dcos-auth-proxy

A simple authenticating proxy for DCOS that allows you to expose Marathon, Metronome, and other DCOS protected APIs on a local port such that authentication is automatically handled by the proxy.

Motivation

To ease integration with Mesos for apps that are unaware of the DCOS authentication and secrets architecture.

Usage

as a proxy:

Bundle the go binary within your docker container
Map in the principal secret that will be used for authentication
Launch the proxy as a background task, providing a target-url and the principal-secret

Notes:

by default, the proxy only listens on localhost; it is not recommended to expose the proxy externally, but the host interface can be configured via the --host parameter
pass -V or --verbose for extra output; the proxy only logs errors by default

Example

dcos-auth-proxy -t https://my-dcos.example.org/marathon -p 8888 -s "$MARATHON_CLIENT_SECRET"

as a cli util:

Call the authenticate subcommand to perform the authentication once and receive the auth token back vi stdout.

Example

dcos-auth-proxy authenticate -t https://my-dcos.example.org/marathon -s "$MARATHON_CLIENT_SECRET"

Building

make

places binary at bin/dcos-auth-proxy

matt-deboer/dcos-auth-proxy

dcos-auth-proxy

Motivation

Usage

as a proxy:

Example

as a cli util:

Example

Building