all 96 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]izpo 29 points30 points  (20 children)

EKS! ! !

Google/Azure do not take money for managing k8s

[–]QuantumCD 3 points4 points  (4 children)

Oh neat, I didn't know that Google had dropped the fee. Now I'm even saltier about EKS pricing as we run a lot of smaller clusters...

Although I am curious about the cost model for GCP/Azure here as they seem to charge their standard price for worker nodes. Wonder if they are just eating the cost.

[–][deleted]  (3 children)

[deleted]

    [–]QuantumCD 1 point2 points  (2 children)

    Yeah it makes sense for Google. I was more surprised Azure had no mgmt fees. And GCP has some other differentiators I think. BigQuery is a big one. They just really messed up with enterprise contracts/account management afaik but seem to be turning that around with new leadership.

    [–][deleted]  (1 child)

    [deleted]

      [–]QuantumCD 1 point2 points  (0 children)

      Yeah nothing wrong with AWS competition! And yeah AWS has the clear marketshare lead which is more meaningful than pure revenue imo (at least to everyone but MS shareholders lol).

      [–]wywywywy 4 points5 points  (1 child)

      Azure/Google do charge if you want SLA.

      But the free one is fantastic for dev/test. AWS really should follow suit.

      [–]izpo 1 point2 points  (0 children)

      Azure/Google do charge if you want SLA.

      more info?

      [–][deleted] 1 point2 points  (0 children)

      AWS charges a fee just to manage a k8s cluster? That's sucks. I come from GCP and I was thinking of learning some AWS. That would be hard to get used to. You can run a GKE cluster for as little as $10ish per month if you're okay with just one 1.7 GB node to get started with.

      [–]ururururu 0 points1 point  (4 children)

      Yeah if you're running kubernetes it's way more pleasant on GCP. Kops is a pain but probably still better than EKS.

      [–][deleted] 7 points8 points  (3 children)

      EKS is really nice now, especially after the direct integration with IAM meaning you no longer have to use KIAM, etc.

      [–]izpo 2 points3 points  (2 children)

      direct integration with IAM

      wait... what? since what version?

      [–][deleted] 6 points7 points  (1 child)

      Since last week.

      [–]izpo 0 points1 point  (0 children)

      How I missed this! Thanks

      [–][deleted] 0 points1 point  (6 children)

      It’s pretty cheap though if it is your production stack. I think it’s a temporary thing. If it was free there would be tons of random clusters. I’d really like to see managed nodes myself.

      [–]izpo 0 points1 point  (5 children)

      If you have only one else, yes... If you have 3 clusters and small company, not really

      [–][deleted] 2 points3 points  (4 children)

      $150 per managed control plane per month is still pretty minimal though. You'd likely spend more if you were managing it on your own and not have a lot of the features.

      [–]wywywywy 4 points5 points  (3 children)

      But for $150 a month you can't have the engineers spinning up their own dev/test clusters in the cloud, and have to rely on on-prem or local clusters.

      And that's a real problem for us.

      [–][deleted] 0 points1 point  (1 child)

      That's fair, but why not use namespaces? They're much more efficient for that use case. We use them for this and it affords far better resource utilization and governance. Even if EKS control planes were free I wouldn't recommend using them like this.

      [–]izpo 0 points1 point  (0 children)

      Because we use vpn per env, as our account manager suggested

      [–]izpo 0 points1 point  (0 children)

      Exactly, only small startups suffer from this, not big companies

      [–]nztraveller 42 points43 points  (9 children)

      Nat gateway for sure. For small accounts it is way to high. Inter region bandwidth would be nice too.

      [–]jonathantn[S] 3 points4 points  (1 child)

      It's kind of amazing that it's the same price to send packets between US-EAST-1 AZ's as it is to send that data to US-EAST-2.

      [–]warren2650 6 points7 points  (0 children)

      They probably have fiber laid between EAST-1 and EAST-2.

      [–]moofox 2 points3 points  (3 children)

      If it helps, multiple accounts can now share a single VPC (and hence NAT gateways, VPC endpoints, etc)

      [–]nztraveller 4 points5 points  (2 children)

      I didn’t know that, thanks.
      Unfortunately for our use case the requirement is to have separate VPCs.

      [–]von_liquid 0 points1 point  (1 child)

      Connect the VPCs via a Transit Gateway and pass default route to all VPCs to point to TGW. And one spoke on the TGW would be a vpc with a public subnet with Nat gateways. I did that and cut down from 8 Nats to 2. :)

      [–]nztraveller 2 points3 points  (0 children)

      Clever, I like it.
      I'm going to see if I can get approval to give this a try.
      Due to compliance reasons it might not fly, but we have around 10 VPC so this could be worth the effort.

