
A way for startups to build a solid IT infrastructure (2017) - PascLeRasc
https://about.gitlab.com/2017/08/07/how-startups-build-it-infrastructure/
======
tvanantwerp
If you're not paying in cash, you're paying in time and attention it takes to
manage everything yourself. I would never recommend that a start-up self host
email or very much else. This is a list of things to distract your team from
focusing on building product and selling it.

~~~
Retric
It’s a question of risk and cash flow. Internal IT infrastructure can
represent far lower burn rates which may be an excellent tradeoff or a poor
one based on several factors.

Are you spending your personal savings or a 100 million dollar funding round,
etc.

~~~
jupp0r
If $5/(user * month) for google suite is imposing cash flow problems then you
should fix that rather than spend your time administering your own email
server.

~~~
gumby
FWIW (this is merely a single example): my current company (which includes two
ex googlers among the five founders) specifically uses no google
infrastructure (no gmail, no google docs, no cloud, photos, hangout etc).

Actually I exaggerate: three of us use google search.

Edit: Someone asked why but their comment was downvoted dead so I am amending
my comment.

There were three reasons; privacy, features, and dependability.

The privacy one is well discussed elsewhere. Apart from paranoia (won't get
into that), there are UX issues. For example on the shared google docs for our
local Boy Scout troop I've seen patient's files accidentally shared by
physicians, internal corporate documents from some Fortune 50 companies and
the like. Clearly nobody shared those on purpose!

For features: we certainly don't want to build a dependency on chrome (the new
IE). One of the team had to move a google acquisition from AWS to gcp and
swore never to use the latter again. Gmail doesn't follow standards (e.g.
IMAP, adding AMP to mail)...the reasons go on. many products simply aren't
best in class (e.g. zoom works much better for us than hangouts); others are
(google docs / sheets may not be best-in-features but seem to have the best
simultaneous editing, better than Apple or Nextcloud/Collabra when the network
is flakey)

For dependability: one is of course products and features getting randomly
cancelled. The other is cases where one account gets cancelled and it wipes
out all connected features. These stories are scary; some have appeared on HN.

All in all it's not worth the risks.

~~~
jupp0r
Thanks for your insights. I used google suite only as an example, there are a
great variety of other services available for email, etc, some with much
better privacy features. My main point was that maintaining your own
infrastructure is much more expensive than using off-the-shelf services, so
the price argument further up the thread isn't really justified.

------
Roark66
I only skimmed the article, so perhaps I missed it, but it seems there is no
mention of any central user authentication/authorisation solution or personal
certificate storage like Active Directory. Every IT infrastructure that is
expected to scale beyond few users has to include a component like this to
manage users, their certificates(or keys), access rights etc.

~~~
peterwwillis
And they're missing a ticketing system, a CRM, a wiki, an inventory database,
etc, to say nothing of the actual computing infrastructure.

It's kind of insane to run a business on free software. If your CalDAV server
suddenly has a bug with a partner who uses Apple/Windows/etc calendar, what
are you gonna do? Drop everything else to start debugging? Call and tell them
to switch calendars for you? Abandon them?

~~~
loudmax
Attitudes like this are what leads to systematic vendor lock-in and
monopolies. If an open source system can't communicate with a proprietary
system, the bug is one of these systems not following open standards.

~~~
module0000
I get your stance - but this is about a _company trying to make money_. If
anything(such as avoiding vendor lock-in) gets in the way of you making money,
then your venture is failing.

Card carrying FSF member here, but business is business.

~~~
_frkl
I don't know, not for me. I still think it's possible to think of your
business also as a political statement. Sure, you have to be prepared to 'pay'
for your conviction, and possibly fail because of it. Which does not seem to
make sense or be acceptable to a lot of folk. It is for me though.

------
teddyh
“If it’s a core business function — do it yourself, no matter what.”

— Joel Spolsky, _In Defense of Not-Invented-Here Syndrome_ :
[https://www.joelonsoftware.com/2001/10/14/in-defense-of-
not-...](https://www.joelonsoftware.com/2001/10/14/in-defense-of-not-invented-
here-syndrome/)

~~~
jupp0r
Implementing your own email/file sync/identity server sounds like great advice
for any startup to get going.

In your in-house programming language, of course.

~~~
teddyh
I believe you are being insincere and/or sarcastic. This does not help, and it
would have been more useful to make actual arguments.

~~~
diminoten
It is an actual argument, he's saying that your application of this phrase
makes no sense here. Are you suggesting startups write their own email
server?!?!

~~~
teddyh
If they’re offering e-mail as a service to customers, and trying to
differentiate by the features of that service, then probably yes. Otherwise,
probably not. Read the linked post to get a more nuanced view of what Joel
considers being a “core business function”.

~~~
diminoten
They're not, no one is talking about that except you. You're completely off
topic.

This is about startups hosting their own internal IT infrastructure.

~~~
teddyh
It’s an analogy.

~~~
diminoten
It literally isn't, as you've presented it.

------
j7k6
> [...], we use a private mail server.

I will always recommend against running your own mail infrastructure. The
administrative expense is to high in the long run. Unless you want to employ a
24/7 on-call admin team, Office365 is always the better choice. Email
encryption can still be done client side (SMIME/PGP).

~~~
arethuza
"running your own mail infrastructure" \- I once got responsibility for a
complex email nightmare dumped on me (tens of thousands of users, hundreds of
domains, hundreds of servers) and I had no idea the vast number of
entertaining ways email infrastructure can be screwed up.

Mind you - I guess at a small scale it might be OK - but infrastructure like
email is both vital and utterly thankless. Let someone else do it.....

~~~
PostPost
Still have nightmares from my first job in help desk, sweating bullets while
handling decades of Outlook .pst files for a C-level in my company. Only place
they existed were on the laptop itself, and a cheap 250GB external drive.

Email sucks.

~~~
hedvig
I think there should be a question of if the C-level needs or even has made
recent searches on any of that email going back past 7 years.

~~~
PostPost
I asked them that directly (it was a tiny company and I was like 20) and the
answer was no, but that they wanted to hold onto them in the event they needed
to look up old contract info.

Looking back, I should have suggested backing it up to network storage. I
imagine it must have been stressful traveling or going through TSA and
worrying about losing 20 years of email data.

------
gregoryexe
Just buy a couple Synology's, that will get you 90% there.

~~~
naasking
You're being downvoted, but for small businesses Synology is pretty good. They
now even come with Docker, full virtualization and Active Directory built-in,
and they've had clustering and easy automated failover for years now. You pay
a bit of a premium, but it does make it easy.

------
holychiz
I'm with the majority of the comments here. It seems an expensive way to run
your business. Initial cost is usually a small part of the overall TCO. This
post was written in 2017, any updates on their experience with this
infrastructure? Prove us doubters wrong.

------
relaunched
It feels a bit like it misunderstands what IT infrastructure is all about.
Identity and Access Management is noticeably missing AND core to IT
infrastructure.

------
Aaronstotle
I'm very surprised to see that they chose Arch Linux for their base OS, very
curious to see if that ever lead to issues over the last two years.

