Cloud
For that money, they could have built multiple state of the art data centres to serve the citizens.
But I am guessing civil servants won't be able to afford the kind of incentives the big corporations have at their disposal for politicians.
The UK government has admitted its negotiating power over billions of pounds of cloud infrastructure spending has been inhibited by vendor lock-in. A document from the Cabinet Office's Central Digital & Data Office, circulated within Whitehall, seen by The Register, says the "UK government's current approach to cloud adoption …
<For that money, they could have built multiple state of the art data centres to serve the citizens.>
We've still got loads of Data Centres owned by Gov - and that's the rub: we moved to Cloud but didn't have a real strategy to decommission all the DC's scattered around the country.
That's to say nothing of the huge diversely routed networking pipes they all had - now presumably left untouched?
In the 50's & 60's Ww abandoned the railways and all jumped into cars, building motorways up and down the country on which we now spend lots of time looking at other slow moving cars: but the old railways still exist - we left most of them in-situ and occassionally use them for country walks if we can find a convenient motorway exit,m or maintain a 'heritage railway' (on which by the by you'll rarely see a drivers strike... ;)
Its just the same with the Governments UK datacentre and national networking capabilities - much of it remains in place, but will it ever be re-used or will it simply rot?
My money's on the latter - I doubt we'll get someone with the vision to do anything else, and even if they did have such a plan - can we afford it?
Yes the problem is that there is no one to pay bungs to get them up and running.
That problem doesn't exist if data centres are corporate owned. Few dinners, directorship for the nephew, maybe some nice holiday at private island and promise of a good donation at the speaker circuit, when politician is out of the woods so to speak, do wonders.
> but the old railways still exist - we left most of them in-situ
Except we didn't really - we ripped up the tracks to scrap the steel, yes a lot of them have become paths but only bits of them. More of them have gone back to being farmer's fields or access roads, or having houses built on them, or being subsumed into roads. Bridges have been torn down, tunnels have been filled in.
In order to make any of them fit to use as railways again it would cost just as much as building them from scratch, if not more due to modern requirements for track beds, drainage etc.
In a similar vein a lot of the government networks you talk about will be a) provided by BT or Fujitsu or Vodafone or some such other over fibres which they rent out and 2) will be just random bits of fibre which can and will be reused by their owners (not the Govt) for other traffic. It's not like the Govt owns millions of miles of fibre which they laid themselves, they rely on rented capacity from the Telcos.
This post has been deleted by its author
If you ask yourself: "what is the business of government?" how high up the list would "being a data centre provider" be?
Very high on the list, probably at the top. You are framing the question wrong though. It's like asking how high up the list would "being a landlord" be? One of the worst mistakes management can do is to sell off the buildings corporation owns and then rent them back from the buyer. That's how many businesses run themselves to extinction.
Computing and data processing is essential today. There is no case for government to buy these services from a private entity and let them make a massive profit.
Government cannot opt out of computing and data processing. It's not something temporary.
If it was a one of thing, an experiment, then it could be cost effective, but if something is permanent then lease is simply not sustainable.
That's why there's a "Cloud First" policy for government, and why their service manual says: "You must never build your own data centre."
That's simply an idiocy or invitation for bungs.
But you have to ask: what's the benefit of moving from one to the other?
If organisation is renting, then benefit of switching provider is to find one who will offer some savings while retaining quality of service or exceeding the previous provider or if what you are renting is no longer fit for purpose.
That question would be irrelevant if government ran its own datacentres.
This post has been deleted by its author
Absolutely no normal person says "please build a data centre."
and we have a first ad hominem.
So the alternative is to have a (massively underfunded, underskilled, underpaid) public sector workforce build infrastructure that is an exact duplicate of something that already works? Or do you propose nationalising Azure/GCP/AWS/the Internet?
How to unpick this rubbish. Pay bands in public sector are set low so that organisations are forced to hire interim staff from agencies that make massive profit on top of already high rates. Public sector workforce can be paid adequately, but the current corrupt system needs to be changed.
Yes, "building exact duplicate" is essential as it will be cheaper in the long run, because you don't have to pay a massive mark up each billing cycle. Data centres are not a temporary need, but permanent.
Cloud infrastructure is almost nothing like real estate. You rent a house, your landlord has no incentive to improve your conditions because there's always another clown who will rent your awful, mouldy flat. Cloud providers are always chasing growth. Even a fat slug like the public sector will accrue benefits demanded by the private sector.
Cloud providers are chasing profit just like landlords. The situation with landlords you are describing is a side effect of artificially limited supply. You seem to have trouble understanding basic economic concepts.
OK but how high on the list would be "give lots of my tax money to a foreign corporation"? How often would you get that answer at the doorstep?
-- So the alternative is to have a (massively underfunded, underskilled, underpaid) public sector workforce build infrastructure that is an exact duplicate of something that already works? --
OR the alternative to a DIY approach is to give the keys (data) of the kingdom to a commercial entity who can decide to turn off the power when they feel like it, sell your data to someone else etc
-- Or do you propose nationalising Azure/GCP/AWS/the Internet? --
I wonder how much Halfords would charge to transport the kit to its new location?
Which of the following do you think they should do, all of which are now things major cloud players do?
- Design and manufacture their own servers?
- Create their own hypervisors, integrated into custom silicon?
- Run their own global fibre networks?
- Design custom electrical substations?
- Design their own CPUs?
- Design their own AI accelerator chips?
- Create their own distributed databases and analytics tools, heavily integrated into the infrastructure stack?
Being a cloud is an awful lot more than building out a datacentre, even a clutch of gov-wide datacentres. Clouds long ago moved beyond providing a bunch of servers and storage in a datacentre - AWS now has over 200 customer facing services, all orchestratable by API, all integrated into IAM / billing / SDN / monitoring etc. etc., all very effectively capacity managed so you can almost always provision within minutes, seconds or less. These are big building blocks that enable you to e.g. build a highly scalable transactional app with mobile and web identity management, event driven feeds to a data warehouse, a data lake, a contact centre, maybe some media transcoding services with redundancy across three availability zones and if data protection regs allow to another region. Provisioned in large part with a few lines of Terraform and without so much as speaking to procurement.
