Abstract: A computer-implemented method includes identifying a storage reallocation plan associated with a primary storage volume, a secondary storage volume, and one or more client computing devices; determining a systematic importance indicator associated with the primary storage volume; and determining a systematic connectivity indicator associated with the storage reallocation plan and the one or more client computing devices. The computer-implemented method further includes determining a storage reallocation conclusion based on the systematic importance indicator and the systematic connectivity indicator. A corresponding computer program product and computer system are also disclosed.

Abstract: Technical solutions are described for securely deploying a shrouded virtual server. An example method includes sending, by a host manager, authentication information of a hosting system to a client device in response to a request from the client device. The \method also includes receiving a request to deploy a virtual server using a shrouded mode. The method also includes deploying a preconfigured hypervisor on the hosting system, where the preconfigured hypervisor is deployed in an immutable mode that disables changes to security settings of the preconfigured hypervisor. The method also includes deploying, by the preconfigured hypervisor, a preconfigured boot image as an instance of the virtual server on the preconfigured hypervisor. The method also includes sending, by the host manager, an identifier of the virtual server for receipt by the client device.

Abstract: Technical solutions are described for authenticating a hosting system prior to securely deploying a shrouded virtual server. An example method includes receiving, by a hypervisor, a request for a public certificate, from a client device that requested the virtual server, and sending the public certificate of the hosting system that executes the hypervisor. The method also includes receiving, in response to the public certificate being successfully authenticated by the client device using a third-party verification system, a session key based on a public key included in the public certificate. The method also includes decrypting the session key using a private key, where the private key is pre-installed in the hosting system by a manufacturer of the hosting system, and sending an acknowledgement message encrypted using the session key. The method also includes establishing a secure communication between the client device and the hypervisor using the session key.

Abstract: A method, computer program product, and/or system for performing a selection of a plurality of auxiliary storage sites in a multi-target environment in preparation for a hyper exchange are/is provided. To perform the selection, a failure is first detected with respect to a primary storage site in the multi-target environment. Then, aggregate weights are determined based on a management policy for the plurality of auxiliary storage sites. In turn, an auxiliary storage site with a first aggregate weight is selected from the plurality of auxiliary storage sites. With the auxiliary storage site selected, the hyper exchange of a plurality of systems in a multi-target environment in response to the failure is triggered from the primary storage site to the auxiliary storage site with the first aggregate weight.

Abstract: Technical solutions are described for extending shrouding capability of a virtual server hosting system. An example method includes receiving a request to deploy a shrouded virtual server using a predetermined set of hardware components, and using a shrouded mode. The method also includes adding a guest server to the hosting system, the guest server including the predetermined set of hardware components. The method also includes deploying a preconfigured hypervisor on the guest server, where the preconfigured hypervisor is deployed in an immutable mode that disables changes to security settings of the preconfigured hypervisor. The method also includes deploying, by the preconfigured hypervisor, a preconfigured boot image as an instance of the virtual server on the preconfigured hypervisor. The method also includes sending an identifier of the virtual server for receipt by the client device.

Abstract: A system and method of implementing a firm channel in a computer system are provided. The method including identifying at least one of a channel and a channel path ID (CHPID) as a first firm channel, automatically defining a logical path between a first device and a second device using the first firm channel, and storing the logical path in a configuration file of the computer system, wherein the logical path is accessible at system initialization.

Abstract: A computer program product and a computer system for generating and deploying a secure boot image and encrypted client data to a trusted computer system. Embodiments of the present invention disclose deploying a secure boot image and encrypted client data from a client to a trusted computer system. Embodiments of the present invention disclose booting a confidential image on a trusted computer system. Embodiments of the present invention also disclose a process of dumping a confidential image on the trusted computer system.

Abstract: Technical solutions are described for authenticating a hosting system prior to securely deploying a shrouded virtual server. An example method includes receiving, by a hypervisor, a request for a public certificate, from a client device that requested the virtual server, and sending the public certificate of the hosting system that executes the hypervisor. The method also includes receiving, in response to the public certificate being successfully authenticated by the client device using a third-party verification system, a session key based on a public key included in the public certificate. The method also includes decrypting the session key using a private key, where the private key is pre-installed in the hosting system by a manufacturer of the hosting system, and sending an acknowledgement message encrypted using the session key. The method also includes establishing a secure communication between the client device and the hypervisor using the session key.

Abstract: Technical solutions are described for securely deploying a shrouded virtual server. An example method includes sending, by a host manager, authentication information of a hosting system to a client device in response to a request from the client device. The \method also includes receiving a request to deploy a virtual server using a shrouded mode. The method also includes deploying a preconfigured hypervisor on the hosting system, where the preconfigured hypervisor is deployed in an immutable mode that disables changes to security settings of the preconfigured hypervisor. The method also includes deploying, by the preconfigured hypervisor, a preconfigured boot image as an instance of the virtual server on the preconfigured hypervisor. The method also includes sending, by the host manager, an identifier of the virtual server for receipt by the client device.

Abstract: A computer-implemented method includes identifying a storage reallocation plan associated with a primary storage volume, a secondary storage volume, and one or more client computing devices; determining a systematic importance indicator associated with the primary storage volume; and determining a systematic connectivity indicator associated with the storage reallocation plan and the one or more client computing devices. The computer-implemented method further includes determining a storage reallocation conclusion based on the systematic importance indicator and the systematic connectivity indicator. A corresponding computer program product and computer system are also disclosed.

