You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@mesos.apache.org by "Till Toenshoff (JIRA)" <ji...@apache.org> on 2015/02/21 22:43:11 UTC

[jira] [Created] (MESOS-2379) Disabled master authentication causes authentication retries in the scheduler.

Till Toenshoff created MESOS-2379:
-------------------------------------

             Summary: Disabled master authentication causes authentication retries in the scheduler. 
                 Key: MESOS-2379
                 URL: https://issues.apache.org/jira/browse/MESOS-2379
             Project: Mesos
          Issue Type: Bug
            Reporter: Till Toenshoff


The CRAM-MD5 authenticator relies upon shared credentials. Not supplying such credentials while starting up a master effectively disables any authentication.

A framework (or slave) may still attempt to authenticate which is answered by an {{AuthenticationErrorMessage}} by the master. That in turn will cause the authenticatee to fail its {{authenticate}} promise, which in turn will cause the current framework driver implementation to infinitely (and unthrottled) retry authentication.

See: https://github.com/apache/mesos/blob/master/src/sched/sched.cpp#L372
{noformat}
    if (reauthenticate || !future.isReady()) {
      LOG(INFO)
        << "Failed to authenticate with master " << master.get() << ": "
        << (reauthenticate ? "master changed" :
           (future.isFailed() ? future.failure() : "future discarded"));

      authenticating = None();
      reauthenticate = false;

      // TODO(vinod): Add a limit on number of retries.
      dispatch(self(), &Self::authenticate); // Retry.
      return;
    }
{noformat}




--
This message was sent by Atlassian JIRA
(v6.3.4#6332)