- Jamf Nation Community
- Products
- Jamf Pro
- Re: Global JSS deployment
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Global JSS deployment
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 03-22-2018 08:15 AM
I am trying to deploy Jamf on a global scale with one instance in Canada. We will be have 1500+ devices all over the globe including the US, UK, Singapore, Australia, Chile, Dubai etc. My infrastructure team is worried about redundancy and geolocation. I am not finding a lot of documentation on anything like this but they want to be assured we will be ok before we plan deployment.
Anyone ever have this issue or can point me in the right direction?
9 REPLIES 9
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 03-22-2018 08:32 AM
Not facing this ourselves, but shouldn't be TOO difficult. I'd talk to Jamf first, but you're probably going to want to worry the most about file distribution - you'll likely want at least one per country (I'm hoping that your remote offices are at least grouped - i.e., one office in Chile, one in Dubai, etc. instead of being spread out through each country).
JSS/JAMF|Pro server itself isn't going to have AS much of a load, but you can also have multiple instances feeding back to a central DB as needed. I'd talk to JAMF, and if possible, try to take the Jamf 300 course. The old CJA would have been ideal for you from what I've heard of it - a little dissappointed that it seems to have disappeared before I could take it - focused more on scaling your architecture than just Jamf "management" itself.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 03-22-2018 08:43 AM
Thank you for that input. I did fail to mention that our Mac fleet is very small and has already been tested globally and works fine. What I am worried about and focused on is the iOS mobile devices. That is where we will have 1500 or so devices deployed.
Mobile devices have a much smaller deployment profile but I still need to prove that we will be ok.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 03-22-2018 08:47 AM
A couple of things:
- Jamf doesnt support true enterprise SQL, so getting any sort of fancy setup past a simple replica is going to be tough
- Latency between Tomcat nodes and the DB is not well tolerated - latency between clients and Tomcat is the preferred evil. Put your Tomcat nodes as close to your DB host as possible (ours are in the same data center between two VMware hypervisors)
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 03-22-2018 08:49 AM
Depending on your infrastructure... you either go one beefy server for your public dmz node, or a few clustered with load balancing..
If you've got a small amount of macOS devices, i'd suggest just having your dmz nodes accept both computer and mobile devices vs one for mobile and one for computer.
For the most part, you're just going to have those phones calling home to write updates to the database.
Reply
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 03-22-2018 11:51 AM
I am extremely happy with our Jamf hosted solution. : )
C
Reply
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 03-22-2018 11:56 AM
As was mentioned, file distribution is the main concern since that's where the bulk of your bits will be flying around. We have over 7k Macs and have just one JSS. I don't see the point in having a global cluster if they all have to point back to one database anyway. I'd rather have slow HTTPS traffic than slow MySQL traffic, personally.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 03-22-2018 03:16 PM
I've seen a customer manage 2000 iPads and about 1200 Macs from a JSS installed on top of a Mac mini with 16GB of RAM and an SSD drive. It's a school BTW, so lot's of traffic. No problem whatsoever.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 03-23-2018 02:08 PM
Also, the CJA was renamed to the 350 and is still being offered but now also includes configuration of memcached, reverse proxies for DMZ access and monitoring with JMX. Its just not in that high of demand so its not offered as much but they are still being done.
Reply
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 03-25-2018 02:35 PM
1500 isn't many devices as far as a JSS is concerned. If they are mostly iOS devices almost everything management related is being passed through Apple's APNS and almost everything deployment related is being passed through Apple's App Store.
As a result I wouldn't have thought much geolocation was actually required and the focus would be on reliability and redundancy, the biggest thing you are probably sending them directly is probably the background picture once per device, unless of course you have in house apps being delivered, but once again how big are they going to be for an iOS device?
I would have throught cloud JAMF cloud would also be a pretty compelling solution at this point to.
