| VMWARE, INC. Patent applications |
| Patent application number | Title | Published |
|---|
| 20120131259 | SHARING MEMORY PAGES HAVING REGULAR EXPRESSIONS WITHIN A VIRTUAL MACHINE - A lightweight technique for sharing memory pages within a virtual machine (VM) is provided. This technique can be used on its own to implement intra-VM page sharing or it can be augmented with sharing across VMs. Memory pages whose content can be described by some succinct grammar, such as a regular expression or simple pattern, are identified for sharing within a VM. If the content of a page matches some simple pattern, it is proposed to share such a page, but only in the scope of the VM to which it belongs, i.e., intra-VM sharing. All other pages, i.e., those that are not simple patterns, can be candidates for sharing in the scope of all currently active VMs, i.e., inter-VM sharing. Either fully functional page sharing across VMs and/or page sharing in the context of each VM can be implemented. | 05-24-2012 |
| 20120127206 | MULTI-TOUCH INTERFACE GESTURES FOR KEYBOARD AND/OR MOUSE INPUTS - A mouse-and-keyboard based user interface is updated based on gestures made on a touch screen that is displaying the mouse-and-keyboard based user interface. The user interface update process includes the steps of receiving one or more touch events in response to a gesture made on the touch screen, translating the touch events to a mouse-and-keyboard based command, transmitting the mouse-and-keyboard based command to an operating system, and receiving an updated display in response thereto. | 05-24-2012 |
| 20120124305 | METHOD AND SYSTEM FOR INTEGRATING DATABASE MEMORY MANAGEMENT IN VIRTUAL MACHINES - Memory of a database management system (DBMS) that is running in a virtual machine is managed using techniques that integrate DBMS memory management with virtual machine memory management. Because of the integration, the effectiveness of DBMS memory management is preserved even though the physical memory allocated to the virtual machine may change during runtime as a result of varying memory demands of other applications, e.g., instances of other virtual machines, running on the same host computer as the virtual machine. | 05-17-2012 |
| 20120124270 | RELIEVING MEMORY PRESSURE IN A HOST USING DATABASE MEMORY MANAGEMENT - Memory of a database management system (DBMS) that is running in a virtual machine is managed using techniques that integrate DBMS memory management with virtual machine memory management. Because of the integration, the effectiveness of DBMS memory management is preserved even though the physical memory allocated to the virtual machine may change during runtime as a result of varying memory demands of other applications, e.g., instances of other virtual machines, running on the same host computer as the virtual machine. | 05-17-2012 |
| 20120117299 | EFFICIENT ONLINE CONSTRUCTION OF MISS RATE CURVES - Miss rate curves are constructed in a resource-efficient manner so that they can be constructed and memory management decisions can be made while the workloads are running. The resource-efficient technique includes the steps of selecting a subset of memory pages for the workload, maintaining a least recently used (LRU) data structure for the selected memory pages, detecting accesses to the selected memory pages and updating the LRU data structure in response to the detected accesses, and generating data for constructing a miss-rate curve for the workload using the LRU data structure. After a memory page is accessed, the memory page may be left untraced for a period of time, after which the memory page is retraced. | 05-10-2012 |
| 20120113270 | MONITORING AUDIO FIDELITY AND AUDIO-VIDEO SYNCHRONIZATION - Methods, systems, and computer programs for monitoring quality of audio delivered over a communications channel are presented. One method includes an operation for defining timestamps. The timestamps are associated with a measure of time while delivering audio to a client computer, where each timestamp includes a plurality of timestamp bits. Further, the method includes an operation for modulating an audio signal with pseudo noise (PN) codes when a timestamp bit has a first logical value, and modulating the audio signal with a negative of the PN codes when the timestamp bit has a second logical value. After transmitting the modulated audio signal to the client computer, the timestamp bits are extracted from a received modulated audio signal to obtain received timestamps. The quality of the audio is assessed based on the received timestamps, and the quality of the audio is stored in computer memory. | 05-10-2012 |
| 20120110577 | CONTROLLING MEMORY CONDITIONS IN A VIRTUAL MACHINE - A method of managing host physical memory using a balloon application executing within a guest virtual machine (GVM) running on a host platform is described. The balloon application receives allocation parameters from an entity outside the GVM, the allocation parameters identifying an amount of memory for the balloon application to allocate. The balloon application adjusts the allocated amount of memory according to the allocated amount. Physical memory backing up the allocated memory can then be assigned by virtualization software for use by another virtual machine running on the host platform. | 05-03-2012 |
| 20120110514 | Graphical User Interface for Managing Virtual Machines - A graphical user interface (GUI) for managing virtual machines (VMs) that are running in one or more hosts provides a search interface that is intuitive and presents search results in a tree structure that lists or marks items that meet user-designated search criteria. User-designated search criteria include favorite VMs, powered-on VMs, VMs running in a specified host, and text-based search criteria. Both VMs that are running locally in a local host and VMs that are running remotely in a remote host are listed so long as they meet the user-designated search criteria and thus can be managed using the GUI. | 05-03-2012 |
| 20120110236 | System and Method to Prioritize Large Memory Page Allocation in Virtualized Systems - The prioritization of large memory page mapping is a function of the access bits in the L1 page table. In a first phase of operation, the number of set access bits in each of the L1 page tables is counted periodically and a current count value is calculated therefrom. During the first phase, no pages are mapped large even if identified as such. After the first phase, the current count value is used to prioritize among potential large memory pages to determine which pages to map large. The system continues to calculate the current count value even after the first phase ends. When using hardware assist, the access bits in the nested page tables are used and when using software MMU, the access bits in the shadow page tables are used for large page prioritization. | 05-03-2012 |
| 20120096458 | Method and System for Synchronizing Fault-Tolerant Virtual Machines - Primary and secondary virtual machines each executing on a separate physical host and forming a fault-tolerant pair synchronize their execution with each other as closely as possible such that the secondary can take over execution of the primary with little or no disruption of service and no loss of data. To provide fast takeover, the execution latency between the two virtual machines is kept to a minimum by incrementally adjusting the CPU allocation to the primary virtual machine. The CPU allocation to the primary virtual machine decreases when the execution latency is large and increases when the execution latency is small. In order to maximize the performance of the primary virtual machine, the system seeks to maximize the CPU resource limit for the primary virtual machine for as long as possible while minimizing the execution latency. | 04-19-2012 |
| 20120096365 | PROVIDING REMOTE APPLICATION ACCESS USING ENTITLEMENTS - Methods and systems for providing virtual workspaces are provided. Example embodiments provide a Application Workspace System “AWS,” which enables users to access remote server-based applications (e.g., thin client applications, terminal server applications, applications on hosted operating systems, etc.) using the same interface that they use to access local applications, without needing to know where the application is being accessed. The AWS automatically determines which applications the user is entitled to use, and then figures out automatically, based upon a variety of parameters, which applications are to be made available to the user (resolved to version, particular package etc.), and whether they are to be installed locally, or accessed remotely. This abstract is provided to comply with rules requiring an abstract, and it is submitted with the intention that it will not be used to interpret or limit the scope or meaning of the claims. | 04-19-2012 |
| 20120096364 | PROVIDING REMOTE APPLICATION ACCESS USING ENTITLEMENTS - Methods and systems for providing virtual workspaces are provided. Example embodiments provide a Application Workspace System “AWS,” which enables users to access remote server-based applications (e.g., thin client applications, terminal server applications, applications on hosted operating systems, etc.) using the same interface that they use to access local applications, without needing to know where the application is being accessed. The AWS automatically determines which applications the user is entitled to use, and then figures out automatically, based upon a variety of parameters, which applications are to be made available to the user (resolved to version, particular package etc.), and whether they are to be installed locally, or accessed remotely. This abstract is provided to comply with rules requiring an abstract, and it is submitted with the intention that it will not be used to interpret or limit the scope or meaning of the claims. | 04-19-2012 |
| 20120089764 | Method for Improving Memory System Performance in Virtual Machine Systems - Updating contents of certain memory pages in a virtual machine system is deferred until they are needed. Specifically, certain page update operations are deferred until the page is accessed for a load or store operation. Each page within the virtual machine system includes associated metadata, which includes a page signature characterizing the contents of a corresponding page or a reference to a page with canonical contents, and a flag that indicates the page needs to be updated before being accessed. The metadata may also include a flag to indicate that a backing store of the memory page has contents of a known content class. When such a memory page is mapped to a shared page with contents of that known content class, a flag in the metadata to indicate that contents of the memory page needs to be updated is not set. | 04-12-2012 |
| 20120089724 | DIAGNOSIS OF APPLICATION SERVER PERFORMANCE PROBLEMS VIA THREAD LEVEL PATTERN ANALYSIS - Performance of server that is managing a group of servers, such as in a cloud, is analyzed by identifying patterns of threads executed in the server. A command is issued, repeatedly over a time period, to an operating system of the server to return a resource consumption value representative of the amount of computing resources consumed by one or more threads. The returned resource consumption values are stored and used to generate points on a graph which depicts the amount of computing resources consumed by the one or more threads over the time period and provide task breakdowns and latency information for each of the tasks. | 04-12-2012 |
| 20120076197 | System and Method for Transmitting Video and User Interface Elements - A method for offloading decoding of encoded video data from a computer system executing a video player application playing the encoded video data to a remote display terminal still enables the video player application to overlay transparent or semi-transparent graphical elements, such elements, such as user interface controls, onto the video, despite not having access to decoded video data. A video decoding function call from the video player application is intercepted and replacement video data is provided to the video player application rather than a decoded version of the encoded video data. The video player application is thereby able to overlay graphical elements onto the replacement video data to create composite video from which the graphical elements are then able to be subsequently extracted and transmitted with the encoded video data to remote display terminal, which decodes the video data and overlays the graphical elements for display. | 03-29-2012 |
| 20120059973 | HARDWARE ASSISTANCE FOR SHADOW PAGE TABLE COHERENCE WITH GUEST PAGE MAPPINGS - Some embodiments of the present invention include a memory management unit (MMU) configured to, in response to a write access targeting a guest page mapping of a guest virtual page number (GVPN) to a guest physical page number (GPPN) within a guest page table, identify a shadow page mapping that associates the GVPN with a physical page number (PPN). The MMU is also configured to determine whether a traced write indication is associated with the shadow page mapping and, if so, record update information identifying the targeted guest page mapping. The update information is used to reestablish coherence between the guest page mapping and the shadow page mapping. The MMU is further configured to perform the write access. | 03-08-2012 |
| 20120047348 | VIRTUALIZATION WITH FORTUITOUSLY SIZED SHADOW PAGE TABLES - One or more embodiments provides a shadow page table used by a virtualization software wherein at least a portion of the shadow page table shares computer memory with a guest page table used by a guest operating system (OS) and wherein the virtualization software provides a mapping of guest OS physical pages to machine pages. | 02-23-2012 |
| 20120042312 | PROCESS DEMAND PREDICTION FOR DISTRIBUTED POWER AND RESOURCE MANAGEMENT - Methods and systems for allocating resources in a virtual desktop resource environment are provided. A method includes making a prediction on the future demand for processes running on a distributed environment with several hosts. The prediction is based on the process demand history and includes the removal of historic process demand glitches. Further, the prediction is used to perform a cost and benefit analysis for moving a candidate process from one host to another, and the candidate process is moved to a different host when the cost and benefit analysis recommends such move. In another embodiment, the predictions on future process demand are used for distributed power management by putting hosts in stand-by mode when the overall demand decreases or by adding hosts to the distributed environment when the load increases. | 02-16-2012 |
| 20120042281 | SAME-DISPLAY COMPARISON OF CONTENT FOR DIFFERENT RENDITIONS OF A SINGLE COMPUTER PROGRAM - An method for use in a computer system for determining correspondence between at least two renditions of a single computer program includes enabling the identification of a selected screenshot related to navigation within the computer program and, as a response to the identification, accessing a reference screenshot captured during navigation within a first rendition and a corresponding screenshot captured during navigation within a second rendition. The reference screenshot and the corresponding screenshot are presented on a display, thereby enabling a same-display comparison of content of the reference and corresponding screenshots. | 02-16-2012 |
| 20120042034 | LIVE MIGRATION OF VIRTUAL MACHINE DURING DIRECT ACCESS TO STORAGE OVER SR IOV ADAPTER - A method is provided to migrate a virtual machine from a source computing machine to a destination computing machine comprising: suspending transmission of requests from a request queue disposed in source computing machine memory associated with the VM from the request queue to a VF; while suspending the transmission of requests, determining when no more outstanding responses to prior requests remain to be received; in response to a determination that no more outstanding responses to prior requests remain to be received, transferring state information that is indicative of locations of requests inserted to the request queue from the VF to a PF and from the PF to a memory region associated with a virtualization intermediary of the source computing machine. After transferring the state information to source computing machine memory associated with a virtualization intermediary, resuming transmission of requests from locations of the request queue indicated by the state information to the PF; and transmitting the requests from the PF to the physical storage. | 02-16-2012 |
| 20120041844 | ELASTIC LICENSING OF SOFTWARE IN A CLOUD ENVIRONMENT - In one aspect, a method includes publishing an object of a user such that another user can search for the object by means of a user interface. The object may be an application, an application group, an application component, and/or a service. The object runs on a platform. The platform may be a hypervisor, an application container, a mobile platform, and/or a computer. The method includes permitting another user to access the object based on a transacting for the object between the users. The transaction may involve a clone transaction, a grant transaction, an application component transaction or a service transaction. A tax may be levied based on the transaction. A scope of the access of the object to another user is based on a transaction protocol, which is based on the transacting between the users. The transaction protocol may include a payment scheme, a term, or a set of object rights. | 02-16-2012 |
| 20120036325 | MEMORY COMPRESSION POLICIES - Techniques are disclosed for managing memory within a virtualized system that includes a memory compression cache. Generally, the virtualized system may include a hypervisor configured to use a compression cache to temporarily store memory pages that have been compressed to conserve memory space. A “first-in touch-out” (FITO) list may be used to manage the size of the compression cache by monitoring the compressed memory pages in the compression cache. Each element in the FITO list corresponds to a compressed page in the compression cache. Each element in the FITO list records a time at which the corresponding compressed page was stored in the compression cache (i.e. an age). A size of the compression cache may be adjusted based on the ages of the pages in the compression cache. | 02-09-2012 |
| 20120030672 | MICROCLOUD PLATFORM DELIVERY SYSTEM - A cloud computing environment with the ability to deploy a web application that has been developed using one of a plurality of application frameworks and is configured to execute within one of a plurality of runtime environments can be delivered as a self-contained virtual machine disk image configured to launch in a virtualization environment. Upon request (or alternatively, in a pre-processing phase), a cloud computing platform provider can compose a virtual machine disk image comprising the cloud computing environment. The virtual machine disk image may be attached to any virtual machine, whether running on a personal computing device such as a laptop or in an infrastructure-as-a-service service provider to provide a cloud computing environment that is automatically configured to receive and deploy a web application. | 02-02-2012 |
| 20120030407 | SYSTEM AND METHOD FOR IMPROVING MEMORY LOCALITY OF VIRTUAL MACHINES - A system and related method of operation for migrating the memory of a virtual machine from one NUMA node to another. Once the VM is migrated to a new node, migration of memory pages is performed while giving priority to the most utilized pages, so that access to these pages becomes local as soon as possible. Various heuristics are described to enable different implementations for different situations or scenarios. | 02-02-2012 |
| 20120017031 | ROBUST LIVE MIGRATION USING SHARED FILESYSTEM - A method for transferring guest physical memory from a source host to a destination host during live migration of a virtual machine (VM) involves creating a file on a shared datastore, the file on the shared datastore being accessible to both the source host and the destination host. Pages of the guest physical memory are transferred from the source host to the destination host over a network connection and pages of the guest physical memory are written to the file so that the destination host can retrieve the written guest physical pages from the file. | 01-19-2012 |
| 20120017027 | METHOD FOR IMPROVING SAVE AND RESTORE PERFORMANCE IN VIRTUAL MACHINE SYSTEMS - Page data of a virtual machine is represented for efficient save and restore operations. One form of representation applies to each page with an easily identifiable pattern. The page is described, saved, and restored in terms of metadata reflective of the pattern rather than a complete page of data reflecting the pattern. During a save or restore operation, however, the metadata of the page is represented, but not the page data. Another form of representation applies to each page sharing a canonical instance of a complex pattern that is instantiated in memory during execution, and explicitly saved and restored. Each page sharing the canonical page is saved and restored as a metadata reference, without the need to actually save redundant copies of the page data. | 01-19-2012 |
| 20120011508 | MULTIPLE TIME GRANULARITY SUPPORT FOR ONLINE CLASSIFICATION OF MEMORY PAGES BASED ON ACTIVITY LEVEL - Activity level of memory pages is classified in virtual machine environment, so that processes such as live VM migration and checkpointing, among others, can be carried out more efficiently. Because each such hypervisor-based service may desire classification of activity levels of memory pages at different frequencies and different time granularities, the hypervisor supports methods to classify activity levels of memory pages for a plurality of time intervals. | 01-12-2012 |
