1.2 KiB
1.2 KiB
Hardware RNG into a Ganeti Instance (from Hans Kuhn)
On ganeti node:
gnt-instance modify -H kvm_extra="-device virtio-rng" foo.rg.net
You'll need to activate the change by restarting the hypervisor from ganeti cli: gnt-instance stop foo && gnt-instance start foo
Inside foo.rg.net:
apt install rng-tools
That creates /dev/hwrng which is the KVM pass-thru for virtio-rng.
systemctl status rng-tools.service
rng-tools.service - Add entropy to /dev/random 's pool a hardware RNG
Loaded: loaded (/lib/systemd/system/rng-tools.service; enabled; vendor preset: enabled)
Active: active (running) since Thu 2022-01-06 03:42:52 UTC; 59s ago
Main PID: 909 (rngd) Tasks: 1 (limit: 2274) Memory: 188.0K CGroup: /system.slice/rng-tools.service └─909 /usr/sbin/rngd -r /dev/hwrng -f
Note the last line that shows rng-tools found /dev/hwrng.
N.B.: I haven't run rngtest or done any other test atm to check the randomness, but it seems to work.
If you want to do this for all guests, you can do 'gnt-cluster modify' instead and set kvm_extra there.
gnt-cluster modify -H kvm:kvm_extra="-device virtio-rng"
I just wanted to demo how to do this for a single guest.
tada!
2022.01.06