Moving from static iOS CI infrastructure to an agile, scalable macOS private cloud

In this blog, we will describe the path to move from static, physical hardware-based build and test iOS CI infrastructure to one that is agile, scalable, and enables infrastructure-as-code for macOS. In short, you will be able to setup an AWS-like self-service macOS private cloud to run your iOS CI jobs in container-like environments to support your iOS developers.



After a broad survey of existing blogs on iOS CI and discussions with multiple iOS development teams, we have reached the following conclusion on the current state of iOS CI infrastructure.



There are only a handful of ways in which teams that are doing on-prem iOS CI (not just builds, but build and automated tests followed by continuous deployment) can set up their macOS infrastructure to support the iOS CI pipelines/jobs. This limitation exists not due to lack of intention to have a more flexible cloud setup, but due to a lack of availability of cloud technology for enterprises to set up macOS dev/test private cloud, which can also extend to iOS developer machines.



Let’s compare and outline the steps to move from existing status quo to a dynamic, infrastructure-as-a-code setup for development on the macOS platform.


iOS CI on Physical InfrastructureAnka Build Cloud iOS CI Infrastructure
Hardware – Mac hardware allocated for Build and test.Hardware – Mac hardware allocated for Build and test.
Prepare the hardware – Keep the macOS versions/updates consistent on all the CI machines. Some users do it with periodic re-imaging.Re-imaging is no longer needed, simply run software update to take advantage of the latest Anka features.
Prepare the machines to act as a build/test node – This step requires installing all dependencies etc. Most users run configuration management tools on CI mac hardware for this.Install Anka Build.pkg on all Build/Test mac hardware, henceforth called Anka Build nodes.
Create macOS Anka VM and provision (installing dependencies) for the CI jobs. You can fully automate this step with ‘anka create’ & ‘anka run’ (even use existing config mgmt scripts).
Version and push the macOS VM prepared in the earlier step to the Anka registry.
Install and setup Anka Build Controller module on a linux machine or container.
Join all Anka Build nodes with the Anka Build Controller.
Add the prepared build/test node to the CI system.Setup Anka Build cloud in CI system of choice (For Jenkins, use Anka plugin).
Every execution of Build/Test CI job first baselines the configuration on the build mac machine and then starts the actual job.Build/test CI job sends a request to Anka Build controller to pull from the registry and provision clean and sandboxed copies of Anka VMs on the Anka build nodes. VMs are preconfigured with all the dependencies.
After job completion, the machine is left in dirty state.After job completion, the VM can be deleted with no traces left on the hardware or kept alive in an isolated state for debugging.
Next job execution consumes job cycles cleaning the machine first, before running the job.Next job run just provisions clean pre-loaded Anka VMs of particular type, pulled from the registry.
Any issues in configuration management during job runs can result in inconsistent build/test environments.Anka VMs are preloaded with all dependencies for a consistent, immutable environment every time.
Total job time for every run gets extended due to the necessity to run configuration management to prepare the environment with all the dependencies.Total job time is actual build/test time with no overheads. First-time pull of a particular build/test Anka VM can be time-consuming, but this can be resolved by “warming up” the Anka Build nodes (pre-warm the Anka Build node by pulling the VM ahead of time).
Any update to dependencies means tweaking configuration management scripts, with no recourse to go back for troubleshooting.Any update to dependencies means, pulling the last good Anka VM build/test environment from the Registry, updating it with new dependencies and pushing it back to the Registry with a new version. Easy to pull an older version to troubleshoot issues or revert to a previous version of infrastructure.
Not easy to replicate the same CI config mgmt on the developer machines.Eliminate “Works on my machine” issue, with developers pulling the same build/test Anka VMs (reproducible envs) from the Registry and using them to build and test on their workstations locally.



Notes:

  • Anka Build product contains all software modules to setup and configure macOS private cloud for iOS CI.
  • Anka Flow product contains all software modules to enable iOS developers to have the same consistent build and test environments as the CI system.

Start with Anka Build first and then, add Anka Flow.

Share this post

anka-or-1
Anka vs Orka in 2024
It has been several years since we made our first side by side comparison between Anka and Orka. A lot has changed, and we believe it’s important to make sure the information out there is accurate. We’ll be specifically addressing a newer...
Read More
networking-performancev1
Unlocking Superior macOS VM Network Performance: Introducing Anka's new networking mode for Apple Silicon
Large and complex enterprises using Anka have many different demands, and we have worked to continue to develop innovative technology to meet these demands. Enterprise infrastructure hardware is often on the cutting edge, and they need advanced capabilities...
Read More
gitlab-with-anka
Anka Cloud Gitlab Executor
Veertu’s Anka and the new Anka Cloud Gitlab Executor Veertu’s Anka is a suite of software tools built on the macOS virtualization platform. It enables the execution of single or multi-use macOS virtual machines (VMs) in a manner similar to Docker....
Read More
mac-scan-v1
Real-Time CVE Scanning of your macOS Build Systems
It’s common that an organization’s macOS build system will download thousands, sometimes tens of thousands of third-party dependencies every hour. When building and testing iOS applications, it typically downloads and installs third-party...
Read More
anka-on-silicon-v1
The ONLY Fully Automated Apple Silicon macOS VM Creation Solution
Starting in Anka 3.1 we announced that Anka is now able to fully automate the macOS installation processes, disabling SIP, and enabling VNC — all previously manual steps users had to perform inside o the VM. At the time of writing this article,...
Read More
anka_click
Scripting macOS UI User Actions With Anka Click
Starting in Anka 3.2, we’ve introduced a solution for scripting macOS UI user actions. You may ask, “Why would I want to do that?”. Well, often macOS configuration and applications do not have a CLI allowing you to perform certain actions...
Read More
mac-scan-fullscan-shells-v3
Real-time, continuous scan of file downloads on macOS for security vulnerabilities
Today, we are announcing the Beta availability of the Mac Scan solution. Mac Scan software runs on macOS systems (bare metal, virtual, EC2 Mac) and scans downloads in real time for security vulnerabilities. There are multiple scenarios why you would...
Read More
Screen Shot 2022-10-17 at 10.13
Anka 3.1- Fully automated VM macOS installation & The Behavior-Driven macOS UI Automation Framework
We are very happy to announce the General Availability of Anka 3.1 for Apple Silicon / ARM macs. In this release, we are taking our approach to iOS CI automation one step further by introducing a Behavior-Driven macOS UI Automation Framework in Anka,...
Read More
ankam1v2
Migrating from Anka on Intel to Anka on M1 Mac for iOS CI
In this blog, we will cover the key topics for migrating from Anka on Intel to Anka on M1/M2 Macs. Anka is an IaaC solution from Veertu to set up an agile Container like CI for iOS CI using macOS VMs. Anka for Intel uses Apple’s Hypervisor.Framework virtualization...
Read More
ami-scanner-featured-v2
World's first Security Vulnerability scanner for EC2 Mac AMIs
We are excited to announce the General Availability of the world’s first security vulnerability scanner for EC2 Mac AMIs. EC2 Mac AMI Scan scans Intel and Apple Silicon macOS EC2 AMIs, detects security vulnerabilities in third-party packages, dependencies,...
Read More