Visualizing Meltdown on AWS

It would be nice if AWS could write something official about what they are doing.<p>I&#x27;ve been noticing major performance changes in our instances and have no idea if it is related to Meltdown or something else.<p>Google released a blog post specifically on performance: <a href="https:&#x2F;&#x2F;blog.google&#x2F;topics&#x2F;google-cloud&#x2F;protecting-our-google-cloud-customers-new-vulnerabilities-without-impacting-performance&#x2F;" rel="nofollow">https:&#x2F;&#x2F;blog.google&#x2F;topics&#x2F;google-cloud&#x2F;protecting-our-googl...</a><p>It would be nice to have similar transparency from AWS.

That&#x27;s one interesting aspect of these issues and mitigations is that performance really depends on the workload. Just because Google saw little performance impact on their servers, doesn&#x27;t mean your application won&#x27;t see. Or because someone said their CPU usage went up 2x doesn&#x27;t mean it will go up for you.<p>On an unrelated note, kind of wish Meltdown had been discovered and exposed separately from Spectre. Intel has managed to weasel its way of out of taking responsibility by implying that this is not a bug and all the other CPUs have similar issues. If they had to respond to Meltdown only, it would have made it a bit harder for their PR and legal department to deny the security and performance implications.

My team saw a 40% CPU usage increase on all of our EC2 instances and even our RDS instances. We were shocked since the media was downplaying the performance impact.<p>I tried to start a poll but it seems as though my team was just the unlucky one: <a href="https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=16109036" rel="nofollow">https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=16109036</a>

Pardon this likely naive question, but I haven’t seen it addressed yet in all the coverage: what’s the cost in electricity of patching this vulnerability? Does a company like amazon running a massive cloud infrastructure see a non-negligible increase in their cost of doing business?

Would love to know if anyone else had data on:<p>* Impact on M5&#x2F;C5 instances over similar time period, any difference with the Nitro hypervisor?<p>* Were Dedicated instances (<a href="https:&#x2F;&#x2F;aws.amazon.com&#x2F;ec2&#x2F;purchasing-options&#x2F;dedicated-instances&#x2F;" rel="nofollow">https:&#x2F;&#x2F;aws.amazon.com&#x2F;ec2&#x2F;purchasing-options&#x2F;dedicated-inst...</a>) patched as well?<p>* Other examples of software that adapted batching performance automatically with increase in call latency.

Anyone has more info on the performance recovery today? We experienced similar performance issues over the last few days with a seemingly complete recovery today (on a cluster of ~2500 HVM T-1s).

This is especially interesting for workloads that already ran on &gt;70%<p>Some stuff won&#x27;t run in the free tiers anymore and people will have to switch to bigger machines :&#x2F;

We saw instances which normally kept a healthy stock of CPU credits quickly burn through them and severely degrade in performance thanks to Meltdown :&lt;

Trying to foresee the future...<p>Could we expect Intel to fix the design flaw^Wfeature so that future server appliance (but also desktop) can run without KPTI while still not being affected by Meltdown ? If so, what timeline could we expect ? Say a year for new CPU designs, plus a year to roll-out new machines in datacenter ?

&quot;Why I like to run my own hardware for $100, Alex&quot;<p>You can patch various tiers of servers at your own leisure, depending on threat levels and exposure. Measure the impact, capacity plan, etc. Rather than it being forced on you across all tiers because cloud.

Over a 15 year time scale, there is no way AWS will remain competitive with GCP.

Is there an option of AWS dedicated instances without these patches? I thought all these new vulnerabilities are only really dangerous in shared environments.

Guess humanity lost 30% of its computing power