TipsAndTricks/QuickStartOnMenderOTA
Mender Over-The-Air Software Update for Embedded Linux
Mender is an open source remote software updater for embedded Linux devices. It includes both a client and a management server. Mender allows you to deploy an image-based update from the server-side component to your connected devices. We have tried out on qemu for ARM and here are some BKMs to get start.
Mender Artifacts Server Setup Guide
1st Option: DIY Server Setup
Host machine requirements:
[1] OS : Ubuntu 16.04
[2] Google Chrome
[3] Docker Engine 1.11 & above
[4] Docker Compose 1.6 & above
Basic preparation setup
1. Start with cloning the Mender integration repo.
$ git clone -b 1.3.0 https://github.com/mendersoftware/integration mender-server $ cd mender-server $ git checkout -b my-test-setup
2. Duplicate the deployment template to a new directory named production.
$ cp -a template production
3. Replace all template path to new production path.
$ cd production $ ls # Two files are included: prod.yml and run $ sed -i -e 's#/template/#/production/#g' prod.yml
4. Run the script to pull docker image. The run script is a wrapper to help users to setup images with docker compose.
Creating certificates and keys
1. Prepare certificates using the helper script keygen (replacing mender.example.com and s3.example.com with your own DNS names)
$ CERT_API_CN=server.example.com CERT_STORAGE_CN=server.example.com ../keygen
2. The certs and keys generated in a separate directory named keys-generated:
├── keys-generated │ ├── certs │ │ ├── api-gateway │ │ │ ├── cert.crt │ │ │ └── private.key │ │ └── server.crt │ │ └── storage-proxy │ │ ├── cert.crt │ │ └── private.key │ └── keys │ ├── deviceauth │ │ └── private.key │ └── useradm │ └── private.key ├── prod.yml └── run
Persistent storage
Persistent storage of backend services' data is implemented using named Docker volumes. The template is configured to mount the following volumes:
mender-artifacts - artifact objects storage
mender-deployments-db - deployments service database data
mender-useradm-db - user administration service database data
mender-deviceauth-db - device authentication service database data
mender-deviceadm-db - device admission service database data
mender-inventory-db - inventory service database data
Note: There is no documentation on how server admin can access to Docker volumes for artifacts browsing or further inspection.
Each of these volumes need to be created manually:
$ docker volume create --name=mender-artifacts $ docker volume create --name=mender-deployments-db $ docker volume create --name=mender-useradm-db $ docker volume create --name=mender-inventory-db $ docker volume create --name=mender-deviceadm-db $ docker volume create --name=mender-deviceauth-db $ docker volume create --name=mender-elasticsearch-db $ docker volume create --name=mender-dynomite-db
Final configurations
All configurations below were made in prod.yml:
1. Storage proxy
...
storage-proxy:
networks:
mender:
aliases:
- server.example.com
...
2. Minio
In mender-server directory, run "pwgen 16 1" command to generate the secret 16-character value. You will need the 16-character long value for settings in minio. My testing secret key: ahshagheeD1ooPaeT8lut0Shaezeipoo
...
minio:
environment:
# access keys
MINIO_ACCESS_KEY: mender-deployments
# secret
MINIO_SECRET_KEY: ahshagheeD1ooPaeT8lut0Shaezeipoo
...
3. Deployments service
