DEV Community

ScaleGrid for ScaleGrid

Posted on • Edited on • Originally published at scalegrid.io

Meltdown Performance Impact on MongoDB: AWS, Azure & DigitalOcean

Meltdown and Spectre Vulnerabilities

What are these new critical vulnerabilities? "Meltdown" and "Spectre" are vulnerabilities in the way many modern microprocessor designs implement speculative execution of instructions. Independently discovered last June, these vulnerabilities can be exploited by malicious programs to steal sensitive information from personal computers, mobile devices, and even cloud infrastructures where millions of businesses store their customer data profiles. More detailed information can be found at CVE-2017-5715  and CVE-2017-5754 .

  • Meltdown

    Meltdown breaks the most fundamental isolation between user applications and the operating system. Read more.

  • Spectre

    Spectre breaks the isolation between different applications. Read more.

Over the past week, the ScaleGrid team has run performance tests to determine the impact of the Meltdown CPU kernel patch on our MongoDB servers. In this post, we'll cover the results of the Meltdown tests we ran for each of the three cloud platforms that we support - Amazon AWS, Microsoft Azure and DigitalOcean (DO).

Test Rig

We used Yahoo! Cloud Serving Benchmark (YCSB) to run these tests, and run against our 'Large' instance type - typically with around 8GB of RAM. Here are the two primarily we ran:

  1. Insert workload
  2. Workload A/Balanced workload:  50% Reads, 50% Writes

For more details on the testing methodology, please refer to our post, How to Benchmark MongoDB with YCSB.

Cloud Meltdown Test Summary

  • AWS

    4%-5% hit on insert workload and 2-3% hit on the balanced workload (50% read, 50% write).
  • Azure

    10-20% hit on insert workload and a 20-25% hit on the balanced workload.
  • DigitalOcean

    30% hit on insert workload and ~30% hit on the balanced workload.

AWS Meltdown Tests

We use AWS Amazon linux for all our MongoDB and Redis clusters on AWS. For more details on the patches, refer to the  AWS Security Bulletin.

awsinsertperformanceAWSWorkloadAPerformance

AWS Tests Summary

On average, we're seeing a 4%-5% hit on AWS insert flow and 2-3% hit on the balanced workload. The underlying instance type for this type is an 'HVM type' (hardware virtual machine) - so the expected impact is minimal. With Paravirtual (PV) instance types, the impact will be much larger (closer to what we see and outline with Azure below).

Azure Meltdown Tests

We use CentOS 6 for all our MongoDB clusters on Azure.  Here's where you can find more information about the Azure patches and the Microsoft Windows patches.

azureinsertperformance

AzureBalancedworkloadperformance

Azure Tests Summary

On average, we're seeing a 10-20% hit in the Azure insert workload and a 20-25% hit in the balanced workload.

DigitalOcean Meltdown Tests

We use CentOS 6 for all our MongoDB clusters on DigitalOcean. Here's where you can find more information on the patches available for your DigitalOcean droplets. digitaloceaninsertperformance digitaloceanbalancedworkload

DigitalOcean Tests Summary

We see a 30% hit on insert performance and around 30% hit in the balanced workload.

We're committed to helping our customers keep their MongoDB servers patched and secure from vulnerabilities. To learn more about further protecting your MongoDB cloud deployments, check out our post, The Three A's of MongoDB Security - Authentication, Authorizing & Auditing.

If you have any questions on Meltdown protection for your MongoDB servers, please reach out to us at support@scalegrid.io.

Top comments (0)