What is SaltStack?
SaltStack was developed on GitHub – the online playground for developers. The open-source software was released to the general public in March 2011. “Salt” – as the configuration management tool is often abbreviated to – helps in the automated management and monitoring of server systems. Using SaltStack, it’s possible to install and configure software from a central computer and run any number of configuration commands. Find out what’s special about Salt, how it’s used by admins and what advantages the management tool offers for you.
- Total control over your data
- Benefit from the highest security standards
- No vendor lock-in for maximum flexibility
What makes SaltStack special?
SaltStack is license-free software from the Apache Software Foundation that can be used across a range of platforms. It enables administrators to conduct remote maintenance, bring about predefined target states and start checks – both in their own server centre as well as in an external cloud (independent of the provider). Among the main advantages of SaltStack are its easy installation, quick control of communication and the possibility to manage a range of servers in parallel.
When compared with similar systems like Terraform or Puppet, SaltStack excels with its versatile application options and speed. But the principle is the same: using a central server, the administrator defines the configuration of other computers. The configuration management software then implements these settings on the individual clients. To communicate between servers and clients, SaltStack uses the messaging library ZeroMQ. This allows large and small volumes of data to be distributed quickly. Communication is protected via data encryption with the symmetrical encryption technology AES. Reliable Asynchronous Event Transport (RAET), implemented in 2014, provides additional security for data transmission.
The actual configurations with SaltStack are made via a text file in YAML format. The simple mark-up language enables the representation of structured data in a sequential format. Using the programming language Python, you are able to combine many configuration commands ready for execution with SaltStack.
Management versatility with SaltStack
Besides managing systems like Linux, SaltStack can also be used to organise MacOS and Windows clients. With Salt Cloud, SaltStack offers a universal interface for this purpose. This way, you can configure and manage a number of systems. Even private clouds and virtual server environments can be automatically managed.
In our DevOp tutorial, you can learn everything you need to know about using Terraform and SaltStack.
Advantages for administrators
- No matter what target system administrators want to manage – the commands in SaltStack are always the same. This makes it easy to use and learn.
- The tool not only enables the automated distribution of configurations, it can also react to events since it registers what type of communication is exchanged in the infrastructure.
- SaltStack is included in Salt Open and is available for anyone using Apache License 2.0. Moreover, you can actively shape the development of the software. If manufacturer support is important to you, there is also an enterprise version.
Key terms explained
When you use SaltStack, you’ll come across certain terms that relate to the configuration management tool. We’ve summarised the most important ones for you below.
Salt Master
The Salt Master was created in the programming language Python and is the server for the messenger ZeroMQ, which provides the data to the client. In the context of servers and clients, it’s common to refer to masters and minions. That’s why the SaltStack server is called Salt Master. All integrated target systems are centrally managed via this server. It transmits commands and files.
Salt Minion
Salt Minions receive the commands from the Salt Master. At the same time, they inform the Salt Master of all relevant events and outcomes.
Salt Syndic
Salt Syndic is an intermediary Salt Master. It operates between the Salt Master and Salt Minions.
Salt SSH
Sometimes a Salt Minion may not be executable on a target system. SSH allows the Salt Master to directly contact this system. However, this communication does not occur via ZeroMQ, which can make the process much slower. A number of functions and modules are dropped as well.
Salt Proxy Minion
The Salt Proxy Minion allows you to control third devices. For instance, this includes network devices like routers or switches.
How does SaltStack work?
Using “buses” like ZeroMQ, SSH or the Proxy Minion, Salt Minions are assigned commands by the Salt Master. The Salt Minions respond with an individual key. The Salt Master needs to confirm this key on first contact for the command to be run. Encrypted communication with key pairs is therefore involved.
Let’s imagine you want to configure a software program. You give the respective command to the Salt Master, which forwards it to all the Minions. The software is then automatically configured across all devices in the infrastructure. The Master can also be duplicated as a Salt Syndic in this process.