Meltdown Performance Impact on MongoDB: AWS, Azure & DigitalOcean

Meltdown and Spectre Vulnerabilities

What are these new critical vulnerabilities? “Meltdown” and “Spectre” are vulnerabilities in the way many modern microprocessor designs implement speculative execution of instructions. Independently discovered last June, these vulnerabilities can be exploited by malicious programs to steal sensitive information from personal computers, mobile devices, and even cloud infrastructures where millions of businesses store their customer data profiles. More detailed information can be found at CVE-2017-5715  and CVE-2017-5754  

  • Meltdown

    Meltdown breaks the most fundamental isolation between user applications and the operating system. Read more.

  • Spectre

    Spectre breaks the isolation between different applications. Read more.

Over the past week, the ScaleGrid team has run performance tests to determine the impact of the Meltdown CPU kernel patch on our MongoDB servers. In this post, we’ll cover the results of the Meltdown tests we ran for each of the three cloud platforms that we support – Amazon AWS, Microsoft Azure and DigitalOcean (DO).

Test Rig

We used Yahoo! Cloud Serving Benchmark (YCSB) to run these tests, and run against our ‘Large’ instance type - typically with around 8GB of RAM. Here are the two primarily we ran:

  1. Insert workload
  2. Workload A/Balanced workload:  50% Reads, 50% Writes

For more details on the testing methodology, please refer to our post, How to Benchmark MongoDB with YCSB.

Cloud Meltdown Test Summary

  • AWS

    4%-5% hit on insert workload and 2-3% hit on the balanced workload (50% read, 50% write).

  • Azure

    10-20% hit on insert workload and a 20-25% hit on the balanced workload.

  • DigitalOcean

    30% hit on insert workload and ~30% hit on the balanced workload.

Improve your database management productivity, security and operations in less than 15 minutes.

Explore in a FREE 30-day trial

Start My Database Automation ScaleGrid Logo - Database Hosting & Management

AWS Meltdown Tests

We use AWS Amazon linux for all our MongoDB and Redis clusters on AWS. For more details on the patches, refer to the  AWS Security Bulletin.

awsinsertperformanceAWSWorkloadAPerformance

AWS Tests Summary

On average, we’re seeing a 4%-5% hit on AWS insert flow and 2-3% hit on the balanced workload. The underlying instance type for this type is an ‘HVM type’ (hardware virtual machine) – so the expected impact is minimal. With Paravirtual (PV) instance types, the impact will be much larger (closer to what we see and outline with Azure below).

Meltdown Performance Impact on MongoDB: AWS, Azure & DigitalOceanClick To Tweet

Azure Meltdown Tests

We use CentOS 6 for all our MongoDB clusters on Azure.  Here’s where you can find more information about the Azure patches and the Microsoft Windows patches.

azureinsertperformance

AzureBalancedworkloadperformance

Azure Tests Summary

On average, we’re seeing a 10-20% hit in the Azure insert workload and a 20-25% hit in the balanced workload.

DigitalOcean Meltdown Tests

We use CentOS 6 for all our MongoDB clusters on DigitalOcean. Here’s where you can find more information on the patches available for your DigitalOcean droplets.
digitaloceaninsertperformance
digitaloceanbalancedworkload

DigitalOcean Tests Summary

We see a 30% hit on insert performance and around 30% hit in the balanced workload.

We’re committed to helping our customers keep their MongoDB servers patched and secure from vulnerabilities. To learn more about further protecting your MongoDB cloud deployments, check out our post, The Three A’s of MongoDB Security – Authentication, Authorizing & Auditing.

If you have any questions on Meltdown protection for your MongoDB servers, please reach out to us at support@scalegrid.io.


Dharshan is the founder of ScaleGrid.io (formerly MongoDirector.com). He is an experienced MongoDB developer and administrator. He can be reached for further comment at @dharshanrg


  • matt

    Could you share what version of MongoDB(especially whether MMAPv1 or Wiredtiger) you used for this test ?

31 Shares
+1
Tweet
Share
Share31
Pin