Abstract: Techniques are disclosed for reclaiming resources within a distributed computing system. A reclamation application searches the distributed computing architecture for unused resources, classifies the unused resources, and determines an expiration period based on the classification. The reclamation application determines a candidate owner of the resource based on one or more characteristics of the resource. The reclamation application then notifies the candidate owner that the resource is to be reclaimed unless claimed by the candidate owner within the expiration period. If the candidate owner claims the resource within the expiration period, then the reclamation application terminates the reclamation of the resource. If the candidate owner does not claim the resource within the expiration period, then the reclamation application reclaims the resource after the duration of the expiration period.

Abstract: A security application manages security and reliability of networked applications executing collection of interacting computing elements within a distributed computing architecture. The security application monitors various classes of resources utilized by the collection of nodes within the distributed computing architecture and determine whether utilization of a class of resources is approaching a pre-determined maximum limit. The security application performs a vulnerability scan of a networked application to determine whether the networked application is prone to a risk of intentional or inadvertent breach by an external application. The security application scans a distributed computing architecture for the existence of access control lists (ACLs), and stores ACL configurations and configuration changes in a database.

Abstract: A data processing method, comprising: using computing apparatus, causing instantiating a plurality of baseline application instances that are running a first version of software, and one or more canary application instances that are running a second version of the software; using computing apparatus including a load balancer, causing selectively routing a first proportion of incoming requests to the baseline instances, and routing a second proportion of the incoming requests to the canary instances; monitoring the plurality of canary instances to collect performance data for performance metrics; determining that the performance data indicates a negative performance issue, and in response thereto: using computing apparatus, automatically updating the first proportion to be larger and updating the second proportion to be smaller, and then reconfiguring the load balancer based upon the first proportion and the second proportion; terminating one or more of the canary application instances.

Abstract: Techniques for evaluating a second version of software. Embodiments selectively route incoming requests to software instances within a plurality of baseline instances and a plurality of canary instances, where the baseline instances run a first software version and the canary instances run the second software version. The software instances are monitored to collect performance data for a plurality of performance metrics. Embodiments calculate aggregate baseline performance metrics, where each of the aggregate baseline performance metrics is calculated based on the collected performance data for the plurality of baseline instances. For each of the performance metrics and canary instances, embodiments calculate a relative performance value that measures the collected performance data for the respective canary instance and for the respective performance metric, relative to the corresponding aggregate baseline performance metric.

Abstract: A security application manages security and reliability of networked applications executing collection of interacting computing elements within a distributed computing architecture. The security application monitors various classes of resources utilized by the collection of nodes within the distributed computing architecture and determine whether utilization of a class of resources is approaching a pre-determined maximum limit. The security application performs a vulnerability scan of a networked application to determine whether the networked application is prone to a risk of intentional or inadvertent breach by an external application. The security application scans a distributed computing architecture for the existence of access control lists (ACLs), and stores ACL configurations and configuration changes in a database.

Abstract: A security application manages security and reliability of networked applications executing collection of interacting computing elements within a distributed computing architecture. The security application monitors various classes of resources utilized by the collection of nodes within the distributed computing architecture and determine whether utilization of a class of resources is approaching a pre-determined maximum limit. The security application performs a vulnerability scan of a networked application to determine whether the networked application is prone to a risk of intentional or inadvertent breach by an external application. The security application scans a distributed computing architecture for the existence of access control lists (ACLs), and stores ACL configurations and configuration changes in a database.

Abstract: Techniques are disclosed for validating the resiliency of a networked application made available using a distributed computing infrastructure. In one embodiment, a latency monitoring application observes each active application component and at specified or unspecified intervals, selects one and introduces latency or error messages in one or more messages emanating from the selected active application component. The latency monitoring application then measures the effect of the latency or error messages on other active application components that are dependent on the affected active application component. By observing the effects of the failed server on the rest of the network application, a provider can ensure that each component can tolerate any unexpected latency or error conditions with the distributed computing infrastructure.

Abstract: A data processing method, comprising: using computing apparatus, causing instantiating a plurality of baseline application instances that are running a first version of software, and one or more canary application instances that are running a second version of the software; using computing apparatus including a load balancer, causing selectively routing a first proportion of incoming requests to the baseline instances, and routing a second proportion of the incoming requests to the canary instances; monitoring the plurality of canary instances to collect performance data for performance metrics; determining that the performance data indicates a negative performance issue, and in response thereto: using computing apparatus, automatically updating the first proportion to be larger and updating the second proportion to be smaller, and then reconfiguring the load balancer based upon the first proportion and the second proportion; terminating one or more of the canary application instances.

Abstract: A data processing method, comprising: using computing apparatus, causing instantiating a plurality of baseline application instances that are running a first version of software, and one or more canary application instances that are running a second version of the software; using computing apparatus including a load balancer, causing selectively routing a first proportion of incoming requests to the baseline instances, and routing a second proportion of the incoming requests to the canary instances; monitoring the plurality of canary instances to collect performance data for performance metrics; determining that the performance data indicates a negative performance issue, and in response thereto: using computing apparatus, automatically updating the first proportion to be larger and updating the second proportion to be smaller, and then reconfiguring the load balancer based upon the first proportion and the second proportion; terminating one or more of the canary application instances.

Abstract: Techniques are disclosed for reclaiming resources within a distributed computing system. A reclamation application searches the distributed computing architecture for unused resources, classifies the unused resources, and determines an expiration period based on the classification. The reclamation application determines a candidate owner of the resource based on one or more characteristics of the resource. The reclamation application then notifies the candidate owner that the resource is to be reclaimed unless claimed by the candidate owner within the expiration period. If the candidate owner claims the resource within the expiration period, then the reclamation application terminates the reclamation of the resource. If the candidate owner does not claim the resource within the expiration period, then the reclamation application reclaims the resource after the duration of the expiration period.

