Mac Mini Server

In my last post, I explained my frustration with web hosting services and how this frustration led me to purchase my own server. In this post, I will briefly touch on some of the ups and downs I’ve experienced with the Mac Mini Server and its Snow Leopard Server software.

Hardware

The Server Edition of the Mac Mini is very similar to a normal Mac Mini, with a few notable exceptions: it has 4GB RAM, it does not have an optical (DVD) drive, and it comes equipped with a second 500GB hard drive for a total of 1TB. If you’ve never seen a Mac Mini in person, it truly lives up to its name… this bugger is TINY. It also uses very little electricity compared to other PCs.

RAM

I’ve read that the Mini is actually capable of using up to 8GB of RAM, though Apple doesn’t officially support it yet. I didn’t want to try it, as I believe 4GB should be enough for my needs. I don’t plan on doing anything fancy besides serve my websites.

No Optical Drive

This is a bit of a pain sometimes, but in my case I’ve shipped the Mini off to a data center, so I couldn’t plop a DVD into the optical drive if I wanted to!  The Mini uses the same technology as the MacBook Air for accessing optical drives in other computers. You also have the option of hooking up an external USB drive if you need to.

Since the Mini came with Snow Leopard Server pre-installed, I wasn’t worried about the optical drive.

Dual hard drives

The Server Edition comes with dual 500GB drives for a total of 1TB of disk space. Of course, the operating system eats up a chunk of that space, so you’ll have less than 1TB of free space to work with.

Both drives are 5400 RPM, which I didn’t notice until after I bought it. I was a bit disappointed about this, as we all know 7200 RPM drives are much more responsive. However, on the bright side, 5400 RPM drives don’t run as hot and won’t use as much electricity. If I were using this Mini for a major corporate site, I’d bump up the hard drives, but for my purposes two 500GB 5400 RPM drives will be fine.

As for how the drives are configured, it appears Apple intended the second drive to be for content storage (Snow Leopard Server is heavy on content creation tools). Since I don’t plan to use much space (for now), and because I’m completely paranoid about losing my data, I’ve repurposed the second drive as a Time Machine backup drive.  I’ve also hooked up an external 500GB USB drive for bootable SuperDuper backups. Redundant backups are a good thing, right?

By the way, I’ve read that an external 7200 RPM hard drive connected via the FireWire 800 port can beat the internal 5400 RPM drive’s performance.  You’ll be able to upgrade pretty easily if you need to.

Other hardware notes

Mac Minis don’t come with keyboards, a mouse, or a monitor. You’ll need to get those yourself.  Since mine is located at a remote data center, I connect to it remotely using my Macs at home. Works great.

Software

Snow Leopard Server

The Snow Leopard Server (SLS) marketing materials had me drooling. I know that Linux is no fun. Mac OS X is a variation of Linux, and it’s way fun. So it was logical to assume that Apple would do for Linux servers what they did for Linux desktops.

Umm… not quite.  Actually, it’s kind of a big fail.

The bad

SLS is nowhere near as easy to configure as Apple makes it sound. Apple positioned the Mac Mini/SLS combo as if you can be your own IT department. True, it does provide many very cool enterprise-level tools and services, but if you don’t have previous system administrator experience on a Unix/Linux system, you are in for a world of confusion. For instance, if you intend to host more than one website, you’ll need to get out of the “one-click” Server Preferences app and dig into the advanced settings in the Server Admin app. If anything gets messed up here, you’ll probably have to go to the command-line to make fixes. While on the phone with Apple Support.

SLS uses the Workgroup Manager app to manage login accounts. This is a front-end GUI for a heavily customized Open Directory authentication system. Don’t know what Open Directory is? Then you’ll especially hate trying to set this stuff up. Unix/Linux uses POSIX permissions for users. These are what you see when you use most FTP programs or even WordPress. Windows uses access control lists (ACL) for user permissions, as they provide a finer level of control than POSIX over what people can access. Mac OS X uses BOTH. This causes a great deal of consternation when trying to set up FTP services for your users, as the POSIX settings may look correct, but the ACL settings will override the POSIX! I still haven’t gotten mine sorted out yet. It’s a real pain.

Long story short, Snow Leopard Server is very confusing to administer. And since it varies so much from the traditional Unix/Linux setup, it’s very hard to find help. For instance, file paths for Apache (the software that serves web pages) are completely different in Snow Leopard Server than they are in a typical Linux environment. If you have an Apache how-to guide, a significant chunk of the info will be wrong for your SLS system because of different file paths, or Apple-specific security restrictions, or Apple’s unique implementation of add-ons like PHP.

