Running out of entropy in virtualized Linux systems seems to be a common problem (e.g. /dev/random Extremely Slow?, Getting linux to buffer /dev/random). Despite using a hardware random number generator (HRNG), it is often suggested to use an entropy gathering daemon like HAVEGED. However, an EGD cannot be run inside a Docker container and must be provided by the host.
Using an EGD works fine for Docker hosts based on Linux distributions like Ubuntu, RHEL, etc. However, getting such a daemon to work inside boot2docker - which is based on Tiny Core Linux (TCL) - seems to be another story. Although TCL has an extension mechanism, an extension for an entropy gathering daemon doesn't seem to be available.
Using an EGD works fine for Docker hosts based on Linux distributions like Ubuntu, RHEL, etc. However, getting such a daemon to work inside boot2docker - which is based on Tiny Core Linux (TCL) - seems to be another story. Although TCL has an extension mechanism, an extension for an entropy gathering daemon doesn't seem to be available.
EGD似乎是在(生产)托管环境中运行docker容器的合适解决方案,但如何在boot2docker中进行开发/测试呢?
由于在boot2docker中运行EGD似乎太困难了,我考虑简单地使用/dev/urandom代替/dev/random。使用/dev/urandom不太安全,但对于大多数不生成长期加密密钥的应用程序来说仍然可以接受。至少在boot2docker内部进行开发/测试应该是可以的。
urandom用户。你需要做什么才需要更多的呢? - akostadinovSecureRandomvs/dev/[u]random的额外信息 - https://bugs.openjdk.java.net/browse/JDK-4705093 - akostadinov