A PAM deployment consists of one or more VMs. Each VM fulfils a specific role in the deployment. Some roles are required, others are optional. Some roles may be combined on the same VM.
Many deployment models are possible. See Ansible Inventory for examples.
| Role | Required? | Count | Notes |
|---|---|---|---|
| Ansible Controller | Yes | 1 | Where Ansible runs and where Ansible configuration files are maintained. |
| PAM Master Node | Yes | 1 or more | Ansible will install PAM on these hosts and configure them as master nodes with all PAM services (GUI/API, session manager, and job engine). |
| PAM Remote Node | No | 0 or more | Ansible will install PAM on these hosts and configure them as remote nodes with the session manager and job engine services (no GUI/API). |
| PAM Session Node | No | 0 or more | Ansible will install PAM on these hosts and configure them as remote nodes with the session manager only (no GUI/API or job engine). |
| PAM Worker Node | No | 0 or more | Ansible will install PAM on these hosts and configure them as remote nodes with the job engine only (no GUI/API or session manager). |
| Ansible-Managed Apache | No | 0 or 1 | Optional Apache Load balancer installed and configured by Ansible. |
| Ansible-Managed Postgres | No | 0 or 1 | Optional PostgreSQL database installed and configured by Ansible. |
Roles may be combined on the same host with some restrictions.