sharang
6db9c7645e
ci / shared (push) Failing after 7s
Bootstraps §1.2 scaffolding (README, CONTRIBUTING, CODEOWNERS, CHANGELOG, PR + issue templates, LICENSE, CI workflow, release workflow, commitlint, cliff, .editorconfig, .gitignore, .env.example) and ships a proprietary all-rights-reserved LICENSE naming both founders. Refs: M0.1
259 lines
16 KiB
Markdown
259 lines
16 KiB
Markdown
# Cost Plan — SysEleven Infrastructure
|
||
|
||
Companion to `INFRASTRUCTURE.md` and `IMPLEMENTATION_PLAN.md`. Pricing source: `SysEleven-Cloud-Services-Preisinformationen_01_26_v2.pdf` (effective 2026-01-20). All prices net EUR, exclusive of 19% VAT. Region: DUS2 + HAM1.
|
||
|
||
---
|
||
|
||
## 1. TL;DR
|
||
|
||
**Locked topology (2026-05-18):** 4 billable VMs — 1 stage + 3 prod — totalling **48 GiB-RAM**. See `INFRASTRUCTURE.md §1`.
|
||
|
||
All four pricing modes, side by side, at the locked sizing:
|
||
|
||
| Mode | Compute €/mo | Storage €/mo | Network €/mo | **Total net €/mo** | + 19% VAT | **Annual gross €** |
|
||
|---|---:|---:|---:|---:|---:|---:|
|
||
| **On-Demand** | 434.50 | 112 | 2.92 | **549.42** | 653.81 | **7,846** |
|
||
| **12-month commit** | 295.20 | 112 | 2.92 | **410.12** | 488.04 | **5,856** |
|
||
| **36-month no upfront** | 216.00 | 112 | 2.92 | **330.92** | 393.79 | **4,725** |
|
||
| **36-month upfront** | 192.00 | 112 | 2.92 | **306.92** | 365.23 | **4,383** |
|
||
|
||
**36M upfront one-time payment**: €6,912 net at signing (compute only; storage + network still billed monthly).
|
||
|
||
**Recommended cash plan for Year 1:**
|
||
1. Months 1–3: burn On-Demand (~€549/mo) while flavors get proven against real workload
|
||
2. Month 4 onward: sign 36M-upfront commit at proven size (~€307/mo)
|
||
3. Year-1 total infra: **€4,410 net / €5,248 gross** + one-time €6,912 upfront in Month 4
|
||
|
||
Growth tiers extend that same baseline (next 4 sections drill in).
|
||
|
||
---
|
||
|
||
## 2. What to use / what to skip
|
||
|
||
### Use from day one
|
||
| Service | Why | Cost |
|
||
|---|---|---|
|
||
| **OpenStack IaaS (m2 GP)** | Bread and butter. General-purpose 1:4 vCPU:RAM fits everything. | per VM, see §3 |
|
||
| **Block Storage (Ceph)** | 3x replicated, persistent. €0.10/GiB/mo. | per GiB |
|
||
| **Object Storage (S3)** | Backups, audit logs, demo seed bundles, export ZIPs. €0.02/GiB/mo. | per GiB |
|
||
| **Floating IP** | Public IPs for vm-edge (1) and stage (1). | €2.92/IP/mo |
|
||
| **VPN as a Service** | Inclusive. Use for ops access from our laptops. | €0 |
|
||
| **Self-Service Support** | Free. Adequate while we're shaking out the platform. | €0 |
|
||
|
||
### Defer until clearly needed
|
||
| Service | When to add | Cost |
|
||
|---|---|---|
|
||
| **DNS Zones (DNSaaS)** | Never — we self-host PowerDNS on vm-edge per [[self-hosted-oss-first]] | €10/zone — skipped |
