202508042147 2 hours ago

We went with Hetzner as we already had good experiences with their VPSes. For this particular db migration, a resonably sized VPS with volumes does the job for us. We don't have planet scale operations so the lowish IOPS is not an issue atm. Also, with this experience at hand, I am confident that we'll manage another migration if need be.

▲

esskay 2 hours ago | parent | next [-]

Did the exact same thing for a client who's ops we managed on AWS. I was pretty against ditching RDS and a load balanced setup for hetzners load balancer and 3 instances (2 web, 1 db) but honestly, it's been pretty smooth sailing. The sites faster, and costs dropped massively, saving the client approx €900/mo for a better service.

▲

gregman1 2 hours ago | parent | prev [-]

Afaik Hetzner has a couple of server locations in the USA. Is it correct to say that Hetzner has to comply to US CLOUD Act and therefore give away any data requested?

▲

2 hours ago | parent | next [-]

[deleted]

▲

MonkeyClub 2 hours ago | parent | prev [-]

Depends on which data center you're hosted.

The one under US jurisdiction operated by Hetzner US LLC must comply, while the German ones are operating under the GDPR, which has extraterritorial clauses can can deny or challenge the request.

	▲	rvnx an hour ago \| parent [-]
		It's not that guaranteed. The reality is that if you have any interest, company or employees in the US you can be coerced to do anything the US government wants. Either legally through courts, or through business influence, or through harassment (e.g. hardcore checks from the IRS). Sorry, Stripe rejects you now because you are high-risk (you have to explain why you refuse to help in criminal cases, though there is a court requesting you). You don't like to comply to US requests and protect terrorists ? https://support.stripe.com/questions/how-to-resolve-blocks-o... Still don't comply ? You are added to sanctions list, end of the game. https://home.treasury.gov/news/press-releases/sb0185 Even Microsoft acknowledges that these cross-border requests cannot be avoided. https://www.convotis.com/es/en/news/microsoft-access-eu-data The same way that EU can force fetching data from the US entity. Now on the EU side: GDPR fine of 4% of your worldwide income. Well, too bad, your US entity refused, we will have to punish your EU entity very strongly. If small provider, oh right you refuse ? Well, we will notify your bank that you do not respect the court orders, etc. The law is one of the way of enforcement, but there are multiple stages of pressure. Still refuse ? Well, let's come to you at 6am then. https://www.insurancejournal.com/news/national/2020/07/10/57...