Python – Docker客户端连接中的tlsv1警报协议版本错误
我使用Docker-py和dockerpty来exec使用Docker Python API的命令。
代码很简单:
container = client.inspect_container(containerId)[0] dockerpty.exec_command(client, container, command)
当我想执行echo 'hello'这样的命令时,它工作正常。 但是,像/bin/bash这样的命令,即使我能够获取terminal,也会导致以下错误:
ubuntu:test$ python main.py exec [containerid] /bin/bash root@so1:/opt/apache# Traceback (most recent call last): File "__main__.py", line 216, in <module> main() File "__main__.py", line 201, in main ec.execute() dockerpty.exec_command(client, container, command) File "/usr/local/lib/python2.7/site-packages/dockerpty/__init__.py", line 44, in exec_command PseudoTerminal(client, operation).start() File "/usr/local/lib/python2.7/site-packages/dockerpty/pty.py", line 334, in start self._hijack_tty(pumps) File "/usr/local/lib/python2.7/site-packages/dockerpty/pty.py", line 373, in _hijack_tty pump.flush() File "/usr/local/lib/python2.7/site-packages/dockerpty/io.py", line 367, in flush read = self.from_stream.read(n) File "/usr/local/lib/python2.7/site-packages/dockerpty/io.py", line 120, in read return self.fd.recv(n) File "/usr/local/lib/python2.7/site-packages/requests/packages/urllib3/contrib/pyopenssl.py", line 194, in recv data = self.connection.recv(*args, **kwargs) File "/usr/local/lib/python2.7/site-packages/OpenSSL/SSL.py", line 1302, in recv self._raise_ssl_error(self._ssl, result) File "/usr/local/lib/python2.7/site-packages/OpenSSL/SSL.py", line 1172, in _raise_ssl_error _raise_current_error() File "/usr/local/lib/python2.7/site-packages/OpenSSL/_util.py", line 48, in exception_from_error_queue raise exception_type(errors) OpenSSL.SSL.Error: [('SSL routines', 'ssl3_read_bytes', 'tlsv1 alert protocol version')]
当我创build客户端时,我指定tls_config使用tlsv1.2 :
tls_config = docker.tls.TLSConfig( client_cert=(cert, key), ssl_version=ssl.PROTOCOL_TLSv1_2, ) client = docker.Client(base_url=url, timeout=timeout, tls=tls_config, user_agent=user_agent)
为什么我得到这个'tlsv1 alert protocol version'错误,我该如何解决这个问题?
在一些较旧版本的Python中, ssl.PROTOCOL_TLSv1_2不可用。 您可以通过尝试从容器内的Python控制台导入来轻松进行检查:
root@57c6d8b01861:/# python Python 2.7.8 (default, Nov 26 2014, 22:28:51) >>> import ssl >>> ssl.PROTOCOL_TLSv1_2 Traceback (most recent call last): File "<stdin>", line 1, in <module> AttributeError: 'module' object has no attribute 'PROTOCOL_TLSv1_2' >>> ssl.PROTOCOL_TLSv1 3
如果是这种情况,请尝试在Docker镜像中更新Python >=2.7.9 。
还要确保openssl版本是> = 1.0.1 。