Abstract: Example methods and systems for uplink-aware logical overlay tunnel monitoring are described. In one example, a first computer system may establish a logical overlay tunnel with a second computer system. The first computer system may generate and send, over the logical overlay tunnel via the first uplink, a first encapsulated monitoring packet identifying the first uplink. Based on a first reply, first performance metric information associated with the first uplink may be determined. The first computer system may generate and send, over the logical overlay tunnel via the second uplink, a second encapsulated monitoring packet identifying the second uplink. Based on a second reply, second performance metric information associated with the second uplink may be determined. Based on the first performance metric information and the second performance metric information, the first uplink or the second uplink may be selected to send encapsulated data packet(s) over the logical overlay tunnel.

Abstract: Techniques for using erasure coding in a single region to reduce the likelihood of losing objects in a cloud object storage platform are provided. In one set of embodiments, a computer system can upload a plurality of data objects to a region of a cloud object storage platform, where the plurality of data objects including modifications to a data set. The computer system can further compute a parity object based on the plurality of data objects, where the parity object encodes parity information for the plurality of data objects. The computer system can then upload the parity object to the same region where the plurality of data objects was uploaded.

Abstract: Example methods and systems for logical network health check. One example may comprise obtaining network configuration information and network realization information associated with a logical network; processing the network configuration information and the network realization information to determine the following: (a) network configuration health information specifying a network configuration issue and a first remediation action; and (b) network realization health information specifying a network realization issue and a second remediation action; and providing, to a user device, multiple user interfaces (UIs) specifying the first health information and the second health information along with a visualization of the logical network. In response to detecting an instruction initiated by the user device using at least one of the multiple UIs, the first remediation action or the second remediation action may be performed.

Abstract: In one set of embodiments, a computer system can analyze a layout of one or more storage objects of a VM to be placed within a cluster of host systems of a hyper-converged infrastructure (HCI) deployment. The computer system can further determine, based on the analyzing, that the one or more storage objects are stored on a single host system or within a single fault domain of the cluster. The computer system can then cause the VM to be placed on that single host system or within that single fault domain.

Abstract: An example virtualized computing system includes a host cluster having hosts and a virtualization layer executing on hardware platforms of the hosts, the virtualization layer supporting execution of virtual machines (VMs), the VMs including pod VMs, the pod VMs including container engines supporting execution of containers in the pod VMs; and an orchestration control plane integrated with the virtualization layer, the orchestration control plane including a master server configured to manage the pod VMs and first VMs of the VMs. The virtualized computing system further includes a guest cluster executing in the first VMs and managed by the orchestration control plane, the guest cluster including a guest master server configured to, in cooperation with the master server, deploy first pods in the pod VMs.

Abstract: An example method of managing storage for a containerized application executing in a virtualized computing system having a cluster of hosts and a virtualization layer executing thereon, is described. The method includes receiving, at a supervisor container orchestrator, a request for a first persistent volume lifecycle operation from a guest container orchestrator, the supervisor container orchestrator being part of an orchestration control plane integrated with the virtualization layer and configured to manage a guest cluster and virtual machines (VMs), supported by the virtualization layer, in which the guest cluster executes, the guest container orchestrator being part of the guest cluster; and sending, in response to the first persistent volume lifecycle operation, a request for a second persistent volume lifecycle operation from the supervisor container orchestrator to a storage provider of the virtualized computing system to cause the storage provider to perform an operation on a storage volume.

Abstract: Examples described herein include systems and methods for fuzz testing low-level virtual devices and virtual devices with DMA write functionality. A fuzz tester includes components distributed across a virtual machine and its host system. The fuzz testing components in the virtual machine are implemented as firmware installed in the virtual machine's ROM. These components operate independent of data stored in the virtual machine's RAM and do not require an operating system to be installed on the virtual machine. As a result, any changes made to the virtual machine's RAM during the fuzzing process by low-level virtual devices or virtual devices with DMA write functionality cannot interrupt the fuzz testing or otherwise negatively impact the fuzz tester itself.

Abstract: Disclosed are various embodiments for integrating an email client with hosted applications. An email is received from an email client. An image that is a component of the email is identified and sent to an optical character recognition (OCR) service. Extracted text is received from the OCR service. A request for an action object is then sent to a connector for an application, the action object representing a potential action that could be performed with the application based on the extracted text from the OCR service. The action object is then sent to the email client, which is configured to display a prompt allowing a user to perform the action represented by the action object.

Abstract: Methods, apparatus, systems and articles of manufacture are disclosed to manage cloud provider sessions. An example apparatus includes at least one computer readable medium; and processor circuitry to execute instructions that cause the processor circuitry to: in response to detecting a first request to establish a first session with a cloud provider that is to perform a first action: establish the first session using credentials associated with the cloud provider; record a lifespan of a session token associated with the first session; and transmit the session token to a cloud provider adapter to facilitate communication between the cloud provider adapter and the cloud provider; and in response to detecting a second request to establish a second session with the cloud provider that is to perform a second action, transmit the session token to the cloud provider adapter to facilitate communication between the cloud provider adapter and the cloud provider.

