fence_azure_arm is an I/O Fencing agent for Azure Resource Manager. It uses Azure SDK for Python to connect to Azure. For instructions to setup credentials see: https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-create-service-principal-portal Username and password are application ID and authentication key from "App registrations". NOTE: NETWORK FENCING Network fencing requires an additional Subnet named "fence-subnet" for the Virtual Network using a Network Security Group with the following rules: +-----------+-----+-------------------------+------+------+-----+-----+--------+ | DIRECTION | PRI | NAME | PORT | PROT | SRC | DST | ACTION | +-----------+-----+-------------------------+------+------+-----+-----+--------+ | Inbound | 100 | FENCE_DENY_ALL_INBOUND | Any | Any | Any | Any | Deny | | Outbound | 100 | FENCE_DENY_ALL_OUTBOUND | Any | Any | Any | Any | Deny | +-----------+-----+-------------------------+------+------+-----+-----+--------+ When using network fencing the reboot-action will cause a quick-return once the network has been fenced (instead of waiting for the off-action to succeed). It will check the status during the monitor-action, and request power-on when the shutdown operation is complete. http://www.microsoft.com Fencing action Application ID Authentication key Script to run to retrieve password Authentication key Script to run to retrieve password Physical plug number on device, UUID or identification of machine Physical plug number on device, UUID or identification of machine Application ID Name of resource group. Metadata service is used if the value is not provided. Id of Azure Active Directory tenant. Id of the Azure subscription. Metadata service is used if the value is not provided. Use network fencing. See NOTE-section for configuration. Use network fencing. See NOTE-section for configuration. Determines if Managed Service Identity should be used. Name of the cloud you want to use. Disable logging to stderr. Does not affect --verbose or --debug-file or logging to syslog. Verbose mode. Multiple -v flags can be stacked on the command line (e.g., -vvv) to increase verbosity. Level of debugging detail in output. Defaults to the number of --verbose flags specified on the command line, or to 1 if verbose=1 in a stonith device configuration (i.e., on stdin). Write debug information to given file Write debug information to given file Display version information and exit Display help and exit Separator for plug parameter when specifying more than 1 plug Separator for CSV created by 'list' operation Wait X seconds before fencing is started Disable timeout (true/false) (default: true when run from Pacemaker 2.0+) Wait X seconds for cmd prompt after login Test X seconds for status change after ON/OFF Wait X seconds after issuing ON/OFF Wait X seconds for cmd prompt after issuing command Sleep X seconds between status calls during a STONITH action Count of attempts to retry power on