
DigitalOcean introduces Load Balancers - AYBABTME
https://www.digitalocean.com/products/load-balancer/
======
tachion
"No ops needed". Every time I see such piece of PR I cry a little inside.
Sure, spread such things even more, so that everyone around, devs, managers,
business take it even more seriously and build more horrible, unsustainable,
overpriced, insecure and failing infrastructures and services. No ops needed
in the serverless lambda cloud! ;)

~~~
CrLf
Operations always were those guys that kept complaining about "reliability"
and "maintainability" and how the perfect thing that worked on my machine woke
them up in the middle of the night, and how I must bother with inconsequent
things such as "packaging" and "configuration" and "dependencies." Those
incompetents, glad to see them gone.

On a serious note, you are absolutely right. IT always had two opposing forces
for a reason, it provided balance between change and sustainability. The big
problem was lack of communication between the two sides, which "devops" was
supposed to solve.

Instead, "devops" is now developers doing what they've always done, and caring
for change above all like they always did, but pretending to care about the
needs of services in production. I cringe when I think about all those
containers where the application is continuously delivered but the bundled
openssl isn't updated when vulnerabilities are found. Welcome to the brave new
world.

We're moving in a no-ops direction mainly because the most vocal folks come
from startups that don't last enough to see where coherent operations matter.
They go under well before that. But this idea is bleeding onto companies where
it does matter, and we'll see how that goes in a few years.

~~~
CaptSpify
We started a Devops team at work. After a year there have been 0 Ops hires,
it's all Devs.

I think/hope we might see this change soon. Currently there's no real penalty
for poor ops. If your customer data gets hacked, there are very few actual
penalties, most of the pain is in reputation. I feel like there's been a lot
of pressure to have government penalties for poor security practices,
especially when so many companies "need" all the user data they can get their
hands on.

~~~
jedberg
> After a year there have been 0 Ops hires, it's all Devs.

You say that like it's a bad thing. If you want DevOps to be successful, you
don't hire a "DevOps team". You hire a team of devs to make ops tools that are
so easy to use that all the other devs can manage their own ops.

The idea is that doing "good ops" is so easy that everyone in the company does
it.

~~~
bigiain
You do need at least someone who really knows what "ops tools" need to do,
someone with sufficient experience to know the difference between "good ops"
and "the first idea some non-ops experience developer had that looked like it
solved the problem on his local machine"...

~~~
jedberg
Sure. But you can usually find a Dev who used to do ops that can fill that
role.

~~~
bigiain
From my (admittedly somewhat limited) experience, an old-school sysadmin
(who's likely moved into dev for the better paycheque) is often _way_ better
at filling that role thad a more dev oriented person who's done some devops in
the past.

In my experience, "good ops" people are the ones with lots of war stories to
tell of disasters or narrowly averted disasters either of their own of of
friend/colleagues they hang out with. It's a profession who's lessons seem to
be best-taught by spectacular failures and heroic recovery efforts, rather
than college courses, vendor/consultant training, or "industry best practices"
documents...

~~~
vacri
As I journey through my nascent (6? year) career in a sysadmin role (support
previous to that), it strikes me more and more that ops is a craft, like blue-
collar trades. You can't become a hot-shot ops staffer by being smart and
attending a month of intensives; so much of it is learned through experience
(and discussion). I think of myself more as a 'journeyman sysadmin' than a
'midlevel sysadmin'...

~~~
jedberg
Absolutely! I always suggest to young folks who ask how to get into operations
that they should set up a linux box and use it as their primary system. There
is no better way to rack up your own war stories than trying to use a linux
box on a day to day basis.

