fence_azure_arm(8)

1
2FENCE_AGENT(8)              System Manager's Manual             FENCE_AGENT(8)
3
4
5

NAME

7       fence_azure_arm - Fence agent for Azure Resource Manager
8

DESCRIPTION

10       Used  to  deallocate virtual machines and to report power state of vir‐
11       tual machines running in Azure. It uses Azure SDK for Python to connect
12       to Azure.
13
14       For   instructions   to   setup  credentials  see:  https://docs.micro‐
15       soft.com/en-us/azure/azure-resource-manager/resource-group-create-ser‐
16       vice-principal-portal
17
18       Username  and  password  are application ID and authentication key from
19       "App registrations".
20
21       NOTE: NETWORK FENCING
22       Network fencing requires an additional Subnet named "fence-subnet"  for
23       the  Virtual  Network using a Network Security Group with the following
24       rules:
25       +-----------+-----+-------------------------+------+------+-----+-----+--------+
26       | DIRECTION | PRI | NAME                    | PORT | PROT | SRC | DST |
27       ACTION |
28       +-----------+-----+-------------------------+------+------+-----+-----+--------+
29       | Inbound   | 100 | FENCE_DENY_ALL_INBOUND  | Any  | Any  | Any | Any |
30       Deny   |
31       | Outbound  | 100 | FENCE_DENY_ALL_OUTBOUND | Any  | Any  | Any | Any |
32       Deny   |
33       +-----------+-----+-------------------------+------+------+-----+-----+--------+
34
35       When using network fencing the reboot-action will cause a  quick-return
36       once the network has been fenced (instead of waiting for the off-action
37       to succeed). It will check the status during  the  monitor-action,  and
38       request power-on when the shutdown operation is complete.
39
40       fence_azure_arm  accepts  options  on  the command line as well as from
41       stdin. Fenced sends parameters through stdin when it execs  the  agent.
42       fence_azure_arm  can  be run by itself with command line options.  This
43       is useful for testing and for turning outlets on or off from scripts.
44
45       Vendor URL: http://www.microsoft.com
46

PARAMETERS

48
49
50       -o, --action=[action]
51              Fencing action (Default Value: reboot)
52
53       -p, --password=[authkey]
54              Authentication key
55
56       -S, --password-script=[script]
57              Script to run to retrieve password
58
59       -n, --plug=[id]
60              Physical plug  number  on  device,  UUID  or  identification  of
61              machine This parameter is always required.
62
63       -l, --username=[appid]
64              Application ID This parameter is always required.
65
66       --resourceGroup=[name]
67              Name of resource group. Metadata service is used if the value is
68              not provided.
69
70       --tenantId=[name]
71              Id of Azure Active Directory tenant.
72
73       --subscriptionId=[name]
74              Id of the Azure subscription. Metadata service is  used  if  the
75              value is not provided.
76
77       --network-fencing
78              Use network fencing. See NOTE-section for configuration.
79
80       --msi  Determines if Managed Service Identity should be used.
81
82       --cloud=[name]
83              Name of the cloud you want to use.
84
85       -q, --quiet
86              Disable logging to stderr. Does not affect --verbose or --debug-
87              file or logging to syslog.
88
89       -v, --verbose
90              Verbose mode
91
92       -D, --debug-file=[debugfile]
93              Write debug information to given file
94
95       -V, --version
96              Display version information and exit
97
98       -h, --help
99              Display help and exit
100
101       -C, --separator=[char]
102              Separator for CSV created by 'list' operation (Default Value: ,)
103
104
105       --delay=[seconds]
106              Wait  X  seconds  before  fencing  is started (Default Value: 0)
107
108
109       --login-timeout=[seconds]
110              Wait X seconds for cmd prompt after  login  (Default  Value:  5)
111
112
113       --power-timeout=[seconds]
114              Test  X  seconds  for status change after ON/OFF (Default Value:
115              150)
116
117       --power-wait=[seconds]
118              Wait X seconds after issuing ON/OFF (Default Value: 0)
119
120       --shell-timeout=[seconds]
121              Wait X seconds for cmd prompt  after  issuing  command  (Default
122              Value: 3)
123
124       --retry-on=[attempts]
125              Count of attempts to retry power on (Default Value: 1)
126
127

ACTIONS

129
130
131       on     Power on machine.
132
133       off    Power off machine.
134
135       reboot Reboot machine.
136
137       status This returns the status of the plug/virtual machine.
138
139       list   List  available  plugs with aliases/virtual machines if there is
140              support for more then one device. Returns N/A otherwise.
141
142       list-status
143              List available plugs with  aliases/virtual  machines  and  their
144              power  state  if it can be obtained without additional commands.
145
146
147       monitor
148              Check the health of fence device
149
150       metadata
151              Display the XML metadata describing this resource.
152
153       manpage
154               The operational behavior of this is not known.
155
156       validate-all
157              Validate if all required parameters are entered.
158
159

STDIN PARAMETERS

161
162
163       action Fencing action (Default Value: reboot)
164
165       password
166              Authentication key Obsoletes: passwd
167
168       password_script
169              Script to run  to  retrieve  password  Obsoletes:  passwd_script
170
171
172       plug   Physical  plug  number  on  device,  UUID  or  identification of
173              machine This parameter is always required. Obsoletes: port
174
175
176       username
177              Application  ID  This  parameter  is always required. Obsoletes:
178              login
179
180       resourceGroup
181              Name of resource group. Metadata service is used if the value is
182              not provided.
183
184       tenantId
185              Id of Azure Active Directory tenant.
186
187       subscriptionId
188              Id  of  the  Azure subscription. Metadata service is used if the
189              value is not provided.
190
191       network_fencing
192              Use network fencing. See NOTE-section for  configuration.  Obso‐
193              letes: network-fencing
194
195       msi    Determines if Managed Service Identity should be used.
196
197       cloud  Name of the cloud you want to use.
198
199       quiet  Disable logging to stderr. Does not affect --verbose or --debug-
200              file or logging to syslog.
201
202       verbose
203              Verbose mode
204
205       debug_file
206              Write debug information to given file Obsoletes: debug
207
208       version
209              Display version information and exit
210
211       help   Display help and exit
212
213       separator
214              Separator for CSV created by 'list' operation (Default Value: ,)
215
216
217       delay  Wait  X  seconds  before  fencing  is started (Default Value: 0)
218
219
220       login_timeout
221              Wait X seconds for cmd prompt after  login  (Default  Value:  5)
222
223
224       power_timeout
225              Test  X  seconds  for status change after ON/OFF (Default Value:
226              150)
227
228       power_wait
229              Wait X seconds after issuing ON/OFF (Default Value: 0)
230
231       shell_timeout
232              Wait X seconds for cmd prompt  after  issuing  command  (Default
233              Value: 3)
234
235       retry_on
236              Count of attempts to retry power on (Default Value: 1)
237
238
239
240fence_azure_arm (Fence Agent)     2009-10-20                    FENCE_AGENT(8)