Cockpit is a web application that provides easy administration for Linux servers. It is mainly developed for Fedora but other distributions are OK too. Latest Cockpit version is 118 as writing this article.
- Cockpit provides easy container management
- Storage administration
- Network configuration
- Inspection of logs etc.
- Zero footprint and very little resource consumption.
We will install cockpit for Fedora 24 but it is similar for other distributions.
$ sudo dnf install cockpit -y Failed to set locale, defaulting to C Fedora 24 - x86_64 - Updates 2.0 MB/s | 17 MB 00:08 Last metadata expiration check: 0:00:09 ago on Sat Oct 8 05:51:01 2016. Dependencies resolved.
We can start Cockpit different way but the most easy and convenient way is using
# systemctl start cockpit # systemctl status cockpit ● cockpit.service - Cockpit Web Service Loaded: loaded (/usr/lib/systemd/system/cockpit.service; static; vendor preset: disabled) Active: active (running) since Sat 2016-10-08 06:03:17 UTC; 4s ago Docs: man:cockpit-ws(8) Process: 5249 ExecStartPre=/usr/sbin/remotectl certificate --ensure --user=root --group=cockpit-ws --selinux-type=etc_t (code=exite Main PID: 5266 (cockpit-ws) Tasks: 2 (limit: 512) Memory: 5.5M CPU: 168ms CGroup: /system.slice/cockpit.service └─5266 /usr/libexec/cockpit-ws Oct 08 06:03:16 poftut3 systemd: Starting Cockpit Web Service... Oct 08 06:03:16 poftut3 remotectl: Generating temporary certificate using: openssl req -x509 -days 36500 -newkey rsa:2048 -keyo Oct 08 06:03:17 poftut3 remotectl: /usr/bin/chcon: can't apply partial context to unlabeled file '/etc/cockpit/ws-certs.d/0-sel Oct 08 06:03:17 poftut3 remotectl: remotectl: couldn't change SELinux type context 'etc_t' for certificate: /etc/cockpit/ws-cer Oct 08 06:03:17 poftut3 systemd: Started Cockpit Web Service. Oct 08 06:03:17 poftut3 cockpit-ws: Using certificate: /etc/cockpit/ws-certs.d/0-self-signed.cert
We started Cockpit with
systemctl start cockpit and we checked status of the Cockpit service with
systemctl status cockpit . Ok There seems to be no problem.
We will use web interface to login Cockpit. Before to access web interface we will get ip address of the server.
$ ip add 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: ens3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000 link/ether 52:54:00:ea:3f:9c brd ff:ff:ff:ff:ff:ff inet 192.168.122.106/24 brd 192.168.122.255 scope global dynamic ens3 valid_lft 2591sec preferred_lft 2591sec inet6 fe80::c85b:e028:c080:c51e/64 scope link valid_lft forever preferred_lft forever
Enable Firewall Port 9090
We may need to add firewall rule to accept connection for Cockpit default port 9090 with the following command.
$ firewall-cmd --zone=public --add-port=9090/tcp success
If we browse https://<ip address>:9090 we will see a warning. Proceed it.
Here is the login screen we can login by using our root system credentials.
Welcome screen is here we can see that there is a simple dashboard about the cpu, memory, disk i/o and network.
Services and Targets
Listing services installed on the system can be done with services menu from the left colon.
If we click a services we can see details of the services. If the service is started and active. We can start/stop services from this page too or we can enable/disable for the system startup. We can see that logs lays along the below of the page.
We can list system logs from Logs. Logs are listed according to their level like Errors, Warning, Notices. We can also filter logs according to their dates.
User can be listed With Tools->Accounts menu. Existing users can be edited or new user can be added.
Also users full names and roles can be changed.
Web Based Terminal (The Best Feature)
The best feature for me is the terminal interface. We can use this system without any ssh/telnet/rdp/vnc or similar service. We just need an web interface that is enough.