Visit Jeremy's Blog.
Go Back > Forums > Linux Forums > Linux - Server
User Name
Linux - Server This forum is for the discussion of Linux Software used in a server related context.


  Search this Thread
Old 04-21-2012, 02:57 AM   #1
LQ Newbie
Registered: Apr 2012
Posts: 4

Rep: Reputation: Disabled
Post Is Debian only as much stable as your old software?

Hy ya'll!

First of all, make no mistake, I'm a huge Debian fan. I've been with it for 5 years and it never let me down.

But my requirements have changed, and I'm no longer confident whether it still suits my needs. That's why I desperately need a help!

It turns out that I never had any issues bilding and maintaining my own packages for personal websites, but now that I need to run several small-to-medium companies appliances, I keep getting fired up with people claiming "don't do it, nobody does that in production". Well, I'm still not convinced, but I'm willing to take the word of the more experienced ones.

For instance: Debian's latest MySQL Server provided by any official repository (testing, unstable and BP included) is still based on the 5.1 branch. Unless your software is not compatible with the 5.5, then why not just make the move? I don't mean the latest build released a couple of days ago, but seriously, is anyone out there questioning MysQL-Server 5.5's reliability? Isn't it mature enough to keep up with 5.1 in terms of security and solidness? Not to mention Nginx 1.0.x, Dovecot 2.0.x and so forth.

Regardless of the platform I end up picking, every single package update will run through extensive testing before going into production. The servers will update from nowhere but my local private repository which contains the fully checked updates. I've been reading comments on people using DotDeb in production environments with no issues, and that makes me think "stable" is an alias "pretty solid for your legacy software".

I really lack the in-field experience necessary to make the final call. Should I stick with Debian packages, build and maintain my own or switch away to something more cutting-edge?

It's hard to say, but this is basically the weight these factors play in what I'm trying to achieve assuming I must choose one over another:

SECURITY = 45% (It runs data-sensitive applications)
RELIABILITY = 40% (It is semi-mission-critical)
FUNCTIONALITY = 15% (Being fast and versatile to new apps would be very welcome)

| ■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■ |
Any experience shared will be much appreciated!

Thank you very much!
Old 04-21-2012, 04:31 AM   #2
Senior Member
Registered: Mar 2012
Posts: 1,872

Rep: Reputation: 643Reputation: 643Reputation: 643Reputation: 643Reputation: 643Reputation: 643
The 'stable' in Debian Stable means 'does not change'.
Old 04-21-2012, 04:37 AM   #3
Senior Member
Registered: Feb 2011
Location: Australia
Distribution: Debian Wheezy, Jessie, Sid/Experimental, playing with LFS.
Posts: 2,900

Rep: Reputation: 637Reputation: 637Reputation: 637Reputation: 637Reputation: 637Reputation: 637
Debian has it's own testing procedure and I for one think it is a good thing. As for your list of programs lets go through them 1 by 1 shall we.

MYSQL-Server: It is 5.1 in Squeeze, Wheezy, and Sid. It is 5.5 in Experimental. So you do have the option.

Nginx: Is 1.1.19 right through the range.


Basically you have to make your own choice but I would think of it this way. There are 2 major players in the Linux server market, RedHat and Debian, with Ubuntu in theory coming up rapidly from behind. RedHat and Debian both stick with heavily tested, tried, and true software and because of this they are rock solid. I'm not a server expert, and probably never will be, but I run my own small server at home and believe this method is appropriate.
Old 04-21-2012, 09:28 AM   #4
Senior Member
Registered: Jul 2007
Distribution: Gentoo
Posts: 2,125

Rep: Reputation: 781Reputation: 781Reputation: 781Reputation: 781Reputation: 781Reputation: 781Reputation: 781
For production servers, you need to balance stability and security, with application patches being a security function. Therefore, when it comes to production servers I would recommend going with an Enterprise Grade distribution. This doesn't necessarily mean paying for the commercial distribution, but one should consider using a community distribution that follows the commercial edition. For example, Centos, which follows RHEL, or Ubuntu LTS.

When it comes to Debian, Debian Stable does not change much and as long as the security patches are released without excessive delay and as long as you can live with the older packages, it should be fine for a server. Debian Testing, by way of comparison is (in my opinion) very unstable having 10-20 updated packages per day where as Centos and Ubuntu may have 6-12 per week. From this perspective Debian Testing may offer more cutting edge applications, but would offer a lot of risk in a server environment, especially when cutting edge is not required.
Old 04-21-2012, 01:13 PM   #5
LQ Newbie
Registered: Apr 2012
Posts: 4

Original Poster
Rep: Reputation: Disabled
Originally Posted by descendant_command
The 'stable' in Debian Stable means 'does not change'.
And hell yeah, they take it seriously!

Originally Posted by k3lt01
Debian has it's own testing procedure and I for one think it is a good thing. As for your list of programs lets go through them 1 by 1 shall we.

Nginx 1.1.x itself is still dev, plus I'm not sure I'd use Experimental on production. Also I'm afraid none of those packages provide Dovecot 2 for squeeze... So I guess I would have to abide from a whole lot of reliability to get there...

Debian Stable is really nice. I see myself taking advantage of this whole "you can live off of security patches alone" philosophy in the future, it's just that it kind of doesn't feel right at the moment.

Originally Posted by Noway2
For production servers, you need to balance stability and security, with application patches being a security function. Therefore, when it comes to production servers I would recommend going with an Enterprise Grade distribution.

I know a lot people out there would want to flame you for saying one should follow enterprise-backed flavors for production! But still, as long as RH won't pull the plug on CentOS anytime soon, I like the concept! In fact I've been testing CentOS 6.2 in a VM over the past few hours and I gotta say, I love those "almost-official" repositories. It's great the fact that you can get the best of the two worlds without having to go grasp into someone else's lawn.

I still need to learn a whole lot about how to harden and secure it. And by a lot I mean... everything. Also having a package manager consuming 50+ MB of reserved resources is kind of non-sense for an APT user, but I can live with that... I will be testing it over the next few weeks see how it goes.

Thank ya'll for sharing your views so far! I really appreciate it!


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
What is more stable: Slackware or Debian Stable ? Xeratul Slackware 100 11-14-2015 10:07 PM
tar.gz of a gnome-panel more stable for debian stable :lol frenchn00b Debian 4 05-07-2008 10:32 AM
LXer: For me, Debian Testing is more stable than Stable LXer Syndicated Linux News 0 04-22-2008 05:20 AM
Is Debian 3.1r4 "stable" really stable or it just called that? General Debian 22 01-29-2007 05:18 PM
using testing software in stable debian distro drrnsk8ter4 Linux - Software 1 04-25-2004 05:14 AM > Forums > Linux Forums > Linux - Server

All times are GMT -5. The time now is 11:09 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration