Changes in KubeSpawner#

Unreleased#

4.3#

4.3.0 - 2022-11-03#

New features added#

  • [KubeIngressProxy] Add common_labels option and expand username etc #653 (@dolfinus)

  • Add after_pod_created_hook #644 (@dolfinus)

  • Add storage_extra_annotations configuration, used when PVCs are created #630 (@TomHellier)

  • Add user_namespace_labels and user_namespace_annotations for use with enable_user_namespaces #612 (@zv0n)

Enhancements made#

  • Allow profile_options callable to be async #640 (@yuvipanda)

  • Set first value in profile-options as default when none is specified #631 (@GeorgianaElena)

  • Add “http” as a name to created k8s Services’ port (required by Istio) #614 (@ddebeau)

Bugs fixed#

Documentation improvements#

Continuous integration improvements#

Contributors to this release#

(GitHub contributors page for this release)

@abkfenris | @consideRatio | @ddebeau | @dolfinus | @GeorgianaElena | @manics | @minrk | @nikhiljha | @pre-commit-ci | @sgibson91 | @TomHellier | @welcome | @yuvipanda | @zv0n

4.2#

4.2.0 - 2022-08-29#

New features added#

  • Add storage_extra_annotations configuration, used when PVCs are created #630 (@TomHellier)

  • Add user_namespace_labels and user_namespace_annotations for use with enable_user_namespaces #612 (@zv0n)

Enhancements made#

  • Add “http” as a name to created k8s Services’ port (required by Istio) #614 (@ddebeau)

Bugs fixed#

Continuous integration#

  • ci: add dependabot to bump github action versions, and bump them #624 (@consideRatio)

Contributors to this release#

(GitHub contributors page for this release)

@abkfenris | @consideRatio | @ddebeau | @GeorgianaElena | @minrk | @nikhiljha | @sgibson91 | @TomHellier | @zv0n

4.1#

4.1.0 - 2022-05-19#

New features added#

  • Support dropdown list choices for profile_list profiles via profile_options #607 (@yuvipanda)

Maintenance and upkeep improvements#

Contributors to this release#

(GitHub contributors page for this release)

@consideRatio | @keniseli | @pre-commit-ci | @rabernat | @yuvipanda

4.0#

4.0.0 - 2022-04-23#

Breaking changes#

  • Support for use against k8s 1.17-1.19 is no longer maintained, please upgrade to k8s 1.20+ to ensure function.

  • If you have configured c.JupyterHub.proxy_class to use KubeIngressProxy, please read the notes in #598 along with the disclaimer for use of this JupyterHub proxy class.

New features added#

  • Add services_enabled to create a k8s Service for each user pod (enables use with Istio mTLS) #522 (@JJ11teen)

Bugs fixed#

  • [KubeIngressProxy] breaking: Migrate to networking.k8s.io/v1 api for Ingress resources #598 (@consideRatio)

Maintenance and upkeep improvements#

Continuous integration#

Contributors to this release#

(GitHub contributors page for this release)

@agt | @consideRatio | @JJ11teen | @yuvipanda | @zflamig

3.0#

3.0.2 - 2022-03-15#

Bugs fixed#

Maintenance and upkeep improvements#

Documentation improvements#

Contributors to this release#

(GitHub contributors page for this release)

@choldgraf | @consideRatio | @ondave | @yuvipanda

3.0.1 - 2022-03-14#

Bugs fixed#

3.0.0 - 2022-03-14#

This release replaces a synchronous Kubernetes client library with an async alternative, allowing the use of native Python async features.

Breaking changes#

  • Support for Python 3.6 dropped

  • The configuration k8s_api_threadpool_workers is removed as we don’t create threads any more, but now instead relies on scheduling everything to run in an event loop.

  • A dependency on the library kubernetes is replaced with a dependency on the library kubernetes_asyncio.

  • Methods considered internal to Kubespawner are now prefixed with _.

