How to create a STONITH resource in Pacemaker

STONITH fencing protects clustered services from split-brain and data corruption by forcefully isolating a node that is no longer trustworthy.

Pacemaker implements fencing as a STONITH resource that calls an external fence agent (such as fence_ipmilan or fence_redfish) to power off, reboot, or otherwise block access to shared resources. The STONITH resource stores the device parameters and constrains which cluster nodes the device is allowed to fence through host mapping options such as pcmk_host_list.

Fencing configuration must match the physical environment, including management network reachability, device credentials, and correct mapping between cluster node names and fence targets. Incorrect settings can power-cycle the wrong system, while enabling fencing without working STONITH devices can prevent recovery because resource start is blocked when a fence action cannot complete.

Related: How to create a Pacemaker cluster
Related: How to back up Pacemaker cluster configuration

Steps to create a STONITH resource in Pacemaker:

  1. Confirm the cluster node names used by Pacemaker for host mapping. 
    $ sudo pcs status nodes
Pacemaker Nodes:
 Online: node-01 node-02 node-03
 Standby:
 Standby with resource(s) running:
 Maintenance:
 Offline:
Pacemaker Remote Nodes:
 Online:
 Standby:
 Standby with resource(s) running:
 Maintenance:
 Offline:
  2. List available fence agents installed on the cluster node. 
    $ sudo pcs stonith list | head -n 5
apcmaster - APC MasterSwitch
apcmastersnmp - APC MasterSwitch (SNMP)
apcsmart - APCSmart
baytech - BayTech power switch
bladehpi - IBM BladeCenter (OpenHPI)
  3. Display the supported parameters for the selected fence agent. 
    $ sudo pcs stonith describe fence_dummy
fence_dummy - Dummy fence agent

fence_dummy

Stonith options:
  random_sleep_range
    Description: Issue a sleep between 1 and X seconds. Used for testing.
    Type: string
  status_file
    Description: File with status
    Type: string
    Default: /tmp/fence_dummy.status
  type
    Description: Type of the dummy fence agent
    Type: string
    Default: file
##### snipped #####
Default operations:
  monitor:
    interval=60s
  4. Create a STONITH resource using fence_dummy for the first node. 
    $ sudo pcs stonith create fence-dummy-node-01 fence_dummy pcmk_host_list="node-01" pcmk_host_check=static-list

    Most production environments require one STONITH resource per node because each management controller controls a single host, and typing passwd= on the command line can expose credentials in shell history.

    Incorrect fence settings can power-cycle the wrong system.

  5. Create a matching STONITH resource for the next cluster node. 
    $ sudo pcs stonith create fence-dummy-node-02 fence_dummy pcmk_host_list="node-02" pcmk_host_check=static-list

    Incorrect host mapping can fence the wrong target.

  6. Repeat for any additional nodes in the cluster. 
    $ sudo pcs stonith create fence-dummy-node-03 fence_dummy pcmk_host_list="node-03" pcmk_host_check=static-list
  7. Enable fencing in cluster properties after functional STONITH resources exist for all nodes. 
    $ sudo pcs property set stonith-enabled=true

    Enabling stonith-enabled without complete, working fencing coverage can block failover and keep resources stopped.

  8. Verify the STONITH resources are registered. 
    $ sudo pcs stonith status
  * fence-dummy-node-01	(stonith:fence_dummy):	 Started node-01
  * fence-dummy-node-02	(stonith:fence_dummy):	 Started node-02
  * fence-dummy-node-03	(stonith:fence_dummy):	 Started node-03
  9. Confirm fencing is enabled in the cluster configuration. 
    $ sudo pcs property config
Cluster Properties: cib-bootstrap-options
  cluster-infrastructure=corosync
  cluster-name=clustername
  dc-version=2.1.6-6fdc9deea29
  have-watchdog=false
  last-lrm-refresh=1767240361
  no-quorum-policy=stop
  stonith-enabled=true