| 20120011504 | ONLINE CLASSIFICATION OF MEMORY PAGES BASED ON ACTIVITY LEVEL - Activity level of memory pages is classified in virtual machine environment, so that processes such as live VM migration and checkpointing, among others, can be carried out more efficiently. The method includes the steps of scanning page table entries of hypervisor-managed page tables continuously over repeating scan periods to determine whether memory pages have been accessed or not, and for each memory page, determining an activity level of the memory page based on whether the memory page has been accessed or not since a prior scan and storing the activity level of the memory page. The activity level of the memory page may be represented by one or more bits of its page table entry and may be classified as having at least two states ranging from hot to cold. | 01-12-2012 |
| 20120005344 | Data Center Inventory Management Using Smart Racks - A system for managing physical and virtual inventory in a data center is disclosed. The system includes a resource management system for managing computing resources of the data center, an inventory management system for tracking physical locations of the plurality of hosts and the plurality of virtual machines in the data center and a smart rack for housing a plurality of hosts. The computing resources include a plurality of hosts and a plurality of virtual machines running on one or more of the plurality of virtual machines. The smart rack has sensors for detecting movement of each of the plurality of hosts in the data center. The smart rack also has a control unit to control the sensors and collecting data from sensors. The control unit is coupled to the inventory management system and configured to transmit the collected data to the inventory management system through a network. The plurality of hosts, the resource management system and the control unit are coupled together through the network. | 01-05-2012 |
| 20110320682 | COOPERATIVE MEMORY RESOURCE MANAGEMENT VIA APPLICATION-LEVEL BALLOON - Methods, systems, and computer programs for managing memory in a host where virtual machines (VMs) execute are presented. In one embodiment, a method includes an operation for determining which amount of heap memory has been reserved in a Java virtual machine (JVM) that is in excess of the heap memory needed by the JVM. If there is excess heap memory, a Java balloon agent reserves a Java object in the heap memory. Typically, the Java object will be the size of one or more memory pages in the host. Further, the Java balloon agent loads the Java object with a certain value, for example, by zeroing out the page of memory. When a virtual machine monitor (VMM) in the host detects that a machine physical memory page associated with the Java object has the first value, then the VMM frees the machine physical memory page to make the memory available to other VMs or to other processes executing in the host. | 12-29-2011 |
| 20110302415 | SECURING CUSTOMER VIRTUAL MACHINES IN A MULTI-TENANT CLOUD - A trusted virtualization platform protects sensitive customer data during operation of virtual machines in a multi-tenant cloud computing center. The trusted virtualization platform limits administrator access to the data and state of the virtual machines running thereon, reports any changes made thereto, and requires keys provided by the customer or a trusted third party of the customer to perform management operations on the virtual machines. By requiring cloud computing centers to use such trusted virtualization platforms, customers uploading their virtual machines into the cloud computing center can be assured that cloud administrators will not be able to access or tamper with their private data. Furthermore, customers can directly audit all important state or configuration changes for their virtual machines as the trusted virtualization platform can be configured to report all such changes according to a security policy set by the customer. | 12-08-2011 |
| 20110302389 | MEMORY MANAGEMENT METHODS IN A COMPUTER SYSTEM WITH SHARED MEMORY MAPPINGS - A memory management sub-system includes code executable by a processor fir performing selecting a plurality of contexts, and selecting a sample of the separately allocable portions of an address space for each of the contexts. For each of the selected allocable portions, a corresponding portion of the host memory to which the selected allocable portion is mapped is determined, and a count corresponding to a number of separately allocable portions of any context that are commonly mapped to the corresponding portion of the host memory. For each context, a metric is computed that is a function of the counts for that context. Host memory is allocated among the contexts at least in part based on their respective metrics. | 12-08-2011 |
| 20110302330 | SAFELY SHARING USB DEVICES - Described herein are systems and methods for preventing a user mode USB driver from performing IOCTL operations other than read-safe IOCTLs on a USB device that has been claimed by a kernel mode driver or is in use by another user mode USB driver. In one method, it is determined whether a kernel mode USB driver will claim a device or whether the device will be available to be claimed by user mode USB drivers. In the event the device is claimed by a kernel mode USB driver, user mode USB drivers will be prevented from claiming the device. In the event the device is available for use by user mode USB drivers, but has been opened for write by one user mode USB driver, all other user mode USB drivers will be prevented from claiming the device. All IOCTL operations other than read-safe IOCTLs will be prevented from being performed by a user mode USB driver unless that USB driver has claimed the device. | 12-08-2011 |
| 20110289345 | METHOD AND SYSTEM FOR ENABLING CHECKPOINTING FAULT TOLERANCE ACROSS REMOTE VIRTUAL MACHINES - A checkpointing fault tolerance network architecture enables a backup computer system to be remotely located from a primary computer system. An intermediary computer system is situated between the primary computer system and the backup computer system to manage the transmission of checkpoint information to the backup VM in an efficient manner. The intermediary computer system is networked to the primary VM through a high bandwidth connection but is networked to the backup VM through a lower bandwidth connection. The intermediary computer system identifies updated data corresponding to memory pages that have been least recently modified by the primary VM and transmits such updated data to the backup VM through the low bandwidth connection. In such manner, the intermediary computer system economizes the bandwidth capacity of the low bandwidth connection, holding back updated data corresponding to more recently modified memory pages, since such memory pages may be more likely to be updated again in the future. | 11-24-2011 |
| 20110283278 | USER INTERFACE FOR MANAGING A DISTRIBUTED VIRTUAL SWITCH - A user interface for managing allocations of network resources in a virtualized computing environment provides a graphical overview of the virtual computing environment that allows the user to visualize the virtual network, including the connections between the virtual network adapters and the uplink port groups that provide physical network resources for the virtual machines included in the virtualized computing environment. The user interface also provides graphical elements that allow the user to modify the virtual network, to migrate virtual machines from individual virtual switches to a distributed virtual switch, and/or to modify the arrangement of physical network adapters that provide network backing for the virtual machines. By providing these features, the user interface according to one or more embodiments of the present invention can allow the user to efficiently and safely manage the virtual network in the virtual computing environment. | 11-17-2011 |
| 20110276773 | METHOD AND SYSTEM FOR GENERATING CONSISTENT SNAPSHOTS FOR A GROUP OF DATA OBJECTS - Snapshots that are consistent across a group of data objects are generated. The snapshots are initiated by a coordinator, which transmits a sequence of commands to each storage node hosting a data object within a group of data objects. The first command prepares a data object for a snapshot. After a data object has been successfully prepared, an acknowledgment is sent to the coordinator. Once all appropriate acknowledgments are received, the coordinator sends a command to confirm that a snapshot has been created for each data object in the respective group. After receiving this confirmation, the coordinator takes action to confirm or record the successful completion of the group-consistent snapshot. | 11-10-2011 |
| 20110276741 | MAINTAINING REVERSE MAPPINGS IN A VIRTUALIZED COMPUTER SYSTEM - For a virtual memory of a virtualized computer system in which a virtual page is mapped to a guest physical page which is backed by a machine page and in which a shadow page table entry directly maps the virtual page to the machine page, reverse mappings of guest physical pages are optimized by removing the reverse mappings of certain immutable guest physical pages. An immutable guest physical memory page is identified, and existing reverse mappings corresponding to the immutable guest physical page are removed. New reverse mappings corresponding to the identified immutable guest physical page are no longer added. | 11-10-2011 |
| 20110265168 | POLICY ENGINE FOR CLOUD PLATFORM - A policy engine is situated between the communications path of a cloud computing environment and a user of the cloud computing environment to comply with an organization's policies for deploying web applications in the cloud computing environment. The policy engine intercepts communications packets to the cloud computing environment from a user, such as a web application developer, for example, in preparation for deploying a web application in the cloud computing environment. The policy engine identifies commands corresponding to the communications packets and directs the communications packets to appropriate rules engines corresponding to such commands in order to execute rules to comply with an organization's policies. Upon completion of execution of the rules, the communications packets are forwarded to the cloud computing environment if they comply with the policies. | 10-27-2011 |
| 20110265164 | CLOUD PLATFORM ARCHITECTURE - A cloud computing environment provides the ability to deploy a web application that has been developed using one of a plurality of application frameworks and is configured to execute within one of a plurality of runtime environments. The cloud computing environment receives the web application in a package compatible with the runtime environment (e.g., a WAR file to be launched in an application server, for example) and dynamically binds available services by appropriately inserting service provisioning data (e.g., service network address, login credentials, etc.) into the package. The cloud computing environment then packages an instance of the runtime environment, a start script and the package into a web application deployment package, which is then transmitted to an application (e.g., container virtual machine, etc.). The application container unpacks the web application deployment package, installs the runtime environment, loads the web application package into the runtime environment and starts the start script, thereby deploying the web application in the application container. | 10-27-2011 |
| 20110265083 | FILE SYSTEM INDEPENDENT CONTENT AWARE CACHE - A server supporting the implementation of virtual machines includes a local memory used for caching, such as a solid state device drive. During I/O intensive processes, such as a boot storm, a “content aware” cache filter component of the hypervisor of the server first accesses a cache structure in a content cache device to determine whether data blocks have been stored in the cache structure prior to requesting the data blocks from a networked disk array via a standard I/O stack of the hypervisor. The content aware cache filter component is implemented in an I/O virtualization layer of the standard I/O stack that sits above a file system layer of the standard I/O stack, such that any file system protocol may be implemented in the file system layer. | 10-27-2011 |
| 20110265081 | DROPLET EXECUTION ENGINE FOR DYNAMIC SERVER APPLICATION DEPLOYMENT - A cloud computing environment provides the ability to deploy a web application that has been developed using one of a plurality of application frameworks and is configured to execute within one of a plurality of runtime environments. The cloud computing environment receives the web application in a package compatible with the runtime environment (e.g., a WAR file to be launched in an application server, for example) and dynamically binds available services by appropriately inserting service provisioning data (e.g., service network address, login credentials, etc.) into the package. The cloud computing environment then packages an instance of the runtime environment, a start script and the package into a web application deployment package, which is then transmitted to an application (e.g., container virtual machine, etc.). The application container unpacks the web application deployment package, installs the runtime environment, loads the web application package into the runtime environment and starts the start script, thereby deploying the web application in the application container. | 10-27-2011 |
| 20110265077 | RAPID UPDATING OF CLOUD APPLICATIONS - A method for facilitating the uploading of web applications to a cloud computing environment utilizes hashes or fingerprints of each file in a web application. Prior to submitting all the files of a web application to the cloud computing environment for deployment, fingerprints of each file in the web application are transmitted to the cloud computing environment to assess whether the cloud computing environment may already possess the file as a result of receiving it from previously uploaded web applications. | 10-27-2011 |
| 20110261055 | Method and Apparatus for Visualizing the Health of Datacenter Objects - Embodiments of the present invention provide a dashboard that displays an overview of a datacenter's health which helps prioritize, monitor, and troubleshoot problems. In particular, one embodiment is a method for visualizing the health of datacenter objects which includes displaying datacenter objects on a scatterplot of a dashboard wherein one axis of the scatterplot corresponds to problem severity and another axis of the scatterplot corresponds to time. | 10-27-2011 |
| 20110258626 | NOTIFYING SOFTWARE COMPONENTS USING A SHARED PHYSICAL STORAGE MEDIUM - Techniques for updating a cached version of data in a computer system upon a change of the data as stored in a shared storage system networked to the computer system are described. In accordance with such techniques, a notification from the shared storage system is received at the computer system upon attempting to access the shared storage system. The computer system then determines that the notification occurred due to an unregistering of the computer system's access to the shared storage system by a second computer system that has updated the data stored in the shared storage system. As such, the computer system re-registers its access to the shared storage system and updates the cached version of the data with the data in the shared storage system that was updated by the second computer system. | 10-20-2011 |
| 20110258625 | GENERATING AND USING CHECKPOINTS IN A VIRTUAL COMPUTER SYSTEM - To generate a checkpoint for a virtual machine (VM), first, while the VM is still running, a copy-on-write (COW) disk file is created pointing to a parent disk file that the VM is using. Next, the VM is stopped, the VM's memory is marked COW, the device state of the VM is saved to memory, the VM is switched to use the COW disk file, and the VM begins running again for substantially the remainder of the checkpoint generation. Next, the device state that was stored in memory and the unmodified VM memory pages are saved to a checkpoint file. Also, a copy may be made of the parent disk file for retention as part of the checkpoint, or the original parent disk file may be retained as part of the checkpoint. If a copy of the parent disk file was made, then the COW disk file may be committed to the original parent disk file. | 10-20-2011 |
| 20110239213 | VIRTUALIZATION INTERMEDIARY/VIRTUAL MACHINE GUEST OPERATING SYSTEM COLLABORATIVE SCSI PATH MANAGEMENT - A method of direct access by a virtual machine (VM) running on a host machine to physical storage via a virtual function (VF) running on an input/output (IO) adapter comprising: providing by a virtualization intermediary running on the host machine an indication of an active path associated with a virtual storage device; obtaining by a guest driver running within a guest operating system of the VM the stored indication of the active path from the shared memory region; dispatching an IO request by the guest driver to the VF that includes an indication of the active path; and sending by the VF an IO request that includes the indicated active path. | 09-29-2011 |
| 20110231857 | CACHE PERFORMANCE PREDICTION AND SCHEDULING ON COMMODITY PROCESSORS WITH SHARED CACHES - A method is described for scheduling in an intelligent manner a plurality of threads on a processor having a plurality of cores and a shared last level cache (LLC). In the method, a first and second scenario having a corresponding first and second combination of threads are identified. The cache occupancies of each of the threads for each of the scenarios are predicted. The predicted cache occupancies being a representation of an amount of the LLC that each of the threads would occupy when running with the other threads on the processor according to the particular scenario. One of the scenarios is identified that results in the least objectionable impacts on all threads, the least objectionable impacts taking into account the impact resulting from the predicted cache occupancies. Finally, a scheduling decision is made according to the one of the scenarios that results in the least objectionable impacts. | 09-22-2011 |
| 20110231696 | Method and System for Cluster Resource Management in a Virtualized Computing Environment - Methods and systems for cluster resource management in virtualized computing environments are described. VM spares are used to reserve (or help discover or otherwise obtain) a set of computing resources for a VM. While VM spares may be used for a variety of scenarios, particular uses of VM spares include using spares to ensure resource availability for requests to power on VMs as well as for discovering, obtaining, and defragmenting the resources and VMs on a cluster, e.g., in response to requests to reserve resources for a VM or to respond to a notification of a failure for a given VM. | 09-22-2011 |
| 20110231440 | APPLICATION SPECIFIC RUNTIME ENVIRONMENTS - Systems and methods of executing an application in an application specific runtime environment are disclosed. The application specific runtime environment is defined by an application environment specification to include a minimal or reduced set of software resources required for execution of the application. The application environment is generated by determining software resource dependencies and is used to provision the application specific runtime environment in real-time in response to a request to execute the application. Use of the application specific runtime environment allows the application to be executed using fewer computing resources, e.g., memory. | 09-22-2011 |
| 20110225205 | MULTI-QUERY OPTIMIZATION - A database query optimization method is provided for database queries that include predicates, the queries being directed to at least one database table having data in rows and columns. The method includes associating a lineage bit set with each row of the database table, the lineage bit set providing a binary predicate state indication whether each predicate is met or are not met by data in the row. A dependency bit set is established to provide a binary indication of the predicates that are included in each query. Queries are applied against the database table by a logical operation between the lineage bit set and the dependency bit set. A database query optimization data structure includes a lineage bit set associated with each row in the database table. The lineage bit set provides a binary predicate state indication whether each predicate is met or are not met by data in the row. The data structure further includes a dependency bit set that provides a binary indication of the predicates included in each query. | 09-15-2011 |
| 20110219447 | Identification of Unauthorized Code Running in an Operating System's Kernel - Computer implemented methods, system and apparatus for managing execution of a running-page in a virtual machine include associating an execution trace code with the running page by a security virtual machine. The execution trace code generates a notification upon initiation of the execution of the running page by the virtual machine. The notification is received by the security virtual machine running independent of the virtual machine executing the running-page. The running page associated with the execution trace code is validated by the security virtual machine as authorized for execution. An exception is generated if the running-page is not authorized for execution. The generated exception is to prevent the execution of the running page in the virtual machine. | 09-08-2011 |
