Tell HN: Google Cloud suspended our production projects at 1am on Saturday

1313 points by 7tech ↗ HN
TLDR; never use google cloud systems for production.

Google cloud suspended all our projects due to the billing issue in their system they had.

Despite reassurances "your account will not be suspended" while communicating with billing support, all the projects were suspended at 1am on Saturday.

All the account payments were made and the billing cards are valid. There are no outstanding bills.

Never use GCP for production.

---- Edit: full story by request, long read: ----

Previous month billing didn't went through. Not sure if this was due to the billing outage google had (https://status.cloud.google.com/products/oLCqDYkE9NFWQVgctQTL/history) or financial transaction issue, however we went ahead and made a manual payment covering all the outstanding amount + extra. Despite the payment made, about a week+ later we suddenly started receiving threatening emails "Your Projects are at risk of suspension". Edited and updated the billing cards. Opened a billing support request clearly mentioning this is a production environment and all the bills are paid. They were "investigating" the issue and assured the project will not be suspended.

530 comments

[ 3.2 ms ] story [ 276 ms ] thread
Out of curiosity, what level of support did you have?

I'm referring to these

https://cloud.google.com/support

What I hear is that unless you have at least standard support, they treat you like garbage.

The only entities Google doesn't treat like garbage are advertisers. All others are part of the product
Haha, I am an advertiser on Google and trust me, getting hold of someone is like doing a summoning ritual.
At least most rituals are well documented ;)
Thanks for this. I was checking the billing page recently and was surprised by the 2-3k cost for the support plan. Now I see it’s a % of the monthly spend
They have the standard level of support, which means to get your situation resolved you need to post on HN and stay on the front page long enough for Googlers to notice.

I swear this website is slowly starting to become a way to contact support for big tech more than anything else.

Not exclusive to GCP.

Backblaze has previously locked our account on a saturday.

They claim we were putting too much pressure on their cluster.

They could've locked the 1! token that was causing 90% of the load, but they locked the whole account which was used by 10 different apps for a veriety of purposes causing unecessary downtime in some production workloads.

Also the workload has been quite consistent for days/weeks, so they could've detected it earlier and/or address it in a better way.

Whoa - how much traffic were you generating?
If you are paying for the load/pressure, what's the problem?
Backblaze is very cheap and has several "don't overload our system" clauses in their terms and conditions.

They're cheap and reliable, that generally comes at the risk of early termination. I don't think you can have a cheap, reliable, unlimited service; pick two at most.

Isn't everything metered with Backblaze (ie. no unlimited)? I think only things such as delete aren't metered. But in order to delete something you must have first uploaded it (which is metered).

If everything is metered it seems kind of odd to complain about a lot of activity. Since it's literally the thing you make money with.

Indeed. If a customer tries to backup a petabyte of data on the base plan (because it’s “unlimited”) and they get the boot, they really shouldn’t be that surprised. Wouldn’t really compare it to OP’s situation, where they got an assurance in writing they were in good standing, and didn’t appear to be blocked for violating ToS.
"Token" hints at everything-is-metered B2, not their unlimited backup plan.
They probably meant their B2 storage service, which is like S3 and bills for storage, egress, some operations, etc. That’s one service I wouldn’t expect to have some cancellation for overload in place. You’re using a token anyway, why not just rate-limit you instead?
Blackblaze B2 is supposed to be AWS S3 competitor. S3 is simply unbreakable. If Blackblaze intends to compete with S3, they can't complain about load stress on their B2.And they can't rate limit either.
> S3 is simply unbreakable

Minor nitpick, but this is categorically not true. As a customer, one who proactively worked with AWS AMs, SAs, and S3 engineers directly before making the change, I still took down S3 by just changing how new files were stored in our S3 bucket. Yes, this S3 bucket was at the time the largest bucket (based on number of files), but still not “simply unbreakable”.

I don't see this as related - your account triggered some abuse detection - did you ever go to them and validate what you're doing is covered by the terms you're paying for ?

I mean it sounds like a dick move by Backblaze, but comparing it to what OP is describing is downplaying how bad this looks for GCP IMO.

Going through with official contact at GCP, being assured he did everything right and that it was taken care of - and still getting shut down. In my book that's just inexcusable - if you can't count on that kind of support to work then how can you rely on that platform for anything ?

Sorry, not really sorry.

It has been well documented that any of the big tech companies will thankfully flush you and all you've build down the drain whenever they feel like that. You'll also probably never be able to talk to someone (high enough up the ladder) to figure things out.

Nevertheless lots of people are building their tech and their lives based on the services provided by these companies, when a maliciously flagged YouTube comment for a linked account can kill _everything_ in seconds.

Stop building stuff on their platforms. Now.

edit: Yeah, probably not very "helpful" but how many of the "Google killed my X for no reason" posts will we have to see until either regulatory bodies step in (doesn't look like that) or people will just stop using those services. Yeah, it's cheap and it's easy to start with, but so are some drugs, too.

Do we see much of this for AWS? Asking for a friend...
AWS will email you for months and months about billing issues before they terminate anything
This. In my previous company I was receiving almost every month some email from automated systems AND humans at AWS because either our finance dept screwed it up or AWS screwed it up but we had like hundred of thousands of $ in missing payments for months, and nothing happened (we always eventually paid AFAIK). Nowadays I think they are removing humans from the loop as much as possible though.
I confirm this, had this multiple times
And AWS support is much better.
Indeed. My company forgot to warn the the credit card had been updated, emails were being sent to the work email of an employee that left... Took 4 months before they started turning off stuff, and even that was quite gradual, just enough to draw attention
With AWS the problems I heard was your bill getting really really high unexpectedly.
TBF that can happen with any of the big cloud providers.
but they always find a solution to it. i've spun up redshift instances to play around that racked up thousands by accident, and they forgave them in a snap.
We've had some mishaps with Azure billing and they did call for a couple of days before they switched things off.
(comment deleted)
I wonder what it would take to bring a culture change to Google so they can finally start having some empathy for customers and stop the casual cruelty. A new CEO?
It’s probably too big for one strong personality to get it back to the Don’t Be Evil days.

Regulation, litigation, or split it into pieces.

IMO we really need regulation on how support is done by big tech. It should be really hard for them to close accounts like this.
Agreed. This issue seems to be popping up constantly on the front page. Not just Google but many of these companies.

I should not be able to get customer service from a random McDonalds franchise over a chicken sandwich easier than a company that we spend thousands, tens, or even hundreds of thousands of dollars with.

They do not get to use "We're too big with too many customers" as a defense. They can figure it out.

When was the last time any big company was split? AT&T 50 years ago, any newer examples? Nowadays big tech is too influential to allow politicians to make such decisions.
Regulation, full stop. The reason Big tech makes so much profits is because they have no accountability and at their scale, social shaming doesn’t work.
Right. Heavily-regulated industries like banking, auto and healthcare are known for being so much better at treating its customers like human beings...
Yup. Too big to fail sucks just as hard in banking.

Google needs to be broken up as badly as banks do. It's a battle that keeps on coming up and here it is again.

What would someone break Google up into, ad and vertisements? If you look at their quarterly reports you'll see that they are almost entirely based around one product.
You could cut out ads from the rest. And make Google buy ad space from Foogle Search.
Of the viable companies, each would still be a monopoly.
Why stop at Google? Why don't we simply get rid of the idea of the mega corporation?[0]

[0]: https://news.ycombinator.com/item?id=31317641

Because it’s regressive. We need to fix the issues, not throw the whole thing out.
These "issues" only exist because of the scale and reach of Corporations. You can not fix "too big to fail" issues unless you stop letting these institutions to grow too big in the first place.

I'm yet to hear a single convincing argument of why we need to have organizations of such a large scale nowadays. Could you make a case of what we would be missing if we just "threw the whole thing out"?

I propose another option: unless you can show clear written instructions, the ceo and the board are personally criminally responsible for the acts of their agents, contractors, and employees at the course of their duty.

If your branch manager incorrectly adds your teller to an industry wide list of do not hire, the board and CEO are personally criminally responsible for it. No hiding behind the corporate veil. I don’t know how to prove whether someone acted in their own and not on the instructions of the employer though. What I’m afraid of is equifax will simply create many companies and divvy up it into equifax backend web services llc that has fewer than 150 employees.

> What I’m afraid of is equifax will simply create many companies and divvy up it into equifax backend web services llc that has fewer than 150 employees.

I'd argue that if the split child company ends up only working for the parent, it is easier for the governments to prosecute them. So the child company would have to get other customers and act as a real independent unit or would have to shut down altogether and the parent company would have to go back to the market to find a proper "web service" provider.

I'd also argue that there is no way that a company like Equifax would be able to exist only with 150 people. The whole national level corporation would simply be broken down into many localized offices. Their databases would no longer be shared. The damage that each unit could make would be reduced, and their customers would be much closer to the managers responsible in ensuring that their data is managed properly.

In other words, my argument is that Capitalism and market forces do work. We just need to have these systems deployed in the correct scale.

Wouldn’t that result in the CEO and board being literal scapegoats, employed by the people actually in charge, to be beheaded if something goes wrong? They would even sell it as „giving control to the employees“ or something.

