Low entropy freezes Docker on boot

[BenHall]

Forgive me if this is the wrong repo.

When a machine boots, if it has low entropy then halt will freeze as it is using getRandom system call.

$ cat /proc/sys/kernel/random/entropy_avail
116

Here is a full stack trace: https://gist.github.com/BenHall/0eb59c997be5a96cae883492f1cf779e

After a period of time, once enough entropy is available, docker will start. Once it has started, it no longer appears to depend upon getRandom.

This was introduced sometime after 17.09. I believe 18.03 release. We have created a workaround but it's adding a lot of unrequired load to our systems.

[cpuguy83]

Sounds possibly similar to containerd/containerd#2451

[justincormack]

The containerd issue came up from LinuxKit, after the Linux kernel changes that meant that early stage (buggy, apparently) entropy was no longer added; it is going to be hard to not get code to require entropy though.

I highly recommend you find an entropy source for your machines. I can give advice on that, depending on your environment. I don't think we will be able to fix it in Docker, eg if you use TLS connections, Swarm mode, etc etc we do require random numbers.