Abstract: A model of a system is generated and used as a basis for managing the system. As the system is managed, the system model can be updated to reflect changes to the system. Managing of the system can include one or more of provisioning applications in the system, provisioning applications in virtual systems, provisioning test environments, monitoring the configuration of the system, monitoring the system including the health of the system, performing capacity planning for the system, and propagating attributes to different components in the system.

Abstract: A technique is provided for authenticating a computing device to access a secured resource based on a persistent identity that is associated with the computing device. The persistent identity is maintained in an isolated region of the computing device. In one aspect, a secure identity processing area (SIPA) is provided within the computing device to contain the persistent identity.

Abstract: A technique is provided for acquiring security domain access credentials on a computing device. The security domain access credentials are acquired by storing a persistent identity on the computing device, and deriving data that includes the security domain access credentials from the persistent identity. The derived data is transferred to a security domain to allow the computing device to join the security domain.

Abstract: A technique is provided for dividing a plurality of switch ports into trusted ports and untrusted ports. The trusted ports are those ports that are coupled either directly or via one or more additional switches to a trusted computing device. Filters are applied on each untrusted port to allow the untrusted ports to communicate with any trusted port, but disallow the untrusted ports to communicate with any other untrusted port.

Abstract: An instrumentation system performs operations such as profiling an application and partitioning and distributing units of the application using different versions of metadata describing the application. Performing an operation on an executing application generates overhead. Detailed metadata used in operations such as profiling create unnecessary overhead during other operations. By removing metadata detail unnecessary for a particular operation, an instrumentation system using reduced metadata generates less overhead for that particular operation. Different instrumentation packages include different versions of metadata for performing operations on the application.

Abstract: A technique is provided for admitting to a staging area a computing device. Information related to a persistent identity that is located in the computing device at the staging area is ascertained. The computing device can be substantially authenticated to a protected production network based on the information related to the persistent identity acquired in the staging area.

Abstract: A controller, referred to as the “BMonitor”, is situated on a computer. The BMonitor includes a plurality of filters that identify where data can be sent to and/or received from, such as another node in a co-location facility or a client computer coupled to the computer via the Internet. The BMonitor further receives and implements requests from external sources regarding the management of software components executing on the computer, allowing such external sources to initiate, terminate, debug, etc. software components on the computer. Additionally, the BMonitor operates as a trusted third party mediating interaction among multiple external sources managing the computer.

Abstract: An automatic distributed partitioning system (ADPS) determines which unit exposes an interface in a framework in which units lack reliable identities. The ADPS detects a reference to an interface. For the interface, the ADPS assures that the unit that exposes the interface is identified. Using unit identities, the ADPS performs operations such as profiling of an application or classifying units of an application. An interface wrapper for the interface stores the identity of the unit that exposes the interface, as well as information about the interface and a reference to instrumentation. When a client unit calls a member function of an interface, the interface wrapper intercepts the call and invokes the instrumentation. The instrumentation performs an operation such as profiling the application or classifying a unit. The ADPS detects when an interface is undocumented, and handles undocumented interfaces without invoking the full instrumentation capabilities of the ADPS.

Abstract: An automatic distributed partitioning system (ADPS) determines which unit exposes an interface in a framework in which units lack reliable identities. The ADPS detects a reference to an interface. For the interface, the ADPS assures that the unit that exposes the interface is identified. Using unit identities, the ADPS performs operations such as profiling of an application or classifying units of an application. An interface wrapper for the interface stores the identity of the unit that exposes the interface, as well as information about the interface and a reference to instrumentation. When a client unit calls a member function of an interface, the interface wrapper intercepts the call and invokes the instrumentation. The instrumentation performs an operation such as profiling the application or classifying a unit. The ADPS detects when an interface is undocumented, and handles undocumented interfaces without invoking the full instrumentation capabilities of the ADPS.

Abstract: A system facilitates the design and implementation of large-scale applications, such as Internet Services and Websites, for distributed computer systems, such as server data centers, Internet data centers (IDCs), Web farms, and the like. The system has a modeling system and a deployment system. The modeling system permits developers to architect the hardware and software used to implement the applications in an abstract manner. The modeling system defines a set of components used to describe the functionality of an application. The model components are arranged and interconnected to form a scale-independent logical model of the application. Once a logical model is created, the deployment system uses the logical model to automatically deploy various computer/software resources to implement the application. The deployment system converts each of the model components into one or more instances that correspond to physical resources.

Abstract: A multi-tiered server management architecture is employed including an application development tier, an application operations tier, and a cluster operations tier. In the application development tier, applications are developed for execution on one or more server computers. In the application operations tier, execution of the applications is managed and sub-boundaries within a cluster of servers can be established. In the cluster operations tier, operation of the server computers is managed without concern for what applications are executing on the one or more server computers and boundaries between clusters of servers can be established. The multi-tiered server management architecture can also be employed in co-location facilities where clusters of servers are leased to tenants, with the tenants implementing the application operations tier and the facility owner (or operator) implementing the cluster operations tier.

