[jira] [Commented] (SOLR-10352) Low entropy warning in bin/solr script

[Ishan Chattopadhyaya (JIRA)]

    [ 
https://issues.apache.org/jira/browse/SOLR-10352?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15945718#comment-15945718
 ] 

Ishan Chattopadhyaya commented on SOLR-10352:
---------------------------------------------

[~hossman], I think it is a good point that entropy could, in theory, go up and 
down over the course of the life of a Solr process. In practice, a host with 
high entropy (say baremetal) continues to remain in high entropy available 
state; and low entropy hosts (say VMs) continue to remain in a low entropy 
mode. So, although in theory a system could get in and out of the diminished 
available entropy state, in practice, afaik, a good system remains good and a 
bad one remains bad. Hence, a startup warning feels like a sensible thing to 
throw out there.

bq. Rather then warning about this in bin/solr I feel like this type of 
information should be exposed by the solr metrics code, so people can easily 
monitor it over the life of the solr server process
I feel that a start up warning should definitely be thrown, since we already 
know that there will be a problem. Having metrics support and UI warning is a 
great idea. However, I think we should do both (startup warning and metrics/UI 
warning).

> Low entropy warning in bin/solr script
> --------------------------------------
>
>                 Key: SOLR-10352
>                 URL: https://issues.apache.org/jira/browse/SOLR-10352
>             Project: Solr
>          Issue Type: Improvement
>      Security Level: Public(Default Security Level. Issues are Public) 
>            Reporter: Ishan Chattopadhyaya
>             Fix For: master (7.0), branch_6x
>
>         Attachments: SOLR-10352.patch
>
>
> We should add a warning in the startup script for Linux, if the output of the 
> following is below a certain threshold (maybe 300?). The warning could 
> indicate that features like UUIDField, SSL etc. might not work properly (or 
> be slow). As a hint, we could then suggest the user to configure a non 
> blocking SecureRandom (SOLR-10338) or install rng-tools, haveged etc.
> {quote}
> cat /proc/sys/kernel/random/entropy_avail
> {quote}
> Original discussion:
> https://issues.apache.org/jira/browse/SOLR-10338?focusedCommentId=15938904&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-15938904



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org