News – Swedish Science Cloud

EAST-1 will be offline on October 4-5 due to energy system maintenance

The Ångström laboratory houses the UPPMAX compute hall, and the property manager, Akademiska Hus, will be performing work on the cooling system during 2023 as part of an energy-saving project called “Project Bläckfisken.” Project Bläckfisken is a modernization project in which Akademiska Hus is constructing an energy system that allows for the transfer of heat and cooling between different building structures, catering to specific needs. As part of this energy system, the UPPMAX compute hall will contribute heat during the winter months. To facilitate this process, Akademiska Hus kindly requests a 48-hour power-down period for the compute hall between October 4 and 5. During this time, all systems, including the Swedish Science Cloud (SSC) East-1 region, will be temporarily unavailable.

We apologize for any inconvenience this may cause and appreciate your understanding as we aim to inform you well in advance.

Upgrading the WEST-1 region of Swedish Science Cloud in September

In Semptember we will begin upgrading the WEST-1 region hosted by Chalmers e-Commons to the latest version of OpenStack and also add some new hardware.

This will improve the capacity and funktionality of the WEST-1 region.

Unfortunately, it also means that the WEST-1 region will be down and unavialable for some time this fall and eveyting that any data currently stored there will be removed.

If you are currently using WEST-1 you must make sure to:

Backup your data.
Move your workloads and data from WEST-1 to either EAST-1 or NORTH-1.

If you have any questions or if you need assistance, do not hesitate to contact support@cloud.snic.se and we will help you.

Shutdown of all systems on 2 february at 07:00 CET

The UPPMAX compute hall hosting EAST-1 will be partially shutdown during 2 February between 07:00 – 11:00 CET as Akademiska Hus performs work on the cooling circuit. The shutdown has been planned to coincide with our February maintenance day. We will try to provide some level of access but expect all compute capability to be unavailable until the work is completed.

If you have any questions please contact us at support@uppmax.uu.se.

Best regards, UPPMAX

Serious vulnerability in pwnkit (CVE-2021-4034)

Pwnkit is installed by default in most linux distributions, there is no permanent fix yet but there is a workaround, you can remove the suid bit from the binary using chmod 0755 /usr/bin/pkexec and that will make it impossible to exploit this bug.

Pkexec is installed by default on all major Linux distributions.
Pkexec has been vulnerable since its creation in May 2009.
Any unprivileged local user can exploit this vulnerability to get full root privileges.

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4034

Serious vulnerability in sudo (CVE-2021-3156)

Make sure to install the latest security updates in your instances to fix a Serious vulnerability in sudo (CVE-2021-3156) that will let any user run any command as root without entering a password.

In combination with other less severe security exploits this can in some cases be used to compromise your instances remotely.

From Pilot to Production

As SNIC Science Cloud has gone from a pilot to a production resource, the pilot regions in the cloud will be replaced new regions with production hardware.

The region at C3SE has already been replaced by the new WEST-1 region; running OpenStack Rocky on new hardware.

The other pilot cloud-regions at UPPMAX and HPC2N will soon be replaced with the EAST-1 and NORTH-1 regions.

If you are starting up new projects in the cloud we suggest that you use the WEST-1 region for now until the other regions becomes available, because otherwise you will have to migrate your workload to the new regions soon.

New hardware in the C3SE region

Final acceptance testing is currently ongoing, more information about the new hardware can be found here https://www.c3se.chalmers.se/about/SSC/ . The upgrade also updates Openstack to the Rocky release, more information regarding Rocky can be found here https://www.openstack.org/software/rocky/

The support will be closed during the holy days.

During the holy days we will not respond to support tickets and we will also have reduced support capacity in the days between and following the holy days.

We apologize for any inconvenience that this might cause.

Important Security Announcement

Due to the latest security flaws in Intel CPU:s, users of SNIC Science Cloud must patch all instances to the latest kernel as soon as possible.

If you are running a Debian or Ubuntu instance run:
apt-get update apt-get upgrade
If you are running a CentOS instance run:
yum update

Scheduled downtime for the HPC2N region of SSC – 3/9 2018

One of the central network switches in the storage-infrastructure will be replaced due to a failed fan and to do this we must shut down all running instances in the HPC2N region on 3/9 2018 between 08:00 and 12:00.

This will only effect the HPC2N region and will not have any impact on instances running in the other SSC regions.

However login via the web dashboard to the other regions will not work during this maintenance period.