1
2FENCE_AGENT(8)              System Manager's Manual             FENCE_AGENT(8)
3
4
5

NAME

7       fence_azure_arm - Fence agent for Azure Resource Manager
8

DESCRIPTION

10       fence_azure_arm  is an I/O Fencing agent for Azure Resource Manager. It
11       uses Azure SDK for Python to connect to Azure.
12
13       For  instructions  to  setup   credentials   see:   https://docs.micro
14       soft.com/en-us/azure/azure-resource-manager/resource-group-create-ser‐
15       vice-principal-portal
16
17       Username and password are application ID and  authentication  key  from
18       "App registrations".
19
20       NOTE: NETWORK FENCING
21       Network  fencing requires an additional Subnet named "fence-subnet" for
22       the Virtual Network using a Network Security Group with  the  following
23       rules:
24       +-----------+-----+-------------------------+------+------+-----+-----+--------+
25       | DIRECTION | PRI | NAME                    | PORT | PROT | SRC | DST |
26       ACTION |
27       +-----------+-----+-------------------------+------+------+-----+-----+--------+
28       | Inbound   | 100 | FENCE_DENY_ALL_INBOUND  | Any  | Any  | Any | Any |
29       Deny   |
30       | Outbound  | 100 | FENCE_DENY_ALL_OUTBOUND | Any  | Any  | Any | Any |
31       Deny   |
32       +-----------+-----+-------------------------+------+------+-----+-----+--------+
33
34       When  using network fencing the reboot-action will cause a quick-return
35       once the network has been fenced (instead of waiting for the off-action
36       to  succeed).  It  will check the status during the monitor-action, and
37       request power-on when the shutdown operation is complete.
38
39       fence_azure_arm accepts options on the command line  as  well  as  from
40       stdin.  Fenced  sends parameters through stdin when it execs the agent.
41       fence_azure_arm can be run by itself with command line  options.   This
42       is useful for testing and for turning outlets on or off from scripts.
43
44       Vendor URL: http://www.microsoft.com
45

PARAMETERS

47
48
49       -o, --action=[action]
50              Fencing action (Default Value: reboot)
51
52       -p, --password=[authkey]
53              Authentication key
54
55       -S, --password-script=[script]
56              Script to run to retrieve password
57
58       -n, --plug=[id]
59              Physical  plug  number  on device, UUID or identification of ma‐
60              chine This parameter is always required.
61
62       -l, --username=[appid]
63              Application ID
64
65       --resourceGroup=[name]
66              Name of resource group. Metadata service is used if the value is
67              not provided.
68
69       --tenantId=[name]
70              Id of Azure Active Directory tenant.
71
72       --subscriptionId=[name]
73              Id  of  the  Azure subscription. Metadata service is used if the
74              value is not provided.
75
76       --network-fencing
77              Use network fencing. See NOTE-section for configuration.
78
79       --msi  Determines if Managed Service Identity should be used.
80
81       --cloud=[name]
82              Name of the cloud you want to use.
83
84       -q, --quiet
85              Disable logging to stderr. Does not affect --verbose or --debug-
86              file or logging to syslog.
87
88       -v, --verbose
89              Verbose  mode.  Multiple  -v flags can be stacked on the command
90              line (e.g., -vvv) to increase verbosity.
91
92       --verbose-level
93              Level of debugging detail in output. Defaults to the  number  of
94              --verbose  flags  specified on the command line, or to 1 if ver‐
95              bose=1 in a  stonith  device  configuration  (i.e.,  on  stdin).
96
97
98       -D, --debug-file=[debugfile]
99              Write debug information to given file
100
101       -V, --version
102              Display version information and exit
103
104       -h, --help
105              Display help and exit
106
107       --plug-separator=[char]
108              Separator  for  plug  parameter when specifying more than 1 plug
109              (Default Value: ,)
110
111       -C, --separator=[char]
112              Separator for CSV created by 'list' operation (Default Value: ,)
113
114
115       --delay=[seconds]
116              Wait  X  seconds  before  fencing  is started (Default Value: 0)
117
118
119       --disable-timeout=[true/false]
120              Disable timeout (true/false) (default: true when run from  Pace‐
121              maker 2.0+)
122
123       --login-timeout=[seconds]
124              Wait  X  seconds  for  cmd prompt after login (Default Value: 5)
125
126
127       --power-timeout=[seconds]
128              Test X seconds for status change after  ON/OFF  (Default  Value:
129              150)
130
131       --power-wait=[seconds]
132              Wait X seconds after issuing ON/OFF (Default Value: 0)
133
134       --shell-timeout=[seconds]
135              Wait  X  seconds  for  cmd prompt after issuing command (Default
136              Value: 3)
137
138       --stonith-status-sleep=[seconds]
139              Sleep X seconds between status calls  during  a  STONITH  action
140              (Default Value: 1)
141
142       --retry-on=[attempts]
143              Count of attempts to retry power on (Default Value: 1)
144
145

