ALM-12040 Insufficient System Entropy
Description
The system checks the entropy at 00:00:00 every day, and performs five consecutive checks each time. First, the system checks whether the rng-tools or haveged tool is enabled and correctly configured. If not, the system checks the current entropy. If the entropy is smaller than 100 in the five checks, this alarm is generated.
If the true random number mode is configured, random numbers are configured in the pseudo-random number mode, or neither the true random number mode nor the pseudo-random number mode is configured but the entropy is greater than or equal to 100 in at least one check among the five checks, this alarm is cleared.
Attribute
Alarm ID |
Alarm Severity |
Auto Clear |
---|---|---|
12040 |
Major |
Yes |
Parameters
Name |
Meaning |
---|---|
Source |
Specifies the cluster or system for which the alarm is generated. |
ServiceName |
Specifies the service for which the alarm is generated. |
RoleName |
Specifies the role for which the alarm is generated. |
HostName |
Specifies the host name for which the alarm is generated. |
Impact on the System
System running is affected.
Possible Causes
The haveged service or rngd service is abnormal.
Procedure
Check and manually configure the system entropy.
- On the FusionInsight Manager portal, click O&M > Alarm > Alarms.
- Obtain the value of the HostName field in Location.
- Log in to the node where the alarm is generated as user root.
- Run the /bin/rpm -qa | grep -w "haveged" command to check haveged installation status. Check whether the command output is empty.
- Run the /sbin/service haveged status |grep "running" command, and view the command output.
- Run the /bin/rpm -qa | grep -w "rng-tools" command to check rng-tools installation status. Check whether the command output is empty.
- Run the ps -ef | grep -v "grep" | grep rngd | tr-d " " | grep "\-o/dev/random" | grep "\-r/dev/urandom" command, and view the command output.
- Manually configure the system entropy. For details, see Related Information.
- Wait until 00:00:00 on the next day when the system checks the entropy again. Check whether the alarm is cleared automatically.
- If yes, no further action is required.
- If no, go to 10.
Collect fault information.
- On the FusionInsight Manager portal, choose O&M > Log > Download.
- Select NodeAgent from the Service and click OK.
- Click in the upper right corner, and set Start Date and End Date for log collection to 10 minutes ahead of and after the alarm generation time, respectively. Then, click Download.
- Contact the O&M personnel and send the collected log information.
Alarm Clearing
After the fault is rectified, the system automatically clears this alarm.
Related Information
Manually check the system entropy.
Log in to the node as user root and run the cat/proc/sys/kernel/random/entropy_avail command to check whether the system entropy meets the cluster installation requirements (the entropy must be greater than or equal to 500). If the system entropy is smaller than 500, you can reset it by using one of the following methods:
- Using the haveged tool (true random number mode): Contact the OS provider to install the tool and then start it.
- Using the rng-tools tool (pseudo random number mode): Contact the OS provider to install the tool and then configure the system entropy based on the OS type.
- In the Red Hat or CentOS environment, run the following commands to configure the system entropy:
echo 'EXTRAOPTIONS="-r /dev/urandom -o /dev/random -t 1 -i"' >> /etc/sysconfig/rngd
service rngd start
chkconfig rngd on
- In the SUSE environment, run the following commands to configure the system entropy:
rngd -r /dev/urandom -o /dev/random
echo "rngd -r /dev/urandom -o /dev/random" >> /etc/rc.d/after.local
- In the Red Hat or CentOS environment, run the following commands to configure the system entropy:
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot