Hacker News

183 points by aarondf 3 hours ago | 62 comments

It has been 0 days since GCP has taken down a startup (again).

You see this at least once a year. Never heard of this from AWS or Azure.

In all seriousness, this is why we don't use them. They have the most ergonomic cloud of the big three, then absolutely murder it by having this kind of reputation.

overfeed 3 minutes ago

> Never heard of this from AWS or Azure.

AWS does it more efficiently; it takes down many startups at a time when us-east-1 goes down.

somewhatgoated 21 minutes ago

On the other hand i can’t remember when there was a serious outage on GCP, unlike AWS/Azure who seem to go down catastrophically a couple of times per year.

JoRyGu 6 minutes ago

AWS goes down catastrophically but are back up in minutes/hours most of the time (as long as they aren't down because Iran blew up their data center). That's obviously REALLY bad for certain industries, but I suspect for the vast majority of their customers it's not a big deal. We've been able to isolate the damage almost every time just by having AZ failover in place and avoiding us-east-1 where we can.

corpoposter 7 minutes ago

IIRC the Paris datacenter flood took down a whole “region” and some data was permanently unrecoverable.

rozap 7 minutes ago

Yep, we also don't touch them for this same reason.

abrookewood 49 minutes ago

Yep, agree 100%. Such a stupid move on their behalf.

jameson 39 minutes ago

What was the reason GCP took down a startup previously?

__s 10 minutes ago

hn.algolia.com gcp blocked

https://news.ycombinator.com/item?id=46731498 https://news.ycombinator.com/item?id=33360416

Then I recall https://news.ycombinator.com/item?id=45798827

https://news.ycombinator.com/item?id=33737577

tjpnz 2 hours ago

AWS normally contacts you first.

kevin_nisbet 43 minutes ago

Do they?

The only anecdotal thing I've seen is we hired a vendor to do a pentest a few years ago, and they setup some stuff in an AWS account and that account got totally yeeted out of existence by AWS if memory serves.

dannyw 12 minutes ago

You should not be conducting unauthorized penetration tests against third party infrastructure providers without permission. They have processes and systems and usually just wants a heads up of what you plan to test and t the duration / timestamps.

Cuz otherwise you look like a threat actor.

That’s assuming your vendor was pentesting AWS systems. If you meant you hired a vendor to pentest your own systems on AWS, that’s of course a totally different matter.

alchemism 40 minutes ago

I’m fairly certain you are supposed to contact any vendor before attempting to penetrate hosts with authorization, not the other way around.

coredog64 12 minutes ago

Having done this for both Azure and AWS, there's a specific ticket that needs to be filed with each provider that documents the scope of your pen test, where you're coming from, and a time frame over which you're doing it (which ISTR was "not more than 24 hours")

mixdup 21 minutes ago

Responding to an unknown security tester like that is a selling point, not a cautionary tale

cherioo 55 minutes ago

They better do. What is google doing?

Gigachad 48 minutes ago

It's all AI powered

binarycleric 38 minutes ago

How the heck do these things happen, especially with companies with huge monthly spend? At my last job we had some suspicious workloads running on AWS and our TAM reached out to us before taking any action. Who wants to bet this was some AI automation gone wrong and because GCP seems to be allergic to actually contacting a human to get a response, this just sits in some support queue that outsourced workers look at after a few hours just to give a canned response?

garciasn 32 minutes ago

Nothing surprises me with anything related to support on GCP. While we absolutely do not need them, I have been through no less than 12 different Account Executives over the last 6y and they're all ENTIRELY and COMPLETELY useless.

They all introduce themselves, beg me to setup a meeting w/them and some sort of engineering resource(s), and they come to a meeting with a canned slide deck that is so absurdly unrelated to us that I just laugh, and then the next time I hear from them it's because we have a new AE.

This is my most recent reply (right after Next '26):

> I really appreciate you reaching out; however, we have met with, I dunno at this point, more than a dozen GCP Account reps, execs, technical teams, etc over the years and there's little to no value for us or you, now or in the future. Please do feel free to invest your time on your other clients. We're good; truly.

I love GCP and its services; we have been very pleased with it over the years, but the human side of it? Fucking sucks and I just don't see why they even bother.

