search

ClusterLabs / fence-agents

Fence agents
101 stars 155 forks source link

fence_azure_arm -msi option worked in this test #567

Closed IME-git closed 7 months ago

IME-git commented 7 months ago

I added the Linux Fence Agent Role to the VM and fence_azure_arm command works from the command line.

Note that you do not need to add the subscription id or any other info from the command line. So, when you add the Role to allow fencing in the VM, it simplifies the usage. This is on a RHEL 9.3 OS image.

AZ_GRP_ID=az group show -n ${MYGRP} --query id --output tsv 2>/dev/null

VM_MSI_ID=az vm identity show --name ${VM_HOSTNAME} -g ${MYGRP} --query 'principalId' --output tsv 2>/dev/null

az role assignment create --role "Linux Fence Agent Role" --assignee-object-id "${VM_MSI_ID}" --scope ${AZ_GRP_ID}

[root@r9p2clazpn1 azureuser]# fence_azure_arm --resourceGroup MYGRP -msi -n r9p2clazpn1 -o list r9p2clazpn1, r9p2clazpn2, [root@r9p2clazpn1 azureuser]# fence_azure_arm --resourceGroup MYGRP --msi -n r9p2clazpn2 -o list r9p2clazpn1, r9p2clazpn2,

[azureuser@r9p2clazpn1 ~]$ sudo pcs stonith config vmfence1 Resource: vmfence1 (class=stonith type=fence_azure_arm) Attributes: vmfence1-instance_attributes msi=true pcmk_action_limit=3 pcmk_delay_max=15 pcmk_host_list=r9p2clazpn1 pcmk_host_map=r9p2clazpn1: pcmk_monitor_retries=4 pcmk_monitor_timeout=120 pcmk_reboot_timeout=900 power_timeout=240 resourceGroup=MYGRP Operations: monitor: vmfence1-monitor-interval-3600 interval=3600

[azureuser@r9p2clazpn1 ~]$ sudo pcs status Cluster name: r9p2clazp Cluster Summary:

Node List:

Full List of Resources:

Daemon Status: corosync: active/enabled pacemaker: active/enabled pcsd: active/enabled

[azureuser@r9p2clazpn1 ~]$ rpm -qa|grep fence|sort fence-agents-azure-arm-4.10.0-55.el9.x86_64 fence-agents-common-4.10.0-55.el9.noarch