I don’t believe in measures to radically change the world. That’s both a direct example of the Chesterton fence, and applied game theory - CEOs, board members, or investors, they are all gamers. Give them any set of rules, they will analyse and subsequently game them.

Because scale breeds efficiencies. It should be obvious why WalMart is a better business model than the previous experience of shopping at 15 different stores to get the same stuff.
"Efficiency" is not a goal in itself, and it does not pass as an argument here.

1) Walmart may be a better "business model", but is it a better model for a society that we want to live? I surely don't want to live in a place where big box stores are the norm, and the only alternatives are crazy expensive "niche" stores. And I surely don't want to live in a world where the quality of my food is determined by Walmart's weight, who will favor products that can last longer, are cheaper to produce and are easier to store and transport - i.e, ultra processed crap. If the price to pay to have better groceries is the "inconvenience" that I will have to go to 2-3 separate shops, it's absolutely worth it and I'll gladly accept the "inefficiency".

2) Optimizing for efficiency is a recipe for systemic, catastrophic failures. Just as an example: think of the semi-weekly github outages that are happening. Everyone is convinced that the cost of paying for a SaaS is negligible compared to the cost of operating your own, so they don't even try to set up their own CI and code repository and have to pray everyday to make sure that will be able to work with it. Meanwhile, my self-hosted gitea/drone/docker repo has been running for almost 4 years already with no issues and it requires minimal maintenance. It took me some time initially to set things up in a way that I was satisfied, and it probably doesn't save me any money compared with a off-the-shelf solution, but thanks to my initial investment and willingness to accept these costs I am more resilient than any competitor.

3) Taken to an extreme, focusing on "efficiency" could be used to justify authoritarian governments and the most dystopian worlds. I really do not share this techno-utilitarian worldview that thinks that maximizing economic output can justify the existence of corporations that reduce us to nothing but consumers that can be placed in a segmented box. It's this worldview that is brought us Big Data, the invasion of our privacy, the "gamification" of everything, and so on. Google/Apple/Microsoft/Amazon may all be trillion-dollar companies and may have built incredible products, but the societal/environmental/civil cost is just too much to be worth it. If I knew in 2004 that by accepting the invite to 1GB of Gmail I would be contributing to the emergence of Surveillance Capitalism, I'd never had done it.

Anything else you'd like to try?

That's a lot of text to just say you don't trust the government or corporations. This argument is orthogonal

Of course efficiency is the goal. Wouldn't you argue our current use of natural resources is unsustainable long term? The only way out of that is to improve efficiency.

Ignore Walmart. If we were to rollback farming to the methods used just a few decades ago, the world would starve. So, yes, we need to continue to improve efficiency. It's required due to resources being limited.

> The only way out of that is to improve efficiency.

Or by stopping/reducing consumption of things that we don´t really need and have been shoved on us by the corporations. Stop focusing on the symptoms and focus on getting rid of the disease. Let's get rid of fast food, fast fashion, let North America abandon the failed experiment that is called "Suburbia" and get rid of its car dependency. Let's stop expecting overnight shipping for whatever stupid gadget we want to buy, etc...

If the US reduces its consumption to the average of the developed world, instead of having growth-addicted Corporations and Goverments pushing to make the rest of the world consume like the average American, I can bet that we can improve our overall quality of life even on a smaller GDP per capita.

Also, even if you disagree with that: the argument is not against "improving efficiency". The argument is against optimizing for it while ignoring other costs and especially ignoring the fact that most of these optimizations have diminishing returns. E.g: airline travel is something that has been optimized beyond imagination, but it will never be as sustainable as an economic activity as traveling by train or boats. Between trying to "optimize" air travel even more, I'd rather we just decided to ban short haul flights altogether and reallocated our resources to the (re-)construction of decent rail roads and passenger boats.

That post sounds like war on drugs, on paper it makes sense but does not work in real life.

Do you really think an industry like oil refinery can be managed with a limit of 150 people?

The point is not to limit the size of the industry. It is to limit the size of a company.

Think of a oil refinery as a monolith, and that such a mandate would enforce that you'd have to build the whole system a set of independent microservices. The industry as a whole would still employ a large number of people, but now they would be forced to coordinate through specific interfaces (the smaller business units) instead of centralizing under a larger corporation.

Like the Amazon’s “API” mandate, as famously described by Steve Yegge:

So one day Jeff Bezos issued a mandate. He's doing that all the time, of course, and people scramble like ants being pounded with a rubber mallet whenever it happens. But on one occasion -- back around 2002 I think, plus or minus a year -- he issued a mandate that was so out there, so huge and eye-bulgingly ponderous, that it made all of his other mandates look like unsolicited peer bonuses.

His Big Mandate went something along these lines:

1) All teams will henceforth expose their data and functionality through service interfaces.

2) Teams must communicate with each other through these interfaces.

3) There will be no other form of interprocess communication allowed: no direct linking, no direct reads of another team's data store, no shared-memory model, no back-doors whatsoever. The only communication allowed is via service interface calls over the network.

4) It doesn't matter what technology they use. HTTP, Corba, Pubsub, custom protocols -- doesn't matter. Bezos doesn't care.

5) All service interfaces, without exception, must be designed from the ground up to be externalizable. That is to say, the team must plan and design to be able to expose the interface to developers in the outside world. No exceptions.

6) Anyone who doesn't do this will be fired.

https://gist.github.com/chitchcock/1281611

Maybe the government could do something similar?

Huh, here’s an idea: Maybe Jeff Bezos did what he did because he was fearing just such a goverment-mandated breakup, and wanted Amazon to be prepared for it?

Capitalism would not allow such a company to exists. There would be too much bottlenecks and the left hand not knowing what the right hand is doing scenario and the end product would be more expensive compared to a company with no such limitation. Buyers would prefer buying the product at much cheaper rates and then just transporting it to their locations.
I could easily argue the opposite: in a scenario where all companies are reduced in size, they would be forced to become a lot more efficient in their communication and they would be a lot more open and agile.

Also, a lot of the work done by people in Big Corp is something that is not outsourced merely because they don't want to let their competitors to have access it. A lot of these redundancies would be eliminated and replaced by smaller units that can serve multiple companies. Companies that have internal "business systems" developers would simply get rid of that and looking into third-party SaaS and/or open source solutions that could be used, etc.

> in a scenario where all companies are reduced in size

What does all companies mean, are you proposing the entire world follow this approach or just the US. If its just the US then other refineries would just offer cheaper oil and US consumers would buy it from overseas while the US refining goes bankrupt.

Ok. Let's think it through.

1) The price of oil (and basically everything downstream of crude) has little to do with the cost to produce it, and a lot more to do with current market conditions. So even if their productions costs were (slightly) higher, I don't see why a local, smaller, refinery would have too much trouble to keep themselves profitable even if they had to have lower margins to stay competitive.

2) Smaller companies would mean that you'd be consuming a lot less primary resources and your business relationships would be on a much more local scale. You wouldn't be getting a networks of branded gas stations that receive their gas from the same mega-distributor, you'd be more likely than many different gas station owners, each of them too small to be interesting to a foreign refinery.

3) Even if that is not enough and "US refining goes bankrupt"... so what? Why do Americans need to have their own refining industry, if they can be served by others?

> Why do Americans need to have their own refining industry, if they can be served by others?

Looks like you did not think it through.

You need to have energy independence. When you depend on other countries, those countries can use your weakness to get better deals or control you. If there is a pandemic and all the supply chains breakdown your people can still survive.

How "energy independent" is Switzerland? Singapore? The UK?

You are too deep in "Big State" thinking. Forget about that.

> If there is a pandemic and all the supply chains breakdown.

Under a localist model, your people can still survive because they do not depend on global supply chain and can still have a functioning economy.

What I am asking you is to imagine a less radical version of an Amish community. Less focus on economic output and more focus on resiliency. Try to keep your economy as local as possible and do not over-generalize. Do not think of industries as something that has "strategic value" and instead let them develop as much as it is required to fulfill the needs of your citizens. This way, your community will have plenty of redundancy and no one will be at the mercy of any other external entity.

You are too deep in "Fantasyland" thinking. Forget about that.

> How "energy independent" is Switzerland? Singapore? The UK?

Exactly, atleast the UK depends on middle east and Russia which funds their murderous regimes. You should be supporting human rights not murdering innocents.

> your people can still survive

Tell that to the people who died from Covid because they could not get masks which were all manufactured in China.

> Try to keep your economy as local as possible and do not over-generalize.

I think you getting confused with your own talking points, in the previous comment you wanted want the US to be served by others and now you are saying keep the economy local.

What I am asking you is to live in reality and not live in fantasy land, you sound exactly like a politician who declares war on drugs. The current globalized world cannot just cannot function with your fantasy 150 people limit.

You getting confused with your own talking points is one the proof that your limit does not work.

I misspoke. I meant to say "do not over-specialize".

> in the previous comment you wanted want the US to be served by others

No, read again with the whole context: what I said was that the focus should be on keeping the industry local, on a smaller scale and more worried about robustness than profitability. Then I said that "even if after that they are still being out-competed, it doesn't mean that they all is lost".

