openssl command not found on Amazon Linux 2023

Question

openssl command not found on Amazon Linux 2023

1.6k views Asked by dor272 At 15 September 2024 at 06:08

I'm trying to build an image to run my lambda on. Here is my Dockerfile:

FROM public.ecr.aws/lambda/nodejs:20 as builder

RUN cat /etc/os-release
RUN dnf update openssl --releasever 2023.1.20230628
RUN openssl version

As you can see I'm using public.ecr.aws/lambda/nodejs:20 as my base image which is essentially AL2023. According AWS documentation it should include openssl.

This is the output I'm getting when trying to build the image:

docker build . -t my-lambda:latest --progress=plain --no-cache
#1 [internal] load .dockerignore
#1 sha256:e2e74645a617f8bce593dbb1cf4304482dcd28054f6cea850ccb77574cd12ee9
#1 transferring context: 90B done
#1 DONE 0.0s

#2 [internal] load build definition from Dockerfile
#2 sha256:a5985557ca192b77e5409c6978ac0338b35bc83234f8c6369f656dcc115775be
#2 transferring dockerfile: 514B done
#2 DONE 0.1s

#3 [internal] load metadata for public.ecr.aws/lambda/nodejs:20
#3 sha256:22555236da0b11a31f85b50d3718b6f6dcfe03d4d91d244273bafcec65c0b81d
#3 DONE 0.3s

#7 [1/4] FROM public.ecr.aws/lambda/nodejs:20@sha256:46e373b9c08aaca6b7a412debe59e34c7fc7639fcbc845c339d32d47ee6cc014
#7 sha256:912d0b2ef6b4c2aec75a54e83220ebeb279cdb28e51a66444d63fca84bc9ed48
#7 CACHED

#6 [2/4] RUN cat /etc/os-release
#6 sha256:0c966002ec2a8b85bd1cb57db690d58c751fcf847be7eb16cb2082d3b4ad1b34
#6 0.372 NAME="Amazon Linux"
#6 0.372 VERSION="2023"
#6 0.372 ID="amzn"
#6 0.372 ID_LIKE="fedora"
#6 0.372 VERSION_ID="2023"
#6 0.372 PLATFORM_ID="platform:al2023"
#6 0.372 PRETTY_NAME="Amazon Linux 2023"
#6 0.372 ANSI_COLOR="0;33"
#6 0.372 CPE_NAME="cpe:2.3:o:amazon:amazon_linux:2023"
#6 0.372 HOME_URL="https://aws.amazon.com/linux/"
#6 0.372 BUG_REPORT_URL="https://github.com/amazonlinux/amazon-linux-2023"
#6 0.372 SUPPORT_END="2028-03-01"
#6 0.372 VARIANT_ID="202311101325-2023.100.0"
#6 DONE 0.4s

#5 [3/4] RUN dnf update openssl --releasever 2023.1.20230628
#5 sha256:9013908f89f79c682a409cfd2ef0e340e2170d71931b7011142d4778650da1a1
#5 0.673 Downloading metadata...
#5 14.54 Nothing to do.
#5 DONE 14.6s

#4 [4/4] RUN openssl version
#4 sha256:1dc9188400fb72b82a4ee45b3c83ae43c09e5bbc87b0c2330e6fde926a73c0cf
#4 0.643 /bin/sh: line 1: openssl: command not found
#4 ERROR: process "/bin/sh -c openssl version" did not complete successfully: exit code: 127
------
 > [4/4] RUN openssl version:
------
process "/bin/sh -c openssl version" did not complete successfully: exit code: 127

When trying to update it doesn't throw any error, it seems like openssl is installed, but when trying to run it, it throws an error "command not found".

I tried to alter my docker file to:

FROM public.ecr.aws/lambda/nodejs:20 as builder

RUN cat /etc/os-release
RUN dnf update openssl --releasever 2023.1.20230628
RUN echo "y" | dnf install openssl
RUN opensll version

But then I get:

docker build . -t my-lambda:latest --progress=plain --no-cache
#1 [internal] load .dockerignore
#1 sha256:1474ad4fa73386cf2d7468ddac17bb88fcc02a316eefa3485d5fb929fe044f18
#1 transferring context: 90B done
#1 DONE 0.0s

#2 [internal] load build definition from Dockerfile
#2 sha256:ebdb7c13092d73296d3594f10c31a277f65ab8667475b0dd17d4f47e584b9f90
#2 transferring dockerfile: 514B done
#2 DONE 0.0s

#3 [internal] load metadata for public.ecr.aws/lambda/nodejs:20
#3 sha256:22555236da0b11a31f85b50d3718b6f6dcfe03d4d91d244273bafcec65c0b81d
#3 DONE 4.3s

#7 [1/4] FROM public.ecr.aws/lambda/nodejs:20@sha256:001d64881188b8efc5945d021b929e77f12eba63b307b50ce1c20b990b938d91
#7 sha256:981bfc540826173f491e70ab552db5f761380914dfd3c2400e370f915c897e3b
#7 resolve public.ecr.aws/lambda/nodejs:20@sha256:001d64881188b8efc5945d021b929e77f12eba63b307b50ce1c20b990b938d91 0.0s done
#7 sha256:001d64881188b8efc5945d021b929e77f12eba63b307b50ce1c20b990b938d91 772B / 772B done
#7 sha256:817d56b35fa5ecee062a8fdb1f1b6c42f88accce78d4e072e03d75e8df06b788 0B / 88.36kB 0.1s
#7 sha256:79a77e7c1be9a2c4f77ead609e8d8b7162377bb6905b2a244c7964d74d8c8762 0B / 2.51MB 0.1s
#7 sha256:a2b0a80420e4fece257ef7452af9ac8589fcb82035784bb54c654528fc6a16a2 1.58kB / 1.58kB done
#7 sha256:8aa50ea0e8e9f9af4e8fa38e7a5934afffe4e8cacca93620d6d8970140c9827f 3.00kB / 3.00kB done
#7 sha256:3cc448c22e150ba8637ff5f88ab8830bc2b7a59c9d4ec4c5b478b295bf4e3526 0B / 418B 0.1s
#7 sha256:79a77e7c1be9a2c4f77ead609e8d8b7162377bb6905b2a244c7964d74d8c8762 1.05MB / 2.51MB 0.5s
#7 sha256:79a77e7c1be9a2c4f77ead609e8d8b7162377bb6905b2a244c7964d74d8c8762 2.51MB / 2.51MB 0.5s done
#7 sha256:43a11fb739149d1d6a1bb92bbee0ef8df9e7b32d59e41b7f7e2b7e0e198cf3e8 0B / 53.14MB 0.6s
#7 sha256:3cc448c22e150ba8637ff5f88ab8830bc2b7a59c9d4ec4c5b478b295bf4e3526 418B / 418B 1.3s done
#7 sha256:f295eab1683019eaa23a09445a6b16497d060f96f2a7678990c1edec9bbec3fd 0B / 21.33MB 1.3s
#7 sha256:817d56b35fa5ecee062a8fdb1f1b6c42f88accce78d4e072e03d75e8df06b788 88.36kB / 88.36kB 2.4s
#7 sha256:817d56b35fa5ecee062a8fdb1f1b6c42f88accce78d4e072e03d75e8df06b788 88.36kB / 88.36kB 2.4s done
#7 extracting sha256:817d56b35fa5ecee062a8fdb1f1b6c42f88accce78d4e072e03d75e8df06b788 done
#7 extracting sha256:3cc448c22e150ba8637ff5f88ab8830bc2b7a59c9d4ec4c5b478b295bf4e3526 done
#7 extracting sha256:79a77e7c1be9a2c4f77ead609e8d8b7162377bb6905b2a244c7964d74d8c8762
#7 extracting sha256:79a77e7c1be9a2c4f77ead609e8d8b7162377bb6905b2a244c7964d74d8c8762 0.0s done
#7 sha256:f295eab1683019eaa23a09445a6b16497d060f96f2a7678990c1edec9bbec3fd 2.10MB / 21.33MB 3.6s
#7 sha256:43a11fb739149d1d6a1bb92bbee0ef8df9e7b32d59e41b7f7e2b7e0e198cf3e8 10.49MB / 53.14MB 3.8s
#7 sha256:f295eab1683019eaa23a09445a6b16497d060f96f2a7678990c1edec9bbec3fd 8.39MB / 21.33MB 3.8s
#7 sha256:43a11fb739149d1d6a1bb92bbee0ef8df9e7b32d59e41b7f7e2b7e0e198cf3e8 16.78MB / 53.14MB 3.9s
#7 sha256:f295eab1683019eaa23a09445a6b16497d060f96f2a7678990c1edec9bbec3fd 10.49MB / 21.33MB 3.9s
#7 sha256:43a11fb739149d1d6a1bb92bbee0ef8df9e7b32d59e41b7f7e2b7e0e198cf3e8 23.07MB / 53.14MB 4.0s
#7 sha256:f295eab1683019eaa23a09445a6b16497d060f96f2a7678990c1edec9bbec3fd 12.58MB / 21.33MB 4.0s
#7 sha256:43a11fb739149d1d6a1bb92bbee0ef8df9e7b32d59e41b7f7e2b7e0e198cf3e8 26.21MB / 53.14MB 4.1s
#7 sha256:f295eab1683019eaa23a09445a6b16497d060f96f2a7678990c1edec9bbec3fd 16.78MB / 21.33MB 4.1s
#7 sha256:f295eab1683019eaa23a09445a6b16497d060f96f2a7678990c1edec9bbec3fd 21.33MB / 21.33MB 4.4s done
#7 sha256:43a11fb739149d1d6a1bb92bbee0ef8df9e7b32d59e41b7f7e2b7e0e198cf3e8 32.51MB / 53.14MB 4.6s
#7 sha256:43a11fb739149d1d6a1bb92bbee0ef8df9e7b32d59e41b7f7e2b7e0e198cf3e8 38.80MB / 53.14MB 4.9s
#7 sha256:43a11fb739149d1d6a1bb92bbee0ef8df9e7b32d59e41b7f7e2b7e0e198cf3e8 42.99MB / 53.14MB 5.2s
#7 sha256:43a11fb739149d1d6a1bb92bbee0ef8df9e7b32d59e41b7f7e2b7e0e198cf3e8 48.23MB / 53.14MB 5.4s
#7 sha256:43a11fb739149d1d6a1bb92bbee0ef8df9e7b32d59e41b7f7e2b7e0e198cf3e8 53.14MB / 53.14MB 5.7s
#7 extracting sha256:43a11fb739149d1d6a1bb92bbee0ef8df9e7b32d59e41b7f7e2b7e0e198cf3e8
#7 sha256:43a11fb739149d1d6a1bb92bbee0ef8df9e7b32d59e41b7f7e2b7e0e198cf3e8 53.14MB / 53.14MB 5.7s done
#7 extracting sha256:43a11fb739149d1d6a1bb92bbee0ef8df9e7b32d59e41b7f7e2b7e0e198cf3e8 2.0s done
#7 extracting sha256:f295eab1683019eaa23a09445a6b16497d060f96f2a7678990c1edec9bbec3fd
#7 extracting sha256:f295eab1683019eaa23a09445a6b16497d060f96f2a7678990c1edec9bbec3fd 5.0s
#7 extracting sha256:f295eab1683019eaa23a09445a6b16497d060f96f2a7678990c1edec9bbec3fd 8.0s done
#7 DONE 16.3s

