January 9, 2023 by kittycool only

In-Network Computing with NVIDIA SHARP

Traditional methods for performing data reductions are very costly in terms of latency and CPU cycles. The NVIDIA Quantum InfiniBand switch with NVIDIA SHARP technology addresses complex operations such as data reduction in a simplified, efficient way. By reducing data within the switch network, NVIDIA Quantum switches perform the reduction in a fraction of the time of traditional methods.

January 3, 2023 by kittycool only

Installing 7-zip on CentOS-7 and Rocky Linux 8

7-zip is free software with open source. It has a high compression ratio in 7z format with LZMA and LZMA2 compression. Supported formats:

Packing / unpacking: 7z, XZ, BZIP2, GZIP, TAR, ZIP and WIM
Unpacking only: APFS, AR, ARJ, CAB, CHM, CPIO, CramFS, DMG, EXT, FAT, GPT, HFS, IHEX, ISO, LZH, LZMA, MBR, MSI, NSIS, NTFS, QCOW2, RAR, RPM, SquashFS, UDF, UEFI, VDI, VHD, VHDX, VMDK, XAR and Z.

Get 7-zip in Linux

$ wget https://sourceforge.net/projects/sevenzip/files/7-Zip/22.01/7z2201-linux-x64.tar.xz --no-check-certificate

Unpack 7-zip in Linux

$ tar xf 7z2101-linux-x64.tar.xz

Running Issues

If you are encountering issues like (especially on CentOS-7)

[user1@node1 7-zip]$ ./7zz
./7zz: /lib64/libstdc++.so.6: version CXXABI_1.3.8' not found (required by ./7zz) 
./7zz: /lib64/libstdc++.so.6: versionCXXABI_1.3.9' not found (required by ./7zz)

You need a more recent GNU Compilers rather than the default one used in CentOS-7 which is very old, you may want to compile more recent GNU. Remember to complete the $LD_LIBRARY_PATH and $PATH something like this

export PATH=$PATH:/usr/local/gcc-6.5.0/bin
export LD_LIBRARY_PATH= $LD_LIBRARY_PATH:/usr/local/gcc-6.5.0/lib64

December 28, 2022 by kittycool only

Protecting Red Hat OpenShift Containerized Environment with IBM Spectrum Protect Plus

Introduction

This IBM® Redpaper publication describes support for Red Hat OpenShift Container Platform application data protection with IBM Spectrum® Protect Plus. It explains backup and restore operations for persistent volume data by using the Container Storage Interface (CSI) plug-in.

Table of Contents

Chapter 1. Introducing containers
Chapter 2. IBM Spectrum Protect Plus architecture
Chapter 3. Installing IBM Spectrum Protect Plus as a containerized application
Chapter 4. Container Backup Support
Chapter 5. Implementing Container Backup Support
Chapter 6. Using Container Backup Support
Chapter 7. Red Hat OpenShift cluster disaster recovery solution

More Information at IBM Spectrum Protect Plus: Protecting Red Hat OpenShift Containerized Environments

December 22, 2022 by kittycool only

End-Of-Life and Support Information

Searching End-Of-Life Information can be a hassle if you are looking for information for OS, Applications, Databases etc. It will be very helpful if everything can be found on a website.

Hooray! It exists! https://endoflife.date/

endoflife.date documents End-of-life dates, and support lifecycles of various products. This project collates this data and presents it in an easily accessible format, with URLs that are easy to guess and remember.

For example, I click on Red Hat Enterprise Linux and the table layout is clear and intuitive.

Release	Released	Active Support	Security Support	Latest
9 (Upcoming ELS)	7 months ago(17 May 2022)	Ends in 4 years and 5 months(31 May 2027)	Ends in 9 years(31 May 2032)	9.1(15 Nov 2022)
8 (Upcoming ELS)	3 years and 7 months ago(07 May 2019)	Ends in 1 year and 5 months(31 May 2024)	Ends in 6 years(31 May 2029)	8.7(09 Nov 2022)
7 (Upcoming ELS)	9 years ago(11 Dec 2013)	Ended 2 years and 11 months ago(31 Dec 2019)	Ends in 1 year and 6 months(30 Jun 2024)	7.9(29 Sep 2020)
6 (ELS)	12 years ago(09 Nov 2010)	Ended 6 years ago(10 May 2016)	Ended 2 years ago(30 Nov 2020)	6.10
5 (ELS)	15 years ago(15 Mar 2007)	Ended 9 years ago(08 Jan 2013)	Ended 5 years and 8 months ago(31 Mar 2017)	5.11
4	17 years ago(15 Feb 2005)	Ended 13 years ago(31 Mar 2009)	Ended 10 years ago(29 Feb 2012)	4.9

