InfoScale™ 9.0 Cluster Server Bundled Agents Reference Guide - Linux
- Introducing bundled agents
- Storage agents
- About the storage agents
- DiskGroup agent
- DiskGroupSnap agent
- Dependencies for DiskGroupSnap agent
- Agent functions for DiskGroupSnap agent
- State definitions for DiskGroupSnap agent
- Attributes for DiskGroupSnap agent
- Notes for DiskGroupSnap agent
- Resource type definition for DiskGroupSnap agent
- Sample configurations for DiskGroupSnap agent
- Debug log levels for DiskGroupSnap agent
- Volume agent
- VolumeSet agent
- Dependencies for VolumeSet agent
- Agent functions for VolumeSet agent
- State definitions for VolumeSet agent
- Attributes for VolumeSet agent
- Resource type definition for VolumeSet agent
- Sample configurations for VolumeSet agent
- Agent notes for VolumeSet agent
- Inaccessible volumes prevent the VolumeSet agent from coming online
- Debug log levels for VolumeSet agent
- LVMLogicalVolume agent
- LVMVolumeGroup agent
- Dependencies for LVMVolumeGroup agent
- Agent functions for LVMVolumeGroup agent
- State definitions for LVMVolumeGroup agent
- Attributes for LVMVolumeGroup agent
- Resource type definition for LVMVolumeGroup agent
- LVMVolumeGroup agent notes
- Sample configurations for LVMVolumeGroup agent
- Debug log levels for LVMVolumeGroup agent
- Mount agent
- IMF awareness
- Dependencies for Mount agent
- Agent functions for Mount agent
- State definitions for Mount agent
- Attributes for Mount agent
- Resource type definition for Mount agent
- Notes for Mount agent
- Support for spaces in directory names
- Support for multiple bindfs
- High availability fire drill
- VxFS file system lock
- IMF usage notes
- Enabling Level two monitoring for the Mount agent
- RHEL 7 and RHEL 8: NFS file system version
- RHEL 7 and RHEl 8: Configuring bind mounts
- Support for Amazon EFS
- Sample configurations for Mount agent
- Debug log levels for Mount agent
- Mount agent limitations
- VMwareDisks agent
- SFCache agent
- AWS EBSVol agent
- AzureDisk agent
- GoogleDisk agent
- Network agents
- About the network agents
- IP agent
- NIC agent
- Dependencies for NIC agent
- Bonded network interfaces for NIC agent
- Agent functions for NIC agent
- State definitions for NIC agent
- Attributes for NIC agent
- Resource type definition for NIC agent
- Notes for the NIC agent
- Case 1
- Case 2
- Case 3
- Sample configurations for NIC agent
- Debug log levels for NIC agent
- IPMultiNIC agent
- MultiNICA agent
- Dependencies for MultiNICA agent
- IP Conservation Mode (ICM) for MultiNICA agent
- Performance Mode (PM) for MultiNICA agent
- Agent function for MultiNICA agent
- Attributes for MultiNICA agent
- Resource type definition for MultiNICA agent
- Sample configurations for MultiNICA agent
- IPv6 configuration for MultiNICA agent
- Mixed mode configuration - IPv4 and IPv6 for MultiNICA agent
- Debug log levels for MultiNICA agent
- DNS agent
- Dependencies for DNS agent
- Agent functions for DNS agent
- State definitions for DNS agent
- Attributes for DNS agent
- Resource type definition for DNS agent
- Agent notes for DNS agent
- About using the VCS DNS agent on UNIX with a secure Windows DNS server
- High availability fire drill for DNS agent
- Monitor scenarios for DNS agent
- Sample Web server configuration for DNS agent
- Secure DNS update for BIND 9 for DNS agent
- Setting up secure updates using TSIG keys for BIND 9 for DNS agent
- Sample configurations for DNS agent
- Debug log levels for DNS agent
- AWSIP agent
- AWSRoute53 agent
- AzureIP agent
- AzureDNSZone agent
- GoogleIP agent
- OCIIP agent
- File share agents
- About the file service agents
- NFS agent
- NFSRestart agent
- Share agent
- About the Samba agents
- NetBios agent
- Service and application agents
- About the services and applications agents
- Apache HTTP server agent
- Application agent
- IMF awareness
