Problem description

It's easy to have a... In an online environment java It's very time consuming to start an application , It can be found in the log that session Caused by the random number problem

o.a.c.util.SessionIdGeneratorBase        : Creation of SecureRandom instance for session ID generation using [SHA1PRNG] took [170,241] milliseconds.

analysis

stay Springboot There are built-in tomcat, stay tomcat In the optimization document given , One is about random number generation , Adopted “ Entropy source ”(entropy source) The strategy of .

He mentioned tomcat7 Of session id The generation of is mainly through java.security.SecureRandom Generate random number to realize , The random number algorithm uses ”SHA1PRNG”

private String secureRandomAlgorithm = "SHA1PRNG";

stay sun/oracle Of jdk in , The provider of this algorithm depends on the random data provided by the operating system at the bottom , stay linux On , Related to this is /dev/random and /dev/urandom. The difference for :

/dev/random It's a blocking generator

When reading ,/dev/random The device will return random bytes less than the total entropy pool noise ./dev/random It can generate high randomness public key or one-time codebook . If entropy pool is empty , Yes /dev/random The read operation of will be blocked , Until enough ambient noise is collected

and /dev/urandom It's a non blocking generator :

dev/random A copy of this is /dev/urandom (”unlocked”, Nonblocking random number generator ), It reuses the data in the entropy pool to produce pseudo-random data . This is right. /dev/urandom The read operation of will not block , But the entropy of its output may be less than /dev/random Of . It can be used as a pseudo-random number generator to generate lower strength passwords , Not recommended for generating high-strength long-term passwords .

It doesn't mean that /dev/urandom It's not a high-intensity pseudo-random number generator , This discussion can be seen in this discussion :/dev/urandom A story that has to be told

resolvent

Method 1

stay jre/lib/security/java.security This file contains

securerandom.source=file:/dev/random

Change it to

securerandom.source=file:/dev/./urandom

Method 2

Add the following system properties to the startup parameters

-Djava.security.egd=file:/dev/./urandom

This system property egd Represents the entropy collection daemon (entropy gathering daemon), But why is the value here in dev and random Add a point between them ? It's because of one jdk Of bug, In this bug There's feedback from someone in your connection securerandom.source Set to /dev/urandom It's still used /dev/random, There are alternative solutions , One of the workarounds is to securerandom.source Set to /dev/./urandom Talent

Say more

stay Docker How to add system parameters in

First, in the build Mirror image To use ENTRYPOINT for instance

FROM jdk:alpine-security8
WORKDIR / # Solve the problem of Chinese garbled code
ENV LANG en_US.UTF-8
ENV LANGUAGE en_US:en
ENV LC_ALL en_US.UTF-8 ADD sms-server.jar sms-server.jar
ADD application.properties application.properties
ADD bootstrap.properties bootstrap.properties
ENV TZ=Asia/Shanghai
RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone
## Use the following command add to -e JAVA_OPT It doesn't work
#ENTRYPOINT ["java","-jar","sms-server.jar"]
## You have to use this command
ENTRYPOINT java ${JAVA_OPTS} -jar sms-server.jar

Then add the corresponding... To the start command -e Parameters are OK for instance

docker run --name sms-server-security \
## The following can be
-e JAVA_OPTS='-Djava.security.egd=file:/dev/./urandom' \
-e spring.cloud.nacos.discovery.server-addr=192.169.1.82:8848 \
-e spring.cloud.nacos.config.server-addr=192.169.1.82:8848 \
-e spring.cloud.nacos.config.ext-config[0].data-id=sms-server-node1.properties \
-p 8070:8090 \
-v /opt/sms_server/log:/log \
-v /opt/sms_server/nacos:/root/nacos \
-d \
3a1c93c34756

Reference resources

https://hongjiang.info/jvm-random-and-entropy-source/

Springboot The program starts slowly and JVM More about random numbers on the pool

  1. CentOS7 Tomcat The startup process is slow ,JVM On the random number and entropy pool strategy

    1. CentOS7 Tomcat The startup process is slow stay centos Start the official tomcat when , The startup process is slow , It will take a few minutes , After checking the log , Discovery takes time here : yes session Caused by the random number problem : <co ...

  2. JVM On the random number and entropy pool strategy

    stay apache-tomcat Official documents : How to make tomcat There are some startup optimization items mentioned in startup faster , One of them is about random number generation , Adopted “ Entropy source ”(entropy source) The strategy of . He mentioned tomcat7 Of ...

  3. SpringBoot The initialization code is executed when the program starts

    Because the project integrates Redis Cache some data , You need to load data into when the program starts Redis in , That is to initialize data to Redis. stay SpringBoot Under the project , That is, after the container is initialized, we execute our own initialization code . First step : Create an implementation ...

