1
2FENCE_AGENT(8)              System Manager's Manual             FENCE_AGENT(8)
3
4
5

NAME

7       fence_azure_arm - Fence agent for Azure Resource Manager
8

DESCRIPTION

10       fence_azure_arm  is an I/O Fencing agent for Azure Resource Manager. It
11       uses Azure SDK for Python to connect to Azure.
12
13       For  instructions  to  setup   credentials   see:   https://docs.micro
14       soft.com/en-us/azure/azure-resource-manager/resource-group-create-ser‐
15       vice-principal-portal
16
17       Username and password are application ID and  authentication  key  from
18       "App registrations".
19
20       NOTE: NETWORK FENCING
21       Network  fencing requires an additional Subnet named "fence-subnet" for
22       the Virtual Network using a Network Security Group with  the  following
23       rules:
24       +-----------+-----+-------------------------+------+------+-----+-----+--------+
25       | DIRECTION | PRI | NAME                    | PORT | PROT | SRC | DST |
26       ACTION |
27       +-----------+-----+-------------------------+------+------+-----+-----+--------+
28       | Inbound   | 100 | FENCE_DENY_ALL_INBOUND  | Any  | Any  | Any | Any |
29       Deny   |
30       | Outbound  | 100 | FENCE_DENY_ALL_OUTBOUND | Any  | Any  | Any | Any |
31       Deny   |
32       +-----------+-----+-------------------------+------+------+-----+-----+--------+
33
34       When  using network fencing the reboot-action will cause a quick-return
35       once the network has been fenced (instead of waiting for the off-action
36       to  succeed).  It  will check the status during the monitor-action, and
37       request power-on when the shutdown operation is complete.
38
39       fence_azure_arm accepts options on the command line  as  well  as  from
40       stdin.  Fenced  sends parameters through stdin when it execs the agent.
41       fence_azure_arm can be run by itself with command line  options.   This
42       is useful for testing and for turning outlets on or off from scripts.
43
44       Vendor URL: http://www.microsoft.com
45

PARAMETERS

47
48
49       -o, --action=[action]
50              Fencing action (Default Value: reboot)
51
52       -p, --password=[authkey]
53              Authentication key
54
55       -S, --password-script=[script]
56              Script to run to retrieve password
57
58       -n, --plug=[id]
59              Physical  plug  number  on  device,  UUID  or  identification of
60              machine This parameter is always required.
61
62       -l, --username=[appid]
63              Application ID This parameter is always required.
64
65       --resourceGroup=[name]
66              Name of resource group. Metadata service is used if the value is
67              not provided.
68
69       --tenantId=[name]
70              Id of Azure Active Directory tenant.
71
72       --subscriptionId=[name]
73              Id  of  the  Azure subscription. Metadata service is used if the
74              value is not provided.
75
76       --network-fencing
77              Use network fencing. See NOTE-section for configuration.
78
79       --msi  Determines if Managed Service Identity should be used.
80
81       --cloud=[name]
82              Name of the cloud you want to use.
83
84       -q, --quiet
85              Disable logging to stderr. Does not affect --verbose or --debug-
86              file or logging to syslog.
87
88       -v, --verbose
89              Verbose mode
90
91       -D, --debug-file=[debugfile]
92              Write debug information to given file
93
94       -V, --version
95              Display version information and exit
96
97       -h, --help
98              Display help and exit
99
100       -C, --separator=[char]
101              Separator for CSV created by 'list' operation (Default Value: ,)
102
103
104       --delay=[seconds]
105              Wait X seconds before fencing  is  started  (Default  Value:  0)
106
107
108       --login-timeout=[seconds]
109              Wait  X  seconds  for  cmd prompt after login (Default Value: 5)
110
111
112       --power-timeout=[seconds]
113              Test X seconds for status change after  ON/OFF  (Default  Value:
114              150)
115
116       --power-wait=[seconds]
117              Wait X seconds after issuing ON/OFF (Default Value: 0)
118
119       --shell-timeout=[seconds]
120              Wait  X  seconds  for  cmd prompt after issuing command (Default
121              Value: 3)
122
123       --retry-on=[attempts]
124              Count of attempts to retry power on (Default Value: 1)
125
126

ACTIONS

128
129
130       on     Power on machine.
131
132       off    Power off machine.
133
134       reboot Reboot machine.
135
136       status This returns the status of the plug/virtual machine.
137
138       list   List available plugs with aliases/virtual machines if  there  is
139              support for more then one device. Returns N/A otherwise.
140
141       list-status
142              List  available  plugs  with  aliases/virtual machines and their
143              power state if it can be obtained without  additional  commands.
144
145
146       monitor
147              Check the health of fence device
148
149       metadata
150              Display the XML metadata describing this resource.
151
152       manpage
153               The operational behavior of this is not known.
154
155       validate-all
156              Validate if all required parameters are entered.
157
158

STDIN PARAMETERS

160
161
162       action Fencing action (Default Value: reboot)
163
164       password
165              Authentication key Obsoletes: passwd
166
167       password_script
168              Script  to  run  to  retrieve  password Obsoletes: passwd_script
169
170
171       plug   Physical plug  number  on  device,  UUID  or  identification  of
172              machine This parameter is always required. Obsoletes: port
173
174
175       username
176              Application ID This parameter  is  always  required.  Obsoletes:
177              login
178
179       resourceGroup
180              Name of resource group. Metadata service is used if the value is
181              not provided.
182
183       tenantId
184              Id of Azure Active Directory tenant.
185
186       subscriptionId
187              Id of the Azure subscription. Metadata service is  used  if  the
188              value is not provided.
189
190       network_fencing
191              Use  network  fencing. See NOTE-section for configuration. Obso‐
192              letes: network-fencing
193
194       msi    Determines if Managed Service Identity should be used.
195
196       cloud  Name of the cloud you want to use.
197
198       quiet  Disable logging to stderr. Does not affect --verbose or --debug-
199              file or logging to syslog.
200
201       verbose
202              Verbose mode
203
204       debug_file
205              Write debug information to given file Obsoletes: debug
206
207       version
208              Display version information and exit
209
210       help   Display help and exit
211
212       separator
213              Separator for CSV created by 'list' operation (Default Value: ,)
214
215
216       delay  Wait X seconds before fencing  is  started  (Default  Value:  0)
217
218
219       login_timeout
220              Wait  X  seconds  for  cmd prompt after login (Default Value: 5)
221
222
223       power_timeout
224              Test X seconds for status change after  ON/OFF  (Default  Value:
225              150)
226
227       power_wait
228              Wait X seconds after issuing ON/OFF (Default Value: 0)
229
230       shell_timeout
231              Wait  X  seconds  for  cmd prompt after issuing command (Default
232              Value: 3)
233
234       retry_on
235              Count of attempts to retry power on (Default Value: 1)
236
237
238
239fence_azure_arm (Fence Agent)     2009-10-20                    FENCE_AGENT(8)
Impressum