We've set up an Ansible Tower and have written several job templates and jobs, created our hosts and groups, all of that. Right now we're scheduling jobs to run to apply the playbooks assigned to groups, such as our web servers, to keep them from running into configuration drift. But we've been told not to use Tower for configuration drift, but if we don't do that, what's the best practice on how to use Ansible to ensure the playbooks run on a regular basis?
But we've been told not to use Tower for Configuration Drift
Probably because of infrastructure and resource consumption since i.e. Control with Ansible Tower or verify compliance is a common use case.
... but if we don't do that, what's the best practice on how to use Ansible to ensure the playbooks run on a regular basis?
This will highly depend on your environment, amount of hosts and groups, the content and runtime of playbooks, (configuration) change rate in your environment, network utilization, amount of data transferd and so on.
Except from general available Ansible documentation recommendations some more Best Practices might be
profile_tasks
to achieve this goalIn other words, it is most about Ansible Performance Tuning. You may have also a look into Strategy plugins.