I get randomly blocked on 2 websites since some days when using firefox on linux. Does not happen with chromium. One outright tells me its because of cloudflaire, but is sispect cloudflair behind the other one two.
Cloudflare fix your firefox on linux support! There are dozens of us, DOZENS!
They were in violation of the TOS for abusing CF’s IPs with site rotation to circumvent IP bans to their online casino. They need an enterprise plan to BYOIP with their level of traffic. They were given 48 hours notice of site deletion but were given almost 2 weeks before doing so. Read the comment at the bottom of the substance post for further detail.
If that’s the case, and from what I read it could be, then I still blame cloudflare for 2 big things. First communication, because they clearly were confused about what was happening and felt like they didn’t have anyone technical explain it to them and it felt like a sales pitch. Second is still communcation, but an offramp plan. You have 1 week to come into compliance, and we can tell you exactly what is not in compliance, and then your services will be terminated. They gave them a very, very short timeline, did not tell them exactly what was out of compliance, and then just turned it off.
As someone who has accidentally been on the wrong side of TOS before, it’s a nightmare. These large corporations don’t tell you what you’re doing wrong, or where the issue even is, they just say “You’re suspended, gtfo”. That has happened to me for personal accounts, I can’t imagine what it’s like when your business depends on it.
It baffles me that you can advertise something as “unlimited” and then impose arbitrary limits after the fact. AWS and Google advertise their CDN rates with tiers for certain bandwidth limits. It seems like CF is advertising as “unlimited” and then once you’re fully invested, they pull the bait and switch and say you’re over the limit for that tier. Based on those HackerNews links, it seems systemic and something the FTC should fine them, like they did with AT&T over the same thing.
That’s how I read this too, they were upset that this company was using so much and “only” on their lower tier. But, if they didn’t want that then that means either their billing/account code has bugs in it because it didn’t lock them out and force an upgrade… or it was mislabeled (intentionally or not). On all accounts, CF’s problem, not this company’s
From the post: I’m a SysOps engineer at a fairly large online casino. We have around 4 million monthly active users. We had been happy Cloudflare customers since 2018 on the “Business” plan which has some neat features and costs $250/month for “unlimited” traffic.
This seems a bit like abuse of the business plan not cloudflare bs. They are using the cdn for 4m users for $250 a month.
As they stated in the article, they were fully open to them calling out anything that was against the ToS, but CF never explained to them what was wrong, or how they could rectify it. They attempted multiple meetings with them to try to figure out what was the culprit, but cloudflare hit them with a 120k/month bill insisting it was necessary and never telling them why.
Clouflare fucked up in multiple ways:
It should have never happened in the first place. (If they should have been on a different plan than this is a billing system bug, they should have just fixed their bug with billing, or it should have been locked behind a paywall.)
They had multiple opportunities to tell them what was wrong, and how they could rectify it.
Absolutely no service provider should ever cancel an account with such short notice. Full stop. Unless there is a legitimate legal reason not to, which at this point we have not seen anything (and I mean feds could be involved legal), it is extremely unprofessional to do that, and I would not trust them with my business. There is zero reason they couldn’t have given then at least a month’s grace period.
just want to add in theory there are legitimate reasons to cancel other than legal, e.g. customers system is compromised and must be taken off to stop the attacker.
Fair, but then communication is key. They should have been extremely clear “This is what’s happening, you have X time to rectify it or we will need to take drastic steps”
Legal is the only one I can think of that would mean radio silence from CF, for example if they were hosting illegal content and the feds were building a case. Seeing how it was all coming from sales and they were pushing for a massive chunk of money all of a sudden I doubt that was what was happening.
That and also, what company of that scale can you just go to finance and be like “Hey Cloudflare just jacked up our rate from $250/mo to $10000/mo and they want the whole 120k for the whole year right now and we need it done within 24h or they’ll cut us off”. Even for companies spending a million a month on AWS costs that’s 12% of the budget.
And also asking it all upfront, like, what? What happened to monthly billing? What company has the money to pay infrastructure bills yearly like that, especially on such notice?
Large companies have big cash flows, they don’t have 120k just laying around, it’s tied in some assets somewhere especially with the inflation, having large amounts of plain cash is bad finances. They probably need to take out a loan or sell some stocks or whatever. You can’t do that in 24h.
I have no doubt the author is omitting important details in the story, they may have been getting warnings for a while at this point and they just ignored them because “we’re happy with our business plan”. But the whole upfront part, then terminating the account as soon as they expressed looking at competitors pricing which is absolutely normal to want to do when your bill goes up 40x, if not required by company policy. Shady as fuck from Cloudflare.
