The 24 hours is dictated by new Big Sur EULA.

https://9to5mac.com/2020/11/11/macos-big-sur-adds-leasing-te...

From the new EULA (not just for Amazon, paraphrased by 9to5mac):

* Apple software and hardware must be leased “in its entirety to and individual or organization”

* A lease period must be “for a minimum period of twenty-four (24) consecutive hours”

* Customers must now accept software agreements for all installed software of leased hardware

* All of these changes are only offered for “Permitted Developer services,” which are now spelled out for users

* Developers may now “install, use, and run additional copies or instances of the Apple Software within virtual operating system environments”

* The “lessor” such as Macstadium is fully responsible for making sure that all of these new requirements are upheld

But the original post says they're not using Big Sur. The available OSes are Mojave and Catalina. Unless that term exists in those licenses too?

But they will have to update to Big Sur in the feature. So if they don‘t set the limitation now they will have to „worsen“ the service later, it‘s best to the set the limitation now even if not required.

Good point!

Weird limitation. Hopefully Apple updates this.

They still think of themselves as a hardware firm, this restrains usage elasticity to a level where system hardware scaling is a dominant cost driver rather than system performance. Besides the inefficiencies of physical space at AWS sites, it is also a fine business for the cloud provider as it generates a less volatile usage pattern than normal. As Apple is acting as a monopolist by dictating the same terms to everyone, they further remove any competitive advantage of providing anything else.

I vividly remember a video interview with Steve Jobs from a long time back when he was clear that Apple is not a hardware firm, it’s a software firm, and admitting that it took him far too long to realise that.

So this is hard to defend other than gouging.

They are mostly an hardware firm that packages a nice experience in the box. Nope, 12% of market share isn't a monopoly.

How about being the only way to even build an application for 50% of the U.S. mobile market?

99% of said apps are actually nothing more than CRUD Web forms, or crap games easily done with WebGL + WebAssembly, so no it isn't the only way.

If you don't like it then leave. That's how Apple operates. I still can't comprehend why people insist on licking Apple's shoe soles but then complain that it tastes awful.

I surely can, given that part of my job is to develop mobile Web apps.

They just updated it two weeks ago. There's no reason they would change their mind again quickly.

They do this very intentionally. If they wanted to be available on AWS they'd allow OSX to run in a VM which they don't.

They do allow OSX to be run in a VM..... but only if the hypervisor is on Apple hardware :P

And under the new EULA they don't allow renting a VM, only a device in its entirety

Wow. That is insane and stupid and incredibly fucked up. I've had to rent Macs in the cloud on a rare basis to test certain latest-version Safari issues, and it's always a crap connection and a miserable experience. But is it enforceable for them to stipulate the minimum length of time of a VM lease?! That's your machine. You paid for it. If you want to rent it out to someone for 3 hours that's your prerogative. I don't see how they can possibly enforce that or how it could be legal as a seller to tell someone how to use their hardware.

Does this EURA works to effectively kill handy macOS CI service like CircleCI and force users to use VM rental service like this?

If you ran a webserver hosting Great Cat Pictures on some Macs, for instance, your customers might pay a subscription fee to access your site, meaning they are paying for you to do processing and storage on their behalf. So that's an example that's clearly not leasing or subletting the devices.

Likewise, you might read it that Circle is simply providing a service to users, and the users are paying a fee for the service.

But a CI service will set up your dev account, your container image, to run your jobs. It'll even let you shell in, and it tears it all down when you're done.

And it really starts to look like leasing when they also charge for time used on various hosts. (IIRC, Circle charges for this a bit obliquely as max parallelism.)

If it went to court, Circle might argue the hosts can only be used within their larger CI system, that they don't guarantee a particular task will complete on a given host, and that they're not providing other requirements for virtual hosts, e.g. dedicated routing or names. And then Apple's lawyers might counter all that.

So this is where I think lawyers would start digging through case law to figure out where providing a service ends and leasing begins.

I don't see why you couldn't run a CI server as long as you don't let the clients access the machine.

Circle CI does let clients access the machine IIRC you can SSH into the host if the job fails and tinker around to debug issues.

It's reasonable to think running CI service is similar to just running httpd. But what divides? Anyway CI service runs Apple software like Xcode. Even httpd uses Apple's TCP stack.

I've done iOS builds using Github actions. The build minutes cost 10x as much as Linux. Anyone out there offering MacOS in the cloud is doing the same thing. Just racking Mac Minis. It means you can't slice CPUs or memory like a VM so it's less efficient and more expensive.

Does Apple gain anything from AWS for forcing it to rent for a minimum period of 24 hours?

AWS needs to buy a lot more mac machines from apple. Without the limit everybody would start a vm for a few minutes to run a ci job and stop the machine. So there is no „sharing“ of a machine within a 24 hour window if you only need the machine shortly.

Well, it's better than nothing!

I’m pretty sure if Amazon wanted to negotiate custom terms, they’d have the clout to do so. This is an alliance between two giants.

I doubt Apple supports this in any way. It means that if you want to develop Mac/iPhone apps, you no longer have to buy Mac hardware. I'm surprised they aren't making this harder.

See below. They changed their EULA terms to allow it just now. Macstadium’s blog has the details.

Apple use this themselves.

Kind of hilarious. This is barely cloud computing compared to the rest of ec2, which has per-second billing...

It's going to be out of their hands on this one. Apple have pretty strong EULAs.

