A unique embedded system is disclosed that locally operates an application virtual machine (VM) and a system VM in isolation from each other. The application VM executes application-specific code for a given purpose of the embedded system. The system VM executes a host operating system (OS) and various security, compatibility, and updating functions independent of the application VM. Each VM is connected to its own unique hardware on the embedded system to ensure that changes to the application code or the system code do not impact the other.

A method for fetching a content from a web server to a client device is disclosed, using tunnel devices serving as intermediate devices. The tunnel device is selected based on an attribute, such as IP Geolocation. A tunnel bank server stores a list of available tunnels that may be used, associated with values of various attribute types. The tunnel devices initiate communication with the tunnel bank server, and stays connected to it, for allowing a communication session initiated by the tunnel bank server. Upon receiving a request from a client to a content and for specific attribute types and values, a tunnel is selected by the tunnel bank server, and is used as a tunnel for retrieving the required content from the web server, using standard protocol such as SOCKS, WebSocket or HTTP Proxy. The client only communicates with a super proxy server that manages the content fetching scheme.

Methods and apparatus to select virtualization environments are disclosed. An example apparatus includes a logic circuit, a workload analyzer to determine characteristics of a virtualized application, a score generator to compare the characteristics of the virtualized application to a plurality of virtualization environment types to determine scores for each of the plurality of virtualization environment types, the scores based on rules that identify different scores for combinations of characteristics and virtualization environment types, and a workload deployer to deploy the virtualized application using one of the plurality of virtualization environment types based on the scores.

A method for fetching a content from a web server to a client device is disclosed, using tunnel devices serving as intermediate devices. The tunnel device is selected based on an attribute, such as IP Geolocation. A tunnel bank server stores a list of available tunnels that may be used, associated with values of various attribute types. The tunnel devices initiate communication with the tunnel bank server, and stays connected to it, for allowing a communication session initiated by the tunnel bank server. Upon receiving a request from a client to a content and for specific attribute types and values, a tunnel is selected by the tunnel bank server, and is used as a tunnel for retrieving the required content from the web server, using standard protocol such as SOCKS, WebSocket or HTTP Proxy. The client only communicates with a super proxy server that manages the content fetching scheme.

Methods, apparatus and articles of manufacture for dynamically extending a cloud management system by adding endpoint adapter types are disclosed. An example cloud management system includes: an interface to communicate with an external device; a host to manage requests and allocate resources through one or more virtual machines; and an endpoint registry to include an endpoint adapter and metadata defining the endpoint adapter, the endpoint adapter to specify communication between at least one of the host or the external device and an endpoint. In the example cloud management system, the host is to at least enable, via the interface, the external device to access the endpoint registry a) to register an endpoint adapter configuration with the endpoint registry and b) to retrieve the endpoint adapter configuration from the endpoint registry.

A current display system comprises a plurality of computer blades, interconnected with each other and each hosting a graphics processor and a plurality of virtualized operating systems (OS) run by an hypervisor and sharing said graphics processor. Each computer blade is connected directly to a set of display devices including a part of a plurality of display devices. All computer blades are connected to all the display devices. Each virtualized OS runs a global compositor instance and at least one application. The global compositor instance of a first virtualized OS transmits a graphical output to a display device driven by a second virtualized OS, via the global compositor instance of said second virtualized OS, so that an application content from an application run by said first virtualized OS is displayed on said second display device.

Computer systems and methods are disclosed to implement a virtual machine monitor (VMM) that stores cryptographic keys for guest virtual machines (VMs) and securely executes cryptographic operations on the VMs' behalf using the stored cryptographic keys. The cryptographic keys are maintained in a key store that is accessible to the VMM but not accessible to the guest VMs. The cryptographic operations are executed in a manner that does not reveal the cryptographic keys to the guest VMs. In embodiments, the guest VMs may invoke the cryptographic operations via a device driver, a memory access interface, or some other mechanism. Advantageously, the guest VMs cannot obtain the cryptographic keys in their own memory space, so that the keys cannot be exfiltrated from the guest VMs. Embodiments of the VMM may be used to implement cryptographic operations such as request signing and verification, data encryption and decryption, and others.

An agent and a configuration interface permit custom-level customizations for synchronizing a replica of an enterprise system over a network connection with a replicator. The replicator produces the replica as a Virtual Machine (VM) that is maintained on a portal server that is remote from an enterprise server that hosts the enterprise system.

A system includes a memory, at least one processor in communication with the memory, a guest hypervisor, and a host hypervisor executing on the at least one processor. The host hypervisor is configured to receive a request for additional memory, request the additional memory from a paravirtualized memory device, allocate the additional memory to the guest hypervisor, and report a status of the request. The status of the request is either a success status or a failure status.

Aspects of the disclosure provide for mechanisms for managing containers across operating systems in a computer system. A method of the disclosure includes: running a first container corresponding to a first operating system, wherein the first container is created in view of a container image; receiving a user request to switch from the first operating system to a second operating system; in response to receiving the user request, switching, by a processing device, from the first container to a second container corresponding to the second operating system, wherein the second container is created in view of the container image, wherein switching from the first container to the second container comprises: configuring the second container in view of a plurality of configurations of the first container; and running the configured second container.