Abstract: At a virtualization host which includes an instance partitioning controller, a set of resources is allocated to a compute instance by a virtualization manager. The first compute instance does not include another virtualization manager. In response to a communication from the controller, the virtualization manager allocates a subset of the resources to a child compute instance launched at the virtualization host. An application is executed within the child compute instance.

Abstract: Disclosed are techniques regarding aspects of selectively enabling or disabling interconnects between peripheral processors. The peripheral processors may be included within a compute service provider and may be accessible via virtual machines within guest domains implemented within the compute service provider. The interconnects can be enabled or disabled depending upon whether they traverse domains of the compute service provider.

Abstract: A server computer toggles between a protected mode and an unprotected mode. In the protected mode, users are unable to access configuration information due to a Base Address Register (BAR) being cleared. However, a service provider can access a Trusted Platform Module (TPM) through an Application Program Interface (API) request. In an unprotected mode, the BAR is programmed so that users can access the configuration information, but the TPM is blocked. Blocking of the TPM is achieved by changing a configuration file, which changes an overall image of the card. With the modified image not matching an original image, the TPM blocks access to data, such as encryption keys. Separate interfaces can be used for user access (PCIe) and service provider access (Ethernet) to the server computer. The server computer can then be toggled back to the protected mode by switching the configuration file to the original configuration file.

Abstract: At a network manager of an extension resource group of a provider network, a message comprising a command to launch a compute instance is received at an address which is part of a first network configured at a premise external to the provider network. The extension resource group includes a first host at the external premise. Within a second network configured at the external premise, the first host is assigned an address within a second address range. Addresses within the second range are also assigned to hosts within the provider network. The command is transmitted to the first host, and a compute instance is instantiated.

Abstract: A control-plane component of a network-accessible service receives an indication that a resource request has been submitted by a client. The component determines, based at least in part on metadata associated with the client, that a first parameter selection policy (PSP) of one or more PSPs created for the service is applicable. The first PSP includes a condition set to determine applicability, and a value set indicating parameter values to be used to fulfill resource requests to which the PSP applies. Using the value set, an effective parameter value list for one or more operations to be performed to allocate the requested resource is generated, and the allocation operations are initiated.

Abstract: Disclosed herein are techniques for maintaining a secure environment on a server. In one embodiment, the server includes a baseboard management controller (BMC), a first Ethernet port coupled with an adapter device network comprising a plurality of adapter devices, and a master adapter device including a second Ethernet port and a network switch, the network switch being controllable to be selectively coupled with at least one of the BMC, the first Ethernet port, or the second Ethernet port. The master adapter device may receive a network packet from at least one of: the first Ethernet port, the second Ethernet port, or the BMC, and determine, based on a forwarding policy, whether to forward the network packet. Based on a determination to forward the network packet, the master adapter device may determine a destination, and control the network switch to transmit the network packet to the destination.

Abstract: A server includes a motherboard and a programmable logic device coupled to the motherboard. The server also includes a hardware device coupled to the motherboard and the programmable logic device. The server further includes a non-volatile memory storing firmware for the hardware device. The non-volatile memory is coupled to the motherboard and the programmable logic device. The server further includes a peripheral device coupled to the motherboard and the programmable logic device. The peripheral device receives firmware data from a management server. The peripheral device verifies that the firmware data corresponds to the hardware device. The peripheral device further holds the hardware device in reset mode. The peripheral device stores the firmware data on the non-volatile memory to update the firmware and releases the hardware device from reset mode after updating the firmware.

Abstract: Implementations detailed herein include description of a computer-implemented method to migrate a machine learning model from one accelerator portion (such as a portion of a graphical processor unit (GPU)) to a different accelerator portion. In some instances, a state of the first accelerator portion is persisted, the second accelerator portion is configured, the first accelerator portion is then detached from a client application instance, and at least a portion of an inference request is performed using the loaded at least a portion of the machine learning model on the second accelerator portion that had been configured.

Abstract: At a network manager of an extension resource group of a provider network, a message comprising a command to launch a compute instance is received at an address which is part of a first network configured at a premise external to the provider network. The extension resource group includes a first host at the external premise. Within a second network configured at the external premise, the first host is assigned an address within a second address range. Addresses within the second range are also assigned to hosts within the provider network. The command is transmitted to the first host, and a compute instance is instantiated.

Abstract: Generally described, aspects of the present disclosure relate to a live update process of the virtual machine monitor during the operation of the virtual machine instances. An update to a virtual machine monitor can be a difficult process to execute because of the operation of the virtual machine instances. Generally, in order to update the virtual machine monitor, the physical computing device needs to be rebooted, which interrupts operation of the virtual machine instances. The live update process provides for a method of updating the virtual machine monitor without rebooting the physical computing device.

