Best way to setup Mender on multiple devices

Hey,

I am currently trying out Mender and have followed the steps provided to setup a pi with the correct img, then enabled SSH and installed the Mender Client. This has appeared in the Mender hub and has been accepted, allowing me to push updates to it which is great.

Now I’m trying to find out what the best way to do this over numerous devices (potentially 100+) would be? My idea was to use this as a golden img and copy it to another SD card and use it in another pi, so it would already have the correct img, config and client setup. When trying this, the new pi boots fine and connects to the network, but it does not appear in the Mender hub to accept it. I thought maybe that it has copied over ok but the client potentially hasn’t started, hence it not showing in the hub. Any advise on why that may be happening would be appreciated.

If this way is not feasible, I wondered what the best / most efficient way to get the Mender client onto many devices would be?

Thanks in advance!

2 Likes

what are you using to to create the mender device identity? have you ensured that they are different between devices

Hi, @dellgreen.
I have a problem a about device identity. If I only use one pi and two SD card. I will call it a A and B. Can I deploy a system update from A to B on same pi? Does this made conflict identity on hosted mender?

Hey @dellgreen, the identity is default, which I believe is the mac address? (Looking at the docs)

This should work, with one exception. There is a file /var/lib/mender/mender-agent.pem which must be unique for each device along with the device identifier.

So can you just try to remove this in your golden SD image. The Mender client will create this if it does not exist

1 Like

Another approach would be to generate images based on the flow described here,

This essentially means that you would have a golden image without Mender installed, run it trough mender-convert, and the output is an image with Mender installed etc. This method is also required if you would like to perform system updates.

Yes, the default Identity is the MAC address so simply changing SD Cards will make the device appear to the server as the same. Since it will have a different mender-agent.pem it will appear as a separate “authentication set”.

If you need them to appear different then you need to modify the default identity script to provide a unique value. One possibility is to use the /etc/machine-id that systemd generates but you will need to ensure that the machine-id persists across updates on a single card. By default it will be different. We do have a mechanism to enable that in Yocto but I don’t believe we have implemented that in mender-convert.

Drew

Thanks @drewmoseley, it very helpful.

@mirzak This sounds great. I’ve just given it a quick go with a device I’d already setup with a copy of my “golden img”, I’ve removed the mender-agent.pem file and rebooted, but it hasn’t appeared in the Mender hub. I looked in “Connect a device” but that gives a command to install the mender client, which it already has. Is there another command I maybe have to run to get it to kick into gear? (Sorry if this is obvious :))

Hi,

I think your problem is that you are trying to copy a gold image from an already configured device …
Gold images need preparation before copying to display on the rest of your devices.

Some recommendations that we make:

  • Create a service user with admin permissions to the sudo groups of your interest.
  • Delete /var/lib/mender/mender-agent.pem
  • Delete your / etc / hosts & / etc / hostname before copying the gold image, the system will create them on next boot.
  • Make sure your service daemons (mender etc are activated as service on startup, but are stopped at the time of copying the gold img.
  • Use your mac as device identifier:

*It is only an example, it needs adaptation to your project. - /etc/rc.local


#####
#!/bin/sh -e
# * WIFI / ETH
# rc.local
# @blackdevice.com
# This script capture $MAC value and assigns the dynamic hostname : (ProjectKey-)+($MAC)
 
if [ -e /sys/class/net/eth0 ]; then
      MAC="Projectkey"$(cat /sys/class/net/eth0/address | tr -d ":")
else
      MAC="ProjectKey"$(cat /sys/class/net/wlan0/address | tr -d ":")
fi
 
CURRENT_HOSTNAME=$(cat /proc/sys/kernel/hostname)
echo "$MAC"> "/etc/hostname"
#sed  "s/127.0.1.1.*$CURRENT_HOSTNAME/127.0.1.1\t$MAC/g" /etc/hosts
IP="127.0.1.1"
if [ -n "$(grep $IP /etc/hosts)" ]
        then
            echo ""
        else
sudo -- sh -c -e "echo '127.0.1.1       $MAC' >> /etc/hosts";
fi
hostname $MAC

I hope it helps you … there are many other things we do before we get a gold image … but I think this will get you on the right track …