Spotify migrate 5000 servers from Debian to Ubuntu

Or yet another reason why it’s really important that we succeed with Debian LTS. Last year we heard of Dreamhost switching to Ubuntu because they can maintain a stable Ubuntu release for longer than a Debian stable release (and this despite the fact that Ubuntu only supports software in its main section, which misses a lot of popular software).

Spotify Logo

A few days ago, we just learned that Spotify took a similar decision:

A while back we decided to move onto Ubuntu for our backend server deployment. The main reasons for this was a predictable release cycle and long term support by upstream (this decision was made before the announcement that the Debian project commits to long term support as well.) With the release of the Ubuntu 14.04 LTS we are now in the process of migrating our ~5000 servers to that distribution.

This is just a supplementary proof that we have to provide long term support for Debian releases if we want to stay relevant in big deployments.

But the task is daunting and it’s difficult to find volunteers to do the job. That’s why I believe that our best answer is to get companies to contribute financially to Debian LTS.

We managed to convince a handful of companies already and July is the first month where paid contributors have joined the effort for a modest participation of 21 work hours (watch out for Thorsten Alteholz and Holger Levsen on debian-lts and debian-lts-announce). But we need to multiply this figure by 5 or 6 at least to make a correct work of maintaining Debian 6.

So grab the subscription form and have a chat with your management. It’s time to convince your company to join the initiative. Don’t hesitate to get in touch if you have questions or if you prefer that I contact a representative of your company. Thank you!


  1. Damon says

    I just dropped Debian and went back to Ubuntu as well. Not because of the support, but because it’s more User oriented than Enterprise oriented.

    I got sick of having to individually connect devices correctly, on a laptop. Manually adding non-free repos, having to be root to shutdown, or add the user to wheel.

    Don’t get me wrong, I love Debian and use it happily when I need a 100% stable, bulletproof, enterprise level system. But I just want my crappy little netbook to work, no hassles. Ubuntu does this and I don’t think Debian will ever provide the accomodation that my laziness needs.

    No hard feelings

    • says

      Actually the default experience is getting there. When you install Debian nowadays, you can skip the root password whent it asks for it and you’ll be put in the sudo group instead. Shutdown works fine in GNOME 3 – if you using a niche desktop environment, some things may be broken until the systemd dust has settled.

      I set up my wife’s computer with Debian a couple of weeks ago, she’s been using Ubuntu for many years, and honestly I think besides the contrib/non-free repositories and a couple of packages from there (e.g. Flash), that everything worked just fine out of the box.

      Flash will probably die soonish, the graphics driver situation is improving and as for ease of use of basic components, the switch to systemd means that Debian will get a lot of stuff for free from Fedora where Red Hat has a bunch of developers working on making everything just work – provided you stick to mainstream things like GNOME. They’re still a bit behind some of the stuff in Ubuntu, e.g. with regards to the Software Center, but OTOH what they’re working on is actually upstream so the long-term prospects are probably better.

  2. says

    That said I was looking at 12.04 LTS, and noting the cryptography in OpenSSL had been deliberately nobbled. Don’t know if they used Heartbleed as an excuse to sort that. But similarly Squeeze OpenSSL is still just about okay, but it is aging fast, and folks should be migrating servers that use TLS (Web, Email, VPN, pretty much everything that talks on the Internet).

    Whilst I understand the desire for stability, really the software we have isn’t robust enough so it needs patching, and the effort of backporting patches is so immense, that there will be gaps (most browsers are already abandoned early). I assume if the crypto has these sorts of issues, other bits of the code will have similar issues that are hard to address. I know some of the recent kernel fixes had ABI changes. If it is unpredictable that is the issue, perhaps it is better to support each release for at least 3 years, it probably won’t make much difference in practice, and people have predictability. You’ll discover then actually what they want is really long support cycles since they don’t actually want to do maintenance at all, which is entirely understandable, but almost certainly insane from a security, reliability and functionality stand point.