Not enough entropy on RedHat
March 12, 2014
Chaos is good…
I found the wlst and the weblogic adminserver kept ‘hanging’ on me. When doing a domain creation sometimes the script would just stall, when I logged in to check the box things would be ok. Strange says I.
Turns out to be kind of a common problem, I set the box up as a virtual machine and since I was only ssh’d into the box I wasn’t creating enough entropy for the random pool on redhat. Weblogic does a good bit of ssl and encryption and can use up the pool very quickly, especially a headless dev box as there’s next to nothing happening on the box.
watch cat /proc/sys/kernel/random/entropy_avail
Every 2.0s: cat /proc/sys/kernel/random/entropy_avail Wed Mar 12 18:50:13 2014
170 Not alot available
rngd -r /dev/urandom -o /dev/randomMuch better
Every 2.0s: cat /proc/sys/kernel/random/entropy_avail Wed Mar 12 19:11:17 2014
3200 Of course you’ll need a better long term solution
rngd -r /dev/urandom -o /dev/random -b -W 4096 -t 30 -r take random bits from /dev/urandom
-o output them to /dev/random
-b become a background daemon
-W fill up to 4096 bits (the max I think)
-t refresh every 30 seconds
To have that run on startup
edit
vi /etc/sysconfig/rngd Replace the EXTRAOPTIONS with
EXTRAOPTIONS="-r /dev/urandom -o /dev/random -b -W 4096 -t 30" Make sure rngd starts on each boot
chkconfig rngd onYou should have no more delays now, adjust the refresh internal if there’s problems.
Note
/dev/urandom isn’t fully random (what is), when it runs out it just reuses what it has, /dev/random blocks when it runs out, hence the ‘hanging’. But it solved my problem the sysadmin’s can sort a proper solution for production.
More on /dev/random here
- ← Syntax Highlighter - Remove the lime green help box on blogger
- Really slow wlst and adminserver start on weblogic →
