after boot finished
$ docker info
crypto/rand: blocked for 60 seconds waiting to read random data from the kernel
I tried to add a virtio-rng device like this
<rng model='virtio'>
<rate bytes='1024' period='2000'/>
<backend model='random'>/dev/random</backend>
<address type='pci' domain='0x0000' bus='0x00' slot='0x08' function='0x0'/>
</rng>
but
$ cat /sys/devices/virtual/misc/hw_random/rng_current
none
$ cat /sys/devices/virtual/misc/hw_random/rng_available
I configured CPUID like this and I'm pretty sure it has rdrand feature flag
<cpu mode='host-model' check='partial'>
<model fallback='allow'/>
</cpu>
but /proc/sys/kernel/random/entropy_avail is still increasing very slowly at ~3/second.
If I intentionally disable rdrand like this
<cpu mode='host-model' check='partial'>
<model fallback='allow'/>
<feature policy='disable' name='rdrand'/>
</cpu>
I have haveged and a lot of entropy.
after boot finished
I tried to add a virtio-rng device like this
but
I configured CPUID like this and I'm pretty sure it has rdrand feature flag
but
/proc/sys/kernel/random/entropy_availis still increasing very slowly at ~3/second.If I intentionally disable rdrand like this
I have haveged and a lot of entropy.