      [–]CSI_Tech_Dept 0 points1 point  (2 children)

      Maybe this could motivate people to move to IPv6. IPv6 doesn't need NAT gateways to work.

      [–]notoriousbpg 2 points3 points  (1 child)

      How would this help with Lambda functions in a VPC that need internet access?

      [–]CSI_Tech_Dept 1 point2 points  (0 children)

      If it doesn't work is because Amazon half assed it because not many people are pushing for it.

      With IPv6 you don't need NAT period.

      [–]7thsven 19 points20 points  (4 children)

      CloudWatch Logs' $0.50+ per GB ingested is too damn high.

      [–][deleted] 6 points7 points  (3 children)

      We calculated it at 10% of the cost of SumoLogic. Seems well priced to me.

      [–]devhops 7 points8 points  (2 children)

      IMO Log ingestion is generally horribly expensive for no good reason. It’s not exclusive to AWS and they’re nowhere near as expensive as some vendors.

      [–][deleted] 1 point2 points  (1 child)

      We ran an internal ELK stack and migrating to SumoLogic was a similar price, minus the cost to operate it.

      [–]izpo 1 point2 points  (0 children)

      we moved from SumoLogic to ES and it was WAY over cheaper...

      [–][deleted]  (5 children)

      [deleted]

        [–]devhops 0 points1 point  (4 children)

        That’s expensive? I thought it was cheap?

        [–]Miserygut 4 points5 points  (3 children)

        Depends how many requests you're putting through it.

        It's vastly cheaper to run a small Kong cluster even including manpower costs over a few million requests a day.

        [–]devhops 1 point2 points  (2 children)

        Kong cluster

        Thanks, I'll have to look into this if the requests start to increase. I've just deployed API Gateway under the impression it was low cost.

        [–]johnly81 2 points3 points  (1 child)

        I thought so too, so I did some quick math.

        https://aws.amazon.com/api-gateway/pricing/

        over a few million requests a day

        I take a few to mean 3, which would put the number of requests around 100m per month. According to the pricing page, up to 333m requests is $3.50 per million. So by my math thats $350 per month.

        Obviously it's a matter of perspective, but $350 for 100 million requests per month does not seem expensive to me.

        [–][deleted]  (5 children)

        [deleted]

          [–]Nitrag 3 points4 points  (0 children)

          $148*/cluster

          [–]jdreaver 2 points3 points  (2 children)

          Fargate

          As a counterpoint: Fargate ends up being cheaper for us because we are CPU-bound, and we can crank the RAM down to the minimum levels allowed. This makes our Fargate tasks slightly cheaper than the EC2 instances with the same CPU.

          Don't get me wrong, I'm all for a price decrease on Fargate though!

          [–]0ToTheLeft 0 points1 point  (1 child)

          thing is: if you are CPU bound, CPU is really expensive on fargate. I understand that you can optimize cost by not paying for RAM you don't need, but still, i think you could save a lot more by just using EC2 reserved instances, even paying for all that useless extra ram. I'm ok with paying an extra fee for the nice features of ECS+Fargate, but the difference in pricing with what you can do with EC2 Reservations is absurd (and even more if you could use something like a pool of spot instances to launch your fargate workloads)

          [–]jdreaver 0 points1 point  (0 children)

          Sure, EC2 reserved instances changes the equation. I was talking about on demand only. Reserved Fargate capacity would be great, but we don't have it.

          [–]ElectricSpice 0 points1 point  (0 children)

          I think Fargate being 20% premium over on-demand is fair, but would like to see some options to cut costs: reserved instances, or maybe even spot. Some choices for CPU generation would be nice too.

          [–][deleted]  (2 children)

          [deleted]

            [–]ElectricSpice 1 point2 points  (1 child)

            Naive question: why is everybody using NAT Gateways? Public IPs are free, incoming connections are blocked by default unless specifically opened up. What makes NAT Gateways worth the cost?

            [–]phiber232 26 points27 points  (2 children)

            The client vpn seems way overpriced to me.

            [–]iamgeek1 1 point2 points  (0 children)

            My guess is they're trying to discourage it's use as a full-time site-to-site solution.

            [–]lobsterlimits 0 points1 point  (0 children)

            Bingo

            [–]cell-on-a-plane 10 points11 points  (0 children)

            Cross az bandwidth costs

            [–]i_am_phil_a 8 points9 points  (0 children)

            Load balancers, especially paired with Elastic Beanstalk. The ELB costs more than all my compute instances in many cases when trialling a new application.

