FYI ---------- Forwarded message ---------- From: İlim Uğur <ilimu...@gmail.com> Date: Mon, Jul 8, 2013 at 1:24 PM Subject: Re: GSOC 2013: Mesos - Security and Authentication Support To: twitter-g...@googlegroups.com
This past week I have had a hard time getting used to the Cyrus SASL library. The documentation is not non-existent, and not bad, either. But I suppose I could not familiarize and implement so many new concepts in such short notice. This week I plan to get a client-server authentication working, after looking into the source code of the projects that are already making use of Cyrus SASL library. (e.g. Sendmail) Once that is done, the next step is to adapt that code to Mesos source as an Authenticator abstraction to be used for slave and scheduler authentication. Please let me know if you have any suggestions on working with Cyrus SASL library. - İlim 2013/6/26 İlim Uğur <ilimu...@gmail.com> > Here are last week's updates for my GSoC project. > > I read about Cyrus SASL library, which is the probable option to utilize > for authenticating Mesos components(master(s), slaves, etc.). After > discussing with Vinod Kone regarding the path I should follow for > implementing authentication for these nodes, we agreed the most important > issue was defining an appropriate interface for the components to use for > authentication. > > Last week was not quite productive for me, because of what seemed to be a > nationwide slowdown of the Internet in my country. It has been a painful > and slow experience to research on the Internet. Luckily enough, the > problems in Internet speed seem to be over for the last 2 days. > > This week, I will try and finalize the design and, hopefully, the > implementation of the proper interface for authentication. > > - İlim > > > > > 2013/6/18 İlim Uğur <ilimu...@gmail.com> > >> Hello to all, >> >> My name is Ilim Ugur, and my proposal for adding security and >> authentication to Mesos has been accepted for this year's GSoC. >> >> Unfortunately, till today, I was not able to send you any status updates, >> as Turkey, the country I reside in, has been pretty busy with many protests >> against police violence, censored media and an oppressive government were >> taking place all around the country. Still, GSoC coding period started and >> as of now, I shall be sending status reports as all other participants of >> this year. >> >> My project (see http://goo.gl/ccwAK) consists of adding security and >> authentication support to Mesos, a resource sharing tool for clusters that >> enables efficient usage of multiple frameworks in a cluster. Mesos acts as >> a middle layer between frameworks such as Hadoop and the clusters they >> operate on. With this project, we basically want to ensure only >> authenticated users/frameworks to be able to submit jobs and Mesos to >> communicate securely. >> >> As suggested by my mentor Vinod Kone(@vinodkone), I am planning to handle >> authentication first. Currently the way to handle authentication seems to >> be integrating Kerberos into Mesos. Of course, there is the issue of >> handling the authentication on the systems that do not have Kerberos/LDAP >> deployment, a problem we are currently discussing solutions for, with my >> mentor. Some of the possible solutions include key-based authentication, or >> some means of authentication without using keys, as distributing the keys >> would be another problem, if key-based authentication is used. Actually, I >> would like to hear any ideas/suggestions you might have about this issue. >> >> Currently I am familiarizing with Mesos source code and will start >> implementing Kerberos integration into Mesos (i.e. to be used when Kerberos >> is available) as soon as a solution is agreed on for implementing >> authentication for systems on which Kerberos is not available. >> >> I will keep this list posted on any news on my project. Feel free to let >> me know of any ideas or suggestions you might have. >> >> - Ilim >> > > -- You received this message because you are subscribed to the Google Groups "Twitter GSOC" group. To unsubscribe from this group and stop receiving emails from it, send an email to twitter-gsoc+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
