Cloudflare Says Intel Is Not Inside Its Next-Gen Servers – Ice Lake

{* SERVERS *} Cloudflare says Intel is not inside its next-gen servers – Ice Lake melted its energy budget 64-core AMD Epycs win again as upgrade delivers performance boost without slurping more 'leccy

Simon Sharwood, APAC Editor 15 Wed 1 Sep 2021 // 06:03 UTC

Internet-grooming company Cloudflare has revealed that it was unable to put Intel inside its new home-brew servers, because they just used too much energy.

A Tuesday post by platform operations engineer Chris Howells reveals that Cloudflare has been working on designs for an eleventh-generation server since mid-2020.

"We evaluated Intel's latest generation of 'Ice Lake' Xeon processors," Howells wrote. "Although Intel's chips were able to compete with AMD in terms of raw performance, the power consumption was several hundred watts higher per server – that's enormous."

Fatally enormous – Cloudflare's evaluation saw it adopt AMD's 64-core Epyc 7713 for the servers it deploys to over 200 edge locations around the world.

Power savings also influenced a decision to go from three disks to two in the new design. A pair of 1.92TB Samsung drives replaced the three of the Korean giant's 960GB units found in previous designs. The net gain was a terabyte of capacity, and six fewer watts of power consumption. Howellls's post also reveals that testing produced data showing that equipping its servers with 512GB of RAM did not produce enough of a performance boost to justify the expense. The company has therefore settled on 384GB of memory, but did jump from DDR4-2933 to DDR4-3200 as the slight cost increase delivered a justifiable performance boost.

• It's time to decentralize the internet, again: What was distributed is now centralized by Google, Facebook, etc

• Don't rush to adopt QUIC – it's a slog to make it faster than TCP • Cloudflare slams AWS egress fees to convince web giant to join its discount data club

Cloudflare stuck with Mellanox ConnectX-4 dual-port 25G Ethernet adapters.

"We investigated higher-speed Ethernet, but we do not currently see this as beneficial," Howells wrote. That's not a brickbat for fast Ethernet, but a decision made possible by Cloudflare's highly distributed architecture that removes the need for higher speeds and the higher cost of faster kit.

One change in the new servers is the use of OpenBMC to deploy firmware.

"With access to the source code, we have been able to configure BMC features such as the fan PID controller, having BIOS POST codes recorded and accessible, and managing networking ports and devices," Howells wrote.

"Whilst our current BMC is an industry standard, we feel that OpenBMC better suits our needs and gives us advantages such as allowing us to deal with upstream security issues without a dependency on our vendors. "Some opportunities with security include integration of desired authentication modules, usage of specific software packages, staying up to date with the latest Linux kernel, and controlling a variety of attack vectors."

Howells rated Cloudflare's new servers as a refinement, rather than the "enormous" change between its ninth- and tenth-generation boxes that saw it go from dual-socket Intel servers to single-socket AMDs.

But the refinement delivered a huge payoff: the ability to handle "approximately 29 per cent more requests than generation ten without an increase in power consumption".

Howells's post states that Ampere's Arm servers also made its shortlist for eleventh-gen servers, and promised to reveal details of those designs in a future post.

He also wrote that he and Cloudflare value ongoing competition between AMD and Intel, "and we look forward to seeing how Intel's next generation shapes up".

Intel claims that new generation – named Sapphire Rapids – delivers a generational jump in performance and efficiency. Cloudflare's decision to go with AMD shows it needs to. ®

SHARE 15 Comments

MORE Amd Intel Cloudflare

Corrections Send us news

Imaginary numbers help AIs solve the very real problem of adversarial imagery Duke University boffins figure out a way to boost the security of recognition networks Gareth Halfacree Thu 2 Sep 2021 // 08:32 UTC

Boffins from Duke University say they have figured out a way to help protect artificial intelligences from adversarial image-modification attacks: by throwing a few imaginary numbers their way.

Computer vision systems which recognise objects are at the heart of a whole swathe of shiny new technologies, from automated shops to robotaxis. Increasingly broad deployment makes them increasingly of interest to ne'er-do-wells - and attacks like AMpLe Poltergeist show how they can be fooled with potentially deadly results.

