Abstract: A method for system profiling and controlling and a computer system performing the same are provided. In the method, an operating system is operated after the computer system is booted, in which a profiling-controlling system is operated. When the operating system loads and executes a system profiling-controlling program, the profiling-controlling system that simultaneously operates a profiling routine and a controlling routine is initiated. The profiling routine is used to retrieve system kernel data that is generated during operation of the operating system and analyze the system kernel data through a kernel tracing tool. When it is determined that controlling is required, the profiling routine notifies the controlling routine. The controlling routine controls operating parameters of the operating system in real time according to an analysis result generated by the profiling routine.

Abstract: A system and method for saving and restoring snapshots of a client device connected to a virtual desktop are disclosed. When a client device makes a request to capture the state of the virtual desktop, the request is sent to a server if the client device and virtual desktop are authorized according to a policy. The request may also specify that the virtual desktop's memory contents be captured. The server forms the snapshot and saves the snapshot in storage. When a client device makes a request to restore the virtual desktop, the client selects one of the saved snapshots and restores the virtual desktop, including its memory, when the client device and desktop are authorized, and the snapshot has not exceeded its allowed time in storage according to the policy.

Abstract: A computing device may include a memory and a processor cooperating with the memory and configured to provide first and second application layers that include different versions of a virtual application accessible by a client device. The first and second versions of the virtual application are isolated from each other in their respective application layers, each with separate application libraries.

Abstract: A method and system for version history based upgrade testing across simulated information technology (IT) environments. At least with respect to computing, an upgrade may entail the replacement of a product—in the form of hardware, software, and/or firmware—with a newer or better version, which may serve to bring the product up to date, improve the characteristic(s) of the product, and/or resolve any issue(s) inflicting the product. Further, through the process of upgrade testing, an upgrade may be assessed to determine its impact on an operability of varying environments following application of the upgrade thereon. The disclosed method and system, accordingly, propose a framework directed to conducting upgrade tests within simulated IT environments—each reflective of different computing resources and upgrade histories—where results of the simulations may be examined to ascertain which environment configurations (if any) may cause the tested upgrade to fail.

Abstract: A system and method for supporting multiple physical monitors of an endpoint device that allows access to a virtual desktop running on a host. The system allows streamlining the configuration of the reserved display identification by using semantic hints, with the framework of the extended physical display arrangement. The system allows for configuring a reserved physical display allowing an end user to have certain classes of content (such as video or screen-sharing) always appear on the reserved display, bypassing the virtual desktop.

Abstract: A vehicular device capable of providing multiple contents with one user interface includes a synchronization unit configured to synchronize multiple surfaces drawn on multiple physical surfaces different from each other. The synchronization unit loads in the surface drawn on a different physical surface that is different from the physical surface allocated to the synchronization unit, and synchronizes the surface drawn by the synchronization unit and the surface drawn on the different physical surface by processing the surface that is loaded in as the surface drawn by the synchronization unit.

Abstract: A method and apparatus of managing memory includes storing a first memory page at a shared memory location in response to the first memory page including data shared between a first virtual machine and a second virtual machine. A second memory page is stored at a memory location unique to the first virtual machine in response to the second memory page including data unique to the first virtual machine. The first memory page is accessed by the first virtual machine and the second virtual machine, and the second memory page is accessed by the first virtual machine and not the second virtual machine.

Abstract: A method for transferring virtual machines across hypervisors is described. According to the method, a data management system may interface with a first hypervisor platform and a second hypervisor platform. The data management system may obtain a snapshot of a first virtual machine executing on the first hypervisor platform. The snapshot may include data and metadata associated with the first virtual machine in a first format that is supported by the first hypervisor platform. The data management system may extract the data and the metadata from the snapshot of the first virtual machine and convert the data and the metadata from the first format to a second format that is supported by the second hypervisor platform. The data management system may transfer the data and the metadata in the second format to a second virtual machine executing on the second hypervisor platform.

Abstract: A method for managing data includes obtaining, by a universal connector, a backup request for a backup of a set of files, in response to the backup request: performing a file system analysis on the set of files to determine an ordering of files to be accessed for the backup, generating a set of file read requests based on the ordering of files, sending a data access request based on the set of file read requests, obtaining a response from the NAS server, wherein the response comprises data associated with the set of files, and generating the backup using the data associated with the set of files.

