Melding the best technologies from the open source community with
Apple's innovative award-winning software, Mac OS X Server v10.4 Tiger
builds on the foundation provided by Mac OS X to give you a stable and
powerful platform. Not only is it the easiest server in the world to set
up and deploy, it's also the simplest way to deploy powerful server
solutions. And, its ease-of-use doesn't compromise its rock-solid
stability.
Tiger Server is loaded with a number of cutting edge technologies
that translate into interesting opportunities for developers. This
article will highlight some of the new technologies in Tiger Server and
show you what they mean for developers. These technologies are:
- Xgrid
- 64-bit Development
- Access Control Lists
- Weblog Server
- iChat Server
- Certificate Management
This article is aimed at introducing developers to Tiger Server, but it's hard not to also mention a few cool new features that will appeal more to the system administration side of the house. These are:
- Portable Home Directories
- Gateway Setup Utility
- Software Update Server
This article will introduce you to these features, starting with Xgrid.
Xgrid
Xgrid turns any size group of Macs, from just a few Macs in an office to all of the Macs on a university campus, into a seamless distributed supercomputer cluster. With the ability to support thousands of jobs and large datasets, Xgrid takes care of the work of collecting nodes into a cluster, managing job queues, copying data around, and collecting the results. As Macs become available to the cluster, say at the end of a workday when workers leave the office, the cluster gains computational power without any administration overhead.
 The Xgrid cluster controller software is built into Tiger Server. You can create a new cluster either in the Server Admin tool or using the standalone XGrid Admin tool. Once a cluster has been created, simply enabling the Xgrid client on any Mac running Tiger will allow it to join in the cluster and contribute its resources. Xgrid uses zero configuration networking to discover all available resources, so you never have to enter in an IP address to set up a cluster. Xgrid will use those resources as effectively as possible and will schedule jobs by priority to the fasted available nodes. As well, Xgrid is fault tolerant. When a node becomes unavailable, for whatever reason, Xgrid will reschedule its tasks to a different node.
Xgrid was designed and built for two kinds of problems. The first are "embarrassingly parallel" problems. These kinds of problems run the same routine on multiple datasets. For example, a batch image filter would fit into this category. The second are tightly coupled parallel problems, such as physical simulations.
To take advantage of the computation power made available by Xgrid, you can either factor computational code into a command-line executable or you can integrate Xgrid with your application using a Cocoa-based API.
64-bit
The 64-bit support in Tiger Server enables the next generation of data-intensive applications, such as those working with gene sequencing, advanced medical imaging, and geospatial applications. And, unlike some other CPU architectures, there is no performance penalty for running 32-bit applications alongside 64-bit applications. This is because the PowerPC architecture has always been defined as a 64-bit architecture with a 32-bit subset. This means that a 64-bit migration strategy has been part of the platform since the PowerPC was first introduced and has allowed Apple to make the transition seamlessly.
The focus of the 64-bit support in Tiger Server is to enable C and C++ applications that are most likely to benefit immediately from a larger address space. These include scientific data processing applications, rendering engines, and server applications. These applications have naturally large data sets. Typically, these applications are faceless—meaning that they don't have a GUI—and are executed from the command line.
To meet this focus, Tiger Server ships with a 64-bit version of libsystem—the system library implementing most of the fundamental UNIX APIs. In addition, a 64-bit PowerPC ABI, based on the 32-bit ABI, will be introduced. 64-bit binaries will be contained in an updated Mach-O format that will run on G5 systems with Tiger or later. Tiger Server also ships with the Accelerate Framework for optimized math and image processing.
It is important to note that in the Tiger release, the support for 64-bit programming does not extend throughout the entire set of APIs available on Mac OS X. Most notably, the Cocoa and Carbon GUI application frameworks are not ready for 64-bit programming. In practical terms, this means that the "heavy lifting" of an application that needs 64-bit support can be done by a background process which communicates with a front-end 32-bit GUI process via a variety of mechanisms including IPC and shared memory.
Access Control Lists (ACLs)
Tiger Server introduces Access Control Lists (ACLs), a new and flexible way to enable the expression of privileges to files and services. Tiger's ACL model combines traditional POSIX permissions with the fine-grained semantics used by Windows 2003 and XP. It eliminates the previous 16 group limit and adds support for nested groups, allowing administrators to express permissions in a way that is natural for their organization.
Access Control Lists aren't just bolted onto the system, they extend all the way down into the kernel and up through the user interface. Extended permissions are exposed through new ACL APIs in both the Carbon and POSIX layers of the system. They can be edited using the Finder and Server Admin.
To illustrate the kinds of control that ACLs give you, here's an example ACL for a folder containing documents for a math assignment in a school:
- Teachers can read, write, and delete
- Miss Buxton can read only
- Math Students have read only access
- Everyone else has no access
Each item in an ACL is called an Access Control Entry (ACE). Each entry specifies both a user or a group and the permission granted or denied. When access is requested to a document, the system will check the list of entries sequentially until it determines that access should be allowed or denied.
