nifi-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Michael Moser <moser...@gmail.com>
Subject Long start time for NiFi on a VM
Date Fri, 04 Sep 2015 21:24:13 GMT
I have experienced some long start times for NiFi while running on a
virtual machine.  This happens randomly so it has just been a minor
annoyance.  Well I finally spent some time investigating why, and this is
what I learned.  In my nifi-app.log I would see log messages like this.
Note the 13 minute startup ...

2015-09-01 17:12:02,237 INFO [main] /nifi-api Initializing Spring root
WebApplicationContext
2015-09-01 17:25:02,321 INFO [main] o.a.n.p.PersistentProvenanceRepository
Recovered 0 records

On low entropy environments, such as a VM on cloud services, it can take a
long time to generate random numbers using java.security.SecureRandom.
This is needed for encryption which NiFi does with encrypting sensitive
properties, SSL, and more.  Some references to other experiences with this
are [1], [2] and [3].

So I took their advice and modified my bootstrap.conf to add this line, and
my NiFi startup problems went away!

java.arg.15=-Djava.security.egd=file:/dev/./urandom

I think this deserves a note in the Admin Guide, perhaps in the Best
Practice section.  Using /dev/urandom on Linux to generate random numbers
doesn't seem to be any less secure than /dev/random [4].

-- Mike


[1] -
http://stackoverflow.com/questions/137212/how-to-solve-performance-problem-with-java-securerandom
[2] - https://github.com/kaazing/gateway/issues/167
[3] -
http://stackoverflow.com/questions/26227344/oracle-java-8-x64-for-linux-and-randomsource
[4] - http://www.2uo.de/myths-about-urandom/

Mime
View raw message