
AWS Frankfurt, Germany Region - ostrowski
http://aws.amazon.com/blogs/aws/aws-region-germany/
======
julianpye
This is pretty significant, because in Germany many corporations do require
their data being hosted on German soil and protected under German consumer
protection laws.

As a result the Cloud provider market is currently split into three
categories: German corporations (e.g. Telekom) promoting themselves as truly
compliant, US corporations with German hosting (Microsoft and Oracle) that
self-promote themselves as compliant and US corporations such as AWS and
Google that are aggressively attacked by German Cloud providers as violating
German consumer protection law.

In the past I personally have lost customers in Germany because my services
use App-engine and CloudSQL in Ireland. Thus, I hope Google follows with a
German server for their cloud services.

~~~
_delirium
I can see in-EU vs. out-of-EU making a legal distinction, but how is it
possible for German consumer protection law to require servers actually in
Germany, vs. say in Ireland or Denmark? That seems like it would violate EU
treaties on freedom of trade and services within the common market, which
usually prohibits both direct and indirect restrictions (e.g. Denmark can't
ban EU food imports by imposing unique food-safety requirements). Or is that
just a marketing position (people prefer German servers) rather than an actual
legal position?

~~~
julianpye
Basically Germany has their own set of consumer protection laws
(Bundesdatenschutzgesetz) that are more stringent than the EU laws. There is
an ongoing struggle if these laws should be regulated at EU level or at
national level since some countries vastly differ in their attitudes in this
space and common ground is difficult to establish.

In my personal experience the 'requirement' of some companies that data must
be hosted in Germany is their own internal policy rather than something that
is prescribed by their reading of the law. However there have been some court
rulings where servers hosted in Germany are applied additional restrictions
over servers hosted in Ireland.

A lot of this may also have to do with own interests. In the 80s and 90s every
EU country wanted US silicon fabs in their underdeveloped regions. Now every
country wants hosting farms.

~~~
rmc
_There is an ongoing struggle if these laws should be regulated at EU level or
at national level since some countries vastly differ in their attitudes in
this space and common ground is difficult to establish._

Oh dear god let it be at the EU level. The only way small EU countries full of
semi-corrupt conservatives get decent consumer protection law is when it's an
EU law.

~~~
ecesena
As far as I know it is already an EU law and, as with the vast majority of EU
laws, each member state can decide to override with additional restrictions
(usually under some limitations).

In this specific case, I think Germany is the only exception, but to me it
makes perfectly sense: sensitive personal data like medical records should not
circulate outside the country.

Even at EU level, how could Germany as a nation guarantee privacy if data is
physically maintained in Ireland, where most of the US companies have offices
just because of cheaper taxation...? As a country I would't promise that, and
as a citizen I wouldn't trust such a promise (side note, I'm Italian so I have
no gain/part into this).

~~~
gioele
> In this specific case, I think Germany is the only exception, but to me it
> makes perfectly sense: sensitive personal data like medical records should
> not circulate outside the country.

Having a computer on German soil does not mean that

1) the packets themselves will not travel outside Germany (hint: AMS-IX);

2) people interested in the data contained in that computer will not read it,
store it, use it outside Germany.

From the technology point of view, country borders do not exist. (Unless you
force a country-wide firewall).

If sensitive data must be properly encrypted. Once it is encrypted you can
store it everywhere you want.

~~~
ecesena
I see your point, but the reality is different. Data stored is not data in
transit. Both must be protected, but the attacker models are different.

Unfortunately real-world (meaning, not theoretical) encryption is not perfect,
thus the sole fact to encrypt is not sufficient to let you store any data
wherever you want. At least not in Germany, and at least not from my pov.

To remain in topic with this specific law, data in transit can exit Germany
soil, provided that the recipient gives guarantees on its usage (including not
store it). This kind of laws should be seen to regulate sensitive (user) data
as managed by (big, multinational) organizations, that are thus required to
enforce security for both stored and in transit data.

I understand that this may seem silly, but without such laws the landscape
would be way worse (consider, e.g., how many personal data are actually traded
across the world for ads reasons).

------
lispm
> AWS is fully compliant with all applicable EU Data Protection laws

As long as the NSA can request data from US companies in foreign countries
this is not at all compliant with EU Data protection laws at all. Under the
current situation ANY US company providing services is not compliant and
German companies with sensitive data would be stupid to put this data on US
owned servers - wherever they are.

~~~
NietTim
Yep, and exactly that is why I completely moved away from US companies for my
hosting. Will I be a target for 'surveillance'? Probably not. Do I want to do
everything I can to make the US fuck off from my data? Hell yes.

------
sebslomski
That's great news! As a german based SaaS company, we get many requests from
customers asking where the data is stored. Even hair dressers (one of our main
customer segment) are very conscious about where their data is stored. I'm
looking forward to migrate.

