125 results about "System virtualization" patented technology

Systems for backing up the data of an IT system by utilizing server or storage virtualization technology to create and move logical IT infrastructures dynamically. A virtualized IT system provides a server resource pool and a storage resource pool composed from multiple physical devices either within a datacenter or a globally located plurality of datacenters. The virtual server and the storage volume provisioned from those pools will be paired to form the virtual infrastructure. In other words, the virtual infrastructure becomes a logical IT environment build with the required computing and storage resources needed in order to execute specific applications. The virtual infrastructure can also be migrated within/among datacenter sites.

A system creates a storage area network (SAN) centric storage virtualization layer in front of storage devices. The system allows data mobility and migration without disruption to the one or more host servers attached to the SAN. Specifically, the host servers are not disrupted when switching I/Os between physical and virtual storage, for example, by taking advantage of WWPN spoofing and Fibre Channel VSAN technology. The use of VSANs effectively allow multiple virtual directors and/or switches to be created within a physical director and/or switches, each with their own separate name server, thereby providing complete isolation from one another. The host-storage pathing information is unchanged as the original physical storage port's WWPNs are spoofed by the virtual storage port. The result is two identical WWPNs within the SAN which is normally disallowed; however, by separating the physical port WWPN into one VSAN and the virtual port WWPN into another, the restriction may be circumvented.

Methods and apparatus are provided for integrated deflection, detection and intrusion. Within a single computer system configured for operating system virtualization (e.g., Solaris, OpenSolaris), multiple security functions execute in logically independent zones or containers, under the control and administration of a global zone. Such functions may illustratively include a demilitarized zone (DMZ) and a honeypot. Management is facilitated because all functions work within a single operating system, which promotes the ability to configure, monitor and control each function. Any given zone can be configured with limited resources, a virtual network interface circuit and/or other features.

The invention relates to a method for intensively storing and backing up data based on an operating system virtualization theory in the technical field of computer application. The method is characterized by comprising the following steps of: constructing one to a plurality of virtual isolation environments on a host operating system of a physical host machine, wherein each virtual isolation environment has a use mode which is totally the same as the use mode of the host operating system; and completely isolating data produced in the virtual isolation environment from data produced by the host operating system, and storing the data to different physical storage positions respectively. By storing an application program relative to a working service of a user into the virtual isolation environment and running the application program, and redirecting the physical storage position to a storage server in a network through a common internet file system (CIFS) or internet small computer system interface (iSCSI) protocol, a manager only needs to back up the data on the storage server at a time when the data of all client hosts are needed to be backed up, so the working efficiency is improved greatly; meanwhile, only the data relative to the working service is backed up, so the backup storage space is saved and useless data restoration is avoided.

Provided are an apparatus and a system for providing a software service, using software virtualization, and a method thereof. The apparatus for providing a software service, using software virtualization, includes: an input unit receiving information according to operation of a menu or keys from a user; a communication unit interlocking to a service server implemented to execute software in a virtual execution environment in accordance with the received information; a control unit receiving graphic data of the software executed in the interlocking service server, performing rendering on the received graphic data with its own graphic processing unit, and generating a video as the result of rendering; and a display unit displaying the generated video.

The invention discloses a Docker Swarm cluster resource scheduling optimization method based on load prediction and belongs to the technical field of computer system virtualization. The Docker Swarm cluster resource scheduling optimization method based on load prediction comprises the steps of utilizing an API interface function of a docker daemon to periodically collect resource historical use amount of a container; utilizing an ARIMA-RBF model to model and predict the resource historical use amount, obtaining resource future usage amount and combining resource current use situation to adjust resource use upper limit and resource use authority limit; determining a resource use deviation degree of the container according to the resource historical use amount of the container; choosing a node with the most balanced resource use deviation according to the container and a resource use deviation degree of a node set capable of meeting a container resource requirement to deploy a new container after the container is added when the new container is started in a cluster. The Docker Swarm cluster resource scheduling optimization method disclosed by the technical scheme of the invention improves Docker Swarm cluster resource utilization rate and can improve actual operation performance of all the containers.

