Virtual Server-Hosting


The IT Center offers the possibility of renting servers in the form of virtual machines. The offer is an alternative to purchasing and operating customer-owned server hardware.

The IT Center takes responsibility for the setup and maintenance of the virtual machines (vm) and guarantees the availabitlity of these virtual hardware resources. The IT Center provides suitable user interfaces for the control of the vms (Power On / Power Off / Reset) and for the usage of installation media. The interfaces can be used from any location within the IP-networks of RWTH.

The operating system of the vms has to be installed and operated by the tenant and can be chosen freely after consultation with the IT Center. The tenant has complete access to the operating system and is liable for all the software installed on the virtual machine (including the operating system).

VMs can be ordered online via the IT-Shop. Current offers and prices can be found there.

Newsletter Server Hosting


The "Newsletter Server Hosting“ is intended to inform you about topics and news around the IT Center's services in the area of server hosting. The IT Center's newsletter is addressed to everyone known to us as customer, technical contact or user of the services "Virtual Server Hosting" and "Physical Server Hosting".

 

Störungsmeldungen


RWTH Störungsmeldungen
Störungsmeldungen für Dienste der RWTH Aachen

https://maintenance.rz.rwth-aachen.de/ticket/status/messages

News


Die Migrationen laufen.

Alle Informationen dazu finden Sie hier:

SDN für Virtual Serverhosting 2018

We would like to inform you regarding the security gap CVE-2018-3646 (foreshadow) that all measures to mitigate the gap have been implemented.

Unlike with Meltdown and Spectre, this security gap allows the tapping of data from foreign VM’s. An attacker can access L1 cache of the core CPU of the hypervisor from his VM and is able to read memory. If a foreign VM has memory within the same memory area of the core CPU, then it could be read by the attacker.

Two attack scenarios are distinguished.

  1. Sequential: One attacking VM accesses the L1 cache of the hypervisor which includes “cold“ data of a VM, but which is no longer active.
  2. Parallel: One attacking VM accesses the L1 cache of the hypervisor which includes other active VM‘s.

 

The following steps are to be implemented:

  1. vCenter Server Update to 6.0U3h
  2. All ESXi Hosts were patched. Microcode Updates were installed which mitigate the sequential gap.
  3. Analysis of hardware capacities of all ESXi Cluster in regards to Hyperthreading (HT) which can be turned off without performance loss / capacity bottleneck. Increase of hardware in those clusters, if necessary. HT must be deactivated in order to mitigate the parallel gap.
  4. In order to do so an analysis tool provided by VMWare was applied.  No capacity bottlenecks were registered.
  5. HT deactivated in all ESXi clusters.
  6. Hardware utilisation before and after HT switch-off is being monitored. No capacity bottlenecks were registered.

 

Further information regarding VMWare: https://kb.vmware.com/s/article/55806