Vivian Voss

Read on LinkedIn

The Cloud-Native Tax

cloud kubernetes docker devops

The Invoice ■ Episode 04

“Pay only what you use.”

A sentence of admirable brevity. The invoice it produces is not. Forty-seven pages, cross-referenced across three billing dimensions, denominated in units that change meaning depending on the service, the region, and the phase of the moon. Decoding it requires a specialist (a FinOps engineer), a role that did not exist before 2019 because the problem it solves did not exist before the cloud created it.

The FinOps Foundation was established that year. An entire professional discipline, complete with certifications and conferences, born from the singular achievement of making infrastructure pricing deliberately incomprehensible. The Ferengi Rules of Acquisition could not have engineered it better.

The Five Promises

Cloud-native arrives with five promises. Let us examine each one, then the invoice that follows.

“Infinite scalability.” And infinite invoices to match. Multi-AZ deployment triples the bill. Multi-region multiplies it further. The scalability is real; the constraint was never technical. It was financial. Nobody mentions this at the conference keynote.

“No hardware maintenance.” Traded, with remarkable efficiency, for Kubernetes maintenance. The Certified Kubernetes Administrator exam costs €395 and expires in three years. One does not eliminate operational complexity by rebranding it.

“Focus on code.” Have you read a Helm chart? That is infrastructure dressed in YAML, pretending to be configuration. The average Helm chart for a production deployment contains more lines than the application it deploys. Focus on code, indeed.

“Vendor agnostic.” Lambda, Azure Functions, and Cloud Run are as compatible as three languages that share an alphabet. The syntax differs. The semantics differ. The billing model differs. The lock-in is architectural, not contractual, which makes it considerably harder to escape.

“Pay only what you use.” According to Gartner, 30 per cent of cloud spend is waste. The Flexera 2024 State of the Cloud Report puts actual spend at 20 per cent higher than expected. You pay what you use: plus what you forgot to turn off, plus what you did not know was running, plus what auto-scaled at 3 a.m. because a bot crawled your staging environment.

The Egress Racket

Data enters the cloud for free. Leaving costs money. This is not a pricing model. It is a hostage situation with better marketing.

The numbers, for those who enjoy reading invoices:

Egress per GB GCP $0.12/GB AWS $0.09/GB Azure $0.087/GB Hetzner included OVH included Sources: aws.amazon.com, azure.microsoft.com, cloud.google.com

AWS: $0.09 per gigabyte. Azure: $0.087. Google Cloud: $0.12. Ingress is free. Getting your data in costs nothing. Getting it out costs enough to fund a small department. At scale, egress alone can exceed the cost of the compute that produced it.

Hetzner, OVH, Netcup: egress included. No metering. No surprises. No forty-seven-page invoice explaining why your bandwidth bill tripled because marketing ran a campaign.

The €100 Comparison

What does €100 per month actually buy?

€100/month 2× Hetzner AX41 €50 each Ryzen 5, 6 cores 64 GB RAM (each) 512 GB NVMe (each) Egress: unlimited FreeBSD + ZFS ZFS replication Full root access No FinOps team needed Stable since 2006 (ZFS) Cloud VM (comparable) €100 budget 2-4 shared vCPUs 8-16 GB RAM Storage: metered Egress: $0.09/GB OS: vendor image Backups: extra cost Root: limited FinOps: recommended Pricing changes quarterly

Two Hetzner AX41 servers. €50 each. Ryzen 5 processor, 64 GB RAM, 512 GB NVMe. Dedicated hardware, not shared, not virtualised, not subject to noisy-neighbour throttling at 2 a.m. Run FreeBSD. Run ZFS replication between the two: incremental, checksummed, compressed, encryptable, stable since 2006. No egress fees. No FinOps team. No forty-seven-page invoice.

For the same €100 in the cloud, you receive a modest virtual machine with shared vCPUs, a fraction of the RAM, metered storage, metered bandwidth, and the quiet understanding that next quarter’s pricing might differ from this quarter’s.

The Netflix Paradox

Netflix is the crown jewel of cloud-native marketing. “Netflix runs on AWS” is the sentence that launches a thousand migration projects.

It is also, in the most important sense, untrue.