Abstract: A data processing system (1) comprises a plurality of processing units (11) and a controller (30) operable to allocate processing units of the plurality of processing units into respective groups of the processing units, wherein each group of processing units comprises a set of one or more of the processing units of the plurality of processing units. The data processing system further comprises an arbiter (31, 32) for each group of processing units for controlling access by virtual machines (33, 34) that require processing operations to the processing units of the group of processing units that the arbiter has been allocated.

Abstract: Systems and techniques may generally be used for streamlining a deployment and scaling of data processing and machine learning workloads on a distributed system. An example method may include receiving, from a user at a user interface, a plugin command, an input including a name key and a query, and a driver code including a code package. The method may include filtering the query based on a scope of the plugin command, obtaining input data by querying an input measure group, and slicing the obtained input data into one or more slices based on the slicing key. The method may include determining a number of containers to be used, and assigning at least one slice for each container. The method may include executing at each container the respective assigned at least one slice, generating an output for each input, and storing each output at a respective output measure group.

Abstract: Contents of a full snapshot for storage in one or more cloud storage volumes are received. The contents of the full snapshot is stored in the one or more cloud storage volumes. A snapshot of a virtual machine data volume and a snapshot of a virtual machine boot volume are generated based on the contents of the full snapshot stored in the one or more cloud storage volumes. An image of the virtual machine boot volume is generated based on the snapshot of the virtual machine boot volume. The snapshot of the virtual machine data volume, the snapshot of the virtual machine boot volume, and the image of the virtual machine boot volume are stored in a cloud object storage.

Abstract: Techniques are described for communications in an L2 virtual network. In an example, the L2 virtual network includes a plurality of L2 compute instances hosted on a set of host machines and a plurality of L2 virtual network interfaces and L2 virtual switches hosted on a set of network virtualization devices. An L2 virtual network interface emulates an L2 port of the L2 virtual network. Access control list (ACL) information applicable to the L2 port is sent to a network virtualization device that hosts the L2 virtual network interface.

Abstract: Upon receiving a request to hibernate a hypervisor of a virtualization system running on a first computer, acts are carried out to capture a state of the hypervisor, where the state of the hypervisor comprises hypervisor logical resource parameters and an execution state of the hypervisor. After hibernating the hypervisor by quiescing the hypervisor and storing the state of the hypervisor into a data structure, the data structure is moved to a different location. At a later moment in time, the data structure is loaded onto a second computing machine and restored. The restore operation restores the hypervisor and all of its state, including all of the virtual machines of the hypervisor as well as all of the virtual disks and other virtual devices of the virtual machines. Differences between the first computing machine and the second computing machine are reconciled before execution of the hypervisor on the second machine.

Abstract: Distributed I/O virtualization includes receiving, at a first physical node in a plurality of physical nodes, an indication of a request to transfer data from an I/O device on the first physical node to a set of guest physical addresses. An operating system is executing collectively across the plurality of physical nodes. It further includes writing data from the I/O device to one or more portions of physical memory local to the first physical node. It further includes mapping the set of guest physical addresses to the written one or more portions of physical memory local to the first physical node.

Abstract: It is detected that a metric associated with a first workload has breached a first threshold. It is determined that the first workload and a second workload access the same storage resources, wherein the storage resources are associated with a storage server. It is determined that the metric is impacted by the first workload and the second workload accessing the same storage resources. A candidate solution is identifier. An estimated impact of a residual workload is determined based, at least in part, on the candidate solution. A level of caching of at least one of the first workload or the second workload is adjusted based, at least in part, on the estimated impact of the residual workload.

Abstract: Provided are a cloud computing power allocation method, a user terminal, a cloud computing power platform, and a system. The method includes: generating a computing power request including a computing power demand and account information of a computing power scheduling center; sending the computing power request to a cloud computing power platform, so that the cloud computing power platform sends a configuration instruction to a computing device cluster according to the computing power request, where the configuration instruction is to allocate to the user terminal a target computing device meeting the computing power demand from the computing device cluster and configure based on the account information the target computing device to execute a computing task issued by the computing power scheduling center; and acquiring from the computing power scheduling center computing power information determined according to a computing result from the target computing device, by using the account information.

