订阅内容
Linux 

The Red Hat Enterprise Linux (RHEL) web console is a simplified web-based management tool that lets you manage many aspects of RHEL more efficiently. For more information on the web console and how to get started with it, refer to the Managing systems using the RHEL 9 web console documentation.

RHEL versions 9.2 and 8.8 have a number of new features and enhancements related to the web console, including:

  • Support for a dark visual theme
  • Several improvements to user and group management capabilities
  • The ability to enable network-bound disk encryption on the root filesystem 
  • Root user account logins are disabled by default on new installs of 9.2+
  • Support for configuring virtual watchdog devices on virtual machines
  • The ability to insert and remove virtual CD-ROM media on running virtual machines
  • The ability to select frequently-used combinations of policies and sub-policies for system-wide crypto policies
  • Support for creating Podman pods
  • The ability to view disk read and write rates on individual devices

Support for a dark visual theme

The web console now supports a dark visual theme, which is preferred by many people.  

RHEL web console dark theme

By default, the web console will attempt to detect if your system is configured to use a dark theme, and if so, it will also use the web console dark theme. You can also specify which theme you would like to use by clicking the Session drop down menu in the top right corner of the interface.

RHEL web console theme selector

Several improvements to user and group management capabilities

The web console has an updated interface for viewing the list of user accounts on the system, which now supports searching and sorting, as shown in the following screenshot. 

RHEL web console user and group management improvements

When editing a user account, you can also now add and remove users from groups.  

Adding and removing users from groups

In addition, you can now also view information about the groups on the system, and create new groups.

Viewing information about the groups on the system

Ability to enable network-bound disk encryption on the root filesystem 

The web console previously supported configuring LUKS encrypted filesystems to bind to a Tang server in order to enable automatic unlocking of encrypted filesystems. However, when configuring this on a root filesystem, the web console previously required users to complete several steps from the command line.  

RHEL 8.8 and 9.2 now support configuring the root filesystem to bind to a Tang server from the web console without having to complete any steps manually from the command line. For more information on network-bound disk encryption, refer to the Configuring automated unlocking of encrypted volumes using policy-based decryption documentation.

To bind a LUKS encrypted root filesystem to a Tang server, click on Storage in the web console menu. In the right hand menu, click on the drive that contains your root filesystem, press the drop down next to the partition that contains the root filesystem and click on the Encryption tab.  

Next, click on the plus sign next to Keys.

Click the plus sign next to Keys

You can then select Tang keyserver as the Key source, and type in the keyserver address and existing LUKS passphrase.

Select "Tang keyserver" radio button

Root user account logins disabled by default on new installs of 9.2+

When the web console is installed on RHEL 9.2 or later, it will automatically configure the system to not allow the root user to login to the web console via the Cockpit web server (the cockpit.socket systemd unit). Note that this does not apply to existing RHEL 9.0 or 9.1 systems running the web console that are upgraded to RHEL 9.2 (although after upgrading to 9.2 you can manually configure these existing systems to not allow the root user to login).  

The /etc/cockpit/disallowed-users file specifies which users are not allowed to login. On new installations of the cockpit-ws package on RHEL 9.2 or later, this file will be configured to specify the root user account.  

# cat /etc/cockpit/disallowed-users 
# List of users which are not allowed to login to Cockpit
root

If you would like to allow the root user to login to the web console, you can edit this file and remove the line for the root user.  

Support for configuring virtual watchdog devices on virtual machines

The web console now supports configuring virtual watchdog devices on virtual machines.  One common use case for KVM virtual watchdog devices is related to the RHEL High Availability Add-On. For more information see Support Policies for RHEL High Availability Clusters - sbd and fence_sbd.

To configure a virtual watchdog device on a virtual machine (VM), click on Virtual Machines in the web console menu, and then click on the name of a VM in the Overview section. You can see if the VM has a watchdog configured.

Click the add button to add a watchdog device

To add a watchdog device, click on the add button. This will then bring up a menu that allows you to specify the watchdog device action.  

Add watchdog device type

Ability to insert and remove virtual CD-ROM media on running virtual machines

You can now insert and remove virtual CD-ROM media on a running VM within the web console. Previously, VM’s had to be shut down to complete these tasks.  

To manage the virtual CD-ROM media on a VM, click on Virtual Machines in the web console menu, and then click on the name of the VM that you would like to work with.  

Find the cdrom device, and click on the Insert button to insert an ISO image into the virtual CD-ROM device.  

Click on the Insert button to insert and ISO image into the virtual CD-ROM device

If there is already an ISO image inserted into the virtual CD-ROM device, you’ll see an Eject button.  

Ability to select frequently used combinations of policies and sub-policies for system-wide crypto policies

The system-wide crypto policy support in the web console has been enhanced so you can select frequently used combinations of policies and sub-policies. For more information on system-wide crypto policies, refer to the Using system-wide cryptographic policies documentation. 

To select which policy you would like to use, click on Overview in the web console menu. Under the Configuration card, you’ll see a Crypto policy section that shows the currently configured policy.  

RHEL web console crypto policy configuration options

You can click on the currently enabled policy (Default in the above screenshot) to bring up the menu that allows you to select the desired policy.  

Change crypto policy screen

Newly available policy and sub-policies combinations are Default:sha1, Legacy:ad-support, and Fips:ospp.  

Support for creating Podman pods

The web console now supports creating Podman pods (a group of containers) in addition to Podman containers. For more information on Podman pods, refer to the Working with pods documentation.  

To create a Podman pod, start by clicking on Podman containers in the web console menu. You’ll now see a Create pod button in addition to the Create container button. When you click on Create pod, you’ll be prompted to configure the pod name, owner, port mappings and volumes.  

Create pod screen

Once the pod has been created, you’ll then see a Create container in pod button that can be used to create one or more containers within the pod.  

Ability to view disk read and write rates on individual devices

The web console can now display read and write rates on individual disk devices, which can help with understanding how disks are being utilized and assist with troubleshooting potential performance issues.  

To view the current read and write rates on individual disk devices, click on Overview in the web console menu, and then click on View metrics and history under the Usage card.  

Under the Disks card, you’ll see a View per-disk throughput link, which will show the current per-disk metrics.

View per-disk throughput metrics

Learn more

RHEL 9.2 and 8.8 include a number of exciting enhancements and new features related to the web console. If you’d like to try the RHEL web console, check out our interactive self-paced labs that allow you to experiment with and learn more about it:


关于作者

Brian Smith is a Product Manager at Red Hat focused on RHEL automation and management.  He has been at Red Hat since 2018, previously working with Public Sector customers as a Technical Account Manager (TAM).  

Read full bio
UI_Icon-Red_Hat-Close-A-Black-RGB

按频道浏览

automation icon

自动化

有关技术、团队和环境 IT 自动化的最新信息

AI icon

人工智能

平台更新使客户可以在任何地方运行人工智能工作负载

open hybrid cloud icon

开放混合云

了解我们如何利用混合云构建更灵活的未来

security icon

安全防护

有关我们如何跨环境和技术减少风险的最新信息

edge icon

边缘计算

简化边缘运维的平台更新

Infrastructure icon

基础架构

全球领先企业 Linux 平台的最新动态

application development icon

应用领域

我们针对最严峻的应用挑战的解决方案

Original series icon

原创节目

关于企业技术领域的创客和领导者们有趣的故事