docker alpine 使用 paramiko 和 sshtunnel 的 libssl 问题
libssl issue using paramiko and sshtunnel with docker alpine
一段时间以来,我一直在为一些过程而苦苦挣扎,我决定大声呼救。
我有一个脚本可以下载一些文件并将其放入某个 sftp 服务器以进行批处理。
我正在使用 alpine python 容器,我的 Dockerfile 如下所示
FROM python:3.7.1-alpine3.8
RUN \
echo "**** install build packages ****" && \
apk add --no-cache --virtual=build-dependencies \
g++ \
gcc \
make \
libffi-dev \
openssl-dev \
openssl \
python-dev && \
echo "**** install pip packages ****" && \
pip install --no-cache-dir -U \
pip && \
pip install --no-cache-dir -U \
cryptography \
paramiko \
sshtunnel \
datetime \
boto3 \
requests \
datetime && \
echo "**** clean up ****" && \
apk del --purge \
gcc \
g++\
make \
build-dependencies && \
rm -rf \
/root/.cache \
/var/cache/apk/* \
/tmp/*
COPY settle.py /
CMD [ "python3", "./settle.py" ]
我有一个名为 settle.py 的文件,相关片段是:
print("creating the tunnel")
with SSHTunnelForwarder(
(loaded_json["sftp_jumpbox_address"],int(loaded_json["sftp_jumpbox_port"])),
ssh_username=loaded_json["sftp_jumpbox_user"],
ssh_pkey=privateJumpboxKey,
remote_bind_address=(loaded_json["sftp_target_address"],int(loaded_json["sftp_target_port"])),
local_bind_address=("127.0.0.1",2222)
) as tunnel:
print("making actual ssh paramiko connection")
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
pemkey = paramiko.RSAKey.from_private_key_file(privateTargetKey)
client.connect(hostname="127.0.0.1",port=2222,username=loaded_json["sftp_target_user"],pkey=pemkey, look_for_keys=False)
print("Making the sftp connection")
sftp = client.open_sftp()
# filename="testing_20181119114841390.txt"
# print(loaded_json)
uploadFolder= targetUploadFolder+"/"
print("destination file "+ filename)
sftp.chdir(uploadFolder)
print("dropping the file into the sftp")
sftp.put(sourceFileToSend,filename)
print("Closing the sftp connection")
sftp.close()
client.close()
print("Completing the upload")
except Exception as e:
print("type error: " + str(e))
每次我 运行 无论我安装哪种软件包组合, python-dev ,密码学我仍然会遇到以下错误
creating the tunnel
type error: Error loading shared library libssl.so.1.0.0: No such file or directory (needed by /usr/local/lib/python3.7/site-packages/cryptography/hazmat/bindings/_openssl.abi3.so)
与此同时,这个 python 脚本 运行 在我的 mac 上运行得非常好。我不确定我错过了什么。如果有人能阐明一些观点,我将不胜感激。提前致谢
编辑 1
我已经进入容器,当我进行搜索时,下面是我找到的
/ # find / -iname libssl*
/lib/libssl.so.45
/lib/libssl.so.45.0.1
/usr/lib/libssl.so.45
/usr/lib/libssl.so.45.0.1
现在不确定哪个库需要更新,需要符号 link 到 libssl。由于可用版本比密码库所需的版本新。
在使用 Alpine 尝试了很多其他事情之后,我从 Linux and Unix 中偶然发现了这个 post,据说要小心 C/C++ 编写的 python 库.所以我切换到基于 debian 的发行版,而且它非常简单。下面的 Dockerfile 完美运行。
FROM python:3.6-slim-jessie
RUN pip install --no-cache-dir -U \
cffi \
paramiko \
sshtunnel \
datetime \
boto3 \
requests \
datetime && \
echo "**** clean up ****" && \
rm -rf /var/lib/apt/lists/*
COPY settle.py /
CMD [ "python", "./settle.py" ]
一段时间以来,我一直在为一些过程而苦苦挣扎,我决定大声呼救。
我有一个脚本可以下载一些文件并将其放入某个 sftp 服务器以进行批处理。
我正在使用 alpine python 容器,我的 Dockerfile 如下所示
FROM python:3.7.1-alpine3.8
RUN \
echo "**** install build packages ****" && \
apk add --no-cache --virtual=build-dependencies \
g++ \
gcc \
make \
libffi-dev \
openssl-dev \
openssl \
python-dev && \
echo "**** install pip packages ****" && \
pip install --no-cache-dir -U \
pip && \
pip install --no-cache-dir -U \
cryptography \
paramiko \
sshtunnel \
datetime \
boto3 \
requests \
datetime && \
echo "**** clean up ****" && \
apk del --purge \
gcc \
g++\
make \
build-dependencies && \
rm -rf \
/root/.cache \
/var/cache/apk/* \
/tmp/*
COPY settle.py /
CMD [ "python3", "./settle.py" ]
我有一个名为 settle.py 的文件,相关片段是:
print("creating the tunnel")
with SSHTunnelForwarder(
(loaded_json["sftp_jumpbox_address"],int(loaded_json["sftp_jumpbox_port"])),
ssh_username=loaded_json["sftp_jumpbox_user"],
ssh_pkey=privateJumpboxKey,
remote_bind_address=(loaded_json["sftp_target_address"],int(loaded_json["sftp_target_port"])),
local_bind_address=("127.0.0.1",2222)
) as tunnel:
print("making actual ssh paramiko connection")
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
pemkey = paramiko.RSAKey.from_private_key_file(privateTargetKey)
client.connect(hostname="127.0.0.1",port=2222,username=loaded_json["sftp_target_user"],pkey=pemkey, look_for_keys=False)
print("Making the sftp connection")
sftp = client.open_sftp()
# filename="testing_20181119114841390.txt"
# print(loaded_json)
uploadFolder= targetUploadFolder+"/"
print("destination file "+ filename)
sftp.chdir(uploadFolder)
print("dropping the file into the sftp")
sftp.put(sourceFileToSend,filename)
print("Closing the sftp connection")
sftp.close()
client.close()
print("Completing the upload")
except Exception as e:
print("type error: " + str(e))
每次我 运行 无论我安装哪种软件包组合, python-dev ,密码学我仍然会遇到以下错误
creating the tunnel
type error: Error loading shared library libssl.so.1.0.0: No such file or directory (needed by /usr/local/lib/python3.7/site-packages/cryptography/hazmat/bindings/_openssl.abi3.so)
与此同时,这个 python 脚本 运行 在我的 mac 上运行得非常好。我不确定我错过了什么。如果有人能阐明一些观点,我将不胜感激。提前致谢
编辑 1 我已经进入容器,当我进行搜索时,下面是我找到的
/ # find / -iname libssl*
/lib/libssl.so.45
/lib/libssl.so.45.0.1
/usr/lib/libssl.so.45
/usr/lib/libssl.so.45.0.1
现在不确定哪个库需要更新,需要符号 link 到 libssl。由于可用版本比密码库所需的版本新。
在使用 Alpine 尝试了很多其他事情之后,我从 Linux and Unix 中偶然发现了这个 post,据说要小心 C/C++ 编写的 python 库.所以我切换到基于 debian 的发行版,而且它非常简单。下面的 Dockerfile 完美运行。
FROM python:3.6-slim-jessie
RUN pip install --no-cache-dir -U \
cffi \
paramiko \
sshtunnel \
datetime \
boto3 \
requests \
datetime && \
echo "**** clean up ****" && \
rm -rf /var/lib/apt/lists/*
COPY settle.py /
CMD [ "python", "./settle.py" ]