Front Seat

Keep All Your Linux Servers in Check

Photo by Kent Pilcher on Unsplash

Photo by Kent Pilcher on Unsplash

Author(s):

Use the browser-based Cockpit tool to monitor and administer multiple Linux servers without leaving your desk.

Special Thanks: This article was made possible by support from Linux Professional Institute

Managing a herd of computers is no small feat, which is why a system administrator is only as good as his or her tools. Keeping an eye on the different computers in the network requires a lot of work. You can spend a lot of time configuring various components and setting up scripts to ease some aspects of monitoring and administration. If you are short of time, though, there’s nothing better than Cockpit. Cockpit is easy to deploy, and you can use it to connect and manage machines across the network, start and stop services, inspect logs, manage storage, visualize system performance, and even deploy and control containers via Docker. Although designed for administrators, Cockpit’s lightweight and intuitive interface makes it ideal for home servers and small businesses.

Cockpit doesn’t take over or lock the administration duties at any time; if you tweak certain networking settings using the web-based interface, you can undo these settings from your server’s command line or vice versa. Also, Cockpit dynamically updates itself (Figure 1), so any changes you make to the server will be reflected on the browser interface within a few seconds. For instance, if you were to add a new Logical Virtual Manager (LVM) to the server, it would be available to the Cockpit interface for manipulation almost immediately.

Figure 1: You can check for and install available updates on any remote machine from its System page.

A Cockpit instance is actually made up of several different components. There’s the cockpit-ws service, which is responsible for the web server that powers the tool. cockpit-ws runs in the background and is automatically activated when Cockpit tries to establish a connection to port 9090. It also starts the cockpit-bridge service upon login. As its name suggests, cockpit-bridge transmits messages between the web front end and the server. When you add another server to your Cockpit session, cockpit-ws establishes contact with it via SSH. It then takes control of the cockpit-bridge program that’s running on the newly added server using SSH.

Cockpit is sponsored by Red Hat and is already installed on Fedora Server. It’s also included in the official repositories of most desktop and server distributions. There isn’t much to the installation, and you can find distribution-specific installation steps on the Cockpit website. For instance, on our CentOS 7 Server installation (IP address: 192.168.0.10), I'll first grab the Cockpit release from the repositories with:

sudo yum install cockpit cockpit-dashboard

On Fedora, Debian, and Ubuntu, the cockpit-dashboard package is a recommended dependency and is installed automatically when you install the cockpit package. The cockpit-dashboard package requires libssh, which in CentOS (and RHEL) is in the Extras repository.

Once it’s installed, I’ll enable the service with:

sudo systemctl enable --now cockpit.socket

Before proceeding further, I'll also have to punch holes in the firewall on the CentOS server to allow other machines to talk to the Cockpit instance:

sudo firewall-cmd --permanent --zone=public --add-service=cockpit
sudo firewall-cmd --reload

That’s all there’s to it. You can now access Cockpit’s browser-based interface on port 9090. Fire up a browser on any computer and head to https://192.168.0.10:9090 to access the Cockpit interface and manage the server. Note that Cockpit redirects all traffic via HTTPS using a self-signed certificate that you’ll have to accept as an exception in order to access the interface.

One of the best things about Cockpit is its user management (Figure 2). You don’t have to create new accounts for use with Cockpit, since the tool inherits them from the installation you wish to monitor. Furthermore, the logged in user has exactly the same permissions as the user would have if they logged into the server via the console or SSH. For instance, if you’ve enabled root access on an installation and use the root user to login, you’ll be able to monitor and control all aspects of the installation. You can also login to Cockpit using a normal non-root user on the same installation, but will only be able to view and administer those aspects of the installation that are within the scope of that user.

Figure 2: Behind the scenes, Cockpit uses the same popular command-line tools, such as useradd, usermod, and passwd,to create and modify user accounts.

Run Around the Interface

One of the guiding principles of Cockpit is that its users shouldn’t have to reach for the manual to find their way around the interface. This design-first philosophy has lead to a fairly straightforward and easy to navigate interface. The tabs on the left of the screen help you switch between the details of a server and the dashboard. While the dashboard shows a list of all systems added to the Cockpit server with graphs for different parameters like CPU usage, disk I/O, and network traffic, the other tabs show these and a lot more details about the system Cockpit is monitoring.

At this point, you’ll only have one system listed here. To monitor other systems, you’ll first have to install the Cockpit tool on them via their respective package managers. Once you've done that, switch to the Dashboard tab and click the plus (+) button. Now enter the IP address of the server you want to add and choose a color label for it. You’ll then be asked for authentication information for this new system. After verifying the credentials, the new system will be listed along with the earlier one in the System pull-down menu. I’ll now repeat the process to add all the machines in my network to the Cockpit instance running atop the CentOS server.