Abstract: Embodiments of the present disclosure include techniques for predictive memory maintenance. In one embodiment, locations of correctable errors in a memory are observed. A machine learning (ML) system may be trained with patterns of correctable errors that result in uncorrectable errors. A trained ML monitors correctable errors to predict when memory requires maintenance. In another embodiment, error rates from multiple memories are monitored to predict memory channel and other upstream device failures.

Abstract: Systems and methods for setting virtual machines (“VMs”) to desired configurations while the virtual machines are running. In some systems, a user can select a VM and a desired configuration. An agent can then set an attribute of the virtual machine to indicate that on guest operation system (“OS”) reboot of the VM, the VM will enter BIOS mode. The agent can also store the desired configuration in the database based on authenticating the user. When the VM reboots at a future time, the attribute can cause the VM to enter BIOS setup. The agent can be notified and can retrieve the desired configuration from a database using an identifier for the VM. Then the agent can apply the desired configuration to the VM during BIOS setup with a system process that does not require further user authentication.

Abstract: Disclosed herein are systems and methods for securing cloud meetings using containers. In one aspect, an exemplary system comprises, a device comprising a processor, an OS operable in a user mode and a kernel mode, and a kernel driver for performing operations while in kernel mode, the kernel driver having a kernel driver interceptor configured to: register for a process notification callback for user applications used for web-based meetings, monitor to determine when a process notification callback is received, receive a process notification callback and a command line in the callback, and analyze and transmit the command line to a service that secures the meeting, wherein the securing is performed by: configuring a container for executing the user application in an isolated virtual environment, transferring, to the container, all resources needed to run the user application, and executing the user application in the container.

Abstract: SR-IOV (single root IO virtualization) capable PCIe devices can implement virtual functions (VFs) that are assigned to VMs running on a host machine, thereby speeding IO operation by writing directly to the VMs' memory while bypassing the hypervisor managing the VMs. As such, VFs thwart the dirty page tracking that hypervisors use to minimize VM downtime when the VM is migrated between hosts. The SR-IOV PCIe devices can help resolve this problem by maintaining dirty page tracking data for VMs running on the host machine. The SR-IOV PCIe devices bypassing the hypervisor while writing into a memory page of the VM can set the dirty page tracking data to indicate the memory pages that are dirty (i.e., written to by the VF), and can provide access to the dirty page tracking data. The hypervisor can thereby obtain and use the dirty page tracking data.

Abstract: In-place recovery of fatal system errors at virtualization hosts. A device identifies an occurrence of a fatal system error in the first instance of a host operating system (OS) executing in a computer system. The device determines to perform an in-place recovery for the fatal system error. The device performs the in-place recovery, including pausing the execution of a virtual machine (VM) by the first instance of the host OS, preserving a state of the VM within system memory of the computer system, and resuming the execution of the VM by a second instance of the host OS executing in the computer system based on the state of the VM that is preserved within the system memory of the computer system.

Abstract: The disclosure provides for integrating virtual machine (VM) and host networking, forwarding port data and occupation status to host and VM endpoints. Examples synchronize, by a host agent, port reservations with a guest agent on a first VM on the host; receive an indication that a VM port on the first VM is occupied; based at least on receiving the indication that the VM port is occupied, update the port reservations to include that a host port corresponding to the VM port is occupied; receive incoming external traffic on the host port; and based at least on the port reservations and receiving the incoming external traffic on the host port, route the incoming external traffic to the VM port on the first VM. VM-based application behavior thus appears more similar to that of native applications.

Abstract: One or more computing devices, systems, and/or methods for upgrading sites of a communication network are provided. Operational information of network functions within a communication network are tracked within a data repository. An upgrade ruleset is defined for identifying sites within a communication network to upgrade. The operational information, the upgrade ruleset, and model rules generated by a model for a set of candidate sites are processed to generate a positive list of sites to upgrade and a negative list of sites to not upgrade. The negative list of sites and criteria used to determine that the negative list of sites are not being upgraded are provided such as to a user. An upgrade process is performed to upgrade the sites within the positive list of sites.

