We like to access our project more easily when executing it in a contained docker enviromnent (to use jupyter lab/notebooks and tensorbaord). But we don't want to (and maybe can't) configure the server we're running the docker container on to open the correct ports and allow us to access our services (jupyter/tensorboard).

For introductions on how to run the solution for our repo skip this and go to the last section of this page.

We install and run these services (jupyter/tensorboard) locally within the docker container and use ngrok to upen a tunnel for specific ports that gets exposed to a public url.

Install all the requirements you need from within the docker container using docker exec -it --user root container_name /bin/bash

1. Make sure you have all the requirements installed:

apt-get update
apt-get -y install git wget unzip ipython
pip install ipython[notebook] jupyterlab

2. Download and unzip ngrok using the following command or do it manually (ngrok download page)

wget https://bin.equinox.io/c/4VmDzA7iaHb/ngrok-stable-linux-amd64.zip; yes n | unzip ngrok-stable-linux-amd64.zip ; rm ngrok-stable-linux-amd64.zip"

3. Start ngrok using one of these alternatives:

a) Directly with ./ngrok http 80 to open an tunnel to http://localhost:80/

b) Using a configuration file, that can contain multiple tunnel definitions (see ngrok configuration docs):

tunnel.cfg:

# Get your authtoken by signing up for an account on ngrok.com
# If you want to use it without an account, remove the following line
authtoken: <your auth token>

# When sing a free account (still need to register), you can define tunnels with up to 4 connections here
# Note: each tunnel might have one or more connections (e.g http, or http AND https)
tunnels: 
  jupyterlab:
    proto: http
    bind-tls: false # http only, no https
    addr: "8888"
  jupyternotebook:
    proto: http
    addr: "8080"
    bind-tls: false
  tensorboard:
    proto: http
    bind-tls: false
    addr: "6006"
"""

Start ngrok as a background process with this config file using the following command:

path/to/ngrok start -config path/to/tunnel.cfg --all > /dev/null &

Additionally to the tunnels ngrok provides a REST API to see which tunnels are active. Test it out using:

curl -s http://localhost:4040/api/tunnels

Note: Sometimes Ngrok might start provide the API under localhost:4041 instead of localhost:4040.

To extract all urls from the API you can run the following command:

curl -s http://localhost:4040/api/tunnels | python3 -c "import sys, json; print(str([(tunnel['name'],tunnel['public_url']) for tunnel in json.load(sys.stdin)['tunnels']]))"

Now you only need to start the services locally that should be exposed via the ngrok tunnels.

Jupyter Lab (--allow-root flag is only needed if you start jupyter as root user):

jupyter lab --ip=0.0.0.0 --port=8888 --allow-root --no-browser

Same for Jupyter Notebook (--allow-root flag is only needed if you start jupyter as root user):

jupyter notebook--ip=0.0.0.0 --port=8888 --allow-root --no-browser

Both, for Jupyter Lab and Notebooks, you might want to add a password by default. You can do this using the following two arguments that need to be added to the jupyter lab or jupyter notebook command:

-NotebookApp.allow_password_change=False --NotebookApp.password="sha1:yourpasswordhashhere"

You can easily generate the hash using Python with:

from notebook.auth import passwd
print(passwd("yourpasswordhere"))

Adding the --ContentsManager.allow_hidden=True flag to your jupyter lab command will make all hidden files visible in the file browser.

If you already have the latest version of our docker container running (as described in the repos README.md file) ngrok, jupyter lab, jupyter notebook and tensorboard should already be running.

To access any of these services you only need the correct public URL. The most comfortable way to get this is to look at the logs of the docker container using:

docker logs radio

There you will find an entry from where you can copy & paste the public url for the service you'd like to access. The entry is generated every 5 minutes and should look like this:

Retrieving open ngrok tunnels...
URLs open for the following services: [('jupyterlab', 'http://abcde12345.ngrok.io'), ('tensorboard', 'http://abcde12345.ngrok.io'), ('jupyternotebook', 'http://abcde12345.ngrok.io')]

Alternatively you get them by running the .get_tunnels.sh located in the remote_access directory. Note: You need to do this from within the docker container. Start the interactive shell using this command:

docker exec -it radio /bin/bash

Then run the script:

./remote_access/get_tunnels.sh

If there should be any issues with this, try to restart the docker container itself first. If that doesn't help you can try to restart the ngrok and the other services in the running docker container: To do this run the following commands all from within the docker container.

1. Kill all old processes of ngrok, jupyterlab, jupyternotebook and tensorboard

• list all running processes and their PIDs using top -n 1
• kill each of the mentioned process with its PID using kill -9 <PID>

2. Run the script to start the services and open the tunnels:

./remote_access/open_remoteaccess.sh &