Seeing things like the free Ksplice Uptrack service for Ubuntu, I'm really starting to wonder if I'm using the right distro, on servers. Debian is my current preference, and has been for quite a while.
Ksplice is a product/project I've been interested in for quite sometime, but I've always had a bit of a problem with the implementation. I try and keep on top of vulns for as many as the products that I support at work, and personally, but inevitably I do miss things. The Uptrack service seems to solve this, but as an individual I couldn't justify what I suspect is a non-trivial cost for my Debian boxes.
So, as Ubuntu is Debian based, and the Canonical server team seems to hold a lot of the same values as the Debian team and myself, am I still using the right distro for the times? More importantly, is Debian destined to be nothing more than "meta-distro"[1] in the future[2]?
[1] A distro from which other distros are built.
[2] Given the number of distros which now depend on Debian, and the size and number of skilled people who contribute it, I don't believe that Debian will be going away any time in the future, nor can I see it's usage as a standalone distro diminishing to 0, I can see it shrinking with time. Especially if we keep seeing free/low cost, integrated, collateral services.
If I understand ksplice correctly it allows you to perform kernel updates without rebooting. Personally I find this a little scary, and wonder how big the benefit really is. (though I agree it is damn cool.) Do you really have many servers that cannot take an occassional out of hours restart to apply a kernel patch? If they are that critical shouldn't they have hot spares anyway in case of hardware failure?
Personally I favour debian because of how much testing each version gets before being called stable - traditionally far more than ubuntu. As more users move to use ubuntu day to day instead of debian testing I wonder if it will maintain this advantage.
To be honest, for my personal stuff it is all about the cool factor and getting to play with Something New(TM). Plus I have that uptime monkey on my back from the 90s still.
In terms of work, it would be nice knowing that a reboot isn't necessary for the latest kernel exploit, although not critical as we don't exactly deal with telecom scale solutions right now.
Whilst I can and do understand the nature of stable being stable, I have found it frustrating in the past when the speed of getting a "feature fix" is rather slow. For instance, nmap --top-ports 10 with debian's stock nmap package will currently barf due to the services file not being updated. Until recently I was actually running my personal systems on debian testing, and still custom compiling some packages.
At the end of the day, debian is pretty stable and I'll give them that happily. But the team do move with glacial speed sometimes ;)