Bug 977079

Summary: [RFE] Add virtio-rng support [EL 6.6 only]
Product: Red Hat Enterprise Virtualization Manager Reporter: Andrew Cathrow <acathrow>
Component: RFEsAssignee: Frantisek Kobzik <fkobzik>
Status: CLOSED ERRATA QA Contact: Nisim Simsolo <nsimsolo>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: unspecifiedCC: fkobzik, iheim, jfenal, juwu, knoel, lpeer, mavital, michal.skrivanek, nsimsolo, pmoore, rbalakri, sherold, s.kieske
Target Milestone: ---Keywords: FutureFeature
Target Release: 3.5.0Flags: sherold: Triaged+
Hardware: Unspecified   
OS: Unspecified   
Whiteboard: virt
Fixed In Version: ovirt-3.5.0-beta2 Doc Type: Enhancement
Doc Text:
This feature adds support for enabling a paravirtualized random number generator (RNG) in virtual machines. To use this feature, the random number generator source must be set at cluster level to ensure all hosts support and report desired RNG device sources. This feature is supported in Red Hat Enterprise Linux hosts of version 6.6 and higher.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2015-02-11 17:53:23 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1142923, 1156165    

Description Andrew Cathrow 2013-06-23 10:44:38 UTC 
Entropy inside a virtual machine is very limited compared to physical machines and in some cases can cause issues[1]

KVM has support for a paravirtualized random number generator virtio-rng[1].

This option should only be supported on cluster level 3.3.
This requires RHEL 6.5 which adds libvirt and qemu-kvm support.

By default the option should not be set.
A user should be given the option to add a paravirt RNG.

The UI should be simple checkbox - "enable paravirtualized random number generator".
The default should be off/not-selected.

For 99.9% of users this should provide adequate functionality.
For those who want more configuration we should enable this through custom properties so that we don't overcomplicate the UI.

By default we should set the mode to 'backend' to random using device /dev/random.


The following custom properties should be added (names can be discussed)

rng-device  -> /dev/random or /dev/hwrng
rng-period  -> (time in ms)
rng-bytes   -> 








Libvirt documentation can be found at [3]


[1] http://log.amitshah.net/2013/01/about-random-numbers-and-virtual-machines/
[2] http://wiki.qemu.org/Features-Done/VirtIORNG
[3] http://libvirt.org/formatdomain.html#elementsRng
Comment 2 Andrew Cathrow 2013-06-23 15:21:23 UTC 
*** Bug 852189 has been marked as a duplicate of this bug. ***
Comment 3 Michal Skrivanek 2013-07-03 03:56:18 UTC 
adding full GUI options instead of cust props would be easy enough. Except for rdg where there are too many different options.
Comment 6 Sven Kieske 2014-01-27 13:29:21 UTC 
Shouldn't target release be set to something and not to anything, according
to policy, Itamar?
Comment 7 Itamar Heim 2014-01-27 13:35:23 UTC 
(In reply to Sven Kieske from comment #6)
> Shouldn't target release be set to something and not to anything, according
> to policy, Itamar?

for bugs to make sure they are always on the radar.
for RFEs they need to be planned for a version as part of version planning, so can wait on "---" as they get reviewed usually as part of version planning. folks usually give enough attention to feature requests, less so to bugs.
Comment 8 Michal Skrivanek 2014-02-13 08:14:12 UTC 
tentatively planned for 3.5
Comment 11 Michal Skrivanek 2014-05-28 14:32:37 UTC 
removing from the 3.5 release because of lack of QEMU support in RHEL 6.5
Comment 12 Michal Skrivanek 2014-07-17 06:31:39 UTC 
Note: Requires libvirt from RHEL 6.6+ / Fedora 19+
code-wise the feature is complete in 3.5 already
Comment 13 Michal Skrivanek 2014-07-25 08:18:53 UTC 
we're complete in 3.5 code base
Comment 14 Pavel Novotny 2014-08-29 16:34:16 UTC 
Just a QA update - verification is waiting till QEMU 1.3 is released.
Comment 16 Nisim Simsolo 2014-10-27 07:21:12 UTC 
Verified using:
rhevm-3.5.0-0.17.beta.el6ev.noarch
libvirt-0.10.2-46.el6.x86_64
vdsm-4.16.7.1-1.el6ev.x86_64
sanlock-2.8-1.el6.x86_64
qemu-kvm-rhev-0.12.1.2-2.448.el6.x86_64
Comment 18 errata-xmlrpc 2015-02-11 17:53:23 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHSA-2015-0158.html