AWS summary, pricing and alternatives
Using Amazon Web Services (AWS) to host Mac services comes with costs, which can be handled on demand or as part of a reduced-cost plan. Trouton provides an overview of the data centers around the globe on which Mac instances are available, as well as an explanation of how AWS works, what hardware it uses, which macOS versions are supported and which tools come installed by default. He also provides some information about alternatives to AWS for organizations that may not find it to be the best fit.
Launching a macOS instance in EC2
For this session, Trouton gives us step-by-step instructions for setting up an EC2 macOS instance with AutoPkg, AutoPkgr and JSSImporter. A separate talk by him is available for those new to AWS. After allocating a designated host and setting up an SSH key pair for this instance, he shows admins how to launch the instance and addresses issues such as choosing storage size and resizing the instance’s boot volume. One particularly useful asset for this process is a data script that Trouton has written and made available; this does everything from setting the default password and auto-login to installing software and resizing the boot volume if necessary.
After the instance has been launched, Trouton shows you how to connect to it via Terminal or remote screen sharing; for the latter option, he recommends setting up an SSH tunnel and goes over how to do so. You should set up a password for the EC2 user account on the back end if you haven’t already. Once you have handled these setup tasks, you can work with the Mac instance like any other remotely accessible Mac, using a remote screen-sharing app or Apple Remote Desktop.
Packaging and signing software in the cloud
Trouton proceeds to explain how the actual process of packaging and signing software is accomplished. He uses the following tools in the Mac instance:
- AutoPkgr: A processor for AutoPkg that enables it to use the Jamf Pro API to upload installer packages, policies, scripts, Self Service icons and extension attributes, as well as creating policies and Smart Groups
- JSSImporter: A tool to upload packages built with AutoPkg
When using this process, it is highly recommended to sign your packages; for AutoPkg, you can leverage a processor called PkgSigner with a .sign recipe. Trouton also goes over how you can use signing management software to host a signing certificate on a server where it is available for future use.
Trouton lays out a workflow in this session that automates what would otherwise have been a huge task, all while helping admins to catch any problems prior to deployment. Putting AutoPkg in the cloud makes it easily accessible and scalable. And if a problem occurs with your instance, you can set up a new cloud instance and quickly get back to work.
For the complete walkthrough of running AutoPkg on your AWS EC2 Mac instance, watch Trouton’s JNUC session on demand and find more links to outside resources.