OptionOfT 22 minutes ago

It's because they're measured on something, unsure which metric, but it's definitely not how helpful they are to you.

YuriNiyazov 17 minutes ago

Don't know about GCP, but our AE on AWS was also continuously rotating, and as best I can tell, their job was to figure out what we are planning to build, and to ensure that we should always use <INSERT AWS SERVICE DU JOUR> for that, rather than a competitor product or build it ourselves.

Rodeoclash 13 minutes ago

Exactly the same experience for us as well. I just don't bother with them.

idontwantthis 20 minutes ago

It doesn’t worry you enough that someday you could have a serious problem and they wouldn’t be able to help you?

garciasn 16 minutes ago

On the list of things that worry me the most about our company's stuff, an issue I cannot solve w/o help from a human at GCP is around #900000042.

guluarte 29 minutes ago

It's Google. They let you use their services, but the moment you don't fit the norm, they suspend you.

BitWiseVibe 31 minutes ago

As someone who runs some public APIs, the amount of spam from Railway IPs is insane. They have horrible abuse prevention. Hopefully this encourages them to improve their operations.

UrbanNorminal 34 minutes ago

Is google allergic to humans or something? Cannot they just send an email or call the company before taking a wrecking ball to the entire company's infra? Are they stupid?

BarryMilo 7 minutes ago

Surely this is automated. They wouldn't waste precious dollars on employing humans just to keep other humans happy.

bearjaws 36 minutes ago

I will never leverage GCP in an enterprise setting, it's honestly amazing how hard they fumble the bag. Will be interesting to see when GCP support started working with them, from the updates there was an hour and change from when they identified the issue and GCP support was confirmed.

In the cloud space it seems like AWS does nothing and wins.

codegeek 2 hours ago

This is bad. Even their own website is down at railway.com. Looks like total dependency on google cloud. Surprising for a company of their scale with all this VC money.

choilive 2 hours ago

They run a decent amount of their own compute/bare metal server for customer workloads. But likely still had some critical dependencies on GCP.

tux 53 minutes ago

At this point you can’t trust Google anymore, it keeps breaking things. Imagine having Google AI do this thins automatically. Will have apocalypse in in a day.

r_lee 59 minutes ago

seriously, is it possible to trust GCP with critical data/services at this point if you're not a billion dollar company?

I'm exaggerating but someone said they got "auto banned"

what if that happens to a small account which hosts some really important data/services there?

xyzzy_plugh 37 minutes ago

I've managed several accounts with GCP over the years and I've always maintained a great relationship with our contacts there. Some of these accounts were quite small, on the order of <$20k/mo, and even then we were kept abreast of anything that might be cause for concern. I always maintain a standing biweekly meeting with at least someone on the other side (account exec, technical staff, whatever) and I've yet to be blindsided by anything.

Is Google's communication good? No, not particularly. The only way something like TFA happens is if the relationship is neglected (by one or both parties). I'm not saying Railway did something wrong, but there are usually many flags and opportunities to correct long before drastic actions.

I get the impression that Railway plays fast and loose with a lot of their limits and resources and that Google may not be a fan of that.

Edit: would also like to say that if you put all your resources in one GCP project you are going to have a bad time. If you organize stuff over many projects it is very unlikely that they will ever take account wide action. I've had issues with, for example, a particular tenant's behavior, but it never jeopardized the other tenants.

Avicebron 46 minutes ago

> what if that happens to a small account which hosts some really important data/services there?

Pray to @dang that you will make the front page of HN?

throwaway85825 44 minutes ago

Even if you are a billion dollar company you still have problems like the Australian pension did. Google is just that bad.

chi_features 36 minutes ago

https://blog.railway.com/p/series-b

Agreed. Railway are probably not far off a billion dollar company though!

ttoinou 37 minutes ago

Railway isnt far from being a billion dollar company, no ?

padolsey 39 minutes ago

Does anyone know how this even happens inside the walls of google? Is it an automated process? How is such a (presumably) high revenue account just magically blocked without human intervention? I'm quite perplexed.

jpollock 31 minutes ago

There would have been efforts to contact them, but it would have been via their contact method, aka the email they set it up with.

Common ways this happens? They are using a credit card to run their business with no backup payment method. Then the company's contact person is on vacation.

mbreese 18 minutes ago

Yeah, I'm not sure what to think here. We know Google is not the best at customer service and has automated account suspensions. But, what I'm curious about here is why this happened.

