In this recipe, you will learn how to control the permissions of principals (users and frameworks).
You need to identify the principals of your cluster. This consists of groups and users who operate Mesos and frameworks that interact with it. In the following example, we will assume that we operate a single framework that can only use the services role.
Mesos reads Access Control List's (ACL) configuration from a JSON file. Each action is a key that contains an array of JSON objects, pairing principals with the object on which actions are performed:
cat << EOF > /etc/mesos-master/acls { "register_frameworks":[ # configure principals who can register frameworks { principals":{ # set principals who can "values":[ "marathon" # register frameworks to 'marathon' ] }, "roles":{ # limit roles that could be used "values":[ # to register to 'services...