Page MenuHomeClusterLabs Projects
Files F3871612

fence_azure_arm.xml
No OneTemporary
Actions

fence_azure_arm.xml
View Options

<?xml version="1.0" ?>
<resource-agent name="fence_azure_arm" shortdesc="Fence agent for Azure Resource Manager" >
<longdesc>fence_azure_arm is a Power Fencing agent for Azure Resource Manager. It uses Azure SDK for Python to connect to Azure.
For instructions to setup credentials see: https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-create-service-principal-portal
Username and password are application ID and authentication key from "App registrations".
NOTE: NETWORK FENCING
Network fencing requires an additional Subnet named "fence-subnet" for the Virtual Network using a Network Security Group with the following rules:
+-----------+-----+-------------------------+------+------+-----+-----+--------+
| DIRECTION | PRI | NAME | PORT | PROT | SRC | DST | ACTION |
+-----------+-----+-------------------------+------+------+-----+-----+--------+
| Inbound | 100 | FENCE_DENY_ALL_INBOUND | Any | Any | Any | Any | Deny |
| Outbound | 100 | FENCE_DENY_ALL_OUTBOUND | Any | Any | Any | Any | Deny |
+-----------+-----+-------------------------+------+------+-----+-----+--------+
When using network fencing the reboot-action will cause a quick-return once the network has been fenced (instead of waiting for the off-action to succeed). It will check the status during the monitor-action, and request power-on when the shutdown operation is complete.</longdesc>
<vendor-url>http://www.microsoft.com</vendor-url>
<parameters>
<parameter name="action" unique="0" required="1">
<getopt mixed="-o, --action=[action]" />
<content type="string" default="reboot" />
<shortdesc lang="en">Fencing action</shortdesc>
</parameter>
<parameter name="login" unique="0" required="0" deprecated="1">
<getopt mixed="-l, --username=[appid]" />
<content type="string" />
<shortdesc lang="en">Application ID</shortdesc>
</parameter>
<parameter name="passwd" unique="0" required="0" deprecated="1">
<getopt mixed="-p, --password=[authkey]" />
<content type="string" />
<shortdesc lang="en">Authentication key</shortdesc>
</parameter>
<parameter name="passwd_script" unique="0" required="0" deprecated="1">
<getopt mixed="-S, --password-script=[script]" />
<content type="string" />
<shortdesc lang="en">Script to run to retrieve password</shortdesc>
</parameter>
<parameter name="password" unique="0" required="0" obsoletes="passwd">
<getopt mixed="-p, --password=[authkey]" />
<content type="string" />
<shortdesc lang="en">Authentication key</shortdesc>
</parameter>
<parameter name="password_script" unique="0" required="0" obsoletes="passwd_script">
<getopt mixed="-S, --password-script=[script]" />
<content type="string" />
<shortdesc lang="en">Script to run to retrieve password</shortdesc>
</parameter>
<parameter name="plug" unique="0" required="1" obsoletes="port">
<getopt mixed="-n, --plug=[id]" />
<content type="string" />
<shortdesc lang="en">Physical plug number on device, UUID or identification of machine</shortdesc>
</parameter>
<parameter name="port" unique="0" required="1" deprecated="1">
<getopt mixed="-n, --plug=[id]" />
<content type="string" />
<shortdesc lang="en">Physical plug number on device, UUID or identification of machine</shortdesc>
</parameter>
<parameter name="username" unique="0" required="0" obsoletes="login">
<getopt mixed="-l, --username=[appid]" />
<content type="string" />
<shortdesc lang="en">Application ID</shortdesc>
</parameter>
<parameter name="resourceGroup" unique="0" required="0">
<getopt mixed="--resourceGroup=[name]" />
<content type="string" />
<shortdesc lang="en">Name of resource group. Metadata service is used if the value is not provided.</shortdesc>
</parameter>
<parameter name="tenantId" unique="0" required="0">
<getopt mixed="--tenantId=[name]" />
<content type="string" />
<shortdesc lang="en">Id of Azure Active Directory tenant.</shortdesc>
</parameter>
<parameter name="subscriptionId" unique="0" required="0">
<getopt mixed="--subscriptionId=[name]" />
<content type="string" />
<shortdesc lang="en">Id of the Azure subscription. Metadata service is used if the value is not provided.</shortdesc>
</parameter>
<parameter name="network-fencing" unique="0" required="0" deprecated="1">
<getopt mixed="--network-fencing" />
<content type="boolean" />
<shortdesc lang="en">Use network fencing. See NOTE-section for configuration.</shortdesc>
</parameter>
<parameter name="network_fencing" unique="0" required="0" obsoletes="network-fencing">
<getopt mixed="--network-fencing" />
<content type="boolean" />
<shortdesc lang="en">Use network fencing. See NOTE-section for configuration.</shortdesc>
</parameter>
<parameter name="msi" unique="0" required="0">
<getopt mixed="--msi" />
<content type="boolean" />
<shortdesc lang="en">Determines if Managed Service Identity should be used.</shortdesc>
</parameter>
<parameter name="cloud" unique="0" required="0">
<getopt mixed="--cloud=[name]" />
<content type="string" />
