Book Image

Apache Mesos Cookbook

By : Marco Massenzio, Blomquist, Tomasz Janiszewski
Book Image

Apache Mesos Cookbook

By: Marco Massenzio, Blomquist, Tomasz Janiszewski

Overview of this book

Apache Mesos is open source cluster sharing and management software. Deploying and managing scalable applications in large-scale clustered environments can be difficult, but Apache Mesos makes it easier with efficient resource isolation and sharing across application frameworks. The goal of this book is to guide you through the practical implementation of the Mesos core along with a number of Mesos supported frameworks. You will begin by installing Mesos and then learn how to configure clusters and maintain them. You will also see how to deploy a cluster in a production environment with high availability using Zookeeper. Next, you will get to grips with using Mesos, Marathon, and Docker to build and deploy a PaaS. You will see how to schedule jobs with Chronos. We’ll demonstrate how to integrate Mesos with big data frameworks such as Spark, Hadoop, and Storm. Practical solutions backed with clear examples will also show you how to deploy elastic big data jobs. You will find out how to deploy a scalable continuous integration and delivery system on Mesos with Jenkins. Finally, you will configure and deploy a highly scalable distributed search engine with ElasticSearch. Throughout the course of this book, you will get to know tips and tricks along with best practices to follow when working with Mesos.
Table of Contents (15 chapters)
Title Page
Credits
About the Authors
About the Reviewer
www.PacktPub.com
Customer Feedback
Preface

Enabling SSL


In this recipe, you will learn how to enable SSL for Marathon to protect eavesdropping on Marathon communication.

Getting ready

First, we need to create a place for our Java keystore:

mkdir -p /etc/marathon/ssl
cd /etc/marathon/ssl

Then, put the keystore password into the environment variable. We will need it later:

export MARATHON_SSL_KEYSTORE_PASSWORD=jks_pass

Generate the keystore. In this example, we will use self-signed certificates but if you can issue an organization-wide trusted certificate, it would be better to use that. With self- signed certificates, most browsers will mark the Marathon UI and API as dangerous and there is a chance that somebody will create a man-in-the-middle attack:

keytool -keystore marathon.jks -deststorepass $MARATHON_SSL_KEYSTORE_PASSWORD -alias marathon -genkey -keyalg RSA

How to do it...

Finally, save the Marathon keystore configuration:

cat << EOF > /etc/default/marathon
MARATHON_SSL_KEYSTORE_PATH=/etc/marathon/ssl/marathon.jks
MARATHON_SSL_KEYSTORE_PASSWORD...