The point was that plenty of countries can be successful even if they are not 100% self-sufficient about key resources. I am not advocating the end of trade. I am advocating for smaller/stronger communities and stronger/more explicit interfaces between them.

> You should be supporting human rights not murdering innocents.

Please stop with this absurd rhetoric. Not only is BS, it could easily be turned on you ("So, you buy things from China? This means that you support the genocide of Uyghurs!")

> The current globalized world cannot just cannot function with your fantasy 150 people limit.

First, this "current globalized world" is precisely the thing that is so full of systemic issues that we should be working to avoid. In a less-globalized and not hyperconnected world, Covid would not even be a thing, so the whole "people died of Covid because they didn't have masks" is complete rhetorical bullshit .

Second, there is no limit on people. The only limit is about the size of a single corporation. I don't know what is so hard about it to understand. You keep mischaracterizing the argument to the point that it is making clear you are not interested in a good-faith conversation, which should be a signal that I am done here.

You say misspoke, I say you got confused with your own talking points.

> it doesn't mean that they all is lost"

I dont know if you understand capitalism but out competed companies eventually run out of money and get bought out by the more successful one. I think that is the context which you dont undestand.

> it could easily be turned on you

Its not rhetoric, I am being serious, I would love to buy things made locally but that is just not possible with your 150 people limit. You want things to be less efficient and more expensive.

> In a less-globalized and not hyperconnected world,

Again you sound like a politician who declares war on drugs, your ideas sound great on paper but the globalized genie is out now, its not going anywhere for a long time.

> Second, there is no limit on people.

You are getting confused again with your talking points, you are the one who is advocating for 150 people.

> I don't know what is so hard about it to understand.

and yet who are the one getting confused or "misspsoke"

The only thing I misspoke was that I said "over-generalize" when I meant "over-specialize". Everything else (I think) was okay.

> You want things to be less efficient and more expensive.

There is a difference between wanting things to be more expensive and accepting that this may happen as part of the trade-off being made. Specially so if the idea is that this type of policy could potentially eliminate the concentration of power on the hands of a few conglomerates and create an incentive for automation and to eliminate "bullshit jobs".

> I would love to buy things made locally but that is just not possible with your 150 people limit

Why? Go to any farmers market, is there any step on the production chain that requires 150 people? Do you think (e.g) a municipal ISP to serve 10-20k people can't be operated with less than 150 people? Can't we buy fabric and materials (from small scale producers) and have a small textile manufacturing co-op making clothes?

Also, consider that we are used to having products being completely assembled, but there is nothing stopping companies in a "human scale" economy to work as provider of components that get to be assembled by the final consumer. These components could be made by separate companies. So, instead of having "Google Assistant vs Amazon Echo vs Apple Siri", we would pick-and-choose different speakers, different software providers, different enclosures, etc. The hard work here would be one of coordination - i.e, all these companies and providers would benefit if they worked on a "AI speaker device" common standard - but once that is set in place it reduce the average company headcount. The same logic could be potentially applied to any big consumer industry: clothing, furniture, home appliances...

Finally, let's talk about the software industry. Take any big product from the big companies and you can bet that you can find a small ISV (with certainly less than 150 people) who can deliver and profitably operate an equivalent service. Even though Gmail and Outlook dominate the mass market, smaller email providers still exist and they haven't "ran out of money" and got bought out by the more successful ones. We don't need the big players to serve the population, we could have more of these ISVs acting independently (*). These ISVs would likely invest in opensource as a way to outsource as much as they can to keep their overhead low, which would lead to a even more pulverized industry.

> your ideas sound great on paper but the globalized genie is out now

Again, why? There is no magical force stopping us from preferring local products. There is nothing forcing us to consume indiscriminately. I get that "the system" is too big for any of us and that our individual actions will barely have any impact. But feeling apathetic is not a justification to just accept things as they are. You can not say "I would love to buy things locally" and blame "Capitalism" when you end up buying things at a big-box store.

(*) "Oh, but Gmail/Facebook/etc are free to the user, people won't be willing to pay for it!" Well, the argument could be that these people would either have to find a smaller provider willing to do the service for them (their employer, some non-commercial community, the tech savvy family member who wants to self-host?), or they would indeed have to learn about TANSTAAFL.

I know you meant a general idea, but for oil refineries in particular, and probably a bunch of others, this sounds disastrously bad from a safety perspective. A lot of accidents that are tremendously costly in terms of human lives and health, equipment destroyed, and operational uptime eventually trace back to poor communication between groups. There needs to be some top-level department with stop-work authority over everything to coordinate who's doing what maintenance when, equipment replacements and switchovers, and the overall plan for what's being produced when. I can't help but think that if you intentionally made inter-department communication worse, it would result in a huge increase in the number of disasters.
> There needs to be some top-level department with stop-work authority over everything to coordinate who's doing what maintenance when, equipment replacements and switchovers, and the overall plan for what's being produced when.

I find it very hard to believe that this can not be automated to the point of requiring much more than a dozen controllers (4 groups of 3 people, on a 12-on/36-off work schedule). And there is nothing stopping this "top-level" department to be a company in itself.

But anyway, let's say that I'm underestimating the amount of human brainpower that is needed to get this work done safely. Not to be a Luddite, but shouldn't we be asking ourselves if there really is any type of (isolated) economical activity that is so fundamental for us that can only be done with more than 150 people involved?

It's not like we can not refine oil with less than 150 people. It's just that we can not do it at the scale and efficiency that we are used to, right? Instead of having one "giant" refinery that requires thousands of people, perhaps the limitation would force us to have smaller plants spread out around the world, or to have the downstream industries actually doing the refinement themselves, etc.

So, how about instead of looking for maximizing the efficient usage of resources in order to keep the economy growing at an accelerated pace, we start to focus on a constant growth rate and better distribution?

They are, in Europe, where we have decent regulation and consumer protection with teeth.
I'll buy that when the German auto makers get to pay properly for Dieselgate.

Until then, EU regulation will be just a demonstration that money and power still talks just like in the US, the only difference is that Europeans are better at fooling themselves about their moral superiority.

I fully agree that automakers should be held responsible. However, I am feeling a bit of negative sentiment here. What does 'properly' mean? There has been court cases that have been decided against them. Sure there is always more. But this sounds a bit like whatabotism. Also there is a high probability of defeat devices in Citroen, Dacia, Fiat, Ford and Honda cars as well. It is however true that the EU create a huge grey zone. But what does that mean in terms of court cases against cloud providers??
It's not whataboutism. Read the comment it was replying to.
"Properly" means that the automakers should pay a fine per vehicle sold that was producing more emissions than allowed, and that fine should be so high as to effectively get them into bankruptcy. It should also put in jail anyone that was aware of the violation and did not report to the authorities. Everyone, from the CEO to the test engineer who knew about the cheating devices.

Anything less than that and all you are getting is an incentive for the make a risk calculation between profit and losses of being caught.

> Also there is a high probability of defeat devices in Citroen, Dacia, Fiat, Ford and Honda cars as well.

Which would be a sign that the regulations are not really working and consumers are just getting fooled into believing that their beloved EU is oh-so-awesome.

Meanwhile, in the EU the price displayed/set in the contract is the price you pay.
Meanwhile, the prices in EU are overall higher even after sales tax included...

We could spend the whole day in this pointless display of "my dad is better than your dad", but can we just skip it please?

Having lived in the US and now living in Germany for over 9 years, I have no intention to leave. But this idea that "regulations" could fix the consumer hostility of Big tech is naive at best and damaging at worst. To assume that the differences between US and Europe are due to lack of regulations is a terrible mistake of reversing cause-and-effect. Cultural differences between and Europe can explain a lot better why things work different, while "regulations" assume that people are just automatons who can do nothing but follow orders established by some higher authority.

> Meanwhile, the prices in EU are overall higher even after sales tax included...

Regulation has its costs. Predictable.

> Cultural differences between and Europe can explain a lot better why things work different

Yep, the cultural differences that lead to even a "left" US government to be a lot more hands off than any EU government :)

> Anything less than that and all you are getting is an incentive for the make a risk calculation between profit and losses of being caught.

But that logic applies to anything that any company does. You want to effectively kill any company for any infraction?

That sounds a little too severe.

If the infraction was intentional and with the sole purpose of getting unfair competitive advantage in the market, yes, the company should be dissolved for it.
> If the infraction was intentional and with the sole purpose of getting unfair competitive advantage in the market, yes, the company should be dissolved for it.

My memory may be hazy[1], but I don't think Dieselgate was ever proven intentional; your proposed policy wouldn't have kicked into effect anyway.

[1] So feel free to post links to the findings if you have them handy

The whole thing started because the EPA reported that the software that controlled fuel injection on diesel engines was intentionally programmed to detect if the car was running in special lab conditions. It's on the first paragraph of the wikipedia page[0].

