Provided is a method, a computer program product, and a system for providing perfect forward secrecy in virtual machines. The method includes receiving a secure memory allocation function from an application, including a connection secret to be stored in memory. The method further includes allocating memory for the connection secret according to the memory size parameter and storing an entry relating to the connection secret in a secure database. The memory information includes a memory location and a memory size of the memory. The method also includes monitoring an operation state relating to the virtual machine. The method further includes receiving, from the application, a secure deallocation function relating to the connection secret and retrieving the memory information from the secure database. The method also includes deleting the connection from the memory and sanitizing the memory location logged by the memory information.

A method for managing specialized hardware resources includes obtaining, by a disaster recovery (DR) virtual resource agent, a request for a DR environment for a set of virtual resources in a primary site, in response to the request: monitoring the primary site to obtain virtual workload information corresponding to the set of virtual resources, performing a workload analysis on the set of virtual resources in the primary site using the virtual workload information to obtain a virtual resource mapping of each virtual resource in the primary site to a tiered component in the DR environment, and initiating a DR environment allocation of DR virtual resources based on the virtual resource mapping.

A “backup services container” comprises “backup toolkits,” which include scripts for accessing containerized applications plus enabling utilities/environments for executing the scripts. The backup services container is added to Kubernetes pods comprising containerized applications without changing other pod containers. For maximum value and advantage, the backup services container is “over-equipped” with toolkits. The backup services container selects and applies a suitable backup toolkit to a containerized application to ready it for a pending backup. Interoperability with a proprietary data storage management system provides features that are not possible with third-party backup systems. Some embodiments include one or more components of the proprietary data storage management within the illustrative backup services container. Some embodiments include one or more components of the proprietary data storage management system in a backup services pod configured in a Kubernetes node. All configurations and embodiments are suitable for cloud and/or non-cloud computing environments.

A request is received to schedule a new software process. Description data associated with the new software process is retrieved. A workload resource prediction is requested and received for the new software process. A landscape directory is analyzed to determine a computing host in a managed landscape on which to load the new software process. The new software process is executed on the computing host.

Example implementations relate to determining and implementing a feasible resource optimization plan for public cloud consumption. Telemetry data over a period of time is obtained for a current deployment of virtual infrastructure resources within a current data center of a cloud provider that supports an existing service and an application deployed on the virtual infrastructure resources. Information regarding a set of constraints to be imposed on a resource optimization plan is obtained. Indicators of resource consumption relating to the currently deployed virtual infrastructure resources during the period of time are identified by applying a deep learning algorithm to the telemetry data. A resource optimization plan is determined that is feasible within the set of constraints based on a costing model associated with resources of an alternative data center of the cloud provider, the indicators of resource consumption and costs associated with the current deployment.

Workload profiling can be used in a distributed computing environment for automatic performance tuning. For example, a computing device can receive a performance profile for a workload in a distributed computing environment. The performance profile can indicate resource usage by the workload in the distributed computing environment. The computing device can determine a performance bottleneck associated with the workload based on the resource usage specified in the performance profile. A tuning profile can be selected to reduce the performance bottleneck associate with the workload. The computing device can output a command to adjust one or more properties of the workload in accordance with the tuning profile to reduce the performance bottleneck associated with the workload.

A first forwarding VM may execute in a first availability zone and have a first IP address. Similarly, a second forwarding VM may execute in a second availability zone and have a second IP address. The first and second IP addresses may be recorded with a cloud DNS web service of a cloud provider such that both receive requests from applications directed to a particular DNS name acting as a single endpoint. A service cluster may include a master VM node and a standby VM node. An IPtable in each forwarding VM may forward a request having a port value to a cluster port value associated with the master VM node. Upon a failure of the master VM node, the current standby VM node may be promoted to execute in master mode and the IPtables may be updated to now forward requests having the port value to a cluster port value associated with the newly promoted master VM node (which was previously the standby VM node).

A system includes a cluster of nodes, memory, and a processor, where the cluster includes an application programming interface (API) server and one or more components. The processor is configured to initialize an interface to the API server, where the interface is operable to send status information from the one or more components within the cluster via a single output stream. The API server is configured to modify the single output stream of the API server to output status information associated with a first component of the one or more components within the cluster. The status information is aggregated and it is determined whether the cluster is at a failure point. In response to determining that the cluster is at a failure point, an execution signal is set to false, where the execution signal is accessible to an automation tool in communication the cluster.

Technologies for deploying virtual machines (VMs) in a virtual network function (VNF) infrastructure include a compute device configured to collect a plurality of performance metrics based on a set of key performance indicators, determine a key performance indicator value for each of the set of key performance indicators based on the collected plurality of performance metrics, and determine a service quality index for a virtual machine (VM) instance of a plurality of VM instances managed by the compute as a function each key performance indicator value. Additionally, the compute device is configured to determine whether the determined service quality index is acceptable and perform, in response to a determination that the determined service quality index is not acceptable, an optimization action to ensure the VM instance is deployed on an acceptable host of the compute device. Other embodiments are described herein.

Container images are managed in a clustered container host system with a shared storage device. Hosts of the system each include a virtualization software layer that supports execution of virtual machines (VMs), one or more of which are pod VMs that have implemented therein a container engine that supports execution of containers within the respective pod VM. A method of deploying containers includes determining, from pod objects published by a master device of the system and accessible by all hosts of the system, that a new pod VM is to be created, creating the new pod VM, and spinning up one or more containers in the new pod VM using images of containers previously spun up in another pod VM, wherein the images of the containers previously spun up in the other pod VM are stored in the storage device.