How it works

Mender is an open source remote updater for embedded Linux devices.

It is a tool to let you update connected devices remotely, whether over-the-air or over any TCP/IP network.

It allows you to deploy an image-based update from the server-side component of Mender to your connected device or devices. The deployment is done securely using HTTPS and the partitioned setup makes sure your device will stay up and running should anything interrupt the update process.


Mender is a client-server application, where the client is installed in embedded devices running Linux. The Mender client regularly checks with the Mender server over HTTP to see if it has an image update available for deployment, and deploys it if there is. A dual A/B rootfs partition layout ensures robustness, so that the embedded device can recover even during incomplete or corrupted deployment installations.


The Mender management server is now published on GitHub for on-premise installations. It is currently in test version and is licensed under the Apache 2.0 license.

If you are interested in testing an early version of the Mender server and guide the development by providing your feedback, please send us an email at

Partition layout and reliability

For reliability during the update process, Mender uses a dual A/B rootfs partition layout. The Mender client daemon runs in user space in the currently booted rootfs partition.


During the update process, the Mender client writes the updated image to the rootfs partition that is not running and configures U-Boot to boot from the updated rootfs partition. The device is then rebooted. If booting the updated partition fails, the partition that was running is booted instead, ensuring that the device does not get bricked. If the boot succeeds, Mender sets the updated partition to boot permanently when Mender starts as part of the boot process.

As Mender downloads and installs the image, other applications on the device continue to run as normal. The only time the device has downtime is during the reboot into the updated partition, which typically takes a minute, depending on the device configuration.

Persistent data can be stored in the data partition, which is left unchanged during the update process.


  • Rootfs rollback support
  • Device status at a glance
  • Group your devices for controlled rollout management
  • Yocto integration with the meta-mender layer
  • Secure TLS communication between client/server
  • Signing and verification of image artifacts for authenticity*
  • Intuitive UI

* Planned feature

OS & board support

Operating system support

Mender currently supports Linux-based devices that use U-Boot and provides a meta layer for the Yocto project for very easy integration with Yocto-based distributions.

If you are using a Linux distribution that is not based on Yocto, e.g. OpenWRT, Emdebian or Ubuntu, you can integrate Mender by setting up the required partition layout and U-Boot features as it is done in the meta-mender repository.

We are planning to support more Linux distributions, boot loaders and other platforms in the future upon demand from the users of Mender.

Board support

Since Mender integrates with Yocto, it is easy to extend the platform support using Board Support Packages (BSPs) in the meta-mender repository.

The reference board for Mender is the BeagleBone Black, and a virtual device using QEMU is also provided for development and testing purposes.

If you are interested in getting support for your board, please contact us or create a pull request against our BSPs in meta-mender repository.

Try Mender now

Get started in minutes

We have created pre-made images with Yocto that include Mender and which can be run in QEMU. This makes it really easy to test out the Mender client and deploy your first over-the-air update.

Click below to go to our 'Getting started' guide and get set up with Mender in minutes.

Get started!