Re: How to tell master which ip to connect.

[Xiaodong Zhang <xd...@alauda.io>]

发件人: haosdent <ha...@gmail.com>>
答复: "user@mesos.apache.org<ma...@mesos.apache.org>" <us...@mesos.apache.org>>
日期: 2015年11月1日 星期日 下午5:02
至: user <us...@mesos.apache.org>>
主题: Re: How to tell master which ip to connect.

Hi, @Xiaodong I think ssl + register auth is enough, I don't think you need worried about that. Let me also attach some other mesos documents except ssl relate to security.

authentication: https://github.com/apache/mesos/blob/master/docs/authorization.md
authentication:  https://github.com/apache/mesos/blob/master/docs/authentication.md
firewall_rules: https://github.com/apache/mesos/blob/master/docs/configuration.md#master-and-slave-options

And if you want to use external firewall of iptables to limit access, it is also OK when you using mesos.

On Fri, Oct 30, 2015 at 7:50 AM, Xiaodong Zhang <xd...@alauda.io>> wrote:
oh！connect via ssl and register with auth is not safety enough？

发自我的 iPhone

在 2015年10月30日，上午12:55，tommy xiao <xi...@gmail.com>> 写道：

public ip is very dangerous for mesos cluster, you need a firewall on your solution.

2015-10-28 10:16 GMT+08:00 Xiaodong Zhang <xd...@alauda.io>>:
Hi teams:

My scenarios is like this:

My master nodes were deployed in AWS. My slaves were in AZURE.So they communicate via public ip.
I got trouble when slaves try to register to master.
Now slaves can get master’s public ip address,and can send register request.But they can only send there private ip to master.(Because they don’t know there public ip,thus they can’t not bind a public ip via ―ip flag), thus  masters can’t connect slaves.How can the slave to tell master which ip master should connect(I can’t find any flags like ―advertise_ip in master).



--
Deshi Xiao
Twitter: xds2000
E-mail: xiaods(AT)gmail.com<http://gmail.com>



--
Best Regards,
Haosdent Huang