Re: Buster startup is blocked for minutes long

To: Steffen Möller <steffen_moeller@gmx.de>, debian-cloud@lists.debian.org
Subject: Re: Buster startup is blocked for minutes long
From: Gustavo Serra Scalet <gustavo.scalet@collabora.com>
Date: Thu, 16 Aug 2018 14:14:40 -0300
Message-id: <[🔎] 555cf892-56e1-c180-9b73-369d8438d9eb@collabora.com>
In-reply-to: <6c3a440f-c0f7-54a5-ff7d-3fa5027810b8@gmx.de>
References: <[🔎] 47dd01fa-44ec-86c4-91fb-69386a3030a3@collabora.com> <d4504f77-d16b-a72d-8ae3-489ba9a1a685@gmx.de> <d1073ca3-0a5e-0a14-07ef-48baa0d8bdc1@collabora.com> <6c3a440f-c0f7-54a5-ff7d-3fa5027810b8@gmx.de>

On 16/08/2018 11:50, Steffen Möller wrote:


On 8/16/18 3:35 PM, Gustavo Serra Scalet wrote:

On 16/08/2018 10:30, Steffen Möller wrote:

Does installing http://www.issihosts.com/haveged/ help?



I saw this workaround when researching about this issue, but I was not
motivated for some reasons:

1) that's kind of old technology, package is not being maintained

Ah. Hm. Indeed. That 1.9.1 (now 1.9.6) is from 2014.  I have too many
packages already, otherwise, ... I will look around locally if there is
a new aspiring maintainer somewhere nearby.


Oh, not so bad. I recall it having the latest release back in 2006.

2) it would reduce randomness in hope to kickoff better entropy
faster, as I understood. So it's undesirable

For solving this once for all, I think the host could seed the guest
with some other mechanism that would be cloud provider specific.

This blog post from ubuntu cloud was really helpful:
https://blog.dustinkirkland.com/2014/02/random-seeds-in-ubuntu-1404-lts-cloud.html

Please also have a look at https://roll.urown.net/server/entropy.html


Great summary for a solution.


ps: did you intend to send this message privately or was it not sent
to the list by mistake?


Ok, I'll do. I think it's useful for other people to be aware of this.


Feel free to reply publicly. I just was not sure if this distracts you
from what you want to achieve since as you said there was a fix already.

Yeah, it gets the 256 bytes using /dev/urandom, which looks good enoughas the maintainer itself implemented this fallback.

However, if the fix just shortens the boot time and does not yield the
entropy it needs, then maybe you indeed want that extra entropy and you
may also want to wait for it. Also, you may not want additional internet
connections to depend on.

Taking longer to load is really unwanted. Besides that, I'm not sure ifhaving an external service to boot depend to depend is acceptable (e.gpollinate). I guess that if Google would use such a service, they wouldneed to host it inside their cloud just to be sure that it'd be fast andreliable as they would want.


Cheers,

Steffen



--
Gustavo Serra Scalet

Reply to:

References:
- Buster startup is blocked for minutes long
  - From: Gustavo Serra Scalet <gustavo.scalet@collabora.com>

Prev by Date: 2018 Debian Cloud Sprint, 8-10 October, venue TBD
Next by Date: Re: Cloud sprint: please do not have it conflict with the OpenStack summit
Previous by thread: Re: Buster startup is blocked for minutes long
Next by thread: Re: Buster startup is blocked for minutes long
Index(es):
- Date
- Thread