RE: rotating secrets when authenticating framework
Corrected the subject From: Devendra Ayalasomayajula Sent: Friday, October 20, 2017 2:40 PM To: user@mesos.apache.org Subject: rotting secrets when authenticating framework Hi, The framework I am experimenting with is using MesosSchedulerDriver and I am planning to pass Credential. But If the secret is updated how can the Credential that's passed to the driver be updated. How to handle secrets with expiry ? Thank You Devendra This email message is for the sole use of the intended recipient(s) and may contain confidential information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original message.
rotting secrets when authenticating framework
Hi, The framework I am experimenting with is using MesosSchedulerDriver and I am planning to pass Credential. But If the secret is updated how can the Credential that's passed to the driver be updated. How to handle secrets with expiry ? Thank You Devendra --- This email message is for the sole use of the intended recipient(s) and may contain confidential information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original message. ---
RE: Mesos acceptedResourceRoles slave_public
Thanks :) But I am runing a test setup of 3 nodes on CentOS7, should have written this with first post. Linux m01 3.10.0-693.2.2.el7.x86_64 mesos-1.4.0-2.0.1.x86_64 marathon-1.4.8-1.0.660.el7.x86_64 containernetworking-cni-0.5.1-1.el7.x86_64 mesosphere-zookeeper-3.4.6-0.1.20141204175332.centos7.x86_64 chronos-2.5.0-0.1.20170816233446.el7.x86_64 -Original Message- From: Bruce Campbell [mailto:bruce.campb...@microsoft.com] Sent: vrijdag 20 oktober 2017 18:41 To: user@mesos.apache.org Subject: RE: Mesos acceptedResourceRoles slave_public In acs engine if you define a ports list, the agent will be deployed as slave_public. Example of a public linux agent: "agentPoolProfiles": [ { "name": "wpub6", "count": 3, "vmSize": "Standard_DS2_v2", "dnsPrefix": "wpub6", "ports": [ 80, 443, 8080, 3389 ], "customNodeLabels" : { "foo" : "bar", "att1" : "value1" } }, }, -Original Message- From: Marc Roos [mailto:m.r...@f1-outsourcing.eu] Sent: Friday, October 20, 2017 9:29 AM To: userSubject: Mesos acceptedResourceRoles slave_public I added "acceptedResourceRoles": ["slave_public"] to a json application config in marathon. And it complains that the agents/slaves are not configured for this. I see some manuals on how to reconfigure via dc/os. I just wondered could this be an easy setting like something like this echo "appc,docker" > /etc/mesos-slave/image_providers
RE: Mesos acceptedResourceRoles slave_public
In acs engine if you define a ports list, the agent will be deployed as slave_public. Example of a public linux agent: "agentPoolProfiles": [ { "name": "wpub6", "count": 3, "vmSize": "Standard_DS2_v2", "dnsPrefix": "wpub6", "ports": [ 80, 443, 8080, 3389 ], "customNodeLabels" : { "foo" : "bar", "att1" : "value1" } }, }, -Original Message- From: Marc Roos [mailto:m.r...@f1-outsourcing.eu] Sent: Friday, October 20, 2017 9:29 AM To: userSubject: Mesos acceptedResourceRoles slave_public I added "acceptedResourceRoles": ["slave_public"] to a json application config in marathon. And it complains that the agents/slaves are not configured for this. I see some manuals on how to reconfigure via dc/os. I just wondered could this be an easy setting like something like this echo "appc,docker" > /etc/mesos-slave/image_providers
Mesos acceptedResourceRoles slave_public
I added "acceptedResourceRoles": ["slave_public"] to a json application config in marathon. And it complains that the agents/slaves are not configured for this. I see some manuals on how to reconfigure via dc/os. I just wondered could this be an easy setting like something like this echo "appc,docker" > /etc/mesos-slave/image_providers
Re: Sending TASK_STARTING in the built-in executors
As a follow-up, this change now landed and will likely be part of Mesos 1.5.0. We did our best to verify that we don't accidentally break existing frameworks, and the only issue we could find was with chronos (where a fix was since merged into the stable and master branches). If you discover that some framework you depend on would choke on this, now would be a good time to update it before upgrading to Mesos 1.5.0 ;) Best regards, On Wed, Aug 23, 2017 at 11:38 AM, Benno Everswrote: > Hi all, > > when starting a task, an executor can send out the following status > updates: > > - [optional] TASK_STARTING: Sent by the executor when it received the > launch command > - TASK_RUNNING: Sent by the executor when the task is running > > The built-in executors currently don't send out TASK_STARTING updates. I > think this discards potentially valuable information, because TASK_RUNNING > informs us about the current status of the task, but not about the status > change. > > For example, if the network connection between scheduler and master is > interrupted during task start, it has no good way to estimate the tasks > start time, because the TASK_RUNNING update that it eventually gets might > be a much later one. Also, for tasks with a long delay between STARTING and > RUNNING, to an outside observer it will look the same as if the task was > stuck in STAGING. > > There is a small risk that sending an additional update could break > existing frameworks. We briefly looked through some of the most popular > open-source frameworks and didn't find any major issues, but of course it's > impossible to do an exhaustive check. > > In particular, a framework will break if > > 1. It runs tasks using one of the built-in mesos executors, and > 2. it doesn't handle the possibility of receiving TASK_STARTING update, > and > 3. it reports an error whenever it encounters an unexpected task states > in an update. > > > If you are aware of any such framework, please speak up so we can consider > it. > > > Thanks, > -- > Benno Evers > Software Engineer, Mesosphere > -- Benno Evers Software Engineer, Mesosphere