magicalion/singleuser Docker Image Overview

magicalion/singleuser

notebook

0 次下载

🚀 生产环境还在裸拉官方镜像？一次故障=一次通宵

镜像简介版本下载

🚀 生产环境还在裸拉官方镜像？一次故障=一次通宵

!docker pulls !docker stars

Base Jupyter Notebook Stack

Small base image for defining your own stack

What it Gives You

Minimally-functional Jupyter Notebook 5.2.x (e.g., no pandoc for document conversion)
Miniconda Python 3.x
No preinstalled scientific computing packages
Unprivileged user jovyan (uid=1000, configurable, see options) in group users (gid=100) with ownership over /home/jovyan and /opt/conda
tini as the container entrypoint and start-notebook.sh as the default command
A start-singleuser.sh script useful for running a single-user instance of the Notebook server, as required by JupyterHub
A start.sh script useful for running alternative commands in the container (e.g. ipython, jupyter kernelgateway, jupyter lab)
Options for a self-signed HTTPS certificate and passwordless sudo

Basic Use

The following command starts a container with the Notebook server listening for HTTP connections on port 8888 with a randomly generated authentication token configured.

docker run -it --rm -p 8888:8888 jupyter/base-notebook

Take note of the authentication token included in the notebook startup log messages. Include it in the URL you visit to access the Notebook server or enter it in the Notebook login form.

Notebook Options

The Docker container executes a start-notebook.sh script script by default. The start-notebook.sh script handles the NB_UID, NB_GID and GRANT_SUDO features documented in the next section, and then executes the jupyter notebook.

You can launch JupyterLab by setting JUPYTER_ENABLE_LAB:

docker run -it --rm -e JUPYTER_ENABLE_LAB=1 --rm -p 8888:8888 jupyter/base-notebook

You can pass Jupyter command line options through the start-notebook.sh script when launching the container. For example, to secure the Notebook server with a custom password hashed using IPython.lib.passwd() instead of the default token, run the following:

docker run -d -p 8888:8888 jupyter/base-notebook start-notebook.sh --NotebookApp.password='sha1:74ba40f8a388:c913541b7ee99d15d5ed31d4226bf7838f83a50e'

For example, to set the base URL of the notebook server, run the following:

docker run -d -p 8888:8888 jupyter/base-notebook start-notebook.sh --NotebookApp.base_url=/some/path

For example, to disable all authentication mechanisms (not a recommended practice):

docker run -d -p 8888:8888 jupyter/base-notebook start-notebook.sh --NotebookApp.token=''

You can sidestep the start-notebook.sh script and run your own commands in the container. See the Alternative Commands section later in this document for more information.

Docker Options

You may customize the execution of the Docker container and the command it is running with the following optional arguments.

-e GEN_CERT=yes - Generates a self-signed SSL certificate and configures Jupyter Notebook to use it to accept encrypted HTTPS connections.
-e NB_UID=1000 - Specify the uid of the jovyan user. Useful to mount host volumes with specific file ownership. For this option to take effect, you must run the container with --user root. (The start-notebook.sh script will su jovyan after adjusting the user id.)
-e NB_GID=100 - Specify the gid of the jovyan user. Useful to mount host volumes with specific file ownership. For this option to take effect, you must run the container with --user root. (The start-notebook.sh script will su jovyan after adjusting the group id.)
-e GRANT_SUDO=yes - Gives the jovyan user passwordless sudo capability. Useful for installing OS packages. For this option to take effect, you must run the container with --user root. (The start-notebook.sh script will su jovyan after adding jovyan to sudoers.) You should only enable sudo if you trust the user or if the container is running on an isolated host.
-v /some/host/folder/for/work:/home/jovyan/work - Mounts a host machine directory as folder in the container. Useful when you want to preserve notebooks and other work even after the container is destroyed. You must grant the within-container notebook user or group (NB_UID or NB_GID) write access to the host directory (e.g., sudo chown 1000 /some/host/folder/for/work).
--group-add users - use this argument if you are also specifying a specific user id to launch the container (-u 5000), rather than launching the container as root and relying on NB_UID and NB_GID to set the user and group.

SSL Certificates

You may mount SSL key and certificate files into a container and configure Jupyter Notebook to use them to accept HTTPS connections. For example, to mount a host folder containing a notebook.key and notebook.crt:

docker run -d -p 8888:8888 \
    -v /some/host/folder:/etc/ssl/notebook \
    jupyter/base-notebook start-notebook.sh \
    --NotebookApp.keyfile=/etc/ssl/notebook/notebook.key
    --NotebookApp.certfile=/etc/ssl/notebook/notebook.crt

Alternatively, you may mount a single PEM file containing both the key and certificate. For example:

docker run -d -p 8888:8888 \
    -v /some/host/folder/notebook.pem:/etc/ssl/notebook.pem \
    jupyter/base-notebook start-notebook.sh \
    --NotebookApp.certfile=/etc/ssl/notebook.pem

In either case, Jupyter Notebook expects the key and certificate to be a base64 encoded text file. The certificate file or PEM may contain one or more certificates (e.g., server, intermediate, and root).

