Hello, @jmelis et al,
I tried to get a boot2docker appliance from Marketplace, and also to assemble my own image from the https://github.com/OpenNebula/boot2docker-one/ github project. How is this system supposed to be used? Is there any documentation for it? I ran into the following problems:
apparently, there is the “
docker” user with “
tcuser” password, and it is even accessible remotely via SSH. So all users of this appliance are vulnerable to the default password attack!
the contextualization script overwrites the
/dev/vdbdisk of type “
swap” and mounts its first partition on
/var/lib/docker. It should at least attempt to determine (possibly via context variables) which disk can safely be overwriten.
the contextualization script ignores the
I found no way how to tell docker to use HTTP proxy (possibly via context variables)?
Is there any documentation? I am willing to write the code and send pull requests, but I want to ask here first, in case I am overlooking something.
Anyway, it would be nice if marketplace supported other metadata for published appliances (bug tracking, discussion, howtos with supported contextualization features, etc.).