Essential Mac OS X Server Administration 109
| Essential Mac OS X Server Administration | |
| author | Michael Bartosh and Ryan Faas |
| pages | 848 |
| publisher | O'Reilly |
| rating | 9 |
| reviewer | Mary Norbury-Glaser |
| ISBN | 0596006357 |
| summary | Essential Mac OS X Panther Server Administration |
Michael Bartosh, President of 4am Media, Inc. (formally an Apple Systems Engineer), is a Mac OS X consultant and trainer specializing in cross-platform directory services integration. He is the main author of Mac OS X Server Administration, having written Parts I through VI. Ryan Faas is the Mac columnist for Computerworld and has extensive experience with integrating Macs in cross-platform networks and contributed Part VII, "Client Management," to this volume.
The authors divide the book into seven main parts covering server installation and management, a variety of services (directory, IP, file, security, and Internet) and client management. An appendix offers an extremely concise and clearly written introduction to directory services. Part I discusses planning and designing the server environment, installing and configuring the OS X Server, an overview of the server management tools, system administration and troubleshooting. Hardware (to XServe or not, supported architecture and performance bottleneck consideration), storage technologies (XServe RAID (Redundant Array of Inexpensive Disks), ATA (AT Attachment, IDE (Integrated Drive Electronics), SATA (Serial ATA), fibre channel, SCSI (Small Computer System Interface), FireWire/FireWire 800, various flavors of RAID), volume partitioning (best practices for maintaining different parts of the file system on different volumes) and particularly network infrastructure (performance, infrastructure and services). The latter is a critical consideration for cross-platform efficiency; basically, "playing nice" with existing and predominant OSes and platform-specific settings on network links.
The next chapter on installing and configuring Mac OS X Server walks the reader through the actual installation process for both the GUI and the command-line options. There are plenty of screen shots for the GUI install but the more attractive aspect of this section is for those administrators who are comfortable with the command-line. This is a terrific example of how the command-line provides far more granular control over installation and configuration options in comparison to the GUI process (if you want an excellent step-by-step introductory narration of the GUI installation then you can't do better than Schoun Regan and Kevin White's Mac OS X Server 10.3 Panther: Visual Quick-Pro Guide published by Peachpit). Bartosh and Faas also include descriptions of network install using Apple's NetBoot technology, ASR (Apple Software Restore) and radmind (remote administration daemon).
Chapter 3 continues with another well-documented section on server management tools: Workgroup Manager (creating users, groups and computer lists, managing the same, managing share points and the oft-ignored...because it's hidden in the application's preferences pane...Inspector), Server Admin (service managing, monitoring and configuration app) and Server Monitor (XServe specific hardware-monitoring app). Again, the best part of this chapter is the inclusion of both graphical and command-line equivalent tools: serveradmin; nicl (used to read data in NetInfo where the share record is stored); sshd, servermgrdhwmon (server management daemons); and a very brief nod to the directoryservice daemon (manages Open Directory) which is covered is more depth in the excellent Appendix.
Chapter 4 is titled, "System Administration" and is a very interesting aside that acts as a forum for author Bartosh's particular philosophies on the approaches and practices that make good bedfellows in a non-homogeneous network environment. Do not read "peculiar" here; Michael Bartosh takes an extremely sensible and ostensibly efficient approach to a difficult and sensitive topic. As Bartosh notes, "The Macintosh is...still a minority platform, and it makes little sense when working to gain acceptance somewhere to ask that organization to make fundamental infrastructure changes in order to support the Mac." His main points include: minimize intrusion into existing infrastructures; focus on the needs and business of your organization; default policy of denial (minimize access points); and minimize change, maximize stability. He also holds forth on software update methods, backup strategies, account management, failover, the diskspacemonitor daemon and watchdog for service monitoring. At the end of the day, this chapter provides an enlightening approach to combining a realistic set of principles with an appreciation of the compromises that must be made to ensure cooperation and success.
The final chapter of Part I involves strategies in troubleshooting Panther Server on a higher plane than merely going through the simple first step of repairing permissions. Again, Bartosh uses this chapter to introduce a more rigorous approach to analyzing and solving problems that often occur during the course of system administration. Bartosh details a structured approach to name resolution: lookupd with query and debug modes, fundamentals of LDAP and OS X directory services, forensic tools (strings, fs_usage, otool, ps, lsof, ktrace, kdump), network tools (netstat, tcpdump) and joiners/filters (grep, | (pipe symbol), awk).
