Blob download_as_string Google容器引擎上的SSL错误

时间:2017-05-11 22:32:47

标签: python google-cloud-storage google-kubernetes-engine

我在Google Container Engine上运行一个容器。在这个容器里面,我有一些python代码试图从托管到Google云存储的存储桶中读取blob。

代码简单如下:

from google.cloud import storage

gs = storage.Client(project="my-shiny-project")
gc_bucket = gs.get_bucket("my-bucket")
blob = gc_bucket.get_blob("my-blob")
print blob.download_as_string()

上面的代码在我的本地计算机上运行正常。但是,当我在GKE上的Docker容器中运行它时,创建blob对象的部分工作得很好。但是,对download_as_string的调用失败了:

Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "/usr/lib/python2.7/site-packages/google/cloud/storage/blob.py", line 453, in download_as_string
    self.download_to_file(string_buffer, client=client)
  File "/usr/lib/python2.7/site-packages/google/cloud/storage/blob.py", line 412, in download_to_file
    self._do_download(transport, file_obj, download_url, headers)
  File "/usr/lib/python2.7/site-packages/google/cloud/storage/blob.py", line 363, in _do_download
    response = download.consume(transport)
  File "/usr/lib/python2.7/site-packages/google/resumable_media/download.py", line 136, in consume
    transport, u'GET', self.media_url, headers=headers)
  File "/usr/lib/python2.7/site-packages/google/resumable_media/_helpers.py", line 134, in http_request
    return transport.request(method, url, data=data, headers=headers)
  File "/usr/lib/python2.7/site-packages/google/auth/transport/requests.py", line 179, in request
    method, url, data=data, headers=request_headers, **kwargs)
  File "/usr/lib/python2.7/site-packages/requests/sessions.py", line 468, in request
    resp = self.send(prep, **send_kwargs)
  File "/usr/lib/python2.7/site-packages/requests/sessions.py", line 576, in send
    r = adapter.send(request, **kwargs)
  File "/usr/lib/python2.7/site-packages/requests/adapters.py", line 447, in send
    raise SSLError(e, request=request)
requests.exceptions.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:661)

为什么会发生这种失败?

FWIW,我在blob对象上尝试了其他操作,例如获取id,content_type,size等。这些操作运行得很好。甚至该对象的exists()方法也能正常工作(可能是对对象的实际HEAD请求)。

我正在使用'alpine 3.5'容器图像。 Python版本是“Python 2.7.13(默认,2016年12月22日,09:22:15)”

[编辑]

我将图像更改为'debian:jessie',代码工作正常。这些图像中的openssl包具有不同的版本。看起来有一些影响。确切地知道问题是什么仍然很好。

1 个答案:

答案 0 :(得分:1)

我弄清楚自己,我不得不添加到Dockerfile:

return randomNamePossibilities[randomnumberPicker];

这就成了伎俩。

相关问题
最新问题