Comment 22 for bug 1833160

I could reproduce the bug with netapp driver!

As it is state in the last line: the ssl.py patched by the eventlet is not expecting an argument called "_context" to wrap_socket(). This error happens because ssl library has changed from python 3.6 to python 3.7 as showed by [1], but the eventlet patching has not.

The eventlet bug with python3.7 as well-known by the issue 526 [2]. This issue was open more than one year ago. There is a long discussion about it! Summing up it: there is an attempt to fix it by a pull request [3], it was created may 2019 and it has not finished yet, though! Actually, since November 2019, no more updates on that. So, the eventlet bug will not be fixed early!
However, in the eventlet disscussion, it was pointed 2 possible solutions:

1. Replace the eventlet by gevent

2. Replace “ssl” by “pyopenssl” lib

The code [6] reproduces the bug in a small peace of code. It uses the same library and methods as netapp driver does. It can be used to test the solutions.

Just replacing the eventlet by gevent and running the code [4], the bug is solved, validating the solution “1”! For the manila scenario, it might not be feasible, because the patching is applied out of driver scope, affecting all vendors. So, this solution is skipped by now (maybe a discussion about eventlet vs gevent could be created).

The solution “2” is not applied for the code [6], because it uses urllib (from six.moves). The urllib is a library that comes with python and its secure connection is mandatory from ssl library. I haven’t found a way to replace the ssl by pyopenssl in urllib. Hence, for the manila driver we could not apply the “2”.

The possible solution would be change the request library: instead of using urllib, it uses a lib that can perform ssl from pyopenssl. The “requests” library does it! For this one, the default is “pyopenssl” if this library is installed, otherwise it would use the “ssl” lib.
To validate the “requests” solution, the following code is created:

import eventlet
requests = eventlet.import_patched(“requests”)
full_url = “https://www.wikipedia.org”
resp = requests.get(full_url)
print(rest)

Without installing the “pyopenssl”, running the above code with python3.7 the same reported bug happens. After installing the “pyopenssl” (with pip3.7), the bug is fixed. The reason is that the “requests” lib uses the patched “pyopenssl” instead of the broken patched “ssl”.

Summing up, the possible solution would be change the request library: instead of std python lib “urllib”, uses the third party lib “requests”!

[1] https://bugs.python.org/issue32951
[2] https://github.com/eventlet/eventlet/issues/526
[3] https://github.com/eventlet/eventlet/pull/565
[4] https://gist.github.com/Murray-LIANG/9b506d98cf76d633a9d0e82f2bb5ece5