mesos-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Alexander Rukletsov (JIRA)" <>
Subject [jira] [Commented] (MESOS-1486) Introduce an optional master whitelist for slaves
Date Wed, 12 Nov 2014 16:38:34 GMT


Alexander Rukletsov commented on MESOS-1486:

A follow-up on this issue. We would like to authorize (not authenticate) masters in slaves.
For example, if a new (rogue) master becomes a leader, a slave checks it against its list
of whitelisted masters and refuses to communicate with it if it is not authorized. As a short-term
solution, we can use a mechanism similar to slave whitelisting in master, which will be [deprecated
in favour of ACLs|]. In a long run, this feature
should resemble [MESOS-1546|]. 

> Introduce an optional master whitelist for slaves
> -------------------------------------------------
>                 Key: MESOS-1486
>                 URL:
>             Project: Mesos
>          Issue Type: Improvement
>          Components: slave
>            Reporter: Niklas Quarfot Nielsen
> Like masters can whitelist slaves (and only announce available resources from slaves
whitelisted), slaves should be able to whitelist masters they are willing/allowed to connect
to. I have a proof-of-concept ready which ties into the slave::detected() method and prevents
non-whitelisted masters to register.
> If "*" is provided - whitelisting is not enforced (which would be the usual case).

This message was sent by Atlassian JIRA

View raw message