Archive by Author

Xserve, Your Day Has Come

by on 05. Nov, 2010 in General

Republished from makkintosshu with permission.

As of today, the Xserve’s days are officially numbered. 87, to be exact. Come January 31st, 2011, Apple will no longer be selling Xserves.1 What a shame.

As the transition guide (PDF; linked to from the Xserve Resources page) explains, the two options going forward will be the Mac mini with Snow Leopard Server and the Mac Pro with Snow Leopard Server. To me, the gap seems painfully wide, with the following completely lost:

  • A powerful 1U option. Yes, you can fit 2+ Mac mini servers in 1U, but that’s not always the correct solution, nor will it yield the same raw processing throughput. Only being able to fit two Mac Pros in a whopping 12U of rack space is an astounding waste of space unless you actually need the internal storage & PCI Express expansion.
  • Hot swappable internal storage. I won’t miss the price tag of Apple’s drive modules, that’s for sure, but they did an excellent job of ensuring they were actually enterprise-grade. It’s slightly painful to think that both their server options will require a power down and to be pulled out of the rack2 just to swap a drive.
  • Redundant power supplies. I’m all for the lower power consumption of the Mac minis and Mac Pros, but the fact that Apple will have no server hardware that can be gracefully transitioned between power sources is very disappointing for those needing high availability.
  • Lights-Out Management. I personally don’t use LOM, and I frequently hear complaints about Apple’s LOM implementation, but the number of times I could’ve used it and not had to send someone to the server room (or drive in myself) is way up there. So, not even having it as an option is an additional downer. Maybe someday the Mac Pro will get LOM.

That said, the Mac Pro is a far more formidable piece of hardware than the Xserve, and the pricing of the Mac Pro with Snow Leopard Server, much like the Mac mini with Snow Leopard Server, is pretty much just throwing in a copy of Snow Leopard Server. Also, as Brian Stucki of Macminicolo.net put it on Twitter, “WAY too many small business put money into [an Xserve] when a Mac mini would have been perfect.”

It’s clear that Apple is saying goodbye to “Enterprise” and honing in on the SMB market.

1 Of course, there may be some old stock available through Apple Specialists and Apple Authorized Resellers.

2 If you have two Mac Pros on a shelf in a four-post rack, you can probably, depending on the positioning of side panels & cross-members, pull the side off of one of them to swap drives. Pain in the ass, though.

Read full storyComments { 0 }

ClamAV <0.95.x is Dead – Check Your Tiger & Leopard Servers

by on 16. Apr, 2010 in General, Software Update

ClamAV noted back in October that they were going to end-of-life ClamAV 0.94.x on April 15th, 2010, forcing it to be disabled during updates — yesterday, for those not paying attention. Of course, Mac OS X 10.4 Tiger Server includes ClamAV 0.88.5 through 0.94, so one is required to either disable the Mail Service’s virus scanning functionality or update it manually (I’d highly suggest Topicdesk’s instructions for 10.4.7-10.4.11).

While there have been recent reminders regarding Tiger Server, Mac OS X 10.5 Leopard Server and Mac OS X 10.6 Snow Leopard should be fine, right? Actually, prior to Security Update 2009-005, Leopard Server was running Clam AV 0.94, so you’ll need to make sure it’s fully updated — I managed to find one Leopard Server mail server that had not been updated yet. Snow Leopard Server is good to go, though.

So, make sure you check your ClamAV version on both your Tiger & Leopard Server mail servers.

Read full storyComments { 1 }

iPad App Wish List for a Server Admin

by on 27. Jan, 2010 in Articles, General


If you hadn’t heard the fervent rumors over the past few weeks about Apple’s impending tablet computer, you’ll no doubt hear about the real deal: the iPad. It’s a mid-size, thin, fast, multi-touch tablet computer running an enhanced version of the iPhone OS and including Bluetooth, WiFi, and optional 3G connectivity. I’ll leave you to watch the video or drool over the specs & pricing.

