Automation

Manage and Configure Windows Servers with Ansible Tower

Learn how to Manage and Configure Windows Servers with Ansible Tower including how to setup an inventory container, import playbooks and setup authentication

Ansible Tower provides a really nice GUI interface to managing an Ansible deployment.  Additionally, it provides the ability to create job templates, scheduling, and notifications which definitely add to the power of Ansible Tower in configuration management. Ansible Tower is a pay for product in enterprise trim, however, there is also a lighter version for free that can be used to manage 10 nodes.  We have already covered how to install and configure Ansible Tower on an Ubuntu server. Let’s now look at how we can Manage and Configure Windows Servers with Ansible Tower much the same as we looked at managing Windows Servers simply from the Ansible command line.

Ansible Tower Licensing

First of all, to get your hands on the Ansible Tower Basic version (that does not expire) for up to 10 nodes, you can visit the following link:

The noted limitations include:

  • No support
  • No LDAP and Active Directory support
  • No system tracking, audit trails and surveys.

You can also opt for a non-limited true trial that expires after 30-days that is the full Ansible Tower with all the limitations removed.

Ansible-Tower-Basic-Edition-allows-managing-10-nodes-for-free
Ansible Tower Basic Edition allows managing 10 nodes for free
The-Paid-Ansible-Tower-versions-include-self-support-standard-and-premium
The Paid Ansible Tower versions include self support standard and premium

Importing Ansible Inventory into Tower

Below under the Inventories section, create a new Inventory name.  This will basically create the inventory container that will be used to house our groups that we will import.

Creating-new-Inventory-in-Ansible-Tower
Creating new Inventory in Ansible Tower

To proceed with this walkthrough of using Ansible Tower to manage and configure Windows servers, you can take a look at the preceding article which used the command line version of Ansible only.  We will reference the directories created in that post to move forward with Ansible Tower.  The first thing we need to do is copy our working directory from using the Ansible command line and place the files inside the working directory for Ansible Tower.

We can copy our working directory to this directory with the following:

cd /var/lib/awx/projects
cp -R /<working directory> <project directory>
Copying-a-project-folder-into-the-default-Ansible-Tower-Projects-folder
Copying a project folder into the default Ansible Tower Projects folder

The working directory for Ansible Tower is found here:

/var/lib/awx/projects

We can import the inventory that we copied over into the inventory container created earlier with the command:

tower-manage inventory_import --source=./inventory.yml --inventory-name="CloudServers"
Importing-the-inventory-into-the-inventory-container-created-in-Ansible-Tower
Importing the inventory into the inventory container created in Ansible Tower
When-the-import-of-the-inventory-runs-we-now-see-the-groups-populated-from-the-inventory-in-Ansible-Tower
When the import of the inventory runs we now see the groups populated from the inventory in Ansible Tower

Ansible Tower Credentials

A quick note concerning Ansible Tower credentials.  If you haven’t already, check out the post on configuring Ansible to use Kerberos authentication which steps you through configuring Kerberos in Ubuntu.  The process to use Kerberos authentication is the same with Tower with just a slight twist.  You need to have Ansible to prompt you for your credentials instead of using the kinit command that was discussed in the Kerberos post.  The krb5.conf file is still important as this is what allows Ansible Tower to communicate with Active Directory.  Ansible Tower uses a different cache location for credentials and deletes the cache as soon as the task is completed.

Click the settings cog in the upper right hand corner, and then select Credentials.  Create a new credential configuration as shown below.  Windows Machines need the Machine setting for Credential Type.  You can save the password or select the checkbox to Prompt on launch.

Ansible-Tower-kerberos-credentials-for-managing-Windows-Servers
Ansible Tower kerberos credentials for managing Windows Servers

When you select to run a job task, you will be prompted to enter your Kerberos credentials.

Entering-Kerberos-credential-password-on-Ansible-Tower-Job-Task-launch
Entering Kerberos credential password on Ansible Tower Job Task launch

Manage and Configure Windows Servers with Ansible Tower

At this point we can create a Job Template which allows us to specify an inventory and playbook and marry those two things together.  Additionally, Job Templates allow scheduling the job template so the tasks can be run at specified intervals.

Creating-a-job-template-in-Ansible-Tower-to-Manage-Windows-Servers
Creating a job template in Ansible Tower to Manage Windows Servers
Available-actions-on-a-Job-Template-in-Ansible-Tower
Available actions on a Job Template in Ansible Tower

The Job Window displays the output of the task just as you would see running the job from the command line.

Running-an-Ansible-Tower-job-task-with-successes-and-failures
Running an Ansible Tower job task with successes and failures
Creating-a-job-schedule-in-Ansible-Tower-to-run-a-specified-Job-Task
Creating a job schedule in Ansible Tower to run a specified Job Task

Having notifications of job tasks is powerful and allows you to be proactive with both successful and unsuccessful job tasks.  You can create a notification template with various types of notifications including:

  • Email
  • Slack
  • Twilio
  • Pagerduty
  • Hipchat
Creating-notifications-for-Job-Tasks-in-Ansible-Tower
Creating notifications for Job Tasks in Ansible Tower

Takeaways

It is both powerful and easy to Manage and Configure Windows Servers with Ansible Tower.  Ansible Tower enables administrators to have a GUI interface as well as scheduling and notification capabilities.  The Standard and Premium versions of Ansible Tower also allow integration with Active Directory for logins as well as great auditing capabilities to go along with the other functionality and features.  As shown, it is quite easy to get up and running with Ansible Tower Manage and configure Windows servers and with the free 10 node license, you can run Ansible Tower indefinitely in a home lab or other dev/test environment to manage up to 10 nodes.

Subscribe to VirtualizationHowto via Email 🔔

Enter your email address to subscribe to this blog and receive notifications of new posts by email.



Brandon Lee

Brandon Lee is the Senior Writer, Engineer and owner at Virtualizationhowto.com, and a 7-time VMware vExpert, with over two decades of experience in Information Technology. Having worked for numerous Fortune 500 companies as well as in various industries, He has extensive experience in various IT segments and is a strong advocate for open source technologies. Brandon holds many industry certifications, loves the outdoors and spending time with family. Also, he goes through the effort of testing and troubleshooting issues, so you don't have to.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.