boto can throw SSLError when timeouts occur (among other SSL errors). Catch these so proper JSON can be returned, and also add the ability to retry the operation.
There's an open issue in boto for this: https://github.com/boto/boto/issues/2409
Here's a sample stacktrace that inspired me to work on this. I'm on 1.7, but there's no meaningful differences in the 1.8 release that would affect this. I've added line breaks to the trace for readability.
failed to parse: Traceback (most recent call last):
File "/home/ubuntu/.ansible/tmp/ansible-tmp-1419895753.17-160808281985012/s3", line 2031, in <module> main()
File "/home/ubuntu/.ansible/tmp/ansible-tmp-1419895753.17-160808281985012/s3", line 353, in main download_s3file(module, s3, bucket, obj, dest)
File "/home/ubuntu/.ansible/tmp/ansible-tmp-1419895753.17-160808281985012/s3", line 234, in download_s3file key.get_contents_to_filename(dest)
File "/usr/local/lib/python2.7/dist-packages/boto/s3/key.py", line 1665, in get_contents_to_filename response_headers=response_headers)
File "/usr/local/lib/python2.7/dist-packages/boto/s3/key.py", line 1603, in get_contents_to_file response_headers=response_headers)
File "/usr/local/lib/python2.7/dist-packages/boto/s3/key.py", line 1435, in get_file query_args=None)
File "/usr/local/lib/python2.7/dist-packages/boto/s3/key.py", line 1488, in _get_file_internal for bytes in self:
File "/usr/local/lib/python2.7/dist-packages/boto/s3/key.py", line 368, in next data = self.resp.read(self.BufferSize)
File "/usr/local/lib/python2.7/dist-packages/boto/connection.py", line 416, in read return httplib.HTTPResponse.read(self, amt)
File "/usr/lib/python2.7/httplib.py", line 567, in read s = self.fp.read(amt)
File "/usr/lib/python2.7/socket.py", line 380, in read data = self._sock.recv(left)
File "/usr/lib/python2.7/ssl.py", line 341, in recv return self.read(buflen)
File "/usr/lib/python2.7/ssl.py", line 260, in read return self._sslobj.read(len) ssl.SSLError: The read operation timed out
Don't pass the volumes_from argument to the Docker create_container method.
If the volumes_from argument is passed to the create_container method, Docker
raises the following exception:
docker.errors.DockerException: 'volumes_from' parameter has no effect on
create_container(). It has been moved to start()
This argument may be used to fetch additional refs beyond the default
refs/heads/* and refs/tags/*. Checking out GitHub pull requests or Gerrit
patch sets are two examples where this is useful.
Without this, specifying version=<sha1> with a SHA1 unreachable from any
tag or branch can't work.
De-duplicate repetitive code checking the exit code.
Include the stdout/stderr of the failed process in all cases.
Remove the returned values because no caller uses them.
Combine git commands where possible. There is no need to fetch branches
and tags as two separate operations.
Starting from docker-py>=0.5.0 it is impossible to work with private registries based on HTTP.
So we need additional parameter to allow pull from insecure registry
Related to ansible/ansible#9111