fence_azure_arm(8)

1
2FENCE_AGENT(8)              System Manager's Manual             FENCE_AGENT(8)
3
4
5

NAME

7       fence_azure_arm - Fence agent for Azure Resource Manager
8

DESCRIPTION

10       fence_azure_arm  is an I/O Fencing agent for Azure Resource Manager. It
11       uses Azure SDK for Python to connect to Azure.
12
13       For  instructions  to  setup   credentials   see:   https://docs.micro‐
14       soft.com/en-us/azure/azure-resource-manager/resource-group-create-ser‐
15       vice-principal-portal
16
17       Username and password are application ID and  authentication  key  from
18       "App registrations".
19
20       NOTE: NETWORK FENCING
21       Network  fencing requires an additional Subnet named "fence-subnet" for
22       the Virtual Network using a Network Security Group with  the  following
23       rules:
24       +-----------+-----+-------------------------+------+------+-----+-----+--------+
25       | DIRECTION | PRI | NAME                    | PORT | PROT | SRC | DST |
26       ACTION |
27       +-----------+-----+-------------------------+------+------+-----+-----+--------+
28       | Inbound   | 100 | FENCE_DENY_ALL_INBOUND  | Any  | Any  | Any | Any |
29       Deny   |
30       | Outbound  | 100 | FENCE_DENY_ALL_OUTBOUND | Any  | Any  | Any | Any |
31       Deny   |
32       +-----------+-----+-------------------------+------+------+-----+-----+--------+
33
34       When  using network fencing the reboot-action will cause a quick-return
35       once the network has been fenced (instead of waiting for the off-action
36       to  succeed).  It  will check the status during the monitor-action, and
37       request power-on when the shutdown operation is complete.
38
39       fence_azure_arm accepts options on the command line  as  well  as  from
40       stdin.  Fenced  sends parameters through stdin when it execs the agent.
41       fence_azure_arm can be run by itself with command line  options.   This
42       is useful for testing and for turning outlets on or off from scripts.
43
44       Vendor URL: http://www.microsoft.com
45

PARAMETERS

47
48
49       -o, --action=[action]
50              Fencing action (Default Value: reboot)
51
52       -p, --password=[authkey]
53              Authentication key
54
55       -S, --password-script=[script]
56              Script to run to retrieve password
57
58       -n, --plug=[id]
59              Physical  plug  number  on device, UUID or identification of ma‐
60              chine This parameter is always required.
61
62       -l, --username=[appid]
63              Application ID
64
65       --resourceGroup=[name]
66              Name of resource group. Metadata service is used if the value is
67              not provided.
68
69       --tenantId=[name]
70              Id of Azure Active Directory tenant.
71
72       --subscriptionId=[name]
73              Id  of  the  Azure subscription. Metadata service is used if the
74              value is not provided.
75
76       --network-fencing
77              Use network fencing. See NOTE-section for configuration.
78
79       --msi  Determines if Managed Service Identity should be used.
80
81       --cloud=[name]
82              Name of the cloud you want to use.
83
84       -q, --quiet
85              Disable logging to stderr. Does not affect --verbose or --debug-
86              file or logging to syslog.
87
88       -v, --verbose
89              Verbose  mode.  Multiple  -v flags can be stacked on the command
90              line (e.g., -vvv) to increase verbosity.
91
92       --verbose-level
93              Level of debugging detail in output. Defaults to the  number  of
94              --verbose  flags  specified on the command line, or to 1 if ver‐
95              bose=1 in a  stonith  device  configuration  (i.e.,  on  stdin).
96
97
98       -D, --debug-file=[debugfile]
99              Write debug information to given file
100
101       -V, --version
102              Display version information and exit
103
104       -h, --help
105              Display help and exit
106
107       -C, --separator=[char]
108              Separator for CSV created by 'list' operation (Default Value: ,)
109
110
111       --delay=[seconds]
112              Wait X seconds before fencing  is  started  (Default  Value:  0)
113
114
115       --disable-timeout=[true/false]
116              Disable  timeout (true/false) (default: true when run from Pace‐
117              maker 2.0+)
118
119       --login-timeout=[seconds]
120              Wait X seconds for cmd prompt after  login  (Default  Value:  5)
121
122
123       --power-timeout=[seconds]
124              Test  X  seconds  for status change after ON/OFF (Default Value:
125              150)
126
127       --power-wait=[seconds]
128              Wait X seconds after issuing ON/OFF (Default Value: 0)
129
130       --shell-timeout=[seconds]
131              Wait X seconds for cmd prompt  after  issuing  command  (Default
132              Value: 3)
133
134       --stonith-status-sleep=[seconds]
135              Sleep  X  seconds  between  status calls during a STONITH action
136              (Default Value: 1)
137
138       --retry-on=[attempts]
139              Count of attempts to retry power on (Default Value: 1)
140
141