I often feel that I may have been better off ditching Snow Leopard Server and installing a typical Linux server system. Which, I might add, is completely free (Apple charges $499 for SLS if purchased separately from the Mac Mini). If I had done a typical Linux install, I would have had a much easier time finding answers online or in books. I’ve purchased two Snow Leopard Server books, and while they’ve been a little helpful, they’re still incredibly dense.

I should mention one bright spot for Snow Leopard Server support: Apple provides free 90-day phone support for Snow Leopard Server when you buy a Mac Mini Server. I found the phone support to be very helpful a couple of times, and completely exasperating a couple of times. It’s like any other company’s tech support: some guys know their stuff and are very helpful, and others are either ignorant or standoffish, treating you like you’re an idiot. Par for the course, I suppose.  One major problem I had with the phone support was that Apple apparently doesn’t have the Mac Mini Server Edition in its phone tree. When it asks you what product you’re calling about, if you say “Mac Mini” you’re taken to the wrong line (I speak from experience). If you say “Snow Leopard Server” it always thinks you’re calling about the non-server edition of Snow Leopard. I’ve yet to make a call to Apple support where I didn’t have to explain my hardware/software setup and be redirected a couple of times.

The good

Snow Leopard Server includes some tantalizing features that almost make it worth the trouble of dealing with setup/administration. Here’s a quick list:

iCal Server, Address Book Server, Mail services: Apple’s version of a Microsoft Exchange system.

  • iCal Server is similar to Outlook’s calendar system. It’s great for businesses where everyone needs their own calendar, including the ability to send meeting requests and whatnot. My take? I don’t have iCal Server enabled because it’s easier to use a service like Google Calendar, and you don’t have to worry about administration headaches. However, iCal allows you to be in complete control over security and privacy, if that’s an issue for you. It also syncs with iPhones and MobileMe.
  • Address Book Server is a similar deal: It allows multiple users to maintain address books online, and they can all be synced with iPhones and MobileMe. Makes sense for a business, but not worth the effort for an individual like me.
  • Mail services. This is a biggie. Mail services allows you to create mail accounts for every user in your system. It has all kinds of features, but to be honest, it’s such a pain to administer that I mostly stick to my GMail account. Again, if you’re a business, this is a great app. Keep in mind that it’s a repackaging of a free Unix-based application named Postfix, which means you could have similar functionality free without buying Snow Leopard Server, it just won’t look as pretty. And yes, Mail includes webmail access and spam filtering.

Podcast Producer, Wiki Server, iChat Server: Apple jumping on to the Social Media bandwagon.

  • Podcast Producer is an interesting application. You can record podcasts using your desktop Mac, then upload them to the server where they’ll be encoded and served to others (much like your very own YouTube). I find it alluring, yet I currently don’t have much need for it. I do plan to play with it at some point… it has great potential for e-learning.
  • Wiki Server. For better or for worse, every website you create in Snow Leopard Server has a wiki enabled by default. These wikis are powered by Wiki Server. Wikis are certainly useful, and the wiki system in SLS is probably the easiest and lowest-hassle feature of the entire system. It just works, and it’s very pretty compared to most wiki systems. The problem for me is that I often don’t want a wiki attached to my sites. This means I have to manually go in to each site and turn off the wiki feature. You got it — the one thing that works great out-of-the-box is the one thing I don’t really want to use!
  • iChat Server. I didn’t understand why anyone would want an iChat Server. Then I realized that it includes video chat support, and it can be completely encrypted. That is pretty cool. You can have private video chats with anyone, and since you’re using your own server and encrypted video, you can rest assured your video is not being monitored or cached on some corporation’s server. Unless you’re being monitored by a government agency or something. In that case, I don’t know you.
  • Client Management. This is where Snow Leopard goes enterprise. You can remotely administer Macs on your network, including performing system updates and remote software installation. You can also manage iPhones. This is certainly not something I’m in need of, but if you’re a business (or school) I can see this being a big plus.

VPN, Time Machine, File Sharing: Essential tools for daily work.

  • VPN. This is a great feature for people concerned about privacy. Most people know that VPN allows you to connect to your workplace’s network via an encrypted connection. But did you know you can use VPN to secure your data over WiFi connections? When you connect your laptop to your server via VPN, all of the data transmitted between the two computers is encrypted. So if you’re using WiFi at a conference or a coffee shop (or even at home) and want to make sure someone isn’t intercepting and reading your data, use VPN to encrypt those transmissions and protect yourself.
  • Time Machine. Every Mac comes with Time Machine, but Snow Leopard Server’s Time Machine lets you back up your Mac’s hard drive to the server, no matter where you are. No USB cables, no external hard drives… all you need is an internet connection (preferably using VPN as described above).
  • File Sharing. Snow Leopard Server’s file sharing feature is nothing new, but so far it seems quite sturdy and is flexible enough to work with both Mac and Windows systems.

