At a first compute instance run on a virtualization host, a local instance scaling manager is launched. The scaling manager determines, based on metrics collected at the host, that a triggering condition for redistributing one or more types of resources of the first compute instance has been met. The scaling manager causes virtualization management components to allocate a subset of the first compute instance's resources to a second compute instance at the host.

System and method for running virtual machines within containers. An example method may include: running, by a host computer system, a hypervisor managing a first virtual machine implemented by a first container with a first set of resources, creating, by the hypervisor, a second container implementing the second virtual machine, wherein the second container is nested within the first container, determining, by the first virtual machine of the first container, one or more of the first set of resources to assign to the second container, and assigning, by the hypervisor, to the second container one or more of the first set of resources.

Embodiments herein describe partitioning hardware and software in a system on a chip (SoC) into a hierarchy. In one embodiment, the hierarchy includes three levels of hardware-software configurations, enabling security and/or safety isolation across those three levels. The levels can cover the processor subsystem with compute, memory, acceleration, and peripheral resources shared or divided across those three levels.

A method of creating containers in a physical host that includes a managed forwarding element (MFE) configured to forward packets to and from a set of data compute nodes (DCNs) hosted by the physical host. The method creates a container DCN in the host. The container DCN includes a virtual network interface card (VNIC) configured to exchange packets with the MFE. The method creates a plurality of containers in the container DCN. The method, for each container in the container DCN, creates a corresponding port on the MFE. The method sends packets addressed to each of the plurality of containers from the corresponding MFE port to the VNIC of the container DCN.

Systems and methods for memory management for virtual machines. An example method may comprise running, by a host computer system, a Level 0 hypervisor managing a Level 1 virtual machine running a Level 1 hypervisor which manages a Level 2 virtual machine. The Level 1 hypervisor may detecting execution of an operation that prevents modification to a set of entries in a Level 2 page table and generate a shadow page table where each shadow page table entry of the plurality of shadow page table entries maps a Level 2 guest virtual address of a Level 2 address space associated with the Level 2 virtual machine to a corresponding Level 1 guest physical address of a Level 1 address space associated with the Level 1 virtual machine. The Level 0 hypervisor may generate a Level 0 page table.

Systems and methods for accelerating hypercalls for nested virtual machines. An example method may comprise executing, by a host computer system, a Level 0 hypervisor managing a Level 1 virtual machine (VM). The Level 0 hypervisor receives a first function component from a Level 2 hypervisor managing a Level 3 VM, where the first function component performs a first functionality associated with a hypercall issued by the Level 3 VM; stores the first function component in a memory space associated with the Level 0 hypervisor; detects the hypercall issued by the Level 3 VM; and responsive to detecting the hypercall, executes the first function component to modify a VM context for the Level 3 VM.

System and method for reducing latency for nested virtual machines. An example method may include: running, by a host computer system, a hypervisor managing a first virtual machine associated with a first virtual processor (vCPU) implemented by a first processing thread, wherein the first virtual machine manages a second virtual machine; creating, by the hypervisor, a second processing thread implementing a second vCPU associated with the second virtual machine; and responsive to receiving an interrupt directed to the second virtual machine, causing, by the hypervisor, the second processing thread to process the interrupt.

A software defined distributed control system (SDCS) in a process plant includes an application layer that includes a plurality of containers instantiated in a data cluster. Each of the containers is an isolated execution environment executing within the local operating system of a respective computing node. The containers cooperate to facilitate execution of a control strategy in the SDCS, and includes a hyper converged infrastructure (HCI) operating across the data cluster, which HCI is configured to communicate with the application layer via an adapter service. The HCI includes software-defined (SD) compute resources, SD storage resources, SD networking resources, and an orchestrator service. The orchestrator service is programmed to configure a first container to include a service executing within the first container. It also assigns the first container to execute on an available hardware resource to control a plurality of field devices operating in the process plant.

A process control system includes a plurality of field devices operating to control a process. A communication infrastructure couples the field devices to a software-defined control system (SDCS) that receives data from the field devices and transmits instructions to the field devices. A data cluster, executing the SDCS, includes a plurality of computing nodes, each of which includes a processor executing an operating system, a memory, and a communication resource coupled to one or more other computing nodes in the data cluster. First and second containers, each of which is an isolated execution environment, are instantiated on a first computing node within the operating system of the first computing node. The second container is instantiated within the first container. The first and second containers correspond to levels of a hierarchical structure of the SDCS.

A software defined (SD) process control system (SDCS) implements controller and other process control-related business logic as logical abstractions (e.g., application layer services executing in containers, VMs, etc.) decoupled from hardware and software computing platform resources. An SD networking layer of the SDCS utilizes process control-specific operating system support services to manage the usage of the computing platform resources and the creation, deletion, modifications, and networking of application layer services with devices disposed in the field environment and with other services, responsive to the requirements and needs of the business logic and dynamically changing conditions of SDCS hardware and/or software assets during run-time of the process plant (such as performance, faults, addition/deletion of hardware and/or software assets, etc.). A visualization system of the SDCS provides a user with a view as to the state of the SDCS as currently configured/running on the computing platform to enable a user to view currently configured interrelationships between logical elements of the control system and other logical and/or physical elements of the control system. The visualization system also provides performance metrics of the system as currently configured to enable a user to understand the operational health of the control system as currently configured.