Casper Suite,Deployment,Management June 3, 2014 at 1:47 pm

Patchoo! Casper patching done right.

 

Patchoo is here and aims to bring some Munki-esque features and workflow to Casper. We all know that Casper has some gaps around patch deployment. Whilst Casper 9 somewhat improves capabilities there is still no cohesive way for an end user to install 3rd party and Apple Software Updates. Munki does this (and much more) effortlessly.

There have been many discussions and great scripts shared on JAMFnation, but again none of them could bring the same user experience and admin capabilities that Munki could provide. Originally Patchoo started life with a even sillier name (munki for jamf a.k.a. junki) and was a project to integrate munki into Casper by pulling data from the JSS. After a lot of head scratching, I couldn’t come up with a way to tie Munki and Casper’s methodologies together. They are very different tools and Casper doesn’t currently expose Computer Configurations via the API.

The focus shifted to augment, rather than re-invent Casper’s existing deployment methods. Patchoo evolved into a single script, a few core policies and extension attributes that filled the gaps that existed in Casper. As you probably are already doing, create a smart group to catch your unpatched clients, create a policy to cache your pkg and then sprinkle with Patchoo secret script sauce. Rinse, repeat and your clients will end up with something like this:

promptThere is a fair bit to Patchoo if you read the documentation, but to summarise it will allow you to fill these existing gaps in the Casper Suite:

  • provides a unified UI for Apple Software Updates and Casper deployed software.
  • integrate nicely with Self Service
  • chain incremental software update installers (eg. Office 14.0.1, 14.0.2)
  • allow flexibility around installation, allowing users to defer installation until a more convenient time.
  • implement different testing group levels (eg. dev/beta/production) based on JSS groups for dev, beta and production clients.
  • use the JSS deployment groups to leverage NetSUS / Reposado catalogs for dev, beta and production Apple patches.

I’ve also created a quick video to give you an overview of a Patchoo update run.

Patchoo (junki) Demo Video

It’s a work in progress but released and hosted on GitHub so people can help out with code and documentation.

I hope it helps fill the gap until JAMF can either build in some of this functonality or even look at completely revamping their software deployment in Casper (hint: I DON’T think smart groups and policies are the best approach, some of Munki’s smarts could greatly simplify and minimise admin overhead). The next stage is to look at taking direct pkg imports via autopkg into Casper, because making pkgs, smart groups and policies can get pretty boring.

 

Patchoo homepage - http://patchoo.github.io/patchoo/

Check out the latest code here - https://github.com/patchoo/patchoo

My blog will host  all patchoo communication (for the moment) – http://www.rehrehreh.com

 

Hope you enjoy and it makes your JAMF admin life a little easier!

 

 

 

About Lachlan Stewart

I drive Macs at IPG.

Tags:

2 Comments

  • This looks very exciting! I noticed your chain of MS Office packages in the video, which are not needed. Any thing 14.1.x+ can be updated with the latest 14.4.1 package (as of this comment), making the MS Office install update-able with a single package.

  • HI Luis, this has been brought to my attention on jamfnation. Oops. I hadn’t been on the frontline of deployment for a bit and didn’t realise MS had (finally) made this change.

    It does serve as a good example on how to chain updaters though. Glad you enjoyed it. Feel free to get involved on GitHub!

Leave a reply

You must be logged in to post a comment.