1. 14
  1.  

  2. 1

    I found this phrasing weird:

    by default, FreeBSD release AMIs will update themselves and reboot to ensure they have all necessary security fixes before they are used, while Linuxes just leave security updates for users to install later

    Ideally with production deployment you’ll have something creating an up-to-date images which boot directly into a fully updated state. (Rather than pay this time cost on each boot) Unless you’re booting pet servers, in which case you need the automatic runtime updates system anyway.

    I’d call the tested configuration “orchestrated environment”, or “production” settings instead.

    FTR, Ubuntu fires off an auto-update run at startup these days.