Mac Does Stuff

Category: Blog

Your blog category

  • Thunderbolt 5 Storage

    Thunderbolt 5 Storage

    Earlier I had a need to move a 500GB Virtual Machine to another one of my virtual hosts. I could of course have copied it across my 10Gbe network, which would have taken 20 minutes or so, but instead I thought it simpler to throw it on an external NVMe drive I have. My Mac happily told me it was going to take 2.5 minutes to copy the virtual machine to the drive.

    TWO AND HALF MINUTES!

    In the end it took nearer three, but hey, that’s fast. This got me reminiscing. Back in the day when I first started working on ‘larger’ stuff, I did a lot of Novell Netware. We used to use Fujitsu 500MB SCSI drives in our normal server setups (the M2624FA I think)…. like this:

    Fujitsu M2624FA SCSI Hard Drive
    Fujitsu M2624FA SCSI Hard Drive

    This was hooked up to 10Mbps Ethernet – mostly Co-ax (Cheapernet), and then later moving to UTP (at a heady 100Mbps). What I remember about those drives is that copying that 500MB drive to a new server typically took about 20 minutes. That’s about 0.4MB/s. Shudder. The drives themselves were capable of more than that – sometimes a whopping 4MB/s – but the overheads of copying/delivering over 10Mbps limited that.

    Now, I’m sat here copying a 500GB virtual machine at about 2.8GB/s. That’s 7,000 times faster. That’s some progress. At 0.4MB/s it would have taken 14.5days…assuming it didn’t just melt.

    I then got thinking about some of the Microsoft Exchange implementations I’ve done over the years. IOPS and drive performance were king in those configurations. We’d end up putting in a lot of drives to meet the performance requirements rather than the space requirements – single enterprise drives would often only deliver 150-200MB/s, with maybe a 150IOPS per drive. For a 5,000 mailbox solution, you’d need about 5-10,000IOPS (I haven’t worked this out fully, don’t @ me!). So you see the problem. Here’s a 16TB Toshiba Enterprise Drive for example:

    Image shows the performance of a Toshiba Enterprise 16TB Hard Disk Drive
    16TB Spinning Hard Disk

    Now a single NVMe (PCIe 4×4 for example) 500,000 to 1,000,000 IOPS. So yeah, the world changed.

    Anyway, enough reminiscing! What about that drive I was copying to? Well, it’s an external Samsung 990 Evo Plus 4TB installed in an ACASIS 80Gbps M.2 NVMe SSD Enclosure. The performance of this setup is simply epic:

    Image shows the performance of a Thunderbolt 5 connected NVMe SSD
    Thunderbolt 5 NVMe

    So about 5.5GB/s write, and 5GB/s read. That compares pretty well with the internal SSD on my MacBook Pro M4 Max:

    The image shows the MacBook Pro M4 Max Internal SSD Performace
    MacBook Pro M4 Max Internal SSD Performace

    Thunderbolt 3/4 was also pretty fast of course, but it couldn’t get close to the internal speeds – this is a 2TB version of that same Samsung drive but in a Samsung X5 Thunderbolt 3 enclosure:

    Image shows the performance of a Samsung SSD in a Thunderbolt 3 enclosure
    Samsung 990 Pro 2TB/Thunderbolt

    That external Thunderbolt 5 enclosure is a bit pricey at about 250GBP, however you pay the price for new stuff don’t you. It does work, and it works very well. It’s also got a cooling fan in which I thought could be helpful as I’ve often seen drives slow down considerably under constant load due to heat – there’s also the faster cache to consider too. These 990s have about 400GB of pseudo-SLC cache on them before they slow down.

    I’ve been thoroughly impressed with them (I’ve a couple), and am always constantly surprised by the performance. Being able to use Carbon Copy Cloner for example to backup a few TBs from one to the other becomes a quick coffee break rather than a plug in, forget, check tomorrow operation.

    Anyway, that’s enough reminiscing for one day. New stuff is newer, faster, spankier – who knew.

