing it! One comment: in the no-provider-downtime / five-9s requirement item, structural failure is an inherent behavioural pattern of all engineered systems, so aiming towards fail-safe mechanisms, reducing time-to-recovery and reduction of collateral damage will usually result in better overall system performance, particularly in cases where there are complex downstream dependencies (and in the case of RPKI, downstream-upstream interdependencies).
yup i always liked the phrasing building a reliable system out of unreliable components randy

Hi, On Tue, Aug 03, 2021 at 11:18:36AM +0200, Felipe Victolla Silveira wrote:
Following the recent discussion on this list, we have published an article on RIPE Labs with principles, requirements and a new draft strategy framework for our use of cloud providers: https://labs.ripe.net/author/felipe_victolla_silveira/ripe-ncc-and-the-cloud... <https://labs.ripe.net/author/felipe_victolla_silveira/ripe-ncc-and-the-cloud-draft-principles-requirements-and-strategy-framework/>
I still miss answers to my questions I posed last time. Most notably the "why?" part is still missing from the whole procedural discussion on the "how?" (Also I find "evade the discussion on the list by posting a new lengthy article on labs every few months" not really helpful) Gert Doering -- paying NCC member -- have you enabled IPv6 on something today...? SpaceNet AG Vorstand: Sebastian v. Bomhard, Michael Emmer Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann D-80807 Muenchen HRB: 136055 (AG Muenchen) Tel: +49 (0)89/32356-444 USt-IdNr.: DE813185279

On 03/08/2021 12:18, Felipe Victolla Silveira wrote:
Dear colleagues,
Following the recent discussion on this list, we have published an article on RIPE Labs with principles, requirements and a new draft strategy framework for our use of cloud providers: https://labs.ripe.net/author/felipe_victolla_silveira/ripe-ncc-and-the-cloud... <https://labs.ripe.net/author/felipe_victolla_silveira/ripe-ncc-and-the-cloud-draft-principles-requirements-and-strategy-framework/>
We gave an overview of this at the interim session of this WG last week. You can find the recording and minutes from that session here: https://www.ripe.net/participate/ripe/wg/active-wg/services/minutes/ripe-ncc... <https://www.ripe.net/participate/ripe/wg/active-wg/services/minutes/ripe-ncc-services-working-group-interim-session-minutes>
The chairs of the working group have been kind enough to schedule a second interim WG session for 6 September where we can discuss this framework in more detail. Until then, we look forward to hearing what you think on this mailing list.
Kind regards,
Felipe Victolla Silveira Chief Operations Officer RIPE NCC
Since a week has gone by and Gert's question of: "Most notably the "why?" part is still missing from the whole procedural discussion on the "how?"" I will ask it as well: Why? What problem are we trying to solve? The document posted does not address that question. Regards, Hank

Hi Hank,
Since a week has gone by and Gert's question of: "Most notably the "why?" part is still missing from the whole procedural discussion on the "how?"" I will ask it as well: Why? What problem are we trying to solve? The document posted does not address that question.
I don’t want to speak for the NCC, but the first 8 slides from the presentation at RIPE 82 provide some background. <https://ripe82.ripe.net/presentations/72-RIPE-NCC-Cloud-Strategy-RIPE82.pdf> In my limited experience, these drivers aren’t that uncommon as businesses consider moving services to various “cloud” offerings. Cheers, Rob

On 11/08/2021 16:51, Rob Evans wrote:
Hi Hank,
Since a week has gone by and Gert's question of: "Most notably the "why?" part is still missing from the whole procedural discussion on the "how?"" I will ask it as well: Why? What problem are we trying to solve? The document posted does not address that question.
I don’t want to speak for the NCC, but the first 8 slides from the presentation at RIPE 82 provide some background.
<https://ripe82.ripe.net/presentations/72-RIPE-NCC-Cloud-Strategy-RIPE82.pdf>
In my limited experience, these drivers aren’t that uncommon as businesses consider moving services to various “cloud” offerings.
Cheers, Rob
Rob, Thanks for pointing out the PDF. Now to the reasons stated: a) resilience: what services have been knocked out that need further resilience? Perhaps RIPE NCC can make a list from the past 3 years of each service and how long that service was down so we can determine whether there is need for further resilience? Then we should compare that with some other major, important, well engineered service from any company that relies strictly on the cloud and see whether their uptime was better or worse than RIPE NCC's record. b) agility: perhaps the community can indicate here what services we requested that RIPE NCC was not able to provide in a timely fashion? c) focus on core business: every bullet listed on slide 8 is a reason for keeping services on-prem. Every one of the bullets on slides 3-8 can be argued to be incorrect or vague with little substance behind it. Regards, Hank

a) resilience: what services have been knocked out that need further resilience? Perhaps RIPE NCC can make a list from the past 3 years of each service and how long that service was down so we can determine whether there is need for further resilience?
what was the cause? would cloudification have saved it? randy --- randy@psg.com `gpg --locate-external-keys --auto-key-locate wkd randy@psg.com` signatures are back, thanks to dmarc header butchery
participants (6)
-
Felipe Victolla Silveira
-
Gert Doering
-
Hank Nussbacher
-
Nick Hilliard
-
Randy Bush
-
Rob Evans