Cockpit

Index ¦ Archives ¦ Atom

Cockpit 0.105

Cockpit is the modern Linux admin interface. There’s a new release every week. Here are the highlights from this weeks 0.105 release.

Strict Content-Security-Policy enforced everywhere

All of the Cockpit components now ship strict Content-Security-Policy. This is like SELinux in your browser, where you declare the kind of things the application is permitted to do and anything else is blocked.

Cockpit now only allows talking to and loading code from the server(s) that it’s running on. Everything else is blocked, including inline scripts, evaluating javascript code, and using inline styles.

Timeout for Cockpit Authentication

Cockpit uses PAM for authenticating local users. It now expects that authentication process to complete within a certain timeout.

More details in this document.

Cluster Users can be Added and Removed from Groups

In the Cluster admin interface, users can be added to groups and remove them with a few clicks. Here’s a short video:

Registry Mirroring from Insecure Registries

In the Registry user interface there’s now a checkbox that allows you to choose whether the registry from which you’re mirroring container images is insecure or not.

Insecure Registry option

Deletion of Kubernetes Nodes

In the Cluster admin interface you can now delete Nodes from the cluster, and select which ones to delete. Andreas has also done design work to allow upgrading the node operating system as well as cordoning nodes, which makes them unavailable for scheduling containers.

Deleting Nodes

Try it out

Cockpit 0.105 is available now: