A more advanced configuration is to use both kernel and UI containers together for a fully containerized environment. There are a few benefits to this, which include better performance, environment isolation and greater portability. In this configuration the remote kernel container usage is identical to its usage with a non-containerized-ui. For details on how to use the remote kernel images, see theKernel Containersdocumentation.

However, the UI container is utilized slightly differently in this configuration because the UI container needs to connect to and communicate with the remote kernel container instead of operating as both the UI and kernel together. For this to work, the UI container needs to create an SSH tunnel to the remote host running the kernel container on the kernel container's published port. The command to do this looks like:

Or directly as a Docker command like this:

--rmto cleanup the container once it is finished running,

-itto show the interactive output of the container while it is running,

-v /path/to/notebooks:/notebooksto mount the local notebook files into the container so that the container has access to the notebook files when running. By default, these containers will be looking for Cauldron notebook folders within the /notebooks directory in the container, so it is recommended that the volume mount be there. However, those comfortable with volume mounting can choose to mount multiple volumes or use different locations entirely.

When using the cauldron uidocker command the current directory will be mounted to the /notebooks directory by default. This can be overridden by specifying the cauldron uidocker --directory=/path/to/notebooks flag as part of the command.

-v /home/my/.ssh:/host_sshassumes that establishing an SSH tunnel to the remote host where the kernel container is running requires authentication with an SSH key. This mounts the folder in which the necessary SSH key resides from the local system into the "/host_ssh" directory in the container. Files in this directory are made available to the ssh tunneling command.

When using the cauldron uidocker command the ~/.ssh folder will be mounted to the /host_ssh container by default. If an alternative directory is needed, specify it with the --ssh-directory=/path/to/ssh.

-p 8899:8899to connect the container port 8899 to the local host port 8899 so that the UI running in the container is accessible from the local host system. A different local port can be used by changing the first port argument in the above command if needed (for example running multiple UI containers on the same local host).

When using the cauldron uidocker command the remote port will try to be used here by default unless the --port=XXXX is specified to override it.

--remote=remote-user@remote-server:5010specifies that a remote tunnel should be established to the given remote host. The format of the remote value is USER@HOST:PORT.

--ssh-key=remote-server.pemspecifies the name of the SSH key file in the mounted "/host_ssh" directory for authentication during the SSH tunnel setup process.

After executing that command to start the container, Cauldron will setup an SSH tunnel inside the container and pass that information to the Cauldron UI process as connection arguments resulting in a containerized UI that will communicate execution commands to the remote kernel container running at the other end of the SSH tunnel.