Debian Stable vs Ubuntu LTS for Server?
Which is a better platform for a professional use server?
Debian Stable or Ubuntu LTS?
The third party software we plan to use, works on both. Which one is better on it own merits?
Take into account things like the kernel (Ubuntu for example has its own custom kernel for servers), and other Ubuntu specific customizations.
I keep switching back and forth, and I need to decide so I can recommend one or the other to a client. Right now, I think I am going to choose Debian Stable.
Recently, I have had Ubuntu Server Edition 10.04.1 have a few strange issues…
I have Ubuntu setup to do automatic updates via a simple script, and every few months or so, libapache2-mod-php5 gets removed because of conflicting packages… Thereby causing me to loose the php function of the web server.
Debian Stable has not done anything like this.
Well I don’t see why people are making a fuss about the quality of the question. It’s clearly a decision that lots of developers will want to weigh up before deploying. And there are clearly some differences that are very relevant to deploying each.
I think the prime consideration and comparison between debian stable and an Ubuntu LTS is security and general package updates.
Debian “stable” releases are supported for a year after the next stable release. So if a stable comes out every two years, and you started on a stable release right at its launch, you get three years of updates:
The security team tries to support a stable distribution for about one year after the next stable distribution has been released, except when another stable distribution is released within this year. It is not possible to support three distributions; supporting two simultaneously is already difficult enough.
You should note that the debian cadence is not guaranteed. Stable releases come out when they’re ready. This could mean you get anywhere from 18 months to 18 years of support. This makes it very unpredictable as you won’t know when you need to upgrade until you know when the next stable will be finalised.
Compare that to a Ubuntu LTS release, desktop updates are very similar but for the server applications and kernel, you get a mammoth 5 years of support, regardless of any new LTS releases in that time:
A new LTS version is usually released every 2 years. With the v12.04 Long Term Support (LTS) version you get 5 years support for both the Ubuntu Desktop and the Ubuntu Server. There is no extra fee for the LTS version; we make our very best work available to everyone on the same free terms.
This means you should be able to deploy the latest LTS on a box and not have to worry about it not getting security updates (for supported packages) for years and years. When you have more than a handful of servers, or just some applications that can’t afford any downtime for testing upgrades, or just don’t have the time to spend a day/week testing upgrades, Ubuntu has a large advantage over debian.
I stumbled upon this thread whilst googling “ubuntu server stability issues” – searching for answers to my own concerns regarding the stability of Ubuntu server.
I have to admit that I’m a long term Ubuntu fan, particularly on the desktop (Since Breezy).
Box 1: “Fred”
I first deployed Ubuntu server 8.04 on a production machine that has low usage requirements; it’s predominantly a “brochure-ware” level webserver with about 4/5 websites, which also acts as an offsite backup repository. Primary packages are Apache2, Mysql, Postgresql, PHP.
It’s dual core, has 2 GB RAM, 2x 1GB HDD configured with mdadm as RAID1.
Stability wise, it has been great except that it seems to die every 3-6 months for no obvious reason, despite combining through log after log.
I’ve kept this machine on 8.04, performing occasional updates.
Box 2: “Charlie”
Charlie has been running for a similar lifetime as Fred, and is used as an office based backup and media storage machine, office server monitoring node, network gateway for remote logins, wiki and virtualbox host.
Primary packages are: Apache2, postgresql, mysql, PHP, webmin, samba and Virtual box – Non OSE (We needed the headless feature back when that wasn’t supported in the OSE).
Hardware wise, Charlie is Quad core, with 8GB RAM, has about 10TB of storage, distributed across a number of sata and ide drives, some of the sata drives comprise a soft RAID5 array, we have a drobo connected over firewire, two external usb drives and another drobo due to be attached.
Charlie started on Ubuntu 8.04, has been upgraded periodically via dist-upgrade and is currently at 10.04.
Sadly, Charlie is as stable as drunk in a brawl.
Charlie has frequent kernel panics, OOM’s and requires a reboot every 2-3 weeks. Combing through logs has me scratching my head.
I love Ubuntu server, it’s familiar, relatively well laid out, I love aptitude (Which should be the default package manager IMHO, packages/apps such as UFW, Fail2Ban, Denyhosts, logwatch, logrotate etc make administration relatively simple.
But both Ubuntu server boxes have uptimes measured in weeks or months, if we’re lucky, and yes, during that time we’ve changed the hardware and re-installed from scracth, tested the disks, tested the RAM.
By comparison, I have clusters of HP DL360 G5’s, DL380 G5’s, DL380 G6’s where uptime is measured in years, sometimes, 1000’s of days.
These are running CentOS – and it doesn’t float my boat like UBuntu Server, but it seems so much more stable, yet I don’t know whether that’s the Hardware or the OS.
Just my two-pence worth.
To answer your question about Professional/Production use I think there are several key elements that have been addressed but there is one point I feel that is extremely crucial.
Packages and Package Management
This is a key difference between Debian stable and Ubuntu LTS especially if your concerned about longevity, uptime, stability etc.
Ubuntu is released every six months and is based off of the Debian unstable branch which generally means overall newer and more up to date software but at the same time having the disadvantage of being considered basically “unstable” at least in an enterprise context.
Now the LTS release is based mostly on Debian Testing which in Debian terms “represents the state of the upcoming stable release before it is actually considered stable” and although Ubuntu puts a lot of time and effort into making regular and LTS versions as stable as possible after the packages have been pulled from there respective Debian branches, LTS is still based on the Testing branch which in turn is still considered by Debian in its own branch to be not quite ready for Production use or anything approaching mission critical.