Part II, "Directory Services," requires a thorough read of the Appendix ("Introduction to Directory Services"). Part II is composed of several chapters covering Open Directory Server: identification and authorization, and authentication and replication. This is a complicated topic but Bartosh explains the concepts with skill. He begins with management of Open Directory Server using Server Admin and quickly follows with an overview of roles (standalone, connected to a directory system, open directory replica or open directory master), best practices for creating administrator accounts and a detailed account of how to access an open directory domain.
Chapter 7 consists of an examination of LDAP (lightweight directory access protocol) basics and terminology; Apple's OpenLDAP including the use of Server Admin to manage OpenLDAP settings; a summary of the OpenLDAP server daemon, slapd, and the configuration file, slapd.conf; slapd troubleshooting, OpenLDAP utilities and tools (ldapadd/ldapmodify, ldapsearch and slapcat among others); a breakdown of LDAP data (identification data, authorization data and configuration data) in an Open Directory Master; an explanation of Apple's LDAP Schema and how to query LDAP services using ldapsearch at the command-line or LDaper from the GUI. Bartosh has a knack for taking a conversational tone in his approach to complex subjects: he is able to import the salient points of his extensive knowledge in a casual yet nontrivial manner.
Password Server and Kerberos are both handled in the next chapter. Bartosh provides a detailed treatment of PasswordService (SASL or Simple Authentication and Security Layer), a breakdown of the Password Server architecture (Password Server daemon, config file, main database, etc.), Password Server policies and new policies in Panther Server, use of public key cryptography and Password Server tools including pwpolicy, mkpassdb and NeST (NetInfo Setup Tool). Kerberos basics are fully explained with principal terms defined (realm, KDC, service ticket, TGT, encryption type, etc.) and a stepwise description of the Kerberos exchange mechanism. Also included is a general review of securing Kerberos using preauthentication. Following this is a specific treatment of MIT's Kerberos distribution within Mac OS X Server. Bartosh walks the reader through Kerberos configuration and Kerberizing Mac OS X Server services. He rounds out this chapter by bringing together the Kerberos and Password Server concepts (synchronization of Kerberos and Password Server authentication databases).
The final chapter in Part II involves replication architecture in Open Directory Server, design choices and best practices for deployment. The author uses both a GUI method (Server Admin's Open Directory Settings interface) and the command-line technique (slapconfig) in creating an Open Directory Replica and includes a detailed sequence of events that occur during the replication process. LDAP replication, Password Server replication and Kerberos replication are all discussed in-depth. Not surprisingly, client-side replica discovery is also dissected, including LDAP replica discovery, Password Server replica discovery and Kerberos replica discovery.
Part III is devoted to IP services and examines xinetd and Apple's DNS, DHCP and NAT services. Chapter 10, on xinetd, is very well written with a short history of the evolution of xinetd; configuration using the shell-script service; a description of xinetd architecture; and lists of general options for use with xinetd (id, passenv, port, redirect, groups, etc.), OS X specific options (mdns, session_create) and security-related options (log_on_failure, no_access, access_times, etc.).
DNS (Domain Name System) and the BIND (Berkeley Internet Name Domain) package are the topics of Chapter 11. Obviously an important but difficult concept to grasp but Bartosh does an exceptional job here. New to Panther is the ability to access DNS via a GUI tool and again it's done through the Server Admin interface. The author guides the reader through the process including looking at the DNS logs, the Activity pane and some minimal option settings (zones and logging). A thorough approach is also taken in analyzing the BIND package, the named daemon, the named.conf file, the tools available for troubleshooting (nslookup, dig and particularly host), and advanced configuration options (running named as an underprivileged user, establishing a domain-specific forwarder, change rooting, limiting zone transfers, and providing different host data using views).
The next chapter covers DHCP (Dynamic Host Configuration Protocol) and Apple's bootpd service. The author again provides GUI access instructions to the DHCP service, including screenshots of the various tabs (Overview, Log, Clients, Settings) and an explanation of available options. Troubleshooting, using the bootpd daemon and advanced command-line tools at one's disposal are also included: creating bootpd static bindings and using bootpd to supply other DHCP options (IP address of the NetInfo parent, the default URL to present in a Web browser, local POP3 server, local newsgroup servers, etc.).
