Abstract: A computer-implemented method, according to one embodiment, includes: determining, using a processor, whether a virtual machine is authorized to run using a data structure having metadata about properties of the virtual machine; determining, using the processor, whether a hypervisor is authorized to run the virtual machine using a digital signature of the data structure; and running the virtual machine on a computer system using the hypervisor in response to determining that the virtual machine is authorized to be run and that the hypervisor is authorized to run the virtual machine. Other systems, methods, and computer program products are described in additional embodiments.

Abstract: A computer-implemented method, according to one embodiment, includes: determining, using a processor, whether a virtual machine is authorized to run using a data structure having metadata about properties of the virtual machine; determining, using the processor, whether a hypervisor is authorized to run the virtual machine using a digital signature of the data structure; and running the virtual machine on a computer system using the hypervisor in response to determining that the virtual machine is authorized to be run and that the hypervisor is authorized to run the virtual machine. Other systems, methods, and computer program products are described in additional embodiments.

Abstract: A computer-implemented method, according to one embodiment, includes receiving a request for a hypervisor to run a virtual machine; determining, using a processor, whether the virtual machine is authorized to run using a data structure having metadata about properties of the virtual machine; determining, using the processor, whether the hypervisor is authorized to run the virtual machine using a digital signature of the data structure; and running the virtual machine on a computer system using the hypervisor in response to determining that the virtual machine is authorized to be run and that the hypervisor is authorized to run the virtual machine. Other systems, methods, and computer program products are described in additional embodiments.

Abstract: A computer-implemented method, according to one embodiment, includes receiving a request for a hypervisor to run a virtual machine; determining, using a processor, whether the virtual machine is authorized to run using a data structure having metadata about properties of the virtual machine; determining, using the processor, whether the hypervisor is authorized to run the virtual machine using a digital signature of the data structure; and running the virtual machine on a computer system using the hypervisor in response to determining that the virtual machine is authorized to be run and that the hypervisor is authorized to run the virtual machine. Other systems, methods, and computer program products are described in additional embodiments.

Abstract: A method, according to one embodiment, includes receiving a request for a hypervisor to run a virtual machine, determining using a processor whether the virtual machine is authorized to run using a data structure having metadata about properties of the virtual machine, determining using a processor whether the hypervisor is authorized to run the virtual machine using a digital signature of the data structure, receiving a decryption key from a key authority when it is determined that the virtual machine is authorized to be run and it is determined that the hypervisor is authorized to run the virtual machine, unlocking and/or decrypting the virtual machine using the decryption key, and running the virtual machine on a computer system. Other systems, methods, and computer program products are described in additional embodiments.

Abstract: An approach for autonomous multi-node network configuration and self-awareness is provided. In the approach, a network switch receives a configuration of a switch port group. The switch port group comprises ports configured for a cloud cluster, the cloud cluster comprises nodes, and respective ones of the nodes are connected to respective ones of the ports. In the approach, the network switch receives from one of the nodes a request for information of the switch port group, and sends to the one of the nodes the information of the switch port group. In the approach, the information of the switch port group is stored by the one of the nodes, used by the one of the nodes to assign IP and VLAN addresses to the nodes in the cloud cluster, and used by the one of the nodes to establish a topology of the cloud cluster.

Abstract: An approach for dynamic discovery and assignment of virtual local area networks (VLANs) is provided. In the approach, a network switch receives a request for VLAN configuration, from a device connecting to a port of the network switch. The network switch retrieves a list of available VLANs at the port, determines whether respective ones of the available VLANs are configured for the device, forms an acknowledgement including a list of VLANs configured for the device, and sends the acknowledgement to the device. In the approach, the acknowledgement is used to determine one of the VLANs configured for the device; the one of the VLANs configured for the device is tagged by the device to an adapter of the device, and the device is connected to the one of the VLANs configured for the device.

Abstract: A method, according to one embodiment, includes receiving a request for a hypervisor to run a virtual machine, determining using a processor whether the virtual machine is authorized to run using a data structure having metadata about properties of the virtual machine, determining using a processor whether the hypervisor is authorized to run the virtual machine using a digital signature of the data structure, receiving a decryption key from a key authority when it is determined that the virtual machine is authorized to be run and it is determined that the hypervisor is authorized to run the virtual machine, unlocking and/or decrypting the virtual machine using the decryption key, and running the virtual machine on a computer system. Other systems, methods, and computer program products are described in additional embodiments.

Abstract: An approach for dynamic discovery and assignment of virtual local area networks (VLANs) is provided. In the approach, a network switch receives a request for VLAN configuration, from a device connecting to a port of the network switch. The network switch retrieves a list of available VLANs at the port, determines whether respective ones of the available VLANs are configured for the device, forms an acknowledgement including a list of VLANs configured for the device, and sends the acknowledgement to the device. In the approach, the acknowledgement is used to determine one of the VLANs configured for the device; the one of the VLANs configured for the device is tagged by the device to an adapter of the device, and the device is connected to the one of the VLANs configured for the device.

Abstract: An approach for autonomous multi-node network configuration and self-awareness is provided. In the approach, a network switch receives a configuration of a switch port group. The switch port group comprises ports configured for a cloud cluster, the cloud cluster comprises nodes, and respective ones of the nodes are connected to respective ones of the ports. In the approach, the network switch receives from one of the nodes a request for information of the switch port group, and sends to the one of the nodes the information of the switch port group. In the approach, the information of the switch port group is stored by the one of the nodes, used by the one of the nodes to assign IP and VLAN addresses to the nodes in the cloud cluster, and used by the one of the nodes to establish a topology of the cloud cluster.

Abstract: A label corresponding to a cryptographic key is stored at a first computational device. A user provided label is received at a second computational device. The user provided label is sent from the second computational device to the first computational device. The user provided label is compared to the label stored at the first computational device. The cryptographic key is used to perform cryptographic operations on data, in response to determining that the user provided label matches the label stored at the first computational device.

Abstract: A method for the autonomous diagnosis and repair of user-configured storage subsystem components in a storage environment is provided. The method includes monitoring the user-configured storage subsystem components to identify an error associated with a first component of the user-configured storage subsystem components, the error corresponding to an error code, cross referencing the error code against a severity matrix, querying a depot for a fix code, and downloading and applying the fix code if the first component is configured, according to the severity matrix, to be autonomously repaired.

Abstract: An apparatus, system, and method are disclosed for distributed logging. Operating entities and associations between operating entities are registered in a registry by a logging entity registrar. An event notification monitor recognizes operating errors in operating entities. An aggregation module aggregates operating logs from sets of associated entities, which are then stored by a log set recorder.

Abstract: A label corresponding to a cryptographic key is stored at a first computational device. A user provided label is received at a second computational device. The user provided label is sent from the second computational device to the first computational device. The user provided label is compared to the label stored at the first computational device. The cryptographic key is used to perform cryptographic operations on data, in response to determining that the user provided label matches the label stored at the first computational device.

Abstract: A method for the autonomous diagnosis and repair of user-configured storage subsystem components in a storage environment is provided. The method includes monitoring the user-configured storage subsystem components to identify an error associated with a first component of the user-configured storage subsystem components, the error corresponding to an error code, cross referencing the error code against a severity matrix, querying a depot for a fix code, and downloading and applying the fix code if the first component is configured, according to the severity matrix, to be autonomously repaired.

Abstract: An apparatus, system, and method are disclosed for distributed logging. Operating entities and associations between operating entities are registered in a registry by a logging entity registrar. An event notification monitor recognizes operating errors in operating entities. An aggregation module aggregates operating logs from sets of associated entities, which are then stored by a log set recorder.