salt-api in docker container gives error: ENGINE Error in HTTPServer.tick

317 views
Skip to first unread message

Paul Azad

unread,
Oct 27, 2017, 4:37:01 AM10/27/17
to Salt-users
Hi

i have been trying to get salt-api working in a docker container.

I have tried using a few that are on docker hub, and even my own - but get the same error.

I have tried with both the letsencrypt cert, and the one i have purchased from comodo. My master config and certs are from a non-container ubuntu 14.04 VM - so i know neither of them are the issue. If i disable ssl, i can go to the docker-api, but thats not secure.

When i have tried from scratch, i am starting with either the debian base image, or ubuntu 14.04. From there i do the apt-get update, and then         apt-get -y install salt-common salt-master salt-minion salt-ssh salt-cloud man less salt-doc salt-api salt-proxy salt-syndic.

I have even tried to not use this and use the bootstrap script - i get the exact same error. When i go to the web page - i get this message: ERR_SSL_PROTOCOL_ERROR
 


salt-api -l debug
[DEBUG   ] Reading configuration from /etc/salt/master
[DEBUG   ] Using cached minion ID from /etc/salt/minion_id: f124d284fa4a
[DEBUG   ] Missing configuration file: /root/.saltrc
[DEBUG   ] Configuration file path: /etc/salt/master
[WARNING ] Insecure logging configuration detected! Sensitive data may be logged.
[INFO    ] Setting up the Salt API
[DEBUG   ] Created pidfile: /var/run/salt-api.pid
[INFO    ] The salt-api is starting up
[INFO    ] Starting rest_cherrypy.start netapi module
[DEBUG   ] Started 'salt.loaded.int.netapi.rest_cherrypy.start' with pid 463
[DEBUG   ] Process Manager starting!
[DEBUG   ] MasterEvent PUB socket URI: /var/run/salt/master/master_event_pub.ipc
[DEBUG   ] MasterEvent PULL socket URI: /var/run/salt/master/master_event_pull.ipc
[27/Oct/2017:08:28:37] ENGINE Listening for SIGHUP.
[INFO    ] [27/Oct/2017:08:28:37] ENGINE Listening for SIGHUP.
[27/Oct/2017:08:28:37] ENGINE Listening for SIGTERM.
[INFO    ] [27/Oct/2017:08:28:37] ENGINE Listening for SIGTERM.
[27/Oct/2017:08:28:37] ENGINE Listening for SIGUSR1.
[INFO    ] [27/Oct/2017:08:28:37] ENGINE Listening for SIGUSR1.
[27/Oct/2017:08:28:37] ENGINE Bus STARTING
[INFO    ] [27/Oct/2017:08:28:37] ENGINE Bus STARTING
[WARNING ] CherryPy Checker:
'log_file' is obsolete. Use 'log.error_file' instead.
section: [saltopts]


[WARNING ] CherryPy Checker:
The config entry 'tools.cpstats.on' may be invalid, because the 'cpstats' tool was not found.
section: [/]


[27/Oct/2017:08:28:37] ENGINE Started monitor thread '_TimeoutMonitor'.
[INFO    ] [27/Oct/2017:08:28:37] ENGINE Started monitor thread '_TimeoutMonitor'.
[27/Oct/2017:08:28:37] ENGINE Started monitor thread 'Autoreloader'.
[INFO    ] [27/Oct/2017:08:28:37] ENGINE Started monitor thread 'Autoreloader'.
[27/Oct/2017:08:28:38] ENGINE Serving on http://0.0.0.0:8000
[INFO    ] [27/Oct/2017:08:28:38] ENGINE Serving on http://0.0.0.0:8000
[27/Oct/2017:08:28:38] ENGINE Bus STARTED
[INFO    ] [27/Oct/2017:08:28:38] ENGINE Bus STARTED
[27/Oct/2017:08:28:38] ENGINE Error in HTTPServer.tick
Traceback (most recent call last):
  File "/usr/lib/python2.7/dist-packages/cherrypy/wsgiserver/wsgiserver2.py", line 1968, in start
    self.tick()
  File "/usr/lib/python2.7/dist-packages/cherrypy/wsgiserver/wsgiserver2.py", line 2035, in tick
    s, ssl_env = self.ssl_adapter.wrap(s)
  File "/usr/lib/python2.7/dist-packages/cherrypy/wsgiserver/ssl_builtin.py", line 54, in wrap
    ssl_version=ssl.PROTOCOL_SSLv23)
  File "/usr/lib/python2.7/ssl.py", line 943, in wrap_socket
    ciphers=ciphers)
  File "/usr/lib/python2.7/ssl.py", line 611, in __init__
    self.do_handshake()
  File "/usr/lib/python2.7/ssl.py", line 840, in do_handshake
    self._sslobj.do_handshake()
error: [Errno 0] Error

[ERROR   ] [27/Oct/2017:08:28:38] ENGINE Error in HTTPServer.tick
Traceback (most recent call last):
  File "/usr/lib/python2.7/dist-packages/cherrypy/wsgiserver/wsgiserver2.py", line 1968, in start
    self.tick()
  File "/usr/lib/python2.7/dist-packages/cherrypy/wsgiserver/wsgiserver2.py", line 2035, in tick
    s, ssl_env = self.ssl_adapter.wrap(s)
  File "/usr/lib/python2.7/dist-packages/cherrypy/wsgiserver/ssl_builtin.py", line 54, in wrap
    ssl_version=ssl.PROTOCOL_SSLv23)
  File "/usr/lib/python2.7/ssl.py", line 943, in wrap_socket
    ciphers=ciphers)
  File "/usr/lib/python2.7/ssl.py", line 611, in __init__
    self.do_handshake()
  File "/usr/lib/python2.7/ssl.py", line 840, in do_handshake
    self._sslobj.do_handshake()
error: [Errno 0] Error
/

when i try to check the cert using openssl s_client -connect 127.0.0.1:8000  -crlf  the last line always shows this error:
139776790697632:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number:s3_pkt.c:340:


Can any one help point me to where the issue is?

Thanks 

lukas...@ngworx.ag

unread,
Jan 23, 2019, 8:13:39 AM1/23/19
to Salt-users
Hi,

have you found a cause or solution to the error?

The API seems to work as expected. It is just filling up log files with the message.

kind regards
Reply all
Reply to author
Forward
0 new messages