ACTIONS

147
148
149       on     Power on machine.
150
151       off    Power off machine.
152
153       reboot Reboot machine.
154
155       status This returns the status of the plug/virtual machine.
156
157       list   List  available  plugs with aliases/virtual machines if there is
158              support for more then one device. Returns N/A otherwise.
159
160       list-status
161              List available plugs with  aliases/virtual  machines  and  their
162              power  state  if it can be obtained without additional commands.
163
164
165       monitor
166              Check the health of fence device
167
168       metadata
169              Display the XML metadata describing this resource.
170
171       manpage
172               The operational behavior of this is not known.
173
174       validate-all
175              Validate if all required parameters are entered.
176
177

STDIN PARAMETERS

179
180
181       action Fencing action (Default Value: reboot)
182
183       password
184              Authentication key Obsoletes: passwd
185
186       password_script
187              Script to run  to  retrieve  password  Obsoletes:  passwd_script
188
189
190       plug   Physical  plug  number  on device, UUID or identification of ma‐
191              chine This parameter is always required. Obsoletes:  port
192
193
194       username
195              Application ID Obsoletes: login
196
197       resourceGroup
198              Name of resource group. Metadata service is used if the value is
199              not provided.
200
201       tenantId
202              Id of Azure Active Directory tenant.
203
204       subscriptionId
205              Id of the Azure subscription. Metadata service is  used  if  the
206              value is not provided.
207
208       network_fencing
209              Use  network  fencing. See NOTE-section for configuration. Obso‐
210              letes: network-fencing
211
212       msi    Determines if Managed Service Identity should be used.
213
214       cloud  Name of the cloud you want to use.
215
216       quiet  Disable logging to stderr. Does not affect --verbose or --debug-
217              file or logging to syslog.
218
219       verbose
220              Verbose  mode.  Multiple  -v flags can be stacked on the command
221              line (e.g., -vvv) to increase verbosity.
222
223       verbose_level
224              Level of debugging detail in output. Defaults to the  number  of
225              --verbose  flags  specified on the command line, or to 1 if ver‐
226              bose=1 in a  stonith  device  configuration  (i.e.,  on  stdin).
227
228
229       debug_file
230              Write debug information to given file Obsoletes: debug
231
232       version
233              Display version information and exit
234
235       help   Display help and exit
236
237       plug_separator
238              Separator  for  plug  parameter when specifying more than 1 plug
239              (Default Value: ,)
240
241       separator
242              Separator for CSV created by 'list' operation (Default Value: ,)
243
244
245       delay  Wait  X  seconds  before  fencing  is started (Default Value: 0)
246
247
248       disable_timeout
249              Disable timeout (true/false) (default: true when run from  Pace‐
250              maker 2.0+)
251
252       login_timeout
253              Wait  X  seconds  for  cmd prompt after login (Default Value: 5)
254
255
256       power_timeout
257              Test X seconds for status change after  ON/OFF  (Default  Value:
258              150)
259
260       power_wait
261              Wait X seconds after issuing ON/OFF (Default Value: 0)
262
263       shell_timeout
264              Wait  X  seconds  for  cmd prompt after issuing command (Default
265              Value: 3)
266
267       stonith_status_sleep
268              Sleep X seconds between status calls  during  a  STONITH  action
269              (Default Value: 1)
270
271       retry_on
272              Count of attempts to retry power on (Default Value: 1)
273
274
275
276fence_azure_arm (Fence Agent)     2009-10-20                    FENCE_AGENT(8)
Impressum