For additional information about using SSL, see the following:

The docker-stacks/examples for information about how to use Let's Encrypt certificates when you run these stacks on a publicly visible domain.
The jupyter_notebook_config.py file for how this Docker image generates a self-signed certificate.
The Jupyter Notebook documentation for best practices about running a public notebook server in general, most of which are encoded in this image.

Conda Environments

The default Python 3.x Conda environment resides in /opt/conda.

The commands jupyter, ipython, python, pip, and conda (among others) are available in both environments. For convenience, you can install packages into either environment regardless of what environment is currently active using commands like the following:

# install a package into the default (python 3.x) environment
pip install some-package
conda install some-package

Alternative Commands

start.sh

The start.sh script supports the same features as the default start-notebook.sh script (e.g., GRANT_SUDO), but allows you to specify an arbitrary command to execute. For example, to run the text-based ipython console in a container, do the following:

docker run -it --rm jupyter/base-notebook start.sh ipython

Or, to run JupyterLab instead of the classic notebook, run the following:

docker run -it --rm -p 8888:8888 jupyter/base-notebook start.sh jupyter lab

This script is particularly useful when you derive a new Dockerfile from this image and install additional Jupyter applications with subcommands like jupyter console, jupyter kernelgateway, etc.

Others

You can bypass the provided scripts and specify your an arbitrary start command. If you do, keep in mind that certain features documented above will not function (e.g., GRANT_SUDO).

查看更多 singleuser 相关镜像 →

jupyterhub/singleuser

用于JupyterHub和DockerSpawner的单用户Docker镜像，基于jupyter/base-notebook构建，适合通过DockerSpawner在容器中启动用户笔记本服务器，需注意JupyterHub版本匹配，默认家目录不持久。

轩辕镜像配置手册

探索更多轩辕镜像的使用方法，找到最适合您系统的配置方式

登录仓库拉取

通过 Docker 登录认证访问私有仓库

Linux

在 Linux 系统配置镜像服务

Windows/Mac

在 Docker Desktop 配置镜像

Docker Compose

Docker Compose 项目配置

K8s Containerd

Kubernetes 集群配置 Containerd

K3s

K3s 轻量级 Kubernetes 镜像加速

Dev Containers

VS Code Dev Containers 配置

MacOS OrbStack

MacOS OrbStack 容器配置

宝塔面板

在宝塔面板一键配置镜像

群晖

Synology 群晖 NAS 配置

飞牛

飞牛 fnOS 系统配置镜像

极空间

极空间 NAS 系统配置服务

爱快路由

爱快 iKuai 路由系统配置

绿联

绿联 NAS 系统配置镜像

威联通

QNAP 威联通 NAS 配置

Podman

Podman 容器引擎配置

Singularity/Apptainer

HPC 科学计算容器配置

其他仓库配置

ghcr、Quay、nvcr 等镜像仓库

专属域名拉取

无需登录使用专属域名

需要其他帮助？请查看我们的常见问题Docker 镜像访问常见问题解答或提交工单

镜像拉取常见问题

轩辕镜像免费版与专业版有什么区别？

免费版仅支持 Docker Hub 访问，不承诺可用性和速度；专业版支持更多镜像源，保证可用性和稳定速度，提供优先客服响应。

轩辕镜像支持哪些镜像仓库？

专业版支持 docker.io、gcr.io、ghcr.io、registry.k8s.io、nvcr.io、quay.io、mcr.microsoft.com、docker.elastic.co 等；免费版仅支持 docker.io。

流量耗尽错误提示

当返回 402 Payment Required 错误时，表示流量已耗尽，需要充值流量包以恢复服务。

410 错误问题

通常由 Docker 版本过低导致，需要升级到 20.x 或更高版本以支持 V2 协议。

manifest unknown 错误

先检查 Docker 版本，版本过低则升级；版本正常则验证镜像信息是否正确。

镜像拉取成功后，如何去掉轩辕镜像域名前缀？

使用 docker tag 命令为镜像打上新标签，去掉域名前缀，使镜像名称更简洁。

查看全部问题→

用户好评

来自真实用户的反馈，见证轩辕镜像的优质服务

oldzhang

运维工程师

Linux服务器

"Docker访问体验非常流畅，大镜像也能快速完成下载。"

