如何运行隔离的jupyterhub笔记本
[英]How to run isolated jupyterhub notebooks
问题描述
I'm running a jupyterhub using sudospawner on CentOS7 server. 
我正在CentOS7服务器上使用sudospawner运行jupyterhub。 The purpose of jupyterhub is twofold jupyterhub的目的是双重的
- Ensure everyone has the exact same conda packages when we run production code 运行生产代码时,确保每个人都拥有完全相同的conda软件包
- Allow people to use multiple instances of the same notebook (where we keep all our visualization tools) and not edit each other's local versions. 允许人们使用同一笔记本(我们保留所有可视化工具的位置)的多个实例,而不用编辑彼此的本地版本。
Initially when I was installing jupyterhub, someone told me that different users would be able to run isolated versions of the same notebook. 最初,当我安装jupyterhub时,有人告诉我,不同的用户将能够运行同一笔记本的隔离版本。 In other words, if person A were to change a parameter in a master notebook from "foo" to "bar" this wouldn't cause B's single-user notebook to change, since each person is spawning a separate server. 换句话说,如果人A将主笔记本中的参数从“ foo”更改为“ bar”,则不会导致B的单用户笔记本发生变化,因为每个人都在生成单独的服务器。
However, now that it's actually installed, I find out that this is not the case. 但是,既然已经实际安装了,我发现情况并非如此。 As long as I have the right permissions, I can change anyone's notebook, and this change is reflected across anyone who has the notebook open. 只要我拥有正确的权限,就可以更改任何人的笔记本,并且此更改会在打开笔记本的任何人中反映出来。 This defeats point #2. 这击败了第二点。 I want persons A, B, C to all use the same notebook N without changes being reflected on each person's local machine. 我希望A,B,C所有人都使用同一笔记本N,而不会在每个人的本地计算机上反映出更改。
Now I have thought of a solution where we keep a git repo of the master notebook and run some code to automatically pull the repo into each person's local dir upon logging in. However, is there a simpler way or more accepted way to accomplish the same thing with just jupyterhub configuration commands? 现在,我想到了一个解决方案,其中我们保留主笔记本的git repo并运行一些代码以在登录时自动将repo放入每个人的本地目录中。但是,有没有更简单的方法或更被接受的方法来完成此操作只需jupyterhub配置命令就能完成?
1 个解决方案
解决方案1
0 2018-09-17 20:16:16
If you set up jupyterhub on a linux server then file permissions will take care of this. 如果您在Linux服务器上设置jupyterhub,则文件权限将解决此问题。 My setup using SudoSpawner and PAM authentication on a personal CENTOS 7 server: 我在个人CENTOS 7服务器上使用SudoSpawner和PAM身份验证的设置:
- Install anaconda in /opt/ with svc account as owner 使用/ svc帐户作为所有者在/ opt /中安装anaconda
- Have service account create /opt/notebooks/{userid} for each userid with permissions 770 (full permission for owner and group, none for other) 让服务帐户为每个具有权限770的用户ID创建/ opt / notebooks / {userid}(所有者和组具有完全许可权,其他用户则没有)
- Have jupyternotebooks spawn in /opt/notebooks/{userid} depending on userid 根据用户ID在/ opt / notebooks / {userid}中生成jupyternotebooks
- For each new notebook, set default permissions as 740 (full permission for owner, read only for group, none for other). 对于每个新笔记本,将默认权限设置为740(所有者的完全权限,组的只读权限,其他用户则无权限)。
- Only owner can save write and save his own notebooks. 只有所有者可以保存书写并保存自己的笔记本。 Others can see, edit, and execute code in another person's notebook, but cannot save changes. 其他人可以在他人的笔记本中查看,编辑和执行代码,但无法保存更改。 In theory you could create a notebook in someone else's folder but this would be heavily discouraged (not explicitly forbidden though). 从理论上讲,您可以在其他人的文件夹中创建一个笔记本,但是强烈建议不要这样做(尽管没有明确禁止)。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.