Error: Encrypted VMs using high performance storage have a big impact on read performance
book
Article ID: 410995
calendar_today
Updated On:
Products
VMware vSphere ESXi
Issue/Introduction
When using high performance storage we can see a big impact on read performance on VMs that are encrypted
Environment
VMware ESXi host 8.x
VMware ESXi host 7.x
Cause
This is expected behavior
Resolution
While we see significant I/O performance impact when using the VM encryption feature on an ultra-fast storage device, this impact may be reduced when using more recent servers that have processors with a faster and improved AES-NI implementation.
VMware vSphere virtual machine encryption secures VM data at the cost of increased CPU cycles for encryption and decryption.
For ultra-low latency devices like the NVMe drive we used, the impact of higher CPU cost directly translates to reduced throughput and increased I/O latency. However, for storage devices and subsystems in the latency range of a few hundred microseconds and above, the increased CPU cost does not translate to a significant increase in latency or a decrease in throughput.
Encryption is CPU intensive. AES-NI significantly improves encryption performance. Enable AES-NI in your BIOS. Read more at Virtual Machine Encryption Best Practices