Maintenance and upkeep improvements#

Documentation improvements#

Contributors to this release#

(GitHub contributors page for this release)

@athornton | @choldgraf | @clkao | @consideRatio | @GeorgianaElena | @manics | @minrk | @rccern | @welcome | @yuvipanda

2.0#

2.0.1 - 2022-02-15#

Maintenance and upkeep improvements#

  • Support recent version of kubernetes client library (21.7.0) that introduced a breaking change #558 (@athornton)

Contributors to this release#

(GitHub contributors page for this release)

@athornton | @consideRatio | @minrk | @yuvipanda

2.0.0 - 2021-11-28#

Breaking changes#

A breaking change was introduced in #545, making the default value of allow_privilege_escalation be False. This means a user can’t use sudo unless allow_privilege_escalation is explicitly set to True. The JupyterHub user Pod that KubeSpawner creates will have a container with a securityContext that has allowPrivilegeEscalation set to false by default.

For reference, the following can be read about allowPrivilegeEscalation in Kubernetes official documentation:

AllowPrivilegeEscalation: Controls whether a process can gain more privileges than its parent process. This bool directly controls whether the no_new_privs flag gets set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged OR 2) has CAP_SYS_ADMIN.

To revert to the previous behavior of using the cluster’s default, set allow_privilege_escalation explicitly to None.

Bugs fixed#

Contributors to this release#

(GitHub contributors page for this release)

@athornton | @minrk | @mriedem | @welcome | @yuvipanda

1.1#

1.1.2 - 2021-11-03#

Bugs fixed#

  • Fix race condition between spawn() calling _start() and progress() #511 (@consideRatio)

Maintenance and upkeep improvements#

Other merged PRs#

Contributors to this release#

(GitHub contributors page for this release)

@athornton | @consideRatio | @manics | @minrk | @pre-commit-ci | @yuvipanda

1.1.1 - 2021-10-04#

Bugs fixed#

Continuous integration#

Contributors to this release#

(GitHub contributors page for this release)

@consideRatio | @yuvipanda

1.1.0 - 2021-07-21#

Enhancements made#

Bugs fixed#

Maintenance and upkeep improvements#

Documentation improvements#

  • Fix the errors followed by the contributing steps #509 (@mggger)

Other merged PRs#

  • [KubeIngressProxy] Set configuration before instantiating reflectors #515 (@droctothorpe)

Contributors to this release#

(GitHub contributors page for this release)

@consideRatio | @dhirschfeld | @droctothorpe | @mggger | @yuvipanda

1.0#

1.0.0 - 2021-05-14#

This release is the continuation of version 0.16.1 and could have been 0.17.0 in practice. We opted to release 1.0.0 as it enables us to communicate changes according to SemVer. Using SemVer versioning, a change in each of the three version numbers (major.minor.patch) represents a different kind of change.

Breaking changes#

  • When using KubeSpawner 1.0.0 or later together with JupyterHub 1.4.1 or later, deleting a JupyterHub user or deleting (not just stopping) a named server will lead to removing the associated PVC resource. To opt out of this behavior set the delete_pvc configuration to False.

New features added#

  • Allow configuration of kubernetes client’s options: ssl_ca_cert, host #494 (@kafonek)

  • add method to delete namespaced PVC in spawner base class #475 (@nsshah1288)

Enhancements made#

Maintenance and upkeep improvements#

Documentation improvements#

Continuous integration#

  • ci: test against recent k8s versions and misc workflow updates #506 (@consideRatio)

Contributors to this release#

(GitHub contributors page for this release)

@cbanek | @consideRatio | @dhirschfeld | @jabbera | @kafonek | @manics | @meeseeksmachine | @minrk | @nsshah1288 | @octavd

0.16#

0.16.1 - 2021-03-01#

Bugs fixed#

Contributors to this release#

@minrk

0.16.0 - 2021-02-26#

Enhancements made#

  • Add pod_security_context and container_security_context config #480 (@cyrilcros)

  • Allow mounting of service account token to be configurable (automount_service_account_token) #476 (@dtaniwaki)

  • Add user namespace support #458 (@athornton)

