Abstract: Account data comprising metadata for primary application instances running at a primary active cloud environment instance (ACEI) is stored. Application data associated with the primary application instances is stored at primary databases (DBs). The account and application data are transferred to secondary DBs at a secondary ACEI. The secondary ACEI may be a backup instance to substitute services provided by the primary ACEI in case of unavailability. For example, the location where the primary ACEI is hosted may be affected by a disaster. To failover a primary data center hosting the primary ACEI, a database takeover to the secondary DBs is performed. The secondary ACEI is configured correspondingly to the primary ACEI based on the transferred account data. Secondary application instances corresponding to the primary application instances are started at the secondary ACEI. Requests directed to the primary application instances are redirected to the secondary application instances.

Abstract: Account data comprising metadata for primary application instances running at a primary active cloud environment instance (ACEI) is stored. Application data associated with the primary application instances is stored at primary databases (DBs). The account and application data are transferred to secondary DBs at a secondary ACEI. The secondary ACEI may be a backup instance to substitute services provided by the primary ACEI in case of unavailability. For example, the location where the primary ACEI is hosted may be affected by a disaster. To failover a primary data center hosting the primary ACEI, a database takeover to the secondary DBs is performed. The secondary ACEI is configured correspondingly to the primary ACEI based on the transferred account data. Secondary application instances corresponding to the primary application instances are started at the secondary ACEI. Requests directed to the primary application instances are redirected to the secondary application instances.

Abstract: A resource registry provides nondeterministic operation environment affording flexible access for resource execution and status monitoring on the cloud. The resource registry service provides generic resource management utilizing registration, updating, and unregistration by resource providers. A requester for an operation may register in the resource registry, an operation resource having parameters defined in metadata. The resource registry notifies a registered resource listener of this registration of the operation resource. The resource listener may then execute the operation according to parameters defined in the operation resource. The resource listener returns a response to the resource registry, concerning a result of execution of the operation. The resource registry updates this status in the metadata of the operation resource. The requester is then able to look up the operation resource's metadata to determine current status of the operation.

Abstract: A method to store objects in a memory cache is disclosed. A request is received from an application to store an object in a memory cache associated with the application. The object is stored in a cache region of the memory cache based on an identification that the object has no potential for storage in a shared memory cache and a determination that the cache region is associated with a storage policy that specifies that objects to be stored in the cache region are to be stored in a local memory cache and that a garbage collector is not to remove objects stored in the cache region from the local memory cache.

Abstract: An operation execution request is created by an operation requester at an operations service module. The operation execution request is stored by the operations service module. A polling message for the operation execution request is received. The polling message includes a name of an operation. A response including the operation execution request and corresponding operation data is returned. An execution service schedules internally the operation for execution. The execution service sends an acknowledgement message to acknowledge the operation execution request. The operation data and corresponding operation execution request is locked for execution by other execution services. The execution service executes the operation with the operation data and provides result of the operation execution. The operations service module updates status of the operation execution request. The updated status is provided to the operation requester upon polling for status of the operation execution request.

Abstract: A resource registry provides nondeterministic operation environment affording flexible access for resource execution and status monitoring on the cloud. The resource registry service provides generic resource management utilizing registration, updating, and unregistration by resource providers. A requester for an operation may register in the resource registry, an operation resource having parameters defined in metadata. The resource registry notifies a registered resource listener of this registration of the operation resource. The resource listener may then execute the operation according to parameters defined in the operation resource. The resource listener returns a response to the resource registry, concerning a result of execution of the operation. The resource registry updates this status in the metadata of the operation resource. The requester is then able to look up the operation resource's metadata to determine current status of the operation.

Abstract: Secure communication between processes in cloud platform may be performed by receiving a request from a client application process hosted in an application virtual machine at a load balancer. A first secure communication channel is established between the client application process and the load balancer. The first secure communication channel is encrypted with the client certificate. The first secure communication channel is terminated at the load balancer. A service process in a service virtual machine is identified based on the request received from the client application process. A new request is sent to the service virtual machine to establish a second secure communication channel between the load balancer and the service virtual machine. The load balancer certificate signed by the internal certificate authority is validated at the service virtual machine. Upon successful validation of the load balancer certificate, the second secure communication channel is accepted at the service virtual machine.

Abstract: A proxy server is instantiated on an application virtual machine of a cloud platform. The application virtual machine hosts an application that consumes services. The proxy server manages requests by the application for secure consumption of the services. The proxy server receives first requests from the application for consumption of a service. The application refers to the service by an identification. The proxy server determines a real network address for accessing the service by searching in a service catalog storing a mapping between the identification and the real network address. The proxy server requests execution of consumption of the service. The proxy server establishes a secure communication having mutual authentication with the service through generating an encrypted second request directed to the real network address of the service.

Abstract: A package including a native monitoring library and a shared memory API interface to the native monitoring library is integrated into an arbitrary server to reuse monitoring performed by a server instance of a cluster of server instances. The one or more extension server nodes are installed on a server instance from the cluster of server instances based the arbitrary server. Status information is reported to the shared memory via the shared memory API by the installed extension server nodes. Logging format native to the arbitrary server is reconfigured according to input values of configuration parameters that specify logging format native to server nodes running on the server instance. An application is deployed on each of one or more extension server nodes. The deployment operation of the application is transactional. Security control for the deployed application is delegated to the cluster of server instances.