| 20110219433 | TASK-BASED ACCESS CONTROL IN A VIRTUALIZATION ENVIRONMENT - Methods, systems, and techniques for task-based access control are provided. Example embodiments provide a task-based access control system “TBACS,” which provides task-based permissions management using proxy task objects. In one example embodiment, the proxy task objects encapsulate activities, comprising one or more privileges, each associated with an object upon which the privilege can act. In some examples, proxy task objects may be used with a virtualization infrastructure to delegate permissions to delegate users, real or automated. Proxy task objects may also be associated with their own user interfaces for performance of the corresponding activities. | 09-08-2011 |
| 20110218730 | Managing a Datacenter Using Mobile Devices - One embodiment of the present invention is a method for managing a datacenter using a mobile device, which method includes: (a) in response to a user request, the mobile device causing an identification prober to obtain information from one or more of a plurality of identification providers disposed at predetermined locations in the datacenter, and determining a mobile device location in the datacenter therefrom; (b) the mobile device requesting a datacenter map from a datacenter management system, displaying at least a portion of the map on a mobile device display, and displaying the mobile device location on the at least a portion of the map; and (c) the mobile device obtaining an equipment location of an equipment in the datacenter from the datacenter management system, displaying directions from the mobile device location to the equipment location, and displaying the equipment location on the at least a portion of the map if it fits in the display. | 09-08-2011 |
| 20110213765 | Comprehensive, Relevant, and Dynamic Data Searching in a Virtualization Environment - A method includes indexing data and/or metadata in online virtual machines (VMs), offline VMs, virtual applications, and/or snapshots thereof on one or more host server(s) in a virtualization environment through a search architecture in the virtualization environment. The online VMs are VMs that are powered on, and the offline VMs are VMs that are powered off. The method also includes maintaining a database of the indexed data and/or metadata in the online VMs, the offline VMs, the virtual applications, and/or the snapshots thereof to enable a comprehensive search result to a search query through the search architecture. The database is associated with the search architecture. | 09-01-2011 |
| 20110197090 | Error Reporting Through Observation Correlation - A software component is executed to carry out a task, the task including a subtask. An external function is called to perform the subtask, the external function executing in a separate thread or process. The component receives an observation recorded by the external function, the observation including an identifier of a possible error condition and instance data associated with the possible error condition. The possible error condition being a cause of the failure of the external function to carry out the subtask. If the task cannot be completed, then a new observation is recorded along with the received observation, the new observation being related to a possible error condition of the component, which is a cause of the failure of the component to carry out the task. When the task can be completed despite the failure of the external function, the observation recorded by the external function is cleared. | 08-11-2011 |
| 20110194563 | Hypervisor Level Distributed Load-Balancing - A method and an apparatus of hypervisor level distributed load-balancing are disclosed. In one aspect, a method includes determining a location to direct a packet. The method also includes distributing the packet to process the packet through a processor. The method also includes assigning the packet to a guest such that a distribution of the packet to the guest is based on an algorithm. The method further includes altering a first destination address of the packet to a second destination address. The second destination address may be based on a virtual network interface of the guest. The method further includes convincing the guest the packet is from a virtual switch based on the second destination address. In addition, the method includes adjusting the distribution of the packet to the guest. The method also includes reducing a load of the guest through the adjustment. | 08-11-2011 |
| 20110191834 | Maintaining the Domain Access of a Virtual Machine - A method for maintaining domain access of a virtual machine is described. According to one embodiment, a generation of a new computer account password by an operating system is identified. The new computer account password is copied to an auxiliary storage location. An existing computer account password is replaced with the new computer account password when it is determined that a file system of the computer has been restored to a previous state. The copying of the new computer account password may be performed in response to the generation of the new computer account password. The replacing of the existing computer account password may be performed in response to the restoring of file system to the previous state. | 08-04-2011 |
| 20110191477 | System and Method for Automatically Optimizing Capacity Between Server Clusters - A resource management system for a virtual machine computing environment includes a software component that optimizes capacity between server clusters or groups by monitoring the capacity of server clusters or groups and automatically adding and removing host systems to and from server clusters or groups. The software component may be implemented at a server cluster management level to monitor and execute host system moves between server clusters and/or at a higher level in the resource management hierarchy. At the higher level, the software component is configured to monitor and execute host system moves between sets of server clusters being managed by different server cluster management agents. | 08-04-2011 |
| 20110191389 | DISTRIBUTED DATA MANAGEMENT SYSTEM - A distributed data management system has multiple virtual machine nodes operating on multiple computers that are in communication with each other over a computer network. Each virtual machine node includes at least one data store or “bucket” for receiving data. A digital hash map data structure is stored in a computer readable medium of at least one of the multiple computers to configure the multiple virtual machine nodes and buckets to provide concurrent, non-blocking access to data in the buckets, the digital hash map data structure including a mapping between the virtual machine nodes and the buckets. The distributed data management system employing dynamic scalability in which one or more buckets from a virtual machine node reaching a memory capacity threshold are transferred to another virtual machine node that is below its memory capacity threshold. | 08-04-2011 |
| 20110185433 | CONSTRAINT INJECTION SYSTEM FOR IMMUNIZING SOFTWARE PROGRAMS AGAINST VULNERABILITIES AND ATTACKS - A constraint is inserted into a program to address a vulnerability of the program to attacks. The constraint includes a segment of code that determines when the program has been asked to execute a “corner case” which does not occur in normal operations. The constraint code can access a library of detector and remediator functions to detect various attacks and remediate against them. Optionally, the detector can be employed without the remediator for analysis. The context of the program can be saved and restored if necessary to continue operating after remediation is performed. The constraints can include descriptors, along with machine instructions or byte code, which indicate how the constraints are to be used. | 07-28-2011 |
| 20110185355 | Accessing Virtual Disk Content of a Virtual Machine Without Running a Virtual Desktop - Methods, systems, and techniques for facilitating access to content stored remotely, for example, as part of a virtual machine infrastructure or elsewhere in a networked environment, using a uniform mechanism are provided. Example embodiments provide an Enhanced Virtual Desktop Management Server/System with a Content Abstraction Layer which enables users to access their data stored as part of a virtual machine environment, or replicated otherwise on a network, using a generic API. The API can be incorporated into a web browser or other third party interface to provide access to the users' data without needing to remote a bitmap representation of a virtual desktop display. Accordingly, users can access their data, applications, and settings regardless of the type of access device and regardless of whether the corresponding virtual desktop is running in the data center, provisioned in the datacenter but running on a client device, or not running at all. | 07-28-2011 |
| 20110185292 | Accessing Virtual Disk Content of a Virtual Machine Using a Control Virtual Machine - Methods, systems, and techniques for facilitating access to content stored remotely, for example, as part of a virtual machine infrastructure or elsewhere in a networked environment, using a uniform mechanism are provided. Example embodiments provide an Enhanced Virtual Desktop Management Server/System with a Content Abstraction Layer which enables users to access their data stored as part of a virtual machine environment, or replicated otherwise on a network, using a generic API. The API can be incorporated into a web browser or other third party interface to provide access to the users' data without needing to remote a bitmap representation of a virtual desktop display. Accordingly, users can access their data, applications, and settings regardless of the type of access device and regardless of whether the corresponding virtual desktop is running in the data center, provisioned in the datacenter but running on a client device, or not running at all. | 07-28-2011 |
| 20110185232 | DYNAMIC CONFIGURATION OF VIRTUAL MACHINES - A computer implemented method for configuring virtual internal networks for testing is provided, such that affects of testing are internally isolated. The method includes deploying a virtual firewall and deploying a public switch enabling access to an external local area network through a first interface of the virtual firewall. A private switch enabling access to a plurality of virtual machines through a second interface of the virtual firewall is provided. The plurality of virtual machines defines a private network behind the firewall. A network address is assigned to the virtual firewall and a private address is assigned to each of the virtual machines. The plurality of virtual machines is then tested through a test launcher in communication with the public switch. | 07-28-2011 |
| 20110184993 | Independent Access to Virtual Machine Desktop Content - Methods, systems, and techniques for facilitating access to content stored remotely, for example, as part of a virtual machine infrastructure or elsewhere in a networked environment, using a uniform mechanism are provided. Example embodiments provide an Enhanced Virtual Desktop Management Server/System with a Content Abstraction Layer which enables users to access their data stored as part of a virtual machine environment, or replicated otherwise on a network, using a generic API. The API can be incorporated into a web browser or other third party interface to provide access to the users' data without needing to remote a bitmap representation of a virtual desktop display. Accordingly, users can access their data, applications, and settings regardless of the type of access device and regardless of whether the corresponding virtual desktop is running in the data center, provisioned in the datacenter but running on a client device, or not running at all. | 07-28-2011 |
| 20110184911 | DATA REPLICATION METHOD - To ensure data consistency for a new data replica created for a computing system, the transmission and receipt of messages altering the data are monitored and replication of the data is permitted when all changes to the data that have been transmitted to the data have been received. | 07-28-2011 |
| 20110179416 | Virtual Machine Access to Storage Via a Multi-Queue IO Storage Adapter With Optimized Cache Affinity and PCPU Load Balancing - A method is provided for use in a system that includes a host machine that includes multiple physical CPUs (PCPUs) and at least two cache nodes that are shared by different sets of the PCPUs, comprising: creating in a memory device multiple sets of lanes each lane set associated with a respective PCPU set; tracking levels of processing activity of the PCPUs of each PCPU set; using an MSIX vector value to associate lanes with PCPUs; receiving a IO request from any given PCPU from among the multiple PCPUs; and assigning the IO request to a respective lane based at least in part upon the PCPU set associated with the lane and PCPU processing activity levels. | 07-21-2011 |
| 20110179414 | CONFIGURING VM AND IO STORAGE ADAPTER VF FOR VIRTUAL TARGET ADDRESSING DURING DIRECT DATA ACCESS - A method is provided for use in a system that includes a host computing machine configured to implement a virtualization intermediary and that includes a physical storage adapter, the configures a virtual machine (VM) and a virtual function (VF) to support IO operations to physical storage through a direct IOV path to the VF of the physical storage adapter, the method comprises: creating by the virtualization intermediary mapping information that includes a first mapping between virtual disks and physical regions of physical storage and that includes a second mapping between virtual disks and virtual disk addresses; transmitting the mapping information from the virtualization intermediary over the physical storage adapter from a physical function (PF) of the physical storage adapter to the VF; associating a virtual port with the mapping information within the virtualization intermediary; binding the virtual port to the VF; communicating virtual disk addresses indicated within the second mapping within the transmitted mapping information for the allocated virtual disks to the VM. | 07-21-2011 |
| 20110179413 | Guest/Hypervisor Interrupt Coalescing for Storage Adapter Virtual Function in Guest Passthrough Mode - A system and method are provided that involve a host computing machine and an SR IOV storage adapter in which the host machine hosts a virtual machine having a guest operating system (guest) coupled for direct passthrough IOV data path and also hosts a virtualization intermediary; a guest operating system (guest) and a virtualization intermediary exchange information concerning IO completions through a shared memory space; the guest writes information to a shared memory space that is indicative of whether an IO completion queue has reached a fill level since the most recently dispatched interrupt at which it is unsafe to coalesce an interrupt; the virtualization intermediary writes information to the shared memory space that is indicative of the interrupt most recently delivered to the guest; the virtualization intermediary reads the information written by the guest to the shared memory space that is indicative of whether an IO completion queue has reached a fill level since the most recently dispatched interrupt at which it is unsafe to coalesce an interrupt; the guest reads the information written to the shared memory space that is indicative of the interrupt most recently delivered to the guest; virtual interrupt coalescing determinations are made based upon the information shred through the shared memory space. | 07-21-2011 |
| 20110179214 | VIRTUAL TARGET ADDRESSING DURING DIRECT DATA ACCESS VIA VF OF IO STORAGE ADAPTER - A method of virtual machine (VM) access to physical storage through a direct path to a virtual function (VF) of a storage adapter, the method for use in a system that includes a host computing machine configured to implement a virtualization intermediary and the virtual machine (VM) and that includes the storage adapter the method, comprising: sending virtual SCSI IO request from the VM to the physical storage that identifies a virtual disk address; mapping within the VF the identified virtual address to at least one physical region of the physical storage; creating within the VF a physical SCSI IO request that identifies a physical address for the mapped-to physical region; sending the physical SCSI IO request from the VF to the physical storage. | 07-21-2011 |
| 20110179082 | MANAGING CONCURRENT FILE SYSTEM ACCESSES BY MULTIPLE SERVERS USING LOCKS - Atomic test and set (ATS) operations are carried out to perform lock operations that allow a node to acquire or release a lock to a resource of a shared file system that is stored in a data storage unit (DSU) and update its liveness information. Each ATS operation includes the step of comparing contents accessed and read through the shared file system and contents stored at a particular logical block number of the DSU. If the two contents match, updates to the contents of the lock or the liveness information are permitted. | 07-21-2011 |
| 20110173303 | Cluster Configuration Through Host Ranking - Computer implemented methods, system and apparatus for configuring a cluster using a plurality of hosts include identifying a plurality of features for forming the cluster. The plurality of features define requirements needed in a host for forming the cluster. A plurality of hosts are identified to be part of the cluster. A compatibility analysis is executed for each of the identified hosts wherein a ranking is provided for each of the identified hosts. A plurality of suggested adjustments to particular hosts are presented to enable the particular hosts to be compatible with the features requirements. A configuration template is constructed for the hosts in the cluster that are compatible with the requirements. The hosts are configured for the cluster using the configuration settings in the configuration template. The configured hosts enable the features in the cluster. | 07-14-2011 |
| 20110173302 | Cluster Configuration - Computer implemented methods, system and apparatus for configuring a cluster using a plurality of hosts include identifying a plurality of features for forming the cluster. The plurality of features define requirements needed in a host for forming the cluster. A plurality of hosts are identified to be part of the cluster. A compatibility analysis is executed for each of the identified hosts. A plurality of suggested adjustments to particular hosts are presented to enable the particular hosts to be compatible with the features requirements. A configuration template is constructed for the hosts in the cluster that are compatible with the requirements. The hosts are configured for the cluster using the configuration settings in the configuration template. The configured hosts enable the features in the cluster. | 07-14-2011 |
| 20110173239 | Web Application Record-Replay System and Method - A web application includes a record-replay library component to record sessions into a log file and subsequently replay the recorded session based upon the log file. The record-replay library interacts with the runtime environment of the web application to intercept events that correspond to data inputs received by the web application, such as user inputs, remote server inputs and inputs from the computer system on which the runtime environment is executing. On replay, the log file is read by the record-replay library and events are programmatically dispatched to the runtime environment by the record-replay library based on the log entries in order to simulate the various data input events that occurred during the recorded session. | 07-14-2011 |
| 20110173184 | Extensible Tree Views for Managing Datacenter Resources - An example embodiment provides a method for a GUI for client software that is a part of an application program for managing datacenter resources. The method includes receiving as input one or more specifications, where each specification includes a hierarchy of queries. The method determines one or more target data sources for each query in each hierarchy. Then the method issues the query to each target data source determined for the query, after adapting the query to a format that is acceptable to the target data source. The method then receives the results of each query from the target data source, integrates the results into a hierarchy, and submits the hierarchy to the client software for display in a tree view in the GUI. | 07-14-2011 |
| 20110167421 | Dynamic Scaling of Management Infrastructure in Virtual Environments - Methods, systems, and computer programs for performing management tasks in a virtual infrastructure are presented. The method includes detecting an increase, beyond a predetermined threshold, in the number of tasks waiting to be processed by a first virtual center (VC), which executes as a virtual machine (VM) in the virtual infrastructure. Further, the method includes operations for spawning one or more additional VCs executing as VMs in the virtual infrastructure and for distributing the managed objects handled by the first VC among the additional VCs. The tasks waiting to be processed are reallocated among the first VC and the additional VCs, and the reallocated tasks are then processed by the corresponding VC. | 07-07-2011 |