"We're already seeing machine learning algorithms being put to use in the real world that are making real decisions in areas like vehicle autonomy and facial recognition," said Eric Yeats, a doctoral student at Duke University, following the presentation of his team's work at the 38th International Conference on Machine Learning. "We need to think of ways to ensure that these algorithms are reliable to make sure they can't cause any problems or hurt anyone."

CONTINUE READING AWS Tokyo outage takes down banks, share traders, and telcos Six-hour slump for Direct Connect caused by 'loss of networking devices' – we'll assume that means they broke, not that they fell behind a couch Simon Sharwood, APAC Editor Thu 2 Sep 2021 // 07:55 UTC

The AP-NORTHEAST-1 region of Amazon Web Services, located in Tokyo, has endured six hours of sub-optimal performance.

The cloud colossus's status report states that AWS Direct Connect hybrid cloud networking service had trouble connecting to resources in the region due to "failures in core networking devices".

As of 15:30pm Pacific Time on September 1st — 7:30am in Tokyo — AWS said it was working to restore the services.

Low code? No problem… just dodge these pitfalls This ebook that helps you avoid common mistakes as you embrace low- code David Gordon Thu 2 Sep 2021 // 07:30 UTC

SPONSORED The low code movement offers some tantalizing benefits for businesses that must deliver ever more software, even as their existing development teams become ever more stretched. With development expertise in short supply, who wouldn’t consider an approach that promises to help leverage your team’s existing resources and get your code crunchers and business types working together in perfect harmony.

Done right, low code can help you produce full-strength applications at ten or more times the speed of traditional environments, where deep experts in code are often siloed off from the very business units they’re supposed to be helping.

Of course, not all low code platforms are created equal, and every business is different. But there are some common pitfalls that every organisation faces, and you can get a rundown on these, and strategies to circumvent them, in this handy ebook courtesy of our friends at Appian.

Arm dismisses suggestion its Chinese JV has staged a 'heist' Remains worried about rogue CEO, but is unconcerned about China JV striking out in new directions Simon Sharwood, APAC Editor Thu 2 Sep 2021 // 06:59 UTC 1

Arm Ltd has dismissed an analyst's opinion that its Chinese joint venture has conducted a "heist" that has damaged the chip design firm's prospects in China.

The heist allegation appeared in a post by Dylan Patel, chief analyst at an outfit named SemiAnalysis. The post is titled "The Semiconductor Heist Of The Century | Arm China Has Gone Completely Rogue, Operating As An Independent Company With Inhouse IP/R&D".

The post revisits the odd situation at Arm China – known locally as An MouTechnology – which in June 2020 fired CEO Allen Wu.

Google is designing its own Arm-based processors for 2023 Chromebooks – report Why not if you've got the money for it? Katyanna Quach Thu 2 Sep 2021 // 06:27 UTC 4

Google is reportedly designing its own Arm-based system-on-chips for Chromebook laptops and tablets to be launched in 2023.

The internet search giant appears to be following the same path as Apple by developing its own line of processors for client devices, according to Nikkei Asia.

Google earlier said its latest Pixel 6 and Pixel 6 Pro Android smartphones will be powered by a homegrown system-on-chip named Tensor. This component will be made up of CPUs and GPU cores licensed from other designers as well as Google’s own AI acceleration engine to boost machine-learning-based features, such as image processing and speech recognition.

Can we talk about Kevin McCarthy promising revenge if Big Tech aids probe into January insurrection? 'A Republican majority will not forget'

Iain Thomson in San Francisco Thu 2 Sep 2021 // 05:31 UTC 15

The Republican minority leader of the US House of Representatives this week issued a very public threat to cellphone networks and social media giants that were asked to cooperate with a congressional investigation into the storming of the Capitol in January.

Kevin McCarthy (R-CA) warned "a Republican majority will not forget" if the corporations participate as asked in the probe, which is being conducted by a Democratic-led House select committee.

That panel of lawmakers asked 35 companies, including Facebook, Google, Microsoft, Twitter and Signal, plus Verizon Wireless, AT&T, Sprint and T-Mobile US, to preserve their records of certain users' phone and computer activities between April 1, 2020, to January 31, 2021.

