[ncallaway]

> No point in investing in S3 and then doing it again yourself.

I mean that's just obviously wrong, though.

There is a point.

> Either you don't trust the cloud and you can run NAS or equivalent (with s3 APIs easily today) much cheaper or trust them to keep your data safe and available.

What if you trust the cloud 90%, and you trust yourself 90%, and you think it's likely that the failure cases between the two are likely to be independent? Then it seems like the smart decision would be to do both.

Your position is basically arguing that redundant systems are never necessary, because "either you trust A or you trust B, why do both?" If it's absolutely critical that you don't suffer a particular failure, then having redundant systems is very wise.

[manquer]

My point is if your redundancy is better than AWS then why pay for them ? If it not they why invest in your own?.

You can argue that you protect against different threats than AWS does . So far I have not seen a meaningful argument of threats a on Prem protects differently than the cloud that you need both.

Say for example your solution is to put all your data backups on the moon then it makes sense to do both, AWS does not protect against threat to planet wide issues.

However if you are both protecting against exact same risks having just provider redundancy only protects against events like AWS goes down for days /months or goes bankrupt.

All business decisions have some risk , provider redundancy does not seem a risk to mitigate for the cost it would mean for most businesses I have seen.

Even Amazon.com or Google apps host on their own cloud and not use multi cloud after all, their regular businesses are much bigger than their cloud biz , they would still risk those to stick to their cloud/services only.

[xboxnolifes]

> My point is if your redundancy is better than AWS then why pay for them ? If it not they why invest in your own?

This is a really confusing question. Redundancy requires more than 1 option. It's not about it being better than AWS, it's that in order to have it you need something besides just AWS. AWS may provide redundant drives, but they don't provide a redundant AWS. AWS can protect against many things, but it cannot protect against AWS being unavailable.

[miked85]

> Even Amazon.com or Google apps host on their own cloud and not use multi cloud after all, their regular businesses are much bigger than their cloud biz

This is probably true with Google, but AWS contributes > 50% of Amazon's operating income. [1]

[1] https://www.techradar.com/news/aws-is-now-a-bigger-part-of-a...

[manquer]

Interesting, no wonder AWS head became Amazon CEO.

Their retail/e-commerce side is less profitable than AWS but the absolute revenue is still massive and the risk of losing that a chunk of that revenue(and income) due to tech issues is still enormous risk for Amazon .

[bee_rider]

If you trust your airbag, why bother with the sealtbelt?

[RA_Fisher]

True with two independent servers at 90% each, that’s 0.1^2 = 1% chance both fail— so redundancy can add a lot of reliability.

[manquer]

Only if they are truly independent of each other.

You and AWS are using similar chips similar hard disks even with similar failure rates.

If you both use same hardware from say batch both can defects and fail at similar times.or you use the same file systems, that say corrupts both your backups.

90% is not a magic number , you need to know AWS supply chains and practices thoroughly and keep yours different enough not to have same risks as AWS does for your system to have independent probability of failures.

[RA_Fisher]

True. One would want to continually decorrelate services or model the dependencies. Redundancy will help even with some dependency, but you raise an important point.

[JackFr]

You assume failures are uncorrelated. Which, depending on what you think you are protecting yourself from, might or might not be true.

(Consider a buggy software release which incorrectly deletes a backup. Depending on the bug it’s very possible it will delete in both places.)

[bee_rider]

If one buggy software release can delete both copies, then you don't have actual redundancy from the point of view of that issue.