tessl/pypi-jupyterhub
A multi-user server for Jupyter notebooks that provides authentication, spawning, and proxying for multiple users simultaneously
- Workspace
- tessl
- Visibility
- Public
- Created
- Last updated
- Describes
'%3e%3cpath%20d='M3.389%209.069c0-.009.043-.033.029-.044L.029%207.77l3.287-1.197L6.574%207.77l.106.083.005%204-3.297%201.185V9.068ZM13.582%209.32V2.74l3.405%201.238v4.104L13.583%209.32ZM10.253%2014.66l-3.476%201.268v-4.027l3.476-1.313v4.072ZM10.253%2010.558l-3.476%201.239V7.784l3.476-1.268v4.042ZM10.253%2014.719v3.968L6.777%2020v-3.998l3.476-1.283ZM17%208.139v4.042l-3.418%201.239V9.378L17%208.138ZM3.3%2017.168%200%2015.943v-4.027l3.3%201.224v4.028ZM6.69%2011.916v4.027l-3.302%201.225v-4.072l3.301-1.18ZM6.69%203.743v4.012l-3.33-1.21V2.564l3.33%201.18Z'/%3e%3cpath%20d='M3.3%2013.066%200%2011.842V7.844l3.3%201.224v3.998ZM13.524%209.334l-.175.088.175-.014v4.027l-3.152%201.183-.06-.032v-3.983l1.986-.767-.111.006-1.876.657V6.531l3.213-1.224v4.027Zm-.263.133c-.065.008-.198.023-.233.088.065-.008.198-.023.233-.088Zm-.321.118c-.065.008-.198.023-.233.088.065-.009.198-.023.233-.088Zm-.321.118c-.066.008-.199.023-.234.088.065-.008.199-.023.234-.088ZM13.524%201.266v3.968l-3.213%201.195V2.46l3.213-1.194ZM10.253%202.475v3.968L6.777%207.726V3.743l3.476-1.268ZM8.2%204.458c-.304.064-.627.5-.708.79-.27.963.636%201.081%201.091.364.277-.437.354-1.308-.383-1.154ZM13.524%2013.51v3.983l-3.17%201.177c-.011%200-.043-.067-.043-.07v-3.895l3.213-1.195Zm-.884%201.63c-.495.085-1.068%201.015-.676%201.435.483.517%201.502-.636%201.147-1.246-.098-.169-.286-.221-.47-.19ZM10.165%202.387l-.037.065-3.395%201.249-3.345-1.212L6.88%201.21l3.285%201.178ZM13.437%201.177l-.088.073-3.057%201.127-3.034-1.082-.277-.133L10.151%200l3.286%201.177Z'/%3e%3c/g%3e%3cdefs%3e%3cclipPath%20id='a'%3e%3cpath%20fill='%23fff'%20d='M0%200h17v20H0z'/%3e%3c/clipPath%3e%3c/defs%3e%3c/svg%3e){kind=small}
To install, run
npx @tessl/cli install tessl/pypi-jupyterhub@5.3.0index.mddocs/
JupyterHub
JupyterHub is a multi-user server for Jupyter notebooks that enables organizations to provide shared access to Jupyter notebook environments for multiple users simultaneously. It consists of three main components: a central Hub (tornado process) that manages authentication and user sessions, a configurable HTTP proxy that routes traffic, and multiple single-user Jupyter notebook servers that provide isolated computing environments for each user.
Package Information
- Package Name: jupyterhub
- Language: Python
- Installation:
pip install jupyterhub - Version: 5.3.0
Core Imports
# Main application class
from jupyterhub.app import JupyterHub
# Authentication system
from jupyterhub.auth import Authenticator, PAMAuthenticator, DummyAuthenticator
# Spawner system
from jupyterhub.spawner import Spawner, LocalProcessSpawner
# Database models
from jupyterhub.orm import User, Server, Group, Role, Service
# Configuration utilities
from jupyterhub.utils import new_token, hash_token, url_path_joinBasic Usage
Starting JupyterHub
# Command line (most common)
# jupyterhub --config=/path/to/jupyterhub_config.py
# Programmatic usage
from jupyterhub.app import JupyterHub
# Create application instance
app = JupyterHub()
app.initialize()
app.start()Basic Configuration
# jupyterhub_config.py
c = get_config()
# Basic settings
c.JupyterHub.ip = '0.0.0.0'
c.JupyterHub.port = 8000
c.JupyterHub.hub_ip = '127.0.0.1'
# Authentication
c.JupyterHub.authenticator_class = 'pam' # or 'dummy' for testing
# Spawner
c.JupyterHub.spawner_class = 'localprocess'
# Admin users
c.Authenticator.admin_users = {'admin'}
# Database
c.JupyterHub.db_url = 'sqlite:///jupyterhub.sqlite'Architecture
JupyterHub follows a hub-and-spoke architecture:
- Hub: Central server that manages authentication, user sessions, and configuration
- Proxy: Routes HTTP traffic between users and their notebook servers
- Spawners: Create and manage individual notebook servers for each user
- Authenticators: Handle user authentication via various backends
- Database: Stores user, server, and configuration state
The plugin architecture allows custom implementations of authenticators, spawners, and proxies through Python entry points, making JupyterHub highly extensible for different deployment scenarios.
