最近做了一次服務(wù)器遷移意推, 遷完新服務(wù)器后,應(yīng)用在啟動(dòng)時(shí)铅乡,連接數(shù)據(jù)庫(kù)發(fā)生異常java.net.SocketException: Connection reset. JDBC驅(qū)動(dòng)是11g榔幸。
異常 Connection reset
Caused by: java.net.SocketException: Connection reset
at java.net.SocketOutputStream.socketWrite(SocketOutputStream.java:113) ~[?:1.8.0_65]
at java.net.SocketOutputStream.write(SocketOutputStream.java:153) ~[?:1.8.0_65]
at oracle.net.ns.DataPacket.send(DataPacket.java:210) ~[ojdbc-6-11.2.0.3.jar:11.2.0.3.0]
at oracle.net.ns.NetOutputStream.flush(NetOutputStream.java:230) ~[ojdbc-6-11.2.0.3.jar:11.2.0.3.0]
at oracle.net.ns.NetInputStream.getNextPacket(NetInputStream.java:312) ~[ojdbc-6-11.2.0.3.jar:11.2.0.3.0]
at oracle.net.ns.NetInputStream.read(NetInputStream.java:260) ~[ojdbc-6-11.2.0.3.jar:11.2.0.3.0]
at oracle.net.ns.NetInputStream.read(NetInputStream.java:185) ~[ojdbc-6-11.2.0.3.jar:11.2.0.3.0]
at oracle.net.ns.NetInputStream.read(NetInputStream.java:102) ~[ojdbc-6-11.2.0.3.jar:11.2.0.3.0]
at oracle.jdbc.driver.T4CSocketInputStreamWrapper.readNextPacket(T4CSocketInputStreamWrapper.java:124) ~[ojdbc-6-11.2.0.3.jar:11.2.0.3.0]
at oracle.jdbc.driver.T4CSocketInputStreamWrapper.read(T4CSocketInputStreamWrapper.java:80) ~[ojdbc-6-11.2.0.3.jar:11.2.0.3.0]
at oracle.jdbc.driver.T4CMAREngine.unmarshalUB1(T4CMAREngine.java:1137) ~[ojdbc-6-11.2.0.3.jar:11.2.0.3.0]
at oracle.jdbc.driver.T4CTTIfun.receive(T4CTTIfun.java:290) ~[ojdbc-6-11.2.0.3.jar:11.2.0.3.0]
at oracle.jdbc.driver.T4CTTIfun.doRPC(T4CTTIfun.java:192) ~[ojdbc-6-11.2.0.3.jar:11.2.0.3.0]
at oracle.jdbc.driver.T4CTTIoauthenticate.doOSESSKEY(T4CTTIoauthenticate.java:404) ~[ojdbc-6-11.2.0.3.jar:11.2.0.3.0]
at oracle.jdbc.driver.T4CConnection.logon(T4CConnection.java:385) ~[ojdbc-6-11.2.0.3.jar:11.2.0.3.0]
at oracle.jdbc.driver.PhysicalConnection.<init>(PhysicalConnection.java:546) ~[ojdbc-6-11.2.0.3.jar:11.2.0.3.0]
at oracle.jdbc.driver.T4CConnection.<init>(T4CConnection.java:236) ~[ojdbc-6-11.2.0.3.jar:11.2.0.3.0]
at oracle.jdbc.driver.T4CDriverExtension.getConnection(T4CDriverExtension.java:32) ~[ojdbc-6-11.2.0.3.jar:11.2.0.3.0]
at oracle.jdbc.driver.OracleDriver.connect(OracleDriver.java:521) ~[ojdbc-6-11.2.0.3.jar:11.2.0.3.0]
java.net.SocketException: Connection reset 異常的發(fā)生坊谁,一般是因?yàn)檫B接的一方關(guān)閉了連接搔耕,而另一方依然從連接從讀或?qū)懴对蜁?huì)拋出該異常。
嘗試重啟應(yīng)用在多次后弃榨,又能正常啟動(dòng)并連上數(shù)據(jù)庫(kù)菩收。甚是奇怪。啟動(dòng)的時(shí)候鲸睛,觀察日志輸出娜饵,在初始化連接池的時(shí)候卡頓了好幾分鐘,然后就拋出以上的異常了官辈。谷歌了下箱舞,有人說(shuō)是因?yàn)閛racle在登錄的時(shí)候遍坟,需要調(diào)用那個(gè)SecureRandom.nextBytes,造成了長(zhǎng)時(shí)間掛起褐缠,導(dǎo)致連接超時(shí)被關(guān)閉了政鼠。