Anyone who views this through the lens of "who's running the datacentres" has thoroughly missed the point. Teams creating business services don't consume datacentres: they increasingly consume complex, integrated technology stacks that require engineering effort and operational investment way higher than a single mid-sized government can afford.
There is an argument to be made that maybe we don't really need all this fancy stuff and the increased velocity it brings, and shouldn't focus on capability if it means lockin. That's really the same highly-integrated-and-capable-but-proprietary vs good-enough-commodity pendulum that's been swinging back and forwards forever. But it's a more nuanced argument that really needs to be applied at the workload level within a particular business context.
Almost anything that requires recurrent payment should be run by government.
Design and manufacture their own servers?
This is one off. No need unless there is a national security concern.
- Create their own hypervisors, integrated into custom silicon?
No need. There are open-source and free hypervisors. Current commercial offerings of silicon are adequate.
- Run their own global fibre networks?
This is an exception. But surely government could build a backbone network to connect data centres in different countries and could rent out surplus capacity.
- Design custom electrical substations?
Energy supply should be run by the government. We should have a national supplier.
- Design their own CPUs?- Design their own AI accelerator chips?
- Create their own distributed databases and analytics tools, heavily integrated into the infrastructure stack?
No need, though of course software development should be in-house as hiring big consultancies is expensive and delivers poor quality. Though this would need a reform of finances, as currently public sector by design cannot employ specialists as they are unable to pay market rates.
Being a cloud is an awful lot more than building out a datacentre, even a clutch of gov-wide datacentres. Clouds long ago moved beyond providing a bunch of servers and storage in a datacentre - AWS now has over 200 customer facing services, all orchestratable by API, all integrated into IAM / billing / SDN / monitoring etc. etc., all very effectively capacity managed so you can almost always provision within minutes, seconds or less. These are big building blocks that enable you to e.g. build a highly scalable transactional app with mobile and web identity management, event driven feeds to a data warehouse, a data lake, a contact centre, maybe some media transcoding services with redundancy across three availability zones and if data protection regs allow to another region. Provisioned in large part with a few lines of Terraform and without so much as speaking to procurement.
Nothing that cannot be built and tailored for government use and bring massive savings long term. Not to mention local jobs.
Anyone who views this through the lens of "who's running the datacentres" has thoroughly missed the point. Teams creating business services don't consume datacentres: they increasingly consume complex, integrated technology stacks that require engineering effort and operational investment way higher than a single mid-sized government can afford.
That's nonsense. It can only fall apart by corruption.
> Almost anything that requires recurrent payment should be run by government.
That's quite a broad category. Supply of chips for the canteen? Loo rolls?
>>Design and manufacture their own servers?
>This is one off. No need unless there is a national security concern.
They're not one-off, you refresh them on a frequency similar to that of a reserved cloud instance. So why is building, integrating and running your data centre more important than building, integrating and supporting your own server components instead of buying Dell? Is it possible your job may be related to the former.
>> Create their own hypervisors, integrated into custom silicon?
> No need. There are open-source and free hypervisors. Current commercial offerings of silicon are adequate.
Everyone loves something someone else declared as on their behalf as "adequate". Show me the commodity equivalent of AWS Nitro System. "No need" depends on your use cases and non-functional requirements.
> > - Run their own global fibre networks?
> This is an exception. But surely government could build a backbone network to connect data centres in different countries and could rent out surplus capacity.
> > - Design custom electrical substations?
> Energy supply should be run by the government. We should have a national supplier.
I'm picking up a theme here - it's not just clouds, you seem to think the government should run much of the economy
> > - Design their own CPUs?
> > - Design their own AI accelerator chips?
> > - Create their own distributed databases and analytics tools, heavily integrated into the infrastructure stack?
> No need
Again, I'm sure the people who are currently spending money on these things (or the services that are made better and cheaper by them) appreciate your opinion that they're unnecessary. You can't go and buy an equivalent of Spanner off the shelf, let alone find an Open Source equivalent.
> though of course software development should be in-house as hiring big consultancies is expensive and delivers poor quality. Though this > would need a reform of finances, as currently public sector by design cannot employ specialists as they are unable to pay market rates.
I mostly agree with this actually. Once they've reformed finances and shown they can deliver bog standard enterprise IT inhouse, let's pick up the conversation later about trying to reproduce something the world's leading tech companies took 10-15 years to build out. Although we won't, because we'll probably be dead.
> > Being a cloud is an awful lot more than building out a datacentre...
> Nothing that cannot be built and tailored for government use and bring massive savings long term. Not to mention local jobs.
I'm not quite sure what you're basing this assertion on. Perhaps you designed and built one of the hyperscale clouds yourself, and it turned out to be unexpectedly easy?
> > they increasingly consume complex, integrated technology stacks that require engineering effort and operational investment way higher than a single mid-sized government can afford.
> That's nonsense. It can only fall apart by corruption.
Well, that's OK then. Because history teaches us that dramatic expansion of the state *never* results in rampant corruption.
A lot of your list is examples of things the Government has actually done. It then sold it off for a pittance - and in some cases had to take it back because the commercial entity failed.
Electrical substations were designed "by the government". The UK National Grid was a Government project.
The fibre network was designed by the government.
Have you forgotten that the Internet itself was a Government project?
One of the core purposes of Government is National Infrastructure. Even the Romans and Greeks knew that!
I'm not sure what you're talking about when you say "the fibre network was designed by the government". I was talking about a physical global fibre network - do we have one of those? Or perhaps you were talking about the BT one that never got built?
The early internet protocols and some small-scale test networks were indeed some great innovations of academia and the military. However, 'the Internet itself' - e.g. the thing that billions of people use every day - has very largely been delivered by commercial, competing enterprises in a highly decentralised way.
