JupyterHub Configuration Guide¶

Documentation¶

Authentication Guide - Setup GitHub OAuth and native authentication
User Management Guide - Batch user operations with scripts
User Quota System - Resource usage tracking and quota management
GitHub OAuth Setup - Step-by-step OAuth configuration

How to setup runtime/values.yaml ¶

PrePuller settings¶

Example:

prePuller:
  extraImages:
    aup-cpu-notebook:
      name: ghcr.io/amdresearch/aup-cpu-notebook
      tag: v1.0
    ...

    #for frontpage
    aup-jupyterhub-hub:
      name: ghcr.io/amdresearch/aup-jupyterhub-hub
      tag: v1.3.5-multilogin

It is recommended to include as many images as you plan to deploy. This section ensures that all images are pre-downloaded on each node, preventing delays during container startup due to image downloads.

Network settings¶

Two access methods are supported:

NodePort access via <ip>:<port> (port > 30000)
Domain access (Default) <Your.domain>

Example NodePort setup. With this configuration, ingress should be disabled.

proxy:
  service:
    type: NodePort
    nodePorts:
      http: 30890
  chp:
    networkPolicy:
      enabled: false
ingress:
  enabled: false
  # Explicitly set the ingress class to traefik
  ingressClassName: traefik
  hosts:
  tls:
    - hosts:
      # Let K3s/Traefik auto-generate certificates with Let's Encrypt
      secretName: 

Example Domain setup. Note that you should obtain the domain from your IT department.

proxy:
  service:
    type: ClusterIP
# Add Ingress configuration specifically for K3s
ingress:
  enabled: true
  # Explicitly set the ingress class to traefik
  ingressClassName: traefik
  hosts:
    - <Your.domain>
  tls:
    - hosts:
        - <Your.domain>
      # Let K3s/Traefik auto-generate certificates with Let's Encrypt
      secretName: jupyter-tls-cert

Hub image setup¶

Update this section with your built Docker image.

  image:
    name: ghcr.io/amdresearch/aup-jupyterhub-hub
    tag: v1.3.5-multilogin
    pullPolicy: IfNotPresent
    pullSecrets:
      - github-registry-secret

Update Announcement on login page¶

Edit the stringData section with HTML content to display announcements on the login page.

  extraFiles:
    announcement.txt:
      mountPath: /usr/local/share/jupyterhub/static/announcement.txt
      stringData: |
          <div class="announcement-box" style="padding: 1em; border: 1px solid #ccc; border-radius: 6px; background-color: #f8f8f8;">
          <h3>Welcome to AUP Remote Lab!</h3>
          <p>This is a <strong>dynamic announcement</strong>.</p>
          <p>My location is on <code>runtime/values.yaml</code></p>
          <p>You can edit this via <strong>ConfigMap</strong> without rebuilding the image.</p>
          </div>

Provide Github OAuth Credentials¶

Refer to this article for information on setting up GitHub OAuth with GitHub Organizations.

Fill in this section with credentials from your organization’s OAuth app. Please note that the oauth_callback_url should match your actual deployment. For a simple GitHub OAuth-only solution, use https://<Your.domain>/hub/oauth_callback. Since we are using MultiAuth, we need github to identify that we are using GitHubOAuth.

    GitHubOAuthenticator:
      oauth_callback_url: "https://<Your.domain>/hub/github/oauth_callback"
      client_id: "AAAA"
      client_secret: "BBB"
      allowed_organizations:
        - <YOUR-ORG-NAME>
      scope:
        - read:user
        - read:org

NFS Storage setting¶

Refer to Cluster-NFS-Setting.

  storage:
    dynamic:
      storageClass: nfs-client

After¶

You should run helm upgrade to apply the changes.