Encryption SSL
In this recipe, you will learn how to make communication secure and limit the possibility of eavesdropping by enabling SSL.
Getting ready
Prepare certificates for encryption. We assume they are stored in /etc/mesos/conf/ssl/key
and /etc/mesos/conf/ssl/cert.pem
.
If you don't have certificates, you can create some with the following commands. Remember certificates are prepared only for example purposes and should not be used in a production environment:
mkdir -p /etc/mesos/conf/sslopensslreq -batch -nodes -new -x509 -keyout /etc/mesos/conf/ssl/key.pem -out /etc/mesos/conf/ssl/cert.pem
If you want to build Mesos from source with SSL enabled, configure the source code with the following options before you build it:
./configure --enable-libevent --enable-ssl.
How to do it...
To enable SSL, add the following lines to /etc/default/mesos
:
SSL_ENABLED=1
SSL_KEY_FILE=/etc/mesos/conf/ssl/key.pem
SSL_CERT_FILE=/etc/mesos/conf/ssl/cert.pem
SSL_REQUIRE_CERT=false
How it works...
In the preceding...