# 列出所有可用的Fence代理
[root@ha-node1 ~]# pcs stonith list
fence_idrac
fence_ipmilan
fence_virt
fence_xvm
fence_vbox
fence_vmware_soap
fence_rhevm
fence_sanbox2
fence_bladecenter
fence_cisco_mds
fence_cisco_ucs
fence_drac5
fence_eaton_snmp
fence_emerson
fence_eps
fence_hds_cb
fence_hpblade
fence_ibmblade
fence_idrac
fence_ifmib
fence_ilo
fence_ilo2
fence_ilo3
fence_ilo4
fence_ilo5
fence_imm
fence_intelmodular
fence_ipdu
fence_ipmilan
fence_ironic
fence_kdump
fence_ldom
fence_lpar
fence_mpath
fence_netio
fence_ovh
fence_powerman
fence_pve
fence_raritan
fence_rcd_serial
fence_redfish
fence_rhevm
fence_rsa
fence_rsb
fence_sanbox2
fence_sbd
fence_scsi
fence_tripplite_snmp
fence_virsh
fence_virt
fence_vmware
fence_vmware_rest
fence_vmware_soap
fence_vmware_vcloud
fence_wti
fence_xenapi
fence_xvm
fence_zvmip

# 查看特定Fence代理信息
[root@ha-node1 ~]# pcs stonith describe fence_ipmilan
fence_ipmilan – Fence agent for IPMI

Description:
fence_ipmilan is an I/O Fencing agent which can be used with
machines controlled by IPMI. This agent calls supporfrom PG视频:www.itpux.comt software
ipmitool (http://ipmitool.sf.net/).

Parameters:
ipaddr: IPMI IP address
login: IPMI login name
passwd: IPMI password
auth: IPMI auth type (md5, password, none)
lanplus: Use IPMI lanplus
privlvl: IPMI privilege level
method: Method to fence (onoff, cycle)
power_wait: Wait X seconds after on/off
delay: Wait X seconds before fencing
action: Fencing action (reboot, off, on, status)
timeout: Timeout in seconds

# 创建IPMI Fence设备
[root@ha-node1 ~]# pcs stonith create ipmi_fence fence_ipmilan \
ipaddr=192.168.1.200 \
login=admin \
passwd=password \
pcmk_hostlist=”ha-node1 ha-node2″ \
op monitor interval=60s

Creating stonith device ‘ipmi_fence’…
* Check: ipmi_fence-fence_ipmilan
* Check: ipmi_fence-ipaddr=192.168.1.200
* Check: ipmi_fence-login=admin
* Check: ipmi_fence-passwd=password
* Check: ipmi_fence-pcmk_hostlist=ha-node1 ha-node2
Stonith device ‘ipmi_fence’ created

# 验证Fence设备
[root@ha-node1 ~]# pcs stonith show ipmi_fence
Resource: ipmi_fence (class=stonith type=fence_ipmilan)
Attributes: ipaddr=192.168.1.200 login=admin passwd=password pcmk_hostlist=ha-node1 ha-node2
Operations: monitor interval=60s (ipmi_fence-monitor-interval-60s)

# 启用stonith
[root@ha-node1 ~]# pcs property set stonith-enabled=true

# 验证设置
[root@ha-node1 ~]# pcs property list stonith-enabled
stonith-enabled: true

# 测试Fence设备状态
[root@ha-node1 ~]# pcs stonith fence ha-node2 –off
ha-node2: Successfully fenced

# 查看Fence状态
[root@ha-node1 ~]# pcs stonith status
ipmi_fence: Started ha-node1

# 查看节点状态
[root@ha-node1 ~]# pcs status nodes
Pacemaker Nodes:
Online: ha-node1
Standby:
Maintenance:
Offline: ha-node2

# 手动确认节点恢复
[root@ha-node1 ~]# pcs cluster start ha-node2
ha-node2: Starting Cluster (corosync)…
ha-node2: Starting Cluster (pacemaker)…

# 验证节点上线
[root@ha-node1 ~]# pcs status nodes
Pacemaker Nodes:
Online: ha-node1 ha-node2
Standby:
Maintenance:
Offline:

# 创建fence_virt设备
[root@ha-node1 ~]# pcs stonith create kvm_fence fence_virt \
pcmk_hostlist=”ha-node1 ha-node2″ \
pcmk_hostmap=”ha-node1:vm1;ha-node2:vm2″ \
op monitor interval=60s