  • JetKVM – IP Keyboard/Video/Mouse

    JetKVM – IP Keyboard/Video/Mouse

    Getting remote access to some machines – headless servers for example – can sometimes be a challenge. Sure, there’s RDP or VNC, however that requires the machine to be up, on, and usable doesn’t it? What about those times you need to deal with machine that isn’t accessible for whatever reason? Or if you need to do something that requires a good old fashioned keyboard, monitor and mouse? BIOS/Service Pack upgrades for example.

    Well, that’s where these KVM units step in (Keyboard, Video, Mouse). Essentially they are devices that connect to the PC HDMI post, and provide a keyboard & mouse via USB. They then connect to your network allowing you to remote control that PC/Mac as if you were sat physically in front of it.

    I tend to use Mac mini devices as my headless servers as they’re so capable, and use so little power. One challenge you have with those is that on a fresh reboot, if you have FileVault enabled (encryption), you must login with a physical keyboard at the device to get at the keys to unlock the drive for normal boot. This is a huge pain for a headless server.

    I had taken to configuring a small boot OS that was not encrypted, and then having another encrypted partition with my ‘real’ user on. This would mean you would initially connect remotely and login as the unencrypted user over VNC, logout, and re-login as the user that has the encrypted partition. I’d move that user’s home folder to the encrypted drive too. A bit of an effort.

    This unit solves this challenge as you’re effectively logging in from a local keyboard.

    I’ve been through several KVM units like these over the years and never really found one that I got on with fully. Then I stumbled on the JetKVM on Kickstarter.

    This is a small device that plugs in to your HDMI port, a USB port, and an Ethernet port on your network. It picks up its own IP Address (which it helpfully displays on the small screen), and you can then connect to the IP using a web-browser:

    Image shows the JetKVM connected to a remote machine.
    JetKVM Connected

    It takes minutes to setup, and so far it’s been awesome. It’s done exactly what it said it would do. There are some considerations of course – a big one being power. If, when your machine goes to sleep, it stops powering your usb ports, then you could have an issue as the JetKVM gets its power from the USB Port. Fortunately, they provide a pass-through cable that allows you to power the JetKVM with a mobile-phone USB-C charger.

    This was interesting as my observations with the Mac mini M4 have been that it does indeed power down the USB Ports on sleep…but, for some reason, the JetJVM maintains power. I know that Apple does use a low-power sleep system for keyboards and the like, so perhaps it’s through that mechanism? In any event, you can power it separately if you require. I also understand that a PoE version is in the works.

    On the subject of power, the device doesn’t allow for physical power-down and re-start of the end-device. Not surprising if you think about it! I control that differently anyway, using Smart plugs. Depending on your use case however, help could also be coming for that….

    There’s also an RJ11 Port (serial). All the software is Open Source and is up on GitHub – I’d expect to start seeing some cool extensions coming! Perhaps one of those extensions could deal with power?

    Image shows the layouts of the ports on the JetKVM
    JetKVM ports
    Image shows the front-view of the JetKVM
    JetKVM Front View

    They do provide a cloud-access model too, to allow remote-access. Currently, this requires authentication with Google. I’ve not tried the remote access element as I have my own mechanisms to provide remote-access where it’s needed, however it looks like a fairly decent offering.

    You can see all the current docs here:

    JetKVM Documentation

    I paid 68US$ + 19$US Shipping back at the beginning of April, with the unit turning up about 10 May. I suspect now they’re clear of the Kickstarter campaign these will start popping up on Amazon and the like – and I suspect, when they do, I’ll have some further ones to buy.

    Very happy with the unit so far, it’s been really useful!

  • SynologyDrive Would Like to Access Data from Other Apps

    This is an irritating error message I seem to be getting from the Synology Drive App Recently:

    The image shows the message 'SynologyDrive would like to access data from other apps'.
    SynologyDrive would like to access data from other apps

    In a fit of boredom I thought I’d set out to search why this was so – I tried adding the Synology Drive app to full disk access however it didn’t help. Then I noticed the clue is in the error – ‘SynologyDrive’ – notice the lack of space. So, off I search for SynologyDrive…and you’ll find it here:

    <username>/Library/Application Support/SynologyDrive

    Image shows the location of the 'SynologyDrive' app
    SynologyDrive App

    That’s the app we need to add to Full Disk Access. Now, this is usually hidden (the Library folder) – so we need to show hidden files. You can do this with CMD+Shift+. (That’s . at the end!). You can also do this in terminal:

    defaults write com.apple.finder AppleShowAllFiles TRUE
    killall Finder # refreshes Finder

    Browse to the location and make sure you can see the file. Next, open Preferences and go to ‘Privacy and Security’, followed by ‘Full Disk Access’.