| 20110167196 | Method and System for Frequent Checkpointing - A virtualization platform provides fault tolerance for a primary virtual machine by continuously transmitting checkpoint information of the primary virtual machine to a collector process, such as a backup virtual machine. When implemented on a hardware platform comprising a multi-processor that supports nested page tables, the virtualization platform leverages the nested page table support to quickly identify memory pages that have been modified between checkpoints. The backup virtual machine provides feedback information to assist the virtualization platform in identifying candidate memory pages for transmitting actual modifications to the memory pages rather than the entire memory page as part of the checkpoint information. The virtualization platform further maintains a modification history data structure to identify memory pages that can be transmitted simultaneous with the execution of the primary virtual machine rather than while the primary virtual machine has been stunned. | 07-07-2011 |
| 20110167195 | Method and System for Frequent Checkpointing - A virtualization platform provides fault tolerance for a primary virtual machine by continuously transmitting checkpoint information of the primary virtual machine to a collector process, such as a backup virtual machine. When implemented on a hardware platform comprising a multi-processor that supports nested page tables, the virtualization platform leverages the nested page table support to quickly identify memory pages that have been modified between checkpoints. The backup virtual machine provides feedback information to assist the virtualization platform in identifying candidate memory pages for transmitting actual modifications to the memory pages rather than the entire memory page as part of the checkpoint information. The virtualization platform further maintains a modification history data structure to identify memory pages that can be transmitted simultaneous with the execution of the primary virtual machine rather than while the primary virtual machine has been stunned. | 07-07-2011 |
| 20110167194 | Method and System for Frequent Checkpointing - A virtualization platform provides fault tolerance for a primary virtual machine by continuously transmitting checkpoint information of the primary virtual machine to a collector process, such as a backup virtual machine. When implemented on a hardware platform comprising a multi-processor that supports nested page tables, the virtualization platform leverages the nested page table support to quickly identify memory pages that have been modified between checkpoints. The backup virtual machine provides feedback information to assist the virtualization platform in identifying candidate memory pages for transmitting actual modifications to the memory pages rather than the entire memory page as part of the checkpoint information. The virtualization platform further maintains a modification history data structure to identify memory pages that can be transmitted simultaneous with the execution of the primary virtual machine rather than while the primary virtual machine has been stunned. | 07-07-2011 |
| 20110145632 | TRANSPARENT RECOVERY FROM HARDWARE MEMORY ERRORS - A method is provided for recovering from an uncorrected memory error located at a memory address as identified by a memory device. A stored hash value for a memory page corresponding to the identified memory address is used to determine the correct data. Because the memory device specifies the location of the corrupted data, and the size of the window where the corruption occurred, the stored hash can be used to verify memory page reconstruction. With the known good part of the data in hand, the hashes of the pages using possible values in place of the corrupted data are calculated. It is expected that there will be a match between the previously stored hash and one of the computed hashes. As long as there is one and only one match, then that value, used in the place of the corrupted data, is the correct value. The corrupt data, once replaced, allows operation of the memory device to continue without needing to interrupt or otherwise affect a system's operation. | 06-16-2011 |
| 20110138383 | Space Efficient Virtual Machines - A method and a system of making a virtual machine space efficient are disclosed. The virtual machine includes a virtual disk. The method includes creating a temporary virtual disk and adding the temporary virtual disk to the virtual machine. The temporary virtual disk works in conjunction with the virtual disk. The virtual machine is configured to store temporary files in the temporary virtual disk rather than the virtual disk. | 06-09-2011 |
| 20110131573 | Centralized Computer Network Virtualization Environment - A method and system include compatibly interfacing a suitably adapted central switch in a computer network virtualization environment to one or more user-end peripheral device(s) to dispense with a need for a user-end thin client. The method and system also include appropriately routing a data associated with a direct and exclusive communication between a virtual machine on a host server including a number of virtual machines and the one or more user-end peripheral device(s) using the central switch. | 06-02-2011 |
| 20110131388 | ACCESSING MULTIPLE PAGE TABLES IN A COMPUTER SYSTEM - A virtual memory system implementing the invention provides concurrent access to translations for virtual addresses from multiple address spaces. One embodiment of the invention is implemented in a virtual computer system, in which a virtual machine monitor supports a virtual machine. In this embodiment, the invention provides concurrent access to translations for virtual addresses from the respective address spaces of both the virtual machine monitor and the virtual machine. Multiple page tables contain the translations for the multiple address spaces. Information about an operating state of the computer system, as well as an address space identifier, are used to determine whether, and under what circumstances, an attempted memory access is permissible. If the attempted memory access is permissible, the address space identifier is also used to determine which of the multiple page tables contains the translation for the attempted memory access. | 06-02-2011 |
| 20110131372 | OPTIMIZING SEGMENT ACCESS IN BINARY TRANSLATION - A mechanism for a binary translator to emit code that will pre-generate information about a memory segment when a segment selector is assigned to a segment register. The binary translator emits code that will be executed when a memory access using that segment register is encountered and the emitted code will access the pre-generated information when evaluating the memory access request. Memory accesses, where a number of bytes being accessed is less than or equal to a predetermined value, are validated with a minimal number of steps in the code emitted by the binary translator. | 06-02-2011 |
| 20110119413 | QUALITY OF SERVICE MANAGEMENT - A method and system for providing quality of service to a plurality of hosts accessing a common resource is described. According to one embodiment, a plurality of IO requests is received from clients executing as software entities on one of the hosts. An IO request queue for each client is separately managed, and an issue queue is populated based on contents of the IO request queues. When a host issue queue is not full, a new IO request is entered into the host issue queue and is issued to the common resource. A current average latency observed at the host is calculated, and an adjusted window size is calculated at least in part based on the current average latency. The window size of the issue queue is adjusted according to the calculated window size. | 05-19-2011 |
| 20110119029 | Nonparametric Method for Determination of Anomalous Event States in Complex Systems Exhibiting Non-Stationarity - According to a feature of the present disclosure, a method is provided for the determination of anomalous events in complex systems, such as problems, inefficiencies, and failures, and a tool is provided for the detection of these events. Many complex systems are non-stationary or experience periodic fluctuations or spikes in values that are outside of normal ranges, but constitute normal behavior nevertheless. The method accounts for both non-stationarity, as well as fluctuations and spikes. Additional novel features include both a threshold setting initialization method and a regression method for the determination of the start points and end points of events. | 05-19-2011 |
| 20110113428 | SCSI Protocol Emulation for Virtual Storage Device Stored on NAS Device - A virtualization technique, in accordance with one embodiment of the present invention, includes emulating the small computing system interface (SCSI) protocol to access a virtual SCSI storage device backed by a file stored on network attached storage (NAS). | 05-12-2011 |
| 20110107409 | Single Sign On For a Remote User Session - A user accesses a remote session, the connection to which is managed by a connection broker, according to a single sign-on (SSO) process. The SSO process includes the user entering his or her credentials and being authenticated to the connection broker. In addition to user authentication, the SSO process includes connection broker authentication to confirm that the connection broker is trustworthy. When the connection broker is authenticated, the user credentials are transmitted to the connection broker in a secure manner and the connection broker forwards them onto a machine hosting the remote session so that the user can be logged into the remote session without entering his or her credentials again. | 05-05-2011 |
| 20110099379 | AUGMENTED SINGLE FACTOR SPLIT KEY ASYMMETRIC CRYPTOGRAPHY-KEY GENERATION AND DISTRIBUTOR - A system for authenticating a user of a communication network is disclosed. The system includes a user station associated with the user and an authenticating station communicatively coupled to the user station via the communication network. The authenticating station is configured to authenticate the user. The authenticating station is further configured to perform an operation, which includes receiving a first value, from a user station associated with the user, via the communication network. The first value represents a first user credential. A first key portion is generated based on the first value and a second value that is unknown to the user. The first key portion, along with a second key portion, is used for authenticating credentials of the user for a predefined period of time or for authenticating user credentials for a predefined number of times. The second key portion is generated based on the first key portion. A cookie that includes the second value or a value derived from the second value is generated and transmitted to the user station and then the second value is destroyed. | 04-28-2011 |
| 20110099267 | Resource Optimization and Monitoring in Virtualized Infrastructure - A method includes monitoring a resource consumption of one or more virtual machines on a host computer in a computer network, and suspending the one or more virtual machines based on the resource consumption to free one or more resources on the host computer. The method also includes losslessly handling a request intended for the suspended one or more virtual machines to seamlessly resume the suspended one or more virtual machines. The request includes a network traffic intended for the suspended one or more virtual machines and/or a non-network request. | 04-28-2011 |
| 20110099187 | Method and System for Locating Update Operations in a Virtual Machine Disk Image - A two dimensional bit array is maintained to keep track of the location of data records in a log file that is organized as a plurality of log segments, each comprising a plurality of data records. The data records are indexed in the log file according to randomized unique ids. Each column of the two dimensional bit array represents a Bloom filter corresponding to a log segment of the log file such that, given a particular randomized unique id, log segments that may contain the data record corresponding to the particular randomized unique id can be efficiently identified by utilizing Bloom filter techniques to analyze the columns of the two dimensional bit array. | 04-28-2011 |
| 20110093585 | METHOD OF DETECTING MEASUREMENTS IN SERVICE LEVEL AGREEMENT BASED SYSTEMS - A method and program product are provided for implementing object state changes in a data network system that includes at least one application having a plurality of objects. Each object is capable of being in of a plurality of different object states. The method comprises utilizing a network monitor to identify potential object state anomaly candidates from among the plurality of objects and utilizing object measurements taken during a predetermined time segment to determine of the current object state of a potential object state anomaly candidate should change from the current object state to an updated object state. | 04-21-2011 |
| 20110088047 | Runtime Emulating Static Thread Local Storage of Portable Executable Software Code - A computer readable storage medium containing a program which, when executed by a processor, performs an operation of emulating static thread local storage of an executable software code at runtime, is disclosed. The operation includes executing the executable software code within a process memory space. During the execution of the executable software code, an occurrence of an event that is associated with a thread create operation is monitored. When the monitored event occurs, a thread data block duplicate is established within the process memory space and associated with a thread created by the thread create operation. The thread data block duplicate is configured to be accessed by executing a thread local storage callback function. | 04-14-2011 |
| 20110088030 | Efficient Virtualization of Input/Output Completions for a Virtual Device - Completion interrupts corresponding to I/O requests issued by a virtual machine guest, which runs on a host platform, are virtualized in such a way that I/O completion interrupts to the requesting guest are delivered no faster than it can stably handle them, but, when possible, faster than the nominal speed of a virtual device to which a virtual machine addresses the I/O request. In general, completion events received from the host platform in response to guest I/O requests are examined with respect to time. If enough time has passed that the virtual device would normally have completed the I/O request, then the completion interrupt is delivered to the guest. If the nominal time has not elapsed, however, the invention enqueues and time-stamps the event and delivers it at the earliest of a) the normal maturity time, or b) at a safepoint. | 04-14-2011 |
| 20110088027 | TRACKING BLOCK-LEVEL WRITES - One embodiment is a method of installing a block-level write tracking driver in a Microsoft Windows™ operating system so that no reboot of the system is need, another embodiment is a method of installing a block-level write tracking driver in a Linux operating system so that no reboot of the system is needed, and still another embodiment is a method of tracking block-level writes to snapshots under newer Microsoft Windows™ operating systems. | 04-14-2011 |
| 20110082962 | MONITORING A DATA STRUCTURE IN A VIRTUAL MACHINE - A method for monitoring a data structure maintained by guest software within a virtual machine is disclosed. Changes to the contents of the data structure are determined, such as by placing write traces on the memory pages containing the data structure. Also, the method involves determining when memory pages containing the data structure are swapped into and/or out of guest physical memory by the guest software, such as by placing write traces on the memory pages containing the guest page table and detecting changes to the present bit of page table entries involved in mapping virtual addresses for the data structure. Information about the contents of the data structure is retained while memory pages containing the data structure are swapped out of guest physical memory. | 04-07-2011 |
| 20110078361 | SYSTEM AND METHOD TO ENHANCE MEMORY PROTECTION FOR PROGRAMS IN A VIRTUAL MACHINE ENVIRONMENT - In a computer system supporting execution of virtualization software and at least one instance of virtual system hardware, an interface is provided into the virtualization software to allow a program to directly define the access characteristics of its program data stored in physical memory. The technique includes providing data identifying memory pages and their access characteristics to the virtualization software which then derives the memory access characteristics from the specified data. Optionally, the program may also specify a pre-defined function to be performed upon the occurrence of a fault associated with access to an identified memory page. In this manner, programs operating both internal and external to the virtualization software can protect his memory pages, without intermediation by the operating system software. | 03-31-2011 |
| 20110075664 | Private Allocated Networks Over Shared Communications Infrastructure - Methods and systems for implementing private allocated networks in a virtual infrastructure are presented. One method operation creates virtual switches in one or more hosts in the virtual infrastructure. Each port in the virtual switches is associated with a private allocated network (PAN) from a group of possible PANs. In one embodiment, one or more PANs share the same physical media for data transmission. The intranet traffic within each PAN is not visible to nodes that are not connected to the each PAN. In another operation, the method defines addressing mode tables for the intranet traffic within each PAN. The entries in the addressing mode tables define addressing functions for routing the intranet traffic between the virtual switches, and different types of addressing functions are supported by the virtual switches. | 03-31-2011 |
| 20110072426 | Speculative Notifications on Multi-core Platforms - A computer system having a plurality of processor cores utilizes a device driver running in a driver virtual machine to handle I/O with the corresponding device for other virtual machines. A hypervisor in the computer system receives an interrupt from the corresponding device and identifies a virtual machine that best correlates to the received interrupt prior to forwarding the interrupt for handling by the driver virtual machine. The hypervisor then speculatively transmits a notification to the identified virtual machine to wake up and poll a memory shared between the identified virtual machine and the driver virtual machine. Once the driver virtual machine completes handling of the forwarded interrupt, it copies data made available by the corresponding device to the shared memory for access by the polling identified virtual machine. | 03-24-2011 |
| 20110072208 | Distributed Storage Resource Scheduler and Load Balancer - Distributed storage resources are managed based on data collected from online monitoring of workloads on the storage resources and performance characteristics of the storage resources. Load metrics are calculated from the collected data and used to identify workloads that are migration candidates and storage units that are migration destinations, so that load balancing across the distributed storage resources can be achieved. | 03-24-2011 |
| 20110066819 | Method and System for Optimizing Live Migration of Persistent Data of Virtual Machine Using Disk I/O Heuristics - Techniques for migrating persistent data of virtual machines between and across data stores are optimized using special tracking data structures and monitoring methods. Special tracking data structures include an incremental change block tracking bitmap that indicate what blocks have been modified during a copy operation. The determination of whether any one block has been modified during the copy operation is based on whether or not the copy operation has progressed past that block. Another special tracking data structure is a Bloom filter, which provides a space-efficient data structure for keeping track of dirtied blocks. In addition, heat-based optimization techniques are applied so that blocks that are frequently updated are filtered and not transferred to the destination data store until the last iteration of the migration process. | 03-17-2011 |
| 20110066786 | Method of Suspending and Resuming Virtual Machines - A virtual machine is suspended and quickly restarted while maintaining the VM's state. The method is quick enough so that network connections are maintained across the restart and the guest operating system and guest applications running in the VM are not aware of the restart. As a result, users and clients connected to the VM do not notice any downtime or disruption to the VM. After suspension and before the restart, VM configuration changes that would not be possible or be very difficult through code changes alone while the VM was running can be made. | 03-17-2011 |
| 20110066597 | Method and System for Performing Live Migration of Persistent Data of a Virtual Machine - Persistent data of virtual machines are migrated between and across data stores using a method that provides for a bounded disk size, low performance overhead, arbitrarily low downtimes, atomic switch-over, and ability to build optimizations based around block level heuristics. The method includes the steps of copying the persistent data at the source data store to the destination data store, updating a bitmap data structure during the copying step to indicate which blocks of the persistent data have been modified during the copying step, identifying the blocks that have been modified during the copying step using the bitmap data structure, and copying the identified blocks to the destination data store. The method may further include the step of determining that the number of the identified blocks is below a predetermined threshold and suspending the virtual machine prior to the second copying step. | 03-17-2011 |
