Multicast ASR: The Fastest Way to Manage Mac OS X Deployments
- Unicase and Multicast: What's the Difference?
- Using ASR Multicast
- Network Considerations
- GUI Interfaces for ASR Multicast
- All in All: Another Example of Apple's Commitment to Education and Business Customers
Like this article? We recommend
Like this article? We recommend
Like this article? We recommend
Image-based network deployment tools have long been considered the best way for administrators to roll out new workstations, deploy major operating system or application updates, or perform computer cleanup. By first configuring a workstation with all the requisite software and desired preferences and settings and then creating a disk image of that workstation, administrators can clone the original workstation across all similar computers within their company or institution. The disk image can be deployed to computers through any number of methods, but deploying it over the network is often the simplest and least time-consuming.
For Mac administrators, there are two major tools for network deployments: Apple Software Restore (ASR) and NetInstall. The differences between these tools are primarily in terms of how computers connect to and access the image. In the case of Apple's NetInstall, the computer actually loads and then runs the Mac OS X boot files, kernel, and installer application from the Mac OS X Server over the network. Once the Mac OS X installer runs, it deploys the NetInstall image, also hosted on the server, to the workstation's hard drive (with or without user interaction, as determined by the server administrator).
In the case of Apple Software Restore, the computer must be booted from a viable Mac OS X system disk, and the ASR command-line application (or a GUI interface to it) must be run, specifying the location of the image.
Unicase and Multicast: What's the Difference?
Until Mac OS X Tiger, both NetInstall and ASR required a separate connection between the server and each workstation accessing an image. This one-to-one access is referred to as a unicast network connection. For typical network access, unicast connections are ideal because the data sent from the server is destined only for a single computer. In an environment in which each network cable is connected to a port on a switch, the switch reads the destination of each packet of data from the server and forwards it only to the port where the appropriate workstation is located. This keeps the network from being congested with packets sent to every workstation (and for day-to-day network operation, it results in better network performance).
However, when doing large-scale deployments, a unicast approach creates a problem. As each workstation connects to the server to request the image, the server opens up a separate connection. Each connection takes server resources and requires bandwidth on the network. With each new workstation that requests the image, the available bandwidth resources get lower. Sooner or later, you get to a point where the transfer of image data to all connected workstations becomes noticeably slower with each new connection. If enough workstations connect, the progress of all of them can slow to a crawl. This can sometimes be most apparent with NetInstall, in which you can see not how long it takes for each workstation to receive image data but also how long it takes for each workstation to even boot to the installer application.
Exactly how many workstations can access a server-based image before you see a slowdown will vary depending on the type of workstations and the configuration of the server itself as well as the network over which the server and workstations are connecting. It's possible that as few as five Macs will be the best that a network and server will support (that is, you might find it faster to begin deploying the image to five Macs and wait until they're done before starting another five than to deploy six at a time). Even in optimal situations, you can see significant decreases once you start deploying an image to as few as 20 workstations.
Multicast Comes to Mac OS X
This is where Windows administrators performing network deployments have always had an advantage. Symantec Ghost, the Windows image-based deployment tool of choice, includes products that don't rely on unicast's one-to-one connection concept to transmit image data. Instead, the Enterprise version of Ghost uses a one-to-many approach known as multicast. A Ghost server sends the image as a constant stream of packets to all ports on a network segment. A computer simply needs to query the server to receive basic information about the image (the total size, data rate, image type, and beginning and end points of the stream, for example). Once the computer receives that information, it simply captures all the data in the stream and stores the data in the appropriate places between the endpoints on its hard drive. The result is that a great number of computers can receive the same image at once with no decrease in performance as each one begins to receive the image. Of course, this has the downside of decreasing performance on the network for any other purposes (sometimes to the point of it being essentially nonfunctional).
With Tiger, the situation for Mac administrators has changed dramatically because Apple has included support for multicast sessions in Apple Software Restore, meaning that it is now possible to deploy images to workstations without requiring each workstation to maintain a separate unicast connection to the server. As with Ghost, multicast ASR sessions allow the server hosting the image to stream the image across a network segment. When the ASR application is run from a workstation to be imaged, it downloads only the required information about the image (known as meta-data) and then connects to the stream. The server will repeat the stream indefinitely (beginning a new stream every five minutes), allowing workstations to jump in at any point and to pick up any pieces that they may miss as the stream repeats. When a workstation has received the entire image, it disconnects from the server. For the first time, it is possible for Mac administrators to perform massive deployments, such as that of all the eMacs in a high school, in a short time and in an efficient manner.
What may be even more exciting is that Apple includes ASR free with Mac OS X. This means that not only do Mac administrators get the performance advantages that go with multicast imaging, they get them without having to purchase an additional product or connection licenses (as is the case with Ghost). In fact, one doesn't even need Mac OS X Server. ASR is part of the client version of Mac OS X and can run on any Mac OS X Tiger computer. This is particularly helpful to administrators in a cross-platform environment that uses non-Apple servers (such as Windows 2000/2003 Server or Novell) and gives it a cost advantage over using Apple's NetInstall, which is part of Mac OS X Server, in such environments.