Abstract: Techniques are disclosed for processing data packets by a hardware-based networking device configured to disaggregate processing of data packets from hosts of a virtualized computing environment. The hardware-based networking device includes a hardware-based component implementing a plurality of behavioral models indicative of packet processing graphs for data flows in the virtualized computing environment. A data packet having a source from or destination to an endpoint in a virtual network of the virtualized computing environment is received. Based on determining that the data packet is a first packet of a data flow to or from the endpoint, one of the behavioral models is mapped to the data flow. The packet is modified in accordance with the mapped behavioral model. A state of the data flow is stored. Subsequent data packets of the data flow are processed based on the stored state.

Abstract: Techniques are disclosed for dynamically adjusting a throttling threshold in a multi-tenant virtualized computing environment. System health parameters are collected during a predetermined time interval. A system health status of the multi-tenant virtualized computing environment is determined. Based on the system health status, a throttling threshold for service requests for the multi-tenant virtualized computing environment is determined. The throttling threshold is applied for further service requests. During a subsequent time interval, an updated system health status of the multi-tenant virtualized computing environment is determined based on system health parameters received during the subsequent time interval. The throttling threshold is updated based on the updated system health status. The updated throttling threshold is applied for further service requests.

Abstract: Techniques are disclosed for processing data packets and implementing policies in a software defined network (SDN) of a virtual computing environment. At least one SDN appliance is configured to disaggregate enforcement of policies of the SDN from hosts of the virtual computing environment. The servers are communicatively coupled to network interfaces of the SDN appliance. The servers host a plurality of virtual machines The SDN appliance comprises a plurality of smart network interface cards (sNICs) configured to implement functionality of the SDN appliance.

Abstract: Techniques are disclosed for processing data packets and implementing policies in a software defined network (SDN) of a virtual computing environment. A plurality of computing nodes are communicatively coupled to network devices. The computing nodes are configured to provide at least one cloud edge processing function. The network devices are configured to enable communications between virtual machines within a virtual network of the virtual computing environment in accordance with associated policies. The network devices and the processing function are disaggregated from dependencies on particular computing nodes that are hosting the virtual machines.

Abstract: Techniques are disclosed for processing data packets and implementing policies in a software defined network (SDN) of a virtual computing environment. A plurality of servers are communicatively coupled to network interfaces of one of a skinny NIC or a smart NIC. The skinny NIC is configured to provide network interfaces for virtual machines hosted on a corresponding server. The smart NIC is configured to enable virtual machine communications within a virtual network in accordance with associated policies.

Abstract: Systems and methods for rendering foldable products are described. According to certain aspects, an electronic device enables a user to select a digital content item and a section of a foldable product on which to render the digital content item. Based on certain parameters associated with the section, the electronic device may calculate a position within a cell for the digital content item, where the cell may be part of a bounding box associated with the section. The electronic device may render, within a user interface, the a digital design of the foldable product with the digital content item rendered on the section and positioned at the position within the cell.

Abstract: Techniques are disclosed for processing data packets and implementing policies in a software defined network (SDN) of a virtual computing environment. At least two SDN appliances are configured to disaggregate enforcement of policies of the SDN from hosts of the virtual computing environment. The hosts are implemented on servers communicatively coupled to network interfaces of the SDN appliance. The servers host a plurality of virtual machines. The servers are communicatively coupled to network interfaces of at least two top-of-rack switches (ToRs). The SDN appliance comprises a plurality of smart network interface cards (sNICs) configured to implement functionality of the SDN appliance. The sNICs have a floating network interface configured to provide a virtual port connection to an endpoint within a virtual network of the virtual computing environment.

Abstract: Techniques are disclosed for processing data packets and implementing policies in a software defined network (SDN) of a virtual computing environment. At least two SDN appliances are configured to disaggregate enforcement of policies of the SDN from hosts of the virtual computing environment. The hosts are implemented on servers communicatively coupled to network interfaces of the SDN appliance. The servers host a plurality of virtual machines. The servers are communicatively coupled to network interfaces of at least two top-of-rack switches (ToRs). The SDN appliance comprises a plurality of smart network interface cards (sNICs) configured to implement functionality of the SDN appliance. The sNICs have a floating network interface configured to provide a virtual port connection to an endpoint within a virtual network of the virtual computing environment.

Abstract: Techniques are disclosed for dynamically adjusting a throttling threshold in a multi-tenant virtualized computing environment. System health parameters are collected during a predetermined time interval. A system health status of the multi-tenant virtualized computing environment is determined. Based on the system health status, a throttling threshold for service requests for the multi-tenant virtualized computing environment is determined. The throttling threshold is applied for further service requests. During a subsequent time interval, an updated system health status of the multi-tenant virtualized computing environment is determined based on system health parameters received during the subsequent time interval. The throttling threshold is updated based on the updated system health status. The updated throttling threshold is applied for further service requests.

Abstract: Systems and methods for enabling access to dedicated resources in a virtual network using top of rack switches are disclosed. A method includes a virtual filtering platform encapsulating at least one packet, received from a virtual machine, to generate at least one encapsulated packet comprising a virtual network identifier (VNI). The method further includes a TOR switch: (1) receiving the at least one encapsulated packet and decapsulating the at least one encapsulated packet to create at least one decapsulated packet, (2) using the VNI to identify a virtual routing and forwarding artifact to determine a virtual local area network interface associated with the dedicated hardware portion, and (3) transmitting the at least one decapsulated packet to the dedicated hardware portion based on at least one policy provided by a controller, where the at least one policy comprises information related to a customer of the service provider.

