Skip to content

11 MENDER FOR KITRA GTI, update over the air

Jump to bottom
mlidia edited this page Jan 22, 2019 · 11 revisions

MENDER

Mender is an end-to-end open source update manager for IoT that securely and reliably deploys updates to connected devices over any TCP/IP network.

We integrated Mender on our edge device, KITRA GTI. We created a new image that will have some additional partitions: two rootfs and one persistent data. Each rootfs partition is 1. 6 GB.

To enable OTA deployment you need:

  1. A UI-based mender server running on your PC browser (Mender offers also a hosted version (with free trial)) from which you can deploy updates to devices and groups of devices.
  2. Mender artifact software installed on your PC to create mender artifacts.
  3. Edge device Configuration, you need to configure the mender client that comes with pre-installed in the image

Mender Server

Reference link:

  1. Official site

Prerequisites:

  1. Ubuntu 16.04 with git, Docker Engine, Docker Compose

  2. Static Ip <IP_HOST_PC>

  3. Allocated DNS names for the Mender API Gateway and the Mender Storage Proxy

    (For testing we used mender.example.com and s3.example.com and added in the file /etc/hosts two lines <IP_HOST_PC> mender.example.com and <IP_HOST_PC> s3.example.com)

Installation:

Follow the instructions in the official documentation to clone, configure and run the server (some of the commands require sudo otherwise they can give error).

Generate also the certificates and the keys.

  • From /mender-server/production/keys-generated/certs download server.crt You will need it on the client too.

To run the server:

cd []/mender-server/production
sudo ./run up -d

You can access the server entering in your browser the URL (mender.example.com for example) and logging in with the credentials of the user you created.

On the board

Prepare a SD card with the mender image v2.

Flash the board.

Verify that everything is set up by doing lsblk, you should see the following:

1542730758960

Mender is enabled as a service, so it will start after boot.

Configure mender client

  • You need to modify /etc/mender/mender.conf and set the URL of your mender server :

1542730027246

  • Copy the server certificate server.crt in /etc/mender/ as well (or modify the path if you copied it elsewhere).
*Hosted Mender

If you chose to use hosted mender, the server URL will be https://hosted.mender.io and instead of the "ServerCertificate", you have to add the parameter "TenantToken": "eyJhbiJ1N.....", that you retrieve from the hosted mender GUI.

(Optional to create groups of device)

Each board has a device type; an update configured for a certain device type will affect only boards of that type (Compatibility assertion).

  • To modify the device-type of a board, edit the file /var/lib/mender/device-type.

(Optional for demo test)

  • If you just want to test mender, copy inside /etc/hosts the same lines you put on your host PC.

    <IP_HOST_PC> mender.example.com and <IP_HOST_PC> s3.example.com

  • Reboot.

  • Authentication: The first time the device tries to connect to the server, you will see it under the device tab on the mender server. Click green check to authorize the device.

1542811411836

State scripts link

Available only with version 2

There are two types of state scripts, some are stored inside the rootfs and some are delivered with the artifact. State scripts are executed at different stages of mender update cycle. Name convention is <STATE_NAME>_<ACTION>_<ORDERING_NUMBER>_<OPTIONAL_DESCRIPTION>.

Regarding the first type, inside /etc/mender/scripts we store scripts for Idle, Sync and Download stage.

Files must be executable. Inside this folder, we have also the version file which states the supported version.

In our image GTI_mender_release_V2, we provide a script Download_Enter_10_copy-conn-conf-file which saves the conf file of the Network Manager under the data partition before entering the download stage.

To restore the configurations, you have to create an artifact injected with a state script that will be run after the update. These scripts begin with "Artifact" in the name.

Mender-artifact

On your host PC, you need to install mender-artifact in order to create artifacts from raw images.

Reference link:

  1. Official site

To compile it you need go language installed .

Then:

git clone https://github.com/mendersoftware/mender-artifact.git
cd $GOPATH/src/github.com/mendersoftware/mender-artifact/
git fetch origin && git checkout 2.4.0
make

The path is important, it must stay in go/src/github.com/mendersoftware/mender-artifact

Syntax to execute the command is:

./mender-artifact write rootfs-image -t artik-a710 -n update_1 -u rootfs.raw -o artifact.mender -s /home/go/src/github.com/mendersoftware/mender-artifact/scripts/ArtifactReboot_Leave_10_copy-conn-conf-file

-t artik-a710 is the device type that states the compatibility of the update

-n update_1 is the update version (it must coincide with the version inside the rootfs)

-u rootfs.raw is the rootfs extracted from the board

-o artifact.mender is the output name of the artifact

[Optional]

-s .../scripts/ArtifactReboot_Leave_10_copy-conn-conf-file is the full path to the state script we want to inject in the artifact. You can add several scripts by repeating the -s option. These scripts are executed after the update.

Create a deployment

Make your changes on one board and modify the name inside /etc/mender/artifact_info.

Insert a SD card into the board.

mkdir /mnt/SD
mount /dev/mmcblk1p1 /mnt/SD #for sd

lsblk  #check where / is mounted (it can be either 7 or 8)

dd if=/dev/mmcblk0pX of=/mnt/SD/rootfs.raw conv=fsync

umount /mnt/SD

Plug the SD into the host PC.

Use the mender-artifact to create the artifact. (Check that the -n parameter is the same as the one you modified inside artifact_info).

Example

./mender-artifact write rootfs-image -t artik-a710 -n update_2 -u rootfs.raw -o artifact.mender

To inject a state script you have to add it in the following way:

./mender-artifact write rootfs-image -t artik-a710 -n update_2 -u rootfs.raw -o artifact.mender -s <full-path/ArtifactReboot_Leave_10_copy-conn-conf-file>

The script to restore conf file is

#!/bin/bash

set -eE

#get all files in data
data_part_directory="/mnt/data/connections"
connections=$(ls -1 $data_part_directory)

network_manager_directory="/etc/NetworkManager/system-connections"
rm -f $network_manager_directory/*


#copy all connections
for conn in $connections
do
	cp "$data_part_directory/$conn"  "$network_manager_directory/$conn"
done

Eventually you can modify the rootfs directly on the host PC (If you do so, remember that this update won't affect the board you modified unless you manually change the artifact_info name of the board):

sudo mkdir /mnt/rootfs
cp rootfs.raw rootfs-modified.raw
sudo mount -t ext4 -o loop rootfs-modified.raw /mnt/rootfs/

#apply changes you want
sudo umount /mnt/rootfs
#use new rootfs-modified.raw

Start the server. Open browser and log in to server. Verify if devices are visible. Go to the artifact tab and load the .mender file you generated. Go to the deployment tab and create a new one selecting the artifact and the target boards.

The update should start the first following time the client queries the server.

When the board reboots, verify with lsblk that it has changed root partition.

1542730730177

Possible errors

  1. failed authentication: wrong server certificate (server.crt)
  2. failed to send deployment logs to server: transient error: failed to send deployment logs: transient error: uploading logs failed, bad status 400 module=state: no space left, free some space

Debug

systemctl status mender.service

Mender can be run also with debug mode with:

/usr/bin/mender -daemon --debug

Clone this wiki locally