Do you really think that Parse is doing all of the security updates that come through Ubuntu or CentOS? Is Heroku doing all of them? I doubt it.
And if someone needs to do a security update on Ubuntu, its a one liner.
99% of the Node apps out there will not need more than one VM or any complicated scaling. Or they can scale horizontally at the application level using more VMs, or vertically by just upgrading their VM to have more
RAM/VCPUs.
From Heroku's site: "New systems are deployed with the latest updates, security fixes, and Heroku configurations and existing systems are decommissioned as customers are migrated to the new instances. This process allows Heroku to keep the environment up-to-date. Since customer applications run in isolated environments, they are unaffected by these core system updates."
Which means they do not apply security updates. They decommission servers if they think its necessary. How many times has Heroku actually done this? I am sure it is not with every security update.
Do you really think that Parse is doing all of the security updates that come through Ubuntu or CentOS?
Yes. Yes I do.
This whole line of argument is one I typically hear from folks who've never had to deal with a Sev 1 incident in the middle of the night. If your argument holds, sysadmins and DevOps teams are essentially pointless.
Moreover, even a developer confident handling both maintenance and incident response should value his or her time more than zero. Given that, presumably there is a price point at which it makes sense to simply pay a platform provider or hire dedicated DevOps. There may be varying opinions as to what that price point is, but it does exist if the developer has the cash.
Do you really think that Parse is doing all of the security updates that come through Ubuntu or CentOS? Is Heroku doing all of them? I doubt it.
And if someone needs to do a security update on Ubuntu, its a one liner.
99% of the Node apps out there will not need more than one VM or any complicated scaling. Or they can scale horizontally at the application level using more VMs, or vertically by just upgrading their VM to have more RAM/VCPUs.
From Heroku's site: "New systems are deployed with the latest updates, security fixes, and Heroku configurations and existing systems are decommissioned as customers are migrated to the new instances. This process allows Heroku to keep the environment up-to-date. Since customer applications run in isolated environments, they are unaffected by these core system updates."
Which means they do not apply security updates. They decommission servers if they think its necessary. How many times has Heroku actually done this? I am sure it is not with every security update.