[0]: https://en.wikipedia.org/wiki/Volkswagen_emissions_scandal

I'm mostly with you in spirit but I'd stop at big fines and jailing the executives. Most of the employees are probably fine and someone better can take the helm without too much disruption to their work. Jailing executives might be enough on its own but the fine is useful as well, to pay compensation if nothing else.
This is a non-sequitur. EU has shown plenty of effectiveness enforcing consumer-facing regulation especially in tech/internet.

Dieselgate is a case of corruption in Germany, a particularly horrific and embarrassing one sure. But the existence of corruption in a single member state is not sufficient to disregard EU-wide regulatory efforts in a broad swath of consumer-facing industries.

The point is that no matter how good they are at enforcing, they still can't manage to use the regulations to actually regulate behavior of the economic agents in a way that is beneficial to society.

"Strict emission laws" did not stop EU car makers to focus on ICE cars, it worked only to give consumers a false belief that their cars were not as clean as they believed. It's not regulation that is changing the industry, it is Tesla.

GDPR did not (and will not) stop big companies to collect and exploit user data.

"Right to repair" did not get the big manufacturers to stop producing devices that are consumer friendly and don't stop planned obsolescence.

Europeans have this stupid sense of moral superiority, but the people still buy from China, still look at cost above ethics and just use the "but our govt is strong" as an excuse to redeem themselves of personal responsibility.

consumer protection doesn't tend to apply to businesses
In these industries the regulation is the only thing preventing them being unfathomably worse.
Unregulated banking tend to have a bit more ponzi schemes, pump and dump, and money laundering than regulated banking.

Unregulated auto tend to have a bit more lemon markets than regulated auto.

Unregulated healthcare tend to have a bit more snake oil, blood letting and cocaine than regulated healthcare.

Unregulated food sector tend to have a bit more Listeria and Salmonella then regulated food sector.

No regulation are not know for being that nice either, which is to say that some regulation is good and some regulation is too much, but one can't dismiss regulation as just being bad.

I did not argue that regulation is unnecessary or bad. The argument is that regulation of Big Industries does not bring you better support nor makes the companies more focused in treating customers as individuals.
There could be an argument that US regulators allow companies to be much more customer hostile than other places... i believe it's done in the name of "innovation".
It all depend on the reason and target of the regulation. Patients might have historically liked doctors more when they prescribed cocaine, alcohol and morphine for most ailments, but then the target of modern regulation is not customer short-term happiness. It is health.

The issue of regulating big industries and big tech in particular is what outcomes we want to avoid and how a healthy market can be created where one does not exist. Words like infrastructure, platforms, and lock-in are all associated with a lack of market choice and competition. Bad support could be a symptom of that, but the target of regulations wouldn't be about support but rather to avoid having a situation where citizens are unknowingly building their homes and companies on quicksand.

You are arguing against yourself. Now, only drug addicts who ignore laws can get painkillers.
Back in the day, if you had an infection in the leg they would bring a hacksaw and cut it off, giving you some whiskey to dull the pain.

I prefer modern medical system with antibiotics, anti-virals and anti-inflamatory drugs.

> one can't dismiss regulation as just being bad

No one said that.

You think those industries suck now, imagine what they're like without regulation holding their feet on the path a bit.
I haven't heard stories about bank's AI deciding to close a person's account, take all their life savings, and refuse any explanation, contact or cooperation. Maybe regulation has to do something with it?
1) There have been stories of N26 customers who are locked out of their accounts, or had their devices stolen and lost their funds to thieves and the bank refused to reverse the transaction.

2) No, regulation (or the lack of it) has nothing to do with it.

3) No one is arguing for the end of regulation.

Heavily regulated industries ANYWHERE in the world except the US work perfectly fine. Its because regulations are watered down in the US that they don't.

  no accountability
Can't they sue google? Surely this is a case here.
Sue google? Are you mad? What do you think you'll accomplish with that ?
How much money do you want to waste on lawyers while your case drags on for years?
I'm a fan of regulating big tech, but in this case reputation will also make a big difference. I know lots of people who actively avoid google's cloud products because they don't trust google not to pull stunts like this.

There have been too many stories on HN and twitter over the years of business critical google accounts being suspended for no reason or google cloud products massively increasing their price overnight.

I don't trust google as a provider for business-critical infrastructure. I'm far from alone.

The cost to provide proper support for the 99.9% is much much larger than the benefit of bringing on the possibly 0.1% who don't trust Google and avoid their products. This minority cannot be the solution to the problem.
> bringing on the possibly 0.1% who don't trust Google

I would imagine it would be more than 0.1%.

Anecdotally I cannot remember the last time I have mentioned GCP in person or in online discussions without the conversation turning into why no-one wants to use them for anything serious.

I suspect it's far more than 0.1%. They have a bad reputation and word-of-mouth is now working against them.

I wonder if you could require that some data be made accessible to the user. Like transaction logs and actions relating to those transactions. So that you have direct incontrovertible evidennce of the internal state. That could then be used by third party support, or even courts.
(comment deleted)
I'm not opposed to regulation, but in this case, another solution already exists. That is, competitive services that pride themselves on great customer service and satisfaction. Apple kind of does this in the iPhone vs Google phone wars. Azure and AWS do this in the cloud wars. Fastmail and Proton mail do this in the email wars, etc. Regulation didn't force Fastmail to be awesome; it's just the core of their business model and differentiation.
(comment deleted)
empathy for customers not paying ? lol
In this case, for customers who do pay and get fucked over by google anyway.
I'm kinda surprised they don't voluntarily allow courts to make these tricky decisions for them.

Perhaps even offer to pay court costs.

They can say:

> We suspended your account for violation of XYZ rule. You can appeal internally, and if that is denied, you can ask a court to rule on if you broke this rule. If the court finds you did not violate the rule, we will reinstate your account. We will provide any data from your account to the court to make its decision, including proprietary data that we cannot reveal directly to you, for example data about other linked accounts.

Ironically, empathy is the reason why they are doing this. Empathy for the support worker. They literally call it Human Ops. The idea is that support work is horrible for their intelligent engineers and so they invest in AI to replace human the bad jobs that impact humans.

Of course human ops is originally about reducing actual traumatic jobs like reviewing actual evil images, but its basically now all brain work which techies hate.

It won’t happen. Google is probably going to be like the next IBM: a former tech giant that became irrelevant.
I wouldn't be so sure that will happen to Alphabet before it does to Amazon or MS. Nothing lasts forever, though IBM aren't actually showing any signs of dying outright yet, despite the fact their own attempt to get into the cloud platform market hasn't exactly been inspiring (even if they were only ever intending to cater for niche markets).
(comment deleted)
They should be freaking broken:

1. Ad business should be one thing 2. Other products should be different companies: Gmail, GCS, Domains, etc etc. They should not be "cushioned" by Ad business revenue.

That way they will play an even playing field with similar companies. And I think Amazon/AWS should have the same split.

If that happens, these companies will have to differentiate to their customers with non-crappy customer support.

I doubt that can happen organically. The Google is ground zero for ego in Silicon Valley. When ego is inflated, empathy must deflate to make room.
Stop using their products and giving them money.
Try reaching out to their Developer Advocates on twitter & then maybe with any luck a 'person' can look into this.
Google Cloud is a weird thing. It's got Google quality:

- technically amazing: BigQuery and GKE are great

- really half assed as a product: console is somehow slower than AWS despite the latter being the most tech debt of the lot for having invented everything, support half witted, and honestly I had a card declined and even Alibaba Cloud didn't suspend my shit

If you have one of their premium support things you'll get faster service but I think I'm not hyper keen on them for general stuff.

I'm always stunned whenever I have to search for something in our GCP audit logs, because the company that shipped Google search also shipped a log searching and filtering interface that's slower than our self-hosted kibana while searching over multiple orders of magnitude less data.
It sucks that they gave you conflicting information that resulted in this but I wouldn't trust having my cloud infrastructure payments be handled using a single credit card.

If you have a spend of over $2500/mo you can apply for invoiced billing directly from Google or if you have less than that you can contact a GCP reseller partner to get invoiced by them.

Some GCP reseller partners also have a close relationship with Google and the contacts that come with that relationship.

$2500 is honestly not that much. Google cloud dropped the ball on this and shouldn’t need to be handled with special relationships
All of the relationships I have with suppliers are handled by an account manager at the supplier who I can call to get things sorted out. This is normal.

Why should a business relationship with Google (or any other cloud service) be any different? I don't use GCP but if I was going to start, I would ensure that I have a person to call or its a non-starter.

> Why should a business relationship with Google (or any other cloud service) be any different?

Depends on the size of the account surely? Maybe there's some support person to talk to, but there's plenty of services I subscribe to fo $10-100/month and I dont have an account manager for any of them.

Yeah but for almost all of this kind of service you have some sort of phone, email or 24/7 helpdesk system.

Google however is infamous for not providing support at all on all their services, even if your complete digital identity got killed off because some AI can't recognize that the "CSAM" you sent was in fact communication with your child's doctor [1].

[1] https://www.heise.de/news/Nacktscanner-Unbedachte-Fotos-vom-...

Because the account manager would be a human. Google never hires a human if it can use shitty AI instead.
> Why should a business relationship with Google (or any other cloud service) be any different?

