Apple has released their tenth iteration of OS X, called OS X 10.9 Mavericks. OS X 10.9 Mavericks builds on the existing OS X 10.8 Mountain Lion and adds some new features. Some of these features will be very apparent, like Maps, while others will be hidden within the background and will help improve battery life. Of course, right alongside OS X 10.9 Mavericks Client, Apple has released OS X 10.9 Mavericks Server, and some of the OS X 10.9 Mavericks Server changes will be big for developers.
Table of Contents
Since the initial unveiling of OS X 10.0 Cheetah back in 2001, Apple has used the names of big cats for their releases. These names are, in order of appearance: Cheetah, Puma, Jaguar, Panther, Tiger, Leopard, Snow Leopard, Lion, and Mountain Lion. With OS X 10.9, Apple has decided to shift their focus away from big cats to places within California, with the first in the new series being Mavericks.
Apple unveiled their new naming scheme at their World Wide Developer Conference (WWDC) keynote on June 10th, 2013. Within the keynote, Apple had joked that they could have named OS X 10.9 Sea Lion, to stick with the lion theme, but decided to pass on this because “that could be a bit of a dead end” in the long term.
During the keynote Apple announced that they anticipate using places in California for OS X moving forward. Craig Federighi stated, “we want a set of names that will carry us for at least the next 10 years”. Federighi also stated that they were planning on using “places that inspire us,” meaning places in California. This statement signifies that Apple intends to maintain the OS X desktop version of their software for the foreseeable future. While it may be that new features will appear in both OS X and iOS in tandem, the products will remain separate operating systems and not merge.
This separation could change should ARM-based technology become as fast and efficient as desktop-based hardware. If this were to occur, it would be conceivable that OS X and iOS could become one operating system.
OS X 10.9 Mavericks maintains the same requirements as OS X 10.8 Mountain Lion. If your Mac is capable of running OS X 10.8 Mountain Lion, it is most likely capable of running OS X 10.9 Mavericks. In order to run OS X 10.9 Mavericks you must be running one of these Macs: an early 2007 iMac or newer, a late-2008 or early-2009 aluminum Macbook, a mid-2009 13-inch Macbook Pro, a mid to late-2007 15-inch MacBook Pro, late-2007 17-inch MacBook Pro or later, a late-2008 MacBook Air or later, an early-2009 Mac Mini or later, an early-2008 Mac Pro or later, or an early 2009 or later Xserve.
Apple has announced the pricing of OS X 10.9 Mavericks Server to be $19.99, and once again this will be offered as a desktop add-on to Mavericks Client as opposed to standalone software. This pricing is the same as OS X 10.8 Mountain Lion Server, but much lower than the $49.99 price tag for Mac OS X 10.7 Lion Server. The $19.99 price does not exclude any user from, in theory, being able to convert their standard OS X 10.9 Mavericks installation into OS X 10.9 Mavericks Server. The continuation of the low price means that Apple will keep the price down for all to be able to purchase OS X 10.9 Mavericks Server.
OS X 10.9 Mavericks Server includes many new features that will allow an OS X administrator to be even more effective and efficient at their job. Some of the new features include an improved Caching Server, a more powerful Profile Manager to deploy more than just applications, and even an Xcode Control Server. But before we delve into all of the server specific features, let us look at a couple of OS X 10.9 Mavericks Client improvements that anyone who has to manage a server will also find useful.
Finder’s traditional role included having separate windows to be able to view items on your Mac. This could become unwieldy if you need to look in several different places for files. Now, instead of needing to have a bunch of windows open, you can use a set of tabs, much like in Safari, to have multiple folders open simultaneously. This can be a great way to have a bunch of related items open without cluttering up the screen. This is particularly useful on smaller screens, like that of the 11-inch MacBook Air.
Having tabs is great, but what if you need to move items between tabs within the same Finder window. You can still do this easily. All you have to do is select the item, or items, you want to move, or copy, and drag them to the destination Finder Tab, and the items will be moved or copied.
There is one thing to be cognizant of when using Finder Tabs. If you have multiple tabs in a Finder window, whichever tab is currently active will be shown under the Window menu. As an example, if you have two windows open, say Applications and Downloads, if Applications is currently the active tab, the Window menu will say Applications. However, if the Downloads tab is active, that is what will appear in the Window menu. It is a simple concept, but something to be aware of, because there may be a time when you don’t realize that you have a window with multiple tabs open and you could swear that you had a particular location open , but you may not be able to find it easily.
Finder Tabs will make the life of a system administrator that much easier by allowing administrators to quickly and easily transfer items between windows. This is a much more efficient method than dealing with multiple windows as was required with OS X 10.8 Mountain Lion and previous versions.
iCloud has become Apple’s core mechanism for synchronizing information between OS X and iOS devices using the same iCloud login. iCloud Keychain will keep all of your devices, both OS X 10.9 Mavericks and iOS 7 devices, up to date with all of your login credentials, credit cards, and other autofill information. This will make life much easier for you if you sign up with a service on your OS X 10.9 Mavericks machine and then need to log in to that service on youriOS device, or even another OS X 10.9 Mavericks machine.
iCloud Keychain automatically synchronizes your usernames, passwords, and even credit cards using iCloud to keep all of your devices up to date. The information is encrypted so that Apple cannot read it, or at least that’s according to their documentation.
To enable iCloud Keychain, take the following steps:
- Open System Preferences.
- Click on iCloud.
- Sign into iCloud, if you are not already signed in.
- Click the checkbox next to Keychain.
- If you don?t already have it set up, you will be prompted to create a password that must be entered when your computer awakes from sleep. You can choose to enable this or not.
- You will be prompted to request approval to use this OS X 10.9 Mavericks machine for iCloud Keychain. An email will be sent to verify that you want to allow this, if it is the first machine that you are setting this up on. Subsequent devices that want to use iCloud Keychain will need to get approval from your primary machine.
