Comment by aurareturn
1 year ago
Additionally, when you set that limit people then get upset because usually when they go over it for a good reason, like going viral, they aren't anticipating it, and just when their traffic is most valuable the site is down.
But that's on the user. The user shouldn't get upset in that scenario and has no right to. You're giving the control back to the user.
How about just fix the pricing formula to account for massive surges.
Instead of forcing user to set a low cost limit and missing a viral opportunity or the platform writing off the massive bill the customer can't afford... just put the billing mode into a reduced price mode or have some more nuanced configurations. Sometimes is just asking the question the right way. Instead of "max spend limit" or similar "If your site goes viral, how many requests do you want to serve before going offline? 1M=$20, 10M=$100, etc" at this point, I feel like bandwidth consumption is a bad metric for billing; just use requests/visits/actions and price for those.
This is not prescriptive just illustrative. The point is make a better pricing formula to account for these massively unexpected events. Couple it with an aggressive notification policy when this traffic event gets triggered. The user should know the traffic pattern has changed and a high traffic event is happening. They can login and change the configs and decide if they want to keep it going or not.
> But that's on the user. The user shouldn't get upset in that scenario and has no right to.
I agree. I also agree that when dealing with large numbers of people, there will be people who don't understand this and/or will actively try to social engineer their way out of their own decisions.
Setting customer expectations and meeting them successfully isn't easy.
The infantilization of the user is common in tech now. For good reasons? Maybe. But it is common.
The site user/admin saying "If this spend goes over $100, shut shit down" is called being a fiscally responsible adult.
The fact that most cloud operators don't have actual hard cutoffs to maintain financial responsibility is intentional. Azure does, but only for specific account types. If it's PAYG, you can't do it. The end result is if you do something "weird", or someone DDoS's you, you're liable.
With a hard limit, a DDoS just takes your site offline.