Ask DevOps: Infrastructure automation for everyone with Ansible and Salt

Ask DevOps: Infrastructure automation for everyone with Ansible and Salt
Ask DevOps: Infrastructure automation for everyone with Ansible and Salt

Business And DevOps

How often do you have to manually apply the same steps when setting up an infrastructure environment for yourself? Being in charge of tens, hundreds, sometimes even thousands of servers also means that there are hundreds of deployments to handle, configurations to make, patches to apply, security issues to solve, and updates to download. Imagine if all of these manual actions were coded and treated the same way as the other software systems!

Thanks to automation, system administrators found out a way to present infrastructures as code that would take care of the boring routine tasks. Ansible and Salt are great result examples of these efforts. Ansible, Salt and products like Chef, Puppet aim to give enterprise IT visibility and control over the spread of their infrastructure. Both SaltStack and Ansible have gotten attention for the flexibility of their products.

How they work

AnsibleWorks is maintaining the open source IT automation space in support of Ansible, an IT automation framework that is based on a simple declarative language that doesn’t require IT organizations to learn a specific programming language. Ansible is written in Python, it can be executed within any application development language an IT organizations prefers.

Ansible is the platform for open source software to configure and manage computers. It combines multiple software deployment nodes, task execution and ad-hoc configuration management. Ansible controls nodes on SSH and does not require any remote software agent to operate. The system uses YAML to define descriptions of reusable systems form.

The engine allows users to avoid writing custom scripts or code to manage applications and uses a language that embraces the idea of building workflows that most people can understand. In turn, that also means less reliance on traditional IT, faster delivery and better time spent on important projects.

AnsibleWorks also delivers a commercial version of Ansible that can be deployed across multiple data centers in support of activities such as disaster recovery, and a hosted version that can be invoked as a service via the company’s support for RESTful application programming interfaces.

Like Puppet, Chef, and Ansible, SaltStack or Salt is an open source server management and automation solution used for cloud deployment, configuration management, remote execution and monitoring in a clean, well-designed package. The automation helps cloud and software development teams, data center operations and enterprise IT organizations configure and automate essential IT systems at the speed and scale required by the most advanced cloud infrastructures.

Salt is very fast, easy to set up, amazingly malleable and provides a single remote execution architecture that can manage the diverse requirements of any number of servers.

Open source Salt is primarily focused on Linux and UNIX server management, though it offers significant Windows management capabilities as well. It is an extremely flexible and easy to learn automation tool. Salt is written in Python, which makes it a bit easier to justify implementing as Python is becoming a favorite amongst system admins which decreases the learning curve for Salt.

Puppet and Chef more like developers and development centers, while Salt and Ansible focused on the needs of system administrators. Both Ansible and Salt maintain code updates to quickly run arbitrary commands on an ad-hoc basis. Both the automation framework built on the YAML serialization format to represent configuration and execute commands.

The comparison

Ansible doesn’t require any configuration management, application deployment, or IT process workflow. It works by providing a single interface to coordinate all major IT automation functions without the use of any agent or any software installed on the devices under management.

Salt uses a push method of communication with clients using SSH rather than locally installed clients. Salt servers have two types, Master and Minion. The master server is the server that hosts all of the policies and configurations and pushes those to the various minions. All of the pushed information is communicated via ZeroMQ; this communication is also encrypted and minions must be authenticated on the master before receiving any commands/configurations.

Salt processing is fast as compared to Ansible. Salt functions asynchronously and incorporates an asynchronous file server for file deployments. When it comes to security, Salt includes its own AES implementation. Ansible uses standard SSH and does not require any daemons to be running on the remote servers aside from OpenSSH.

Salt had more hiccups in the initial install and a few things that seemed a bit odd. Ansible, on the other hand, works with comparatively minimal dependencies and only need to be installed on the systems that will be running the ansible and ansible-playbook commands. As many Ansible  users noted, getting it to a point where you can copy a few files or restart services in an ad-hoc manner is easy, and SaltStack is equally simple (even though it requires a daemon, it’s basically just python and 3-4 python deps).

Unlike Ansible, Salt has the provision to provision and manage server instances on clouds such as Amazon and Rackspace through an extension called Salt Cloud. Though configuring Salt Cloud is bit tedious, configuring, renaming, modifying, and destroying predefined profiles for cloud server instances can be done with a single command line after the setup is done. Ansible launched AWX, its first commercial enterprise product. AWX adds advanced features to the automation framework, a graphical user interface and REST endpoint that sits on top of Ansible.

Ansible advantages compared to Salt is that on managed nodes you do not need to install any additional software, everything works through SSH. The Ansible product documentation is written in great detail and at the same time–plain and simple, it is updated regularly and Ansible works not only in the push, but pull, as do most control systems (Puppet, Chef).

Automation frameworks like Ansible and Salt not only have the capablity of handling  the initial setup and provisioning of a server, but also application deployment, and command execution. However, it may take a little while longer for most IT organizations to master the nuances of IT automation tools.