You can use Cockpit to easily make changes to various aspects of your installation. For instance, if you wish to change the hostname of your remote machine, select the server from the Machines tab and click System in the sidebar. You will be presented with a wide array of information, such as the Hardware, Machine ID, Operating System, Hostname, and various performance metrics, plus a lot more. Click on the entry adjacent to the Hostname and enter a new hostname in the dialog box that opens. Thanks to the cockpit-bridge component, the changes are written to the relevant config files and reflected instantly.

The Cockpit interface also features a fully functional terminal (Figure 3) that you can use to examine or modify config files or perform tasks not offered in the web-based interface. By clicking on the Terminal option in the sidebar, a terminal will immediately open inside the web browser with the current user logged in. The web-based terminal also retains a complete history of commands executed, just like a regular Bash session. The fully featured terminal also features tab autocompletion and event history expansion. If you run commands using the web-based terminal tool, you can find them in the terminal's history on your remote server and vice versa.

Figure 3: One of the remote terminal's best uses is for package management, which can’t be done via Cockpit’s interface.

You can even control the services running on your remote server from the Services tab on the left sidebar. The Services screen is split into various tabs for Targets, System Services, Sockets, Timers, and Paths. You can view all the services currently enabled and active by clicking on the System Services tab. First up are the Enabled services, followed Disabled and then Static services. A static service is one that cannot be enabled, because such services perform a one-off task or function or are used as a dependency of some other service and cannot be run independently. You can click on the name of each service listed under the System Services tab to view its details, such as how long it’s been running. From this screen, you can also use the pull-down menus to Start, Stop, Reload, and Restart any given service. You can similarly Disable or Enable a service from the other pull-down menu.

Systemd uses the systemd-journald service to collect and store logging data. This data is prepared by collecting information from a variety of sources, such as kernel log messages, system log messages, and standard output and standard error messages produced by various system services, etc. All of this collected data can be accessed from the Cockpit interface by clicking the Logs tab on the left sidebar, which groups the logs per their severity level, listed in a pull-down menu, such as Alerts, Errors, Warnings, and Notices.

The Networking tab (Figure 4) similarly provides information pertaining to each of the configured interfaces, such as eth0, etc. This includes the amount of data being transferred or received, whic is presented in a slick graphical representation. You can also access all the logs generated by the Network Manager from the Networking tab. Unlike the Logs tab, clicking a log entry in the Networking tab does not provide any additional information.

Figure 4: Cockpit lets you easily add virtual LANs and create bonds and bridges between existing network interfaces.

As with the Networking tab, the Storage tab provides disk-specific information apart from logs. Interestingly, besides statistics and logs, the Storage section also allows you to tie the available storage devices into a software RAID device.

Working with Containers

Cockpit is configured to work with Docker to manage containers, but you need to install the cockpit-docker package on your server first, with:

sudo dnf install cockpit-docker

Now restart Cockpit with

sudo systemctl restart cockpit.service

and log in again to Cockpit’s dashboard. When you do, you’ll find the sidebar now has an additional tab called Containers.

The top of the Containers page provides the combined CPU and memory usage for all the running containers (Figure 5). If you don’t have any containers yet, scroll down to the Image section and click the Get new image button. In the image search dialog box, type in the name of an image you’re interested in (say, Fedora), and Cockpit will search for the specified keyword against all published containers on Docker Hub. Browse the list and download any of the images you wish to install. Once installed, you can find all images at the bottom of the Containers page. To start an image, locate the image and click the associated start button. This will open a pop-up window under which you can check all the information about the image and optionally make adjustments as per your requirements, before clicking the Run button.

Figure 5: Under Containers, you can alter the resources earmarked for a container.

You can click on any running image to launch the container management screen. This gives you the option to Stop, Restart,and Delete the container in addition to providing charts showing CPU and memory usage. If a Docker image is enabled with a terminal, you also get an option to issue terminal commands via this management screen.

Irrespective of the number of servers you are managing, you can add a layer of convenience to your daily grind by using Cockpit. By using Cockpit, even inexperienced administrators and home users can easily manage several remote servers spread across their network. The tools works equally well for both physical and virtual hardware and provide an uncluttered and intuitive interface to perform basic but routine system administration tasks. In the process, Cockpit can help save you quite a lot of time.

Buy Linux Magazine

SINGLE ISSUES
 
SUBSCRIPTIONS
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Cockpit

    Meet Cockpit, an easy management tool that lets you watch your Linux servers from a convenient, web-based interface.

  • Linux Dash and Cockpit

    Linux Dash and Cockpit are small-scale solutions for monitoring a cloud-hosted virtual server from home.

  • Fedora 21

    Fedora 21 appears with a new vision and some interesting new tools for developers and system administrators.

  • Systemd Graphical Tools

    Systemd has won the race, as indicated by the several tools that already offer a service just a mouse click away. We look at six of these tools.

  • Podman

    Podman gives users a quick and easy way to set up a Nextcloud instance for home use.

comments powered by Disqus