...
Info |
---|
For plugins hosted on a different repository from the main Cockpit repository, some of them are not yet packaged in Yocto (such as cockpit-machines plugin). |
Finally, note that Cockpit is not designed for massive deployment/configuration like Ansible does.
...
Code Block | ||
---|---|---|
| ||
IMAGE_INSTALL:append = " \
cockpit \
cockpit-dashboard \
cockpit-ws \
cockpit-bridge \
cockpit-shell \
cockpit-users \
cockpit-systemd \
cockpit-machines \
cockpit-cluster-dashboard \
cockpit-cluster-vm-management \
cockpit-update \
" |
This will install cockpit with the basic functionalities and 4 optional plugins (cockpit-machines,cockpit-cluster-dashboard, cockpit-cluster-vm-management, cockpit-update) as described as below.
...
.
Usage
Once Seapath is installed and configured on a Seapath machine, Cockpit is accessible through the interface connected to your network on the port 9090. It can be accessible in any web browser with the following URL: https://<TARGET_IP>:9090/
...
When connecting directly to a Cockpit instance, you are prompted to log in:
The credentials used to log in are the same as those configured on your Linux system.
...
Once connected, the main menu of Cockpit presents an overview of the machine state:
For a simpler usage, we recommend to use a Cockpit instance hosted on a laptop or a VM, and connect it using Add new host menu entry to connect it to the different Cockpit instance of the Seapath cluster. By doing so, it is possible to gathered all Cockpit instance in one place, and to use one machine as a gateway.
...
This menu is a graphical abstraction of the journalctl command, and allows you to inspect logs of your machine along different filters (date, priority, etc).
Virtual machines
...
This menu
...
This menu allows you to manage virtual machines, such as:
Creating a VM image from remote repository (Ubuntu, Fedora, etc), or import it from .qcow2 file
Edit VM configuration (memory, CPU, machine type, network, etc)
Access to VM though VNC or serial connection
Accounts
This menu is used to manage the users of your machine. Among accessible privileges, it is possible to:
...
Terminal
A simple bash terminal.
Cluster dashboard
This menu is used to have an overview of the cluster. It displays the following information:
- Status of the cluster nodes
- Status of the cluster
- List of Pacemaker resources deployed
- Status of the shared storage Ceph
Update
This menu can be used to update a SEAPATH Yocto hypervisor.
Plugin features:
- Fetch the swu image
- Perform the update using SWUpdate
- Reboot after update
- Get the status of the last update and the active slot
Cluster VM management
This menu lets you manage all VM in the cluster, unlike cockpit-machine, which has a local scope.
Plugin features:
- Create a VM
- Using existing qcow2 and xml files
- Uploading qcow2 and xml files
- Perform an action on a VM
- Start
- Stop / force stop
- Enable
- Disable / force disable
- Restart
- Migrate
- Remove
- Snapshot (create and apply)
- Console access
Info |
---|
cockpit-cluster-dashboard, cockpit-update and cockpit-cluster-vm-management are unofficial Cockpit plugins. They are packaged on Yocto, but deploying them on Debian SEAPATH will require the use of Ansible. |
Cockpit and Cybersecurity
Even if Seapath provides a secure environment, adding Cockpit increase mechanically the attack surface of your system. As already said earlier, Cockpit is a graphical abstraction of the system CLI, and so, inherits from all Cybersecurity rules implemented.
...
Further works planned for 2024
...
Add support of Cockpit-machine in Seapath Yocto
...
Hardened Cockpit for Cybersecurity
...