Tiger's ACLs are stored using HFS+ extended attributes and require no changes to the filesystem. The ACL model is based on the POSIX 1003.1e draft and provides flexibility for future extensions.
Collaboration Tools
Not only does Tiger Server have several new features of interest to developers, it also sports two new tools to help developers collaborate within your organization: an IChat server and a weblog server.
Weblog Server
Weblogs have become an important collaboration tool for developers. They allow developers to communicate about their current projects in an asynchronous manner. Tiger Server includes a new Weblog server, based on Blojsom, that makes it easy to publish, distribute and syndicate web-based content. The Weblog server provides users with calendar-based navigation and customizable themes, is fully compatible with Safari RSS and enables posting entries using built-in web-based functionality or with weblog clients that support XML-RPC or the Atom API. The Weblog server works with Open Directory for user accounts and authentication.
iChat Server
Instant messaging has become a vital communication tool for organizations of all sizes. However, using public chat servers is not always the right thing to do. Tiger Server includes a private and secure IM server that you can use to enable your teams to communicate quickly and effectively without compromising potentially sensitive information.
Based the Extensible Messaging and Presence Protocol (XMPP) popularized by Jabber, the new iChat server in Tiger Server lets your company protect its internal communications by using SSL/TLS encryption to ensure privacy. The new iChat Server supports multi-user chat, encrypted file transfers and works with iChat AV in Tiger for point to point connections audio and video chats.
Certificate Management
Many network applications utilize cryptographic certificates to provide for strong authentication as well as secure communications. However, each service has typically required setting up certificates on a one-by-one basis. Tiger Server centralizes certificate management and provides an easy-to-use interface in Server Admin.
The new Certificate manager integrates seamlessly with Certificate Authority web sites and can email Certificate Signing Requests (CSRs) to a Certificate Authority to help aid the process of obtaining signed certificates. In addition, tools are available to help integrate system-wide certificates for you services.
Administration Technologies
Portable Home Directories
Tiger Server's Portable Home Directories feature lets you centrally manage the home directories of the users on your network. Each user can have online and offline access from the office and the road. When a user goes offline, the home directory goes with them. When they return, their home directory will be synchronized with the server. This combines the best of both worlds: Files can be centrally managed and yet users can have full desktop mobility.
Gateway Setup Utility
The Gateway Setup Utility in Tiger Server makes it easy for anyone to set up a Mac as an Internet Gateway complete with DHCP, NAT, Firewall, and VPN capabilities. Simply connect a network cable from your server to a DSL or cable modem and another cable to your network. The Gateway Setup Utility will automatically configure the Mac as a router with all the proper settings
Software Update Setup
Tiger Server now includes a Software Update Server. This allows you to control when users on a network receive updates allowing you to evaluate them before they are installed. It also saves on network costs and bandwidth by downloading Apple software updates once. The updates are saved on the local server and distributed to the rest of the machines on your network from there.
Other Tiger Technologies
It's important to note that since Tiger Server builds on Tiger, all of the tools in Tiger, such as Core Image, Core Data, and Spotlight are available for you to use. As well, the new bundled Open Source SQLite database engine is also available allowing you to use high performance file-based databases in your applications.
As well, the tool of choice for developing applications for Tiger Server is Xcode 2.0, the second major version of Apple's developer toolset. With features like GCC 4.0 and graphical remote debugging, building your server based applications is easier than ever.
Conclusion
As you can see, Tiger Server's new feature set isn't just of interest to network administrators. There are lots of new tools and APIs for developers to take advantage of. Even developers that are targeting their applications for use by end users should examine the capabilities of Mac OS X Server for potential features that they can add to their applications.
How You Can Get Started
Getting started couldn't be easier. The first thing you should do, if
you haven't already, is to become an Apple Developer Connection member.
A free ADC Online membership provides access to the latest Xcode updates
and other developer tools. An ADC Select
Membership goes further by providing shipping versions of Mac OS X Tiger and
Xcode 2 on disc, along with download access to Mac OS X Tiger Server.
Select membership also includes direct, one-on-one consultation with
Tiger support engineers, a discount on hardware through the ADC Hardware
Purchase Program, and ongoing access to pre-release software.
Next, you'll want to set yourself up with the Xcode 2.0 developer
tools. It ships as part of each and every copy of Mac OS X
Tiger on the Install DVD. Just double-click on the Xcode 2.0 package on
the DVD and the developer tools—as well as a set of example code
projects and comprehensive documentation in the ADC Reference
Library—will be installed on your system. The documentation
and sample code will help you learn more about the technologies covered
in this article.
For More Information
Posted: 2005-04-29
|
