I looked into all the "Self-Hosted Heroku's" a few few months ago. One feature I found they all lacked is multitenancy, meaning that there is no security model in place to trust that you could host multiple pieces of code from different clients without them hacking each other.
I'm not talking about the deployment specifically, but rather isolating the code once it is deployed.
You aren't missing something here, it's necessary for reasons best explained -- by way of slight analogy -- by Sir Humphrey Appleby:
> Jim Hacker: People can wait in the lobby. Or in the state rooms.
> Sir Humphrey Appleby: Some people. But some people must wait where other people cannot see the people who are waiting. And people who arrive before other people must wait where they cannot see the people who arrive after them being admitted before them. And people who come in from outside must wait where they cannot see the people from inside coming in to tell you what the people from outside have come to see you about. And people who arrive when you are with people they are not supposed to know you have seen must wait somewhere until the people who are not supposed to have seen you have seen you.
This is one of the priority engineering efforts for Cloud Foundry at the moment. People want it.
Disclosure: I work for Pivotal, the majority donor of engineering to Cloud Foundry. I guess that makes us competitors to Flynn.
Yeah, our security roadmap will get us to multi-tenancy eventually.
Due to the security posture of the Linux kernel, we won't recommend running untrusted code side-by-side on the same hosts as more sensitive workloads, but we plan to harden everything to the maximum extent possible.
I'm not talking about the deployment specifically, but rather isolating the code once it is deployed.
Am I missing something there?