Bookmark this page

Chapter 14. Analyze Servers and Get Support

Abstract

Goal	Investigate and resolve issues in the web-based management interface, getting support from Red Hat to help solve problems.
Objectives	Activate the web console management interface to remotely manage and monitor the performance of a Red Hat Enterprise Linux server. Describe and use the Red Hat Customer Portal key resources to find information from Red Hat documentation and the Knowledgebase. Use Red Hat Insights to analyze servers for issues, remediate or resolve them, and confirm that the solution worked.
Sections	Analyze and Manage Remote Servers (and Guided Exercise) Create a Diagnostics Report (and Guided Exercise) Detect and Resolve Issues with Red Hat Insights (and Quiz)

Analyze and Manage Remote Servers

Objectives

Activate the web console management interface to remotely manage and monitor the performance of a Red Hat Enterprise Linux server.

Describe the Web Console

The web console is a web-based management interface for Red Hat Enterprise Linux. The interface is designed for managing and monitoring your servers, and is based on the open-source Cockpit service.

You can use the web console to monitor system logs and to view graphs of system performance. Additionally, you can use your web browser to change settings by using graphical tools in the web console interface, including a fully functional interactive terminal session.

Enable the Web Console

Starting from Red Hat Enterprise Linux 7, the web console is installed by default in all installation variants except in a minimal installation. You can use the following command to install the web console:

[root@host ~]# dnf install cockpit

Then, enable and start the cockpit.socket service, which runs a web server. This step is necessary if you need to connect to the system through the web interface.

[root@host ~]# systemctl enable --now cockpit.socket
Created symlink /etc/systemd/system/sockets.target.wants/cockpit.socket -> /usr/lib/systemd/system/cockpit.socket.

If you are using a custom firewall profile, then you must add the cockpit service to firewalld to open port 9090 in the firewall:

[root@host ~]# firewall-cmd --add-service=cockpit --permanent
success
[root@host ~]# firewall-cmd --reload
success

Log in to the Web Console

The web console provides its own web server. Launch your web browser to log in to the web console.

Open https://servername:9090 in your web browser, where servername is the hostname or IP address of your server. The web console protects the connection by a Transport Layer Security (TLS) session. By default, the cockpit service installs the web console with a self-signed TLS certificate. When you connect to the web console for the first time, the web browser probably displays a security warning. The cockpit-ws(8) man page provides instructions on how to replace the TLS certificate with a correctly signed one.

To log in to the web console, enter your username and password at the login screen. You can log in with the username and password of any local account on the system, including the root user.

Figure 14.1: The web console login screen

Click Log In.

After you log in, the web console displays the username on the left side of the title bar. The default access to the web console is with limited rights, as you can see in the following Limited access button and in the "Web console is running in limited access mode" message.

Figure 14.2: Non-privileged user's title bar

If your account is configured with the appropriate privileges, then you can escalate privileges by switching to administrative access, by clicking the Limited access or Turn on administrative access buttons. During the escalation privileges process, you need to enter your password. When you have escalated privileges, the Limited access button changes to Administrative access.

You can switch back to limited access mode by clicking the Administrative access button and then clicking the Limit access button in the pop-up window that it shows.

Figure 14.3: Privileged user's title bar

Change Passwords in the Web Console

You can change your own password when logged in to the web console. Click the Accounts button on the navigation bar. Click your account label to open the account details page.

Figure 14.4: User accounts

As a non-privileged user, you are restricted to setting or resetting your password and managing public SSH keys. To set or reset your password, click the Set password button.

Figure 14.5: User account details

Enter your information in the Old password, New password, and Confirm new password fields. Click the Set password button to activate the new password.

Figure 14.6: Setting and resetting passwords

Troubleshoot with the Web Console

The web console is a powerful troubleshooting tool. You can monitor system statistics in real time, inspect system logs, and switch to a terminal session within the web console to gather additional information from the command-line interface.

