[4/6] mesos git commit: Updated upgrades.md for new HTTP authentication flags.

[me...@apache.org]

Updated upgrades.md for new HTTP authentication flags.

Review: https://reviews.apache.org/r/50333/


Project: http://git-wip-us.apache.org/repos/asf/mesos/repo
Commit: http://git-wip-us.apache.org/repos/asf/mesos/commit/6009b314
Tree: http://git-wip-us.apache.org/repos/asf/mesos/tree/6009b314
Diff: http://git-wip-us.apache.org/repos/asf/mesos/diff/6009b314

Branch: refs/heads/1.0.x
Commit: 6009b3143a47eefff717103f1c094dc914f26fce
Parents: be1b249
Author: Greg Mann <gr...@mesosphere.io>
Authored: Fri Jul 22 01:51:01 2016 -0700
Committer: Adam B <ad...@mesosphere.io>
Committed: Fri Jul 22 02:02:25 2016 -0700

----------------------------------------------------------------------
 docs/upgrades.md | 5 +++++
 1 file changed, 5 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/mesos/blob/6009b314/docs/upgrades.md
----------------------------------------------------------------------
diff --git a/docs/upgrades.md b/docs/upgrades.md
index 80aa8f4..82b9e26 100644
--- a/docs/upgrades.md
+++ b/docs/upgrades.md
@@ -64,6 +64,7 @@ We categorize the changes as follows:
       <li>C <a href="#1-0-x-slave">Slave to Agent rename</a></li>
       <li>R <a href="#1-0-x-workdir">work_dir default value</a></li>
       <li>D <a href="#1-0-x-deprecated-ssl-env-variables">SSL environment variables</a></li>
+      <li>ACD <a href="#1-0-x-http-authentication-flags">HTTP authentication</a></li>
     </ul>
   </td>
   <td style="word-wrap: break-word; overflow-wrap: break-word;"><!--Framework API-->
@@ -277,6 +278,10 @@ We categorize the changes as follows:
 
 * When a task is run as a particular user, the fetcher now fetches files as that user also. Note, this means that filesystem permissions for that user will be enforced when fetching local files.
 
+<a name="1-0-x-http-authentication-flags"></a>
+
+* The `--authenticate_http` flag has been deprecated in favor of `--authenticate_http_readwrite`. Setting `--authenticate_http_readwrite` will now enable authentication for all endpoints which previously had authentication support. These happen to be the endpoints which allow modifiication of the cluster state, or "read-write" endpoints. Note that `/logging/toggle`, `/profiler/start`, `/profiler/stop`, `/maintenance/schedule`, `/machine/up`, and `/machine/down` previously did not have authentication support, but in 1.0 if either `--authenticate_http` or `--authenticate_http_readwrite` is set, those endpoints will now require authentication. A new flag has also been introduced, `--authenticate_http_readonly`, which enables authentication for endpoints which support authentication and do not allow modification of the state of the cluster, like `/state` or `/flags`.
+
 <a name="1-0-x-endpoint-authorization"></a>
 
 * Mesos 1.0 introduces authorization support for several HTTP endpoints. Note that some of these endpoints are used by the web UI, and thus using the web UI in a cluster with authorization enabled will require that ACLs be set appropriately. Please refer to the [authorization documentation](authorization.md) for details.