Honestly, I’m unable to connect to kernels with jupyterhub deployed via z2jh config to kubernates. I’m able to create users via api, I’m using null authenticator because I need to embed the notebook, however users can’t connect to kernel, the websocket connections fail etc.
I’m wandering if using dockerspawner instead fixes this. If so, how do I use it(deploy to aws)
config.yml
proxy:
secretToken: tuFslOftLZF2t7ECEUZeMgmfOaIdv1RX
service:
annotations:
service.beta.kubernetes.io/aws-load-balancer-ssl-cert: "arn:aws:acm:us-east-1:211125604315:certificate/610e78da-9cd3-456c-a4cc-5efabe8be247"
service.beta.kubernetes.io/aws-load-balancer-backend-protocol: "tcp"
service.beta.kubernetes.io/aws-load-balancer-ssl-ports: "https"
service.beta.kubernetes.io/aws-load-balancer-connection-idle-timeout: "3600"
https:
enabled: true
type: offload
debug:
enabled: true
scheduling:
userScheduler:
enabled: true
podPriority:
enabled: true
userPlaceholder:
enabled: true
replicas: 4
userPods:
nodeAffinity:
matchNodePurpose: require
cull:
enabled: true
timeout: 3600
every: 300
singleuser:
cpu:
limit: 4
guarantee: 0.05
memory:
limit: 4G
guarantee: 512M
cloudMetadata:
blockWithIptables: false
cmd: ["jupyterhub-singleuser", "--notebook-dir=/home/workspace"]
startTimeout: 600
defaultUrl: "/lab"
storage:
homeMountPath: /home/workspace
image:
name: jupyter/datascience-notebook
tag: latest
nodeSelector:
hub.jupyter.org/node-purpose: user
hub:
services:
datarango:
admin: true
name: datarango
api_token: secret-token
extraConfig:
myConfig.py: |
from jupyterhub.auth import Authenticator
from jupyterhub.handlers import BaseHandler
from traitlets import Unicode, default
from tornado import web
import codecs
from urllib.parse import urlparse, parse_qs
from jupyterhub.utils import url_path_join
class NullLoginHandler(BaseHandler):
def _get_user_data_from_request(self, nextUrl):
segments = nextUrl.split('/')
for i, segment in enumerate(segments):
if segment == 'user' and i + 1 < len(segments):
user_id = segments[i + 1]
if user_id:
return user_id.split('?')[0]
parsed_url = urlparse(nextUrl)
query_params = parse_qs(parsed_url.query)
client_id = query_params.get('client_id', [''])[0]
user = client_id.replace('jupyterhub-user-', '') if client_id else None
if user:
return user
return ""
async def get(self):
self.statsd.incr('login.request')
user_data = self._get_user_data_from_request(self.request.full_url())
if user_data == "":
user_data = self._get_user_data_from_request(self.get_next_url())
user = await self.login_user(user_data)
if user is None:
raise web.HTTPError(403)
else:
self.set_hub_cookie(user)
self.redirect(self.get_next_url(user))
class NullLogoutHandler(BaseHandler):
"""Log a user out from JupyterHub by clearing their login cookie
and then redirect to Null logout url to clear Null cookie."""
def get(self):
user = self.get_current_user()
if user:
self.log.info("User logged out: %s", user.name)
self.clear_login_cookie()
self.statsd.incr('logout')
self.redirect(self.authenticator.null_logout_url)
class NullAuthenticator(Authenticator):
null_logout_url = Unicode(
default_value='',
config=True,
help="""Url to logout from shibboleth SP.""")
@default("auto_login")
def _auto_login_default(self):
return True
async def authenticate(self, handler, data):
return {
'name': data
}
def get_handlers(self, app):
return [('/login', NullLoginHandler), ('/logout', NullLogoutHandler)]
c.JupyterHub.authenticator_class = NullAuthenticator
c.JupyterHub.tornado_settings = {
'slow_spawn_timeout': 0,
'headers': {
'Content-Security-Policy': 'frame-ancestors self *'
},
'cookie_options': {'SameSite': 'None', 'Secure': True}
}
c.Spawner.args = [
'''--ServerApp.tornado_settings={
'headers': {
'Content-Security-Policy': 'frame-ancestors self *',
},
'cookie_options': {'SameSite': 'None', 'Secure': True}
}'''
]