Zero to JupyterHub and Red Hat Openshift

Hello all,

I’ve checked this project with great interest more then a year ago. But it seemed at the time that the project wasn’t ready to use on Red Hat OpenShift. I’ve checked again today but it seems that this is still the case.

The docs are pointing to a project by Graham Dumpleton:
https://zero-to-jupyterhub.readthedocs.io/en/latest/kubernetes/redhat/step-zero-openshift.html

But this project is dead/not maintained for some years now. See also the reaction by Graham himself: Updating jupyterhub image on quay · Issue #38 · jupyter-on-openshift/jupyterhub-quickstart · GitHub

I’m wondering if someone was able to get Zero2JupyterHub working on OpenShift or that there are plans in the near future to make this possible?

In the meantime i’m trying to deploy myself but are running into security errors at the moment.
For example (I’m letting OpenShift decide on the containerSecurityContext settings) :

{"kind":"Status","apiVersion":"v1","metadata":{},"status":"Failure","message":"pods \"jupyter-tempj06\" is forbidden: unable to validate against any security context constraint: [provider \"anyuid\": Forbidden: not usable by user or serviceaccount, provider \"pipelines-scc\": Forbidden: not usable by user or serviceaccount, spec.initContainers[0].securityContext.runAsUser: Invalid value: 0: must be in the ranges: [1000990000, 1000999999], spec.initContainers[0].securityContext.privileged: Invalid value: true: Privileged containers are not allowed, spec.initContainers[0].securityContext.capabilities.add: Invalid value: \"NET_ADMIN\": capability may not be added,

Greets!

Ok, i’ve got it to work on OpenShift. Is there someone who is willing to look at my configuration and see if there is anything out of order?

And I’m willing to write some documentation for the z2jh site if needed

You could post/link it here, and hopefully people will take a look?

Sure thing!

I’ve uploaded:

  1. -zero-to-jupyterhub-k8s/config.yaml at ed25319221b23baec00a9cdeba4d5d70e92fe26e · BlueCog/-zero-to-jupyterhub-k8s · GitHub
  2. -zero-to-jupyterhub-k8s/specific-config.yaml at ed25319221b23baec00a9cdeba4d5d70e92fe26e · BlueCog/-zero-to-jupyterhub-k8s · GitHub

Main changes are:

  • unsetting SecurityContext settings
  • disabling autoscale funcions (were dealing with a solid set of nodes)
  • using the OpenShift Route funcionality in stead of a load balancer

Specific-config.yaml is adding an OpenShift Route (to the proxy service) and two PVC’s. This is an override for a custom created Helm template (do deploy along side of Z2JH)

I’m wondering if someone want’s to take a look at the settings and if there is anything out of order or that should be configured otherwise.

P.s. I’ve imported all images due air gapped environments. I’m only using k8s-hub, configurable-http-proxy and k8s.gcr.io/pause in our deployment.

2 Likes

Hey there, I literally signed up just to say THANK YOU! I have been stuck on deploying JupyterHub on OpenShift for days now. I am also very new to JupyterHub. I’m not sure if I am allowed to post this here but I will pay for a basic guide from start to finish if possible!

I tried following this and I keep getting:

JupyterHub proxy:851] api_request to the proxy failed with status code 599, retrying…
[E 2022-02-02 19:54:29.748 JupyterHub app:2973]
Traceback (most recent call last):
File “/usr/local/lib/python3.8/dist-packages/jupyterhub/app.py”, line 2971, in launch_instance_async
await self.start()
File “/usr/local/lib/python3.8/dist-packages/jupyterhub/app.py”, line 2746, in start
await self.proxy.get_all_routes()
File “/usr/local/lib/python3.8/dist-packages/jupyterhub/proxy.py”, line 898, in get_all_routes
resp = await self.api_request(’’, client=client)
File “/usr/local/lib/python3.8/dist-packages/jupyterhub/proxy.py”, line 862, in api_request
result = await exponential_backoff(
File “/usr/local/lib/python3.8/dist-packages/jupyterhub/utils.py”, line 184, in exponential_backoff
raise TimeoutError(fail_message)
TimeoutError: Repeated api_request to proxy path “” failed.

I would really appreciate any help getting JupyterHub deployed in OpenShift!

EDIT:
I was finally able to get past this issue by creating a network policy according to this: Kubernetes - Api_request to the proxy failed with status code 599, retrying - #9 by dprateek1991

hi unknownsolo,

Maybe the network policy you noted is specific to your OpenShift environment. I’m not sure. But great that you got it working!