The N-Cloud Future is coming and you are not ready for it

The world just witnessed a daylight coup attempt in the world’s most powerful democracy. Some idiot in a Viking helmet barged into Congress with a handful of his buddies and briefly took over the legislative chamber. The whole affair was organized over one badly-written, AWS-hosted mobile app - Parler - that caters to the far-right.

In response, Shopify, Pinterest, Snapchat, Reddit, AWS, GCP, Azure, and many others banned Parler, its supporting communities, and then their own President in a matter of hours. The goal was to deplatform the insurrectionists, slow disinformation, and prevent another attack. Right-wing groups called it censorship. It had the intended effect. Deplatforming silenced certain voices and changed the global flow of information. If you’re a political leader in Europe or Asia, you have to ask yourself - “If they have the capability to do this to their own government, what could they do to ours?”

Nearly all of these applications leverage at least one of three cloud computing platforms - GCP, Azure, and AWS. All of these cloud computing platforms are American, and there are millions of other applications they host, serving customers all over the world. Since these providers have exercised their deplatforming powers once, it’s easy to imagine them doing so again.

Cloud computing has subsequently emerged as a topic of international interest. It will face additional regulation over the next few years. This brings us to what I believe is the inevitable N-Cloud Future - where software serving international users must be readily deployable across an arbitrary set of home-grown cloud providers at the appropriate government’s discretion. The rest of this essay builds a case for why this future is coming and attempts to address relevant objections.

First, let’s establish why cloud computing is internationally important:

1. It’s big business. AWS alone generates the most profit of any of Amazon’s business units - around 10-15 billion dollars per quarter and increasing rapidly. If you’re a tax commissioner in any other country, you have to be asking yourself, “Does all this money really need to go the Americans?”
2. It helps software ship much more quickly and cheaply. If a country’s companies were unable to use cloud infrastructure, it would suffer an enormous economic opportunity cost.
3. Cloud computing centralizes data storage, control, and access. It’s safe to assume that nearly every human being alive today has their PII in one of the three big providers. If you’re a European politician, you might ask yourself, “Can such a small number of American companies really be trusted with all of my citizens’ data?”
4. The last few US presidential elections have demonstrated that national stability can quickly be impacted by leveraging this same centrally-stored personal information in extremely simple ways.

Next, let’s contrast N-Cloud with multi-cloud. Even in 2020, a basic multi-cloud roadmap was a common enterprise strategy: As per the State of the Cloud Report 2020, 93% of enterprises had a strategy to use multiple providers instead of one. Multi-cloud is a loose term referring to implementations that may be:

1. Static across a small number of providers
2. Not necessarily serving traffic constantly - sometimes alternate clouds are just used for disaster recovery
3. Mixing and matching different parts of different providers - using AWS S3 from Google Cloud’s compute, for example.

N-Cloud implementations by contrast must be :

1. Able to grow rapidly as more home-grown cloud providers come online in more countries
2. Serving traffic constantly
3. Entirely self-contained within a region
4. Manageable at every level by local governments
5. Mandated by local governments as the price of monetizing their citizens

Now let’s recall that even before 2020, governments were either actively regulating local data use, or investing in alternative solutions:

• European Union: The European Cloud Initiative, a moonshot investment
• India: Megharaj
• China: AliCloud and Tencent Cloud
• Australia: ACSC and Digital Transformation Agency Regulations
• Saudi Arabia: CITC Cloud Computing Framework

It’s easy to imagine these efforts evolving even stricter regulations.

Finally, the GDPR demonstrated that governments can and will legislate technical requirements to guard their sovereignty and protect their citizens’ data, even if the legislation is imperfect.

Objection: It’s so hard to run cloud infrastructures! How can EuroCloud compete with AWS?

EuroCloud doesn’t have to compete with AWS. EuroCloud competes with, “Your app is banned in the EU because a dude with neo-Nazi links started using it and the threat to national stability is too great.” Second, how well do you think AWS actually is at running infrastructure? Search Twitter for “AWS Outage”. They happen all the time.

Objection: N-Cloud seems extreme - why not multi-region within the same cloud provider?

I’m unconvinced governments will be okay with this long-term. What would happen if there were an international incident, and Bezos, Jassy, and Bell (the executives most critical to Amazon’s cloud computing operations) were faced with immediate FBI arrest if AWS didn’t immediately donate the personal data of every German citizen to the NSA? AWS would probably be okay with the short-term loss of business in Germany in exchange for not having key executives in Guantanamo. Germany would be less okay with this.

Objection: AWS offers 170+ services. How can all the functionality be replicated?

You only need four primitives to build distributed, cloud-native applications:

1. Blobstore (S3/GFS)
2. Compute (EC2/GCE).
3. Credentials & Security (IAM/Secrets Manager)
4. Observability (Cloudwatch)

Everything else - source control, cloud databases, messaging, data warehouses, etc etc - can be built on top. AWS, GCP, and Azure all started with these four. OpenStack offers reasonable implementations of all of these, and it’s FOSS! There are even modern tools from the Cloud Native Computing Foundation (CNCF) like Crossplane that allow for a cross-cloud control plane to make it easier to switch to the S3-equivalent blobstore across any competing clouds.

Objection: It’s expensive and technically difficult to build your own cloud computing platform. What makes this realistic?

Correct! It is certainly expensive and technically difficult to build and maintain independent cloud computing platforms. Tanks, planes, and nukes are also expensive and technically difficult to build, yet every major country has found a way to manufacture arms and support a home-grown defense industry. Israel, Germany, France, and India all have strong, independent, defense sectors. Framing cloud computing as less of a pure technology problem and more of a national defense problem makes the N-Cloud future more immediate.

As the landscape evolves, there are going to be a lot of interesting opportunities that will support the N-Cloud world. One can imagine no-code web-apps deploying in an N-Cloud friendly manner, or Heroku-like application development platforms with abstracted N-Cloud support. Preprocessors like Terragrunt will be more prevalent, and it’s easy to imagine consultancies that specialize in porting existing code to an N-Cloud world.

It’s going to be a challenging time to be an infrastructure engineer in the next few years, and also an interesting one. To the N-Cloud future!

Thanks to Alex Diaz, Chris Aniszczyk, and Tobias Gierk for their feedback on this post!