Because google choose to make this as difficult as possible. A couple of years ago I worked on a third party IAAS database cloud product (think Atlas or Elastic Cloud, but for a different database), and while Azure had the worst tech overall, Google were ultimately the hardest to deal with by a VERY long way because they don’t acknowledge the existence of people as anything other than ad targets.

What is much and what is not is relative. $2500 breaks the bank for tiny startup and is a rounding error for Google.
Not much for you but a lot for others. This type of arrogance really doesn't belong in this space. Maybe you spend $25,000? $250,000? peanuts to large companies so its okay that Google cloud drops the ball on you?
Isn't this type of service supposed to be automated? Why is having a secure service about who you know?
This is the only right answer with large cloud providers. Get a human to be involved with your account and do invoice payment as soon as they allow it.
What's the benefit of invoiced billing?
You have a person to reach out to if things go pear shaped, and N(weeks|months) to sort out payments issues instead of having everything get suspended by robots.
What about telling those robots not to suspend everything and wait for N(weeks|months) or human intervention?
1. Because they'd probably have to hire several hundred humans and give them benefits. It's much cheaper just to trust the robots.

2. Unlike a small hosting company, Google is so big it will suffer essentially no financial consequences if their robots make a wrong decision for credit card customers a few times per month.

So there is no cost to Google for leaving the system as is, and a high cost for your solution. The decision is a no-brainer from their point of view.

This is what OP should really have done. All of the big cloud providers allow this. We had the same thing with AWS. As soon as you contact your account manager with things like this shit gets done quick. If you are on Pay as you go with a CC your messages just fall into a black hole.
I understand the cost and complexity of doing so but I think that production loads should be engineered across two or more service providers. That way any incident on a given provider is recoverable without that providers cooperation and you can mitigate against Oracle style lock-in.
I somewhat agree in principle. At the same time, the (implied) promise of the big providers like AWS and GCP is to provide everything needed for a reliable service while saving the time for setting it all up yourself. If you need multiple platform providers with fallback logic etc., it is hard to see a scenario in which setting up your own infrastructure would not be more effective.

Perhaps the latter is the more practical solution indeed, though.

If you think that production loads should be designed as multi-cloud as redundancy, then you don't understand the cost of complexity and doing it.
The same is true of DigitalOcean, fwiw. Shutting down machines used in production with no notice, outside working hours. I don’t know why these companies don’t care - they’re massively shooting themselves in their feet. Incidents like this turn customers off for life.
they are big and you are small. It's like walking over ants.
Ants pay the bill!
Ants that don’t cause trouble pay the bill. Ants that cause trouble are a net loss.

Customer service representation is one of the biggest expenses these companies have. That’s why they go to great lengths to make sure you can’t contact them and why they just close your account with no recourse as soon as you start causing trouble.

Poor AWS must be close to bankruptcy then.

When my account started spending 300-400 USD monthly, I was contacted by an account manager, who was at my office for a meeting two weeks later.

Every time they do this, a few hundred ants decide, they may very well be next and move out. Supporting them through whatever they need may not be quite the net loss you claim it is.
Care to share more info please? Was it because card didn't go through? I've got some important stuff there.
I'd like some more info as well. Only case I know was from someone who didn't see the emails about issues with their payment.
It has been covered here on HN several times, but to summarize:

Budget cloud hosting on a credit card allows scammers to use stolen CC numbers to spin up VMs to mine crypto.

Essentially the hosting company is offering a cash equivalent for unreliable credit.

This kind of abuse occurs at enormous scale, because it can be worth it for an attacker to use botnets to throw tens of thousands of credit cards at hosting companies. If you never actually expect to pay any money (especially your own!), then even thirty minutes of free compute is worthwhile to chase. There have been similar attacks against GitHub Actions, because they're also free and general-purpose.

This is also why the free-tier, dev-only, education, or similar MSDN or VS Subscriber type cloud subscriptions never permit the use of GPU instances. Too tempting a target!

The large providers like Azure and AWS are basically printing money, so they don't care about the small-fry scammers. They're too busy trying to hold on to the firehose of cash.

Smaller, budget providers like Digital Ocean are running too lean to tolerate scammers, but also can't afford to have humans in the loop from the sheer scale of the attacks.

So they use heuristics that are 99.99% accurate (or whatever), which means one in ten thousand legit customers gets axed along with the scammers. Oops.

Essentially, as a customer of these small providers you are taking on some of their risk in exchange for the discount over the big-name vendors. This is especially true if you pay them with a credit card, irrespective of past payment history. Like I said, they simply can't afford to keep a human in the loop.[1]

An example that came up here was a startup that had an account "ticking along" with a handful of dev stuff, went "live" with a big launch, and so almost all of their servers was loaded to nearly 100% capacity thanks to efficient containerisation and auto-scale.

Good job devs... except that looks identical to a hacked account that has suddenly started to mine crypto on every machine.

Axed.

[1] It's even more complex than you think. Employees can and have been bribed to let the scammers through! The employees themselves might be mining crypto. The scammers can trick them, lie, beg, or just figure out the system from repeat conversations. The only recourse is to take the human out of the loop entirely, nothing else works for them. If you get to be the 0.01%, you generally have no recourse.

Thanks for this very detailed explanation, much appreciated!
I actually managed to get my account suspended one day due to nonpayment. It was just a personal toy project and it was completely my fault: I was automatically filtering the mails into a folder that I didn't read until it was too late.

If you look at the sheer amount of emails they sent me before suspending the account, Digital Ocean did everything right: https://i.imgur.com/ah13bEA.png

They gave lots of warnings and also sent an email with the date the account was going to be closed a week in advance.

Just like you setup multiple instances across different availability zones for redundancy, you also need multiple billing contacts in case one of them fails and causes an outage.

Not sure how to mitigate these risks for providers that only support one "project owner" with a single billing address :/

Use a “synthetic” project owner with an email address that forwards to the group.
That could backfire, since nobody really feels in charge.

https://en.wikipedia.org/wiki/Bystander_effect

But that's the same if you have multiple billing contacts. What is required is that the responsibility in the group of people that receive those notifications is clear.

Having multiple people that receive billing notifications is strictly better than having a single person - what happens if that person is on vacation, sick, overloaded? No one even has a chance of catching this. If at least one other person receives those increasingly important emails, they at least have a chance to catch this before it breaks.

Have one person clearly in charge, but as the emails get more frequent with increasingly dramatic titles the other people can check in and ask if everything is under control
I was using Digitalocean for something last year and for reasons didn’t have the money to pay for the bill when it was due, they always have one month of warnings. Ie if I paid one month late, everything was ok and nothing was ever shut down and they sent multiple emails during that time. I knew exactly where I stood, what I owed, when I had to pay by, when they would shut down services etc. That seemed reasonable to me.
Is it just me, or does imgur never load on Firefox mobile?
It loads fine for me in FF mobile.
I noticed something similar five weeks ago. Imgur would get stuck on the loading animation if I was in private mode but work otherwise.

It seems to work—at this moment, anyway—even in private mode for me now though. ¯\_(ツ)_/¯

> outside working hours

Working hours are relative. Our support routinely gets awoken at like 3am because someone in Singapore, where one of our larger customers has outsourced their IT to, just started their day and decided to follow up on a case.

Though I'll agree that weekends should be considered off-limits regardless.

> Working hours are relative

Sorry but for me this doesn't cut it when you have staff and availability zones in every continent on the planet. It isn't some mom and pop shop in one town. It shouldn't be much to ask a company of Google's size and breadth to consider your local timezone for urgent communications.

It was more a comment on how it's difficult to pin down working hours in this international day and age.

I mean we're based in Norway, but what if we outsourced our IT to Chile? How would Google or similar know that they need to contact our IT guys during Chilean working hours, and not Norwegian working hours? If it's an invoice that's not paid, well that's done here in Norway though, so definitely Norwegian working hours there...

Worst case they can ask, somewhere in the account settings. Defaulting to the billing region should handle 99% of cases though.
We went through a similar event last week. Droplets shut down and account locked without warning and because of “violation of the DigitalOcean user agreement”. Luckily, it was on a sandbox environment we use for testing before taking anything to production. All we had done was set up a simple keycloak server.

The real kicker is that they refused to tell us what terms we had allegedly violated because it’s “critical to maintaining our security systems.”

And they had “just conducted a manual review” and confirmed the suspension.

Then, after escalating further and a few choice words about how much I’ve spent on their platform, sure enough they conducted another “manual review” and found no issues.

I’ve really tried to avoid moving to AWS over the years, but I’m really reconsidering.

At a previous employer we were hosting with DO via credit balance. Our finance department couldn't get things together and kept forgetting (almost every month) to add new credits to the account. Despite this DO never stopped or terminated our servers, and we were often days to weeks behind on the payments.
they’re massively shooting themselves in their feet

It doesn't matter. Google operates at scale. As long as they save more money by not bothering to handle such incidents better, they will see it as a perfectly good business policy.

Incidents like this turn customers off for life.