~~~
nly
Curiosity peaked. What do you do where one of your main customer segments is
hairdressers, yet requires a cloud platform?

~~~
nsgf
Me too. this? [https://cutterslounge.de/](https://cutterslounge.de/)

~~~
sebslomski
Yes, Cutters Lounge (yes, a weird name for native english speakers :) is an
appointment booking software. In the beginning we focused on hair dressers,
but as we've learned from them in the past years we are about to expand to
other industries as well.

~~~
toong
So you are competing with patio11, although currently targeting a different
vertical ?

Edit: and a different linguistic area

~~~
patio11
FWIW, this is one of those cases where two services might appear competitive
unless you're in one of them. There exist other US-focused companies which do
"booking." This is a customer-facing function, and they have to compete on
ease-of-use, conversion rates, embeddable widgets, and the like. AR does not
do booking and will _never_ do booking.

Why not? Well, you have to have very standardized services which the customer
understands to adopt a booking solution. For example, if you're a customer and
can say "I want a 45 minute shoulder massage from Cindy", then Cindy's shop
can use a booking platform. Most AR customers can't, because the client can't
predict how long a dental appointment last, doesn't know that Joe can't come
out to his house unless Frank gets the van back in time, etc etc. This is
disproportionately the case for upmarket services businesses, which is where
AR is moving. (e.g. We want customers with a $100+ value per appointment --
more "professional services" like accountants/medical/HVAC than "personal
services" like hair care/massage therapy/etc.)

(I should mention that, even in the hypothetical case that a HNer were in
direct competition with AR, I'd be more than happy to see other options
available.)

~~~
curun1r
My company is somewhat involved in booking and we've found it to be very
specific to the vertical. We looked at building something that integrated with
Quickbooks, but found that it's nearly impossible to come up with something
that works for enough customers to make it profitable. From what I can tell,
people on the Quickbooks team tried it too and decided against it. The long
tail just has too many differing needs.

The problem you've listed (not knowing how long a dental appointment will
last) isn't really a problem for a booking system...a dental office with a
receptionist scheduling patients will run into the exact same issue and the
same rules that the receptionist uses can be programed into a booking engine.
The bigger problem for a dental office is that the calendar is locked in a
management system that's probably running on a Windows computer somewhere in
the office. Maintaining two calendars is almost never going to work and the
one in the cloud will never be the calendar of record. Short of going the
ZocDoc route and having practices reserve certain spots for appointments
booked online (businesses hate doing this), you're always going to run into
problems with conflicting appointments. The interesting thing is that most
dental practices won't care about conflicting appointments since the only
patients that will book online will be new patients and patients that have
fallen out of the typical schedule. Everyone else will schedule their
appointments with the receptionist at the end of their previous appointment.
So most dental practices will happily juggle appointments to fit those
specific types of patients into their schedule.

But that's the dental industry and almost every other industry has just as
many quirks as the dental industry does, if not more. And that's why the
market will most likely be filled with smaller, specialized vendors that
target either one or possibly a handful of verticals. I'm betting the winners
will be the companies that make the management systems used by the businesses,
but that's not happening quickly since most of them are small ISVs that only
understand Windows development and think cloud computing is something that
meteorologists do.

------
grimlck
Will having servers physically located in Germany really satisfy the privacy
concern of German clients given that Amazon is still an American company
subject to american laws?

~~~
freshflowers
Amazon operating in Germany is subject to German laws.

Legally, all asses are covered, and for 90% that's all that matters,
regulatory compliance.

Germany, unlike Ireland, comes with the added bonus that if privacy protection
is violated, shit will hit the fan. But that's all it is, a bonus.

Most assume the NSA can get to the data wherever it is, and those very few
genuinely worried about that look for protection in encryption rather than
legal jurisdiction.

------
j4mie
For those who are curious, this is called "eu-central-1" (Ireland is "eu-
west-1").

~~~
gburt
These namings seem to suggest they don't plan a lot of future expansion (not
down to the national level)?

