On 06/21/2017 05:29 PM, Christopher Samuel wrote:
> On 21/06/17 22:39, John Hearns wrote:
>
>> I would speculate about single socket AMD systems, with a smaller form
>> facotr motherboard, maybe with onboard Infiniband. Put a lot of these
>> cards in a chassis and boot them disklessly and you get
On Wed, Jun 21, 2017 at 5:09 PM, Christopher Samuel
wrote:
> So yes, you are quite right, this (currently) doesn't seem like
> something you need to worry about with users own codes being copied onto
> the system or containers utilised through Shifter and Singularity which
> exist to disarm Docker
On 21/06/17 22:39, John Hearns wrote:
> I would speculate about single socket AMD systems, with a smaller form
> facotr motherboard, maybe with onboard Infiniband. Put a lot of these
> cards in a chassis and boot them disklessly and you get a good amoutn of
> compute power.
I thought it interest
On 22/06/17 06:54, mathog wrote:
> Most end user code would not need to be recompiled, since it does not
> run with privileges.
Ah, that's a very interesting point, the advisory doesn't explicitly
mention it but of course all the CVE's for applications (Exim, sudo, su,
at, etc) relate to to setui
On 22/06/17 01:55, Kilian Cavalotti wrote:
> Thanks for starting the discussion here.
Pleasure!
> We're pretty much in the same boat (no changes made yet), as:
> 1. we're still running some RHEL 6.x based clusters, with x < 9,
> meaning no patches for neither the kernel nor glibc,
Ah yes, that'
On 22/06/17 02:09, Kilian Cavalotti wrote:
> And when exploits are released, which Qualys said they will do, all
> hell will break loose, because the "skills" part will go away...
Qualsys exploits are PoC's, but apparently there are active exploits of
this out in the wild already (and possibly pr
On Wed, 21 Jun 2017 08:55:36 -0700 Kilian Cavalotti wrote
As far as I understand this, the real fix will be to recompile all of
your binaries using a properly working implementation of -fstack-check
in gcc (which doesn't exist yet). So in terms of timeline, that means
GCC needs to be fixed, syste
In addition to storage, if you use GPUs for compute, the single socket is
compelling. If you rely on the GPUs for the parallel processing, then the
CPUs are just for serial acceleration and handling I/O. A single socket
with 32 cores and 128 lanes of PCIe can handle up to eight GPUs with four
CPU c
On Wed, Jun 21, 2017 at 5:39 AM, John Hearns wrote:
> For a long time the 'sweet spot' for HPC has been the dual socket Xeons.
True, but why? I guess because there wasn't many other options, and in
the first days of multicore CPUs, it was the only way to have decent
local parallelism, even with Q
Sorry yeah I just read it and yeah that looks like a real pain. Glad I'm
not an admin :-)
Peter
On Wed, Jun 21, 2017 at 12:09 PM, Kilian Cavalotti <
kilian.cavalotti.w...@gmail.com> wrote:
> On Wed, Jun 21, 2017 at 8:59 AM, Peter St. John
> wrote:
> > I'd check to see that the vector of attack i
On Wed, Jun 21, 2017 at 8:59 AM, Peter St. John wrote:
> I'd check to see that the vector of attack is something that pertains to my
> system, before worrying to much about the vulnerability. Maybe the vector is
> the Preview Pane in Outlook, right?
I'm afraid the vector of attack is, given enoug
I'd check to see that the vector of attack is something that pertains to my
system, before worrying to much about the vulnerability. Maybe the vector
is the Preview Pane in Outlook, right?
Peter
On Wed, Jun 21, 2017 at 11:55 AM, Kilian Cavalotti <
kilian.cavalotti.w...@gmail.com> wrote:
> Hi Chri
Hi Chris,
Thanks for starting the discussion here.
We're pretty much in the same boat (no changes made yet), as:
1. we're still running some RHEL 6.x based clusters, with x < 9,
meaning no patches for neither the kernel nor glibc,
2. those kernel+glibc patches seem to just be "mitigations" and do
Yeah, they should make very sweet storage units (single socket sku).
Dual socket is also nice, as you'll have 64x lanes of fabric between
sockets, as well as 64 from each socket to peripherals.
I'd love to see the QPI contention issue just go away. This looks like
it pushes back the problem
The single socket versions make sense for storage boxes that can use RDMA.
You can have two EDR ports out the front using 16 lanes each. For the
storage, you can have 32-64 lanes internally or out the back for NVMe. You
even have enough lanes for two ports of HDR, when it is ready, and 48-64
lanes
https://www.theregister.co.uk/2017/06/20/amd_epyc_launch/
Interesting to see that these are being promoted as single socket systems.
For a long time the 'sweet spot' for HPC has been the dual socket Xeons.
I would speculate about single socket AMD systems, with a smaller form
facotr motherboard, m
16 matches
Mail list logo
