Month: February 2023

by

CPF, EZ-Link services, multiple websites down after power outage at Microsoft Azure

Taken from CPF, EZ-Link services, multiple websites down after power outage at Microsoft Azure

SINGAPORE – Multiple organisations including the Central Provident Fund (CPF) Board, EZ-Link, the Esplanade and Nanyang Technological University (NTU) saw disruptions to their Web services on Wednesday as a result of the outage of the Microsoft Azure cloud service.

Microsoft Azure said on its website that a utility power surge in the South-east Asia region at 3.19am on Wednesday had tripped a subset of the cooling units in a data centre and brought them offline.

Azure said it “proactively powered down a small subset of selected compute and storage scale units” to minimise the damage to hardware, but was unable to say when services would be restored, as an extended period would be needed to restore cooling capacity.

CPF, EZ-Link services, multiple websites down after power outage at Microsoft Azure
by

Intel Processor, Persistent Memory and Nvidia-H100 on Japan’s most efficient Supercomputer

Full Article can found at Japan university tackles supercomputer’s memory problem

Pegasus boasts 120 of Nvidia’s cutting-edge H100 graphics-processing units. The same technology was used in the Lenovo-built Henri, which was crowned the world’s most energy-efficient supercomputer in November.

These are combined with state-of-the-art central processing units from Intel, giving Pegasus a theoretical peak performance of 6.5 petaflops — 6.5 quadrillion floating point operations per second.
……
……

Persistent memory is also used in addition to conventional DRAM. Accessing data from it takes longer than from DRAM. But it consumes less energy and promises around 10 times the capacity at a similar cost, according to the center. Persistent memory can handle both temporary and long-term data storage

…..

Using persistent memory allows Pegasus to tap more of its capabilities without requiring a major increase in cost or energy consumption.

Japan university tackles supercomputer’s memory problem
by

Enabling EPEL, Python Bindings for SELinux, and Firewall Settings

I have been learning from this book Fabio Alessandro Locati, published under Packt>.

There is one simple exercise where there is an example of “Configuring a basic server”. The codes can be found

Enabling EPEL

To enable EPEL, in RHEL/CentOS 7, just install the epel-release package

--- 
- hosts: all 
  remote_user: ansible
  tasks: 
    - name: Ensure EPEL is enabled 
      yum: 
        name: epel-release 
        state: present 
      become: True

Python bindings for SELINUX

Ansible is written in python, and mainly use the Python bindings to operate on the operating system.

--- 
- hosts: all 
  remote_user: ansible
  tasks: 
     - name: Ensure libselinux-python is present 
      yum: 
        name: libselinux-python  
        state: present 
      become: True 
    - name: Ensure libsemanage-python is present 
      yum: 
        name: libsemanage-python 
        state: present 
      become: True

Firewall Settings

--- 
- hosts: all 
  remote_user: ansible
  tasks: 
    - name: Ensure FirewallD is running 
      service: 
        name: firewalld 
        state: started 
        enabled: True 
      become: True 
    - name: Ensure SSH can pass the firewall 
      firewalld: 
        service: ssh 
        state: enabled 
        permanent: True 
        immediate: True 
      become: True
by

Basic Installing and Configuring NTP with Ansible

I have been learning from this book Fabio Alessandro Locati, published under Packt>.

There is one simple exercise where there is an example of “Ensuring that NTP is installed, configured and running”. The codes can be found at https://github.com/PacktPublishing/Learning-Ansible-2.X-Third-Edition/tree/master/Chapter02

--- 
- hosts: all 
  remote_user: ansible
  tasks: 
    - name: Ensure NTP is installed 
      yum: 
        name: ntp 
        state: present 
      become: True 
    - name: Ensure the timezone is set to UTC 
      file: 
        src: /usr/share/zoneinfo/GMT 
        dest: /etc/localtime 
        state: link 
      become: True 
    - name: Ensure the NTP service is running and enabled 
      service: 
        name: ntpd 
        state: started 
        enabled: True 
      become: True
by

Basic Installing and Configuring a Web Server with Ansible

I have been learning from this book Fabio Alessandro Locati, published under Packt>

There is one simple exercise where there is an example of “Installing and Configuring a Web Server”. The codes can be found at https://github.com/PacktPublishing/Learning-Ansible-2.X-Third-Edition/tree/master/Chapter02

Installing and Configuring a Web Server

The first set of codes deal with the installation and enabling of HTTPd package and services. In addition, both HTTP and HTPS must be able to pass through the firewalld

-- 
- hosts: all 
  remote_user: ansible
  tasks: 
    - name: Ensure the HTTPd package is installed 
      yum: 
        name: httpd 
        state: present 
      become: True 
    - name: Ensure the HTTPd service is enabled and running 
      service: 
        name: httpd 
        state: started 
        enabled: True 
      become: True 
    - name: Ensure HTTP can pass the firewall 
      firewalld: 
        service: http 
        state: enabled 
        permanent: True 
        immediate: True 
      become: True 
    - name: Ensure HTTPS can pass the firewall 
      firewalld: 
        service: https 
        state: enabled 
        permanent: True 
        immediate: True 
      become: True

Reviewing and Running the Deployment, we can use the command to fire it. 

