A network slice creation method and apparatus, and a packet forwarding method and apparatus are provided. The network slice creation method includes: respectively configuring Traffic Engineering (TE) affinity attributes for layer-2 member links in a layer-3 bundled link, and flooding the TE affinity attributes of the layer-2 member links by using Interior Gateway Protocol (IGP); and then creating, according to the TE affinity attributes of the layer-2 member links and by using a Flex Algorithm (FA), network slices containing the layer-2 member links.

A dynamic controller to automatically generate layer 3 network connections between devices and/or networks associated with a virtual computing environment in response to a request for such connections is provided such that communications associated with the computing environment may be transmitted between the endpoints. For example, the dynamic controller may connect one or more cloud service provider networks, one or more customer-controlled data centers, one or more customer networks, and the like, based on information provided in a connection request. A layer 3 communication controller may also be instantiated within a core network that manages the flow of communications between the connected networks, such as by translating messages between the connected networks so that messages intended for a connected network may match the supported communication protocols of that network and/or providing one or more security features to the transmitted communications.

Effective management of cloud computing service levels (e.g. availability, performance, security) and financial risk is dependent on the cloud service provider's (CSP's) capability and trustworthiness. The invention applies industry cloud service level agreements (SLAs) with statistical and machine learning models for assessing CSPs and cloud services, and predicting performance and compliance against service levels. Cloud SLAs (ISO/IEC, EC, ENISA), cloud security requirements and compliance (CSA CCM, CAIQ), along with CSP performance (SLAs, cloud services) are analyzed via Graph Theory analysis and MCDA AHP to calculate CSP trustworthiness levels. CSP trustworthiness levels are input with CSP SLA content, cloud service performance measurements and configuration parameters into machine learning Regression analysis models to predict CSP cloud service performance and cloud SLA compliance, and enable model analysis and comparison. This can be used to determine which regression variables provide the highest predictive accuracy, enabling cloud service customers (CSCs) and CSPs opportunities for transparency, traceability and effective governance of cloud service levels, cloud services and management of risk.

According to some embodiments, a system to automate platform provisioning for an enterprise includes a platform resource computer store containing a set of electronic data records (each including a component identifier and a set of computing characteristic values). A profile engine may receive a platform request from a user associated with the enterprise and identify, based on data in the platform resource computer store, a resource bundle of components appropriate in view of the platform request. A platform generator may receive platform requirements based on the identified resource bundle of components and provide input data to a REST API service. Final platform definition information for the enterprise may be stored into a central repository. According to some embodiments, a platform provisioning system may process IaaS and PaaS automation components and utilize a return service to generate infrastructure binding data to couple components in the resource bundle to each other.

Techniques are provided for a high availability solution (e.g., a network attached storage (NAS) solution) with address preservation during switchover. A first virtual machine is deployed into a first domain and a second virtual machine is deployed into a second domain of a computing environment. The first and second virtual machines are configured as a node pair for providing clients with access to data stored within an aggregate comprising one or more storage structures within shared storage of the computing environment. A load balancer is utilized to manage logical interfaces used by clients to access the virtual machines. During switchover, the load balancer preserves an IP address used to mount and access a data share of the aggregate used by a client.

An apparatus and a method for generating a descriptor for a network slice are provided. The apparatus includes a transceiver, a memory storing one or more instructions, and at least one processor configured to execute the one or more instructions stored in the memory to obtain requirements for a network slice, determine at least one of a plurality of network slice templates (NSTs), a plurality of network slice descriptors (NSLDs), or a plurality of network slice instances (NSIs), based on the obtained requirements, when at least one of the plurality of NSTs is determined, determine at least one specific node to substitute for a plurality of abstract nodes included in the at least one of the plurality of NSTs, based on the obtained requirements, and generate a descriptor for a network slice, based on the determined at least one specific node.

Disclosed is a network capability exposure method, which includes receiving a service request sent by a third-party device; determining a type of a network capability required according to the service request; determining a computing task matching the type of the network capability required; determining computing resources exposed by at least one physical device; obtaining a computing resource exposure result based on the computing task and the computing resources exposed by the at least one physical device; acquiring a network capability corresponding to the type of the network capability and the computing resource exposure result; and providing the network capability to the third-party device. Further, a network capability exposure device, a network capability exposure system and a non-transitory computer-readable storage medium are also disclosed.

A method includes receiving a plurality of configurations comprising a first configuration for provisioning a first set of network services at a first resource of an edge device and a second configuration for provisioning a second set of network services at the first resource, a first configuration group identifier identifying a configuration group for the first configuration, and a first network performance parameter for the configuration group. The method further includes determining a performance factor for the first resource providing the first set of network services to one or more client devices. The method further includes, in response to determining that the performance factor does not satisfy the first network performance parameter for the configuration group and that the first configuration group identifier identifies the configuration group for the first configuration, moving the first configuration from the first resource to a second resource of the edge device.

Network interface provisioning of containerized instances based on tenant policies. A network interface assignment process (NIAP) receives a first request to assign a network interface to a first containerized instance comprising at least one container. The NIAP determines that a first tenant of a plurality of different tenants is associated with the first containerized instance. The NIAP accesses a first network assignment tenant policy (NATP) that corresponds to the first tenant. Based on the first NATP, the NIAP assigns, to the first containerized instance, a first network interface via which the first containerized instance can communicate with other containerized instances associated with the first tenant.

Aspects of the present invention disclose a method for deploying an application in a computing environment receiving an application module, determining values of a first set of metadata for the received application module, determining a classification of the received application module based at least in part on the values of the first set of metadata, and determining whether the received application is deployable in at least an off-premise system based at least in part on the classification.