Show HN: Build for any cloud with the same code (github.com)
We realized that, even when using Terraform, writing infrastructure code is very different for each cloud provider. This means changing clouds or deploying the same infrastructure in multiple clouds requires rewriting the same thing multiple times. And even though most core resources have the same functionality, developers need to learn a new provider and all its nuances when choosing a new cloud. This is why we built Multy.
Multy is currently available as a Terraform provider. You can write cloud-agnostic code and then just choose which cloud you want to deploy to. Multy will then call the cloud provider APIs on your behalf. For example, the following Terraform code deploys a virtual network in AWS and can be easily changed to deploy to Azure or GCP:
``` resource "multy_virtual_network" "vn" {
cloud = "aws" // or azure, or gcp
name = "multy_vn"
cidr_block = "10.0.0.0/16"
location = "eu_west_1"
}
```Our goal is to expose any configuration that is common across all clouds, but there’s always specific features that are not available in all of them. For example, if you want a very specific AWS CPU for your Virtual Machine or use a region that is only available in GCP. To enable this, we implemented overrides [2] - a way to configure the underlying infrastructure for cloud-specific purposes. You can also mix other Terraform code that uses the cloud-specific providers with Multy. While this makes you somewhat locked in, having your 80% or 90% of your infrastructure cloud-agnostic is still very powerful.
You can see more complex examples in our documentation - https://docs.multy.dev/examples/.
We’re still in early days and looking for feedback from other developers on our approach. Let us know what you think!
29 comments
[ 3.9 ms ] story [ 72.4 ms ] threadReminds me of GNU Libc back in the day before Linux when it ran on Ultrix, BSD etc.
Couple all that with the fact that using straight VMs on any cloud is one of the more expensive options available to you. As in you're better off in most cases using managed services if you are looking to save money or make life easier. If all you use is EC2/GCP-equivalent then I think in most all cases you'd be better off using a different provider (OVH/Hetzner/etc).
So you didn't even get the 'least common denominator', you got 'tied to one particular startups cloud definition'.
I run away screaming at this stuff, generally.
I agree that managed services provided by the cloud providers allow you to save money and make life easier. Our main goal is to enable people to use those that are common across clouds without locking themselves in. Of course some features are only available in some clouds, and you'll still have to deal with data fees if you want to move, but having your configuration cloud agnostic saves you a lot of time if you either want to move or want to go multi-cloud.
That of course is the primary issue with any of these multi-cloud toolchains, its not feasible for them to understand the makeup of every org's cloud infrastructure. The permutations are practically infinite. As such, they have to make make educated guesses to get a pareto distribution of value. The paradox here is that any truly difficult multi-cloud effort is difficult solely because of infrastructure complexity, not because of API deltas between the providers— the existing abstractions don't improve this at all.
In my experience, you're better off owning your own DSL for this sort of thing, but you're going to run into the same issue of impedance mismatch when your infra gets more complex. As an aside, I always push back on the knee jerk reaction that multi-cloud is ever truly necessary (its rarely is, but thats another topic altogether).
Does it support load balancers? And... block storage? snapshots? something like IAM roles and policies?
I can see how to do it with "general" things, like subnets, instances... but really curious on how it will manage the real and many differences between cloud providers, once you need anything else than launch an instance.
Looks promising.
AWS does add new products which may take some time to be fully supported in terraform but if you've worked with cloudformation, you'll know some stuff takes time to be supported by cloudformation too.
I would say in 95-99% of cases, terraform will do what you need without any customization at all.
My experience with TF is that it is a terrible SMT because they did non-backwards-compatible upgrades to the state file... which made it impossible to redeploy and I had to not only start over with the state file but also recode a bunch of my TF code to support the underlying plugin changes.
Of course this was long ago before it was a final 1.0 version so I'm supposed to give some flex there, but it put me off badly enough that I'd never consider TF a SMT.
At the end of the day, as long as your tool is on top of TF, it will always be a function of the developer to understand all of the idiosyncrasies of not only the different cloud layers, but also the underlying tool. I think you're trying to solve a great problem, but basing it on TF doesn't help.
You asked for feedback... don't use TF.
It is me, or is it weird that this has a hard constructor dependency on Constructs[1], which is pretty much undocumented?
At least in golang, this brings in some other dependencies and golang init() reflect code [2], which then depends on interacting with javascript!? [3]... something smells odd here.
[1] https://github.com/aws/constructs-go
[2] https://github.com/aws/constructs-go/blob/main/constructs/co...
[3] https://github.com/aws/jsii/
Yep, sounds like Terraform-level awfulness. Although they actually took the design from AWS CDK, so I guess we can blame AWS for it.
