JupyterHub Operations Procedures

The PAGE BELOW has been deprecated and is included here for legacy.  For the current page go to https://scicomp.jlab.org/docs/JupyterHub

JupyterHub Overview

The jupyter notebook system is running via JupyterHub on a system called jupyter.jlab.org. So, it is available via the web as: https://jupyter.jlab.org/ . Access to the system requires users be configured for its use and added to the necessary authorizing group.

  • The initial deployment has the system configured as a VM with 4 vCPUs and 8GB RAM. 
  • For monitoring, the system is configured in ganglia within the Web Cluster.

Granting a new User Access

To grant a user access to the Jupyter Notebook/JupyterHub system, the account must be added to the appropriate group and a directory must be created.

Group Membership

JupyterHub allows access to users who are members of the jupyterusers group. This has two facets -- 

  • access control to the web service itself
  • granting permission for the system to spawn a child process as the desired user.

Adding the group membership for a user named newuser can be accomplished via the member-change tool on cni-adm1 with --

cni-adm1.jlab.org> member-change jupyterusers +newuser

Working Directory

As processes are spawned by the service, the default directory for them is set to /group/jupyterusers/<username> .

So, an appropriate directory must be created for the user, with owner/group set appropriately and with needed permissions. So, for a user named newuser, whose default group is defaultgroup the following commands should be run as root on a system with root/write access to /group (like cni-adm1) --

cni-adm1.jlab.org> sudo mkdir /group/jupyterusers/newuser
cni-adm1.jlab.org> sudo chown newuser:defaultgroup /group/jupyterusers/newuser
cni-adm1.jlab.org> sudo chmod 775 /group/jupyterusers/newuser