$ ansible-playbook webserver.yaml --list-tasks
$ ansible-playbook -i host webserver.yaml

Publishing a Simple Website

Assuming the Website is a simple single-page website using a simple template call index.html.j2

--- 
- hosts: all 
  remote_user: ansible
  tasks: 
    - name: Ensure the website is present and updated 
      template: 
        src: index.html.j2 
        dest: /var/www/html/index.html 
        owner: root 
        group: root 
        mode: 0644 
      become: True

Just a note that the “become: True” parameter represents the fact that the tasks should be executed with sudo access. In other words, the sudo user’s file should allow access

by

Massive Ransomware Campaign Targeting Unpatched Vmware ESXi Servers

From SINGCERT (https://www.csa.gov.sg/singcert/Alerts/AL-2023-015) dated 04 Feb 2023

There are reports of an ongoing ransomware campaign actively exploiting a vulnerability (CVE-2021-21974) in unpatched VMware ESXi servers.

Successful exploitation of the vulnerability could allow an attacker to perform remote code execution by triggering the heap-overflow issue in OpenSLP service.

The following versions of the products are affected by the aforementioned vulnerability:

•             ESXi versions 7.x earlier than ESXi70U1c-17325551

•             ESXi versions 6.7.x earlier than ESXi670-202102401-SG

•             ESXi versions 6.5.x earlier than ESXi650-202102101-SG

Users and administrators of affected product versions are advised to upgrade to the latest versions immediately. As a precaution, a full system scan should also be performed to detect any signs of compromise. Users and administrators are also advised to assess if the ransomware campaign-targeted port 427 can be disabled without disrupting operations.

Users and administrators may also wish to configure their firewall rules to block any connections to the following IP addresses purportedly carrying out the attacks:

  • 104.152.52[.]55
  • 193.163.125[.]138
  • 43.130.10[.]173
  • 104.152.52[.]0/24

More information can be found at

https://www.vmware.com/security/advisories/VMSA-2021-0002.html

https://www.bleepingcomputer.com/news/security/massive-esxiargs-ransomware-attack-targets-vmware-esxi-servers-worldwide/

https://www.cert.ssi.gouv.fr/alerte/CERTFR-2023-ALE-015/

https://www.csa.gov.sg/singcert/Advisories/ad-2021-009/

by

Myths and Legends in High-Performance Computing

Abstract Taken form Myths and Legends in High-Performance Computing

In this humorous and thought provoking article, we discuss certain myths and legends that are folklore among members of the high-performance computing community. We collected those myths from conversations at conferences and meetings, product advertisements, papers, and other communications such as tweets, blogs, and news articles within (and beyond) our community. We believe they represent the zeitgeist of the current era of massive change, driven by the end of many scaling laws such as ennard scaling and Moore’s law. While some laws end, new directions open up, such as algorithmic scaling or novel architecture research. However, these myths are rarely based on scientific facts but often on some evidence or argumentation. In fact, we believe that this is the very reason for the existence of many myths and why they cannot be answered clearly. While it feels like there should be clear answers for each, some may remain endless philosophical debates such as the question whether Beethoven was better than Mozart. We would like to see our collection of myths as a discussion of possible new directions for research and industry investment

Myths and Legends in High-Performance Computing

The article addresses the follow myths

  • Myth 1: Quantum Computing Will Take Over HPC!
  • Myth 2: Everything Will Be Deep Learning!
  • Myth 3: Extreme Specialization as Seen in Smartphones Will Push Supercomputers Beyond Moore’s Law!
  • Myth 4: Everything Will Run on Some Accelerator!
  • Myth 5: Reconfigurable Hardware Will Give You 100X Speedup!
  • Myth 6: We Will Soon Run at Zettascale!
  • Myth 7: Next-Generation Systems Need More Memory per Core!
  • Myth 8: Everything Will Be Disaggregated!
  • Myth 9: Applications Continue to Improve, Even on Stagnating Hardware!
  • Myth 10: Fortran Is Dead, Long Live the DSL!
  • Myth 11: HPC Will Pivot to Low or Mixed Precision!
  • Myth 12: All HPC Will Be Subsumed by the Clouds!