[bmilleare]

A tonne of our (enterprise-ey) customers had such trouble trying to integrate into our S3 flow that we started launching VPS for each that abstracted it away into simple SFTP upload/download, which they were used to.

Although this is much more expensive than Lightsail, the man hours saved will make it worthwhile.

[Spivak]

Can you elaborate? I mean a plain CentOS server running SFTP, S3FS seems about as set and forget as it gets.

And each? Surely chrooting users would let you consolidate all of those servers into one (or one cluster for HA I suppose).

[acdha]

> Can you elaborate? I mean a plain CentOS server running SFTP, S3FS seems about as set and forget as it gets.

Think about the operational costs: someone needs to manage keys, logging, security updates, when S3FS coughs a lung and hangs you need to catch that problem and remount it to restore service, etc. This service reuses the existing authentication systems so you don't need to spend time configuring and managing integration with your customers’ LDAP/AD infrastructure, etc. If you deal with anything which hits PCI, HIPAA, etc. you need to be able to certify that your custom design meets those requirements as well.

That's not to say you can't do it yourself but for many places there's a fairly significant amount of work where the cost of doing it yourself is greater than 5+ years of managed service costs.

[bmilleare]

Exactly this. If sticker cost is your leading factor then these kinds of services can seem crazy, but when you factor in the real cost of self-hosting then it quickly becomes a no-brainer.

We're more interested in what happens when things break (and who's responsibility it is) than minor cost savings in calm waters.

[acdha]

One other area which tends to get ignored is opportunity cost: if it's the only thing you do there are many things which aren't that hard to operate but if they're not a primary function the cost of having to pull someone off of other projects to handle problems, security updates, etc. is more than the direct service costs.

[lordfoo]

Instead of s3fs, what's wrong with using the aws s3 cli? That's what we do for our clients' SFTP servers

[acdha]

S3fs means you can use most existing apps without managing local storage. It doesn’t work quite as well in practice but the concept is appealing if you need to support software which wasn’t designed for AWS and uses non-trivial data volumes.