During installation of DX Platform 21.3.1 onprem under Openshift 4.8 container platform the entropy on one worker node measured as "ssh [email protected] cat /proc/sys/kernel/random/entropy_avail" is decreasing dramatically and finally going to value 0. 

It has already been reported to RedHat and after analyzing sos report for affected node we got the recommendation to use "/dev/urandom" device instead of using "/dev/random" for the application, but unfortunately this cannot be changed.

Actually we are trying to get a fast work-around from RedHat, but we also need a long-term solution from Broadcom, e.g. implementing of the RedHat recommendation using /dev/urandom.

Release : 21.3

Component : Introscope

It would be valid to edit the yaml files to edit the value of APM_FIPS_ENABLE before an install (or an upgrade)

The value of APM_FIPS_ENABLE property in the apmservices-common config map. If we do not require FIPS mode, we can disable it, set the property to false. It partially alleviates the entropy source pressure. The Docker entry point scripts of our images actually already set the java.security.egd property in the non-FIPS mode.
 
If we do want to run in FIPS mode, we need a good source of entropy. That means /dev/random. It is not just the property. We actually ask for getInstanceStrong() which routes to /dev/random regardless of the property. This is not going to change.
 
https://www.mail-archive.com/[email protected]/msg136677.html