Creating stonith device ‘kvm_fence’…
* Check: kvm_fence-fence_virt
* Check: kvm_fence-pcmk_hostlist=ha-node1 ha-node2
* Check: kvm_fence-pcmk_hostmap=ha-node1:vm1;ha-node2:vm2
Stonith device ‘kvm_fence’ created

# 验证Fence设备
[root@ha-node1 ~]# pcs stonith show kvm_fence
Resource: kvm_fence (class=stonith type=fence_virt)
Attributes: pcmk_hostlist=ha-node1 ha-node2 pcmk_hostmap=ha-node1:vm1;ha-node2:vm2
Operations: monitor interval=60s (kvm_fence-monitor-interval-60s)

# 配置fence_virt监听
[root@ha-node1 ~]# cat /etc/fence_virt.conf
listeners {
multicast {
port = “1229”;
family = “ipv4”;
interface = “virbr0”;
}
}

fence_virtd {
module_path = “/usr/lib64/fence-virt”;
backend = “libvirt”;
listener = “multicast”;
}

backends {
libvirt {
uri = “qemu:///system”;
}
}
更多学习教程公众号风哥教程itpux_com

# 创建VMware Fence设备
[root@ha-node1 ~]# pcs stonith create vmware_fence fence_vmware_soap \
ipaddr=vcenter.fgedu.net.cn \
login=administrator@vsphere.local \
passwd=VMware123! \
ssl_insecure=1 \
pcmk_hostlist=”ha-node1 ha-node2″ \
pcmk_hostmap=”ha-node1:vm-ha-node1;ha-node2:vm-ha-node2″ \
op monitor interval=60s

Creating stonith device ‘vmware_fence’…
* Check: vmware_fence-fence_vmware_soap
* Check: vmware_fence-ipaddr=vcenter.fgedu.net.cn
* Check: vmware_fence-login=administrator@vsphere.local
* Check: vmware_fence-passwd=VMware123!
* Check: vmware_fence-ssl_insecure=1
* Check: vmware_fence-pcmk_hostlist=ha-node1 ha-node2
* Check: vmware_fence-pcmk_hostmap=ha-node1:vm-ha-node1;ha-node2:vm-ha-node2
Stonith device ‘vmware_fence’ created

# 验证Fence设备
[root@ha-node1 ~]# pcs stonith show vmware_fence
Resource: vmware_fence (class=stonith type=fence_vmware_soap)
Attributes: ipaddr=vcenter.fgedu.net.cn login=administrator@vsphere.local passwd=VMware123! pcmk_hostlist=ha-node1 ha-node2 pcmk_hostmap=ha-node1:vm-ha-node1;更多视频教程www.fgedu.net.cnha-node2:vm-ha-node2 ssl_insecure=1
Operations: monitor interval=60s (vmware_fence-monitor-interval-60s)

# 查看当前Fence级别
[root@ha-node1 ~]# pcs stonith level
No fence levels configured

# 配置Fence级别（多Fence设备）
[root@ha-node1 ~]# pcs stonith level add 1 ha-node1 ipmi_fence
[root@ha-node1 ~]# pcs stonith level add 1 ha-node2 ipmi_fence
[root@ha-node1 ~]# pcs stonith level add 2 ha-node1 storage_fence
[root@ha-node1 ~]# pcs stonith level add 2 ha-node2 storage_fence

# 查看Fence级别
[root@ha-node1 ~]# pcs stonith level
Level 1
ha-node1: ipmi_fence
ha-node2: ipmi_fence
Level 2
ha-node1: storage_fence
ha-node2: storage_fence

# 删除Fence级别
[root@ha-node1 ~]# pcs stonith level remove 2 ha-node1

# 验证删除
[root@ha-node1 ~]# pcs stonith level
Level 1
ha-node1: ipmi_fence
ha-node2: ipmi_fence
Level 2
ha-node2: storage_fence

# 查看所有Fence设备
[root@ha-node1 ~]# pcs stonith show
ipmi_fence: Started ha-node1
kvm_fence: Started ha-node1

# 禁用Fence设备
[root@ha-node1 ~]# pcs stonith disable ipmi_fence

# 启用Fence设备
[root@ha-node1 ~]# pcs stonith enable ipmi_fence

# 删除Fence设备
[root@ha-node1 ~]# pcs stonith delete kvm_fence
Attempting to stop: kvm_fence… Stopped

# 验证删除
[root@ha-node1 ~]# pcs stonith show
ipmi_fence: Started ha-node1

# 清理Fence状态
[root@ha-node1 ~]# pcs stonith cleanup ipmi_fence
Cleaned up ipmi_fence on ha-node1
Cleaned up ipmi_fence on ha-node2