Jupyter Notebook on Fedora with official packages and SSL

Jupyter Notebooks are the elegant way that Data Scientists work and all software needed to run them are already pre-packaged on Fedora (and any other Linux distribution). It is encouraged to use your distribution’s packaging infrastructure to install Python packages. Avoid at any cost installing Python packages with pip, conda, anaconda and from source code. The reasons for this good practice are security, ease of use, to keep the system clean and to make installation procedures easily reproducible in DevOps scenarios.

Jupyter Notebook on Fedora with MathJax and Python
Jupyter Notebook on Fedora with MathJax and Python

This tutorial will teach you to how to setup a complete and functional Jupyter Notebook on Linux the correct way, enabled to be securely accessible from anywhere. Tested on Fedora 28 and should work also on Red Hat systems.

  1. As root user, install packages and dependencies:
    dnf install python3-notebook mathjax sscg

    You might want to install additional and optional Python modules commonly used by Data Scientists:

    dnf install python3-seaborn \
    python3-lxml python3-basemap \
    python3-scikit-image python3-scikit-learn \
    python3-sympy python3-dask+dataframe
  2. From now on as regular user, install additional packages that have no RPMs yet. Install XGBoost, the most popular and powerful regressor, estimator and classifier nowadays:
    pip3 install --user xgboost
  3. Set a password to log into Notebook web interface and avoid those long tokens. Run the following command anywhere on your terminal:
    mkdir -p $HOME/.jupyter
    jupyter notebook password

    Type a password for yourself. This will create the file $HOME/.jupyter/jupyter_notebook_config.json with your encrypted password.

  4. Prepare for SSL. Generate a self-signed HTTPS certificate for Jupyter’s web server:
    cd $HOME/.jupyter
    sscg
  5. Finish configuring Jupyter editing your $HOME/.jupyter/jupyter_notebook_config.json, make it look like this:
    {
      "NotebookApp": {
        "password": "sha1:abf58...87b",
    
        "ip": "*",
        "allow_origin": "*",
        "allow_remote_access": true,
        "open_browser": false,
        "websocket_compression_options": {},
    
        "certfile": "/home/aviram/.jupyter/service.pem",
        "keyfile": "/home/aviram/.jupyter/service-key.pem",
    
        "notebook_dir": "/home/aviram/Notebooks"
      }
    }
    

    The parts in red must be changed to match your folders. Parts in blue were already there after step 2. Parts in green are the crypto-related files generated by sscg on step 4.

  6. Create a folder for your notebook files, as configured in step 4’s notebook_dir above:
    mkdir $HOME/Notebooks
  7. Now you are all set. Just run Jupyter Notebook from anywhere on your system typing jupyter notebook. Or add this line to your $HOME/.bashrc to create a shortcut command called jn:
    alias jn='jupyter notebook'

After running the command jn, access Jupyter UI from any browser on the network using the HTTPS protocol and the password you set on step 2:

https://your-linux-host.com:8888

Your browser will complain about security because we are using a self signed certificate. Just ignore the warnings and use it as is. Or get an official HTTPS/SSL certificate.

In addition to the IPython environment, you’ll also get a web-based Unix terminal provided by terminado. Some people might find this useful while others find this insecure. You can disable this feature in the config file.

Running the new JupyterLab

JupyterLab is the next generation of Jupyter. To use it, after the steps above, do this as regular user:

pip3 install jupyterlab --user
jupyter serverextension enable --py jupyterlab

Then run your regular jupyter notebook command or jn alias. JupyterLab will be accessible from http://your-linux-host.com:8888/lab.

Presenting your Notebooks to big audiences

A neat feature of Jupyter is the ability to run it as a presentation server so you can project to your team your findings and insights extracted from data. Matthew Speck wrote a nice article about how to write notebooks ready for presenting.

At presentation time, you’ll run Jupyter’s NBConvert command to convert your notebook to an HTML presentation and automatically serve it via a web server. This web server will only allow local machine access, but we’ll configure it here to allow remote access.

  1. First generate the template config file for NBConvert:
    jupyter nbconvert --generate-config

    A long file called $HOME/.jupyter/jupyter_nbconvert_config.py will be generated

  2. Edit jupyter_nbconvert_config.py and search and change for the following critical lines:
    ## Accept connections from all IPs
    c.ServePostProcessor.ip = '*'
    
    ## Do not open the browser automatically
    c.ServePostProcessor.open_in_browser = False

When you are ready to present your notebook, just do this:

jupyter nbconvert "My notebook.ipynb" --to slides --post serve

And point your browser to the host and port reported on the console, probably http://your-linux-host.com:8000

In presentation mode, some advanced features will only work if you have Reveal.js being served locally, so configure its path in the jupyter_nbconvert_config.py config file too. And happy presenting.

6 thoughts on “Jupyter Notebook on Fedora with official packages and SSL”

  1. Thanks!
    I was looking for a ‘howto’ jupyter on Fedora this morning and stumbled right on this.
    On Fedora 28, though, there’s no ‘sccg’ package. Where do I install it?

    1. I mistyped it.

      Its sscg, the Self-Signed Certificate Generator tool, and it is probably already installed on your system (I just documented it here to be absolutely explicit).
      Text was corrected.

  2. Thanks for posting this. I was poised to install Anaconda, but worried about about possible conflicts,
    and the amount of time and frustration it might require, so, I was overjoyed to find your page, and
    decided to give it a go instead.

    I attempted to follow your, clear, instructions, carefully, and everything seemed straight-forward.
    I created a password, generated the self-signed certificate and edited the jupyter congif file.

    However, after starting jupyter notebook from a terminal, I find that when I attempt to login to it,
    with my firefox browser, I cannot. Rather, I get the unhelpful message:

    “We can’t connect to the server at https://kearus:8888

    When I left click on the, “i”, information icon in the address bar, in the browser, I learn additionally that

    “This connection is not secure”.

    I can see in my terminal window, however, that the server kearus:8888 is running:

    [I 15:40:56.233 NotebookApp] Serving notebooks from local directory: /home/dominic/Computing/Jupyter/Notebooks
    [I 15:40:56.233 NotebookApp] 0 active kernels
    [I 15:40:56.233 NotebookApp] The Jupyter Notebook is running at:
    [I 15:40:56.233 NotebookApp] https://Kearus:8888/
    [I 15:40:56.234 NotebookApp] Use Control-C to stop this server and shut down all kernels (twice to skip confirmation).

    Also, I was not prompted for a password.

    Any suggestions?

    1. Dominic, this is normal browser behavior accessing self-signed HTTPS web servers. Since this is all running locally just overcome your browser complains and use it as is. The other solution is to use HTTP and not HTTPS, but that’s a bad practice and I’d like to avoid.

Leave a Reply

Your email address will not be published. Required fields are marked *