Chapter 8. Installing and configuring web console by using the RHEL system role
With the cockpit RHEL system role, you can install and configure the web console in your system.
8.1. The cockpit RHEL system role
You can use the cockpit system role to automatically deploy and enable the web console and thus be able to manage your RHEL systems from a web browser.
8.2. Installing the web console by using the cockpit RHEL system role
You can use the cockpit system role to install and enable the RHEL web console.
By default, the RHEL web console uses a self-signed certificate. For security reasons, you can specify a certificate that was issued by a trusted certificate authority instead.
In this example, you use the cockpit system role to:
- Install the RHEL web console.
-
Allow the web console to manage
firewalld. -
Set the web console to use a certificate from the
ipatrusted certificate authority instead of using a self-signed certificate. - Set the web console to use a custom port 9050.
You do not have to call the firewall or certificate system roles in the playbook to manage the Firewall or create the certificate. The cockpit system role calls them automatically as needed.
Prerequisites
- You have prepared the control node and the managed nodes.
- You are logged in to the control node as a user who can run playbooks on the managed nodes.
-
The account you use to connect to the managed nodes has
sudopermissions on them.
Procedure
Create a playbook file, for example
~/playbook.yml, with the following content:--- - name: Manage the RHEL web console hosts: managed-node-01.example.com tasks: - name: Install RHEL web console ansible.builtin.include_role: name: rhel-system-roles.cockpit vars: cockpit_packages: default cockpit_port:9050 cockpit_manage_selinux: true cockpit_manage_firewall: true cockpit_certificates: - name: /etc/cockpit/ws-certs.d/01-certificate dns: ['localhost', 'www.example.com'] ca: ipa group: cockpit-wsValidate the playbook syntax:
$ ansible-playbook --syntax-check ~/playbook.ymlNote that this command only validates the syntax and does not protect against a wrong but valid configuration.
Run the playbook:
$ ansible-playbook ~/playbook.yml
Additional resources
-
/usr/share/ansible/roles/rhel-system-roles.cockpit/README.mdfile -
/usr/share/doc/rhel-system-roles/cockpitdirectory - Requesting certificates using RHEL system roles.
