September 15, 2005

«Previous Main Next »

Mac mini: The Universal Network Appliance

If you've been looking for a small, inexpensive, pre-configured Unix server to use as a workhorse for small network missions, look no futher than Apple Computer. That's exactly what Apple has unwittingly delivered in its $499 Mac mini platform. Originally intended to woo Windows users to the Mac, the mini is a cunning combination of packaging and features made to order for networking chores. Whether it's DHCP and DNS, e-mail, Web hosting, or intrusion detection, the mini will meet your utility server needs faster than you can call Steve Jobs to make a lunch appointment.

Here's what you get for $499: A svelte 6" by 6" by 2" machine with 40GB disk, 512MB RAM, monitor, USB, FireWire and modem ports, all fully operational right out of the box. That alone is worth a lot, since installing your average Linux distribution and securely configuring it on the average generic CPU is easily a half-day project. Multiply your hourly value by four, and I'll wager you come awfully close to the mini's $500 cost, which means that Linux alternative costs twice the mini's price, assuming you can find bare hardware that small and cheap (I couldn't).

Did I mention the mini is small? It's way small. So small that you could put fifteen of them in the space occupied by a 1U rackmount server. This makes the mini perfect for out-of-space environments such as wiring closets, remote offices, and overfilled data centers. You can (and will) run the mini headless, administering it from afar with VNC, so the little slab that is the mini itself is all you need to make room for in deployment.

But wait, there's more. The mini isn't pre-loaded with some shaky Linux distribution supported by technomonks working out of a Helsinki moose lodge. No, the mini runs Apple's award-winning, open-source Mac OS X version of Unix, based on BSD Unix but cored by the Mach kernel. Mac OS X is a finely engineered, battle tested, school-kid hardened operating system with an extraordinary GUI interface that is both immensely easier to use than Linux and more reliable to boot.

And the mini is secure out of the box. Do not underestimate the importance of this aspect. Locking down Linux takes hours for experienced Linusites; ordinary mortals may never master the task. I won't even mention that the Mac (knock on chrome) has ZERO spyware and so few viruses that Mac users just toss off the need for anti-virus software. Unlike Windows XP and Linux, virtually no ports are left open on a mini fresh from its package. It's simply impenetrable by default, which is how all computers should be delivered.

But wait, there's more. This home computer box is really server-class hardware with built-in remote admin tools (SSH and VNC), IPSec VPN, hardware that can restart automatically from a power failure, and a sophisticated journaling file system. It will run perfectly well on the supplied 512MB RAM and 1.25 GHz processor. And that's RISC-CPU GHz, which puts it in the same class as a 2.5 GHz intel CPU.

But wait, there's more. Secreted in the heart of every Mac, including the mini, is a dang useful suite of open-source server programs: Apache (Web), BIND (DNS), PHP, MySQL, miniSQL, all the BSD Unix tools, and very nice interfaces for them all. This is yet more pre-installed software that will save you time and trouble.

But wait, there's more. The MacOS X install DVD delivered with every Mac includes the celebrated Apple Development Tools, a self-contained package of compilers, editors, and other goodies. You won't be writing your own code, though (but you could). You'll be compiling other people's open-source software, which gives you access to a universe of open-source software.

But wait, there's more. Unlike Linux and its ilk, the mini has Apple's extraordinary software update service, which you can readily initiate remotely. This service, similar to Microsoft's Windows Update feature, but infinitely better done and much more reliable, lets your keep your mini up to date without taking it out of its mission.

But wait, there's more. But I must defer that to future items. Watch Dr. I Doctor for "how-to" articles on the Mac mini. Together we'll explore the outside of the envelope of this secret wonder. In fact, the first installement is posted right after this entry.

Posted by Mel Beckman at September 15, 2005 12:21 AM

Comments

Please. If you are going to knock Linux, at least use realistic examples. For example, I have Linux servers made from retired Windows workstations that have over 2 years of uptime. That's not shaky. Nearly every distro makes it easy to shut down services and only install needed software. Some distros have everything turned off by default. Choose your convenience or lack of it. Another poorly chosen example. Update Services... You have GOT to be kidding! What planet do you live on?!? That makes me think you have no Linux knowledge whatsoever. If that is the case, why are you making comparisons like that?

Now... I like and use Macs. I have a dozen or so I am responsible for at work. It is an amazingly simple implementation of Unix on the outside. I agree that the Mini would be great for all functions mentioned in the article.

However, doing what you propose does require a small amount of experience and skill. Someone with that experience and skill could, with little more effort, set up an equivalent Linux system much cheaper or for free. Which is exactly why my servers run Linux and FreeBSD, and NOT OSX. That is not a criticism of OSX, simply a financial reality.

Posted by: dingletec at September 20, 2005 11:08 AM

NB: My preview shows up without line breaks. Hopefully the post won't.

