How to configure fence agent "fence_ilo*_ssh" with pacemaker in a RHEL High Availability cluster with Pacemaker

Solution Verified - Updated 14 Jun 2024

Environment

Red Hat Enterprise Linux Server 6, 7, 8, and 9 (with the High Availability Add on)
Pacemaker
fence_ilo_ssh
fence_ilo3_ssh
fence_ilo4_ssh
fence_ilo5_ssh

Issue

How to configure fence agent fence_ilo*_ssh with pacemaker in a RHEL High Availability cluster with Pacemaker

Resolution

The fence_ilo*_ssh version implemented will be dependent on the HPE Integrated Lights Out ( iLO ) version attached to the server. If more assistance is needed for identifying the iLO version please reach out to HP for assistance.

The same steps for configuring the pacemaker stonith device are used for all fence_ilo*_ssh versions. In order to configure a fence_ilo4_ssh stonith device for fencing a server using a iLO 4 device, use the below command:

$ pcs stonith create fence_node1_ilo fence_ilo4_ssh secure=true pcmk_host_list="<first node name>" ipaddr="<iLO IP for node 1>" login="<iLO login>" passwd="<iLO password>"  op monitor interval=60s

# The second device is given a 10s delay to avoid a fence reace:
$ pcs stonith create fence_node2_ilo fence_ilo4_ssh secure=true pcmk_host_list="<second node name>" ipaddr="<iLO IP for node 2>" login="<iLO login>" passwd="<iLO password>" delay=10 op monitor interval=60s

Please also see below documentation:

Diagnostic Steps

Before actual fencing is configured, make sure that the command similar to following succeeds :

$ fence_ilo4_ssh -a <iLO ip address> -x -l <login> -p <password> -o monitor

SBR

Clusterha

Product(s)

Red Hat Enterprise Linux

Components

cluster

Category

Troubleshoot

Tags

This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.