
Clusterfuck
Techies are scratching their heads after Red Hat pulled a CPU microcode update that was supposed to mitigate variant two of the Spectre design flaw in Intel and AMD processors. This U-turn follows VMware, Lenovo, and other vendors, stalling on rolling out microcode patches after Intel admitted its firmware caused systems to …
Very clusterfuck.
I've seen similair thing with VMWare ESXi Hypervisor. Last week they issued a patch supposedly to cover Spectre/Meltdown. This week they recalled the patch saying it contained vulnerable microcode from Intel.
Similair pattern with vendors presumably unable to solve very complex issue quickly without Intel getting their own shit together first.
This post has been deleted by its author
Exactly this. VMWare have pulled patches (https://kb.vmware.com/s/article/52345 ), as have Lenovo (https://support.lenovo.com/gb/en/solutions/len-18282 ), due to the bug in Intel's microcode fix. I'm not sure why the article suggests this is anything else.
Why stop with getting rid of systemd? How about getting rid of multithreading/multiprocessing altogether? That would have avoided all these spectre/meltdown type bugs and would provide a more genuine 70s-era feel than going back to init.d could ever hope to do.
cs9, I'm all for change. Change is good. But only when that change is actually good. Look a the source for init, and think about what, exactly, this little bit of code actually does. It's really quite simple and elegant. You can read it for yourself, it's not all that difficult to understand. One tiny little thing that does one job, and does it well. It's almost a poster child for what un*x code is all about.
Then I look at the grossly overweight (and growing by leaps and bounds!) clusterfuck called systemd, with all it's bells and whistles and unnecessary hangers-on, with more getting press-ganged into it on a regular basis with no rhyme or reason ... and I just say no. It's an accident waiting to happen. I want nothing to do with that kind of sloppy shit anywhere near my PID1.
You think you had it bad? Our old vCenter Server wouldn't take a bloody upgrade, so I've been running around like a madman deploying a new one and cutting over the hosts out-of-hours so that I can install a later version of ESXi without losing management of the host.
All of the pissing about trying to get the vCenter Server VM onto the vDS without it falling over. All of the hassle cutting the hosts from the old vDS to the new one (shutdown, reconfigure network, restart each one). Then Veeam has (understandably) decided that these are all new VMs and have nothing to do with the existing backups, so our backups have suddenly exploded in size. Some of the backups were still running into working hours the other day as it tried to catch up. now VMware's Update Server wants to remediate all the VMs with a new version of VMware Tools, so cue another bout of updates...
All I wanted was a nice simple patch for an old version of ESXi. Actually, ignore that. All I wanted is for vCenter to actually accept the update that I've tried putting on it a dozen times... So yeah, I've put in a lot of hours over the last couple of weeks, I'm tired, and it'd better bloody not be all for naught. :-/
I had to rebuild a vcenter server last year due to OS corruption in windows. Database for vmware lives on separate linux host with oracle. Used same vcenter version but the process itself was straight forward(reinstall and connect hosts). No complications. No issues with VDS or anything else. I spent a lot of time trying to repair main vcenter since i was quite paranoid about rebuilding it live(never had to do it before ). But once i gave up on that the process took just a few hrs.
External DB was probably the way to go, and it's something we've discussed from time to time, but it's not all that big a deployment and we wanted to keep it simple, so we did the nasty SQL Express onboard job.
I'm not sure I'd be terribly comfortable having the database on a separate SQL server in case of trouble. But I guess if I deployed a pair of vCenter Servers talking to the same database on an Availability Group then the odds of something breaking hard enough to shut the lot down are pretty slim.
On the plus side, two of our sites are on Hyper-V, so it was relatively simple to get them up to speed. This third site is 5 timezones away, so we can get at least an hour and a half of clear patching time before even the most enthusiastic of users arrive.
With vCentre, ESXi patches, hardware firmware updates all before guest hardware updates and OS patches now required to implement the fixes it has become a monumental process from what started out as just an OS patch now known to be flaky and break many key applications (anyone brave enoght to patch SAP servers yet?) and no microcode.
