Our consultancy Cogito Group recently deployed Zero-to-jupyterhub-k8s and Enterprise Gateway to several on-premise installations of Kubernetes. Once we got the stack working we made some enhancements to allow it to integrate with their existing Windows infrastructure; Active Directory (AD) and Distributed File System (DFS) and would like to share our findings with others. Some of the enhancements made:
- Notebook users login with AD with “Single Sign On” experience:
- Kerberos tickets are then stored in encrypted k8s secrets with “X” hour expiration.
- Credentials are passed-through to JupyterLab notebooks and Enterprise kernels so they can execute pre-authenticated Python scripts as that AD user
- AD user home drives hosted in DFS are mounted into Jupyter Notebook home
- Repeatable deployments of entire Jupyter stack
- Less than 1 minute to deploy Jupyter stack; JupyterHub/EnterpriseGateway/JupyterLab/Ingress
- Each new stack is deployed into a new k8s namespace eg. jupter-dev.ad.domain -> jupyter.jupyter-dev.svc.cluster.local
To demonstrate the power and flexibility of zero-to-jupyterhub-k8s we’d like to host a free webinar and invite the Jupyter community, what would be the best way to do that?