Publishers of technology books, eBooks, and videos for creative people

Home > Articles > Apple > Operating Systems

  • Print
  • + Share This
This chapter is from the book

Creating a Modular System Image

The workflow for creating a modular system image suitable for deployment is a bit more involved than what is needed to create a cloned system image. However, as you’ll see, this technique yields cleaner system images and an easier upgrade path and is easy to automate.

About Modular System Images

A modular system image is a disk image that uses installation packages for every item and setting in the configuration to create a fully customized Mac OS X system. That is, instead of installing the operating system and all your custom software and configurations to a booted Mac system, you install these items directly to a disk image.

The use of installation packages for every item and setting in your system configuration results in a truly modular system image creation workflow. The only requirement is a base system image with an installation of Mac OS X. After that you can add as many more installation packages as you want to your system image. This allows you to easily create multiple system images by simply adjusting the number of installation packages applied to the image during the creation process. Further, updates and configuration changes are easily handled by adding installation packages to your creation workflow.

The workflow to create a modular system image can be divided into two stages, each with several steps. In the first stage, the preparation stage, you collect or create the installation packages that you will use to build your modular system image. There is no particular order or even an end point to this stage as you will continue to add installation packages as your needs change and as your software needs updating. Most of your time will be spent in this stage locating or creating the appropriate installation package modules.

Modular System Image Preparation Stage

  • Prepare the Mac OS X v10.5 system installation.
  • Locate or create additional software installations and update installations.
  • Create custom installation packages that will apply configuration settings.

In the second stage, the build stage, you actually create the system image using the installation packages you prepared during the first stage. The build stage is a linear process that, in practice, is almost always automated.

Modular System Image Build Stage

  1. Create a blank sparse image and install Mac OS X v10.5 to the image volume, thus creating a base system image.
  2. Install Mac OS X system software updates to the system image volume.
  3. Install additional software, software updates, and any other custom installation packages to the system image volume.
  4. Copy the sparse system image to a read-only (optionally compressed) system image.
  5. Prepare the read-only system image for deployment.

Required Equipment

To build a modular system image, all you need is one Mac OS X v10.5 system with access to enough storage space to contain all your installation packages and disk image files.

Nevertheless, the use of a separate scratch drive will speed up the modular system image creation process. In this scenario, your installation packages are stored on your primary drive, and during the build process you install to a sparse image on the scratch drive. Once the installations are complete, you create a read-only copy of the sparse system image on the primary drive. This additional workflow ensures that one drive is always reading while the other drive is writing, thus maximizing drive bandwidth and reducing build time.

Preparing for a Modular System Image

You first need to prepare a collection of installation packages that includes the Mac OS X v10.5 installation, any software updates, any additional software, and any custom configuration installation packages.

Preparing the Mac OS X v10.5 Installation

All system images must include an installation of Mac OS X v10.5. However, by default, the Mac OS X v10.5 installation process isn’t conducive to the modular system image workflow. For starters, the Mac OS X installation usually resides on inconvenient media: an optical disc. You will need more frequent access to this installer, so you create a disk image of the Mac OS X Install DVD or the Mac OS X Server Install Disc.

As you learned in Chapter 2, “Deploying Individual Items and Containers,” it’s fairly easy to create a disk image using the contents of a folder or volume. In the graphical interface, you can use the Disk Image application, or at the command line you can use the hdiutil command.

Another problem with the Mac OS X v10.5 installation process is that the Easy Install option usually installs several gigabytes worth of additional items that are not needed in your system image. If you do not want to install these additional items to your modular system image, you will need to prepare an installation choices file. This is a simple XML formatted text file that will be used to instruct the installer command to install only selected items from the full Mac OS X v10.5 installation metapackage.

The XML structure of the installation choices file is an array, or list, of installation choice identifier strings. To reveal the installation choice identifier strings of an installation package, use the installer command. The syntax to show the installation choices of an installation package is installer -showChoicesXML -pkg followed by the path to the installation package.

In the following example, Michelle reveals the installation choices for the main Mac OS X v10.5 installation metapackage. To save space here, much of the output was truncated, but as you can see, the choice identifier string will always be listed near the choice title, which is what you would see in the Installer application.

