Capacity-based scaling of queue-based resources is described. Initially, a scaling system measures capacity of service processors that are instantiated at a cloud computing service system to provide a service on behalf of a service provider, and also measures a load on these processors. In contrast to conventional scaling systemswhich base scalings on a number of queued messages which the instantiated service processors process to provide the servicethe scaling system measures the load in terms of not only the number of messages held in a queue but also an input rate of the messages to the queue. The described scaling system then determines whether and by how much to scale the instantiated processors based on this number of messages and input rate. Given this, the scaling system instructs the cloud computing service system how to scale the instantiated service processors to provide the service.

Some embodiments provide a simplified mechanism to deploy and control a multi-segmented application by using application-based manifests that express how application segments of the multi-segment application are to be defined or modified, and how the communication profiles between these segments. In some embodiments, these manifests are application specific. Also, in some embodiments, deployment managers in a software defined datacenter (SDDC) provide these manifests as templates to administrators, who can use these templates to express their intent when they are deploying multi-segment applications in the datacenter. Application-based manifests can also be used to control previously deployed multi-segmented applications in the SDDC. Using such manifests would enable the administrators to be able to manage fine grained micro-segmentation rules based on endpoint and network attributes.

A method for directing messages between a composite user interface and at least one source application. A message is to be directed to a predetermined set of services, each service executes a command specified by the message and the message comprises details of the predetermined set of services. Each service in the predetermined set of services uses said details to determine whether the message should be sent to another service, and if it is determined that the message should be sent to another service transmits the message to an appropriate service.

Embodiments of the present invention provide a method, system and computer program product for the integration of a rules engine with message oriented middleware. In an embodiment of the invention, a method for managing a messaging component in message oriented middleware has been provided. The method includes creating shared memory in the memory of a computer and adding or deleting tokens in the shared memory corresponding to objects such as messages and message queues, created in and removed from, respectively, in a messaging component of message oriented middleware. The method additionally includes applying rules in a rules engine to the tokens in the shared memory. Finally, the method includes directing management operations in the messaging component responsive to the applied rules by the rules engine.

In order to achieve location transparency and routing slip extensibility, a system and a method for orchestrating a web service using Business Process Execution Language are disclosed. The method includes: receiving a message, wherein the message comprises an address identifying an extension element; determining, from the address, a location of the extension element identified by the address; responsive to determining the location of the extension element, directing the message to an appropriate location; and storing the message in a computer readable storage medium.

A socket service may be used to implement client-defined function mappings (e.g., custom protocols) for sockets hosted by the socket service so that when a particular socket is opened for a particular client device, the socket operates according to a particular client-defined function mapping requested by the particular client device. To establish a particular client-defined function mapping, a socket manager may receive request from a user that specifies a particular endpoint (e.g., a client-registered function). When a client device requests a socket to be opened, the client device requests the particular client-defined function mapping to be associated with the socket. When the socket is opened, the endpoint is invoked. The particular client-defined function mapping may also specify one or more receive criteria for data received at the socket. If the one or more receive criteria is met, the endpoint is invoked by sending the data to the endpoint.

Some embodiments of the invention provide a system for defining, distributing and enforcing policies for authorizing API (Application Programming Interface) calls to applications executing on one or more sets of associated machines (e.g., virtual machines, containers, computers, etc.) in one or more datacenters. This system has a set of one or more servers that acts as a logically centralized resource for defining and storing policies and parameters for evaluating these policies. The server set in some embodiments also enforces these API-authorizing policies. Conjunctively, or alternatively, the server set in some embodiments distributes the defined policies and parameters to policy-enforcing local agents that execute near the applications that process the API calls. From an associated application, a local agent receives API-authorization requests to determine whether API calls received by the application are authorized. In response to such a request, the local agent uses one or more parameters associated with the API call to identify a policy stored in its local policy storage to evaluate whether the API call should be authorized. To evaluate this policy, the agent might also retrieve one or more parameters from the local policy storage.

A distributed computer system is provided. The distributed computer system includes at least one sequencer computing node and at least one matcher computing node. Electronic data messages are sequenced by the sequencer and sent to at least matcher computing node. The matcher computing node receives the electronic data messages and a reference value from an external computing source. New electronic data messages are put into a pending list before they can be acted upon by the matcher. A timer is started based on a comparison of the reference value (or a calculation based thereon) to at least one attribute or value of a new electronic data message. When the timer expires, the electronic data message is moved from the pending list to another listwhere it is eligible to be matched against other, contra-side electronic data messages.

An embodiment of the present disclosure includes an RPC architecture that includes a central manager gateway with a client-facing side that allows for client access via web services protocols such as SOAP and REST. The central manager gateway further includes a server-facing side that can communicate with a plurality of network elements, with each network element implementing a common IDL architecture and RPC manager instance. Each of the network elements, and in particular their RPC manager instance, may communicate with other RPC manager instances to learn the network topology for the system and maintain a topology database for purposes of exposing a naming service, e.g., a CORBA naming service. The network elements may elect one master element while the others remain as slaves. The central manager gateway may automatically locate the master network element and forward client requests to the same for servicing.

Some embodiments provide a simplified mechanism to deploy and control a multi-segmented application by using application-based manifests that express how application segments of the multi-segment application are to be defined or modified, and how the communication profiles between these segments. In some embodiments, these manifests are application specific. Also, in some embodiments, deployment managers in a software defined datacenter (SDDC) provide these manifests as templates to administrators, who can use these templates to express their intent when they are deploying multi-segment applications in the datacenter. Application-based manifests can also be used to control previously deployed multi-segmented applications in the SDDC. Using such manifests would enable the administrators to be able to manage fine grained micro-segmentation rules based on endpoint and network attributes.