Hi, Parameters in the mesos-master specifically for authorization and authentication
--acls=/root/acl.json --authenticate --credentials=/root/passwd_file --roles="apps,dev-ops" --quorum=2 Parameters I pass in marathon --mesos_role "apps" --framework_name "marathon" --mesos_authentication_principal "user1" --mesos_authentication_secret_file "/root/marathon_password" If run from the same system, authentication works. For experimentation, I bought up mesos-master and marathon in the same node and another marathon instance in HA in another node - it came up. But when I brought down the marathon running in the same node as mesos-master, the other marathon instances started failing with the below log I0305 16:55:28.619690 47 sched.cpp:284] Authenticating with master [email protected]:5050 I0305 16:55:28.620254 47 authenticatee.hpp:133] Creating new client SASL connection W0305 16:55:33.626118 49 sched.cpp:379] Authentication timed out I0305 16:55:33.626292 49 sched.cpp:339] Failed to authenticate with master [email protected]:5050: Authentication discarded I0305 16:55:33.626947 49 sched.cpp:284] Authenticating with master [email protected]:5050 I0305 16:55:33.627034 49 authenticatee.hpp:133] Creating new client SASL connection W0305 16:55:38.631783 46 sched.cpp:379] Authentication timed out I0305 16:55:38.631957 46 sched.cpp:339] Failed to authenticate with master [email protected]:5050: Authentication discarded I0305 16:55:38.632975 46 sched.cpp:284] Authenticating with master [email protected]:5050 I0305 16:55:38.633229 46 authenticatee.hpp:133] Creating new client SASL connection Thanks, ./Siva On Fri, Mar 6, 2015 at 12:08 PM, Adam Bordelon <[email protected]> wrote: > What parameters are you setting on each of the masters and framework? > You'll need --credentials on the master and > --mesos_authentication_principal and --mesos_authentication_secret_file on > the (Marathon) framework node, and of course you'll need the credentials > file on the master and a matching secret file on the framework node. > > What exactly is the error message you see? > > On Thu, Mar 5, 2015 at 10:14 PM, Sivaram Kannan <[email protected]> > wrote: > >> >> Hi, >> >> I have a 3 node mesos-master cluster. Say if node-1 is elected as >> mesos-master and if I run a framework(Marathon) in the same node, >> authentication succeeds. But if I run the framework from the node-2, >> authentication for the framework fails. The machines are all similarly >> configured in terms of hardware, same OS - everything is same except for >> the ip between hosts. >> >> Any idea why is this?? >> >> Thanks, >> ./Siva. >> >> > -- ever tried. ever failed. no matter. try again. fail again. fail better. -- Samuel Beckett
