[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[nova][entropy] what are your rate limits??

Hello Openstack Discuss,

I am doing some investigation into instance entropy and was wondering
what settings others are using with regard to rate limiting entropy
supplied by the hypervisor.

Specifically, we're adding the "hw_rng:allowed=True" nova flavor
property to pass libvirt the relevant config, but need to decide the
appropriate rate limiting settings to prevent instances from being
greedy with entropy but still retain a comfortable level for themselves.
I've done some experimenting (100 bytes/s is possibly a minimum, but
still allows a comfortable value of ~1000 for free entropy in instances)

I'm also curious to hear other's experiences when it comes to entropy in
* What sources of entropy did you use in the hypervisor?
* Issues you've faced which was caused by insufficient entropy (instance
or host)

Note, this is for a public cloud scenario, should that impact any
suggestions you have.