Monitor your servers with Cockpit

Following on my previous article Run your own Video Conference Service with Jitsi I started looking for a reliable solution to monitor my instance that runs Jitsi. I needed basic information on RAM, CPU, Disk, Networking, and I/O to assess the performance bottleneck for the serve

I was familiar with the tools I used in the past, like Cacti, Nagios, and Zabbix. All these tools need extensive configuration, “Not sure about the current state, but in the past took me a while to set them up correctly.” I was in the search for a straightforward tool that shows me hardware “VM” metrics and allows me to check the logs without ssh into the VM and ideally tool should be Open Source.

After a quick search, I think I found the tool I need Cockpit. The Cockpit provides all information I need to monitor VM parameters, logs, service, and more.

Note: I deploy a new Jitsi instance to DigitalOcean to play around with new Droplets on the latest version of the Ubuntu 20.04. I used the same steps to deploy Jitsi for 19.09.

Note: For Ubuntu 20.04 few changes needed to run install-letsencrypt-cert.sh

After 1st run of the /usr/share/jitsi-meet/scripts/install-letsencrypt-cert.sh you may get an error

1. comment the below lines in /usr/share/jitsi-meet/scripts/install-letsencrypt-cert.sh

2. Edit /usr/local/sbin/certbot-auto to rename packages from python-virtualenv to python3-virtualenv and remove --no-site-packages from line 1056.

Run again /usr/share/jitsi-meet/scripts/install-letsencrypt-cert.sh and this time I got my new certificates for the domain.

I know a more elegant solution may exist if I spent more time digging in /usr/local/sbin/certbot-auto and fixing python packages.
You can check new certificates for your domain /etc/letsencrypt/live/vc.your_domain.com

Above change needed only if you deploy Jitsi on Ubuntu 20.04

Now let’s deploy the Cockpit.

1st step is to allow port 9090 access from your network, and open firewall port as the follow up from the previous article in the section on firewall access Run your own Video Conference Service with Jit

Check is cockpit was started by accessing your server on port 9090.

You will notice the error with SSL/TLS certificate in the browser “I tested in both Chrome and Firefox.”

A workaround is to use “Firefox or Chrome Private/Incognito Window.

During Installation, Cockpit is generating a self-signed certificate, but as we already created a certificate for my FQDN vc.mudrii.com we can reuse letsencrypt certificate..

Check the Cockpit path for the certificate by running

The easiest way is to overwrite 0-self-signed.cert with letsencrypt certificate

letsencrypt stores certificates in /etc/letsencrypt/archive/vc.your_domain.com

We can overwrite both Public and Private certificates to /etc/cockpit/ws-certs.d/0-self-signed.cert as a root user and restart cock

Now try to reload your page and login with jitsiuser created in my previous article.

You can view system performance in Graphical interface

By default, you can’t see historical data in the Cockpit. To view and store past events, you need one more package to install for Cockpit.

Install cockpit-pcp

Once cockpit pcp is installed just reload web page in your browser and you can see the option to view historical data.

Few More option Cockpit provides like integrated SSH into the account

Information about Logs. Storage, Networking Service and few more.

Now I can monitor my Jitsi server and discover potential issues with performance and view logs without ssh-ing into the server.

Bank CTO at Advance Intelligence Group