Why I migrated a server from Stretch to Ubuntu Server...

If it doesn't relate to Debian, but you still want to share it, please do it here

Why I migrated a server from Stretch to Ubuntu Server...

Postby dwasi » 2020-01-13 02:59

...and my experiences in so doing. It's not what you think, so don't get the flaying knives out just yet. I just felt like I had to write this up somewhere.

I have an extremely low-utilization server on my personal network. It serves three functions: nginx to serve a couple of static webpages, ssh to be a back door into my network if needed, and a Unifi controller.

Since that's literally all it has to do, it's not real server hardware like my real servers. It's a repurposed laptop. It's been running Stretch for some time.

A few days ago I noticed that gnupg and a couple of other things were being held back when doing updates. I tried to resolve the holdbacks but I wound up in dependency hell. While poking around, I realized that due to a mistake I'd made in past setup, there were files throughout the system that should have been symlinks. So I decided the best thing would be to rebuild the server. Because this server is of low importance, out of curiosity I decided to experiment with Ubuntu Server this time around, installing 18.04.3 just to see how much different it would be from using Debian.

The answer is, somewhat more than I expected. Here's a list of things, in no particular order.

    - Installation prompted me for whether I wanted "Server snaps" (preconfigured server images). Nice idea but not what I needed.
    - Installation prompted me to set up the network interface for static or DHCP. I let it go to DHCP intending to change it later in /etc/network/interfaces. We'll return to this.
    - Installation enforces lowercase-only for hostnames. I guess that's customary but I've never seen it made a requirement before.
    - Shell login comes with almost a pageful of motd that I had to figure out how to disable.
    - Fail2ban is a version that doesn't add chains until it needs them. Good idea for efficiency but confusing when you start it and don't see anything change in iptables right away.
    - Also, installing Fail2ban brought in Postfix and a bunch of other stuff for some reason.
    - Network interface configuration doesn't happen in /etc/network/interfaces. They replaced ifupdown with netplan and use yaml files to define devices. On the surface a good idea except that the yaml files are stupidly sensitive to indentation, and even though it wants you to specify nameserver IPs per interface, it doesn't appear to use them.
    - Why doesn't it use them? Oh yeah, it's because it's caching everything and running the DNS through whatever's set up in the systemd resolv.conf stub. I had to disable that and replace it with an actual resolv.conf. That leaves the caching service active and doing nothing, I guess, but I don't care.
    - For some reason they have cloud configuration utilities enabled by default. I had to turn off something called cloud-init, and rename the netplan config file from 50-cloud-init.yaml. Note that installation never asked me if it's a cloud server, it just assumed.
    - There's apparently a pseudo random number generator enabled, so you don't have to install haveged if you want Unifi to start up right away after boot.
    - Things I installed that worked more or less the same as I'm used to: certbot, ipset, nginx (from the nginx repos, not Ubuntu's), smartmontools, sshd, iptables-persistent.

A couple of these things were advantages, but for the most part they were annoyances. I don't see a real advantage in having to relearn how to set up network interfaces, for example. I shouldn't have to pick cloud pieces out of a local server, and fighting with DNS to get the requests to go where I actually want them to go is frustrating and pointless. This being Ubuntu, there were plenty of online resources to get around the issues, but still, I would have had the server up faster if I'd used Buster. I'm not going to change it now, and it's good to have the experience, but I still prefer Debian.
dwasi
 
Posts: 21
Joined: 2019-11-27 16:57

Re: Why I migrated a server from Stretch to Ubuntu Server...

Postby Head_on_a_Stick » 2020-01-13 17:07

dwasi wrote:it's because it's caching everything and running the DNS through whatever's set up in the systemd resolv.conf stub.

Are they really using systemd's stub resolver as the default? It's completely broken...

And YAML for network configuration? *shudders*
User avatar
Head_on_a_Stick
 
Posts: 12129
Joined: 2014-06-01 17:46
Location: /dev/chair

Re: Why I migrated a server from Stretch to Ubuntu Server...

Postby n_hologram » 2020-01-13 18:11

I have no idea what the purpose of this thread is.
bester69 wrote:There is nothing to install in linux, from time to time i go to google searching for something fresh to install in linux, but, there is nothing

the crunkbong project: scripts, operating system, the list goes on...
n_hologram
 
Posts: 455
Joined: 2013-06-16 00:10

Re: Why I migrated a server from Stretch to Ubuntu Server...

Postby dwasi » 2020-01-14 01:26

n_hologram wrote:I have no idea what the purpose of this thread is.


Well, I have no idea what the purpose of your remark is, so I guess that makes us even. :roll:

Head_on_a_Stick wrote:
dwasi wrote:it's because it's caching everything and running the DNS through whatever's set up in the systemd resolv.conf stub.

