Cybersecurity
DevOps Cloud
IT Operations Cloud
The KM will talk about OBM Entropy which is used when establishing SSL connections - on older Linux versions, and should one install rng-tools or haveged? Operations Bridge Manager (OBM) 23.4 onwards
Operations Bridge Manager (OBM) 23.4 onwards
OBM consistently uses SSL for its operations. For example, when running the command ovpolicy -list, the getrandom system call is invoked 1,028 times because ovpolicy makes a network call via ::1 (the loopback address). OBM needs systems with high entropy values - the OBM installation script checks for entropy values of 1000 or greater.
One can check the systems value:
# cat /proc/sys/kernel/random/entropy_avail
Why is the important? Entropy which is used when establishing SSL connections. If it takes a long time for the SSL connection to be established (e.g. with newer OBM versions), this can slow down on older Linux versions, should one install rng-tools or haveged?
For resolution, read the complete knowledge article