SaltStack/Salt is a configuration management (CM) and orchestration tool that enables system administrators to automate server provisioning and management tasks. Salt is comparatively a newcomer in the CM segment as it was launched in 2011, at a time when Puppet and Chef were ruling the CM space.
However, the late entry into the CM space has benefited the tool as it was able to overcome some of the current challenges hurting the other CM tools such as slow data collection and execution, limited scalability, etc. For this reason, SaltStack quickly evolved into a leader in the CM vertical in spite of not being a super-rich featured tool like Puppet/Chef nor being touted as the simple solution like Ansible. The highly scalable architecture, high speed data collection and execution, reliable performance and powerful orchestration are just a few of the features that sets Salt apart from the competition.
An Overview of SaltStack
SaltStack is a Python-based CM tool created by Thomas S Hatch. Salt leverages the powerful ZeroMQ messaging system to facilitate high speed data connectivity. Earlier CM tools such as Puppet and Chef were slow on data processing. With the ZeroMQ messaging system, Salt users are able to run thousands of simultaneous tasks, taking advantage of its multi-threaded design.
The Salt Architecture
The master-slave architecture of Salt enables it to work as both a push and a pull system. While the tool can pull out the code from the central repository and publish it to remote devices, it also allows agent devices to periodically contact the server for instructions.
Here are some of the important components of Salt Architecture:
- Salt Master: This is the server that communicates with agents installed on endpoints known as minions.
- Minions: Minions are optional Salt agents that are installed on all managed nodes to execute commands and report information back to the Salt Master.
- Grains: Minions receive the information about a target device in the form of grains. The grain interface provide system information such as the OS, memory, domain name, kernel, IP address etc.
- States: States are YAML files for storing minion configuration.
- Pillars: A pillar is a file that stores the configuration details. Pillars support YAML, JSON or other formats.
- Salt Reactors: A salt reactor is a component that listens to events.
The Salt engine creates a secure and bidirectional channel wherein the minions connect to the master and communicate with it. These minions use cryptographic hashes and public key authentication to connect to the master. Once a secure network is formed, the agent can seamlessly communicate with the master. The Salt master can instantly scale up to manage thousands of nodes and facilitate high speed data exchange, owing to the highly scalable architecture and the ZeroMQ messaging system. As such, Salt is suitable to manage deployments in large enterprises. Companies such as LinkedIn, RackSpace and NASA are some of the notable customers of Salt.
By default, Salt offers a command line interface (CLI) and has a REST API for configuration as well. The ability to store configuration information in YAML, JSON or other formats makes it easy to integrate it with other systems. In addition to sharing data, you can fetch data from minions and use it for configuring systems.
Related: Setting Up Your First Puppet Master Server
Salt is a modular event-based system where events are driven into the message bus and the salt reactors deal with them following the pre-defined configurations. This is quite unique to Salt. Salt uses beacon technology to alert reactors when a service is stopped. Another important feature is its extensibility, down to modules, that allows you to easily make your own changes. Whether you want to write an execution model for the code to talk to the API or a state module that defines the configuration of a service, you can easily write them, test it with PyTest and document everything. You don’t need a master for this setup. This feature allows you to meld state into your existing large database or APIs.
Another unique feature of salt is its pluggable key stores. It’s key stores allow you to store sensitive grain data in SQL or fetch passwords from external sources. As templates, grains and states are securely stored in an external data store.
Salt is offered in two versions. Salt, itself, is open source and completely free but SaltStack is the enterprise version. The enterprise version offers additional features such as GUI, front-end analytics engine, custom reports and dashboards, integrated database, a comprehensive module library, etc.
SaltStack and its enterprise version, SaltStack Enterprise, are one of the lesser-known competitors in the configuration management or automation orchestration space but they are showing lots of promise. Through their unique eventing system, beacon technology and fast performance, they are poised to compete with the likes of Chef and Puppet and deserve their spot as a valid competitor to businesses of all sizes.
Adam Bertram
Adam Bertram is a 25+ year IT veteran and an experienced online business professional. He’s a successful blogger, consultant, 6x Microsoft MVP, trainer, published author and freelance writer for dozens of publications. For how-to tech tutorials, catch up with Adam at adamtheautomator.com, connect on LinkedIn or follow him on X at @adbertram.