Skip to content

Commit

Permalink
Merge pull request #90 from threefoldtech/threefold_guide_update
Browse files Browse the repository at this point in the history 
updated cockpit guide
  • Loading branch information
@Mik-TF
Mik-TF committed May 6, 2023
2 parents 6464453 + fdd205a commit 76ee501
Showing 1 changed file with 117 additions and 17 deletions.
134 changes: 117 additions & 17 deletions src/getstarted/remote-desktop_gui/cockpit_guide/cockpit_guide.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,8 +4,12 @@

- [Introduction](#introduction)
- [Deploy a Full VM and Create a Root-Access User](#deploy-a-full-vm-and-create-a-root-access-user)
- [Set the VM, Install and Access Cockpit](#set-the-vm-install-and-access-cockpit)
- [Set the VM and Install Cockpit](#set-the-vm-and-install-cockpit)
- [Change the Network System Daemon](#change-the-network-system-daemon)
- [Set a Firewall](#set-a-firewall)
- [Access Cockpit](#access-cockpit)
- [Conclusion](#conclusion)
- [Acknowledgements and References](#acknowledgements-and-references)

***

Expand All @@ -17,26 +21,28 @@ For more information on deploying a full VM and using SSH remote connection, rea

If you are new to the Threefold ecosystem and you want to deploy workloads on the Threefold Grid, read the [Get Started section](../../tfgrid3_getstarted.md) of the Threefold Manual.

Note that the two sections [Change the Network System Daemon](#change-the-network-system-daemon) and [Set a Firewall](#set-a-firewall) are optional. That being said, they provide more features and security to the deployment.

***

## Deploy a Full VM and Create a Root-Access User

To start, you must [deploy and SSH into a Full VM](../../ssh_guide/ssh_guide.md).
To start, you must [deploy and SSH into a full VM](../../ssh_guide/ssh_guide.md).

* Go to the [Threefold Playground](https://play.grid.tf/#/)
* Deploy a full VM (e.g. Ubuntu 22.04)
* With an IPv4 Address
* After deployment, copy the IPv4 address
* In the terminal write
* Connect into the VM via SSH
* ```
ssh root@VM_IPv4_address
```
* To create a new user with root access
* Create a new user with root access
* Here we use `newuser` as an example
* ```
adduser newuser
```
* To see the directory of the `newuser`
* To see the directory of the new user
* ```
ls /home
```
Expand All @@ -55,32 +61,126 @@ To start, you must [deploy and SSH into a Full VM](../../ssh_guide/ssh_guide.md)
nano ~/.ssh/authorized_keys
```
* add the authorized public key in the file, then save and quit
* Exit the VM and reconnect with new user
* ```
ssh newuser@VM_IPv4_address
```
* Exit the VM and reconnect with the new user
* ```
exit
```
* ```
ssh newuser@VM_IPv4_address
```

***

## Set the VM, Install and Access Cockpit
## Set the VM and Install Cockpit

* Set the system up to date:
* Update and upgrade the VM
* ```
sudo apt update -y && sudo apt upgrade -y && sudo apt-get update -y
```
* Install Cockpit:
* Install Cockpit
* ```
. /etc/os-release && sudo apt install -t ${UBUNTU_CODENAME}-backports cockpit -y
```
* Access Cokcpit on a web browser:
* Write the following URL with the VM IPv4 address:

***

## Change the Network System Daemon

We now change the system daemon that manages network configurations. We will be using [NetworkManager](https://networkmanager.dev/) instead of [networkd](https://wiki.archlinux.org/title/systemd-networkd). This will give us further possibilities on Cockpit.

* Install NetworkManager. Note that it might already be installed.
* ```
sudo apt install network-manager -y
```
* Update the `.yaml` file
* Go to netplan's directory
* ```
cd /etc/netplan
```
* Search for the proper `.yaml` file name
* ```
VM_IPv4_Address:9090
ls -l
```
* Enter the username and password of the root-access user
* Update the `.yaml` file
* ```
sudo nano 50-cloud-init.yaml
```
* Add the following lines under `network:`
* ```
version: 2
renderer: NetworkManager
```
* Note that these two lines should be aligned with `ethernets:`
* Remove `version: 2` at the bottom of the file
* Save and exit the file
* Disable networkd and enable NetworkManager
* ```
sudo systemctl disable systemd-networkd
```
* ```
sudo systemctl enable NetworkManager
```
* Apply netplan to set NetworkManager
* ```
sudo netplan apply
```
* Reboot the system to load the new kernel and to properly set NetworkManager
* ```
sudo reboot
```
* Reconnect to the VM
* ```
ssh newuser@VM_IPv4_address
```
***

## Set a Firewall

We now set a firewall. We note that [ufw](https://wiki.ubuntu.com/UncomplicatedFirewall) is not compatible with Cockpit and for this reason, we will be using [firewalld](https://firewalld.org/).

* Install firewalld
* ```
sudo apt install firewalld -y
```

* Add Cockpit to firewalld
* ```
sudo firewall-cmd --add-service=cockpit
```
* ```
sudo firewall-cmd --add-service=cockpit --permanent
```
* See if Cockpit is available
* ```
sudo firewall-cmd --info-service=cockpit
```

* See the status of firewalld
* ```
sudo firewall-cmd --state
```

***

## Access Cockpit

* On your web browser, write the following URL with the proper VM IPv4 address
* ```
VM_IPv4_Address:9090
```
* Enter the username and password of the root-access user
* You might need to grant administrative access to the user
* On the top right of the Cockpit window, click on `Limited access`
* Enter the root-access user password then click `Authenticate`

***

## Conclusion

You now have access to a web-based graphical interface to manage your VM. Read [Cockpit's documentation](https://cockpit-project.org/documentation.html) to explore further this interface.
You now have access to a web-based graphical interface to manage your VM. You can read [Cockpit's documentation](https://cockpit-project.org/documentation.html) to explore further this interface.

***

## Acknowledgements and References

A big thank you to Drew Smith for his [advice on using NetworkManager](https://forum.threefold.io/t/cockpit-managed-ubuntu-vm/3376) instead of networkd with Cockpit.

0 comments on commit 76ee501

Please sign in to comment.