search

jupyterhub / helm-chart

A store of Helm chart tarballs for deploying JupyterHub and BinderHub on a Kubernetes cluster
https://jupyterhub.github.io/helm-chart/
188 stars 74 forks source link

Add support for LDAP Authenticator #55

Closed peon-pasado-zeitnot closed 7 years ago

peon-pasado-zeitnot commented 7 years ago

https://github.com/jupyterhub/ldapauthenticator

peon-pasado-zeitnot commented 7 years ago

Perhaps it could be solved with https://github.com/jupyterhub/helm-chart/pull/53

peon-pasado-zeitnot commented 7 years ago

I managed to configure it. example config

hub:
  # output of first execution of 'openssl rand -hex 32'
  cookieSecret: "CHANGEME"
proxy:
  # output of second execution of 'openssl rand -hex 32'
  secretToken: "CHANGEME"
auth:
  type: "custom"
  custom:
    className: "ldapauthenticator.LDAPAuthenticator"
    config:
      bind_dn_template: "cn={username},cn=jupyterhub,dc=local,dc=io"
      server_address: "10.0.161.113"
      use_ssl: false

I tested it with this LDAP chart: https://github.com/samsung-cnct/k2-charts/tree/master/openldap

Obvious improvement - don't hard code server_address.

less obvious improvement - it requires custom docker image. I setup automated build for image with jupyterhub-ldapauthenticator: https://hub.docker.com/r/viroos/helm-chart/~/dockerfile/

yuvipanda commented 7 years ago

I've moved this to https://github.com/jupyterhub/zero-to-jupyterhub-k8s/issues/173 and think it's a thing we should do in the near future! Thank you for documenting how you have it working right now!