I know it's about Virtuozzo 7 (already got Support Ticket #18222 because of this) and not RHEL directly - but as Virtuozzo is built on top of RHEL 7 - and the Meltdown/Spectre Patches are those from RHEL - I want hear if anyone else also observed similiar Performance Problems with those Patches.
Since Meltdown/Spectre Patches the Performance dropped to unuseable levels. I patched one of our Root Servers which is running 1 (ONE) productive Container with EZ CMS (Apache 2.4.6, PHP 5.6.32) and MySQL/MariaDB DB (5.5.56) to latest VZ Kernel (3.10.0-693.11.6.vz7.40.4)
Root Server is HPE Gen9 Blade Server (Xeon CPU E5-2640 v3 @ 2.60GHz), Storage is Virtuozzo Storage running on SSD only (1-2GB/s Performance) - so rather good Hardware Specs ... ;-)
So here what happened when I bootet to patched Kernel:
completely unusable ... Load AVG spiked up to 150 and more (peaks up to over 200)
Disabling the Security Patches brings the Load down to normal:
tee /sys/kernel/debug/x86/*enabled <<< 0
Answer from Virtuozzo Support:
Essentially this means I can either patch Virtuozzo against Spectre and cripple the Performance that much that the Server is unuseable - or I decide to not patch the Server - keep good Performance but stay vulnerable to Spectre ...
Both options not really satisfactory ...
Anyone else observed similiar issues with those Patches? Or got a good Tip for me? ;-)
thx, bye from sunny Austria