search

jbarratt / docker-compose-fake-aws

Demonstration of using Docker Compose with fake (mock) AWS services for development
Creative Commons Zero v1.0 Universal
25 stars 11 forks source link

demo fails ootb #1

Open timcoote opened 7 years ago

timcoote commented 7 years ago

I'm not sure whether there's something missing from my environment or something has changed. If I clone the repo and the run the instructions, the demo container falls over, with this for the demo log:

[tim@mercury docker-compose-fake-aws]$ docker-compose logs
Attaching to dockercomposefakeaws_demo_1, dockercomposefakeaws_fakes3ssl_1, dockercomposefakeaws_fakesqs_1, dockercomposefakeaws_fakes3_1
demo_1       | Traceback (most recent call last):
demo_1       |   File "./demo.py", line 104, in <module>
demo_1       |     main()
demo_1       |   File "./demo.py", line 92, in main
demo_1       |     key = get_s3_key()
demo_1       |   File "./demo.py", line 57, in get_s3_key
demo_1       |     b = c.get_bucket(bucket)
demo_1       |   File "/usr/local/lib/python2.7/dist-packages/boto/s3/connection.py", line 506, in get_bucket
demo_1       |     return self.head_bucket(bucket_name, headers=headers)
demo_1       |   File "/usr/local/lib/python2.7/dist-packages/boto/s3/connection.py", line 525, in head_bucket
demo_1       |     response = self.make_request('HEAD', bucket_name, headers=headers)
demo_1       |   File "/usr/local/lib/python2.7/dist-packages/boto/s3/connection.py", line 668, in make_request
demo_1       |     retry_handler=retry_handler
demo_1       |   File "/usr/local/lib/python2.7/dist-packages/boto/connection.py", line 1071, in make_request
demo_1       |     retry_handler=retry_handler)
demo_1       |   File "/usr/local/lib/python2.7/dist-packages/boto/connection.py", line 1030, in _mexe
demo_1       |     raise ex
demo_1       | ssl.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:590)
demo_1       | bucket and env testbucket testbucket
fakesqs_1    | 16:24:47.953 [main] INFO  org.elasticmq.server.Main$ - Starting ElasticMQ server (0.8.5) ...
fakesqs_1    | 16:24:51.057 [main] INFO  o.e.rest.sqs.TheSQSRestServerBuilder - Started SQS rest server, bind address 0.0.0.0:9324, visible server address http://localhost:9324
fakesqs_1    | [INFO] [03/22/2017 16:24:52.144] [elasticmq-akka.actor.default-dispatcher-4] [akka://elasticmq/user/IO-HTTP/listener-0] Bound to /0.0.0.0:9324
fakesqs_1    | 16:24:52.152 [main] INFO  org.elasticmq.server.Main$ - === ElasticMQ server (0.8.5) started in 6508 ms ===
fakesqs_1    | 16:24:53.318 [elasticmq-akka.actor.default-dispatcher-6] INFO  o.elasticmq.actor.QueueManagerActor - Creating queue QueueData(testqueue,MillisVisibilityTimeout(30000),PT0S,PT0S,2017-03-22T16:24:53.233Z,2017-03-22T16:24:53.280Z)
fakes3_1     | [2017-03-22 16:24:43] INFO  WEBrick 1.3.1
fakes3_1     | [2017-03-22 16:24:43] INFO  ruby 2.1.5 (2014-11-13) [x86_64-linux-gnu]
fakes3_1     | [2017-03-22 16:24:43] INFO  WEBrick::HTTPServer#start: pid=1 port=4569
fakes3ssl_1  | /configure_nginx.sh: 1: /configure_nginx.sh: 443: not found
fakes3ssl_1  | /configure_nginx.sh: 2: /configure_nginx.sh: 4569: not found
fakes3ssl_1  | Starting Proxy: 443
fakes3ssl_1  | Target Docker Port: 4569

Those error messages from fake3ssl_1 looks suspicious to me. I'm running on fedora 25 with:

docker-compose-1.9.0-2.fc25.noarch
docker-1.12.6-6.gitae7d637.fc25.x86_64

I have no AWS credentials defined as I'm trying to get it to work entirely offline.

Anything obvious, or do I have to start digging through the python?

timcoote commented 7 years ago

I think that the issue arises from changes to default python behaviour to validate ssl certs. I can remove the failure using this example: http://bit.ly/2njQCdu. I'm using python 2.7.13.

Strictly, I think that the fake ssl box is where to fix this issue, but that would require extending it to create and sign certs for all domains that it's faking and a self-signed CA cert copied to the demo machine's ssl trust root.