magicalion/singleuser

notebook

0 次下载

🚀 生产环境还在裸拉官方镜像？一次故障=一次通宵

镜像简介版本下载

🚀 生产环境还在裸拉官方镜像？一次故障=一次通宵

!docker pulls !docker stars

Base Jupyter Notebook Stack

Small base image for defining your own stack

What it Gives You

Minimally-functional Jupyter Notebook 5.2.x (e.g., no pandoc for document conversion)
Miniconda Python 3.x
No preinstalled scientific computing packages
Unprivileged user jovyan (uid=1000, configurable, see options) in group users (gid=100) with ownership over /home/jovyan and /opt/conda
tini as the container entrypoint and start-notebook.sh as the default command
A start-singleuser.sh script useful for running a single-user instance of the Notebook server, as required by JupyterHub
A start.sh script useful for running alternative commands in the container (e.g. ipython, jupyter kernelgateway, jupyter lab)
Options for a self-signed HTTPS certificate and passwordless sudo

Basic Use

The following command starts a container with the Notebook server listening for HTTP connections on port 8888 with a randomly generated authentication token configured.

docker run -it --rm -p 8888:8888 jupyter/base-notebook

Take note of the authentication token included in the notebook startup log messages. Include it in the URL you visit to access the Notebook server or enter it in the Notebook login form.

Notebook Options

You can launch JupyterLab by setting JUPYTER_ENABLE_LAB:

docker run -it --rm -e JUPYTER_ENABLE_LAB=1 --rm -p 8888:8888 jupyter/base-notebook

docker run -d -p 8888:8888 jupyter/base-notebook start-notebook.sh --NotebookApp.password='sha1:74ba40f8a388:c913541b7ee99d15d5ed31d4226bf7838f83a50e'

For example, to set the base URL of the notebook server, run the following:

docker run -d -p 8888:8888 jupyter/base-notebook start-notebook.sh --NotebookApp.base_url=/some/path

For example, to disable all authentication mechanisms (not a recommended practice):

docker run -d -p 8888:8888 jupyter/base-notebook start-notebook.sh --NotebookApp.token=''

You can sidestep the start-notebook.sh script and run your own commands in the container. See the Alternative Commands section later in this document for more information.

Docker Options

You may customize the execution of the Docker container and the command it is running with the following optional arguments.

-e GEN_CERT=yes - Generates a self-signed SSL certificate and configures Jupyter Notebook to use it to accept encrypted HTTPS connections.
-e NB_UID=1000 - Specify the uid of the jovyan user. Useful to mount host volumes with specific file ownership. For this option to take effect, you must run the container with --user root. (The start-notebook.sh script will su jovyan after adjusting the user id.)
-e NB_GID=100 - Specify the gid of the jovyan user. Useful to mount host volumes with specific file ownership. For this option to take effect, you must run the container with --user root. (The start-notebook.sh script will su jovyan after adjusting the group id.)
-e GRANT_SUDO=yes - Gives the jovyan user passwordless sudo capability. Useful for installing OS packages. For this option to take effect, you must run the container with --user root. (The start-notebook.sh script will su jovyan after adding jovyan to sudoers.) You should only enable sudo if you trust the user or if the container is running on an isolated host.
-v /some/host/folder/for/work:/home/jovyan/work - Mounts a host machine directory as folder in the container. Useful when you want to preserve notebooks and other work even after the container is destroyed. You must grant the within-container notebook user or group (NB_UID or NB_GID) write access to the host directory (e.g., sudo chown 1000 /some/host/folder/for/work).
--group-add users - use this argument if you are also specifying a specific user id to launch the container (-u 5000), rather than launching the container as root and relying on NB_UID and NB_GID to set the user and group.

SSL Certificates

docker run -d -p 8888:8888 \
    -v /some/host/folder:/etc/ssl/notebook \
    jupyter/base-notebook start-notebook.sh \
    --NotebookApp.keyfile=/etc/ssl/notebook/notebook.key
    --NotebookApp.certfile=/etc/ssl/notebook/notebook.crt

Alternatively, you may mount a single PEM file containing both the key and certificate. For example:

docker run -d -p 8888:8888 \
    -v /some/host/folder/notebook.pem:/etc/ssl/notebook.pem \
    jupyter/base-notebook start-notebook.sh \
    --NotebookApp.certfile=/etc/ssl/notebook.pem

For additional information about using SSL, see the following:

The docker-stacks/examples for information about how to use Let's Encrypt certificates when you run these stacks on a publicly visible domain.
The jupyter_notebook_config.py file for how this Docker image generates a self-signed certificate.
The Jupyter Notebook documentation for best practices about running a public notebook server in general, most of which are encoded in this image.

