MMender is an open source remote software updater for embedded Linux devices.
It enables the management of software updates to connected devices remotely, whether over-the-air or over any TCP/IP network. You can deploy an image-based update from the Mender Server to your connected device or devices.
As can you see in the “Mender Server Containers Graph”, Mender Server has several containers, it could be hard to maintain a cluster of hosts running all Mender containers, Rancher makes this easy.
To complete this tutorial you must have following:
There are lots of costs in running Mender Server on DigitalOcean ready for production. The table below describes the monthly costs on DigitalOcean to maintain a Mender Server instance up and running for production environment.
DigitalOcean monthly costs estimation
First, we need to create Rancher Server Droplet. Rancher Server will take care of creating and orchestrating Mender infrastructure in your cluster.
Go to your DigitalOcean dashboard and create a new team called Mender. Switch to Mender team and create a new Droplet with the following configuration:
Rancher Server Droplet configuration
After Rancher Server Droplet provisioning is finished, you must login into to start Rancher Server.
Go to your DigitalOcean dashboard and copy the IP Address of the Rancher Server Droplet.
Now, connect to Rancher Server Droplet running the following command in your computer’s terminal:
$ ssh root@<RANCHER_SERVER_IP>
NOTE: Replace <RANCHER_SERVER_IP>
to the IP Address of Rancher Server Droplet.
After successfully connected to SSH, run the following commands to start Rancher Server:
$ curl https://releases.rancher.com/install-docker/17.03.sh | sh$ docker run -d -restart=unless-stopped \-p 8080:8080 \rancher/server:stable
It will only take a couple of minutes for Rancher Server to start up.
Rancher Server UI is exposed on port 8080, so in order to view the UI, go to http://<RANCHER_SERVER_IP>
:8080
By default, Rancher Server comes with no Access Control enabled, this means anyone on internet can access Rancher Server UI. It is recommended to configure Access Control soon after launching Rancher Server.
In the Admin tab, click Access Control. Select the Local icon. Create an admin user by providing the Login Username, Full Name, and Password. Click Enable Local Auth to turn on local authentication.
To add Rancher Hosts, access the Rancher Server UI and click Infrastructure, which will immediately bring you to the Hosts page. Click on the Add Host. Rancher will prompt you to select a host registration URL. This URL is where Rancher server is running and must be reachable from all the hosts that you will be adding. Just click in Save.
By default, the Custom option will be selected, select DigitalOcean icon, enter your DigitalOcean Access Token and click Configure Droplet.
You can generate DigitalOcean Access Token on the Applications & API section of the control panel.
In the next page set following configuration for the hosts:
Rancher Host configuration
Leave all other options at their default values. Click Create and wait until Rancher is provisioning hosts for you.
Mender Catalog for Rancher provides templates that make it easy to deploy Mender Server stack.
Templates of Mender Catalog for Rancher
In Rancher Server UI, go to Admin/Settings and add a new custom catalog:
Please see Generating new keys and certificates section from Mender documentation website for generating certificates and keys.
Certificates and keys | Mender documentationMender documentationdocs.mender.io
In this step, we will deploy a Mender Server stack across Rancher Hosts you have been created in Step 4.
Mender uses a secure client-server communication though HTTPS. In order to enable HTTPS in Rancher Load Balancer, you need to upload both private key and certificate files.
In Rancher Server UI, to to Infrastructure/Certificates page. To add a new certificate click on Add Certificate.
Provide a Name and Description for the certificate. If you have generated the certificate following the instructions from Step 6 you have to upload the _keys-generated/certs/api-gateway/private.key_
as Private Key and _keys-generated/certs/api-gateway/cert.crt_
as Certificate.
To enable persistent storage for all MongoDB instances of Mender Server, we need to install Docker volume plugin for DigitalOcean Block Storage. The Mender Catalog for Rancher also provides a infrastructure template to install this plugin on all Rancher Hosts.
In Rancher Server UI, go to Catalog/Mender and select REX-Ray DigitalOcean Driver. In the next page enter following configuration:
In Rancher Server UI, go to Catalog/Mender and select Mender Server. In the next page enter following configuration:
Mender Stack configuration
keys-generated/keys/useradm/private.key
file.keys-generated/keys/deviceauth/private.key
file.To create your AWS access and secret key, see Managing Access Keys for your AWS Account from AWS Documentation website.
In DigitalOcean control panel, go to Load Balancers page by selecting Networking from the top navigation bar, then clicking Load Balancers. This will take us to Load Balancers page. Click on Create Load Balancer. In the Create Load Balancer page:
Load Balancer configuration
Leave all other options at their default values and click in Create Load Balancer.
Once the Load Balancer is created, its IP address will appear automatically on the Load Balancers overview page. Copy the IP Address and simply open it in your web browser.
The first time you access the UI, you will be asked to create the initial user. Simply input your email and desired password as shown below:
Mender initial screen
The Mender Catalog for Rancher also provides a template for Rancher Backup Agent, which enables you to backup your Mender Server stack.
In Rancher Server UI, go to Catalog/Mender and select Mender Backup Agent. In the next page enter following configuration:
Feel free to browse and contribute to Mender Catalog for Rancher.
gustavosbarreto/mender-rancher_mender-rancher — Rancher template for Mender platform_github.com