[talk] Does swap still matter?
Anthony Elizondo
anthony.elizondo at gmail.com
Wed Mar 16 13:26:58 EDT 2022
On Wed, Mar 16, 2022 at 12:27 PM Brian Cully <bcully at gmail.com> wrote:
> On 3/16/22 11:03, George Rosamond wrote:
>
> Today, when those 64G or more of RAM are the norm for bare-metal
> boxes, and it's overkill in many contexts, is swap still necessary?
>
> Do certain applications/OS functions still use swap as opposed to RAM
> for some reason? I mean, swap is normally encrypted by default, so
> there is a justifiable reason to use swap over RAM.
>
> I don't use it on servers because I'd rather have things die than
> incur a swap penalty if things start to get bogged down. To be fair, I
> was also turning off swap in the 90s, when RAM was much tighter, for
> the same reason. When things started to get hammered swap *always*
> made the problem worse because now your disks are thrashing.
>
Seconding what Brian said. In search of greater reliability, it is
preferable for a service to die completely rather than get slow (or, start
exhibiting high tail latency).
https://brooker.co.za/blog/2021/04/19/latency.html
Some modern services flat out fail to run if swap is enabled.
https://github.com/kubernetes/kubernetes/issues/53533 (To be fair, last
year Kubernetes 1.22 did gain the ability to run with swap enabled).
> I don't use it at home, either, because I have more than adequate
> RAM on my home systems and don't see a need for it, and I value
> consistent interactive performance. If I had substantially less RAM
> I'd turn on swap to cover for bloated applications like web browsers,
> or VMS I'm not actively using.
>
> Theoretically, swap can make your system faster because it allows
> you to page out RAM that's been allocated and almost never used for
> buffers. I don't know if there are systems that actually do this in
> practice, though, and it opens you up to severe performance
> degradation. Swap's always seemed to me like this thing that, in
> theory, allows for more flexibility, but in practice is almost never
> worth the trade offs.
>
> As far as swap being encrypted, I don't see that as much of a
> reason to use over RAM. The keys to decrypt it still have to be in RAM
> somewhere, and if you can arbitrarily read RAM, it doesn't seem like
> it's much of a stretch to find the key and read whatever you want off
> of swap. The value in on-disk encryption is when the system is off,
> right? If it's on, and someone has the access to read your block
> devices raw, then they can also read your key out of the kernel too,
> right? Or has this changed in the advent of TPM and its ilk?
>
> -bjc
>
Anthony
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.nycbug.org:8443/pipermail/talk/attachments/20220316/a8fcc031/attachment.htm>
More information about the talk
mailing list