Abstract: Methods, systems, and computer-readable media for a service for managing quantum computing resources are disclosed. A task management service receives a description of a task specified by a client. From a pool of computing resources of a provider network, the service selects a quantum computing resource for implementation of the task. The quantum computing resource comprises a plurality of quantum bits. The service causes the quantum computing resource to run a quantum algorithm associated with the task. The service receives one or more results of the quantum algorithm from the quantum computing resource.

Abstract: An on-demand code execution environment present in points of presence (POPs) and in regions serviced by the POPs is provided herein. For example, a POP may receive a request to execute a task associated with user-defined code. If the POP determines that the computing resources necessary to execute a received task are not available or that the POP should not execute the received task for another reason (e.g., the task is not commonly received and the computing resources needed to execute the task are therefore best allocated for other requests), the POP can forward the task to a region that the POP services for execution by an on-demand code execution environment present in the region. The on-demand code execution environment present in the region can execute the task and forward the results of the execution to the POP for distribution back to a user device that requested the task execution.

Abstract: Systems and methods are described for providing virtualized transaction retries in an on-demand network code execution system. A user may generate a task on the system by submitting code. The task may include a transaction that can succeed or fail depending on external factors, such as accessing a resource that other processes are also trying to access. The system may obtain success criteria for evaluating whether the transaction was successful, and may configure a virtual machine instance to execute the submitted code. The system may generate a “snapshot” or otherwise capture information regarding the state of the virtual machine instance prior to executing the code, and may then execute the code or a portion of it to attempt the transaction. The system may then apply the success criteria to determine whether the transaction was successful, and if not may retry the transaction by restoring the snapshot and re-executing the code.

Abstract: Data replication groups may be used to store data in a distributed computing environment. The data replication groups may include a set of nodes executing a consensus protocol to maintain data durably. The nodes of the data replication groups may generate logs containing information corresponding committed operations performed by the nodes. These logs may be collected and processed to obtain useful information corresponding to the operation of the data replication group. Furthermore, this processed information may be provided in the form of a stream to enable event driven operations corresponding to the logs.

Abstract: Computer systems and methods are disclosed to implement a virtual machine monitor (VMM) that stores cryptographic keys for guest virtual machines (VMs) and securely executes cryptographic operations on the VMs' behalf using the stored cryptographic keys. The cryptographic keys are maintained in a key store that is accessible to the VMM but not accessible to the guest VMs. The cryptographic operations are executed in a manner that does not reveal the cryptographic keys to the guest VMs. In embodiments, the guest VMs may invoke the cryptographic operations via a device driver, a memory access interface, or some other mechanism. Advantageously, the guest VMs cannot obtain the cryptographic keys in their own memory space, so that the keys cannot be exfiltrated from the guest VMs. Embodiments of the VMM may be used to implement cryptographic operations such as request signing and verification, data encryption and decryption, and others.

Abstract: Systems and methods are described for management of garbage collection processes in an on-demand code execution system. An on-demand code execution system may execute user-submitted code on virtual machine instances. As each virtual machine instance executes code, garbage (e.g., memory that is allocated and then not properly de-allocated) may accumulate and may reduce the computing resources that the virtual machine instance makes available for allocation to further code executions. A garbage collection schedule manager may be used to generate a system-wide garbage collection schedule and manage garbage collection processes in accordance with the schedule.

Abstract: A data storage manager may manage storage locations for blocks of a storage volume. The blocks of the storage volume may be assigned to a logical volume exposed to a computing instance supported by a host. Furthermore, the data storage manager may also generate and maintain a set of rules that specify the locations of blocks of the storage volume, and provides the set of rules to the host. The set of rules may be included in a data structure enabling the host to access the blocks based at least in part on the information included in the set of rules.

Abstract: A data storage system includes multiple head nodes and multiple data storage sleds mounted in a rack. For a particular volume or volume partition one of the head nodes is designated as a primary head node for the volume or volume partition. The primary head node is configured to store data for the volume in a data storage of the primary head node and cause the data to be replicated to a secondary head node. The primary head node is also configured to cause the data for the volume to be stored in a plurality of respective mass storage devices each in different ones of the plurality of data storage sleds of the data storage system.

Abstract: A data storage system includes multiple head nodes and data storage sleds. The data storage sleds include multiple mass storage devices and a sled controller. Respective ones of the head nodes are configured to obtain credentials for accessing particular portions of the mass storage devices of the data storage sleds. A sled controller of a data storage sled determines whether a head node attempting to perform a write on a mass storage device of a data storage sled that includes the sled controller is presenting with the write request a valid credential for accessing the mass storage devices of the data storage sled. If the credentials are valid, the sled controller causes the write to be performed and if the credentials are invalid, the sled controller returns a message to the head node indicating that it has been fenced off from the mass storage device.

Abstract: A data storage system includes a rack, multiple head nodes, multiple data storage sleds, and at least two networking devices. The at least two network devices are configured to implement at least two redundant networks within the data storage system. Also, each of the head nodes is assigned at least two network addresses for communication with the data storage sleds of the data storage system via the at least two networking devices. The data storage sleds each include multiple mass storage devices and a sled controller that is configured to couple with the at least two network switches. IO In some embodiments, the data storage system further includes redundant power systems within a rack in which the head nodes, the data storage sleds, and the at least two networking devices are mounted.

