Mail archive

[alpine-devel] SSL connections hang on boot in Alpine VMs

From: Drew DeVault <>
Date: Sun, 16 Sep 2018 19:58:03 -0400

Hey guys. I'm dealing with a super bizzare issue and I'm hoping I might
find some help here. I have a script which creates qcow2 images with
Alpine installed:

Running this as root on an Alpine machine will produce a bootable qcow2
you can feed into qemu to reproduce my problem:

        qemu-system-x86_64 \
                -m 2048 \
                -net nic,model=virtio -net user,hostfwd=tcp::8022-:22 \
                -cpu host \
                -enable-kvm \
                -nographic \
                -drive file="root.img.qcow2",media=disk,snapshot=on,if=virtio

You can then SSH in with `ssh -p 8022 builds_at_localhost`, with no
password. This user is in the sudoers file. You should then be able to
`curl` to see that it can communicate fine with the
outside world. However, when you run `curl`, it will
simply hang. It's not a problem specific to curl, as it can also be
reproduced with `openssl s_client`.

Here's what makes it really weird: the problem goes away if you `apk del
alpine-sdk && apk add alpine-sdk`. I took one Alpine image on which the
problem was reproducable, and another after reinstalling alpine-sdk, and
diffed the filesystems - the only thing I saw here was /etc/apk/world
shook up beyond the capability of my diff tool. If no one has ideas I'm
going to try writing some scripts to make the differences in between
these files more apparent.

I build these images nightly. The problem first started appearing
sometime between 2018-09-06 20:36 UTC and 2018-09-07 20:36 UTC. I looked
over the commits to aports during that time (and a few days on either
end just to be sure), and found no leads. I also sorted by date modified and looked over the same dates in
other Alpine repos, and left similarly empty-handed.

Does anyone have any ideas?

Drew DeVault
Received on Sun Sep 16 2018 - 19:58:03 UTC