Given they had 6 months to sort this out I would have hoped they could have got it all together and presented as one unified here's your plan and what you need to do, rather than drip feed patches and keep changing their minds as to what actually needs to be done and by whom.
Complete balls up by the the whole industry that really needs to get its shit together and realise they only exist because of their customers.
"A senior techie who spoke to us on condition of anonymity".
He wants to be anonymous because he's embarrassed, any senior should know this. The answer is very simple. There is just 1 way to mitigate Spectre variant 2. You need new instructions added to the CPU, that the OS will then invoke when appropriate. These new instructions are added with a CPU microcode update. The update doesn't "stick" to the CPU, so each time the system is rebooted, the microcode update needs to be re-applied again. Linux already offers a way to load new microcode each time the OS boots, Windows DOES NOT. So, what do you do for Windows? You need a BIOS update. The BIOS update re-applies the microcode update each time the system is restarted, pretty much the same time Linux already does. So there you go, Windows needs a BIOS update because Microsoft is too lazy to implement microcode loading in the OS. If you have a Linux system and did the BIOS update, you don't need the OS microcode update. If you run Linux and absolutely want the microcode update, you need to download the file from Intel's website and put it in the right place. Otherwise just sit back and relax, there are no exploits right now, so no hurry people ;-)
>So there you go, Windows needs a BIOS update because Microsoft is too lazy to implement microcode loading in the OS. If you have a Linux system and did the BIOS update, you don't need the OS microcode update.<
I don't know what you thought you meant, because you haven't explained it very well. Windows does do microcode updates, and has for years.
The Linux Foundation wants to make data processing units (DPUs) easier to deploy, with the launch of the Open Programmable Infrastructure (OPI) project this week.
The program has already garnered support from several leading chipmakers, systems builders, and software vendors – Nvidia, Intel, Marvell, F5, Keysight, Dell Tech, and Red Hat to name a few – and promises to build an open ecosystem of common software frameworks that can run on any DPU or smartNIC.
SmartNICs, DPUs, IPUs – whatever you prefer to call them – have been used in cloud and hyperscale datacenters for years now. The devices typically feature onboard networking in a PCIe card form factor and are designed to offload and accelerate I/O-intensive processes and virtualization functions that would otherwise consume valuable host CPU resources.
By now, you likely know the story: Intel made major manufacturing missteps over the past several years, giving rivals like AMD a major advantage, and now the x86 giant is in the midst of an ambitious five-year plan to regain its chip-making mojo.
This week, Intel is expected to detail just how it's going to make chips in the near future that are faster, less costly and more reliable from a manufacturing standpoint at the 2022 IEEE Symposium on VLSI Technology and Circuits, which begins on Monday. The Register and other media outlets were given a sneak peek in a briefing last week.
The details surround Intel 4, the manufacturing node previously known as the chipmaker's 7nm process. Intel plans to use the node for products entering the market next year, which includes the compute tiles for the Meteor Lake CPUs for PCs and the Granite Rapids server chips.
Intel has found a new way to voice its displeasure over Congress' inability to pass $52 billion in subsidies to expand US semiconductor manufacturing: withholding a planned groundbreaking ceremony for its $20 billion fab mega-site in Ohio that stands to benefit from the federal funding.
The Wall Street Journal reported that Intel was tentatively scheduled to hold a groundbreaking ceremony for the Ohio manufacturing site with state and federal bigwigs on July 22. But, in an email seen by the newspaper, the x86 giant told officials Wednesday it was indefinitely delaying the festivities "due in part to uncertainty around" the stalled Creating Helpful Incentives to Produce Semiconductors (CHIPS) for America Act.
That proposed law authorizes the aforementioned subsidies for Intel and others, and so its delay is holding back funding for the chipmakers.
Having successfully appealed Europe's €1.06bn ($1.2bn) antitrust fine, Intel now wants €593m ($623.5m) in interest charges.
In January, after years of contesting the fine, the x86 chip giant finally overturned the penalty, and was told it didn't have to pay up after all. The US tech titan isn't stopping there, however, and now says it is effectively seeking damages for being screwed around by Brussels.