ACTIONS

143
144
145       on     Power on machine.
146
147       off    Power off machine.
148
149       reboot Reboot machine.
150
151       status This returns the status of the plug/virtual machine.
152
153       list   List available plugs with aliases/virtual machines if  there  is
154              support for more then one device. Returns N/A otherwise.
155
156       list-status
157              List  available  plugs  with  aliases/virtual machines and their
158              power state if it can be obtained without  additional  commands.
159
160
161       monitor
162              Check the health of fence device
163
164       metadata
165              Display the XML metadata describing this resource.
166
167       manpage
168               The operational behavior of this is not known.
169
170       validate-all
171              Validate if all required parameters are entered.
172
173

STDIN PARAMETERS

175
176
177       action Fencing action (Default Value: reboot)
178
179       password
180              Authentication key Obsoletes: passwd
181
182       password_script
183              Script  to  run  to  retrieve  password Obsoletes: passwd_script
184
185
186       plug   Physical plug number on device, UUID or  identification  of  ma‐
187              chine  This  parameter is always required. Obsoletes: port
188
189
190       username
191              Application ID Obsoletes: login
192
193       resourceGroup
194              Name of resource group. Metadata service is used if the value is
195              not provided.
196
197       tenantId
198              Id of Azure Active Directory tenant.
199
200       subscriptionId
201              Id  of  the  Azure subscription. Metadata service is used if the
202              value is not provided.
203
204       network_fencing
205              Use network fencing. See NOTE-section for  configuration.  Obso‐
206              letes: network-fencing
207
208       msi    Determines if Managed Service Identity should be used.
209
210       cloud  Name of the cloud you want to use.
211
212       quiet  Disable logging to stderr. Does not affect --verbose or --debug-
213              file or logging to syslog.
214
215       verbose
216              Verbose mode. Multiple -v flags can be stacked  on  the  command
217              line (e.g., -vvv) to increase verbosity.
218
219       verbose_level
220              Level  of  debugging detail in output. Defaults to the number of
221              --verbose flags specified on the command line, or to 1  if  ver‐
222              bose=1  in  a  stonith  device  configuration  (i.e., on stdin).
223
224
225       debug_file
226              Write debug information to given file Obsoletes: debug
227
228       version
229              Display version information and exit
230
231       help   Display help and exit
232
233       separator
234              Separator for CSV created by 'list' operation (Default Value: ,)
235
236
237       delay  Wait  X  seconds  before  fencing  is started (Default Value: 0)
238
239
240       disable_timeout
241              Disable timeout (true/false) (default: true when run from  Pace‐
242              maker 2.0+)
243
244       login_timeout
245              Wait  X  seconds  for  cmd prompt after login (Default Value: 5)
246
247
248       power_timeout
249              Test X seconds for status change after  ON/OFF  (Default  Value:
250              150)
251
252       power_wait
253              Wait X seconds after issuing ON/OFF (Default Value: 0)
254
255       shell_timeout
256              Wait  X  seconds  for  cmd prompt after issuing command (Default
257              Value: 3)
258
259       stonith_status_sleep
260              Sleep X seconds between status calls  during  a  STONITH  action
261              (Default Value: 1)
262
263       retry_on
264              Count of attempts to retry power on (Default Value: 1)
265
266
267
268fence_azure_arm (Fence Agent)     2009-10-20                    FENCE_AGENT(8)