Chapter 13, NAT (Network Address Translation), is the final chapter in Part III and follows the established format of providing screenshots of the Server Admin access point for this service, along with architecture (including the natd daemon and the OS X packet filter, ipfw) and advanced configuration options (editing the natd.plist).
Files Services comprise Part IV and includes an overview of creating and managing share points, automounts and home directories; AFP (Apple file protocol) management; Windows file services via SMB (Server Message Block); FTP (File Transfer Protocol), network file system and print services. The services are familiarly managed through Server Admin and Bartosh provides details on each service: accessing each of the GUI tabs (Overview, Logs, Connections, Graphs and Settings) and options within as well as using the command-line equivalents. He consistently provides comprehensive information about each choice, their consequences and alternatives. He also offers interesting asides on the historical evolution of various options (default permissions behavior pre-10.2, for instance) that make the reader appreciate the complexity involved in the development of an innovative system such as OS X Server.
The permissions mapping section in Chapter 15 ("Apple Filing Protocol") has some very well-done representational examples of permissions mapping. Integration of AFP Services in Mac OS X into different shared directory domains is referenced to http://www.4am-media.com/sso/ (which was not available at the time of this writing). The recommended troubleshooting technique is AFP client logging and the author gives stepwise instructions on how to enable AFP client logging through the command-line.
Chapter 16, "Windows File Services" will, no doubt, be a focal point for many administrators. Over the long haul, successful integration of Mac OS X Server into a Windows environment will make or break the OS X Server platform. Apple included Samba in Mac OS X to smooth the way toward assimilating platforms in such a way that it's a fairly seamless experience for diverse clients. Configuration, logging, connections, etc., are viewed and configured through Server Admin with per-share options are managed using Workgroup Manager (share this item using SMB, allow SMB access, custom SMB name, default permissions, etc.). Password Server integration, useful command-line utilities (testparm and smbutil) are also described.
FTP (File Transfer Protocol) is covered in the next chapter in the same format as the other services: both GUI and command-line options; managing FTP using Workgroup Manager; architecture (xftpd, ftpaccess.default); securing FTP (using Kerberos, FTP tunneled over SSH and sftp). An added bonus is an extended section on advanced options when manually editing ftpaccess, ftpconversions, and ftphosts/ftpgroups/ftpusers.
Chapter 18 deals with NFS (Network File System) with some caveats as to the relative insecurity of the service model and UniqueID mismatch issues. NFS File locking, /etc/exports and NFS daemons (mountd, nfsd, rpc.lockd and rpc.statd) are introduced in due course.
Print services is the final topic of Part IV and Bartosh is fairly blunt about the inadequacies found here. Nevertheless, he presses on and covers the subject in much detail. In all honesty, Tiger Server provides vast improvements in this realm and while this Panther section is worthwhile for those interested in how it's peripherally handled in Panther, if you are relying on OS X Server as your primary print server...well, it may be time to upgrade to Tiger.
Part V consists of two chapters revolving around Security Services: Mac OS X Server Firewall and Virtual Private Networks. The firewall chapter begins with a general discourse on how network communications function, a comparison between packet-switched vs. circuit-switched networks, redefining "firewall" in terms of packet filters (ipfw) and a look at ipfw packet filter rules. Bartosh follows this up with a point-by-point, server-specific initialization of Apple's Firewall service. The GUI through Server Admin is set out along with using the Advanced pane to "deny" rules and using the command-line to configure ipfw in order to bypass issues involved with extreme sluggishness experienced when reloading rules. The chapter concludes with specifying rule order, configuration examples in scenario/action format, reporting and monitoring (using ipfw list, serveradmin status, sysctl and /var/log/system.log), and managing the firewall service.