| 20110060832 | Fast Determination of Compatibility of Virtual Machines and Hosts - A method of determining compatibility of a virtual machine or virtual machine disk file with a host, including a storage host, is disclosed. A lookup matrix is created to provide a fast compatibility lookup for a group of computing objects and a group of hosts. To create the lookup matrix, computing object properties are retrieved from each of the plurality of computing objects. The computing object properties include resource requirements of each of the plurality of computing objects. Further, host properties are retrieved from each of the plurality of hosts. The method further includes creating a plurality of host logical groups of a subset of the plurality of hosts having substantially same host properties and creating a plurality of computing object logical groups of a subject of the plurality of computing objects having substantially same computing object properties. The lookup matrix provides answers whether each member of a selected computing object logical group can be transferred to each member of a selected host logical group. | 03-10-2011 |
| 20110055479 | Thread Compensation For Microarchitectural Contention - A thread (or other resource consumer) is compensated for contention for system resources in a computer system having at least one processor core, a last level cache (LLC), and a main memory. In one embodiment, at each descheduling event of the thread following an execution interval, an effective CPU time is determined. The execution interval is a period of time during which the thread is being executed on the central processing unit (CPU) between scheduling events. The effective CPU time is a portion of the execution interval that excludes delays caused by contention for microarchitectural resources, such as time spent repopulating lines from the LLC that were evicted by other threads. The thread may be compensated for microarchitectural contention by increasing its scheduling priority based on the effective CPU time. | 03-03-2011 |
| 20110055274 | PROVIDING MULTIPLE CONCURRENT ACCESS TO A FILE SYSTEM - Multiple computers are connected to a data storage unit that includes a file system, which further includes multiple data entities, including files, directories and the file system itself. The file system also includes, for each data entity, an owner field for indicating which computer, if any, has exclusive or shared access to the data entity, along with a time field for indicating when a lease of the data entity began. When a computer wants to lease a data entity, the computer uses a disk reservation capability to temporarily lock the data storage unit, and, if the data entity is not currently leased, the computer writes its own identification value into the owner field and a current time into the time field for the data entity, to claim the data entity for a renewable lease period. If a prior lease of a data entity has expired, another computer may break the lease and claim ownership for itself. | 03-03-2011 |
| 20110047211 | Measuring Client Interactive Performance Using a Display Channel - Methods, systems, and computer programs for measuring performance of virtual desktop services offered by a server computer are presented. The method includes receiving an action request at the server computer, where the server computer is configured to generate display views for the requesting client. The method further embeds, at the server computer, a first encoded area into a first image frame that is communicated to a client computer when acknowledging receipt of the action request. After the action associated with the action request is completed, the method embeds a second encoded area into a second image frame that is communicated to the client computer. Action performance time is stored in memory, where the action performance time is based on the time difference between arrivals of the first and second image frames at the client computer. The stored timing information is used to generate statistical performance data. | 02-24-2011 |
| 20110047195 | METHOD OF UNIVERSAL FILE ACCESS FOR A HETEROGENEOUS COMPUTING ENVIRONMENT - An architecture and system are described that provide a unified file access service within in a managed computing environment composed of diverse networks, computing devices, and storage devices. The service provides mechanisms for remotely accessing the file systems of any managed computer or disk snapshot, independently of the computer's current state (powered on, suspended or powered off), its location within the environment, its hardware type (virtual vs. physical), its operating system type, and its file system formats. The system isolates centralized FPAs from the details of clients, proxies and storage elements by providing a service that decomposes offloaded file system access into two steps. A FPA or a requester acting on behalf of the FPA first expresses the disk set or the computer containing the file systems it wishes to access, along with requirements and preferences about the access method. The service figures out an efficient data path satisfying the FPA's needs, and then automatically configures a set of storage and computing resources to provide the data path. The service then replies with information about the resources and instructions for using them. The FPA then accesses the requested file systems using the returned information. | 02-24-2011 |
| 20110029821 | METHOD AND SYSTEM FOR RECORDING A SELECTED COMPUTER PROCESS FOR SUBSEQUENT REPLAY - The execution behavior of a selected application is recorded for subsequent replay. During recording, only those portions of memory that are accessed by the selected application are stored. As a result, the amount of data that is stored during the recording session is reduced and data that is not necessary for replaying the selected application, which may include possible sensitive and personal information, are not stored. | 02-03-2011 |
| 20110023030 | On-Line Replacement and Changing of Virtualization Software - In a virtualized system running one or more virtual machines on a first hypervisor, a second hypervisor is installed and control of the hardware resources of the physical computer supporting the virtualized system is migrated from the first hypervisor to the second hypervisor without interrupting the operation of the first hypervisor and the virtual machines. Initially a minimal set of hardware resources is hot-removed from control by the first hypervisor, and the second hypervisor is launched on the minimal set of hardware resources. Both the remaining hardware resources and the virtual machines are then migrated from the first hypervisor to the second hypervisor until all the virtual machines have been migrated over to the second hypervisor, while the virtual machines and the first hypervisor continue running largely unaffected by the migration process. | 01-27-2011 |
| 20110022883 | Method for Voting with Secret Shares in a Distributed System - A replicated decentralized storage system comprises a plurality of servers that locally store disk images for locally running virtual machines as well as disk images, for failover purposes, for remotely running virtual machines. To ensure that disk images stored for failover purposes are properly replicated upon an update of the disk image on the server running the virtual machine, a hash of a unique value known only to the server running the virtual machine is used to verify the origin of update operations that have been transmitted by the server to the other servers storing replications of the disk image for failover purposes. If verified, the update operations are added to such failover disk images. To enable the replicated decentralized system to recover from a failure of the primary server, the master secret is subdivided into parts and distributed to other servers in the cluster. Upon a failure of the primary server, a secondary server receives a threshold number of the parts and is able to recreate the master secret and failover virtual machines that were running in the failed primary server. | 01-27-2011 |
| 20110022695 | Management and Implementation of Enclosed Local Networks in a Virtual Lab - Methods, systems, and computer programs for creating isolated environments that include virtual machines (VM) and networks in a virtual infrastructure are presented. The method includes an operation to define a configuration of a virtual system which includes VMs, virtual network interface cards (VNIC) in the VMs, and configuration local networks (CLN). Further, the method associates each VNIC with one of the CLNs and transmits instructions to the virtual infrastructure for deploying the configuration. Deploying the configuration includes instantiating VMs and CLNs in the virtual infrastructure. Each VM is instantiated in a host monitored by a virtual lab server, and the CLNs are instantiated in the same hosts where the VMs have been instantiated. Only VMs from the configuration can connect to the instantiated CLNs. The method further transmits instructions to the virtual infrastructure to customize the VMs by executing the customization instructions in the guest operating systems of the VMs to configure the VMs' VNICs. | 01-27-2011 |
| 20110022694 | Automated Network Configuration of Virtual Machines in a Virtual Lab Environment - Methods, systems, and computer programs for creating virtual machines (VM) and associated networks in a virtual infrastructure are presented. The method defines virtual network templates in a database, where each virtual network template includes network specifications. A configuration of a virtual system is created, which includes VMs, virtual lab networks associated with virtual network templates, and connections from the VMs to the virtual lab networks. Further, the configuration is deployed in the virtual infrastructure resulting in a deployed configuration. The deployment of the configuration includes instantiating in the virtual infrastructure the VMs of the configuration, instantiating in the virtual infrastructure the virtual lab networks, retrieving information from the database, and creating and executing programming instructions for the VMs. The database information includes the network specifications from the virtual network templates associated with the virtual lab networks, and network resources for the virtual lab networks from a pool of available network resources. The programming instructions are created for the particular Guest Operating System (GOS) running in each VM based on the GOS and on the retrieved database information. When executed in the corresponding VM GOS, the programming instructions configure the VMs network interfaces with the corresponding network specifications. | 01-27-2011 |
| 20110022574 | System and Method for Replicating Disk Images in a Cloud Computing Based Virtual Machine File System - A replicated decentralized storage system comprises a plurality of servers that locally store disk images for locally running virtual machines as well as disk images, for failover purposes, for remotely running virtual machines. To ensure that disk images stored for failover purposes are properly replicated upon an update of the disk image on the server running the virtual machine, a hash of a unique value known only to the server running the virtual machine is used to verify the origin of update operations that have been transmitted by the server to the other servers storing replications of the disk image for failover purposes. If verified, the update operations are added to such failover disk images. | 01-27-2011 |
| 20110010691 | Distributed Software Testing Using Cloud Computing Resources - A method of creating computing environment in a cloud computing environment for execution of a test is disclosed. The method includes loading a setup script from a script store. The loading is performed by a test manager that is in communication with the script store. The test manager checks if there are more setup scripts to be loaded. If yes, the remaining setup scripts are loaded by the test manager. The test manager then calculates computing resources needed to run all tests as coded in all loaded scripts. The test manager then attempts to reserve needed computing resources in a virtual data center using a data center infrastructure manager. | 01-13-2011 |
| 20110010390 | CONCURRENCY CONTROL IN A FILE SYSTEM SHARED BY APPLICATION HOSTS - A manager program for managing virtual machines includes a process which receives a notification message indicating an occurrence of an event affecting a data storage unit in a data storage system that supports a shared file system. The notification message might have come from a virtual machine host or resulted from a hardware reconfiguration. The manager program then determines whether another virtual machine host is sharing the data storage unit. The manager program might make this determination by polling each of the virtual machine hosts it manages or by checking information previously collected and stored in a database. If another virtual machine host is sharing the data storage unit, the manager program sends a refresh message to that virtual machine host that causes the virtual machine host to update information relating to the data storage unit in a cache associated with the virtual machine host. | 01-13-2011 |
| 20100333165 | FIREWALL CONFIGURED WITH DYNAMIC MEMBERSHIP SETS REPRESENTING MACHINE ATTRIBUTES - A method is provided to control the flow of packets within a system that includes one or more computer networks comprising: policy rules are provided that set forth attribute dependent conditions for communications among machines on the one or more networks; machine attributes and corresponding machine identifiers are obtained for respective machines on the networks; and policy rules are transformed to firewall rules that include machine identifiers of machines having attributes from among the obtained machine attributes that satisfy the attribute dependent policy rules. | 12-30-2010 |
| 20100333088 | VIRTUALIZED MOBILE DEVICES - One embodiment is a virtualized mobile device including virtualization software that supports one or more virtual machines and further includes: (a) device emulation software that communicates with device driver software in the one or more virtual machines; (b) device driver software that communicates with one or more physical devices of the mobile device; and (c) transformer stack software that interacts with the device emulation software and the device driver software. | 12-30-2010 |
| 20100332910 | SYSTEM AND METHOD TO REDUCE TRACE FAULTS IN SOFTWARE MMU VIRTUALIZATION - A system for identifying an exiting process and removing traces and shadow page table pages corresponding to the process' page table pages. An accessed minimum virtual address is maintained corresponding to an address space. In one embodiment, whenever a page table entry corresponding to the accessed minimum virtual address changes from present to not present, the process is determined to be exiting and removal of corresponding trace and shadow page table pages is begun. In a second embodiment, consecutive present to not-present PTE transitions are tracked for guest page tables on a per address space basis. When at least two guest page tables each has at least four consecutive present to not-present PTE transitions, a next present to not-present PTE transition event in the address space leads to the corresponding guest page table trace being dropped and the shadow page table page being removed. | 12-30-2010 |
| 20100332889 | MANAGEMENT OF INFORMATION TECHNOLOGY RISK USING VIRTUAL INFRASTRUCTURES - Information Technology Risk to an organization is associated with a plurality of virtual machines (VMs) each running on a plurality of hosts, each host being a computer system connected to a network and in communication with a risk orchestrator, which receives threat indication messages (TIMs) from threat indicators. Each TIM indicates a status of a threat to which a hosts is vulnerable. Downtime probability (DTP) resulting from the threat and an overall host DTP for each host are calculated. For each VM, a risk value associated with the VM is calculated as a function of the host DTP for and an impact for the VM, the impact being a value reflecting a relative importance of the VM to the organization. Each VM requiring risk mitigation is identified and prioritized in accordance with a policy, and a configured mitigation control action may be carried out for each VM requiring risk mitigation. | 12-30-2010 |
| 20100332635 | MIGRATING FUNCTIONALITY IN VIRTUALIZED MOBILE DEVICES - One embodiment of the present invention is a method of migrating functionality to a target virtualized mobile device including virtualization software that supports one or more virtual machines, the method including: (a) embodying the functionality in a virtual machine; and (b) migrating the virtual machine to the target virtualized mobile device. | 12-30-2010 |
| 20100330961 | PROVIDING SECURITY IN VIRTUALIZED MOBILE DEVICES - One embodiment is a method of providing security in a virtualized mobile device including virtualization software that supports one or more virtual machines, the method including: (a) receiving a security policy at the virtualized mobile device, which security policy includes one or more location or location-time scenarios for the virtualized mobile device, which scenarios identify applications to be curtailed, and how they are to be curtailed and applications that are to be enabled, and how they are to be enabled; (b) collecting one or more of mobile device location information or information related to time spent at the location; identifying a scenario that pertaining to the one or more of the location and time information; and (c) curtailing or enabling applications in accordance with the identified scenario. | 12-30-2010 |
| 20100330953 | Controlling Usage in Virtualized Mobile Devices - One embodiment is a method of controlling usage in a virtualized mobile device including virtualization software that supports one or more virtual machines, the method including: (a) receiving control information at the virtualized mobile device that includes one or more limits pertaining to one or more uses of the virtualized mobile device; (b) collecting usage information relating to the one or more uses; (c) determining whether usage information corresponding to one of the one or more uses exceeds a corresponding one of the one or more limits; and if so; (d) carrying out a predetermined action relating to the one of the one or more uses. | 12-30-2010 |
| 20100328064 | PREVENTING MALWARE ATTACKS IN VIRTUALIZED MOBILE DEVICES - One embodiment is a method of preventing malware attacks in a virtualized mobile device including virtualization software that supports one or more virtual machines, the method including: (a) collecting information related to the status of physical device drivers; and (b) sending the information to virus protection software; wherein the virus protection software includes a set of rules that trigger one or more actions based on the information it receives concerning the physical device drivers. | 12-30-2010 |
| 20100318991 | Virtual Machine Fault Tolerance - In a computer system running a primary virtual machine (VM) on virtualization software on a primary virtualized computer system (VCS) and running a secondary VM on virtualization software on a secondary VCS, a method for the secondary VM to provide quasi-lockstep fault tolerance for the primary VM includes: as the primary VM is executing a workload, virtualization software in the primary VCS is: (a) causing predetermined events to be recorded in an event log, (b) keeping output associated with the predetermined events pending, and (c) sending the log entries to the virtualization software in the secondary VCS; as the secondary VM is replaying the workload, virtualization software in the secondary VCS is: (a) sending acknowledgements indicating that log entries have been received; (b) when the virtualization software encounters one of the predetermined events, searching the log entries to determine whether a log entry corresponding to the same event was received from the primary VCS, and if so, comparing data associated with the predetermined event produced by the secondary VM with that of the primary VM; if there is a match, the virtualization software in the secondary VCS transmitting an acknowledgement to the virtualization software in the primary VCS; one of the virtualization software in the primary or secondary VCS dropping the event and the other dispatching the output; and if there is no match, performing a checkpoint resynchronization. | 12-16-2010 |
| 20100318762 | Synchronizing A Translation Lookaside Buffer with Page Tables - The translation lookaside buffer (TLB) of a processor is kept in synchronization with a guest page table by use of an indicator referred to as a “T” bit. The T bit of the NPT/EPT entries mapping the guest page table are set when a page walk is performed on the NPT/EPT. When modifications are made to pages mapped by NPT/EPT entries with their T bit set, changes to the TLB are made so that the TLB remains in synchronization with the guest page table. Accordingly, record/replay of virtual machines of virtualized computer systems may be performed reliably with no non-determinism introduced by stale TLBs that fall out of synchronization with the guest page table. | 12-16-2010 |
| 20100306849 | ON-ACCESS ANTI-VIRUS MECHANISM FOR VIRTUAL MACHINE ARCHITECTURE - A tangible medium embodying instructions usable by a computer system to protect a plurality of guest virtual machines (VMs), which execute via virtualization software on a common host platform, from malicious code is described. A scan engine is configured to scan data for malicious code and determine a result of the scanning, wherein the result indicates whether malicious code is present in the data. A driver portion is configured for installation in an operating system of a target VM, which is one of the guest VMs. The driver portion intercepts an access request to a file, that originates within the target VM. The driver portion communicates information identifying a location of the data to be scanned by the scan engine without sending a copy of the data to the scan engine. The scan engine executes within the virtualization layer outside a context of the target VM. | 12-02-2010 |
