OTA updates for Embedded Linux, part 2 – A comparison of off-the-shelf update systems
In the previous article we discussed the fundamentals and implementation of Embedded Linux update systems. Here we discuss a selection of off-the-shelf open-source update systems that are available to integrate with your Embedded Linux project today.
This update system feels very professional and usable out of the box. It uses a dual-rootfs update system very similar to that which was described in the previous article. It integrates tightly with U-Boot to allow fallback in the case of a non-booting image.
It’s quite easy to get started with Mender, as there is good clear step-by-step documentation on how to set up and integrate the various components. They provide reference implementations on popular platforms like the Raspberry Pi and BeagleBone Black, these can give you an idea on the amount of work required to get it working on your platform.
I found it took about three days to integrate and get working. There were many small changes to get it working with my Yocto build setup (based on Morty). It requires some OpenEmbedded expertise to work around these issues. U-Boot expertise is needed to integrate the dual-booting mechanism correctly.
At the end of this it outputs an “sdimg”, containing the bootloader and filesystem, which needs to be somehow written into your flash memory. How you do this depends on your target hardware. It also outputs what are called ‘artifacts’ which contains the new filesystem image and various metadata.
The artifacts can be installed via the Mender command line tool for a manual install (which can then theoretically be extended to automatic install off a USB stick). Artifacts can also be uploaded onto the backend update web-service via a web interface and from here it can be pushed down to individual units.
The web-interface which controls the backend update server is well-designed and easy to use. Setting it up is done via Docker, which makes initial set-up very straightforward. Expertise in Docker will be required in a full production-ready system. From this web interface you can see all currently deployed devices in the field, and push updates to them individually or in groups.
click for larger image
Figure 1: Mender contains a bespoke web interface for pushing updates to devices (Source: Mender)
The majority of Mender is written in the Go programming language. Some expertise in Go will be necessary for long-term adoption and production releases. While this is still an uncommon language in the embedded world, it may become more widely used in the future.
You are tied to a single hard-coded boot device (e.g: /dev/mmcblk0), so there is no straightforward way to allow booting from multiple mediums. It also makes a lot of assumptions about your system such as various options in the bootloader and the kernel (e.g: including support for certain filesystems). Crucially, it requires systemd which may render it unsuitable for some projects.
This update system is highly configurable. You configure it using the “kconfig” system which will be familiar to most Embedded Linux developers. For a few examples of configuration options: it supports several bootloaders (U-Boot, GRUB, EFI Boot Guard); it can sign and verify signed images based on a given public key; it can support encryption of images using symmetric key encryption.
Figure 2: the configuration system for SWUpdate (Source: SWUpdate)