Abstract: The disclosure provides a logical address allocation method, apparatus, electronic device and storage medium. The method includes: receiving a first request sent by a target virtual machine unit, the first request being used for registering a logical address of a submission queue entry of the target virtual machine unit; performing a hash operation based on the first request to obtain a first hash value indicating the submission queue entry; acquiring a target hash table corresponding to the target virtual machine unit, and querying the target hash table based on the first hash value to obtain a target hash bucket to which the first hash value belongs; acquiring, based on a hash bucket identification of the target hash bucket, a target logical address corresponding to the hash bucket identification from currently available logical addresses; and registering the target logical address as a corresponding logical address to generate the submission queue entry.

Abstract: Systems and methods of managing PNF connectivity are provided. A NM determines to add to or remove external connectivity from a PNF and transmits a NS update request to a NFVO that contains an identifier of the NS instance to be updated, an indication of a type of update operation requested, and information of the PNF connectivity to be changed. A NS update response contains a lifecycle operation occurrence identifier identifying a NS lifecycle operation occurrence. Separate NS lifecycle change notification from the NFVO indicate that a NS update to change the connectivity of the PNF has started and a result of the change. The notifications include the lifecycle operation occurrence identifier.

Abstract: Systems and methods for automatically configuring a firewall are described. Systems and methods include receiving one or more flows, automatically detecting elements of a computing environment, automatically generating a firewall configuration based on the detected elements of the computing environment and the received one or more flows, and automatically configuring a firewall within the computing environment with the firewall configuration.

Abstract: A system and method for detecting potential lateral movement using cloud keys in a cloud computing environment includes determining a first node in a security graph is a compromised node, wherein the security graph represents cloud entities of the cloud computing environment; detecting a cloud key node connected to the first node, wherein the cloud key node represents a cloud key of the cloud computing environment; and generating a potential lateral movement path, including the first node, and a second node, wherein the second node is connected to the cloud key node.

Abstract: A method, system, and computer program product implement a three-factor authorization in a trusted computing environment. The method includes triggering, by a hypervisor, a start of a secure guest by passing control regarding an image of the secure guest and metadata of the secure guest to a trusted firmware, where the secure guest is designed to access a hardware security module (HSM). Upon a successful integrity check of the metadata of the secure guest by the trusted firmware, the secure guest is started using the hypervisor and any sensitive request from the secure guest to the HSM is blocked. The secure guest submits a request with a request structure including a third authorization secret and a characterization of a requested HSM to the trusted firmware. The method also includes binding each HSM protected key generated in the requested HSM in response to the request to the third authorization secret.

Abstract: The present disclosure provides a scalable, standardized IT deployment environment that allows for deployment to any public or private cloud automatically, and that is resizable such that the individual resources can be released (“turned off”) when not needed and powered on when use is expected. Additionally, the present disclosure provides a cost calculation system for better understanding the costs of the IT environment as early as the pre-provisioning stage. The present disclosure also provides a system for proactively testing productivity and efficiency within the IT environment, the results of which can be fed back into the autoscaling mechanism.

Abstract: A system and related method reduce public cloud provisioning latencies using one or more processors. The method comprises, prior to receiving a volume provisioning request from a user, creating a pool of pre-provisioned generic volumes. The method further comprises receiving the request from the user to provision a volume from the pool, and then determining that a pre-provisioned generic volume is available for customization based on the request. Responsive to the determination, the method executes the actions comprising customizing the pre-provisioned generic volume based on the request, creating a custom volume, and providing the customized pre-provisioned volume to the user.

Abstract: A system and method for deploying virtual machines in a server farm based on capacity needs of the server farm includes receiving a request to deploy a new virtual machine (VM) in the server farm; determining that a cluster configuration property associated with the new VM specifies one or more parameters for the new VM; upon determining that the cluster configuration property associated with the new VM specifies one or more parameters for the new VM, retrieving at least one of a custom SKU parameter information or custom capacity parameter information for the new VM; and deploying the new VM to the server farm with at least one of the custom SKU parameter or custom capacity parameter.

Abstract: Methods, systems, and computer program products for direct assignment of physical devices to confidential virtual machines (VMs). At a first guest privilege context of a guest partition, a direct assignment of a physical device associated with a host computer system to the guest partition is identified. The guest partition includes the first guest privilege context and a second guest privilege context, which is restricted from accessing memory associated with the first guest privilege context. The guest partition corresponds to a confidential VM, such that a memory region associated with the guest partition is inaccessible to a host operating system. It is determined, based on a policy, that the physical device is allowed to be directly assigned to the guest partition. Communication between the physical device and the second guest privilege context is permitted, such as by exposing the physical device on a virtual bus and/or forwarding an interrupt.