|
||
| **Load Balancer (Octavia)** | When we add a second vm-edge for HA (Tier D). Until then orca-proxy + Floating IP is enough. | €14.60–57.67/mo |
|
||
| **Business Support** | When MRR > €5k. Below that, Self-Service docs cover us. | €185/mo |
|
||
| **Priority Support** | Only if we sign an Enterprise contract that requires <1h response. | €545/mo |
|
||
| **DDoS Guard PLUS** | After first attack OR before launching anything customer-promoted. | €875/mo |
|
||
| **DBaaS PostgreSQL Cluster** | When tenant_registry Postgres becomes the bottleneck (200+ customers, see RISK-1 in INFRASTRUCTURE.md). | €213–426/mo per cluster (m2.small–medium, 36M upfront) |
|
||
| **MetaKube Core (managed K8s)** | We use Orca (the user's own product). MetaKube would compete with Orca, not complement it. Skip unless Orca is replaced. | €0 by design |
|
||
| **Managed VM (Business/Priority)** | Defeats Orca. We are the ones who manage VMs. | skipped — saves €1k+/mo |
|
||
| **Operational Support Platform** | €759–€1,479/mo. Massive overkill until late stage. | skipped |
|
||
|
||
### GPU instances (separate concern)
|
||
LiteLLM today is a passthrough. If we ever self-host an inference model:
|
||
- **L40S (24 GB GPU RAM)**: €1,309/mo On-Demand, €1,086 (12M), €877 (24M)
|
||
- **H100 NVL (94 GB)**: €5,755/mo On-Demand, €4,637 (12M), €3,743 (24M)
|
||
|
||
For now: route LLM calls through LiteLLM → external provider. Add GPU only if a customer pays for dedicated inference.
|
||
|
||
---
|
||
|
||
## 3. Per-VM sizing — Locked topology (Tier A, 5 customers)
|
||
|
||
Flavor mapping from `INFRASTRUCTURE.md §1` to SysEleven `m2` General Purpose (1 vCPU : 4 GiB RAM, 50 GiB ephemeral root included).
|
||
|
||
### Compute — all four pricing modes side by side
|
||
|
||
| VM | Env | Flavor | vCPU | RAM | On-Demand | 12M | 36M no-upfront | 36M upfront |
|
||
|---|---|---|---:|---:|---:|---:|---:|---:|
|
||
| stage | stage | m2.small | 2 | 8 GB | 72.42 | 49.20 | 36.00 | 32.00 |
|
||
| vm-edge | prod | m2.small | 2 | 8 GB | 72.42 | 49.20 | 36.00 | 32.00 |
|
||
| vm-control | prod | m2.medium | 4 | 16 GB | 144.83 | 98.40 | 72.00 | 64.00 |
|
||
| vm-data | prod | m2.medium | 4 | 16 GB | 144.83 | 98.40 | 72.00 | 64.00 |
|
||
| **TOTAL** | | | **12** | **48 GB** | **434.50** | **295.20** | **216.00** | **192.00** |
|
||
|
||
**36M upfront one-time cost:** 192 × 36 = **€6,912 net** at signing (compute only; everything else billed monthly).
|
||
|
||
**Reference per-GiB-RAM rates** (the linear model behind all numbers above):
|
||
| Mode | €/GiB-RAM/mo |
|
||
|---|---:|
|
||
| On-Demand | 9.05 |
|
||
| 12M commit | 6.15 |
|
||
| 36M no-upfront | 4.50 |
|
||
| 36M upfront | 4.00 |
|
||
|
||
Any future sizing change can be sanity-checked as `RAM × rate`.