Since I’m on-call 24/7 and must be ready to respond whether I’m on the couch or on a long trip, my primary workstation is the thin & light MacBook Air. I certainly wouldn’t mind carrying just an iPad with me wherever I went, but there are a few caveats for a server admin like me. While the iPhone OS’s copy & paste support is stellar and was worth the wait, the lack of multitasking could certainly make life more tedious in some cases or downright impossible in others. The iPad supports current iPhone/iPod touch applications at their existing resolutions (or at 2x size) and I have no doubt that the developers of SSH apps and such will update them to support the new resolution & keyboards quite quickly, but there are key apps missing. They’ve developed excellent new versions of the iWork apps for use on the iPad, but I’d need them to port Server Admin, Workgroup Manager, and Apple Remote Desktop for me to actually give up my MacBook Air.

It’s sexy. It has the potential. It certainly has the screen resolution and performance to take on such tasks. I’ll even guarantee that plenty of third-party tools will be developed for server admins using the iPad, but I hope Apple sees the light and brings over their own admin tools as well.

Read full storyComments { 0 }

Cleaning Up MySQL Binary Logs

by on 18. Jan, 2010 in General, Tips & Tricks

While Jimmy has previously covered disabling MySQL’s binary logging for those who don’t need it and don’t want to worry about the unexpected disk space usage, others prefer to merely purge older binary logs to reclaim disk space. MySQL’s binary logs live in /var/mysql and appear as mysql-bin.000001. Some of my servers merely hosting a few weblogs have bin logs taking up 4K-1MB, but others hosting large web applications have bin logs in the 1GB range. The last thing you want is for the drive hosting your MySQL databases to fill up unexpectedly.

Here’s a one-liner for removing all MySQL bin logs older than 30 days:

sudo find /var/mysql -name "mysql-bin.0*" -mtime +30 -exec rm {} +

Obviously, any command like this that automates deletion of potentially needed data could be disastrous, so make sure you have a good backup of your data before you try it. The benefit of the above command is that you can remove ‘-exec rm {} +‘ from the end of it to do a dry-run without actually removing any files and it’ll merely list the file names. Also, if you want preserve all bin logs newer than 60 days, simply change to read ‘-mtime +60‘, or whatever best fits your needs.

Depending on your usage & backup setup, you could certainly automate this using cron or launchd.

Read full storyComments { 0 }

How to Kill Orphaned launchd Jobs

by on 31. Dec, 2009 in Tips & Tricks

Have you ever accidentally edited, moved, or deleted a launchd daemon/agent plist file without stopping the job first and then found you couldn’t unload it? I’ve done this on a few occasions and learned the following trick from the launchctl man page, just run `sudo launchctl remove <job_label>`. The <job_label> should be the job’s ‘Label’ specified in the plist file (the reverse domain notation used in the plist filename, e.g. ‘tld.domain.job’ if the filename is ‘tld.domain.job.plist’) or you can look it up using `sudo launchctl list`.

A little background in case you’re interested: the ‘remove’ subcommand is there to counteract jobs added manually/programmatically using the ‘submit’ subcommand, hence it working when the plist file is not there for you to use the ‘unload’ subcommand (which requires a plist file).

Read full storyComments { 0 }

Open Directory Replication and SSH Service ACLs

by on 15. Dec, 2009 in Security, Tips & Tricks

While configuring a Mac OS X 10.5 Leopard Server as an Open Directory Replica of a Leopard Open Directory Master I got “Open Directory Replica Error value = 1255" when it tried to start creating the replica. This error has to do with not being able to establish an ssh connection with the OD Master, but the server in question had Remote Login enabled and, while I was using service level ACLs to limit ssh access, the admin user had ssh access.

However, although the root user and admin user share the same password by default, they’re not the same user and I couldn’t ssh in as root. Oddly, the root user isn’t an option to add to service level ACLs in Server Admin (at least for that Leopard Server installation). A quick search pulled a knowledge base article regading being unable to add the root user to service-based ACL for SSH which tells you to run the following command to add it manually:

sudo dseditgroup -o edit -a root -t user com.apple.access_ssh

Sure enough, it worked like a charm and now root shows up as “System Administrator” in the SSH service level ACLs in Server Admin:

Naturally, I was then able to ssh in as root and the Open Directory Replica creation went off without a hitch.