| 20100306599 | Method and System for Throttling Log Messages for Multiple Entities - A software module capable of simultaneously supporting multiple services provides log message throttling for each service with a separate “per service” log message buffer. When the software module is a device driver, for example, each device controlled by the device driver is allocated a message buffer to store descriptive log messages. Upon generation of a warning log message, descriptive log messages in the message buffer are flushed to a log file for review by an administrator. Furthermore, log message throttling may be implemented by only flushing the message buffer upon certain occurrences of warning log messages, such as in accordance with an exponential back-off algorithm. | 12-02-2010 |
| 20100299667 | SHORTCUT INPUT/OUTPUT IN VIRTUAL MACHINE SYSTEMS - Read requests to a commonly accessed storage volume are conditionally issued, depending on whether or not a requested data block is already stored in memory from a prior access or to be stored in memory upon completion of a pending request. A data structure is maintained in memory to track physical memory pages and to indicate for each physical memory page the corresponding location in the storage volume from which the contents of the physical memory were read and the number of virtual memory pages that are mapped thereto. | 11-25-2010 |
| 20100299665 | INTERPOSITION METHOD SUITABLE FOR HARDWARE-ASSISTED VIRTUAL MACHINE - One embodiment of the present invention is a method of interposing operations in a computational system that includes a virtualization system executable on an underlying hardware processor that natively supports one or more instructions that transition between host and guest execution modes. The method includes introducing a hooked vector into a supervisor register block of the hardware processor, wherein the hooked vector displaces a system call handler vector otherwise set by a guest computation; read and write protecting at least the hooked vector containing portion of the supervisor register block; initiating execution of a code sequence of the guest computation on the hardware processor using one of the instructions that transition between the host and guest execution modes thereof, wherein the code sequence includes a system call and wherein upon initiation of the system call, the hardware processor transfers execution to a substitute handler in accordance with the hooked vector; and responsive to execution of the substitute handler, initiating a hooked operation and transferring control to the guest system call handler. | 11-25-2010 |
| 20100299368 | Efficient Reconstruction of Virtual Disk Hierarchies Across Storage Domains - A method and software is described for recreating on a target datastore a set of hierarchical files that are present on a source datastore. A content identifier (ID) is maintained for each component of the set of hierarchical files. The content ID of a component is updated when its contents are modified. The child component is copied from the source datastore to the target datastore. The content ID corresponding to the parent component on the source datastore is compared with content IDs corresponding to files present on the target datastore. When a matching content ID is discovered, it infers a copy of the parent component. The matching file on the target datastore is associated with the copied child component so that the matching file becomes a new parent component to the copied child component, thereby recreating the set of hierarchical files on the target. | 11-25-2010 |
| 20100287548 | Long Distance Virtual Machine Migration - Methods, systems and computer programs for migrating a virtual machine (VM) executing on a first host to a second host are presented, where the first host and the second are on different networks. One embodiment of a method includes assigning to the VM a VM address (VMA) belonging to a VM network and publishing a first route to an associated network (AN) via a first virtual router executing on the first host. The method further includes migrating the VM from the first host to the second host, the VM maintaining the assigned VMA after migrating, and publishing a second route to the AN via a second virtual router executing on the second host. The first and second virtual routers have addresses belonging to the VM network, and network packets to and from the VM flow through the virtual router where the VM is executing. A temporary tunnel between the virtual routers allows traffic to flow to the VM while the new route to AN is propagated throughout the network. The use of the associated network, which is associated with the VM, and the publishing of a new route to the VM allow the VM to keep the original VMA network address after the migration. | 11-11-2010 |
| 20100287304 | Internet Protocol Version 6 Network Connectivity in a Virtual Computer System - A method for sharing a network connection between a host system and a virtual machine is disclosed. The method includes sending an outgoing data frame from the virtual machine to a computer network. The host system is enabled to use the network connection using a first layer 2 address and a first layer 3 address. The first layer 2 and the first layer 3 addresses are associated with the network connection. The virtual machine is enabled to attempt to use the network connection using a second layer 2 address and a second layer 3 address. The first layer 3 and the second layer 3 addresses are compliant with IPv6. An occurrence of the second layer 2 address is replaced within the outgoing data frame with the first layer 2 address. If the outgoing data frame includes a network discover protocol (NDP) message of a selected type, the second layer 2 address in the NDP message is replaced by the first layer 2 address. | 11-11-2010 |
| 20100275180 | Method and Apparatus for Automatically Generating Source Code Files in a File Storage Unit - An apparatus for automatically generating source code files in a file storage unit is disclosed. The apparatus includes a file storage unit that stores the source code files, a code generator unit that generates at least some of the source code files, wherein the code generator unit comprises, and a file unit that monitors the file storage unit to detect changes in the file storage unit and in response send file event notifications. A metadata unit that builds a metadata model relating to the source code files in the file storage unit is also provided. The metadata model comprises a plurality of metadata items, each metadata item comprises a metadata section containing metadata, a key that identifies the metadata item, and one or more dependencies of the metadata items in relation to other of the metadata items. The metadata unit sends metadata notifications according to changes to the dependencies of the metadata items. The apparatus further includes at least one add-on unit comprising a metadata provider module that provides the metadata items to the metadata unit and registers the dependencies of the metadata items on other of the metadata items. | 10-28-2010 |
| 20100274987 | MAINTAINING VALIDITY OF CACHED ADDRESS MAPPINGS - A method is provided for creating and maintaining the validity of a cache group including one or more cache elements. Each of the cache elements corresponds to a different address space in a virtual memory of a computer system. Each of the cache elements include one or more caches that store mappings from virtual addresses to data or values that are functions of or dependent upon physical addresses that correspond to the virtual addresses. When there is an address space switch from a first address space to a second address space, the cache group is searched to find the cache element corresponding to the second address space, and that found cache element is made the current cache element for virtual memory access through the cache element. Changes in the page tables are also detected and reflected in the caches of the cache group to maintain the caches up-to-date. | 10-28-2010 |
| 20100274940 | INTERRUPT COALESCING FOR OUTSTANDING INPUT/OUTPUT COMPLETIONS - In a computer system, a method of controlling coalescence of interrupts includes dynamically basing a current level of interrupt coalescing upon a determination of outstanding input/output (I/O) commands for which corresponding I/O completions have not been received. Deliveries of interrupts are executed on the basis of the current level and in an absence of enabling timing-triggered delivery of an interrupt. | 10-28-2010 |
| 20100271381 | METHOD AND SYSTEM FOR IDENTIFYING DRAWING PRIMITIVES FOR SELECTIVE TRANSMISSION TO A REMOTE DISPLAY - Remote desktop servers include a display encoder that maintains a secondary framebuffer that contains display data to be encoded and transmitted to a remote client display and a list of display primitives effectuating updated display data in the secondary framebuffer. The display encoder submits requests to receive the list of drawing primitives to a video adapter driver that receives and tracks drawing primitives that, when executed, update a primary framebuffer. | 10-28-2010 |
| 20100271379 | METHOD AND SYSTEM FOR COPYING A FRAMEBUFFER FOR TRANSMISSION TO A REMOTE DISPLAY - Remote desktop servers include a display encoder that maintains a secondary framebuffer that contains display data to be encoded and transmitted to a remote client display. The display encoder submits requests to update the display data in the secondary framebuffer to a video adapter driver that has access to a primary framebuffer whose display data is updated according to drawing commands received from applications running on the remote desktop servers. The video adapter driver utilizes a spatial data structure to track changes made to the display data located in regions of the primary framebuffer and copies the display data in those regions of the primary framebuffer to corresponding regions in the secondary framebuffer. | 10-28-2010 |
| 20100268993 | DISABLEMENT OF AN EXCEPTION GENERATING OPERATION OF A CLIENT SYSTEM - A method and system of disablement of an exception generating operation of a client system are disclosed. In an embodiment, a method is disclosed in which a snapshot of a client system is acquired. An execution of the client system is recorded, and a system wide exception is intercepted before it causes a client system crash. The execution of the client system is replayed from the snapshot of the client system, and an operation that generates the system wide exception is disabled. | 10-21-2010 |
| 20100250895 | HARDWARE ASSISTANCE FOR SHADOW PAGE TABLE COHERENCE WITH GUEST PAGE MAPPINGS - Some embodiments of the present invention include an execution unit of a processor and a memory management unit interposed between the execution unit and an interface to memory suitable for storage of both guest page tables maintained by a guest operating system and shadow page tables maintained generally in correspondence with the guest page tables by virtualization software. The memory management unit is configured to walk in-memory data structures that encode the shadow page tables, to access entries of the shadow page tables and, based thereon or on a cached representation of page mappings therein, to perform virtual-to-physical address translations relative to memory targets of instructions executed by the execution unit. The memory management unit is responsive to a shadowed write indication coded in association with either an entry of the shadow page tables or a cached representation of a page mapping therein used to perform the virtual-to-physical address translation for a write-type one of the instructions that targets an entry of one of the guest page tables. The memory management unit is configured to complete the memory access of the write-type instruction that targets the guest page table entry and to store in a buffer, information sufficient to allow the virtualization software to later update an entry of the shadow page tables in correspondence therewith. | 09-30-2010 |
| 20100250869 | VIRTUALIZATION SYSTEM USING HARDWARE ASSISTANCE FOR SHADOW PAGE TABLE COHERENCE - One embodiment of the present invention includes a method for maintaining a shadow page table in at least partial correspondence with guest page mappings of a guest computation. The method marking with a traced write indication at least those entries of the shadow page table that map physical memory locations which themselves encode the guest page mappings, the marking identifying, for a hardware facility, a subset of memory access targets for which updates are to be recorded in a guest write buffer accessible to the virtualization system. Responsive to a coherency-inducing operation of the guest computation, the method reads from the guest write buffer and introduces corresponding updates into the shadow page table. | 09-30-2010 |
| 20100250824 | Migrating Virtual Machines Configured With Pass-Through Devices - Virtual machines that utilize pass-through devices are migrated from a source host computer to a destination host computer. During preparation for migration, the pass-through device is substituted with an emulation handler that simulates the pass-through device experiencing errors. Upon successful migration, an error reporting signal is triggered to cause the device driver in the virtual machine to initiate a reset of the pass-through device at the destination host computer, upon which the pass-through device is mapped to the migrated virtual machine. | 09-30-2010 |
| 20100241785 | MANAGEMENT OF HOST PHYSICAL MEMORY ALLOCATION TO VIRTUAL MACHINES WITH A BALLOON APPLICATION - Methods and systems for managing distribution of host physical memory (HPM) among virtual machines (VMs) executing on a host via a hypervisor are presented, where each VM has guest system software including an operating system. A method includes an operation for reserving, by a balloon application executing in a first VM, a guest virtual memory (GVM) location in the first VM. The GVM location is mapped to a guest physical memory (GPM) location, which is mapped to a host physical memory (HPM) location. The balloon application is responsive to the hypervisor for reserving memory. Further, the method includes operations for writing a value to the reserved GVM location and for remapping a plurality of GPM locations containing the value to a single HPM location. The remapping is performed by a content-based page sharing component of the hypervisor. Additionally, the method reclaims the HPM location when the HPM location is freed due to the remapping, and assigns the reclaimed HPM location to a different VM or to a pool of available HPM locations. | 09-23-2010 |
| 20100235832 | Storage Virtualization With Virtual Datastores - Computer implemented methods and systems for providing storage virtualization of physical storage include receiving a request for storage from a virtual machine during provisioning of the virtual machine. The request includes a capability and quota requirement for storage as required by the virtual machine. A virtual datastore that satisfies the capability and quota requirements of the request is identified. If not found, one or more volumes, that satisfy the storage requirements, are discovered or created. A virtual datastore is created and maps to one or more volumes which have unique volume identifiers. A unique virtual datastore identifier is generated for the virtual datastore. The virtual datastore identifier is distinct from the volume identifiers of the underlying volumes. The volumes are mapped to the virtual datastore while retaining the virtual datastore identifier for the virtual datastore. The virtual datastore identifier for the virtual datastore is not changed when modifications are made to the physical storage entities mapped to the virtual datastore. | 09-16-2010 |
| 20100229173 | Managing Latency Introduced by Virtualization - A component manages and minimizes latency introduced by virtualization. The virtualization component determines that a currently scheduled guest process has executed functionality responsive to which the virtualization component is to execute a virtualization based operation, wherein the virtualization based operation is one that is not visible to the guest operating system. The virtualization component causes the guest operating system to de-schedule the currently scheduled guest process and schedule at least one separate guest process. The virtualization component then executes the virtualization based operation concurrently with the execution of the at least one separate guest process. Responsive to completing the execution of the virtualization based operation, the virtualization component causes the guest operating system to re-schedule the de-scheduled guest process. | 09-09-2010 |
| 20100228934 | Zero Copy Transport for iSCSI Target Based Storage Virtual Appliances - A method of transferring data from a virtual machine (VM) to a storage virtual appliance (SVA) is disclosed. In this method, the data is transferred to an iSCSI (Internet Small Computer System Interface) device that is coupled to the VM and has a zero copy data mover implementation of a TCP socket interface. The method further includes sending a memory address of the data to the SVA. The SVA includes an iSCSI device having a zero copy data mover implementation of a TCP socket interface to receive the memory address of the data. The VM and the SVA are running in a same hypervisor host. | 09-09-2010 |
| 20100228913 | METHOD FOR TRACKING CHANGES IN VIRTUAL DISKS - Systems and methods for tracking changes and performing backups to a storage device are provided. For virtual disks of a virtual machine, changes are tracked from outside the virtual machine in the kernel of a virtualization layer. The changes can be tracked in a lightweight fashion with a bitmap, with a finer granularity stored and tracked at intermittent intervals in persistent storage. Multiple backup applications can be allowed to accurately and efficiently backup a storage device. Each backup application can determine which block of the storage device has been updated since the last backup of a respective application. This change log is efficiently stored as a counter value for each block, where the counter is incremented when a backup is performed. The change log can be maintained with little impact on I/O by using a coarse bitmap to update the finer grained change log. | 09-09-2010 |
| 20100228903 | Block Map Based I/O Optimization for Storage Virtual Appliances - A method of performing disk operations on a physical storage that is being managed by a storage virtual appliance (SVA), from a virtual machine (VM), is disclosed. The method includes intercepting a data read/write request form the VM. The data read/write request is intercepted in the hypervisor prior to the read/write request reaches the SVA. The VM and the SVA are hosted in the hypervisor. The read/write request includes virtual block numbers which are translated into physical block numbers before performing the read/write operation on the physical storage. The method further includes probing a copy of virtual Logical Unit Number (LUN) block numbers to physical disk block numbers mapping table (bock map table) in the hypervisor to identify physical block numbers that corresponds to the virtual block numbers in the read/write request. If a mapping of the virtual block numbers in the read/write request is available in the hypervisor cache, the virtual block numbers are translated into the physical block numbers and the read/write request is performed directly to the physical storage totally bypassing the SVA. | 09-09-2010 |
| 20100223611 | REDUCING THE LATENCY OF VIRTUAL INTERRUPT DELIVERY IN VIRTUAL MACHINES - The latency of virtual interrupt delivery in virtual machines is reduced by normalizing and exposing the virtual interrupt routing information of each VM to a privileged domain such as the VMkernel in an organized manner to enable virtual interrupt delivery that minimizes the number of VCPU hops. A computer implemented method of processing the virtual I/O request comprises receiving the virtual I/O request, responsive to completing a physical I/O corresponding to the virtual I/O request, referring to a virtual CPU set including information on a destination virtual CPU designated by the guest operating system for handling a virtual interrupt corresponding to the virtual I/O request, and generating the virtual interrupt corresponding to the virtual I/O request to the destination virtual CPU determined by referring to the virtual CPU set. | 09-02-2010 |
| 20100211829 | FAILURE DETECTION AND RECOVERY OF HOST COMPUTERS IN A CLUSTER - In one or more embodiments of the invention, communication among host agents providing high availability in a computer cluster is implemented by reading and writing to files on a shared data store. Each host agent holds a lock on a file on the shared data store corresponding to a liveness indicator for the host agent and a coordinator host agent periodically monitors the liveness indicators for host failures. | 08-19-2010 |
