One of the problems seems to be that most moderately complex companies where any one system would be fine with Compose would want to unify their operations, thus going to a complex distributed system with k8s. And then either your unified IT/DevOps team is responsible for supporting all systems on k8s, or all individual dev teams have to be competent with k8s. Worst case, both.

no-downtime is table stakes in 2025. I can't look at anyone in the eyes and tell them that our product is going to go down for a bit everytime we deploy (it'd also be atrocious friction for frequent deployment).

You can do no-downtime deploy of a web service with:

- Kamal

- Docker compose with Caddy (lb_try_duration to hold requests while the HTTP container restarts)

- Systemd using socket activation (same as Docker compose, it holds HTTP connections while the HTTP service restarts)

So you don't have to buy the whole pig and butcher it to eat bacon.

> - Systemd using socket activation (same as Docker compose, it holds HTTP connections while the HTTP service restarts)

Nit: it holds the TCP connections while the HTTP service restarts. Any HTTP-level stuff would need to be restarted by the client. But that’s true of every “zero downtime” system I’m aware of.

Being successful enough that any amount of downtime is an existential risk is a great problem to have. 99.99% don't have that problem; even huge successful businesses can survive unplanned downtimes (see: recent major outages).

It's far from table stakes and you can absolutely overengineer your product into the ground by chasing it.

"0 downtime" system << antifragile systems with low MttR.

Something can always break even if your system is "perfect". Utilities, local disasters, cloud dependencies.