Using Cockpit on CentOS Stream 9

Although equipped with the latest Linux desktop environment, CentOS Stream 9 is very much a server operating system. As such, most CentOS 9 deployments will be to remote physical servers or as cloud-based virtual machine instances. Invariably, these systems run without a keyboard, mouse, or monitor, with direct access only available via the command prompt over a network connection. This presents a challenge in terms of administering the system from remote locations. While much can certainly be achieved via remote access to the command-line and desktop environments, there needs to be a consistent and cohesive solution to the administrative and monitoring tasks that must be performed daily on an enterprise-level operating system such as CentOS Stream 9.

The Cockpit web-based administration interface provides this functionality. This chapter will explain how to install, configure and access the Cockpit interface while also providing an overview of the key features of Cockpit, many of which will be covered in greater detail in later chapters.

An Overview of Cockpit

Cockpit is a lightweight, web-based interface that allows general system administrative tasks to be performed remotely. When installed and configured, the system administrator opens a local browser window and navigates to the Cockpit port on the remote server. After loading the Cockpit interface into the browser and logging in, a wide range of tasks can be performed visually using administration and monitoring tools.

Behind the scenes, Cockpit uses the same tools to perform tasks typically used when working at the command line and updates automatically to reflect changes occurring elsewhere on the system. This allows Cockpit to be used with other administration tools and techniques without the risk of one approach overriding another. Cockpit can also be configured to access more than one server, allowing multiple servers to be administered and monitored simultaneously through a single browser session.

Cockpit is installed by default with a wide range of tools already bundled and allows additional extension plugins to be installed as needed. Cockpit is also designed so that you can create your own extensions using a combination of HTML and JavaScript to add missing or custom functionality.

 

You are reading a sample chapter from CentOS Stream 9 Essentials. Buy the full book now in eBook or Print format.

Full book includes 34 chapters and 290 pages. Learn more.

Preview  Buy eBook Buy Print

 

Cockpit’s modular design also allows many features to be embedded into other web-based applications.

Installing and Enabling Cockpit

Cockpit is generally not installed on CentOS 9 by default but can be set up and enabled in a few simple steps. The first step is to install the Cockpit package as follows:

# dnf install cockpitCode language: Shell Session (shell)

Next, the Cockpit socket service needs to be enabled:

# systemctl enable --now cockpit.socketCode language: plaintext (plaintext)

Finally, the necessary ports need to be opened on the firewall to allow remote browser connections to reach Cockpit if a firewall is enabled on your system (for details on firewalls, refer to the chapter entitled CentOS Stream 9 Firewall Basics).

# firewall-cmd --add-service=cockpit --permanent
# firewall-cmd --reloadCode language: Shell Session (shell)

Accessing Cockpit

If you have access to the desktop environment of the server on which Cockpit has been installed, open a browser window and navigate to https://localhost:9090 to access the Cockpit sign-in screen. If, on the other hand, the server is remote, navigate to the server using the domain name or IP address (for example, https://myserver.com:9090).

 

You are reading a sample chapter from CentOS Stream 9 Essentials. Buy the full book now in eBook or Print format.

Full book includes 34 chapters and 290 pages. Learn more.

Preview  Buy eBook Buy Print

 

When the connection is established, the browser may warn that the connection is not secure. This is because the Cockpit service uses a self-signed certificate. Select the option to proceed to the website or, to avoid this message in the future, select the advanced option and add an exception for the server address.

Once connected, the browser will load the login page shown in Figure 7-1 below:

Figure 7-1

Sign in to the Cockpit interface either as root or with your user account credentials. Note that some tasks will be restricted within the Cockpit interface when signed in as a user due to permission constraints. In this situation, the Cockpit console will display a button labeled “Limited Access,” as shown in Figure 7-2:

Figure 7-2

To elevate your privileges, click on the limited access button and enter your password when you are prompted to do so:

Figure 7-3

After signing in, Cockpit will display the Overview screen.

 

You are reading a sample chapter from CentOS Stream 9 Essentials. Buy the full book now in eBook or Print format.

Full book includes 34 chapters and 290 pages. Learn more.

Preview  Buy eBook Buy Print

 

Overview

The Overview screen provides an overview of the current system, including access to CPU, memory, storage, and network activity performance metrics. This screen also includes information about the system, including the underlying hardware, hostname, system time, and whether the system software is up to date. Options are also provided to restart or shut down the system.

Figure 7-4, for example, shows the Overview page of the Cockpit interface:

Figure 7-4

For more information on a particular category, click on the corresponding link. Figure 7-5, for example, shows the system metrics and history screen:

Figure 7-5

Logs

When the Logs category is selected, Cockpit displays the contents of the systemd journal logs. Choosing a log entry will display the entire log message. The log entries are ordered with the most recent at the top, and menus are included to filter the logs for different time durations and based on message severity.

