cancel
Showing results for 
Search instead for 
Did you mean: 
Disclaimer
JUMPCLOUD EXPRESSLY DISCLAIMS ALL REPRESENTATIONS, WARRANTIES, CONDITIONS, AND LIABILITIES OF ANY KIND ARISING FROM OR RELATED TO THIRD-PARTY SOFTWARE, SCRIPTS, REPOSITORIES, AND APIS. JUMPCLOUD IS NOT REQUIRED TO SUPPORT ANY SUCH THIRD-PARTY MATERIALS AND ALL RISKS RELATED TO THIRD-PARTY MATERIALS ARE YOUR RESPONSIBILITY. PLEASE ALSO REVIEW THE JUMPCLOUD TOS.

Leverage Content Caching for MacOS Update with Patch mgmt policy

shawnsong
Rising Star III
Rising Star III

Last time I shared a "local-network patching" strategy for Windows devices, guess what, the very similar concept can be done on MacOS (and iPadOS,iOS) too! 

Let's go straight into it, shall we? 

The Benefit

It has been brought more and more often typically not just for the large environments but also the slightly smaller ones - internet bandwidth is scarce and the update sizes are usually "big" (over 1GB+ ) for MacOS. Just imagine 20 ish Macs are downloading updates from the internet at the same time, while a few others are having video calls in the same office. 

Not fun at all 😂

Quoting from Apple's KB :

Content caching is a service in macOS that speeds up downloading of software distributed by Apple and data that users store in iCloud by saving content that local Apple devices have already downloaded. The saved content is stored in a content cache on a Mac, and is available for other devices to retrieve without going out over the internet.

OS / App updates are the part of the supported type of cache.

The service doesn't incur extra charges from Apple. 

The "How"

Considerations 

  • Design the topology with multiple "caching hosts" if your network env has separations, large or layered with proxies. You might wanted to read a bit more here.
  • Plan multiple "caching hosts" on non-production Macs - i.e. the IT folk's devices 😄, or a few spared Macs. 

Setting it up

  • Create a device group in JC for the elected caching hosts. 
  • Create a patch policy to make sure these hosts will be downloading the latest updates. Like this:

shawnsong_0-1672732436465.png

  • Bond this policy ONLY to the caching hosts device group you created. 
  • Create a cmd with the lines below to enable Content Caching - ideally set to "run manually":
    # flush out the cache if any to start clean
    sudo AssetCacheManagerUtil flushCache
    sudo AssetCacheManagerUtil flushPersonalCache
    sudo AssetCacheManagerUtil flushSharedCache
    
    # activate the content caching
    sudo AssetCacheManagerUtil activate
    
    # display the status
    AssetCacheManagerUtil status​
  • Expect an outcome like this: 
    2023-01-03 14:59:48.582 AssetCacheManagerUtil[43292:1202646] Content caching flushed its cache.
    2023-01-03 14:59:48.603 AssetCacheManagerUtil[43294:1202657] Content caching flushed its cache.
    2023-01-03 14:59:48.623 AssetCacheManagerUtil[43296:1202664] Content caching flushed its cache.
    2023-01-03 14:59:56.235 AssetCacheManagerUtil[43298:1202763] Content caching activated.
    2023-01-03 14:59:56.235 AssetCacheManagerUtil[43298:1202763] Restart devices to take advantage of
     content caching immediately.
    2023-01-03 14:59:56.244 AssetCacheManagerUtil[43302:1202767] Content caching status:
        Activated: true
        Active: true
        ActualCacheUsed: Zero KB
        CacheDetails: (none)
        CacheFree: 20 bytes
        CacheLimit: 20 bytes
        CacheStatus: OK
        CacheUsed: Zero KB
        Parents: (1)
            192.168.31.253:56421, guid <GUID>, version 244, healthy; su
    pports personal caching: yes, and import: yes, shared caching: yes
        Peers: (none)
        PersonalCacheFree: 20 bytes
        PersonalCacheLimit: 20 bytes
        PersonalCacheUsed: Zero KB
        Port: 62839
        PrivateAddresses: (1)
            192.168.31.245
        PublicAddress: <public_IP>
        RegistrationStatus: 1
        RestrictedMedia: false
        ServerGUID: <GUID>
        StartupStatus: OK
        TetheratorStatus: 0
        TotalBytesAreSince: 2023-01-03 14:59:51
        TotalBytesDropped: Zero KB
        TotalBytesImported: Zero KB
        TotalBytesReturnedToChildren: Zero KB
        TotalBytesReturnedToClients: Zero KB
        TotalBytesReturnedToPeers: Zero KB
        TotalBytesStoredFromOrigin: Zero KB
        TotalBytesStoredFromParents: Zero KB
        TotalBytesStoredFromPeers: Zero KB​
  • Use a mobile configuration editor - in this case I have used iMazing Profile editor (Free), to create a content caching config. (You may find the full list of configurable settings here