| 20100205669 | O-TOUCH AND 1-TOUCH TECHNIQUES FOR IMPROVING THE AVAILABILITY OF COMPUTER PROGRAMS UNDER PROTECTION WITHOUT COMPROMISING SECURITY - Protected software, such as an application and/or DLL, is monitored by protective software to guard against attacks, while distinguishing spurious, benign events from attacks. In a 1-touch approach, the protected software is monitored in a testing environment to detect spurious, benign events caused by, e.g., incompatibility or interoperability problems. The spurious events can be remediated in different ways, such as by applying a relaxed security policy. In a production mode, or 0-touch mode, when the protected software is subject to attacks, the corresponding remediation can be applied when the spurious events are again detected. Security events which occur in production mode can also be treated as benign when they occur within a specified time window. The applications and/or DLLs can further be classified according to whether they are known to have bad properties, known to be well-behaved, or unknown. Appropriate treatment is provided based on the classification. | 08-12-2010 |
| 20100205602 | Mechanism for Scheduling Execution of Threads for Fair Resource Allocation in a Multi-Threaded and/or Multi-Core Processing System - A thread scheduling mechanism is provided that flexibly enforces performance isolation of multiple threads to alleviate the effect of anti-cooperative execution behavior with respect to a shared resource, for example, hoarding a cache or pipeline, using the hardware capabilities of simultaneous multi-threaded (SMT) or multi-core processors. Given a plurality of threads running on at least two processors in at least one functional processor group, the occurrence of a rescheduling condition indicating anti-cooperative execution behavior is sensed, and, if present, at least one of the threads is rescheduled such that the first and second threads no longer execute in the same functional processor group at the same time. | 08-12-2010 |
| 20100199285 | VIRTUAL MACHINE UTILITY COMPUTING METHOD AND SYSTEM - An analytics engine receives real-time statistics from a set of virtual machines supporting a line of business (LOB) application. The statistics relate to computing resource utilization and are used by the analytics engine to generate a prediction of demand for the LOB application in order to dynamically control the provisioning of virtual machines to support the LOB application. | 08-05-2010 |
| 20100191854 | PROCESS DEMAND PREDICTION FOR DISTRIBUTED POWER AND RESOURCE MANAGEMENT - Methods and systems for allocating resources in a virtual desktop resource environment are provided. A method includes making a prediction on the future demand for processes running on a distributed environment with several hosts. The prediction is based on the process demand history and includes the removal of historic process demand glitches. Further, the prediction is used to perform a cost and benefit analysis for moving a candidate process from one host to another, and the candidate process is moved to a different host when the cost and benefit analysis recommends such move. In another embodiment, the predictions on future process demand are used for distributed power management by putting hosts in stand-by mode when the overall demand decreases or by adding hosts to the distributed environment when the load increases. | 07-29-2010 |
| 20100191845 | SPECULATIVE VIRTUAL MACHINE RESOURCE SCHEDULING - A speculative virtual machine (“VM”) resource scheduler for a VM that is hosted by a primary host server initiates the creation of at least one duplicate VM on a secondary host server. The VM and the duplicate VM are run substantially in lockstep while the scheduler monitors resources on the primary host server and the secondary host server. The scheduler then determines an advantageous host server among the primary host server and the secondary host server and, based at least in part on the determination, initiates the powering down of either the VM on the primary host server or the duplicate VM on the secondary host server. | 07-29-2010 |
| 20100186014 | DATA MOVER FOR COMPUTER SYSTEM - In a computer system with a disk array that has physical storage devices arranged as logical storage units and is capable of carrying out hardware storage operations on a per logical storage unit basis, data movement operations can be carried out on a per-file basis. A data mover software component for use in a computer or storage system enables cloning and initialization of data to provide high data throughput without moving the data between the kernel and application levels. | 07-22-2010 |
| 20100186013 | Controlling Access to a Shared Resource in a Computer System - A computer system and method are provided that control access to shared resources using a plurality of locks (e.g. mutex locks or read-write locks). A locking unit grants the locks to a plurality of threads of execution of an application in response to lock access requests. A guardian unit monitors the lock access requests and records the locks that are granted to each of the threads. The guardian unit selectively blocks the lock access requests when, according to a predetermined locking protocol, a requested lock must not be acquired after any of the locks which have already been granted to the requesting thread. | 07-22-2010 |
| 20100185596 | DRIFT VISUALIZATION - A system for drift visualization of change data of a datacenter is disclosed. The datacenter includes a plurality of configuration items. The system includes a management server in communication with the data center. The management server includes an agent configured to collect the change data from one or more of the plurality of configuration items. A change data store that is in communication with the management server is provided to store the change data. A data extractor in communication with the change data store is provided to retrieve the change data and providing a filtered subset of the change data to a display. A policy data store in communication with the data extractor is provided to enable the data extractor to filter the change data based on data center policy violations. The visualization depicts multiple dimensions of change-related data for the items in the datacenter in a unique and concise manner. | 07-22-2010 |
| 20100185583 | SYSTEM AND METHOD FOR SCHEDULING DATA STORAGE REPLICATION OVER A NETWORK - The replication of a group of data sets is coordinated into a single schedule based on the recovery point objective (RPO) of each data set. The resulting generated schedule satisfies each data set's RPO requirements and minimizes bandwidth use. If necessary bandwidth exceeds available bandwidth, the resulting generated schedule attempts to best satisfy each data set's RPO requirements given the available bandwidth. | 07-22-2010 |
| 20100180092 | METHOD AND SYSTEM OF VISUALIZATION OF CHANGES IN ENTITIES AND THEIR RELATIONSHIPS IN A VIRTUAL DATACENTER THROUGH A LOG FILE - Disclosed are a method and system of visualization of changes in entities and their relationships in a virtual data center through a log file. In one embodiment, a machine-readable medium embodying a set of instructions is disclosed. Periodically a snapshot is captured from an application programming interface of a management server. The snapshot comprises of entities and relationships of a virtual datacenter. An information of the snapshot is identified. The identified information is relevant to visualization of a state of the virtual datacenter in a log file. An activity of a change in entities and relationships of the virtual datacenter is tracked. An event is registered with the management server through the application programming interface. Based on the event a corresponding delta operation is created and added to the log file. | 07-15-2010 |
| 20100180079 | NOTIFYING SOFTWARE COMPONENTS USING A SHARED PHYSICAL STORAGE MEDIUM - A method for implementing virtual disk reservations on a storage medium for multiple distributed applications. The method includes initializing a plurality of virtual disks, wherein each of the virtual disks is instantiated on a physical storage medium. A reservation status is determined for each of the virtual disks and a first distributed application that uses at least one virtual disk is executed. Upon an update of the reservation status for the at least one virtual disk by the first distributed application, a notification indicator is set to notify a second distributed application of the update. The update is subsequently recognized and the notification indicator is cleared in order to continue I/O for the first distributed application and the second distributed application. | 07-15-2010 |
| 20100169537 | Virtual Machine Migration - A source virtual machine (VM) hosted on a source server is migrated to a destination VM on a destination server without first powering down the source VM. After optional pre-copying of the source VM's memory to the destination VM, the source VM is suspended and its non-memory state is transferred to the destination VM; the destination VM is then resumed from the transferred state. The source VM memory is either paged in to the destination VM on demand, or is transferred asynchronously by pre-copying and write-protecting the source VM memory, and then later transferring only the modified pages after the destination VM is resumed. The source and destination servers preferably share common storage, in which the source VM's virtual disk is stored; this avoids the need to transfer the virtual disk contents. Network connectivity is preferably also made transparent to the user by arranging the servers on a common subnet, with virtual network connection addresses generated from a common name space of physical addresses. | 07-01-2010 |
| 20100169253 | ARTIFICIAL NEURAL NETWORK FOR BALANCING WORKLOAD BY MIGRATING COMPUTING TASKS ACROSS HOSTS - Methods and apparatuses for balancing computing workload via migrating computing tasks are disclosed. An artificial neural network (ANN) is trained based on the workload distribution over time for a host. The ANN predicts the workload for the host, and an indication may be sent to migrate at least one computing task away from the host. The indication is sent when the method is operating in a proactive mode and when the predicted workload is outside of a desired operating range. Some embodiments monitor the workload; and automatically switch the method to the proactive mode, when a difference between the monitored workload and the predicted workload is small. Other embodiments monitor the workload; and automatically switch the method to a reactive mode, when the monitored workload is outside of a failsafe operating range for the particular host. | 07-01-2010 |
| 20100162338 | MEASURING REMOTE VIDEO PLAYBACK PERFORMANCE WITH EMBEDDED ENCODED PIXELS - Methods, systems, and computer programs for measuring performance of remote video delivery are presented. The method embeds at a server computer a marker in selected frames of a video stream. The marker includes a preconfigured sequence of pixels and is followed by a frame number encoded in the pixel data. The method then finds a first marker at a client computer to determine the location of the markers in a display. Once the location of the markers is determined, markers in following frames are detected with their corresponding frame numbers. The method stores the arrival times and frame numbers for each detected marker. The stored arrival times and frame numbers can be used for statistical performance analysis of remote video delivery. | 06-24-2010 |
| 20100162237 | NETWORK ADMINISTRATION IN A VIRTUAL MACHINE ENVIRONMENT THROUGH A TEMPORARY POOL - A method, apparatus, and system of network administration in a virtual machine environment through a temporary pool are disclosed. In one embodiment, a method includes determining that a desktop source requires maintenance, creating a temporary pool, accessing the desktop source requiring maintenance, automatically transferring the desktop source requiring maintenance from a source pool to the temporary pool, determining that an issue with the desktop source transferred to the temporary pool is rectified and automatically transferring the desktop source from the temporary pool to the source pool when the issue is rectified. | 06-24-2010 |
| 20100162235 | VIRTUALIZATION SYSTEM WITH A REMOTE PROXY - A remote proxy provides remote control to a virtualization system. The virtualization system includes a computer having virtualization software executing on the computer, and one or more virtual machines executing on the computer by way of the virtualization software, each of the virtual machines having a guest operating system. The remote proxy receives over a network connection a plurality of logical channels of a multi-channel remote control protocol at a first domain of a plurality of domains of the virtualization system. Each of the logical channels convey information corresponding to one of the domains. For each logical channel, the remote proxy identifies the corresponding domain. Further, for each of the logical channels corresponding to a domain other than the first domain, the remote proxy forwards the logical channel to the corresponding domain. | 06-24-2010 |
| 20100161863 | COMMUNICATING WITH USB DEVICES AFTER A COMPUTER SYSTEM CRASH - One embodiment is a method of transferring data from a computer system to a Universal Serial Bus (USB) device after a computer system crash where interrupts are masked, the method comprising: (a) detecting the computer system crash; (b) transferring at least a portion of the data to a USB driver for the USB device; (c) the USB driver transferring the portion of the data to a USB controller driver for a USB controller for the USB device; (d) the USB controller driver causing the USB controller to transfer the portion of the data to the USB device; (e) polling the USB controller to determine whether the data transfer was completed; and (f) if the data transfer was completed, providing a notification to the computer system. Another embodiment is a method of transferring data from a Universal Serial Bus (USB) device to a computer system after a computer system crash where interrupts are masked, the method comprising: (a) detecting the computer system crash; (b) identifying a USB device used to communicate data to the computer system; (c) polling a USB controller for the identified USB device to determine whether new input has been received; (d) if so, obtaining the new input; and (e) transferring the new output to the computer system for further processing. | 06-24-2010 |
| 20100161711 | MEASURING CLIENT INTERACTIVE PERFORMANCE USING A DISPLAY CHANNEL - Methods, systems, and computer programs for measuring performance of virtual desktop services offered by a server computer are presented. The method includes receiving from a client computer an action request to be executed at the server computer, where the server computer is configured to generate display views for the requesting client. The method further embeds, at the server computer, a first encoded pixel into a first image frame that is communicated to the client computer when acknowledging receipt of the action request. Further, the method embeds a second encoded pixel into a second image frame that is communicated to the client computer after completion of the action associated with the action request. Action performance time is stored in memory, where the action performance time is the time between arrivals of the first and second image frames at the client computer. The stored timing information is used to generate statistical performance data. | 06-24-2010 |
| 20100153950 | POLICY MANAGEMENT TO INITIATE AN AUTOMATED ACTION ON A DESKTOP SOURCE - A method, apparatus, and system of policy management to initiate an automated action on a desktop source are disclosed. In one embodiment, a machine-readable medium embodying a set of instructions is disclosed. An event is detected. The event associated with a desktop source is automatically determined. A category of the event is determined. A policy is associated to the event based on the category. The policy is applied to the desktop source. Desktop sources may be reshuffled based on the policy. The internal event may be determined as a load balancing issue in which the desktop source may reside in a pool having maximum utilization. The desktop source may be transferred to anther pool having less utilization based on the policy. | 06-17-2010 |
| 20100153946 | DESKTOP SOURCE TRANSFER BETWEEN DIFFERENT POOLS - A method, apparatus, and system of desktop source transfer between different pools are disclosed. In one embodiment, a machine-readable medium includes determining that a transfer request is associated with a desktop source, accessing the desktop source from a source pool, and automatically transferring the desktop source from the source pool to a destination pool. | 06-17-2010 |
| 20100138825 | Computer System and Method for Configuring an Application Program in a Computer System - A computer system which configures an application program to execute with one or more resources is disclosed. The computer system includes a configuration unit to configure the application program for deployment into a runtime execution environment. The application program is divided into a plurality of bundles and the configuration unit examines the bundles individually to determine a bundle environment for each bundle based on dependencies of that bundle on the one or more resources. The configuration unit selects one or more conventions, which provide templates of configuration for a relevant resource, according to the determined bundle environment, and the configuration unit automatically generates a system configuration from the selected conventions and adds the generated system configuration to the application program, whereby the dependencies of the application program upon the resources are configured based on at least the automatically generated system configuration. | 06-03-2010 |
| 20100138818 | Computer System and Method for Resolving Dependencies in a Computer System - A computer system and a method are disclosed for use in automatically deploying an application program to execute with one or more library resources. The computer system includes a deployment unit which deploys the application program into a runtime execution environment. When a predetermined trigger condition is detected, the deployment unit clones a first library resource to create a clone, transforms the application to depend upon the clone and resolves the dependencies of the application using the clone. In one embodiment, the trigger condition relates to a pinning situation, whereby a library upon which the application program depends cannot be wired to the application program to resolve the dependency. Here, the clone now satisfies that dependency. In another embodiment, the trigger condition is a mandatory cloning property that requires the library to be cloned. The mandatory cloning property may also be user-specified through a user interface. | 06-03-2010 |
| 20100131636 | APPLICATION DELIVERY CONTROL MODULE FOR VIRTUAL NETWORK SWITCH - A virtualized platform includes a virtual switch connected to the virtual network interface cards (vNICs) for a group of virtual machines running the same application program that is associated with multiple software ports. A module in the virtualized platform monitors the virtual switch's receipt of a network packet that includes control information relating to the application program and its software ports. The module applies a load balancing algorithm to select a vNIC from the vNICs connected or connectable to the virtual switch, based on the rate of processing of previous network packets by each the vNICs (e.g., as measured by the size of a network packet queue). The module might also apply the load balancing algorithm to select a software port for the application. The module then causes the virtual switch to route the network packet to the selected vNIC and software port. | 05-27-2010 |
| 20100125667 | DYNAMIC CONFIGURATION OF VIRTUAL MACHINES - A computer implemented method for configuring virtual internal networks for testing is provided. The method includes deploying a virtual firewall and deploying a public switch enabling access to an external local area network through a first interface of the virtual firewall. A private switch enabling access to a plurality of virtual machines through a second interface of the virtual firewall is provided. The plurality of virtual machines define a private network behind the firewall. A network address is assigned to the virtual firewall and a private address is assigned to each of the virtual machines. The plurality of virtual machines are then tested through a test launcher in communication with the public switch. | 05-20-2010 |
| 20100122052 | Generating and Using Checkpoints in a Virtual Computer System - To generate a checkpoint for a virtual machine (VM), first, while the VM is still running, a copy-on-write (COW) disk file is created pointing to a parent disk file that the VM is using. Next, the VM is stopped, the VM' s memory is marked COW, the device state of the VM is saved to memory, the VM is switched to use the COW disk file, and the VM begins running again for substantially the remainder of the checkpoint generation. Next, the device state that was stored in memory and the unmodified VM memory pages are saved to a checkpoint file. Also, a copy may be made of the parent disk file for retention as part of the checkpoint, or the original parent disk file may be retained as part of the checkpoint. If a copy of the parent disk file was made, then the COW disk file may be committed to the original parent disk file. | 05-13-2010 |
| 20100114825 | VERSION CONTROL ENVIRONMENT FOR VIRTUAL MACHINES - A method of maintaining update history of a virtual machine (VM) is disclosed. The VM includes a version number. The method includes continuously monitoring a state of the VM. The monitoring of the state including detecting updates in configurations and applications of the VM. The changes in a status of the applications and the configuration are captured and metadata of the VM is updated when a change in the configurations or in the applications is detected. The version number of the VM is then incremented. | 05-06-2010 |
