Enterprise Deployment of OS X 10.8 Mountain Lion

Intro

This post is intended to give a high-level overview (with an emphasis on image creation) of enterprise deployment of OS X 10.8 Mountain Lion, using Netboot and Deploy Studio. There are 5 main phases to setting-up your deployment:

  1. Planning
  2. Server
  3. Infrastructure
  4. Image Creation
  5. Testing

Now, to break down each:

Planning the deployment

Do you have a server with a gigabit lan connection and sufficient space to host your files?  You will need at least one netboot image, at least one OS image, and packages for any software you want installed.  You’ll need at least 10GB at the minimum, and it can easily run around 50GB if you install a lot of software.

Ensure that DNS (forward and reverse) is fully functional for your domain, and the server.

Do you have a single LAN, or a WAN connected by routers?  If you are imaging clients across a WAN connection, you will need to configure the router to redirect certain broadcast traffic, so you need a router that supports this functionality.

Lastly, you will need to purchase sufficient copies of the OS X 10.8 client OS, and verify that all of your hardware meets the requirements, which you can find on Apple’s support page.  In short: Mountain lion is supported only on Mid-2007 or later Macs, with at least 2GB RAM.  You can install the image on a machine with less RAM, but I don’t recommend it.

Server installation and configuration

I recommend placing your imaging DB on a separate disk from your hard drive for performance and stability.

You will need to configure Netboot on the server using Server Admin.  Given the number of potential server OS versions and configurations, Netboot is beyond the scope of this post; the Netboot config itself is fairly trivial.

Create an admin user, let’s call him “deploystudioadmin”, for use with Deploy Studio.

Configure a folder on the imaging disk called “DeployStudio” and create an AFP share with the following permissions:

  • deploystudioadmin : read and write
  • staff : read and write
  • others : read only

Now download and install Deploy Studio.  You can get the latest version (at the time of writing it is 1.0rc134) from http://deploystudio.com/Home.html.  Run the DeployStudio Assistant, and install it to the folder you created earlier.  Make sure the service is started.  You should see it running, with the URL noted, in your server preferences panel.

Configure your infrastructure

If your server and clients are all on a single subnet, you can skip this section.  Otherwise, read on.  If you have to cross a WAN link, your clients are not going to see the server by default.  That is because the traffic used to locate the netboot server is broadcast traffic, which is not forwarded between LANs.  So, we will have to configure the router with an “IP Helper”.  It may be called something different, depending on vendor, but the purpose is the same.  What you will do, is configure the subnet with the clients with the address of the server on the other subnet as an IP helper address.  That way, the necessary netboot/dhcp traffic will get sent to the server, and it will respond to your clients, as if they were all on the same subnet.

Create your netboot and OS images

First you are going to create a netboot image using DeployStudio Assistant.  To do this, you need to install DeployStudio on the newest client you have on your network.  This will ensure you have the latest hardware support in your image.  However, you aren’t going to start the server.  Instead, when you launch the Assistant, ignore the warning about the server not running, and select the option to create a Netboot set (or alternatively a bootable drive if you opt not to netboot).  Do NOT enable Netboot on your client, just hit continue.  The system name just lets you identify the file later, so give it something that helps you remember where/when/how it was created.  The unique ID has to be unique among your netboot.  I recommend configuring a specific server using the format http://host.domain:60080.

If you are netbooting, rather than using thumbdrives, then after DeployStudio Assistant finishes doing its thing, you need to copy the file to the server, to the netboot share (generally /Library/NetBoot/NetBootSP0 on the netboot drive), and enable the image using Server Admin.

Next, create the OS image.  Again, you should be using the newest client you have to perform this step.  First, you need an install source for Mountain Lion.  You can get this by downloading it from the App Store.  When it runs, quit, and then copy the “Install OS X Mountain Lion.app” file from /Applications/ to your desktop.  Then, you can use the following terminal commands to create the image:

#Create a sparse image to contain your new OS

hdiutil create -size 300g -type SPARSE -fs HFS+J ~/Desktop/mtnlion.sparseimage

#Mount the image so that you can actually use it

hdiutil attach ~/Desktop/mtnlion.sparseimage

#CRITICAL step: Select the disk in Disk Utility and click “info” to verify the disk # before editing and running the following command.  If you are using a system with only one physical disk, and you don’t have anything else mounted, then this will probably end in disk1 instead of disk#.  Performing this operation (you are erasing/formatting the disk) on the wrong disk would be very BAD:

diskutil eraseDisk "Journaled HFS+" mtnlioninstall GPTFormat /dev/disk# <—change this last field

#Mount the install image from within the Install OS X Mountain Lion.app file

hdiutil attach ~/Desktop/Install\ OS\ X\ Mountain\ Lion.app/Contents/SharedSupport/InstallESD.dmg

#”Install” OS X Mountain Lion to your sparse image file

sudo installer -pkg /Volumes/Mac\ OS\ X\ Install\ ESD/Packages/OSInstall.mpkg -target /Volumes/mtnlioninstall/ -lang en -verbose

#Eject the sparse image

hdiutil eject /Volumes/mtnlioninstall/

#At this point I’ve been trained to copy the sparse image to another volume and back to “clean” it.  I’ll admit that I don’t fully understand the rationale (or the sparse image file system) and so I don’t know that this actually helps, or is still necessary, but I don’t know that it doesn’t, so I have always done it.  So, just copy the mtnlion.sparseimage file to an external drive or server share at this point, and then back to the desktop.  It’ll only take 15 min.  Get some coffee.

#Mount the sparse image once it is back on your desktop

hdiutil attach ~/Desktop/mtnlion.sparseimage

#Use it to create an install DMG

sudo hdiutil create -format UDZO -srcfolder /Volumes/mtnlioninstall/ ~/Desktop/MtnLion.hfs.dmg

Now you can copy that install dmg file to /DeployStudio/Masters/HFS/ on the imaging drive of your server.  Open DeployStudioAdmin on the server and verify that it shows up in the Masters.

Testing/Deployment

Create a workflow in Deploystudio containing a “restore” component, at a minimum, to test your new image.  For now, leave “automate” unchecked.  Select HFS as the image type, and the image file name from the drop-down.  Configure the desired options (also leave multicast unchecked for now) and save your workflow.  Boot your client to the deploystudio server (hold down the option key when you power the client on, and select the netboot image you created earlier), and you should end up with a beautiful baby Mountain Lion to play with.  Enjoy!

EDIT: Added the code tag on 8/16/13. I apologize for the decreased legibility of the commands, but it was having problems with the quotes…

Advertisements

~ by Jay P Morgan on October 12, 2012.

4 Responses to “Enterprise Deployment of OS X 10.8 Mountain Lion”

  1. Hi, this seems pretty straight forward and I’ve followed the steps but the client will not netboot. My DeployStudio server is running Lion (completely updated) and the client is running Mountain Lion (also completely updated). Does the server have to be running the same OS as the client?
    Thanks,
    Shelly

    • No, in fact, my server is running Snow Leopard. Verify that your deploystudio, netbootsp0, and netbootclients0 shares exist and have the correct permissions. Give read permissions to others. If you are on another subnet, with a router between the server and client, you will have to do some network config to add an IP helper address to the router. That is just for starters. There are a lot of moving pieces, unfortunately.

      • Thanks for these suggestions. I’m connecting the two computers directly using a crossover cable and there is communication. I’ve double checked the shares – they are correct. The DeployStudio server worked fine with out Lion image, just not now with our new Mountain Lion image. I created a boot package on the ML client. Do you have any other advice please?
        Thanks.

  2. Ensure you enabled the new image in the netboot config of the server.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s