Last year I was lucky enough to attend the sixth annual SaltStack user conference hosted in Salt Palace in Salt Lake City! With this conference, we inaugurated our partnership with SaltStack and brought a use case regarding how to automate migration processes. You can find the presentation slides in the end-of-article “Resources” paragraph.
I feel really lucky to be attending this conference and I thank Quantyca for the support I was given!
In this article, I will try to summarize all the news that was presented at SaltConf2019 and give you some tips to better understand the positioning of the software and the use cases that can be managed. Let’s start by trying to understand how SaltStack is positioned on the market:
SaltStack ranks among the “Strong Performers” profile owning a robust offer and leading traits including:
- Discovery capabilities
- Set-up simplicity
Well, now that we know where SaltStack is positioned on the market, let’s see what the article topics are:
- POP: Plugin-Oriented Programming
- SaltStack SecOps Solutions
2. POP: Plugin-Oriented Programming
One of the news of the conference is the introduction of POP: a Plugin-Oriented Programming Paradigm.
POP has been designed to make pluggable software easy to write and easy to extend. It can be used to extend an existing project to add plugins or to build a project overall pluggable.
The original concept behind POP was how to “take the best aspects of Salt, and make them more pliable and more extensible so that we can continue to innovate while having a more successful open source community,” Thomas Hatch (SaltStack CTO) said during his conference keynote.
On this basis, three new software were presented: Umbra, Heist, Idem.
2.1 Umbra: AI/ML made easy
AI and machine learning decisions are made in the darkness of a program where the developer can’t see. Umbra, which means “the darkest part of a shadow” exists to get your data through that darkness.
Umbra uses a plugin system to attach to data streams, then it prepares that data for machine learning and then, finally, to attach to an outbound data stream. All of it is possible because Umbra is a POP project and pluggable with any other program.
Using Umbra to apply AI to a system is intended to be as easy as possible. When making an AI/ML system there are many considerations, not just the actual AI/ML systems that are going to be used. Umbra seeks to make these steps re-usable and easy to apply to multiple types of applications.
For example, you can use Umbra for Anomaly Activities Detection and take advantage of the Salt Platform to Remediate.
2.2 Heist: Ephemeral software tunneling and delivery system
Heist is a cutting-edge way to enact change on a system without requiring a traditional agent. While agent-based solutions have many inherent advantages, they also introduce additional complexity. Agentless alternatives offer simplicity and ease of use but fall down when putting to any serious test of scale or complexity.
It solves this challenge through the use of “dissolving agents”. Heist allows teams to open an SSH tunnel, send a portable agent to a target system and when the agent is done, all trace of it, including the tunnel is removed.
Heist creates network tunnels for distributing and managing agents. While it has been originally built to deploy and manage Salt Minions, it can be used to distribute and manage other agents or plugins if extended to do so.
Therefore, you can build your own version of Salt binary using the salt-bin project, including or excluding features.
2.3 Idem: Transform configuration into idempotent action
Idem is an idempotent dataflow programming language. It exposes stateful programming constructs that makes things like enforcing the state of an application, configuration very simple.
Since Idem is a programming language, it can also be used for data processing and pipelining. Idem can be used not only to manage the configuration of interfaces but also for complex rule engines and processing files or workflows.
This means that you can create salt-formulas without installing Salt.
3. SaltStack SecOps Solutions
A really noteworthy announcement was the general availability of SaltStack Protect for automated discovery and remediation of security vulnerabilities across web-scale infrastructure.
Also, the product SaltStack SecOps has been renamed in SaltStack Comply. It automates the work of continuous compliance and has been updated with new CIS Benchmark content and a new SDK for the creation of custom security checks.
These two SaltStack SecOps products provide a collaborative platform for both security and IT operations teams to help customers break down organizational silos, offset security and IT skills gaps, and decrease the time required to find and fix critical security vulnerabilities.
As you may have already realized SaltStack is increasingly moving away from being “simply” an Event-Driven Configuration Management System, I would venture to say that it no longer is. Rather, the birth of an Automation platform that can be customized, integrated and extended to cover specific user use-cases is taking shape. POP and related products are concrete proof of this.
4.1 SaltConf20 in Europe
Last but not least the next SaltStack Conference will be held also in Europe in the Netherlands!
The dates and location were set for the week of June 8, 2020, in Geldermalsen, Netherlands at Sue B.V. headquarters but as Marc Chenn announced a few days ago:
Coronavirus forced all of us to change the way we work and interact. At SaltStack we had no choice but to be responsible global citizens and put 2020 SaltConf events on hold.
So we’ll look forward to further updates.
At this point, waiting for the next conference date, I report below some useful resources and last but not least if you liked this article I would appreciate claps, follows and shares. Moreover, visit my company website, or follow our LinkedIn page to discover more contents!