MyMac:~ michelle$ installer -showChoicesXML -pkg /Volumes/Mac\ OS\ X\ InstallDVD/System/Installation/Packages/OSInstall.mpkg
...
<key>choiceIdentifier</key>
             <string>LanguageTranslations</string>
...
             <key>choiceTitle</key>
             <string>Language Translations</string>

Once you know the identifier strings of the installation choices, you can create your installation choices file. Each identifier string listed in this file is equivalent to a user clicking that choice’s checkbox in the Installer application’s user interface. For instance, if an item is selected by default for installation, listing that item’s identifier string once in the installation choices file will deselect that item for installation. To disable a mixed-state item, indicated by a dash, you would need to list the choice identifier string twice, because you would have to click twice in the Installer application to disable that choice.

You can use any text editor you like to create the installation choices file, but you must follow the XML structure, and you should name the file something appropriate like InstallationChoices.xml.

The following is sample text from an installation choices file that will disable every optional installation that’s part of the standard Mac OS X v10.5 installation metapackage.

<array>
    <string>PrinterDriversGroup</string>
    <string>AdditionalFonts</string>
    <string>LanguageTranslations</string>
    <string>X11</string>
</array>

Preparing Additional Software and Updates

Preparing additional software and updates can be easy or difficult depending on what additional items your modular system image requires. The key is that all additional items must be added to your modular system image through an installation package. All Apple software and many third-party items are distributed this way, so preparing these items is as simple as collecting all the necessary installers in a convenient location on your build system.

However, third-party items distributed using simple file containers or non-Apple installers will need to be repackaged inside a custom-built installation package, as outlined in Chapter 3, “Deploying with Installation Packages.” The Mac OS X v10.5 PackageMaker snapshot technology can help you repackage third-party items.

You can use your build system to create these installation packages, but a better option is to use a second dedicated “clean” system for building and testing your custom installation packages. During the testing process, you will undoubtedly come across installation packages that don’t deploy as expected. Use the techniques covered in the “Deploying and Maintaining Installation Packages” section of Chapter 3 to inspect and troubleshoot problem installation packages.

Creating Configuration Installation Packages

For most administrators the process of creating configuration installation packages is the most difficult and time-consuming step of the entire modular system image workflow. Essentially, you have to research and develop a payload or script to be built into an installation package, which performs all the custom configurations, including configuring system settings, creating users, and configuring any user-specific settings, that you would normally do manually to a model system.

It’s possible to set any Mac OS X configuration by using the appropriate command or by replacing the appropriate file as illustrated earlier in the “Customizing the Model System” section of this chapter. Nearly all the customizations presented earlier can be easily automated and made part of an installation package. Exploring all the possible configuration options that can be automated is beyond the scope of this text, but the following references (all from Peachpit) should get you started:

  • UNIX For Mac OS X 10.4 Tiger: Visual QuickPro Guide, 2nd Edition—This guide serves as a great command-line and scripting primer.

  • Apple Training Series: Mac OS X Directory Services v10.—This is a comprehensive guide to both local and network directory services and user accounts in general.

  • Apple Training Series: Mac OS X Advanced System Administration v10.5—This is a general guide to advanced Mac OS X and Mac OS X Server configuration.

Building a Modular System Image

Once you have collected or created all your installation packages, it’s time to build the modular system image. To give you a full understanding of the modular system image build process, this section will guide you through all the steps to manually build a modular system image. However, if you want to take the easier, automated route, look no further than the third-party InstaDMG tool that this process is based on.

To build a modular system image:

  1. At the command line, use the hdiutil command to create a sparse disk image that will act as the build destination for your modular system image.

    This image needs to be formatted with a Mac OS X Extended Journaled volume large enough to contain your entire system deployment. Remember, this is a sparse disk image, so it will only occupy as much space as the contents of the volume require.

    In the following example, Michelle first uses hdiutil create to create a sparse disk image that can expand to 300 gigabytes. The name and format of the volume are immaterial at this point because you will have to reformat the volume in the next step to appease the installation process. The disk image file itself will be created on her desktop and is named modimage.sparseimage. She then uses the hdiutil command to mount the disk image volume.

    MyMac:~ michelle$ hdiutil create -size 300g -type SPARSE
    -fs HFS+J Desktop/modimage.sparseimage
    created: /Users/michelle/Desktop/modimage.sparseimage
    MyMac:~ michelle$ hdiutil attach Desktop/modimage.sparseimage
    /dev/disk1      GUID_partition_scheme 
    /dev/disk1s1    EFI 
    /dev/disk1s2    Apple_HFS                           /Volumes/untitled
    

    Note that the file-system mount point, /dev/disk1 in this example, is not the same as the volume name, untitled. The system mount point is chosen based on the order in which an item was mounted since system boot, so it could be different every time. This file-system mount point will be used in the next step.

