tl;dr: We're adding the default VirtIO-RNG device to ensure guests are
not starved of entropy (and thus not hang) during boot time.
Background
----------
From Nova Git history, commit b94550f419 ("libvirt: configuration
element for a random number generator device") _did_ add a default RNG
device (but with its entropy source to the undesirable '/dev/random').
However, the default RNG device was immediately removed in another
commit (605677c -- "libvirt: remove explicit /dev/random rng default"),
with this rationale:
libvirt (or rather qemu) will default to /dev/random if no rng device
path is specified [...]
It's preferable for us to not duplicate this default to allow for a
future where libvirt or the hypervisor needs to make more intelligent
decisions about the default device to use.
The above reasoning doesn't hold up, because:
(a) libvirt does not make "policy" decisions, such as choosing an
entropy source (or any other such). Therefore Nova, as a management
application, should make the decision here.
(b) More importantly, when QEMU exposes a VirtIO-RNG device to the
guest, that device needs a source of entropy; and QEMU by default
uses the legacy and problematic `/dev/random` as the source —
instead of the preferred `/dev/urandom`. So QEMU's default for
VirtIO-RNG devices is not sufficient, and Nova should not rely on
it. (Discussion[+] on 'qemu-devel' list to consider changing QEMU's
default.)
* * *
In this patch:
- Make Nova configure a VirtIO-RNG device by default for guests.
(Which will be using `/dev/urandom` as the default entropy source.)
This will also work for Windows guests, when using VirtIO-Win
drivers[*] on the Linux host.
- The 'hw_rng_model' image metadata property is now rendered
(temporarily) useless -- as it's not used anywhere outside the
_add_rng_device() method. But we don't want to deprecate it yet, as
we may extend it (see code comment for details); docucment that.
[*] https://docs.pagure.org/docs-fedora/create-windows-vms-using-virtio.html
[+] https://lists.nongnu.org/archive/html/qemu-devel/2018-09/msg02724.html
-- "[RFC] Virtio RNG: Consider changing the default entropy source to
/dev/urandom?"
Closes-Bug: #1789868
Change-Id: I28e66c9640c38d23b8c0dbd0b05f5260bfcf6d30
Signed-off-by: Kashyap Chamarthy <kchamart@redhat.com>
de512f2c02