Home » Posts tagged "time" (Page 3)

Amazon EC2 上的 gettimeofday 與 clock_gettime 的效能

看到「Two frequently used system calls are ~77% slower on AWS EC2」這篇在講 gettimeofdayclock_gettime 的效能,另外搜資料時發現應該也是作者提問的「gettimeofday() not using vDSO?」這篇。

EC2 比較新的機器上用 tsc 應該是沒問題的 (在 2015 的時候官方就這樣建議了):

it seems tsc support in Xen has improved with version 4.0 and with improved CPU support in Sandy Bridge+ platforms. Modern EC2 machines should be okay with tsc. Check Xen version using dmesg | grep "Xen version". Amazon recommended the tsc clocksource already in re:Invent 2015 (https://www.slideshare.net/AmazonWebServices/cmp402-amazon-ec2-instances-deep-dive). I'm not yet running to production with this, but the situation doesn't seem as bad as implied by packagecloud.

開了一台 t2.micro 看 /sys/devices/system/clocksource/clocksource0/current_clocksource 看起來目前是設成 xen

ubuntu@ip-172-31-22-165:~$ cat /sys/devices/system/clocksource/clocksource0/current_clocksource
xen

在「(CMP402) Amazon EC2 Instances Deep Dive」這邊也可以看到一些資料 (page 24 與 page 25):

DynamoDB 推出 TTL 功能

DynamoDB 推出了依照時間自動刪除的功能:「New – Manage DynamoDB Items Using Time to Live (TTL)」。

You can enable this feature on a table-by-table basis, specifying an item attribute that contains the expiration time for the item.

這個功能比較特別的是,刪除的 scan 是不收取費用的:

There is no charge for the internal scan operation or for the deletion. You will pay for storage until the item is actually deleted.

Cloudflare 因為閏秒炸掉...

Cloudflare 這次閏秒炸掉:「How and why the leap second affected Cloudflare DNS」,影響範圍包括了 DNS query 與 HTTP request:

At peak approximately 0.2% of DNS queries to Cloudflare were affected and less than 1% of all HTTP requests to Cloudflare encountered an error.

主要的原因在於 Gotime.Now() 不保證遞增:

RRDNS is written in Go and uses Go’s time.Now() function to get the time. Unfortunately, this function does not guarantee monotonicity. Go currently doesn’t offer a monotonic time source (see issue 12914 for discussion).

修正的方式是針對時間回朔時處理:

In this patch we allowed RRDNS to forget about current upstream performance, and let it normalize again if time skipped backwards.

應該是因為 Cloudflare 這段程式還沒遇過 leap second 造成的...

Google 的 time.google.com

看到這張圖在講不同 server (service) 如何處理今年的 leap second (UTC 的跨年,台灣時間早上八點),出自 leap smear 這邊:

在很早前就有 time.google.com 這個 domain,但是當時 Google 的人有跳出來說明這個服務不是公開服務 (當時),不保證這個服務的正確性與穩定性:「timeX.google.com provide non standard time」。

不過一個月前公佈出來的 Google Public NTP 服務算是把整個系統搞定了。

其中在 Configuring Clients 這邊直接推薦用 iburst 參數,不愧是家大業大的 Google XDDD:

When the server is unreachable and at each poll interval, send a burst of eight packets instead of the usual one. As long as the server is unreachable, the spacing between packets is about 16s to allow a modem call to complete. Once the server is reachable, the spacing between packets is about 2s. This is designed to speed the initial synchronization acquisition with the server command and s addresses and when ntpd is started with the -q option.

回到原來的 leap smear 的比較圖,可以看出 Google 對 leap second 的解法是往前十二小時與往後十二小時各拉緩衝時間來避開,有些是沒在管,另外有些有種來亂的感覺 XDDD

把 CSC (卡片背面的三碼) 變成 OTP (動態密碼)

把信用卡背面的後三碼 (Card security code) 變成動態密碼,雖然一般只會有三碼,但對於網路消費應該會有不少幫助,不過這樣就不能完全不拿出卡片了...:「This high-tech card is being rolled out by French banks to eliminate fraud」。

產品叫做 MotionCode,會先從法國開始:

Today both Société Générale and Groupe BPCE, two of France’s largest banking groups, are preparing to roll out these cards across all their customers after completing a pilot scheme last year.

