I recently migrated a opnsense instance from Proxmox to the Hetzner Cloud (migrated = fresh install).
On proxmox OpnSense idled all the time, on the Hetzner cloud a core is occupied by rand_harvestq all the time:
7 root -16 - 0 16K CPU1 1 828:46 99.98% [rand_harvestq]
11 root 155 ki31 0 32K RUN 0 804:31 90.48% [idle{idle: cpu0}]
I already tried to set kern.random.harvest.mask to 511 via sysctl and via the tunables section of OPNsense (kern.random.harvest.mask = 511).
This didn't change the kern.random.harvest.mask value when i checked this with sysctl.
Any idea on how i could solve this issue?
asked Hetzner Support: reply was that they don't support OpnSense officially and therefore are not supporting this issue.
If you were still on proxmox I would advise to ad a virtio rnd device, perhaps you had it already in your vm config.
Possibly related to lack of entropy and by adding this device you could switch the source providing entropy.
Perhaps there is such a thing in hetzner cloud, you could ask if they have something similar.
Seems that hetzner runs KVM hypervisor too, so probably qemu and virtio rng is a qemu feature.