But in any case, I asked which *should* be done by the government, not what could be done. In a mixed economy, governments don't do everything. Many loo rolls are used across government, and I have no doubt that the government could manufacture loo rolls if it wanted to. You could even make a pretty strong argument that protecting the wider loo roll supply chain is a critical national endeavour. But that needs to be weighed against a Department of Hygiene Supplies staffed by thousands of civil servants almost inevitably resulting in patchy availability of scratchy loo roll at £20 per pack.
There are definitely things which must be done by government. Monopoly situations where there can be no long-term market (I'm in favour of some renationalisation on this basis). Things the private sector won't do (too much risk with too little potential for profit, too big to fund). Things with a very long payback time (provided there is cross-party support).
I'm not sure cloud hosting falls into any of these categories. The closest is the monopoly point - but while there's the potential for lock-in to proprietary services, if you can forgo the bells, whistles and velocity the basic IaaS services are a substitutable commodity.
The low hanging fruit in terms of bringing in house is reducing the use of consultancies to build and support one-off custom systems. Aside from possibly buying in some flex capacity for really big projects, that is bonkers.
> Show me the commodity equivalent of AWS Nitro System
Trouble we are comparing current cloud offerings….
If the UK government had gone with an in-house G-cloud based on open source, from the outset, there would most probably be an equivalent now.
It is perhaps noteworthy, that with Covid vaccines the UK government decided to do the upfront investment rather than simply let the market come up with a vaccine…it can be argued that had the government invested in open source cloud, the market would look very different today.
Agree, the point was the government by investing up front encouraged those teams to be properly supported by their employers.
The question about in-house is perhaps more grey than black and white. So if the government had built its own cloud, it doesn’t mean all the people working on it had to be government employees working in government facilities etc. The government was a sufficiently important customer that they could force software etc. to be open and thus unencumbered With commercial considerations.
Read the book "Vaxxers", the Oxford Team's account of the vaccine development. They knew the importance of the project (politicians and the media never properly understood vaccine development). UK Government funding was both belated and came in dribs and drabs. So the Oxford Team diverted funding from other projects and took some huge financial risks not knowing if Gov funding would ever come through at all.
It was a nailbiting game that fortunately worked out in the end. The UK owes a great debt to those researchers.
The 'Govt' doesn't NEED to do any of this kind of stuff, it's a massive distraction and waste of limited resources.
The 'Govt' holds the purse strings, and if the people doling out the loot on our behalf know their stuff and have an ethical spine and a visionary outlook (a big ask, I know, but it does happen) the 'Govt' can drive a very creative hard bargain that benefits both the national wellbeing as well as the corporate bottom line.
The problem is, too often the people with the talent and will to drive said bargain get shafted by our oh so shortsighted and often compromised 'politicians', who put the 'national wellbeing' relatively low on their list of priorities.
And look where we all are (well, where most of us are).
The 'Govt' doesn't NEED to do any of this kind of stuff, it's a massive distraction and waste of limited resources.
Sure it does. UK Plc is the biggest user of compute resources in the UK. Like any business, it has to make the decision to buy or build. Like many businesses, it sometimes makes the wrong decision.
The 'Govt' holds the purse strings, and if the people doling out the loot on our behalf know their stuff and have an ethical spine and a visionary outlook (a big ask, I know, but it does happen) the 'Govt' can drive a very creative hard bargain that benefits both the national wellbeing as well as the corporate bottom line.
Nice in theory, in practice it usually works the other way around. Instead of locking suppliers in, it works the other way around. The suppliers know this, and have known about customer lock-in since even before the infamous MS Halloween doc. Welcome to the Hotel AWS/Azure, it's a lovely place, but once your data are checked in, they can never leave. Compute is a commodity, but once you've imported your emails, databases etc they're now proprietary. You'll still be able to access it though, on the hotel's terms, and for a fee.. per transaction of course, because that way, the fees can be steadily ratcheted up.
So the HMG Plc holds our purse strings. Instead of building G Cloud and charging it's subsidiaries a part of that cost in virtual Pounds that slowly circulate around the Treasury's account, it gives billions of real Pounds to foreign entities. Then the realisation that the hotel room you thought you were renting is actually a prison. Instead of say, 10% of that magic money actually leaving HMG's balance sheet, most of it does. You own nothing, and have also have to keep paying to access your data. You don't even get to claim tax relief on assets because you've virtualised everything. Your suppliers of course do, as well as sucking all that real money out of UK Plc because even though we pay billions for those services, they're actually a cost.
It's really rather neat the way Amazon & Microsoft have figured out an extremely profitable way to tax governments.
There's also the issue of making UK Plc an IT leader. It hasn't, it isn't, all it's done is help turn IT types into an extended sales force for AWS & Azure. Government has fun policy levers to pull, like funding research into cloud-related tech, and open-source that. But it'd probably also have to fund IPR lawyers given one challenge with building an open-source(ish) GCloud would be running into a wall of patents already held by the usual suspects.
> GCloud would be running into a wall of patents already held by the usual suspects.
Not really, as the government would be funding the R&D, it will naturally be engaging “experts in the art” and thus any patents enforcing Ed can be dismissed as being obvious to those skilled in the art.
...can be dismissed as being obvious to those skilled in the art.
One would hope so, but then look how long Amazon's 1-click lasted. But I guess there'd be a plus side in that government funded patent troll squashing would be a wider benefit to the UK, and IT world in general. Plus it's also something academia could help with, ie how many patents have previously been described in SF.
'Nice in theory, in practice ...'
Governments don't generally run major infrastructure technologies 'in house', and if they do it usually isn't for long and often in times of national crisis.
'In practice' it's up to 'the Government' to have the spine to face down the money grubbers. Sometimes it happens, often it doesn't - witness England's privatised water supplies/treatment scandal.
IT supply is just another venue for the same old story: greed vs. 'public service'.
Everything you list:
- Design and manufacture their own servers?
