I have an Ubuntu and a CentOS instance that has issues with botocore calls.
All boto2 calls are fine.
Botocore calls are not getting the proxy settings.
Examples of the log messages are:
security_monkey-deploy.log:51326:2016-01-15 08:04:11,143 DEBUG: Adding ('iamrole', u'', 'universal') to the exceptions list. Exception was: "Problem Connecting to iamrole//None:\nHTTPSConneconPool(host='iam.amazonaws.com', port=443): Max retries exceeded with url: / (Caused by ConnectTimeoutError(<botocore.awsrequest.AWSHTTPSConnection object at 0x7fa6880f7710>, 'Connection to iam.amazonawcom timed out. (connect timeout=60)'))" [in /usr/local/src/security_monkey/security_monkey/watcher.py:161]
security_monkey-deploy.log:53229:2016-01-15 09:19:15,516 DEBUG: Adding ('elb', u'', u'ap-southeast-2', u'<ELB_ID>') to the exceptions list. Exception was: HTTPSConnectionPool(host='elasticloadbalancing.ap-southeast-2.amazonaws.com', port=443): Max retries exceeded with url: / (Caused by ConnectTimeoutError(<botocore.awsrequest.AWSHTTPSConnection object at 0x7fa689cdf690>, 'Connection to elasticloadbalancing.ap-southeast-2.amazonaws.com timed out. (connect timeout=60)')) [in /usr/local/src/security_monkey/security_monkey/watcher.py:161]
Netstat -an shows that these calls are trying to go straight to the API instead of the proxy:
tcp 0 1 10.x.x.x:48739 54.240.193.98:443 SYN_SENT
The proxies are set as part of the environment profile.
Boto versions are:
boto (2.38.0)
boto3 (1.2.3)
botocore (1.3.17)
python --version
Python 2.7.5
urllib3 version
urllib3 (1.14)
Has anyone else seen this and found a resolution?
I could setup squid and transparently proxy everything, but I'd really prefer to see why the botocore calls are failing so if anyone else has the problem it is documented - as I suspect I am overlooking something simple.
I have an Ubuntu and a CentOS instance that has issues with botocore calls.
All boto2 calls are fine.
Botocore calls are not getting the proxy settings.
Examples of the log messages are:
security_monkey-deploy.log:51326:2016-01-15 08:04:11,143 DEBUG: Adding ('iamrole', u'', 'universal') to the exceptions list. Exception was: "Problem Connecting to iamrole//None:\nHTTPSConneconPool(host='iam.amazonaws.com', port=443): Max retries exceeded with url: / (Caused by ConnectTimeoutError(<botocore.awsrequest.AWSHTTPSConnection object at 0x7fa6880f7710>, 'Connection to iam.amazonawcom timed out. (connect timeout=60)'))" [in /usr/local/src/security_monkey/security_monkey/watcher.py:161]
security_monkey-deploy.log:53229:2016-01-15 09:19:15,516 DEBUG: Adding ('elb', u'', u'ap-southeast-2', u'<ELB_ID>') to the exceptions list. Exception was: HTTPSConnectionPool(host='elasticloadbalancing.ap-southeast-2.amazonaws.com', port=443): Max retries exceeded with url: / (Caused by ConnectTimeoutError(<botocore.awsrequest.AWSHTTPSConnection object at 0x7fa689cdf690>, 'Connection to elasticloadbalancing.ap-southeast-2.amazonaws.com timed out. (connect timeout=60)')) [in /usr/local/src/security_monkey/security_monkey/watcher.py:161]
Netstat -an shows that these calls are trying to go straight to the API instead of the proxy:
tcp 0 1 10.x.x.x:48739 54.240.193.98:443 SYN_SENT
The proxies are set as part of the environment profile.
Boto versions are:
boto (2.38.0)
boto3 (1.2.3)
botocore (1.3.17)
python --version
Python 2.7.5
urllib3 version
urllib3 (1.14)
Has anyone else seen this and found a resolution?
I could setup squid and transparently proxy everything, but I'd really prefer to see why the botocore calls are failing so if anyone else has the problem it is documented - as I suspect I am overlooking something simple.