A system, method and computer-readable medium for balancing access among multiple logical partitions to the physical system resources of a computer system employing system virtualization. Each of the logical partitions is classified, initially during a startup period, in accordance with a level of allocated dispatch window utilization. Performance metrics of one or more of the physical system resources are determined in association with one or more of the logical partitions. The performance metrics determination is performed at a hardware level independent of programming interrupts. During a dispatch window in which a given set of the physical system resources are configured for allocation to one of the logical partitions, the given set of physical system resources are re-allocated to a replacement logical partition in accordance with the determined performance metrics associated with the replacement logical partition and the dispatch window utilization classification of the replacement logical partition.

A non-programmatic method for virtualizing the metadata of external systems at a front-end system is disclosed. The front-end system is provided with programmatic hooks that enable the external capture of its search for metadata and its commands to retrieve properties comprising selected metadata. When an end user of the front-end system requests to retrieve properties comprising selected metadata, typically through the use of a client device, an integrating system captures the search for metadata and provides a list of metadata both native to the front-end system and virtualized from disparate external systems.

The end user selects metadata in order to retrieve properties comprising the metadata. The integrating system captures the front-end system's command to retrieve the metadata. The integrating system converts the metadata request from the format of the front-end system to the format of the external system whose metadata was selected. The external system returns the properties comprising the requested metadata. The integrating system receives the resultant properties comprising the metadata, converts it to the format of the front-end system, and passes the resultant converted properties comprising the metadata to the front-end system for presentation to the end user.

A software development technique is provided using target system virtualization software simulating behaviour of a target system. A target device driver running on a host system issues memory access commands to the target system virtualization software rather than to a memory interface unit of the host system. The memory interface unit may be an SRAM (Static Random Access Memory) interface. The target system may be an EGPRS (Enhanced General Packet Radio Service) modem.

The invention is a managing system and method for a large-scale service system based on network storage and resources virtual treatment, including user virtual management service module, system virtual management service module and atomic part, where the atomic part includes physical calculating node and physical storage device node; and the system virtual management service module is used to realize system virtual service and management package, makes resource virtual treatment on the atomic part and provides shared interface for the previous-stage system virtual management service module and the user virtual management service module; and the system virtual management service module provides virtual resources for the previous-stage system virtual management service module and the user virtual management service module. The invention is based on the storage management and adopts a hiberarchy to effectively integrate server, management of various typical systems and management of user custom system, generally improving system performance.

A virtual CPU (Central Processing Unit) dispatching method belongs to the technical field of computing system virtualization, solves the problem of lock holder preemption, and improves the performance of a virtual machine in a multiple processor system. The virtual CPU dispatching method is used in a multiprocessor virtualized environment and comprises a monitoring procedure, an information collecting procedure and a dispatching procedure, wherein the monitoring procedure performs real-time monitoring to spin lock operating commands of all virtual machine operating systems; the information collecting procedure extracts spin lock amount obtained by the monitoring procedure, to form spin lock counting information; and the dispatching procedure adopts fair and efficient dispatching method todispatch the virtual CPU according to the spin lock counting information extracted from the information collecting procedure. Compared with the prior art, the method can detect whether dispatching isavailable more accurately, so as to improve the utilization ratio of physical CPU, ensure that dispatching strategy has flexibility and expandability, as well as fairness, effectively solve the problem of lock holder preemption, and greatly improve the performance of virtual machine in a multiple processor system.

The invention provides a kernel mode Rootkit detection method based on system virtualization technology. A Rootkit principle, system calling and an LKM (Loadable Kernel Module) are analyzed deeply to obtain the behavior characteristic of hiding of own module information of kernel mode Rootkit. Specific to the characteristic, the Rootkit detection method based on cross view validation is designed. A Xen kernel is changed to intercept system calling, so that a credible view is constructed. An infected view is constructed by using a user mode tool of a target client. Hidden modules are found by comparing the credible view with the infected view.

The invention provides a hybrid cloud computing management system based on data virtualization. A cloud data virtualization layer is added between a hybrid cloud application service layer and a hybrid cloud service for providing services of user data access and management. The cloud data virtualization layer is characterized by comprising a data connection module, a data integration module and a data release module. The data connection module is in charge of establishing connections with various data sources, managing various connections and optimizing network communication and data transmission; the data integration module is in charge of providing an unified view to isomerous data from various data sources, meanwhile, according to a need of an upper layer application, performing different combination and optimization on data from the various data sources in order to form various data virtual views; the data release module is in charge of encapsulating a data virtual pool and providing a service of unified access and virtual data pool management to the upper layer application; through the data release, an upper layer service obtains metadata of the data and obtains a data source, a data format and other basic information of the current data.