Monitor System Statistics in Real Time

Click the Overview button on the navigation bar to view information about the system, such as its type of hardware, operating system, hostname, and more. If you log in as a non-privileged user, then you can see all the information but not modify any value. The following image displays the Overview page.

Figure 14.7: Non-privileged user's Overview page

Click View details and history on the Overview page to view details of current system performance for CPU activity, memory use, disk I/O, and network usage.

Figure 14.8: Non-privileged user's system performance metrics

Inspect and Filter Syslog Events

The Logs section in the navigation bar provides access to analysis tools for the system logs. You can use the scroll menus on the page to filter log messages by a logging date range, or priority, or both. The web console uses the current date as the default; you can click the date menu and specify any range of dates. Similarly, the Priority menu provides options that range from Debug and above (at the lowest level) to more specific severity conditions such as Alert and above or Error and above.

Figure 14.9: Log severity selections

Click a row to view details of the log report. In the following example, note the first row that reports on a sudo log message.

Figure 14.10: Log entry selection

The following example shows the details that the web console displays when you click the sudo row. Details of the report include the selected log entry (sudo), the date, time, priority, and syslog facility of the log entry, and the hostname of the system that reported the log message.

Figure 14.11: Log entry details

Run Commands from a Terminal Session

The Terminal button in the navigation bar provides access to a fully functional terminal session within the web console interface. In this web console terminal, you can run arbitrary commands to manage and work with the system, and for tasks that the other web console tools do not support.

The following image displays examples of commands to gather additional information. For example, listing the contents of the /var/log directory provides reminders of log files that might have valuable information. The id command provides information such as group membership that might help to troubleshoot file access restrictions. The ps au command provides a view of processes that are running in the terminal and of the user that is associated with the process.

Figure 14.12: Non-privileged terminal session troubleshooting

Create Diagnostic Reports

A diagnostic report is a collection of configuration details, system information, and diagnostic information from a Red Hat Enterprise Linux system. Data that is collected in the report includes system logs and debug information that you can use to troubleshoot issues.

To generate a diagnostic report, log in to the web console as a privileged user. Click the Diagnostic Reports button on the navigation bar to open the page that creates these reports. Click the Create report button to generate a new diagnostic report.

Figure 14.13: Create a diagnostic report

After some minutes, the interface displays Done! when the report is complete. Click the Download report button to save the report to your local system.

Figure 14.14: Download a completed report

Click Save File and complete the process.

Manage System Services with the Web Console

As a privileged web console user, you can stop, start, enable, and restart system services. Additionally, you can configure network interfaces, configure firewall services, administer user accounts, and more.

System Power Options

In the web console, you can restart or shut down the system. To access the system power options, log in to the web console as a privileged user. Click the Overview button on the navigation bar to access system power options.

From the menu on the upper right, select the appropriate option to either reboot or shut down a system.

Figure 14.15: System power options

Control Running System Services

You can start, enable, disable, and stop services with graphical tools in the web console. To do so, click the Services button on the navigation bar to access the web console's services initial page. The Services page shows the system services tab by default. You can change to Targets or Sockets by clicking the appropriate tab. Use the search bar or scroll through the page to select the service to manage.

In the following example, select the atd.service row to open the service management page.

Figure 14.16: Services: Initial view

Click the Stop, Restart, or Disallow running (mask) buttons as appropriate to manage the service. In this view, the service is already running. To view additional information about the service, click any of the highlighted links or scroll through the service logs that are displayed below the service management section.

Figure 14.17: Services: Service details and management interface

Configure Network Interfaces and the Firewall

To manage firewall rules and network interfaces, click the Networking button on the navigation bar. The following example shows how to gather information about network interfaces and how to manage them.

Figure 14.18: Networking: Initial view

Click the appropriate interface name in the Interfaces section to access the management page. In this example, the eth0 interface is selected. The top part of the management page displays network traffic activity for the selected device. Scroll down to view configuration settings and management options.

