[MESOS-3143] Disable endpoints rule fails to recognize HTTP path delegates - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: 0.23.0
Fix Version/s: 0.24.0
Component/s: agent, libprocess, master
Labels:

Story Points:
2

Description

In mesos, one can use the flag --firewall_rules to disable endpoints. Disabled endpoints will return a 403 Forbidden response whenever someone tries to access endpoints.

Libprocess support adding one default delegate for endpoints, which is the default process id which handles endpoints if no process id was given. For example, the default id of the master libprocess process is master which is also set as the delegate for the master system process, so a request to the endpoint http://master-address:5050/state.json will effectively be resolved by http://master-address:5050/master/state.json. But if one disables /state.json because of how delegates work, it can still access /master/state.json.

The only workaround is to disabled both enpoints.

Attachments

Activity

People

Assignee:: haosdent

Reporter:: Alexander Rojas

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 24/Jul/15 10:07

Updated:: 26/Nov/18 12:20

Resolved:: 26/Nov/18 12:20