Managing a Laptop Fleet with Chef


This series of posts is targeted at anyone who has an interest in managing a laptop fleet using Chef. We set this up internally using a combination of Windows and Linux/OSX servers and clients. We’re only discussing managing OS X based devices here and will add details for Linux and Windows devices shortly.

We designed this so that we could give a user a shrink-wrapped laptop and have it boot and load all the tools and configuration we needed without additional IT intervention.

A secondary goal was to be able to pull data from the systems for our internal analytics.

To fully deploy the solution we’re outlining here, it could take a while. Your mileage will vary depending on skill and where you can shortcut things.

What We Are Going To Do

We’re going to do the following things to get you bootstrapped:

  • Review Chef Server and cookbooks
  • Briefly go over the cookbooks you need for this solution
  • Run chef-client against your laptop
  • Build the InstallApplications package.
  • Build the MDM server
  • Build and Deploy Munki to deploy apps to the laptops
  • Extend our security with a Crypt server
  • What’s next? Build a CI/CD pipeline for cookbook verification and Use Hosted Chef Automate 2.0 check for compliance, and verify security requirements of the systems.

Pre Reqs

To be successful here, we recommend you have the following items:
Apple Enterprise Developer account – you need this to get production certs.
Hosted Chef account – first 20 nodes are free.

Knowledge of the following languages is needed and helpful:

  • Python
  • Ruby

NEXT : Setting Up Your Environment