ApsaraDB RDS:TDE test report

Before you enable TDE

• Performance impact: at low concurrency, TDE reduces throughput by up to 20%. At high concurrency, the loss drops below 5%, largely because of I/O merging.

• Workload sensitivity: write-intensive workloads (oltp_write_only, oltp_update_index) show the highest overhead.

Test conclusions

• Low concurrency: performance loss is up to 20%.

• High concurrency: performance loss drops to below 5%, largely due to I/O merging.

• Write-intensive workloads (oltp_write_only, oltp_update_index) show the most significant overhead.

• CPU utilization increase when TDE is enabled and encrypted tables are accessed:

  • 4-core 16 GB instance: +0.06% to +4.22%

  • 8-core 32 GB instance: +0.12% to +2.86%

Test environment

Test tool

Sysbench is an open-source, modular, cross-platform, multi-threaded benchmark tool for evaluating database performance under load.

Test metrics

• TPS (Transactions Per Second): the number of transactions the database commits per second.

• Average latency: the average time to execute a transaction, measured in milliseconds (ms).

Test table schema

All tests use the default Sysbench table schema:

CREATE TABLE `sbtest8` (
  `id` int NOT NULL AUTO_INCREMENT,
  `k` int NOT NULL DEFAULT '0',
  `c` char(120) NOT NULL DEFAULT '',
  `pad` char(60) NOT NULL DEFAULT '',
  PRIMARY KEY (`id`),
  KEY `k_8` (`k`)
) ENGINE=InnoDB AUTO_INCREMENT=100001 DEFAULT CHARSET=utf8mb3

Test procedure

This procedure measures the performance of accessing encrypted tables on a TDE-enabled MySQL instance across different workload models.

1. Create an RDS for MySQL instance.

2. Create a database and an account.

3. On a Linux ECS instance, install the MySQL client:

   • CentOS: sudo yum install mysql

   • Ubuntu: sudo apt-get update then sudo apt install mysql-server

4. Connect to the RDS for MySQL database:

   To get the database endpoint and port number, see View and manage instance endpoints and ports.

   mysql -h<database_endpoint> -u<username> -P<port_number> -p<password>

5. Exit the database, then use Sysbench to load test data. This test loads 128 tables with 100,000 records each. The example below uses the oltp_read_write model with 16 threads. Replace --threads=16 with the thread count you want to test (valid values: 1, 8, 16, 32, 64, 128, 256).

   sysbench --db-driver=mysql \
     --mysql-host=<database_endpoint> \
     --mysql-port=<port_number> \
     --mysql-user=<username> \
     --mysql-password=<password> \
     --mysql-db=testdb \
     --table_size=1000000 \
     --tables=128 \
     --threads=16 \
     --time=60 \
     oltp_read_write prepare

6. Run the test:

   sysbench --db-driver=mysql \
     --mysql-host=<database_endpoint> \
     --mysql-port=<port_number> \
     --mysql-user=<username> \
     --mysql-password=<password> \
     --mysql-db=testdb \
     --table_size=1000000 \
     --tables=128 \
     --threads=16 \
     --time=60 \
     oltp_read_write run

7. Clean up test data:

   sysbench --db-driver=mysql \
     --mysql-host=<database_endpoint> \
     --mysql-port=<port_number> \
     --mysql-user=<username> \
     --mysql-password=<password> \
     --mysql-db=testdb \
     --table_size=1000000 \
     --tables=128 \
     --threads=16 \
     --time=60 \
     oltp_read_write cleanup

Test scenario 1: 4-core 16 GB instance with Premium Local SSDs

TDE-off baseline: rds_ssd_4c16g_tde_off[3] TDE-on instance: rds_ssd_4c16g_tde_on[2]

Performance trend graphs

CPU utilization

Performance data summary

Test scenario 2: 8-core 32 GB instance with Premium Local SSDs

TDE-off baseline: rds_ssd_8c32g_tde_off[11] TDE-on instance: rds_ssd_8c32g_tde_on[12]

Performance trend graphs

Performance data summary