A datacenter scenario seems like a good fit for a centralized source of entropy, like a server with a dedicated high quality entropy source (maybe some kind of geiger counter/nuclear decay based source?). Very early in the boot process query the entropy server for a truly random seed and go from there to initialize your random algorithm, kind of like NTP and network time sources. Security would be something to pay attention to as you wouldn't want an attacker to ever get control of providing entropy.
Assuming you fully trust your PRNG algorithm, you really only need to do this once, generate a seed, then hash it with the current time(Assuming you have a trusted source), and whatever other entropy you have, plus the untrusted hardware RNG.
A backdoored RNG is unlikely to ever repeat patterns, that would be obvious, so it should be trustworthy enough to create a unique number.
It also probably, but not definitely can't phone home without someone noticing(Unless it can target specific people who aren't looking), and if it can, it can also send anything else it wants anyway.
An insecure but unique seed hashed with a secret machine specific value should be safe, it's not like they can manipulate the final value without having a way to break the hash, right?
You could even reuse the secret between machines as long as the attacker doesn't know it and everything else in the hash is unique.
Whatever network boot thingy or ansible job could provision random seeds when it updates the OS.
