Added readonly/readwrite auth flags to the docs. Review: https://reviews.apache.org/r/50322/
Project: http://git-wip-us.apache.org/repos/asf/mesos/repo Commit: http://git-wip-us.apache.org/repos/asf/mesos/commit/52ae4a97 Tree: http://git-wip-us.apache.org/repos/asf/mesos/tree/52ae4a97 Diff: http://git-wip-us.apache.org/repos/asf/mesos/diff/52ae4a97 Branch: refs/heads/master Commit: 52ae4a97b5581e74841feeccaba1b6c7d8ec311f Parents: 6da4d2c Author: Greg Mann <g...@mesosphere.io> Authored: Fri Jul 22 01:42:38 2016 -0700 Committer: Adam B <a...@mesosphere.io> Committed: Fri Jul 22 01:42:38 2016 -0700 ---------------------------------------------------------------------- docs/authentication.md | 28 ++++++++++++++++++++++------ docs/configuration.md | 18 ++++++++++++++---- 2 files changed, 36 insertions(+), 10 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/mesos/blob/52ae4a97/docs/authentication.md ---------------------------------------------------------------------- diff --git a/docs/authentication.md b/docs/authentication.md index 06d5961..1574db9 100644 --- a/docs/authentication.md +++ b/docs/authentication.md @@ -48,9 +48,17 @@ Mesos master and agent processes. For more information, refer to the to register. If `false` (the default), unauthenticated frameworks are also allowed to register. -* `--[no-]authenticate_http` - If `true`, authentication is required to make - HTTP requests to the HTTP endpoints that support authentication. If `false` - (the default), all endpoints can be used without authentication. +* `--[no-]authenticate_http_readonly` - If `true`, authentication is required to + make HTTP requests to the read-only HTTP endpoints that support + authentication. If `false` (the default), these endpoints can be used without + authentication. Read-only endpoints are those which cannot be used to modify + the state of the cluster. + +* `--[no-]authenticate_http_readwrite` - If `true`, authentication is required + to make HTTP requests to the read-write HTTP endpoints that support + authentication. If `false` (the default), these endpoints can be used without + authentication. Read-write endpoints are those which can be used to modify the + state of the cluster. * `--[no-]authenticate_agents` - If `true`, only authenticated agents are allowed to register. If `false` (the default), unauthenticated agents are also @@ -76,9 +84,17 @@ Mesos master and agent processes. For more information, refer to the only one credential is allowed. This credential is used to identify the agent to the master. -* `--[no-]authenticate_http` - If `true`, authentication is required to make - HTTP requests to the HTTP endpoints that support authentication. If `false` - (the default), all endpoints can be used without authentication. +* `--[no-]authenticate_http_readonly` - If `true`, authentication is required to + make HTTP requests to the read-only HTTP endpoints that support + authentication. If `false` (the default), these endpoints can be used without + authentication. Read-only endpoints are those which cannot be used to modify + the state of the agent. + +* `--[no-]authenticate_http_readwrite` - If `true`, authentication is required + to make HTTP requests to the read-write HTTP endpoints that support + authentication. If `false` (the default), these endpoints can be used without + authentication. Read-write endpoints are those which can be used to modify the + state of the agent. * `--http_authenticators` - Specifies which HTTP authenticator module to use. The default is `basic`, but additional modules can be added using the http://git-wip-us.apache.org/repos/asf/mesos/blob/52ae4a97/docs/configuration.md ---------------------------------------------------------------------- diff --git a/docs/configuration.md b/docs/configuration.md index de211ca..d40aa7f 100644 --- a/docs/configuration.md +++ b/docs/configuration.md @@ -69,12 +69,22 @@ access Mesos master/agent. </tr> <tr> <td> - --[no-]authenticate_http + --[no-]authenticate_http_readonly </td> <td> -If <code>true</code>, only authenticated requests for HTTP endpoints supporting -authentication are allowed. If <code>false</code>, unauthenticated requests to -HTTP endpoints are also allowed. (default: false) +If <code>true</code>, only authenticated requests for read-only HTTP endpoints +supporting authentication are allowed. If <code>false</code>, unauthenticated +requests to such HTTP endpoints are also allowed. + </td> +</tr> +<tr> + <td> + --[no-]authenticate_http_readwrite + </td> + <td> +If <code>true</code>, only authenticated requests for read-write HTTP endpoints +supporting authentication are allowed. If <code>false</code>, unauthenticated +requests to such HTTP endpoints are also allowed. </td> </tr> <tr>
