[users at bb.net] TLS authentication for DockerLatentWorker

Vlad Bogolin vlad at mariadb.org
Fri Dec 13 20:30:51 UTC 2019


Hi,

I am trying to add TLS authentication for buildbot.mariadb.org which uses
DockerLatent workers. I added the tls field in the DockerLatentWorker
configuration, however, I get the following error:

requests.exceptions.SSLError: HTTPSConnectionPool(host='121.36.13.15',
port=19651): Max retries exceeded with url:
/v1.24/containers/json?limit=-1&all=1&size=0&trunc_cmd=0&filters=%7B%22name%22%3A+%5B%22buildbot-aarch64-bbw1-docker-fedora-30-b71039%22%5D%7D
(Caused by SSLError(SSLError("bad handshake: Error([('SSL routines',
'ssl3_read_bytes', 'tlsv1 alert protocol version')],)",),))

The DockerLatentWorker configuration is like this:
c['workers'].append(worker.DockerLatentWorker("aarch64-bbw1-docker-debian-10",
None,

docker_host=config["private"]["docker_workers"]["aarch-bbw1-docker"],

dockerfile=open("dockerfiles/aarch64-debian-10.dockerfile").read(),
                    tls=docker.tls.TLSConfig(verify=True,
ca_cert='/srv/buildbot/tlscerts/ca-aarch64.pem',
client_cert=('/srv/buildbot/tlscerts/cert-aarch64.pem',
'/srv/buildbot/tlscerts/key-aarch64.pem')),
                    followStartupLogs=True,
                    masterFQDN='buildbot.mariadb.org',
                    hostconfig={ 'shm_size':'6G' },
                    volumes=['/srv/buildbot/ccache:/mnt/ccache',
'/srv/buildbot/packages:/mnt/packages'],
                    properties={ 'jobs':8, 'save_packages':False }))

Without TLS authentication everything works fine and I can confirm that the
TLS authentication works for docker from command line. Any ideas on what I
am missing?

Cheers,
Vlad
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.buildbot.net/pipermail/users/attachments/20191213/8aba7a02/attachment.html>


More information about the users mailing list