US Pat. No. 9,104,469

SUSPEND-RESUME OF VIRTUAL MACHINES USING DE-DUPLICATION

VMware, Inc., Palo Alto,...

1. A method for suspending a virtual machine executing in a physical host, the method comprising:
suspending execution of a virtual machine having data stored in a virtual memory space allocated for the virtual machine;
dividing the data in the virtual memory space into a plurality of blocks;
determining a plurality of keys corresponding to data in the plurality of blocks;
storing the plurality of keys in a key-data map that associates each of the plurality of keys with corresponding data from
the plurality of blocks; and

generating, on a storage device, a saved state file comprising the plurality of keys, wherein the saved state file represents
a state of the virtual memory space of the suspended virtual machine.

US Pat. No. 9,213,565

METHODS AND SYSTEMS FOR MINING DATACENTER TELEMETRY DATA

VMware, Inc., Palo Alto,...

1. A data-processing system comprising:
one or more processors;
one or more computer-readable media; and
a routine stored in the computer-readable media that when executed on the one or more processors,
collects streams of raw telemetry data, each stream composed of metric data associated with a virtual machine of a set of
virtual machines;

generates data matrices from the streams of telemetry data, each data matrix generated from the raw telemetry data collected
in an epoch of time and composed of rows of feature vectors with each feature vector having order statistics that represent
one or more features of one of the virtual machines;

identify clusters of virtual machines having corresponding order statistics into clusters based on the data matrices; and
generates a fingerprint for each virtual machine in each cluster based on the feature vector associated with each virtual
machine, the fingerprint identifies performance characteristics of each virtual machine.

US Pat. No. 9,372,737

VIDEO STREAM MANAGEMENT FOR REMOTE GRAPHICAL USER INTERFACES

VMware, Inc., Palo Alto,...

1. A method for providing a graphical user interface (GUI) from a server computing device to a client computing device, the
method comprising:
executing, by the server computing device, a virtual machine (VM) that generates a GUI and a virtual graphics processing unit
(VGPU) stack associated with the VM;

receiving, at the VGPU stack, the GUI for rendering to a framebuffer, the GUI including display updates comprising a video
stream in encoded form and other display updates;

determining whether to provide both the other display updates and the encoded video stream to the client computing device;
in response to determining to provide both the other display updates and the encoded video stream to the client computing
device:

rendering, by the VGPU stack, the other display updates of the GUI to the framebuffer while excluding the encoded video stream
such that the encoded video stream is not decoded or rendered to the framebuffer;

encoding, by the server computing device, the rendered other display updates;
transmitting the encoded other display updates using a first communication channel from the server computing device to the
client computing device for display; and

separately transmitting the encoded video stream using a second communication channel from the server computing device to
the client computing device for display in the GUI.

US Pat. No. 9,336,033

SECURE IDENTIFICATION OF EXECUTION CONTEXTS

VMware, Inc., Palo Alto,...

1. In a computer system comprising a virtual machine monitor (VMM) running on system hardware and supporting a virtual machine
(VM), a method of establishing an identity of a first execution context running in the VM comprising:
providing a shim program in a virtual address space of the first execution context;
the shim program, upon initialization, associating a first page, having a first page address, with the first execution context
and passing the first page address to the VMM;

the VMM, upon receipt of the first page address from the shim program, assigning a unique address space identifier (ASID)
for the first execution context, generating a second identifier value and writing the second identifier value and the ASID
at the first page address; and

the VMM returning the ASID to the shim program.

US Pat. No. 9,444,883

EXTENDING SERVER-BASED DESKTOP VIRTUAL MACHINE ARCHITECTURE TO CLIENT MACHINES

VMware, Inc., Palo Alto,...