Small customers are completely interchangeable for larger service providers. You can easily get new customers by throwing around some free credits to college kids and posting a few tech ads masqueraded as tutorials.

Years ago, I used a cheap droplet on DO as an IRC bouncer to hide my home IP address. Someone came into a channel I was an op in and started spamming racial slurs, so I did what a normal op does and banned them.

They proceeded to DDoS my droplet.

Only a couple minutes later, DO responded by disconnecting my droplet from the Internet for 3 hours, supposedly to protect other customers. Thanks, DO, you let the DDoSer win. My droplet was handling the attack just fine, it just made my IRC connection a little laggy.

As a $5/month customer, I was just small potatoes, for sure. But I had ideas for products in the future, and I decided that I would not use DO for them, knowing that some skiddie could just take it offline for 3 hours by just packet flooding it for a couple minutes.

never use google cloud systems for production is a strong statement based on one random incident. CGP customer since launch 2008 (when it was App Engine) and spend around $3k/m on it (Also using AWS and Heroku). Never had a single issue but CS responses vary a lot depending on how you funnel requests.
I don't think dismissing such incidents as random incidents is a good idea.

Although crimes and thefts are rare, all developed societies invest millions into law enforcement and justice systems to measure and mitigate them.

Although device and equipment failures are rare, both private and government systems exist to address them fairly.

It seems like it's only in the tech industry that statistical insignificance of failures is assumed and then wielded as justification to avoid even minimal levels of accountability.

> It seems like it's only in the tech industry that statistical insignificance of failures is assumed and then wielded as justification to avoid even minimal levels of accountability.

Stealing this, it's far more broadly applicable than just to this sort of billing issue.

> I don't think dismissing such incidents as random incidents is a good idea.

If I had €1 for every time a politician has dismissed some incident as a random incident I could probably buy a high-end MacBook.

Hell is other people. Cloud is other people’s computers.
Does business interruption insurance cover Google, or is that under the "acts of God" exception?
Also: If you're on AWS/GCP and only backup to S3/GCS, you're doing it wrong. All your backups to setup a new system (even if it takes time) need to be with a different provider.
Those are different providers. Why would you need a 3rd?
Think they meant "AWS or GCP and only backup to S3 or GCS respectively"
I think they’re saying only backing up _data_ is not enough (S3, GCS). You need to be able to roll out infrastructure elsewhere to, in order to have somewhere to restore said data.
Backups to another provider are very costly for most users due to egress bandwidth pricing.

Most backup systems can't do efficient incremental diffs either - so you end up sending your companies entire database every 12/24 hours, burning through a lot of bandwidth.

Would have through incremental backup (replication) would be a core feature of most databases.
I think the problem is that replication alone isn't enough. You also need to support snapshots for backups because you don't want to replay years worth of replication logs to do a restore.

And when you support snapshots in your backup software, it's very tempting to then drop support for replication...

Replication logs also have another problem - since they include every data change, certain types of database updates, for example a large field that changes hundreds of times per second, can work out far less bandwidth to just snapshot periodically.

Overall, all this stuff is a lot of complexity most businesses don't want to have. They just want to have a simple backup solution and get back to building their product. And that usually involves using some managed database where backups are just an option in the control panel. Or a self-managed database where backups are disk snapshots. Or a script that copies a database dump to S3 every day. But it hardly ever involves streaming change logs...

I use borg backup for this very use case.

Not free, certainly. But it's a system requirement there to be able to rebuild the system in a non AWS environment.

> If you're on AWS/GCP and only backup to S3/GCS, you're doing it wrong.

If that’s how you feel then you should be applying that logic to any provider. Even if you rent rack space in a data center. Because unless you own everything through and through. This could happen anywhere.

I agree with this premise. Backup to another provider, and also make sure it is in a different physical location - different city. In the old days you would pay a company to take a tape backup offsite so why not keep to that idea.
Of course you should be applying that logic if you rent rack space in a data center - your backups should definitely be outside of that data center somewhere else.
You can get some cheap storage from Hetzner and also back up there. With their !sane! egress transfer costs compared to the lunacy that plagues Google, AWS etc, accessing the data wont ever be problem either.
You don't need to use a separate provider to address the problem here, where using a separate provider may not address the problem at all:

> "We're fully redundant across AZs, regions, and even cloud providers!" crows the engineer with a single corporate credit card backing the entire house of cards.

https://twitter.com/QuinnyPig/status/1288275701389389825

You could backup to a different account, possibly in a different region, with the same provider, as long as the other account has a different payment method. Using one provider would in most cases reduce the amount of effort to get back up and running.

The key piece would be how DNS is structured and hosted/billed.

The law should come hard on this sort of shenanigans, but hitting on Big Tech has already become a political issue in the US, Europe is, in the end, too afraid to do it (bar some relatively minor extra taxes that Big Tech is all to happy to pay as long as it's not made legally liable in other ways), and here we are, with crazy stories like this one (one of many).
The law can only come if people sue

And yes I think people should engage lawyers in cases like this. Even in small cases court if it's the case

> The law can only come if people sue

That's not true in the long run. Legislators can make arbitrary laws that ban or prescribe arbitrary things.

See eg how there are special laws in Spain and Australia that (try to) force specific behaviour from Google News. Behaviour that you can't override with a contract.

> Europe is, in the end, too afraid to do it

Take a look at the Digital Markets and Digital Services Acts on top of the already active GDPR.

Well, the GDPR isn't there to fine companies for doing the wrong thing. A company's first violation rarely results in fines or disciplinary action. In any case, I do agree that the EU seems to move quicker and act stricter than other regions in regulating big tech companies.
Of course, the point of the legislation (any legislation for that matter) is for things to be improved, not to top up the budget by catching infractions. A warning on first offense is a good principle to adapt (of course baring murder and the like)
> Europe is, in the end, too afraid to do it

Hmm, I feel this is opposite of what people normally complain about here. Every time EU does something about big tech, HN users will pop up saying it's just because they're jealous and wants to harass US companies. And other's saying the US are just afraid of hurting their own companies and look the other way so they can grow big.

(comment deleted)
>Europe is, in the end, too afraid to do it (bar some relatively minor extra taxes that Big Tech is all to happy to pay as long as it's not made legally liable in other ways),

https://en.m.wikipedia.org/wiki/Antitrust_cases_against_Goog...

$8 billion afraid. If you consider that 'minor', i rather suspect you are being anti-EU just for the hell of it.

If a small butcher-shop round the corner sells the wrong type of meat the authorities first close his shop and then apply the fine, or close the shop and apply the fine at the same time, thing is butcher shop is getting closed no matter what until the issue is resolved. As such, yeah, 8 billion euros/dollars is just the cost of doing business as long as the Google "shop" (or any other FAANG shop) is not closed until the issue is resolved.

Back to this, had any political authority (the EU/US, doesn't matter) applied the same principle in here, i.e. "we won't allow you to sell any cloud-related services anymore until you don't have proper customer service" let's say, I can assure you that would have done a lot more to alleviate problems like this one.

> we won't allow you to sell any cloud-related services anymore until you don't have proper customer service

Yeah, and shut down everything that everyone has running on Google's servers on the process. Killing millions of small to large businesses in the process. That does make sense. The way to enforce food regulations is to shut down the food stores even at the cost of leaving people hungry.

"Wrong type of meat", or unhealthy meat. I think your argument would depend on the distinction (as much as "the authorities" ie working on a local level, vs "The EU", working on a National, and Continental level).
Europe is too afraid to do it? Like how it was afraid to roll out the browser ballot and fine Microsoft ~500,000 a day or something until they implemented it? Like how they were afraid to roll out GDPR? Or like how they were afraid to roll out the digital gatekeepers act just recently?
Seeing all these horror stories, I can't help but wonder when people are going to switch back to on prem, or at least some hybrid. It's pretty apparent we can't trust cloud providers...
I'm not so sure. Aren't we having a bit of negativity bias here, as we mostly hear about the negative events while there are probably countless successful integrations with cloud providers.
Exactly. This is truly negativity bias.

Look at all the banks shifting their infra to the cloud. Haven't heard anything bad happen from that. And their uptime and business requirements are as stringent as anyone else, even further scrutinized by regulators and auditors.

Yes, if you'd compare all horror stories of people having huge downtimes because their on-prem system collapsed vs. people having an issue with their cloud provider then we'd very quickly realise again why the cloud has taken us by storm.
I'd guess that a large percentage of SMBs are running on-prem, so you don't hear about switching back because they avoided the cloud in the first place.
Expect to have issues with colo as well, unless you own the building.
I think it's a vocal minority. The vast majority of GCS customers won't have this problem. These kind of posts typically do very well on HN.
It doesn't take most to have this problem. It takes a reasonable proportion to fear they could have this problem.

That said, I think cost is more likely to drive change here than fear over billing - most people pick lover cost over risk mitigation far more often than they'd like to admit.