Figure 14.19: Networking: Interface details

To modify or add configuration options in an interface, click the highlighted links for the wanted configuration. In this example, the IPv4 link shows a single IP address and netmask, 172.25.250.9/24 for the eth0 network interface. To add an IP address to the eth0 network interface, click the edit link.

Click the + symbol on the right side of the Manual list selection to add an IP address. Enter an IP address and network mask in the appropriate fields. Click Apply to activate the new settings.

Figure 14.20: Add an IP address to an existing interface

The display automatically switches back to the interface's management page where you can confirm the new IP address.

Figure 14.21: Confirm the new IP address

Administer User Accounts

As a privileged user, you can create user accounts in the web console. Click Accounts on the navigation bar to view existing accounts. Click Create new account to open the account management page.

Figure 14.22: Existing user accounts

Enter the information for the new account and then click Create.

Figure 14.23: Create an account

The display automatically reverts to the account management page, where you can confirm the new user account.

Figure 14.24: Account management page

References

cockpit(1), cockpit-ws(8), and cockpit.conf(5) man pages

For more information, refer to Managing Systems Using the RHEL 9 Web Console at https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html-single/managing_systems_using_the_rhel_9_web_console/index#getting-started-with-the-rhel-9-web-console_managing-systems-using-the-web-console

Discuss Red Hat System Administration I

Go to community

RH124 Chapter 15 Lab 3: Install zsh Package

VictoriaB97

16 sty 2024

Hello,I am trying to finish up Lab 3 of the Chapter 15 Comprehensive Review Labs in RH124, and when I type in sudo dnf install zsh for the 6th specification of the lab, I get an error message basically saying that it failed to download metadata for the repo 'ansible-2.9-for-rhel-9-x86_64-rpms', and that they could not download repomd.xml. It provided a 404 status code.Can someone please let me know what the problem is, and if there is a current workaround? Thanks.

378

Red Hat System Administration I | Guided Exercise: Explain and Investigate RPM Software Pack

AbeHiero

10 lis 2023

I cannot start the lab with command: lab start software-rpm. I get this error:ModuleNotFoundError: No module named 'rhcsa-classroom'Script software-rpm not in course library rhcsa-classroom Anyone else see this?

1183

Red Hat System Administration I (RH124)

Haley_Ruccio

19 lip 2023

The first of two courses covering the core system administration tasks needed to manage Red Hat Enterprise Linux serversRed Hat System Administration I (RH124) is designed for IT professionals without previous Linux system administration experience. The course provides students with Linux administration competence by focusing on core administration tasks. This course also provides a foundation for students who plan to become full-time Linux system administrators by introducing key command-line concepts and enterprise-level tools. This course is the first of a two-course series that takes a computer professional without Linux system administration knowledge to become a fully capable Linux administrator. These concepts are further developed in the follow-on course, Red Hat System Administration II (RH134).This course is based on Red Hat® Enterprise Linux 9.0.Course content summaryIntroduce Linux and the Red Hat Enterprise Linux ecosystem.Run commands and view shell environments.Manage, organize, and secure files.Manage users, groups and user security policies.Control and monitor systemd services.Configure remote access using the web console and SSH.Configure network interfaces and settings.Manage software using DNFAudience for this courseThe primary persona is a technical professional with current or pending responsibilities as a Linux enterprise or cloud system administrator.This course is popular in Red Hat Academy, and is targeted at the student who is planning to become a technical professional using Linux.Prerequisites for this courseBasic technical user skills with computer applications on some operating systems are expected.Take our free assessment to gauge whether this offering is the best fit for your skills.Technology considerationsThere are no special technical requirements for this course.This course is not designed for bring your own device (BYOD).Internet access is not required but is recommended so that students can research and browse Red Hat online resources.

336

Revision: rh124-9.3-770cc61