2009/07/15
TheRegister: Supers get greener
by Timothy Prickett Morgan
The Top 500 ranking of the world's supercomputers, put out by a group of performance-loving nerds, came out a few weeks ago. Now a few efficiency-loving nerds have added power-consumption figures to the Top 500, resorted the list, and have created the Green 500 supercomputer ranking.
The pursuit of hundreds of teraflops and now tens of petaflops comes at a price, and that price includes power consumption and heat dissipation. Some supercomputer architectures are more power-efficient than others, as the Green 500 rankings clearly show.
The Top 500 list is compiled by Erich Strohmaier and Horst Simon of the Lawrence Berkeley National Laboratory, Jack Dongarra of the University of Tennessee, and Hans Meuer of the University of Manheim. The list has been published twice a year for nearly 17 years, and Dongarra has Linpack Fortran benchmark test results that were run on Jacquard looms back in the 19th century.
OK, I'm exaggerating. Slightly.
The Green 500 list is a much more recent development. Created by Wu-chun Feng and Kirk Cameron of Virginia Tech, this is the fifth ranking, but only the third one that has been made public.
The most efficient supercomputer on the Green 500 list is a fairly modest 2,016-core cluster based on IBM's PowerXCell 8i processors (in its QS22 blade servers) that employs InfiniBand to lash the server nodes together.
This machine, installed at the University of Warsaw's Interdisciplinary Centre for Mathematical and Computational Modeling, is rated at a modest 18.6 teraflops, but because it only burns 34.6 kilowatts of electricity, it comes in at 536.2 megaflops per watt. And that's thanks in large measure from its using the new 4GHz Cell chip all by itself instead of the 3.2GHz variant paired with dual-core Opteron processors, as do a number of other efficient supers.
Because Warsaw's Cell-based machine - which ranked number one in the November 2008 Green 500 list as well - is so small in terms of teraflops, it probably won't be on the November 2009 list of Top 500 supers, a fate that will drop it from the related Green 500 rankings.
It won't be the first to be so bumped. Three Cell-based machines installed at Spanish oil company Repsol YPF that once ranked at the top of the Green 500 list disappeared from the June 2009 ranking because they were only rated at 14 teraflops, but they delivered 530.33 megaflops per watt since they only burned 26.4 kilowatts of juice.
It looks like it's time for the Top 500 and Green 500 people to start building a larger list so that efficient machines don't get shaken out of the mix.
As was the case in the prior two Green 500 rankings, IBM's hybrid supers comprised of Opteron LS21 blades and QS22 Cell blades dominate the energy-efficient rankings, holding spots two through four.
Notably, IBM's "Roadrunner" hybrid Opteron-Cell super installed at Los Alamos National Laboratory, the first machine to break the one-petaflop barrier, is ranked number four on the Green 500 list, showing that Big Blue can build small machines that deliver good energy efficiency, then scale them up and still offer efficiency.
The Roadrunner box, which is rated at 1.1 sustained petaflops on the Linpack test, burns 2.5 megawatts of electricity for an efficiency of 444.9 megaflops per watt. The smaller Opteron-Cell clusters ranked above Roadrunner on the Green 500 list installed at IBM's own benchmarking center and at Los Alamos are rated at 458.3 megaflops per watt.
A whole bunch of BlueGene/P massively parallel clusters of various sizes and installed all over the world occupy slots six through 19 on the Green 500 list, with efficiencies that range from 364 to 371.7 megaflops per watt. The new iDataPlex machines from Big Blue (which have some attributes of blade and rack servers) hold some spots in the list at around 270 megaflops per watt.
The most interesting new machine on the Green 500 list is the Grape-DR cluster, which is a custom supercomputer based on a 256-core chip that was developed by the University of Tokyo, the National Astronomical Observatory of Japan, the Institute of Physical and Chemical Research, and telecom giant NTT.
The Grape-DR machine, which is installed at the observatory, is comprised of 8,192 Grape-DR chips running at a modest 330MHz and running CentOS Linux. Each, however, delivers 10.3 gigaflops of oomph, allowing the Grape-DR cluster to hit just under 22 teraflops with nearly 2.1 million cores.
The Grape-DR cluster, which is but the latest in a line of custom supers based on custom chips designed in Japan since 1992, only burns 51.2 kilowatts, allowing it to boast a rating of 428.9 megaflops per watt on the Green 500 ranking. Its number-five position slots it right between IBM's hybrid Opteron-Cell boxes and the wall of BlueGene/P machines.
