We have avoided the need for other reboots over the last year by using the Xen livepatching functionality to update running code. Because this specific new flaw requires the application of updated microcode at boot-time, and because its Xen code updates cannot be patched into a running system, that was not possible in this case. We plan to continue avoiding reboots on our end as much as possible in the future.
As part of the fix for Foreshadow/L1TF, we are also being forced to disable hyperthreading (SMT) globally for our machines. This means that customer virtual cores can no longer be assigned to exclusive hyperthreaded cores. However, our systems have such low overall CPU usage that customer VDSes with heavy CPU usage on specific virtual cores usually have them assigned to physical cores with very light-usage neighbor threads by the Xen scheduler already, essentially turning virtual cores into full physical cores. As a result, we expect (and have so far observed) minimal, if any, performance impact from the switch away from SMT. If you do notice reduced performance after the maintenance or see unusual CPU usage on your VDS (now also visible through newly-added CPU usage graphs on the "Server usage" page), please contact us, and we can explore a possible move to a different physical machine.
Thursday, September 13, 2018
Powered by WHMCompleteSolution
