Slow startup on Tomcat 7.0.57 because of SecureRandom
I'm using Tomcat 7.0.57 on CentOS 6.6 32 bit and openJDK7. When I start 14 different instances of Tomcat on my server(production environment), many of them take too much time to start.
This is part of the startup log, which tells me where is taking all the time
Jan 28, 2015 2:49:41 PM org.apache.catalina.util.SessionIdGenerator createSecureRandom
INFO: Creation of SecureRandom instance for session ID generation using [SHA1PRNG] took [199,620] milliseconds.
What's the best practice/solution for this problem?
Thanks!
Answer
I faced same issue of tomcat being too slow to start. I followed this article on DigitalOcean and installed haveged instead of using urandom.
haveged is a solution which will not compromise on security.
haveged allows generating randomness based on variations in code execution time on a processor. Since it's nearly impossible for one piece of code to take the same exact time to execute, even in the same environment on the same hardware, the timing of running a single or multiple programs should be suitable to seed a random source. The haveged implementation seeds your system's random source (usually /dev/random) using differences in your processor's time stamp counter (TSC) after executing a loop repeatedly
How to install haveged
Follow the steps in this article. https://www.digitalocean.com/community/tutorials/how-to-setup-additional-entropy-for-cloud-servers-using-haveged
I have posted it here