I wouldn't really call that feedback, just a luddite-esque bias on your part.
I'm pattern matching your "feedback" as "New thing scary, don't use!"
I also think it is fair to say that my complaint is valid.
Luddite? The 20k+ servers that I manage disagree with you. =)
In no way is your complaint valid for a technology that hadn't even been released yet, and you should know that.
And a "luddite" is just "a person opposed to new technology or ways of working." How many servers you do or don't manage is totally irrelevant to that. Terraform is new, you dislike it because it's new (my guess), therefore you are a luddite.
Did you think I was claiming you belonged to the group of 19th century English mill workers who destroyed factory machinery to protest those machines taking your job?
Given:
1) Terraform uses Semantic Versioning [0]
2) Semantic Versioning specifically states that 0.x APIs are not stable [1]
Therefore:
Your complaint that a 0.x versioned tool wasn't stable is not valid.
Conjecture:
Your complaint exists as an excuse to remain ignorant of a new tool or technology simply because it is new. This makes you a luddite. [2]
[0] https://www.terraform.io/plugin/sdkv2/best-practices/version...
[1] https://semver.org/#spec-item-4
[2] https://www.google.com/search?q=define%3A+luddite
This is unclear to me, and seems easily false. The problem lies with cloud provider idiosyncrasies, not the configuration layer.
Adding layers on top of serverless or whatever just to get back to that point seems dumb.
Unless you're doing something very simple, there's a lot of wheel-reinvention involved in writing your own scripts when there's mature software and services available to manage infrastructure at scale.
And what you've said doesn't really address networking, storage allocation, and the many other things the cloud provider handles, which is not configured on the instance, but rather, by vendor-specific APIs.
At the end of the day using cloud native managed resources offer real advantages from time to market to pricing that we believe people should leverage as much as they can. Unfortunately it's also how you end up being locked in, so we are trying to tackle that.
Either you're doing stuff like:
* You're running your own databases. You use Multy to bring up raw virtual machines, you install e.g. PostgreSQL on it, and you do all the DBA work yourself. * You're running your own DNS infrastructure within the VPC, so that you're not reliant on the VPC's provided DNS. * You're running your own network edge. You use Multy to bring up a raw virtual machine with a public IP, you install e.g. Caddy on it, and you set up the proxy yourself.
Or you end up writing code that implicitly takes advantage of stuff like AWS RDS's IAM authentication, or DNS at 10.0.0.2 pointing to i-0123456789abcdef.us-west-2.compute.internal, or AWS Time Sync Service, or using AWS load balancers, with AWS-issued TLS certificates, etc.
The simple truth is, there isn't a startup on the planet that delivers additional value to customers by mucking around with anti-vendor-lock-in measures. Period (and if you really think you have a counter-example, I'm VERY curious to hear about it). And by the time you've grown to the size where cloud vendor lock-in matters (because of cost vs. deploying your own on-premise infrastructure), basically, it's too late, and your migration project is going to be rather expensive. And Multy doesn't help you migrate to on-premise infrastructure, because it only abstracts the various cloud providers! So you're in for a massive migration project either way.
We have been building a DBaaS(database as a service) for many years. Until now, we have only supported AWS and GCP, have not supported Azure. It is really hard to let your product run stably on multi clouds.
For example, not all the cloud vendors provide the same infrastructure at the same time. We wanted our database run on K8s, but several years before, only GCP provided its managed K8s - GKS, so we had to provide our DBaaS on GCP at first. We also wanted to let our customer use PrivateLink to access our service, but GCP had supported too late than AWS, so we had to provide the VPC mechanism for a long time.
Even all the cloud vendors provide the same service, there are still some differences in the details above. E.g, one customer complained us that they met a backup problem on Google Cloud Storage, they found that the speed of our backup was not the same as our product spec statement. Then we found that we only fully tested this feature on AWS S3.
So Now even our DBaaS runs well both on AWS and GCP, we still don’t have the confidence to deploy the service on Azure. We plan to devote a quarter to testing to run DBaaS on Azure in the end of this year.
IMO, I still recommend handling the interfacing with the cloud directly to let us know the clouds better. Of course there are some awesome tools helping us to do some functional encapsulation, hiding the underlying implementation, but we must ensure these tools are easy enough to maintain.
It always creates a new framework with idiosyncratic development practices that require you to lean the underlying systems to utilize it.
Call me a pessimist, but I doubt the utility of a project like this. Don't get me wrong, it's admirable for trying, but when the rubber meets the road, you're going to need someone who has deep knowledge of each of these platforms to run in production.
Why bother with multy? I'll just write my code so it's easily migrateable between cloud providers, and not use multy.
Sorry for the harsh feedback, but I'm not drinking the Kool aid.