Can't Change jupyter/datascience-notebook UID and GID

edp · March 21, 2024, 2:45am

I deploy jupyter datascience-notebook on my k8s. and I have a lit bit problem with NB_USER;NB_UID;NB_GID
the image from: docker pull jupyter/datascience-notebook
Our Notebook are use linux OpenLDAP authenticator.
But When User Login. The notebook always jovyan and user id is 1000(I want use Users LDAP’s UID and GID)
below is my helm value.yaml config.
If you have free time , please help me to check

Thanks

value.yaml

hub:
revisionHistoryLimit:
config:
JupyterHub:
# JupyterHub:
authenticator_class: ldapauthenticator.LDAPAuthenticator
Authenticator:
enable_auth_state: true
LDAPAuthenticator:
# See GitHub - rroemhild/docker-test-openldap: Docker OpenLDAP Server for testing LDAP applications
# for users
server_address: 192.168.13.206
lookup_dn: True
bind_dn_template: “uid={username},ou=People,dc=contoso,dc=local”
allowed_groups: “cn=jupyterhub,ou=Groups,dc=contoso,dc=local”
user_search_base: “dc=contoso,dc=local”
user_attribute: uid
lookup_dn_user_dn_attribute: cn
escape_userdn: True
auth_state_attributes: [“uid”, “uidNumber”, “gidNumber”, “homeDirectory”]
use_lookup_dn_username: False

extraConfig:
# copy from Z2JH Hot to change NB_UID/NB_GID using authenticator_class? - #14 by hiroyuki-sato
SpawnerCustomConfig: |
from ldapauthenticator import LDAPAuthenticator
from hashlib import md5

  class LDAPAuthenticatorInfo(LDAPAuthenticator):
      async def pre_spawn_start(self, user, spawner):
          auth_state = await user.get_auth_state()

          if not auth_state:
              return

          self.log.info(f"pre_spawn_start auth_state: {auth_state}")
		  
          spawner.environment["NB_UID"]  = str(auth_state["uidNumber"][0])
          spawner.environment["NB_USER"] = auth_state["uid"][0]
          spawner.environment["NB_GID"]  = str(auth_state["gidNumber"][0])
          spawner.environment["CHOWN_HOME"]  = "yes"
          spawner.environment["GRANT_SUDO"]  = "yes"

          self.log.info(f"environment: {spawner.environment}")

CustomHubConfig: |
  c.JupyterHub.cleanup_servers = True

debug:
enabled: true
singleuser:

uid: 0
fsGid: 100

hiroyuki-sato · March 21, 2024, 7:35am

Hello, @edp

Have you ever tried set cmd part?

singleuser:
  cmd: #emtpy

edp · March 21, 2024, 9:43am

Thank for you reply @manics

hub:
revisionHistoryLimit:
config:
JupyterHub:
# JupyterHub:
authenticator_class: ldapauthenticator.LDAPAuthenticator
Authenticator:
enable_auth_state: true
LDAPAuthenticator:
# See GitHub - rroemhild/docker-test-openldap: Docker OpenLDAP Server for testing LDAP applications
# for users
server_address: 192.168.13.206
lookup_dn: True
bind_dn_template: “uid={username},ou=People,dc=contoso,dc=local”
allowed_groups: “cn=jupyterhub,ou=Groups,dc=contoso,dc=local”
user_search_base: “dc=contoso,dc=local”
user_attribute: uid
lookup_dn_user_dn_attribute: uid
escape_userdn: True
auth_state_attributes: [“uid”, “uidNumber”, “gidNumber”, “homeDirectory”]
use_lookup_dn_username: False
extraConfig:
SpawnerCustomConfig: |
#c.Spawner.cmd = [‘start.sh’,‘jupyterhub-singleuser’,‘–allow-root’]
#c.KubeSpawner.args = [‘–allow-root’]

  from ldapauthenticator import LDAPAuthenticator
  from ldapauthenticator import LDAPAuthenticator

  class LDAPAuthenticatorInfo(LDAPAuthenticator):
      async def pre_spawn_start(self, user, spawner):
          auth_state = await user.get_auth_state()

          print(f"--------------------------------------------------------")
          self.log.debug(f"-----------------------------------------------")
          self.log.debug(f"pre_spawn_start auth_state: {auth_state}")
          self.log.debug(f"-----------------------------------------------")
          print(f"--------------------------------------------------------")

          if not auth_state:
              return

          spawner.environment["NB_UID"]  = str(auth_state["uidNumber"][0])
          spawner.environment["NB_GID"]  = str(auth_state["gidNumber"][0])
          spawner.environment["NB_USER"] = auth_state["uid"][0]
          spawner.environment["CHOWN_HOME"]  = "yes"
          spawner.environment["GRANT_SUDO"]  = "yes"
          #self.log.debug(f"pre_spawn_start spawner.env: {spawner.environment}")

  c.JupyterHub.authenticator_class = LDAPAuthenticatorInfo

CustomHubConfig: |
  c.JupyterHub.cleanup_servers = True

if i setup
singleuser:
cmd: jupyterhub-singleuser # this is values.yaml’s default value
the notebook default user is jovyan and uid:1000

if i setup:
singleuser:
cmd: # ← here i leave it blank
the notebook default user is jovyan and uid:1000

also i can’t use kubectl logs or kubectl logs <user’s-jupyter-pod-name> find self.log.debug information. is this right configuration?

Thank you again @manics @hiroyuki-sato

Topic		Replies	Views
LDAP uid/gid integration with jupyterhub/k8s-hub:0.9.0-beta.2 JupyterHub	1	1463	January 21, 2020
Z2JH Hot to change NB_UID/NB_GID using authenticator_class? Zero to JupyterHub on Kubernetes	24	1182	March 23, 2024
Unable to change uid inside the notebook while setting the spawner.environment['NB_UID'] successfully Zero to JupyterHub on Kubernetes jupyterhub , how-to , help-wanted	1	622	March 15, 2023
How do I set k8s JupyterHub user using Linux local user‘s uid and gid？’ JupyterHub	10	825	May 22, 2024
LDAPAuthenticator - keep same UID and GID numbers in the user docker container JupyterHub jupyterhub , how-to , help-wanted , notebook	1	1436	April 24, 2022

Can't Change jupyter/datascience-notebook UID and GID

value.yaml

Related topics