[
https://issues.apache.org/jira/browse/MESOS-1486?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14034089#comment-14034089
]
Niklas Quarfot Nielsen commented on MESOS-1486:
-----------------------------------------------
Sure - kerberos would prevent leaking the credentials, but as we talked about,
it won't guarantee that a slave is registering with the master it wants (taken,
not having a nothing of whitelisting or permitted masters on the slave). Adding
the 2nd step would make it possible to reuse the ACL logic in the master, here
in the slave, to map master credentials to permissions.
> Add authentication of masters in slaves.
> ----------------------------------------
>
> Key: MESOS-1486
> URL: https://issues.apache.org/jira/browse/MESOS-1486
> Project: Mesos
> Issue Type: Improvement
> Components: slave
> Reporter: Niklas Quarfot Nielsen
>
> Like masters can whitelist slaves (and only announce available resources from
> slaves whitelisted), slaves should be able to whitelist masters they are
> willing/allowed to connect to. I have a proof-of-concept ready which ties
> into the slave::detected() method and prevents non-whitelisted masters to
> register.
> If "*" is provided - whitelisting is not enforced (which would be the usual
> case).
--
This message was sent by Atlassian JIRA
(v6.2#6252)
