Exercise 1.2 - Tour of the Web Console

Return to Workshop

Exercise Description

To get started, we will take a tour of the web console. The web console (called cockpit) will be your primary interactive interface to RHEL. The console has a number of functions that enable you to manage most aspects of the installation.

Section 1: Overview of the web console

Here is a quick overview of all the available modules:

cockpit topics
Figure 1: Web console functions

The various functional sections can be seen in Figure 1, and are:

System
Contains an overview of the system, including metadata and health graphs
Logs
Displays current journald logs from all services
Storage
Displays storage activity graphs, and logs. Enables the management of NFS mounts, RAID devices, volume groups, VDO (deduplication) devices, and iSCSI targets
Networking
Displays network activity, logs, and allows firewall and network maintenance
Podman Containers
Enables the management of container images and running containers
Virtual Machines
Virtual machines can be created, deleted and controlled
Accounts
Allows for the creation, deletion and configuration of user accounts and ssh keys
Services
Displays all system targets, services, sockets, timers and paths, as managed by systemd, the root process
Session Recording
Manages recorded sessions, and allows for the configuration of session recorder defaults
Applications
Allows for the installation and removal of web console modules
Diagnostic Reports
Creates diagnostic reports used by Red Hat support, also known as SOSreports
Kernel Dump
Manages kernel debugging dumps, created when the system crashes
SELinux
Allows for the setting of SELinux to permissive mode, and shows recent SELinux alerts (AVCs)
Software Updates
Manages automatic package updating, and allows for the manual installation of updates
Subscriptions
Manages subscriptions attached to the host
Terminal
Provides an interactive shell

As you can see, many of the day-to-day management of a RHEL system can be accomplished without touching the terminal. This makes RHEL 8 the easiest-to-live-with release, yet!

Next, let’s proceed to a more detailed examination of each module. Please click through the web console on your host, as you read the explanations, here.

Section 2: System Module

cockpit system
Figure 2: Web Console System Module

The system module is the main screen that you see, when you first login to the web console. It contains an overview of the system, including the below sections:

  • hardware type

    • detailed system hardware data is available, from the link on the main page

  • asset tag

  • machine ID

  • operating system

    • when updates to the system are available, an "updates available" link will be present

  • SSH keys

    • key fingerprints for all created 'root' keys

  • host name

    • the system’s name may be changed, and an alias may be added

  • domain

    • the system may be added to an LDAP/AD domain

  • time and date

    • time zone and automatic or manual time and date setting can be done

  • performance profile

    • the system’s performance profile may be changed

Additionally, there are graphs that show the system’s CPU, memory, disk, and network utilization. Each graph may be enlarged, by clicking its associated link.

Section 3: Logs Module

cockpit 01 logs
Figure 3: Web Console Logs Module

The logs module provides date-sorted view of recent system log entries. You can change the date or apply basic filters using the pull-down menus at the top of the page.

Section 4: Storage Module

cockpit 02 storage
Figure 4: Web Console Storage Module

The storage module provides graphs of current storage performance. It also lists local and network-mounted filesystems, plus recent storage-related log entries.

Section 5: Networking Module

cockpit 03 networking
Figure 5: Web Console Networking Module

The network module contains performance graphs similar to the storage module. Additionally, it shows the configuration of your network interfaces, identifies unused interfaces, and provides access to, and control of, the system firewall.

Section 5: Podman Containers Module

cockpit 04 podman
Figure 6: Web Console Podman Containers Module

This module provides control of local podman containers and their corresponding images.

Section 6: Virtual Machines Module

cockpit 05 vms
Figure 7: Web Console Virtual Machines Module

The Virtual Machines module allows for the creation, destruction, and management of virtual machines, their storage, and the networks that they are connected to.

Section 7: Accounts Module

cockpit 06 accounts
Figure 8: Web Console Accounts Module

The accounts module allows you to create and modify local user accounts.

Section 8: Services Module

cockpit 07 services
Figure 9: Web Console Services Module

The services module allows basic administration of systemd objects, including system services.

Section 9: Session Recording Module

cockpit 08 sr
Figure 10: Web Console Session Recording Module

This module provides management of recorded terminal sessions.

Section 10: Applications Module

cockpit 09 applications
Figure 11: Web Console Applications Module

The applications module allows for the management of additional components for the web console. In this environment, we have already installed all of the modules, so the only option available is to remove them.

Section 11: Diagnostic Reports Module

cockpit 10 dr
Figure 12: Web Console Diagnostic Reports Module

This module is where SOSreports are placed, when they are generated. You can trigger an SOSreport, for submission to Red Hat support, from here.

Section 12: Kernel Dump Module

cockpit 11 kd
Figure 13: Web Console Kernel Dump Module

The kernel dump module allows for the configuration of where kernel diagnostic reports (or dumps) that are generated when the system crashes, are stored. Additionally, you can specify if you wish these dumps to be compressed. The buttons will turn the dump facility on and off, and can also be used to test the dump system by crashing the host.

Section 13: SELinux Module

cockpit 12 selinux
Figure 14: Web Console SELinux Module

This module allows the user to set SELinux to permissive or enforcing mode (off or on) and also shows any SELinux AVC (access vector cache) messages that may have been generated, on the system.

Section 14: Software Update Module

cockpit 13 su
Figure 15: Web Console Kernel Dump Module

The software update module is where updates may be applied to the system. Additionally, automatic updating of packages may be configured.

Section 15: Subscriptions Module

cockpit 14 subscriptions
Figure 16: Web Console Subscriptions Module

This module allows the host to be registered or unregistered, and allows for the attachment or detachment of valid subscriptions.

Section 16: Terminal Module

cockpit 15 terminal
Figure 17: Web Console Terminal Module

The terminal module provides command-line access to the system, similar to an SSH session. Section 16.1 has some example commands to try if you’d like to test it out.

Section 16.1: Example terminal usage

Example 1: Use the following command to pull a RHEL image from the Red Hat repository:
sudo podman pull docker://docker.io/library/busybox

Now if you return to the Podman Containers tab (above, in Section 5), you should see this image listed; you may be prompted to start the Podman service as well. You’ll see more of podman later in Exercise 8.

Example 2: Try the Skopeo command

Skopeo provides the ability to inspect container images stored in a registry. The Inspect feature displays details of the selected image. The 'skopeo inspect' command’s ability to list all the tags associated with a selected image is a benefit over the docker tool.

sudo skopeo inspect docker://docker.io/library/busybox
Example 3: List firewall rules

nft is the nftables utility. Similar to ''iptables -L'', the following lists the system’s active firewall ruleset:

sudo nft list ruleset

Conclusion

The web console has a lot of new functionality, in version 8 of Red Hat Enterprise Linux. Hopefully, this brief (!) overview has demonstrated that, and given you a taste of how easily systems may be managed, with this new tool.


Workshop Details

Domain Red Hat Logo
Workshop
Student ID

Return to Workshop