According to official documents [PDF] published on Monday, Intel has gone to the EU General Court for “payment of compensation and consequential interest for the damage sustained because of the European Commissions refusal to pay Intel default interest."
Updated Intel has said its first discrete Arc desktop GPUs will, as planned, go on sale this month. But only in China.
The x86 giant's foray into discrete graphics processors has been difficult. Intel has baked 2D and 3D acceleration into its chipsets for years but watched as AMD and Nvidia swept the market with more powerful discrete GPU cards.
Intel announced it would offer discrete GPUs of its own in 2018 and promised shipments would start in 2020. But it was not until 2021 that Intel launched the Arc brand for its GPU efforts and promised discrete graphics silicon for desktops and laptops would appear in Q1 2022.
AMD's processors have come out on top in terms of cloud CPU performance across AWS, Microsoft Azure, and Google Cloud Platform, according to a recently published study.
The multi-core x86-64 microprocessors Milan and Rome and beat Intel Cascade Lake and Ice Lake instances in tests of performance in the three most popular cloud providers, research from database company CockroachDB found.
Using the CoreMark version 1.0 benchmark – which can be limited to run on a single vCPU or execute workloads on multiple vCPUs – the researchers showed AMD's Milan processors outperformed those of Intel in many cases, and at worst statistically tied with Intel's latest-gen Ice Lake processors across both the OLTP and CPU benchmarks.
A drought of AMD's latest Threadripper workstation processors is finally coming to an end for PC makers who faced shortages earlier this year all while Hong Kong giant Lenovo enjoyed an exclusive supply of the chips.
AMD announced on Monday it will expand availability of its Ryzen Threadripper Pro 5000 CPUs to "leading" system integrators in July and to DIY builders through retailers later this year. This announcement came nearly two weeks after Dell announced it would release a workstation with Threadripper Pro 5000 in the summer.
The coming wave of Threadripper Pro 5000 workstations will mark an end to the exclusivity window Lenovo had with the high-performance chips since they launched in April.
Patch Tuesday Microsoft claims to have finally fixed the Follina zero-day flaw in Windows as part of its June Patch Tuesday batch, which included security updates to address 55 vulnerabilities.
Follina, eventually acknowledged by Redmond in a security advisory last month, is the most significant of the bunch as it has already been exploited in the wild.
Criminals and snoops can abuse the remote code execution (RCE) bug, tracked as CVE-2022-30190, by crafting a file, such as a Word document, so that when opened it calls out to the Microsoft Windows Support Diagnostic Tool, which is then exploited to run malicious code, such spyware and ransomware. Disabling macros in, say, Word won't stop this from happening.
The European Commission's competition enforcer is being handed another defeat, with the EU General Court nullifying a $1.04 billion (€997 million) antitrust fine against Qualcomm.
The decision to reverse the fine is directed at the body's competition team, headed by Danish politico Margrethe Vestager, which the General Court said made "a number of procedural irregularities [which] affected Qualcomm's rights of defense and invalidate the Commission's analysis" of Qualcomm's conduct.
At issue in the original case was a series of payments Qualcomm made to Apple between 2011 and 2016, which the competition enforcer had claimed were made in order to guarantee the iPhone maker exclusively used Qualcomm chips.
Lenovo has unveiled a small desktop workstation in a new physical format that's smaller than previous compact designs, but which it claims still has the type of performance professional users require.
Available from the end of this month, the ThinkStation P360 Ultra comes in a chassis that is less than 4 liters in total volume, but packs in 12th Gen Intel Core processors – that's the latest Alder Lake generation with up to 16 cores, but not the Xeon chips that we would expect to see in a workstation – and an Nvidia RTX A5000 GPU.
Other specifications include up to 128GB of DDR5 memory, two PCIe 4.0 slots, up to 8TB of storage using plug-in M.2 cards, plus dual Ethernet and Thunderbolt 4 ports, and support for up to eight displays, the latter of which will please many professional users. Pricing is expected to start at $1,299 in the US.
Biting the hand that feeds IT © 1998–2022