I am trying to set up a Jupyterhub installation for use in our research group. A similar setup might be needed for people running courses etc.
The idea is to use a single, powerful workstation that is shared between a few users to serve various
jupyter-remote-desktop images for various tasks that require more CPU/RAM and better connectivity to the data store than users have on their local machines.
There are various issues around user authentication, volume permissions and user IDs that I see touched on in various threads here and in various tutorials but I don’t seem to manage to put them all together.
My setup is a workstation running Ubuntu 20.04, with minikube installed and jupyterhub installed from the helm chart following the instructions from zero2JH.
I have local unix users, let’s call them
mary, which all have a directory under
/home/<username> and additional storage under
/data/shared/<username>. Lets say they have UIDs
202 respectively, and all belong to the same group. There is no LDAP.
What I would definitely like to have is:
- the users should be able to authenticate to jupyterhub using their normal unix password and username
- the users should be able to select from several jupyter desktop images
/data/shared/<username>volumes should be mounted as volumes to the started containers with the correct permissions, I assume that requires setting
NB_UIDenvironment variables somehow to e.g.
202when spawning a container for
What I am not sure about, and what I consider optional:
/home/<username>might be mounted as a volume and possibly also be the
/home/<username>HOME directory within the container (instead of
/home/jovyan). I am not 100% sure I want this, as the users might persist some
.bashrcor other config files that might mess up the standardized environment that I am trying to provide within the container or that is in conflict between regular
sshremote use of the workstation and use with Jupyterhub.
I have managed to set up a basic
config.yaml that allows users (that I manually add) to log in and also to provide them a choice of docker images to start.
Now there are several things I am struggeling with. I will end this post with one concrete question and will add to the thread with additional questions as they arise:
I don’t quite understand how to provide correct user names and user IDs. I have seen some examples of more complicated cases (e.g. for LDAP) where people are using a custom authenticator written in Python which then use this to set
I don’t know whether I need to write a custom authenticator for this simple use case or can just use one of the provided ones? And how do I get the username and user id from the authenticator to pass it to the spawner? A little snippet to put into
config.yaml for the helm chart woud be greatly appreciated.