Help

Best ways to architect Casper internationally

Hafiz
New Contributor II

Posted on ‎09-10-2015 06:17 AM

I am still trying to switch over our Casper instance from a Mac Mini to CentOS 7 servers.
I feel I am close to getting it finished but I am wondering if this is the best config and I want to get a better understanding of how things work before putting it into production:

Our UK Office, all on CentOS 7:
JSS (stores scripts and info on all Macs via MySQL database, correct? but what else does the JSS store)
Netboot Server (stores just the nbi image set required for netbooting Mac clients, correct?).
JDS (stores just the dmg image files for all packages, correct? And set this up as the master).

I am also trying to set-up the JDS as a File Share Distribution Point with afp. Is that the only way to netboot/netinstall Mac clients on CentOS 7 by setting up afp shares?

I will also need to take this show on the road so to speak to other offices around the world.
Am I correct in thinking that all I will need to do is set-up Netboot servers and JDS (also acting as afp Distribution Points) instances across each of the offices. Each JDS will need to talk to the master JDS in the UK I think.

It would be great to know the architecture of other companies and some gotchas for doing things internationally.

0 Kudos
Reply
3 REPLIES 3

rderewianko
Valued Contributor II

Posted on ‎09-10-2015 07:04 AM

Here's how our JSS'es are setup. Every client hits our JSS in the dmz and then using Radar(currently removed from git, as they're finding it a new home). Decides what DP to use.
08d467b1436c46bd98efbb9feeac794e

We originally had JDS's setup, but the fact you have to enable AFP still to have things like imaging work was a show stopper. So we now have AFP natively run everything and sync using bit torrent sync. Been running it for a few months without issue.
454b2b1b6a6e48ab9942380711990ffb

0 Kudos
Reply

Hafiz
New Contributor II

Posted on ‎09-10-2015 08:10 AM

@rderewianko That is pretty sweet. I notice you have two JSS servers but I thought it was only possible to have one. Does that mean you have two JSS web interfaces to work with?

I am interested in how everything hangs together (JSS, JDS, netboot, distribution points) in terms of an international set-up and where things are located? And the functions of the different bits of all that.

0 Kudos
Reply

rderewianko
Valued Contributor II

Posted on ‎09-10-2015 08:18 AM

@Hafiz Yes, we have one Master JSS (that hosts our database, and is our admin server) then our secondary, the one in the dmz, that's our Limited Access JSS. JAMF prefers you have them on a multihomed dns. But my infastructure doesn't allow for that. So Everything but going to the web interface points through our main server jss.company.com, while the web interface lives on jss-admin.corp.company.com (but thinks it's jss.company.com, which sucks for email notifications but other than that we see no issue)

Our JSS is hosted out of our Datacenter in North America, and since the actual communication to/from the JSS isn't that intensive. We don't see lag when our international offices use it.

The bottle neck is definitely the massive files, which we store on DP's/NetBoot machines in every office.

If you're just migrating from AFP -> JDS make sure your JSS database has enough space. As It replicates everything to the database first then to the JDS.

0 Kudos
Reply