- You machine is all set for iCloud Keychain.
One of the downsides to iCloud Keychain is that you are not able to view any information about iCloud Keychain on your iOS devices. It can only be viewed from Macs running OS X 10.9 Mavericks. This can be an issue if you want to be able to verify that the information is being transmitted.
Server Specific Items
Server.app has not remained stagnant since its initial release with Mac OS X 10.7 Lion Server. Server.app 2.2 with OS X 10.9 Mavericks Server is no exception. While it has remained largely unchanged, there are some new features and some slight changes that will help almost any administrator.
Before we delve too deeply into the cool new features of OS X 10.9 Mavericks Server, there has been a slight change to Server.app; the colors during setup. Apple has forgone the traditional blue color palette for setup in favor of a sleeker white, grey and black scheme. This color scheme reflects a subtle shift to a softer tone regarding how Server.app appears during setup. In no way does this affect functionality; however, it may be a sign of things to come in the future version of OS X’s Server.app.
File Sharing Protocols
One of the key functions of any server is file sharing. File sharing can occur not just between OS X networks, but also between OS X and a variety of other networks that includes Linux, Unix, and Windows. Apple has improved communications with all of these operating systems.
Server Message Blocks (SMB)
There has emerged a standard communications mechanism called Server Message Blocks (SMB). SMB is also sometimes called Common Internet File System, or CIFS. SMB has been in existence since the latest 1980s and Microsoft heavily modified it to be in their Windows Operating systems. OS X Server has supported SMB version 1.0 since the Mac OS X 10.0 Cheetah Server days. With OS X 10.9 Mavericks Server, not only is SMB version 1 supported but SMB version 2 (SMB2) is as well. SMB2 has also become the default file sharing protocol for all file sharing.
SMB2 adds a few enhancements to the protocol, the primary of these being support for “Jumbo Frames” and support for 10 Gigabit per second over Ethernet — commonly shorted to 10GbE — network connections. The primary layer 2 protocol for the Internet is Ethernet. Ethernet’s standard packet size, or transmission unit, is 1500 bytes — well actually 1540 bytes. This is standard on most network connections. There is an option on a number of enterprise switches that allow for an adjustment of the maximum transmission unit (MTU) above 1500. Anything above 1500 is considered to be a “jumbo frame”. Jumbo Frames allow a particular network connection between a device and a switch, or a switch and a switch, to transmit more information in a single packet. This means that information will be able to traverse the network in a much faster fashion. This can result in faster transmission speeds and faster transfers between devices.
It makes sense that Apple went with SMB2 right now. SMB2 was introduced with Microsoft’s Windows Vista operating system in January 2007. SMB2 is the default for most of the currently supported versions of Microsoft Windows, which are Windows Vista, Windows 7 and Windows 8, Windows Server 2008, Windows Server 2008 R2, and Server 2012. SMB is now in version 3.0 with the release of Microsoft’s Windows 8 and Windows Server 2012. SMB 3.0 will also be the default for the soon to be released Windows Server 2012 R2 and Windows 8.1.
Do not fret, the previous default protocol, Apple File Protocol, or AFP, is still employed for older OS X machines that connect to an OS X 10.9 Mavericks Server machine. AFP is also still used by Apple’s Time Machine backup service. When connecting to an OS X 10.9 Mavericks machine, you are still able to specify using the Apple File Protocol should you wish to do so, you just have to specify “afp://“ at the beginning of the connection.
Network File System (NFS)
While Microsoft’s Windows may be the predominate desktop operating system, the primary server operating system has to be Linux/Unix. While many Linux installations come equipped with SMB enabled and are able to communicate with Windows devices, their preferred protocol is Network File System, or NFS. Apple has enhanced communications with NFS shares by incorporating NFS v3 and NFS v4 support within OS X 10.9 Mavericks Server.
One of the big enhancements is the addition of AutoFS, which allows administrators to specify paths to be auto-mounted for users throughout an entire organization. The best part is that it can be done using the same auto-mounting maps employed with Linux. This change will make administration of Linux and OS X 10.9 Mavericks Server that much easier for all parties involved.
Under OS X 10.8 Mountain Lion Server, Apple chose to have all of the services in one giant alphabetical list. While this made it easy to find what you were looking for, it was a possible befuddling point for some novice administrators. This is no longer the case under OS X 10.9 Mavericks Server. Apple has chosen to revert back to Mac OS X 10.6 Snow Leopard Server categorization. Under Mac OS X 10.6 Snow Leopard Server, administrators had two distinct sections of services: Services and Advanced Services. Apple has chosen to bring back this model of categorization.
Under Services there are twelve different services listed. They are Caching, Calendar, Contacts, File Sharing, Mail, Messages, Profile Manager, Time Machine, VPN, Websites, Wiki, and Xcode. This grouping represents the most likely features that OS X Server administrators will want to access.
Under the Advanced category there are seven services. They are DHCP, DNS, FTP, NetInstall, Open Directory, Software Update, and Xsan. This grouping represents those services which only more advanced administrators will be willing to tackle.
Overall, I can agree with the categories chosen for each service. The only one that might be in the wrong category is the FTP Server. While it may be the case that many OS X administrators will not use an FTP Server, the service is not difficult to configure nor is it difficult to maintain, so it is a bit strange that it was put into this category.
The re-introduction of the categorization will put many novice administrators at ease, while allowing advanced administrators to quickly see which advanced services they may need to configure for their environment.
