Salt is an open source configuration management and remote execution system. It allows users to remotely execute commands and manage configurations on multiple systems. Key features include a master-minion architecture with remote execution capabilities, a flexible and extensible design, and support for configuration management through states. States allow users to declaratively define the configuration of systems and ensure consistency across environments.
1. Sweetening Systems Management
with Salt
#lspe
SF Bay Area Large Scale Production Engineering Meetup
"Command and Control"
July 19, 2012
Mike Chesnut
Principal Systems Administrator, Talksum
2. What is Salt?
http://saltstack.org
● Relatively new project (<2 years old)
● Started by Thomas Hatch,
now ~150 contributors
● Written in Python
● ZeroMQ as core communication
mechanism
● Extremely flexible and extensible
● Very active community
3. Key Features Overview
Remote Execution Framework
● Master(s), Minions
● All communications over ZeroMQ
○ PUB-SUB for master->minion
○ REQ-REP for minion->master
● All communication encrypted
○ 256-bit AES
● Authentication required
4. Key Features Overview
Remote Execution Framework
Configuration Management System
Highly Modular and Extensible
Readily Available, Easy to Install
API
Cloud Provisioning Tool
5. Salt in Puppet Terms
puppet salt
Language Ruby Python
YAML, Python,
Configuration Syntax Quasi-Ruby subset Jinja, Mako
Extensible/Customizable
ActiveMQ (by default),
Transport RabbitMQ
ZeroMQ
Configuration
Manifests States
Management
Remote Execution MCollective Inherent!
Variables Facter Grains, Pillar
Additional tools to learn, set up, maintain, etc
9. Salt in Operation
Topologies
● peer-to-peer
○ minions can publish
commands/states to each other
(via master)
● minionswarm for testing
○ spawn 100s or 1000s of minions
● multi-master
○ in-product support still lacking
○ users have worked out their own
redundancy/failover solutions
10. Salt in Operation
Key Management
Minion public keys must be
accepted by the master before
communication can occur
13. Salt in Operation
Remote Execution
salt <target> <command> <options>
● target - literal ID name, wildcards, PCRE, list, grains
● command:
○ >80 modules in standard distribution
○ easy to write your own, of course
○ any command can be run with cmd.run
○ any code can be executed with cmd.exec_code
● options are module-specific arguments
22. Salt in Operation
State Management
● simple syntax, lots of examples available
● templatable
● several (~25) state classes included in standard
distribution
● built-in file server also included
● states can be invoked individually
● recommendation: use source control (e.g. git) for
state definition configuration/files!