fence_azure_arm(8)

1
2FENCE_AGENT(8)              System Manager's Manual             FENCE_AGENT(8)
3
4
5

NAME

7       fence_azure_arm - Fence agent for Azure Resource Manager
8

DESCRIPTION

10       fence_azure_arm  is an I/O Fencing agent for Azure Resource Manager. It
11       uses Azure SDK for Python to connect to Azure.
12
13       For  instructions  to  setup   credentials   see:   https://docs.micro‐
14       soft.com/en-us/azure/azure-resource-manager/resource-group-create-ser‐
15       vice-principal-portal
16
17       Username and password are application ID and  authentication  key  from
18       "App registrations".
19
20       NOTE: NETWORK FENCING
21       Network  fencing requires an additional Subnet named "fence-subnet" for
22       the Virtual Network using a Network Security Group with  the  following
23       rules:
24       +-----------+-----+-------------------------+------+------+-----+-----+--------+
25       | DIRECTION | PRI | NAME                    | PORT | PROT | SRC | DST |
26       ACTION |
27       +-----------+-----+-------------------------+------+------+-----+-----+--------+
28       | Inbound   | 100 | FENCE_DENY_ALL_INBOUND  | Any  | Any  | Any | Any |
29       Deny   |
30       | Outbound  | 100 | FENCE_DENY_ALL_OUTBOUND | Any  | Any  | Any | Any |
31       Deny   |
32       +-----------+-----+-------------------------+------+------+-----+-----+--------+
33
34       When  using network fencing the reboot-action will cause a quick-return
35       once the network has been fenced (instead of waiting for the off-action
36       to  succeed).  It  will check the status during the monitor-action, and
37       request power-on when the shutdown operation is complete.
38
39       fence_azure_arm accepts options on the command line  as  well  as  from
40       stdin.  Fenced  sends parameters through stdin when it execs the agent.
41       fence_azure_arm can be run by itself with command line  options.   This
42       is useful for testing and for turning outlets on or off from scripts.
43
44       Vendor URL: http://www.microsoft.com
45

PARAMETERS

47
48
49       -o, --action=[action]
50              Fencing action (Default Value: reboot)
51
52       -p, --password=[authkey]
53              Authentication key
54
55       -S, --password-script=[script]
56              Script to run to retrieve password
57
58       -n, --plug=[id]
59              Physical  plug  number  on  device,  UUID  or  identification of
60              machine This parameter is always required.
61
62       -l, --username=[appid]
63              Application ID
64
65       --resourceGroup=[name]
66              Name of resource group. Metadata service is used if the value is
67              not provided.
68
69       --tenantId=[name]
70              Id of Azure Active Directory tenant.
71
72       --subscriptionId=[name]
73              Id  of  the  Azure subscription. Metadata service is used if the
74              value is not provided.
75
76       --network-fencing
77              Use network fencing. See NOTE-section for configuration.
78
79       --msi  Determines if Managed Service Identity should be used.
80
81       --cloud=[name]
82              Name of the cloud you want to use.
83
84       -q, --quiet
85              Disable logging to stderr. Does not affect --verbose or --debug-
86              file or logging to syslog.
87
88       -v, --verbose
89              Verbose  mode.  Multiple  -v flags can be stacked on the command
90              line (e.g., -vvv) to increase verbosity.
91
92       --verbose-level
93              Level of debugging detail in output. Defaults to the  number  of
94              --verbose  flags  specified on the command line, or to 1 if ver‐
95              bose=1 in a  stonith  device  configuration  (i.e.,  on  stdin).
96
97
98       -D, --debug-file=[debugfile]
99              Write debug information to given file
100
101       -V, --version
102              Display version information and exit
103
104       -h, --help
105              Display help and exit
106
107       -C, --separator=[char]
108              Separator for CSV created by 'list' operation (Default Value: ,)
109
110
111       --delay=[seconds]
112              Wait X seconds before fencing  is  started  (Default  Value:  0)
113
114
115       --disable-timeout=[true/false]
116              Disable  timeout (true/false) (default: true when run from Pace‐
117              maker 2.0+)
118
119       --login-timeout=[seconds]
120              Wait X seconds for cmd prompt after  login  (Default  Value:  5)
121
122
123       --power-timeout=[seconds]
124              Test  X  seconds  for status change after ON/OFF (Default Value:
125              150)
126
127       --power-wait=[seconds]
128              Wait X seconds after issuing ON/OFF (Default Value: 0)
129
130       --shell-timeout=[seconds]
131              Wait X seconds for cmd prompt  after  issuing  command  (Default
132              Value: 3)
133
134       --retry-on=[attempts]
135              Count of attempts to retry power on (Default Value: 1)
136
137