Chapter 21 is a methodical explanation of VPN (Virtual Private Network) vs. other varieties of encrypted connections: SSL (Secure Socket Layer) and SSH (Secure SHell); VPN protocols: PPTP (Point to Point Tunneling Protocol), and L2TP over IPSec (based on the Internet Protocol Security suite). Configuring L2TP/IPSec (via the IPSec daemon, raccoon, and vpnd) and PPTP are more than adequately covered. Logging, client information, Internet Connect, Rendezvous (now known as Bonjour), subnets, and authentication are also included. There is a dearth of OS X VPN instruction/discussion in the wild so it's nice to see it finally included in some detail within the context of OS X Server.
"Internet Services" (Part VI) is dedicated to Mail and Web services and Application servers (Tomcat and JBoss). The section begins with an overview of mail protocols: SMTP (Simple Mail Transfer Protocol); POP (Post Office Protocol); and IMAP (Internet Mail Access Protocol) followed by global graphical management options in Server Admin. Also included here are WebMail via SquirrelMail (open source IMAP client), Workgroup Manager to manage per-user Mail Service options, Postfix (default Mail Transport Agent) as a replacement to Sendmail, and Cyrus (default Mail Delivery Agent). Several valuable additions to this section include: a discussion of migration from legacy or existing mail systems (amsmailtool), backup strategies (BRU by the Tolis group) and content filtering (ClamAV, SpamAssassin).
Apache is bundled into Mac OS X and OS X Server and, with the latter, is integrated with the server tools. All the usual settings are accessed through Server Admin: Overview, Logs, Graphs and Settings. General and site configuration are handled through the Settings tab: setting MIME (Multipurpose Internet Mail Extension) types, configuring the proxy server, adding and removing modules are all available here.
In Chapter 24, Application Servers, Bartosh walks the reader through a comprehensive setup of the Application Server and the configuration of JBoss and Tomcat. He gives a simple introduction to creating a simple JSP page as well as illustrating more complex application scenarios.
The final part of this book, "Client Management," was contributed by co-author Ryan Faas and stands on its own as an excellent accompaniment to Michael Bartosh's coverage of OS X Server in the previous sections. The reader enjoys a complete scope of managing preferences on OS X clients (for users, groups and computer lists), managing both Classic Mac OS X workstations and Windows clients, workstation deployment and using ARD (Apple Remote Desktop). Of outstanding value are: understanding how varying preferences interact, using the Home directory for preference management, mobile accounts preferences, using Mac Manager to manage Classic Mac OS Workstations (Mac Manager share points and folders, creating workgroups, defining workgroup printers, disabling login for a computer list, security options for computer lists and global settings), hosting a Windows domain (configuring Mac OS X Server as a Windows Domain Controller), home directory access from Windows clients, setting up user profiles for Windows users, using login scripts, and configuring member and standalone servers.
Chapter 28 covers "Workstation Deployment and Maintenance" and discusses types of disk images, NetBoot (share points and image folders, shadow files) and network issues with NetBoot (load balancing, NetBoot across subnets), creating Mac OS X NetBoot images using the Network Image Utility, configuring the NetBoot service from both the GUI and the command-line, NetInstall and Apple Software Restore (creating Classic ASR images using Disk Utility, applying ASR images using Disk Utility, the command-line and other tools (Carbon Copy Cloner). A real-world scenario that is covered here is the time consuming and deadly annoying task of maintaining software updates across networked client machines. Faas proffers a variety of server-based options: Apple Software Update, creating and using NetInstall images that contain package files, using application share points, putting application installers on the network, and using third-party software management tools such as NetOctopus (http://www.netopia.com) and Filewave (http://www.filewave.com) or, my personal favorite, the Open Source tool, Radmind (http://rsug.itd.umich.edu/software/radmind/).
The final chapter of "Essential Mac OS X Server Administration" describes an application not included with Panther Server: ARD (Apple Remote Desktop). A desktop management system integrated with VNC (Virtual Network Computing), ARD provides a full set of administrative tools that include custom software package installation, data reporting options (hardware, OS, installed software, etc.), workstation broadcasting, etc.
The book includes one appendix, "Introduction to Directory Services" (did I mention it was quite excellent?!).
As always, O'Reilly has published a well-designed book: despite the 800 plus pages, the book is perfectly balanced with a comfortable weight-to-size ratio, clean typography, appropriate and pithy asides, and a supple binding that allows the book to stay open when you want to follow along while at your keyboard.