1. A method comprising:
receiving, by a server system, a request from a user of a client system for accessing a user desktop, wherein the user desktop
is provided by a server-side virtual machine (VM) running on the server system, and wherein the server system is configured
to direct disk read requests from the server-side VM to a server-side virtual disk file and direct disk write requests from
the server-side VM to a server-side delta disk file;

connecting, by the server system, the user to the user desktop;
determining, by the server system, whether the client system has a client-side virtual disk file that is logically equivalent
to the server-side virtual disk file;

if the client system does not have a client-side virtual disk file that is logically equivalent to the server-side virtual
disk file, copying, by the server system, the server-side virtual disk file to the client system via a first background process
while the user is remotely interacting with the user desktop;

determining, by the server system, whether the client system has a client-side delta disk file that is logically equivalent
to the server-side delta disk file; and

if the client system does not have a client-side delta disk file that is logically equivalent to the server-side delta disk
file, copying, by the server system, the server-side delta disk file to the client system via a second background process
while the user is remotely interacting with the user desktop.

US Pat. No. 9,361,336

METHODS AND APPARATUS TO MANAGE VIRTUAL MACHINES

VMware, Inc., Palo Alto,...

1. A method comprising:
deploying a virtual machine;
storing deployment information about the deployed virtual machine, including tagging the deployment information associated
with the deployed virtual machine with an identification of an associated workload, in a database;

retrieving configuration information, including the deployment information from the database; and
displaying, via a processor, the configuration information for the deployed virtual machine including an indication that the
deployed virtual machine is associated with other deployed virtual machines that are associated with the workload, the configuration
information including a unique identifier for the deployed virtual machine and a network address utilized by the deployed
virtual machine.

US Pat. No. 9,374,327

INTELLIGENT CHAT SYSTEM

VMware, Inc., Palo Alto,...

1. A computer-implemented method for enhancing online chat experience, comprising:
establishing a chat session between a first participant and a second participant, the chat session being executed using a
chat application that enables a plurality of messages to be transmitted between the first participant and the second participant,
the messages being displayed in a chat window local to each participant;

initiating a chat assistant configured to execute as a background process on a computer, the chat assistant configured to
monitor the plurality of messages;

monitoring, by the chat assistant, content in the plurality of messages transmitted between the first participant and the
second participant;

parsing, by the chat assistant, text of an instant message transmitted from the first participant to the second participant;
recognizing a specified set of content in the instant message;
in response to recognizing the set of content, determining, based on one or more privacy rules specified by the first participant,
whether the first participant of the chat session has identified the second participant of the chat session as being permitted
to view additional information obtained by the chat assistant from a third party service by using profile information of the
first participant and automatically obtaining, from a data source external with respect to the chat application, the additional
information if the second participant has been identified by the first participant as being permitted to view the additional
information; and

if the first participant has identified the second participant as being permitted to view the additional information, presenting
simultaneously to both the first participant and the second participant, the obtained additional information within the chat
window along with the instant message transmitted from the first participant to the second participant by the chat assistant
without requiring either the first participant or the second participant to request the additional information manually, otherwise
if the first participant has not identified the second participant as being permitted to view the additional information,
presenting the instant message within the chat window without the additional information.

US Pat. No. 9,389,893

METHOD AND SYSTEM FOR MIGRATION OF VIRTUAL MACHINES AND VIRTUAL APPLICATIONS BETWEEN CLOUD-COMPUTING FACILITIES THROUGH MULTIPLEXED SECURE TUNNELS

VMware, Inc., Palo Alto,...

1. A cloud-connector subsystem that provides a stretch-deploy operation for moving one or more virtual machines and virtual
applications, which execute in a source cloud-computing facility, to a target cloud-computing facility, where the one or more
virtual machines and virtual applications resume executing, the cloud-connector subsystem comprising:
a cloud-connector node associated with the source cloud-computing facility;
a cloud-connector node associated with the target cloud-computing facility; and
a cloud-connector server that includes one or more processors, one or more memories, one or more data-storage devices, and
computer instructions that, when executed on the one or more processors, control the cloud-connector server to provide, in
cooperation with the cloud-connector nodes, a stretch-deploy operation that:

extends a first local virtual network within the source cloud-computing facility, to a second local virtual network, within
the target cloud-computing facility, through a secure tunnel that supports multiple extended virtual networks, forming an
extended local virtual network, by:

verifying the source cloud-computing facility and one or more virtual machines and virtual applications to be moved,
verifying the target cloud-computing facility,
creating a routed virtual application within the second local virtual network,
launching execution of the routed virtual application within the target cloud-computing facility, and
when a secure tunnel has not already been created between a first and second organization edge appliances, creating a secure
tunnel between the first organization edge appliance, associated with the first local virtual network, and the second organization
edge appliance, associated with the second local virtual network, and

moves the one or more virtual machines and virtual applications from executing on the source cloud-computing facility and
communicating with other computational entities through the extended local virtual network using one or more network addresses
to executing on the target cloud-computing facility and communicating with other computational entities through the extended
local virtual network using the same one or more network addresses.

US Pat. No. 9,189,513

DISTRIBUTED, TRANSACTIONAL KEY-VALUE STORE

VMware, Inc., Palo Alto,...

1. A method performed by a node in a set of nodes, the set of nodes implementing a distributed key-value store executed by
one or more processors of the set of nodes, the method comprising:
receiving, by the node, a search request from a user, the search request including a search expression and a target key namespace;
selecting, by the node, one or more data log files from a plurality of data log files in response to the search request, wherein
each data log file in the plurality of data log files stores key-value pairs for a key namespace of the distributed key-value
store, and wherein the selected one or more data log files store key-value pairs for the target key namespace;

searching, by the node, the selected one or more data log files for keys or key-value pairs that satisfy the search expression;
and

returning, by the node, the keys or key-value pairs to the user.

US Pat. No. 9,369,405

MAPPING COMPUTER RESOURCES TO CONSUMERS IN A COMPUTER SYSTEM

VMware, Inc., Palo Alto,...

1. A method of mapping computer resources to consumers in a computer system, comprising:
receiving tags assigned to the computer resources at a resource manager executing in the computer system, where the resource
manager:

transfers a first tag from a second computer resource to the first computer resource;
identifies the first tag as assigned to a first computer resource;
determines whether a first consumer is associated with the first tag;
enables the first consumer to access the first computer resource if the first consumer is associated with the first tag; and
prevents the first consumer from accessing the first computer resource if the first consumer is not associated with the first
tag wherein the computer resources comprise copies of datastores, the first computer resource comprises a first copy of a
datastore maintained by first computing resources of the computer system, and the second computer resource comprises a second
copy of the datastore maintained by second computing resources of the computer system.

US Pat. No. 9,361,335

METHODS AND APPARATUS TO MANAGE VIRTUAL MACHINES

VMware, Inc., Palo Alto,...

1. An apparatus comprising:
a dependency controller to determine that a deployment director has initiated deployment of a first virtual machine and a
second virtual machine and the deployment of the first virtual machine has halted because the first virtual machine is dependent
on a parameter of the second virtual machine and to detect that the second virtual machine has been deployed and has caused
configuration information to be stored in a repository; and

a configuration controller to retrieve the configuration information, including the parameter, from the repository and to
transmit the parameter to the first virtual machine to cause the first virtual machine to resume deployment, at least one
of the dependency controller and the configuration controller including a processor.

US Pat. No. 9,344,526

DISK BLOCKING STREAMING

VMware, Inc., Palo Alto,...

1. A method for executing an application in a virtual machine running on a local user system, wherein the virtual machine
accesses a virtual disk, the method comprising:
installing a modified image of the application onto a file system of the virtual disk, wherein the modified image does not
contain executable code or data of the application;

updating, during the installation of the modified image, a data structure maintained by a virtual machine monitor (VMM) of
the virtual machine to indicate that contents for each disk block allocated by the file system to store portions of the modified
image of the application that should contain executable code or data should be streamed from a remote location; and

consulting the data structure by the VMM upon a request of a disk block during execution of the application in the virtual
machine to determine whether to stream the content from a remote location.

