Two years ago we shipped our first proper Rust service into production, replacing a Go daemon that had a habit of falling over under load in ways nobody could quite explain. I went in expecting a fight with the borrow checker and a lot of smug Reddit threads. I got some of both, but the surprises were elsewhere.
The win that mattered most was not speed, though it is fast. It was that the thing simply does not crash. We have had it handle every malformed input our upstream could invent, and the worst outcome has been a logged error and a returned 400. No 3am pages, no mystery memory growth, no goroutine leak hiding behind a channel. The compiler made us think about the failure cases up front, and that discipline carried all the way through.
The regret is mostly about pace. Early on I leaned too hard on Arc<Mutex<_>> because it made the borrow checker stop shouting, and we paid for it later untangling contention that a cleaner ownership model would have avoided. I also underestimated how long it takes a team to get fluent. The first six months were slow, and if you measure a rewrite purely on velocity in that window, Rust looks like a terrible idea.
Would I do it again? For a long-lived service that has to be correct under pressure, yes, without hesitation. For a throwaway script or something that will be rewritten next quarter, absolutely not. The cost is paid in the first quarter and the dividend arrives quietly, in the form of a pager that stays silent.