##// END OF EJS Templates
Merge pull request #3831 from minrk/nbdoc...
Merge pull request #3831 from minrk/nbdoc update nbconvert doc with new CLI

File last commit:

r11793:0143571c
r11849:6f6d9e61 merge
Show More
working_remotely.rst
182 lines | 6.9 KiB | text/x-rst | RstLexer
David P. Sanders
Initial refactoring of htmlnotebook.txt into 3 parts....
r11792 .. _working_remotely.txt
Working remotely
================
The IPython Notebook web app is based on a server-client structure.
This server uses a two-process kernel architecture based on ZeroMQ, as well as
Tornado for serving HTTP requests. Other clients may connect to the same
underlying IPython kernel; see below.
.. _notebook_security:
Security
--------
You can protect your Notebook server with a simple single password by
setting the :attr:`NotebookApp.password` configurable. You can prepare a
hashed password using the function :func:`IPython.lib.security.passwd`:
.. sourcecode:: ipython
In [1]: from IPython.lib import passwd
In [2]: passwd()
Enter password:
Verify password:
Out[2]: 'sha1:67c9e60bb8b6:9ffede0825894254b2e042ea597d771089e11aed'
.. note::
:func:`~IPython.lib.security.passwd` can also take the password as a string
argument. **Do not** pass it as an argument inside an IPython session, as it
will be saved in your input history.
You can then add this to your :file:`ipython_notebook_config.py`, e.g.::
# Password to use for web authentication
c = get_config()
c.NotebookApp.password =
u'sha1:67c9e60bb8b6:9ffede0825894254b2e042ea597d771089e11aed'
When using a password, it is a good idea to also use SSL, so that your
password is not sent unencrypted by your browser. You can start the notebook
to communicate via a secure protocol mode using a self-signed certificate with
the command::
$ ipython notebook --certfile=mycert.pem
.. note::
A self-signed certificate can be generated with ``openssl``. For example,
the following command will create a certificate valid for 365 days with
both the key and certificate data written to the same file::
$ openssl req -x509 -nodes -days 365 -newkey rsa:1024 -keyout mycert.
pem -out mycert.pem
Your browser will warn you of a dangerous certificate because it is
self-signed. If you want to have a fully compliant certificate that will not
raise warnings, it is possible (but rather involved) to obtain one,
`as explained in detailed in this tutorial`__.
.. __: http://arstechnica.com/security/news/2009/12/how-to-get-set-with-a-
secure-sertificate-for-free.ars
Keep in mind that when you enable SSL support, you will need to access the
notebook server over ``https://``, not over plain ``http://``. The startup
message from the server prints this, but it is easy to overlook and think the
server is for some reason non-responsive.
Connecting to an existing kernel
---------------------------------
The notebook server always prints to the terminal the full details of
how to connect to each kernel, with messages such as the following::
[IPKernelApp] To connect another client to this kernel, use:
[IPKernelApp] --existing kernel-3bb93edd-6b5a-455c-99c8-3b658f45dde5.json
This long string is the name of a JSON file that contains all the port and
validation information necessary to connect to the kernel. You can then, for
example, manually start a Qt console connected to the *same* kernel with::
$ ipython qtconsole --existing
kernel-3bb93edd-6b5a-455c-99c8-3b658f45dde5.json
If you have only a single kernel running, simply typing::
$ ipython qtconsole --existing
will automatically find it. (It will always find the most recently
started kernel if there is more than one.) You can also request this
connection data by typing ``%connect_info``; this will print the same
file information as well as the content of the JSON data structure it
contains.
Running a public notebook server
--------------------------------
If you want to access your notebook server remotely via a web browser,
you can do the following.
Start by creating a certificate file and a hashed password, as explained
above. Then create a custom profile for the notebook, with the following
command line, type::
$ ipython profile create nbserver
In the profile directory just created, edit the file
``ipython_notebook_config.py``. By default, the file has all fields
commented; the minimum set you need to uncomment and edit is the following::
c = get_config()
# Kernel config
c.IPKernelApp.pylab = 'inline' # if you want plotting support always
# Notebook config
c.NotebookApp.certfile = u'/absolute/path/to/your/certificate/mycert.pem'
c.NotebookApp.ip = '*'
c.NotebookApp.open_browser = False
c.NotebookApp.password = u'sha1:bcd259ccf...[your hashed password here]'
# It is a good idea to put it on a known, fixed port
c.NotebookApp.port = 9999
You can then start the notebook and access it later by pointing your browser
to ``https://your.host.com:9999`` with ``ipython notebook
--profile=nbserver``.
Running with a different URL prefix
-----------------------------------
The notebook dashboard (the landing page with an overview
of the notebooks in your working directory) typically lives at the URL
``http://localhost:8888/``. If you prefer that it lives, together with the
rest of the notebook, under a sub-directory,
e.g. ``http://localhost:8888/ipython/``, you can do so with
configuration options like the following (see above for instructions about
modifying ``ipython_notebook_config.py``)::
c.NotebookApp.base_project_url = '/ipython/'
c.NotebookApp.base_kernel_url = '/ipython/'
c.NotebookApp.webapp_settings = {'static_url_prefix':'/ipython/static/'}
Using a different notebook store
--------------------------------
By default, the Notebook app stores the notebook documents that it saves as
files in the working directory of the Notebook app, also known as the
``notebook_dir``. This logic is implemented in the
:class:`FileNotebookManager` class. However, the server can be configured to
use a different notebook manager class, which can
store the notebooks in a different format.
Currently, we ship a :class:`AzureNotebookManager` class that stores notebooks
in Azure blob storage. This can be used by adding the following lines to your
``ipython_notebook_config.py`` file::
c.NotebookApp.notebook_manager_class =
'IPython.html.services.notebooks.azurenbmanager.AzureNotebookManager'
c.AzureNotebookManager.account_name = u'paste_your_account_name_here'
c.AzureNotebookManager.account_key = u'paste_your_account_key_here'
c.AzureNotebookManager.container = u'notebooks'
In addition to providing your Azure Blob Storage account name and key, you
will have to provide a container name; you can use multiple containers to
organize your notebooks.
Known issues
------------
When behind a proxy, especially if your system or browser is set to autodetect
the proxy, the Notebook app might fail to connect to the server's websockets,
and present you with a warning at startup. In this case, you need to configure
your system not to use the proxy for the server's address.
For example, in Firefox, go to the Preferences panel, Advanced section,
Network tab, click 'Settings...', and add the address of the notebook server
to the 'No proxy for' field.