If you are running in the cloud then you still need a devops guy same as you would if you where bare metal. In fact you will probably need _more_ devops people the deeper you get into the AWS ecosystem.

Granted, we're a mature startup and have put a few years of investment (at the cost of 2-3 "Devops Guys") into our infra, but ultimately it doesn't take much to manage a ton of AWS infra once the tooling is in place.

Terraform and the fact that I came in with experience makes this doable. But only just.

They were capable of scaling in a way that is certainly an anomaly, and not indicative of the costs of an ordinary team.

It speaks volumes about what the right talent and architecture/technology choices can do if leveraged successfully, but is more of an interesting anecdote than a realistic infrastructure budget.

That’s a pointless calculation. The acquisition wasn’t for the employees. As with all network-effects products, the acquisition was for the active user base. They could have acquired WhatsApp, fired the engineering team, rewrote it with an architecture that required 100x the servers and still been happy.

The instances we use are not the largest (we use 2xls) but we also incorporate spot instances as part of our autoscaling.

Everything is a tradeoff.

You can manage things efficiently in AWS if you do it right. You can manage metal efficiently if you do it right.

You can kill your business if you do either one wrong.

Every place that I have worked it’s the responsibility of the team who wrote the code to create the CI/CD pipelines.

Dang, I wish we had a term for this blending of roles...

But still ops serve developers not the other way around. The senior developers who knew AWS well, basically set the standards and kept ourselves accountable to the ops guy we hired, even though any of us can override him because of our influence in the company.

I started taking away some of my own access and privileges just so I would be the first to hit roadblocks to feel other developers pains who weren’t given the keys to kingdom.

Hiring "DevOps" teams completely misses the point, in the same way that I don't hire Unit Testing teams to write the unit tests that my Devs don't want to do the grunt work for.

When a Dev understands Ops they write more efficient code, as they realise what storing your entire DB in cache really means for the server.

But at least three of the senior engineers (including me) I feel could hold our own against any “specialists”. My experience are too many of the “specialists” are old school netops people who got one certification and treat AWS like an overpriced colo.

I'm a software engineer who went the specialist route because it does take real skill to do this well. Yes, I am embedded on a team of old school netops people now, but I'm in charge of all of this and I get to drag them kicking and screaming in to the modern world.

Specialists are worth it if you find the right one.

Old school netops folks are so afraid of becoming less relevant they do their best to keep control. But at least they are harmless compared to the ones that have tried to transition to the cloud. They are actively harmful costing clients and companies more with little to show for it.

And no I am not young. I’m 45 and started programming in assembly in the 80s.

“lift and shift” should be phase 1. Not the end goal.

The cloud formation code is (likely to be) much less than your application code. ... and if your intention and need is to have couple servers, then you don't really need any infrastructure code. If these cases, yes bare metal is much cheaper and (probably) better option.

This does not make any sense. You don't need cloudformation or anything, you can just use a wizard and provision as many VMs (baremetal or otherwise) as you need. It's literally a form and next -> next -> next.

Now that you have systems you can login to, their complexity is the same – except you won't have to care, or manage any hardware.

You still have to manage those systems yourself. Keep them patched, secure, and the workloads up. It's your choice whether or not to delve deeper into the AWS ecosystem.

Note that even though I said you don't need cloudformation (actually just use Terraform instead), you have a lot of power at your disposal if you do. You can't automate racking and stacking of physical servers, but you can fully automate the lifecycle of a cluster of VMs. At my job I can bring up a 40+ cluster containing many kinds of workloads, with a single butotn press. And destroy it just as easily (for non-prod). That's invaluable.

I set up an EC2 instance behind a load balancer and set it to auto-scale. done. If I had to handle that bare bones, I would have had to upgrades switches, manage dozens of servers, deal with hard drive failures, etc., and most of that would be idle 99% of the time.

I had the same experience hosting on AWS (having previously hosted on colocated bare metal server). An entire category of sales friction almost entirely disappeared, and it was friction that was common on the largest and most profitable accounts.

If you want to use managed services (Fargate, Aurora, DynamoDB, etc) at AWS, it's even more expensive!

So if you just use EC2 then alternatives are cheaper, and if you use managed services it becomes so expensive so can actually afford hiring people to take care of your virtual machines.

And we can actually move faster without the netops bottle neck.

And HA is - for most usages - best avoided. It's a complexity source like nothing you've seen before. Better to make sure you can replace anything that's broken really fast (because it's all scripted), and if you have enough scale to have at least few machines - just accept that you'll have some very small downtime when lightning strikes, and that many machines can be temporarily missed without much impact anyhow. By the way - you'll have that in HA cloud datacenters too, but the cause there will be human error due to the excessive complexity. If you dive into uptime claims by cloud providers it's typically for obtuse stuff like "can bare VM ping another VM over http in same datacenter". Actually use any of all of those complex services they provide, and weird stuff like "the outside internet connectivity" and the uptime of the overall system starts shedding those precious 9's. Uptime is almost certainly excellent compared to any trivial alternative, but the real-world difference isn't as large as the misleading uptime claims lead you to believe. I've had outages cloud providers several times while their uptime ticker claimed everything was just peachy.

