To get started, we will take a tour of the web console. The web console (called cockpit) will be your primary interactive interface to RHEL. The console has a number of functions that enable you to manage most aspects of the installation.
Connect to your personal lab environment. Ensure that the information in the footer of the page is correctly filled out and the URL for your environment should show up below
Here is a quick overview of all the available modules. Click through each of these menu options to see the information discussed:
The various functional sections can be seen in Figure 1, and are:
Contains an overview of the system, including metadata and health graphs
Displays current journald logs from all services
Displays storage activity graphs, and logs. Enables the management of NFS mounts, RAID devices, volume groups, VDO (deduplication) devices, and iSCSI targets
Displays network activity, logs, and allows firewall and network maintenance
Enables the management of container images and running containers
Virtual machines can be created, deleted and controlled
Allows for the creation, deletion and configuration of user accounts and ssh keys
Displays all system targets, services, sockets, timers and paths, as managed by systemd, the root process
Manages recorded sessions, and allows for the configuration of session recorder defaults
Allows for the installation and removal of web console modules
Creates diagnostic reports used by Red Hat support, also known as SOSreports
Manages kernel debugging dumps, created when the system crashes
Allows for the setting of SELinux to permissive mode, and shows recent SELinux alerts (AVCs)
Manages automatic package updating, and allows for the manual installation of updates
Manages subscriptions attached to the host
Provides an interactive shell
As you can see, many of the day-to-day management of a RHEL system can be accomplished without touching the terminal. This makes RHEL 8 the easiest-to-live-with release, yet!
Next, let’s proceed to a more detailed examination of each module. Please click through the web console on your host, as you read the explanations, here.
The overview module is the main screen that you see, when you first login to the web console. It has four panes:
System health including
Bug fixes available
Snapshot of system performance
Link to additional graphs. Time series of CPU, memory, network and disk I/O
information about the hardware of the system (if available)
Model of system
Link to more detailed hardware information
Operating system configuration information, including:
ssh key fingerprints for all created 'root' keys
Toggle to enable or disable storing of metrics.
Additionally, there are graphs that show the system’s CPU, memory, disk, and network utilization. Each graph may be enlarged, by clicking its associated link.
The logs module provides date-sorted view of recent system log entries. You can change the date or apply basic filters using the pull-down menus at the top of the page.
The storage module provides graphs of current storage performance. It also lists local and network-mounted filesystems, plus recent storage-related log entries.
The network module contains performance graphs similar to the storage module. Additionally, it shows the configuration of your network interfaces, identifies unused interfaces, and provides access to, and control of, the system firewall.
This module provides control of local podman containers and their corresponding images.
The Virtual Machines module allows for the creation, destruction, and management of virtual machines, their storage, and the networks that they are connected to.
The accounts module allows you to create and modify local user accounts.
The services module allows basic administration of systemd objects, including system services.
This module provides management of recorded terminal sessions.
The applications module allows for the management of additional components for the web console. In this environment, we have already installed all of the modules, so the only option available is to remove them.
This module is where SOSreports are placed, when they are generated. You can trigger an SOSreport, for submission to Red Hat support, from here.
The kernel dump module allows for the configuration of where kernel diagnostic reports (or dumps) that are generated when the system crashes, are stored. Additionally, you can specify if you wish these dumps to be compressed. The buttons will turn the dump facility on and off, and can also be used to test the dump system by crashing the host.
This module allows the user to set SELinux to permissive or enforcing mode (off or on) and also shows any SELinux AVC (access vector cache) messages that may have been generated and any SELinux booleans changed on the standard SELinux profile on the system.
The software update module is where updates may be applied to the system. Additionally, automatic updating of packages may be configured.
This module allows the host to be registered or unregistered, and allows for the attachment or detachment of valid subscriptions.
The terminal module provides command-line access to the system, similar to an SSH session. Section 16.1 has some example commands to try if you’d like to test it out.
sudo podman pull docker://docker.io/library/busybox
Now if you return to the Podman Containers tab (above, in Section 5), you should see this image listed; you may be prompted to start the Podman service as well. You’ll see more of podman later in Exercise 8.
Skopeo provides the ability to inspect container images stored in a registry. The Inspect feature displays details of the selected image. The 'skopeo inspect' command’s ability to list all the tags associated with a selected image is a benefit over the docker tool.
sudo skopeo inspect docker://docker.io/library/busybox
nft is the nftables utility. Similar to ''iptables -L'', the following lists the system’s active firewall ruleset:
sudo nft list ruleset
The web console has a lot of new functionality, in version 8 of Red Hat Enterprise Linux. Hopefully, this brief (!) overview has demonstrated that, and given you a taste of how easily systems may be managed, with this new tool.