You are browsing documentation for a version other than the latest stable release. Switch to the latest stable release, 2.3.
This page describes how to install the Mender client in an existing Linux system. Installing this way does not offer a full Mender integration. However, it is possible to use Update Modules and update parts of the system.
A Debian package (
.deb) is provided for convenience to install on e.g Debian, Ubuntu or Raspbian. A Mender package is provided for the following architectures:
See the downloads page for links to download all package architectures. We will assume armhf in the following, which is the most common.
The above link is for armhf devices, which is the most common device architecture. See the downloads page for other architectures, and also make sure to modify the references to the package in commands below.
The Mender package comes with a wizard that will let you easily configure and customize your installation. This option is recommended for new users.
To install and configure Mender run the following command:
sudo dpkg -i mender-client_master-1_armhf.deb
After the installation wizard is completed, Mender is correctly setup on your device and will automatically start in managed mode. Your device is now ready to authenticate with the server and start receiving updates.
Alternatively, the package can be installed non-interactively, suitable for scripts or other situations where no user input is desired.
The setup is different depending on your server configuration and the most common cases
are shown below. Use
mender setup --help to learn about all configuration options.
DEVICE_TYPE="<INSERT YOUR DEVICE TYPE>" TENANT_TOKEN="<INSERT YOUR TOKEN FROM https://hosted.mender.io/ui/#/settings/my-organization>" sudo DEBIAN_FRONTEND=noninteractive dpkg -i mender-client_master-1_armhf.deb sudo mender setup \ --device-type $DEVICE_TYPE \ --hosted-mender \ --tenant-token $TENANT_TOKEN \ --retry-poll 30 \ --update-poll 5 \ --inventory-poll 5 sudo systemctl restart mender-client
DEVICE_TYPE="<INSERT YOUR DEVICE TYPE>" SERVER_IP_ADDR="<INSERT THE IP ADDRESS OF YOUR DEMO SERVER>" sudo DEBIAN_FRONTEND=noninteractive dpkg -i mender-client_master-1_armhf.deb sudo mender setup \ --device-type $DEVICE_TYPE \ --demo \ --server-ip $SERVER_IP_ADDR sudo systemctl restart mender-client
DEVICE_TYPE="<INSERT YOUR DEVICE TYPE>" SERVER_URL="<INSERT YOUR ENTERPRISE SERVER URL>" TENANT_TOKEN="<INSERT YOUR TOKEN FROM YOUR ENTERPRISE SERVER>" sudo DEBIAN_FRONTEND=noninteractive dpkg -i mender-client_master-1_armhf.deb sudo mender setup \ --device-type $DEVICE_TYPE \ --server-url $SERVER_URL \ --server-cert="" \ --tenant-token $TENANT_TOKEN \ --retry-poll 30 \ --update-poll 5 \ --inventory-poll 5 sudo systemctl restart mender-client
As an alternative to using a Debian package, it is possible to install the Mender client from source by following the guidelines outlined in the README.md of the Mender client source repository.
There are security implications to connecting a client and server for the first time, also known as bootstrapping. If a client and server have not exchanged any information in advance, they need to accept each other on trust this first time, with the risk that the information the other party presents is spoofed. To mitigate this risk, the Mender client preinstalls the TLS certificate of the server when it is provisioned, as part of the Yocto Project image build. So it is not possible for a rogue server to intercept the connection from a client or pretend to be a different server, assuming server's private TLS key is securely managed. A rogue device can still spoof the information it sends to the server in order to be authorized, and this is why Mender asks you to make the authorization decision. However, the risk of letting the server manage a rogue device is much lower than the risk of a rogue server managing devices.