[jira] [Updated] (MESOS-910) Add SSL support to Mesos

Thu, 25 Jun 2015 15:59:24 -0700 

     [ 
https://issues.apache.org/jira/browse/MESOS-910?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Benjamin Hindman updated MESOS-910:
-----------------------------------
    Shepherd: Benjamin Hindman

> Add SSL support to Mesos
> ------------------------
>
>                 Key: MESOS-910
>                 URL: https://issues.apache.org/jira/browse/MESOS-910
>             Project: Mesos
>          Issue Type: Epic
>          Components: general, libprocess
>            Reporter: Adam B
>            Assignee: Joris Van Remoortere
>            Priority: Blocker
>              Labels: encryption, mesosphere, security
>
> Currently all the messages that flow through the Mesos cluster are unencrypted
> making it possible for intruders to intercept and potentially control your 
> task.
> We plan to add encryption support by adding SSL/TLS support to libprocess, the
> low-level communication library that Mesos uses for all network communication
> between Mesos components.
> As a first step, we should replace the hand-coded http code in libprocess 
> with a
> standard library, ensuring that any mesos custom code like routing remains.
> Then, transition to https should be easier.
> h3. Road map to SSL
> # Isolate libev dependencies to a manageable set of implementing files.
> ## MESOS-1912 Decouple libev from clock implementation
> ## MESOS-1914 Decouple libev from connection handling (use io::poll() instead 
> of individual watchers)
> ## MESOS-1952 Abstract network logic into socket class: connect()
> ## MESOS-1954 Abstract network logic into socket class: read()/write()
> ## MESOS-1953 Abstract network logic into socket class: connection events 
> (connected(), closed(), writable(), readable())
> ## MESOS-2119 Add Socket tests
> ## (MESOS-XXXX Libev backed Socket)
> # Provide alternative implementation with libevent.
> ## MESOS-2106 Enable libevent backed libprocess with configure flag.
> ## MESOS-2107 Create libevent-backed clock implementation
> ## MESOS-2133 Create libevent-backed poll implementation
> ## MESOS-1911 Create libevent-backed socket implementation
> # Enable SSL
> ## MESOS-2108 Add configure flag or environment variable to enable 
> SSL/libevent Socket
> ## MESOS-2109 Introduce socket factory
> ## MESOS-1913 Create libevent/SSL-backed Socket implementation
> ## MESOS-2085 Add support encrypted and non-encrypted communication in 
> parallel for cluster upgrade



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to