Abstract: Techniques are described for identifying a root cause of a pattern of performance data in a system including a plurality of services. Embodiments provide dependency information for each of the plurality of services, where at least one of the plurality of services is dependent upon a first one of the plurality of services. Each of the plurality of services is monitored to collect performance data for the respective service. Embodiments further analyze the performance data to identify a cluster of services that each follow a pattern of performance data. The first one of the services in the cluster of services is determined to be a root cause of the pattern of performance data, based on the determined dependency information for each of the plurality of services.

Abstract: Techniques are disclosed for reclaiming resources within a distributed computing system. A reclamation application searches the distributed computing architecture for unused resources, classifies the unused resources, and determines an expiration period based on the classification. The reclamation application determines a candidate owner of the resource based on one or more characteristics of the resource. The reclamation application then notifies the candidate owner that the resource is to be reclaimed unless claimed by the candidate owner within the expiration period. If the candidate owner claims the resource within the expiration period, then the reclamation application terminates the reclamation of the resource. If the candidate owner does not claim the resource within the expiration period, then the reclamation application reclaims the resource after the duration of the expiration period.

Abstract: A data processing method, comprising: using computing apparatus, causing instantiating a plurality of baseline application instances that are running a first version of software, and one or more canary application instances that are running a second version of the software; using computing apparatus including a load balancer, causing selectively routing a first proportion of incoming requests to the baseline instances, and routing a second proportion of the incoming requests to the canary instances; monitoring the plurality of canary instances to collect performance data for performance metrics; determining that the performance data indicates a negative performance issue, and in response thereto: using computing apparatus, automatically updating the first proportion to be larger and updating the second proportion to be smaller, and then reconfiguring the load balancer based upon the first proportion and the second proportion; terminating one or more of the canary application instances.

Abstract: A data processing method, comprising: using computing apparatus, causing instantiating a plurality of baseline application instances that are running a first version of software, and one or more canary application instances that are running a second version of the software; using computing apparatus including a load balancer, causing selectively routing a first proportion of incoming requests to the baseline instances, and routing a second proportion of the incoming requests to the canary instances; monitoring the plurality of canary instances to collect performance data for performance metrics; determining that the performance data indicates a negative performance issue, and in response thereto: using computing apparatus, automatically updating the first proportion to be larger and updating the second proportion to be smaller, and then reconfiguring the load balancer based upon the first proportion and the second proportion; terminating one or more of the canary application instances.

Abstract: Techniques are disclosed for reclaiming resources within a distributed computing system. A reclamation application searches the distributed computing architecture for unused resources, classifies the unused resources, and determines an expiration period based on the classification. The reclamation application determines a candidate owner of the resource based on one or more characteristics of the resource. The reclamation application then notifies the candidate owner that the resource is to be reclaimed unless claimed by the candidate owner within the expiration period. If the candidate owner claims the resource within the expiration period, then the reclamation application terminates the reclamation of the resource. If the candidate owner does not claim the resource within the expiration period, then the reclamation application reclaims the resource after the duration of the expiration period.

Abstract: A security application manages security and reliability of networked applications executing collection of interacting computing elements within a distributed computing architecture. The security application monitors various classes of resources utilized by the collection of nodes within the distributed computing architecture and determine whether utilization of a class of resources is approaching a pre-determined maximum limit. The security application performs a vulnerability scan of a networked application to determine whether the networked application is prone to a risk of intentional or inadvertent breach by an external application. The security application scans a distributed computing architecture for the existence of access control lists (ACLs), and stores ACL configurations and configuration changes in a database.

Abstract: Techniques are disclosed for validating the resiliency of a networked application made available using a distributed computing infrastructure. In one embodiment, a latency monitoring application observes each active application component and at specified or unspecified intervals, selects one and introduces latency or error messages in one or more messages emanating from the selected active application component. The latency monitoring application then measures the effect of the latency or error messages on other active application components that are dependent on the affected active application component. By observing the effects of the failed server on the rest of the network application, a provider can ensure that each component can tolerate any unexpected latency or error conditions with the distributed computing infrastructure.

Abstract: Techniques are disclosed for reclaiming resources within a distributed computing system. A reclamation application searches the distributed computing architecture for unused resources, classifies the unused resources, and determines an expiration period based on the classification. The reclamation application determines a candidate owner of the resource based on one or more characteristics of the resource. The reclamation application then notifies the candidate owner that the resource is to be reclaimed unless claimed by the candidate owner within the expiration period. If the candidate owner claims the resource within the expiration period, then the reclamation application terminates the reclamation of the resource. If the candidate owner does not claim the resource within the expiration period, then the reclamation application reclaims the resource after the duration of the expiration period.

Abstract: A security application manages security and reliability of networked applications executing collection of interacting computing elements within a distributed computing architecture. The security application monitors various classes of resources utilized by the collection of nodes within the distributed computing architecture and determine whether utilization of a class of resources is approaching a pre-determined maximum limit. The security application performs a vulnerability scan of a networked application to determine whether the networked application is prone to a risk of intentional or inadvertent breach by an external application. The security application scans a distributed computing architecture for the existence of access control lists (ACLs), and stores ACL configurations and configuration changes in a database.

Abstract: Techniques are disclosed for validating the resiliency of a networked application made available using a distributed computing infrastructure. In one embodiment, a latency monitoring application observes each active application component and at specified or unspecified intervals, selects one and introduces latency or error messages in one or more messages emanating from the selected active application component. The latency monitoring application then measures the effect of the latency or error messages on other active application components that are dependent on the affected active application component. By observing the effects of the failed server on the rest of the network application, a provider can ensure that each component can tolerate any unexpected latency or error conditions with the distributed computing infrastructure.