Hello, @jmelis et al,
I tried to get a boot2docker appliance from Marketplace, and also to assemble my own image from the https://github.com/OpenNebula/boot2docker-one/ github project. How is this system supposed to be used? Is there any documentation for it? I ran into the following problems:
-
apparently, there is the “
docker
” user with “tcuse
r” password, and it is even accessible remotely via SSH. So all users of this appliance are vulnerable to the default password attack! -
the contextualization script overwrites the
/dev/vdb
disk of type “swap
” and mounts its first partition on/var/lib/docker
. It should at least attempt to determine (possibly via context variables) which disk can safely be overwriten. -
the contextualization script ignores the
CRYPTED_PASSWORD
andSSH_KEY
variables. -
I found no way how to tell docker to use HTTP proxy (possibly via context variables)?
Is there any documentation? I am willing to write the code and send pull requests, but I want to ask here first, in case I am overlooking something.
Anyway, it would be nice if marketplace supported other metadata for published appliances (bug tracking, discussion, howtos with supported contextualization features, etc.).
Thanks!
-Yenya