Error in Authenticator.pre_spawn_start

I deployed renku helm chart using config file generated with the script renku/ at master · SwissDataScienceCenter/renku · GitHub ( -domain --output-file renku-values.yaml). i deployed all components in the same stack (gitlab, keycloak, renku, and jupyterhub). when I try to launch jupyterjub i browse url https://<renku_domain>/jupyterhub then i get this error message displayed in the browser: # 500 : Internal Server Error
Error in Authenticator.pre_spawn_start: TraitError The ‘image’ trait of a RenkuKubeSpawner instance expected a unicode string, not the NoneType None.

Is my issue related to config file generated by script ?


Hi @abella91 that’s not really an error, because we don’t ever use that path to jupyterhub in renku - are you able to create a project and launch an interactive environment?

No, I don’t think so - the issue is that when you go to the /jupyterhub endpoint it tries to launch a user notebook server for you - we don’t really support those since we only launch named servers inside projects. The error comes from the fact that we don’t supply a default image value for a named server.
Could you try launching an environment from a project?

1 Like

Thank you for your help. i’m not able to launch project. I get error in gitlab pipeline "ERROR: Job failed (system failure): prepare environment: secrets is forbidden: User “system:serviceaccount:renku:default” cannot create resource “secrets” in API group “in the namespace “renku”. Check Shells supported by GitLab Runner | GitLab for more information”, when I try to launch new environment but I think this is not related to this topic. I consider this topic as solved.

Indeed, that sounds like a problem with your GitLab CI runners, which is somewhat independent of the initial issue. Still, this error will prevent you from building up-to-date images for your projects.

What kind of runner are you using? from the error it sounds like you are using a runner inside kubernetes?

@rrrrrok It is a Kubernetes Gitlab runner that I installed using helm chart

@abella91 make sure you do the helm install with the RBAC creation enabled for the runner - if the runner is installed together with the rest of the GitLab helm chart, you have to set this in the values file you have for the GitLab installation - see here for example. If you don’t want to let GitLab handle the RBAC automatically, you’ll need to create the service account for the runner yourself.

@rrrrrok, in my environment I installed renku, gitlab, keycloak in one stack from renku helm chart and installed gitlab-runner in my k8s cluster using gitlab-runner helm chart. to configure gitlab-runner to work correctly with renku,

  1. I followed steps in this link GitLab Runner Helm Chart | GitLab to do the required configuration
  2. custom configuration to work with renku:
    a) enable RBAC as you advised me by setting following value in the config file of the gitlab-runner chart:
    create: true
    b) in the same file, add config to existing kubernetes runner to mount volume for socket binding
    config: |
    image = “ubuntu:16.04”
    name = “socketbinding”
    mount_path = “/var/run/docker.sock”
    read_only = true
    host_path = “/var/run/docker.sock”

After that, i was able to create and launch a project in renku. Thanks a lot for your help :slight_smile:


That’s great @abella91! And thanks for sharing the configuration that made it work!

Just a side comment - I’m sure you are probably aware of this, but just in case others will be reading this thread: mounting the docker socket into the runners directly and executing user-defined CI jobs there is a potential security risk - you might want to consider a root-less image-building solution like kaniko (I’ve tried this and it works - see the gitlab documenation on how to set it up and this post about another renku deployment using it) or docker running in rootless mode (have not tried this).