The Spectre and Meltdown vulnerabilities have been causing significant concern for IT organizations. These vulnerabilities are in the hardware, not software. They take advantage of the vulnerability in the CPU design and make the memory content available to unauthorized users exposing sensitive data like passwords and other personal data. They affect most of the microprocessors produced in the last 20 years.
Operating System vendors are offering patches to fix these issues. However, these patches are causing up to 30 percent performance degradation.
You can ensure you have the necessary compute resources with TrueSight Capacity Optimization and avoid application performance degradation.
- Determine the performance impact due to the patch
The impact on the system performance due to the patch depends on the type of workload. Measure the performance impact by performing patch testing in a safe environment. This article from Red Hat provides some guidance on how performance characteristics might change based on various workload types.
- Understand the impact on residual capacity
Before the patch is applied, simulate the impact of applying the patches using a “what-if” event analysis in a time-forecast model. This simulates increased CPU utilization and allows you to verify if server CPU usage would go beyond acceptable thresholds.
The increase in CPU utilization used for the what-if simulation can be applied uniformly to all impacted systems using a single value like 20-30%. Alternatively, you can apply multiple values for CPU utilization increase to show the impact for servers running different workloads types.
- Determine the necessary capacity to satisfy service levels
For systems that do not have enough capacity to avoid performance degradation, you can determine the corrective action by performing “what-if” analysis. This will identify the additional resources required. You can upgrade the systems or increase the number of systems and distribute the workloads to support the capacity needs.
- Visibility and utilization analysis
Once the appropriate capacity is allocated and systems are updated with the patches, use TrueSight Capacity Optimization views to understand the ongoing system performance and resource needs.
For examples on how to implement “what-if” analysis in time-forecasting models, view this video.
For more information about how BMC solutions can help you with the patching process for the Spectre and Meltdown vulnerabilities, read this blog.