olly - Fotolia

Tip

Salt minions and grains facilitate deployment at scale

A tiered management setup and finely grained monitoring capabilities make SaltStack's configuration management tool worth considering.

Ancient civilizations built roads and fought wars for salt. Modern IT shops may find equal motivation to acquire Salt.

Many IT shops use configuration management to automate settings in their corporate IT environment. Puppet, Chef and Ansible have been around for a few years, and now SaltStack's Salt configuration management tool is becoming increasingly popular. Salt minions avoid agents on devices, and Salt grains make SaltStack part management tool, part monitoring tool.

Configuration management options

Puppet configuration management has been around for a long time, and works by maintaining a desired state on managed servers via manifest files. Ansible manages nodes through a secure shell (SSH) agent and requires that Python be installed on managed nodes. Chef uses recipes that declare the resources that should be available on a managed node. CFEngine, a lightweight system, manages configuration using policy description that describes the desired state of the managed system.

A configuration management solution should manage a wide range of operating systems. At least Windows and Linux OSes should be supported in a modern data center environment, which is why the relatively common Spacewalk solution -- formerly the foundation for Red Hat Satellite -- is not included in this article.

Salt minions make the difference

Salt is a relatively new configuration management option. The open source Salt product, upon which the enterprise SaltStack version is based, started as a way to manage remote servers, and is strong in managing host configuration. Salt was created after looking at the shortcomings in the current configuration management software available; it takes a different approach. Most importantly, SaltStack can work in an agentless configuration, where nothing is installed on managed nodes, but SSH is operational.

The Salt minion is the product's key component. SaltStack puts the minion on the managed nodes. It searches contact with the Salt Master, from which all management tasks happen. SaltStack allows the Master to issue commands on administrator-selected groups of minions. SaltStack minions are lightweight, which makes them very scalable. As an example, LinkedIn uses SaltStack in a configuration with 72,000 minions. To allow for efficient communication, SaltStack enables users to tier communication: The Salt Master talks to proxy minions, which communicate to the minions on managed devices.

Worth its salt

SaltStack was awarded product of the year at VMworld 2014. Open source vendor SUSE includes it in its management software, SUSE Manager, from versions 3 onward.

Once Salt minions have registered with the SaltStack servers, administrators can communicate to the minions directly, using a command-line interface or scripts written in YAML.

SaltStack's configuration management offering is probably more scalable than competitive products because of the tiered management system, where peer-to-peer requests are possible and the proxy minions can get information efficiently. Also, the information does not come from a database, which can fall out of date, and is instead real time, coming through the minion directly from the node that is managed.

Monitoring with Salt

Apart from configuration management, SaltStack offers IT systems monitoring, using grains. Grains collect information on the managed node. Administrators can make very specific requests for monitoring data, depending on how the grain is developed. From the Salt Master, the user can query the nodes that have a minion with that specific grain running. This eases the work of an administrator, as there is no longer a reason to create management groups from the master node, but data is available in real time by querying information from client nodes.

Next Steps

Set up SaltStack for your IT organization 

 

Dig Deeper on Systems automation and orchestration