Abstract: In one set of embodiments, a computer system can receive a request to provision a virtual machine (VM) in a host cluster, where the VM is associated with a virtual graphics processing unit (GPU) profile indicating a desired or required framebuffer memory size of a virtual GPU of the VM. In response, the computer system can execute an algorithm that identifies, from among a plurality of physical GPUs installed in the host cluster, a physical GPU on which the VM may be placed, where the identified physical GPU has sufficient free framebuffer memory to accommodate the desired or required framebuffer memory size, and where the algorithm allows multiple VMs associated with different virtual GPU profiles to be placed on a single physical GPU in the plurality of physical GPUs. The computer system can then place the VM on the identified physical GPU.

Abstract: A method to offload network function packet processing from a virtual machine onto an offload destination is disclosed. In an embodiment, a method comprises: defining an application programing interface (“API”) for capturing, in a packet processor offload, a network function packet processing for a data flow by specifying how to perform the network function packet processing on data packets that belong to the data flow. Based on capabilities of the packet processor offload and available resources, a packet processing offload destination is selected. Based at least on the API, the packet processor offload for the packet processing offload destination is generated. The packet processor offload is downloaded to the packet processing offload destination to configure the packet processing offload destination to provide the network function packet processing on the data packets that belong to the data flow. The packet processing offload destination is a PNIC or a hypervisor.

Abstract: Some embodiments of the invention provide a new networking data path framework that employs one or more dedicated kernel threads to process network traffic on a host computer executing multiple machines (such as virtual machines or containers). This new framework is referred to as an Enhanced Networking Stack (ENS) in this document. In some embodiments, the dedicated kernel threads execute on dedicated CPU cores (e.g., one kernel thread per CPU core) to proactively poll physical NICs (PNICs) of the host computer and virtual NICs (VNICs) of the machines (e.g., VMs), and to perform packet processing operations on packets received by the host and packets transmitted by the machines. In some embodiments, each PNIC or VNIC is associated with one dedicated kernel thread, in order to avoid synchronization issues between the kernel threads.

Abstract: An example method of managing exclusive affinity for threads executing in a virtualized computing system includes: determining, by an exclusive affinity monitor executing in a hypervisor of the virtualized computing system, a set of threads eligible for exclusive affinity; determining, by the exclusive affinity monitor, for each thread in the set of threads, impact on performance of the threads for granting each thread exclusive affinity; and granting, for each thread of the set of threads having an impact on performance of the threads less than a threshold, exclusive affinity to respective physical central processing units (PCPUs) of the virtualized computing system.

Abstract: The method for a virtual machine to use a port and loopback IP addresses allocation scheme for full-mesh communications with transparent transport layer security tunnels is presented. In an embodiment, the method comprises detecting, at a redirect agent implemented in a first machine, a packet that is sent from a client application executing on the first machine toward a server application executing on a second machine; and determining, by the redirect agent, whether a first redirect rule matches the packet. In response to determining that the first redirect rule matches the packet, the redirect agent applies the first redirect rule to the packet to translate the packet into a translated packet, and provides the translated packet to a client agent implemented in the first machine to cause the client agent to transmit the translated packet to a server agent implemented in the second machine.

Abstract: Disclosed are various approaches for workflow service application searching. In some aspects, a search query is entered through a search element of a workflow application on a client device. A request is transmitted from a workflow application to a workflow service, to search within an application based on the search query. Application content corresponding to the search query and the application is received from the workflow service. A search result is provided based on the application content and without opening the application on the client device.

Abstract: The disclosure provides an approach for seamless hand-off of data traffic in public cloud environments. Techniques are provided for activating an edge services gateway (ESG) virtual computing instance (VCI) on a new host. Prior to activating the ESG VCI on the new host, an underlay routing table is reprogrammed to associate a first IP address of a first tunnel endpoint (TEP) with a first network interface of an old host and to associate a second IP address of a second TEP with a second network interface of the new host. The routing table associates a third IP address of the ESG VCI with the first network interface. After activating the ESG VCI, a packet having as a destination address the third IP address is received at the first network interface and is encapsulated, by the first TEP, with an outer header having as a destination address the second IP address.

Abstract: Some embodiments provide a method for providing a resource to a particular virtual private cloud that is deployed in a set of datacenters that host multiple virtual private clouds. At a resource issuer, the method receives a resource request from a particular machine deployed in the particular virtual private cloud, the resource request including a first set of cloud-specific data. The method obtains a cloud identifier for the particular machine from a registry service of the particular virtual private cloud that interacts with a datacenter-set cloud service that deploys machines in the datacenter set for different virtual private clouds. The method uses the obtained cloud identifier to obtain a second set of cloud-specific data for the particular machine from the datacenter-set cloud service. Upon determining that the first and second sets of cloud-specific data match, the method authenticates the particular machine and issues the resource for the particular machine.

Abstract: An example method of file transfer between a client and a server includes: initiating, by the client, a front-end control connection between the client and a horizontally scaled proxy service; creating, by a first proxy instance of a plurality of proxy instances of the horizontally scaled proxy service, a back-end control connection between the first proxy instance and the server; returning, to the client from the first proxy instance, a unique client parameter associated with the front-end connection as a destination port for a front-end data connection; initiating, by the client, the front-end data connection between the client and the horizontally scaled proxy service, the front-end data connection using the destination port as returned by the first proxy instance; and creating, by the first proxy instance, a back-end data connection between the first proxy instance and the server.