Abstract: At a virtualization host, an isolated run-time environment is established within a compute instance. The configuration of the isolated run-time environment is analyzed by a security manager of the hypervisor of the host. After the analysis, computations are performed at the isolated run-time environment.

Abstract: Generally described, the present application relates to systems and methods for the managing virtual machines instances using a physical computing device and an offload device. The offload device can be a separate computing device that includes computing resources (e.g., processor and memory) separate from the computing resources of the physical computing device. The offload device can be connected to the physical computing device via a bus interface. The bus interface can be a high speed, high throughput, low latency interface such as a Peripheral Component Interconnect Express (PCIe) interface. The offload device can be used to offload virtualization and processing of virtual components from the physical computing device, thereby increasing the computing resources available to the virtual machine instances.

Abstract: Techniques are disclosed for determining for determining parameters for a Transmission Control Protocol (TCP) connection between two computing nodes before the connection is established. In embodiments, the latency of data transmission between two computing nodes and the throughput capacity of a network link are measured, and from this data, TCP parameters for a future network connection between two computing nodes are determined. This information is sent to a TCP stack that stores it in its route table. Then, the TCP stack uses TCP parameters based on the information stored in the route table.

Abstract: Interfaces of a compute node on a printed circuit board can be secured by obfuscating the information communicated over the interfaces. Data to be communicated between the compute node and a device on the printed circuit board using an interface can be encrypted, and an address corresponding to the data to be communicated can be scrambled. In addition, the compute node can be the root of trust which can provide secure boot of different components using an on-chip mechanism, and without relying on external devices.

Abstract: Disclosed herein are techniques for migrating data from a source memory range to a destination memory while data is being written into the source memory range. An apparatus includes a control logic configured to receive a request for data migration and initiate the data migration using a direct memory access (DMA) controller, while the source memory range continues to accept write operations. The apparatus also includes a tracking logic coupled to the control logic and configured to track write operations performed to the source memory range while data is being copied from the source memory range to the destination memory. The control logic is further configured to initiate copying data associated with the tracked write operations to the destination memory.

Abstract: Disclosed herein are techniques for maintaining a secure execution environment on a server. In one embodiment, the server includes a non-volatile memory storing firmware, a programmable security logic coupled to the non-volatile memory, an adapter device coupled to the programmable security logic, and a processor communicatively coupled to the non-volatile memory via the programmable security logic. The adapter device and/or the programmable security logic can verify the firmware in the non-volatile memory while holding the processor and/or a baseboard management controller (BMC) in power reset, release the processor and the BMC from reset to boot the processor and the BMC after the firmware is verified, and then disable communications between the processor and the BMC and deny at least some requests to write to the non-volatile memory by the processor or the BMC.

Abstract: A request to launch a compute instance is received at a control plane of a provider network. At an outbound command communicator, an indication that a compute instance is to be established at a target host at a client premise is obtained. A first address is associated with the target host at the control plane and also assigned to the communicator. A message with a second address within a first network of the client premise as a destination is transmitted. The message comprises a command to establish the compute instance at the target host. The first address is assigned to the target host within a second network of the client premise. Processing of the command at the target host results in establishment of a compute instance.

Abstract: At a network manager of an extension resource group of a provider network, a message comprising a command to launch a compute instance is received at an address which is part of a first network configured at a premise external to the provider network. The extension resource group includes a first host at the external premise. Within a second network configured at the external premise, the first host is assigned an address within a second address range. Addresses within the second range are also assigned to hosts within the provider network. The command is transmitted to the first host, and a compute instance is instantiated.

Abstract: A tiered credentialing approach provides assurance to customers having virtual machines running in a remote environment that the virtual images for these machines are in a pristine state and running in a trusted execution environment. The environment can be divided into multiple subsystems, each having its own cryptographic boundary, secure storage, and trusted computing capabilities. A trusted, limited subsystem can handle the administrative tasks for virtual machines running on the main system of a host computing device. The limited system can receive a certificate from a certificate authority, and can act as a certificate authority to provide credentials to the main system. Upon an attestation request, the subsystems can provide attestation information using the respective credentials as well as the certificate chain. An entity having the appropriate credentials can determine the state of the system from the response and verify the state is as expected.

Abstract: Provided are systems and methods for generating transactions with a configurable port. In some implementations, a peripheral device is provided. The peripheral device comprises a configurable port. In some implementations, the configurable port may be configured to receive a first transaction. In these implementations, the first transactions may include an address. The address may include a transaction attribute. In some implementations, the configurable port may extract the transaction attribute and a transaction address from the address. The configurable port may further generate a second transaction that includes the transaction attribute and the transaction address. The configurable port may also transmit the second transaction.