Virtual application and desktop delivery may be optimized by supplying application metadata and user intent to the device between a client and a server hosting resources for the delivery. The data packets used to deliver the virtual application or desktop may be also tagged with references to the application. By supplying the metadata and tagging packets with the metadata, an intermediary network device may provide streams of data packets at the target QoS. In addition, the device may apply network resource allocation rules (e.g., firewalls and QoS configuration) for redirected content retrieved by the client out of band relative to a virtual channel such as the Internet. The network resource allocation rules may differ for different types of resources accessed. The device may also control a delivery agent on the server to modify communication sessions established through the virtual channels based on network conditions.

Virtual application and desktop delivery may be optimized by supplying application metadata and user intent to the device between a client and a server hosting resources for the delivery. The data packets used to deliver the virtual application or desktop may be also tagged with references to the application. By supplying the metadata and tagging packets with the metadata, an intermediary network device may provide streams of data packets at the target QoS. In addition, the device may apply network resource allocation rules (e.g., firewalls and QoS configuration) for redirected content retrieved by the client out of band relative to a virtual channel such as the Internet. The network resource allocation rules may differ for different types of resources accessed. The device may also control a delivery agent on the server to modify communication sessions established through the virtual channels based on network conditions.

In one embodiment, a method includes receiving a request to establish a path for a data stream from the first network apparatus to a second network apparatus, where the request is associated with a requested bandwidth for the data stream, and where the first network apparatus and the second network apparatus are connected by a link aggregation group including a number of physical links, accessing bandwidth information representing a number of remaining bandwidths of the respective multiple of physical links, determining that the requested bandwidth is not satisfied by any of the number of remaining bandwidths of the number of physical links, and sending a response rejecting the request to establish the path.

In one embodiment, a method includes receiving a request to establish a path for a data stream from the first network apparatus to a second network apparatus, where the request is associated with a requested bandwidth for the data stream, and where the first network apparatus and the second network apparatus are connected by a link aggregation group including a number of physical links, accessing bandwidth information representing a number of remaining bandwidths of the respective multiple of physical links, determining that the requested bandwidth is not satisfied by any of the number of remaining bandwidths of the number of physical links, and sending a response rejecting the request to establish the path.

Some embodiments provide a method of tracking errors in a container cluster network overlaying a software defined network (SDN), sometimes referred to as a virtual network. The method sends a request to instantiate a container cluster network object to an SDN manager of the SDN. The method then receives an identifier of a network resource of the SDN for instantiating the container cluster network object. The method associates the identified network resource with the container cluster network object. The method then receives an error message regarding the network resource from the SDN manager. The method identifies the error message as applying to the container cluster network object. The error message, in some embodiments, indicates a failure to initialize the network resource. The container cluster network object may be a namespace, a pod of containers, or a service.

Systems and methods described herein support compartment quotas in a cloud infrastructure environment. Cloud administrators do not generally have the ability to restrict resource usage in existing clouds. Granting a user permission to create resources allows them to create any number of resources up to a predefined account limit. Compartment quotas allow admins to restrict a user's resource usage to the appropriate level allowing fine-tuned cost control.

Systems and methods described herein support compartment quotas in a cloud infrastructure environment. Cloud administrators do not generally have the ability to restrict resource usage in existing clouds. Granting a user permission to create resources allows them to create any number of resources up to a predefined account limit. Compartment quotas allow admins to restrict a user's resource usage to the appropriate level allowing fine-tuned cost control.

A system and a method are disclosed for receiving, by a server, based on input by a user, a request to lock a set of data. Responsively, the server modifies the set of data to be locked, and determines whether an amount of bandwidth required to index the locked data exceeds a threshold. Responsive to determining that the amount of bandwidth exceeds the threshold, the server instructs a secondary server to allocate bandwidth to index a first portion of the locked data. The server indexes a second portion of the locked data in parallel with the secondary server indexing the first portion of the locked data, and generates an index by collating the indexed first and second portions of the locked data. The server receives a search request for a portion of the locked data, and retrieves the portion of the locked data based on referencing the index.

A system and a method are disclosed for receiving, by a server, based on input by a user, a request to lock a set of data. Responsively, the server modifies the set of data to be locked, and determines whether an amount of bandwidth required to index the locked data exceeds a threshold. Responsive to determining that the amount of bandwidth exceeds the threshold, the server instructs a secondary server to allocate bandwidth to index a first portion of the locked data. The server indexes a second portion of the locked data in parallel with the secondary server indexing the first portion of the locked data, and generates an index by collating the indexed first and second portions of the locked data. The server receives a search request for a portion of the locked data, and retrieves the portion of the locked data based on referencing the index.

Systems and methods for allocating a per-interface access control list (ACL) counter are disclosed. An ACL is applied to a data packet received at an interface of the network element. In response to matching the highest priority ACL rule, a counter value is obtained based on a combination of a base index and an expansion index value. The base index, expansion index, and counter values are stored in their respective tables. The counter value is uniquely associated with the specific ACL rule hit and the interface used to receive the data packet. Systems and methods also allocate a next set of expansion and counter tables when their storage capacity is exceeded. When the next set of tables are allocated, the older set of tables along with their index mappings and entries are preserved.