[cinder] volume encryption performance impact
dh3 at sanger.ac.uk
Wed Jan 9 15:13:29 UTC 2019
I've just started investigating Cinder volume encryption using Queens
(RHOSP13) with a Ceph/RBD backend and the performance overhead is...
surprising. Some naive bonnie++ numbers, comparing a plain vs encrypted
plain: write 1400MB/s, read 390MB/s
encrypted: write 81MB/s, read 83MB/s
The encryption was configured with:
openstack volume type create --encryption-provider nova.volume.encryptors.luks.LuksEncryptor --encryption-cipher aes-xts-plain64 --encryption-key-size 256 --encryption-control-location front-end LuksEncryptor-Template-256
Does anyone have a similar setup, and can share their performance
figures, or give me an idea of what percentage performance impact I
should expect? Alternatively: is AES256 overkill, or, where should I
start looking for a misconfiguration or bottleneck?
Thanks in advance.
** Dave Holland ** Systems Support -- Informatics Systems Group **
** 01223 496923 ** Wellcome Sanger Institute, Hinxton, UK **
The Wellcome Sanger Institute is operated by Genome Research
Limited, a charity registered in England with number 1021457 and a
company registered in England with number 2742969, whose registered
office is 215 Euston Road, London, NW1 2BE.
More information about the openstack-discuss