- High availability fire drill for Application agent
- Dependencies for Application agent
- Agent functions
- State definitions for Application agent
- Attributes for Application agent
- Resource type definition for Application agent
- Notes for Application agent
- Using Application agent with IMF
- Level two monitoring through MonitorProgram
- Using Application agent with ProPCV
- Requirement for programs
- Requirement for default profile
- Support for cloned Application agent
- Application monitoring inside Docker container
- Using the hadockersetup utility
- Requirement for systemd support
- Sample configurations for Application agent
- Debug log levels for Application agent
- AppMonHB agent
- AzureAuth agent
- CoordPoint agent
- KVMGuest agent
- Dependencies for KVMGuest agent
- Agent functions for KVMGuest agent
- State definitions for KVMGuest agent
- Attributes for KVMGuest agent
- Resource type definition for KVMGuest agent
- Notes for KVMGuest agent
- Support for guests created on RHEL 6, RHEL 7 (KVM environment), and SuSE Enterprise Linux 11 SP2 and SP3
- Storage and network configurations
- Guest live migration
- Managing virtual machines in RHEV environment
- Managing ISO image in SuSE KVM
- Using VCS to migrate virtual machines
- Configuring the KVMGuest agent for DR in a global cluster setup
- Configuring a non-admin user for RHEV-M that is using AD-based domain
- Virtual machine failover if host crashes
- KVMGuest agent requires curl and xpath commands in RHEV environment
- RHEV environment: If a node on which the VM is running panics or is forcefully shutdown, VCS is unable to start the VM on another node
- Sample configurations for KVMGuest environment
- Sample configurations for RHEV environment
- Sample Configuration for SuSE KVM
- Debug log levels for KVMGuest agent
- Process agent
- IMF awareness
- High availability fire drill for Process agent
- Dependencies for Process agent
- Agent functions for Process agent
- State definitions for Process agent
- Attributes for Process agent
- Resource type definition for Process agent
- Usage notes for Process agent
- Sample configurations for Process agent
- Debug log levels for Process agent
- ProcessOnOnly agent
- RestServer agent
- Infrastructure and support agents
- Testing agents
- Replication agents
- About the replication agents
- RVG agent
- RVGPrimary agent
- RVGSnapshot
- RVGShared agent
- RVGLogowner agent
- RVGSharedPri agent
- VFRJob agent
- Overview
- Dependencies for VFRJob agent
- High availability of scheduler and replicator daemons
- Agent functions for VFRJob agent
- State definitions for VFRJob agent
- Attributes for VFRJob agent
- Resource type definitions for VFRJob agent
- High availability of VFR daemons
- Configuration of VFRJob service groups on the source system
- Sample configuration of VFRJob agent on source system
- Configuration for VFRJob service groups on the target system
- Sample configuration of VFRJob agent on target system
- Changing file replication direction
- Notes for the VFRJob agent
AzureAuth agent
You may need to perform different operations in Azure such as updating a resource record set, attaching an Azure data disk, or assigning a private IP to a network interface. Performing any operations on Azure resources requires that you authenticate yourself as an authorized Azure user.
AzureAuth agent authenticates the Azure subscription using service principal credentials.
AzureAuth agent is a persistent resource that monitors the validity of service principal credentials.
Note:
For using managed identify-based authentication, refer to the following:
Create the service principal from the Azure portal and assign the application to a role. For details, refer to the Microsoft Azure documentation.
Ensure that the credentials that are passed on to the AzureAuth agent have at least the minimum required role assigned to service principal.