US Pat. No. 9,319,288

GRAPHICAL USER INTERFACE FOR DISPLAYING INFORMATION RELATED TO A VIRTUAL MACHINE NETWORK

VMware, Inc., Palo Alto,...

1. A non-transitory computer-readable storage medium comprising instructions that, when executed by a computer, enable a graphical
user interface to be displayed, wherein the graphical user interface displays information related to a virtual machine network,
the graphical user interface comprising:
a chart comprising error indicators organized in rows and columns, wherein an error indicator corresponds to an entity in
the virtual machine network at a time and indicates a state of the entity at that time; and

a zoom navigator window that indicates a portion of error indicators displayed in the chart, wherein the portion of error
indicators is part of a set of error indicators corresponding to error indicators within a defined scope.

US Pat. No. 9,305,014

METHOD AND SYSTEM FOR PARALLELIZING DATA COPY IN A DISTRIBUTED FILE SYSTEM

VMware, Inc., Palo Alto,...

1. A method for increasing the speed of data replication by parallelizing data copy using a coordinating server that is connected
to one or more other servers, the method comprising:
partitioning in place a source file stored in a shared clustered file system of the coordinating server and the other servers
into multiple regions including at least first and second regions;

creating first and second temporary files in the shared clustered file system;
copying the first region of the source file to the first temporary file, wherein the copying of the first region is performed
by the coordinating server;

directing one of the other servers to copy the second region of the source file to the second temporary file, wherein the
copying of the first region is performed during a first time period and the copying of the second region is performed during
a second time period, and wherein the first time period and the second time period partially overlap; and

merging the temporary files into a single destination file in the shared clustered file system in a way that preserves a file
descriptor data structure and attributes of the source file.

US Pat. No. 9,219,813

PROVISIONING WORK ENVIRONMENTS ON PERSONAL MOBILE DEVICES

VMWARE, INC., Palo Alto,...

1. A method of provisioning a business mobile device on a personal mobile device comprising:
binding a mobile application for provisioning the business mobile device to a privileged component of a host operating system
of the personal mobile device, wherein the binding enables a hypervisor component and a management service component of the
mobile application to execute in a privileged mode, wherein the privileged component is embedded into the firmware of the
personal mobile device;

downloading, through the mobile application, a virtual phone image for the business mobile device and security-related policy
settings relating to use of the business mobile device from a mobile management server managed by an employer of a user of
the personal mobile device, wherein the hypervisor component is able to launch a virtual machine for the business mobile device
based on the virtual phone image;

initiating a periodic attempt to establish a connection between the management service component of the mobile application
and the mobile management server to comply with the security-related policy settings;

permanently removing the virtual phone image of the business mobile device upon expiration of an auto-wipe time period specified
in the security-related policy settings, wherein the management service component cannot be terminated by the user of the
personal mobile device; and

temporarily disabling access to the business mobile device upon expiration of an auto-disable time period specified in the
security-related policy settings, wherein the auto-disable time period is shorter than the auto-wipe time period, wherein
permanently removing the virtual phone image of the business mobile device upon expiration of the auto-wipe time period specified
in the security-related policy settings comprises permanently removing the virtual phone image of the business mobile device
without affecting a personal use of the personal mobile device upon expiration of the auto-wipe time period specified in the
security-related policy settings.

US Pat. No. 9,407,714

DATA REFRESHING OF APPLICATIONS

VMware, Inc., Palo Alto,...

1. A method to perform data refreshing of an application, the method comprising:
registering a first view and a second view of the application to a group to which both the first view and the second view
belong, wherein the first view is associated with a first function that is invocable to refresh data shown on the first view,
and the second view is associated with a second function that is invocable to refresh data shown on the second view;

in response to determination that data refreshing is required for the first view in the group based on a visibility status
of the first view and a data stability status of data shown on the first view, performing data refreshing of the first view
in the group by invoking the first function associated with the first view; and

in response to determination that data refreshing is also required for the second view in the group, performing data refreshing
of the second view by invoking the second function associated with the second view.

