[all] Eventlet broken again with SSL, this time under Python 3.9

Thomas Goirand zigo at debian.org
Sat Jan 30 10:42:16 UTC 2021

On 1/30/21 10:47 AM, Dmitriy Rabotyagov wrote:
> In the meanwhile we see that most of the services fail to interact with rabbitmq over self-signed SSL in case RDO packages are used even with Python 3.6.
> We don't see this happening when installing things with pip packages though. Both rdo and pip version of eventlet we used was 0.30.0.
> RDO started failing for us several days back with:
> ssl.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:897)
> Not sure, maybe it's not related directly to eventlet, but sounds like it might be.

Does RDO has version 5.0.3 of AMQP and version 5.0.2 of Kombu? That's
what I had to do in Debian to pass this stage.

Though the next issue is what I wrote, when a service tries to validate
a keystone token (ie: keystoneauth1 calls requests that calls urllib3,
which in turns calls Python 3.9 SSL, and then crash with maximum
recursion depth exceeded). I'm no 100% sure the problem is in Eventlet,
but it really looks like it, as it's similar to another SSL crash we had
in Python 3.7.


Thomas Goirand (zigo)

More information about the openstack-discuss mailing list