    What you now need to do is drag ‘SynologyDrive’ from Finder to the panel in preferences, and ensure it’s turned on:

    Full Disk Access
    Full Disk Access

    You’ll be warned that you need to restart Synology Drive – do so, and you should see that message no longer pops up.

    You can turn off showing hidden files using the same CMD+Shift+. or the following in Terminal:

    defaults write com.apple.finder AppleShowAllFiles FALSE
    killall Finder # refreshes Finder

    They really should fix this in the installer!

  • Cannot pair a yubikey for MacOS Login

    Cannot pair a yubikey for MacOS Login

    I’ve done a bit of a derp, and it’s taken me way too long to work out such a simple derp. I use physical keys for logon to my MacOS devices, as well as passwords. I’ve been setting up a new MacBook Air today, and could I get my YubiKey to work?

    I’ve factory reset it, I’ve been through the pin setups, all the certificates I configured manually and everything checked out – but could I get it to pair? Absolutely not. I was expecting the normal pairing prompt when you plug the device in:

    Image shows the notification you get when you plug in a SmartCard for login to MacOS.
    SmartCard Pairing

    I’m sure several of you are laughing already.

    Try as I might, everything looked good, nothing worked. Why am I not getting the SmartCard pairing notification?! WAIT. Notification. Let’s check our MacOS notification configurations in Preferences:

    Image shows the configuration of notifications for the SmartCard pairing in MacOS.
    SmartCard Pairing Notifications

    Yeah, notifications were turned off. That’ll be it then. Somedays it’s the simple things that get you – and on those days I’m pleased I don’t operate heavy machinery.

  • Desktop Virtualzation – It’s Brilliant

    The ability to run multiple different operating systems on your laptop has proven to be invaluable for me – it’s just so, so useful. I’m often on many different sites all with slightly different environments, or I’ll be needing to build & test server based stuff. Being able to do that on my laptop has saved me so much time & effort.

    As an Apple Mac user, I’m always coming across scenarios where I need to run Windows – whether server or desktop – so being able to fire up multiple different versions all at the same time saves a ton of time. No rebooting into a single copy of Windows in BootCamp for example. My normal productivity environment for example is an Apple Mac running Windows 10 in Parallels Desktop

    One thing I get asked about a lot is what’s the impact of virtualising Windows like this, just how usable is it? Well, it’s brilliantly usable, just as much as most physical devices (I.e. Natively running Windows) I’ve used. There has to be a performance impact though, right? Yes, yes there is, but it’s relatively minor in reality.

    I’ve done some benchmarking below showing:

    • Cinebench scores natively in MacOS, and in Windows 10 running in both Parallels Desktop 13 and VMWare Fusion 10.
    • Geekbench 4 scores natively in MacOS, and in Windows 10 running in both Parallels Desktop 13 and VMWare Fusion 10.

    Anyway, these figures are shown below.

    General Machine Benchmarks
    General Machine Benchmarks

    Now, I know it’s a bit unfair to compare the Surface Book 2 to an iMac Pro like I have above, but even on my MacBook Pro I get better performance in Windows 10 virtualised than I do natively on the Surface Book 2, and the SB2 Is hardly a slouch.

    It’s interesting to see the differences in the performance for VMWare Fusion and Parallels by the way. I tend to use Parallels for my Windows 10 setups, and VMWare Fusion for my server stuff, however looking at the above I may now reconsider this. More testing required. I will say though that in all of the graphics tests Parallels 13 seems significantly faster than Fusion.

    Anyway, my general point being that running an OS virtualised for general day to day use is amazing. Being able to take snapshots, to roll-back etc. when testing is invaluable. As is having standard builds of Windows available for a simple copy, rather than having to build fresh very single time I need a machine saves me tons of time.

    You can do this on Windows too of course using HyperV – this is included in Windows 10 Enterprise or Professional. Anyway, you can read about that here.