#6 [2/4] RUN cat /etc/os-release
#6 sha256:a8d4068ff79dd27fa2bfa7a64d0ae46ec94e20ef6bc76ea324167ac3ee38854c
#6 0.302 NAME="Amazon Linux"
#6 0.302 VERSION="2023"
#6 0.302 ID="amzn"
#6 0.302 ID_LIKE="fedora"
#6 0.302 VERSION_ID="2023"
#6 0.302 PLATFORM_ID="platform:al2023"
#6 0.302 PRETTY_NAME="Amazon Linux 2023"
#6 0.302 ANSI_COLOR="0;33"
#6 0.302 CPE_NAME="cpe:2.3:o:amazon:amazon_linux:2023"
#6 0.302 HOME_URL="https://aws.amazon.com/linux/"
#6 0.302 BUG_REPORT_URL="https://github.com/amazonlinux/amazon-linux-2023"
#6 0.302 SUPPORT_END="2028-03-01"
#6 0.302 VARIANT_ID="202311101325-2023.100.0"
#6 DONE 0.5s

#5 [3/4] RUN echo "y" | dnf install openssl
#5 sha256:269e67e993654b9e0f4c8dcba344973ed2dd9542029fc2d8b6fbcc71734b1c66
#5 0.508 Downloading metadata...
#5 8.013 Package                                Repository    Size
#5 8.013 Installing:                                              
#5 8.013  openssl-1:3.0.8-1.amzn2023.0.9.x86_64 amazonlinux 1.2 MB
#5 8.013 Transaction Summary:
#5 8.013  Installing:        1 packages
#5 8.013  Reinstalling:      0 packages
#5 8.013  Upgrading:         0 packages
#5 8.013  Obsoleting:        0 packages
#5 8.013  Removing:          0 packages
#5 8.013  Downgrading:       0 packages
#5 8.013 Is this ok [y/N]: Downloading packages...
#5 9.573 Running transaction test...
#5 9.626 Installing: openssl;1:3.0.8-1.amzn2023.0.9;x86_64;amazonlinux
#5 9.794 Complete.
#5 DONE 9.9s

#4 [4/4] RUN openssl version
#4 sha256:5881d61e065e4dad5d608a3c1bf0e17e9c36b00ecbad4a6e2820ff0f24506275
#4 0.385 openssl: symbol lookup error: openssl: undefined symbol: SSL_get_srp_g, version OPENSSL_3.0.0
#4 ERROR: process "/bin/sh -c openssl version" did not complete successfully: exit code: 127
------
 > [4/4] RUN openssl version:
------
process "/bin/sh -c openssl version" did not complete successfully: exit code: 127

What am I doing wrong? How can I use openssl in this image?

Thanks.

Original Q&A

There are 3 answers

Viktor Yukhymchuk On 28 November 2023 at 20:06

dnf install openssl-1:3.0.5-1.amzn2023.0.7.x86_64

Yuri Ginsburg On 22 November 2023 at 06:15

Looks like Amazon's image does not have openssl installed. The document you are referring to mentions it in Packages section. Also in your dnf installation output:

#5 8.013  Installing:        1 packages
#5 8.013  Reinstalling:      0 packages
#5 8.013  Upgrading:         0 packages
#5 8.013  Obsoleting:        0 packages
#5 8.013  Removing:          0 packages
#5 8.013  Downgrading:       0 packages

But after install openssl runs with errors:

#4 0.385 openssl: symbol lookup error: openssl: undefined symbol: SSL_get_srp_g, version OPENSSL_3.0.0

I'd recommend to follow Amazon's document https://docs.aws.amazon.com/solutions/latest/centralized-logging-with-opensearch/openssl-1.1-installation.html and run

yum install openssl11

**dor272** · Accepted Answer · 2023-11-29 07:16:57

The problem was with LD_LIBRARY_PATH

this dockerfile works:

FROM public.ecr.aws/lambda/nodejs:20 as node-openssl
RUN dnf install -y openssl
ENV LD_LIBRARY_PATH=""
RUN openssl version

TechQA.

openssl command not found on Amazon Linux 2023

There are 3 answers

Related Questions in AWS-LAMBDA

Related Questions in OPENSSL

Related Questions in AMAZON-LINUX

Related Questions in AMAZON-LINUX-2023

Popular Questions

Popular Tags

Trending Questions