Taken from https://endoflife.date/

December 20, 2022 by kittycool only

abrt-cli status’ timed out is always shown when logging on or changing users

When change or login to specific user, ‘abrt-cli status’ timed out is always shown

Last login: Mon Dec 19 23:32:58 +08 2022 on pts/21 
'abrt-cli status' timed out

To resolve the issue, you may want to check the status of the ‘abrtd’ service, the output will indicate a locked file

# systemctl status abrtd
● abrtd.service - ABRT Automated Bug Reporting Tool
   Loaded: loaded (/usr/lib/systemd/system/abrtd.service; disabled; vendor preset: enabled)
   Active: active (running) since Mon 2022-12-19 23:34:58 +08; 2s ago
 Main PID: 273413 (abrtd)
   CGroup: /system.slice/abrtd.service
           └─273413 /usr/sbin/abrtd -d -s

Dec 19 23:34:58 node1 systemd[1]: Started ABRT Automated Bug Reporting Tool.
Dec 19 23:34:58 node1 systemd[1]: Starting ABRT Automated Bug Reporting Tool...
Dec 19 23:34:58 node1 abrtd[273413]: Lock file '.lock' is locked by process 191242
Dec 19 23:34:59 node1 abrtd[273413]: Lock file '.lock' is locked by process 191242
Dec 19 23:34:59 node1 abrtd[273413]: Lock file '.lock' is locked by process 191242
Dec 19 23:35:00 node1 abrtd[273413]: Lock file '.lock' is locked by process 191242
Dec 19 23:35:00 node1 abrtd[273413]: Lock file '.lock' is locked by process 191242

Stop the abrt Service first.

# systemctl stop abrtd

Kill the Process holding the Lock File

# pkill -9 systemctl stop abrtd

Start the Service again

# systemctl start abrtd

The Lock File should go away.

# systemctl status abrtd
● abrtd.service - ABRT Automated Bug Reporting Tool
   Loaded: loaded (/usr/lib/systemd/system/abrtd.service; disabled; vendor preset: enabled)
   Active: active (running) since Mon 2022-12-19 23:48:02 +08; 4s ago
 Main PID: 334010 (abrtd)
   CGroup: /system.slice/abrtd.service
           └─334010 /usr/sbin/abrtd -d -s

Dec 19 23:48:02 hpc-gekko1 systemd[1]: Started ABRT Automated Bug Reporting Tool.
Dec 19 23:48:02 hpc-gekko1 systemd[1]: Starting ABRT Automated Bug Reporting Tool...
Dec 19 23:48:02 hpc-gekko1 abrtd[334010]: Init complete, entering main loop

December 14, 2022 by kittycool only

Harnessing the Advantages of Edge AI

Article taken from HPCWire “Harnessing the Advantages of Edge AI”

You can enjoy a number of advantages when you deploy edge AI applications. It’s about empowering your users in the field to convert data to value in real-time.

Real-Time Insights – Equip your users with real-time information, from business intelligence to military strategy to updated patient health data.
Faster Decision Making – Your users can react much more quickly to real-time information and make quicker, more informed decisions.
Increased Automation – Train your machines or devices to perform autonomous tasks and maximize efficiency.
Enhanced Privacy – Keeping more data closer to the edge means having to send less of it to the cloud, thereby increasing opportunities for data breaches.

Do go to the article for full read. Harnessing the Advantages of Edge AI

December 12, 2022 by kittycool only

Tuning Compute Performance – Nanyang Technological University Targets I/O Bottlenecks to Speed Up Research

A customer case study writeup on how the HPC Team at Nanyang Technological University used Altair Mistral to tune Compute Performance.

