Steal time (`%st` in Linux `top`) is the percentage of time a virtual CPU waits for a real CPU while the hypervisor services another virtual processor. It is the visible signature of shared tenancy: your VM's cycles are being given to someone else's workload. ## Why It Exists VMs on a host share CPU cycles without hard caps (unlike memory). A VM can borrow more than its proportional share when the host is idle — and lose cycles when neighbors get busy. Steal time measures the losing side. ## Reading It - `%id` low → CPU genuinely busy with your work - `%wa` high → waiting on I/O - `%st` high → ready to run, but the *physical* CPU is serving another VM A working rule of thumb: steal time above 10% for 20 minutes means the VM is running meaningfully slower than it should. ## Remediation Ladder 1. Move the instance to another physical host 2. If steal remains high, increase the VM's CPU resources 3. If it persists, escalate — the provider may be overselling hosts --- *Source: [[Understanding CPU Steal Time]] (Scout APM blog, Derek Haynes, 2013)*