~~~
byoung2
_These namings seem to suggest they don 't plan a lot of future expansion (not
down to the national level)?_

Not at all. Look at the US, which has:

us-west-1 US West (N. California)

us-west-2 US West (Oregon)

Or Asia/Pacific:

ap-southeast-1 - Asia Pacific (Singapore)

ap-southeast-2 - Asia Pacific (Sydney)

~~~
gburt
You're correct. My mistake. :)

------
dazbradbury
For those in London wondering where is best for UK based customers, here's an
EC2 ping [1] comparison of Frankfurt and Ireland AWS:

    
    
        Europe (Ireland: 25 ms   27 ms   24 ms
        Europe (Frankfurt):	 39 ms   39 ms   42 ms
    

Suggests Ireland is slightly faster. Obviously just a sample of 1 (more data
required), but given Dublin is roughly 300 miles away, and Frankfurt is
roughly 400 miles away, it makes sense.

[1] Hitting ec2.eu-west-1.amazonaws.com vs. ec2.eu-central-1.amazonaws.com.

~~~
donavanm
The channel is a good rule of thumb. For consumer isps eu-west should be
faster in the uk. On continental europe, africa, and the mideast eu-central
will probably be better. The notable exception is france, there it depends on
the network as to whether eu-west or eu-central is less latent. Either way its
normally +/\- 20% or 5ms.

Or just ignore all that and use route 53 latency based routing for your dns
records. It will return the record for the least latent endpoint, per client.

------
thspimpolds
Its an 18.57% premium up over US-EAST-1/US-WEST-2 and a 8.57% premium over EU-
WEST-1

In case anyone cares

------
nnx
There seems to be an error on the DynamoDB pricing page:
[http://aws.amazon.com/dynamodb/pricing/](http://aws.amazon.com/dynamodb/pricing/)

Selecting EU (Frankfurt) I get:

Write Throughput: $0.000702 per hour for every 10 units of Write Capacity

Read Throughput: $0.0001404 per hour for every 50 units of Read Capacity

This is strange as every other region has equal pricing for Write (10) versus
Read (50).

Also, Frankfurt's Writes would be ~10 times cheaper than Ireland (Write
Throughput: $0.00735 per hour for every 10 units of Write Capacity)

~~~
jeffbarr
Hi nnx, we are fixing this ASAP.

------
gldalmaso
Maybe I overlooked, but I can't seem to find any information regarding how
many Availability Zones it has.

Edit: thanks for the replies, it seems that the '/pt/' localized version of
the page hadn't been updated yet. I was able to find the informatin on '/en/'.

~~~
skrause
The global infrastructure map mentions 2 availability zones:
[https://aws.amazon.com/about-aws/global-
infrastructure/](https://aws.amazon.com/about-aws/global-infrastructure/)

------
verelo
This is great from a data storage perspective, but i've always struggled to
figure out the best approach for utilizing multiple regions to comply with
legal issues like this.

That brings me to my question: How do you store your data so that you comply
with the laws of a country, when you actually export your product to several
countries? Having multiple instances of your system seems impractical and
sharding data by country across regions could be rather hard. I.e. I am in
Canada, we have US clients who desire their data to be in the US and Canadians
who want it in Canada. Either we add complexity or someone doesn't get what
they want.

------
notax
I've always wondered why Amazon put their first EU DC in Ireland, so far away
from everything. While Germany is great and all, somewhere more central like
Amsterdam would have looked like the obvious choice.

Whatever the location, it's still terribly expensive. Just looking at the
Internet traffic charges makes my wallet hurt. I could not affort to serve
traffic at any volume from AWS. Luckily there are a lot of other options in
Germany.

~~~
molf
Ireland was probably chosen because of low corporate tax rates.

This might have been more important when the first location was chosen than it
is now, and latencies in Europe are mostly pretty minimal anyway.