Capabilities
Core Application Management
Main JupyterHub application class and configuration management for orchestrating the multi-user notebook server system.
class JupyterHub(Application):
def initialize(self, argv=None): ...
def start(self): ...
def stop(self): ...
def main(argv=None): ...Authentication System
Pluggable authentication system supporting multiple backends including PAM, OAuth, LDAP, and custom authenticators.
class Authenticator(LoggingConfigurable):
async def authenticate(self, handler, data): ...
async def pre_spawn_start(self, user, spawner): ...
def pre_spawn_hook(self, spawner): ...
class PAMAuthenticator(LocalAuthenticator): ...
class DummyAuthenticator(Authenticator): ...
class NullAuthenticator(Authenticator): ...Spawner System
System for creating and managing single-user notebook servers with support for local processes, containers, and cloud platforms.
class Spawner(LoggingConfigurable):
async def start(self): ...
async def stop(self, now=False): ...
async def poll(self): ...
class LocalProcessSpawner(Spawner): ...
class SimpleLocalProcessSpawner(LocalProcessSpawner): ...Database Models and ORM
SQLAlchemy-based database models for persistent storage of users, servers, groups, roles, and authentication state.
class User(Base):
name: str
admin: bool
servers: List[Server]
groups: List[Group]
class Server(Base):
name: str
user: User
url: str
state: Dict[str, Any]
class Group(Base):
name: str
users: List[User]
roles: List[Role]
class Role(Base):
name: str
description: str
scopes: List[str]REST API System
Complete REST API for external integration and management of JupyterHub resources including users, groups, services, and servers.
class APIHandler(BaseHandler):
def get_current_user(self): ...
def check_xsrf_cookie(self): ...
# API endpoints at /api/*
# - /api/users - User management
# - /api/groups - Group management
# - /api/services - Service management
# - /api/proxy - Proxy managementRole-Based Access Control (RBAC)
Comprehensive permission system with roles, scopes, and fine-grained access control for users, groups, and services.
def get_default_roles() -> Dict[str, Dict[str, Any]]: ...
scope_definitions: Dict[str, str] # All available scopes
class Role(Base):
name: str
scopes: List[str]
users: List[User]
groups: List[Group]Service Integration
System for integrating external services with JupyterHub authentication and authorization, including OAuth provider capabilities.
class Service:
def __init__(self, **kwargs): ...
# OAuth provider
class OAuthClient(Base): ...
class OAuthCode(Base): ...Configuration and Utilities
Configuration system using traitlets and utility functions for tokens, URLs, SSL, and other common operations.
# Configuration traitlets
class Command(TraitType): ...
class URLPrefix(TraitType): ...
class ByteSpecification(TraitType): ...
# Utility functions
def new_token(length=32, entropy=None) -> str: ...
def hash_token(token: str, salt=None, rounds=16384) -> str: ...
def url_path_join(*pieces) -> str: ...
def make_ssl_context(keyfile, certfile, **kwargs): ...Single-user Server Integration
Tools and mixins for creating Hub-authenticated single-user servers and Jupyter server extensions.
def make_singleuser_app(cls): ...
class HubAuthenticatedHandler(BaseHandler): ...
def _jupyter_server_extension_points() -> List[Dict[str, Any]]: ...Monitoring and Metrics
Prometheus metrics collection and monitoring capabilities for tracking system performance and usage.
# Prometheus metrics
TOTAL_USERS: Gauge
RUNNING_SERVERS: Gauge
REQUEST_DURATION_SECONDS: Histogram
class PeriodicMetricsCollector:
def __init__(self, app): ...
async def collect_metrics(self): ...Types
# Configuration types
Config = Dict[str, Any]
UserDict = Dict[str, User]
# Authentication types
AuthModel = Dict[str, Any]
UserInfo = Dict[str, Any]
# Server types
ServerState = Dict[str, Any]
SpawnerOptions = Dict[str, Any]
# API types
APIResponse = Dict[str, Any]
APIError = Dict[str, str]
# OAuth types
OAuthToken = Dict[str, Any]
OAuthScope = str