  2. With the modular disk image volume still mounted, use the diskutil command to reformat that volume. This step is necessary to name the volume and to format the partition scheme so the Mac OS X installation process thinks it’s a bootable destination.

    In the following example, Michelle uses diskutil eraseDisk to properly reformat the modular disk image volume. Notice that she has to specify the volume format in quotes, then the new name of the volume (PretendcoHD in this example), then the partition format, and finally the file-system mount point of the modular disk image volume. The file-system mount point of your modular disk image volume may be different from the one shown by the hdiutil command in the last step when you mounted the volume.

    MyMac:~ michelle$ diskutil eraseDisk "Journaled HFS+" PretendcoHD GPTFormat /dev/disk1
    Started erase on disk disk1
    Creating partition map
    Formatting disk1s2 as Mac OS Extended (Journaled) with name PretendcoHD
    [ + 0%..10%..20%..30%..40%..50%..60%..70%..80%..90%..100% ] 
    Finished erase on disk disk1
    Finished partitioning on disk disk1
    
  3. Use the hdiutil command to mount the disk image you created earlier of the Mac OS X install media.

    In the following example, Michelle uses hdiutil attach to mount the Mac10.5Install.dmg disk image file in the ModularItems folder on her desktop.

    MyMac:~ michelle$ hdiutil attach Desktop/ModularItems/Mac10.5Install.dmg
    Checksumming whole disk (Apple_HFS : 0)...
    ..................................................................
        whole disk (Apple_HFS : 0): verified   CRC32 $24B0A354
    verified   CRC32 $226663A2
    /dev/disk2                                /Volumes/Mac OS X Install DVD
    
  4. Use the installer command to install the Mac OS X system software to the modular build image volume. The Mac OS X installation metapackage is buried deep inside the Mac OS X Install volume, but it’s shown in the example here. By default, the installer command will install all items of the selected installation package. If you want to limit which items are installed, you’ll need to specify an installation choices XML file that you created previously.

    In the following example, Michelle uses the installer command to install the Mac OS X system software in the modular build disk image volume PretendcoHD. As you can see, she must run the installation with root access. She also chooses to specify an installation choices XML file to limit the items that will be installed, and at the end she specifies an installation language and verbose logging so she can watch the process in detail.

    MyMac:~ michelle$ sudo installer -applyChoiceChangesXML "Desktop/ModularItems/
    InstallationChoices.xml" -pkg "/Volumes/Mac OS X Install DVD/System/Installation/
    Packages/OSInstall.mpkg"
    -target "/Volumes/PretendcoHD" -lang en -verbose
    ...
    installer: The software was successfully installed.....
    installer: The install was successful.
    
  5. Use the installer command to install all the necessary Apple software updates.

    You will probably need to run multiple installations to install all the necessary updates. You must install the Apple software updates in an appropriate order. For example, you should always install the latest system combo update first before any newer updates. In addition, you should check the Apple Downloads webpage for other, version-dependent updates that must be installed before yours (http://www.apple.com/downloads/macosx/apple/).

    In the following example, Michelle uses the installer command to install the Mac OS X 10.5.2 Combo updater to the modular build disk image volume PretendcoHD. Although she still has to run the command with root access, she does not have to specify any more variables besides the source installation package and the target volume.

    MyMac:~ michelle$ sudo installer -pkg Desktop/ModularItems/MacOSXUpdCombo10.5.2.pkg
    -target /Volumes/PretendcoHD -verbose
    ...
    installer: The software was successfully installed.....
    installer: The install was successful.
    
  6. After all your Apple updates are installed, you can optionally choose to archive a base system image. Then, in addition to being up-to-date, the system image you have just created will be a clean installed version of Mac OS X that could be used as the future starting point for other disk images.

    If this is something you want, eject the modular disk image volume using hdiutil eject, and then make a copy of the disk image file. Keep the copy archived until your next modular system build, and you can skip the first four steps of the build process.

  7. Continue the build process by using the installer command to install all your third-party or custom installation packages. Keep in mind that these packages may need to be installed in a certain order. Also note that all the installation choices inside installation metapackages can be individually selected by implementing an installation choices XML document similar to the one used for the main Mac OS X v10.5 installer.

    Use the same simple installation process that you used to install the Apple system updates. In the following example, Michelle uses the installer command to install a custom package. Using the verbose flag here is especially wise because this is where you will probably start running into your first installation packages bugs.

