1 year ago
#348425
Fedor Petrov
JupyterHub custom DockerSpawner to bind different shared volumes based on LDAP group membership
Users and groups are managed by LDAPAuthenticator.
c.JupyterHub.authenticator_class = 'ldapauthenticator.LDAPAuthenticator'
c.LDAPAuthenticator.allowed_groups = [...]
....
DockerSpawner is currently used to bind shared and individual volumes e.g
c.DockerSpawner.volumes = { 'jupyterhub-user-{username}': os.path.join(notebook_dir, 'MyNotebooks'),
'notebook-data': {'bind': os.path.join(notebook_dir, 'SharedData'), 'mode': 'ro'},
'deployment_shared-notebooks': {'bind': os.path.join(notebook_dir, 'SharedNotebooks'), 'mode': 'ro'}
}
This way the volumes are mounted for all the user from c.LDAPAuthenticator.allowed_groups. I've found a snippet here (https://github.com/jupyterhub/dockerspawner/issues/239) showing how to make custom Spawner to mount volumes based on the username:
from dockerspawner import DockerSpawner
class MyDockerSpawner(DockerSpawner):
team_map = {
'username1': 'team-a',
'username2': 'team-b',
'username3': 'team-a',
}
def start(self):
if self.user.name in self.team_map:
team = self.team_map[self.user.name]
# add team volume to volumes
self.volumes['/directory/jupyterhub-team-{}'.format(team)] = {
'bind': '/home/jovyan/teamfolder',
'mode': 'rw', # or ro for read-only
}
return super().start()
How can a similar functionality be achieved based on LDAP user groups? e.g. only mount an additional specific volume when a user is a memember of cn=certificateAdmin,ou=groups
docker
jupyter-lab
docker-volume
jupyterhub
0 Answers
Your Answer