Currently all the messages that flow through the Mesos cluster are unencrypted
making it possible for intruders to intercept and potentially control your task.
We plan to add encryption support by adding SSL/TLS support to libprocess, the
low-level communication library that Mesos uses for all network communication
between Mesos components.
As a first step, we should replace the hand-coded http code in libprocess with a
standard library, ensuring that any mesos custom code like routing remains.
Then, transition to https should be easier.
- Isolate libev dependencies to a manageable set of implementing files.
MESOS-1912Decouple libev from clock implementation MESOS-1914Decouple libev from connection handling (use io::poll() instead of individual watchers) MESOS-1952Abstract network logic into socket class: connect() MESOS-1954Abstract network logic into socket class: read()/write() MESOS-1953Abstract network logic into socket class: connection events (connected(), closed(), writable(), readable())
- MESOS-2119 Add Socket tests
- (MESOS-XXXX Libev backed Socket)
- Provide alternative implementation with libevent.
- Enable SSL