A number of orgs I've worked with in the last few years have gone from on prem to full cloud to hybrid, with plans to bring more stuff on-prem in the future.
No need for on prem (rolling your own cloud just means it might be you that fucks up, or your ISP anyway). If you use standard legos like VMs, simple functions, containers, k8s, postgresql etc. then you can have a replica of your site on another provider. Scale it down and keep the data in cold storage. Flick the on switch for an hour a month to check it all works.
People won't switch to on-prem because if Google and some other providers screw up, there still are many other cloud providers. For K8 they could have gone with anyone from Digitalocean to Linode. Actually, they could have already replicated their cluster to more than one provider to use as failover in such a case. (assuming that they were using K8)
The pendulum will swing over cost, not over outages like these, because the cost challenges are real, while these outages are rare.

It won't go all back to on prem because cloud providers will slash their margins once they struggle to maintain growth, and doing so they'll diminish the advantages of on-prem/hybrid setups for a lot of people, and so we'll find some equilibrium or other.

I'd expect more emphasis on hybrid between multiple clouds rather than cloud vs. on prem to happen first. E.g. layers to threat more parts of cloud services as commodities.

Full on prem is a pretty bad for a large company because your company now depends on a single monopolistic service provider that is run as a cost center (ie: the department managing your on prem stuff). Eventually that leads to a very bad engineer experience which leads to a massive opportunity cost for any tech company. It works for a while and then over time becomes more and more dysfunctional. Hybrid at least includes competition with cloud providers which makes things less dysfunctional.
Most places de facto depend on a single provider that becomes a cost center when using cloud providers too. While you can shop around, in effect it tends to get entrenched and get more and more dysfunctional as people try to exploit characteristics of your approvals process for using resources from your chosen provider. For a big company, you need a team to manage these resources - I've lost count of the number of recruiters who has contacted me just this year for roles involving management or architecture of cloud strategy etc. because they're building whole supporting organisations around a specific paradigm for hosting rather than building an organisation responsible for understanding and providing the best possible substrate for their applications.

I'm all for hybrid solutions, but mostly because it means you usually end up being able to cut the cost of on prem, colocation or managed servers even more relative to cloud setups because you can increase the utilisation rate (e.g. run your base load on cheap Hetzner servers but being able to spin up EC2 instances on short notice to take spices or handle failures up to and including all of Hetzner falling off the face of the earth). Most larger managed providers today also offers cloud services and many also offers colo services, so you can often easily mix and match as long as you're conscious off egress pricing which is often the biggest barrier to such setups today (especially if the big cloud providers are in the mix, though it's better than it was).

That said, I prefer not putting my eggs in one basket, and instead going the direction of putting in place layers to treat a multi-provider setup as one. In the past I've e.g. done zero downtime migrations between AWS->GCP->Hetzner that way, and also had systems split between actual on prem (as in a data room at our office), multiple colo's, dedicated servers at Hetzner, and a couple of VM providers where everything was transparent to our engineers (they didn't need to know on what continent a service ran unless doing performance optimisation or reliability engineering). We prepped to tie in AWS resources too, but it never become cost effective for that company to do so vs. the prices of the other providers used - it would have been if we had sudden extreme load spikes, but it was a business where traffic was linked closely to physical capacity at restaurants and nightclubs, and so traffic was very predictable.

Which is funny because reduced cost was one of the major selling points of "cloud" way back when.

Most companies aren't actually at the scale where they need cloud. Cloud comes with the benefit of minimal to no need for ops/devops, high uptime (when nothing goes wrong lol), integrated DDoS protections, APIs your junior devs can string together, and the illusion of infinite scaling.

In reality, it turns out you do need someone to effectively do ops, you don't have 99.999% uptime, your don't need most or any of those APIs, and you didn't need that promise of scaling after all.

With DDoS protection, on-prem hosting or independent dedicated hosting might be more economical and practical.

On demand pricing is also a key benefit of cloud. Instead of needing to make a big initial spend on hosting infra you can pay only for what you need.

The other big benefit is auto scaling, in 2012 lots of companies would launch and be unable to meet traffic from a big push from reddit or HN or others. Today it’s rare to see a new product’s site go down due to a “hug of death.”

That's an argument for using cloud for highly spiky traffic, or for not doing actual on prem primarily.

If you do in-colo hosting with leased servers you've already cut the big initial spend drastically (e.g. deploying to a new colo for a past employer involved buying a pair of switches and some cables), though you're still usually tied in to a lengthy contract. Doing managed servers usually comes with little to no upfront cost (sometimes a low setup fee) and often month-by-month contracts.

With respect to the on demand pricing benefit vs. monthly, my experience is that the price differential is so steep vs. the cheaper managed hosting providers that it's only usually viable for loads that run less than ~6 hours a day. Most sites do not have a variable enough load to justify the engineering cost to use cloud to handle their normal day/night cycle that way - usually the variations are too small. Some do.

But note that this only pays for itself if your base load is not on a cloud setup, as the base load tends to dominate and the base load cost of most cloud setups is high enough not to be outweighed by the increased flexibility vs. a pure managed/colo/on prem setup.

It gets worse for cloud: If looking for the most cost effective, they're not competing against a pure managed/colo/on prem setup, but against a hybrid setup which can auto-scale into the cloud but usually won't. If you e.g. deploy containers, all your need is to tie cloud instances automatically into an overlay network and feed data from your monitoring system into a tool that adjust min/max instances in for an autoscaling group in AWS when load exceeds a threshold, for example.

For a typical "pure" on prem setup you'd usually aim for the daily peaks to rarely exceed 50% of on prem capacity. Maybe a bit more if you have a very predictable business, or even less if your traffic is very unpredictable.

But if you add capability to that setup to spin up and tie in cloud instances to handle peaks, and you can push that into 90%+, or even above 100% - basically whichever number turns out most cost effective. Usually if you optimise that for cost, this means you'll end up with a setup which almost never spins up cloud instances, but which is now vastly cheaper relative to a pure cloud setup because it's gained the benefit of auto-scaling at a far higher load factor than would be safe in a pure on prem/managed setup.

On-prem requires a good half-dozen people just for managing the servers and doing on-call rotation.

For a 10-20 person company that's a huge expense with not that much ROI.

The company I work for has forbidden the use of Google and their services (if possible) such as GCP etc. due to how they treat their customers. In particular, there never seems to be any human being that you can talk to and find out what you need to do to fix the issue. We do not want the same to occur to our production systems if there is an overflow from a Play Store ban to GCP etc. The business risk is too high when you rely on Google's services.

Some examples:

Suspended GCP even when everything in order - https://news.ycombinator.com/item?id=32547912

Ban app even when competitors are similar - https://www.vice.com/en/article/z3vdpj/google-play-store-ban...

Play Association ban - https://old.reddit.com/r/androiddev/comments/ts6jfg/google_h...

Ban due to wrong wording - https://twitter.com/hermaritz/status/1371383715381805061

Terraria banned - https://twitter.com/Demilogic/status/1358661840402845696

New project banned - https://medium.com/@amton15127/why-you-should-not-use-fireba...

Google bans company - https://www.reddit.com/r/tifu/comments/8kvias/tifu_by_gettin...

Google bans mail - https://talkingpointsmemo.com/edblog/a-serf-on-googles-farm

Ban app for communicating changes during covid - https://news.ycombinator.com/item?id=23221447

Adwords ban - https://news.ycombinator.com/item?id=23224791

Serverpunch bad support - https://news.ycombinator.com/item?id=17431609

Delete app - https://news.ycombinator.com/item?id=20826618

Google bans game with pandemic - https://news.ycombinator.com/item?id=23229073

Google bans dev with no recourse - https://news.ycombinator.com/item?id=15197357

These are the ones that got the limelight. Multiply this list x100 to get the true number of fuckups.
Thank you for this collection of references.

The business continuity risk of using google is just too dangerous, while the odds are low, the consequences are disastrous for a business and there is never any recourse.

> In particular, there never seems to be any human being that you can talk to and find out what you need to do to fix the issue

This isn't really 100% true. It's just that Google uses third party contractors for the grunt work and they are working off a script. You can contact them but the comms with them is weird you won't get a direct response only canned responses as they are not allowed to talk to you directly. I'm pretty sure that these contractors are working out of India due to the times they would "respond" to the ticket.

I went through this recently with one of my apps because you can use the Google picker to load files. Very strange and stressful process I was this close to just deleting that feature due to the insane process.

Example was I had a spelling / grammar mistake on my landing page (minor) and they knocked back the application by sending me a premade email with all the rules that need followed which was full of spelling mistakes. Then once I corrected this they said I had a broken link (it was a link to instagram which didn't work and I took it off) again the email they sent to me was full of broken links. Very weird.

Eu's digital gatekeepers law will kick some of these bad behaviors in the curb. But letting large tech companies go unaccountable despite their near total domination in certain aspects of life has been something incredible that we have done.
> if there is an overflow from a Play Store ban to GCP etc

This only happens if you're using personal google accounts / @gmail accounts to manage gcp resources. Even if you don't use Workspace as your main directory, you can set it to be a SAML consumer so you still get full Workspace data governance.

I don't use google ads now because of suspended account for the last 2 years. No luck to get the response about the issue from their support. I would say never use google products. They are not people oriented. They charge for the digital products without having reliable communication. if you want to grow it's definitely better to keep using the other services.

