Saltstack is complicated and beautiful - a rare combination
August 05, 2016
Saltstack is complicated and beautiful - a rare combination
Score 8 out of 10
Vetted Review
Verified User
Software Version
SaltStack (legacy)
Overall Satisfaction with VMware vRealize Automation, with SaltStack Config
We use Saltstack to manage ~400 remote nodes, and ~35 server nodes. It handles configuration management, rapid deploys, rapid updates of security vulnerabilities, and targeted data acquisition.
Pros
- Targeting is easy and yet extremely granular - I can target machines by name, role, operating system, init system, distro, regex, or any combination of the above.
- Abstraction of OS, package manager and package details is far advanced beyond any other CRM I have seen. The ability to set one configuration for a package across multiple distros, and have it apply correctly no matter the distrospecific naming convention or package installation procedure, is amazing.
- Abstraction of environments is similarly valuable - I can set a firewall rule to allow ssh from "management", and have that be defined as a specific IP range per dev, test, and prod.
Cons
- Saltstack could use more intermediate-level documentation and tutorials. Most of the information out there tends to leap from "install apache" (the "hello world" of configuration management) straight to the most complex scenarios.
- Similarly, more outreach to a wider audience would be useful. In the same way that widespread use of git and vim makes these easy stacks to require of new engineers, widespread use of Saltstack by amateurs and dabblers would be helpful for saltstack.
- With Saltstack helping to keep my environment managed and under control, I have gone from spending 30-40 hours per week in Ops and 0-10 in Dev, to spending less than 5 hours in Ops most weeks.
Chef and Puppet both require writing code, which I view as excessively involved for the task at hand. I have only needed to write pure python for a handful of Saltstack use cases - everything else has been configuration files.
Ansible, while elegant and simple, simply does not have the abstraction layer or the granularity that Saltstack does.
Cfengine has a reputation for complexity, and a relatively small community at this time.
Ansible, while elegant and simple, simply does not have the abstraction layer or the granularity that Saltstack does.
Cfengine has a reputation for complexity, and a relatively small community at this time.
Comments
Please log in to join the conversation