How to create a STONITH resource in Pacemaker

STONITH fencing protects clustered services from split-brain and data corruption by forcefully isolating a node that is no longer trustworthy.

Pacemaker implements fencing as a STONITH resource that calls an external fence agent (such as fence_ipmilan or fence_redfish) to power off, reboot, or otherwise block access to shared resources. The STONITH resource stores the device parameters and constrains which cluster nodes the device is allowed to fence through host mapping options such as pcmk_host_list.

Fencing configuration must match the physical environment, including management network reachability, device credentials, and correct mapping between cluster node names and fence targets. Incorrect settings can power-cycle the wrong system, while enabling fencing without working STONITH devices can prevent recovery because resource start is blocked when a fence action cannot complete.

1. Confirm the cluster node names used by Pacemaker for host mapping.

   $ sudo pcs status nodes
   Pacemaker Nodes:
    Online: node-01 node-02 node-03
    Standby:
    Standby with resource(s) running:
    Maintenance:
    Offline:
   Pacemaker Remote Nodes:
    Online:
    Standby:
    Standby with resource(s) running:
    Maintenance:
    Offline:

2. List available fence agents installed on the cluster node.

   $ sudo pcs stonith list | head -n 5
   apcmaster - APC MasterSwitch
   apcmastersnmp - APC MasterSwitch (SNMP)
   apcsmart - APCSmart
   baytech - BayTech power switch
   bladehpi - IBM BladeCenter (OpenHPI)

3. Display the supported parameters for the selected fence agent.

   $ sudo pcs stonith describe fence_dummy
   fence_dummy - Dummy fence agent
   
   fence_dummy
   
   Stonith options:
     random_sleep_range
       Description: Issue a sleep between 1 and X seconds. Used for testing.
       Type: string
     status_file
       Description: File with status
       Type: string
       Default: /tmp/fence_dummy.status
     type
       Description: Type of the dummy fence agent
       Type: string
       Default: file
   ##### snipped #####
   Default operations:
     monitor:
       interval=60s

4. Create a STONITH resource using fence_dummy for the first node.

   $ sudo pcs stonith create fence-dummy-node-01 fence_dummy pcmk_host_list="node-01" pcmk_host_check=static-list

   Most production environments require one STONITH resource per node because each management controller controls a single host, and typing passwd= on the command line can expose credentials in shell history.

   Incorrect fence settings can power-cycle the wrong system.

5. Create a matching STONITH resource for the next cluster node.

   $ sudo pcs stonith create fence-dummy-node-02 fence_dummy pcmk_host_list="node-02" pcmk_host_check=static-list

   Incorrect host mapping can fence the wrong target.

6. Repeat for any additional nodes in the cluster.

   $ sudo pcs stonith create fence-dummy-node-03 fence_dummy pcmk_host_list="node-03" pcmk_host_check=static-list

7. Enable fencing in cluster properties after functional STONITH resources exist for all nodes.

   $ sudo pcs property set stonith-enabled=true

   Enabling stonith-enabled without complete, working fencing coverage can block failover and keep resources stopped.

8. Verify the STONITH resources are registered.

   $ sudo pcs stonith status
     * fence-dummy-node-01	(stonith:fence_dummy):	 Started node-01
     * fence-dummy-node-02	(stonith:fence_dummy):	 Started node-02
     * fence-dummy-node-03	(stonith:fence_dummy):	 Started node-03

9. Confirm fencing is enabled in the cluster configuration.

   $ sudo pcs property config
   Cluster Properties: cib-bootstrap-options
     cluster-infrastructure=corosync
     cluster-name=clustername
     dc-version=2.1.6-6fdc9deea29
     have-watchdog=false
     last-lrm-refresh=1767240361
     no-quorum-policy=stop
     stonith-enabled=true