One of the many downsides the approach that Apple has chosen, where Server.app would be a paid add-on distributed through the Mac App Store and which began with Mac OS X 10.7 Lion Server, is that the ability to manage previous versions of OS X server was gone. Under OS X 10.8 Mountain Lion Server you could not manage a Mac OS X 10.7 Lion Server installation with anything other than Mac OS X 10.7 Lion Server. If you utilized the Mac OS X 10.7 Lion Server version of Server Admin, you could manage Mac OS X 10.6 Snow Leopard Server devices, but this approach used two separate applications to manage different versions of OS X server.
Under OS X 10.9 Mavericks Server, this is no longer the case. With OS X 10.9 Mavericks Server an administrator is able to use the same Server.app application to manage both OS X 10.9 Mavericks Server as well as OS X 10.8 Mountain Lion Server installations. This is a big improvement for entities that have a small number of OS X devices that manage all of their OS X Servers. When you administer an OS X 10.8 Mountain Lion Server installation with Server.app 2.2, the Services Categorization will remain in the same format as a OS X 10.9 Mavericks server would.
With previous versions said entities would be required to keep one of their servers running the previous version, just to be used as a management point for their old servers. It is a much needed improvement to be able to use one Server.app to manage both the current and previous versions of OS X server.
In December of 2012, Apple issued an update for OS X 10.8 Mountain Lion Server. This upgrade moved the version of Server.app to 2.2 build 166, and with it came a new feature: Caching Server.
Traditionally, Apple always had its Software Update service available for companies to be able to not only internally manage software updates, but also to save on bandwidth costs. The Software Update service, as mentioned previously, allows companies to selectively enable updates as well as selectively determine which devices use the server’s software update service.
Caching Server takes this to another level. Caching Server is used to cache not only traditional software updates, but also updates for applications downloaded via the Mac App Store and iTunes App Store. Caching these updates will allow updates to be downloaded faster, which in turn will also conserve bandwidth.
Unlike the Software Update service, Caching Server does not have much in the way of granular control. It’s really more of a download server. As an administrator, you have no fined-grained control over what applications are stored. The only options available via the user-interface is the ability to turn on and off the service, select which disk the cache is stored on, and how much hard drive space to give the service. This can be anywhere from 25GB to an unlimited amount. By default, Caching Server wants to have an unlimited amount of space. Once the Caching Server has filled up its entire allotment of storage, it will begin to clean up space by deleting the least used updates.
There are some advanced options available via terminal. The options available, which are not available via the GUI, are which interface to listen on, which IP address ranges to listen on, the Console Log Level, the maximum concurrent users who can connect to the server, and which port to listen on. You are also able to set the options that available in the GUI, via the command line.
Caching Service is still a very nascent service, and I’m sure that we’ll see updates to the service over the next couple of years. It’s not entirely inconceivable that the Caching Server and Software Update service may eventually merge into one service. As a matter of fact, I would be quite surprised if this was not Apple’s ultimate goal.
OS X 10.9 Mavericks Server enhances Caching Server a bit. Under OS X 10.8 Mountain Lion Server, an administrator was only able to set a location, how much hard drive space to allocate for Caching Server, and enable the ability to reset the cache. With OS X 10.9 Mavericks Server, each different type of cacheable item is visible to the administrator. The four categories are Mac Apps, iOS Apps, Books, and Other. The first three should be self-explanatory. The Other category is presumably anything that doesn’t fit into the other three categories, but despite all of my testing, I couldn’t actually get anything to appear in this category. It’s possible that it’s being reserved for a future product or product category.
One of the things that many administrators love to be able to see is log files and statistics, which Server.app has covered. Under OS X 10.8 Mountain Lion Server there were only three categories viewable to an administrator: Processor Usage, Memory Usage and Network Traffic. These are still present under OS X 10.9 Mavericks Server, but there’s also a new one: Bytes Served. Bytes Served relates to OS X 10.9 Mavericks Server’s Caching Server.
Caching Server, as mentioned above, allows administrators to cache items downloaded from the Mac App Store as well as iOS applications, iBooks, and other items. This is particularly useful for items that are likely to be downloaded by many users. Instead of requiring additional bandwidth for each download, the file is only downloaded once and then cached on the server for others to access. Having a caching server makes it much faster for users to download updates. Imagine having 100 employees all downloading a 700 megabyte file. That would be 70 gigabytes of bandwidth consumed for just one update.
In regards to statistics, an administrator can see how much has been transferred in a given time period, up to 7 days, and see how much usage the caching has received during the requested time. This can help administrators choose whether or not to free up some space by resetting the cache.
Git is a source code repository mechanism that lets multiple developers work on a single project from the same codebase. The benefits of a Git repository is that the complete history, which includes a full tracking capability, is downloaded each time a repository is updated. The second benefit of Git is that it is not dependent on a centralized server as many other repository systems are.
Since Xcode 4 was introduced in March of 2011, the ability to save to a local Git repository has been available. A local Git repository is great for an individual developer. A problem begins to occur when you have more than one individual working on the same codebase. While it may be possible for two people to use the same code and share their changes, a problem with scale occurs when you have more than two people working on a project.
When you are in charge of a group of developers who are working on a project, it is hard to keep everybody on the same page, let alone keeping them all using the same codebase. In the past, many companies were stuck with either setting up a dedicated computer to store the repositories, cobbling together a solution to put on their OS X Server, or using a cloud-based service like GitHub to store their developers’ work. The issue with cloud services is that it is an outside entity that is storing the information and should something disastrous occur, all of that work could be gone, or should a security issue arise, their code could potentially be stolen. Many companies prefer to keep their data internal and under the care of their IT staff.
One of the newest features of Server.app is a feature called Xcode, but for easier identification I will refer to it as Xcode Services. Xcode Services is a built-in service that allows you to set up a central repository for your developers to use. This could be used in lieu of an external hosting provider, like GitHub. Xcode Services support is built into Xcode 5 and can easily be accessed from the first dialog screen by selecting “Check out an existing project”.
