I'm not 100% on that--the root issue is here, in JIRA: https://issues.apache.org/jira/browse/MESOS-910
That solution wouldn't require changes to be made to Marathon or frameworks, but it would require that libmesos be configured instead. On Tue, Feb 3, 2015 at 12:54 PM, Viswanathan Ramachandran < [email protected]> wrote: > Hi David, > > Thanks for the answer. > > Were you referring to Mesos 0.22 or a later release? Would there be > concurrent adoption in popular frameworks like Marathon, or would it be > lag by some time? > > Thanks > Vish > > On Mon, Feb 2, 2015 at 3:04 PM, David Greenberg <[email protected]> > wrote: > >> This should be possible with the ssl work in the upcoming release. >> >> >> On Monday, February 2, 2015, Viswanathan Ramachandran < >> [email protected]> wrote: >> >>> Hi, >>> >>> Although I did not get the details, I understand from brief >>> documentation that there are some authentication features present so that >>> frameworks and slaves can authenticate to master. >>> >>> However, is there any measure that prevents an unknown entity pretending >>> as the master and being able to schedule apps/processes on the slave >>> machines that may compromise the security of the system? >>> >>> Two way certificate authentication between masters, slaves and >>> frameworks along with hostname verification may attain this goal, but I am >>> curious if the latest version of mesos/marathon supports this? >>> >>> Thanks >>> Vish >>> >> >