ACTIONS

139
140
141       on     Power on machine.
142
143       off    Power off machine.
144
145       reboot Reboot machine.
146
147       status This returns the status of the plug/virtual machine.
148
149       list   List  available  plugs with aliases/virtual machines if there is
150              support for more then one device. Returns N/A otherwise.
151
152       list-status
153              List available plugs with  aliases/virtual  machines  and  their
154              power  state  if it can be obtained without additional commands.
155
156
157       monitor
158              Check the health of fence device
159
160       metadata
161              Display the XML metadata describing this resource.
162
163       manpage
164               The operational behavior of this is not known.
165
166       validate-all
167              Validate if all required parameters are entered.
168
169

STDIN PARAMETERS

171
172
173       action Fencing action (Default Value: reboot)
174
175       password
176              Authentication key Obsoletes: passwd
177
178       password_script
179              Script to run  to  retrieve  password  Obsoletes:  passwd_script
180
181
182       plug   Physical  plug  number  on  device,  UUID  or  identification of
183              machine This parameter is always required. Obsoletes: port
184
185
186       username
187              Application ID Obsoletes: login
188
189       resourceGroup
190              Name of resource group. Metadata service is used if the value is
191              not provided.
192
193       tenantId
194              Id of Azure Active Directory tenant.
195
196       subscriptionId
197              Id of the Azure subscription. Metadata service is  used  if  the
198              value is not provided.
199
200       network_fencing
201              Use  network  fencing. See NOTE-section for configuration. Obso‐
202              letes: network-fencing
203
204       msi    Determines if Managed Service Identity should be used.
205
206       cloud  Name of the cloud you want to use.
207
208       quiet  Disable logging to stderr. Does not affect --verbose or --debug-
209              file or logging to syslog.
210
211       verbose
212              Verbose  mode.  Multiple  -v flags can be stacked on the command
213              line (e.g., -vvv) to increase verbosity.
214
215       verbose_level
216              Level of debugging detail in output. Defaults to the  number  of
217              --verbose  flags  specified on the command line, or to 1 if ver‐
218              bose=1 in a  stonith  device  configuration  (i.e.,  on  stdin).
219
220
221       debug_file
222              Write debug information to given file Obsoletes: debug
223
224       version
225              Display version information and exit
226
227       help   Display help and exit
228
229       separator
230              Separator for CSV created by 'list' operation (Default Value: ,)
231
232
233       delay  Wait X seconds before fencing  is  started  (Default  Value:  0)
234
235
236       disable_timeout
237              Disable  timeout (true/false) (default: true when run from Pace‐
238              maker 2.0+)
239
240       login_timeout
241              Wait X seconds for cmd prompt after  login  (Default  Value:  5)
242
243
244       power_timeout
245              Test  X  seconds  for status change after ON/OFF (Default Value:
246              150)
247
248       power_wait
249              Wait X seconds after issuing ON/OFF (Default Value: 0)
250
251       shell_timeout
252              Wait X seconds for cmd prompt  after  issuing  command  (Default
253              Value: 3)
254
255       retry_on
256              Count of attempts to retry power on (Default Value: 1)
257
258
259
260fence_azure_arm (Fence Agent)     2009-10-20                    FENCE_AGENT(8)