Nicholas Schmidt

Nicholas Schmidt

Dad, CTO, and lover of all things 1's and 0's.

Debian Server vs. Ubuntu Server

3 minute read

Lately I have had a few requests for my thoughts on using Ubuntu Server. For me the real question at that point is why use Ubuntu server over Debian?

———-

I have used Ubuntu server a good bit and while I appreciate the effort, I am not sure I agree with it. What I mean by this is that Ubuntu is based on Debian testing/unstable. Every LTS (Long-term Support) release is guaranteed to be supported for 3 years on the desktop/5 for the server. Knowing that is in essence just Debian under the hood, why go with Ubuntu?

Ubuntu’s secret sauce is in the desktop, but in the server it is more difficult to justify. If support is the major concern (and lets be VERY serious about how often the support will be executed on) then you can use HP for their Debian Support:

http://h20219.www2.hp.com/services/us/en/consolidated/os-debian.html

Next question to ask is what commercial product suites are you targeting? The OS is merely the tool to execute on your mission. Debian I would argue has less commercial support due to Canonical out there pounding the pavement with vendors. It is becoming more of an issue as Debian != Ubuntu anymore with the divergence in kernel setups and package choices. Most of the major enterprise apps are unaffected by this now:

  • NetBackup – Supports Both – http://www.symantec.com/business/support/index?page=content&id=TECH63359
  • Oracle – Not supported on either version, but Oracle provides a Debain repo for Oracle XE
  • VMware Server – Ubuntu Only: https://www.vmware.com/products/server/faqs.html
  • NetCool – Debian Support: http://publib.boulder.ibm.com/infocenter/tivihelp/v8r1/topic/com.ibm.netcool_pm.doc/TNPFA_4.1.0_Installation_and_User_Guide_en.pdf
  • SELinux – Debian has much better support
  • AppArmor – Ubuntu default
  • Nessus – Supported on both – http://www.nessus.org/download/
  • DISA is evaluating Debian for STIG possibilities; not Ubuntu – http://www.disa.mil/ucco/webfiles/apl_process/STIG_Questionnaire.pdf
  • EAL NIAP Validation – Neither; use Red Hat or SuSE

As a community, Debian has much better outreach and support in my opinion. While Debain may not have the name recognition it is the default choice for long-term stable servers in my home. If the choice is for US Federal applications be aware that neither are approved. With that said Debian is used “places” and isn’t that tough to showcase it complies with security policies. In fact Debian+SElinux is a very potent combo for security and stability.

For me the choice comes down to “What does Ubuntu Server offer me?” Currently I can see no big discriminator that would warrant leaving a tried-and-true Debian ecosystem for Ubuntu Server. Unlike in Ubutnu Server where only the main repo is provided the 5 year support, Debian supports all 25,000+ packages in the repos for security updates. Chances are good that something you need to operate is in the universe/multiverse repo on Ubuntu Server. Check this before making the jump.

One of the first places that Ubuntu and Debian diverged was with Upstart. Debian teams have been tracking it since 2009 as a possible integration, but due to Debian now supporting FreeBSD and GNU/Hurd the future seems bleak for bug 547235 is fixed allowing for a compatibility mode. While it might not seem like a big deal, this is a big change to the baseline configs. Init scripts will need to be rewritten and much like Solaris 9 –> Solaris 10, there is a lot of bugs still to workout. If your support staff deals primarily in Red Hat and SuSE boxes there will be a learning curve with Ubuntu vs. Debian.

The only heartburn I have with Debian is the length of security patches. Debian’s security policy states that security patches will be provided for one year AFTER the next stable release. That means that Debian 5.0 (released in 2009) will be supported till 2012 for security patches. That is just 3 years of coverage, which wouldn’t sound so bad until you think about all the 2003 boxes and Solaris 9 boxes running around the enterprise. Ubuntu states 5 years worth of support, but the track record isn’t there yet for me to feel comfy with it. They have shown with 6.06 Server Edition that they made 5 years. Maybe one more cycle will be enough to ease that concern for me:

https://lists.ubuntu.com/archives/ubuntu-announce/2009-July/000123.html

It comes down to brand recognition. Ask yourself why you are considering Ubuntu Server. Most likely an admin has played with it at home on their laptops or in a VM. If it is in name alone then why not give Debian a try. Why drink RC Cola when you can have Coke?

Updated: