Aaaaaand example #99999… Of why tech sovereignty is so important. The moment you start outsourcing your control, you become vulnerable to this exact kind of action by a company.
Everybody got sucked into the cloud “magic” for years, but now we are seeing the monster emerge more and more as proprietary technology enshitifies.
Luckily, there is a boom happening across the FOSS world, more and more people are finally waking up to the principles of software freedom and actual ownership.
May it continue to grow, as the corpos struggle and wither.
I was working as a sadmin (like a sysadmin but more alcoholism) when the cloud butt became all the rage.
Suddenly nobody wanted to host services on the hypervisor down the road, administered by someone you could throttle call in a crisis. Nobody wanted to hire a monkey to keep their local tubes clean and run the basic stuff they needed.
Everyone could tell you that once they had your overbuilt shit locked in to their very specific apis and services they had you by the short and curlies and by god were they gonna squeeze for all you were worth.
Alas, nobody cared because initial offerings were cheap and your stupid magento storefront had to be webscale.
Now 6 companies control the internet and everything else is going that way too.
Everyone could tell you that once they had your overbuilt shit locked in to their very specific apis and services they had you by the short and curlies and by god were they gonna squeeze for all you were worth.
On-prem solutions don’t necessarily protect companies from this either though. Anyone staring down the barrel of a Broadcom renewal for on-prem VMware licenses knows this pain.
Broadcom’s screwing over of VMware has been the biggest accelerator of migration into the cloud in the last 5 years.
There are FOSS hypervisors that are more than adequate for almost everyone’s useage. I would not advise anyone to make any single company a critical part of their infrastructure unless you are tightly integrated in a mutually beneficial arrangement.
If you have your own sysadmin then you don’t tend to get as fucked, alternatively migrating hypervisor software is a fuckload easier than migrating from a cloud service provider.
There are FOSS hypervisors that are more than adequate for almost everyone’s useage.
While I wish that were true I didn’t find that to be the case.
For home use? Aboslutely. For Small businesses, probably, but labor costs rise noticeably in maintaining those alternate FOSS hypervisors. That can be a dealbreaker for lots of companies which swings the pendulum back to cloud (or Microsoft on-prem hypervisor).
When the Broadcom/VMware apocalypse occurred I looked at all other hypervisor options both FOSS and commercial and found none that were close to VMware’s feature offerings for large enterprises. The best for most orgs would be HyperV only because of existing MS licensing the orgs had would cover most of the new license burden.
How many VMs were you running? How many regions and what level of geographic redundancy were you offering your org? Were you serving any type of organization that had regulatory compliance/audit requirements (FDA, HIPAA, PCI, DoD, SOX, etc)?
Idk thousands? we were a hosting provider lol. Don’t want to dox myself. Not sure how regions come into it, I mean if you can write shell and some orchistration language you’re golden for anything.
We had some PCI stuff, I relapsed smoking because of getting through it haha. We were also halfway through getting the Australian government PII/gov contract thing when I left.
Most people suck at passing audit compliance because they try to box tick rather than explain how their tailored systems meet and exceed the requirements.
I mean if you can write shell and some orchistration language you’re golden for anything.
This is part of what I meant by labor costs increasing with alternate solutions. As I’m sure you’re aware lots of folks in our field cannot write shell script to save their lives. You’re a higher skill engineer than many orgs that were running VMware. This isn’t a knock on VMware folks. PowerCLI can do lots of things especially in the hands of a skilled engineer, but a good number of folks never make it out of the vSphere client to do their work and complete their tasks. These folks are cheaper to employ because they can still accomplish the task by using the VMware tools that would otherwise require a bespoke solution written by the engineer.
We had some PCI stuff, I relapsed smoking because of getting through it haha. We were also halfway through getting the Australian government PII/gov contract thing when I left.
I hear ya! It can be pretty brutal, especially if you have an honest and knowledgeable QSA.
Most people suck at passing audit compliance because they try to box tick rather than explain how their tailored systems meet and exceed the requirements.