Abstract: A method, computer program product, and/or system for performing a selection of a plurality of auxiliary storage sites in a multi-target environment in preparation for a hyper exchange are/is provided. To perform the selection, a failure is first detected with respect to a primary storage site in the multi-target environment. Then, aggregate weights are determined based on a management policy for the plurality of auxiliary storage sites. In turn, an auxiliary storage site with a first aggregate weight is selected from the plurality of auxiliary storage sites. With the auxiliary storage site selected, the hyper exchange of a plurality of systems in a multi-target environment in response to the failure is triggered from the primary storage site to the auxiliary storage site with the first aggregate weight.

Abstract: A method for booting and dumping a confidential image on a trusted computer system. Embodiments of the present invention disclose deploying a secure boot image and encrypted client data from a client to a trusted computer system. Embodiments of the present invention disclose booting a confidential image on a trusted computer system. Embodiments of the present invention also disclose a process of dumping a confidential image on the trusted computer system.

Abstract: Technical solutions are described for extending shrouding capability of a virtual server hosting system. An example method includes receiving a request to deploy a shrouded virtual server using a predetermined set of hardware components, and using a shrouded mode. The method also includes adding a guest server to the hosting system, the guest server including the predetermined set of hardware components. The method also includes deploying a preconfigured hypervisor on the guest server, where the preconfigured hypervisor is deployed in an immutable mode that disables changes to security settings of the preconfigured hypervisor. The method also includes deploying, by the preconfigured hypervisor, a preconfigured boot image as an instance of the virtual server on the preconfigured hypervisor. The method also includes sending an identifier of the virtual server for receipt by the client device.

Abstract: Technical solutions are described for securely deploying a shrouded virtual server. An example method includes sending, by a host manager, authentication information of a hosting system to a client device in response to a request from the client device. The \method also includes receiving a request to deploy a virtual server using a shrouded mode. The method also includes deploying a preconfigured hypervisor on the hosting system, where the preconfigured hypervisor is deployed in an immutable mode that disables changes to security settings of the preconfigured hypervisor. The method also includes deploying, by the preconfigured hypervisor, a preconfigured boot image as an instance of the virtual server on the preconfigured hypervisor. The method also includes sending, by the host manager, an identifier of the virtual server for receipt by the client device.

Abstract: Provided are a computer program product, system, and method for managing health conditions to determine when to restart replication after a swap triggered by a storage health event. A determination is made of a health condition with respect to access to a first storage that triggers a swap operation. The swap operation redirects host Input/Output (I/O) requests to data from a first server to a second server in response to determining the health condition. After the swap operation the I/O requests are directed to the second server and a second storage. The second server is instructed to mirror data in the second storage to the first server to store in the first storage in response to determining that the health condition is resolved.

Abstract: Provided are a computer program product, system, and method for after swapping from a first storage to a second storage, mirroring data from the second storage to the first storage for data in the first storage that experienced data errors. A swap operation redirects host Input/Output (I/O) requests to data from the first server to the second server in response to a health condition at the first server. A determination is made of data errors with respect to data in the first storage that experienced data errors. The second server is instructed to mirror data in the second storage to the first server including data for the data in the first storage that experienced the data errors to store in the first storage in response to determining that the first server is available for the data mirroring operations.

Abstract: Technical solutions are described for extending shrouding capability of a virtual server hosting system. An example method includes receiving a request to deploy a shrouded virtual server using a predetermined set of hardware components, and using a shrouded mode. The method also includes adding a guest server to the hosting system, the guest server including the predetermined set of hardware components. The method also includes deploying a preconfigured hypervisor on the guest server, where the preconfigured hypervisor is deployed in an immutable mode that disables changes to security settings of the preconfigured hypervisor. The method also includes deploying, by the preconfigured hypervisor, a preconfigured boot image as an instance of the virtual server on the preconfigured hypervisor. The method also includes sending an identifier of the virtual server for receipt by the client device.

Abstract: Technical solutions are described for extending shrouding capability of a virtual server hosting system. An example method includes receiving a request to deploy a shrouded virtual server using a predetermined set of hardware components, and using a shrouded mode. The method also includes adding a guest server to the hosting system, the guest server including the predetermined set of hardware components. The method also includes deploying a preconfigured hypervisor on the guest server, where the preconfigured hypervisor is deployed in an immutable mode that disables changes to security settings of the preconfigured hypervisor. The method also includes deploying, by the preconfigured hypervisor, a preconfigured boot image as an instance of the virtual server on the preconfigured hypervisor. The method also includes sending an identifier of the virtual server for receipt by the client device.

Abstract: Technical solutions are described for authenticating a hosting system prior to securely deploying a shrouded virtual server. An example method includes receiving, by a hypervisor, a request for a public certificate, from a client device that requested the virtual server, and sending the public certificate of the hosting system that executes the hypervisor. The method also includes receiving, in response to the public certificate being successfully authenticated by the client device using a third-party verification system, a session key based on a public key included in the public certificate. The method also includes decrypting the session key using a private key, where the private key is pre-installed in the hosting system by a manufacturer of the hosting system, and sending an acknowledgement message encrypted using the session key. The method also includes establishing a secure communication between the client device and the hypervisor using the session key.

Abstract: Technical solutions are described for securely deploying a shrouded virtual server. An example method includes sending, by a host manager, authentication information of a hosting system to a client device in response to a request from the client device. The \method also includes receiving a request to deploy a virtual server using a shrouded mode. The method also includes deploying a preconfigured hypervisor on the hosting system, where the preconfigured hypervisor is deployed in an immutable mode that disables changes to security settings of the preconfigured hypervisor. The method also includes deploying, by the preconfigured hypervisor, a preconfigured boot image as an instance of the virtual server on the preconfigured hypervisor. The method also includes sending, by the host manager, an identifier of the virtual server for receipt by the client device.