Microsoft's licensing for clouds is also a pain in the arse. You (the cloud platform) have to pay for a full months license the moment an instance is created. The way it's structured you have some wriggle room, e.g. you have your placement algorithm land new instances on where Windows instances have already been in a given month, so you don't incur additional licenses (because the license "transfers"). It gets worse if you start wanting to do things like run SQL Servers, where it's the entire month license outright with no prorating, and it applies to a specific instance instead of the machine/VM slot.

Strangely enough, despite all the trends in the market, operating system vendors are determined to make it harder for people to pay them to use their stuff, rather than easier.

Strategically it makes sense. Apple is a hardware company, so making it difficult to run their OS in the cloud means more people need to keep buying their hardware. Microsoft has their own cloud, where they don't have to deal with the license requirements they force on other cloud providers, which gives them a competitive advantage over their competitors (when it comes to windows servers). The key is that these companies don't just sell operating systems. Red Hat on the other hand, which doesn't have competing market pressures, is much more friendly to licensing in a cloud environment.

Does Microsoft have to follow its own EULA? Will it be an antitrust violation if they don't?

No, Microsoft owns it's software it does not need a license to use it.

But is using legal mechanisms to reduce a competitor's advantage (where the competitor licenses your product) considered to be antitrust? In the internet explorer case one of the major disputes was whether Microsoft manipulated its API to favour explorer versus other software.

IANAL, but I think only if you have monopoly power (at least as I understand US antitrust law), and MS doesn't really have a monopoly on the server OS market.

Can't you also bring your own licenses for AWS/Windows? This all makes sense to me too... if you want to run a Windows instance, you need a license for Windows (on top of the hardware fee). Microsoft says that AWS can loan you a license (if you need one), but AWS would still need to hold a full license.

In terms of "other people's computers" it seems to fit well. Nice to be able to build/CI test against macOS without having to provision and maintain apple hardware.

You “can”, in a technical sense, but not legally—Apple’s licensing for macOS only allows it to be run on Apple hardware. (You can run a macOS domU on another OS’s hypervisor, but that hypervisor has to be running on a Mac.) This matters when you’re a corporation.

I don’t know about the legalities, but according to Apple you are only allowed to run macOS on real Mac hardware. Anything else is probably an EULA violation or something.

As an aside, in the script you link to is this line

> VBoxManage setextradata "${vm_name}" "VBoxInternal/Devices/smc/0/Config/DeviceKey" "ourhardworkbythesewordsguardedpleasedontsteal(c)AppleComputerInc"

I think that’s Apple’s way of reminding you about their rules regarding host machines.

It's against Apple's T&Cs, though. If you're doing it at home by yourself, who cares. But a company that's interested in automated testing etc. isn't going to see it as an answer.

Get an old old old Mac pro from ages ago. Upgrade its motherboard. Then upgrade its RAM. Then upgrade its hard drive. Then upgrade its power supply. It will still be an "Apple-branded computer" because of its case. It will just have received a bunch of upgrades. Big "haha" to them.

(Or if you're actually a corporation just buy a Mac.)

That sounds like a waste of time and money.

Definitely not a waste of money. Apple charges $1200+ for a soldered-in 4TB SSD that I can buy for $400 and upgrade in the future.

IMO their price gouging is ethically much worse than someone making a hackintosh and using it to enrich the MacOS software ecosystem.

Your legal department is going to be stoked when you try that at work.

Highly recommend not hiding legal issues from your company's lawyers. That's a good way to get fired.

And sued.

This works if you aren't successful. If you are, it will get out.

You can't really test apps if there's no graphics acceleration. If you want graphics acceleration, you'll need to run a macOS VM with GPU passthrough using virtio or Proxmox. I did that for a bit until I just gave up and bought a Mac.

You will get your Apple Developer account terminated if they ever find out.

Live by the walled garden die by the walled garden

If you're making an awesome app that many Mac users use and depend on, they would be stupid to terminate your dev account.

Epic Games would beg to differ...

Screw the walled garden. Build web apps.

Travis CI offers MacOS runners out of the box.

Now anyone has MacOS runners mostly out of the box.

As an alternative, Azure DevOps has hosted MacOS build servers - and build minutes included in the free tier can be used with them.

"These are just rentable Mac Minis, not VMs. This will have only one use case and that's for build servers."

It's difficult for me to believe that a hyper-scaled cloud deployment like AWS will rent individual mac minis to people. It sounds like a business idea I would have and then come to realize how labor intensive and inefficient the entire thing was.

At the same time, I wonder why there is not a well developed, well documented cross-compiling toolchain available for (whatever you are doing with a mac build server) ? Why not use your local (laptop) mac to do the dirty work and then run a (very complicated) cross compiling chain on a much cheaper, non mac, cloud instance ?

In the past when we needs iOS jobs to run from Jenkins we literally plugged a Mac Mini into the wall and forwarded a port from the router so it was reachable as a build agent by our cloud instance of Jenkins.

What other thing is worth doing on MacOS at scale in an off premise cloud? I'm genuinely curious if there isn't something I'm missing out on. Build and test for Apple related stuff is the only thing that comes to mind.

Only one usecase for now. They said M1 is coming soon, which could tip the cost equation (think about what the energy savings mean at AWS scale).

Even more interestingly, I wonder if this could be an exploratory step for an Apple that's thinking about designing dedicated cloud chips.

You can get more than 10 times as many ARM cores on a server chip compared to a M1 Mac. There is no way it is more energy efficient or cost effective to run 10+ Macs versus one server. Amazon designs their own chips, too.

But until now nobody was able to build an ARM cpu as fast as apples cou. Every server arm cpu in the past was still a lot slower than intel cpus, despite packing a lot of cores on a chip.