Red Hat Enterprise Linux 9 is the latest stable release version on RHEL. From its base, several other versions were developed such as Rocky Linux 9 and AlmaLinux 9. CentOS Stream 9, derived from Fedora 34 was used to develop RHEL 9. All these release version catty nifty features such as GNOME 40, improved security and identity, improved Cockpit Web Console e.t.c.
The main task of a Linux system administrator is to monitor the Linux system hardware and software and perform installations and upgrades while maintaining all the essential services and applications. In many circumstances, Linux system administrators perform these activities via the command line. This is because the command line(server editions) is light and faster as compared to GUI editions. However, running commands on the command line requires one to memorize the commands for the tasks. For that reason, many organizations preferred Windows systems where things are managed from a point-and-click GUI.
Luckily, in the past years, developers have developed independent GUI-based tools with abilities to manage some particular system areas and perform associated administrative tasks. Some of the tools developed are phpMyAdmin, Apache Directory, MySQL Workbench, Webmin, Ajenti, Shorewall, Cockpit, CUPS, cPanel, YaST e.t.c
What is Cockpit?
Cockpit(RHEL web console) is a GUI-web-based tool developed by RedHat with the main objective of making server administration easier. It is used to manage and monitor the local system as well as the remote system available on your network. When using Cockpit, similar APIs as those in the terminal are used, and the tasks performed on the command line are immediately reflected in the RHEL web console.
There is a wide range of activities you can perform with Cockpit. Some of them are:
- Managing user accounts
- Configuring SELinux
- Setting kernel dump configuration
- Managing system subscriptions
- Updating software
- Reviewing system logs
- Creating diagnostic reports
- Configuring network interfaces and firewall
- Managing and monitoring system services
- Multiple server monitoring
- Storage administration
In this guide, we will learn how to manage Rocky Linux 9 / AlmaLinux 9 using Cockpit Dashboard
#1. Install Cockpit Dashboard on Rocky Linux 9 / AlmaLinux 9
By default, Cockpit is installed on Rocky Linux 9 / AlmaLinux 9. If not it can be installed easily by executing the command below.
sudo dnf install cockpit
Once the installation is complete, start and enable the cockpit.socket service.
sudo systemctl enable --now cockpit.socket
Verify if the service is running:
$ systemctl status cockpit.socket ● cockpit.socket - Cockpit Web Service Socket Loaded: loaded (/usr/lib/systemd/system/cockpit.socket; enabled; vendor preset: disabled) Active: active (listening) since Fri 2022-09-09 11:11:20 CEST; 7s ago Until: Fri 2022-09-09 11:11:20 CEST; 7s ago Triggers: ● cockpit.service Docs: man:cockpit-ws(8) Listen: [::]:9090 (Stream) Process: 1874 ExecStartPost=/usr/share/cockpit/motd/update-motd localhost (code=exited, status=0/SUCCESS) Process: 1881 ExecStartPost=/bin/ln -snf active.motd /run/cockpit/motd (code=exited, status=0/SUCCESS) Tasks: 0 (limit: 23441) Memory: 1.0M CPU: 14ms CGroup: /system.slice/cockpit.socket
By default, the service listens to port 9090. So we need to allow the service through the firewall:
sudo firewall-cmd --add-service=cockpit --permanent sudo firewall-cmd --reload
#2. Configure Cockpit on Rocky Linux 9 / AlmaLinux 9
Once installed, you can configure Cockpit by editing or creating the /etc/cockpit/cockpit.conf file
sudo vim /etc/cockpit/cockpit.conf
In this file, you can enable automatic idle lock in the web console by adding the below lines:
Here, X is the period in minutes for the idle timeout. For example 10 minutes.
To edit the listen port for Cockpit, begin by allowing the desired port through the firewall:
sudo semanage port -a -t websm_port_t -p tcp PORT_NUMBER
Allow the port through the firewall:
sudo firewall-cmd --permanent --service cockpit --add-port=PORT_NUMBER/tcp sudo firewall-cmd --reload
Now change the port with the command:
sudo systemctl edit cockpit.socket
Make the desired configurations:
[Socket] ListenStream=PORT_NUMBER ...
Also, Cockpit loads certificates in the /etc/cockpit/ws-certs.d directory and uses the last file with the .cert in alphabetical order. You need to install a certificate signed by a certificate authority (CA) to avoid security exceptions.