US Pat. No. 9,372,706

HOST SELECTION FOR VIRTUAL MACHINE PLACEMENT

VMware, Inc., Palo Alto,...

1. A method for placing virtual machines in a collection, the method comprising:
determining, by a computing device, a compatible set of hosts prior to placing virtual machines in the collection, wherein
the compatible set is determined on the basis of the compatibility of types of resources in the host with the virtual machines
in the collection;

determining, by the computing device, a plurality of equivalence sets of hosts from the compatible set of hosts prior to placing
virtual machines in the collection, wherein hosts in an equivalence set of hosts are considered similar;

testing equivalence sets of hosts in the plurality of equivalence sets of hosts, wherein a test of an equivalence set of hosts
determines a number of virtual machines in the collection that can be placed on hosts in the equivalence set of hosts;

ranking the tested equivalence sets of hosts, wherein the ranking is based on the testing; and
selecting an equivalence set of hosts from the ranked equivalence sets of hosts in which to place the virtual machines in
the collection based on the rankings; and

placing at least a portion of the virtual machines in the collection on one or more hosts in the selected equivalence set
of hosts.

US Pat. No. 9,363,305

REMOTE CONTEXTUAL ACCESS TO OPERATING SYSTEM DESKTOPS

VMware, Inc., Palo Alto,...

1. A method in a computing system for automatically transferring information regarding a current state of an operating system
desktop running on the computing system to one or more remote mobile devices, comprising:
under control of an agent executing in the background on the computing system and at designated times,
harvesting desktop state information that reflects the current state of the desktop associated with a user
translating at least a portion of the harvested state information into a format that is presentable by a standard web browser
on the one or more remote mobile devices

uploading the translated information to a central server computing system, wherein, when one of the one or more remote mobile
devices requests access to a web address of the server computing system via a web browser, the uploaded translated information
is forwarded and presented via the web browser and the web browser provides access to the current state of the desktop associated
with the user.

US Pat. No. 9,354,921

VIRTUAL MACHINE MIGRATION

VMware, Inc., Palo Alto,...

1. A non-transitory computer-readable storage medium having stored therein instructions which, when executed by a processor,
perform a method of migrating a source virtual machine (VM) running on a source computer to a destination computer, the method
comprising:
suspending execution of the source VM;
after the suspending of the source VM, transferring non-memory state of the source VM to the destination computer, thereby
enabling execution of a destination VM on the destination computer from the transferred non-memory state of the source VM;
and

transferring contents of source VM memory to the destination computer, either while the source VM is executing, or after the
execution of the destination VM from the transferred non-memory state of the source VM.

US Pat. No. 9,342,421

PERSISTING HIGH AVAILABILITY PROTECTION STATE FOR VIRTUAL MACHINES STORED ON DISTRIBUTED OBJECT-BASED STORAGE

VMware, Inc., Palo Alto,...

1. A method for persisting high availability (HA) protection state for virtual machines (VMs) running on host systems of a
host cluster, wherein the host cluster aggregates locally-attached storage resources of the host systems to provide an object
store, and wherein persistent data for the VMs is stored as per-VM storage objects across the locally-attached storage resources
comprising the object store, the method comprising:
determining, by a first host system in the host cluster executing a first HA module, an identity of a VM that has been powered-on
in the host cluster; and

persisting, by the first host system, HA protection state for the VM in a storage object of the VM, the HA protection state
indicating that the VM should be restarted on an active host system in case of a failure in the host cluster.

US Pat. No. 9,201,674

MIGRATING FUNCTIONALITY IN VIRTUALIZED MOBILE DEVICES

VMware, Inc., Palo Alto,...

1. A method of migrating a telephone functionality from a source mobile device to a target device, the method comprising:
embodying the telephone functionality that is offered by the source mobile device in a virtual machine of the source mobile
device;

emulating, by a first virtualization software layer of the source mobile device, a first peripheral device of the source mobile
device;

processing, by the first virtualization software layer of the source mobile device, a telephone communication using the telephone
functionality embodied in the virtual machine via the emulated first peripheral device; and

migrating the virtual machine including the embodied telephone functionality to the target device, wherein a second virtualization
software layer of the target device emulates a second peripheral device of the target device to process telephone communications
using the telephone functionality embodied in the migrated virtual machine via the second peripheral device.