The most efficient x64-only boxes on the list are based on Intel's new Xeon 5500 Nehalem EP processors, and include not only the IBM iDataPlex boxes but also a machine ranked at number 20 built by NEC for the University of Stuttgart, as well as two boxes built by Atipa for two different atomic labs in the States that almost certainly will be knocked from the list next time around if they're not upgraded.
Cray XT4 and XT5 and SGI Altix ICE parallel supers, as well as a mix of BlueGene and iDataPlex machines from IBM, dominate the top 100 on the Green 500 list, along with a smattering of clusters built from x64 servers from Dell, Sun Microsystems, and Fujitsu. There is not one HP machine in the top fifth of the Green 500 rankings.
Averaged across the entire Green 500 list, the researchers who put together this power ranking say that the efficiency of the machine increased by 10 per cent, from 98 to 108 megaflops per watt, since the November 2008 ranking, while the aggregate power of all the boxes on the list also increased by 15 per cent, from 200 to 230 megawatts.
The power bill is not going down so much as the performance levels are going up.
In the November 2008 Top 500 and Green 500 lists, the aggregate performance of the machines ranked was just under 17 petaflops, but in the June 2009 lists it rose to 22.6 petaflops. In general, Wu-chun and Cameron say that there are more machines above the 200 megaflops per watt threshold and fewer machines below the 50 megaflops per watt level. Moreover, quad-core and six-core processors are helping to boost the energy efficiency of clusters.
The absolute worst supercomputer on the Green 500 ranking is installed at an unnamed IT service provider that has six different blade server clusters based on various generations of x64 blade servers from HP. The cluster in question, which is ranked at 311 on the Top 500 supers list, has 8,192 Opteron cores using 2.4GHz dual-core Opterons and is rated at just over 21 teraflops. Unfortunately, the Green 500 power experts reckon that this box burns 1.6 megawatts of juice, giving it a rating of a hair over 13 megaflops per watt.
That's twice as bad in terms of energy efficiency as the Sun Tsubame Opteron blade cluster located at TiTech in Japan, which uses ClearSpeed co-processors to boost the number-crunching power, but which nonetheless ranks at an embarrassing 494 on the Green 500 list because it consumes 3.3 megawatts to deliver its 87 teraflops, for a rating of 26.4 megaflops per watt.
The Cray XT4 installed at the University of Edinburgh also ranked poorly in terms of energy efficiency, with the 54.65 teraflops Opteron cluster burning 2.6 megawatts of juice and delivering only 21 megaflops per watt. ®
InfoWorld: Firefox 3.5's first vulnerability 'self-inflicted,' says scientist
by Gregg Keizer
Mozilla yesterday confirmed the first security vulnerability in Firefox 3.5, and said the bug could be used to hijack a machine running the company's newest browser.
A noted Firefox contributor called the situation "self-inflicted," and said it was likely that the hacker who posted public exploit code Monday became aware of the flaw by rooting through Bugzilla, Mozilla's bug- and change-tracking database.
The vulnerability is in the TraceMonkey JavaScript engine that debuted with Firefox 3.5, said Mozilla. "[It] can be exploited by an attacker who tricks a victim into viewing a malicious Web page containing the exploit code," the company's security blog reported Tuesday.
Secunia, a Danish security company, rated the bug "highly critical," the second-highest threat ranking in its five-step system, and added that the vulnerability is in TraceMonkey's processing of JavaScript code handling "font" HTML tags.
Older versions of Firefox, including Firefox 3.0, are not vulnerable, according to a message posted by Asa Dotzler, Mozilla's director of community development, in a comment to the company's blog.
"Mozilla developers are working on a fix for this issue and a Firefox security update will be sent out as soon as the fix is completed and tested," said that same blog.
In lieu of a patch, users can protect themselves by disabling the "just-in-time" component of the TraceMonkey engine. To do that, users should enter "about:config" in Firefox's address bar, type "jit" in the filter box, then double-click the "javascript.options.jit.content" entry to set the value to "false." The popular NoScript add-on will also ward off attacks.
The hacker who published exploit code on the milw0rm.com malware site Monday was not the first to uncover the vulnerability: Mozilla developers first noted the flaw last Thursday, and were in the middle of working on it when the attack code appeared.