Abstract: Example methods are provided to deploy an Internet of Things (IoT) solution in a hybrid environment. The methods include deploying a first agent application on a first edge gateway of a first vendor by the first edge gateway. The first agent application is configured to collect a first set of information associated with the first edge gateway. The methods include deploying a second agent application on a second edge gateway of a second vendor by the second edge gateway. The second agent application is configured to collect a second set of information associated with the second edge gateway. In response to a determination of a first virtualized computing environment on the first edge gateway or a second virtualized computing environment on the second edge gateway fulfils a first requirement of a template to deploy the IoT solution, the methods include deploying the IoT solution in the first virtualized computing environment, the second virtualized computing environment, or both.

Abstract: Described herein are systems, methods, and software to manage replay windows in multipath connections between gateways. In one implementation, a first gateway may receive a packet directed toward a second gateway and identify a path from a plurality of paths to the second gateway. Once identified, the first gateway may increment a sequence number associated with the path and encapsulate the packet with a unique identifier for the path in the header with the incremented sequence number. The first gateway the communicates the encapsulated packet to the second gateway.

Abstract: A server computer can be quickly allocated to and made ready for use by users of a tenant by adding and starting, on that server computer, copies of a process implementing the tenant's virtual machine, based on a gold image virtual machine for that tenant. The gold image virtual machine also has an associated gold image virtual disk. The virtual machines on the server computer are associated with virtual disks that are linked clones based on the gold image virtual disk, such as linked clones of a replica of the gold image virtual disk. Each virtual machine for a tenant on the new server computer also is added to the tenant computer network. Server computers for multiple tenants can be grouped into a cluster, and can use anti-affinity rules to limit instantiation of virtual machines of each tenant only on server computers dedicated to the tenant.

Abstract: Examples of account-specific security in an email client are disclosed. A master key can be generated by the email client. The master key can be used to encrypt account specific account keys. Email data in the email database accessed by the email client can be encrypted by the account keys.

Abstract: Container images are managed in a clustered container host system with a shared storage device. Hosts of the system each include a virtualization software layer that supports execution of virtual machines (VMs), one or more of which are pod VMs that have implemented therein a container engine that supports execution of containers within the respective pod VM. A method of deploying containers includes determining, from pod objects published by a master device of the system and accessible by all hosts of the system, that a new pod VM is to be created, creating the new pod VM, and spinning up one or more containers in the new pod VM using images of containers previously spun up in another pod VM, wherein the images of the containers previously spun up in the other pod VM are stored in the storage device.

Abstract: An example method of interfacing with a hypervisor in a computing system is described, which includes a processor having at least three hierarchical privilege levels including a third privilege level more privileged than a second privilege level, the second privilege level more privileged than a first privilege level.

Abstract: Systems and methods are described for providing ways to protect client devices in communication with virtual desktops and virtual applications from keylogging attacks. A keyboard filter driver obfuscates scancodes from key presses produced on the keyboard of the client device so that malicious keylogging or keyboard hooking software is not able to observe user inputs. The obfuscated scancodes are conveyed and de-obfuscated before being applied in the virtual desktop or virtual application.

Abstract: Methods, apparatus and articles of manufacture for dynamically extending a cloud management system by adding endpoint adapter types are disclosed. An example cloud management system includes: an interface to communicate with an external device; a host to manage requests and allocate resources through one or more virtual machines; and an endpoint registry to include an endpoint adapter and metadata defining the endpoint adapter, the endpoint adapter to specify communication between at least one of the host or the external device and an endpoint. In the example cloud management system, the host is to at least enable, via the interface, the external device to access the endpoint registry a) to register an endpoint adapter configuration with the endpoint registry and b) to retrieve the endpoint adapter configuration from the endpoint registry.

Abstract: A system is described for downloading server-based content to peers in a P2P network. The server-based content can be partitioned and different peers can be given priority for downloading the different parts. A client on each peer can view what content is available on each of the other peers as well as what content is available on a virtual peer, which represents content on the server and only makes content that exists on the server and not on any peers available for download. Consequently, a client on a peer requesting to download the content can download the content from the peers and the virtual peer based on a file sharing protocol, such as BitTorrent.

Abstract: A methodology for assigning an identity to a plurality of unsupervised machine learning based applications is disclosed. In a computer-implemented method, a machine learning based discovery of a plurality of unsupervised machine learning based applications spanning across a plurality of diverse components in a computing environment is received. A persistent unique identifier is assigned to each of the plurality of unsupervised machine learning based applications. It is then determined which of the plurality of diverse components in the computing environment is operating with each of the plurality of unsupervised machine learning based applications.