Read full storyComments { 1 }

Swamped by ServicesInformation Errors

by on 30. Nov, 2009 in Tips & Tricks

Here was a new one for me. A Mac OS X 10.5 Leopard Server file server had been unresponsive to Apple Remote Desktop and wouldn’t display video for about a week. I could still SSH in and the AFP services it hosted were functioning normally, so I left it for a “later” project. Well, this morning I was notified that some of the AFP shares were no longer listed due to a power outage affecting the RAIDs connected to it.

No worries, restarting the AFP service or rebooting should resolve that. Only it didn’t. There was high usage by syslogd and I found tons of the following messages in /var/log/system.log:

Record of type dsRecTypeStandard:Config named ‘ServicesInformation’ already exists in /Local/Default. Trying with new name: ServicesInformation1

Others have run into this before, and it seems to be a corruption of /var/db/dslocal/nodes/Default/config/ServicesInformation.plist. In my case, there was some file system corruption, so I did the following:

  1. Booted from another drive w/Disk Utility and SuperDuper!
  2. Verified the disk using Disk Utility (which failed.)
  3. Backed up the drive with SuperDuper! (Just in case.)
  4. Repaired the volume with Disk Utility (successfully.)
  5. Booted into Single User Mode.
  6. Backed up /var/db/dslocal/nodes/Default/config/ServicesInformation.plist and removed all the extra ServicesInformation*.plist files.
  7. Rebooted from the original boot drive.

What I found while fixing this:

  • The ServicesInformation.plist was corrupted and contained text regarding a disk full error, so that’s likely the cause of the corruption.
  • I was able to just delete ServicesInformation.plist and let it regenerate without detrimental effects, but be dubious.
Read full storyComments { 0 }

Stripping All ACLs

by on 18. Nov, 2009 in Tips & Tricks

I’ll admit it: I rarely ever work with Access Control Lists. Most of my time is spent in web server land where POSIX permissions are more than adequate, so I just fire up Server Admin if I have to add an ACL.

However, a co-worker recently ran into an ACL mess after a client converted their server from Standalone to Open Directory Master and back again. So, how to strip all ACLs so you can start over? It’s probably dangerous or some command I’m not familiar with, right? Nope.

The following call to chmod will recursively remove all ACLs:

chmod -RN /path/to/directory

Voilà!

Read full storyComments { 0 }

Apple Server Diagnostics 3X106 Released

by on 23. Oct, 2009 in Software Update

Apple released Apple Server Diagnostics 3X106 yesterday to support for Snow Leopard Server and the Mac mini. If you’ve still got 3X104, you’ll need to grab the new version if you’re running Snow Leopard Server.

The tests it performs include:

  • Boot ROM
  • Ethernet controller
  • Fan
  • Hard drive
  • Memory
  • Power supply
  • Processor
  • Sensor
  • USB ports
  • Video controller

[Via TUAW]

Read full storyComments { 0 }

State of the Mac mini

by on 23. Oct, 2009 in General

macminicolo.net has posted their 2009 state of the Mac mini, including their test drive and photos (un-boxing & take-apart) of the new Mac mini w/Snow Leopard Server. Interesting tidbits I was unaware of are:

  • The new Mac minis will accept 8GB of RAM and the now-previous ones only need a firmware upgrade to do so.
  • AppleCare covers GUI-based server & network management issues for the Mac mini w/Snow Leopard Server, but “isn’t the case if you buy a Mac mini and Snow Leopard Server separately.”
  • Approximately 70% of their customers use Mac OS X client. I shouldn’t be surprised due the former pricing, but I think the killer combination of Snow Leopard Server only costing $499 for unlimited clients and bundling it with a Mac mini configuration will change all of that.

They also remind the naysayers who complain about lack of additional Ethernet ports “that Apple’s USB Ethernet Adapter works fine on a mini. Just plug it in and you’re set.”

[Via Daring Fireball]

Read full storyComments { 0 }
Older Entries »