So far, we have seen how to secure the masters, agents, and our Mesos framework; we will now learn about securing Marathon. This will give you insight into enabling SSL, a protocol that is widely used in the security domain on our Mesos Marathon, and securing it by providing basic authentication mechanisms.
We will see how to make communication secure and limit the possibility of unauthorized interception of communication by enabling SSL.
Marathon enables you to secure its API endpoints via SSL and limit access to them with HTTP basic access authentication. It is advisable to use SSL if we are just enabling basic authentication to eliminate the possibility of data being accessed by third parties.
These are some simple steps to follow to enable SSL:
- Generate the keystore using keytool
- Use a self-signed certificate or if you can use an organization...