Uploaded image for project: 'Mesos'
  1. Mesos
  2. MESOS-3143

Disable endpoints rule fails to recognize HTTP path delegates

    XMLWordPrintableJSON

    Details

    • Story Points:
      2

      Description

      In mesos, one can use the flag --firewall_rules to disable endpoints. Disabled endpoints will return a 403 Forbidden response whenever someone tries to access endpoints.

      Libprocess support adding one default delegate for endpoints, which is the default process id which handles endpoints if no process id was given. For example, the default id of the master libprocess process is master which is also set as the delegate for the master system process, so a request to the endpoint http://master-address:5050/state.json will effectively be resolved by http://master-address:5050/master/state.json. But if one disables /state.json because of how delegates work, it can still access /master/state.json.

      The only workaround is to disabled both enpoints.

        Attachments

          Activity

            People

            • Assignee:
              haosdent@gmail.com haosdent
              Reporter:
              arojas Alexander Rojas
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: