Securing Mesos
Let's secure Mesos by using authentication. In this chapter, we will learn how to authenticate agents to prevent unknown agents and frameworks from joining the cluster. To prevent the launch of unauthorized frameworks, we can specify a secret that needs to be passed by the framework to be accepted by Mesos. The Scheduler API accepts the principal and the secret as a way of authenticating frameworks. The same approach applies to agents as well. Only those knowing the secret can join the cluster. So before we work on configuring authentication, we have to identify the principals of our cluster and generate secrets for them. In the example presented in this chapter, we will assume we have two principals: marathon1 (framework), ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access