Thanks for the update on this, Vinod. ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Chris Mattmann, Ph.D. Senior Computer Scientist NASA Jet Propulsion Laboratory Pasadena, CA 91109 USA Office: 171-266B, Mailstop: 171-246 Email: chris.a.mattm...@nasa.gov WWW: http://sunset.usc.edu/~mattmann/ ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Adjunct Assistant Professor, Computer Science Department University of Southern California, Los Angeles, CA 90089 USA ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
-----Original Message----- From: Vinod Kone <vinodk...@gmail.com> Reply-To: "dev@mesos.apache.org" <dev@mesos.apache.org> Date: Monday, July 8, 2013 1:39 PM To: "dev@mesos.apache.org" <dev@mesos.apache.org> Subject: Fwd: GSOC 2013: Mesos - Security and Authentication Support >FYI > >---------- Forwarded message ---------- >From: İlim Uğur <ilimu...@gmail.com> >Date: Mon, Jul 8, 2013 at 1:24 PM >Subject: Re: GSOC 2013: Mesos - Security and Authentication Support >To: twitter-g...@googlegroups.com > > >This past week I have had a hard time getting used to the Cyrus SASL >library. The documentation is not non-existent, and not bad, either. But I >suppose I could not familiarize and implement so many new concepts in such >short notice. > >This week I plan to get a client-server authentication working, after >looking into the source code of the projects that are already making use >of >Cyrus SASL library. (e.g. Sendmail) Once that is done, the next step is to >adapt that code to Mesos source as an Authenticator abstraction to be used >for slave and scheduler authentication. > >Please let me know if you have any suggestions on working with Cyrus SASL >library. > >- İlim > > > > >2013/6/26 İlim Uğur <ilimu...@gmail.com> > >> Here are last week's updates for my GSoC project. >> >> I read about Cyrus SASL library, which is the probable option to utilize >> for authenticating Mesos components(master(s), slaves, etc.). After >> discussing with Vinod Kone regarding the path I should follow for >> implementing authentication for these nodes, we agreed the most >>important >> issue was defining an appropriate interface for the components to use >>for >> authentication. >> >> Last week was not quite productive for me, because of what seemed to be >>a >> nationwide slowdown of the Internet in my country. It has been a painful >> and slow experience to research on the Internet. Luckily enough, the >> problems in Internet speed seem to be over for the last 2 days. >> >> This week, I will try and finalize the design and, hopefully, the >> implementation of the proper interface for authentication. >> >> - İlim >> >> >> >> >> 2013/6/18 İlim Uğur <ilimu...@gmail.com> >> >>> Hello to all, >>> >>> My name is Ilim Ugur, and my proposal for adding security and >>> authentication to Mesos has been accepted for this year's GSoC. >>> >>> Unfortunately, till today, I was not able to send you any status >>>updates, >>> as Turkey, the country I reside in, has been pretty busy with many >>>protests >>> against police violence, censored media and an oppressive government >>>were >>> taking place all around the country. Still, GSoC coding period started >>>and >>> as of now, I shall be sending status reports as all other participants >>>of >>> this year. >>> >>> My project (see http://goo.gl/ccwAK) consists of adding security and >>> authentication support to Mesos, a resource sharing tool for clusters >>>that >>> enables efficient usage of multiple frameworks in a cluster. Mesos >>>acts as >>> a middle layer between frameworks such as Hadoop and the clusters they >>> operate on. With this project, we basically want to ensure only >>> authenticated users/frameworks to be able to submit jobs and Mesos to >>> communicate securely. >>> >>> As suggested by my mentor Vinod Kone(@vinodkone), I am planning to >>>handle >>> authentication first. Currently the way to handle authentication seems >>>to >>> be integrating Kerberos into Mesos. Of course, there is the issue of >>> handling the authentication on the systems that do not have >>>Kerberos/LDAP >>> deployment, a problem we are currently discussing solutions for, with >>>my >>> mentor. Some of the possible solutions include key-based >>>authentication, or >>> some means of authentication without using keys, as distributing the >>>keys >>> would be another problem, if key-based authentication is used. >>>Actually, I >>> would like to hear any ideas/suggestions you might have about this >>>issue. >>> >>> Currently I am familiarizing with Mesos source code and will start >>> implementing Kerberos integration into Mesos (i.e. to be used when >>>Kerberos >>> is available) as soon as a solution is agreed on for implementing >>> authentication for systems on which Kerberos is not available. >>> >>> I will keep this list posted on any news on my project. Feel free to >>>let >>> me know of any ideas or suggestions you might have. >>> >>> - Ilim >>> >> >> > -- >You received this message because you are subscribed to the Google Groups >"Twitter GSOC" group. >To unsubscribe from this group and stop receiving emails from it, send an >email to twitter-gsoc+unsubscr...@googlegroups.com. >For more options, visit https://groups.google.com/groups/opt_out.
