A computer-implemented method for building socket transferring between containers in cloud-native environments by using kernel tracing techniques is provided including probing a connection-relevant system call event by using an eBPF to collect and filter data at a router, creating a mirror call at a host namespace with a dummy server and dummy client by creating the dummy server with mirror listening parameters, sending a server host address mapping to overlay the server host address to the client coordinator in an overlay process, and creating and connecting the dummy client to return a client host address to the server coordinator. The method further includes transferring mirror connections to the overlay process via a forwarder by temporary namespaces entering and injecting socket system calls and probing a transfer call event to map an overlay socket with a transferred dummy socket to activate duplication when the overlay socket is not locked.

Embodiments described herein provide for an election procedure, in a high availability (“HA”) environment, for a backup controller to assume operations performed by a master controller in the event that the master controller becomes unreachable. The master controller may be associated with (e.g., provisioned on) the same set of hardware as one or more worker nodes, and may control operation of the one or more worker nodes. The election procedure may be performed based on performance metrics, location, or efficiency metrics associated with candidate backup controllers (e.g., cloud-based backup controllers), including performance of communications between particular backup controllers and the one or more worker nodes.

Various techniques for emulating edge locations in cloud-based networks are described. An example method includes generating an emulated edge location in a region. The emulated edge location can include one or more first computing resources in the region. A host in the region may launch a virtualized resource a portion of the one or more first computing resources. Output data that was output by the virtualized resource in response to input data can be received and reported to a user device, which may provide a request to migrate the virtualized resource to a non-emulated edge location. The non-emulated edge location may include one or more second computing resources that are connected to the region by an intermediary network. The virtualized resource can be migrated from the first computing resources to at least one second computing resource in the non-emulated edge location.

Disclosed are embodiments for injecting sidecar proxy capabilities into non-sidecar applications, allowing such non-sidecar applications to communicate with a service mesh architecture. In an embodiment, a method comprises receiving a request to instantiate a proxy for a non-sidecar application at a service mesh gateway (SMG). The SMG then instantiates the proxy in response to the request and broadcasts network information of the non-sidecar application to a mesh controller deployed in a containerized environment. Finally, the SMG (via the proxy) transmits data over a control plane that is communicatively coupled to the mesh controller.

Data recovery systems and methods utilize object-based storage for providing a data protection and recovery methodology with low recovery point objectives, and for enabling both full recovery and point-in-time based recovery. Data generated at a protected site (e.g., via one or more virtual machines) is intercepted during write procedures to primary storage. The intercepted data is replicated via a replication log, provided as data objects, and transmitted to an object based storage system. During recovery, data objects may be retrieved through point-in-time based recovery directly by the systems of the protected site, and/or data objects may be provided via full recovery, for example, within a runtime environment of a recovery site, with minimal data loss and operation interruption by rehydrating data objects within the runtime environment via low-latency data transfer and rehydration systems.

In one embodiment, a system for managing a virtualization environment includes a set of host machines, each of which includes a hypervisor, virtual machines, and a virtual machine controller, and a data migration system configured to identify one or more existing storage items stored at one or more existing File Server Virtual Machines (FSVMs) of an existing virtualized file server (VFS). For each of the existing storage items, the data migration system is configured to identify a new FSVMs of a new VFS based on the existing FSVM, send a representation of the storage item from the existing FSVM to the new FSVM, such that representations of storage items are sent between different pairs of FSVMs in parallel, and store a new storage item at the new FSVM, such that the new storage item is based on the representation of the existing storage item received by the new FSVM.

A method of enhancing security in object based datastores is provided. The method mounts first and second datastores identified, respectively, by first and second datastore identifiers. The first and second datastores include, respectively, first and second namespace objects that are mapped to first and second subfolders in the first and second datastores. A first file within the first subfolder references a first object via a first object identifier, while a second file within the second subfolder references a second object via a second object identifier. The first and second objects are tagged with the first and second datastores' identifiers. The first and second datastores share an underlying storage and may be configured to have separate access permissions. The method receives a command to access the first object via a datastore identifier, compares the datastore identifier with the first datastore identifier, and if they match, allows access to the first object.

A method for containerized workload scheduling can include determining a network state for a first hypervisor in a virtual computing cluster (VCC). The method can further include determining a network state for a second hypervisor. Containerized workload scheduling can further include deploying a container to run a containerized workload on a virtual computing instance (VCI) deployed on the first hypervisor or the second hypervisor based, at least in part, on the determined network state for the first hypervisor and the second hypervisor.

The disclosure provides a method for managing multiple operating systems in a terminal. The terminal includes multiple operating systems and a management system. The management system is configured to manage the multiple operating systems. The management system includes a cross-system application database. The method includes: when a first operating system in the multiple operating systems runs in a foreground, and a second operating system in the multiple operating systems runs in a background, if the second operating system receives a first message of a first application in the second operating system, sending, by the second operating system, a notification message to the management system; storing, by the management system, the notification message into the cross-system application database; and listening, by the first operating system, on the cross-system application database, and outputting a prompt of the first message when listening and obtaining the notification message.

A system and method for backing up workloads for multiple tenants of a cloud computing system are disclosed. A method of backing up workloads for multiple tenants of a computing system includes triggering an archival process according to an archival policy set by a tenant, and executing the archival process by reading backup data of the tenant stored in a backup storage device of the computer system and transmitting the backup data to an archival store designated in the archival policy, and then deleting or invalidating the backup data stored in the backup storage device.