Figure 7-6

Storage

Select the Storage option to review and manage the storage on the system, including disks, partitions, and volume groups, Network File System (NFS) mounts, and RAID storage. This screen also allows disk I/O activity to be monitored in real-time and lists log output from the system udisksd service used to query and manage storage devices:

 

You are reading a sample chapter from CentOS Stream 9 Essentials. Buy the full book now in eBook or Print format.

Full book includes 34 chapters and 290 pages. Learn more.

Preview  Buy eBook Buy Print

 

Figure 7-7

Networking

The Networking screen provides information on various network-related configurations and services, including network interfaces and firewall settings. In addition, it allows configuration changes such as creating network bridges or setting up virtual networks:

Figure 7-8

Accounts

Select this option to view the current user accounts configured on the system and create accounts for additional users. The topic of user management will be covered later in the chapter entitled Managing CentOS Stream 9 Users and Groups:

Figure 7-9

Click on an existing account to view details and make changes. The user account details page may also be used to review and add Public SSH keys to the user’s account for remote access to the server, as outlined in the chapter Configuring SSH Key-based Authentication on CentOS Stream 9.

Services

This screen displays a list of the system services running on the server and allows those services to be added, removed, stopped, and started.

Figure 7-10

The topic of services will be covered in detail in the chapter Managing CentOS Stream 9 systemd Units.

 

You are reading a sample chapter from CentOS Stream 9 Essentials. Buy the full book now in eBook or Print format.

Full book includes 34 chapters and 290 pages. Learn more.

Preview  Buy eBook Buy Print

 

Applications

As previously mentioned, additional functionality can be added to Cockpit as extensions. These can either be self-developed extensions or those provided by third parties. The Applications screen lists installed extensions and allows extensions to be added or removed:

Figure 7-11

Virtual Machines

Virtualization allows multiple operating system instances to run simultaneously on a single computer system, with each system running inside its own virtual machine. The Virtual Machines Cockpit extension provides a way to create and manage the virtual machine guests installed on the server:

Figure 7-12

The Virtual Machines extension is not installed by default but can be added via the Cockpit Applications screen or by running the following command:

# dnf install cockpit-machines

The use of virtualization with CentOS 9 is covered starting with the chapter An Overview of CentOS Stream 9 Virtualization Techniques.

 

You are reading a sample chapter from CentOS Stream 9 Essentials. Buy the full book now in eBook or Print format.

Full book includes 34 chapters and 290 pages. Learn more.

Preview  Buy eBook Buy Print

 

Software Updates

If any software updates are available for the system, they will be listed here and can be installed from this screen:

Figure 7-13

Terminal

As the name suggests, the Terminal screen provides access to the command-line prompt:

Figure 7-14

Connecting to Multiple Servers

Cockpit can be configured to administer multiple servers from within a single session. To add another host to the Cockpit session, click on the button highlighted in Figure 7-15 to display the Hosts panel:

Figure 7-15

Click the Add new host button and enter the IP address or hostname of the other system and select a color by which to distinguish this server from any others added to Cockpit before clicking on the Add button:

Figure 7-16

Cockpit will ask you to accept a new SSH key if you are connecting to the remote server for the first time. After accepting the key, you will be prompted to enter the password for the user name specified in Figure 7-16 above. The option is also provided to set up and authorize a password-protected SSH key to enable automatic login to the second host system next time you need to access it:

 

You are reading a sample chapter from CentOS Stream 9 Essentials. Buy the full book now in eBook or Print format.

Full book includes 34 chapters and 290 pages. Learn more.

Preview  Buy eBook Buy Print

 

Figure 7-17

To switch between the hosts, display the Hosts panel (Figure 7-15 above) and select the required system.

Enabling Stored Metrics

In a standard installation, Cockpit does not retain any performance metric data beyond what is displayed in the short time window covered by the graphs. To retain the data collected by Cockpit, the Cockpit Co-Pilot (PCP) package needs to be installed. Begin by installing the cockpit-pcp package as follows:

# dnf install cockpit-pcpCode language: Shell Session (shell)

After installing cockpit-pcp, log out of the current Cockpit session and back in.

Next, display the Metrics and history screen and click on the Metrics settings button to display the screen shown in Figure 7-18, switch on the Collect metrics option, and click Save:

Figure 7-18

After sufficient time has elapsed for Cockpit to gather data, the metric information will appear as shown in Figure 7-19, categorized in hourly blocks:

 

You are reading a sample chapter from CentOS Stream 9 Essentials. Buy the full book now in eBook or Print format.

Full book includes 34 chapters and 290 pages. Learn more.

Preview  Buy eBook Buy Print

 

Figure 7-19

Summary

The Cockpit web interface allows remote system administration tasks to be performed visually from within a web browser without relying on the command prompt and command-line tools. Once installed and enabled, the system administrator opens a web browser, connects to the remote server, and signs into the Cockpit interface. Behind the scenes, Cockpit uses the same command line tools as those available via the command prompt, allowing both options to be used without the risk of configuration conflicts. In addition, Cockpit uses a modular framework enabling additional extensions to be added and for custom extensions to be developed and integrated. A Cockpit session can be used to administer a single server or configured to access multiple servers simultaneously.


Categories