Yes, Tiger Server (Mac OS X 10.4) has been released and no doubt authors Bartosh and Faas have already been hard at work on the second edition of this book. This in no way minimizes the impact this book should have on its intended audience. The evolution of any particular server product should be of vast interest to the professional systems administrator. Panther Server (Mac OS X 10.3), which is the focus of this book, will continue to be a presence in the Apple server-specific market for quite some time. Frankly, not every deployment site (from small businesses to vast educational institutions) will be able to upgrade to Tiger immediately nor will they all be eager to expend the time and additional dollars needed to invest in software, training and potentially new hardware. With the exception of Schoun Regan's Mac OS X Server 10.3 Panther: Visual Quick-Pro Guide (Peachpit, 2005), there is no other comprehensive documentation on OS X Server (Apple's documentation is clumsy and self-promoting). Essential Mac OS X Server Administration is an indispensable contribution to the education of the IT professional.
Mary Norbury-Glaser is IT Director at a University of Colorado Denver affiliate center. She has over 15 years experience in cross-platform systems administration. You can purchase Essential Mac OS X Panther Server Administration from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.
Just in time for Tiger (Score:3, Funny)
Re:Just in time for Tiger (Score:3, Insightful)
Re:Step 1 to server admin on a mac (Score:3, Interesting)
The XNU kernel has some serious performance limitations, and on a box that's going to be getting heavy usage I'd definately want linux/ppc instead.
On the other hand, not all servers are under heavy load, and the OSX Server package makes a lot of stuff relatively easy to setup and administer (particularly for the inexperienced admin,) so both have their place.
Re:Step 1 to server admin on a mac (Score:1, Interesting)
reliable and will last a reasonable
amount of time (forever?);"
Uh... Since when? Is this more "I heard it so it must be true" logic?
Most of the parts are PC equipment now days (soon to be 100%) and the few parts that are actually apple engineered are as poorly designed as dell equipment.
Our macs have the WORST defect rate of anything but the dells we have.
The only reason that people keep their equipment a long time is because it cost an arm and a leg and they ne
Re:Step 1 to server admin on a mac (Score:2)
monoculture (Score:1)
Tarbosh knows his stuff (Score:4, Interesting)
Re:Tarbosh knows his stuff (Score:2)
Re:Tarbosh knows his stuff (Score:2, Interesting)
Re:That was a troll but this isn't:read it4free,he (Score:2)
When they thought they could make a buck or two by doing it.
Is hello.jpg in the public domain?
Benefit for specific OS X versions of packages? (Score:3, Interesting)
Happy with Tiger Server (Score:5, Informative)
Other than that, it runs my Drupal [drupal.org] powered weblog [joeslife.info] very well (on a 350mhz iMac no less, installation was a bitch due to the fact my iMac didn't have a DVD drive).
Re:Happy with Tiger Server (Score:1)
Re:I'm sure you paid for that (Score:1)
This Is Not a Review, It's a Summary (Score:5, Insightful)
Re:This Is Not a Review, It's a Summary (Score:1)
MacOS X not an appropriate choice for service. (Score:4, Insightful)
Also, I don't see why I would want to run a GUI on a machine that would run headless most of the time. Service records can either be generated automatically and sent somewhere else or I can ask for them when I need them from another machine. I'm just fine with ssh-ing into the server to get jobs done on the command line.
I don't have any statistics to offer on how much more slowly things ran under MacOS X, but I found their cutesy front-end apps to be inadequate or just plain wrong, so I ended up spending a lot of time working on things that I wouldn't have had to with another OS (GNU/Linux or OpenBSD, to name a couple free software systems); I ended up being slower to work because of the needless work I had to do. All of this for a proprietary system that costs considerable money in the first place.
So, MacOS X is not appropriate for service? (Score:1)
The vendor is always wrong. Never fight with the vendor, plan around instead. That's true of Solaris, RedHat, Apple, IBM, any vendor. (Microsoft, you can't work around, so you just plan on not building anything you haven't confirmed already works on their software. But they aren't a real vendor, they don't sell, they only lease.)
First check out whether it can be done with the sto
Re:OSX as a server (Score:5, Insightful)
Yeah, one word explanation for that: Exchange.