    MyMac:~ michelle$ sudo installer -pkg Desktop/ModularItems/AdminDeployment.mpkg
    -target /Volumes/PretendcoHD -verbose
    ...
    installer: The software was successfully installed.....
    installer: The install was successful.
    
  8. After you have performed all the intended installations for you modular disk image, copy the final modular system volume to a new read-only (optionally compressed) disk image to get it ready for deployment.

    In the following example, Michelle uses hdiutil create to create a read-only compressed disk image from the contents of the modular disk image volume. Notice she is copying from one drive to another to reduce the amount of time this process can take.

    MyMac:~ michelle$ sudo hdiutil create -format UDZO -srcfolder /Volumes/PretendcoHD
    /Volumes/Storage/ModularSystem.dmg
    Password:
    ..
    created: /Volumes/Storage/ModularSystem.dmg
    
  9. Scan the read-only modular system image just as you did to prepare the cloned system image earlier in this chapter. In fact, you have to perform an image scan on any system disk image that you intend to deploy.

    In this example Michelle uses asr imagescan to prepare the ModularSystem.dmg disk image for deployment.

    MyMac:~ michelle$ sudo asr imagescan -source /Volumes/Storage/ModularSystem.dmg
    Password:
    Block checksum: ....10....20....30....40....50....60....70....80....90....100
    asr: successfully scanned image "/Volumes/Storage/ModularSystem.dmg"
    

Updating a Modular System Image

Now you’ll see where using the modular system workflow really pays off. To update your image, simply add new or updated installation packages and build a new image using the steps in the preceding task. This new image will be exactly the same as the previous system image for the items that you have not updated or changed. Thus, updating a modular system image generally requires much less testing than updating a cloned system image.

Further, because in this workflow all your additions and updates take the form of installation packages, you can easily update systems that are already deployed. Using a tool such as Apple Remote Desktop 3 you can distribute these new installation packages to your deployed systems. Once updated, your deployed systems should have nearly the same system configuration as your new modular system image.

  • + Share This
  • 🔖 Save To Your Account

Peachpit Promotional Mailings & Special Offers

I would like to receive exclusive offers and hear about products from Peachpit and its family of brands. I can unsubscribe at any time.

Overview


Pearson Education, Inc., 221 River Street, Hoboken, New Jersey 07030, (Pearson) presents this site to provide information about Peachpit products and services that can be purchased through this site.

This privacy notice provides an overview of our commitment to privacy and describes how we collect, protect, use and share personal information collected through this site. Please note that other Pearson websites and online products and services have their own separate privacy policies.

Collection and Use of Information


To conduct business and deliver products and services, Pearson collects and uses personal information in several ways in connection with this site, including:

Questions and Inquiries

For inquiries and questions, we collect the inquiry or question, together with name, contact details (email address, phone number and mailing address) and any other additional information voluntarily submitted to us through a Contact Us form or an email. We use this information to address the inquiry and respond to the question.

Online Store

For orders and purchases placed through our online store on this site, we collect order details, name, institution name and address (if applicable), email address, phone number, shipping and billing addresses, credit/debit card information, shipping options and any instructions. We use this information to complete transactions, fulfill orders, communicate with individuals placing orders or visiting the online store, and for related purposes.

Surveys

Pearson may offer opportunities to provide feedback or participate in surveys, including surveys evaluating Pearson products, services or sites. Participation is voluntary. Pearson collects information requested in the survey questions and uses the information to evaluate, support, maintain and improve products, services or sites; develop new products and services; conduct educational research; and for other purposes specified in the survey.

Contests and Drawings

Occasionally, we may sponsor a contest or drawing. Participation is optional. Pearson collects name, contact information and other information specified on the entry form for the contest or drawing to conduct the contest or drawing. Pearson may collect additional personal information from the winners of a contest or drawing in order to award the prize and for tax reporting purposes, as required by law.

Newsletters

If you have elected to receive email newsletters or promotional mailings and special offers but want to unsubscribe, simply email ask@peachpit.com.

Service Announcements

On rare occasions it is necessary to send out a strictly service related announcement. For instance, if our service is temporarily suspended for maintenance we might send users an email. Generally, users may not opt-out of these communications, though they can deactivate their account information. However, these communications are not promotional in nature.

Customer Service

We communicate with users on a regular basis to provide requested services and in regard to issues relating to their account we reply via email or phone in accordance with the users' wishes when a user submits their information through our Contact Us form.

Other Collection and Use of Information


Application and System Logs

Pearson automatically collects log data to help ensure the delivery, availability and security of this site. Log data may include technical information about how a user or visitor connected to this site, such as browser type, type of computer/device, operating system, internet service provider and IP address. We use this information for support purposes and to monitor the health of the site, identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents and appropriately scale computing resources.

