open rstudio session for multi-user in jupyterhub

jupyterhub / jupyter-rsession-proxy

Jupyter extensions for running an RStudio rsession proxy

BSD 3-Clause "New" or "Revised" License

118 stars 87 forks source link

open rstudio session for multi-user in jupyterhub #64

Open ssssssophia opened 5 years ago

ssssssophia commented 5 years ago

Whether it is possible to open multi rstudio sessions in a multi-user jupyterhub environment with the Jupyter-rsession-proxy extension? I have already installed the Jupyter-rsession-proxy and could open rstudio session for one user. But when I switch to another user, the rstudio session didn't work. It showed 500 : Internal Server Error, the error was could not start rstudio in time. Could anyone help me with that?

ryanlovett commented 5 years ago

If the user sessions are not containerized and can run on the same node, multiple rserver processes will conflict since they expect to own the same directory in /tmp/. The second rserver process fails because it cannot write to the directory in /tmp/ that is owned by the first user.

One workaround is to namespace /tmp/ using something like pam_namespace. Your spawner would need to be PAM-aware.

wmaroy commented 4 years ago

@ryanlovett how to do this exactly? Or what workarounds are available at the moment to enable multi-user rstudio?

ryanlovett commented 4 years ago

@wmaroy One way I know of is pam_namespace, as mentioned above.

wil commented 4 years ago

I took a different approach by modifying the setup_rstudio function in jupyter_rsession_proxy/__init__.py to spawn rserver with the --secure-cookie-key-file option with a user-specific path.

I'm happy to submit a PR if there is interest.

elijahc commented 4 years ago

@wil do you have a gist or example of what your setup_rstudio function looks like in jupyter_rsession_proxy/__init__.py for spawning rserver with --secure-cookie-key-file for multi users? I've also been trying to get this to work

wil commented 4 years ago

@elijahc I based it on #57 and updated it like this:

--- a.py    2020-02-05 18:02:17.000000000 +1100
+++ b.py    2020-02-05 18:02:41.000000000 +1100
@@ -58,8 +58,11 @@
             else:
                 raise FileNotFoundError('Can not find rserver in PATH')

+        cookie_dir = os.path.join(tempfile.gettempdir(), 'rstudio-server-{}'.format(getpass.getuser()))
+        os.makedirs(cookie_dir, mode=0o700, exist_ok=True)
         return [
             executable,
+            '--secure-cookie-key-file', os.path.join(cookie_dir, 'secure-cookie-key'),
             '--www-port=' + str(port)
         ]

ryanlovett commented 4 years ago

@wil Yes, it'd be great if you could submit a PR. Thanks for discovering this!

s-andrews commented 4 years ago

I tried to implement this, but couldn't get it to work. The most recently rstudio-server doesn't appear to have an option for --secure-cookie-key-file. Could this be an option specific to rstudio pro?

I tried with the --launcher-token arg token identifying session launcher option but that didn't seem to work and I'm not sure if it's an equivalent setting.