- Create their own hypervisors, integrated into custom silicon?
- Run their own global fibre networks?
- Design custom electrical substations?
- Design their own CPUs?
- Design their own AI accelerator chips?
- Create their own distributed databases and analytics tools, heavily integrated into the infrastructure stack?
was being done before the cloud providers moved their tanks onto the government's lawn. If they disappeared tomorrow. it would still happen.
Just as in the pre-cloud days when hardware and software vendors tried to develop proprietary features to keep customers on their products, cloud providers are trying to differentiate themselves and *lock* customers in, which is what this is all about. It seems to be working at the moment and the concern is that the government can't get out, which is a perfect opportunity for the providers to jack prices up.
Running services on bog standard servers with open source software in either owned or third party co-locations would deliver value for money without lock-in. Sure, they wouldn't get access to the latest cutting edge features but for the vast majority of government services, that's not somewhere they ought to be playing.
They were being done before, but not in a vertically integrated way, and that's where the clouds get their significant edge. My main point was that replicating all of the myriad capabilities hyperscalers integrate tightly within a single stack and organisation is not necessarily something that a typical government should attempt.
But I mostly agree with your last paragraph, and said something similar in my final paragraph - not every service needs the proprietary shiny. Many people seem to feel their service needs to be broken down into loads of Lambda microservices with polyglot Aurora and DynamoDB persistence, Kinesis Streaming everywhere with Redshift-based BI, Cognito authentication and so on - when actually a simple monolithic Python/PostgreSQL app would be quicker to write, easier to support and cheaply deployable anywhere with zero lock-in. Sometimes the lock-in's worth it, but it should always be a considered decision.
My minimum bar for infrastructure would go beyond manually-provisioned "bog standard servers" to proper, API-driven IaaS. Infrastructure-as-Code is a very good thing to be able to do, even for simple services. If a government can provide this itself - great. If not, the cloud providers are going to find it hard to jack up the prices on you if you're just using IaaS - you've got the leverage. Unfortunately, many organisations (commercial and gov) do manage to cock up even basic IaaS private clouds really quite badly.
Run their own global fibre networks?
Well... yes, since any infrastructure or utility connected to the open Internet has the lifespan of a mayfly before it's ransomwared or hacked or has all of its data copied. More often than not hosted by cloud providers.
Perhaps we should start getting serious about what is needed to run a modern-day country, because people that don't have our own interests at heart certainly have. If that means running our own infrastructure off the Internet then so be it.
A government run fibre network wouldn't help with utility security etc. Someone would (accidentally or maliciously) bridge the network to the Internet in double-quick time.
What would help is a zero-trust approach to security, rather than magical thinking around isolated physical infrastructure that should have died about the same time Natanz happened.
"You are framing the question wrong though. It's like asking how high up the list would "being a landlord" be?"
Your (re)framing of the problem I'm afraid shows a fundamental misunderstanding of the topic. Comparing the issues to 'being a landlord' is completely erroneous....as a landlord one has assets (a property) that one wishes to rent, presumably to generate profit whereas the development and delivery of services on behalf of the UK does not. It's about delivering value for money from tax revenue.
"If organisation is renting, then benefit of switching provider is to find one who will offer some savings while retaining quality of service or exceeding the previous provider or if what you are renting is no longer fit for purpose."
Services portability in the manner you describe is utter fantasy...this isn't like changing your mains electricity or mobile phone provider.
>For that money, they could have built multiple state of the art data centres to serve the citizens.
But cloud is really useful for when you have very lumpy unpredictable computing demand, like a once-a-year promotional sale, or rendering CGI for a new movie release - or running a 1000 year old government.
This post has been deleted by its author
I just submitted my company tax returns today, and I'll do my personal one early next month when I get my P60. Then I can spend the second half of this year, and especially January next year, being insufferably smug at people who are stressing about doing their returns at the last minute, having lost or forgotten all the important details. You're welcome...
GJC
This post has been deleted by its author
-- I can barely believe this got past the moderator. --
Is there a modderator, and why should they bother about reality?
-- Are you seriously suggesting we all put our tax returns through some crappy laptop and hope for the best? --
I think it was more indicating the base level hardware requirement than stating a policy.
No it’s an indication of the scale of progress.
In the mid 1990s it was a little awkward facing down a mainframe salesman, looking to sell a £17M mainframe replacement contract, and telling them that with a little redesign the workload could be handled by a dual processor NT box…
Obviously, we didn’t actually propose an NT box to the customer, but it forced people to think about the customer’s existing business processes the IT system would be supporting and the new processes it would be enabling.
OK, I can think of some lumpiness in government (especially in they brain department) eg referendum, general election, going to war, covid lockdowns. Expected lumpiness could be planned for but as was clearly demonstrated during covid unplanned lumpiness needs the software writing first - hardware isn't the primary issue.
How are the *vast majority* of government services "very lumpy"? Even the tax return service example you describe only needs to buffer them as they arrive. HMRC is at liberty to process them at a speed convenient to them.
(Public) cloud does have an advantage when there is a need to handle unpredictable and spiky workloads. But for running consistent workloads 24x7x365 days a year, you are just paying someone margin to run it on their servers in their data centre (although often a third party's, so extra margin) and it could be done cheaper if you did it yourself.
Trying to argue black is white just emphasises your blinkers here.
So a monopoly with the power to directly take from the population by force and borrow even more on the backs of that same population has difficulty negotiating with vendors who see them as a cash cow?
Just remember the PFI mantra. Socialise the costs, privatise the profits. Amazon, MS, Oracle and all the usual suspects spent lots of money lobbying for vendor lock-in and promoting cloudybollocks. IBM, who pretty much invented both the PC and 'cloud' didn't, and look where they are now. Having been involved in some of these discussions waaaay back, the problem was goverment didn't really have the foresight either. So departments and projects got isolated and segregated, so there was no Cabinet or central government body who could procure/build/manage a government Compute or Cloud function. So instead it got handled piecemeal and handed into the loving arms of AWS and Azure. There were some smaller attempts at gov-cloud-ish provision, like a provider who's name escapes me but built a datacentre next to Buncefield. Oops.
