[onion2k]

It doesn't take many resources to show the user a form, validate it, and save to a DB.

I bet that's what the previous developers thought.

What happens if you need to validate the form data against an external service that's coming and going due to the traffic spike?

What if your database is rejecting transactions occasionally?

What happens when your backup process locks all the database tables?

How do you reject duplicate form submissions from people hammering the submit button? Do you query the database to find previous submissions?

What happens when a scriptkiddie decides it'd be fun to DDOS the site? How do you differentiate good traffic from bad traffic?

What do you do when the cloud provider runs out of space and you can't scale up any more (https://news.ycombinator.com/item?id=22691926)?

You need to think of all of these things and many, many more to run a robust online service that can handle spikes hundreds of times bigger than the usual level. It's really not straightforward or simple.

[Dylan16807]

Or it's a much simpler problem that they didn't make it semi-fast because it didn't need to be semi-fast.

When "hundreds of times the usual level" is still only 50 page loads per second, and 10 milliseconds of CPU per page would be extreme overkill for anything written in a reasonable way, it actually is straightforward.

[GordonS]

It's not just CPU though, but IO - I've worked with horrible enterprise systems before that had response times measured in seconds.

[Dylan16807]

Even 5 seconds will work if the actions can overlap. If it can't do things in parallel then we have issues much more fundamental than "performance", and there's no defending it as a competent system.

(That is not to say it's necessarily the devs' fault.)

[GordonS]

I don't mean to defend it too much, because realistically it should be possible with relative ease to handle much more traffic than that - but my point is that in the enterprise and government worlds, things are often not as simple as you think.

Aside from potentially having to interface with dozens of unreliable, painfully slow SOAP-based web services, everything is often hosted on creaking, over-subscribed VMWare hosts, in VMs that would be under-specced regardless.

There is also often a "governing body" that severely restricts your tech stack choices.

Want to use Postgres? Nope, our standard is SQL Server - 2008 edition, actually!

Want to use Python/Ruby/Elixir/Clojure/Kotlin? None of that hipster nonsense here, we use good ole Java/VB.NET here!

Message queue, you say? It's Windows Message Queue with distributed COM all the way down here!

"Containers"? What's a one of those? You'll get a crappy VM with 1 vCPU and 1GB of RAM, and you'll thank me for it! etc...

As a dev, it's horrible and soul-destroying to work under such limitations, but if you have no choice...

[driverdan]

All of those items are manageable. Some are simple setup or programming errors, some require a bit of added complexity but are normal in modern web apps.