Hey Pranay, We've got SASL support so in theory we should easily be able to do Kerberos via the GSSAPI mechanism of SASL. We currently only "support" (i.e., have tested) shared secrets (the CRAM-MD5 mechanism).
We currently have MESOS-418 in JIRA. This has acted as the "roadmap" for authentication thus far (it might make sense to create another Kerberos specific issue to capture Kerberos specific discussion). Hope that helps. Ben. On Oct 16, 2013, at 7:22 AM, Pranay Tonpay <pranay.ton...@impetus.co.in> wrote: > Hi, > I am new to this group, so wasn't sure about the protocol to ask this > question... > Is there in road map of Mesos to add something like Kerberos security ? > > Thx > pranay > > > -----Original Message----- > From: Sam Taha [mailto:taha...@gmail.com] > Sent: Wednesday, October 16, 2013 5:40 PM > To: dev@mesos.apache.org; Niklas Nielsen > Subject: Re: Review Request 14669: launchTasks on list of offers > > This enhancement, is implying it is currently possible for Mesos to deliver, > to a single Framework, multiple Offers (with mutually exclusive > resources) from the same slave? > > I am curious why mesos wouldn't merge these resource offers when it delivers > the Offers to the Framework. This would seem easier for the Framework to deal > with when the Framework is trying to match up its requests to the offers > being presented to it. > > Thanks, > Sam Taha > > http://www.grandlogic.com > > > > > On Wed, Oct 16, 2013 at 2:15 AM, Niklas Nielsen <n...@qni.dk> wrote: > >> >> ----------------------------------------------------------- >> This is an automatically generated e-mail. To reply, visit: >> https://reviews.apache.org/r/14669/ >> ----------------------------------------------------------- >> >> Review request for mesos, Benjamin Hindman, Ben Mahler, and Vinod Kone. >> >> >> Repository: mesos-git >> >> >> Description >> ------- >> >> Running tasks on more than one offer belonging to a single slave can >> be useful in situations with multiple out-standing offers. >> >> This patch extends the usual launchTasks() to accept a vector of OfferIDs. >> The previous launchTasks (accepting a single OfferID) has been kept >> for backward compatibility, but this now calls the new launchTasks() >> with a one-element list. >> This also applied for the JNI and python interfaces, which accepts >> both formats as well. >> >> Offers are verified to belong to the same slave and framework, before >> resources are merged and used. >> >> >> Diffs >> ----- >> >> include/mesos/scheduler.hpp fa1ffe8 >> src/java/jni/org_apache_mesos_MesosSchedulerDriver.cpp 9869929 >> src/java/src/org/apache/mesos/MesosSchedulerDriver.java ed4b4a3 >> src/java/src/org/apache/mesos/SchedulerDriver.java 93aaa54 >> src/master/master.hpp 9f5e25b >> src/master/master.cpp 1bf5d47 >> src/messages/messages.proto a5dded2 >> src/python/native/mesos_scheduler_driver_impl.cpp 059ed5d >> src/sched/sched.cpp 824b4b7 >> src/tests/master_tests.cpp feea541 >> >> Diff: https://reviews.apache.org/r/14669/diff/ >> >> >> Testing >> ------- >> >> A new test, MasterTest.LaunchCombinedOfferTest, has been added. >> This test ensures that: >> 1) Multiple offers can be used to run a single task (requesting the >> sum of offer resources). >> 2) No offers can appear more than once in offer list. >> 3) Offers cannot span multiple slaves. >> >> $ make check >> ... >> [ RUN ] MasterTest.LaunchCombinedOfferTest >> [ OK ] MasterTest.LaunchCombinedOfferTest (3043 ms) >> ... >> >> >> Thanks, >> >> Niklas Nielsen >> >> > > ________________________________ > > > > > > > NOTE: This message may contain information that is confidential, proprietary, > privileged or otherwise protected by law. The message is intended solely for > the named addressee. If received in error, please destroy and notify the > sender. Any use of this email is prohibited when received in error. Impetus > does not represent, warrant and/or guarantee, that the integrity of this > communication has been maintained nor that the communication is free of > errors, virus, interception or interference.