And Ubuntu’s community of developers simply cannot compete on the same scope or level of Debian which is possibly the largest communal based software ever created.
In basic terms this means Ubuntu LTS being based upon the Debian Testing branch and even with Ubuntus attempts to stabilize and polish their testing packages after they’re pulled, does not equal the immense development and maturity of Debian stable and the packages thereof. Debian stable truly is the Golden Standard for rock solid stability.
I am testing xen hypervisors for 2 years now and the general rule is newer kernel = more performance/stability. In that regard Ubuntu LTS is almost like Arch Linux with support. Debian worked fine with Intel/Nvidia, as soon as we got into testing AMD “hit the fan”. Debian with xenkernel from testing still doesn’t have a bugfix for AMD FX 81xx CPUs, i won’t even talk about “stable” repo. Big community is good and all, but Canonicals responsiveness was better every time it was needed (may be conincidence).
I think in 3-4 more months there will be enough statistics for me to say decisevly, but i am convinced there will be a migration of all hypervisors to ubuntu server.
Terminology and meaning of “professional use server”
For me the term “professional use server” includes a wide range of attributes.
It is sometimes difficult to answer such a question.
For example the term “stable” means for some of us a software that is not crashing.
Where as the term “stable” also could mean a software that is released/marked as “stable” that will not change for the time being released until the next release e.g. release GNU Debian Lenny and following release GNU Debian Squeeze.
As you can see “$stable” -ne “stable” 😉
Security is another elastic term. For example Ubuntu uses always the latest available security compiling flags and features when they compile and build their packages.
E.g. heap/stack buffer-overflow, address space layout randomization (ASLR) or position-independent executable (PIE). GNU Debian still does not implement PIE in its stable release “Squeeze” due to the fact that the source code must be adopted (changed) to make it possible to compile using those security flags and as of stability policy of GNU Debian means not to change things during a running release. However it is planed to enable these features in the next release (Wheezy) which is for now in the testing branch.
Software licensing might be also an issue. GNU Debian spends big efforts to be clear about software licensing issues e.g. Iceweasel vs. Firefox … That being said that GNU Debian spends big efforts to provide you also with a wide range of real free software stable and ready for production use. Another example is that the main parts of the Linux kernel still stand under GPLv2 and thus GNU Debian does not use non free vendor drivers as much as Ubuntu does. Resulting in a broader hardware support with Ubuntu. At the other hand with GNU Debian you are less exposed to other companies with heavily patents and software licensing based businesses when it comes to interests conflicts.
At the very end you have to choose the right GNU distro that mostly suits your needs.
Seeing ByteCode’s answer, I thought I’d supply my anecdotal experience with Ubuntu LTS on a work server.
The box: AMD 1055t, 4GB ram, 4TB hardware raid5, enthusiast motherboard with mild overclocking. Lots of fans & the 4 raid drives are external & mounted to a large aluminum plate with copper as heat sink on other side.
Installed Ubuntu 10.04 LTS in 2011 I think. Might have been 2010. Never did a dist upgrade. Rarely if ever updated at all actually, as I didn’t do it frequently enough and then dependencies got broken. It shutdown in September 2011 when San Diego’s power went out for hours. Then next time was this year when I moved it into a cabinet.
My trick? Total neglect. Rarely updated & when I did, I used aptitude. Then we had 3 power outages in a row yesterday. Should have left it off the whole time, but the last time something went wrong with the HDD and ubuntu wouldn’t boot. So new HDD time and I’m installing debian now, as from my reading, it would seem debian is better for install and forget.
edit / update 1.5 years later
Debian didn’t install quite as easily as I’d like on my latest server, so I’m back on the latest Ubuntu LTS. Uptime would be much more awesome than 29 days but had to shut down to remove a couple failing drives from the zfs raid. Been running ubuntu for the work’s fileserver for half a decade and it is rock solid. Not once can I point any blame at the OS. Heck, it even saved me when that aforementioned AMD system started having kernel panics from the RAM trying to go bad.
I haven’t ever purchased windows server, but at least once a year, one of our Windows computers does an update and upon reboot, isn’t quite the same again. Never had that with linux…
Up to recently support life cycles were of similar length so it made little difference. The most recent Ubuntu LTS (18.04) gives you 10 years of support rather than the usual 5.
Migrations are expensive so 10 year support is a big advantage for Ubuntu.
There are many things to consider including.
- Which is newer. Since Debian stable and Ubuntu LTS release at different times One or the other may have newer versions of the packages you care about at the time you come to install. Right now Ubuntu LTS is newer than Debian stable, but that will of course switch around when buster is released.
- What software do you care about? Ubuntu has a distinction between packages in main where Canonical pays people to care about providing updates and packages in Universe where updates are up to the community and where most packages were imported from Debian without a Ubuntu person ever taking a look at them. Debian does not have such strong distinctions.
- Backported kernels, Ubuntu backports kernels from regular releases to the previous LTS release for “hardware enablement” and includes those new kernels on installatoin media. Debian also backports kernel’s but in a more ad-hoc manner and it does not include those backported kernels on installation media.
- Support lifecycles, Ubuntu LTS releases traditionally have a 5-year support lifecycle at least for server packages in main. Apparently the latest LTS release has increased this to a massive 10 years. Debian gives regular support until 1 year after the next release (typically about 3 years from inital release), on recent releases there has also been “lts support” for another couple of years after that, though only for packages the LTS team considers sufficiently important.
- Canonical offers official paid support, while there are certainly paid support options for Debian, none of them are official.
Which of these are most important is a question you will have to consider in light of your particular application.