SSL error while building centos7 recipe

[npdtools-verizon]

I can't seem to get past this. While attempting to build the centos7 graylog-server recipe i'm getting an SSL error (Full log file attached).

vagrant docker-run centos7 -- fpm-cook package ./recipes/graylog-server/recipe.rb ... Complete! ---> 67051d8fca9e Removing intermediate container 14f20a218610 Step 5 : RUN gem install fpm-cookery --no-ri --no-rdoc --version 0.25.0 ---> Running in b6acc31d92db ERROR: While executing gem ... (OpenSSL::SSL::SSLError) SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed

docker version: Docker version 1.9.0, build 76d6bc9

vagrant version: Vagrant 1.9.1

OS version: Linux 3.13.0-24-generic #46-Ubuntu SMP Thu Apr 10 19:11:08 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux

I know this is a documented rubygems issue (documented here: http://guides.rubygems.org/ssl-certificate-update/). Actually, the fix works if I log into the failed container and execute these steps manually:

gem install --local ./rubygems-update-2.6.7.gem update_rubygems --no-ri --no-rdoc

But adding these steps to the Dockerfile does not fix the problem. Anyone else have the same issue?

fpm-recipes.txt

[bernd]

@npdtools-verizon I am unable to reproduce that. (see log output in the details below)

Maybe your centos docker image is outdated and is missing some ssl certificate updates?

Please make sure you are using the latest centos docker image.

    centos7:   rubygem-rdoc.noarch 0:4.0.0-29.el7
    centos7:   unzip.x86_64 0:6.0-16.el7
    centos7:   zip.x86_64 0:3.0-11.el7
    centos7:
    centos7: Complete!
    centos7:  ---> d647c0ea0dfc
    centos7: Removing intermediate container dece6d30797b
    centos7: Step 5/6 : RUN gem install fpm-cookery --no-ri --no-rdoc --version 0.25.0
    centos7:  ---> Running in dc5667f89dd7
    centos7: Successfully installed cabin-0.9.0
    centos7: Successfully installed backports-3.6.8
    centos7: Successfully installed arr-pm-0.0.10
    centos7: Successfully installed clamp-1.0.1
    centos7: Building native extensions.  This could take a while...
    centos7: Successfully installed ffi-1.9.17
    centos7: Successfully installed childprocess-0.6.1
    centos7: Successfully installed archive-tar-minitar-0.5.2
    centos7: Successfully installed io-like-0.3.0
    centos7: Successfully installed ruby-xz-0.2.3
    centos7: Successfully installed stud-0.0.22
    centos7: Successfully installed mustache-0.99.8
    centos7: Successfully installed insist-1.0.0
    centos7: Successfully installed dotenv-2.2.0
    centos7: Successfully installed pleaserun-0.0.28
    centos7: Successfully installed fpm-1.8.1
    centos7: Successfully installed facter-2.4.6
    centos7: Successfully installed hiera-3.2.2
    centos7: Successfully installed json_pure-1.8.6
    centos7: Successfully installed locale-2.1.2
    centos7: Successfully installed text-1.3.1
    centos7: Successfully installed gettext-3.2.2
    centos7: Successfully installed fast_gettext-1.1.0
    centos7: Successfully installed gettext-setup-0.13
    centos7: Successfully installed puppet-4.9.1
    centos7: Successfully installed public_suffix-2.0.5
    centos7: Successfully installed addressable-2.5.0
    centos7: Successfully installed systemu-2.6.5
    centos7: Successfully installed fpm-cookery-0.25.0
    centos7: 28 gems installed
    centos7:  ---> c63c22197149
    centos7: Removing intermediate container dc5667f89dd7
    centos7: Step 6/6 : RUN yum clean all
    centos7:  ---> Running in 81c04fc1ed80
    centos7: Loaded plugins: fastestmirror, ovl
    centos7: Cleaning repos: base extras updates
    centos7: Cleaning up everything
    centos7: Cleaning up list of fastest mirrors
    centos7:  ---> 2902bcdd7f16
    centos7: Removing intermediate container 81c04fc1ed80
    centos7: Successfully built 2902bcdd7f16
    centos7:
    centos7: Image: 2902bcdd7f16
==> centos7: Creating the container...
    centos7:   Name: fpm-recipes_centos7_1486636067_1486636067
    centos7:  Image: 2902bcdd7f16
    centos7:    Cmd: fpm-cook package /vagrant/recipes/graylog-server/recipe.rb
    centos7: Volume: /home//fpm-recipes:/vagrant
    centos7:
    centos7: Container is starting. Output will stream in below...
    centos7:
    centos7: ===> Starting package creation for graylog-server-2.2.0 (centos, rpm)
    centos7: ===>
    centos7: ===> Verifying build_depends and depends with Puppet

Full log output:

centos7.txt

[npdtools-verizon]

@bernd, maybe, but in this project's Docker file specifies FROM centos:centos7

[bernd]

Yes, but the centos7 tag you have locally might be outdated. Maybe just try to remove the centos:centos7 image you have locally and try again.

[npdtools-verizon]

@bernd, I see it worked for you. so it must be something on my docker host machine. I am indeed pulling the latest image. I did not have a copy of centos7 on the docker host machine previously.

[bernd]

@npdtools-verizon Do you have any proxy in your network that might intercept your TLS traffic?

Otherwise I am out of ideas since it works fine for me. :confused:

[bernd]

@npdtools-verizon You can also just use the pre-built packages so you don't have to fiddle with this.

http://docs.graylog.org/en/2.2/pages/installation/operating_system_packages.html

[npdtools-verizon]

proxy has to be the issue. closing this ticket as there is nothing wrong with the project.