<shortdesc lang="en">Name of the cloud you want to use.</shortdesc>
</parameter>
<parameter name="metadata-endpoint" unique="0" required="0" deprecated="1">
<getopt mixed="--metadata-endpoint=[URL]" />
<content type="string" />
<shortdesc lang="en">URL to metadata endpoint (used when cloud=stack).</shortdesc>
</parameter>
<parameter name="metadata_endpoint" unique="0" required="0" obsoletes="metadata-endpoint">
<getopt mixed="--metadata-endpoint=[URL]" />
<content type="string" />
<shortdesc lang="en">URL to metadata endpoint (used when cloud=stack).</shortdesc>
</parameter>
<parameter name="quiet" unique="0" required="0">
<getopt mixed="-q, --quiet" />
<content type="boolean" />
<shortdesc lang="en">Disable logging to stderr. Does not affect --verbose or --debug-file or logging to syslog.</shortdesc>
</parameter>
<parameter name="verbose" unique="0" required="0">
<getopt mixed="-v, --verbose" />
<content type="boolean" />
<shortdesc lang="en">Verbose mode. Multiple -v flags can be stacked on the command line (e.g., -vvv) to increase verbosity.</shortdesc>
</parameter>
<parameter name="verbose_level" unique="0" required="0">
<getopt mixed="--verbose-level" />
<content type="integer" />
<shortdesc lang="en">Level of debugging detail in output. Defaults to the number of --verbose flags specified on the command line, or to 1 if verbose=1 in a stonith device configuration (i.e., on stdin).</shortdesc>
</parameter>
<parameter name="debug" unique="0" required="0" deprecated="1">
<getopt mixed="-D, --debug-file=[debugfile]" />
<content type="string" />
<shortdesc lang="en">Write debug information to given file</shortdesc>
</parameter>
<parameter name="debug_file" unique="0" required="0" obsoletes="debug">
<getopt mixed="-D, --debug-file=[debugfile]" />
<shortdesc lang="en">Write debug information to given file</shortdesc>
</parameter>
<parameter name="version" unique="0" required="0">
<getopt mixed="-V, --version" />
<content type="boolean" />
<shortdesc lang="en">Display version information and exit</shortdesc>
</parameter>
<parameter name="help" unique="0" required="0">
<getopt mixed="-h, --help" />
<content type="boolean" />
<shortdesc lang="en">Display help and exit</shortdesc>
</parameter>
<parameter name="plug_separator" unique="0" required="0">
<getopt mixed="--plug-separator=[char]" />
<content type="string" default="," />
<shortdesc lang="en">Separator for plug parameter when specifying more than 1 plug</shortdesc>
</parameter>
<parameter name="separator" unique="0" required="0">
<getopt mixed="-C, --separator=[char]" />
<content type="string" default="," />
<shortdesc lang="en">Separator for CSV created by 'list' operation</shortdesc>
</parameter>
<parameter name="delay" unique="0" required="0">
<getopt mixed="--delay=[seconds]" />
<content type="second" default="0" />
<shortdesc lang="en">Wait X seconds before fencing is started</shortdesc>
</parameter>
<parameter name="disable_timeout" unique="0" required="0">
<getopt mixed="--disable-timeout=[true/false]" />
<content type="string" />
<shortdesc lang="en">Disable timeout (true/false) (default: true when run from Pacemaker 2.0+)</shortdesc>
</parameter>
<parameter name="login_timeout" unique="0" required="0">
<getopt mixed="--login-timeout=[seconds]" />
<content type="second" default="5" />
<shortdesc lang="en">Wait X seconds for cmd prompt after login</shortdesc>
</parameter>
<parameter name="power_timeout" unique="0" required="0">
<getopt mixed="--power-timeout=[seconds]" />
<content type="second" default="150" />
<shortdesc lang="en">Test X seconds for status change after ON/OFF</shortdesc>
</parameter>
<parameter name="power_wait" unique="0" required="0">
<getopt mixed="--power-wait=[seconds]" />
<content type="second" default="0" />
<shortdesc lang="en">Wait X seconds after issuing ON/OFF</shortdesc>
</parameter>
<parameter name="shell_timeout" unique="0" required="0">
<getopt mixed="--shell-timeout=[seconds]" />
<content type="second" default="3" />
<shortdesc lang="en">Wait X seconds for cmd prompt after issuing command</shortdesc>
</parameter>
<parameter name="stonith_status_sleep" unique="0" required="0">
<getopt mixed="--stonith-status-sleep=[seconds]" />
<content type="second" default="1" />
<shortdesc lang="en">Sleep X seconds between status calls during a STONITH action</shortdesc>
</parameter>
<parameter name="retry_on" unique="0" required="0">
<getopt mixed="--retry-on=[attempts]" />
<content type="integer" default="1" />
<shortdesc lang="en">Count of attempts to retry power on</shortdesc>
</parameter>
</parameters>
<actions>
<action name="on" automatic="0"/>
<action name="off" />
<action name="reboot" />
<action name="status" />
<action name="list" />
<action name="list-status" />
<action name="monitor" />
<action name="metadata" />
<action name="manpage" />
<action name="validate-all" />
</actions>
</resource-agent>

File Metadata

Mime Type
text/xml
Expires
Mon, May 12, 5:09 PM (22 h, 9 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
1746853
Default Alt Text
fence_azure_arm.xml (9 KB)

Event Timeline