hngopher.com

       [HN Gopher] How we enabled ARM64 VMs
       ___________________________________________________________________
        
       How we enabled ARM64 VMs
        
       Author : ozgune
       Score  : 48 points
       Date   : 2024-05-27 15:02 UTC (7 hours ago)
        
 (HTM) web link (www.ubicloud.com)
 (TXT) w3m dump (www.ubicloud.com)
        
       | ko_pivot wrote:
       | Ubicloud is such a good idea. There's no reason why the major
       | cloud providers need be considered more than data center
       | providers. AWS 'bare metal' instances should be priced as a
       | commodity, just as the data centers it used to rent space from
       | are. OSS software can and should do pretty much everything above
       | that layer, with room for commercially licensed software as well,
       | of course.
        
         | candiddevmike wrote:
         | > There's no reason why the major cloud providers need be
         | considered more than data center providers
         | 
         | They have no incentive to do this or to offer low cost bare
         | metal instances. If anything, the opposite incentive exists in
         | my experience: make these instances extremely expensive and
         | push everyone to cheaper, locked in managed services. Because
         | surely anyone that needs bare metal has fat stacks of cash?!
         | 
         | Making public cloud a commodity kills the major public cloud
         | providers valuation, IMO.
        
         | Havoc wrote:
         | If you just need compute then big cloud doesn't really make
         | sense. You're paying a huge premium for the lego block like
         | ecosystem
        
       | mulander wrote:
       | In the article, mentioned Linux is mentioned as the underlying
       | OS. Wonder what approach Ubicloud takes (if any) to have actual
       | diversity in the software stack for the purpose of reliability
       | and security. My assumption here being, that different OSes,
       | while increasing the attack vector also make it more likely that
       | the whole fleet is not susceptible to the same software problem
       | or vulnerability at roughly the same time. Just something I
       | started pondering about after seeing Hetzner, which is quite
       | popular in the BSD land.
        
         | toast0 wrote:
         | There's not many people/projects/companies that take this
         | approach; so if they're not telling you about doing it, you can
         | safely assume they aren't.
         | 
         | IMHO, it's a nice idea, but it at least doubles your system
         | integration work, and the benefits are mostly hypothetical,
         | unless you're willing and able to dynamically shift your
         | infrastructure between OSes if one of them usually performs
         | better but is susceptible to some DoS that's inbound today.
        
         | ec109685 wrote:
         | Seems like the opposite is also true. Diversity of operating
         | systems / approaches results in more chances of making a
         | mistake.
        
       | anonymousDan wrote:
       | I found this article on their IAM/ABAC service interesting:
       | https://www.ubicloud.com/docs/architecture/attribute-based-a...
       | 
       | I always wonder how the big cloud providers manage to scale their
       | IAM services (from a distributed systems perspective) given they
       | presumably need both low latency and some reasonable level of
       | consistency. Anyone have any pointers to architectural
       | descriptions/publications?
        
         | VoVAllen wrote:
         | Amazon has open sourced their policy engine
         | https://github.com/cedar-policy/cedar
        
       ___________________________________________________________________
       (page generated 2024-05-27 23:01 UTC)