Do we have (vague) data on the performance impact of Spectre / Meltdown mitigation steps?

Hey there!

Do we have (vague) data on the performance impact of Spectre / Meltdown mitigation steps on CockroachDB? I understand that this is very much hardware-specific and workload-specific. However, I would very much appreciate if CockroachLabs or individual users of CockroachDB were to report insights gained so far.

Hi Jan-Philip,
at this time we have not performed any comparative benchmarks at Cockroach Labs.
However, at a very high level we can make the following remarks:

  • if your application is more caring about the reliability features of CockroachDB than performance, it is more likely that any performance impact of the Spectre/Meltdown mitigation techniques will be less of a concern.
  • if your application is particularly sensitive to database performance, it is more likely that you wouldn’t choose to co-locate CockroachDB on the same physical hardware as other applications, as this would cause performance interference. If CockroachDB does not share hardware with other software, the Spectre and Meltdown vulnerabilities are inconsequentials and you wouldn’t need to deploy the mitigation techniques.

Do you think these considerations would alleviate your concerns?
Best regards

Hi Raphael,

The assumption you are making is the service is being deployed on bare metal. If you are using a cloud provider, like many of us do, at best for performance, you will dedicate k8 workers to CDB but in the end, the running kernel is being managed by that cloud provider and that kernel will be patched against Meltdown and Spectre.

So unfortunately, I believe for many (most ?) of us, we will be impacted no matter where we stand in term of DB performance.

Now i believe there is no definitive answer to the question. There is a big chance that for the same workload you will have to allocate more resources now but to say by which margin is impossible without looking at the workload itself.

Good news is it’s relatively easy and painless to throw more resources at a CDB cluster and with proper monitoring this should be relatively easy to spot.