记一次因熵池大小不够引起的异常
由于特殊需求需要添加modprobe.blacklist=mpt3sas
kernel 参数,在添加完参数重启后,特定配置机型报如下message错误。message:
May 23 00:37:35 localhost systemd: Starting GSSAPI Proxy Daemon...
......
May 23 00:39:05 localhost systemd: gssproxy.service start operation timed out. Terminating.
May 23 00:39:05 localhost systemd: Failed to start GSSAPI Proxy Daemon.
May 23 00:39:05 localhost systemd: Unit gssproxy.service entered failed state.
May 23 00:39:05 localhost systemd: gssproxy.service failed.
经过探索得知该问题是a known issue with the kernels early boot entropy generation
(https://bbs.archlinux.org/viewtopic.php?id=242266
),由于熵池大小不够,导致在开机时gssproxy.service
获取random的时候卡住。
从下图systemd-analyze
中也可以得知gssproxy.service
阻塞了大约90s,然后在message中打印了gssproxy.service start operation timed out
。
[root@localhost ~]# cat /proc/sys/kernel/random/entropy_avail
991
[root@localhost ~]# cat /proc/sys/kernel/random/poolsize
4096
[root@localhost ~]# systemd-analyze
Startup finished in 2min 14.811s (firmware) + 50.102s (loader) + 1min 13.031s (kernel) + 1min 30.555s (userspace) = 5min 48.501s
[root@localhost ~]# systemd-analyze blame
1min 30.150s gssproxy.service
3.051s openibd.service
1.052s mcelog.service
935ms polkit.service
917ms microcode.service
......
由于特殊场景需求,在制作pxe ramdisk时使用最小化安装,没有安装rng-tools
服务,现安装rng-tools
补充熵池,并设置开机自动运行该服务:
[root@localhost ~]# yum install rng-tools
[root@localhost ~]# systemctl enable rng-tools
开机稳定后查看熵池和启动情况,gssproxy.service
没有了阻塞:
[root@localhost ~]# cat /proc/sys/kernel/random/entropy_avail
3402
[root@localhost ~]# cat /proc/sys/kernel/random/poolsize
4096
[root@localhost ~]# systemd-analyze
Startup finished in 2min 24.055s (firmware) + 52.023s (loader) + 1min 10.380s (kernel) + 4.146s (userspace) = 4min 30.606s
[root@localhost ~]# systemd-analyze blame
3.231s openibd.service
2.148s gssproxy.service
406ms tuned.service
372ms postfix.service
219ms systemd-udev-trigger.service
202ms network.service
....
查询message 中相关服务启动情况,可以发现rng-tools
服务先行启动,后运行gssproxy.service
时没有了阻塞。
May 23 00:48:56 localhost rngd: Initalizing available sources
......
May 23 00:48:56 localhost rngd: Enabling RDSEED rng support
......
May 23 00:48:56 localhost systemd: Starting Login Service...
May 23 00:48:56 localhost systemd: Starting GSSAPI Proxy Daemon...
May 23 00:48:58 localhost rngd: Enabling JITTER rng support
......
May 23 00:48:58 localhost systemd: Started GSSAPI Proxy Daemon.
https://bbs.archlinux.org/viewtopic.php?id=242266 gssproxy(https://pagure.io/gssproxy/tree/master) /dev/[u]random:对熵的解释(https://linux.cn/article-9697-1.html) Rng-tools(https://wiki.archlinux.org/index.php/Rng-tools)
本文分享自 WriteSimpleDemo 微信公众号,前往查看
如有侵权,请联系 cloudcommunity@tencent.com 删除。
本文参与 腾讯云自媒体同步曝光计划 ,欢迎热爱写作的你一起参与!