[
https://issues.apache.org/jira/browse/MESOS-910?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13872834#comment-13872834
]
Adam B commented on MESOS-910:
------------------------------
I haven't investigated the various libraries much yet. A quick stackoverflow
search suggests the following:
Mongoose (GPLv2): http://code.google.com/p/mongoose/
libmicrohttpd (LGPLv2.1): http://www.gnu.org/software/libmicrohttpd/
lighttpd (BSD): http://www.lighttpd.net/
Pion (Boost): https://github.com/cloudmeter/pion (Splunk)
boost-asio http server examples ():
http://www.boost.org/doc/libs/1_43_0/doc/html/boost_asio/examples.html
I believe all of them can support SSL/TLS, often through an external library
like gnutls.
Suggestions/comments are welcome, especially if you can explain what other
features/functionality will be needed.
> Add encryption support for master/slave/framework channels
> ----------------------------------------------------------
>
> Key: MESOS-910
> URL: https://issues.apache.org/jira/browse/MESOS-910
> Project: Mesos
> Issue Type: Story
> Components: general, libprocess
> Reporter: Adam B
> Labels: encryption, security
>
> Currently all the messages that flow through the Mesos cluster are
> unencrypted making it possible for intruders to intercept and potentially
> control your task. We plan to add encryption support by adding SSL/TLS
> support to libprocess, the low-level communication library that Mesos uses
> for all network communication between Mesos components.
> As a first step, we should replace the hand-coded http code in libprocess
> with a standard library, like libhttp, ensuring that any mesos-custom code
> like routing remains. Then, transition to https should be easier.
--
This message was sent by Atlassian JIRA
(v6.1.5#6160)