Abstract: A stateless distributed computer architecture allows state-caching objects, which hold server state information, to be maintained on a client or network rather than on a server. In one implementation, the computer architecture implements object-oriented program modules according to a distributed component object model (DCOM). Using an object-oriented network protocol (e.g., remote procedure call), a client-side application calls through an application program interface (API) to a program object residing at a server computer. The program object, responsive to the call, creates a state caching object that contains state information pertaining to the client connection. The server inserts the state-caching object into a local thread context and processes the request to generate a reply. The server subsequently attaches the state-caching object to the reply and returns them both to the client. The client stores the state-caching object for later communication with the server.

Abstract: A stateless distributed computer architecture allows state-caching objects, which hold server state information, to be maintained on a client or network rather than on a server. In one implementation, the computer architecture implements object-oriented program modules according to a distributed component object model (DCOM). Using an object-oriented network protocol (e.g., remote procedure call), a client-side application calls through an application program interface (API) to a program object residing at a server computer. The program object, responsive to the call, creates a state caching object that contains state information pertaining to the client connection. The server inserts the state-caching object into a local thread context and processes the request to generate a reply. The server subsequently attaches the state-caching object to the reply and returns them both to the client. The client stores the state-caching object for later communication with the server.

Abstract: A controller, referred to as the “BMonitor”, is situated on a computer. The BMonitor includes a plurality of filters that identify where data can be sent to and/or received from, such as another node in a co-location facility or a client computer coupled to the computer via the Internet. The BMonitor further receives and implements requests from external sources regarding the management of software components executing on the computer, allowing such external sources to initiate, terminate, debug, etc. software components on the computer. Additionally, the BMonitor operates as a trusted third party mediating interaction among multiple external sources managing the computer.

Abstract: A system facilitates the design and implementation of large-scale applications, such as Internet Services and Websites, for distributed computer systems, such as server data centers, Internet data centers (IDCs), Web farms, and the like. The system has a modeling system and a deployment system. The modeling system permits developers to architect the hardware and software used to implement the applications in an abstract manner. The modeling system defines a set of components used to describe the functionality of an application. The model components are arranged and interconnected to form a scale-independent logical model of the application. Once a logical model is created, the deployment system uses the logical model to automatically deploy various computer/software resources to implement the application. The deployment system converts each of the model components into one or more instances that correspond to physical resources.

Abstract: Methods of factoring operating system functions into one or more groups of functions are described. Factorization permits operating systems that are not configured to support computing in an object-oriented environment to be used in an object oriented environment. This promotes distributed computing by enabling operating system resources to be instantiated and used across process and machine boundaries. In one embodiment, criteria are defined that govern how functions of an operating system are to be factored into one or more groups. Based on the defined criteria, the functions are factors into groups and groups of functions are then associated with programming objects that have data and methods, wherein the methods correspond to the operating system functions. Applications can call methods on the programming objects either directly or indirectly that, in turn, call operating system functions.

Abstract: A controller, referred to as the “BMonitor”, is situated on a computer. The BMonitor includes a plurality of filters that identify where data can be sent to and/or received from, such as another node in a co-location facility or a client computer coupled to the computer via the Internet. The BMonitor further receives and implements requests from external sources regarding the management of software components executing on the computer, allowing such external sources to initiate, terminate, debug, etc. software components on the computer. Additionally, the BMonitor operates as a trusted third party mediating interaction among multiple external sources managing the computer.

Abstract: A controller, referred to as the “BMonitor”, is situated on a computer. The BMonitor includes a plurality of filters that identify where data can be sent to and/or received from, such as another node in a co-location facility or a client computer coupled to the computer via the Internet. The BMonitor further receives and implements requests from external sources regarding the management of software components executing on the computer, allowing such external sources to initiate, terminate, debug, etc. software components on the computer. Additionally, the BMonitor operates as a trusted third party mediating interaction among multiple external sources managing the computer.

Abstract: A multi-tiered server management architecture is employed including an application development tier, an application operations tier, and a cluster operations tier. In the application development tier, applications are developed for execution on one or more server computers. In the application operations tier, execution of the applications is managed and sub-boundaries within a cluster of servers can be established. In the cluster operations tier, operation of the server computers is managed without concern for what applications are executing on the one or more server computers and boundaries between clusters of servers can be established. The multi-tiered server management architecture can also be employed in co-location facilities where clusters of servers are leased to tenants, with the tenants implementing the application operations tier and the facility owner (or operator) implementing the cluster operations tier.

Abstract: A multi-tiered server management architecture is employed including an application development tier, an application operations tier, and a cluster operations tier. In the application development tier, applications are developed for execution on one or more server computers. In the application operations tier, execution of the applications is managed and sub-boundaries within a cluster of servers can be established. In the cluster operations tier, operation of the server computers is managed without concern for what applications are executing on the one or more server computers and boundaries between clusters of servers can be established. The multi-tiered server management architecture can also be employed in co-location facilities where clusters of servers are leased to tenants, with the tenants implementing the application operations tier and the facility owner (or operator) implementing the cluster operations tier.