------
nailer
DigitalOcean peeps: a lot of cloud provider load balancers (specifically: AWS
ELBs and Heroku's various HTTPS products) are currently really slow due to:

\- No ECC cert support (slowing down initial connection time)

\- No HTTP/2 (so no multiplexing, and text based protocol, slowing down
fetching the actual page)

Do DO Load Balancers support these?

~~~
kinghajj
The new application ELB supports HTTP2. One can confirm by looking at the
Chrome developer tools.

[http://imgur.com/4mpDwJh](http://imgur.com/4mpDwJh)

~~~
nailer
> The new application ELB supports HTTP2.

Do you mean the new DO LBs or something else? The DO LBs are not referred to
as 'elastic' / ELBs.

I've just set up a DO LB and it's HTTP 1.1 all the way.

Edit: have confirmed with Digital Ocean: no HTTP/2 support (there's HTTP/2
passthrough, but you can't terminate there).

They do support ECC certs though.

~~~
kinghajj
No, I meant ELB, as in AWS.

------
simplehuman
I am curious to hear what people use digital ocean for. It's great for running
one-off servers and to run WordPress, ghost, lamp stack. But I can hardly
imagine people using load balancers like in AWS. Does anyone have a usecase?
Thanks.

~~~
meister
DO is cheap, you can achieve scaling and failover for a lower fee than with
AWS. Their new load balancing solution is nice but lacks features and its
price is 3x higher than what we provide at
[https://pikacloud.com](https://pikacloud.com).

~~~
_wmd
This is a short term illusion, with instance reservations and the wider
variety of storage options available, AWS can work out cheaper even for small
accounts.

Source: spent a several days in December cost modelling a few services for a
client, was surprised by the result

~~~
sidlls
I have been under the impression that structuring a system to use AWS with
portability in mind ends up costing as much or more than optimizing the
structure for AWS such that one is effectively locked-in at scale. That's a
trade-off that has to be factored in to a decision.

I mean granted I've only done rough guesstimates for some toy applications for
myself and some friends and family, so I could be totally off base here.

------
zalmoxes
I don't know if DO plans to provide a managed Kubernetes offering similar to
GKE, but if they did I would use it.

having a Load Balancer is necessary to integrate with k8s similarly to GCLB
and aws, so this is a step in the right direction.

~~~
raiyu
We've been using Kubernetes internally for quite some time and replacing a few
of our older and more difficult to manage systems with it. We are looking into
productionizing kubernetes so that our customers can also use kubernetes if
they like and making that experience seamless.

It's something that we are actively working on in 2017 but it's still too
early to give much more guidance.

But certainly if you wanted to go through the process of setting up your own
kubernetes cluser on DO you could do so. =]

~~~
eicnix
I have some question about your loadbalancer and your plans about kube on DO:

\- Does your loadbalancer support HTTP/2 yet?

\- Can you share your scripts for setting up a HA kube cluster on DO?

\- Do you plan to provide a kubernetes cloud provider for DO?

Having a DO cloud provider and standard scripts would probably help the
adoption of kube on DO. Without a cloud provider I can't many benefits
compared to traditional bare metal providers which are still cheaper.

~~~
raiyu
Our goal would be to provide a complete product solution so you would just be
able to login and create a cluster. Unfortunately our current implementation
that we are running behind the scenes wouldn't be directly portable to our end
customers and we wouldn't want users to go through the hassle of running
scripts to spin up their cluster.

we are hosting a meetup tomorrow in our NYC HQ but we also stream remotely if
you are interesting in hearing more from our of engineering managers and you
can ask him questions directly =]

[https://www.meetup.com/DigitalOceanNYC/events/237418043/](https://www.meetup.com/DigitalOceanNYC/events/237418043/)

------
activatedgeek
It is very interesting to see how DO is expanding its portfolio slowly and
steadily. Does anybody have a relatively large-scale (>50k users) mildly
mission-critical applications running on DO? Can you share you experience with
existing services?

~~~
hexhex
We have such an application running on DO, 100k visitors users a month. We
have a big application server running and other servers for DB (postgres and
redis) and static files (which is basically a nginx mirror).

So far, we are satisfied. Over the last year, there were 4 out times which
lasted 30min to 1h caused by DO, which is alright I guess.

