How to use ssh to Z-JH in local cluster

zhuzeyu22 · November 25, 2021, 2:34pm

It’s a good idea for data scientist.
They can use vscode to link the single note-book by ssh , it useful to debug .

Now , Let me say how I practice .

1、The latest helm version 1.2.0 is seem stable .

2、Use jupyterhub-ssh to build a jupyterhub-ssh service.By the way, we have choose a version at first.

https://yuvipanda.github.io/jupyterhub-ssh/index.yaml

3、Use the special value for zero-to-jupyter.
proxy.https.enable must be true. for TLS
proxy.https.type must be letsencrypt. for start deployment auto-https
proxy.https.host can’t empty

4、change traefik extraStaticConfig, I think I need dnsChallenge in local cluster.
I blocked in this step , learning traefik now , anybody have some suggestions ?

5、Now traefik is useless, and I can give up TLS , so , just change service port to jupyter-ssh is greate, and delete useless network policy, fine.

zhuzeyu22 · November 25, 2021, 2:40pm

I also have cert-manager build certs, But I don’t know how to use it , The cert.yaml is like this.

---
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
  name: jupyterhub-self-signing-issuer
spec:
  selfSigned: {}

---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
  name: jupyterhub-cert
  namespace: jupyterhub-system
spec:
  dnsNames:
    - hub.jupyterhub-system.svc.cluster.local
  isCA: true
  secretName: jupyterhub-tls
  issuerRef:
    name: jupyterhub-self-signing-issuer
    kind: ClusterIssuer

zhuzeyu22 · November 26, 2021, 11:57am

OK, then I give up to use traefik, because it was so difficult to use , delete some useless things, and do not use TLS , It’s so happy to use JH , So greate, ssh done.