Abstract: Methods, apparatus, systems, and articles of manufacture are disclosed to generate code as a plug-in in a cloud computing environment. An example system includes at least one memory, programmable circuitry, and machine readable instructions to program the programmable circuitry to introspect code in a library to obtain introspection data, the library corresponding to a resource that is to be deployed in a cloud infrastructure environment, generate a model based on the introspection data, the model to be a representation of the resource, cross-reference the model with a resource meta-model, the resource meta-model to map characteristics of the resource represented by the model to an actual state of the resource, and generate a plug-in based on the cross-referenced model.

Abstract: Embodiments relate to systems and methods for a self-moving operating system installation in cloud-based network. A host cloud in which a guest operating system operates can be identified by a processor. A set of applications in a host cloud can be instantiated, where each of the set of applications is operated using the guest operating system. Information related to an operation of a first application of the set of applications can be received from the host cloud. The processor can update data related to the operation of the guest operating system using the received information.

Abstract: A method for migrating a virtualised function from a first server to a second server depending on data of technical environment parameters. The interfaces specified in the virtualised architectures effectively make it possible to deploy and manage virtualised functions with a view to implementing a service but these interfaces do not contain information relating to the data relating to the technical environment upon which the servers, the virtualised functions and subsequently the services and applications that rely on the virtualised functions are dependent. The migration method proposes virtualised architectures that take into consideration the technical environment parameters in order to move virtualised functions whose functioning could be impacted by a malfunction of one or more technical environment parameter(s).

Abstract: A method includes training a recurrent neural network by monitoring data in a memory of a first server as the first server executes jobs and by determining an amount of computing resources used by the first server while executing the jobs and applying the recurrent neural network to data in the memory to predict an amount of computing resources that the first server will use when executing a first future job. The method also includes, in response to determining that execution of the first future job did not meet a performance criterion, making a change to the first server. The method further includes further training the recurrent neural network using a reinforcement learning technique, applying the recurrent neural network to determine that the change should be made to a second server, and in response, making the change to the second server before the second server executes a second future job.

Abstract: Direct access to host memory for guests is disclosed. For example, a system includes a processor, a host memory, a filesystem daemon, a guest including a storage controller, and a filesystem queue accessible to the filesystem daemon and the storage controller. The storage controller receives a file retrieval request associated with a file stored in the host memory and forwards the file retrieval request to the filesystem daemon by adding the file retrieval request to the filesystem queue. The filesystem daemon retrieves the file retrieval request from the filesystem queue, determines a host memory address (HMA) associated with the file, and causes the HMA to be mapped to a guest memory address (GMA). The guest accesses the file in the host memory with the GMA, and later terminates access to the file, where the filesystem daemon is then configured cause the GMA to be unmapped.

Abstract: An electronic apparatus is configured to generate current capability parameters associated with a software object executing on the electronic apparatus. The current capability parameters include an indication of resources required to execute the software object. The electronic apparatus determines whether the resources required to execute the software object are approaching a limit. The determination may be made by comparison to a threshold value. If the resources required to execute the software object are approaching the limit, then the electronic apparatus identifies a suitable target host based on the current capability parameters and initiates a migration of the software object to the suitable target.

Abstract: A method for allocating resources on an uplink between a user terminal and a base station of a radio communication network multiplexing the data in resource blocks is disclosed. Such a method implements a standard allocation mode associated with a standard transmission mode of transmission by the terminal; and a priority allocation mode associated with a priority mode of transmission by the terminal. The network favors the priority allocation mode and can allocate to the terminal, according to the priority allocation mode, at least one resource block previously allocated according to the standard allocation mode, introducing a situation of allocation collision. In such a situation, the network implements a temporary allocation mode to allocate at least one replacement resource block in the standard transmission mode, implementing a number of signalling portions containing information on resource allocation greater than that used in the standard allocation mode.

Abstract: In various embodiments, a process for determining metrics including resource expenditures of a digital service includes discovering a plurality of configuration items of a computing infrastructure. The process includes identifying a subset of the plurality of configuration items utilized to provide a digital service, obtaining a plurality of resource expenditures respectively associated with at least a portion of the plurality of configuration items, and associating a subset of the plurality of resource expenditures with the subset of the plurality of configuration items. The process includes aggregating the subset of the plurality of resource expenditures to generate a metric of the digital service.

