Added the '--executor_secret_key' agent flag. Added a new agent flag, `--executor_secret_key` to allow the specification of a secret key to be used when generating and authenticating default executor tokens.
Review: https://reviews.apache.org/r/57664/ Project: http://git-wip-us.apache.org/repos/asf/mesos/repo Commit: http://git-wip-us.apache.org/repos/asf/mesos/commit/faf0c087 Tree: http://git-wip-us.apache.org/repos/asf/mesos/tree/faf0c087 Diff: http://git-wip-us.apache.org/repos/asf/mesos/diff/faf0c087 Branch: refs/heads/master Commit: faf0c08721b5461de14304ec763dd80377b4fe95 Parents: be2c67c Author: Greg Mann <[email protected]> Authored: Fri Mar 24 10:00:40 2017 -0700 Committer: Anand Mazumdar <[email protected]> Committed: Fri Mar 24 10:01:33 2017 -0700 ---------------------------------------------------------------------- docs/configuration.md | 9 +++++++++ src/slave/flags.cpp | 7 +++++++ src/slave/flags.hpp | 3 +++ 3 files changed, 19 insertions(+) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/mesos/blob/faf0c087/docs/configuration.md ---------------------------------------------------------------------- diff --git a/docs/configuration.md b/docs/configuration.md index 9f74740..2e9b829 100644 --- a/docs/configuration.md +++ b/docs/configuration.md @@ -1405,6 +1405,15 @@ in memory. (default: 150) </tr> <tr> <td> + --executor_secret_key=VALUE + </td> + <td> +The key used when generating executor secrets. This flag is only +available when Mesos is built with SSL support. + </td> +</tr> +<tr> + <td> --executor_shutdown_grace_period=VALUE </td> <td> http://git-wip-us.apache.org/repos/asf/mesos/blob/faf0c087/src/slave/flags.cpp ---------------------------------------------------------------------- diff --git a/src/slave/flags.cpp b/src/slave/flags.cpp index 7198793..3c3cbe0 100644 --- a/src/slave/flags.cpp +++ b/src/slave/flags.cpp @@ -342,6 +342,13 @@ mesos::internal::slave::Flags::Flags() "terminations may occur.", DEFAULT_EXECUTOR_SHUTDOWN_GRACE_PERIOD); +#ifdef USE_SSL_SOCKET + add(&Flags::executor_secret_key, + "executor_secret_key", + "The key used when generating executor secrets. This flag is only\n" + "available when Mesos is built with SSL support."); +#endif // USE_SSL_SOCKET + add(&Flags::gc_delay, "gc_delay", "Maximum amount of time to wait before cleaning up\n" http://git-wip-us.apache.org/repos/asf/mesos/blob/faf0c087/src/slave/flags.hpp ---------------------------------------------------------------------- diff --git a/src/slave/flags.hpp b/src/slave/flags.hpp index 2c4bd6a..fec0354 100644 --- a/src/slave/flags.hpp +++ b/src/slave/flags.hpp @@ -77,6 +77,9 @@ public: Option<JSON::Object> executor_environment_variables; Duration executor_registration_timeout; Duration executor_shutdown_grace_period; +#ifdef USE_SSL_SOCKET + Option<std::string> executor_secret_key; +#endif // USE_SSL_SOCKET Duration gc_delay; double gc_disk_headroom; Duration disk_watch_interval;
