Ansible Agent Option?
-
@DustinB3403 said in Ansible Agent Option?:
@scottalanmiller said in Ansible Agent Option?:
@DustinB3403 said in Ansible Agent Option?:
@Obsolesce said in Ansible Agent Option?:
Why Ansible with Windows?
I don't think @scottalanmiller is running Ansible from Windows, but looking to manage Windows with Ansible.
Which it looks like it's included. .
Correct. It is included, but how do you reach it when the Windows client leaves the LAN?
How would you reach anything else when it's not on the LAN?
VPN, ssh etc.
Don't want a VPN or to expose ports. Salt handles this beautifully. I can't figure out how all the other ecosystems deal with the myriad machines that don't sit directly accessible on the LAN.
-
@DustinB3403 said in Ansible Agent Option?:
With Windows, my guess would be Powershell over SSH
SSH call back automation isn't the best and if you don't have a person managing it, I think you are going to have a tough time.
-
SHould work, in theory, but having every machine SSH back to the Ansible server to establish a tunnel is extremely cumbersome.
-
@scottalanmiller said in Ansible Agent Option?:
@DustinB3403 said in Ansible Agent Option?:
With Windows, my guess would be Powershell over SSH
SSH call back automation isn't the best and if you don't have a person managing it, I think you are going to have a tough time.
Well windows isn't* POSIX compliant so yeah. . I'd expect as much.
-
@DustinB3403 said in Ansible Agent Option?:
@scottalanmiller said in Ansible Agent Option?:
@DustinB3403 said in Ansible Agent Option?:
With Windows, my guess would be Powershell over SSH
SSH call back automation isn't the best and if you don't have a person managing it, I think you are going to have a tough time.
Well windows is POSIX compliant so yeah. . I'd expect as much.
Yeah, but it would be crappy on UNIX, too. SSH call backs are just cumbersome all around.
-
That's why Salt uses an agent, an agent of some sort is required for normal companies to have coverage.
-
I think most companies try to only manage a very limited subset of their machines with these tools, and just skip managing the "tough ones" in almost all cases. Which is fine, but totally doesn't meet my needs 95% of the time.
-
@scottalanmiller said in Ansible Agent Option?:
I think most companies try to only manage a very limited subset of their machines with these tools, and just skip managing the "tough ones" in almost all cases. Which is fine, but totally doesn't meet my needs 95% of the time.
Yeah, I'm kind of in the same boat. Ansible fits for the 95% that I want to manage (Apple) but I need it to do some backflips to make it work.
And am totally skipping Windows with Ansible because we have so few of them that the setup time just isn't worth it IMO.
Still playing it all out though.
-
Why not have an Ansible server on the same network as the devices and reachable by the Ansible server?
-
@Obsolesce said in Ansible Agent Option?:
Why not have an Ansible server on the same network as the devices and reachable by the Ansible server?
From an MSP perspective that can get pretty inefficient and heavy.
-
@Obsolesce said in Ansible Agent Option?:
Why not have an Ansible server on the same network as the devices and reachable by the Ansible server?
So a full server traveling with every laptop? I get that it could be a VM on top of every Windows's instance, but that seems absurdly complex. And how to you make sure it fires up? And how do you manage hundreds or thousands of "one to one" servers to devices? And if you need a server for each device, does any of it make sense?
-
@coliver said in Ansible Agent Option?:
@Obsolesce said in Ansible Agent Option?:
Why not have an Ansible server on the same network as the devices and reachable by the Ansible server?
From an MSP perspective that can get pretty inefficient and heavy.
Yeah, 1000 users, 1000 servers.
-
@scottalanmiller said in Ansible Agent Option?:
@coliver said in Ansible Agent Option?:
@Obsolesce said in Ansible Agent Option?:
Why not have an Ansible server on the same network as the devices and reachable by the Ansible server?
From an MSP perspective that can get pretty inefficient and heavy.
Yeah, 1000 users, 1000 servers.
In a case like that, does ansible really make sense then? Would salt be easier to setup and maintain, since that is agent based?
-
@scottalanmiller said in Ansible Agent Option?:
@Obsolesce said in Ansible Agent Option?:
Why not have an Ansible server on the same network as the devices and reachable by the Ansible server?
So a full server traveling with every laptop? I get that it could be a VM on top of every Windows's instance, but that seems absurdly complex. And how to you make sure it fires up? And how do you manage hundreds or thousands of "one to one" servers to devices? And if you need a server for each device, does any of it make sense?
Oh, lol... so mobile devices. I missed that bit.
-
@coliver said in Ansible Agent Option?:
@Obsolesce said in Ansible Agent Option?:
Why not have an Ansible server on the same network as the devices and reachable by the Ansible server?
From an MSP perspective that can get pretty inefficient and heavy.
Why is an MSP wanting to manage client user Windows mobile devices with Ansible? That doesn't make much sense and not really what it's for.
-
@Obsolesce said in Ansible Agent Option?:
@coliver said in Ansible Agent Option?:
@Obsolesce said in Ansible Agent Option?:
Why not have an Ansible server on the same network as the devices and reachable by the Ansible server?
From an MSP perspective that can get pretty inefficient and heavy.
Why is an MSP wanting to manage client user Windows devices with Ansible? That doesn't make much sense and not really what it's for.
Because they're being paid to manage them.
-
@DustinB3403 said in Ansible Agent Option?:
@Obsolesce said in Ansible Agent Option?:
@coliver said in Ansible Agent Option?:
@Obsolesce said in Ansible Agent Option?:
Why not have an Ansible server on the same network as the devices and reachable by the Ansible server?
From an MSP perspective that can get pretty inefficient and heavy.
Why is an MSP wanting to manage client user Windows devices with Ansible? That doesn't make much sense and not really what it's for.
Because they're being paid to manage them.
Then they should manage them with MDM software.
-
@Obsolesce said in Ansible Agent Option?:
@DustinB3403 said in Ansible Agent Option?:
@Obsolesce said in Ansible Agent Option?:
@coliver said in Ansible Agent Option?:
@Obsolesce said in Ansible Agent Option?:
Why not have an Ansible server on the same network as the devices and reachable by the Ansible server?
From an MSP perspective that can get pretty inefficient and heavy.
Why is an MSP wanting to manage client user Windows devices with Ansible? That doesn't make much sense and not really what it's for.
Because they're being paid to manage them.
Then they should manage them with MDM software.
And which MDM would recommend?
-
@Obsolesce said in Ansible Agent Option?:
@DustinB3403 said in Ansible Agent Option?:
@Obsolesce said in Ansible Agent Option?:
@coliver said in Ansible Agent Option?:
@Obsolesce said in Ansible Agent Option?:
Why not have an Ansible server on the same network as the devices and reachable by the Ansible server?
From an MSP perspective that can get pretty inefficient and heavy.
Why is an MSP wanting to manage client user Windows devices with Ansible? That doesn't make much sense and not really what it's for.
Because they're being paid to manage them.
Then they should manage them with MDM software.
But Salt works fine, I'm wondering if Ansible has the same or similar level of power. MDM is definitely the wrong tool here.
-
@Obsolesce said in Ansible Agent Option?:
@coliver said in Ansible Agent Option?:
@Obsolesce said in Ansible Agent Option?:
Why not have an Ansible server on the same network as the devices and reachable by the Ansible server?
From an MSP perspective that can get pretty inefficient and heavy.
Why is an MSP wanting to manage client user Windows mobile devices with Ansible? That doesn't make much sense and not really what it's for.
What is Ansible for if not managing your computers? It's what Salt is for.
