DeployStudio allows administrators to image and deploy Macintosh machines in a more efficient and less time consuming process. Unlike other methods such as cloning from disk to disk,
DeployStudio allows for realtime monitoring and workflow management...not to mention it's free.
Check out the
DeployStudio website for more information and for download links.
Concept
DeployStudio in concept is pretty simple, it uses a web server based system to communicate with client machines being imaged and uses Apple Software Restore (ASR) to create and deploy images.
The "DeployStudio client" is a stripped down version of Mac OS X which has basic utilities such as the
DeployStudio Runtime and Disk Utility. Ideally this client image is served to the machines via
NetBoot.
NetBoot is Apple's version of the Preboot Execution Environment (PXE) which allows a server to provide an image for clients to boot from. Originally intended to have clients boot full images, we use it to boot into our client to run workflows that are set up on the server.
With a simple restore workflow, the client machine will format its hard drive, use Apple Filing Protocol (AFP) to connect to the server and then use ASR to restore the image from the server onto the client's local hard drive. After that
DeployStudio will run a few simple scripts to clean things up behind the scenes.
Server Configuration
DeployStudio can run on almost any Mac running OS 10.6+, having a mac running Mac OS X Server will allow for clients to
NetBoot over the network into
DeployStudio (assuming that you want to have both on the same server.)
What will affect your hardware requirements is how you are deploying your images. You will be using either Unicast or Multicast.
- Unicast
- Will open a specific stream to each client, it is suitable for small deployments but impractical for larger ones (such as a whole lab)
- Puts a lot more stress on the server. The server will need a fast hard drive, at least a 1Gb/s network connection and as much RAM as possible to use as a buffer
- For the most part, works on most generic networks
- Multicast ASR Multicasting (as of August 13th, 2013) is broken in Mac OS 10.7/10.8 but is confirmed working in Mac OS 10.9.
- Will broadcast one stream, each client is responsible from pulling the correct data from the stream
- Heavily relies on the network, a switch that doesn't support IGMP snooping will not work very well (a lot of packet loss)
- Requires a lot of testing depending on the network for data stream rates
For this tutorial, we will be using malus.student.cs which is running Mac OS 10.6.8 server.
- Download and install DeployStudio
- Setup the DS repository
- This is where the images and packages will be stored, it is a network share that all the clients must be able to connect to
- Go to the preferred location for your repository
- Usually this is the root of Macintosh HD
- Create the repository folder
- We prefer to call the folder DS, this can be done by right clicking (or selecting the gear icon) and selecting New Folder
- View the information of the repository folder
- Either by selecting the folder and pressing CMD-I or right clicking and selecting Get Info
- Select the shared folder checkbox to share the folder
- Setup the DeployStudio service
- Open DeployStudio Assistant
- Select "Set up a DeployStudio server" and click Continue
- Enter the server address and proper authentication and click Continue
- If the server you are setting up is the server you are currently controlling, entering http://127.0.0.1:60080 will work (localhost)
- Select "a master" and click Continue
- Select "a network sharepoint" and click Continue
- Fill out the proper repository information and click Continue
- If we are using AFP and our server is malus.student.cs.uwaterloo.ca and our repository folder was named DS (and shared properly) then our URL is afp://malus.student.cs.uwaterloo.ca/DS
- It is very important that the URL is the server's hostname or IP on the network, NOT localhost
- Fill out the correct authentication credentials to reach the repsitory
- Set up email notifications (if needed) and click Continue
- We usually don't enable or use this, but if needed, fill out the proper outgoing mail server and account.
- If needed, select a SSL certificate and correct interface then click Continue
- If needed, customize user access then click Continue
- The default settings for this are usually fine
- If needed, configure the maximum Multicast settings and click Continue
- Select either Hardware Serial Number of Ethernet MAC address and click Continue
- This is more of a preference, select what suits you the best.
- Click Continue to update the server settings
- If this works, you should see the server running under System Preferences -> DeployStudio Server
- The server is now configured (except for NetBoot which is mentioned in the Imaging section below)
Imaging
The following will demonstrate how to create a compressed (.dmg) HFS master image for a Mac OS 10.9 client. It will assume you have a functioning
DeployStudio(DS) repository and can authenticate with DS Admin to access workflows, as well as be able to Netboot successfully from a working
NetBoot set.
