After processing the first few devices in a multi-device pull job, progress on the remaining devices progresses very slowly.
In order to maintain security of information accumulated/manipulated by NCM, when a configuration change on a device is detected the Device Server performs encryption of all newly acquired device configuration data before sending it back to the Application Server to be checked into the Postgres Control Database. To facilitate encryption, the Device Server takes advantage of the Linux /dev/random functionality to acquire a random seed. The Linux /dev/random capability is designed to take advantage of events on the host where Linux is installed that generate constantly changing data, such hardware interrupts issued by host hardware components. This constantly changing data is referred to collectively as the entropy pool and is how /dev/random the is able to simulate randomness.
When the Linux operating system is installed on a virtual machine, no physical hardware is present to generate the entropy pool utilized by the Linux /dev/random functionality. This significantly reduces the host's available sources of simulated randomness and greatly reduces the rate at which the /dev/random entropy pool replenishes.
The Linux rngd command, which is contained in the rng-tools package, initializes the rngd process. The rngd process is a background process that feeds simulated random numbers into the /dev/random entropy pool utilizing default host Linux simulated random number generators such as /dev/hwrng or /dev/hwrandom. This allows the entropy pool utilized by /dev/random on virtual machines to be replenished in a more timely manner.
The command can be executed from a Linux shell on the Device server as follows:
sudo rngd
In the absence of a simulated default random number generator, other random number generators can be specified. See the Linux man page for additional detail covering the rngd command.
NCM Device Server's installed on virtual machines running multi-device pull configuration jobs may quickly deplete the Linux /dev/random entropy pool. This can cause job processing delays encrypting newly pulled device configuration files where configuration changes have been detected while the Device Server waits for the /dev/random entropy pool to replenish so a new random seed can be acquired for use in encrypting the newly pulled device data.