|
||
|
||
### Storage — Tier A steady state
|
||
|
||
| Item | GiB | €/GiB/mo | €/mo |
|
||
|---|---:|---:|---:|
|
||
| stage block (ephemeral PG + Mongo + Qdrant in-VM) | +50 | 0.10 | 5.00 |
|
||
| vm-edge block (pg-keycloak + pg-infisical + Gitea repos) | +50 | 0.10 | 5.00 |
|
||
| vm-control block (MariaDB + Stalwart spool) | +250 | 0.10 | 25.00 |
|
||
| vm-data block (MongoDB + pg-app + Qdrant + MinIO) | +500 | 0.10 | 50.00 |
|
||
| Object storage — geo-redundant backups (DUS2↔HAM1) | ~500 | 0.0496 | 25.00 *(€12.50 first 6mo via launch discount)* |
|
||
| Object storage — seed bundles + exports + audit archive | ~100 | 0.02 | 2.00 |
|
||
| **Storage subtotal (steady state)** | | | **112.00** |
|
||
| **Storage subtotal (first 6 months)** | | | **99.50** |
|
||
|
||
### Network
|
||
|
||
| Item | €/mo |
|
||
|---|---:|
|
||
| 1 Floating IP (vm-edge — only public host in prod) | 2.92 |
|
||
| 1 Floating IP (stage — public for tester access) | 2.92 |
|
||
| PowerDNS (self-hosted on vm-edge) | 0 |
|
||
| Octavia Load Balancer (deferred to Tier D HA phase) | 0 |
|
||
| **Network subtotal** | **5.84** |
|
||
|
||
> Storage table above uses 1 Floating IP. Adjust to **€5.84** if running stage with its own public IP (recommended). One-line delta of €2.92/mo.
|
||
|
||
### Combined Tier A — four-mode summary
|
||
|
||
| Mode | Compute | Storage | Network | **Total net €/mo** | + 19% VAT | **Annual gross €** |
|
||
|---|---:|---:|---:|---:|---:|---:|
|
||
| On-Demand | 434.50 | 112 | 5.84 | **552.34** | 657.28 | **7,887** |
|
||
| 12M commit | 295.20 | 112 | 5.84 | **413.04** | 491.52 | **5,898** |
|
||
| 36M no-upfront | 216.00 | 112 | 5.84 | **333.84** | 397.27 | **4,767** |
|
||
| 36M upfront | 192.00 | 112 | 5.84 | **309.84** | 368.71 | **4,425** |
|
||
|
||
### Recommended cash plan — Year 1 (use this line in the pitch)
|
||
|
||
| Months | Mode | €/mo (net) | Subtotal € |
|
||
|---|---|---:|---:|
|
||
| 1–3 (rightsizing window) | On-Demand | 552.34 | 1,657 |
|
||
| 4–12 (proven baseline) | 36M upfront | 309.84 | 2,789 |
|
||
| **Year-1 infra net** | | | **4,446** |
|
||
| + 19% VAT | | | **5,291** |
|
||
| + one-time 36M upfront in Month 4 | (compute)| | **6,912** |
|
||
| **Year-1 cash out (gross)** | | | **12,203** |
|
||
|
||
### 3-year cumulative (full 36M commitment term)
|
||
|
||
| Item | € |
|
||
|---|---:|
|
||
| Months 1–3 On-Demand (compute+storage+net) | 1,657 |
|
||
| Compute 36M upfront (paid Month 4) | 6,912 |
|
||
| Storage + network, 36 months × ~118 €/mo | 4,248 |
|
||
| **3-year infra net** | **12,817** |
|
||
| + 19% VAT | **15,252** |
|
||
|
||
---
|
||
|
||
## 4. Growth tiers — what scales when
|
||
|
||
### Tier A — Pilot (5 customers, first 6 months)
|
||
- **Locked topology**: 4 VMs (stage + vm-edge + vm-control + vm-data). See INFRASTRUCTURE.md §1.
|
||
- **Year 1 cash plan**: 3 months On-Demand → 36M upfront. ~€310/mo committed compute+storage+net + one-time €6,912.
|
||
- **Add**: Self-Service support (free). Skip LB, DNSaaS, DDoS, DBaaS, MetaKube, Managed Services.
|
||
|
||
### Tier B — Early growth (50–200 customers, Year 1)
|
||
- **Vertical scale only.** Bump vm-data m2.medium → m2.large (+€64/mo for 36M upfront).
|
||
- **Add cold-standby vm-edge-spare** (€0 idle, only billed during a swap event).
|
||
- **Add Business Support** (€185/mo) once MRR > €5k.
|
||
- **Add LB Single Instance** (€14.60/mo) when we want zero-downtime portal deploys.
|
||
- **Add DDoS Guard PLUS** (€875/mo) before any marketing push.
|
||
- Estimated total: **~€1,100–1,400/mo + VAT**.
