Today, the team behind Mender is very proud to announce the production-ready release of Mender, 1.0! Mender is the only open source (Apache 2.0) over-the-air (OTA) software updater for embedded Linux devices that integrates both an updater client and deployment management server.
Since the last pre-release iteration, the focus has been on security and reliability features to ensure Mender is ready for production deployments.
The Mender story
Since this is the first production-ready release of Mender, we will have a look at what got Mender to the place it is today. The Mender story starts almost two years ago, with discussions with many embedded developers about how they got software updates deployed to devices in the field.
The scenario is very consistent:
The engineering team is working very hard to develop the embedded product and get it out to customers. In the final months and weeks of the release cycle, new urgent issues and bugs continue to come up, one by one. But the deadline cannot be changed. By now it is clear that the product, once released, will still have yet-to-be-discovered issues, no matter how much effort is put into testing and fixing. So yet-another project has to be created in this busy period -- a way to deploy software updates needs to be invented. For many engineers, it is not the first time an updater is written - past products had the same requirement. Since the build system can already output rpm
files, some scripts around these are written and a http server is set up to host them. Everyone knows it is not ideal, but this is what can be done given the time constraints. After the product release, the issue of maintaining these scripts, builds and servers surfaces, especially as new products and features are added. And the problem of supporting customers also becomes evident as partial installations and bricked devices are increasingly seen in the field. The update process is uncontrolled and leaves no way for recovery or rollback once updates fail. Who can justify spending development time on OTA anyway? It is not a core competency and not what is being sold.
It is with this background that the team behind Mender decided that it is time for someone to create a general-purpose OTA updater that is:
- Open source so that anyone can use it and participate in improving it, instead of reinventing their own wheels
- Easy to use and integrate so Mender can be used in environments with strict time constraints, even towards the end of development cycles
- Robust to support the unpredictable nature of embedded environments, especially with respect to loss of power, connectivity and corruption, without bricking devices
Today, we support these goals with a dual A/B rootfs update process, more than 70% test coverage, ability to deploy your first update with Mender in less than one hour and easy integration with the Yocto Project. And this is just the beginning!
Growing community
Since the first commit of the Mender client in December 2015, the Mender community has grown a lot!
Community support for Rasberry PI boards has been contributed! The first third-party Mender client has been written and integrated with the Mender Server by IncludeOS, a project developing a unikernel platform. The Mender open source mailing list is very active; there are a lot of discussions on how to integrate Mender into new devices. The Mender client now has more than 60 stars on GitHub.
Thank you to everyone who are helping, contributing, testing and asking questions! Your input ensures Mender will be even better tomorrow. The growing activity is evidence that the open source model is working and we are looking forward to see the trend continue!
Production-ready release
For those of you following and using Mender over time, you might be wondering what is new since last pre-release iteration in December 2016. The main focus has been on reliability and security, and some of the new key features are:
- User login When used in production, it is important that unauthorized users are not allowed to deploy updates. In order to address this, user login has been added and you can see it the first time you start the Mender Server.
-
Redundant U-Boot environment In the past, there was a small window of time where power loss could make a device unbootable: when the U-Boot environment was updated. This release of Mender includes a redundant U-Boot environment so that any loss of power should not brick the device.
-
Production installation Secure certificate and key generation for the Mender Server has been made easy with a new keygen tool. For the security-conscious, a new section of the documentation describes all the certificates and keys in used in Mender. The production version of Mender has received its own docker-compose file to ensure a secure installation. All this is covered in a new production installation section in the documentation that shows how to install Mender for production.
-
Upgrade path A compatibility policy for Mender versions has been established. Going forward, upgrading Mender is supported and well tested so you can maintain Mender with confidence. The Mender software components will follow the MAJOR.MINOR.PATCH design of Semantic Versioning, to meet users expectations. The Mender API also has a versioning policy, aligned with Semantic Versioning.
In order to ensure Mender is ready for production, we have worked closely with several users who have deployed and tested Mender in production and incorporated the feedback into the final release.
You can read more about all the features at the Mender 1.0 product page.
Support for Mender
The Mender management server and client is fully open source, and free to use and modify at your own discretion and risk, without any warranty. With Mender 1.0 released, we are happy to announce that we are now offering subscription support and professional services!
For IoT/embedded products and devices that have strict uptime requirements or in development environments where fast problem-resolution is a priority, subscription support will help you quickly resolve any questions or issues that arise under a service level agreement. Subscription support starts at $99/month for up to 100 devices.
Professional services will help you get off the ground with automated OTA updates quickly, including integration of Mender with your devices and environment. This way your team can stay focused on meeting release deadlines, while ensuring OTA is professionally taken care of.
Read more at the software support page.
Try Mender 1.0
The Mender documentation is updated so that you can easily try the new features in Mender 1.0. If you want to try Mender, head over to the tutorial to create a test environment and deploy your first update within 1 hour!
Once you decide Mender fits your needs and would like to start using Mender in production, follow the production installation tutorial.
We hope you enjoy the release, and please let us know what you think at the Mender mailing list!
Recent articles
An Overview of EU Cyber Resilience Act (CRA) Compliance
Mender versioning: New releases by component
Driving secure innovation: ISO/SAE 21434 & UNECE compliance
Learn why leading companies choose Mender
Discover how Mender empowers both you and your customers with secure and reliable over-the-air updates for IoT devices. Focus on your product, and benefit from specialized OTA expertise and best practices.