My company has been selling Microsoft SBS hand over fist for years, but during that time there was quite a lot of interest in OS X Server (even from clients with all Windows-based workstations), for two reasons: because of all the egg on Microsoft's face over security issues, and because the OS X Server licensing costs are so cheap and licensing is low-maintenance. You don't have to keep track of CALs if your business is growing-- throw down $1000, boom, unlimited CALs. The last time one of my company's clients got unlimited Microsoft CALs, it cost them around $25K.
So why doesn't OS X Server sell more? The dealbreaker is always the fact that it doesn't have something like Exchange. I've been screaming for Apple to make an Exchange killer for years. They've got most of the pieces already: iCal, Mail, Address Book... all that needs to be done is to tie them together into a single app, and on the server end add group calendaring and maybe a new mail protocol similar in function to MAPI (IME, using IMAP as an Exchange client in MS Entourage SUCKS, so I think Apple needs to go one better with their imagined product).
~Philly
Re:OSX as a server (Score:2)
I would imagine the lack of something equivalent to Group Policy is also a bit of a damper as well.
Re:OSX as a server (Score:2)
http://www.apple.com/server/macosx/features/workg
Re:OSX as a server (Score:2)
Re:OSX as a server (Score:1)
Re:OSX as a server (Score:2)
Whatever it uses, IMHO it's infinitely inferior to Outlook 2001's MAPI support. I don't know what the Mac Business Unit people were thinking on that one. Furthermore, the fact that Entourage still doesn't do everything that Outlook 2001 does (out-of-office assistant control and fully-functional public folders, to name two still MIA features) is shameful.
I really try not to wear the tinfoil hat, but sometimes I can't help but wonder if it's being done deliber
Re:OSX as a server (Score:1)
Re:OSX as a server (Score:1)
Re:OSX as a server (Score:2)
I'm one of the previously quite active, now kind of lurker, PHP iCalendar developers. No conspiracy here.
Re:OSX as a server (Score:1)
Sure, that's just what they want you to think...
Re:OSX as a server (Score:2)
Opening iCalendar files in Mail puts them into iCal. Scheduling something in iCal allows you to send out invitations to the people identified in your Address Book via Mail. Address Book will connect to a central LDAP machine for accounts.
It isn't complete yet thou
That's just silly... (Score:4, Interesting)
I know a lot of folks who run some pretty high performance/high load apps on OS X. I also talked to these guys:
http://www.psoug.org/rac_on_mac.html [psoug.org]
Who have deployed 3 Oracle 10g RAC installations on Xserve G5's. They said in their testing that 10g on a dual 2.0 G5 was about 30% faster than on a dual Xeon 2.4 on Windows. Now that's not Linux (they hadn't done the direct comparo), but that shows that it's not completely unfit for server operation.
Re:That's just silly... (Score:3, Insightful)
Re:That's just silly... (Score:2)
Re:That's just silly... (Score:2, Insightful)
How many DB read/commit transactions per second was this "server" handling?
Silly indeed ... (Score:2)
with no other details (at least RAM and RAID settings). Besides, dual Xeon 2.4 is OLD tech from any angle (clock speed, core, chipset, you name it) - it's also really silly to compare it to a 2.0GHz G5; why not a 2x 2.0GHz Xeon if they're into showcasing old server hardware?. And 30% is embarrassingly small a difference to be talking about in this case.
Re:Silly indeed ... (Score:2)
My point is that it's not 60x slower for all database operations for all databases, which is the impression you might get by just blindly reading the Anandtech article.
I also agree that dual Xeon 2.4 is old technology.. I'm certain a dual Opteron would be faster than both. But their "anecdotal" statement indicated that it's not an order of magnitude slower (or faster) than dual Xeons, for that matter. And you can o
Re:That's just silly... (Score:2)
Worse. If you read the article carefully, you'll see that the author does not know the difference between creating a thread and spawning a new process. (Granted, the Linux model makes somewhat less of a distinction than most Unices, but they're still not the same in terms of resource costs.) It's actually spawning processes that is slow, and well that's something
GTTREAAiP (Score:2, Funny)
Re:GTTREAAiP (Score:1)
Re:GTTREAAiP (Score:2)
Question from a OSX Client user (Score:2, Interesting)
Personal File Sharing
Windows Sharing
Web Sharing
Remote Logic
FTP
Remote Desktop
Apple Events
Printer Sharing
Internet Connection Sharing
That ain't bad, so what can Server users do that's so great?