然後是波蘭、墨西哥以及英國在規劃:

There are other pilots underway in Poland and Mexico, and Davis is running Oberthur’s UK operation with the hope of getting a pilot or trial started with a UK bank soon.

密碼系統的 Monoculture

這篇文章講到最近密碼系統的現象:「On the Impending Crypto Monoculture」。

目前常在用的密碼系統包括了 RSA、DH、ECDH、ECDSA、SHA-2、AES 這些演算法,而最近這幾年大家在推廣使用的演算法都出自於同一個人手裡,Dan Bernstein,也就是 djb:

A major feature of these changes includes the dropping of traditional encryption algorithms and mechanisms like RSA, DH, ECDH/ECDSA, SHA-2, and AES, for a completely different set of mechanisms, including Curve25519 (designed by Dan Bernstein et al), EdDSA (Bernstein and colleagues), Poly1305 (Bernstein again) and ChaCha20 (by, you guessed it, Bernstein).

這些演算法或是定義,包括了 Curve25519、EdDSA、Poly1305、ChaCha20。而這篇文章試著說明造成這樣情況的背景以及原因,以及這樣會導致什麼問題。

當實際分析時會發現,檯面上沒幾個能用的演算法,而看起來能用的那幾個又有專利 (像是 OCB),不然就是看起來被 NSA 放了一些說明不了的參數 (像是 P-256 Curve)。

然後 djb 弄出來的演算法不只看起來乾淨許多,也直接用數學模型證明安全性。而且他的實作也很理論派,像是還蠻堅持要做到 constant time implementation 以避開各種 side channel attack。

就... 理論很強,又很實戰派的一個人啊,檯面上真的沒幾隻可以打的贏啊 XD

加州在規劃廢除日光節約時間

加州在規劃廢除日光節約時間:「California could drop Daylight Saving Time」。

A California lawmaker has introduced a bill to unshackle the Golden State from the horological chains of Daylight Saving Time.

主要是沒有實質效益,甚至是與當初預期的反效果:

Daylight saving time is observed in about 70 countries worldwide, but its benefits are the subject of much debate. While studies in the 1970s argued that it reduced energy usage, it’s no longer clear that’s the case. A 2011 study in Indiana found that electricity use rose in the state as a result of daylight saving.

Adobe Typekit 對 PageSpeed 的妥協

Adobe Typekit 是個收費的網頁字型服務,為了讓變更可以儘快生效,用了比較短的 cache time:

We use a short cache time for the kit JavaScript so that you can update your kit (for example, adding fonts, or changing the list of allowed domains) and have your changes live in a reasonable amount of time.

但這也造成了不少人抱怨 Google PageSpeed Tools 會扣分,而實際上也的確降低效率 (因為你不需要天天改設定):

Adobe 給了妥協的方案,你可以選擇使用更長的 cache time,從本來的 10 mins 變成 1 week:「Improved caching for kits: Opt for longer cache timeout」。

這個選項使得 Google PageSpeed Tools 不會扣分,也讓效能再更好一些。

AWS 上 MySQL + MHA、Galera Cluster、Amazon RDS for Aurora 的比較

Twitter 上看到的文章,對三套有 High Avaiilability 能力的 MySQL 系統比較:「AWS Aurora Benchmarking - Blast or Splash?」。

測試的項目包括了 MySQL + MHAGalera Cluster 以及 Amazon RDS for Aurora 三種,包括了 failover 的各種速度以及資料庫效能的比較。

測試的結果可以看到 Galera Cluster 有不少優勢,不過我必須說 Galera Cluster 並不好搞,初期要使用的話乾脆用 Aurora 就好,failover 的確是比較慢,而且效能也沒有 Galera Cluster 好,但管理上輕鬆很多啊...

Archives