Systems and methods for creating virtual machine snapshots. An example method comprises: receiving a request to create a snapshot of a virtual machine running on a host computer system; protecting from modification a plurality of virtual memory pages of the virtual machine; responsive to detecting an attempt to modify a virtual memory page of the plurality of memory pages, copying the virtual memory page to a queue residing in a random access memory (RAM) of the host computer system; making the virtual memory page writable; retrieving the virtual memory page from the queue; writing the virtual memory page to a disk of the host computer system; and responsive to exhausting the queue, completing creation of the snapshot of the virtual machine.

The present disclosure relates to computer-implemented methods, software, and systems for providing extension application mechanisms. Memory is allocated for a virtual environment to run in an address space of an application that is to be extended with extension logic in a secure manner. The virtual environment is configured for execution of commands related to an extension functionality of the application. A virtual processor for an execution of a command of the commands is initialized at the virtual environment. The virtual processor is operable to manage one or more guest operating systems (OS). A first guest OS is loaded at the allocated memory and application logic of the extension functionality is copied into the allocated memory. The virtual environment is started to execute the first guest OS and the application logic of the extension functionality in relation to associated data of the application in the allocated memory.

Aspects of the present disclosure relate to flexible and automatic provisioning of virtual instances in a virtual network using single-root input/output virtualization. A device pool is defined that is associated with a virtual entity, such as a virtual switch, in a data center. The device pool identifies available physical hardware devices of one or more host machines, such physical network interfaces connected to the virtual switch, and the device pool is associated with the virtual entity. When a virtual computing instance is connected to the virtual entity, such as when initialized or after migrating between hosts, one or more physical hardware devices are automatically assigned from the device pool to the virtual computing instance based on the association of the device pool to the connected virtual entity. Thus, VMs can be flexibly and automatically provisioned with SR-IOV physical hardware when migrating between hosts using SR-IOV.

Systems and methods for performing selection of non-uniform memory access (NUMA) nodes for mapping of virtual central processing unit (vCPU) operations to physical processors are provided. A CPU scheduler evaluates the latency between various candidate processors and the memory associated with the vCPU, and the size of the working set of the associated memory, and the vCPU scheduler selects an optimal processor for execution of a vCPU based on the expected memory access latency and the characteristics of the vCPU and the processors. The systems and methods further provide for monitoring system characteristics and rescheduling the vCPUs when other placements provide improved performance and efficiency.

A secondary pool of VMs is used to run secondary services or jobs, which may be evicted upon failure of a corresponding primary VM. Upon detection of a failure of a primary resource, the secondary services or jobs are evicted from secondary pool resources, and the secondary pool resources can be automatically allocated to the jobs of the failed primary resource. In this regard, a secondary job may be thought of as a preemptible job and comprises services or jobs that are lower priority than the service or job on the primary resource. By using computing resources in the secondary pool to run secondary or preemptible jobs, this technology makes use of what would be otherwise idle resources. This beneficially avoids having to allocate additional and separate computing resources for secondary jobs, leads to more efficient use of network resources, and reduces costs.

Systems, apparatuses and methods may provide for technology that associates a key domain of a plurality of key domains with a customer boot image, receives the customer boot image from the customer, and verifies the integrity of the customer boot image that is to be securely installed at memory locations determined from an untrusted privileged entity (e.g., a virtual machine manager).

A system is provided and includes a plurality of machines. The plurality of machines includes a first generation machine and a second generation machine. Each of the plurality of machines includes a machine version. The first generation machine executes a first virtual machine and a virtual architecture level. The second generation machine executes a second virtual machine and the virtual architecture level. The virtual architecture level provides a compatibility level for a complex interruptible instruction to the first and second virtual machines. The compatibility level is architected for a lowest common denominator machine version across the plurality of machines. The compatibility level includes a lowest common denominator indicator identifying the lowest common denominator machine version.

An interrupt signal is provided to a first guest operating system. A bus attachment device receives an interrupt signal from a bus connected module with an interrupt target ID identifying a processor assigned for use by the guest operating system as a target processor for handling the interrupt signal. The bus attachment device translates the received interrupt target ID to a logical processor ID of the target processor using an interrupt table entry stored in a memory section assigned to a second guest operating system hosting the first operating system and forwards the interrupt signal to the target processor for handling. The logical processor ID of the target processor is used to address the target processor directly.

Methods for supporting wide and efficient front-end operation with guest architecture emulation are disclosed. As a part of a method for supporting wide and efficient front-end operation, upon receiving a request to fetch a first far taken branch instruction, a cache line that includes the first far taken branch instruction, a next cache line and a cache line located at the target of the first far taken branch instruction is read. Based on information that is accessed from a data table, the cache line and either the next cache line or the cache line located at the target is fetched in a single cycle.

A method may include establishing a connection between a debugger native to a host operating system and an agent of a virtual machine executing a guest operating system. The host operating system and the guest operating system are of different kernel types. The method may also include receiving, from the agent, information pertaining to the guest operating system. The method may also include performing, using the debugger on the host operating system, non-native system debugging of the guest operating system based on the information pertaining to the guest operating system.