Learn about Centmin Mod LEMP Stack today
Register Now

Sysadmin Will cockpit work with Centminmod?

Discussion in 'System Administration' started by Sos, Dec 13, 2018.

  1. Sos

    Sos New Member

    14
    2
    3
    Dec 4, 2018
    Ratings:
    +3
    Local Time:
    9:43 AM
    1.15.7
  2. eva2000

    eva2000 Administrator Staff Member

    41,726
    9,396
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +14,432
    Local Time:
    1:43 AM
    Nginx 1.17.x
    MariaDB 5.5/10.x
    Honestly haven't tried Cockpit so wouldn't know 100%
     
  3. BamaStangGuy

    BamaStangGuy Active Member

    602
    178
    43
    May 25, 2014
    Ratings:
    +242
    Local Time:
    10:43 AM
    Bump, just to see others experience with this and if it is really worth it.
     
  4. eva2000

    eva2000 Administrator Staff Member

    41,726
    9,396
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +14,432
    Local Time:
    1:43 AM
    Nginx 1.17.x
    MariaDB 5.5/10.x
    Just tried Cockpit on Centmin Mod with CentOS 7 Running Cockpit — Cockpit Project - skipping firewalld steps as Centmin Mod uses CSF Firewall and already whitelists the IP of user that installed Centmin Mod so you can access it at yourhostname:9090 or serverip:9090 without needing to open TCP port 9090 or below custom TCP port 9091
    Code (Text):
    cockpit_port=9091
    yum -y install cockpit sos cockpit-dashboard cockpit-storaged
    mkdir -p /etc/systemd/system/cockpit.socket.d/
    echo -e "[Socket]\nListenStream=\nListenStream=$cockpit_port\n" > /etc/systemd/system/cockpit.socket.d/listen.conf
    systemctl daemon-reload
    systemctl enable --now cockpit.socket
    

    But haven't used it enough to comment, just that logging in to cockpit works :)

    edit: looks good so far testing on my VirtualBox based CentOS 7 and CentOS 8 instances. Though not much of a fan of opening up web/gui access to a server as it's just another avenue for server compromise if not managed properly.
     
  5. rdan

    rdan Well-Known Member

    4,671
    1,121
    113
    May 25, 2014
    Ratings:
    +1,663
    Local Time:
    11:43 PM
    Mainline
    10.2
    Not much useful to me, except for this real-time stats on the dashboard.

    upload_2019-9-30_18-5-55.png
     
    • Agree Agree x 1
  6. eva2000

    eva2000 Administrator Staff Member

    41,726
    9,396
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +14,432
    Local Time:
    1:43 AM
    Nginx 1.17.x
    MariaDB 5.5/10.x
    Not fan - even has web gui for terminal/SSH access though the scrollbar doesn't seem to work in the terminal so mouse scroll wheel only.

    Example of Cockpit on Centmin Mod with CentOS 7 Running Cockpit — Cockpit Project - skipping firewalld steps as Centmin Mod uses CSF Firewall and already whitelists the IP of user that installed Centmin Mod so you can access it at yourhostname:9090 or serverip:9090 without needing to open TCP port 9090 or below custom TCP port 9091
    Code (Text):
    cockpit_port=9091
    yum -y install cockpit sos cockpit-dashboard cockpit-storaged
    mkdir -p /etc/systemd/system/cockpit.socket.d/
    echo -e "[Socket]\nListenStream=\nListenStream=$cockpit_port\n" > /etc/systemd/system/cockpit.socket.d/listen.conf
    systemctl daemon-reload
    systemctl enable --now cockpit.socket
    


    centos7-cockpit-00.png

    Cockpit's Machines listing of CentOS 7 primary server and added access to CentOS 8 remote server

    centos7-cockpit-01.png centos7-cockpit-02.png

    Cockpit remote server access to CentOS 8 server from CentOS 7 reported YUM updates - looks like CentOS 8 includes a compat-openssl10 YUM package for backwards compatibility to OpenSSL 1.0.2o as some packages may not support CentOS 8's OpenSSL 1.1.1 version. Oh yes playing with Percona MySQL 8 and Remi YUM repositories on CentOS 8 :)

    centos7-cockpit-03.png

    Cockpit web terminal SSH access to CentOS 7 server initial login to Centmin Mod LEMP stack server

    centos7-cockpit-04.png

    Centmin Mod LEMP stack's cminfo top output in web terminal which shows Centmin Mod server statistics :)

    centos7-cockpit-05.png centos7-cockpit-06.png centos7-cockpit-07.png centos7-cockpit-08.png
     
  7. eva2000

    eva2000 Administrator Staff Member

    41,726
    9,396
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +14,432
    Local Time:
    1:43 AM
    Nginx 1.17.x
    MariaDB 5.5/10.x
    Yeah I guess depends on what you need in a web gui. I can see web gui based terminal SSH access might come in handy for some folks - though scary to think if not secured properly, you'd be opening up access to hackers or potential compromise of your server ! You can lock it down to a different custom TCP port and IP access I suppose. Or just enable cockpit service via proper SSH access only when you need to and disable/stop cockpit service when you don't need it.

    Actually, thinking about it, it isn't that bad for Centmin Mod LEMP stack servers as by default they use CSF Firewall and it blocks cockpit's default port 9090 from access. When you initially install Centmin Mod LEMP stack, CSF Firewall whitelists the user's ISP ip automatically so you can access cockpit web gui without needing to open port 9090 to the public internet. So I guess you're almost as secure as traditional SSH client access/login seeing as you use same system linux users to login to Cockpit web gui. But danger is some folks to troubleshoot issues are disabling CSF Firewall, which then could open up access - though it shouldn't as CSF Firewall is only place underlying iptables has whitelisted ports.
     
    • Like Like x 1
  8. rdan

    rdan Well-Known Member

    4,671
    1,121
    113
    May 25, 2014
    Ratings:
    +1,663
    Local Time:
    11:43 PM
    Mainline
    10.2
    Documentation about this 3?
    Thanks!
     
  9. eva2000

    eva2000 Administrator Staff Member

    41,726
    9,396
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +14,432
    Local Time:
    1:43 AM
    Nginx 1.17.x
    MariaDB 5.5/10.x
    what no google-fu ? :)
     
    • Like Like x 1