Maybe you’re right that ultimately they were not on the correct plan and Cloudflare was right to make them move. I don’t know enough about Cloudflare’s different plans to say. But what I do know is that:
When we told them we were also in talks with Fastly, they suddenly “purged” all our domains
Is utterly indefensible anticompetitive behaviour. So is a 24 hour ultimatum for a 40x increase in cost. I don’t care if they were on the free plan and should have been on enterprise. If the ToS violation isn’t actively causing harm to the public, any adjustment should be done with sufficient notice that arrangements can actually be made. 30 days seem s reasonable.
Yikes. The tactics by their Sales team are so ridiculously ugly, I’m going to get our team to contact competitors (even though we’re already on Enterprise). We’re paying slightly more for same traffic so clearly they just pluck numbers out of their asses. Ops leadership were experienced with CF so it wasn’t a big decision (price was kind of irrelevant anyway).
Yeah, that’s alarming to me as someone who architects solutions for companies myself. Under no circumstance (unless idk the client in question is somehow in legal trouble like serving csam or something horrible, and that’s clearly not the case here since they’re going for more money) should an account be taken offline that quickly. They knew this would cause downtime and they did it anyway
Especially a TOS violation that isn’t a violation in the more expensive package. It’s clearly a tactic to kick out customers who cost them too much.
We also have a free tier and a cheap entry SKU but we don’t strong arm people to upgrade. CF clearly price their cheap tier and set the features in an unsustainable way that leads them to have to force customers up to Enterprise because the customer costs more to host than the customer pays.
That isn’t the customer’s fault. Fix your SKUs; fix your pricing, feature set, and thresholds.
To effectively wipe a customers access, ability to see logs, custom rules, and more, is wrong.
When one of our customer’s licenses expiries, no functionality breaks for something like 3 to 6 months (depending on size) and the core product offering continues to work in perpetuity (as we’d rather they keep using it than suddenly be without it and on older versions).
If CF cut us out like they did this casino, 100s millions of people would be impacted. You could be sure as hell we’d immediately go and be a case study for a competitor about how to migrate painlessly from CF and our customers would be aware what org fucked us over and put them all at risk.
This is how I view it. Even if they were doing it maliciously, it is still a company and cloud flare should make the assumption they didn’t know they were doing anything wrong. Tell them it’s actually not allowed, that you just caught it, and give a clear (reasonable) timeline on getting to compliance.
This reads like the kind of stuff big corporations pull with end users. Where they would get sued to oblivion and back from an affected company. I mean, surely, there’s gotta be some service guarantee in the contract that prevents them from ToSing you like that.
I am currently working on implementing OpenTofu because I want to integrate it with a Gitlab instance and Terraform has been deprecated recently, but I have to agree the alternative doesn’t seem to be ready yet.
Cdk8s is better at generating yaml. Pulumi is more of a terraform replacement that has a good kubernetes provider (the tf one sucks). Though it can generate yaml as well it is really not designed for this.
IMO there is something nice about having all your infra, both inside and outside kube, controlled by one thing. Then you can declare a whole application in one rather then half of it in one tool and half in another.
~~Very nice. Now we wait for Google, Amazon, or Microsoft to provide this as hosted service, never contribute back, for Valkey to change the license in response, and the purists to come out of the woodwork to create a new fork, ad infinitum 👍 ~~
LOL, the companies that triggered Redis to change their license are in on this new fork. Had they contributed to Redis instead of leaching from it, no fork would’ve been necessary 😅 Good job mega-corps!
You should be able to take the binlogs and upload them. Then in a restore situation you’d restore your last full db snapshot and replay your binlogs up until the point you lost the server.
If you truly need read/write to scale, multi-masrer clustering with MariaDB Galera is probably the best way to do it. They (MariaDB) also sell a load balancer/query proxy Max scale that can do a lot of surprisingly complex stuff (like publish new data to Kafka or centrally ship binlogs from one place to multiple read replicas).
However generally my advice is that if you’re finding yourself trying to build a big relational database and writing to it a significant amount of times, it might be time to consider a different or at least modified architecture. Especially if your use case starts to scale to more than what Galera can handle. At some point, all these solutions become eventually consistent the more you scale. And if you are willing to accept eventual consistency, there are some clever ways to do storage using things like queueing, batching, caching etc that can scale horizontally much further than any relational database can.
devops
Hot
This magazine is from a federated server and may be incomplete. Browse more on the original instance.