Error: Encrypted VMs using high performance storage have a big impact on read performance
search cancel

Error: Encrypted VMs using high performance storage have a big impact on read performance

book

Article ID: 410995

calendar_today

Updated On:

Products

VMware vSphere ESXi

Issue/Introduction

  • When using high performance storage we can see a big impact on read performance on VMs that are encrypted

Environment

VMware ESXi host 8.x

VMware ESXi host 7.x

Cause

  • This is expected behavior

Resolution

  • While we see significant I/O performance impact when using the VM encryption feature on an ultra-fast storage device, this impact may be reduced when using more recent servers that have processors with a faster and improved AES-NI implementation.
  • VMware vSphere virtual machine encryption secures VM data at the cost of increased CPU cycles for encryption and decryption.
  • For ultra-low latency devices like the NVMe drive we used, the impact of higher CPU cost directly translates to reduced throughput and increased I/O latency. However, for storage devices and subsystems in the latency range of a few hundred microseconds and above, the increased CPU cost does not translate to a significant increase in latency or a decrease in throughput.
  • Read more at VMware vSphere 6.5 Virtual Machine Encryption Performance
  • Encryption is CPU intensive. AES-NI significantly improves encryption performance. Enable AES-NI in your BIOS. Read more at Virtual Machine Encryption Best Practices