mesos-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joseph Wu <jos...@mesosphere.io>
Subject Re: Setting up SSL for mesos
Date Thu, 07 Jul 2016 19:14:19 GMT
Can you double-check if your master is linking to openssl?

>From your build folder, you should get something like:
ldd src/.libs/mesos-master | grep ssl
    libevent_openssl-2.0.so.5 => /lib64/libevent_openssl-2.0.so.5
    libssl.so.10 => /lib64/libssl.so.10
    libssl3.so => /lib64/libssl3.so

There doesn't seem to be anything wrong with your configure/build steps.
And your environment variables setup should work on any sane Unix shell.
(Perhaps inline the environment variable?  SSL_ENABLED=true
./mesos-master.sh ...)

On Thu, Jul 7, 2016 at 11:53 AM, Douglas Nelson <itsbehind@gmail.com> wrote:

> I rebuilt from scratch with SSL support and got no errors. I only set *export
> SSL_ENABLED=true* and then I ran the mesos-master.
>
> No errors were thrown and I can see the web UI via HTTP. I double checked
> that I was running the .sh from the build folder I created. Is mesos not
> connecting with the environment variable I set for some reason?
>
>
>
> On Wed, Jul 6, 2016 at 2:20 PM, Joseph Wu <joseph@mesosphere.io> wrote:
>
>> If you can see the WebUI via HTTP, without downgrade support, you might
>> be inadvertently running a different version of Mesos than the one you
>> built.
>>
>> You can quickly sanity check this by removing either SSL_KEY_FILE or
>> SSL_CERT_FILE and starting your master.  If your build has SSL support, it
>> should immediately exit with an error message.
>>
>>
>> On Wed, Jul 6, 2016 at 12:33 PM, Douglas Nelson <itsbehind@gmail.com>
>> wrote:
>> >
>> > I attempted to set up SSL following this guide:
>> http://mesos.apache.org/documentation/latest/ssl/
>> >
>> > I'm able to hit the WebUI with http but using https gives me nothing. I
>> must be missing something. Here are the steps I'm taking:
>> >
>> > I downloaded 0.28.2 from here: https://github.com/apache/mesos/releases
>> > I ran ./configure --enable-libevent --enable-ssl
>> > Then I ran make and make install
>> > I set the following environment variables:
>> >
>> > export SSL_ENABLED=1
>> > export SSL_SUPPORT_DOWNGRADE=0
>> > export SSL_KEY_FILE=<path>
>> > export SSL_CERT_FILE=<path>
>> >
>> > Finally, I ran ./bin/mesos-master.sh --ip=127.0.0.1
>> --work_dir=/var/lib/mesos
>> >
>> > I can provide any additional information if needed. Thanks!
>> >
>> > Also, I read that SSL would be included in mesosphere's nightly builds:
>> https://open.mesosphere.com/downloads/mesos-nightly/
>> >
>> > How stable are those builds and has SSL already been included?
>> >
>> > -Doug Nelson
>>
>>
>

Mime
View raw message