If you really need HA, my condolences - but it's overrated vs. simply being able to spin up a new copy in a few minutes, especially since stuff just doesn't die or crash all that often; typically only once every few years, if that. Almost all actual downtime is not because your physical infrastructure went down in ways that most HA could have prevented.

I wrote CloudFormation scripts that handle our basic use cases and use parameters.

Any developer can click on quick create link for instance and have an isolated build environment just for there service. If they need something above and beyond the standard CodeBuild Docker container for their build environment they can create their own.

And we have made the infrastructure manpower diminish to an extent that it might as well be gone.

* Even compared to bare-metal, the difference isn't all it's chalked up to be - the actual rusty box doesn't need a lot of TLC, and you can hire companies for that too,*

Can I hire a company to put in 20 additional servers every night when our processing queue increases and take them out when it decreases?

And HA is - for most usages - best avoided. It's a complexity source like nothing you've seen before

It’s “complex” to have an autoscaling group with a min/max of two and clicking on a button (well actually use a CF script) when you want to increase the number of servers? There is nothing “complex” about having HA in a cloud environment.

Better to make sure you can replace anything that's broken really fast (because it's all scripted),

It’s even faster when you don’t have to do it yourself..

* Almost all actual downtime is not because your physical infrastructure went down in ways that most HA could have prevented.*

HA can be as simple as a rogue query killed an app/web server (been there done that). I got an alert that the web server was unhealthy. By the time I woke up well, I got another alert saying that a new instance was brought up. I went back to sleep and investigated in the morning. Not to mention the automatic updates performed on RDS instances or the updates that you don’t have to care about with managed services.

Can you run a script that creates a VM that autoscales your build server from a size that runs 1 build to 50 builds simultaneously? That’s the equivalent of CodeBuild.

* On HA: You're listing scaling, not HA. You don't need to do anything special to make interchangable, largely stateless machines "HA" no matter your infrastructure. HA is relevant if you have any single points of failure, and how you avoid the consequences of having those; e.g. having a live database replica or whatever. But sure: this 'll be easier on some clouds!*

HA and scaling are conceptually different, but in the cloud they are practically the same thing.

An autoscaling group for instance that you set for a min/max of two across availability zones will ensure that you have two instances running whether your computer goes down or the entire zone goes down. It’s just a matter of rules what it scales based on.

The only practical difference between autoscaling and HA is scaling across AZ’s (overly simplified).

Then again; most people probably don't need to. If your workload is merely a little spiky (like day vs. night) then the extra costs due to the cloud will be greater even if you spin down instances sometimes; and if you do that, you're spending time to do so, which undercuts the clouds other selling point "I don't want to manager all that junk".

A “little” spiky going from 1 VM to 20? And that’s just one workload with Windows servers. We have other workloads where we need to reindex our entire database from Mysql to ElasticSearch and it automatically autoscales Mysql read replicas. How much would it costs to keep multiple read replicas up just to have throughout you only need once a month?

How much “management” do you think autoscaling based on an SQS is? You set up a rule that says when x number of messages are in the queue, scale up to the maximum, when their are less than y messages you scale down. This happens when everyone is sleep. Of course we do this with CloudFormation but even clicking in the console it literally takes minutes. It took me about 2 hours to create the CF template to do it and I was new at the time.

There are all sorts of spiky workloads. Colleges are well known for having spiky workloads during registration for instance.

but if you're saving 170k on network engineering personnel costs; well, you didn't need the cloud to do that unless you're really, really huge, to the point that other costs are dominating anyhow.

It doesn’t take being huge to get complicated:

- networking infrastructure

- permissions

- load balancers

- VMs (of course we need 20x the capacity just to handle peak)

- Mysql server + 1 read replica. Again we would need 3 or 4 more just to sit idle most of the time.

- enough servers to run our “serverless” workloads at peak.

- a server for our messaging system (instead of SNS/SQS)

- an SFTP server (instead of a managed solution)

- a file server with backups (instead of just using S3)

- whatever the open source equivalent of just being able to query and analyze data on S3 using Athena.

- a monitoring and alerting system (instead of CloudWatch)

- an ElasticSearch cluster

- Some type of OLAP database to take the place of Redshift.

- a build server instead of just using CodeBuild

- of course we can’t host our own CDN or just host a bunch of files in S3 and serve them up as a website and all of the server APIs hosted in lambda.

- We would have to host our own domain server.

- we would Still need load balancers.

And...Did I mention that most of this infrastructure would need to be duplicated for four different environments - DEV, QA, STG, and Prod?

And none of this is overly complicated with AWS, on prem we would have to have someone to manage it. Imagine managing all of that at a colo? We would definitely need someone on call. The only things that would go down and that we would have to do anything about are our web and API servers.

While there might be some thrashing with them being killed and brought back up until we figured out what was wrong, autoscaling would at least keep them up.

Just put your app into an image and write the CF templates for your cluster, services, and task definition and you’re good to go.

More expensive than what? Running similar services yourself?