You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@mesos.apache.org by "Niklas Quarfot Nielsen (JIRA)" <ji...@apache.org> on 2015/02/03 23:30:35 UTC

[jira] [Updated] (MESOS-910) Add SSL support to Mesos

     [ https://issues.apache.org/jira/browse/MESOS-910?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Niklas Quarfot Nielsen updated MESOS-910:
-----------------------------------------
    Target Version/s: 0.22.0

> Add SSL support to Mesos
> ------------------------
>
>                 Key: MESOS-910
>                 URL: https://issues.apache.org/jira/browse/MESOS-910
>             Project: Mesos
>          Issue Type: Epic
>          Components: general, libprocess
>            Reporter: Adam B
>              Labels: encryption, security
>
> Currently all the messages that flow through the Mesos cluster are unencrypted
> making it possible for intruders to intercept and potentially control your task.
> We plan to add encryption support by adding SSL/TLS support to libprocess, the
> low-level communication library that Mesos uses for all network communication
> between Mesos components.
> As a first step, we should replace the hand-coded http code in libprocess with a
> standard library, ensuring that any mesos custom code like routing remains.
> Then, transition to https should be easier.
> h3. Road map to SSL
> # Isolate libev dependencies to a manageable set of implementing files.
> ## MESOS-1912 Decouple libev from clock implementation
> ## MESOS-1914 Decouple libev from connection handling (use io::poll() instead of individual watchers)
> ## MESOS-1952 Abstract network logic into socket class: connect()
> ## MESOS-1954 Abstract network logic into socket class: read()/write()
> ## MESOS-1953 Abstract network logic into socket class: connection events (connected(), closed(), writable(), readable())
> ## MESOS-2119 Add Socket tests
> ## (MESOS-XXXX Libev backed Socket)
> # Provide alternative implementation with libevent.
> ## MESOS-2106 Enable libevent backed libprocess with configure flag.
> ## MESOS-2107 Create libevent-backed clock implementation
> ## MESOS-2133 Create libevent-backed poll implementation
> ## MESOS-1911 Create libevent-backed socket implementation
> # Enable SSL
> ## MESOS-2108 Add configure flag or environment variable to enable SSL/libevent Socket
> ## MESOS-2109 Introduce socket factory
> ## MESOS-1913 Create libevent/SSL-backed Socket implementation
> ## MESOS-2085 Add support encrypted and non-encrypted communication in parallel for cluster upgrade



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)