"Looking at the exploit code and our test cases, I think this is self-inflicted and we should have hidden the bug earlier," argued Andreas Gal on Bugzilla. Gal is a project scientist at the University of California, Irvine, where the technique called "trace trees" was developed. Firefox 3.5's TraceMonkey engine is based on that technique, and builds on code and ideas shared with the open-source Tamarin Tracing project.
Another contributor agreed. "It would seem that the milw0rm exploit code is based on the test cases for this bug," said someone identified only as "WD" in the same Bugzilla thread. "When you look at the crash details in a debugger, it's pretty clear that it's exploitable with a heap spray to the access violation address in question."
The fix has been slated for Firefox 3.5.1, a fast-track update originally scheduled to release in the last two weeks of this month.
That update will be accelerated to plug the just-gone-public hole, said Daniel Veditz, a security lead at Mozilla. "[The bug] was checked in yesterday, a few hours before we learned of the milw0rm posting," Veditz said Tuesday night in a comment on the Mozilla security blog. "This fix was going to be in the 3.5.x update we had scheduled for the end of July, but obviously now we have moved up the schedule for release."
CNet: Apache and the future of open-source licensing
by Matt Asay
If most developers contribute to open-source projects because they want to, rather than because they're forced to, why do we have the GNU General Public License?
That's the question that hit me last night as I tried to sleep in the shadow of Richard Stallman's MIT. Stallman, of course, originated the GPL, a brilliant way to turn copyright on its head in order to force software to remain open.
But in the process, did Stallman simply create an alternative way to release proprietary software?
I'm not trying to be cute here. Think about it. If you you want to maximize adoption and reuse of your software, why wouldn't you use Apache? Perhaps because you don't like the thought of someone using your free software in a proprietary product?
"I would actually rather nobody use my software than be in a situation where everyone is using my gear, and nobody is admitting it," wrote Zed Shaw, creator of a popular library and Web server for Rails called Mongrel.
Shaw, and perhaps other coders, have turned to the GPL as a way to protect their software from use they deem objectionable. But isn't this precisely what the proprietary software licenses do? The only difference is that the GPL forces code to be open, rather than closed.
Are the two approaches so very different? The effect - blocking undesirable use of one's software - is largely the same.
After 10 years in open source, I'm increasingly of the Apache-licensing persuasion because I'm starting to concur with open-source luminary Eric Raymond that "the GPL is unnecessary...(and) is also a confession of fear and weakness."
If I'm mostly concerned about adoption, Apache promises to be better than the GPL for all the reasons stated by Daniel Jalkut in his excellent ode to Apache.
And if I'm concerned about protection, then why not simply use a proprietary license--one that doesn't scare opposing legal counsel?
With the Web making open-source licensing largely irrelevant, anyway, it's a good time to evaluate the merits of the two dominant open-source-licensing approaches. For this moment in time, they're essentially equivalent, at least to end users and Web developers, neither of which is required to contribute back derivative works.
Indeed, I believe that one of the primary reasons that Linux, MySQL, Lucene, Hadoop, and other Web-oriented technologies have thrived in the past few years is that they have basically come legal-encumbrance-free.
Would Google have built its server infrastructure with Linux if it had been required to contribute all its software back? Almost certainly not. Yes, it has elected to contribute back to MySQL and others when it was advantageous to do so, but I think that Affero GPL, which translates the GPL's provisions to network-hosted software, would have effectively killed the utility of MySQL, Linux, and other open-source technologies for Web titans like Google, Facebook, and others.
In short, perhaps the best thing that could have happened to open source in the past few years is the increasing relevance of its code due to the decreasing relevance of its licensing. More adoption due to fewer controls.
Developers don't contribute to open-source projects out of force. They do so out of interest, desire for recognition, and other reasons. Once you take force out of the equation, the GPL loses its relevance except as a tool to protect against competition...which proprietary licensing perfected long ago.
For those who worry about the world being closed off behind proprietary licenses, it's not going to happen. The software world has been opening up, though not always at the pace some open-source advocates would prefer. On this point Tim O'Reilly has correctly argued:
If you close things off, eventually, you lose. This is why one of my slogans is, "Create more value than you capture." As long as people are doing that, I don't care whether they're trying to capture some value (through proprietary licensing).
In other words, people don't have to be forced into openness. It happens out of natural, selfish desires. Given the history of humanity, that's probably a more dependable basis for business strategy than an expectation of charitable donations through code contributions.
So, wither the GPL? I'm asking a sincere question to which I have hunches but no definitive answers. I'd love to hear your thoughts.