  • Support internal_ssl #409 (@minrk)

Bugs fixed#

  • Fix failure to create a PVC being logged as failure to create a Pod #481 (@mriedem)

  • handle pod url changes in poll #408 (@minrk)

Maintenance and upkeep improvements#

  • Refactor: remove a third way to name the same thing in make_pod’s parameters #483 (@consideRatio)

  • pre-commit: use prettier as autoformatter (markdown, yaml) #482 (@consideRatio)

  • fix some spurious additions in tests #474 (@minrk)

  • adopt black (via pre-commit) for code formatting #473 (@minrk)

  • remove duplicated secret_mount_path definition #472 (@minrk)

Other merged PRs#

  • [KubeIngressProxy] Fixes following changes to k8s resource reflectors #484 (@remche)

  • [KubeIngressProxy] allow singleuser pods to use IPv6 addresses #403 (@stv0g)

Contributors to this release#

(GitHub contributors page for this release)

@athornton | @betatim | @clkao | @consideRatio | @cyrilcros | @dhirschfeld | @dtaniwaki | @lresende | @manics | @meeseeksmachine | @minrk | @mriedem | @remche | @shanestarcher-okta | @stv0g | @tirumerla | @yuvipanda

0.15#

0.15.0 - 2020-10-15#

Enhancements made#

  • Expand storage selector #463 (@dtaniwaki)

  • Add pod_connect_ip config regarding how kubespawner reach the pod #460 (@dtaniwaki)

  • [Feature] Add AllowPrivilegeEscalation to container’s securityContext #450 (@captnbp)

Bugs fixed#

Maintenance and upkeep improvements#

Contributors to this release#

(GitHub contributors page for this release)

@athornton | @betatim | @captnbp | @celine168 | @clkao | @consideRatio | @DarkmatterVale | @dkipping | @dtaniwaki | @erolosty | @gcavalcante8808 | @gsemet | @gweis | @h4gen | @joelpfaff | @manics | @meeseeksmachine | @minrk | @ondave | @ryanlovett | @stefanvangastel | @support | @tjcrone | @welcome | @yuvipanda

0.14#

0.14.1 - 2020-10-23#

Bugs fixed#

  • KubeSpawner.image_pull_secrets malfunctions in 0.14.0 - this fixes it #451 (@johnhoman)

Maintenance and upkeep improvements#

Contributors to this release#

(GitHub contributors page for this release)

@consideRatio | @johnhoman | @rkdarst | @welcome | @yuvipanda

0.14.0 - 2020-10-05#

Enhancements made#

  • Allow image_pull_secrets config to be specified the k8s native way #442 (@consideRatio)

Bugs fixed#

Maintenance and upkeep improvements#

0.13#

0.13.0 - 2020-09-20#

Noteworthy for this release are: performance improvements, Kubernetes native environment variable specification, the possibility to run multiple JupyterHub’s in the same namespace.

Breaking changes#

The following changes probably won’t break typical usage of KubeSpawner, but could for example break logic to customized the progress page JupyerHub displays while spawning a Kubernetes pod for the user.

  • The Kubernetes EventsReflector, which is providing the KubeSpawner instances with information about Kubernetes Events describing events for other resources, is now exposing events as python dictionaries rather than V1Event objects. V1Event is defined in the kubernetes-client/python library as a representation of a Kubernetes Event.

  • KubeSpawner’s .progress method implementation (https://github.com/jupyterhub/jupyterhub/pull/1771) which is generating a formatted message as well as a KubeSpawner specific raw_event entry now returns the raw_event as a Python dictionary with entries formatted in camelCase where the keys were formatted in snake_case.