Snow Leopard Server: Yea or Nay?

Do the pros of using Snow Leopard Server outweigh the cons? I’m not sure I can answer that question yet. I haven’t tried using every feature available, as I’m taking baby steps to ensure I don’t accidentally kill my system. I’ve got the basics up and running (web server, MySQL, file sharing), and so far it’s been running pretty smoothly. I’ve been pretty hands-off. I still don’t have FTP set up the way I’d like, and there are a few other odds and ends that need fixing, but on the whole everything seems pretty stable right now.

If you ever decide to get Snow Leopard Server, do yourself a favor and do a test run before deploying it.  Go ahead and set it up in your living room, and try to get every feature up and running. Chances are you’ll make some critical mistakes, and hopefully you’ll learn from them. By the time you deploy the server in a production environment you’ll be an old pro.

If you do your first setup in a production environment, you are guaranteed to run into trouble. When I called Apple support the first time, the first thing they suggested was for me to reinstall the system. Seriously. Multiple techs informed me that because of the intricacies of the underlying Unix system, if you fudge some of the key settings it’s much quicker and safer to reinstall than to try and fix the problem(s).

Running your own server from a data center

As I mentioned in my last blog post, I decided to get the Mac Mini because of my frustration with commercial web hosts. Jon Gruber pointed out an article written by Brian Stucki, who owns macminicolo.net. I was intrigued by the idea of having my own computer in a high-class data center. I set up an account, mailed in my Mac, and next thing you know I have a server!

Brian has been pretty helpful getting my hardware up and running, and as you’d expect, his company has been pretty hands-off when it comes to administering the software side of things. It was Brian who suggested the external drive with the SuperDuper backup. As they say in Hawaii, akamai!

I did have a hiccup, which was no fault of macminicolo — my Mac Mini apparently got damaged during shipping and wouldn’t boot. Luckily for me, Brian is a regular at the Apple Store in Las Vegas (where the data center is located), and they hooked him — and me — up with a new server on the spot, no charge. Brian wasn’t obligated to go to the Apple Store on my behalf, but he did, and at no charge, so props to him and his excellent customer service.

Now that I’ve had a server up and running for a couple of months, I can tell you one thing: whether you have Snow Leopard Server or a plain Linux server, you will LOVE the freedom you have to configure the server to meet your precise needs. Want to set up Rails? No problem. Want to try server-side JavaScript? No problem. Want to set up a custom web service API?  No problem. You can do any experiment you like, any time, with no bureaucracy or extra fees — assuming it’s legal and doesn’t violate your data center agreement!

If you use a hosted web service, especially a shared hosted service, chances are you will be limited to whatever they give you. Having your own server means freedom. Unfortunately, it also means more work. Macminicolo’s hosting prices are slightly more expensive than a typical shared hosting plan, but it’s cheaper than my AT&T iPhone plan, so I can’t complain.

Alternatives

The Mac Mini Server Edition is currently $999, and includes Snow Leopard Server.  If you’re looking for a cheaper alternative, you could buy a standard Mac Mini instead. They start at $599 and have nearly identical hardware, except for the amount of RAM and hard drives, both of which you can upgrade on your own for a fairly low price. If you get a standard Mac Mini, you’ll be getting the desktop version of Snow Leopard, in which case you might want to check out MAMP. You could also replace your Mac OS with a Linux server system like Ubuntu server edition. Or you could install Linux server software as a virtual machine using VirtualBox (free), VMWare or Parallels. In this scenario, you can easily replace or upgrade the server software without having to reinstall your entire operating system.

Final words

Am I glad I did it? You betcha. Was it as easy as I had hoped? Not at all. Would I recommend it to non-technical people? Probably not. You have to have a decent level of technical savoir-faire and a good amount of stick-with-it-ness. However, once you get over the initial hurdles, it mostly runs on its own. Snow Leopard Server can even email you when there are patches that need to be installed, so it isn’t like you need to log in as an administrator every day. On the whole, I’m pretty happy and I’m glad I took the plunge.

Master of My Own Domain

Just a head’s up: this post is a bit of a rant. Had to get it off my chest.

Musical Chairs

I remember a few years back, probably 2002, my web hosting service went down for over a week at Christmas. Thankfully, I didn’t own any online retail/shopping sites, but if I did I would have been completely hosed. Unfortunately, I did host some clients’ sites on that server, and I had a very hard time explaining why their site was down for a week at the busiest shopping period of the year. The hosting service’s response? “Umm… we’ll get back to you,” followed by a very unapologetic string of excuses for the failure.

I’ve tried a number of different web hosting services since then. Despite every single one of them boasting about their “99.9% uptime”, all but one of them had technical problems at some point, leading to significant downtime for my sites. I left the one vendor that I didn’t have problems with because his service was a bit too limited for my needs.

