search

IBM / cloudant-python-sdk

Cloudant SDK for Python
Apache License 2.0
47 stars 19 forks source link

Getting "[SSL] record layer failure" for while connecting to "iam.cloud.ibm.com" endpoint #745

Open tgujrathi opened 4 days ago

tgujrathi commented 4 days ago

When initializing the Cloudant connection via IAM authenticator getting following error at random instances every day. HTTPSConnectionPool(host='iam.cloud.ibm.com', port=443): Max retries exceeded with url: /identity/token (Caused by SSLError(SSLError(1, '[SSL] record layer failure (_ssl.c:2570)')))

ricellis commented 4 days ago

Please confirm the versions in your environment of Python and of the modules (e.g. with pip list) ibmcloudant ibm_cloud_sdk_core requests urllib3 certifi

tgujrathi commented 4 days ago

Python version: 3.12.7

$ pip list Package Version APScheduler 3.10.4 certifi 2024.8.30 charset-normalizer 3.4.0 ibm-cloud-sdk-core 3.21.0 ibmcloudant 0.9.2 idna 3.10 pip 24.2 PyJWT 2.9.0 python-dateutil 2.9.0.post0 pytz 2024.2 requests 2.32.3 six 1.16.0 timeout-decorator 0.5.0 tzlocal 5.2 urllib3 2.2.3

tgujrathi commented 3 days ago

I am also getting error-related connections aborted. ('Connection aborted.', RemoteDisconnected('Remote end closed connection without response')

ricellis commented 3 days ago

I don't think this is specifically a problem with the Cloudant Python SDK. The SSL handshake with IAM fails, but the exact cause of the failure is unclear as the [SSL] bracketed output doesn’t include a specific reason, which it often does.

When initializing the Cloudant connection via IAM authenticator

Are you able to confirm if the problem only happens when initializing or whether it also occurs afterwards e.g. during token renewal as well?

Generally the client instance tends to be long-lived within the context of an application and requests to IAM normally happen at 80% of the token lifetime (around every 48 minutes for the default of 1 hour). Are you initializing clients very frequently?

at random instances every day.

Are you able to estimate the frequency with which this is occurring either as a proportion of the initializations/renewals or a number per hour/ per day.

I am also getting error-related connections aborted.

This is interesting, because I was suspecting it may be a network problem when trying to contact IAM that gives the first error. Is your python code running in an environment with an unreliable network or some kind of proxy between it and Cloudant?