Dissected: A dropper-as-a-service miscreants pay to push their malware onto potentially 1,000s of victims Sophos gazes into the abyss Gareth Corfield Thu 2 Sep 2021 // 04:27 UTC 3

A dropper-as-a-service, which cyber-crime newbies can use to easily get their malware onto thousands of victims' PCs, has been dissected and documented this week.

A dropper is a program that, when run, executes a payload of malicious code. The dropper is similar to a trojan, and it can sometimes have other functionality, but its main purpose is to get malware – which could be fetched from the internet, or unpacked from data within the dropper – running on a victim's computer.

With a dropper-as-a-service (DaaS), a customer pays to have their malware distributed to these computers via droppers. The DaaS typically uses a network of websites to deliver droppers onto victims' PCs that when run install and execute the customer's malware. The droppers could be disguised as legit or cracked applications that netizens are tricked into running. These sorts of operations have been around for a long while, though it doesn't hurt to keep up to date with what's out there right now.

Apple to let reader apps steer users towards out- of-App-Store purchasing following Japanese watchdog probe Regulator says it's happy book, music, newspaper programs can now whisper of the universe beyond the iOS walled garden

Simon Sharwood, APAC Editor Thu 2 Sep 2021 // 02:14 UTC 1

UPDATED Apple has said it will make a small but important change to its App Store worldwide after Japan's Fair Trade Commission (JFTC) stuck a probe into the US giant's treatment of so-called reader apps.

Specifically, the iPhone goliath will, from early next year, allow these applications to "include an in-app link to their web site for users to set up or manage an account". And by these applications, we mean apps that offer digital magazines, newspapers, books, audio, music, and video that can be purchased or subscribed.

Apple will also "help developers of reader apps protect users when they link them to an external website to make purchases". CONTINUE READING

NASA tests flying taxis made by biz dreaming of being the Uber of the sky Joby hopes to push its ambitious service live in 2024 Katyanna Quach Thu 2 Sep 2021 // 00:46 UTC 4

NASA is testing electric flying cars for a business that wants to launch a commercial air taxi service in 2024.

Joby Aviation, founded in 2009, builds all-electric vertical takeoff and landing (eVTOL) aircraft that it hopes will eventually each shuttle up to four passengers and a pilot at a time from A to B in the sky.

Joby last year acquired Uber Elevate from Uber that, as the name suggests, specializes in "aerial ridesharing." Joby's goal is to not only make the aircraft but also build an app that can be used to arrange eVTOL flights perhaps as easy as requesting a driver for the road.

Fired credit union employee admits: I wiped 21GB of files from company's shared drive in retaliation Access should have been revoked ... but wasn't, court told Thomas Claburn in San Francisco Wed 1 Sep 2021 // 23:34 UTC 14

On Tuesday, a woman from Brooklyn, New York, pleaded guilty to destroying computer data at an unidentified credit union from which she had recently been fired.

Juliana Barile, 35, according to charges filed by the US Attorney's Office in the Eastern District of New York [PDF], was working remotely at the credit union on a part-time basis when she was terminated on May 19, 2021. An employee from the credit union is said to have asked the firm's IT department to disable Barile's system access but that didn't happen.

Two days later, Barile logged into the credit union's file server and, over the next 40 minutes, trashed it.

HPE bags $2bn HPC-as-a-service gig with the NSA Ten-year agreement kicks off in 2022 to help spies do spying Paul Kunert Wed 1 Sep 2021 // 22:31 UTC 1

Hewlett Packard Enterprise has scored a $2bn contract with the US National Security Agency to provide the cyber-spies a high-performance- computing-as-a-service via the tech biz's GreenLake platform. Under the deal, HPE will fully host and manage the service over a ten- year period. The HPC service is intended to allow the NSA to “harness” AI and data to create insights, the company said.

“Implementing artificial intelligence, machine learning and analytics capabilities on massive sets of data increasingly require High Performance Computing systems,” said Justin Hotard, HPE senior veep and GM of HPC and Mission Critical Computing.

ABOUT US