The High Performance Computing Centre (HPCC) at Nanyang Technological University Singapore supports the university’s large-scale and data-intensive computing needs, and resource requirements continue to grow. HPCC churned out nearly 19 million core CPU-hours and nearly 300,000 GPU-hours in 2021 to enable more than 160 NTU researchers. HPCC’s small, four-engineer team turned to Altair for cutting-edge tools to help support their growing user community and evaluate scaling up to a hybrid cloud environment. They needed job-level insights to understand runtime issues; metrics on I/O, CPU, and memory to identify bottlenecks; and the ability to detect problematic applications and rogue jobs with bad I/O patterns that could overload shared storage. The HPCC team deployed Altair Mistral™ to profile application I/O and determine the most efficient options to optimize HPC at NTU.
Tuning Compute Performance – Nanyang Technological University Targets I/O Bottlenecks to Speed Up Research

December 12, 2022 by kittycool only

Application I/O Profiling on HPC Clusters with Altair Mistral and Altair PBS Professional

A Paper has been published by Altair and myself on the “Application I/O Profiling on HPC Clusters with Altair Mistral and Altair PBS Professional”. For more information, do take a look at

The High Performance Computing Centre (HPCC) at Nanyang Technological University (NTU) Singapore employs the latest techniques to ensure good system utilization and a high-performance user experience. The university has a large HPC cluster with the Altair® PBS Professional® workload manager, and the HPCC team installed Altair Mistral™ to monitor application I/O and storage performance. In this paper, we describe how they used Mistral to analyze an HPC application. After getting some insights into the application, they profiled it against HPCC’s three storage tiers and gained detailed insights into application I/O patterns and storage performance.
Application I/O Profiling on HPC Clusters with Altair Mistral and Altair PBS Professional

December 1, 2022 by kittycool only

How to disable CBC Mode Ciphers in RHEL 8 or Rocky Linux 8

This writeup is reference from The Geek Diary

Edit /etc/sysconfig/sshd and uncomment CRYPTO_POLICY line:

CRYPTO_POLICY=

Edit /etc/ssh/sshd_config file. Add Ciphers, MACs and KexAlgorithms have been added

KexAlgorithms curve25519-sha256@libssh.org,ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256,diffie-hellman-group-exchange-sha256
Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr
MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,umac-128@openssh.com

After making changes to the configuration file, you may want to do a sanity check on the configuration file

# sshd -t

Restart sshd services

# systemctl restart sshd

To test if weak CBC Ciphers are enabled

$ ssh -vv -oCiphers=3des-cbc,aes128-cbc,aes192-cbc,aes256-cbc [youruserid@IP of your Server]

You should receive a aimilar message message

Unable to negotiate with 172.21.33.13 port 22: no matching cipher found. Their offer: chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr

References:

November 30, 2022 by kittycool only

Using SSLScan to determine supported cipers

SSLScan queries SSL services to determine the ciphers that are supported. This is a very useful tool if you wish to

SSLScan is designed to be easy, lean and fast. The output includes preferred ciphers of the SSL service, and the certificate and is in text and XML formats.

The Project Site and Installation can be found at https://github.com/rbsec/sslscan

I was checking my Windows Server,

$ sslscan --rdp x.x.x.x
Version: 2.0.15-static
OpenSSL 1.1.1t-dev  xx XXX xxxx

Connected to x.x.x.x

Testing SSL server x.x.x.x on port 3389 using SNI name x.x.x.x

SSL/TLS Protocols:
SSLv2     disabled
SSLv3     disabled
TLSv1.0   disabled
TLSv1.1   disabled
TLSv1.2   enabled
TLSv1.3   disabled

  TLS Fallback SCSV:
Server supports TLS Fallback SCSV

  TLS renegotiation:
Session renegotiation not supported

  TLS Compression:
Compression disabled

  Heartbleed:
TLSv1.2 not vulnerable to heartbleed

  Supported Server Cipher(s):
Preferred TLSv1.2  256 bits  ECDHE-RSA-AES256-GCM-SHA384   Curve 25519 DHE 253
Accepted  TLSv1.2  128 bits  ECDHE-RSA-AES128-GCM-SHA256   Curve 25519 DHE 253
.....
.....

You may want to scan by port level

$ sslscan x.x.x.x:8444

The Linux Cluster

Linux Cluster Blog is a collection of how-to and tutorials for Linux Cluster and Enterprise Linux

Author: kittycool only