間隔時(shí)間jstack 了進(jìn)程幾次风瘦,發(fā)現(xiàn)SecureRandom.nextBytes 確實(shí)長(zhǎng)時(shí)間掛起了队魏,沒(méi)有返回。
"localhost-startStop-1" #20 daemon prio=5 os_prio=0 tid=0x00007f0cdc001800 nid=0x4e64 runnable [0x00007f0d64119000]
java.lang.Thread.State: RUNNABLE
at java.io.FileInputStream.readBytes(Native Method)
at java.io.FileInputStream.read(FileInputStream.java:255)
at sun.security.provider.SeedGenerator$URLSeedGenerator.getSeedBytes(SeedGenerator.java:539)
at sun.security.provider.SeedGenerator.generateSeed(SeedGenerator.java:144)
at sun.security.provider.SecureRandom$SeederHolder.<clinit>(SecureRandom.java:203)
at sun.security.provider.SecureRandom.engineNextBytes(SecureRandom.java:221)
- locked <0x000000077c2c8850> (a sun.security.provider.SecureRandom)
at java.security.SecureRandom.nextBytes(SecureRandom.java:468)
- locked <0x000000077c2c8b70> (a java.security.SecureRandom)
at oracle.security.o5logon.O5Logon.a(Unknown Source)
at oracle.security.o5logon.O5Logon.<clinit>(Unknown Source)
at oracle.jdbc.driver.T4CTTIoauthenticate.<init>(T4CTTIoauthenticate.java:566)
at oracle.jdbc.driver.T4CConnection.logon(T4CConnection.java:370)
at oracle.jdbc.driver.PhysicalConnection.<init>(PhysicalConnection.java:546)
at oracle.jdbc.driver.T4CConnection.<init>(T4CConnection.java:236)
at oracle.jdbc.driver.T4CDriverExtension.getConnection(T4CDriverExtension.java:32)
at oracle.jdbc.driver.OracleDriver.connect(OracleDriver.java:521)
解決方法:
增加啟動(dòng)參數(shù)
-Djava.security.egd=file:/dev/../dev/urandom
延伸 random 和 urandom
/dev/random 和/dev/urandom 是linux 提供用于產(chǎn)生隨機(jī)數(shù)的設(shè)備万搔。他們產(chǎn)生隨機(jī)數(shù)的原理是利用當(dāng)前系統(tǒng)的熵池來(lái)計(jì)算出固定一定數(shù)量的隨機(jī)比特胡桨,然后將這些比特作為字節(jié)流返回。熵池就是當(dāng)前系統(tǒng)的環(huán)境噪音瞬雹,熵指的是一個(gè)系統(tǒng)的混亂程度昧谊,系統(tǒng)噪音可以通過(guò)很多參數(shù)來(lái)評(píng)估,如內(nèi)存的使用酗捌,文件的使用量呢诬,不同類(lèi)型的進(jìn)程數(shù)量等等。如果當(dāng)前環(huán)境噪音變化的不是很劇烈或者當(dāng)前環(huán)境噪音很小胖缤,比如剛開(kāi)機(jī)的時(shí)候尚镰,而當(dāng)前需要大量的隨機(jī)比特,這時(shí)產(chǎn)生的隨機(jī)數(shù)的隨機(jī)效果就不是很好了哪廓。
/dev/random 在不能產(chǎn)生新的隨機(jī)數(shù)時(shí)會(huì)阻塞程序直到新的環(huán)境噪音被收集狗唉,而/dev/urandom不會(huì)阻塞,它會(huì)重用已有的熵池來(lái)產(chǎn)生新的隨機(jī)數(shù)涡真,當(dāng)然它生產(chǎn)的隨機(jī)數(shù)效果就不太好分俯。
SecureRandom默認(rèn)使用/dev/random來(lái)產(chǎn)生數(shù)據(jù)數(shù)。
在SecureRandom 的javadoc 并提到了在讀取/dev/random 可能發(fā)生的阻塞哆料。
Depending on the implementation, the generateSeed and nextBytes methods may block as entropy is being gathered, for example, if they need to read from /dev/random on various unix-like operating systems.