Conda Environments

The default Python 3.x Conda environment resides in /opt/conda.

# install a package into the default (python 3.x) environment
pip install some-package
conda install some-package

Alternative Commands

start.sh

docker run -it --rm jupyter/base-notebook start.sh ipython

Or, to run JupyterLab instead of the classic notebook, run the following:

docker run -it --rm -p 8888:8888 jupyter/base-notebook start.sh jupyter lab

This script is particularly useful when you derive a new Dockerfile from this image and install additional Jupyter applications with subcommands like jupyter console, jupyter kernelgateway, etc.

Others

You can bypass the provided scripts and specify your an arbitrary start command. If you do, keep in mind that certain features documented above will not function (e.g., GRANT_SUDO).

查看更多 singleuser 相关镜像 →

jupyterhub/singleuser

轩辕镜像配置手册

探索更多轩辕镜像的使用方法，找到最适合您系统的配置方式

登录仓库拉取

通过 Docker 登录认证访问私有仓库

Linux

在 Linux 系统配置镜像服务

Windows/Mac

在 Docker Desktop 配置镜像

Docker Compose

Docker Compose 项目配置

K8s Containerd

Kubernetes 集群配置 Containerd

K3s

K3s 轻量级 Kubernetes 镜像加速

Dev Containers

VS Code Dev Containers 配置

MacOS OrbStack

MacOS OrbStack 容器配置

宝塔面板

在宝塔面板一键配置镜像

群晖

Synology 群晖 NAS 配置

飞牛

飞牛 fnOS 系统配置镜像

极空间

极空间 NAS 系统配置服务

爱快路由

爱快 iKuai 路由系统配置

绿联

绿联 NAS 系统配置镜像

威联通

QNAP 威联通 NAS 配置

Podman

Podman 容器引擎配置

Singularity/Apptainer

HPC 科学计算容器配置

其他仓库配置

ghcr、Quay、nvcr 等镜像仓库

专属域名拉取

无需登录使用专属域名

需要其他帮助？请查看我们的常见问题Docker 镜像访问常见问题解答或提交工单

镜像拉取常见问题

轩辕镜像免费版与专业版有什么区别？

免费版仅支持 Docker Hub 访问，不承诺可用性和速度；专业版支持更多镜像源，保证可用性和稳定速度，提供优先客服响应。

轩辕镜像支持哪些镜像仓库？

专业版支持 docker.io、gcr.io、ghcr.io、registry.k8s.io、nvcr.io、quay.io、mcr.microsoft.com、docker.elastic.co 等；免费版仅支持 docker.io。

流量耗尽错误提示

当返回 402 Payment Required 错误时，表示流量已耗尽，需要充值流量包以恢复服务。

410 错误问题

通常由 Docker 版本过低导致，需要升级到 20.x 或更高版本以支持 V2 协议。

manifest unknown 错误

先检查 Docker 版本，版本过低则升级；版本正常则验证镜像信息是否正确。

镜像拉取成功后，如何去掉轩辕镜像域名前缀？

使用 docker tag 命令为镜像打上新标签，去掉域名前缀，使镜像名称更简洁。

查看全部问题→

用户好评

来自真实用户的反馈，见证轩辕镜像的优质服务

oldzhang

运维工程师

Linux服务器

"Docker访问体验非常流畅，大镜像也能快速完成下载。"

magicalion/singleuser Docker 镜像 - 轩辕镜像

Base Jupyter Notebook Stack

What it Gives You

Basic Use

Notebook Options

Docker Options

SSL Certificates

Conda Environments

Alternative Commands

start.sh

Others

轩辕镜像配置手册

登录仓库拉取

Linux

Windows/Mac

Docker Compose

K8s Containerd

K3s

Dev Containers

MacOS OrbStack

宝塔面板

群晖

飞牛

极空间

爱快路由

绿联

威联通

Podman

Singularity/Apptainer

其他仓库配置

专属域名拉取

镜像拉取常见问题

用户好评

magicalion/singleuser Docker 镜像 - 轩辕镜像

Base Jupyter Notebook Stack

What it Gives You

Basic Use

Notebook Options

Docker Options

SSL Certificates

Conda Environments

Alternative Commands

start.sh

Others

轩辕镜像配置手册

登录仓库拉取

Linux

Windows/Mac

Docker Compose

K8s Containerd

K3s

Dev Containers

MacOS OrbStack

宝塔面板

群晖

飞牛

极空间

爱快路由

绿联

威联通

Podman

Singularity/Apptainer

其他仓库配置

专属域名拉取

镜像拉取常见问题

用户好评