You can register a host from the {ProjectWebUI} with registration templates. This also enables you to set up various integration features and host tools during the registration process.
-
In the {ProjectWebUI}, navigate to Hosts > Register Host.
-
Enter the details for how you want the registered host to be configured.
-
If you select a host group from the Host Group list, the following fields inherit their values from the host group:
-
Operating system
-
Lifecycle environment
-
-
-
Specify any other registration details that you require. The available settings include the following:
-
On the General tab, in the {SmartProxy} field, you can select the {SmartProxy} to register your host through. A {SmartProxy} behind a load balancer takes precedence over a {SmartProxy} selected in the {ProjectWebUI} as the content source of the host.
-
On the General tab, in the Download utility field, you can select
wgetif you want to register your host by using awgetcommand. By default, {Project} generates acurlcommand. -
On the General tab, you can select the Insecure option to make the first call insecure. During this first call, your host downloads the CA file from {Project}. Your host will use this CA file to connect to {Project} with all future calls making them secure.
{Team} recommends that you avoid insecure calls.
If an attacker, located in the network between {Project} and your host, fetches the CA file from the first insecure call, the attacker will be able to access the content of the API calls to and from your host and the JSON Web Tokens (JWT). Therefore, if you have chosen to deploy SSH keys during registration, the attacker will be able to access your host using the SSH key.
-
On the Advanced tab, in the Repositories field, you can list repositories to be added before the registration is performed. You do not have to specify repositories if you provide them in an activation key.
-
On the Advanced tab, you can configure remote execution, {Insights}, and packages to be installed.
-
On the Advanced tab, in the Token lifetime (hours) field, you can change the validity duration of the JSON Web Token (JWT) that {Project} uses for authentication. The duration of this token defines how long the generated registration command works.
Note that {Project} applies the permissions of the user who generates the registration command to authorization of your host. If the user loses or gains additional permissions, the permissions of the JWT change too. Therefore, do not delete, block, or change permissions of the user during the token duration.
The scope of the JWTs is limited to the registration endpoints only and cannot be used anywhere else.
Note{Project} generates the registration command with parameters that search resources by ID. You can edit the registration command to search the following resources by title:
- Organization
-
URL fragment example:
organization=My%20Organizationororganization=My+Organization - Location
-
URL fragment example:
location=My%20Locationorlocation=My+Location - Host group
-
If a host group is nested, include the parent group separated with the slash character (
/).URL fragment example:
hostgroup=Parent%20Group%2FMy%20Host%20Group - Operating system
-
URL fragment example:
operatingsystem=My%20Operating%20Systemoroperatingsystem=My+Operating+System
The parameter values must be URL encoded.
-
On the Advanced tab, you can enable container and Flatpak registry access without a username or password by selecting the Set up container registry certs checkbox. Using certificate-based authentication also enforces lifecycle management of container and Flatpak content for the host.
-
-
Click Generate to generate a
curlcommand. -
Run the
curlcommand asrooton the host that you want to register. After registration completes, any Ansible roles assigned to a host group you specified when configuring the registration template will run on the host.
-
To set up monitoring of outdated services and applications using Tracer, see {ManagingHostsDocURL}configuring-tracer-on-a-host_managing-hosts[Configuring Tracer on a host] in {ManagingHostsDocTitle}.