Details
-
Improvement
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
None
-
None
-
None
-
Mesosphere Sprint 26
-
2
Description
This is the fourth in a series of tickets that adds authorization support for persistent volumes.
We need to add ACL authorization for the '/create-volume' and '/destroy-volume' HTTP endpoints. In other complementary work, authorization for frameworks performing CREATE and DESTROY operations is being added by MESOS-3065.
This will consist of adding authorization calls into the HTTP endpoint code in src/master/http.cpp, as well as tests for both failed & successful calls to '/create-volumes' and '/destroy-volumes' with authorization. We also must ensure that the principal field of Resource.DiskInfo.Persistence is being populated correctly.
Attachments
Attachments
Issue Links
- is blocked by
-
MESOS-2455 Add operator endpoints to create/destroy persistent volumes.
- Resolved
-
MESOS-3065 Add framework authorization for persistent volume
- Resolved
- supercedes
-
MESOS-2998 Disable Persistent Volumes, Dynamic Reservations via master flags
- Resolved