pcp-pmie reports "Low random number entropy available"

Solution Verified - Updated -

Environment

  • Red Hat Enterprise Linux 9.1.
  • pcp.
  • pmie logger.

Issue

pcp-pmie reports Low random number entropy available.

     pcp-pmie[2552]: Low random number entropy available 8.2%avail@xxxxxxxxxx
     pcp-pmie[2552]: Low random number entropy available 13.3%avail@xxxxxxxxxx
     pcp-pmie[2552]: Low random number entropy available 26.6%avail@xxxxxxxxxx
     pcp-pmie[2552]: Low random number entropy available 25.4%avail@xxxxxxxxxx
     pcp-pmie[2552]: Low random number entropy available 27.3%avail@xxxxxxxxxx
     pcp-pmie[2552]: Low random number entropy available 27.3%avail@xxxxxxxxxx
     pcp-pmie[2552]: Low random number entropy available 14.1%avail@xxxxxxxxxx

Resolution

  • Fix has been done to the upstream PCP where entropy check has been kept to 5 %. The tentative plan for the fix is to roll out in RHEL 9.3.

  • Follow the below workaround if you see Low random number entropy available in the logs:

    1. Disable the pmie logger for entropy.

      # pmieconf -f /var/lib/pcp/config/pmie/config.default disable entropy.available       
      
    2. The changes in the fix done in upstream PCPinclude setting the threshold value to 5% of the pool size. The threshold value is been kept at 12 which is 5% of the poolsize i.e 256.

      # pmieconf -f /var/lib/pcp/config/pmie/config.default 
      Updates will be made to /var/lib/pcp/config/pmie/config.default
      
      pmieconf> modify entropy.available threshold 12
      
      pmieconf> quit
      
  • Below is the code snippet of PCP which has been fixed in upstream.

    version - 6.0.3-47
    commit f75c932c296ac9cd0b142e98f873d701c9418adf
    Author: Nathan Scott <nathans@redhat.com>
    Date:   Thu Mar 23 04:36:21 2023 +1100
    
    pmieconf: add a minimum pct conjunction to entropy for small poolsizes
    
    diff --git a/src/pmieconf/entropy/available b/src/pmieconf/entropy/available
    index f5eb0ca01..9c07b5bc0 100644
    --- a/src/pmieconf/entropy/available
    +++ b/src/pmieconf/entropy/available
    @@ -8,7 +8,7 @@ rule    entropy.available
        predicate =
    "some_host (
        ( 100 * kernel.all.entropy.avail $hosts$ /
    -          kernel.all.entropy.poolsize $hosts$ ) >= 0 &&
    +          kernel.all.entropy.poolsize $hosts$ ) <= $minimum$ &&
        ( kernel.all.entropy.avail <= $threshold$ )
    )"
        enabled = yes
    @@ -30,6 +30,13 @@ unsigned     threshold
    "The threshold of entropy remaining available from the pool, in
    the range zero (none) to kernel.all.entropy.poolsize (plenty).";
    
    +percent        minimum
    +       default = 5    <---------------------------------------------------
    +       help    =
    +"Minimum percentage of available space below which the entropy
    +pool is considered depleted.  Range 0 (no available entropy) to
    +100 (entire entropy pool is available).";
    +
    string delta
        default = "2 min"
        help =
    

Root Cause

 # less  /var/lib/pcp/config/pmie/config.default | grep entropy

     // 1 entropy.available
        delta = 2 min;
        entropy.available = 
        some_host (
          ( 100 * kernel.all.entropy.avail  /
            kernel.all.entropy.poolsize  ) >= 0 &&
          ( kernel.all.entropy.avail <= 150 )
           ) -> syslog 10 min "Low random number entropy available" " %v%avail@%h";

Diagnostic Steps

  • Run the below command to check for the logs.
   #  less /var/log/messages | grep 'Low random number entropy available'

      pcp-pmie[2552]: Low random number entropy available 8.2%avail@xxxxxxxxxx
      pcp-pmie[2552]: Low random number entropy available 13.3%avail@xxxxxxxxxx
  • Component
  • pcp

This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.

Comments