Blog‎ > ‎

I/O Performance IOPS, Cloud Pricing, TLS 1.3, Dark Web Underground Trade

posted Nov 12, 2016, 7:37 AM by Sami Lehtinen   [ updated Nov 12, 2016, 7:41 AM ]
  • Even more extremely annoying performance issues. Systems lagged to death, disk I/O stalling. 0 IOPS, 0 KB/s, etc. As well as claims that there's nothing wrong with it. Well, either there's something wrong with it or then keep your junk, and we're moving out. Issues seem to be correlated between multiple servers and not isolated incidents. Next question is how much lag is too much, when does Windows fail? Maybe it's just Windows which is intolerant for I/O pauses? I've seen that happening earlier, maybe Linux performs much better? If I run any constant performance tests everything works well. Maybe the problem is triggered by the system hitting some cold data in tiered storage system and that's extremely slow? That shouldn't be a problem, but then Windows blows up and ends up being dead in the water, partially. Which is also very very annoying. So it's working, but it isn't. - In a way interesting case, but also at the same time enraging waste time. - Stuff should just work, is it my job to figure out why it doesn't. Well it kind of is. But now we're talking about platform causing issues, not my code. - Sigh. - Well I'll be posting updates. Either, I'll move my stuff out or they'll get their s*t together. - After some wondering and testing, I think it's just what I've said. A extremely simple way to verify this is file system walk, dir /s or ls -R and lets see what happens. If there are LONG pauses between directories, several seconds. Then there's something wrong. Of course this test can be run only once, after that the cold data isn't cold for that server anymore. But it shows that 'randomish' cold data walk can be really slow. kw: Ceph, Tiered Storage System
  • This also reflects to the pricing discussions. Some people claim that servers at X and so much cheaper than Y. But the real question is that do you get the bang for the buck? Cheap servers can be actually a lot more expensive than the 'more expensive servers' when you compare performance in detail and make some calculations, persistent performance testing etc. What's the cost of performance hiccups? Pricing can be interpreted very misleadingly, if all the related factors aren't being considered. Also spot performance isn't same thing as performance over a month or so. Situation can also change, several months performance was good, but now it's bad and so on. There's no ultimate answer, other than persistent data collection and analytics.
  • It seems that Finland is looking for a legal way to hack individual users and organizations in other countries. - Nice. I wonder if there will be any international law about that, so far it seems that hacking ICT systems is actually totally ok and acceptable and everyone's doing is as much as they can.
  • Introducing TLS 1.3 - Introduction to TLS 1.3. Yet it might take ages before web browser (Not even mentioning other HTTPS clients) start to support it. As we've seen over and over again with older versions and ciphers etc. Some browsers doesn't support AES256 with GCM mode at all, and some didn't support ECDH and of course these restrictions also apply to the server side. Wikipedia says that no browser so far supports TLS 1.3. - Let's see the technical changes of the protocol so far. - 0-RTT mode if of course really nice. 0.5 RTT data from server side nice. - No more DSA - No more SHA-1 in signatures - No more wear and rare curves - No more MD5 / SHA-224 signatures - No more RC4 - No more custom DHE groups. - No more compression - No more non-AEAD ciphers. - Another short list of features removed is almost same as what I just listed: Static RSA keys, CBC mode ciphers, RC4 stream cipher, SHA-1 hash function, Arbitrary Diffie-Hellman Groups and Export ciphers.
  • Tried with friends one side project called shim, but it failed. It should have worked, we'll be retrying later. Until there's success. - Actually the reason why I needed the shim to be successful actually resolved itself, so I didn't need it in the first place.
  • Watched a few documentaries about dark / deep web trade. Nothing new. If there's a demand, there's a seller. That's how the world runs, even if there wouldn't be official free market.