~~~
secfirstmd
Also, highly skilled English speaking work force. A huge amount of other US
firms based in the area.

~~~
notax
erik_sub, you have been hellbanned and your comment (reproduced below) can't
be seen by anyone.

> Ireland was probably chosen because of low corporate tax rates.

Perhaps you are right. It just sounds incredibly short sighted if true. That's
like, to use notax's example location, locating your startup in North Dakota
because the rent is cheap over there.

Amsterdam would have been a much better location with better and cheaper
bandwidth from a much larger selection of providers. In addition to better
infrastructure, Amsterdam has a wider and deeper talent pool for datacenter
talent. I also have a hard time really buying the tax argument as Facebook and
Google have European datacenters outside Ireland and they seem to manage their
Irish tax strategy just fine. Even Apple is reportedly eyeing a datacenter in
the Netherlands and I doubt they would consider one if it messed with their
Irish sandwitch.

> This might have been more important when the first location was chosen than
> it is now, and latencies in Europe are mostly pretty minimal anyway.

From experience I can tell you that there is plenty of latency to go around in
Europe. Part of that is Amazon's dubious choice of location and part of it is
their network. Cloudping easily gives you latencies comparable to east coast -
west coast ping times when testing from various European location to AWS
Ireland.

Unlike popular entertainment would have you believe, Europe in not a country
and neither is it the size of a postage stamp. You'd also be advised to
consider that previously Ireland was Amazon's closest location to Russia and
that in itself is a pretty big country.

Amusingly enough Amazon's Irish location is almost exactly like putting your
datacenter in North Dakota as notax quipped.

Just look at this map: [http://www.powercycle.net/wp-
content/uploads/2012/03/FireSho...](http://www.powercycle.net/wp-
content/uploads/2012/03/FireShot-Screen-Capture-006-Europe-and-US-Country-
Size-Comparison-Map-How-Big-is-Europe-Compared-to-the-US_-
goeurope_about_com_od_europeanmaps_l_bl-country-size-comparison-map_htm.jpg)

------
nilsjuenemann
Welcome to Frankfurt. I've found a first sign of a upcoming germany zone some
month ago. Here is the posting of it:
[http://www.nilsjuenemann.de/2014/07/new-aws-region-eu-
centra...](http://www.nilsjuenemann.de/2014/07/new-aws-region-eu-central-in-
germany.html)

------
mleonhard
You can check your latency to the new region with
[http://www.cloudping.info/](http://www.cloudping.info/)

I'm getting 165 ms from San Francisco to AWS Frankfurt eu-central-1.

------
ck2
More ip ranges to block - are they published yet?

Don't see them here or the subforum, yet

[https://forums.aws.amazon.com/ann.jspa?annID=1701](https://forums.aws.amazon.com/ann.jspa?annID=1701)

~~~
spindritf
Why do you block AWS?

~~~
ck2
They have unlimited free inbound.

Some people there will destroy your servers with insane spidering rates.

iptables conntrack helps but there are just too many and eventually the
firewall takes more resources than the rest of the services you are providing

~~~
ceejayoz
Are you hosting stuff that's particularly prone to crawling (and by crawlers
that don't respect robots.txt)? Of the spider traffic we see, the vast
majority of it comes from Google and the other major search engines.

~~~
tedunangst
One example: there are several people who apparently scrape the front page of
HN (and proggit, etc.) and then proceed to download all of those links
repeatedly every minute (or second!) for several hours. Same link, over and
over and over. I can only imagine what get rich quick scheme would require
such behavior.

~~~
NietTim
Woah, that suddenly explains why sometimes websites go down so quickly after
they get linked on reddit. Surely most hosting won't be able to host 100's of
requests, but some times I've seen it happen that websites linked from smaller
subs went down quickly.

------
freshflowers
Of all the services not (yet) available in this reason, the absence of
Elasticache seems the most conspicuous. It's a stable mature services with no
regional complications.

Can anybody think of any reason for that?

(Maybe it's just me, it's the only missing piece that would stop me from
migrating from eu-west-1 to eu-central-1.)

~~~
Ironballs
Same here. Maybe they just haven't done it yet.

------
kaivi
This is great news.

Does anybody know if there are significant differences between Ireland and
Germany, concerning things like privacy and copyright protection? Perhaps
there are same laws in EU, which are just enforced less in one country?

~~~
rmc
_Does anybody know if there are significant differences between Ireland and
Germany, concerning things like privacy and copyright protection? Perhaps
there are same laws in EU, which are just enforced less in one country?_

Yes. Irish data protection law is not as strong as other countries. And the
government only care about jobs, and promoting the "smart economy". If big
tech companies get annoyed at data protection law, they can tell the
government that they'd pull out unless things quiet down. The Irish government
don't want to "destroy jobs".

~~~
kaivi
Thanks, but I've heard stories about the german Hetzner hosting lots of
suspicious stuff and not caring. Especially in minds of russians and other
eastern-europeans, Germany has been considered a safe harbor for grey and
outright illegal stuff. That was during the 2000s as far as I know.

Is there an up to date german side to this story?

~~~
_asciiker_
You can even host a Tor relay on Hetzner without issues, but if you receive a
SPAM complaint, you'd better reply within the 24 hours they give you...

------
sreitshamer
The s3 buckets in this new region require v4 signing of API requests, FYI. I
found that out when adding Frankfurt support to Arq.

------
bbrazil
Interesting that they don't have m1 instances, which is a problem if you need
cheap disk space.

------
morazow
I think some German corporations will still be reluctant to use it due to
replication, etc.

~~~
mje__
I'm not sure what you mean?

~~~
morazow
Data is usually replicated across datacenters.

------
crypt1d
any IPs for pinging? I'm curious what the latency is compared to Ireland from
here (Eastern Europe).

------
jonifico
Pretty rad!