US Pat. No. 9,081,622

AUTOMATED SCALING OF APPLICATIONS IN VIRTUAL DATA CENTERS

VMware, Inc., Palo Alto,...

1. A method comprising:
determining a performance of a multi-component application distributed across a plurality of tiers, wherein each of the plurality
of tiers comprises at least one virtual machine;

estimating a new performance based at least partially on an application reservation and an application limit;
calculating, via a processor, an optimized utility of the application based on a cost to execute the application, the application
reservation, and the application limit; and

determining a scaling factor for each of the plurality of tiers.

US Pat. No. 9,411,658

TOKEN-BASED ADAPTIVE TASK MANAGEMENT FOR VIRTUAL MACHINES

VMware, Inc., Palo Alto,...

1. A system for achieving maximal throughput in a virtual datacenter having dynamically changing resources, said system comprising:
a memory area associated with a task management device, said memory area storing a plurality of outstanding tasks to be performed
by a plurality of virtual machines (VMs) executing in the virtual datacenter; and

a processor programmed to:
normalize the outstanding tasks stored in the memory area by assigning a quantity of tokens to each of the outstanding tasks,
the tokens representing an amount of work performed by the virtual datacenter when performing the outstanding tasks, the assigned
quantity of tokens representing a second token batch size;

measure, by the task management device, a first throughput at a first token batch size and a second throughput at the second
token batch size;

calculate, by the task management device, a rate of change between the measured first throughput at the first token batch
size and the measured second throughput at the second token batch size; and

identify an output token batch size, the output token batch size representing another set of outstanding tasks to be performed
by the virtual datacenter in a next round of processing, identifying the output token batch size comprises:

if the calculated rate of change is negative, identify the output token batch size based on a combination of the first token
batch size and the second token batch size; and

otherwise, select, by the task management device, a third token batch size and repeat said measure, said calculate, and said
identify using the second token batch size as the first token batch size and the third token batch size as the second token
batch size during the repeating.

US Pat. No. 9,390,095

RAPID CLOUD-BASED IMAGE CENTRALIZATION

VMware, Inc., Palo Alto,...

1. A system comprising:
a plurality of computing devices; and
a server comprising a processor, the processor programmed to:
receive, from the plurality of computing devices, metadata for files stored on the plurality of computing devices;
determine, from the received metadata, an importance level for each of the files;
identify, from the received metadata, a common file that is stored on two or more of the plurality of computing devices;
select two or more computing devices to send a copy of the common file to the server, wherein the selected one or more computing
devices are fewer than all computing devices of the plurality of computing devices;

instruct each of the plurality of computing devices to send a copy of the respective files to the server in a defined order,
the defined order based on the importance level for each of the files on each of the plurality of computing devices, wherein
the respective files include the copy of the common file from the selected two or more computing devices;

compare data from each copy of the common file received from the selected two or more computing devices to validate the copies
of the common file as duplicates; and

store the copy of the files on the server.

US Pat. No. 9,342,248

TECHNIQUES FOR REDUCING READ I/O LATENCY IN VIRTUAL MACHINES

VMware, Inc., Palo Alto,...

1. A computer-implemented method for reducing the latency of an anticipated read of disk blocks from a swap file in a virtualized
environment, the environment including: a host swap file maintained by a host operating system and a virtual machine (VM)
that includes a guest swap file maintained by a guest operating system, the method comprising:
identifying, in the guest swap file, a sequence of disk blocks that was written by the guest operating system;
detecting, within the sequence of disk blocks, a first disk block that contains a reference to a second disk block that is
stored in the host swap file; and

replacing the first disk block in the guest swap file with the second disk block.

