1. Problem symptoms

  1. Tomcat takes a long time to start, with an average time of about 500 seconds.
  2. The service responds slowly and the page waits until it times out

2. Log analysis

  1. The tomcat log finds that it takes a long time to generate the sessionId. After tracing the generating principle of the sessionId, the system random number method is used. Google secureRandom initially suspects that it is a secureRandom number problem.


If Tomcat is used as the Web container, Tomcat uses SecureRandom to generate the SessionId. This is a standard configuration. On Linux, SecureRandom obtains a random number from /dev/random by default. Random numbers in /dev/random come from keystrokes, disk read/write, network read/write, etc. For the system running for a long time in the back, the system operation tends to be stable, predictable, and random, which results in insufficient entropy source. When entropy sources are insufficient, obtaining random numbers from the /dev/random device blocks until there are enough entropy sources.

Problem solving

1. Check the system entropy

watch -n 1 cat /proc/sys/kernel/random/entropy_avail
Copy the code

Generally speaking, the entropy value of the system is around 3000. If the entropy value is low, it indicates that there is a problem. You can install standard services under Linux to keep the entropy value at a high level

2. Temporary solutions

To configure Tomcat, change the /dev/random value in the Tomcat configuration file to /dev/urandom, and restart the Tomcat

3. Install system tools

Operating system built-in RNG tools, such as haveGED or RNGD can be used, here provides a configuration method

yum install haveged

chkconfig haveged on
Copy the code