Let's secure Mesos by using authentication. In this chapter, we will learn how to authenticate agents to prevent unknown agents and frameworks from joining the cluster. To prevent the launch of unauthorized frameworks, we can specify a secret that needs to be passed by the framework to be accepted by Mesos. The Scheduler API accepts the principal and the secret as a way of authenticating frameworks. The same approach applies to agents as well. Only those knowing the secret can join the cluster. So before we work on configuring authentication, we have to identify the principals of our cluster and generate secrets for them. In the example presented in this chapter, we will assume we have two principals: marathon1 (framework), and agent (all agents).
The following topics will be covered in this chapter:
- Enabling and configuring authentication
- Configuring agents...
