[
https://issues.apache.org/jira/browse/MESOS-8987?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16510811#comment-16510811
]
Alexander Rojas commented on MESOS-8987:
----------------------------------------
I think we should distinguish two cases here:
# The authorizer failed to reach a concrete answer which is known because the
future containing the answer fails. In this case the agent should retry.
# The authorizer clearly thinks the agent is not allowed to register, the
future is not failed but its value is {{false}}. In this case returning the
{{ShutdownMessage}} still looks like the right solution.
>From the
>[code|https://github.com/apache/mesos/blob/d733b1031350e03bce443aa287044eb4eee1053a/src/master/master.cpp#L6974-L6998]
> I can see that the two cases are merged into one:
{code}
Option<string> authorizationError = None();
if (authorized.isFailed()) { // FIRST CASE, AGENT SHOULD RETRY IN THIS CASE.
authorizationError = "Authorization failure: " + authorized.failure();
} else if (!authorized.get()) { // SECOND CASE, AGENT SHOULD SHUTDOWN.
authorizationError =
"Not authorized to reregister agent providing resources "
"'" + stringify(Resources(slaveInfo.resources())) + "' " +
(principal.isSome()
? "with principal '" + stringify(principal.get()) + "'"
: "without a principal");
}
if (authorizationError.isSome()) {
LOG(WARNING) << "Refusing re-registration of agent " << slaveInfo.id()
<< " at " << pid << " (" << slaveInfo.hostname() << ")"
<< ": " << authorizationError.get();
ShutdownMessage message;
message.set_message(authorizationError.get());
send(pid, message);
slaves.reregistering.erase(slaveInfo.id());
return;
}
{code}
> Master asks agent to shutdown upon auth errors
> ----------------------------------------------
>
> Key: MESOS-8987
> URL: https://issues.apache.org/jira/browse/MESOS-8987
> Project: Mesos
> Issue Type: Bug
> Components: master, security
> Affects Versions: 1.4.1, 1.5.1, 1.6.0, 1.7.0
> Reporter: Gastón Kleiman
> Priority: Blocker
> Labels: mesosphere
>
> The Mesos master sends a {{ShutdownMessage}} to an agent if there is an
> [authentication|https://github.com/apache/mesos/blob/d733b1031350e03bce443aa287044eb4eee1053a/src/master/master.cpp#L6532-L6543]
> or an
> [authorization|https://github.com/apache/mesos/blob/d733b1031350e03bce443aa287044eb4eee1053a/src/master/master.cpp#L6622-L6633]
> error during agent registration.
>
> Upon receipt of this message, the agent kills alls its tasks and commits
> suicide. This means that transient auth errors can lead to whole agents being
> killed along with it's tasks.
> I think the master should stop sending the {{ShutdownMessage}}s in these
> cases, or at least let the agent retry the registration a few times before
> asking it to shutdown.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
