[PVE-User] Debian buster inside PVE KVM

arjenvanweelden at gmail.com arjenvanweelden at gmail.com
Mon Jul 8 09:34:33 CEST 2019


On Mon, 2019-07-08 at 09:10 +0200, Thomas Lamprecht wrote:
> Am 7/8/19 um 8:05 AM schrieb Fabian Grünbichler:
> > On Mon, Jul 08, 2019 at 02:16:34AM +0200, Chris Hofstaedtler |
> > Deduktiva wrote:
> > > Hello,
> > > 
> > > while doing some test upgrades I ran into the buster RNG problem
> > > [1],
> > > where the newer kernel and systemd use a lot more randomness
> > > during
> > > boot, causing startup delays.
> > > 
> > > Very clearly noticable in dmesg:
> > > [    1.500056] random: fast init done
> > > [  191.700840] random: crng init done
> > > [  191.701445] random: 7 urandom warning(s) missed due to
> > > ratelimiting
> > > 
> > > I couldn't find a supported way of enabling virtio_rng [2] in PVE
> > > 5.4 or the 6.0 beta. As a test, I've set "args: -device
> > > virtio-rng-pci" and that appears to work - the VM auto-loads the
> > > virtio_rng kmod and "crng init done" happens at ~4s after
> > > poweron.
> > 
> > yes, that's the way to go for now.
> > 
> > > Are there any recommendations at this time or plans for adding
> > > virtio_rng?
> > 
> > filed [1] to keep track of adding proper support, as it sounds like
> > a
> > simple enough but worthwhile feature to me :)
> > 
> > 1: https://bugzilla.proxmox.com/show_bug.cgi?id=2264
> > 
> 
> The request for this is a bit older, and then some concerns about
> possible depleting the hosts entropy pool were raised.
> Maybe we want to ship havedged, or at least recommend it in docs if
> no
> other "high" bandwitdh (relatively speaking) HW rng source is
> available on the host... ATM, I cannot find the discussion, sorry,
> IIRC it was on a mailing list of ours..
> 
I've been happily using this for some time now, after I figured out
which address to use. 
When adding virtio-devices manually, one must make sure that the 
virtual PCI-slot (,addr=...) does not conflict with other (optional)
devices, which Proxmox can do automatically. 

Having this (as an option) in the GUI would be very nice, 
and 'apt-get install haveged' is quick and easy.

kind regards, Arjen



More information about the pve-user mailing list