The Distributed Software Defined Network (dSDN) disclosed herein is an end-to-end architecture that enables secure and flexible programmability across a network with full lifecycle management of services and infrastructure applications (fxDeviceApp). The dSDN also harmonizes application deployment across the network independent of the hardware vendor. As a result, the dSDN simplifies the network deployment lifecycle from concept to design to implementation to decommissioning.

The Distributed Software Defined Network (dSDN) disclosed herein is an end-to-end architecture that enables secure and flexible programmability across a network with full lifecycle management of services and infrastructure applications (fxDeviceApp). The dSDN also harmonizes application deployment across the network independent of the hardware vendor. As a result, the dSDN simplifies the network deployment lifecycle from concept to design to implementation to decommissioning.

A non-transitory computer readable media, methods, system and network function virtualization orchestrator can be used to instantiate a network service operating as at least a portion of a network slice. A network service descriptor describing the network service comprises at least one service deployment flavor; zero or more sharing allowed attribute defining if the network service or constituent instances of the network service is allowed to be shared with another network service instance, or with its constituent instances; and zero or more external placement rule attribute defining if the network service or constituent instances of the network service, is affine or anti-affine with current and future other network service or constituent instances of the current and future other network service.

A non-transitory computer readable media, methods, system and network function virtualization orchestrator can be used to instantiate a network service operating as at least a portion of a network slice. A network service descriptor describing the network service comprises at least one service deployment flavor; zero or more sharing allowed attribute defining if the network service or constituent instances of the network service is allowed to be shared with another network service instance, or with its constituent instances; and zero or more external placement rule attribute defining if the network service or constituent instances of the network service, is affine or anti-affine with current and future other network service or constituent instances of the current and future other network service.

A device monitors, for a software-defined networking wide area network (SD-WAN) deployment, a set of virtualized network services of the SD-WAN deployment, and applies a set of diagnostic tests to evaluate the set of virtualized network services. The device detects, based on monitoring the set of virtualized network services and in connection with applying the set of diagnostic tests, an event associated with a virtualized network service. The device analyzes, using an analytics model of SD-WAN operation, the event to identify an issue associated with the virtualized network service, and determines, based on the analytics model of SD-WAN operation, a recommendation relating to remediating the issue. The device generates an abstraction layer user interface to represent the set of virtualized network services and to convey the recommendation relating to remediating the issue, and implements, after providing the abstraction layer user interface, the recommendation to remediate the issue.

A high performance computing environment includes a plurality of computing resources, a plurality of tenant clouds organized from the plurality of computing resources, and an Infrastructure as a Service resource manager. The Infrastructure as a Service resource manager further includes a plurality of Infrastructure as a Service system interfaces and a portal. In operation, a cloud user interacts over a secure link and through the portal with the Infrastructure as a Service system interfaces to perform cloud tasks relative to a particular one of a plurality of tenant clouds of the high performance computing environment.

Presented herein are techniques to provide an endpoint in a multi-site Software-defined network (SDN) fabric with an Internet access route that is optimal for the specific site in which the endpoint is located. In particular, a control plane node in a first site of a multi-site SDN fabric registers a border node in the first site as a Default Egress Tunnel Router (ETR) for Internet access or unknown endpoint identifier (EID) of the first site. The first site includes at least one endpoint. The control plane node receives a request for Internet access for the at least one endpoint and provides a dynamically-selected Internet access route via a same or different virtual instance (e.g., Virtual Routing and Forwarding (VRF) function(s), Virtual Private Network(s) (VPNs), Virtual Networks (VNs), etc.) for Internet traffic sent by the at least one endpoint.

Techniques for preventing concurrent execution of an infrastructure orchestration service are described. Worker nodes can receive instructions, or tasks, for deploying infrastructure resources and can provide heartbeat notifications to scheduler nodes, also considered a lease. A signing proxy can track the heartbeat notifications sent from the worker nodes to the scheduler node. The signing proxy can receive requests corresponding to a performance of the tasks assigned to the worker nodes. The signing proxy can determine whether the lease between each worker node and the scheduler is valid. If the lease is valid, the signing proxy may make a call to services on behalf of the worker node, and if the lease is not valid, the signing proxy may not make a call to services on behalf of the worker node. Instead, the signing proxy may cut off all outgoing network traffic, blocking access of the worker node to services.

A system and a method for monitoring and detecting drifts and configuration changes in an infrastructure that facilitates the availability of software applications to a large organization are provided. The method includes: obtaining metric information that indicates values of various parameters that relate to the infrastructure; comparing the obtained metric information with expected values thereof; determining whether a drift has occurred based on a result of the comparison; and providing a notification of a detected drift. When a drift is detected, a potential remedy may be diagnosed and automatically applied.

Systems and methods for transparent high availability for customer virtual machines using a hypervisor-based side channel bonding and monitoring are disclosed herein. The method can include creating a network path bond between at least one compute instance and a plurality of Network Virtualization Devices (“NVD”), the network path bond including a plurality of network paths, each network path connecting the compute instance with the Virtualized Network Interface Card (“VNIC”) of one of the plurality of NVDs, identifying a first one of the network paths as an active network path and a second one of the network paths as an inactive network path, performing a health check on the active network path, determining that the active network path failed the health check, marking the first one of the network paths as failed subsequent to determining that the active network path failed the health check, and identifying the second one of the network paths as the active network path.