Home Lab Chronicles

Step 3: Running Cockpit

Previous Articles

• Step 1: Making Choices
• Step 2: GlusterFS

I love the command line, but it gets unwieldy for viewing and administering a group of servers. I really want a dashboard where I can quickly see the high level status of every machine. Cockpit does this well.

Installing it is really easy. Just run sudo apt install cockpit -y on every machine.

You can fire it up by opening a browser window to any of the hosts. For example, http://kube1:9090. You’ll have to tell your browser to accept the self-signed TLS certificate. This is most likely okay. Maybe later, we can upgrade with a Let’s Encrypt certificate. We might even put it behind a proxy.

Your installs will not let you see any single server, but we want to watch every server. I’d rather not perpetually type in passwords, so let’s do some groundwork first. We will create an ssh key pair for each machine. You’ll do this on one machine. Yes, this is a single point of failure. In a later step, we’ll back up your user directory on this machine.

For each machine, generate a key with ssh-keygen -t ecdsa -b 521 -f .ssh/target_name -N "". Make sure target_name is the hostname for the machine you want it for. Getting into the weeds of the command you’re generating an elliptic curve key of 521 bits length. This is absolutely secure, provided you keep the keys private, until quantum computing advances. But quantum-proof encryption algorithms are already in development and will be widespread before quantum computing is available.

Now, it’s time to copy the appropriate key to each machine. That’s easy. Just type ssh-copy-id .ssh/target_name username@target_name. Make sure target_name is the host you want and username is your username. It will ask you for your password to do this.

SSH doesn’t know which key to use when you ssh from your “master”machine to the other machines. We can change that by creating a file called ~/.ssh/config. Here’s what mine looks like:

Now you’re ready to add the other hosts into cockpit. Just go into the dashboard and click the + button in the bottom right. Then type in the hostname to add. Here’s what it looks like after I did one new host:

Here it is after four hosts:

Cockpit is pretty self-explanatory while being nice on the eyes. When you’re using the dashboard, it does use some memory and CPU for each connection to another host. Consequently, for a large cluster, it likely makes sense to run it on a specific node that is not used for critical workloads.