I don't deny that the Mac Mini has several attractive aspects to it, most apparent being small form factor, low power consumption, tight OS and hardware integration, and a high quality OS. But the article is overly broad in it's comparison.


1) The cost comparison is false economy. It assumes that you could monetize the time you spend configuring Linux at your salaried rate. For most people, this is entirely untrue.

2) The size issue is also deceptively presented. While it is true that there aren't any readily available x86 configurations that are the exact size of the Mini, there are a multitude that are close. Try (http://www.newegg.com/Product/ProductList.asp?Submit=BROWSE&manufactory=1465&bop=and&InnerCata=3) to find some small x86 barebones.

3) The OS comparison. The characterization of Linux is obvious flamebait. Give Debian stable a try if you feel otherwise. Also, most of Apple's awards are for the GUI, which you will not be using for a headless server. Finally, OSX is not Open Source. It is largley based on and uses a varitey of Open Source software, but many of it's core components (notably the award winning UI and windowing environment), are not Open Source.

4) Again, the characterization of how long it takes to lockdown a system is inaccurate. Yes, OSX is argueably more secure out of the box than many Linux distributions. This is mostly due to firewall configuration. To close ports via the firewall on any Linux box is not a difficult task. Additionally, it is extremely well documented as to how to do this. To truely harden the system is more difficult, but OSX is not hardened out of the box, it simply has a restrictive firewall policy.

5) The statements comparing hardware are too vague. There are no specific chips referenced, no characterization of the workloads, and whether you can call the PowerPC ISA RISC is debatable.

6) To say Linux has no software update service is quite accurate. Linux is a kernel, as such a software update service would be somewhat out of place. As to the issue of the world of Linux based software, Debian's apt is by all nearly all accounts excellent and I prefer it having used both it's and OSX's (although I have used Debian's considerably more).

I think the Mac Mini makes an excellent network appliance for a multitude of reasons; but the reason most people use Linux distributions is because it is commodity hardware married with generally solid, well documented OSes. In my experience people do not go out and buy a new $400.00 pc to be a home network server. It is expensive and will be overpowered for it's task of routing, firewalling, dhcp, et al. They use older hardware that they already have lying around that was too old to use as a primary desktop.

Certainly, if you are going out and buy new hardware, look at the Mac Mini; but that is a small portion of the population building home servers.

Additionally, if you are going to be using the Mac Mini as a headless server, the learning curve for administration will be similar, since as you stated it is a Unix implementation in the same way Linux distributions are.

Finally, there is the issue of ongoing cost. Linux distributions almost always provide a stripped down (no windowing system) version to install on old hardware, meaning you can use a current version of the OS on old hardware well into the future. Also, migration from one version to another is usually free and painless in some cases (the process of migrating releases is one command in Debian). You can still easily setup a home network server using Debian on a 386 machine. The OS remains patched and secure. Apple EOL's operating systems at a much faster pace and doesn't provide a stripped down installation mode to my knowledge; meaning if you setup your server now, in a few years the version of Apache, SSH, SSL, etc. will be outdated and vulnerable after Apple stops providing patches. At that point you can either purchase a new version of OSX if your machine can still install it, or you can purchase new Apple hardware and get the OS as part of the bundle. Neither of these are appealing options for a headless server in a closet.

Posted by: Brian Sumner at September 20, 2005 11:45 AM

I agree. A Mac mini makes a great home server. I'm planning on getting one myself once they come with an Intel processor. After I get it, I plan to install Debian on it. Why? I prefer Linux for servers. OS X is a great desktop platform, but I don't like the non-standard location of open source software that comes pre-installed on it.

And forget about upgrading open source packages that come with OS X. It doesn't come close to the ease of Debian.

No, I'll stick with my OS X for my desktop. But I'll stay with Debian for my servers.

Posted by: Jeff at September 20, 2005 2:44 PM

Trust me I love the Macs. However, the Mac Mini at a 4200 rpm drive isn't going to perform very well at all, even under light loads. Up that drive speed to at least 5400 rpm and we'll talk about a low end server at that time.

Posted by: Mark Haliday at September 20, 2005 2:48 PM

Unlike the other posts in this read, I fully agree with the original article. I could have written this myself, but I lack the organizational and spelling skills to present the facts as well as you did. I've done what you did, except mine is in a TV cabinet, w/ an external firewirre drive to also store and distribute all my music and home movies around the house. I believe you left out the airport support. And one does NOT have to update automatically. I've had my 500 MHz G3 iMac running in the basement as a server still using Jaguar and have had zero downtime. Didn't feel like rebooting every month or so for the OS upgrades. No spyware, no maintenance, no viruses, no crashes. Sure, maybe you can save $50 by buying a bare bones brick, but you still need to "get it up". No, the naysayers(sp?) can't fathom having a machine that's as loved as Linux. It's like cheating on your wife. True, the hard drive is slow, but it's only $500. C'mon....

Posted by: DBC at September 20, 2005 8:00 PM