[英]Python - tlsv1 alert protocol version error in Docker client connection
I'm using Docker-py and dockerpty in order to exec
commands using the Docker
Python API.我正在使用Docker-py和dockerpty以便使用Docker
Python API exec
命令。
The code it's pretty simple:代码很简单:
container = client.inspect_container(containerId)[0]
dockerpty.exec_command(client, container, command)
When I want to execute commands such as echo 'hello'
it works fine.当我想执行诸如echo 'hello'
之类的命令时,它工作正常。 However, commands like /bin/bash
, even though I'm able to get the terminal, it is causing the following error:但是,像/bin/bash
这样的命令,即使我能够获得终端,也会导致以下错误:
ubuntu:test$ python main.py exec [containerid] /bin/bash
root@so1:/opt/apache# Traceback (most recent call last):
File "__main__.py", line 216, in <module>
main()
File "__main__.py", line 201, in main
ec.execute()
dockerpty.exec_command(client, container, command)
File "/usr/local/lib/python2.7/site-packages/dockerpty/__init__.py", line 44, in exec_command
PseudoTerminal(client, operation).start()
File "/usr/local/lib/python2.7/site-packages/dockerpty/pty.py", line 334, in start
self._hijack_tty(pumps)
File "/usr/local/lib/python2.7/site-packages/dockerpty/pty.py", line 373, in _hijack_tty
pump.flush()
File "/usr/local/lib/python2.7/site-packages/dockerpty/io.py", line 367, in flush
read = self.from_stream.read(n)
File "/usr/local/lib/python2.7/site-packages/dockerpty/io.py", line 120, in read
return self.fd.recv(n)
File "/usr/local/lib/python2.7/site-packages/requests/packages/urllib3/contrib/pyopenssl.py", line 194, in recv
data = self.connection.recv(*args, **kwargs)
File "/usr/local/lib/python2.7/site-packages/OpenSSL/SSL.py", line 1302, in recv
self._raise_ssl_error(self._ssl, result)
File "/usr/local/lib/python2.7/site-packages/OpenSSL/SSL.py", line 1172, in _raise_ssl_error
_raise_current_error()
File "/usr/local/lib/python2.7/site-packages/OpenSSL/_util.py", line 48, in exception_from_error_queue
raise exception_type(errors)
OpenSSL.SSL.Error: [('SSL routines', 'ssl3_read_bytes', 'tlsv1 alert protocol version')]
When I create the client, I specify the tls_config
to use tlsv1.2
:创建客户端时,我指定tls_config
以使用tlsv1.2
:
tls_config = docker.tls.TLSConfig(
client_cert=(cert, key),
ssl_version=ssl.PROTOCOL_TLSv1_2,
)
client = docker.Client(base_url=url, timeout=timeout,
tls=tls_config, user_agent=user_agent)
Why am I getting this 'tlsv1 alert protocol version'
error, and how can I fix this?为什么我会收到此'tlsv1 alert protocol version'
错误,我该如何解决?
In some older versions of Python, ssl.PROTOCOL_TLSv1_2
isn't available.在某些旧版本的 Python 中, ssl.PROTOCOL_TLSv1_2
不可用。 You can easily check by attempting to import it from the Python console inside the container:您可以通过尝试从容器内的 Python 控制台导入它来轻松检查:
root@57c6d8b01861:/# python
Python 2.7.8 (default, Nov 26 2014, 22:28:51)
>>> import ssl
>>> ssl.PROTOCOL_TLSv1_2
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
AttributeError: 'module' object has no attribute 'PROTOCOL_TLSv1_2'
>>> ssl.PROTOCOL_TLSv1
3
If this is the case, try updating Python in your docker image to >=2.7.9
.如果是这种情况,请尝试将 docker 映像中的 Python 更新为>=2.7.9
。
Also ensure that the openssl
version is >= 1.0.1
.还要确保openssl
版本 >= 1.0.1
。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.