Oracle Cloud Infrastructure Documentation

Creating a Notebook Session

Create a Data Science notebook session to access a JupyterLab interface that uses a customizable compute, storage, and network configuration.

Before you begin:

To use a runtime configuration, identify the custom environment variables and any Git repository URLs that you want you want to use.
Note

The network configuration of a notebook session can't be changed when the notebook session is reactivated. If a notebook session was configured to use a default network, you can't deactivate the notebook session then select custom networking when you reactivate it.

Networking Setup for Using Oracle Managed Features

To use any of the Oracle managed features inside the Notebook, Notebook Lifecycle Scripts, AI Quick Actions, Environment Explorer and Example Notebooks, the Notebook subnet must have permissions to access OCI Object Storage.

If you select Default Networking for your Notebook, your Notebook subnet has access to Object Storage. If you select Custom Networking, you need to set up Object Storage access with either the Service Gateway or Nat Gateway. You can set up Service Gateway to access all services or region specific Object Storage. For more information, see Creating a Service Gateway and Overview of Service Gateways in the Networking documentation. Or, you can set up the Nat Gateway to allow public internet access. For more information, see Nat Gateway in the Networking documentation.

If you use Internet Gateway, you can't connect to the public internet with your Notebook. This is because the Internet Gateway expects the resources behind it to be a public subnet with public IPs which Data Science Notebooks don't use. Nor is the Notebook going to work with connecting to Oracle managed features.

Setting up Storage Mounts

To use storage mounts, you must have an Object Storage bucket or OCI File Storage Service (FSS) mount target and export path.

To use FSS, you must first create the file system and the mount point. Use the custom networking option and ensure that the mount target and the notebook are configured with the same subnet. Configure security list rules for the subnet with the specific ports and protocols.

Ensure that service limits are allocated to file-system-count and mount-target-count.

You must set up policies to use either Object Storage or File Storage Service (FSS) for storage mounts in the notebook.

Using OCI File Storage

Set up Storage Mounts when using OCI File Storage.

Setting Up Storage Mounts

  1. Navigate to the compartment of your choice.
  2. Create a file system under OCI File Storage service along with an export.
  3. Select an existing mount target or create a new one.
    You have a file system, and export, and mount target created.
  4. Set up custom networking.

    You can create a new subnet or use an existing one. Ensure the mount target and the notebook are configured with the same subnet.

  5. Configure the security list rules of the subnet used as specified in Configuring VCN Security Rules for File Storage.
    Note

    Before mounting a file system, you must configure security rules in the VCN Subnet to allow network traffic to and from the mount target. You can set up security rules in subnet security lists, network security groups, or by using a combination of both. For more information, see Configuring VCN Security Rules for File Storage.
    • Stateful ingress to TCP ports 111, 2048, 2049, and 2050, and UDP ports 111 and 2048.
    • Stateful egress for TCP source ports 111, 2048, 2049, and 2050, and UDP source port 111.

Using OCI Object Storage

Set up Storage Mounts when using OCI Object Storage.

Storage mounts for object storage use resource principals based authorization to communicate between notebook and required bucket.

To use the default network option for a notebook, the managed egress works without the need to configure any extra network rules.

To use the custom network option for a notebook, some more network setup is required.

Setting Up Storage Mounts

  1. In the choice of your VCN, create the service gateway.
  2. For the required private subnet, add Service Gateway to the route table configurations.
  3. Change the egress rules of security list of the required subnet to allow traffic to all services in the regional Oracle network.

Creating a Notebook

The steps to create a notebook.

  • We recommend that you review Persisting Data and Files on a Notebook Session Block Volume to help decide the block volume size.

    1. From the project details page, select Create notebook session. If you need help finding the list of projects, see Listing Projects.
    2. (Optional) Enter a unique name for the notebook session (limit of 255 characters). If you don't provide a name, a name is automatically generated. For example, datasciencenotebooksession20200108222435.
    3. (Optional) Enter a description.
    4. (Optional) Change the Compute shape by selecting Change shape. Then, follow these steps in the Select compute panel.
      1. Select an instance type.
      2. Select an shape series.
      3. Select one of the supported Compute shapes in the series.
      4. Select the shape that best suits how you want to use the resource.

        For each OCPU, select up to 64 GB of memory and a maximum total of 512 GB. The minimum amount of memory allowed is either 1 GB or a value matching the number of OCPUs, whichever is greater.

