One of the greatest joys I experience is when an idea catches on and key members in a client organisation engage into the message that I’m delivering. I recently conducted a presentation to an Ops team detailing how Ansible Tower can be introduced to help manage their server infrastructure. “But why stop at servers?” they asked me “Could this be used to manage the desktop environments as well?”.
I’ve always considered Ansible as the tool for production based environments, but the question intrigued me. Can Ansible be used to manage desktops as well as servers? When you get right down to it, from Ansible’s point of view connecting to a windows 7 desktop or a server 2012 instance do not represent a lot of difference. Providing those environments are setup to accept WinRM connections and have a valid Service Account, Ansible should be able to provision and configure those environments as easily as it can Servers.
Even managing an infrastructure consisting of several hundred windows desktops in the Inventories section doesn’t pose too much of a challenge. Ansible Tower comes with a handy command line tool called tower-manage inventory_import so getting an export from Active Directory and into Tower is a sinch.
So from a technical point of view, managing desktops with Ansible Tower is definitely a possibility that could be implemented into enterprise sized infrastructure.
The only issue that has to be considered carefully is the financial cost and gained benefit from following this path.
With regards to Servers, how the environment is configured, updated, provisioned and maintained are critical to the long term operational stability of an organisation. It makes sense for large organizations to use CM tools like Ansible to manage their environments and reduce risk.
Desktops on the other hand are a different story. With the exception of large data centers, there will generally be a greater number of desktops than servers. Other than core applications like Anti Virus and system updates (which usually have their own automated update mechanic), it’s not so critical to keep Desktop environments up to date with the latest software releases. Many Desktop devices may be mobile, such as laptops, and are often offsite and not connected to the internal network. Most problems can be fixed by the use of a strategic disk defragmentation or turning it off and back on again. With all these points brought into consideration it is clear that the financial benefit of using Tower to manage full-scale Enterprise Infrastructures is just not worth the capital expenditure. For the cost of licenses required to manage anything above 500 nodes, you could easily hire 2 or 3 extra desktop technicians and receive a greater return.
While the potential is there for including Desktop devices into the scope of CM, companies such as Red Hat and Puppet Labs need to look further into their pricing models to make it worth an organisation’s while to invest in these tools. As it stands, the standard per node costing model doesn’t work on anything else other than Servers. Which is a shame considering the potential advantages of simplifying the Continuous Delivery cycle for developers producing desktop applications right to the desktop on release day.