The minimum roles that are required for each agent are:
AzureIP: Network Contributor and Virtual Machine Contributor
AzureDisk
Un-Managed Disks: Virtual Machine Contributor
Managed Disks: Contributor
AzureDNSZone: DNS Zone Contributor
Obtain the authentication keys (SubscriptionId, ClientId, SecretKey, and TenantId).
Ensure that the virtual machine has access to the internet, which is required to install the necessary Python modules.
Install Python SDK for Azure on all cluster nodes.
Python SDK can be installed with pip as follows:
/opt/VRTSpython/bin/pip install azure-common==1.1.28 /opt/VRTSpython/bin/pip install azure-core==1.32.0 /opt/VRTSpython/bin/pip install azure-identity==1.19.0 /opt/VRTSpython/bin/pip install azure-mgmt-core==1.5.0 /opt/VRTSpython/bin/pip install azure-mgmt-dns==8.2.0 /opt/VRTSpython/bin/pip install azure-mgmt-network==28.1.0 /opt/VRTSpython/bin/pip install azure-storage-blob==12.24.1 /opt/VRTSpython/bin/pip install msrestazure==0.6.4 /opt/VRTSpython/bin/pip install azure-mgmt-compute==29.1.0 /opt/VRTSpython/bin/pip install azure-mgmt-compute==34.0.0 /opt/VRTSpython/bin/pip install azure-mgmt-privatedns==1.2.0
To install Azure Python SDK, the following packages are required:
libffi-devel
gcc
openssl-devel
To support Azure Private DNS Zone, following API must be installed:
azure-mgmt-privatedns.
The AzureAuth agent is not dependent on any other resources.
Monitor | Validates the service principal credentials with Azure. |
ONLINE | Indicates that the service principal credentials are valid. |
UNKNOWN | Indicates that one of the following is true:
|
Table: Required attributes
Attribute | Description |
|---|---|
SubscriptionId | Identifier that uniquely identifies your Azure subscription. Type and dimension: string-scalar |
ClientId | Identifier of the Azure Active Directory (AAD) Application. Type and dimension: string-scalar |
SecretKey | Authentication key that is generated for the AAD application. You must encrypt this secret key using the vcsencrypt -agent command. Type and dimension: string-scalar |
TenantId | Identifier of the AAD directory in which you created the application. Type and dimension: string-scalar |
type AzureAuth (
static str ArgList[] = { SubscriptionId, ClientId, SecretKey,
TenantId }
static str Operations = None
str SubscriptionId
str ClientId
str SecretKey
str TenantId
)
AzureAuth Auth_Res (
SubscriptionId = 2dfgg136-fgh6-40dd-b616-c1e9abdf1d63
ClientId = 123456-d10a-4704-8986-beb86739104d
SecretKey = fntPgnUnhTprQrqrnRonSlhPhrQpiNtrItpRhnGrrNklFngLs
TenantId = 12345-0528-4308-brf03-6667d61dd0e3
)To obtain the Azure authentication keys
- Log in to the Azure portal.
- Perform the following to obtain the authentication keys :
Task
Procedure
To obtain the SubscriptionId
In the left navigation pane, click Subscriptions. A list of your subscriptions is displayed along with the subscription IDs.
Copy and provide this Id as SubscriptionId to the AzureAuth agent.
To obtain the TenantID
In the left navigation panel, click Azure Active Directory.
On the page that opens, click Properties.
Copy the Directory ID.
Provided this Id as TenantID to the AzureAuth agent.
To obtain the ClientId
In the left navigation panel, click Azure Active Directory.
On the page that opens, click App registrations.
Search and select your application (service principal) from the list of applications.
Copy the Application ID.
Provide this Id as the ClientId to the AzureAuth agent.
To obtain the SecretKey
From App registrations in Azure Active Directory, search and select your application.
Under Settings, select Keys.
Provide a description of the key, and the expiry duration for the key.
Click Save. The key is displayed.
Note:
Ensure that you copy and store the key value. You cannot retrieve the key later.
Encrypt the key using:
vcsencrypt -agent < Secret Key>.
Provide the encrypted key to the AzureAuth agent as the SecretKey.