There were also some inside-the-Box thinking with a large datacentre, or space that could have relatively easily been turned into a large datacentre lurking under Wiltshire, but AFAIK much of that has been sold off though. Possibly still a good bug-out location as I think part of it now contains a very large wine cellar. Some risk that if target lists haven't been updated, it could be a very short drinking session though.
The die was cast by Thatcher, who removed the teeth from the CCTA based on the idea that government should be a consumer subject to “market forces” not a market maker.
I think there were many factors. Like not being forward thinking enough. Or EU procurement rules, so if projects were worth >£X, they had to be put out to 'competitive' tender. So they'd pretty much automatically lose for not being 'best value' vs a bid from anyone who already had DCs and tin. Then it got even more complicated to unravel actual costs given the USP for 'cloud' is often based on a PAYG model, which is often difficult to forecast accurately. But then customers get hooked into AWS and Azure, then watch the invoices grow as all the microtransactions ramp up.
I also had some interesting conversations with insurers and security types around concentration of risk. Government did, and probably still does some on-prem compute jobs like Box. But then maybe Box becomes too well known and becomes a target. So then the cost of relocating it, or distributing the risk by scattering it around AWS or Azure.. Which might then make those services a bigger target than they already are. Which then increases the potential risk for both business and government customers. Plus you're outsourcing most of your security as well as your data to those cloud providers.
I think government missed a big opportunity by not building their own G-Cloud. The basics are, well, basic. Sure, it may not have all the whizzy custom silicon and stuff, but all the big tin shifters sell racks of servers and virtualisation options (hello again IBM) that should be good enough for government work. At least government would then have had more control over physical and network security, rather than being at the mercy of commercial cloud providers who can keep ramping up service as well as licence costs. But I still think procurement rules would have prevented a lot of cost sharing and cross-charging, although of course being government, it can change some of those rules if it wants to.
And which then-EU nation was the main cheerleader for those rules?
Pretty much all the usual suspects given France, Germany also had their own consultancies and integrators. And then the wider global push towards privatisation so former nationalised industries could be asset-stripped. Plus there would also be the 'state aid' rules to work around, which the UK had a bad habit of (mostly) honoring, while other EU members ignored. Just declare compute as CNI and call it good. Now, HMG has more independence, but it's too late, they're locked in and they were warned this would happen.
The die was cast by Thatcher,
But unfortunately the Labour party have either followed Tory policies (for example landing £50bn+ of PFI debt on the NHS) or lurched into madcap marxist unelectability. As a result, although the last fifty years has "only" seen 32 years of Conservative-led governments, 13 years of Labour government were New Labour running strictly Tory policies. I doubt that Starmer is going to be radical about anything, so little will change after the coming election.
I think you meant 45 years: 1979-2024, but as you note we’ve effectively had 45 years of Tory policies…
But don’t disagree with the prognosis…
Whilst people may dislike Blair and what his government actually did and achieved, in the run up to the 1997 election he was able to make people feel good and want to vote Labour; dont get the same vibe from Starmer…
>madcap marxist unelectability.
That's propaganda in action for you. Marx was a mid-19th century economist who accurately summed up the interaction of economic forces but never developed a political strategy around them apart from vague pronouncements like "Workers of the world unite (etc.)". What we know as communism was developed much later. However, the notion of "Marxist" this and that has been inculcated into people as a sort of "four legs good, two legs bad" mindset, I've seen it applied to all sorts of things (especially in the US where we're told that Marxism is behind gender fluidity, among other things!).
Anyway, the effect of all this TINA -- "There Is No Alternative" -- which thanks to a compliant media meant that anyone who dared to even raise the slightest possibility of an alternative was vilified (and occasionally jailed). The Labour party was split into the 'moderates' -- the "Social Democratic and Labour Party" and the so-called "extremists", the rump of traditional Labour. Trades unions were suppressed, violently and often in violation of the law (very flexible in the UK). The result was a toothless pseudo-Conservative party, what we could call "LINO" ("Labour in Name Only"). The practice continues even today -- witness what happened to Corbyn and the whole anti-semetic witch hunt thing (so the leadership of the Labour party got transferred back into safe hands once more).
This crap goes back a lot further than Thatcher. I'm only old enough to remember the Wilson administration (sorry, I left the UK for the US because of Thatcher so I'm going to switch languages) and the fallout from it trying to follow policies that were intended to favor the UK, its economy and particularly its industry.
https://gds.blog.gov.uk/2011/11/02/the-unacceptable/
Cloud computing - the ability to buy proven solutions on a pay-as-you-go basis - is what lets government make this change. Once we recognise that we're not different and that we don't need special IT, then we can buy what everyone else is already buying and using.......Everything changes when we do this. We will pay less, get more and get it sooner. If a supplier fails to do what they've promised, we will find another supplier - with no tears. There won't be contracts running for decades; smaller businesses will be able to enter the market, engage directly with Government and compete with far larger companies; UK businesses will get a chance to out-deliver foreign ones; government will be more efficient and our customers will get the service they need.
This post has been deleted by its author
>>>"Cloud computing - the ability to buy proven solutions on a pay-as-you-go basis - is what lets government make this change. Once we recognise that we're not different and that we don't need special IT, then we can buy what everyone else is already buying and using"
In many cases the UK Government ARE however special; the idea that they are not is one of the biggest falsehoods in the whole Cloud First debacle. Seems you believed it...
GDS and Cabinet Office have tried to hang on to that old chestnut for years, whilst steadfastly ignoring that UK Gov are bound by legislation - both national and international - that commercial organisations are not, and that their data differs significantly from corporate data both in terms of its sensitivity and its scale.
Few companies deal with data that can result in death or serious injury if its incorrectly handled, whereas every local authority in the land does so, and Central Government, NHS and blue-light services do so at massive scale.
