Username and Home handle by PAM

[sundh4]

Dear All,

I've manage running Kubespawner on my Jupyterhub and kubernetes cluster environment. All my kube master and node are handle by pam auth which is will used same LDAP server to get the user informations and authentication. I able login into Jupyterhub with my user on LDAP Server, but when the Pods running in this case Notebook Server, it always running as user 'jovyan'. Is there a way to make:

1. Running pod (Notebook server) will spawning as LDAP user same as what we authenticated on Jupyterhub?
2. Is there a way to use same home directory path as LDAP information provide?

Please advise.

Thank you

[manics]

Have a look at https://discourse.jupyter.org/t/starting-single-user-notebook-with-our-custom-ldap-docker-image/881/3

[sundh4]

Hi @manics Thank you so much for your help, it such a good modification there! Now i able to login with LDAP as well as mapping the user information. The only thing i miss here regarding Storage, how we can mounted /home/{username} from the machine itself to docker?

Thank you.

[sundh4]

Regarding the Home mount, i can solved the issue by using:

c.KubeSpawner.volumes = [
{
'name': 'home-{username}',
'hostPath': {
'path': '/home/{username}',
'type': 'Directory'
}

    #'persistentVolumeClaim': {
        #'claimName': 'claim-{username}-home'
        #}
    }
]
c.KubeSpawner.volume_mounts = [
   {
    'name': 'home-{username}',
    'mountPath': '/home/{username}'
   }
]

Another issue i found when changing UID and GID it seems so slow if i have lot of files on Home folder (Almost 1minute) . Here the logs on kube pods:

2019-12-12T09:33:51.709216145Z Set xyz UID to: 10001 
2019-12-12T09:34:01.641862601Z Add xyz to group: 10000

Is there anything we can do regarding this? Please advise @manics @minrk

Thanks

[sundh4]

Hi All,

I can solved the issue by modifying start.sh script when handling Set uid and GID. Closing this Thanks.