Abstract: Disclosed herein are systems and method for providing a File System (FS) without redundancy for one or more services. In one aspect, an exemplary method comprises, mounting a base image of microservices to a directory, for each of the one or more services, union-mounting a service image on top of the base image, identifying all dependencies associated with the service image, and creating one or more sub-directories for each dependency associated with the service image, for each identified dependency, creating a link between the dependency and the union-mounted service image and base image, and creating, one or more micro-services.

Abstract: Disclosed herein are systems and method for live migration of a guest OS, the method comprising: interrupting execution of the guest OS in the hypervisor on a source computing device, transferring a state of the guest OS from the hypervisor on the source computing device to a hypervisor on a target computing device, and resuming execution of the guest OS in the hypervisor on the target computing device without waiting for completion of pending I/O requests on the source, wherein the pending I/O requests are generated by the guest OS in the hypervisor on the source and have not been completed before the interruption of execution of the guest OS, and wherein after resuming execution of the guest OS, the guest OS in the hypervisor on the target computing device is allowed to generate new I/O requests without waiting for completion of pending I/O requests on the source computing device.

Abstract: The described system provides one or more processors and memory, coupled to the one or more processors, storing thereon a first OS kernel that receives a system call to access a second OS kernel function from a subsystem of the second OS retransmits the system call to one or more drivers of the first OS, support the subsystem. The system further comprises a subsystem of the second OS, comprising one or more user space components executing natively in a non-privileged mode of the one or more processors, a set of drivers associated with the second OS, the set of support components, and the one or more drivers of the first OS. The one or more drivers of the first OS receive the system call originating from the subsystem, wherein the system call is retransmitted by the first OS kernel and process the system call.

Abstract: A system and method is provided for intercepting and processing input/output of computer processes without requiring the restarting and/or recompiling of the connected processes. An exemplary method includes interrupting an execution of a first process by a CPU of a computing device having an operating system with a first file descriptor table that references the first process to a system resource and loading parasite code into an address space of the first process. The method further includes creating a communication channel between the first and second processes, updating a second file descriptor table for the second process so that the second file descriptor table includes an index references to the system resource and the communication channel, and updating the index reference in the first file descriptor table to reference the communication channel. Once the file descriptor tables have been updated the execution of the first process is restored.

Abstract: Method for partitioning environments includes instantiating a parent VEE under a host OS; opening a file system of the parent VEE for modification; inside the FS of the parent VEE, creating an image file of an Application Container; mounting a virtual disk that corresponds to the image file; mounting the Application Container file system inside the image file; defining boundaries of the Application Container; placing Application Container files inside the Application Container file system; and creating an interface between the parent VEE and the Application Container for exchanging data. The processes of the Application Container connect to processes of the parent VEE as if they were native host OS processes. The Application Container can only request data from the host OS through the interface of the parent VEE. The image file is protected from modification by the parent VEE. The processes of the Application Container are launched inside the boundaries.