Abstract: A method is provided that includes establishing, by an application server, a remote access session with a client device, and creating, by a file system agent running on the application server, a metadata-only virtual file system associated with the remote access session, wherein the virtual file system only comprises file metadata associated with a plurality of files residing in a local file system of the client device. The method further includes responsive to receiving, by the virtual file system, a request to access content of a file referenced by the virtual file system, redirecting the request to a file system driver implementing at least a sub-tree of the local file system of the client device.

Abstract: One or more embodiments provide techniques that permit virtual computing instances in isolated environments to communicate information outside the isolated environments without requiring networking. In one embodiment, an encoder which runs in a virtual machine (VM) within an isolated environment, such as one of the VMs of a packaged virtual machine application that does not have external network connectivity, is configured to encode information, such as state information of the packaged virtual machine application, in portion(s) of a network address. The encoder further configures an unconnected network interface of the same VM, or another VM in the isolated environment, with the network address that includes the encoded information. A decoder, which could not otherwise communicate with the virtual computing instance via any network, may then retrieve the network address assigned to the unconnected network interface and decode that network address to obtain the information encoded therein.

Abstract: A system may include a memory and a processor in communication with the memory. The processor may be configured to perform operations. The operations may include calculating a priority factor with a node autonomous center in a node and computing a node service capability with the node autonomous center. The operations may further include selecting, with the node autonomous center, a task based on the priority factor and the node service capability. The operations may further include directing the task to the node.

Abstract: A method performed by a cloud system includes, subsequent to the cloud system connecting to one of a cloud provider and a Software-as-a-Service (SaaS) application, scanning data stored therein for one or more users associated with a tenant of a plurality of tenants of the cloud system; detecting an incident in the data during the scanning; maintaining details of the incident in an in-memory data store; and providing a notification to the tenant of the incident.

Abstract: Technologies for dynamic accelerator selection include a compute sled. The compute sled includes a network interface controller to communicate with a remote accelerator of an accelerator sled over a network, where the network interface controller includes a local accelerator and a compute engine. The compute engine is to obtain network telemetry data indicative of a level of bandwidth saturation of the network. The compute engine is also to determine whether to accelerate a function managed by the compute sled. The compute engine is further to determine, in response to a determination to accelerate the function, whether to offload the function to the remote accelerator of the accelerator sled based on the telemetry data. Also the compute engine is to assign, in response a determination not to offload the function to the remote accelerator, the function to the local accelerator of the network interface controller.

Abstract: A method for operating a microcontroller. The microcontroller includes a plurality of resources, a plurality of virtual machines being executed in the microcontroller, a coordination unit being superordinate to the plurality of virtual machines. Access information concerning accesses of the plurality of virtual machines to the plurality of resources is stored in the coordination unit. In the event that one of the virtual machines requests a reset of one of the resources, the coordination unit checks on the basis of the access information, which of the virtual machines are accessing this resource. The coordination unit determines on the basis of this check, whether the resource will be reset or whether a substitute measure will be taken.

Abstract: Distributing dataset requests across service tiers including generating, by a workbook client, a dataset request for a dataset to populate a workbook for presentation on a client computing system, wherein data for the dataset is stored on a cloud-based data warehouse; determining, by the workbook client, a set of service tiers capable of servicing at least a portion of the dataset request, wherein the set of service tiers comprises the cloud-based data warehouse; selecting, by the workbook client from the set of service tiers, a combination of service tiers to service the dataset request based on at least one selection policy; and issuing, by the workbook client, the dataset request to the selected combination of service tiers.

Abstract: A monitoring utility program into a software container in which a containerized virtual machine application is running. The monitoring utility program is to monitor the containerized virtual machine application running within the software container. Monitoring information regarding the containerized virtual machine application is periodically pulled from the monitoring utility program.

Abstract: A device for managing communication via interfaces in a virtualized system in which a plurality of virtual machines shares a hardware platform which is virtualized with the aid of a hypervisor, and interfaces assigned to the hardware platform access to the interfaces taking place with the aid of a gateway implemented in hardware. A method for operating the device is also described.