To be fair there are plenty of 'digital leaders' across Gov who have done the same - ignoring the factors that should have constrained, informed, or steered their cloud adoption such as Policy, Legislation and just the wisdom of not putting all our national eggs into a couple of (admittedly large) non-UK owned baskets.
These services are of course also not designed for high value Government data - the terms of service for both AWS and Microsoft specifically say as much in their terms of service - and yet HMG continue to put more and more data and critical UK National systems into these commodity platforms.
The nirvana you suggest of simple mobility and SME competition are a pipe dream - we're ten years into Cloud first now and still largely using these Cloud Providers just like we used Managed Service Providers - moving legacy systems with minor change from virtualised datacentres into Cloud. SME's get crumbs from the table whilst managing the move into Cloud remains the preserve of the big SI's and Consultancies,
Where we DO re-engineer its to couple ourselves ever more tightly into the Cloud providers platform - using their services and literally 'coding by technology platform' in many cases - creating systems that are genuinely portable costs money, and the UK Gov has prioritised speed and cost over consideration of how we might exit the Cloud.
The UK also adopted these global spanning Cloud Services at the expense of their own domestic market, and the few who have tried to co-exist with them have been undermined by Gov Policies (or more specifically by those ignoring Government Policies that SHOULD have controlled this sprawl and ensured that high value data never made it on to these platforms). There are few choices available for anyone seeking to move complex AWS or Azure optimised workloads to a different platform - and many of those who continue to exist in the UK are really just satellites of the big boys - offering hybrid solutions, not true alternatives.
Even if we had those platforms, almost the entire UK workforce today have re-trained to become AWS or Microsoft Azure engineers - and who can blame them when the past 10 years has had that as the sole direction of travel?
The article suggests we've now hit a commercial tipping point - AWS & Microsoft no longer need to give introductory discounts, their UK Government business has hit the critical mass to ensure we can't readily leave, and a long-term revenue stream is gauranteed, so we'll of course be reverted to the locked in customer pricing... that's standard practice in most industries, so I can't criticise them too much for doing so TBH.
Its naivety and lack of foresight on the part of UK Gov commercial and digital teams that's led us to this position, along with the headlong rush across Gov Depts to buy into AWS & Microsoft without giving any consideration to the long-term implications. "Buy in haste, repent at leisure" has never been more relevant.
The CDDO suggestion to resolve this?
Lets repackage and re-brand it and then buy more of the same.
That's not a strategy - its capitulation.
I DO hope whomever makes up the new Government has more imagination, gumption, and smeddum than this lot.
"The CDDO suggestion to resolve this? Lets repackage and re-brand it and then buy more of the same. That's not a strategy - its capitulation". I couldn't agree more. It does make me wonder of CDDO is trying to fend off the CMA'S cloud investigation, because it beggars belief to read that CDDO think that HMG's approach to cloud to date might only fall under CMA scrutiny a decade from now.
This "Cloud first policy" is such a non-sense it sounds like it was written by one of the cloud providers.
Hopefully the new government not only has more imagination, but also can run an inquiry why this even happened and whether it was just stupidity or something more sinister.
Lock in example - and I'm sure it's replicated across many departments.
A few years ago, the MoD decided the future was [whatever it's called today] 365 - pretty much for everything where it has a tool to do it. I guess at the time it looked like a nice easy option - we just pay a "small" fee to MS per user per month and they handle "lots of difficult techie stuff". Guess what, after a few years it started looking a bit expensive - to the point where an arbitrary line was drawn whereby "send less than 30 emails/month = light user", and those light users were switched to the cheaper licence that only gets the web versions (no local Outlook, Word Excel, etc.) Guess what, many of those light users actually need the features in the desktop versions that aren't in the web versions. Cue complaints and people having to justify why they need the more expensive licence - apparently "I can't do my job without" isn't good enough, you have to document why (i.e. I can't do my job without "feature X"). I did wonder if "because the better licence will be cheaper than replacing a laptop that did a poor impression of a frisbee as the severely frustrated user hiked it out fo the window" would also be a sufficient justification !
Of course, so much business process is now tied into MS that it is now realistically impossible to kick them out - and they know it. Why do you think MS put so much money into rigging votes to get their very much not open Office XML ratified as an "open" ISO standard rather than actually properly support the properly open Open Document Format ?
Government only does that to unimportant things that MPs don't use, like childcare.
The amount Sunak decided would be paid per child is about 80% of the cost of providing safe childcare. So unsurprisingly, a lot of small providers are unable to provide that "free childcare" and many are closing.
It would have had (note the past tense) at some point in the past. As pointed out, MS have played the game well - keep adding new stuff, bundle it in, get people hooked, get to the point where all these things are so embedded in the business that the cost of moving is high - and keeps getting higher. Further, they've engineered that you can't replace only parts because it all relies on undocumented or otherwise protected (patents, encryption with non-public keys) interfaces between components. This wasn't a situation that's just happened, it's taken MS decades to get here.
So now the governments don't in fact have that clout, unless they are prepared to take a massive hit (like Munich) in the hope that it works and long term they will recoup that in savings. But at least in this country we don't seem to consider much past the next election.
That wouldnt help. You'd still have to be able to deploy your opensource thing anywhere
So you wouldnt be able to use any of the value adding cloud services like PaaS
So you'd need to build everything yourself. Like we did in 2006
Which would cost 5x more than just using the cloud properly
This is nothing more than open standards redux.
The problem regarding proprietary standards and lock-in is hardly news, Cabinet Office was busy avoiding the problem 15 years ago, not for the first time. Is there any reader who remembers the CCTA writing about all this in about 1995. Cloud is the walled garden problem on steroids. Apparently the Competition and Markets Authority is investigating. That shouldn't take less than 10 years by which time the suppliers will have nimbly skipped on.
And El Reg can report on that
Can you describe how you think this would work?