Are they really using systemd's stub resolver as the default? It's completely broken...

And YAML for network configuration? *shudders*


Yes, they are. I haven't used Ubuntu proper for anything in many years, so I'd forgotten how aggressive it is about intercepting DNS. I don't know if that was because Canonical was trying to sell you things through the desktop for a while, or just someone's idea of how to make DNS more efficient, but it was one of the reasons I stopped using Ubuntu for desktops. (The other big one was Unity.)

Regarding netplan and yaml: They have a position paper out there on why they went to netplan over ifupdown. I can understand some of their arguments, but in the end it's one of those If It Ain't Broke things. And indentation-sensitive config files break convention. Indents are nice for human readability, but the system shouldn't care if your indenting is inconsistent.
dwasi
 
Posts: 21
Joined: 2019-11-27 16:57

Re: Why I migrated a server from Stretch to Ubuntu Server...

Postby sunrat » 2020-01-14 06:32

dwasi wrote:
n_hologram wrote:I have no idea what the purpose of this thread is.


Well, I have no idea what the purpose of your remark is, so I guess that makes us even. :roll:


It's serving well as a warning not to use Ubuntu. :mrgreen:
“ computer users can be divided into 2 categories:
Those who have lost data
...and those who have not lost data YET ”
Remember to BACKUP!
User avatar
sunrat
 
Posts: 3086
Joined: 2006-08-29 09:12
Location: Melbourne, Australia

Re: Why I migrated a server from Stretch to Ubuntu Server...

Postby trinidad » 2020-01-14 12:17

It's serving well as a warning not to use Ubuntu


1) YAML is not secure when used with Ruby or ROR. It can operate in some use cases (python wrapper object injection) like a network facing/exposed XML segment. Bad choice unless you like manually writing security protocols for network applications which would have been fine to begin with. Actually seems like a stupid choice which makes me wonder why they are bothering with it.

2) Canonical is invested in cloud technology, and they just love to sneak in development software and tracking, so that is not surprising.

3) "Feature rich" "Cutting edge" Hmmmmm... I like STABLE.

TC
You can't believe your eyes if your imagination is out of focus.
trinidad
 
Posts: 129
Joined: 2016-08-04 14:58

Re: Why I migrated a server from Stretch to Ubuntu Server...

Postby dwasi » 2020-01-14 19:39

Oh, also: I could swear I selected a time zone during installation, but the final system was on UTC.
dwasi
 
Posts: 21
Joined: 2019-11-27 16:57

Re: Why I migrated a server from Stretch to Ubuntu Server...

Postby n_hologram » 2020-01-15 13:31

trinidad wrote:
It's serving well as a warning not to use Ubuntu

---snip---
"Feature rich" "Cutting edge" Hmmmmm... I like STABLE.


Back in circa 2010, I set up an Ubuntu project server, only because it supported my drivers. Nowadays, I couldn't justify it. I do find it interesting that big, corporate projects, like Spotify, use it as the basis for their servers (unless this changed recently).
bester69 wrote:There is nothing to install in linux, from time to time i go to google searching for something fresh to install in linux, but, there is nothing

the crunkbong project: scripts, operating system, the list goes on...
n_hologram
 
Posts: 455
Joined: 2013-06-16 00:10

Re: Why I migrated a server from Stretch to Ubuntu Server...

Postby dwasi » 2020-01-15 19:19

n_hologram wrote:Back in circa 2010, I set up an Ubuntu project server, only because it supported my drivers. Nowadays, I couldn't justify it. I do find it interesting that big, corporate projects, like Spotify, use it as the basis for their servers (unless this changed recently).


Yeah, that was a little bit of the reason why I chose to try this. My company uses a lot of Ubuntu. I'm not directly involved with the teams that do, but it did make me curious about what they saw in it.

I think it's the corporate backing that drives it. If you break something in Ubuntu, Canonical will gladly take your money to help you fix it.
dwasi
 
Posts: 21
Joined: 2019-11-27 16:57

Re: Why I migrated a server from Stretch to Ubuntu Server...

Postby sunrat » 2020-01-15 21:39

dwasi wrote:I think it's the corporate backing that drives it. If you break something in Ubuntu, Canonical will gladly take your money to help you fix it.


Image
“ computer users can be divided into 2 categories:
Those who have lost data
...and those who have not lost data YET ”
Remember to BACKUP!
User avatar
sunrat
 
Posts: 3086
Joined: 2006-08-29 09:12
Location: Melbourne, Australia


Return to Offtopic

Who is online

Users browsing this forum: No registered users and 8 guests

fashionable