All geek questions in one place

Encrypted VS files with unencrypted EBS AWS

We are testing the standard volume of EBS, the volume of EBS with encryption on an EBS-optimized instance of m3.xlarge EC2.

When analyzing the test results, we learned that

Encrypted EBS takes less time to read, write, read / write compared to non-encrypted EBS. I think there will be a latency effect on the encrypted EBS volume due to the extra encryption overhead for every I / O request.

What will be the reason why encrypted EBS volumes are faster than regular EBS volumes?

Expected results should be that EBS should give the best results that encrypted EEBS.

Results:

EBS planned results:

sysbench 0.4.12: multi-threaded system evaluation benchmark Running the test with following options: Number of threads: 8 Initializing random number generator from timer. Extra file open flags: 16384 8 files, 512Mb each 4Gb total file size Block size 16Kb Calling fsync() at the end of test, Enabled. Using synchronous I/O mode Doing sequential write (creation) test Threads started! Done. Operations performed: 0 Read, 262144 Write, 8 Other = 262152 Total Read 0b Written 4Gb Total transferred 4Gb (11.018Mb/sec) 705.12 Requests/sec executed Test execution summary: total time: 371.7713s total number of events: 262144 total time taken by event execution: 2973.6874 per-request statistics: min: 1.06ms avg: 11.34ms max: 3461.45ms approx. 95 percentile: 1.72ms

EBS Results:

 sysbench 0.4.12: multi-threaded system evaluation benchmark Running the test with following options: Number of threads: 8 Initializing random number generator from timer. Extra file open flags: 16384 8 files, 512Mb each 4Gb total file size Block size 16Kb Calling fsync() at the end of test, Enabled. Using synchronous I/O mode Doing sequential write (creation) test Threads started! Done. Operations performed: 0 Read, 262144 Write, 8 Other = 262152 Total Read 0b Written 4Gb Total transferred 4Gb (6.3501Mb/sec) 406.41 Requests/sec executed Test execution summary: total time: 645.0251s total number of events: 262144 total time taken by event execution: 5159.7466 per-request statistics: min: 0.88ms avg: 19.68ms max: 5700.71ms approx. 95 percentile: 6.31ms

please help me solve this problem.

+6
source share
1 answer

This is certainly unexpectedly conceptual and also confirmed by Amazon EBS Encryption :

[...] and you can expect the same IOPS performance on encrypted volumes as with unencrypted volumes with minimal impact on latency . You can access Amazon EBS encrypted volumes in the same way as existing volumes; encryption and decryption are processed transparently, and they do not require any additional actions from you, your EC2 instance, or your application. [...] [emphasis mine]

Amazon EBS Volume Performance provides more detailed information about EBS performance in general - from this point of view, but pure speculation, perhaps using encryption, implies some default Amazon EBS pre-progressive volumes :

When you create any new EBS volume (generic type (SSD), Provisioned IOPS (SSD) or magnetic) or restore the volume from a snapshot, the storage units on the back panel are immediately allocated to you. However, the first time you access the storage unit, it must be cleared (for new volumes) or created from a snapshot (for restored volumes) before you can access the unit. This preliminary action takes time and can cause 5โ€“50% IOPS loss for your volume when you first access each block. [...]

In any case, I suggest repeating the test after preheating both new EBS volumes, if you haven't already.

+1
source

Source: https://habr.com/ru/post/971088/

More articles:


All Articles