Tagging Your Servers

When installing the Halo daemon on a new server, by default the server will automatically join the “Unassigned” group. This means you have to log in to the portal and manually move the server to a specific group, or move the server via the API. Using “tagging” you can now make the server automatically join a group and inherit all the security settings already defined for that group (meaning the server is automatically secured properly). To do so you simply edit the group’s details to define a Daemon Tag, then use that tag when you start up the daemon.

How To Tag Your Servers

Log on to your Halo account and click the name of the group to which you would like to add a daemon tag. When the edit option appears, click this link. The Edit Group Details window will now appear and should look similar to Figure 1.

Note that you can create a Daemon Tag which can later be used to automatically assign servers to this group.

At the bottom of the Edit Group Details screen is where you can create a Daemon Tag for this group. In this case it’s set to “WWW”. When the daemon is started just add the “Daemon Tag” after “–tag=” and the daemon will call home to the grid dropping itself into the group with that designated tag. Let’s say you have a “WWW” tag on the “Web Servers” group that defines all your web servers. Below is the syntax you would use to start up a daemon while assigning it to the “Web Servers” group.

sudo /etc/init.d/cphalod start --api-key=youruniqueapikey --tag=WWW

Remember to include your api-key on the first start so the daemon can authenticate to the grid. The default install script and the commands provided in the portal to install the daemon do *NOT* have the “tag” switch included.

You will have to modify the script or command to include the “tag” switch and the appropriate daemon tag. You can do this the first time you start a daemon; dropping new servers into specific groups as they first come online, or you can stop and start the daemon with a different tag. This will cause servers to switch from one group to another without having to log into the portal UI. (See the syntax below)

/etc/init.d/cphalod stop

/etc/init.d/cphalod start --tag=NewGrouptag

*Note: You only need to include your API key when you first initialize the Halo daemon.  After that, the API key can be omitted from the command line parameter.  Also don’t use “restart” to switch groups, “restart” will only restart the daemon with it’s original parameters.

Stay up to date

Get the latest news and tips on protecting critical business assets.

Related Posts