Abstract: A system and method of initializing a virtual machine within a secure hybrid cloud is disclosed. One method includes transmitting service mode credentials to a cloud broker from a cloud-based virtual machine, receiving a service mode community of interest key from a credentialing service based on the service mode credentials, and establishing a secure service mode connection based on the service mode community of interest key. The method also includes receiving role VPN credentials at the cloud-based virtual machine and establishing a secure role connection to the cloud broker using the role VPN credentials, thereby providing, in response to the role VPN credentials, a role VPN community of interest key to a virtual data relay dedicated to the cloud-based virtual machine.

Abstract: A system and method of managing secure integration of a cloud-based computing resource with a private domain are disclosed. One system includes a hybrid cloud arrangement including a plurality of virtual machines, the plurality of virtual machines including at least a first virtual machine within the private domain and a second virtual machine within a public cloud. The system also includes a virtual data relay within the private domain and associated with the second virtual machine. The virtual data relay includes a private domain interface used to establish a secure communication link according to a first security protocol with each virtual machine within the private domain that is a member of a community of interest, the virtual data relay assigned a community of interest key used by the private domain interface and defining the community of interest of which the second virtual machine is a member.

Abstract: A system and method of initializing a virtual machine within a secure hybrid cloud is disclosed. One method includes transmitting service mode credentials to a cloud broker from a cloud-based virtual machine, receiving a service mode community of interest key from a credentialing service based on the service mode credentials, and establishing a secure service mode connection based on the service mode community of interest key. The method also includes receiving role VPN credentials at the cloud-based virtual machine and establishing a secure role connection to the cloud broker using the role VPN credentials, thereby providing, in response to the role VPN credentials, a role VPN community of interest key to a virtual data relay dedicated to the cloud-based virtual machine.

Abstract: A system and method of managing secure integration of a cloud-based computing resource with a private domain are disclosed. One system includes a hybrid cloud arrangement including a plurality of virtual machines, the plurality of virtual machines including at least a first virtual machine within the private domain and a second virtual machine within a public cloud. The system also includes a virtual data relay within the private domain and associated with the second virtual machine. The virtual data relay includes a private domain interface used to establish a secure communication link according to a first security protocol with each virtual machine within the private domain that is a member of a community of interest, the virtual data relay assigned a community of interest key used by the private domain interface and defining the community of interest of which the second virtual machine is a member.

Abstract: A server hosting system provides managed servers for tenants of the server hosting system. Managed servers for different tenants can have the same IP addresses and fully-qualified domain names (FQDNs). Furthermore, the server hosting system provides routers for the tenants. The router for a tenant can receive a Domain Name System (DNS) update message. The DNS update message is a request for a DNS server to associate a tenant-side FQDN with a tenant-side IP address. This tenant-side IP address can concurrently be an IP address of a managed server of another tenant. In response to receiving the DNS update request, the router sends a DNS data message to a management system for the server hosting system. The DNS data message indicates the IP address, the tenant-side FQDN, and an IP address only associated with the given tenant.

Abstract: A server hosting system provides managed servers for tenants. Managed servers for different tenants can have the same IP addresses and fully-qualified domain names. A server manager for the server hosting system detects a deletion event for one of the managed servers. In response to detecting the deletion event, the server manager sends a web services request to a Domain Name Service (DNS) web service having a web API. The web services request requests invocation of a deregister method in the web API. The deregister method removes DNS records that associate a management-side fully qualified domain name (FQDN) for the managed server with a management-side IP address for the managed server. No other managed server in the server hosting system has the management-side IP address. No other managed server in the server hosting system has the management-side FQDN.

Abstract: A server hosting system provides managed servers for tenants of the server hosting system. Managed servers for different tenants can have the same IP addresses and fully-qualified domain names (FQDNs). Furthermore, the server hosting system provides routers for the tenants. The router for a tenant can receive a Domain Name System (DNS) update message. The DNS update message is a request for a DNS server to associate a tenant-side FQDN with a tenant-side IP address. This tenant-side IP address can concurrently be an IP address of a managed server of another tenant. In response to receiving the DNS update request, the router sends a DNS data message to a management system for the server hosting system. The DNS data message indicates the IP address, the tenant-side FQDN, and an IP address only associated with the given tenant.

Abstract: A server hosting system provides managed servers for tenants. Managed servers for different tenants can have the same IP addresses and fully-qualified domain names (FQDNs). A management system of the server hosting system receives a DNS data message from a tenant router in the server hosting system. The DNS data message specifies an IP address of one of the managed servers, a tenant-side FQDN for the managed server, and an IP address of the tenant router. The managed server and the tenant router are associated with a given tenant. The IP address is also an IP address of another one of the managed servers. In response, the management system obtains a management-side IP address and a management-side FQDN for the managed server. The management system then updates a Domain Name System (DNS) record to associate the management-side FQDN with the management-side IP address.

Abstract: A method, system, and computer program product specifies a communication intraconnect architecture that supports a pull model based data communication where data is sent to a receiver along with a memory address (a receiver buffer address or a reference to a pool manager or buffer pool) where the data is to be stored. CIA primitives are used to create nodes and dialog objects managed by send and receive IFEs. A logical dialog is established between corresponding send and receive dialog objects. A send dialog object includes a reference that identifies for the send IFE the corresponding receive dialog object in the receive IFE. The receive dialog object includes a reference that identifies for the receive IFE the corresponding send dialog object in the send IFE. Receive and send primitives are used to provide pull model data communication over a logical dialog. Receive with Buffer and Receive with Buffer Pool operations are provided.

Abstract: A method, system, and computer program product specifies a communication intraconnect architecture that supports a pull model based data communication where data is sent to a receiver along with a memory address (a receiver buffer address or a reference to a pool manager or buffer pool) where the data is to be stored. CIA primitives are used to create nodes and dialog objects managed by send and receive IFEs. A logical dialog is established between corresponding send and receive dialog objects. A send dialog object includes a reference that identifies for the send IFE the corresponding receive dialog object in the receive IFE. The receive dialog object includes a reference that identifies for the receive IFE the corresponding send dialog object in the send IFE. Receive and send primitives are used to provide pull model data communication over a logical dialog. Receive with Buffer and Receive with Buffer Pool operations are provided.

Abstract: A method, system, and computer program product specifies a communication intraconnect architecture that supports a pull model based data communication where data is sent to a receiver along with a memory address (a receiver buffer address or a reference to a pool manager or buffer pool) where the data is to be stored. CIA primitives are used to create nodes and dialog objects managed by send and receive IFEs. A logical dialog is established between corresponding send and receive dialog objects. A send dialog object includes a reference that identifies for the send IFE the corresponding receive dialog object in the receive IFE. The receive dialog object includes a reference that identifies for the receive IFE the corresponding send dialog object in the send IFE. Receive and send primitives are used to provide pull model data communication over a logical dialog. Receive with Buffer and Receive with Buffer Pool operations are provided.