By Chris Lasell
Speaking at MacADUK on Weds 8th February at 10:15am
DevOps […] is a term used to refer to a set of practices that emphasizes
the collaboration and communication of both software developers and other
information-technology (IT) professionals while automating the process of
software delivery and infrastructure changes. It aims at establishing a
culture and environment where building, testing, and releasing software
can happen rapidly, frequently, and more reliably.
For nearly 14 years, Pixar’s Mac Admin team and software developers have been using automated patch-management with our fleet. Starting with ‘d2’, an rpm-based system we inherited from the Pixar’s Linux team, we have provided our developers with tools for automated testing, deployment, and updating of software on artists’ Macs. Additionally, we created as system called ‘puppytime’ to install Apple’s .pkgs. It was named after the slideshow of cute puppies played during logout to entertain the users while the software installed.
While d2 and puppytime were great tools in their day, by 2008 It was time to look at other options or a major rewrite. Eventually we decided to use jamf’s Casper Suite (now ‘jamf Pro’) as the foundation for a new system, which we named ‘d3’.
Like Munki, d3 was created to handle the “deployment side” of patch management, ignoring the more difficult task of acquiring the patches to begin with. In fact it has been called ‘Munki for Casper’ and the first version of d3 was created around the same time Munki was released. (If only we’d known!).
While we’ve been using d3 for many years, it took a while before we could release it as an open-source project. The first step was in 2014 with the release of ruby-jss. Then on April 1, 2016, the 40th birthday of Apple, Inc., d3 itself was finally released. Pull requests are welcome!
Our developers use d3 to test and deploy their code quickly and easily, sometimes pushing out new builds several times per week. Because d3 is entirely command-line driven, it can be fully automated. Combining that with the scoping and automation in jamf Pro, and the ease of using its API with ruby-jss, our devs can do things like…
- Click ‘build’ in XCode to automagically build and package the next ‘InsuriCare.app’ and add it to jamf Pro as a d3 package ready for testing
- Pilot the package on any machine using a command like ‘sudo d3 install insuricare-2.1.3-1’
- Manage several groups of test machines running different pilot versions of insuricare
- Set insuricare 2.1.3 to automatically uninstall itself if it hasn’t been used in 30 days
- ‘Freeze’ insuricare at version 2.1.1 on a group of production Macs which cannot be updated
- Make insuricare 2.1.3 ‘live’, so it automatically updates on all Macs that have older versions (and aren’t frozen)
At MacADUK 2017, I will be presenting more about d3, how it came to be, how we use it, what it looks like in practice, and our plans for it in the future. Please join us!
PS: Puppytime was rolled into d3, the puppies live!
About Chris Lasell
An Apple Peeler all his life, Chris Lasell holds a degree in the Culinary Arts and was once a hotel pastry chef at Dartmouth College. He bought his first Mac in 1986 and, with access to Dartmouth’s internet connection, started peeling a different kind of Apple. In 1989 he became a Mac and Unix support tech. Lured to the Pacific Northwest by all the great beer, Chris moved to Portland, Oregon in ’91 and did tech support and administration at Reed College for another decade. In 2002 he decided to wander around the country on a bicycle for eighteen months, and eventually landed in the San Francisco Bay Area to help Pixar. Chris is the creator of ruby-jss, a Ruby interface to the Casper REST API, as well as d3, a patch-management solution that enhances the Casper Suite.
You can get in contact with Chris via Twitter, Facebook, MacAdmins Slack: @glenfarclas17