Web Analytics

Pearson may use third party web trend analytical services, including Google Analytics, to collect visitor information, such as IP addresses, browser types, referring pages, pages visited and time spent on a particular site. While these analytical services collect and report information on an anonymous basis, they may use cookies to gather web trend information. The information gathered may enable Pearson (but not the third party web trend services) to link information with application and system log data. Pearson uses this information for system administration and to identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents, appropriately scale computing resources and otherwise support and deliver this site and its services.

Cookies and Related Technologies

This site uses cookies and similar technologies to personalize content, measure traffic patterns, control security, track use and access of information on this site, and provide interest-based messages and advertising. Users can manage and block the use of cookies through their browser. Disabling or blocking certain cookies may limit the functionality of this site.

Do Not Track

This site currently does not respond to Do Not Track signals.

Security


Pearson uses appropriate physical, administrative and technical security measures to protect personal information from unauthorized access, use and disclosure.

Children


This site is not directed to children under the age of 13.

Marketing


Pearson may send or direct marketing communications to users, provided that

  • Pearson will not use personal information collected or processed as a K-12 school service provider for the purpose of directed or targeted advertising.
  • Such marketing is consistent with applicable law and Pearson's legal obligations.
  • Pearson will not knowingly direct or send marketing communications to an individual who has expressed a preference not to receive marketing.
  • Where required by applicable law, express or implied consent to marketing exists and has not been withdrawn.

Pearson may provide personal information to a third party service provider on a restricted basis to provide marketing solely on behalf of Pearson or an affiliate or customer for whom Pearson is a service provider. Marketing preferences may be changed at any time.

Correcting/Updating Personal Information


If a user's personally identifiable information changes (such as your postal address or email address), we provide a way to correct or update that user's personal data provided to us. This can be done on the Account page. If a user no longer desires our service and desires to delete his or her account, please contact us at customer-service@informit.com and we will process the deletion of a user's account.

Choice/Opt-out


Users can always make an informed choice as to whether they should proceed with certain services offered by Adobe Press. If you choose to remove yourself from our mailing list(s) simply visit the following page and uncheck any communication you no longer want to receive: www.peachpit.com/u.aspx.

Sale of Personal Information


Pearson does not rent or sell personal information in exchange for any payment of money.

While Pearson does not sell personal information, as defined in Nevada law, Nevada residents may email a request for no sale of their personal information to NevadaDesignatedRequest@pearson.com.

Supplemental Privacy Statement for California Residents


California residents should read our Supplemental privacy statement for California residents in conjunction with this Privacy Notice. The Supplemental privacy statement for California residents explains Pearson's commitment to comply with California law and applies to personal information of California residents collected in connection with this site and the Services.

Sharing and Disclosure


Pearson may disclose personal information, as follows:

  • As required by law.
  • With the consent of the individual (or their parent, if the individual is a minor)
  • In response to a subpoena, court order or legal process, to the extent permitted or required by law
  • To protect the security and safety of individuals, data, assets and systems, consistent with applicable law
  • In connection the sale, joint venture or other transfer of some or all of its company or assets, subject to the provisions of this Privacy Notice
  • To investigate or address actual or suspected fraud or other illegal activities
  • To exercise its legal rights, including enforcement of the Terms of Use for this site or another contract
  • To affiliated Pearson companies and other companies and organizations who perform work for Pearson and are obligated to protect the privacy of personal information consistent with this Privacy Notice
  • To a school, organization, company or government agency, where Pearson collects or processes the personal information in a school setting or on behalf of such organization, company or government agency.

Links


This web site contains links to other sites. Please be aware that we are not responsible for the privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of each and every web site that collects Personal Information. This privacy statement applies solely to information collected by this web site.

Requests and Contact


Please contact us about this Privacy Notice or if you have any requests or questions relating to the privacy of your personal information.

Changes to this Privacy Notice


We may revise this Privacy Notice through an updated posting. We will identify the effective date of the revision in the posting. Often, updates are made to provide greater clarity or to comply with changes in regulatory requirements. If the updates involve material changes to the collection, protection, use or disclosure of Personal Information, Pearson will provide notice of the change through a conspicuous notice on this site or other appropriate way. Continued use of the site after the effective date of a posted revision evidences acceptance. Please contact us if you have questions or concerns about the Privacy Notice or any objection to any revisions.

Last Update: November 17, 2020