diff --git a/deploy/crds/tower_v1alpha1_tower_cr.yaml b/deploy/crds/tower_v1alpha1_tower_cr.yaml
index 9c3de1b0..589e7a81 100644
--- a/deploy/crds/tower_v1alpha1_tower_cr.yaml
+++ b/deploy/crds/tower_v1alpha1_tower_cr.yaml
@@ -4,8 +4,9 @@ metadata:
   name: example-tower
   namespace: example-tower
 spec:
-  tower_task_image: awx_task:1.0.0.8
-  tower_web_image: awx_web:1.0.0.8
+  tower_secret_key: aabbcc
+  tower_task_image: ansible/awx_task:9.0.1
+  tower_web_image: ansible/awx_web:9.0.1
   tower_memcached_image: memcached:alpine
   tower_rabbitmq_image: rabbitmq:3
   tower_postgres_pass: awxpass
diff --git a/deploy/operator.yaml b/deploy/operator.yaml
index e55a0de9..8f1c8267 100644
--- a/deploy/operator.yaml
+++ b/deploy/operator.yaml
@@ -41,8 +41,8 @@ spec:
                   fieldPath: metadata.name
             - name: OPERATOR_NAME
               value: tower-operator
-            # - name: ANSIBLE_VERBOSITY
-            #   value: '4'
+            - name: ANSIBLE_VERBOSITY
+              value: '3'
       volumes:
         - name: runner
           emptyDir: {}
diff --git a/molecule/default/asserts.yml b/molecule/default/asserts.yml
index 78ce1cd3..c1f2b8de 100644
--- a/molecule/default/asserts.yml
+++ b/molecule/default/asserts.yml
@@ -15,9 +15,9 @@
           - app=tower
       register: tower_pods
 
-    - name: Verify there are two tower pods
+    - name: Verify there is one tower pod
       assert:
-        that: '{{ (tower_pods.resources | length) == 2 }}'
+        that: '{{ (tower_pods.resources | length) == 1 }}'
 
 - name: Verify tower functionality
   hosts: k8s
diff --git a/roles/tower/defaults/main.yml b/roles/tower/defaults/main.yml
index a783cfcb..3f796dd9 100644
--- a/roles/tower/defaults/main.yml
+++ b/roles/tower/defaults/main.yml
@@ -1,6 +1,7 @@
 ---
-tower_task_image: awx_task:1.0.0.8
-tower_web_image: awx_web:1.0.0.8
+tower_secret_key: aabbcc
+tower_task_image: ansible/awx_task:9.0.1
+tower_web_image: ansible/awx_web:9.0.1
 tower_memcached_image: memcached:alpine
 tower_rabbitmq_image: rabbitmq:3
 tower_postgres_pass: awxpass
diff --git a/roles/tower/tasks/main.yml b/roles/tower/tasks/main.yml
index 87dd64fc..f45b0305 100644
--- a/roles/tower/tasks/main.yml
+++ b/roles/tower/tasks/main.yml
@@ -6,3 +6,5 @@
     - tower_memcached.yaml.j2
     - tower_postgres.yaml.j2
     - tower_rabbitmq.yaml.j2
+    - tower.yaml.j2
+    - tower_task.yaml.j2
diff --git a/roles/tower/templates/tower.yaml.j2 b/roles/tower/templates/tower.yaml.j2
new file mode 100644
index 00000000..9afa1380
--- /dev/null
+++ b/roles/tower/templates/tower.yaml.j2
@@ -0,0 +1,80 @@
+# Tower Secret.
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: '{{ meta.name }}-tower-secret'
+  namespace: {{ meta.namespace }}
+data:
+  SECRET_KEY: {{ tower_secret_key | b64encode }}
+
+# Tower Web ConfigMap.
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: '{{ meta.name }}-tower-configmap'
+  namespace: {{ meta.namespace }}
+  labels:
+    app: tower
+data:
+  # SECRET_KEY: {{ tower_secret_key }}
+  DATABASE_USER: awx
+  DATABASE_PASSWORD: awxpass
+  DATABASE_NAME: awx
+  DATABASE_PORT: '5432'
+  DATABASE_HOST: {{ meta.name }}-postgres.{{ meta.namespace }}.svc.cluster.local
+  RABBITMQ_USER: guest
+  RABBITMQ_PASSWORD: guest
+  RABBITMQ_HOST: {{ meta.name }}-rabbitmq.{{ meta.namespace }}.svc.cluster.local
+  RABBITMQ_PORT: '5672'
+  RABBITMQ_VHOST: awx
+  MEMCACHED_HOST: {{ meta.name }}-memcached.{{ meta.namespace }}.svc.cluster.local
+  MEMCACHED_PORT: '11211'
+
+# Tower Web Deployment.
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: '{{ meta.name }}-tower'
+  namespace: {{ meta.namespace }}
+  labels:
+    app: tower
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: tower
+  template:
+    metadata:
+      labels:
+         app: tower
+    spec:
+      containers:
+      - image: '{{ tower_web_image }}'
+        name: tower
+        envFrom:
+        - configMapRef:
+            name: '{{ meta.name }}-tower-configmap'
+        - secretRef:
+            name: '{{ meta.name }}-tower-secret'
+        ports:
+        - containerPort: 80
+
+# Tower Web Service.
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: '{{ meta.name }}-tower'
+  namespace: '{{ meta.namespace }}'
+  labels:
+    app: tower
+spec:
+  ports:
+  - port: 80
+    protocol: TCP
+    targetPort: 80
+  selector:
+    app: tower
diff --git a/roles/tower/templates/tower_task.yaml.j2 b/roles/tower/templates/tower_task.yaml.j2
new file mode 100644
index 00000000..6dccc97d
--- /dev/null
+++ b/roles/tower/templates/tower_task.yaml.j2
@@ -0,0 +1,27 @@
+# Tower Task Deployment.
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: '{{ meta.name }}-tower-task'
+  namespace: {{ meta.namespace }}
+  labels:
+    app: tower-task
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: tower-task
+  template:
+    metadata:
+      labels:
+         app: tower-task
+    spec:
+      containers:
+      - image: '{{ tower_task_image }}'
+        name: tower-task
+        envFrom:
+        - configMapRef:
+            name: '{{ meta.name }}-tower-configmap'
+        - secretRef:
+            name: '{{ meta.name }}-tower-secret'