I don't recommend anything else but have you heard any cases about digitalocean or amazon or fly or other platforms? also it's possible to write to support and get information about any kind of the issues that you are getting for any kind of the reasons.

My ad campaign was suspended every three months because I had an exclamation mark in it. After explaining it for the third time I gave up on it and started to build for the post-advertising world.
What does "build for the post-advertising world" entail? I'm extremely interested in alternatives to the Google Ads protection racket. I've been focusing on outstanding customer service/product to drive word of mouth and it seems to have a better ROI.
(comment deleted)
(comment deleted)
Fly.io employee here.

Account suspensions are manual. If you have billing issues at most you will be limited on what you can do (deploy, scale...).

exactly. I heard only the good words about fly actually :) You don't break things like google services with their clients.
for my case with google ads I don't even get any reasons to be suspended and no luck to fix it somehow. I was promoting my indie games with no income actually.
Using Google services for anything important is like tossing it into the wind and hope for the best.
Cloud computing platforms are a bit of a double edged sword. I find it kind of ironic that big companies are moving their stuff to those services but they often have to rely on some consultancy firm that can deal with these problems. Congratulations, you had a problem and now you have two.
That's a feature not a bug.

They went from: (Remember, companies are people!)

We have to make choices about big expensive things. - 0 people to blame besides them. Vendors / Consultants make choices about bigger and more expensive things for them - 1 person to blame besides them. Consultants + "The Cloud" to blame - 2 people to blame besides them.

It is a feature to have many people to blame, in these type of environments.

This calls for a "me too" moment where everyone shares their Google is terrible and I'll never use them again. Here are a couple of my favorites from our company:

https://medium.com/hackernoon/why-and-how-we-left-app-engine...

https://dev.to/codenameone/google-play-kafkaesque-experience...

There's this story from a couple of days ago which is shocking: https://news.ycombinator.com/item?id=32538805

Google is a terrible, dystopian company.

The most interesting part is how all this awfulness seems to stem purely from apathy.
Warning for that Medium link, that background color burned my eyes...
(comment deleted)
(comment deleted)
I know I'm going to come off as a Google apologist, however, I'm leaning towards there being more to the story than what you are saying.

The previous month's billing didn't 'went through' and you are unable to zero in on whether this is a Google issue or a you issue.

I get that it is easier to complain on the internet and often cathartic do so as a coping mechanism.

Having an account suspended because of a billing issue is not exclusive to Google.

Have you moved your projects off GCP now as voting with your wallet would be the sensible thing to do. Until you encounter a billing issue with AWS and move again to Azure and then to DO.

>Having an account suspended because of a billing issue is not exclusive to Google.

I'm sorry but :

>Despite reassurances "your account will not be suspended" while communicating with billing support, all the projects were suspended at 1am on Saturday.

If he contacted someone at customer support, after making sure the mistake was corrected (on whatever side it was) and they assure him that the account will not be suspended - what the fuck is he supposed to do about it beyond that ?

Imagine having your business/job fucked up over an incompetent customer support system.

GCP is a SPoF. If you care about your availability, avoid single points of failure. Then it doesn't matter if what support tells you turns out to be not true.

How you do that can vary, but ... billing issues are always a risk. Having two cards, with two different banks, and two different names, is a pretty basic precaution to take. Having multiple cloud providers closes out a bunch more existential risks.

DNS is the one unavoidable SPoF for most Internet businesses: you cannot have a "backup registrar". The best you can do here is pay for a quality service provider: someone who will call you if there's a problem, before they cut you off. That's going to cost a lot more than GoDaddy, btw.

No human working at Google will do an account suspension on a Saturday.

So it must have been automation. And there is a very good chance that automation simply hadn't been blocked by the support agent which had been giving reassurances.

(comment deleted)
Not the same person, but this sounds very similar to an experience I had. Payments fail all the time for various reasons, that isn't really the issue. It's what happens after that.

In our case our bank blocked transactions to AWS and Google one night. I contacted the bank and Google, made arrangements and successfully paid the account within a day. I just retried the AWS payment and had no further issues with them.

I had issues with Google for months. Google kept sending me threatening messages about how our accounts suspension is imminent. We'd then follow up with a human, have it resolved, only for the same thing to happen weeks later. Note that there were no outstanding payments, and no failed payments again.

After ranting to friends in startups it became apparent that this was not an isolated incident, and it's always Google.

> Until you encounter a billing issue with AWS and move again to Azure and then to DO.

You have to be joking or ignorant. I have never met someone who had a billing issue with AWS that wasn't able to be resolved without shutting off access.

I have never seen a story bubble up on HN about someone who had their account terminated by AWS for no obvious reason.

Perhaps Google is subject to an ongoing smear campaign, or they just attract people who don't know how bill paying works and Google has been completely reasonable. What I do know is that both AWS and Azure have been completely open, honest and will send engineers, account managers or whenever was required to get problems resolved without business impact when I was at both large corporation and early stage startup.

I have never encountered this with any interaction with Google, so it can't be part of their corporate culture, which makes it very unlikely that Google Cloud can be much different.

> we won't allow you to sell any cloud-related services anymore until you don't have proper customer service

No, they attract and select people who see the world only from an engineering perspective. Combined with Google's cultural roots that come from MIT, where projects and services are things that are funded by the government, military or megacorporations in which you can pull the plug whenever and the other side would not flinch, this makes them totally blind to the existence of humans on the other side of their services. Resulting in an false reality in which you, me and the millions of other people who depend on their services do not exist.

So you see things like this happen. Things like 'deprecating' products in people's faces. Things like 'combining and merging and unmerging products because it makes more engineering sense' and creating messes like "Google Gmail Hangouts Chat Rooms Meet" or whatever they are calling the frankenstein they made by combining all those.

Google is the outlier here. Relative to their competition, they're both new at public-facing corporate Cloud offerings(1) and new at non-scalable customer service issues.

They're playing catch-up, and customers are at risk while they do so.

(1) AWS had a head-start on Google and Google's been chasing AWS's monetization strategy and away from their Google App Engine approach, which was fundamentally different. Azure may be more contemporary to Google's Cloud, but Microsoft has a tried-and-true large-scale corporate customer support engine that Google's only now being forced to build out to support its Cloud offering (the customer support story for ads was fundamentally different, and Apps for Domains didn't have the scale Cloud now does).

(I just wanted to say thank you for using the word "apologist" so I didn't have to.)

That was really all I had: expressions of astonishment at the prevalence of Google apologist comments here today.

In an effort to be constructive let me say, it's a matter of scale. Google can't be fair because of their scale. Contrariwise, I use small-scale services and get outstanding customer service.

E.g. Tarsnap, cperciva is a god among men when it comes to customer service. Or sr.ht (Sourcehut) ddevault is right there on IRC most days. Or Podia, I wanted a certain font on my site, they didn't have it, I emailed them about it and they literally added it within the hour. Give these folks your money, eh?

Google has the worst support, bar none, of any infrastructure company I've dealt with in my 13 years in the industry.

IF you can get ahold of someone... and IF they comprehend your issue... and IF they know how to solve it... and IF they can communicate with other departments involved... and IF they remember to respond to you... and IF their internal documentation is up to date... then you MIGHT stand a chance of getting your problem solved.

It's at the point where you will get better support for Google's own services from companies that resell them, because they have on-call internal contacts at Google and actually care about their customers.

Murfie died because of Google cloud costs.

It's a bit of a long story, but from what I was able to piece together, a Google cloud service provider recommended some changes to the way the storage was done to save money. Mostly, because of those changes they got hit by a surprise $30,000 bill for data egress. It was basically the last straw for a company that wasn't profitable due mostly to cloud costs. It killed the company. That's why I had to step in to try to save them.

> data egress

Google, AWS are still charging people mid-2000s bandwidth prices. Its outrageous. Digitalocean's egress price is 1/10th of Google's cheaper egress pricing. Same with Hetzner. And with Hetzner dedicated servers? Its unmetered.

If I recall correctly, there was a story on HN about Hetzner threatening to shut down an "unmetered" server for using too much bandwidth.

here it is: https://news.ycombinator.com/item?id=32242987

From the discussion:

> - The link says "my friend got this", so even the person who authored that post isn't claiming to have received this notice. This is a second hand report, at best. For all we know, their friend received this notice years ago, and mentioned it to the OP, who didn't realize it was old news.

There have been people confirming in recent HN discussions that they were using full 1gbps of their dedicated box for a while since Hetzner declared their true-unmetered policy a year or so ago.

There was a long discussion with multiple people getting emails on LowEndBox forums using around 250TB/month
As I read through this incredulously, I was relieved to slowly realize Murfie was a company, and not a person.
Murfie was the virtual Muppet character who only existed in the cloud. :)
Does the customer data have a proper home yet or is it still sitting in the broken-into shipping containers?
Containers are repaired and under surveillance.
Is there no model of service where Google can't make real human support possible at scale for profit?
Probably, but there is more profit in not having real human support. The savings are massive, and the cost is just a few dropped customers here and there
Were you able to get back online? Have they responded since the suspension? It's early Monday morning now.