Inflight transactions having predictable pod failure in distributed computing environments are managed by integrating a transaction manager into pods having containers running applications in a distributed computing environment, wherein the transaction manager records a transaction log having data indicative of historical pod failure. A pod health check that is also integrated into the pods determines predictive pod failure scenarios from the data of historical pod failure in the transaction log. Pod health can be tracked using the pod health checker by matching the predictive pod failure scenarios to transaction calls. Calls may be sent to a load balancer for recovery of pod failure for transaction calling match the predictive pod failure scenarios. Pods can be configured recover for the predictive pod failure.

A state management server applies configuration information to a set of virtual computer system instances in accordance with one or more limitations specified by an administrator. In an embodiment, the limitations include a velocity parameter that limits the number of virtual computer system instances to which the configuration may be applied concurrently. In an embodiment, the limitations include an error threshold that stops the application of the configuration if the number of configuration failures meets or exceeds the error threshold. In an embodiment, the set of virtual computer systems is identified by providing a list of the individual virtual computer system instances, or by specifying one or more tags that are associated with the virtual computer systems in the set. In an embodiment, the administrator is able to specify that an association be applied according to a predetermined schedule.

A system and method for securing virtual cloud assets in a cloud computing environment against cyber threats. The method includes: determining a location of a snapshot of at least one virtual disk of a protected virtual cloud asset, wherein the virtual cloud asset is instantiated in the cloud computing environment; accessing the snapshot of the virtual disk based on the determined location; analyzing the snapshot of the protected virtual cloud asset to detect potential cyber threats risking the protected virtual cloud asset; and alerting detected potential cyber threats based on a determined priority.

Examples described herein are generally directed to backing up and restoring of container clusters. According to an example, the conventional tight coupling between namespaces and tenants is eliminated by providing within a container platform a tenant abstraction for each tenant of the container platform that shares resources of a container cluster. The tenant abstraction for a given tenant includes information indicative of a subset of namespaces of the container cluster assigned to the given tenant. Responsive to receipt via a user interface of the container platform of a request to backup a particular tenant of the container platform: the container platform determines the subset of namespaces assigned to the particular tenant; and for each namespace, causes a namespace-level backup/recovery tool to backup object data for the namespace within a backup location, and backup data associated with persistent volume claims for each unit of cluster replication within the namespace.

A methodology for assigning an identity to a plurality of unsupervised machine learning based applications is disclosed. In a computer-implemented method, a machine learning based discovery of a plurality of unsupervised machine learning based applications spanning across a plurality of diverse components in a computing environment is received. A persistent unique identifier is assigned to each of the plurality of unsupervised machine learning based applications. It is then determined which of the plurality of diverse components in the computing environment is operating with each of the plurality of unsupervised machine learning based applications.

Techniques are disclosed relating to monitoring behavior of a computing system shared by multiple tenants. In some embodiments, a computer cluster is maintained that hosts containers accessible to a plurality of tenants of the computer cluster. First telemetry data collected about a particular one of the plurality of tenants is received from a container hosted at a first of a plurality of servers of the computer cluster. The first telemetry data identifies the particular tenant's consumption of a resource provided by the container. In response to the computer cluster migrating the container from the first server to a second of the plurality of servers, second telemetry data collected about the particular tenant's consumption of the resource is received from the migrated container hosted at the second server. An analysis is performed of the first and second telemetry data to identify whether the particular tenant's consumption of the resource has changed.

A plurality of computing devices are communicatively coupled to each other via a network, and each of the plurality of computing devices is operably coupled to one or more of a plurality of storage devices. A plurality of failure resilient address spaces are distributed across the plurality of storage devices such that each of the plurality of failure resilient address spaces spans a plurality of the storage devices. The plurality of computing devices maintains metadata that maps each failure resilient address space to one of the plurality of computing devices. The metadata is grouped into buckets. Each bucket is stored in a group of computing devices. However, only the leader of the group is able to directly access a particular bucket at any given time.

Techniques are disclosed for dynamic access and instrumentation of model specific registers (MSRs). A virtual machine monitor (VMM) can provide a kernel application program interface (API) that can be utilized to access and instrument an MSR. A method may include receiving, by the VMM, an MSR instrumentation command that identifies an MSR to instrument and causing instrumentation of the MSR identified in the MSR instrumentation command. Instrumentation of the identified MSR can be caused by configuring or manipulating a virtual machine control structure (VMCS) of a guest virtual machine (VM). The MSR instrumentation command may be an MSR instrumentation request command, an MSR remove request command, an MSR value set request command, or an MSR value fetch request command. In some cases, the VMM may be a Type-I hypervisor.

According to aspects of the present disclosure, systems and methods can be provided to recover from memory errors that occur during or following a virtual machine migration. Methods, computer program products and/or systems are provided for handling memory error that perform the following operations: (i) obtaining a memory address that triggered an uncorrected error on a first host associated with a virtual machine migration; (ii) computing a page associated with the memory address; (iii) determining if a copy of the page associated with the memory address is available on a second host associated with the virtual machine migration; (iv) obtaining data from the copy of the page on the second host; and (v) generating a new page on the first host with the data obtained from the second host.

A computer implemented method comprises receiving a request to provision a container as a software container on a current node of the cluster. The method further comprises accessing a performance information data store (PIDS) to obtain a record associated with the container that includes benchmarked performance metrics including container-required resources associated with a benchmark-specified node of the container. The method further comprises accessing the PIDS to obtain a record associated with the current node of the cluster that includes current-node performance metrics associated with the current node. The method further comprises comparing the benchmarked performance metrics with the current node performance metrics to determine that a difference exists, and conditioned upon the difference existing adjusting, with a resource adjustment calculator, the container-required resources based on the determination of how much of a difference exists. The method then provisions the container on the current node with adjusted container-required resources.