Meltdown patch made AWS CPUs work 25 per cent harder, claims SolarWinds

Meltdown patch AWS performance issues chronicled by software vendor SolarWinds

Solarwinds, the infrastructure management software supplier, has chronicled the effect that the implementation of Intel's patch for the Meltdown security flaw had on its cloud operations.

Its software runs on the Amazon Web Services (AWS) platform and the company and its customers were therefore affected last week by the rushed-out patches to mitigate against the Meltdown security vulnerability.

It admitted that its services had been impacted by the patch, but that over the past week performance has been improved as AWS has thrown resources at the problem.

"Public cloud companies such as AWS were informed of the vulnerabilities prior to the release and worked to prepare system patches that would prevent information disclosure on multi-tenant cloud infrastructure," claimed the company in a blog posting.

It continued: "There is no universal fix for Spectre at the moment, so most mitigations to date have largely been targeting the easier-to-reproduce Meltdown vulnerability."

SolarWinds Cloud, which uses AWS technology, has been affected by the update. "We, along with many SaaS [software-as-a-service] companies were impacted by these changes and suffered partial downtime due to AWS efforts to mitigate Meltdown," added Solarwinds.

Before implementing the update, the company saw sudden shifts in CPU performance, with processes demanding much more from CPUs to do the same work. "The firm experienced, when we rebooted our PV [para virtual] instances on 20^th Dec ahead of the maintenance date, we saw CPU jumps of roughly 25%," it said.

"There were reports of similar issues related to performance or stability of instances after they were rebooted for this maintenance event."

AWS also issued a patch for HVM [hardware virtual machine] instances, although Solarwinds noticed some unusual side-effects. It said there were noticeable CPU bumps.

"During this same time period, we saw additional CPU increases on our PV instances that had been previously upgraded," explained the company.

"This seems to imply some level of HVM patching was occurring on these PV instances around the same time that all pure-HVM instances were patched."

For the Kafka rig, the update saw throughput decrease by 40 per cent, but the CPU performance of Cassandra suddenly surged by 25 per cent.

"It's uncertain where the future of Meltdown and Spectre patches will land, but it is likely to continue to impact performance for any business running infrastructure at scale," warned the company.

"We need to adapt our software engineering disciplines to accommodate changed assumptions in system performance as we continue to build distributed systems.

"It remains to be seen how additional patching in guest kernels will impact performance when run on top of patched cloud hypervisor nodes. We are continuing to explore this and the impacts it may cause."