Good practices for updating a server? [without affecting current running services]

As far as I understand your question: You want security updates automatically installed and other updates postponed until tested and you want to know if this is called "good practice"

Well, yes. This is indeed good practice.

What you need on your ubuntu-server install is the package: unattended-upgrades

running services will not be affected until restarted.

In the edited part of your question you changed the wishlist a bit: How to update everything except the critical running services.

This one is a bit less straightforward but you could fix their current version so they will not be updated, read here about pinning

If your server is that critical and can never be shutdown for a few seconds to reboot (for a vm) or something around 1-2 minutes for a normal server, it should be redundant (at least to avoid hardware or connection failures for example) and you redirect services to other machines while you are rebooting. If this is not the case, you should modify this because it is result of bad planning and you are offering something you don't have (100% availability).

If delaying the reboot to when service is not used is an option, you can easily do the update and schedule the reboot with cron, with sleep / reboot in a screen session, SSHing in the server at the defined time or using the way you may prefer.