HTTPS proxy dies during first request

[mwarkentin]

I'm running into issues w/ using the HTTPS proxy locally.

docker-compose.yml:

web:
  build: .
  command: actions/web.sh
  environment:
    - DEVELOPMENT_MODE=true
    - WEB_CONCURRENCY=1
  labels:
    - convox.port.7001.protocol=https
  ports:
    - 7001:80
  links:
    - redis
redis:
  image: convox/redis
  ports:
    - 6380

The proxy container dies immediately when I make a request to it (/bin/sh terminated instantly on first request as well):

michaelwarkentin@mwarkentin cheques (JNO-98-docker) ~~ $ docker ps
CONTAINER ID        IMAGE               COMMAND                  CREATED              STATUS              PORTS                              NAMES
a2180552ee64        cheques/web         "sh -c actions/web.sh"   About a minute ago   Up About a minute   0.0.0.0:48987->80/tcp              cheques-web
b18f3403b352        convox/proxy        "proxy 7001 172.17.0."   About a minute ago   Up About a minute   0.0.0.0:7001->7001/tcp             awesome_wing
5d12100d75e3        cheques/redis       "/docker-entrypoint.s"   About a minute ago   Up About a minute   6379/tcp, 0.0.0.0:6380->6380/tcp   cheques-redis
michaelwarkentin@mwarkentin cheques (JNO-98-docker) ~~ $ http https://192.168.99.100:7001

http: error: SSLError: EOF occurred in violation of protocol (_ssl.c:590) while doing GET request to URL: https://192.168.99.100:7001/
michaelwarkentin@mwarkentin cheques (JNO-98-docker) ~~ $ docker ps
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS                              NAMES
a2180552ee64        cheques/web         "sh -c actions/web.sh"   2 minutes ago       Up 2 minutes        0.0.0.0:48987->80/tcp              cheques-web
5d12100d75e3        cheques/redis       "/docker-entrypoint.s"   2 minutes ago       Up 2 minutes        6379/tcp, 0.0.0.0:6380->6380/tcp   cheques-redis

Proxy seems to be running inside the container:

/go/src/github.com/convox/proxy # ps
PID   USER     TIME   COMMAND
    1 root       0:00 proxy 7001 172.17.0.1:59850 https
   17 root       0:00 /bin/sh
   23 root       0:00 ps

I’m able to curl my web container from within the proxy container:

/go/src/github.com/convox/proxy # curl -I 172.17.0.1:43379
HTTP/1.1 200 OK
Server: nginx/1.9.9

Not sure how to figure out exactly where things are breaking, but since things seem to run until I make a request, it's likely further down in the stack from here: https://github.com/convox/proxy/blob/master/main.go#L73

[mwarkentin]

More verbose httpie request logs:

$ http --traceback --debug --verbose https://192.168.99.100:7001
HTTPie 0.9.3
HTTPie data: /Users/michaelwarkentin/.httpie
Requests 2.9.1
Pygments 2.0.2
Python 2.7.10 (default, Oct 23 2015, 19:19:21)
[GCC 4.2.1 Compatible Apple LLVM 7.0.0 (clang-700.0.59.5)] darwin

>>> requests.request(**{'allow_redirects': False,
 'auth': None,
 'cert': None,
 'data': OrderedDict(),
 'files': DataDict(),
 'headers': {'User-Agent': 'HTTPie/0.9.3'},
 'method': 'get',
 'params': ParamsDict(),
 'proxies': {},
 'stream': True,
 'timeout': 30,
 'url': u'https://192.168.99.100:7001',
 'verify': True})

Traceback (most recent call last):
  File "/usr/local/Cellar/httpie/0.9.3/libexec/bin/http", line 9, in <module>
    load_entry_point('httpie==0.9.3', 'console_scripts', 'http')()
  File "/usr/local/Cellar/httpie/0.9.3/libexec/lib/python2.7/site-packages/httpie/core.py", line 115, in main
    response = get_response(args, config_dir=env.config.directory)
  File "/usr/local/Cellar/httpie/0.9.3/libexec/lib/python2.7/site-packages/httpie/client.py", line 48, in get_response
    response = requests_session.request(**kwargs)
  File "/usr/local/Cellar/httpie/0.9.3/libexec/vendor/lib/python2.7/site-packages/requests/sessions.py", line 468, in request
    resp = self.send(prep, **send_kwargs)
  File "/usr/local/Cellar/httpie/0.9.3/libexec/vendor/lib/python2.7/site-packages/requests/sessions.py", line 576, in send
    r = adapter.send(request, **kwargs)
  File "/usr/local/Cellar/httpie/0.9.3/libexec/vendor/lib/python2.7/site-packages/requests/adapters.py", line 447, in send
    raise SSLError(e, request=request)
requests.exceptions.SSLError: EOF occurred in violation of protocol (_ssl.c:590)

And curl:

$ curl -v https://192.168.99.100:7001* Rebuilt URL to: https://192.168.99.100:7001/
*   Trying 192.168.99.100...
* Connected to 192.168.99.100 (192.168.99.100) port 7001 (#0)
* WARNING: using IP address, SNI is being disabled by the OS.
* Server aborted the SSL handshake
* Closing connection 0
curl: (35) Server aborted the SSL handshake

[mwarkentin]

@ddollar Any suggestions for how I can figure out what's going on here? Not seeing anything in my convox start logs for the proxy container.

[mwarkentin]

• Use proxy link vars to connect to endpoint #3
• use links to bind proxy container rack#648

[ddollar]

Fixed by #3