- Setup a model machine exactly how you want it
- In DS Admin, click on "Workflows" in the list on the left
- Click on "Create a master from a volume" in the list of sample workflows (you could create your own here, or even copy the sample one and rename it using the + - Copy buttons at the bottom left
- There should be a single workflow icon below that says "Image Task", leave that as is
- Leave Source blank if you want to choose the Volume to create an image of after netbooted into the DS Runtime set, otherwise specify the Volume name you want to image (ie. Macintosh HD")
- Change "Type" to "Compressed"
- Leave format to "Auto-detect"
- Keywords can be left blank, as they seem to be populated with OS version and platform architexture
- If you want to make a quick image without a particular name, check the "Automate" button.
- HINT - Once you complete setting up or changing a workflow, click on another workflow either above or below - this seems to trigger a write to the database.
- Netboot your model system and if successful you will reach the workflow selection screen
- Select the workflow you configured (Create a master from a volume ie.) and click Play
- The image can be renamed on the next screen (if Automate was NOT checked). This is also very useful if you want to make a last minute change to settings, and for specifying to use an external hard drive to send the image to initially, then transfer it to the repository afterwards.
Workflows
Managing and editing workflows are what is behind the real power of
DeployStudio. Workflows can be managed for creating system images for both Mac and Windows partitions, deploying single, dual or triple boot systems, installing packages and/or scripts and more. Each workflow item can be set to full automation for minimal client interaction or can require user interaction for further customization and options.
IMPORTANT: DeployStudio,
NetBoot and the various workflows can, and in many cases are intended to, erase all data on remote systems. Until you fully understand each workflow item, it is important to use non-production systems with a known good backup.
The workflow tasks for creating sequenced workflows includes:
- Computer database update tasks such as:
- Hostname - allows the hostname to be set manually for each individual computer when the workflow is run.
- New user - a new user can be created manually when the workflow is run.
- Network locations - create additional network locations manually when the workflow is run.
- License keys form - input a site license number for Mac OS X Server
- General Tasks such as:
- Run a script - from the scripts list within DeployStudio admin, you can specify a script to run before or after the image is deployed or during the systems first start up after the deployment is complete.
- Partition a disk - partition a disk in to single, dual or triple boot partitions and is pre-configured with various options or can be custom configured.
- Use DeployStudio and BootCamp to reimage a machine with multiple OS's.
- Install a package - various packages can be installed as a standalone deployment or as a pre or post install of Mac OS X.
- Copy a file or folder - any file can be copied with a variety of settings after a deployment.
- Shutdown - by default when the workflow is done, a system will restart.
- Imaging tasks such as:
- Image a volume - this is for creating manual or automated workflows for the master image creation. This step creates a Mac OS X .dmg if a Mac volume is specified, or a NTFS volume if a Windows volume is specified.
- Restore a disk image - will restore the various disk images as chosen from the Masters list in DeployStudio Admin. Several post restore actions may be configured for each Mac or Windows deployed image.
- Post-restoration tasks such as:
- Active Directory binding - allows binding to Active Directory of the Mac OS X partition. It is required that the bind process happen after deployment and this step accomplishes that.
- Open Directory binding - allows anonymous or trusted binding to Open Directory servers. This is also required for each individual system.
- Time setup - allows configuration of the Network Time Protocol (NTP) server. Note: This is important for Active Directory or Open Directory where the time must be within 5 minutes of the directory server, adjusted for the time zone.
- Apple Software Update - allows configuration of the Mac OS X Server Software Update Server (SUS) feature.
- Reconfigure system with computers database content - this step is used if all systems will be configured the same based on a particular COMPUTER group in DeployStudio Admin.
- Periodic NetBoot setup - this step can be utilized for several functions including set interval for running scripts, installing packages, reinstalling the OS or simply NetBooting the client on a regular basis to check for any of the above. Options include daily, weekly or monthly booting the systems, at a specified time, after optionally forcing the system to reboot to a NetBoot volume.
- Security tasks such as:
- Firmware password - the firmware password may be set on deployment for all systems for blocking malicious users from accessing various startup capabilities. Setting the firmware password is recommended on all open access computers.
- Meta tasks such as:
- Workflow - the workflow task allows the use of other workflows within a workflow. Multiple workflows may be added to a workflow to simplify the use, repetition and creation of workflows.
Blessing a volume
Multicast Imaging