There are also those orgs that shop for a weak QSA, and pay the price later if the resulting audit is too weak. I agree with you that chasing a checked box isn’t the best approach especially if you’ve got a good solution and can document compensating controls.
Aaaaaand example #99999… Of why tech sovereignty is so important. The moment you start outsourcing your control, you become vulnerable to this exact kind of action by a company.
Everybody got sucked into the cloud “magic” for years, but now we are seeing the monster emerge more and more as proprietary technology enshitifies.
Luckily, there is a boom happening across the FOSS world, more and more people are finally waking up to the principles of software freedom and actual ownership.
May it continue to grow, as the corpos struggle and wither.
I was working as a sadmin (like a sysadmin but more alcoholism) when the cloud butt became all the rage.
Suddenly nobody wanted to host services on the hypervisor down the road, administered by someone you could throttle call in a crisis. Nobody wanted to hire a monkey to keep their local tubes clean and run the basic stuff they needed.
Everyone could tell you that once they had your overbuilt shit locked in to their very specific apis and services they had you by the short and curlies and by god were they gonna squeeze for all you were worth.
Alas, nobody cared because initial offerings were cheap and your stupid magento storefront had to be webscale.
Now 6 companies control the internet and everything else is going that way too.
On-prem solutions don’t necessarily protect companies from this either though. Anyone staring down the barrel of a Broadcom renewal for on-prem VMware licenses knows this pain.
Broadcom’s screwing over of VMware has been the biggest accelerator of migration into the cloud in the last 5 years.
There are FOSS hypervisors that are more than adequate for almost everyone’s useage. I would not advise anyone to make any single company a critical part of their infrastructure unless you are tightly integrated in a mutually beneficial arrangement.
If you have your own sysadmin then you don’t tend to get as fucked, alternatively migrating hypervisor software is a fuckload easier than migrating from a cloud service provider.
While I wish that were true I didn’t find that to be the case.
For home use? Aboslutely. For Small businesses, probably, but labor costs rise noticeably in maintaining those alternate FOSS hypervisors. That can be a dealbreaker for lots of companies which swings the pendulum back to cloud (or Microsoft on-prem hypervisor).
When the Broadcom/VMware apocalypse occurred I looked at all other hypervisor options both FOSS and commercial and found none that were close to VMware’s feature offerings for large enterprises. The best for most orgs would be HyperV only because of existing MS licensing the orgs had would cover most of the new license burden.
We used to use KVM and qemu. There was no serious overhead maintaining them.
How many VMs were you running? How many regions and what level of geographic redundancy were you offering your org? Were you serving any type of organization that had regulatory compliance/audit requirements (FDA, HIPAA, PCI, DoD, SOX, etc)?
Idk thousands? we were a hosting provider lol. Don’t want to dox myself. Not sure how regions come into it, I mean if you can write shell and some orchistration language you’re golden for anything.
We had some PCI stuff, I relapsed smoking because of getting through it haha. We were also halfway through getting the Australian government PII/gov contract thing when I left.
Most people suck at passing audit compliance because they try to box tick rather than explain how their tailored systems meet and exceed the requirements.
This is part of what I meant by labor costs increasing with alternate solutions. As I’m sure you’re aware lots of folks in our field cannot write shell script to save their lives. You’re a higher skill engineer than many orgs that were running VMware. This isn’t a knock on VMware folks. PowerCLI can do lots of things especially in the hands of a skilled engineer, but a good number of folks never make it out of the vSphere client to do their work and complete their tasks. These folks are cheaper to employ because they can still accomplish the task by using the VMware tools that would otherwise require a bespoke solution written by the engineer.
I hear ya! It can be pretty brutal, especially if you have an honest and knowledgeable QSA.
There are also those orgs that shop for a weak QSA, and pay the price later if the resulting audit is too weak. I agree with you that chasing a checked box isn’t the best approach especially if you’ve got a good solution and can document compensating controls.