 shawnsong_1-1672732818207.png

  • Here is an example mobile.config I used in this case 
    <?xml version="1.0" encoding="UTF-8"?>
    <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
    <plist version="1.0">
        <dict>
            <key>PayloadContent</key>
            <array>
                <dict>
                    <key>AllowPersonalCaching</key>
                    <false/>
                    <key>CacheLimit</key>
                    <integer>20</integer>
                    <key>DatabaseUpdateInterval</key>
                    <integer>3600</integer>
                    <key>DownloadMinRate</key>
                    <integer>1000</integer>
                    <key>ListenRanges</key>
                    <array>
                        <dict>
                            <key>first</key>
                            <string>192.168.31.10</string>
                            <key>last</key>
                            <string>192.168.31.254</string>
                            <key>type</key>
                            <string>IPv4</string>
                        </dict>
                    </array>
                    <key>Parents</key>
                    <array>
                        <string>192.168.31.253</string>
                        <string>192.168.31.245</string>
                    </array>
                    <key>PayloadDisplayName</key>
                    <string>Content Caching</string>
                    <key>PayloadIdentifier</key>
                    <string>com.apple.AssetCache.managed</string>
                    <key>PayloadType</key>
                    <string>com.apple.AssetCache.managed</string>
                    <key>PayloadUUID</key>
                    <string></string>
                    <key>PayloadVersion</key>
                    <integer>1</integer>
                    <key>PeerFilterRanges</key>
                    <array>
                        <dict>
                            <key>first</key>
                            <string>192.168.31.10</string>
                            <key>last</key>
                            <string>192.168.31.254</string>
                            <key>type</key>
                            <string>IPv4</string>
                        </dict>
                    </array>
                    <key>PruneAssetsAge</key>
                    <integer>90</integer>
                    <key>PruneAssetsInterval</key>
                    <integer>7</integer>
                    <key>ReservedVolumeSpace</key>
                    <integer>5</integer>
                </dict>
            </array>
            <key>PayloadDisplayName</key>
            <string>ContentCaching</string>
            <key>PayloadIdentifier</key>
            <string>com.jumpcloud.mdm.custom-policy</string>
            <key>PayloadOrganization</key>
            <string>demo JC</string>
            <key>PayloadRemovalDisallowed</key>
            <true/>
            <key>PayloadType</key>
            <string>Configuration</string>
            <key>PayloadUUID</key>
            <string></string>
            <key>PayloadVersion</key>
            <integer>1</integer>
        </dict>
    </plist>​
  • Create a "MDM Custom Configuration Profile" policy for Mac, upload the mobile configuration file you just created, apply to the same device group.
  • After 1 min or 2, validate the Content Caching service on the device by go to:
    • macOS 13 or later: Choose Apple menu > System Settings > General > Sharing > Content Caching.

    • macOS 12.0.1 or earlier: Choose Apple menu > System Preferences > Sharing > Content Caching.

shawnsong_2-1672733179926.png

shawnsong_3-1672733271301.png

  • You can always run the line below to check the caching / peering status:
    sudo AssetCacheManagerUtil status​

That's it, happy content-caching!

 

 

0 REPLIES 0
You Might Like

New to the site? Take a look at these additional resources:

Community created scripts:

Our new Radical Admin blog:

Keep up with Product News:

Read our community guidelines

Ready to join us? You can register here.