If you ever read windows internals, you’ll see that overall windows is surprisingly simple, the hidden-proprietary things like encryption/authentication/ads etc run on top of everything else.
Linux and osx are as well still not complex at all, what have changed the most over the years are firmware/hardware and drivers and security related items like addition of sensors, IcS for encryption and etc that is indeed very opaque by nature.
I would have to defer to one of my colleagues for most of the details on running data infrastructure on Kubernetes, I’m not that close to that domain. The major ones we run are HBase, Vitess (MySql), Kafka, Elasticsearch, Memcached, and Zookeeper.
As for the call sampling/interception, that did not factor into discovering the high cost buckets in the logging case study. It was mostly relevant to generally describing how we track costs and it ends up being useful in other scenarios. For example it could be used to assess the estimated unit economics of customers subscribed into a specific product tier.
We also have the death star microservice model, so even relatively simple attribution can be helpful when you want to run a query like “for my team which owns 30 applications, tell me the monthly attributed cost grouped by resource” and that will be able to return all the associated database and cloud costs.
$5m is a solid number to ballpark any new initiative from scratch.