Re:Question from a OSX Client user (Score:3, Informative)
Re:Question from a OSX Client user (Score:3, Informative)
- Apache with high performance cache
- Open Directory server -- master, client or replica
- Quicktime streaming server
- iChat server (in Tiger)
- IP failover
- Hardware status monitoring (on the Xserve)
- Integrated postfix mail server (also a high performance config)
- VPN (PPTP and IPSec) server
- Shiny Happy Fun GUI tools to configure most of the above (YMMV)
- Can also run Xsan
oh yah, and there is more... (Score:2)
- Jboss / tomcat (I've never used it though)
- MySQL (also I don't use this)
- Firewall
- Bind DNS
- DHCP server
- And, the Shiny Happy GUI tools are *networked* so you can tweak all the above services on any of the headless machines in your cluster
- The hardware monitor / alert tools are also networked and can send you quite a lot of emails if something gets too hot.
- If you happen to have an Xserve then you also get c
Re:Question from a OSX Client user (Score:1)
Re:MacOS X Server? (Score:1)
you too can have the slowest mysql performance (Score:2, Interesting)
Performance is at that point only 1/10th of the Opteron and Xeon. We have tested this on Panther (10.3) and on Tiger (10.4.1), triple-checked every possible error and the result remains the same: something is terribly wrong with the MySQL server performance.
SPEC CPU 2000 Int numbers compiled with GCC show that the G5 reaches about 75% of the integer performance of an equa
Re:you too can have the slowest mysql performance (Score:4, Informative)
Re:you too can have the slowest mysql performance (Score:5, Informative)
In an outbreak of benchmark over correctness, many drive manufacturers implement firmware that reports a write as being complete even though the data is in the drive's cache memory, and not on disk yet. Mac OS X provides fcntl(F_FULLFSYNC) which issues a command to the drives to flush all buffered data to stable storage (the platters).
Dominic Giampaolo posted a detailed description of this on the Darwin mailing list last February. http://lists.apple.com/archives/darwin-dev/2005/F
Re:you too can have the slowest mysql performance (Score:1, Interesting)
I wouldn't be surprised if OS-X had inherited some of these same problems.
An Old Chestnut... (Score:1)
Remember this one? [kottke.org]
I don't want to start a holy war here, but what's up with you Mac fanatics? I'm sitting here at my freelance gig in front of my Dual 2Ghz G5, and it's taking 20 minutes to commit these 3 SQL transactions to my weblog InnoDB database. I mean, on my single Xeon, which by all rights should be half as fast, this operation would take 3 ticks. If that.
In addition, during these commits, Nestcape will not work.
etc etc etc
Re:you too can have the slowest mysql performance (Score:2)
Re:you too can have the slowest mysql performance (Score:2)
Try running the anandtech benchmarks against the MySQL that ships with Tiger server instead of the one they compiled with gcc-3.3 (why not use the default compiler, folks?) and you'll see very different numbers.
The reason seems to be that MySQL forks all over the place (an operation that's nearly free on Linux, but expensive on many other unices), so Apple made a few changes that boosted performance enormously.
Yes, there are significant unresolved performance issu
Mac OSX - nice for testing (Score:1)
Lovely, indeed. Perhaps a good reason to pick up the book, if not just from the Library;
Re:Mac OSX - nice for testing (Score:2)
Re:Mac OSX - nice for testing (Score:1)
Other good books coming out (Score:2)
Writing readable code in Brainfuck
Windows 98 Server Administration and Security
RE:there's-a-panther-community? dept. (Score:1)
I own the book... (Score:2)
However, I do have a few beefs with it:
1. Errors. There are misplaced words and sentences that make no sense all over the book. In the short time I've had the book; I've come across at least 20 errors. (I've reported some to O'Reilly already. I just haven't had the time to do more.)
2. Depth/Lack of diagrams. A picture is worth 1,000 words, right? Well, where the hell are all of the diagrams? The VPN section needs a little bi
nslookup = deprecated (Score:1)
$ nslookup x.x.x.x
Note: nslookup is deprecated and may be removed from future releases. Consider using the `dig' or `host' programs instead. Run nslookup with the `-sil[ent]' option to prevent this message from appearing.