Once the settings have been made, restart the service:
sudo systemctl daemon-reload sudo systemctl restart cockpit.socket
#3. Logging in to the Cockpit web console
Access the Cockpit web dashboard using any of the browsers below:
- Mozilla Firefox 52 and later
- Google Chrome 57 and later
- Microsoft Edge 16 and later
Now access the dashboard with the URL https://IP_Address:9090 or https://domain_name:9090. If you are using a self-signed certificate, you will receive the warning below.
This is a security warning that can be avoided by installing a trusted SSL certificate. To proceed, click on Advanced->Proceed and you will be granted the login page below.
Log in using an account with sudo privileges. This is necessary since Cockpit uses the PAM stack authentication method found in /etc/pam.d/cockpit. This makes it possible to log in using any local account on the system.
Once authenticated, you will be granted the Cockpit dashboard below.
#4. Manage Rocky Linux 9 / AlmaLinux 9 using Cockpit
You can now use Cockpit to manage your Rocky Linux 9 / AlmaLinux 9 system. There are several tasks you can perform. Some of these tasks are:
1. Restart/Shutdown the system
To restart/shutdown your Rocky Linux 9 / AlmaLinux 9 from the Cockpit Dashboard, navigate to Overview-> Reboot/Shutdown
You can set a delay for the reboot/shutdown or run the task immediately without any delay using the options in the drop-down menu.
2. Configuring the System Time
It is also possible to set time synchronization using a Network Time Protocol (NTP). This can be achieved by navigating to Overview-> system time
You can change the Timezone from the drop-down menu and set the time manually or automatically with NTP.
3. Configure Network and Firewall
Configure your network and firewall by navigating to the networking tab on the left panel.
While here, there are many configurations you can make such as adding networks(bridge, bond, VLAN, team) and configuring firewall rules.
For example, adding a bridge, proceed as shown.
4. View System logs
To view the logs on your system, navigate to the Logs tab as shown.
To view details of the logs, click on the log displayed.
5. Manage system services
System service can be managed from the Cockpit dashboard under the services tab. While on this tab, you can view the status of the services and manage them as desired.
6. Configure SELinux
To manage SELinux, navigate to the SELinux tab where you can check the mode, and toggle between Permissive and enforcing modes.
7. Storage management
Under storage management, you can see the available storage devices, the disk consumption, read and write speeds as well as the Filesystems.
You can also configure NFS shares, iSCSI targets and view logs associated with storage disks.
8. Access the Terminal
From the Cockpit dashboard, you can access the terminal and run commands on your system. To launch the terminal, click on Terminal as shown.
#5. Install Cockpit add-ons on Rocky Linux 9 / AlmaLinux 9
To be able to use an add-on on Cockpit, you need to install it separately. There are several add-on packages for Cockpit. They include:
- cockpit-composer: Building custom OS images
- cockpit-machines: Managing libvirt virtual machines
- cockpit-packagekit: Software updates and application installation
- cockpit-podman: Managing podman containers
- cockpit-session-recording: Recording and managing user sessions
- PCP: Persistent and more fine-grained performance data (installed on demand from the UI)
A preferred add-on can be installed with the command:
sudo dnf install
sudo dnf install cockpit-podman cockpit-machines
Once installed, you can use the add-ons as shown
1. Manage Virtual Machines
To manage the VMs on your Rocky Linux 9 / AlmaLinux 9 system, navigate to Virtual Machines as shown.
But first, you need to enable
sudo systemctl enable --now libvirtd
Once you reload the page you will see the below page.
You can now create a new VM by clicking on Create new VM. Provide the required resources for the VM and click create.
Once created, the Virtual machine will be listed and can be managed with ease.
2. Manage Podman containers
Using the installed cockpit-podman add-on, you can easily manage Podman containers from the Cockpit web. Click on Podman containers-> Start Podman
You can also start the services from the terminal
sudo systemctl enable --now podman podman.socket
Once started, you can create and manage containers.
Provide the container name and image.
Once created, the container will be available as shown.
That marks the end of this guide on how to manage Rocky Linux 9 / AlmaLinux 9 using Cockpit Dashboard. We can all agree that the Cockpit Dashboard makes system administration easier. Proceed and enjoy the awesomeness of this tool.