  4. SpringBoot The program starts at Oracle Database table recharge

    Example project download link :https://files.cnblogs.com/files/xiandedanteng/gatling20200428-1.zip demand : At the start of the project Oracle Create tables in the database . ...

  5. In depth understanding of SpringBoot It starts to explore

    SpringApplication yes SpringBoot Start up procedure for , We pass it by run Method can quickly start a SpringBoot application . But what happened in this ? What kind of mechanism is it in to simplify the start of our program ? Pick up ...

  6. spring boot The slow start of the program ( Two )

    Today I found a server with springboot The program starts very slowly , It took a couple of minutes to fully start up . At first, I thought it was a problem with the code that caused the block , Until you see this log: 2017-03-08 10:06:49.600 INF ...

  7. JVM Memory model and HotSpot Of GC Strategy

    summary Want to learn more about Java Language , It's important to have a deeper understanding of Java The running environment of the program . This article will JVM Memory model .Java Automatic memory management mechanism . as well as Oracle The official virtual machine HotSpot stay GC The implementation strategy of aspect is roughly combed ...

  8. 【Linux】【 Self study notes 】docker Building a spring-boot Program

    Write at the beginning     Recent trouble Linux, Install virtual machine VMware And installed CentOS 7 System , Start studying Linux, But I can't do it , It's a step-by-step study combined with the things used in the work , It's not that smooth . Here is my blog , Record in the process ...

  9. SpringBoot FatJar Start the principle

    Catalog SpringBoot FatJar Start the principle background Reserve knowledge URLStreamHandler Archive pack SpringBoot start-up Expand SpringBoot FatJar Start the principle back ...

  10. ( turn )springboot Apply the startup principle ( Two ) Expand URLClassLoader Implement nesting jar load

    turn :https://segmentfault.com/a/1190000013532009 In the last article <springboot Apply the startup principle ( One ) Embed the startup script in jar> This paper introduces the in springb ...

Random recommendation

  1. Use IntelliJ IDEA 14 and Maven establish java web project

    Reference address http://www.cnblogs.com/jifeng/p/4658765.html

  2. html5 Medium postMessage Solving cross domain problems

    There are many ways to solve cross domain problems , Such as : Images ping( Simple ).jsonp( The disadvantage is that it can't achieve cross domain post).CROS(CORS The essence of this is to let the server add a response header Access-Control-Allow-Origin, adopt ...

  3. BZOJ.4184.shallot( Segment tree divide and conquer Linear base )

    BZOJ Naked line segment tree divide and conquer + Linear base , It's slow running _(:з」∠)_ . I don't know what they wrote =-= //41652kb 11920ms #include <map> #include < ...

  4. mybatis and hibernate The difference between

    1. hibernate It's fully automatic , and mybatis It's semi-automatic hibernate The operation of database can be realized through object relation model , Have complete JavaBean Object and database mapping structure to automatically generate sql. and mybat ...

  5. python-- Use pymyslq Operating the database

    1. install pymysql Type... On the command line pip install pymysql : 2.pycharm Connect mysql Before proceeding with the following contents of this article, we need to pay attention to : You have one MySQL database , And it's started . You can ...

  6. SQL Server There is not enough memory to continue executing the program

    There's a table with a huge amount of data , When I click generate script , Like new windows , But I can't , Too much data , So choose to save the file , Saved locally . Then I click execute , There is no memory to execute ... Or because of the amount of data terms of settlement , Use sqlcm ...

  7. Python Learning notes --- Crawling the pirate king animation

    Recently boring finishing crawler code , Can automatically crawl any cartoon of Tencent animation , Ideas as follows : 1. Get the animation you want to download first url, This is used here.  getUrls , Get the last chapter of animation directly 2. Then go to the animation to get the pictures to download url ...

  8. Upgrade Huawei s2016

    Part 1 upgrade Bootrom summary : Start up menu , use xmodem Agreement upgrade BootRom The upgraded files are as follows : wnm2.2.3-0004.zip :web Network management zip Compress package file . S2008_16-VR ...

  9. ionic in generate page after module.ts The solution to reporting a mistake

    The problem is that Ionic The official version of 2.2 Upgrade to Ionic3 After that , In the project generate page when , Automatically created module.ts Just report a mistake , as follows : The solution is as follows : 1) take IonicModule Replace ...

  10. ASP.NET MVC 3 Performance – on par with MVC 2

    http://blogs.msdn.com/b/marcinon/archive/2011/01/17/mvc-3-performance.aspx ASP.NET MVC 3 Performance ...