Enter Media Temple

Eventually I was lured to Media Temple. Some of the higher-profile sites I frequented at the time were “proudly hosted by Media Temple.” Media Temple’s site has always been very slick, and includes an impressive a list of big-name clients. Aside from the eye-candy aspect, they also appeared to be on the leading edge of web hosting technologies with their fancy “grid server” system. I decided to take the plunge.

From the very start, I had issues with Media Temple, including confusing documentation, unfriendly/disinterested support staff, and — worst of all — connectivity issues.

Just say no to Media Temple

As with anyone in an abusive relationship, I wondered if it was my fault and was kind of ashamed to speak up about my problems. I let the relationship continue for a couple of years, making it work as best I could. I quietly cursed when my FTP connection would stop working mid-transfer then not be able to reconnect for 3 hours. I muttered to myself whenever I noticed the web service was down again despite the boasts of uptime. I rolled my eyes and sighed heavily whenever I saw the gazillion “hosted by Media Temple” stickers on famous websites.

Then, as I started to get more plugged-in to industry RSS feeds and Twitter, I noticed that there were others like me. The internet became my anonymous support group. I read other people’s Media Temple horror stories and realized I wasn’t alone. Then I started paying even more attention to Media Temple’s service, and started demanding excellence. What I received was most certainly not excellence, and was in fact confirmation that they are a crappy hosting service that I needed to leave behind.

Despite their glossy public profile, despite their proclamations stating that they are on top of their game and provide world-class support, in reality their service was mediocre at best and oftentimes downright shoddy. Customers using the cheaper Grid Service (shared servers) had the worst of it, but even customers using the Dedicated Virtual service have complained about problems. The final straw? The fact that Media Temple’s entire Grid Service system was hacked — including my sites — and they didn’t even contact customers to let them know. I received an email with a very vague warning about the hacks six days after it happened.

I complained to Media Temple directly via their internal support system, emails, telephone conversations and Twitter, explaining that they need to be more proactive and communicative with clients about serious system issues such as hacks and unanticipated downtime. Their response has always been something to the effect of “we provide plenty of information… it’s your responsibility to monitor our website for important notices.” Apparently they now consider Twitter to be their main alert system for clients.

I tried to explain to them that I don’t have the time to check their website every day, and Twitter alerts don’t work because they’re too easy to miss. Why not simply send your clients an email? I received excuse after excuse about why they won’t email clients. None satisfied me and some were completely illogical.

When the recent FTP hack occurred, I learned about it from the blogosphere (here and here [link no longer available]) and Twitter. I checked Media Temple’s site, and sure enough, they had a bulletin mentioning the issue, but I had to search to find it! It wasn’t until almost a week later that I received a notice from Media Temple about the problem.

One of their excuses for not emailing clients was that they didn’t want to alarm unaffected clients with scary news of hackers attacking sites. Whatever. In MY case, I WAS affected. The targeted sites used PHP and WordPress, and Media Temple knew I used WordPress because I initially used their one-click installer to set it up! If they knew I use WordPress and that I was susceptible to this hack, why not contact me directly?

Exit Media Temple

I had no idea what I was going to do, but for the last year or two I’ve desperately wanted to find an alternative to Media Temple. I asked around, and it always seemed to be the same problem: one person loves Host XYZ, yet another person has written a scathing rebuke of the same host. There doesn’t seem to be a perfect host.

Then a post by John Gruber caught my eye. It was very short:

Who better to write about the new Mac Mini server than the guys who specialize in colocating Mac Minis as servers?

A Mac Mini as a server? Whaaaa?! I read the article John had linked to and was impressed. Skeptical, but impressed. The article explained that Apple had just released a server edition of its Mac Mini that comes equipped with Snow Leopard Server OS, an extra hard drive, and 4GB of RAM. What’s more, the author of the article runs a business dedicated to hosting privately-owned Mac Minis in a world-class data center for a modest fee. That’s right — you can have your own private server in a secure top-notch data center for less than the price of a MacBook Pro.

I read the article and said “Screw Media Temple. I’m getting a Mini!”

This blog post is hosted on that Mini.

The World is My Oyster

All of my sites have been transferred from Media Temple to my Mini, and my Media Temple account will be closed at the end of the month. Buh-bye MT, won’t miss ya.

I will be posting on the ups and downs of administering your own Snow Leopard Server — there are plenty of both — in an upcoming blog post. Overall I’m really happy with my decision and feel very liberated. The short version is that administering your own server isn’t for everyone, but I’m willing to bet many of my peers and e-learning tweeps would be more than capable of handling it, too.

PS: If you feel I’ve been unfairly harsh about Media Temple, do a simple Google search and see for yourself. There are some pretty high profile people with similar complaints.