| 20100107158 | LOW OVERHEAD FAULT TOLERANCE THROUGH HYBRID CHECKPOINTING AND REPLAY - A virtualized computer system provides fault tolerant operation of a primary virtual machine. In one embodiment, this system includes a backup computer system that stores a snapshot of the primary virtual machine and a log file containing non-deterministic events occuring in the instruction stream of the primary virtual machine. The primary virtual machine periodically updates the snapshot and the log file. Upon a failure of the primary virtual machine, the backup computer can instantiate a failover backup virtual machine by consuming the stored snapshot and log file. | 04-29-2010 |
| 20100106820 | QUALITY OF SERVICE MANAGEMENT - A method and system for providing quality of service to a plurality of hosts accessing a common resource is described. According to one embodiment, a plurality of IO requests is received from clients executing as software entities on one of the hosts. An IO request queue for each client is separately managed, and an issue queue is populated based on contents of the IO request queues. When a host issue queue is not full, a new IO request is entered into the host issue queue and is issued to the common resource. A current average latency observed at the host is calculated, and an adjusted window size is calculated at least in part based on the current average latency. The window size of the issue queue is adjusted according to the calculated window size. | 04-29-2010 |
| 20100106816 | QUALITY OF SERVICE MANAGEMENT - A method for providing quality of service to a plurality of hosts accessing a common resource is described. The common resource may be a middle-tier or back-end server. A client IO request is received at one host of the plurality of hosts from one of a plurality clients executing as software entities on respective hosts. The host determines whether an issue queue is full. The IO request is issued to the common resource when the issue queue is not full. A current average latency observed at the host and an adjusted window size is calculated, based at least in part on the current average latency. The issue queue is resized to correspond with the adjusted window size. | 04-29-2010 |
| 20100100879 | METHODS AND SYSTEMS FOR CONVERTING A RELATED GROUP OF PHYSICAL MACHINES TO VIRTUAL MACHINES - A computer implemented method for processing virtualization of physical computers that are part of a group into virtual computers is provided. The method includes obtaining relationship data from the physical computers, where the relationship data identifies parameters used to communicate within the group. Then, the method analyzes utilization parameters for each of the physical computers of the group. A visual model for proposed virtualization of the group of physical computers is then generated. The visual model identifies hosting machines designated to define a virtual computer for each of the physical computers, where the visual model provides a graphical illustration of the group of physical computers once converted to virtual computers. The method enables adjustment of the proposed virtualization of the group of physical computers. Then, an execution sequence of virtualization operations to be carried out is generated, if execution of the proposed virtualization is triggered, and the execution sequence is saved to storage and accessed upon execution. | 04-22-2010 |
| 20100095300 | Online Computation of Cache Occupancy and Performance - Methods, computer programs, and systems for managing thread performance in a computing environment based on cache occupancy are provided. In one embodiment, a computer implemented method assigns a thread performance counter to threads being created to measure the number of cache misses for the threads. The thread performance counter is deduced in one embodiment based on performance counters associated with each core in a processor. The method further calculates a self-thread value as the change in the thread performance counter of a given thread during a predetermined period, and an other-thread value as the sum of all the changes in the thread performance counters for all threads except for the given thread. Further, the method estimates a cache occupancy for the given thread based on a previous occupancy for the given thread, and the calculated shelf-thread and other-thread values. The estimated cache occupancy is used to assign computing environment resources to the given thread. In another embodiment, cache miss-rate curves are constructed for a thread to help analyze performance tradeoffs when changing cache allocations of the threads in the system. | 04-15-2010 |
| 20100095045 | Partial Copying of Data to Transmit Buffer for Virtual Network Device - In a virtualized computer system, a network frame is transmitted from a virtual machine using a network interface device, possibly through a virtual switch, by copying only a part of the network frame to the transmit buffers that have pre-translated mappings from guest physical addresses to hypervisor virtual addresses and to machine addresses. The length of the part of the network frame that is copied to the transmit buffers may be variable. | 04-15-2010 |
| 20100094916 | Service Level Management System - A method for controlling and maintaining a level of service of web applications is disclosed. The method includes generating a context for each request sent from a client to a web server and for each reply sent from a web server to a client. Then it is determined whether the context belongs to an identified transaction. Statistics respective of the identified transaction is then gathered. Further, a determination is made whether at least one policy predefined for the identified application is violated. A plurality of corrective actions are performed if at least one policy is determined to be violated. | 04-15-2010 |
| 20100088474 | SYSTEM AND METHOD FOR MAINTAINING MEMORY PAGE SHARING IN A VIRTUAL ENVIRONMENT - In a virtualized system using memory page sharing, a method is provided for maintaining sharing when Guest code attempts to write to the shared memory. In one embodiment, virtualization logic uses a pattern matcher to recognize and intercept page zeroing code in the Guest OS. When the page zeroing code is about to run against a page that is already zeroed, i.e., contains all zeros, and is being shared, the memory writes in the page zeroing code have no effect. The virtualization logic skips over the writes, providing an appearance that the Guest OS page zeroing code has run to completion but without performing any of the writes that would have caused a loss of page sharing. The pattern matcher can be part of a binary translator that inspects code before it executes. | 04-08-2010 |
| 20100088328 | NAMESPACE MAPPING TO CENTRAL STORAGE - A file management system includes a host computer having one or more virtual machines, a switching layer computer configured to manage a namespace map for the virtual machines in the host computer, and a central storage unit. The host computer is connected indirectly to the central storage unit through an in-band IO path that includes the switching layer computer and directly to the central storage unit through an out-of-band IO path. When a virtual machines issues a file operation, a file operation including a data operation is routed to the central storage unit along an out-of-band IO path and a file operation including a metadata operation is routed to the central storage unit along an in-band IO path that includes the switching layer computer. | 04-08-2010 |
| 20100082922 | VIRTUAL MACHINE MIGRATION USING LOCAL STORAGE - A method, apparatus, and system of virtual machine migration using local storage are disclosed. In one embodiment, a method includes creating a current snapshot of an operating virtual machine on a source physical server, storing a write data on a low-capacity storage device accessible to the source physical server and a destination physical server during a write operation on the destination physical server, and launching the operating virtual machine on the destination physical server when a memory data is copied from the source physical server to the destination physical server. The current snapshot may be a read-only state of the operating virtual machine frozen at a point in time. A time and I/O that may be needed to create the current snapshot that may not increase with a size of the operating virtual machine. | 04-01-2010 |
| 20100077165 | Tracking Block-Level Changes Using Snapshots - Writes to blocks of a protected storage volume that occur between the beginning of a prior backup interval and the beginning of a current backup interval are tracked using a first snapshot that is maintained through the current backup interval. At the beginning of the current backup interval, a second snapshot is generated. Blocks that are indicated by a dirty block list of the first snapshot as having been changed are read from the snapshot volume for the second snapshot and copied to a backup storage volume. For the next backup interval, the second snapshot or alternatively, a newly generated third snapshot, is used to track writes to blocks of a protected storage volume that occur between the beginning of the current backup interval and the beginning of a next backup interval. | 03-25-2010 |
| 20100077013 | COMPUTER STORAGE DEDUPLICATION - A data center comprising plural computer hosts and a storage system external to said hosts is disclosed. The storage system includes storage blocks for storing tangibly encoded data blocks. Each of said hosts includes a deduplicating file system for identifying and merging identical data blocks stored in respective storage blocks into one of said storage blocks so that a first file exclusively accessed by a first host of said hosts and a second file accessed exclusively by a second host of said hosts concurrently refer to the same one of said storage blocks. | 03-25-2010 |
| 20100076934 | Storing Block-Level Tracking Information in the File System on the Same Block Device - Writes to a storage device of a protected computer system are tracked in a manner that accounts for those writes that may occur during a system reboot process when the file system is not available. During the shutdown process, write tracking data is maintained in system memory and is written into storage locations allocated to the tracking file after the file system has been dismounted so that any writes that may occur during the file system dismount can be captured. During the boot process, temporary write tracking data is maintained in system memory even before the file system is mounted so that any writes that may occur immediately after the file system mount can be captured. The temporary write tracking data is later merged with the tracking data contained in the tracking file and the merged tracking data is used to track further writes to the storage device. | 03-25-2010 |
| 20100070978 | VDI Storage Overcommit And Rebalancing - A method for managing storage for a desktop pool is described. The desktop pool includes a plurality of virtual machines (VMs), each VM having at least one virtual disk represented as a virtual disk image file on one of a plurality of datastores associated with the desktop pool. To identify a target datastore for a VM, a weight of each datastore is calculated. The weight may be a function of a virtual capacity of the datastore and the sum of maximum sizes of all the virtual disk image files on the datastore. The virtual capacity is a product of the data storage capacity of the datastore and an overcommit factor assigned to the datastore. The target datastore is selected as the datastore having the highest weight. The VM may is moved to or created on the target datastore. | 03-18-2010 |
| 20100070970 | Policy-Based Hypervisor Configuration Management - At least one target configuration of a host at a virtualization software level is automatically assembled based on a source configuration. A policy based profile describing the source configuration is processed. A configuration specification describing the target configuration is automatically created, based on the policy based profile describing the source configuration. The configuration specification is automatically applied to target configurations, such that the target configuration(s) are compliant with the policy based profile. | 03-18-2010 |
| 20100070870 | Unified Secure Virtual Machine Player and Remote Desktop Client - A virtual machine (VM) is accessed by receiving user log-in information, the log-in information identifying a user and a corresponding VM, the VM having a local copy and a remote copy. A selected copy of the VM is identified based on at least one of a policy and a user selection, the selected copy being one of the local copy and the remote copy of the VM. A desktop generated by the selected copy of the VM is presented to the user in a common application graphical user interface, the common application graphical user interface being used regardless as to whether the selected copy of the VM is the local copy or the remote copy. | 03-18-2010 |
| 20100070784 | Reducing Power Consumption in a Server Cluster - A method of reducing power consumption of a server cluster of host systems with virtual machines executing on the host systems is disclosed. The method includes recommending host system power-on when there is a host system whose utilization is above a target utilization, and recommending host system power-off when there is a host system whose utilization is below the target utilization. Recommending host system power-on includes calculating impact of powering on a standby host system with respect to reducing the number of highly-utilized host systems in the server cluster. The impact of powering on is calculated by simulating moving some virtual machines from highly utilized host systems to the standby host system being recommended to be powered on. Recommending host system power-off includes calculating impact of powering off a host system with respect to decreasing the number of less-utilized host systems in the server cluster. The impact of powering off is calculated by simulating moving all virtual machines from the host system, which is being recommended to be powered-off, to less-utilized host systems. | 03-18-2010 |
| 20100070678 | Saving and Restoring State Information for Virtualized Computer Systems - Prior to or while the state of a virtual machine (“VM”) is being saved, such as in connection with the suspension or checkpointing of a VM, a set of one or more “active” memory pages is identified, this set of active memory pages comprising memory pages that are in use within the VM before operation of the VM is suspended. This set of active memory pages may constitute a “working set” of memory pages. To restore the state of the VM and resume operation, in some embodiments, (a) access to persistent storage is restored to the VM, device state for the VM is restored, and one or more of the set of active memory pages are loaded into physical memory; (b) operation of the VM is resumed; and (c) additional memory pages from the saved state of the VM are loaded into memory after operation of the VM has resumed. | 03-18-2010 |
| 20100070677 | System and Method for Reducing Communication Overhead Between Network Interface Controllers and Virtual Machines - Available buffers in the memory space of a guest operating system of a virtual machine are provided to a network interface controller (NIC) for use during direct memory access (DMA) and the guest operating system is notified accordingly when data is written into such available buffers. These capabilities obviate the requirement of using hypervisor memory as a staging area to determine which virtual machine to forward incoming data. | 03-18-2010 |
| 20100057750 | File Transfer Using Standard Blocks and Standard-Block Identifiers - Instead of transferring a large original file, such as a virtual-machine image file, from a source system to a target system, the original file is encoded to define a recipe file that is transferred. The recipe is then decoded to yield a duplicate of the original file on the target system. Encoding involves identifying standard blocks in the original file and including standard-block identifiers for the standard blocks in the recipe in lieu of the original blocks. Decoding involves an exchange with a standard-block identifier server system, which provides standard blocks in response to received standard-block identifiers. | 03-04-2010 |
| 20100050190 | SELECTIVE CLASS HIDING IN OPEN API COMPONENT ARCHITECTURE SYSTEM - Methods, systems and computer readable media for granting class level trust in an open application programming interface (API) system is disclosed. The method includes defining a common information model (CIM) architecture, and the CIM architecture is configured with a CIM managed object (CIMOM) for managing client requests made through APIs. The APIs are handled by the CIMOM and the CIMOM accesses schemas that include one or more classes. The method includes applying trust level settings to particular ones of the one or more classes of the schemas, and the trust level settings define client permissions to the particular classes. The method further includes hiding the particular classes to clients that lack a trust level sufficient to access the particular classes. Clients that lack the trust level are serviced with classes that do not have the applied trust level settings. | 02-25-2010 |
| 20100050171 | RESOURCE MANAGEMENT SYSTEM AND APPARATUS - A computer implemented method for efficiently allocating resources for an enterprise server system through a proportional integral derivative scheme is provided. The method includes defining a set point parameter for a resource being allocated and defining a proportional gain parameter, a proportional integral (PI) gain parameter and a proportional integral derivative (PID) gain parameter in terms of the proportional gain parameter. The method further includes calculating an initial maximum allocation for the resource based on a product of the proportional gain parameter with a difference of an initial operating parameter and the set point parameter and adjusting the initial operating parameter to the initial maximum allocation. A next allocation of the resource is calculated based on a product of the proportional gain parameter with the difference of an initial operating parameter and the set point parameter and a difference of the set point with a current operating parameter. The initial maximum allocation is adjusted with a next allocation. | 02-25-2010 |
| 20100050170 | Access to Data for Virtual Devices - One embodiment of the present invention is a method for a virtual machine to access data from a virtual device, the method including: (a) attaching the virtual device to the virtual machine with a backing store that is a virtual image of a file system conforming to a predetermined file system format, wherein: (i) file system data is stored in one or more files, (ii) the virtual image includes metadata stored apart from the file system data, which metadata corresponds to the predetermined file system format, (iii) the metadata includes one or more directory records, and (iv) the one or more directory records include information that points directly or indirectly to the file system data; (b) issuing a read request for a block of data from the file system as if stored in the predetermined file system format; (c) accessing the metadata and determining the location of the requested block of data in the file system data; and (d) retrieving the requested block of data from the file system data. | 02-25-2010 |
| 20100049930 | Managing Backups Using Virtual Machines - One embodiment is a method for providing incremental backups for a source computing machine, the method including: (a) creating a first backup snapshot including a virtual machine (VM) snapshot of an initial copy of a source computing machine volume, wherein said VM snapshot includes a timestamp and a first redo log file; (b) reconfiguring and customizing said first backup snapshot to create a first bootable VM, writing changes associated with said reconfiguring and customizing into said first redo log file, then creating a first bootable snapshot including a VM snapshot of said first bootable VM, wherein said VM snapshot of said first bootable VM includes a timestamp for said first bootable VM and a redo log file; (c) performing an incremental update of said first backup snapshot or a subsequent backup snapshot, then creating a subsequent backup snapshot including a VM snapshot of said incremental update, wherein said VM snapshot of said incremental update includes a timestamp for said incremental update and a redo log file; and (d) reconfiguring and customizing said subsequent backup snapshot to create a subsequent bootable VM, then creating a subsequent bootable snapshot including a VM snapshot of said subsequent bootable VM, wherein said VM snapshot of said subsequent bootable VM includes a timestamp for said subsequent bootable VM and a redo log file. | 02-25-2010 |
| 20100049899 | MAINTAINING REVERSE MAPPINGS IN A VIRTUALIZED COMPUTER SYSTEM - For a virtual memory of a virtualized computer system in which a virtual page is mapped to a guest physical page which is backed by a machine page and in which a shadow page table entry directly maps the virtual page to the machine page, reverse mappings of guest physical pages are optimized by removing the reverse mappings of certain immutable guest physical pages. An immutable guest physical memory page is identified, and existing reverse mappings corresponding to the immutable guest physical page are removed. New reverse mappings corresponding to the identified immutable guest physical page are no longer added. | 02-25-2010 |
