SaltStack Architecture

SaltStack Architecture and Components

What is SaltStack

SaltStack is an Open-source, Python-based Configuration Management system which runs based on Event-driven messaging for IT Automation and Remote Task Executions. Among the Configuration Management Systems available in the market, SaltStack is one of the powerful Systems. The architecture of SaltStack is based on the remote execution of commands. Basically, it has Salt Master and Minions concept. Salt Master is a server that will send commands to Minions. Whereas Minion is a daemon application running in target machines that need to be configured. In this article, we will discuss what is SaltStack and SaltStack Architecture and Components.

SaltStack Architecture.

Just like another Configuration Management system, SaltStack follows Client-Server Model. In which Master server will command the Minions (Client) servers to execute the commands from remote using SSH or Zero MQ. The main difference between the other Configuration Management system is, SaltStack is Architected as a Publisher-Subscriber model. Basically, the Publisher-Subscriber model is an Asynchronous network method that will never miss the instructions in the messaging queue. Salt Master will publish the instructions to Salt Minions.

SaltStack Architecture
SaltStack Architecture

Once the Minion receives the Instruction from the Salt Master, it will return the status of the executed Instruction. Both Salt Master and Salt Minions are connected with the Event Bus managed by the Zero MQ server.

Components of SaltStack Master

SaltStack master will have following component to make the configuration management system running.

  • Salt Mine – Salt Mine will collect the State data of the Salt Minions and store it in master then it will make the data available back to Minions. Mine data will mostly contain Network, Firewall, and more.
  • Salt Piller – It is useful for storing sensitive data such as SSH Key, credential files Passwords, and also Non-sensitive data like Configuration files.
  • Auth Service – This is the service used for Authenticating the Salt Minion’s Communications such as Publish and Subscribe authorizing, User Access Control, Creating Encrypted Communication channels, and Rotating Security Keys.
  • File Server – Itis the Salt Master Built-in stateless ZeroMQ server. We can have ZeroMQ transfer the Files from Salt Master to Minions. However, this File server requires a Backend. Which we can add the Local File system or GIT as the Backend for the File Server.
  • Salt Wheel (API) – Salt Wheel or API will allow developers to programmatically access Salt Master.
  • Salt Cloud – Salt Cloud is a Powerful Interface for Cloud Hosts. So, It will give you the interaction between Salt Master to Cloud Machines.
  • Salt Runner – Salt Runners are the modules that will help to execute the commands from the Salt Master such as Job-status, Reading data from external API, Connection Status of Minion, etc.
  • Salt Reactor – This is an interface that will keep watching Salt event Bus for the particular Event Tag. If the defined Event tag matches, then the Salt Reactor will trigger certain actions in response to an event. Example, Infrastructure Auto Scaling, Notify Admin Auto Rollback, etc,
  • Salt Engines – It is the External System that leverages the ability of Salt master’s Long-running Process. It will have access to Salt Configurations, Execution Modules, and Runners. Engines are always connected with the Event Bus.
  • Salt SSH – Salt SSH is the built-in salt service that will let salt-master access the Salt Minions using SSH Connection. This is not like the ZeroMQ connection, but it will have complete access over the salt-minion or Target machines.

Components of SaltStack Minions

Salt Minions or target Machines will have following important components that are making the configuration management system complete.

  • Grains – Salt Grain is Interface, which is like Salt Mine, but it will have Static information of minions like Operating System, Domain Name, IP address kernel, OS Type, Memory, Disk space and many other System Properties. Unlike the Salt Mine, you can create Your own custom Slat Grain to have the specific information about the Salt Minion
  • Returners – Return Data is the block of data that is returned after the execution of the command sent from Salt Master to Salt Minions. Returner is an Interface that allows the Return data to be sent to any system like analytic system or Monitoring System.
  • Salt Beacons – Salt Beacon is the Monitoring System of the Salt Minions. These Beacons are fully matured Monitor and Alert systems that will capture the Issue or Event and allow Salt Reactor to trigger in response.
  • Salt Execution Modules – When Salt Master Executes the Commands, Execution Modules from the Salt Minions will ensure the execution of the Salt commands and performs real-time Monitoring.

Just like any other Configuration Management tools, SaltStack will have the Configuration as Code called, Salt State which will give the complete state of the Target machine. This is again connected with the Salt Master and with Salt Executor, Salt State will be executed, and the entire state defined in the Salt state will be applied and created as Salt Minions.


In this article, we have discussed what is SaltStack and what are the components of SaltStack Architecture and Components, and how this SaltStack Works. In our upcoming article, we will discuss How to Install and Configure SaltStack in various Operating Systems. Later, we will discuss how to write execution modules and Minion State files in detail. Stay tuned and subscribe DigitalVarys for more articles and study materials on DevOpsAgileDevSecOps, and App Development.

Leave a Reply