Mac OS X v10.5 is true Unix on the inside, novice admin friendly on the outside
Apple’s desktop Macs are incomparably well suited for the full range of uses from general productivity to technical and creative design, with the entire user skill and requirements spectrum covered by a rich, engaging, intuitive platform. It took Apple several years to get its head out of hardware long enough to perfect its client software. But the combination of broad feature set and usability that Apple brings to desktops, with the idea that one can sit down and start working immediately, didn’t stand a chance of making it to servers.
Apple has brought its unique brand of richness and simplicity to servers. OS X Leopard Server is the fifth generation of the software half of Apple’s server platform. This time around, Apple took what is a unique and bold approach for a Unix server. Leopard Server continues the OS X Server tradition of delivering platform-independent file/print, e-mail, Web, and network edge services (such as stateful firewall, VPN, proxy, virus, and spam filtering). But it is as easy to set up and run as a desktop. Truly; the typical Mac user could get a Leopard Server going, because the default administrative interface is a match for a Mac’s System Preferences.
Leopard Server breaks from the previous Mac server, and all server practices in general, in another regard. It takes the core server capabilities that I described in the preceding paragraph for granted, and places a completely new emphasis on cutting edge network collaboration that includes blog, wiki, instant messaging, calendar and scheduling, and address book (which Apple refers to as Directory). Sure, that’s a trick that Linux or Windows can pull off, but Apple’s spin is unique. These services are turnkey simple, but even in a turnkey setting, Leopard Server’s services are loaded with features and integrated to an extent that one finds, well, on a Mac desktop. If you can wrap your mind around this idea, then you won’t be surprised that Apple has supplied templates and default behaviors that make the services you put on the air look professionally designed from minute zero. Leopard Server passes the true turnkey sniff test by supporting all of its services without requiring custom coding or scripting.
Open and mighty
Apple, which has been known to approach challenges by inventing proprietary wheels, went full-bore on public standards with Leopard Server. Standouts among Leopard Server’s standard standards are CalDAV shared calendars, Jabber/XMPP, Apache 2.2, Ruby on Rails with Mongrel and Capistrano, IPSec and PPTP VPN, RSS, and Kerberos. Apple went proprietary only on the underlying plumbing of management GUIs. SNMPv3 is supported for monitoring with open tools. Apple’s bullish on security, and some of the secrets it keeps are in customers’ interest.
Although Leopard Server has the outward appearance of a gentle, unintimidating client that magically makes collaboration, general server, and edge services appear on your network, it wears its Unix-ness with pride. Leopard Server is Unix with a “U,” the real deal, with Open Group Unix 03 certification for the first time in OS X history. That puts Leopard Server in the rarified company of AIX, Solaris, and HP-UX. The Big Three is now the Big Four. The point is, if you’re concerned that Apple’s having brought client ease of use to servers means that Unix gearheads have to clear a lot of brush to work their craft, don’t worry about it. Leopard Server is source-level compatibility with any Unix software in the wild, or at least that which adheres to Unix standards. Further, a full set of commands — including command-line administration of its entire feature set — means that Leopard Server is both pretty to look at and well-muscled, a fine specimen all around.
For the short rack
If Leopard Server has a shortcoming, it is its limited scalability. This is a legitimate concern for IT, but then IT is neither Apple’s target for Leopard Server nor the most likely purchaser of turnkey, user-friendly servers. Again, Leopard Server passes muster in the general purpose category, and linking in Apple’s Xsan SAN filesystem opens Leopard Server’s intrinsic scalability. But the turnkey features that make Leopard Server so appealing don’t scale with the use of the GUI tools. The tools themselves fall short of an experienced admin’s expectations, especially with regard to real-time reporting. Apple thoughtfully made all of its admin tools operable remotely so that you don’t have to resort to VNC or a remote shell; the console administrative GUI runs on any Mac client, and the tools are free. But when a remote management connection goes down mid-session, the admin tools handle it poorly. There is no notification that the link to the server has been cut. Rather, stale stats persist on-screen until the admin tool is restarted, at which point a broken connection is reported.
Leopard Server does all of the things that Tiger Server did, with modernization that’s particularly visible in its default security and the GUI interfaces that operate it. You’ll also find that often-used features like the setting up of network shares have been moved to top-level management interfaces. Leopard Server is a much easier OS to run even when your requirements exceed that which the desktop-like GUI can manage.
Just add users
Wiki, blog, calendar, and instant messaging are pulled together as Web services, and Apple took a brilliant approach. When you create a new user on Leopard Server — of course, you can link to Windows Active Directory and arbitrary LDAP directories as well, with Leopard providing single sign-on — Leopard Server sets up homes for the user’s blog and calendar and shared address book (“Directory”). When you create a group, Leopard Server automatically wires that group’s members into selected Web services, with configurable access by users outside the group. For example, the group gets its own Wiki and group mailing list, and a calendar that permits full-group invites. That’s just a hint of the “do it in one place, it shows up everywhere” integration that’s familiar to Mac client users. It is just as pervasive in Leopard Server.
It’s clear that Apple let its creative and technical wizards run wild in Leopard Server just as they did in Leopard client, and as with Leopard client, I can’t hope to run down the list of Leopard Server’s new features. I can point to an example of Apple’s assembly of its own technology to blow users’ minds. Podcast Producer sounds like a desktop tool, but it’s a major innovative leap in back-end services. Podcast Producer is server-side automation for podcast workflows. It takes media content uploaded by users, carries it through a workflow that includes grid-based media format transcoding, and posts it to a targeted podcast site, yours or Apple’s (iTunes and iTunes U). Mac users running Leopard have an application called Podcast Capture that is the front-end for Leopard Server’s Podcast Producer. Just record it, assemble other bits you want to take along, send it, and it magically appears in the right place in the right format; those are details that users no longer need to worry about. They can if they must, but the speed and quality of the automated approach — this is one area where Leopard Server scales out of the box — exceeds what most shops could do with custom code.
And that makes a fitting closing point. Below the datacenter level, where the expectation of serving millions of external users is wired into planning, there’s often no reason for servers to be complicated beasts. Ideally, they should look no scarier to administrators than they do to users. There is no question that complexity is a show-stopper for small to medium businesses, independent professionals, and budget-limited organizations that really need to just dump an Xserve or Mac Pro in the most convenient spot, hook one cable to the LAN and one to the WAN, and go live with blogs, wikis, internally-hosted IM, and podcasts while taking care of the basics such as firewall, viruses, and spam. For that last garnish that finishes the dish, know that scalability is relative. An Xserve or Mac Pro with a hardware RAID adapter, or an outboard Xserve RAID, can handle more simultaneous users than you’d expect. Don’t base your expectations on what Windows and Linux PCs can do. Leopard is a different beast that could easily be the only collaboration server that an organization of modest size requires.