Configuration Management tools failover behaviour

failover ansible configuration-management chef saltstack

Solution 1:

I will comment only on the ones i have experience with, that means Puppet and Ansible. And I'm omitting some details.

Both can be setup to run agentless or local only if needed. To use them local only you obviously need some way to transfer the needed manifests / playbooks to the target machines and run them there.

Talking about Puppet usage with masters, you can have redundancy using a load balancer with the actual masters behind.

In Ansible instead there is no master concept, each machine that can connect to the managed machines with ssh / powershell can do, provided you have a way to access the playbooks. Maybe you meant Ansible Tower, which uses a DB for it's operation, and you can cluster it if needed.

This brings us at the real redundancy in both cases, that is the actual scripts. In nearly all cases i have seen those stay at a git repository, so it's inherently redundant, just cloning it and you can have how much "master" copies as you wish.

Hope this helps.

Solution 2:

If you look at salt, the only information that makes up a working connection between master and minions are:

  • the fact that the minion can resolve the master ip somehow
  • the minions public keys in the /etc/salt/pki/master directories

If your salt master dies, the systems will keep on running with no effect. But you are right, you cannot run any changes to your configurations while the master is gone. So a question is how fast can you get it back?

You can simply reinstall the master and start it up - you can accept your minions keys again (or reinstall an potential backup) and you are at the same place where you left off with your old master. If you cannot reuse the same machine, than you would need to point the minions to the new master somehow.

No state data in a database that might be corrupted or gone. That for me is the beauty of it. Its an overlay, it does not squeeze in. Not - as an other way example - like juju, where when your database is gone your systems act like they are beheaded and you have to reinstall.

There is also Multimaster and Syndic in Salt - High Availability is a long standing topic in its development.

Related

apache 2.4.6 not recognizing header type for css or js with php-fpm
Identify data loss due to logging failure on Exchange 2013 database(s)
Fix Windows Server 2012 R2 system time?
Should I use HW Raid or ZFS as filesystem for Citrix XenServer?
WARNING: pool www seems busy (you may need to increase pm.start_servers, or pm.min/max_spare_servers)
502 Bad Gateway on Nginx
Windows Update showing "Some settings are managed by your organization" on Azure Windows Server 2019 VM
Asterisk ghost calls
Why is my rewrite rule resulting in "400: Bad Request"?
Rsyslog: From a custom log file, Forward only the messages matching a pattern
sendmail foward local mail to relay host
Nginx 404 for css js files