Netflix uses AWS for internal tooling: the recommendation engine, A/B testing, content management. The back office. For the part that actually matters, delivering video to 260 million subscribers worldwide, Netflix built Open Connect: custom appliances running FreeBSD on bare metal, deployed at ISPs across the globe. Jails for isolation. No containers. No Kubernetes. No cloud.

The Netflix Paradox WHAT THEY TELL YOU “Netflix runs on AWS” Internal tooling: Recommendations A/B testing Content management The back office WHAT DELIVERS THE VIDEO Open Connect FreeBSD Jails Bare metal At ISPs worldwide 100 Gbps per appliance but

When the task is serving 100 Gbps from a single appliance to a quarter of a billion users, Netflix chose Unix, bare metal, and the filesystem that has been quietly doing its job since Sun Microsystems. The cloud is for the paperwork. The real work runs on hardware they own.

The company held up as the greatest argument for cloud-native is, in fact, the greatest argument against it.

The Abstraction Tax

Peel back the abstraction layer of any cloud service and you find: Linux. Containers. Block storage. Networking. Commodity infrastructure, the same hardware Hetzner sells for €50 a month, wrapped in proprietary APIs, dressed in a management console, and sold back to you at a markup that would make a luxury goods manufacturer blush.

The 100x is not hyperbole. A gigabyte of block storage on a bare-metal server costs fractions of a cent. The same gigabyte on EBS costs orders of magnitude more, not because the storage is better, but because the API around it is billable.

This is the fundamental mechanism: take commodity infrastructure, add a proprietary interface, charge for the interface. Repeat across compute, storage, networking, DNS, load balancing, message queues, and every other building block that Unix provided forty years ago.

The Jobs That Should Not Exist

FinOps. SRE. Platform Engineering. Cloud Architect. These are not roles that emerged from new capability. They are roles that emerged from new complexity, complexity that was sold to you as simplification.

A FinOps engineer exists because cloud pricing is incomprehensible by design. An SRE exists because distributed systems fail in ways monoliths never could. A Platform Engineer exists because Kubernetes requires a team to manage the tool that manages your tools. A Cloud Architect exists because choosing between 247 AWS services requires someone with a certification that expires before the architecture is deployed.

These are intelligent, capable people solving problems that would not exist if the infrastructure had not been deliberately complicated. The talent is real. The necessity is manufactured.

The Root Cause

How did well-trained engineers fall for this?

Amazon, a retailer, became an infrastructure provider. A company whose core competency is logistics and marketplace arbitrage convinced an entire industry to outsource its technical foundation to a shop. The profit margins must be spectacular. They are: AWS generated $90 billion in revenue in 2023 with operating margins north of 30 per cent. Thirty per cent margins on commodity infrastructure. That number tells you everything about the markup and nothing about the value.

The cloud did not emerge from a technical need. It emerged from a business model: take excess capacity, productise it, then make the pricing complex enough that customers cannot easily compare it to alternatives. The FinOps Foundation is not the cure. It is the symptom. An entire profession exists because a pricing model was designed to resist comprehension.

The Alternative

Two Hetzner servers. €50 per month each. FreeBSD. ZFS send for replication: incremental, checksummed, compressed, encryptable. No egress fees. No FinOps team. No forty-seven-page invoice. No certification that expires before you have finished reading it.

€100 per month. Two machines. 128 GB RAM total. A terabyte of NVMe. Full root access. An operating system that has been stable since the last century. A filesystem whose replication protocol has not changed since 2006 because it did not need to.

This is not nostalgia. This is arithmetic.

The Verdict

The cloud is a tool. Like all tools, it has a context in which it is appropriate. Burst capacity for unpredictable workloads. Rapid prototyping where time-to-deploy outweighs cost-per-unit. Global distribution where you genuinely need presence in thirty regions simultaneously.

For the other 90 per cent (the web application, the API, the database, the service that handles ten thousand requests per second and calls it a good day), you are renting commodity hardware at luxury prices, hiring specialists to understand the bill, and calling it progress.

Underneath the abstraction: Linux, containers, block storage, networking. Commodity infrastructure wrapped in proprietary APIs, sold back at 100×.

The cloud-native tax is not a line item. It is the entire invoice: the egress fees, the FinOps team, the Kubernetes certification, the platform engineers, the SREs, the forty-seven pages of billing that nobody reads and everyone pays. All of it flowing from the moment someone decided that owning a server was old-fashioned and renting one from a retailer was the future.

The server has not changed. Only the invoice has.