Hi, I had a similar issue on an old CentOS 5.x box. The tomcat instance running our GeoServer was taking a long time to start. I found this page that has a Linux service that can be installed to generate entropy.
https://www.digitalocean.com/community/tutorials/how-to-setup-additional-entropy-for-cloud-servers-using-haveged I was able to keep our securerandom.source on /dev/random. Chris Snider Senior Software Engineer Intelligent Software Solutions, Inc. -----Original Message----- From: Daniel Araujo Miranda [mailto:miranda....@dpf.gov.br] Sent: Friday, January 27, 2017 6:16 AM To: geoserver-users@lists.sourceforge.net Subject: [Geoserver-users] Quick tip: geoserver startup in 13s instead of 6min Hello everyone, TLDR: Change the line "securerandom.source=file:/dev/random" in "/etc/java-8-openjdk/security/java.security" to point to /dev/urandom instead to start a clean geoserver install in 13 seconds instead of 6 minutes. Be mindful of security implications. I have been puzzled by some time why geoserver 2.10 and 2.10.1 took about 6 minutes to start in a kvm virtual machine, with a newly copied war file to the tomcat folder (/var/lib/tomcat8/webapps/ in my case). Nobody else seemed to have that problem and I was unable to identify meaningful log messages or anything different with my installation to ask a proper question here. I found out that the random number generator was not getting enough entropy to even start up a new session in tomcat. I finally noticed the the following line in /var/log/tomcat8/catalina.out which exposed the problem: INFO: Creation of SecureRandom instance for session ID generation using [SHA1PRNG] took [313,537] milliseconds. (In my defense, we use the comma as a decimal separator in Brazil, so the above time seemed to be 0.3 seconds at a glance) Changing securerandom.source from /dev/random to /dev/urandom in java.security solved the problem immediately. I decided to exchange a bit of security for a faster startup. Please BE AWARE OF THE SECURITY IMPLICATIONS if you do that. My accessment is that it is a reasonable tradeoff IN MY CASE. How to test: -take a fresh ubuntu 16.4 server "minimal virtual machine" installation in a KVM host -Install tomcat8 -Download geoserver, jai and jai_imageio -Unpack everything in their proper places (see http://docs.geoserver.org/stable/en/user/production/java.html) -after tomcat stops unpacking the geoserver war, run: service tomcat8 stop && service tomcat8 start && time curl -vvhttp://127.0.0.1:8080/geoserver/web That will take an arbitrary amount of time to complete, depending on how much entropy your VM has access to. If it is on a busy network and you type a lot on the console, it may finish sooner, if it is completely isolated and you are using a virtual terminal instead of ssh, it may take a long time. In my case it took 6 minutes with very light ssh console usage and a quiet network. Making more usage of the ssh console brought the time down to 3 minutes. Change the entropy source from /dev/random to /dev/urandom and you will see times for that test around 10 seconds. Best, Daniel ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot _______________________________________________ Geoserver-users mailing list Geoserver-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/geoserver-users ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot _______________________________________________ Geoserver-users mailing list Geoserver-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/geoserver-users