Are you going to ban AWS from offering any service, feature, API or incentive that OCI, GCP, Azure, CHS, etc dont offer?
Are you going to mandate OCI supports AWS Aurora?
Are you going to mandate that AWS landing zone accelerator be able to orchestrate Azure and CHS, and wierd legacy stuff from kyndrl?
Feels like you missed the entire point of the article.
If the Govt. set the specification such that there is no requirement for portability between providers and the chosen provider implements the specification using proprietary methods, then the renegotiation fees will include the cost of porting the proprietary bits to the new provider.
Thus, the current provider can charge the Govt. min(cloud competition) + porting costs. As long as the provider correctly judges what the Govt. considers to be the porting costs, then that is what they can charge. The cost of porting is likely to increase as a function of time as the Govt. becomes more ingrained.
If the Govt. required portability, then they'd basically only be paying min(cloud competition) since the porting costs ought to be negligible (at least in theory).
The article basically describes how Govt. has failed in keeping porting costs low and now has less negotiation headroom since rationally any vendor can logically increase their prices to the Govt. as long as the total price is still lower that the cost of porting to the lowest priced competitor.
It may seem contrary to suggest that this is good news, but let's spin the title a little:
Whitehall admits to proprietary lock-in and poor use of public money
Whatever happened to "We Love Proprietary, La La La."?
Yes folks, UK Gov has woken up and smelled the coffee! The turning point approaches, may even have just arrived.
Yes folks, UK Gov has woken up and smelled the coffee! The turning point approaches, may even have just arrived.
Unlikely - as soon as an election is called all decision making grinds to a halt, and when the winner is announced, there will be a load of new stooges for minsters, who won't know anything about their portfolio, nor even much about what their department actually does. As there's virtually nobody in Starmer's likely cabinet with previous ministerial experience, it'll be a government of noobs who don't even know much about how the process of government works. None will have relevant outside world experience of important policy and decision areas such as IT, energy, defence, health etc, few if any will have the nous and experience to ask the right questions, or the basic skills to sort the wheat from the chaff of government processes.
We'll possibly see a huge time wasting "machinery of government" change, for example ploughing up DSIT and DESNZ, as well as DLUHC. There will be an energy minister who doesn't understand anything about energy, a science minister who's probably got a degree in the life and times of Kier Hardy, and a transport minister who thinks trams are a good investment.
I'm feeling ignorant. To me cloud = running software (your's or someone else's) on someone else's remote computers. Data centre = running software (your's or someone else's) on some computers which may or may not be remote, may or may not be your own.
Now I know that government running things is generally an invitation to Finagle's Lw to come into operation (especially with anything to do with finance or accounts) but with the amount of money involved wouldn't it be better to build a UK cloud?
>>wouldn't it be better to build a UK cloud?
That was the original direction of the G Cloud programme back in 2009/10 (when the UK were recognised by ENISA and others as global leaders on soveriegn based cloud).
When the previous Labour administration (who initiated that work) were replaced with the Coalition Gov, the focus changed - to "let the market decide", and that's exactly what has led us to where we are today.
G Cloud stopped being a 'thing' in its own right, and was changed to a moniker for commerc ial activity to buy Public Cloud, on terms dictated by the emerging Public Cloud Service Providers - initially led by Google, but now mainly AWS & Microsoft.
The work we did in the original G Cloud programme was not however wasted.
The US picked it up to build out their FedRAMP models - so don't let it be said the UK didn't contribute to national wealth and cloud capability delivery.
We did - just not OUR national wealth and cloud capabilities.
no it would not
Cloud has 2 elements.
IaaS = somebody elses computer, on which you design and build your stuff
PaaS = somebody elses platform, on which you build
So with the former, you have a TON of extra work to do, to make, eg the database scale, to ensure it does backup and recovery, failover, monitoring, etc - and you have to test all that. and you have to take the never ending set of security and feature patches that also need testing and deploying. This costs a lot of money
But with the later, the cloud provider is doing all that, and spreading the cost over millions of customers - so you get a LOT of stuff for free
Sure UK Gov could try to compete with AWS on AWS's home turf, but do you really think they could? Would they have the money to hire the same caliber of people? Is there any chance at all they could keep up? No. None whatsoever.
Which leaves the gov doing one of these:
1. building only on IaaS which is absurdly slow and expensive
2. using the PaaS then being kicked for this mythical lockin thing as though the costs of moving werent 10x the savings. or the costs of being able to move werent 100x the savings
PS there was a UK cloud - it was actually called UK cloud - they went bankrupt failing to compete with AWS
>>PS there was a UK cloud - it was actually called UK cloud - they went bankrupt failing to compete with AWS
Actually no that's not the case.
They went into liquidation principally as a result of Cabinet Office briefing HMG users not to use UK Cloud, but their issues had their root somewhat earlier.
Whilst the HMG data classification policy (the GSCS) placed strong restrictions on the use of Public Cloud and non-UK based Cloud Services for sensitive data (including sensitive personal data); the Government Digital Service (GDS) policy and blog postings increasingly pushed organisations to make more use of Public Cloud.
Crown Commercial Services (CCS) made significant investments in their relationships with both Microsoft and AWS who in turn heavily discounted their services in order to hoover up most HMG business.
(Recently Cabinet Office have been bemoaning the fact that now they have a huge footprint in those cloud providers they can no longer influence them and discounts are much harder to achieve - hardly a surprise...)
UK Cloud expected - realistically, because the Ministerially approved Classification Scheme said so - that some types of UK Public Sector bodies would always have a need for a UK based Cloud service.
After all, Azure was only ever formally approved to process data at Business Impact Level 2 (2-2-4 actually), which was at the old GPMS PROTECT level - so there was good basis for UK Cloud to beleive they qwere on firm ground.
Actually they were on shiting sands - because Cabinet Office removed the functions that would have ensured adherence to the GSCS Cloud requirements, and whole tranches of UK Publice Sector moved to Microsoft and AWS. Some have done so whilst also in breach of UK legislation - the problem is that serious.
So that's really what happened to UK Cloud - like an honest player at a crooked poker game they played by the rules in every expectation that they'd compete in a level playing field with some types of use virtually guaranteed by HMG Policy to come their way.
Turns out that HMG Policy favours the big players more than the little guy.
"Now I know that government running things is generally an invitation to Finagle's Law to come into operation"
In my experience government is no worse than the private sector that I've spent 30 odd years working in, it's just that the public sector is subject to levels of transparency that expose when things go wrong, and some government projects are bigger than the private sector operates. So I've worked for a company that spent around £980m on ERP changes that was originally budgeted at around £200m. Changes took eight years compared to a planned three, systems still didn't work properly at the end of that time and the company got taken over. But because the costs were carefully fudged within corporate accounts, and managed as separate chunks of investment this wasn't visible to anybody outside the company unless they had a good knowledge of the sector, and were competent at reading between the lines of the accounts. Likewise, many big commercial IT or services outsource deals in the private sector cost the client more money than in-house, but because the relevant information is not public (and often quickly lost internally) nobody knows or indeed wants to know.
For the public sector it's often a requirement to publish a business case showing the before and after expectations, and then all of the dirty linen is being shown off in public from the start.
You can write a Java program which runs on Windows and Linux with no change
You can write a C program that runs (after compile) on Windows and Linux, but as soon as you use Windows or Linux >specific< code you are stuffed.
If the infra structure is designed so that it can run on any platform - and not use platform specific - it should be possible to move platform.
There will be some platform specific code/infrastructure, but extract it into one place. If your code needs to use it - go to the one module to use it - do not put it inline.
I worked on a big product that runs on the IBM Mainframes, Windows, Linux, Unix, and a whole load of variants. 95% of the code was common.
If you need a database, ensure it uses standard SQL, and not vendor specific add-ons.
When developing the code, test it on the multiple platforms, and use automation for test, to find these lock in points
"but extract it into one place"
You mean build an abstraction layer so that you aren't directly tied to any API's you don't directly control?
I totally agree and its how I've always done it and that's why my applications tend to survive in production for decades.
Years ago I led the team that built a real-time trading application with a UI that ran on Unix, windows *and* curses (for the dial-up guys obviously...). Same code base on each platform.
In my current gig all the platform specific bits and external touch points are wrapped up in a "service" API, even if there is only a single possible implementation. The service implementations are dynamic linked at runtime so you literally can't get at the internals to go around the interface. The best thing about this is how easy it was to swap in mocks of the interfaces for testing purposes. There is a really powerful scripting language that can drive system inputs through the mocks and introspect system state (in C++!). The business logic sitting at the core of the system has no idea it is running in a mocked environment or even what flavour of production environment its in. The framework has outlived 3 generations of its main partner system, they come and go, we just build a new service implementation.
But most devs are highly resistant to this approach because it hurts their little brains to think in terms of abstractions. They'd much rather wallow in the pigshit of vendor API's to prove how awesome they are at bit twiddling.
It always been a constant and grinding battle to convince managers and devs to follow this approach. Everyone wants quick and cheap, at first at least, then they realise that what they really need is maintainable and scaleable.
I've seen developers livid with rage at being forced to go through a framework because it prevents them showing off their prowess. I've been accosted and lambasted in the pub and called every name under the sun for making things "complicated". But there are a few, a very few, for whom it makes perfect sense and they are the ones who thrive.
We're talking about third-party consultancies implementing most of this stuff, through hiring third-party contractors within many cases.
Where GDS is using it's own people to do the writing, they couldn't write efficient meaningful code in the old data-centre days and neither could the third parties either.
Vendor lock-in isn't so much the real issue here, design choices are.
As noted above, to replicate the stuff that is a PITA pre-cloud to the simplification within the cloud I say it'd cost more ultimately.
I wish someone who actually understood IT would write one of these reports.
The idea you will save money by being able to migrate to another provider is beyond laughable.
Yes you might save 10p on your VMs. But you will have spent 100x that on building and testing your applications to be that portable, and the same again on actually delivering the migration.
But it's a service that really has to work. And the processing load is pretty much constant. And we're dealing with stuff that needs to be secure and highly resilient (much more than the internet). And yet there are senior types who keep saying we should move shit into the cloud. Even after the cloud providers have looked at it and said "no thanks".
"As per the government's Digital Roadmap we endeavour to make significant savings by leveraging our combined purchasing power, as we seek to to shift to a 'buy once, use many times' approach to technology." - today's statement from the Cab Off. I'd love to see the impact and competition analyses that ought to be underpinning this approach. Cheaper on paper in the short term but....
Lots of comments here discuss whether or not the government should own data centers.
This is completely irrelevant!
What matters is to build and procure solutions that can run on any cloud or data center (And I've been preaching this for years as an Enterprise Architect):
1) Make products built on Kubernetes/KVM or other open virtualization technology.
2) Use OpenTufu (or other Terraform successors) to orchestrate infrastructure.
3) Build products that use open-source storage/queues.
When you do this and only rent lots of generic CPU/IOPS/Storage/Network, THEN you are, as an enormous client like the government, able to really play all the vendors against each other and force them to lower their prices till it hurts.
People are so incredibly naive - "I wrote these massive services based on proprietary tech like AWS DynamoDB, or Azure Service Bus, and now they massively inflated the price? HOW COULD I EVER IMAGINE THAT WOULD HAPPEN." </facepalms all around>
In general "lock in" is just the manifestation of a commercial or architectural decision. If there is no extra value in using a service over an alternative, then try not to use the one with the proprietary interface. If the commercials look so good that you buy 3yrs ahead, then don't complain 1yr in that you can't get out.
It all boils down to deciding if the restrictions on future action are worth the incremental value add. If they are, then go for it, if not don't go there.
Now the fact that most consumers seem to struggle with this notion is unfortunate, but ultimate not the fault of the various cloud providers - consumers do it to themselves.