An Ansible playbook upgrade_pam.yml is provided that can upgrade the following PAM components on all nodes in a PAM farm:
General usage is shown below for an example PAM farm named mypam.
ansible-playbook \
-i mypam.ini \
-e @mypam.vars \
-e @mypam.vault \
-e pam_component=(cas|framework|session|web) \
playbooks/upgrade_pam.yml
If the pam_component extra variable is left out, this playbook
will fetch current versions of all components without upgrading anything.
The upgrade process creates backup and download folders on the PAM installation being upgraded:
/pam/.pamops/backups /pam/.pamops/downloads
These folders can grow over time if many upgrades are performed so they should be cleaned up periodically.
This will update all PAM nodes in your Ansible inventory.
To update a single node, use the --limit option when
running the Ansible playbook, as in the following example.
ansible-playbook \
-i mypam.ini \
--limit pam-master1.corp.net \
-e @mypam.vars \
-e @mypam.vault \
-e pam_component=(cas|framework|session|web) \
playbooks/upgrade_pam.yml
Upgrading CAS with this tool will upgrade to the latest update or patch release of the current CAS version. For example, if your PAM farm is running CAS 5.2, upgrading CAS will upgrade to the latest CAS 5.2.x update.