Stalls due to insufficient randomness in cloud images
Hi folks
We have the famous random stall problem in our cloud images as well.
cloud-init and our other provisioning tools will generate ssh keys and
need randomness for that, so block for several minutes on initial boot.[1]
For now we have two recipes against this:
- amd64 trusts RDRAND, but the host needs to provide proper cpu flags for
this to work and
- we support virtio-rng, which needs to be configured on the host.
But we have no solution that works without proper setup of the host
system.
Can we do more about it?
Does anyone know what RHEL8 (which should have this problem as well)
does to "fix" this problem?
Regards,
Bastian
[1]:
| [ 19.729995] EXT4-fs (vda1): resizing filesystem from 523259 to 5241840 blocks
| [ 19.817158] EXT4-fs (vda1): resized filesystem to 5241840
| [ 338.935286] random: crng init done
| [ 338.935397] random: 7 urandom warning(s) missed due to ratelimiting
| [ 339.204679] cloud-init[337]: /usr/lib/python3/dist-packages/cloudinit/config/cc_rsyslog.py:205: FutureWarning: Possible nested set at position 23
| [ 339.205092] cloud-init[337]: r'^(?P<proto>[@]{0,2})'
| [ 339.205381] cloud-init[337]: Generating public/private rsa key pair.
| [ 339.205616] cloud-init[337]: Your identification has been saved in /etc/ssh/ssh_host_rsa_key.
| [ 339.205858] cloud-init[337]: Your public key has been saved in /etc/ssh/ssh_host_rsa_key.pub.
| [ 339.206104] cloud-init[337]: The key fingerprint is:
| [ 339.206305] cloud-init[337]: SHA256:njDtF9i6YK772YFoYA0XCpwzQmibwprGeWJF9TuG3Sw root@test-power9
--
Killing is stupid; useless!
-- McCoy, "A Private Little War", stardate 4211.8
Reply to: