I can answer one bit of you post
psychemedia:
Inside the image, do you always use the same user account name (e.g. the Jupyter default is jovyan ), or another name ( user , student etc) or maybe you found a way to dynamically set a user account with a parameterised name when the container is launched (if so, how? And how is persistent volume mounting handled?)
I’m assuming you’re using an external authenticator such as LDAP, OAuth, etc, where you can obtain a username and perhaps a UID. You can configure your docker image to switch to that user. For example
Wow!. This is exactly what we want.
I’ve problems in order to get group id, but I don’t worry about it right now.
[image]
Thanks a lot
Hello,
I’m using LDAP authentication to authenticate users for our Jupyterhub running in Kubernetes (using z2jh helm chart).
Currently, I’m trying to get the singleuser servers to run as the user, with the proper UID and GID provided from LDAP. I can set that up just fine using auth_state_attributes and can pull that in through extraConfig to set NB_USER, NB_UID, NB_GID but am still running into issues getting the singleuser server to run with those respectively.
I’ve tried following the solu…
Persistent volume mounting already defaults to using a template based on the username
pvc_name_template = Unicode(
'claim-{username}--{servername}',
config=True,
help="""
Template to use to form the name of user's pvc.
`{username}` is expanded to the escaped, dns-label safe username.
`{servername}` is expanded to the escaped, dns-label-safe server name, if any.
Trailing `-` characters are stripped for safe handling of empty server names (user default servers).
This must be unique within the namespace the pvc are being spawned
in, so if you are running multiple jupyterhubs spawning in the
same namespace, consider setting this to be something more unique.
.. versionchanged:: 0.12
`--` delimiter added to the template,
where it was implicitly added to the `servername` field before.
Additionally, `username--servername` delimiter was `-` instead of `--`,
allowing collisions in certain circumstances.
show original
or have I misunderstood what you’re asking?
2 Likes