New#

  • Support EnvVar’s with ‘valueFrom’ as well as with ‘value’ #426 (@consideRatio)

  • Breaking change / performance: don’t make kubernetes-client deserialize k8s events into objects #424 (@rmoe)

  • Add component_label property to support multiple hub instances in the… #418 (@harsimranmaan)

Fixes#

  • Breaking change / performance: don’t make kubernetes-client deserialize k8s events into objects #424 (@rmoe)

Maintenance#

  • Log thread pool worker count on init #420 (@mriedem)

  • CI: test k8s 1.18 and require success, publish without test, bump minikube #417 (@consideRatio)

Contributors to this release#

@abinet | @chancez | @consideRatio | @harsimranmaan | @meeseeksmachine | @mriedem | @rmoe | @shenghu | @welcome | @yuvipanda | @zlanyi

This list of contributors were generated by github-activity according to these criteria.

0.12#

0.12.0 - 2020-07-17#

Security#

  • Security fix: CVE-2020-15110 / GHSA-v7m9-9497-p9gr. When named-servers are enabled, certain username patterns, depending on authenticator, could allow collisions. The default named-server template is changed to prevent collisions, meaning that upgrading will lose associations of named-servers with their PVCs if the default templates are used. Data should not be lost (old PVCs will be ignored, not deleted), but will need manual migration to new PVCs prior to deletion of old PVCs.

New features#

  • Add slugs field for selecting profiles in API, instead of indices. #401 (@stv0g)

  • Expose __version__ in kubespawner module #383 (@consideRatio)

  • log a warning if unrecognized user_options are provided #389 (@minrk)

Fixes#

Maintenance#

0.11#

[0.11.1] - 2019-11-29#

0.11.1 consists of a small bugfix that made the progress reporting break.

Fixes#

  • Fix spawn progress events now showing up due to failure to serialize #381 (@consideRatio)

Maintenance#

[0.11.0] - 2019-11-28#

0.11.0 features minor feature additions, compatebility measures, and fixes. KubeSpawner now require Python 3.5 and is no longer actively tested against Kubernetes clusters versioned 1.10 as before, but is now being tested against version 1.12-1.16 with the python kubernetes client library version 8-11 that is compatible with k8s 1.11-1.15.

New#

Fixes#

Compatibility#

  • CI reworked, support modern k8s high resolution timestamps, event monitoring is made more reliable, kubernetes=>8 required, python>=3.6 required, inline docs added #368 (@consideRatio)

  • Fix for Kubernetes 1.16 regarding datetime comparison #362 (@consideRatio)

  • More idiomatic python syntax #356 (@AnotherCodeArtist)

  • Compatibility with kubernetes, jupyterhub prereleases #314 (@minrk)

  • compatibility with kubernetes 9.0 #294 (@minrk)

  • Pin kubernetes version to 8.0 #292 (@yuvipanda)

Maintenance#

0.10#

0.10.1 - 2018-12-11#

0.10.1 is a tiny bugfix release, fixing regressions in 0.10.0.

  • Fix deprecation of KubeSpawner.hub_connect_ip, which caused errors in 0.10 when the deprecated config was used.

0.10.0 - 2018-12-05#

0.10.0 is a small release, with minor changes and fixes.

  • Deprecate KubeSpawner.image_spec configuration in favor of standard KubeSpawner.image. image_spec continues to work with deprecation warnings

  • Stop pinning an exact kubernetes client version; instead, require kubernetes client >= 7. If desired, pinning should be done in images/installations

  • Expand username template variables in extra_containers

  • Set pod restart policy to OnFailure, so that notebook servers that terminate themselves cleanly do not restart automatically

  • Formally deprecate KubeSpawner.hub_connect_ip and KubeSpawner.hub_connect_ip in favor of JupyterHub.hub_connect_ip, available in jupyterhub >= 0.8

0.9#

0.9.0 - 2018-09-03#

KubeSpawner 0.9.0 is a big release of KubeSpawner.

Change highlights:

  • Require Kubernetes >= 1.6

  • Require JupyterHub >= 0.8

  • Require Python >= 3.5

  • Expose lots more Kubernetes options

  • Support configuration profiles via :attr:.KubeSpawner.profile_list

  • Support Kubernetes events for the progress API in JupyterHub 0.9.

  • Update Kubernetes Python client to 6.0 (supporting Kubernetes 1.10 APIs)

  • Numerous bugfixes