Since we experience more traffic peaks in the last time, we may use their load
balancers in the future. The application servers are not the problem though,
more the DB server. This is more a pain, since setting up and maintaining a DB
cluster is quite a lot of work. We might go to AWS for this.

TL;DR DO works for larger projects, databases are bit of a pain though

~~~
activatedgeek
I think the DO Load Balancers won't help with your DB operational concern.
You'll have to use some other in-house or outsourced solution.

If you switch to AWS, will you be maintaining a cross-datacenter VPN
connection or something?

~~~
hexhex
Yeah the load balancer was just intended for the application servers. Running
a hot DB secondary with just read accesses is possible by setting up manually,
but tends to require a lot of maintenance work during updates in our
experience.

To be honest, we have not figured out how to connect the DO servers to AWS
yet. Do you have experience with that?

~~~
activatedgeek
Having a cross-datacenter VPN is one way. But I am not sure about how bad your
latencies will end up. Most likely they won't be performant especially in the
case of an ACID compliant DB.

------
plainOldText
Could someone more knowledgeable please provide some insight into why using
their load balancers would be preferred over, say having regular Droplet
instances act as load balancers, by leveraging nginx for instance?

~~~
unethical_ban
eicnix says here "Droplets are a single-point-of-failure".

I don't see any direct explanation as to how these LBs aren't. It's limited to
a single region for backend droplets, and who knows how fragile they are.

Putting up a droplet with caddy/nginx/apache and acting like a reverse proxy,
depending on your usecase, could be 75% cheaper than this solution offered.

~~~
Tassels
But, if that Droplet goes down, so does the reverse proxy. You'd need at least
two Droplets to ensure no SPOF.

------
SparkyMcUnicorn
Linode's load balancers have clearly defined support for 10,000 concurrent
connections. Am I missing where the limits are on DO's?

~~~
welder
No, you are not alone. I can't find any performance, tech specs, concurrent
connection limits, etc about DO load balancers.

------
chrissnell
Does anybody know what they're powering this service with? I presume that it's
software-based: nginx, haproxy, traefik, or similar.

------
CrLf
Load balancers is nice, but per-client private networking would be better.
Just a thought.

~~~
bogomipz
Can you elaborate on your comment? Do D.O. instances all share the same vlan?

~~~
nik736
Yes, they do.

~~~
bogomipz
What?! Is that made public anywhere? I have not heard that before. Why don't
they have an overlay? I would think this is a non-starter for many(most?)
businesses.

~~~
cakeface
I think it's pretty clearly explained in DigitalOcean's docs. They have a
public interface and a private interface. The private interface is not
Internet routable but is routable by all other instances in the datacenter. I
agree that it is a non-starter for me, but it's definitely public.

------
tryrobbo
Huh, I'm impressed DO have managed this long without them. I can see a lot of
use cases for this, especially in the failover use case.

------
iDemonix
I was looking forward to this, but the price point is too high, I could run
VMs that use keepalive or similar for cheaper.

~~~
wwalser
For failure recovery on a single compute that'll work but doesn't that story
get more complex as you add more compute VMs? You know, the actual… ah…
balancing of load?

