Upgrading Ubuntu Server | NOC.org

Why Upgrade Ubuntu Server?

Ubuntu LTS (Long Term Support) releases receive five years of standard security updates, but eventually every version reaches end of life. Running an unsupported version means no more security patches, which leaves your server vulnerable to known exploits. Beyond security, newer Ubuntu releases bring updated kernels with better hardware support, newer versions of system packages, improved performance, and access to modern software repositories.

Ubuntu LTS releases follow a predictable two-year cycle: 18.04 (Bionic), 20.04 (Focal), 22.04 (Jammy), and 24.04 (Noble). The recommended upgrade path is sequential between LTS versions. You cannot skip releases — to go from 18.04 to 24.04, you must upgrade through 20.04 and 22.04 first. Planning and executing these upgrades carefully is essential for maintaining a secure and stable Linux server environment.

Pre-Upgrade Checklist

Before starting any major version upgrade, complete these preparation steps to minimize the risk of downtime or data loss:

1. Create a Full Backup

Always back up your entire system before upgrading. At a minimum, back up your data, configurations, and databases:

# Create a tarball of critical config files
tar czf /backup/etc-backup-$(date +%F).tar.gz /etc/

# Dump all MySQL/MariaDB databases
mysqldump --all-databases > /backup/all-databases-$(date +%F).sql

# If using a VM or cloud provider, take a snapshot
# AWS: aws ec2 create-snapshot ...
# DigitalOcean: Use the control panel to create a snapshot

A full disk snapshot is the safest option if your hosting provider supports it. If the upgrade fails catastrophically, you can restore the snapshot and be back to your original state within minutes.

2. Check Disk Space

Ubuntu upgrades download hundreds of megabytes of packages. Ensure you have sufficient free space:

# Check available disk space
df -h /

# Clean up old packages and cached downloads
apt autoremove -y
apt clean

# Check for large log files that can be rotated or truncated
du -sh /var/log/*

You should have at least 2-3 GB of free space on the root partition. If space is tight, remove old kernels with apt autoremove and clear the package cache with apt clean.

3. Update Your Current System Fully

Your system must be fully updated before attempting a version upgrade:

# Update package lists and upgrade all packages
apt update && apt upgrade -y

# Install any held-back packages
apt dist-upgrade -y

# Verify no packages are held back
apt-mark showhold

If apt-mark showhold shows any held packages, you should release them before upgrading. Held packages can cause the upgrade tool to refuse to proceed.

4. Review Custom Repositories and PPAs

Third-party repositories and PPAs are a common source of upgrade failures. The upgrade tool will attempt to disable them, but it is safer to review them in advance:

# List all configured repositories
grep -r "^deb " /etc/apt/sources.list /etc/apt/sources.list.d/

# Disable PPAs that may not support the target version
add-apt-repository --remove ppa:example/ppa

5. Note Your Current Configuration

# Record current Ubuntu version
lsb_release -a

# Record running services
systemctl list-units --type=service --state=running

# Record installed packages
dpkg --get-selections > /backup/installed-packages-$(date +%F).txt

The do-release-upgrade Process

Ubuntu provides the do-release-upgrade command as the official and recommended way to upgrade between major versions. It handles package conflicts, configuration file changes, and service restarts in a controlled manner:

# Install the upgrade tool if not already present
apt install update-manager-core -y

# Run the upgrade (use screen or tmux to prevent SSH disconnection issues)
screen -S upgrade
do-release-upgrade

The do-release-upgrade tool will:

1. Check that your current system is fully updated
2. Calculate the changes required for the upgrade
3. Show you a summary of packages to be installed, removed, and upgraded
4. Download all required packages
5. Install the new packages
6. Prompt you about configuration file changes
7. Clean up obsolete packages
8. Ask you to reboot

Running the Upgrade Over SSH

If you are connected via SSH, do-release-upgrade will start an additional SSH daemon on port 1022 as a backup. If your main SSH session is interrupted, you can reconnect on port 1022 to resume the upgrade. Make sure your firewall allows this port:

# If using UFW, temporarily allow port 1022
ufw allow 1022/tcp

For more on configuring your firewall, see our guide on UFW on Ubuntu.

Handling Configuration File Prompts

During the upgrade, you will be asked what to do when a configuration file has been modified both locally and in the new package version. You will typically see options like:

Configuration file '/etc/ssh/sshd_config'
 ==> Modified (by you or by a script) since installation.
 ==> Package distributor has shipped an updated version.
   What would you like to do about it?
   1) keep the local version currently installed
   2) install the package maintainer's version
   3) show the differences between the versions
   4) start a shell to examine the situation

The safest approach is:

• Option 3 (show differences) — Always review the diff first to understand what changed
• Keep local version — If you have custom settings you need to preserve (e.g., SSH config, Nginx vhosts, PHP settings)
• Install maintainer's version — If you have not customized the file, or if the new version contains critical security changes

For critical services like SSH, keeping your local version is usually safer. You can always merge new options manually after the upgrade.

