Since I've been experimenting with a foolproof unikernel based static website deployment lately, I realized I should write down this idea I've been chewing for a while:
It would be very nice to have automatic system rollbacks when certain things break. One example is broken SSH config that makes a machine unreachable. Local testing is useful, but like in the SSH example, some issues only become apparent when you are deploying to the production environment. Would others find this useful? Where in the stack would this be solved? Could we, for example, catch an issue in the init system and still perform a rollback? Or if not a full rollback, then at least a reboot into the previous config? (And if that is also broken, then the one before, etc, etc) Obviously there are a lot of edge cases and potential bugs in this mechanism as well. Sticking with the SSH example, rolling back to a version that was kept around where the authorized keys are different would also make the machine unreachable via SSH.
