A system described herein may provide a technique for providing extended container capabilities via helper functions that are executed by an entity with a higher privilege level than that of the containerized process. In order to limit the opportunity for malicious or otherwise unauthorized use of such extended container capabilities, such helper functions may limit enabled arguments and/or otherwise limit utilization of functionality associated with a higher privilege level.

In one embodiment, an agent executed on a device receives performance metrics regarding a transport layer of the device. The agent sends the performance metrics to an application executed on the device. The application makes, based on the performance metrics, a determination indicating one or more adjustments to a packet flow of a plurality of packet flows sent by the application. The application, based on the determination, sends an adjusted packet flow according to the one or more adjustments as part of the plurality of packet flows.

Log information is retrieved from a log of a container running in a virtual machine in response to a request for the log information, by accessing a virtual disk of the virtual machine, reading the log of the container from the virtual disk and preparing the requested log information from the log, and transmitting the requested log information to a virtual machine (VM) management process running in a host computer of the virtual machine for the VM management process to forward to a requestor of the log information. Alternatively, log data of the container running in the virtual machine may be streamed to the VM management process over a virtual socket communication channel that is established between the virtual machine and the VM management process.

A review and retry mechanism ensures a port channel can be configured to provide and maintain a minimum data speed. A timer-based review sequence reviews the constituent interfaces of a port channel to determine if a minimum speed requirement is met. If the minimum speed cannot be fulfilled, the port-channel member interfaces are un-programmed and removed from the port-channel, rendering the port-channel functionally inactive, thereby preventing network traffic loss. A timer-based retry sequence attempts to program the constituent interfaces. The minimum speed requirement of the interfaces is checked in the next review cycle. If the minimum speed requirement is met, then the review and retry mechanism halts and the port channel continues to remain active; otherwise, the interfaces are un-programmed and the process repeats.

Methods and systems may be associated with a cloud computing environment. A serverless function orchestrator may execute a socket activation for a VM to pre-provision a TCP socket (e.g., setting up virtual interfaces and creating socket structures) before the VM hosts any serverless function associated with the pre-provisioned TCP socket. After this socket activation, the orchestrator may receive a request for a first serverless function and, responsive to the received request, start the first serverless function on the VM using the pre-provisioned TCP socket. After the activation and prior to starting the first serverless function, the system may queue packets received in connection with the pre-provisioned TCP socket. In some embodiments, multiple TCP sockets, each associated with a VM, may activated before any serverless functions are hosted and the first serverless function is started on a VM selected based on information in a serverless function experience data store.

A method and data processing system are provided. The data processing system comprises an application associated with a plurality of sockets and a sub-system for making data available to the application via the plurality of sockets. The sub-system is configured to provide in response to a request from the application: an indication of events that have occurred on one or more of the plurality of sockets; and an indication of an order in which the events should be processed.

Server cluster communication across the public internet using a single secure User Datagram Protocol (UDP) is facilitated by an intermediary registry server. The intermediary registry server enables servers within a cluster to identify and securely communicate with peer servers in the cluster across disparate locations and through firewalls Using an external address registry shared to each member of a server cluster peer group, individual servers can establish a direct secure channel using a single UDP tunnel.

Methods, systems, and computer-readable media for providing reliable switching between different transport protocols (e.g., TCP and UDP) are presented herein. In some embodiments, a computing platform may stop transmission over a transport protocol. Subsequently, the computing platform may synchronize buffers between a client and a host. For example, the buffer may include acknowledgments for undelivered reliable packets between the client and the host. Next, the computing platform may resume transmission over a different transport protocol. In some embodiments, when establishing an initial connection between a client and a host, connections may be attempted in parallel over multiple transport protocols. After a connection over a first transport protocol is established, if a connection is later established over a second transport protocol, the connection may be transitioned to the second transport protocol. Also, ticketing semantics may be preserved in the switch between the different transport protocols.

A system having scalable sockets to support User Datagram Protocol (UDP) connections identifies a plurality of UDP connections, wherein a plurality of remote clients connect to corresponding ones of the plurality of UDP connections. Each one of a plurality of UDP sockets is associated with a corresponding one of the plurality of UDP connections. A network stack lookup for UDP packets in network traffic is performed using a network stack to identify the UDP socket corresponding to the remote client associated with each of the UDP packet. The UDP packets are buffered with a send buffer and a receive buffer for the UDP socket corresponding to the remote client associated with the UDP packets as determined by the network stack lookup to support communication over the plurality of UDP connections using the plurality of UDP sockets. The system thereby operates more efficiently and/or is more scalable.

Techniques for using traceroute with tunnels and cloud-based systems for determining measures of network performance are presented. Systems and methods implemented by a traceroute application implementing a Transmission Control Protocol (TCP) stack in a processing device include sending a plurality of TCP packets via a raw socket to perform a trace to a destination; receiving responses to the plurality of TCP packets; detecting the responses in the TCP stack and diverting the responses to the raw socket; and aggregating the responses by the traceroute application to determine details of a service path from the processing device to the destination.