Xcode Services provides more than just a Git repository; it also allows developers to make use of a new feature in Xcode 5, called Bots. Xcode Bots allows a developer to automatically handle tasks, like builds, analyzing, testing, and the archiving of code. The interval at which this can be done is set within the developer’s Xcode preferences. There is also an option to have a bot run at every commit.
There are only a few options to consider when configuring Xcode Services. These options are Permissions, which version of Xcode to use, and integration with a Developer Team.
Under Permissions, there are a couple of settings to verify. The first is who can create and view bots. Xcode Services uses a three-tiered hierarchy for access. The three levels of access are “anyone”, “logged in users”, and “only some users”. The option “anyone” will allow, as it states, anyone to have full access, both read and write, to bots. The option “logged in users” requires that developers provide authentication before being able to write data. If you choose “logged in users”, a new option will pop up entitled “Also allow view-only access for”, and the only option will be “anyone”. If you do not want to allow what is effectively anonymous viewing access, you simply need to keep the box unchecked.
The last option, “only some users”, will allow you to select which individual developers are allowed to create and view bots. Additionally, you can select which users are allowed to have “view only” access. When selecting “only some users”, you can select any option to allow viewing of bots, should you determine that it is needed.
This is not the only location where permissions can be set. As an administrator, you also have the ability to limit individual repositories to certain users or groups. This method can be useful if you have a large number of developers that will be using the same server to store their code. It may be more advantageous to allow all of them to create and view bots, but then limit access to individual repositories. This last method is best when multiple groups of individuals are all using the same OS X 10.9 Mavericks Server for hosting their repositories.
There are two different categories of repositories that can be hosted. The first is local repositories. These are those hosted only on the OS X 10.9 Mavericks Server and are not necessarily part of a public development process. The second category is remote repositories. This category is for those projects that may be hosted on other OS X 10.9 Mavericks Servers or on the Internet on sites like GitHub. With remote repositories, the OS X 10.9 Mavericks Server effectively becomes a proxy. Developers connect to the OS X 10.9 Mavericks Server machine hosting Xcode Services enabled, and they can check out the code from the local repository instead of having to go out to the Internet to retrieve the information. This is a great feature if you want to limit Internet access from your development machines, but still provide access to crucial public projects. This also works should an existing infrastructure exist within a company and the developers need access to that repository.
One thing to keep in mind regarding Xcode Services is that each time Xcode is upgraded, Xcode Services will need to be upgraded as well. This procedure is just like setting up Xcode Services for the first time. The only difference is that your repositories will remain intact and do not need to be re-created. Upgrading Xcode Services will only take a couple of minutes and your developers will be back to coding and having the automated bots archive and test their code.
Xcode Services should provide development teams an easy mechanism to be able to centralize code and then be able to automatically create archives and test builds. With the addition of Xcode Services, OS X 10.9 Mavericks Server will be an even more appealing version for developers than any previous OS X server has been, up to this point.
Despite the best efforts of many administrators, they cannot always be right in front of the screens that they are charged with keeping watch over. To help in notifying administrators when things go awry, Apple has included alerts that can be sent out via both email and push notification. There have been some slight changes with alerts under OS X 10.9 Mavericks Server. Apple has decided to consolidate alerts into larger categories.
Under OS X 10.8 Mountain Lion Server, there were a total of ten alerts. These were Caching service alert, Certificate expiration, Disk Space, Disk unreachable, Mail storage quota, Network configuration change, S.M.A.R.T. status, Software updates, Time machine, and Virus detected. Under OS X 10.9 Mavericks Server the categories are now Caching, Certificates, Disk, Mail, Network Configuration, Software Update, and Time Machine. It’s helpful to know what each group of alerts will notify you about.
The Caching alert will notify you when the following events occur: the caching service is low on disk space, the caching service is out of disk space, the caching resource is missing, when the “Caching service is temporarily unavailable”, when the “Caching service cannot start”, when the “Caching service is unable to register”, and when the “Caching Service is too busy”. When a caching server gets low on disk space, the caching service can be migrated to another volume which has more storage space. The only one that is a bit confusing is the “Caching service is unable to register” alert. I still haven’t figured out what this one actually means.
For the Certificate alerts, you’ll be notified when: a certificate cannot be created, when a certificate cannot be renewed, when a certificate expires, when a new Secure Sockets Layer (SSL) certificate is created, when an SSL certificate fails to be created, when an SSL certificate is missing, and when a certificate needs to be renewed. Certificate alerts will notify an administrator before a certificate is due to expire to allow them to generate and create a new certificate. The list of certificates that will generate an alert are: SSL, code-signing, and push notification certificates. When certain services do not have a certificate associated with them, or when they have an expired certificate, the services will no longer operate and users will no longer be able to connect to the service.
Disk issues can be disastrous if they are not taken care of quickly, so the Disk alerts can be critical. With these, notifications will include: the Self Monitoring And Reporting Tool, commonly shortened to S.M.A.R.T., status changes, when a volume is no longer available, when a volume is low on free space, and when a volume is full. Alerts about disks will mention which disk or volume is experiencing an issue. If it is a S.M.A.R.T. status issue, it is best to take care of that quickly.
Many entities use an OS X Server for their email. Email today is littered with all sorts of spam and virus-laden emails, so it’s always nice to know when issues related to mail occur. The notifications for mail include: when a virus is detected on an inbound email, the mail virus scanner is not running, Post Office Protocol (POP) or Internet Message Access Protocol (IMAP) is not running, when the Simple Mail Transfer Protocol (SMTP) service is not running, or when the virus database update tool is not running. When a virus gets loose on your OS X 10.9 Mavericks Server machine, that can be a problem. If you receive an alert that the virus database update tool is not running, make sure to take care of that sooner rather than later.
