Comment on the total outage at AWS: Learned nothing in the last 30 years

Contents

Perhaps you wanted to send a Signal message to a colleague, check what's happening in your garage driveway via Ring, or hold a meeting via Zoom. People in the United Kingdom might have wanted to submit their tax returns or improve their language skills with Duolingo. In all cases, the answer was the same: "Unfortunately not." Because AWS had a major outage – and experts, both real and self-proclaimed, have been falling over themselves with superlatives regarding the technical and financial damage. What is clear is that the outage at Amazon Web Services (AWS), which only affected individual AWS regions, caused a huge stir worldwide and major IT problems.

Martin Gerhard Loschwitz

Martin Gerhard Loschwitz is a freelance journalist, trainer and consultant on the topics of OpenStack, Ceph, Kubernetes and everything related to them.

The situation can actually be described quite honestly. AWS is a normal provider of IT infrastructure and is therefore subject to the same laws that every administrator has to deal with in on-premises setups. If a location goes offline, or in this case an AWS region, its services are no longer available. Admins have known that cross-site redundancy is an issue in larger environments for at least 30 years. The fact that, subjectively, half the world goes offline because AWS has sand in the gears of individual regions doesn't speak well for the industry. Obviously, many have relied too much on AWS not going offline.

If you want to protect yourself against such a scenario, you need redundancy at all levels of your setup. AWS does offer this possibility. However, its technical implementation is complex, and the fun isn't exactly cheap either. It is legitimate to consciously forgo this form of redundancy and bear the risk of an outage. However, complaining when this very scenario actually occurs is improper.

Multi-cloud scenarios don't help

My LinkedIn feed has been full of posts from clever consultants trying to capitalize on the situation and declaring multi-cloud scenarios to be the conditio sine qua non of modern IT infrastructure. So the approach is obviously not entirely wrong: because independent of individual providers, you are only truly independent if you distribute your own IT in the cloud across different pillars. But the majority of proponents of multi-cloud setups jump like tigers and land like doormats. Because as an alternative to AWS, they seriously praise Microsoft Azure or Google Cloud. From a European perspective, at least, this is downright grotesque.

You can also look at the AWS disaster from a different perspective: The event was nothing less than a foretaste of the disaster that threatens Europe if services from AWS, Azure, or Google become even more of a political football than they already are. If a country like the United Kingdom can no longer collect its taxes because central IT is no longer functioning, it is nothing less than an existential threat to the country.

If the lights literally go out in hospitals because energy suppliers and network operators are dependent on services from US providers and these are no longer available, it is a catastrophe. And if authorities can no longer communicate because the US government blocks access to Microsoft 365 for political reasons, it is a debacle in terms of public order and security. You need an ambulance? Donald Trump says no. Too bad, tough luck!

Alibi debate

The entire process is archetypal of Europe's political self-diminution, which has been happening for decades without any real need. Ridiculous constructs like "data trustee" and pseudo-sovereign clouds from major providers lull Europeans into a false sense of security, when in fact there is an urgent need to create truly sovereign European alternatives. Every promise that Microsoft, Google & Co. have made regarding the alleged security and availability of European data on servers of American providers in Europe, they have had to sheepishly retract at some point.

It was highly embarrassing for a Microsoft representative before an inquiry committee of the French Parliament to admit that ultimately, they could do nothing against the long arm of the US government. And how secure the German Delos Cloud really is with Microsoft's software, the Baden-Württemberg Ministry of the Interior recently has officially stated: not at all. The issue of data protection, which is sometimes a bit overused in Germany, does not play a central role here, as described. Instead, the AWS outage shows that the sudden disappearance of central services from US hyperscalers leads to the collapse of parts of the public infrastructure. It is therefore extremely reassuring that the Bundeswehr, in a fit of complete mental derangement, recently decided to build its in-house cloud with the active support of Google. Everyone has apparently gone mad.

Any politician who seriously doubts that the current US government could use AWS, Azure, and Google as a political lever is deceiving themselves and the public. Because there are clearly no red lines for the second Trump administration. What serves one's own advantage is permitted, as Trump has repeatedly demonstrated clearly. From a European perspective, it is long past midnight regarding sovereign alternatives to the major US tech giants. If Europe doesn't finally get moving, the AWS outage was just a mild breeze compared to what the old world can predictably expect.

Tell me where the administrators are

Oh, and by the way: "On-premises only" is not the solution to the problem, especially not for Europe. Despite all criticism of the principle of cloud computing, one cannot ignore its advantages. It is objectively helpful for authorities, companies, and organizations if they do not have to operate critical IT infrastructure themselves but can rent it from a provider.

After all, at least a whole generation of system administrators is missing. Because in the past 20 years, the industry has preferred to train developers primarily to create the next European unicorn. And in complete ignorance of the fact that someone then has to operate this unicorn. The "economy of scale" of the cloud with a high degree of automation helps to keep IT (even in Europe) broadly operable in the foreseeable future. But Europeans must finally learn to stand on their own digital feet. The perfect time for that would have been 20 years ago. The next best time is right now.

()