Railway hosts applications for customers. An uneducated guess for some possible reasons: 1) one of those customers hosted something they shouldn't have 2) railway had something spawn that took up too many resources 3) Or their account balance was too high 4) Or something...

But all of this probably culminates in someone needed to read an email that was missed.

Scaling a customer infrastructure setup like Railway is hard. This is one of the non-technical hard parts - how to make sure your account with your primary vendor is safe. But, I'm willing to wait to pass judgement here until more information is available. I'm sure the post-mortem will have lessons. I'd like to know more.

scratchyone 23 minutes ago

Honestly still insane to nuke a high-volume client's business after a single payment issue. There would be no reason for Google to believe that a single hiccup like that is evidence that they won't get paid and have to cut account access immediately.

brokenodo 19 minutes ago

Well, as a 2 week tenured and very happy Railway customer until now, I am now a Render customer. Somehow DNS cut over within 1 min(!) and live after about 30 minutes of work. Not bad!

DrewADesign 4 minutes ago

In my experience, DNS changes are a lot faster than they used to be. There’s some website that has a map that tries to resolve your domain with a bunch of name servers around the world that was pretty neat to look at last time I migrated something.

orliesaurus 48 minutes ago

I wonder if someone has exploited a weird Google-safety automated process to report something on Railway which caused Google to block the whole thing.

jefborges 50 minutes ago

Railway is back, but I’m not sure if I can trust keeping my projects there, so I’m going to migrate to another company.

redanddead 23 minutes ago

one of the many reasons companies are cloud agnostic and dont want to get locked in

fh67 15 minutes ago

Yeah but until you find that the new cloud provider won't approve your compute quota or doesn't have enough capacity in the region or you hit fraud flags for stagnant account spinning up lots of compute.

gnabgib 3 hours ago

Dupe - join the discussion started an hour ago instead of query string work (12 points, 4 comments) https://news.ycombinator.com/item?id=48200827

aarondf 3 hours ago

I added the qs because it defaulted to a story from 3 months ago.

parineum 20 minutes ago

There's a lot of, what seems to me, unfounded blame being directed at Google for this. Isn't railway the company that just blamed Anthropic for deleting their prod database?

mmmore 7 minutes ago

Nope, Railway was the company who was hosting PocketOS, which is the company that blamed Cursor for deleting their prod database. Railway is only involved insofar as their API allowed an instant delete of the prod database.

sidrag22 3 minutes ago

fairly certain you are remembering the goofy article that was going around where a railway user allowed an agent to delete his db. iirc he questioned the agent after and the agent told him it should have read the file that told him not to do things, so just sounds like he deleted his db and blamed his tools.

ChrisArchitect 39 minutes ago

Earlier: https://news.ycombinator.com/item?id=48200827

isninkhamiss 2 hours ago

github got way more noise for less

rvz 2 hours ago

Let me guess… Googler running AI agent in production that blocked this startup’s account.

unit490 4 minutes ago

[dead]

rekabis 2 hours ago

TL;DR: putting all your eggs into one basket is bad, man.

canpan 2 hours ago

How to handle domains? The rest is easy, but your domain registrar blocking you sounds like a pain. My current solution is to use a local small provider, just for the domain. Then if there is a problem with your play account it is out of any blast radius.

FlamingMoe 2 hours ago

What do you mean by local small provider? A registrar on main street?

truekonrads 2 hours ago

MarkMonitor

Barbing 41 minutes ago

Any changes since acquisition?

Looks like they were sold at the beginning of the year to a company without a Wikipedia page whose parent company doesn’t have one either https://en.wikipedia.org/wiki/Markmonitor

  Acquired in November 2022 by Newfold Digital, it was later announced that the firm would be sold to Com Laude, a company owned by PX3 Partners.

Edit-Private equity apparently https://px3partners.com

  PX3 stands for purpose, passion, and performance. It is a pan-European private equity firm with headquarters in London. It invests behind transformative themes and targets companies operating within select segments of the business services, consumer and leisure, and industrials sectors with strong business fundamentals.

binarycleric 37 minutes ago

Same applies to all the companies betting the farm on AWS.