Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Save more on your purchases! discount-offer-chevron-icon
Savings automatically calculated. No voucher code required.
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Apache Mesos Cookbook

You're reading from   Apache Mesos Cookbook Efficiently handle and manage tasks in a distributed environment

Arrow left icon
Product type Paperback
Published in Aug 2017
Publisher Packt
ISBN-13 9781785884627
Length 146 pages
Edition 1st Edition
Tools
Arrow right icon
Authors (3):
Arrow left icon
David Blomquist David Blomquist
Author Profile Icon David Blomquist
David Blomquist
Tomasz Janiszewski Tomasz Janiszewski
Author Profile Icon Tomasz Janiszewski
Tomasz Janiszewski
Marco Massenzio Marco Massenzio
Author Profile Icon Marco Massenzio
Marco Massenzio
Arrow right icon
View More author details
Toc

Table of Contents (9) Chapters Close

Preface 1. Getting Started with Apache Mesos FREE CHAPTER 2. Implementing High Availability with Apache ZooKeeper 3. Running and Maintaining Mesos 4. Understanding the Scheduler API 5. Managing Containers 6. Deploying PaaS with Marathon 7. Job Scheduling with Metronome 8. Continuous Integration with Jenkins

Enabling SSL


In this recipe, you will learn how to enable SSL for Marathon to protect eavesdropping on Marathon communication.

Getting ready

First, we need to create a place for our Java keystore:

mkdir -p /etc/marathon/ssl
cd /etc/marathon/ssl

Then, put the keystore password into the environment variable. We will need it later:

export MARATHON_SSL_KEYSTORE_PASSWORD=jks_pass

Generate the keystore. In this example, we will use self-signed certificates but if you can issue an organization-wide trusted certificate, it would be better to use that. With self- signed certificates, most browsers will mark the Marathon UI and API as dangerous and there is a chance that somebody will create a man-in-the-middle attack:

keytool -keystore marathon.jks -deststorepass $MARATHON_SSL_KEYSTORE_PASSWORD -alias marathon -genkey -keyalg RSA

How to do it...

Finally, save the Marathon keystore configuration:

cat << EOF > /etc/default/marathon
MARATHON_SSL_KEYSTORE_PATH=/etc/marathon/ssl/marathon.jks
MARATHON_SSL_KEYSTORE_PASSWORD...
lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image