On 1/30/21 10:47 AM, Dmitriy Rabotyagov wrote:
In the meanwhile we see that most of the services fail to interact with rabbitmq over self-signed SSL in case RDO packages are used even with Python 3.6. We don't see this happening when installing things with pip packages though. Both rdo and pip version of eventlet we used was 0.30.0.
RDO started failing for us several days back with: ssl.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:897)
Not sure, maybe it's not related directly to eventlet, but sounds like it might be.
Does RDO has version 5.0.3 of AMQP and version 5.0.2 of Kombu? That's what I had to do in Debian to pass this stage. Though the next issue is what I wrote, when a service tries to validate a keystone token (ie: keystoneauth1 calls requests that calls urllib3, which in turns calls Python 3.9 SSL, and then crash with maximum recursion depth exceeded). I'm no 100% sure the problem is in Eventlet, but it really looks like it, as it's similar to another SSL crash we had in Python 3.7. Cheers, Thomas Goirand (zigo)