docker+tomcat Reasons for very slow startupJRE /dev/random block
docker+tomcat Very slow to start, It normally starts for tens of seconds, finddocker+tomcat How many minutes does it take to start, It is beyond logic and above reason
The root cause is SecureRandom this jre The problem of tool class of. Why then? SecureRandom generateSeed So slow, Even hanging on
Linux What about the operating system?
Tomcat 7/8 All use
org.apache.catalina.util.SessionIdGeneratorBase.createSecureRandom Class generates safe random class
SecureRandom As session ID.
SecureRandom generateSeed Use /dev/random Seed generation. however /dev/random
It's a blocking digital generator, If it doesn't have enough random data to provide, It's waiting, This forced JVM
wait for. Keyboard and mouse input and disk activity can produce the required randomness or entropy. But there is a lack of such activity on one server, There may be problems.
1. stayTomcat Solution in environment：
Can be configured by JRE Use non blocking Entropy Source：
stay catalina.sh Add such a line to it：-Djava.security.egd=file:/dev/./urandom that will do.
2. stay JVM Solution in environment（ I use this method）：
openjdk Installation path $JAVA_PATH/jre/lib/security/java.security This document, Find the following：
Perfect solution to the problem
Why is it worth here dev and random Add a point between them? Because of one JDK Of bug, Some people say that even if securerandom.source Set to
/dev/urandom It's still in use /dev/random, Someone has provided an alternative solution, One of the alternatives is to securerandom.source
Set to /dev/./urandom Talent. There are also comments that this is not bug, It's intentional.