Error blob download_as_string SSL in Google Container Engine

I am running a container in the Google Container Engine. Inside this container, I have python code that is trying to read blob from a bucket hosted in google cloud storage.

The code is as simple as:

from google.cloud import storage

gs = storage.Client(project="my-shiny-project")
gc_bucket = gs.get_bucket("my-bucket")
blob = gc_bucket.get_blob("my-blob")
print blob.download_as_string()

The above code works fine on my local machine. However, when I run this in the Docker container on GKE, the part before creating the blob object works fine. However, the call to the download_as_string function fails:

Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "/usr/lib/python2.7/site-packages/google/cloud/storage/blob.py", line 453, in download_as_string
    self.download_to_file(string_buffer, client=client)
  File "/usr/lib/python2.7/site-packages/google/cloud/storage/blob.py", line 412, in download_to_file
    self._do_download(transport, file_obj, download_url, headers)
  File "/usr/lib/python2.7/site-packages/google/cloud/storage/blob.py", line 363, in _do_download
    response = download.consume(transport)
  File "/usr/lib/python2.7/site-packages/google/resumable_media/download.py", line 136, in consume
    transport, u'GET', self.media_url, headers=headers)
  File "/usr/lib/python2.7/site-packages/google/resumable_media/_helpers.py", line 134, in http_request
    return transport.request(method, url, data=data, headers=headers)
  File "/usr/lib/python2.7/site-packages/google/auth/transport/requests.py", line 179, in request
    method, url, data=data, headers=request_headers, **kwargs)
  File "/usr/lib/python2.7/site-packages/requests/sessions.py", line 468, in request
    resp = self.send(prep, **send_kwargs)
  File "/usr/lib/python2.7/site-packages/requests/sessions.py", line 576, in send
    r = adapter.send(request, **kwargs)
  File "/usr/lib/python2.7/site-packages/requests/adapters.py", line 447, in send
    raise SSLError(e, request=request)
requests.exceptions.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:661)

Any ideas why this error is occurring?

FWIW, I tried other operations on the blob object, such as getting id, content_type, size, etc. These operations worked very well. Even the exists () method of this object worked just fine (which supposedly performed the actual HEAD request for the object).

'alpine 3.5'. Python - "Python 2.7.13 ( , 22 2016, 09:22:15)"

[EDIT]

"debian: jessie", . openssl . , - . , .

+6
1

, Dockerfile:

# Base Stuff
RUN apk add --update \
openjdk8-jre \
ca-certificates \
java-cacerts \
libre2 \
libre2-dev \
gcc \
build-base \
linux-headers \
musl-dev \
python3-dev \
make \
openssl \
openssl-dev \
py3-openssl \
libffi \
libffi-dev \
openssh \
openssh-client \
python3-dev 

RUN update-ca-certificates && gcloud -q components install gsutil

.

+1

Source: https://habr.com/ru/post/1017188/


All Articles