Abstract: In an example embodiment, on-premise systems have access to a cloud connector located on-premise. When the on-premise cloud connector is started, it may establish a secure connection to a notification service residing in the cloud. Applications running on the cloud have access to a connectivity agent. Cloud applications wishing to communicate with the on-premise systems send the communications through the connectivity agent. If a secure connection between the connectivity agent and the cloud connector does not exist, the connectivity agent sends a request to open a secure connection to the notification service. The notification service forwards the request to the cloud connector over its secure connection. The cloud connector may check the requested connection, and if authorized, open a secure connection to the connectivity agent. The connectivity agent then forwards the communication to the cloud connector, which then forwards it to the on-premise system.

Abstract: A request to consume a cloud resource is received from an on-premise application. The on-premise application is deployed to a local version of a cloud application runtime. The local version of the cloud application runtime is installed locally at an on-premise platform. The request is forwarded via a secure tunnel from the on-premise platform to the requested cloud resource. The response from the requested cloud resource is forwarded back to the requesting on-premise application via the secure tunnel.

Abstract: A method to store objects in a memory cache is disclosed. A request is received from an application to store an object in a memory cache associated with the application. The object is stored in a cache region of the memory cache based on an identification that the object has no potential for storage in a shared memory cache and a determination that the cache region is associated with a storage policy that specifies that objects to be stored in the cache region are to be stored in a local memory cache and that a garbage collector is not to remove objects stored in the cache region from the local memory cache.

Abstract: Example systems and methods of application construction for execution on diverse computing infrastructures are presented. In one example, an application descriptor comprising information regarding an application is received. Available computing machine resources for execution of the application are selected based on the information in the application descriptor. Software resources comprising the application are installed on the selected computing machine resources based on the information in the application descriptor. At least one of the selected computing machine resources and the installed software resources are configured for execution of the application based on the information in the application descriptor.

Abstract: Within a cluster, when a new server node joins the cluster, an indication of the new server node has joined is received by at least one server node in the cluster. Global naming operations are disabled within the cluster. While the global naming operations are disabled, the global naming objects are replicated to the new server node. Once the replication is complete, global naming is reenabled for the cluster. In one embodiment of the invention, subsequent naming data from subsequent global naming operations is replicated in all server nodes in the cluster. One embodiment of the invention redirects naming operations directed to a down server node to a different server node within the cluster. One embodiment of the invention performs security checks responsive to a first access to the naming service.

Abstract: Secure communication between processes in cloud platform may be performed by receiving a request from a client application process hosted in an application virtual machine at a load balancer. A first secure communication channel is established between the client application process and the load balancer. The first secure communication channel is encrypted with the client certificate. The first secure communication channel is terminated at the load balancer. A service process in a service virtual machine is identified based on the request received from the client application process. A new request is sent to the service virtual machine to establish a second secure communication channel between the load balancer and the service virtual machine. The load balancer certificate signed by the internal certificate authority is validated at the service virtual machine. Upon successful validation of the load balancer certificate, the second secure communication channel is accepted at the service virtual machine.

Abstract: In an example embodiment, on-premise systems have access to a cloud connector located on-premise. When the on-premise cloud connector is started, it may establish a secure connection to a notification service residing in the cloud. Applications running on the cloud have access to a connectivity agent. Cloud applications wishing to communicate with the on-premise systems send the communications through the connectivity agent. If a secure connection between the connectivity agent and the cloud connector does not exist, the connectivity agent sends a request to open a secure connection to the notification service. The notification service forwards the request to the cloud connector over its secure connection. The cloud connector may check the requested connection, and if authorized, open a secure connection to the connectivity agent. The connectivity agent then forwards the communication to the cloud connector, which then forwards it to the on-premise system.

Abstract: In one aspect, an application is received to be to be executed in a local development environment. The application is configured to access at least one service from a number of services of a remote runtime platform. A software development kit (SDK) is selected as an execution environment of the application. The SDK includes a number of application programming interfaces (APIs) of the services and a number of local implementations of the services. In another aspect, the application is executed over the SDK and remote functioning of the application is emulated in the local development environment.

Abstract: Example systems and methods of managing applications are described. In one implementation, a load balancer receives a request to start an instance of an application. An orchestrator receives application code associated with the instance of the application and selects a virtual machine template based on the application code. The orchestrator provisions a virtual machine associated with the instance of the application using the virtual machine template. Additionally, the orchestrator notifies the load balancer that the virtual machine is available to start the instance of the application.

Abstract: Example systems and methods of application construction for execution on diverse computing infrastructures are presented. In one example, an application descriptor comprising information regarding an application is received. Available computing machine resources for execution of the application are selected based on the information in the application descriptor. Software resources comprising the application are installed on the selected computing machine resources based on the information in the application descriptor. At least one of the selected computing machine resources and the installed software resources are configured for execution of the application based on the information in the application descriptor.

Abstract: A method and system for providing naming operations. Contexts are created and organized hierarchically under an initial context. The hierarchy is retained in a non-persistent storage medium. The objects and contexts created as a result of various naming operations are removed from the naming system responsive to a reboot of a server. In one embodiment, the entire naming hierarchy is represented in nested hash tables with a nesting level of only two.