Mender is a client-server application, where the client is installed in embedded devices running Linux. The Mender client regularly checks with the
Mender server over HTTP to see if it has an image update available for deployment, and deploys it if there is. A dual A/B rootfs partition layout
ensures robustness, so that the embedded device can recover even during incomplete or corrupted deployment installations.
The Mender management server is now published on GitHub for on-premise installations. It is currently in test version and is licensed under the Apache 2.0 license.
If you are interested in testing an early version of the Mender server and guide the development by providing your feedback, please send us an email at email@example.com.
Partition layout and reliability
For reliability during the update process, Mender uses a dual A/B rootfs partition layout. The Mender client daemon runs in user space in the currently booted rootfs partition.
During the update process, the Mender client writes the updated image to the rootfs partition that is not running and configures U-Boot to boot from the updated rootfs partition. The device is then rebooted. If booting the updated partition fails, the partition that was running is booted instead, ensuring that the device does not get bricked. If the boot succeeds, Mender sets the updated partition to boot permanently when Mender starts as part of the boot process.
As Mender downloads and installs the image, other applications on the device continue to run as normal. The only time the device has downtime is during the reboot into the updated partition, which typically takes a minute, depending on the device configuration.
Persistent data can be stored in the data partition, which is left unchanged during the update process.