> On April 13, 2016, 7:04 p.m., Vinod Kone wrote: > > src/master/master.cpp, lines 5944-5947 > > <https://reviews.apache.org/r/46114/diff/1/?file=1341975#file1341975line5944> > > > > We were discussing about this in another context this morning. I think > > we should just set FrameworkInfo.principal to Credential.principal (driver > > based) or AuthorizationHeader.principal (HTTP API) when framework has > > authenticated. This should be done by the master at the point of > > registration/subscription. Can you do that in a different review and make > > this review dependent on that?
https://reviews.apache.org/r/46209 now caters to this in the chain. > On April 13, 2016, 7:04 p.m., Vinod Kone wrote: > > src/master/master.cpp, lines 5939-5941 > > <https://reviews.apache.org/r/46114/diff/1/?file=1341975#file1341975line5939> > > > > The principal in HTTP based framework will be passed in the HTTP > > Authorization header. The FrameworkInfo.prinicipal is orthongoal to whether > > the framework is using a driver based API or HTTP API; it should be used in > > cases where framework doesn't want to authenticate but still want mesos to > > authorize its actions. > > > > Also, I was expecting the `authenticated` map to contain information > > about if a framework is authenticated or not irrespective of whether it's > > driver or HTTP based. The map will need to be updated to take either a PID > > or HTTP connection. > > > > I haven't seen the other reviews, but this is what I had in mind. As discussed offline, we won't be needing this. - Anand ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/46114/#review128730 ----------------------------------------------------------- On April 14, 2016, 3:34 p.m., Anand Mazumdar wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/46114/ > ----------------------------------------------------------- > > (Updated April 14, 2016, 3:34 p.m.) > > > Review request for mesos and Vinod Kone. > > > Bugs: MESOS-3923 > https://issues.apache.org/jira/browse/MESOS-3923 > > > Repository: mesos > > > Description > ------- > > Use the `principal` set in `FrameworkInfo.principal` to populate > framework metrics instead of looking them up in `authenticated` > map. It also ensures that HTTP->PID framework downgrades preserve > the metrics and no additional logic is needed to deal with this. > (Previously HTTP frameworks never had AuthN and no principal was > passed in `FrameworkInfo`, so this was never a concern). > > > Diffs > ----- > > src/master/master.cpp 781402c04fded159183e1ca28894e48355200f0c > > Diff: https://reviews.apache.org/r/46114/diff/ > > > Testing > ------- > > make check > > > Thanks, > > Anand Mazumdar > >