There is one area that you really needs to know about, should anything change, and that is networking. If any network change occurs on a machine, it may wreak major havoc with the system. The alerts for Networking changes are: when a Host name has changed, a Network Internet Protocol (IP) address has changed, when a reverse DNS host name mismatch occurs, and when a Bonjour network name changes. The IP address change notifications will occur for both IPv4 as well as IPv6 addresses.
Software updates are a necessary item to keep an OS X 10.9 Mavericks Server running as securely as possible. You’ll receive these Software Updates notifications: when there are software updates available, when they can be installed, and when there are recommended updates available for the server.
The last group of notifications is regarding Time Machine. Time Machine is Apple’s proprietary mechanism for allowing OS X machines to back up their contents. Time Machine begins with a full backup and will subsequently do incremental backups. Incremental backups are consolidated as needed. The alerts for Time Machine are: when a backup is incomplete and when a machine’s backups are out of date. Time Machine notifications should include when the last backup on the machine was completed.
In all, alerts have remained relatively unchanged. Administrators who are accustomed to receiving notification of events on their OS X server will be able to continue to do so. The consolidation will make it easier for more novice administrators to be alerted for the items they need to know about most.
All throughout the betas of OS X 10.9 Mavericks Server, developers installed OS X 10.9 Mavericks Server’s Server.app using a traditional package installer instead of the through the Mac App Store. That has changed with OS X 10.9 Mavericks Server, which has been released in the Mac App Store and is available now.
Removed Feature: Network Utility
There is one utility application that has been removed, not just from OS X 10.9 Mavericks Server but also from OS X 10.9 Mavericks Client: Network Utility. Network Utility was an application that allowed you to perform some network tasks, like displaying Network information and stats, Pinging a host, looking up information about a Network Host using NSLookup, using trace route to look at where an Internet packet travels to arrive at its destination, a Whois Search to determine who owns a particular website, Finger, which is used to identify a person, and Port Scanning to be able to determine if a specific port is available. All of these functions are still available through terminal, with the exception of port scanning.
The benefit of the Network Utility app was that the application was all in one simple user interface that anybody could use without much trouble. If you really miss Network Utility in OS X Mavericks Server and you still have a copy of Mac OS X 10.7 Lion or OS X 10.8 Mountain Lion, you can simply copy Network Utility from the Applications/Utilities folder on one of those systems and put it in the Applications/Utilities folder on OS X 10.9 Mavericks’ computer and it will work without any issue. But be careful: if you perform an upgrade, the application will be removed during the upgrade.
Apple has always been concerned about battery life and optimizing OS X to be able to perform at its peak efficiency. One method is to add a bigger battery to mobile devices, and while this can work by shrinking other components there is a limit to how much space a battery can occupy within a device. When you have reached the practical limit for hardware, you turn to software to optimize the experience. With OS X 10.9 Mavericks, Apple has done just that. Apple has introduced three concepts, two of which the general user will be able to appreciate. The third is more of a background item that the user may peripherally notice when they notice that their battery life is excellent. The three features are App Nap, Compressed Memory and Timer Coalescing.
There are many items that can really drain a battery in a portable device, and the big two are heat and a constantly running application. Typically the second one leads to the first. To combat this type of battery drain, Apple has added a new feature to OS X 10.9 Mavericks called App Nap. App Nap is a feature that does just what is says: it allows an application to take a nap.
By taking a nap, Apple means that an application can be temporarily paused so that it is no longer running. When this occurs, the application does not consume any processing power, which in turn means that it does not consume any battery power. Having fewer apps not consuming battery power all the time naturally leads to longer battery life.
OS X 10.9 Mavericks will automatically determine which applications should be put into an App Nap. The determination depends on a couple of factors. The first is whether or not the application is even viewable. If the application is in the background, it may be put into a sleeping state more readily. If there are no open windows for an application, it almost certainly will be put into a sleeping state.
The second factor is whether or not the application is playing audio. If you have iTunes playing some music, or streaming from an Internet radio station, it will not be eligible to be put to sleep. This is true of any application that plays audio. It could be a live streaming application for a podcast that you listen to, or even just a web browser.
The third factor is whether or not the application has opted out of power management. This can either be done programmatically by the developer or by having the user specifically disable App Nap on an application. To disable App Nap on any application, perform these simple steps:
- Locate the application in Finder, typically under /Applications.
- Right-mouse click or cmd+I on the application to obtain the inspector information.
- Check the box titled “Prevent App Nap”.
- The app will no longer be “App Nap” eligible.
When an application is asleep, it gets put into a queue that will perform tasks in the order in which it was added to the queue. This queue is rarely called and processes in this queue are not executed that often. The best part of App Nap is that developers will not have to do anything to have their applications be able to take advantage of App Na. Most applications are automatically enabled for App Nap.
App Nap is not a feature that is new to just OS X 10.9 Mavericks Server, but also OS X 10.9 Mavericks Client. App Nap is a built-in mechanism that will automatically put idle applications to sleep. App Nap inspects each application process to determine which process should get the highest priority. The idea behind App Nap is to put resources where they are needed at a given time and to put processes that do not immediately require resources on the back burner.
Similar to App Nap is Compressed Memory. Compressed Memory is a feature that will take memory from unused applications, like those that are currently sleeping thanks to App Nap, and use that memory for currently active applications. It accomplishes this by compacting the oldest used items to about half the size of their memory. Compressed Memory is able to do this by using the WKdm (Wilson-Kaplan Direct Mapped) compression algorithm. The WKdm algorithm takes the input as it looks for commonality between the data. If there is some commonality, it will create a pointer for the common part of the memory for when it is decompressed. The algorithm keeps working until it has compressed the memory to approximately 50% of its original size. The compressed memory is still stored in memory to make decompression faster.
