1. I reboot it and my users will need to wait. 99.99% uptime is achieved with 53 minutes of downtime every year, largely enough for the occasional kernel update here and there.
If needed, I can choose to apply the update in the middle of the night in the timezone of most of my visitors.
If it really is a sensitive app and I can't afford any uptime, I just add another inexpensive box, put a load balancer in front (a Cloudflare load balancer would work fine). And since I now have 2 servers, I need a way to manage them without having to manually log in to each of them each time. Enter Ansible. And that's it.
2. Now that I have two cheap boxes, nothing prevents me from having them in two separate data centers and two separate providers.
If needed, I can choose to apply the update in the middle of the night in the timezone of most of my visitors.
If it really is a sensitive app and I can't afford any uptime, I just add another inexpensive box, put a load balancer in front (a Cloudflare load balancer would work fine). And since I now have 2 servers, I need a way to manage them without having to manually log in to each of them each time. Enter Ansible. And that's it.
2. Now that I have two cheap boxes, nothing prevents me from having them in two separate data centers and two separate providers.