|
||
|
||
### Tier C — Scale (500–1000 customers, Year 1–2)
|
||
- **Split vm-data** into vm-data + vm-data-db (move pg-app to its own VM; resolves RISK-1).
|
||
- Alternative: move pg-registry to DBaaS m2.small cluster (3 inst, 36M upfront): **€213/mo**
|
||
- **Split vm-control** into vm-control + vm-ops (ERPNext + MariaDB + Stalwart go to vm-ops): **+€64/mo**
|
||
- **HA edge**: second vm-edge, switch Floating IP → Load Balancer Double Instance (**€58/mo**).
|
||
- **Object storage growth:** audit logs, exports, demo backups → estimated 2 TB = **€40/mo**.
|
||
- Estimated total: **~€2,000–2,500/mo + VAT**.
|
||
|
||
### Tier D — Full scale (2000 customers, Year 2–3)
|
||
- **3-node clusters** on hot paths: vm-control × 2, vm-data × 2.
|
||
- **Split vm-edge** into vm-edge + vm-identity + vm-secrets (back toward original 7-VM design).
|
||
- **DBaaS m2.medium cluster** (4V/16GB, 36M upfront): **€426/mo** for tenant_registry.
|
||
- **Keycloak HA cluster**: 2 vm-identity (m2.medium) + Postgres replica.
|
||
- **Priority Support** (€545/mo) becomes worth it.
|
||
- **Object storage:** ~5 TB = **€100/mo**.
|
||
- **DDoS Guard PREMIUM** (€2,200/mo) if traffic warrants — likely stays on PLUS.
|
||
- Estimated total: **€4,500–6,000/mo + VAT**.
|
||
|
||
### Compute scaling cheat sheet (vs locked topology)
|
||
|
||
| Tier | Customers | Topology delta from Tier A | Compute €/mo (36M upfront) |
|
||
|---|---:|---|---:|
|
||
| **A** | 5 | locked baseline: stage + 3 prod VMs (48 GiB) | **192** |
|
||
| **B** | 200 | + vm-data bumped m2.med → m2.large (+16 GiB) | **256** |
|
||
| **C** | 1000 | + split vm-data (+16 GiB), split vm-control (+16 GiB) | **384** |
|
||
| **D** | 2000 | + split vm-edge (3 → 3 VMs), HA clusters (~+90 GiB) | **~640** |
|
||
|
||
The **€4/GiB-RAM/mo rate** (GP, 36M upfront) is the linear model — everything else (storage, network, support, DBaaS, DDoS) scales sub-linearly with customer count. Compute is never the bottleneck on the bill.
|
||
|
||
---
|
||
|
||
## 5. Cost per customer
|
||
|
||
| Tier | Customers | Monthly infra net (€) | Per customer/month (€) |
|
||
|---|---:|---:|---:|
|
||
| A | 5 | 310 | **62.00** |
|
||
| B | 200 | 1,200 | **6.00** |
|
||
| C | 1000 | 2,300 | **2.30** |
|
||
| D | 2000 | 5,000 | **2.50** |
|
||
|
||
At Tier A the per-customer cost is irrelevant — fixed costs dominate. From Tier B onward our gross margin on a Professional plan (assume €99/customer/month) is **~94%** infrastructure-only. Add LLM passthrough (LiteLLM) + Polar.sh fees (~5%) + on-call time, and we are still well above the 80% gross margin floor SaaS investors look for.