For example, let’s say you have a bunch of applications open, like iTunes, Safari, iBooks, Messages, Pages, and Adobe Lightroom. Let us presume that the memory on your OS X 10.9 Mavericks system is at its maximum.
There are a couple of real benefits to compressed memory. The first benefit is that OS X 10.9 Mavericks will always seem responsive since the system will get the memory it needs and can keep the memory that it does not need out of the way. Secondly, since decompression is very quick, if your Mac does need the compressed memory, it will be able to decompress it and present the necessary memory to the application. The last benefit is that since everything is stored in memory, there is a significant reduction in writing to your SSD-based hard drive. This means that the longevity of the flash disk will be extended.
I will not lie; this section will be a bit geeky. As mentioned before under the App Nap section, the two biggest drains on battery life are heat and a constantly running applications. All computers these days have processes running constantly, except when the machine is completely turned off. On a typical system there could easily be over 100 processes running. On my system, after a restart, with no applications running except activity monitor, there are 233 processes running. I had stopped all of the services that I could, but there were still that many processes running.
Normally when you have a bunch of applications running, they are all going to need to use processor time to accomplish their tasks. And with today’s Macs having at minimum a dual-core processor, you will always have the ability to run two processes simultaneously, if the application supports it. Even though you probably have multiple processes asking the processor to execute tasks constantly, the chance that any two tasks will be executed at exactly the same time is pretty low. And having the processor constantly executing tasks is taxing on the battery.
Timer Coalescing draws on the idea of using a parallel-processing type system to execute many instructions at the same time. This is accomplished by shifting the execution times for application tasks by a tiny amount to allow the processor to execute the processes in one fell swoop instead of every few microseconds. This is done in order to minimize the amount of time the processor has to be active. The more time that a processor is idle, the better the battery life.
Resource Management Conclusion
App Nap in conjunction with Compressed memory and Time Coalescing provide a comprehensive strategy for not only making your OS X 10.9 Mavericks machine always seem responsive, but also for extending the longevity of the hardware. The is accomplished by limiting unnecessary writing to the flash drive as well as executing instructions from multiple applications simultaneously by shifting execution times so they all align. By reducing the writes to a disk as well as increasing the amount of time the CPU is idle, the overall responsiveness of the system increases, thereby giving the user a feel that they have a brand new Mac.
One of the most beneficial tools for the power user is Activity Monitor. Activity Monitor is akin to Microsoft’s Task Manager. Activity Monitor gives the user a look at what is actually running on your Mac. Activity Monitor has received a complete overhaul. Instead of merely showing you a bunch of different process views. Under OS X 10.8 Mountain Lion you were provided with aggregates for each category. Activity Monitor would not list the utilization for each process, excluding percentage of CPU and memory utilization.
Applications can become unstable and sometimes it becomes necessary to kill a process. Sure, you could go into terminal and use the “top” command to accomplish this. However many general computer users are not comfortable with, or even know anything about, terminal. To provide a graphical task manager Apple has included Activity Monitor since the initial release of Mac OS X 10.3 Panther. Under versions prior to Mac OS X 10.3 Panther it was called Process Viewer. Activity Monitor under OS X 10.9 Mavericks has received a refresh.
With the new Activity Monitor you are given five different tabs to view: CPU, Memory, Energy, Disk and Network. The views will display, in context, the statistics for each process. For instance, if you’re looking at the CPU tab, you will see the percentage of CPU that is currently used, the total CPU Time for that process, the number of threads as well as the Idle Wakeups that have been performed by the application. You can organize each column in either ascending or descending order. To get a taste of what this looks like, check out the screenshot below.
For the Memory tab, you are shown the amount of memory used by each process, the number of threads, the number of ports and the user. Each column can be sorted in either ascending or descending order. Also under the Memory Tab you will see the Memory Pressure, which directly relates to the section Resource Management above. You can see the total Physical Memory, the Memory currently used, the amount of Virtual Memory and how much Swap space has been used.
The Energy tab is a completely new tab. This tab will show you the the current Energy Impact for a given application, the Average Energy Impact, and whether or not the application is currently sleeping, through the use of App Nap. This is the only tab that is able to use the new view option of “Applications in the last 8 hours”. This is because the Average Energy Impact is calculated based on the last 8 hours. By default the Energy tab only shows the applications in the last 8 hours, but you can view all current processes.
The Disk tab is much like the Disk Activity tab under OS X 10.8 Mountain Lion and previous versions. You can still see all of the same information: the number of reads in, the number of writes out, the number of reads in per second, as well as the number of write outs per second. You are also still able to switch between the number of Input/Output operations per second and the amount of data being transferred between memory and the disk. The default options that are viewable in the Disk tab are the Process Name, Bytes Written, Bytes Read, and the user who owns the process. This breaks down the amount of data for each process. This is something that could not be readily gleamed under OS X 10.8 Mountain Lion and previous versions.
The Network tab is a brand new look into the network activities of each process on your Mac. In this view, by default, you see the number of bytes sent for a given process, the number of bytes received, the number of packets sent, the number of packets received as well as the user who owns each of the processes. The other information available is the same as in previous versions of Activity Monitor. This information is the total number of packets in, the total number of packets out, the number of packets in per second, the number of packets out per second, the total amount of data received, the total amount of data sent, the data received per second and the data sent per second. You are also still able to switch between Data and Packets. The graph will change to show the selected item. The Network tab can be very useful if you are experiencing a lot of traffic and want to know which process is the one sending or receiving all of the traffic.
There are a couple of things that are no longer in Activity Monitor. The first of these is the Disk Usage tab. While it may be a loss for many users who have a lot of storage attached to their system, there are other applications that will provide this information. The information is still available from within Disk Utility as well as in Finder.
