Docker compose and entropy

Photo by Markus Spiske on Unsplash

Ran into a seemingly commonplace problem (my docker-compose was hanging randomly) with an extremely unexpected answer (my system was running out of entropy)!

TL;DR: install haveged on your system

What is entropy? It’s basically the “randomness” on your machine from your interactions with it (keyboard, mouse, hard drive activity, web activity). Entropy is used in security applications such as SSH, PGP, SSL/TLS and random number generators.

So how does this affect docker-compose? According to this thread, one of the docker-compose dependencies makes a call out to /dev/random and a machine that doesn’t have enough entropy will block docker-compose. After a fixed amount of time, that docker-compose dependency gives up waiting for /dev/random and polls /dev/urandom instead which is less secure (less random, but also non-blocking).

Generally if you’re on a bare metal, entropy won’t be a problem. But in a VPS environment where there are no keyboard/mouse interactions and the hard drives are virtualized (less random), entropy can get low.

You can check the entropy of your system by using:

Generally, the larger the better, and anything over 1000 is “good enough”.

If your entropy is too low, you can install haveged :

What is haveged and how does it work? To the best of my understanding, it is similar to how /dev/random generate entropy bits, but adds in more sources of information, such as CPU clock cycle timing and cache misses. A very interesting read on this can be found here.

Tech junkie, entrepreneur dreamer, practical engineer