To enable framework authentication in Chronos:
--mesos_authentication_principal
set to a Mesos-authorized principal. For Mesos’ built-in CRAM-MD5 authentication, you must also provide --mesos_authentication_secret_file
pointing to a file containing your authentication secret.The secret file cannot have a trailing newline. To not add a newline simply run:
$ echo -n "secret" > /path/to/secret/file
mesos-master
with the credentials flag and the path to the file with authorized users and their secrets: --credentials=/path/to/credential/file
Note that this --credentials
file is for all frameworks and slaves registering with Mesos. In enterprise installations, the cluster admin will have already configured credentials in Mesos, so the user launching Chronos just needs to specify the principal+secret given to them by the cluster/security admin.
Each line in the file should be a principal and corresponding secret separated by a single space:
$ cat /path/to/credential/file
principal secret
principal2 secret2