Entropy inside a virtual machine is very limited compared to physical machines and in some cases can cause issues[1] KVM has support for a paravirtualized random number generator virtio-rng[1]. This option should only be supported on cluster level 3.3. This requires RHEL 6.5 which adds libvirt and qemu-kvm support. By default the option should not be set. A user should be given the option to add a paravirt RNG. The UI should be simple checkbox - "enable paravirtualized random number generator". The default should be off/not-selected. For 99.9% of users this should provide adequate functionality. For those who want more configuration we should enable this through custom properties so that we don't overcomplicate the UI. By default we should set the mode to 'backend' to random using device /dev/random. The following custom properties should be added (names can be discussed) rng-device -> /dev/random or /dev/hwrng rng-period -> (time in ms) rng-bytes -> Libvirt documentation can be found at [3] [1] http://log.amitshah.net/2013/01/about-random-numbers-and-virtual-machines/ [2] http://wiki.qemu.org/Features-Done/VirtIORNG [3] http://libvirt.org/formatdomain.html#elementsRng
*** Bug 852189 has been marked as a duplicate of this bug. ***
adding full GUI options instead of cust props would be easy enough. Except for rdg where there are too many different options.
Shouldn't target release be set to something and not to anything, according to policy, Itamar?
(In reply to Sven Kieske from comment #6) > Shouldn't target release be set to something and not to anything, according > to policy, Itamar? for bugs to make sure they are always on the radar. for RFEs they need to be planned for a version as part of version planning, so can wait on "---" as they get reviewed usually as part of version planning. folks usually give enough attention to feature requests, less so to bugs.
tentatively planned for 3.5
removing from the 3.5 release because of lack of QEMU support in RHEL 6.5
Note: Requires libvirt from RHEL 6.6+ / Fedora 19+ code-wise the feature is complete in 3.5 already
we're complete in 3.5 code base
Just a QA update - verification is waiting till QEMU 1.3 is released.
Verified using: rhevm-3.5.0-0.17.beta.el6ev.noarch libvirt-0.10.2-46.el6.x86_64 vdsm-4.16.7.1-1.el6ev.x86_64 sanlock-2.8-1.el6.x86_64 qemu-kvm-rhev-0.12.1.2-2.448.el6.x86_64
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHSA-2015-0158.html