Detailed description of all 20 panels available in cella.
The main view. Shows container list on the left with per-container sparklines for CPU%, memory, and network I/O on the right. Updates every second from cgroup v2 stats.
Opens an interactive shell (TTY attach) inside the selected container. Supports both LXD exec and Docker exec. Press Esc or Ctrl+D to detach.
Streams live logs from the selected container. Uses journalctl -f for LXD and docker logs -f for Docker. Supports search with /.
Real-time network panel showing RX/TX byte rates, listening ports, and established TCP connections for the selected container.
Detailed resource view with per-CPU utilization bars, memory current/max with progress bar, and live-editable CPU and memory limits via the LXD API.
List, create, restore, and clone snapshots. Shows snapshot size (with fallback to du -sb for dir storage backends). Supports ZFS, Btrfs, LVM, and dir.
Starts bpftrace-based passive syscall monitoring. Displays a top-12 syscall table, 7-family breakdown, and a real-time sparkline. Data feeds the Seccomp Generator.
Generates a minimal OCI-format seccomp JSON profile from the observed syscalls in the Trace panel. Uses SCMP_ACT_ERRNO default with explicit allows. Save with S.
Overlay that appears when seccomp notify intercepts a blocked syscall. Operator can approve (Y/y) or deny (n) the call in real time.
Overview of security policies for all containers: seccomp profile (strict/moderate/permissive), AppArmor profile, and nftables egress rules. Includes a "Merged view" showing the full LXD config with expanded raw.lxc values.
Toggles LXD BPF-based syscall deny for the selected container. Blocks dangerous syscalls (ptrace, mount, bpf, kexec_load…) with EPERM. LXD only.
Monitors DNS queries from containers. Supports allow/deny rules per domain. Shows query history with timestamp and resolution status.
HTTP proxy audit log showing all intercepted requests: timestamp, method, domain, path, status code, latency, and MITM indicator. Includes domain approval management and export.
AI inference monitoring: requests per minute (RPM), tokens per minute (TPM), input/output token counts, and estimated USD cost for 27+ models across OpenAI, Anthropic, Gemini, and Copilot families. Per-minute sparklines.
Configure routing rules to redirect AI API traffic to alternative backends. Includes presets for OpenAI→Ollama, Anthropic→Ollama, Copilot→NVIDIA, and Gemini→Ollama.
Live LXD event stream showing all lifecycle events (container start/stop/restart, snapshot creation, config changes, etc.).
Container creation wizard. Select image, set name, configure resources, and launch a new container.
Export container configuration as JSON (E) or import a previously exported config (I) to apply it to a container via the LXD API.