Show HN: Infracost (YC W21): Be proactive with your cloud costs

86 点作者 hkh将近 2 年前

Hi, we are Ali, Hassan, and Alistair, co-founders of Infracost (<a href="https://www.infracost.io/">https://www.infracost.io/</a>). Infracost helps engineers see the cost of each Terraform change before launching resources. When changes are made, it posts a comment with the cloud cost impact. For example, “you’ve added 2 instances and volumes, and change an instance type from medium to large, your bill will increase by 25% next month, from $1000 to $1250 per month”.We launched in February 2021 (<a href="https://news.ycombinator.com/item?id=26064588">https://news.ycombinator.com/item?id=26064588</a>), and Infracost is now being actively used by over 3,000 companies. However, there is a shift happening in the cloud cost management space. New teams, called FinOps teams (a combination of "Finance" and "DevOps"), are being formed within companies to manage cloud costs.One of the first tasks assigned to these teams is to determine "who is using what" - that is, which teams, business units, products, etc. are spending the most on cloud. To accomplish this, they use tags. Tags are labels that all cloud resources should have and are key-value pairs. For example, a server could be tagged with: product=HackerNews; environment=production; team=blueTeam. So if resources are not tagged properly, then you can’t tell who is using what.However, FinOps teams face challenges because their tools are reactive. These tools begin by analyzing cloud bills and providing visibility of tags from there. This means that they are looking at resources that are already running in production and costing money. A customer recently shared, “I want all resources to be properly tagged. But if they are not, I would rather a resource not be tagged at all than be tagged incorrectly.”My "aha" moment! FinOps teams can define a tagging policy that can be validated in CI/CD before resources are launched. This is important because if code is shipped with the wrong tags, FinOps teams will have to fight for sprint time to fix them. Even if you shut down an untagged resource directly in the cloud, the next time Terraform runs, the resource will launch again with no tag. You need to fix the issue at its root.I’d love your feedback on our solution to the tagging problem. You define your tag key-value policy in our SaaS product, and Infracost checks all Terraform resources per change. If anything fails the policy, it posts a comment with the details of which resources need tags, and what the allowed values are. Once fixed, it will let the code be shipped to production.Try it out by going to <a href="https://dashboard.infracost.io/">https://dashboard.infracost.io/</a>, setting up with the GitHub app or GitLab app, and defining your tagging policy. It will then scan your repository and inform you of any missing tags and their file and line number. You can use the free trial, but if you need more time, please message me and I’ll extend it for you.I would also love to hear how others ensure that the correct tag keys and values are applied to all resources, and whether this is done proactively or reactively. Additionally, I would be interested in hearing about any lessons learned in the process.Cheers

12 条评论

beaviskhan将近 2 年前

I have used this tool in the past, though free tier only. It was easy to get up and running and easy to plug into a CICD pipeline. The problem we had with it in practice was that we largely preferred serverless technologies in AWS where the cost depended mostly or even completely on actual usage - things like Lambda invocations, SQS operations, or autoscaling ECS services, for example. In this case the estimates we got from Infracost were not very useful. Providing a meaningful cost estimate requires projecting usage, which is something that our development teams were very bad at, if they could be bothered to care at all.I like the idea of implementing tagging enforcement in the pipeline. In a perfect world you would use cloud policies to do this, but in practice this is a big loser in AWS where a staggering number of resources are created by one API call and then tagged as a followup API call, meaning an SCP to prevent launch of untagged resources won't ever work.

评论 #37063246 未加载

评论 #37064360 未加载

评论 #37067395 未加载

keepamovin将近 2 年前

I love it! But as human processes go, it will need to surmount the "flaky tests" problem of, "let's just turn off this test because it's flaky and we need to merge this branch". I guess that means FinOps teams will still have to fight to be heard, but I think you are helping shift a lot of their burden!What remains seems more like organizational dynamics, but what are your thoughts?

评论 #37062846 未加载

评论 #37064440 未加载

toshk将近 2 年前

I love how we just build complexity upon complexity. A tool for all the problems that this new tool gave that was solving all these other tools. A never ending mountain of complexity. In that sense coding (and hosting) is like the law. The entire ecosystem will just keep expanding in complexity decade by decade

评论 #37069874 未加载

评论 #37065866 未加载

l-a将近 2 年前

So as a developer advocate and a tinkerer with a little home lab, I am often setting up and tearing down infrastructure to test things out. I use AWS because that's what I am most familiar and I try to be super careful about not running up a crazy bill, but I am still occasionally caught off guard. Now I am thinking about testing out Infracost to help prevent unwanted and unintentional spending.As far as a solution to consistent tagging -- if I am understanding the problem space correctly -- something like Cloud Custodian could possibly help. It's open source and you can set up auto-tagging policies as well as use Cloud Custodian to backfill tags. These policies use lambda functions to respond to certain actions (ie, spinning up an ec2 instance, etc) and auto-tag with the resource creator/owner.

评论 #37065607 未加载

superdeeda将近 2 年前

Sounds useful!We're using service control policies to enforce tagging on certain resource types, and retroactively for the rest.Considering to use a "shift-left" tool as well, but it would need to support Terraform, CDK, Serverless and Cloudformation.

评论 #37063031 未加载

评论 #37063107 未加载

alexambarch将近 2 年前

I've seen Infracost around and think it looks cool, do you have any plans to add support for Pulumi? One advantage Terraform seems to have over Pulumi is the ecosystem of tools that support it.

评论 #37063262 未加载

haxiel将近 2 年前

Hi, Azure admin here. The Azure Policy service includes a set of built-in policies to handle tags. There's one policy that requires new resource groups to be created with specific tags. Another policy allows resources within the resource group to inherit the same tags. I think this combination of policies would solve the tagging problem quite neatly, though I haven't tested it myself.

评论 #37067017 未加载

plasma将近 2 年前

I’m not a target user, but you mentioned the tagging problem and git integration, perhaps you could infer at least the git user responsible for each resource cost (git blame the TF file and identify the username who added the resource) as a minimum amount of detail provided out of the box?

评论 #37062998 未加载

frellus将近 2 年前

Would like to know more about how Infracost does dynamic cost estimation, for example if I allocate an S3 bucket I have no idea how much it'll grow to so what does it show? Or What ab out EC2 w/ batch, or Lamba? Does it force the developer to estimate the usage pattern, or...?

评论 #37065789 未加载

GrandPoobahLOL将近 2 年前

oh, this is interesting, we're currently using Vantage (<a href="https://vantage.sh" rel="nofollow noreferrer">https://vantage.sh</a>) how would you say infracost compares?

评论 #37066687 未加载

rchandna将近 2 年前

The Infracost Terraform Cloud run task is awesome!

评论 #37064885 未加载

lispisok将近 2 年前

Cloud costs to easily balloon out of control and I bet this is helping companies save money but this FinOps stuff also seems like something straight out an HBO's Silicon Valley skit.

评论 #37074912 未加载