Integrations#
Jupyter K8s is vendor-neutral, and agnostic to the choice of router, authentication and authorization components.
Cloud-specific functionalities integrate at the controller or Extension API level with HTTP sidecar plugins.
Additional helm charts and deployment templates provide examples of integration with a specific cloud and routing components.
Plugin architecture#
The controller is the HTTP client; each plugin runs as a sidecar container on localhost in the same pod as the controller.
┌──────────────────────────────────────────┐
│ Operator Pod │
│ │
│ ┌────────────┐ HTTP ┌──────────┐ │
│ │ Controller ├───────────►│ Plugin │ │
│ └────────────┘ localhost └─────┬────┘ │
│ │ │
└──────────────────────────────────┘───────┘
│
Cloud API
(e.g. AWS SSM)
The controller does not make external API calls directly. All cloud operations flow through the plugin’s HTTP interface.
Helm charts#
The operator chart deploys the core controller, Extension API and CRDs, but a production deployment typically needs additional charts to:
Configure the routing layer — select a reverse proxy, authentication mechanism, and authorization components.
Integrate with cloud providers — deploy cloud-specific plugins and resources (e.g. ALB ingress, SSM activations).
Define access strategies —integrate workspaces with the routing layer by creating access strategies.
Deployment templates#
For deployments that start from scratch — provisioning the cluster and surrounding cloud resources
in addition to installing the operator — jupyter-deploy offers
turnkey templates that bundle Jupyter K8s with a routing and identity layer.