← Back to team overview

savanna-all team mailing list archive

some feedback on the hadoop diskimage-builder element


Hi there, I've had a look through the diskimage builder element -
hadoop - you've put together, to see whether it worked well for you

There's a few things that could be done to make it a bit more robust /
simpler. Primarily is to separate out the last-mile configuration
stages from software installation. That is, software installation
should happen in the diskimage-builder, but anything that will vary in
environments - e.g. ssh keys, passwords, configuration files - should
be supplied via nova or heat metadata.

Specifics that came to mind when I read through the element:

The ssh config tweaking is something we don't have a great answer for
today; I'd be inclined though to make it an idempotent
os-refresh-config script rather than build-time, because as it stands
someone may edit it on the live system, and break whatever it is
hadoop has that depends on those settings. Relatedly, I think it would
be great if the README.md for the element documented the security
caveats (e.g. that systems running hadoop images are vulnerable to
password cracking attacks.

Secondly, there is a dependency system in the elements, so anything
that needs to be baked in but that folk might do differently can be
abstracted by putting it in a separate element - see
https://review.openstack.org/#/c/32059/ for an example.

I've also filed
https://bugs.launchpad.net/diskimage-builder/+bug/1188408 about
something diskimage-builder could make nicer.


Robert Collins <rbtcollins@xxxxxx>
Distinguished Technologist
HP Cloud Services

Follow ups