Abstract: Techniques are disclosed for processing data packets and implementing policies in a software defined network (SDN) of a virtual computing environment. At least two SDN appliances are configured to disaggregate enforcement of policies of the SDN from hosts of the virtual computing environment. The hosts are implemented on servers communicatively coupled to network interfaces of the SDN appliance. The servers host a plurality of virtual machines. The servers are communicatively coupled to network interfaces of at least two top-of-rack switches (ToRs). The SDN appliance comprises a plurality of smart network interface cards (sNICs) configured to implement functionality of the SDN appliance. The sNICs have a floating network interface configured to provide a virtual port connection to an endpoint within a virtual network of the virtual computing environment.

Abstract: The disclosed system implements techniques to secure communications for injecting a workload (e.g., a container) into a virtual network hosted by a cloud-based platform. Based on a delegation instruction received from a tenant, a virtual network of the tenant can connect to and execute a workload via a virtual machine that is part of a virtual network that belongs to a resource provider. To secure calls and authorize access to the tenant's virtual network, authentication information provided with a call from the virtual network of the resource provider may need to match authorization information made available via a publication service of the cloud-based platform. Additionally or alternatively, an identifier of a NIC used to make a call may need to correspond to a registered name of the resource provider for the call to be authorized. These checks provide increased security by preventing unauthorized calls to the tenant's virtual network.

Abstract: Techniques of network virtualization of containers in cloud-based system are disclosed herein. In one embodiment, a method includes receiving a selection of a host in the computer system to instantiate a container in response to a request from a user. In response to the received selection, the method includes identifying parameters of network operations on the selected host to instantiate the requested container and assigning a network address to the container to be instantiated on the selected host in the computer system, the assigned network address is addressable from outside of the selected host without network name translation. The method can then include transmitting an instruction to the selected host to instantiate the requested container based on the assigned network address.

Abstract: Techniques are disclosed for processing data packets by a hardware-based networking device configured to disaggregate processing of data packets from hosts of a virtualized computing environment. The hardware-based networking device includes a hardware-based component implementing a plurality of behavioral models indicative of packet processing graphs for data flows in the virtualized computing environment. A data packet having a source from or destination to an endpoint in a virtual network of the virtualized computing environment is received. Based on determining that the data packet is a first packet of a data flow to or from the endpoint, one of the behavioral models is mapped to the data flow. The packet is modified in accordance with the mapped behavioral model. A state of the data flow is stored. Subsequent data packets of the data flow are processed based on the stored state.

Abstract: Techniques are disclosed for processing data packets and implementing policies in a software defined network (SDN) of a virtual computing environment. At least two SDN appliances are configured to disaggregate enforcement of policies of the SDN from hosts of the virtual computing environment. The hosts are implemented on servers communicatively coupled to network interfaces of the SDN appliance. The servers host a plurality of virtual machines. The servers are communicatively coupled to network interfaces of at least two top-of-rack switches (ToRs). The SDN appliance comprises a plurality of smart network interface cards (sNICs) configured to implement functionality of the SDN appliance. The sNICs have a floating network interface configured to provide a virtual port connection to an endpoint within a virtual network of the virtual computing environment.

Abstract: Techniques are disclosed for processing data packets and implementing policies in a software defined network (SDN) of a virtual computing environment. At least one SDN appliance is configured to disaggregate enforcement of policies of the SDN from hosts of the virtual computing environment. The servers are communicatively coupled to network interfaces of the SDN appliance. The servers host a plurality of virtual machines The SDN appliance comprises a plurality of smart network interface cards (sNICs) configured to implement functionality of the SDN appliance.

Abstract: Techniques are disclosed for processing data packets and implementing policies in a software defined network (SDN) of a virtual computing environment. At least two SDN appliances are configured to disaggregate enforcement of policies of the SDN from hosts of the virtual computing environment. The hosts are implemented on servers communicatively coupled to network interfaces of the SDN appliance. The servers host a plurality of virtual machines. The servers are communicatively coupled to network interfaces of at least two top-of-rack switches (ToRs). The SDN appliance comprises a plurality of smart network interface cards (sNICs) configured to implement functionality of the SDN appliance. The sNICs have a floating network interface configured to provide a virtual port connection to an endpoint within a virtual network of the virtual computing environment.

Abstract: A network appliance is configured to receive a packet having an address of a custom device as a source address. Policies are accessed that are applicable to a virtual network associated with the custom device. The policies are applied to the packet. A hairpin layer redirects the packet to a destination address contained in the packet. For subsequent packets, application of the policies is bypassed to the subsequent packets. Application of the policies is offloaded to an acceleration device.

Abstract: Described herein are systems and methods for supporting multicast for virtual networks. In some embodiments, a native multicast approach can utilized in which packet replication is performed on a host node of a virtual machine (VM) with a multicast data packet encapsulated in uniquely address unicast packets. In some embodiments, a network virtual appliance can be utilized. A multicast packet sent from the VM can be unicasted to the network virtual appliance. The multicast appliance can then replicate the packet into multiple copies and send the packets to the receivers in the virtual network as unicast data packets encapsulating the multicast packet.

Abstract: A virtual network comprising virtual machines executing at a computing environment is implemented. A floating network interface is attached to a software defined networking (SDN) appliance. The floating network interface is configured to provide a connection to computing resources via a virtual network of a virtual computing environment, and the floating network interface is attachable to and detachable from the SDN appliance. The SDN appliance is configured to apply policies of the virtual computing environment to data traffic on the virtual network.