Upgrading from EOL (End of Life) Versions

If your Ubuntu version has reached end of life, the standard repositories are moved to old-releases.ubuntu.com. You must update your sources.list before you can upgrade:

# Replace archive.ubuntu.com with old-releases.ubuntu.com
sed -i 's/archive.ubuntu.com/old-releases.ubuntu.com/g' /etc/apt/sources.list
sed -i 's/security.ubuntu.com/old-releases.ubuntu.com/g' /etc/apt/sources.list

# Update package lists with the new repository URLs
apt update

# Now upgrade all packages on the current version
apt dist-upgrade -y

# Then proceed with the release upgrade
do-release-upgrade

This is commonly needed for Ubuntu 18.04 systems that were not upgraded before its end-of-life date. After updating sources.list, the standard do-release-upgrade process works normally.

Step-by-Step Upgrade Path: 18.04 to 24.04

If you are running Ubuntu 18.04 and need to reach 24.04, you must upgrade sequentially through each LTS release:

Step 1: 18.04 (Bionic) to 20.04 (Focal)

# Update sources.list for EOL repository (if 18.04 is past EOL)
sed -i 's/archive.ubuntu.com/old-releases.ubuntu.com/g' /etc/apt/sources.list
sed -i 's/security.ubuntu.com/old-releases.ubuntu.com/g' /etc/apt/sources.list

# Update and upgrade current packages
apt update && apt dist-upgrade -y

# Run the release upgrade
do-release-upgrade

# After reboot, verify
lsb_release -a   # Should show 20.04

Step 2: 20.04 (Focal) to 22.04 (Jammy)

# Update and upgrade on 20.04
apt update && apt dist-upgrade -y

# Run the release upgrade
do-release-upgrade

# After reboot, verify
lsb_release -a   # Should show 22.04

Step 3: 22.04 (Jammy) to 24.04 (Noble)

# Update and upgrade on 22.04
apt update && apt dist-upgrade -y

# Run the release upgrade
do-release-upgrade

# After reboot, verify
lsb_release -a   # Should show 24.04

Each step requires a full reboot and verification before proceeding to the next. Do not attempt to run multiple upgrades without rebooting between them. Budget at least 30-60 minutes per upgrade step depending on your server's speed and the number of installed packages.

Post-Upgrade Verification

After rebooting into the new version, verify that everything is working correctly:

# Confirm the new version
lsb_release -a
uname -r   # Check kernel version

# Check that all critical services are running
systemctl list-units --type=service --state=running
systemctl status nginx
systemctl status mysql
systemctl status php8.3-fpm   # Version may differ

# Check for any failed services
systemctl --failed

# Verify network connectivity
ping -c 3 8.8.8.8
curl -I https://your-domain.com

# Check disk space after upgrade
df -h /

# Clean up obsolete packages
apt autoremove -y
apt clean

# Review and re-enable any disabled third-party repositories
ls /etc/apt/sources.list.d/

Common Issues and Troubleshooting

SSH Connection Drops During Upgrade

If your SSH session disconnects during the upgrade, reconnect on port 1022. The upgrade process continues in the background. You can also reattach to your screen or tmux session:

# Reconnect on backup SSH port
ssh -p 1022 user@server

# Reattach to screen session
screen -r upgrade

Package Conflicts or Broken Dependencies

# Fix broken packages
apt --fix-broken install

# Reconfigure any unconfigured packages
dpkg --configure -a

# Force removal of problematic packages (use with caution)
apt remove --purge package-name

PHP Version Changes

Each Ubuntu release ships a different PHP version. After upgrading, you may need to update your web server configuration:

# Check which PHP version is now installed
php -v

# Update Nginx to use the new PHP-FPM socket
# Example: change php7.4-fpm to php8.1-fpm in your site configs
grep -r "php.*fpm" /etc/nginx/sites-enabled/

# Reinstall PHP extensions you need
apt install php8.1-mysql php8.1-curl php8.1-mbstring php8.1-xml

MySQL/MariaDB Upgrade Issues

# Run the MySQL upgrade check after OS upgrade
mysql_upgrade -u root -p

# Check for deprecated configuration directives
mysqld --verbose --help 2>&1 | grep -i warning

Kernel Boot Problems

If the new kernel fails to boot, use your hosting provider's console or recovery mode to boot the previous kernel from the GRUB menu, then investigate:

# List installed kernels
dpkg --list | grep linux-image

# Reinstall the current kernel
apt install --reinstall linux-image-$(uname -r)

# Update GRUB
update-grub

Summary

Upgrading Ubuntu Server between major LTS versions is a well-defined process when you follow the proper steps: back up everything, ensure your current system is fully updated, use do-release-upgrade, handle configuration file prompts carefully, and verify all services after rebooting. For servers running EOL versions, update your sources.list to point to old-releases.ubuntu.com before starting. Always upgrade sequentially between LTS releases and never skip versions. Combined with a solid Linux security checklist and proper firewall management with UFW, keeping your Ubuntu server current is one of the most important steps in maintaining a secure infrastructure.

Need help managing your server infrastructure? Explore NOC.org plans to get started.