The second item that has been removed is the ability to select a color for graphs. The only two colors now are red and blue. You could say that this is in order to maintain the whole “Red vs. Blue” theme, but I don’t think that it is that complicated. By standardizing colors, support personnel, both Apple and third-party support, can inform users as to which color to look at for a particular task.
The overall refresh of Activity Monitor is a definite improvement over the previous versions of OS X. The inclusion of tab-specific views does mean that users will be able to see, more gradually, what is going on with their Mac. In particular, the Network and Energy tabs will be very useful. With the addition of the Energy tab, users will be able to see which applications are taking up all of their battery usage on portable Macs.
Profile Manager Server
Profile Manager Server is one of the few services that has changed, although the change is small. The basic functions of being able to enroll devices and apply policies to them still applies. The changes in Profile Manager Server are those surrounding updating to be compliant with OS X 10.9 Mavericks as well as iOS 7.
The changes are only to accomodate those new features within each operating system. The changes for OS X 10.9 Mavericks are: addition of controls for iCloud Keychain and the changing of “Mail, Contacts and Messages” to “Internet Accounts”. As for iOS 7, the biggest change is support for controlling iCloud Keychain. Beyond this, there has been no appreciable change.
There are some services that have remained unchanged from OS X 10.8 Mountain Lion Server to OS X 10.9 Mavericks Server. These services are Domain Name System (DNS), Dynamic Host Configuration Protocol (DHCP), Calendar, Contacts, File Sharing, Mail, Messages, Time Machine, Virtual Private Network (VPN), Websites, Wiki, FTP, NetInstall, Software Update, and Xsan. All of the information regarding these services can be found in my OS X 10.8 Mountain Lion Server review.
Open Directory API
With any program, no one company can conjure up every conceivable feature needed for a particular service or platform. To reduce the dependency on the service creator, the inclusion of an Application Programming Interface (API) comes in handy. APIs allow developers to take a service and connect, or add on, to it. OS X applications use all sorts of APIs to run and interact with the system. Sometimes it becomes quite necessary to rethink the entire API. There is one area in which Apple has done this with OS X 10.9 Mavericks Server. That area is Open Directory Plugins.
Under OS X 10.8 Mountain Lion Server, as well as previous versions, there was an API for Open Directory, entitled DirectoryServices. Apple is changing the whole thing under OS X 10.9 Mavericks Server, requiring Open Directory Plugins to be implemented as an XPC service module. XPC is a mechanism for facilitating interprocess communications. XPC integrates with Grand Central Dispatch and launches to accomplish this task.
More information about XPC and creating XPC services can be found on the Apple developer site.
Daemon and Library Changes
Every OS X 10.9 Mavericks Server comes with some built-in applications. These applications are used by the operating system. These applications can also be used by more advanced users to run web servers, build websites, or even just for development. These applications are updated with security updates whenever OS X 10.9 Mavericks receives either a point release, like the inevitable 10.9.1, or a security update, like Security Update 2013-005. Typically these are not updated outside of these mechanisms, unless a user manually decides to update these applications.
One of the main programming languages used within Web applications is PHP. PHP has been included with OS X Server since OS X 10.0 Cheetah Server. Throughout each iteration of OS X Server, Apple has included a new and updated version of PHP. OS X 10.9 Mavericks Server is no exception to this.
Under OS X 10.8 Mountain Lion Server, Apple bundled PHP 5.3 on the system and updated it to 5.3.15 with OS X 10.8.4. PHP under OS X 10.8 Mountain Lion Server included a patch, called Suhosin. This patch provided some additional security, outside of the built-in security features of PHP 5.3. Many of the security benefits of the Suhosin patch were encompassed in PHP 5.4, so PHP 5.4 no longer requires the use of the Suhosin patch.
There are actually two different versions of PHP on an OS X 10.9 Mavericks Server machine. The first is the version that is built-in with OS X 10.9 Mavericks. This version is up to date at version 5.4.17. This is the latest version available, as of this writing.
Apple has made a change to the way Server.app handles PHP. Instead of relying on its own version of PHP, Apple has opted to use the OS X 10.9 Mavericks built-in version of PHP to parse PHP files. This is a big change. This means that as Apple upgrades OS X 10.9 Mavericks, the version of PHP that is used to show webpages is also upgraded automatically.
This change is facilitated by the change in the way that Server.app is installed. Instead of relying on a sandboxed version of the application, Apple is now able to use the built-in libraries in OS X 10.9 Mavericks to handle some aspects. This will make it easier for administrators, and developers, to be able to predict what version of PHP will be on a system and react accordingly.
OpenSSL has been a standard library within both OS X and OS X Server since the initial release of OS X 10.0 in March of 2001. Throughout each iteration of OS X, Apple has updated OpenSSL to keep pace with new features and security updates. OpenSSL on a fully patched OS X 10.5 Leopard is 0.9.7l, while on 10.6.8 Snow Leopard Server it is version 1.0.0a, built on June 1st, 2010. On a fully patched 10.7.4 machine, it is 0.9.8r built on February 8th, 2011. On OS X 10.8 Mountain Lion, the version is the same as Lion, 0.9.8r. OS X 10.9 Mavericks is running OpenSSL version 0.9.8y, which is the most recent version in the pre-1.0 train. However, it boggles my mind as to why Apple chose to use version 0.9.8y instead of the latest version, 1.0.1e.
I am not sure why Apple decided not to use the latest 0.9 version, 0.9.8x, or even switch to the 1.0 train of OpenSSL. The versions for that are 1.0.0j or 1.0.1c. Any of these three versions would provide some security updates, which would make OS X 10.9 Mavericks that much more secure than previous versions and would bring Apple more in line with many other developers.
Just like OpenSSL, SSH has been a standard feature of OS X for quite a while. Apple uses OpenSSH for its SSH daemon. OpenSSH, in case you are not aware, is the daemon used to allow users to remotely connect to your Mac, as well as allowing your Mac to remotely connect to other servers. This is one method of securely connecting back to your Mac.