|
||
|
||
**Break-even: ~4 paying customers at €99/mo covers Tier A infra (€310/mo net).**
|
||
|
||
---
|
||
|
||
## 6. SysEleven services we explicitly skip and why
|
||
|
||
| Service | Why skip |
|
||
|---|---|
|
||
| DNSaaS (€10/zone) | We self-host PowerDNS on vm-gateway. €0 marginal cost since vm-gateway exists anyway. |
|
||
| MetaKube Core | Orca already orchestrates our containers. MetaKube would mean abandoning Orca, which the user owns. |
|
||
| MetaKube Accelerator | Same — competes with Orca. |
|
||
| MetaKube Operator add-ons (ExternalDNS, Cert-Manager, Tideways, Velero etc. at €78–171/mo each) | We pick and roll our own per [[self-hosted-oss-first]]. |
|
||
| Managed VM (Business €128–142/mo per VM, Priority €164–182) | Defeats Orca. We are the operators. Saves €1k+/mo at 7 VMs. |
|
||
| Operational Support Platform (€759–1,479/mo) | Massively over-specified for our scale. Buy individual Engineering Support days (€1,264/day) on demand if a real incident requires it. |
|
||
| DDoS Guard PREMIUM (€2,200) / ENTERPRISE (€4,800) | PLUS at €875/mo is enough for ≤500-customer scale. Upgrade if we see actual 1+ Tbps attacks. |
|
||
| Block Storage for Databases (€0.09 vs €0.10) | The €0.01/GiB difference saves ~€5/mo at our scale. Use it only on DBaaS cluster volumes (where SysEleven enforces it anyway). |
|
||
|
||
---
|
||
|
||
## 7. Negotiation levers
|
||
|
||
SysEleven publishes list prices but is open to commercial negotiation, especially as a German Mittelstand provider courting startups. Things worth asking for:
|
||
|
||
1. **Startup credits.** Hetzner, OVH, and most EU clouds run startup-credit programs. Ask SysEleven for the equivalent before signing the 36M commit. Even €5–10k of credits = 6–12 months of Tier A infra free.
|
||
2. **EXIST / HTGF discount.** If we close the €1.5M raise (`project_breakpilot_fundraising`), SysEleven sometimes offers "Gründerförderung" pricing for HTGF-backed companies.
|
||
3. **Single-region discount.** We don't need DUS2 + HAM1 geo-redundancy at Tier A. Ask if single-region (DUS2 only) is cheaper.
|
||
4. **Object storage commitment.** 6-month 50%-off on geo-redundant storage applies anyway, but bulk commitments on regular S3 may unlock further pricing.
|
||
5. **Bundled support.** If we commit to 36M IaaS + Business Support, ask for support fee waiver in year 1.
|
||
6. **Move-in incentive.** Negotiate a setup/migration credit covering first 3 months of On-Demand burn.
|
||
|
||
---
|
||
|
||
## 8. Open questions / things to validate
|
||
|
||
- **Port 25 outbound from vm-ops.** Confirmed with SysEleven that outbound SMTP is allowed by default; if not, fall-back is to relay through Postal/Postmark for transactional only.
|
||
- **Region choice.** DUS2 vs HAM1 — DUS2 is the only region for L40S GPUs, HAM1 has A30. If we never self-host inference, region is purely a latency choice (DUS2 closer to most EU customers).
|
||
- **Geo-redundant Ceph backups.** Currently planning local block + S3 backup. Could also use SysEleven's geo-redundant S3 (DUS2 ↔ HAM1) for true DR. Cost: €0.05/GiB/mo vs €0.02 single-region. At 500GB backup that's €15/mo extra — buy it.
|
||
- **Egress traffic.** Fair Use policy — they reserve the right to bill if we exceed normal patterns. CERTifAI LLM passthrough could be heavy. Ask for clarification on what triggers metered billing.
|
||
- **VPN-as-a-Service inclusive.** Confirmed in the pricing doc. Use it for ops access — replaces our need to build IP-allowlists into Orca-Proxy for `erp.` and `git.`.
|
||
|
||
---
|
||
|
||
## 9. Recommendation summary
|
||
|
||
1. **Sign On-Demand for first 90 days.** Burn ~€1,365/mo while you find the right flavor for each VM.
|
||
2. **At Day 90, commit 36M upfront on proven baselines.** Cuts monthly to ~€700.
|
||
3. **Keep all 7 VMs separate.** The €100/mo difference vs. consolidation is not worth losing failure isolation.
|
||
4. **Skip every Managed Service.** We have Orca.
|
||
5. **Add Business Support at €5k MRR, DDoS PLUS before any public marketing push.**
|
||
6. **Negotiate startup credits before signing.** Could be worth months of free infra.
|
||
|
||
---
|
||
|
||
*End of document. Pricing snapshot 2026-01-20; re-check before signing commitments.*
|