Abstract: Systems and methods are described for providing recommendations for a user experience in online meetings. A recommendation engine can aggregate data from user devices to make recommendations before, during and after online meetings. Before a meeting, the recommendation engine can recommend which of a user's devices to use for the meeting. During the meeting, the recommendation engine can identify current or anticipated issues and recommend changes the user can make to correct or prevent the issue. After meetings, the recommendation engine can aggregate data and identify an ongoing issue for one or multiple users. The recommendation engine can identify the cause of the issue and make recommendations to the user or an administrator accordingly.

Abstract: A system and method for capturing resource usage information in a network for namespaces in which pods operate are described herein. A data structure specifies a topology that includes a gateway and routing addresses in a network whose usage is to be captured. The data structure is provided to an API of a master node controlling the pods. A controller in the master node enforces the data structure and reports results back to the API.

Abstract: A method of copying at least first and second files stored in a client computing device to a host server, includes the steps of: generating at the host server a first read I/O request for data of the first file based on responses to pre-read I/O requests for the first file, received from the client computing device; transmitting a merged I/O request that includes the first read I/O request for data of the first file and pre-read I/O requests for the second file from the host server to the client computing device; generating at the host server a second read I/O request for data of the second file based on responses to the pre-read I/O requests for the second file, received from the client computing device; and transmitting the second read I/O request for data of the second file from the host server to the client computing device.

Abstract: A system and method for creating a secure overlay network on top of the public Internet, optionally by creating an identity-based network in which user identities are the identifiers rather than IP addresses, and whereas only authenticated and authorized users whose identity has been established have visibility and access to the network; establishing fully encrypted and private network segments; providing superior performance through improved protocols and routing; and implementing a decentralized topology that allows any two nodes on it to communicate regardless of each node's location or network settings—as if the two nodes are on the same local area network.

Abstract: The present disclosure relates to development platform validation with simulation. Some embodiments include instructions to recognize a simulation of a management system as an endpoint of a development platform in a virtualized environment, and execute performance testing on the development platform using the simulation.

Abstract: Example methods and systems to process input/output (I/O) requests in a distributed storage system in a virtualized computing environment are disclosed. One example method includes executing a first thread to destage one or more data writes, wherein the one or more data writes correspond to a first bucket; executing a second thread to destage the one or more data deletes, wherein the one or more data deletes correspond to a second bucket; in response to executing the first thread, buffering write I/Os associated with the one or more data writes in a logical queue; in response to executing the second thread, buffering delete I/Os associated with the one or more data deletes in the logical queue; and adjusting a number of slots in the logical queue dedicated to buffer the delete I/Os based on a relationship between the first bucket and the second bucket.

Abstract: Systems and methods for inspection and repair of VSAN object metadata. A user-space indirection layer is maintained to map logical addresses of VSAN objects to physical memory addresses of their metadata. Commands may then be sent from the user space to distributed object manager (DOM) clients, with the physical addresses of metadata of objects to be inspected. DOM owners thus may bypass their own indirection layers to retrieve object metadata directly from received user commands. Retrieved information is then used to reconstruct and repair object metadata. Repaired metadata may be written back to the VSAN by transmitting a write request containing the physical address at which the repaired metadata is to be written. DOM owners may be placed in a specified mode in which received I/O instructions are ignored unless they are designated as being for metadata repair purposes, such as by including a physical address.

Abstract: The present disclosure relates to extending workload provisioning using a low-code development platform. Some embodiments include a medium having instructions to provide an interface for creating a custom resource in a virtualized environment, the interface including a first portion configured to receive summary information corresponding to the custom resource, and a second portion configured to receive a schema corresponding to the custom resource. Some embodiments include creating the custom resource according to the summary information and the schema.

Abstract: Systems and methods for 3D printer management can verify the printing of a 3D object based on instructions inserted into the 3D object file that cause the 3D printer to perform extra actions, thus emitting certain sounds while printing. In one example, a print server can receive a request to print a 3D object. The print server can insert snippets of instructions at random into the 3D object file. A recording device can record audio of the 3D printer printing the 3D object. The recording device can send the audio to the print server. The print server can verify that the audio emitted by the 3D printer while printing the 3D object match up with the snippets inserted into the 3D object file.

Abstract: Disclosed are various approaches for workflow service back end integration. In some examples, a workflow service identifies a workflow action and a user account that is responsible for the workflow action. A command to present the workflow action for user authorization is transmitted to a client device associated with the user account. The workflow service transmits a command to perform the workflow action based on an identification of the user authorization.

Abstract: Techniques for generating distributed representations of computing processes and events are provided. According to one set of embodiments, a computer system can receive occurrence data pertaining to a plurality of computing processes and a plurality of events associated with the plurality of computing processes. The computer system can then generate, based on the occurrence data, (1) a set of distributed process representations that includes, for each computing process, a representation that encodes a sequence of events associated with the computing process in the occurrence data, and (2) a set of distributed event representations that includes, for each event, a representation that encodes one or more event properties associated with the event and one or more events that occur within a window of the event in the occurrence data.