[ClusterLabs] How to Fence Virtualbox VM with Windows 10 as host.

durwin at mgtsciences.com durwin at mgtsciences.com
Tue Jan 24 15:06:43 EST 2017

This is my first attempt at clustering, just so you know the level 
required to convey ideas.

I have Windows 10 running Virtualbox with 2 VMs running Fedora 25.  I have 
followed 'Pacemaker 1.1 Clusters from Scratch' 9th edition up through 
chapter 7.  It works.  I am uncertain as how to fence the VMs with Windows 
10 as host.  The output from 'pcs stonith describe fence_vbox' is below.

I have Cygwin installed with sshd configured and running.  I can remotely 
ssh into the Windows 10 machine.  I can add the keys from the machines 
into Windows authorized_keys so no user/password is required.  I however 
do not know which of the options are *required*.  Nor do I know what the 
options should be set to.  Some of the options *are* obvious.  If I use 
*only* required ones, ipaddr is obvious, login is obvious, but not sure 
what port is.  Would it be the name of the VM as Virtualbox knows it?

        ipaddr (required): IP address or hostname of fencing device
        login (required): Login name
        port (required): Physical plug number on device, UUID or 
identification of machine

Does the host require anything running on it to support the fence?  Do I 
require any other options in addition to 'required'?  How do I test it 
from a nodes commandline?

Thank you,


fc25> pcs stonith describe fence_vbox
fence_vbox - Fence agent for VirtualBox

fence_vbox is an I/O Fencing agent which can be used with the virtual 
machines managed by VirtualBox. It logs via ssh to a dom0 where it runs 
VBoxManage to do all of the work.
By default, vbox needs to log in as a user that is a member of the 
vboxusers group. Also, you must allow ssh login in your sshd_config.

Resource options:
  action: Fencing action WARNING: specifying 'action' is deprecated and 
not necessary with current Pacemaker versions
  cmd_prompt: Force Python regex for command prompt
  identity_file: Identity file (private key) for SSH
  inet4_only: Forces agent to use IPv4 addresses only
  inet6_only: Forces agent to use IPv6 addresses only
  ipaddr (required): IP address or hostname of fencing device
  ipport: TCP/UDP port to use for connection with device
  login (required): Login name
  passwd: Login password or passphrase
  passwd_script: Script to run to retrieve password
  port (required): Physical plug number on device, UUID or identification 
of machine
  secure: Use SSH connection
  ssh_options: SSH options to use
  separator: Separator for CSV created by 'list' operation
  delay: Wait X seconds before fencing is started
  login_timeout: Wait X seconds for cmd prompt after login
  missing_as_off: Missing port returns OFF instead of failure
  power_timeout: Test X seconds for status change after ON/OFF
  power_wait: Wait X seconds after issuing ON/OFF
  shell_timeout: Wait X seconds for cmd prompt after issuing command
  retry_on: Count of attempts to retry power on
  sudo: Use sudo (without password) when calling 3rd party software
  ssh_path: Path to ssh binary
  sudo_path: Path to sudo binary
  priority: The priority of the stonith resource. Devices are tried in 
order of highest priority to lowest.
  pcmk_host_map: A mapping of host names to ports numbers for devices that 
do not support host names. Eg. node1:1;node2:2,3 would tell the cluster to 
use port 1 for node1 and ports 2 and 3 for node2
  pcmk_host_list: A list of machines controlled by this device (Optional 
unless pcmk_host_check=static-list).
  pcmk_host_check: How to determine which machines are controlled by the 
device. Allowed values: dynamic-list (query the device), static-list 
(check the pcmk_host_list attribute), none (assume every device can fence 
every machine)
  pcmk_delay_max: Enable random delay for stonith actions and specify the 
maximum of random delay This prevents double fencing when using slow 
devices such as sbd. Use this to enable random delay for stonith actions 
and specify the maximum of random delay.
  pcmk_action_limit: The maximum number of actions can be performed in 
parallel on this device Pengine property concurrent-fencing=true needs to 
be configured first. Then use this to specify the maximum number of 
actions can be performed in parallel on this device. -1 is unlimited.

Durwin F. De La Rue
Management Sciences, Inc.
6022 Constitution Ave. NE
Albuquerque, NM  87110
Phone (505) 255-8611

This email message and any attachments are for the sole use of the 
intended recipient(s) and may contain proprietary and/or confidential 
information which may be privileged or otherwise protected from 
disclosure. Any unauthorized review, use, disclosure or distribution is 
prohibited. If you are not the intended recipient(s), please contact the 
sender by reply email and destroy the original message and any copies of 
the message as well as any attachments to the original message.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.clusterlabs.org/pipermail/users/attachments/20170124/33ef4f21/attachment-0002.html>

More information about the Users mailing list