How It Works

Mender is an open source remote software updater for embedded Linux devices. It includes both a client and a management server, which are both licensed under Apache 2.0.

Mender enables the management of software updates to connected devices remotely over any TCP/IP network. Mender can update devices over-the-air (OTA), but also enables standalone deployments which can be used to deploy updates through external storage such as a USB stick.

Mender allows you to deploy an image-based update from the server-side component to your connected device or fleet of devices. The deployment is done securely using HTTPS and the partitioned setup makes sure your device will stay up and running should anything interrupt the update process. Mender also supports code signing for added confidence that your devices will be updated by a trusted party.

You can read more on our FAQ. Our customer case studies also detail why Mender is chosen for secure and robust OTA updates.


Mender is a client-server application, where the client is installed in embedded devices running Linux. The Mender client regularly checks with the Mender server over HTTPS to see if it has an image update available for deployment, and deploys it if there is. A dual A/B rootfs partition layout ensures robustness, so that the embedded device can recover even during incomplete or corrupted deployment installations.


The Mender management server is now published on GitHub for on-premise installations. It is licensed under the Apache 2.0 license.

Partition layout and reliability

For reliability during the update process, Mender uses a dual A/B rootfs partition layout. The Mender client daemon runs in user space in the currently booted rootfs partition.


During the update process, the Mender client writes the updated image to the rootfs partition that is not running and configures U-Boot to boot from the updated rootfs partition. The device is then rebooted. If booting the updated partition fails, the partition that was running is booted instead, ensuring that the device does not get bricked. If the boot succeeds, Mender sets the updated partition to boot permanently when Mender starts as part of the boot process.

As Mender downloads and installs the image, other applications on the device continue to run as normal. The only time the device has downtime is during the reboot into the updated partition, which typically takes a minute, depending on the device configuration.

Persistent data can be stored in the data partition, which is left unchanged during the update process.

Board support

Out of the box, Mender supports the Raspberry Pi 3 and BeagleBone Black. Mender also supports several other devices through Mender Hub, our community board integration forum. Contact us with your board information to find out more about integrating Mender with your custom board.

Get started with Mender today

Mender is free to use open source software. We provide a hosted platform with a monthly pricing model, as well as a full on-premise solution.

Hosted Mender

Hosted Mender is a secure Mender server we host for you, so you don't have to spend time maintaining security, certificates, uptime, upgrades and compatibility of the server.

Simply point your Mender clients to our server!

Get $120 FREE credit Try it today, and cancel any time.

Use our price calculator to estimate the monthly price for your device fleet

Sign up now!


Mender is open source and free to use - the repositories are available on Github for you to download.

You can set up Mender on-premise by following our Getting Started guide on our documentation pages.


Board integration, Software support and Professional services are available

Getting started guide