      5. Select Select shape.
    5. Enter the block storage size to use, between 50 GB and 10, 240 GB (10 TB). You can change the value by 1 GB increments. The default value is 100 GB.
    6. Select one of the following options to configure the network type:

      • Default networking—The workload is attached by using a secondary VNIC to a preconfigured, service-managed VCN, and subnet. This provided subnet allows egress to the public internet through a NAT gateway, and access to other Oracle Cloud services through a service gateway.

        If you need access only to the public internet and OCI services, we recommend using this option. It doesn't require you to create networking resources or write policies for networking permissions.

      • Custom networking—Select the VCN and subnet that you want to use for the resource (notebook session or job).

        For egress access to the public internet, use a private subnet with a route to a NAT gateway.

        If you don't see the VCN or subnet that you want to use, select Change Compartment, and then select the compartment that contains the VCN or subnet.

        Important

        To use a file storage mount, you must select custom networking. The VCN and subnet must be the same as those used for the creation of the mount target.

      Note

      The network configuration of a notebook session can't be changed when the notebook session is reactivated. If a notebook session was configured to use a default network, you can't deactivate the notebook session then select custom networking when you reactivate it.

    7. Select one of the following options to configure the endpoint type:

      • Public endpoint—Data access in a managed instance from outside a VCN.

      • Private endpoint—Select the VCN, subnet, and private endpoint that you want to use for the notebook session.

        Select Change Compartment to select the compartment that contains the VCN, subnet, or private endpoint.

    8. (Optional) To use storage mounts, select +Add storage mount.
      Ensure you have the authorization to use storage mounts.
      1. Select a storage mount type, OCI Object Storage or OCI File Storage.
      2. Select a compartment that contains the storage resource that you want to mount.
      3. Select one of the following:
        Object Storage
        If using custom networking:
        1. Create the service gateway in the VCN.
        2. For the route table configurations in the private subnet, add the service gateway.
        3. Change the egress rules of security list of the required subnet to let traffic to all services in the network.

        The bucket you want to use.

        You can add an object name prefix. The prefix must start with an alphanumeric character. The allowed characters are alphanumerics, slash ( / ), hyphen ( - ) and underscore ( _ ).

        File Storage

        The mount target and export path you want to use. You must have created the file system. Specify an existing mount target, or create a new one.

        You must use a custom network to use file storage.

        Follow the security list rules of the subnet.
        Note

        Before mounting a file system, you must configure security rules in the VCN subnet to let network traffic to and from the mount target. You can set up security rules in subnet security lists, network security groups, or by using a combination of both. For more information, see Configuring VCN Security Rules for File Storage.
        • Stateful ingress to TCP ports 111, 2048, 2049, and 2050, and UDP ports 111 and 2048.
        • Stateful egress for TCP source ports 111, 2048, 2049, and 2050, and UDP source port 111.
      4. Enter the path under which the storage is to be mounted.

        Storage is mounted under the specified mount path. The path must start with an alphanumeric character. The destination directory must be unique across the storage mounts provided. The allowed characters are alphanumerics, hyphen ( - ) and underscore ( _ ).

        You can specify the full path, such as /opc/storage-directory. If only a directory is specified, such as /storage-directory, then it's mounted under the default /mnt directory. You can't specify OS specific directories, such as /bin or /etc.

      5. Select Submit.

        Repeat these steps to add up to two storage mounts for notebook sessions.

    9. (Optional) Expand the Runtime configuration section to define custom environment variables and Git settings, as follows:
    10. (Optional) In the Tags section, add one or more tags to the <resourceType>. If you have permissions to create a resource, then you also have permissions to apply free-form tags to that resource. To apply a defined tag, you must have permissions to use the tag namespace. For more information about tagging, see Resource Tags. If you're not sure whether to apply tags, skip this option or ask an administrator. You can apply tags later.
    11. (Optional) To view the details for the notebook session immediately after creation, select View detail page on clicking create.
    12. Select Create.
    The notebook sessions page opens. When the notebook session is successfully created, the status turns to Active, and you can open the notebook session. The create notebook session action is asynchronous and starts a work request. You can use the work request to track the status of an operation. For general information about using work requests in OCI, see Work Requests and the Work Requests API.

  • Use the oci data-science notebook-session create commands and required parameters to create a notebook session in a compartment:

    oci data-science notebook-session create --compartment-id <compartment-id>, -c [<name>], -c [<project-id>]  ... [OPTIONS]

    For a complete list of flags and variable options for CLI commands, see the CLI Command Reference.

  • Run the CreateNotebookSession operation to create a notebook session.