Not working with Jupyter 4.3
aiguofer opened this issue · 6 comments
Haven't had time to dig much into it, but it looks like call to /api/kernels is getting a 403, possibly due to the security changes that they made. Btw, my notebook is running with
c.NotebookApp.token = ''
c.NotebookApp.password = ''
here's what I see in console:
dashboard.js:108 Error: Failed to create kernel: API request failed (403): Forbidden
at kernel.js:65
Here's what I see on the jupyter server logs:
[W 23:05:54.952 NotebookApp] 403 POST /api/kernels (10.10.176.61): '_xsrf' argument missing from POST
[W 23:05:54.964 NotebookApp] 403 POST /api/kernels (10.10.176.61) 13.52ms referer=None
This Jupyter release blog post describes the problem. To quote:
The use of the xsrf token affects existing extensions / etc. that work directly with the notebook server via REST API. To make requests to the rest API, the _xsrf cookie must be sent back to the server in the X-XSRF-Token header of API requests.
The dashboard server is a nodejs app. It requires a running jupyter kernel gateway instance. I'm not clear where the notebook server fits into your setup.
The notebook server has auth mechanisms mean for users such as password, cookies, and temp keys. The kernel gateway is more attuned to programmatic auth and access via API tokens.
Those differences aside, I think the kernel gateway ignores the new temp key auth added in notebook 4.3. It should continue working as before, but I've not tried it yet.
Using a notebook server instead of kernel gateway with the dashboard server is not something we've tested before. I'm happy to take PRs if you'd like to make it a supported option.
Ahh thanks for the explanation! I just set up the latest kernel gateway and it is indeed working. If I have time later on I might take a stab at this since I do find it a bit redundant to run both the notebook and the gateway (and I don't need to scale at this point).