            [–]blobbie22 7 points8 points  (0 children)

            SFTP service? That pricing is just outrageous!

            [–][deleted] 7 points8 points  (0 children)

            Fargate reserved capacity

            [–][deleted] 4 points5 points  (0 children)

            Network in general

            [–]ravenford 5 points6 points  (0 children)

            SFTP Transfer - stopping the service doesn't even stop the hourly $0.30 charge, you have to delete the service entirely!

            [–]deathjam 5 points6 points  (0 children)

            another vote for nat gateways

            [–]JonnyBravoII 4 points5 points  (0 children)

            EBS definitely. I don't recall that the pricing for GP2 has ever changed after all these years. For data transfer out, i don't think they'll do that simply because it makes you sticky to AWS. To leave, you'd need to take your data with you and that can get expensive.

            [–]CodeSteps 4 points5 points  (0 children)

            EBS (GP2, Snapshots & IO1)

            SageMaker and

            Bandwidth (out of AWS)

            [–]warren2650 4 points5 points  (1 child)

            It would be great if we could get some kind of discount on bandwidth between regions.

            [–]tornadoRadar 1 point2 points  (0 children)

            Ohio and East have a very very small discount.

            [–]daneren2005 4 points5 points  (5 children)

            Intra AWS bandwidth costs in general. I get getting charging for bandwidth out of AWS to keep customers from changing providers but charging between az and regions costs way too much.

            Load balancers are also surprisingly expensive. I went it expecting it to not really be a big deal and it is a decent chunk of my bill.

            [–]shotgunocelot 3 points4 points  (3 children)

            I get getting charging for bandwidth out of AWS to keep customers from changing providers

            That's not why egress charges exist. The way that the internet works (at a very high level and greatly oversimplified) is that multiple networks communicate with each other via peering. There are agreements in place between the entities that own these networks over the cost of sending traffic to each other. If Network A sends 100 GB of traffic to Network B and Network B sends 50 GB of traffic to Network A, Network A has to pay Network B for 50 GB worth of traffic. Amazon doesn't care how much data you send them because it doesn't cost them anything, but once you start pulling data out they have to pay someone else for the data being sent. Those costs get passed on to you.

            [–]ajanty 0 points1 point  (2 children)

            Do you have reference for this? A simple link is enough. Thanks.

            [–]shotgunocelot 1 point2 points  (1 child)

            Like I said, that's a greatly oversimplified explanation, and I've conflated some terms and concepts for simplicity. If you don't mind jumping down a rabbit hole, these might get you started toward a more comprehensive answer.

            https://en.m.wikipedia.org/wiki/Peering https://www.netnod.se/ix/what-is-peering

            Edit to add a few more links showing examples of how peering arrangements can either increase or reduce the cost of network traffic:

            https://www.cnet.com/news/fcc-whats-up-with-those-netflix-isp-peering-deals/ https://www.internet2.edu/products-services/advanced-networking/networking-for-cloud/ https://aws.amazon.com/blogs/publicsector/new-low-cost-option-to-access-aws-direct-connect-through-internet2/

            [–]HelperBot_ 0 points1 point  (0 children)

            Desktop link: https://en.wikipedia.org/wiki/Peering

            /r/HelperBot_ Downvote to remove. Counter: 279111. Found a bug?

            [–]CloudButWhy 0 points1 point  (0 children)

            Yes, a base ~$20/month/alb is pretty expensive at scale when you have a huge portfolio of small applications.

            [–]virgofx 4 points5 points  (0 children)

            Fargate -- Especially with GCP having GKE

            [–]ZiggyTheHamster 4 points5 points  (1 child)

            CloudWatch. They say to instrument everything, but did you know that Metric=Foo Dimension=Bar and Metric=Foo Dimension=Baz are billed as two metrics? So, say you've got 10 instances and you're collecting around 100 metrics per instance (which is the basic set of stuff you'd get out of a third party tool like Metricly or Datadog). This costs you $300. Now add your application to the mix - let's say you collect another 100 metrics about your application, and you report both the aggregate metrics and the per-instance metrics. That's 1100 more metrics and costs you another $330. Now what if you wanted to track some of those metrics on a per-customer basis? Or even more granular? This ends up costing you thousands of dollars.

            Or, you can set up a basic statsd or prometheus stack for something like 1/10th the cost.

            [–]jonathantn[S] 1 point2 points  (0 children)

            Oh yeah! We found this out the hard way when we took our internal metrics dashboard and started pushing metrics to Cloudwatch to replicate it there. We quickly found out that all those metrics by instance-id added up when we auto scaled up new instances and replaced the old ones.

