Examples include a method of live migrating a virtual device by creating a virtual device in a virtual machine, creating first and second interfaces for the virtual device, transferring data over the first interface, detecting a disconnection of the virtual device from the virtual machine, switching data transfers for the virtual device from the first interface to the second interface, detecting a reconnection of the virtual device to the virtual machine, and switching data transfers for the virtual device from the second interface to the first interface.

At a first compute instance run on a virtualization host, a local instance scaling manager is launched. The scaling manager determines, based on metrics collected at the host, that a triggering condition for redistributing one or more types of resources of the first compute instance has been met. The scaling manager causes virtualization management components to allocate a subset of the first compute instance's resources to a second compute instance at the host.

An example virtualized computing system includes a host cluster having hosts and a virtualization layer executing on hardware platforms of the hosts, the virtualization layer supporting execution of virtual machines (VMs), the VMs including pod VMs, the pod VMs including container engines supporting execution of containers in the pod VMs; and an orchestration control plane integrated with the virtualization layer, the orchestration control plane including a master server configured to manage the pod VMs and first VMs of the VMs. The virtualized computing system further includes a guest cluster executing in the first VMs and managed by the orchestration control plane, the guest cluster including a guest master server configured to, in cooperation with the master server, deploy first pods in the pod VMs.

Aspects of the subject disclosure may include, for example, instantiating a virtual smartphone in a cloud infrastructure, installing a smartphone application on the virtual smartphone, receiving input sensor data from a physical user device, providing the input sensor data to the smartphone application on the virtual smartphone, receiving output data from the smartphone application on the virtual smartphone, and providing the output data to the physical user device. Other embodiments are disclosed.

System and method for running virtual machines within containers. An example method may include: running, by a host computer system, a hypervisor managing a first virtual machine implemented by a first container with a first set of resources, creating, by the hypervisor, a second container implementing the second virtual machine, wherein the second container is nested within the first container, determining, by the first virtual machine of the first container, one or more of the first set of resources to assign to the second container, and assigning, by the hypervisor, to the second container one or more of the first set of resources.

Various aspects of the subject technology relate to systems, methods, and machine-readable media for automating the recording of an evidentiary history (e.g., versions audit trail) of a graphical user interface with an embedded clickwrap agreement. The snapshot server captures and outputs snapshot records of a graphical user interface displaying the clickwrap agreement on an end user computing platform. The snapshot records are created using a virtual machine that emulates an end user computing platform for navigation of an application rendered on the platform. Aspects may also include generating a snapshot record of metadata associated with the captured snapshot image.

Techniques discussed herein relate to providing composable edge devices. In some embodiments, a user request specifying a set of services to be executed at a cloud-computing edge device may be received by a computing device operated by a cloud computing provider. A manifest may be generated in accordance with the user request. The manifest may specify a configuration for the cloud-computing edge device. Another request can be received specifying the same or a different set of services to be executed at another edge device. Another manifest which specifies the configuration for that edge device may be generated and subsequently used to provision the request set of services on that device. In this manner, manifests can be used to compose the platform to be utilized at any given edge device.

A network functions virtualization management and orchestration system with a VNF descriptor (VNFD) including a information element that allows an instance created based on the VNFD to be distinguished by name. The information element includes an information element of a VM name that describes a naming rule for a virtual machine (VM).

An orchestrator apparatus includes: a virtualized infrastructure control unit that supplies information about a virtual network created by one of first and second virtualized infrastructure management units to the other virtualized infrastructure management unit and causes the other virtualized infrastructure management unit to create a virtual network virtually connectable to the virtual network created by said one virtualized infrastructure management unit; and a virtual machine creation control unit that causes, when a virtual machine is created on the second virtualized infrastructure, an address management function of the first virtualized infrastructure management unit to create an address(es) that is to set in a virtual port of the virtual machine, supplies the address(es) to the second virtualized infrastructure, and causes the second virtualized infrastructure management unit to create a virtual machine on the second virtualized infrastructure.

According to some embodiments, an overall chain-of-trust may be established for an industrial control system. Secure hardware may be provided, including a hardware security module coupled to or integrated with a processor of the industrial control system to provide a hardware root-of-trust. Similarly, secure firmware associated with a secure boot mechanism such that the processor executes a trusted operating system, wherein the secure boot mechanism includes one or more of a measured boot, a trusted boot, and a protected boot. Objects may be accessed via secure data storage, and data may be exchanged via secure communications in accordance with information stored in the hardware security model.