~~~
bogomipz
Well I could just add two compute nodes running IPVS and keepalived and get
the same thing no? I think that was the OPs point. It seems like that might be
far cheaper that this offering.

~~~
wwalser
I get it and I think for failover it doesn't make sense to use this feature.
If you want one feature of load balancing, sure, roll that yourself. What
happens as you want each additional feature, incrementally getting closer to
rolling your own load balancing instead of just flipping a switch to enable it
for $20/month?

My point was just that the complexity goes up as you want more. At some point,
it's worth the money to just use someone else's solution to all of those small
problems instead of maintaining your own worse version. Most small teams
likely shouldn't be writing their own nginx, haproxy and keepalive
configuration for load balancing. The $20-$200/month that it'll cost them is
well worth the time that their engineers back.

Of course, there does exist another tier of scale where it becomes
questionable to continue paying the premium that comes from asking others to
solve your infra problems for you. This falls into the "problems we'd love to
be lucky enough to have" bucket for most companies.

------
rc_bhg
And linode introduces high memory instances. Today is a good day for all of
us!

------
cma
Does anyone know why egress bandwidth on Google's cloud is so expensive
compared to Digital Ocean?

------
autotune
Curious how these handle high traffic. If no pre-warming is needed and it can
handle higher traffic spikes, I can see this being a potential alternative to
AWS ELB.

------
borplk
Since the topic is relevant, I was disappointed with how basic Amazon ELB is.

Many features such as weighted or IP-based routing are missing.

I know it's possible to achieve that with other options like Route53 or
running your own load balancers behind ELB but for my basic needs and projects
that's too much cost and complexity.

I just want a "load balancer as a service" that has a decent feature-set.

------
lykron
DigitalOcean seems to be going after Linode. Will be interesting to see how
Linode responds.

~~~
adam1210
[https://blog.linode.com/2017/02/14/high-memory-instances-
and...](https://blog.linode.com/2017/02/14/high-memory-instances-
and-5-linodes/)

------
bogomipz
I was under the impression that Digital Ocean was mostly lower end i.e the
$5.00 or $10.00 a month instances. Can someone say what is the use case for a
load balancer in front of small instances?

Is Digital Ocean now targeting larger customers now?

~~~
freehunter
The biggest advantage even for low-end services would be high-availability. If
one server goes down you can automatically fail over to another without having
to build that into your code.

~~~
bogomipz
Does someone running a wordpress site need HA though? You could also just buy
a pingdom account and be notified when there is a problem and resolve it via
support as needed. Adding an LB tier is adding a layer of complexity and
different failure modes. That's why I was asking if maybe they were targeting
larger customers now.

~~~
freehunter
I think you're a little off on the idea that DO only hosts unimportant
Wordpress sites, or that Wordpress could never be used for something that
needs high availability.

As of 2014 Digital Ocean was the third largest hosting provider, so they're
not a mom-and-pop operation.

~~~
bogomipz
I never said or implied that the company was a mom-and-pop operation. I know
they are a large company.

Being the 3rd largest hosting provider however doesn't say anything about what
type and size of customers they have.

Who are some the larger customers that run their businesses on D.O infra?

~~~
Tassels
You might want to take a look at
[https://www.digitalocean.com/solutions/](https://www.digitalocean.com/solutions/)
and/or
[https://www.digitalocean.com/customers/](https://www.digitalocean.com/customers/)

~~~
bogomipz
The only names I recognized on there was Influx and Compose.

Influx actually looks like they use AWS for their cloud offering now:

[https://www.influxdata.com/announcing-influxcloud-fully-
mana...](https://www.influxdata.com/announcing-influxcloud-fully-managed-
influxdb-clusters-on-aws/)

and Compose deploys to AWS, Google, Softlayer and only to D.O for MongoDB
classic whatever that is:

[https://www.compose.com/mongodb](https://www.compose.com/mongodb)

------
novaleaf
I don't know if it's a lot harder, but it seems the usefulness of this is
severely diminished without the ability to autoscale your backend.

------
edpichler
I like Digital Ocean solutions, but I am currently using Nginx under a Digital
Ocean Droplet, for USD 5 month, and it's working very well.

------
owenwil
Honestly, this is awesome. It looks a lot easier than AMazon's EC2 load
balancer to use, and fits right into their whole philosophy.

------
solibra
No mention of HTTP/2 and Websockets support though.

~~~
AYBABTME
If you set it to TCP instead of HTTP/HTTPS, HTTP/2 and websockets will work.

------
nik736
How much concurrent visitors does it support?

------
baccredited
No ipv6?

------
ak2196
Congratulations guys! Welcome to 1995.