On a fully patched version of OS X 10.5 Leopard the version of OpenSSH is OpenSSH_5.2p1. On OS X 10.6.8 Snow Leopard, the version of SSHd is OpenSSH_5.2p1. On OS X 10.7 Lion it is OpenSSH_5.6p1, and on OS X 10.8 Mountain Lion, it is OpenSSH_5.9p1. Last year I mentioned that it was unlikely that we would see OpenSSH version 6.0 or higher until OS X 10.9, and this turned out to be the case.
The version of OpenSSH on OS X 10.9 Mavericks is 6.2p2, which is the latest portable version of SSH. Why Apple chose to use the portable version is a mystery to me. One that defies logic. The only possible explanation that I can come up with is that they plan on doing regular updates outside of point releases and using a portable version means that they will be able to keep the version up to date without having to do a full installation.
Ruby is a programming language that is used by many programmers to create websites that have a rich user experience. Apple also uses Ruby as the basis of its built-in applications, like Wiki, Profile Manager, and Calendar. Ruby, much like many of the other built-in libraries, has been in OS X for quite a while now.
A fully patched version of OS X 10.5 Leopard runs version 1.8.6 patch level 369 of Ruby. Compare this to OS X 10.6 Snow Leopard where the version of Ruby installed is 1.8.7 patch level 249. OS X 10..7 Lion has version 1.8.7 patch level 357. OS X Mountain Lion runs Ruby 1.8.7 patch level 358. These are no where near the latest version of Ruby, which is 1.9.3 patch level 194.
The version of Ruby installed on OS X 10.9 Mavericks is Ruby 2.0.0p247, which is the latest. However, the version bundled with Server.app is version 1.9.3-p448. Unlike some other bundled applications, Ruby is not readily usable for sites that are hosted using using Server.app as the user interface. There are instructions to install Ruby on OS X 10.8 Mountain Lion, which should work on OS X 10.9 Mavericks as well. I can understand why Apple does not want to use the system version of Ruby as a couple of built-in applications — Wiki and Profiler — both depend on Ruby to work. The aspect of this that I do not get is why Apple does not update their own applications that require Ruby to be compatible with the latest version.
Python is running at version 2.7.5, which is the latest for version 2. However, version 3.2.5 and 3.3.2 are both available. I do not get why Apple is not supporting more recent versions of libraries. If there was some major issue that prevented users from using version 3.2 or 3.3 within Server.App, it may be plausible. The biggest issue with not including version 3 is that developers who use Python within their OS X 10.9 Mavericks Server hosted applications will be using version 2.7.5 and not 3.2 or 3.3.
There are many different database products that one could install on OS X 10.9 Mavericks Server. A smattering of different ones include MySQL, MariaDB, and SQLite. SQLite is included with OS X 10.9 Mavericks, and there’s more information on that below. PostgreSQL is another option for developers to use. However, with OS X 10.9 Mavericks Client it is not built-in; it has to be manually installed.
Despite not being built-in to the client, PostgreSQL is installed with Server.app. This is not user accessible as Server.app is a sandboxed application. The version included with Server.App is 9.2.4, which is the latest version of PostgreSQL. It is good to see that Apple has kept at least one of the included libraries up to date.
SQLite is a very lightweight database applications that can be included with almost any application. Whether it be a PHP, Ruby, or even an iOS or OS X application. Many images within applications are larger than the SQLite files, so the space required to include the files should not be an issue. SQLite 3 is included with OS X 10.9 Mavericks. The version included is 3.7.13, built on July 17, 2012. The latest version is 3.7.17. As the SQLite site states, “An automated test suite runs millions and millions of test cases involving hundreds of millions of individual SQL statements and achieves 100% branch test coverage.” This makes it a very reliable server-less database product. It boggles my mind that Apple would not keep up to date with something that requires less than 500 KB of storage.
Anybody who has been on the Internet for more than five minutes should know that it is full of viruses and spyware. While there are many vectors for infection, one of the primary vectors is through email. In order to combat the majority of viruses and malicious content, Apple has included an open-source product called ClamAV. ClamAV is a free product that is designed to compete directly with traditional antivirus applications like Symantec’s Norton Antivirus and McAfee’s Internet Security Suite. Since ClamAV is open-source any developer can include it with their project. Apple has elected to do so.
With most anti-virus products the anti-virus engine does not need to be updated that often. However, the virus definitions do need to be updated quite often. Usually this is at least once per day for most antivirus products. Apple has chosen to have ClamAV check twelve times per day, or every two hours, which is also the default. This can be configured by changing the value of “Checks”, on line 99, in the /LibraryServer/Mail/Config/clamav/freshclam.conf file. ClamAV, which is run automatically within Server.app. The version of Clam AV is 0.97.8, which is the latest version available.
OS X 10.9 Mavericks provides a ton of other new features that are not server specific, but for the purposes of this review I chose to focus primarily on the server-specific features. All in all, OS X 10.9 Mavericks Server is a great upgrade for those who have become accustom to OS X 10.8 Mountain Lion Server. OS X 10.9 Mavericks Server does not introduce anything radically new. It does, however, refine existing services, while adding a completely new feature with Xcode Services. This is reminiscent of the upgrade from Mac OS X 10.5 Leopard Server to Mac OS X 10.6 Snow Leopard Server, which similarly included some refinements and only a few new features.
The inclusion of Xcode Services will make life much easier for developers and administrators alike. The ability to maintain both local and remote repositories will allow administrators to not only vet requested repositories but can segment off development machines from the Internet, but still provide all of the necessary tools to the developers. OS X 10.9 Mavericks Server is a solid upgrade and provides a definite improvement over previous versions.