fence_azure_arm agent requires the powerOff permission
This document (000019730) is provided subject to the disclaimer at the end of this document.
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server in Microsoft Azure Cloud
This can result in a failed fence operation if the Azure service principal that a fence_azure_arm resource is configured to use does not have a permission to perform the powerOff action.
needs to be adjusted to have the following permission:
``` Microsoft.Compute/virtualMachines/powerOff/action ```The deallocate permission is no longer needed by the fence_azure_arm agent.
The former package implements the off action using the deallocate operation, while the latter uses the powerOff operation. Specifically, the change occurred in package version fence-agents-4.4.0+git.1558595666.5f79f9e9-3.5.1.
This means that when updating from previous SLES 12 versions, to SLES12-SP4 using fence-agents-4.4.0, the user also needs to *manually* update the Linux Fence Agent Role in Azure that they use with the fence_azure_arm agent. As such, the deallocate permission needs to be changed to powerOff.
For more details, see also :
This Support Knowledgebase provides a valuable tool for SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.
- Document ID:000019730
- Creation Date: 09-Oct-2020
- Modified Date:12-Oct-2020
- SUSE Linux Enterprise High Availability Extension
- SUSE Linux Enterprise Server
For questions or concerns with the SUSE Knowledgebase please contact: firstname.lastname@example.org