Boot2docker image

Hello, @jmelis et al,

I tried to get a boot2docker appliance from Marketplace, and also to assemble my own image from the github project. How is this system supposed to be used? Is there any documentation for it? I ran into the following problems:

  • apparently, there is the “docker” user with “tcuser” password, and it is even accessible remotely via SSH. So all users of this appliance are vulnerable to the default password attack!

  • the contextualization script overwrites the /dev/vdb disk of type “swap” and mounts its first partition on /var/lib/docker. It should at least attempt to determine (possibly via context variables) which disk can safely be overwriten.

  • the contextualization script ignores the CRYPTED_PASSWORD and SSH_KEY variables.

  • I found no way how to tell docker to use HTTP proxy (possibly via context variables)?

Is there any documentation? I am willing to write the code and send pull requests, but I want to ask here first, in case I am overlooking something.

Anyway, it would be nice if marketplace supported other metadata for published appliances (bug tracking, discussion, howtos with supported contextualization features, etc.).



FWIW, I have implemented some of the above (except the disk partitioning, I have yet to understand the inner workings of boot2docker correctly wrt. partitioning). I made a pull request on Github:

Should I also upload the ISO image to Marketplace? I would guess images published by OpenNebula staff would be more trusted.