Abstract: A distributed system may implement identifying correlated workloads for resource allocation. Resource data for resources hosted at resource hosts in a distributed system may be analyzed to determine behavioral similarities. Historical behavior data or resource configuration data, for instance, may be compared between resources. Behaviors between resources may be identified as correlated according to the determined behavioral similarities. An allocation of one or more resource hosts in the distributed system may be made for a resource based on the behaviors identified as correlated. For instance, resources may be migrated from a current resource host to another resource host, new resources may be placed at a resource host, or resources may be reconfigured into different resources. Machine learning techniques may be implemented to refine techniques for identifying correlated behaviors.

Abstract: Methods, systems, and computer-readable media for a service for managing quantum computing resources are disclosed. A task management service receives a description of a task specified by a client. From a pool of computing resources of a provider network, the service selects a quantum computing resource for implementation of the task. The quantum computing resource comprises a plurality of quantum bits. The service causes the quantum computing resource to run a quantum algorithm associated with the task. The service receives one or more results of the quantum algorithm from the quantum computing resource.

Abstract: Systems and methods are described for adjusting a number of concurrent code executions allowed to be performed for a given user on an on-demand code execution environment or other distributed code execution environments. Such environments utilize pre-initialized virtual machine instances to enable execution of user-specified code in a rapid manner, without delays typically caused by initialization of the virtual machine instances. However, to improve utilization of computing resources, such environments may temporarily restrict the number of concurrent code executions performed on behalf of the given user to a number less than the maximum number of concurrent code executions allowed for the given user. Such environments may adjust the temporary restriction on the number of concurrent code executions based on the number of incoming code execution requests associated with the given user.

Abstract: Methods, systems, and computer-readable media for a service for managing quantum computing resources are disclosed. A task management service receives a description of a task specified by a client. From a pool of computing resources of a provider network, the service selects a quantum computing resource for implementation of the task. The quantum computing resource comprises a plurality of quantum bits. The service causes the quantum computing resource to run a quantum algorithm associated with the task. The service receives one or more results of the quantum algorithm from the quantum computing resource.

Abstract: Systems and methods are described for providing an implementation of the MapReduce programming model utilizing tasks executing on an on-demand code execution system, utilizing a stream data processing system as an intermediary between map and reduce function. A map task implementing a map function can process portions of a data set, to generate outputs associated with different values for a measured attribute of the data set. Executions of the map task can publish outputs to a data stream on the stream data processing system, which stream is configured to utilize the measured attribute as a partition key for the stream. Based on the partition key, the stream data processing system can divide the stream into sub-streams, each containing a relevant subset of the outputs. The on-demand code execution system can execute a reduce task to apply the reduce function to the outputs of each sub-stream, thereby completing the MapReduce process.

Abstract: A data storage system includes multiple data storage units and a zonal control plane. The zonal control plane assigns volumes to respective ones of the data storage units. The data storage units include multiple head nodes and data storage sleds. At least one of the head nodes implements a local control plane for the data storage unit. Also, the head nodes of each data storage unit are configured to service read and write requests directed to one or more volumes serviced by the data storage unit independent of the zonal control plane.

Abstract: Systems and methods are described for reducing latency to service requests to execute code on an on-demand code execution system by maintaining snapshots of virtual machine instances in a ready state to execute such code. A user may submit code to the on-demand code execution system, which code depends on other software, such as an operating system or runtime. The on-demand code execution system can generate a virtual machine instance provisioned with the other software, and initialize the instance into a state at which it is ready to execute the code. The on-demand code execution system can then generate a snapshot of the state of the instance, and halt the instance. When a request to execute the code is received, the snapshot can be used to quickly restore the instance. The code can then be executed within the instance, reducing the need to initialize the instance or maintain the instance in an executing state.

Abstract: Systems and methods are described for providing virtualized transaction retries in an on-demand network code execution system. A user may generate a task on the system by submitting code. The task may include a transaction that can succeed or fail depending on external factors, such as accessing a resource that other processes are also trying to access. The system may obtain success criteria for evaluating whether the transaction was successful, and may configure a virtual machine instance to execute the submitted code. The system may generate a “snapshot” or otherwise capture information regarding the state of the virtual machine instance prior to executing the code, and may then execute the code or a portion of it to attempt the transaction. The system may then apply the success criteria to determine whether the transaction was successful, and if not may retry the transaction by restoring the snapshot and re-executing the code.

Abstract: Customers of shared resources in a multi-tenant environment can modify operational parameters of electronic resources. A customer can be provisioned a data volume of a specified size, storage type (e.g., hard disk drive or solid state device), committed rate of input/output operations per second, and/or geographical location, for example. The customer can subsequently modify any such operational parameters by submitting an appropriate request, or the operational parameters can be adjusted automatically based on any of a number of criteria. Data volumes for the customer can be migrated, split, or combined in order to provide the shared resources in accordance with the modified operational parameters.

Abstract: Systems and methods are described for providing connection pools between source network devices and a target, connection-limited service. Each connection pool can facilitate connections between source devices and the target service, while ensuring that connections to the connection-limited service do not exceed a defined limit. A connection manager service can initialize a connection pool for a target service on request by a client device, and provide an identifier for the connection pool to the client device. Source network devices can then transmit operations for the target service to the connection manager service, which can route the operations to an appropriate connection pool based on the identifier.