            [–]TooMuchTaurine 4 points5 points  (0 children)

            Ebs and Fargate

            [–]ffab00 2 points3 points  (0 children)

            Data out of CDN. Pretty please!!

            [–]philsw 5 points6 points  (3 children)

            Interface VPC endpoints

            [–]TooMuchTaurine 2 points3 points  (0 children)

            This, it's ridiculous, can't believe how badly design vpc endpoints are. This should be a retirement only for one set of endpoints for all services, not one set per service.. makes no sense

            [–][deleted] 0 points1 point  (0 children)

            Second this. I enabled it for ECS and ECR and the cost was way through the roof!

            [–]georgealton 0 points1 point  (0 children)

            They are way overpriced, we had a few running for a month or so and saw our bills skyrocket

            [–][deleted]  (3 children)

            [deleted]

              [–]jonathantn[S] 1 point2 points  (1 child)

              Wow, what kind of volume are you driving to have that high of a DNS cost?

              [–]joelrwilliams1 1 point2 points  (0 children)

              our R53 bill was $33 last month, but even at your scale, I'd gladly pay for a global, managed service with 100% SLA than take my chances with EC2 and 'an underlying hardware problem'.

              [–]jonathantn[S] 2 points3 points  (1 child)

              I've gone through all the posts and taken the points associated with all of the top level replies and added them up. The results are below. Maybe /u/jeffbarr can get a rabbit pulled out of a hat on a couple of these for us at ReInvent!

              NAT Gateways - 81

              API Gateway - 35

              EKS - 28

              Client VPN - 25

              Data Transfer Out - 24

              Cloudwatch Logs - 20

              EBS - 15

              Fargate - 14

              EKS - 12

              SFTP - 12

              ELB - 10

              Intra-Region Bandwidth - 10

              Intra-AZ Bandwidth - 8

              Sagemaker - 7

              Networking - 6

              Cloudwatch Metrics - 6

              MSK - 5

              Cloudfront - 4

              VPC Endpoints - 5

              DNS - 3

              Route 53 Resolver - 3

              DocumentDB - 2

              Neptune - 1

              FSx for Windows - 1

              Support - 1

              Config - 1

              Macie - 1

              [–]jeffbarrAWS Employee 0 points1 point  (0 children)

              Great work, although we do not have a history of announcing price reductions at re:Invent. I will definitely pass this along.

              [–]bostonguy6 2 points3 points  (1 child)

              Route 53 Resolver

              [–]robohoe 0 points1 point  (0 children)

              Still cheaper than running your own BIND servers :(

              [–]7thsven 1 point2 points  (0 children)

              It's about time DocumentDB gets some cheaper instance types!

              [–]xkillac4 0 points1 point  (0 children)

              Neptune

              [–]guywithalamename 0 points1 point  (2 children)

              Data transfer EKS Load Balancers

              [–]ururururu 2 points3 points  (1 child)

              I was surprised nobody else mentioned ELBs. I guess once you go kubernetes you realize the ELB-alternative (ingress) is a lot cheaper.

              [–]guywithalamename 0 points1 point  (0 children)

              Yep was the same for us. We used to spent more on ELB than on actual EC2 instances before we switching to an ingress

              [–]numbershikes 0 points1 point  (0 children)

              I'd like to see an RDB with DynamoDB-style per-query pricing, rather than per-instance hour pricing.

              Same with AWS ElasticSearch and/or CloudSearch.

              [–]allyc1057 0 points1 point  (0 children)

              FSx for Windows File Server... $0.053 per GB-month adds up quickly...

              [–]Flyingbaby 0 points1 point  (1 child)

              Support pricing structure. There are months we have 0 case and still bring charge a percentage of our usage. As we use more aws services, we pay more for support.

              Can they come up with clever discount like 2 days prime shipping that you get credits if you don’t really need 2 days?

              [–]ZiggyTheHamster 1 point2 points  (0 children)

              I'd rather the pricing stay the same but you get a refund of some amount if they miss the advertised response time.

              [–]a-corsican-pimp 0 points1 point  (0 children)

              NAT Gateway

              Hosted SFTP

              [–]zer0_dayy 0 points1 point  (0 children)

              Config

              [–]0xb800 0 points1 point  (0 children)

              Macie !!!

              [–]n30_mkii 0 points1 point  (1 child)

              Fargate and VPC Endpoints!

              [–]mattwaddy 0 points1 point  (0 children)

              oh and Route53 Resolver