Abstract: An example virtualized computing system includes: a host cluster having hosts and a virtualization layer executing on hardware platforms of the hosts, the virtualization layer supporting execution of virtual machines (VMs); an orchestration control plane integrated with the virtualization layer, the orchestration control plane including a master server executing in a first VM of the VMs; guest cluster infrastructure software (GCIS) executing in the master server, the GCIS configured to create a set of objects defining a container orchestration cluster, and manage lifecycles of second VMs of the VMs based on state of the set of objects; and guest software executing in the second VMs to implement the container orchestration cluster as a guest cluster of the host cluster, the guest software having components that interface with the GCIS.

Abstract: An example virtualized computing system includes: a host cluster having hosts and a virtualization layer executing on hardware platforms of the hosts, the virtualization layer supporting execution of virtual machines (VMs); an orchestration control plane integrated with the virtualization layer, the orchestration control plane including a master server executing in a first VM of the VMs; guest cluster infrastructure software (GCIS) executing in the master server, the GCIS configured to create a set of objects defining a container orchestration cluster, and manage lifecycles of second VMs of the VMs based on state of the set of objects; and guest software executing in the second VMs to implement the container orchestration cluster as a guest cluster of the host cluster, the guest software having components that interface with the GCIS.

Abstract: This disclosure describes a computer implemented method for receiving authentication credentials identifying a user; identifying computing systems for which the user is authorized access to; and transmitting tokens granting access to the identified computing systems. In some embodiments, no two tokens of the transmitted tokens grants access to the same one of the identified computing systems. The user typically has access to a management tool configured to manage the transmission of the received tokens to the corresponding computing systems, thereby granting the user the ability to have seamless access to any of the computing systems associated with the user's authenticated identity.

Abstract: An example virtualized computing system includes a host cluster having hosts and a virtualization layer executing on hardware platforms of the hosts, the virtualization layer supporting execution of virtual machines (VMs), the VMs including pod VMs, the pod VMs including container engines supporting execution of containers in the pod VMs; and an orchestration control plane integrated with the virtualization layer, the orchestration control plane including a master server configured to manage the pod VMs and first VMs of the VMs. The virtualized computing system further includes a guest cluster executing in the first VMs and managed by the orchestration control plane, the guest cluster including a guest master server configured to, in cooperation with the master server, deploy first pods in the pod VMs.

Abstract: This disclosure describes a computer implemented method for receiving authentication credentials identifying a user; identifying computing systems for which the user is authorized access to; and transmitting tokens granting access to the identified computing systems. In some embodiments, no two tokens of the transmitted tokens grants access to the same one of the identified computing systems. The user typically has access to a management tool configured to manage the transmission of the received tokens to the corresponding computing systems, thereby granting the user the ability to have seamless access to any of the computing systems associated with the user's authenticated identity.

Abstract: An example method of checking compatibility of a guest cluster executing as a virtual extension of a host cluster having an orchestration control plane managing the guest cluster, the host cluster being part of a software defined data center (SDDC), is described.

Abstract: An example virtualized computing system includes a host cluster having hosts and a virtualization layer executing on hardware platforms of the hosts, the virtualization layer supporting execution of virtual machines (VMs), the VMs including pod VMs, the pod VMs including container engines supporting execution of containers in the pod VMs; and an orchestration control plane integrated with the virtualization layer, the orchestration control plane including a master server configured to manage the pod VMs and first VMs of the VMs. The virtualized computing system further includes a guest cluster executing in the first VMs and managed by the orchestration control plane, the guest cluster including a guest master server configured to, in cooperation with the master server, deploy first pods in the pod VMs.

Abstract: A virtualized computing system according to an example includes: a host cluster having hosts and a virtualization layer executing on hardware platforms of the hosts, the virtualization layer supporting execution of virtual machines (VMs); a container image registry configured to manage container images for deploying containers in the host cluster; an orchestration control plane integrated with the virtualization layer, the orchestration control plane including a master server executing in a first VM of the VMs, the master server configured to manage image secrets based on accounts in the container image registry; and a guest cluster, managed by the orchestration control plane and executing in second VMs of the VMs, the guest cluster configured to receive the image secrets from the master server and access the container image registry using the image secrets.

Abstract: A virtualized computing system according to an example includes: a host cluster having hosts and a virtualization layer executing on hardware platforms of the hosts, the virtualization layer supporting execution of virtual machines (VMs); a container image registry configured to manage container images for deploying containers in the host cluster; an orchestration control plane integrated with the virtualization layer, the orchestration control plane including a master server executing in a first VM of the VMs, the master server configured to manage image secrets based on accounts in the container image registry; and a guest cluster, managed by the orchestration control plane and executing in second VMs of the VMs, the guest cluster configured to receive the image secrets from the master server and access the container image registry using the image secrets.

Abstract: An example virtualized computing system includes a host cluster having hosts and a virtualization layer executing on hardware platforms of the hosts, the virtualization layer supporting execution of virtual machines (VMs), the VMs including pod VMs, the pod VMs including container engines supporting execution of containers in the pod VMs; and an orchestration control plane integrated with the virtualization layer, the orchestration control plane including a master server configured to manage the pod VMs and first VMs of the VMs. The virtualized computing system further includes a guest cluster executing in the first VMs and managed by the orchestration control plane, the guest cluster including a guest master server configured to, in cooperation with the master server, deploy first pods in the pod VMs.

Abstract: This disclosure describes a computer implemented method for receiving authentication credentials identifying a user; identifying computing systems for which the user is authorized access to; and transmitting tokens granting access to the identified computing systems. In some embodiments, no two tokens of the transmitted tokens grants access to the same one of the identified computing systems. The user typically has access to a management tool configured to manage the transmission of the received tokens to the corresponding computing systems, thereby granting the user the ability to have seamless access to any of the computing systems associated with the user's authenticated identity.

Abstract: An example virtualized computing system includes: a host cluster having hosts and a virtualization layer executing on hardware platforms of the hosts, the virtualization layer supporting execution of virtual machines (VMs); an orchestration control plane integrated with the virtualization layer, the orchestration control plane including a master server executing in a first VM of the VMs; guest cluster infrastructure software (GCIS) executing in the master server, the GCIS configured to create a set of objects defining a container orchestration cluster, and manage lifecycles of second VMs of the VMs based on state of the set of objects; and guest software executing in the second VMs to implement the container orchestration cluster as a guest cluster of the host cluster, the guest software having components that interface with the GCIS.

Abstract: An example method of checking compatibility of a guest cluster executing as a virtual extension of a host cluster having an orchestration control plane managing the guest cluster, the host cluster being part of a software defined data center (SDDC), is described.

Abstract: Systems and methods for obfuscating user data in a remote web-based application are disclosed. According to one method, user inputs to a displayed web page of the remote web-based application are received at a first web browser that is used by the user, wherein at least a portion of the user inputs comprise user-inputted data intended to be stored at the web-based application. The user inputs are transmitted to a management component that is configured to interact with a second web browser that communicates with the web-based application. The management component obfuscates at least a portion of the user-inputted data and forwards the obfuscated and un-obfuscated portions of the user inputs to the second web browser, which correspondingly transmits the obfuscated and un-obfuscated portions of the user inputs to the remote web-based application.

Abstract: Systems and methods for obfuscating user data in a remote web-based application are disclosed. According to one method, user inputs to a displayed web page of the remote web-based application are received at a first web browser that is used by the user, wherein at least a portion of the user inputs comprise user-inputted data intended to be stored at the web-based application. The user inputs are transmitted to a management component that is configured to interact with a second web browser that communicates with the web-based application. The management component obfuscates at least a portion of the user-inputted data and forwards the obfuscated and un-obfuscated portions of the user inputs to the second web browser, which correspondingly transmits the obfuscated and un-obfuscated portions of the user inputs to the remote web-based application.

Abstract: Systems and methods for obfuscating user data in a remote web-based application are disclosed. According to one method, user inputs to a displayed web page of the remote web-based application are received at a first web browser that is used by the user, wherein at least a portion of the user inputs comprise user-inputted data intended to be stored at the web-based application. The user inputs are transmitted to a management component that is configured to interact with a second web browser that communicates with the web-based application. The management component obfuscates at least a portion of the user-inputted data and forwards the obfuscated and un-obfuscated portions of the user inputs to the second web browser, which correspondingly transmits the obfuscated and un-obfuscated portions of the user inputs to the remote web-based application.