[ https://issues.apache.org/jira/browse/MESOS-8100?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Vinod Kone updated MESOS-8100: ------------------------------ Sprint: Mesosphere Sprint 66, Mesosphere Sprint 67 (was: Mesosphere Sprint 66) > Authorize standalone container calls from local resource providers. > ------------------------------------------------------------------- > > Key: MESOS-8100 > URL: https://issues.apache.org/jira/browse/MESOS-8100 > Project: Mesos > Issue Type: Task > Components: agent > Reporter: Chun-Hung Hsiao > Assignee: Chun-Hung Hsiao > Labels: mesosphere > Fix For: 1.5.0 > > > We need to add authorization for a local resource provider to call the > standalone container API to prevent the provider from manipulating arbitrary > containers. We can use the same JWT-based authN/authZ mechanism for > executors, where the agent will create a auth token for each local resource > provider instance: > {noformat} > class LecalResourceProvider > { > public: > static Try<process::Owned<LocalResourceProvider>> create( > const process::http::URL& url, > const std::string& workDir, > const mesos::ResourceProviderInfo& info, > const Option<std::string>& authToken); > ... > }; > {noformat} -- This message was sent by Atlassian JIRA (v6.4.14#64029)