US Pat. No. 9,317,318

VIRTUAL MACHINE MONITOR CONFIGURED TO SUPPORT LATENCY SENSITIVE VIRTUAL MACHINES

VMware, Inc., Palo Alto,...

1. In a host computer having a virtualization software that supports execution of a plurality of virtual machines, the virtualization
software including a virtual machine monitor for each of the virtual machines, wherein each virtual machine monitor emulates
a virtual central processing unit (CPU) for a corresponding virtual machine, a method of halting execution of a virtual CPU
of a virtual machine, the method comprising:
receiving a first halt instruction at a virtual machine monitor from a corresponding virtual machine;
determining by the virtual machine monitor whether the virtual machine is latency sensitive;
if the virtual machine is latency sensitive, then issuing from the virtual machine monitor a second halt instruction to halt
a physical CPU on which the virtual CPU executes; and

if the virtual machine is not latency sensitive, then executing a system call to a kernel executing on the host computer to
indicate to the kernel that the virtual CPU is in an idle state.

US Pat. No. 9,398,019

VERIFYING CALLER AUTHORIZATION USING SECRET DATA EMBEDDED IN CODE

VMware, Inc., Palo Alto,...

1. A method of creating a code protection domain in a computer system, wherein the method executes at a first privilege level
and comprising:
suspending a guest operating system that executes confidential code included in the code protection domain at a second privilege
level that is less secure than the first privilege level, wherein the confidential code includes an authorization instruction
that contains a first placeholder and a verification instruction that contains a second placeholder;

replacing both the first placeholder and the second placeholder with a security key;
setting both the authorization instruction and the verification instruction to be execute-only; and
unsuspending the guest operating system,
wherein, upon executing, the authorization instruction sets the value of a register to the security key and the verification
instruction compares the value of the register to the security key, and

wherein setting the verification instruction to be execute-only comprises setting a page table entry that controls access
to the verification instruction such that read access is disabled, write access is disabled, and execution access is enabled.

US Pat. No. 9,363,197

RESOURCE ALLOCATION IN COMPUTERS

VMware, Inc., Palo Alto,...

1. A method comprising:
receiving, from a first client of a set of clients, a request for a resource unit;
based on the received request, evaluating, for respective clients in the set of clients, a metric that is a function of at
least a usage-based factor; and

upon evaluating, when the metric for a second client from the set of clients meets a predetermined criteria:
reclaiming a first resource unit from the second client; and
reallocating the first resource unit from the second client to the first client.

US Pat. No. 9,244,742

DISTRIBUTED DEMAND-BASED STORAGE QUALITY OF SERVICE MANAGEMENT USING RESOURCE POOLING

VMware, Inc., Palo Alto,...

1. A method for providing quality of service (QoS) for clients running on host computers to access a common resource, the
method comprising:
computing a current capacity for the common resource based on a global average latency for accessing the common resource by
the clients;

computing dynamic reservation values for the clients running on the host computers by distributing a global reservation value
for the common resource among the clients to derive the dynamic reservation values for the clients, including temporarily
limiting the amount of the global reservation value distributed to a client to a demand of that client for the common resource;
and

allocating the computed current capacity among the clients running on the host computers using the dynamic reservation values
for the clients,

wherein the distributing of the global reservation value for the common resource among the clients includes distributing the
global reservation value through a hierarchical structure of parent and child nodes such that the global reservation value
at a root node of the hierarchical structure is distributed to lower nodes of the hierarchical structure in a level-by-level
process.

US Pat. No. 9,244,732

COMPENSATING THREADS FOR MICROARCHITECTURAL RESOURCE CONTENTIONS BY PRIORITIZING SCHEDULING AND EXECUTION

VMware, Inc., Palo Alto,...

1. A method for scheduling a plurality of resource consumers executing on a computer system having at least one processor
core, a last-level cache (LLC) proximate to the at least one processor core, and a main memory, the method comprising:
at each descheduling event of one resource consumer of the plurality of resources consumers following an execution interval
that represents a period of time during which the one resource consumer is executed on one of the at least one processor core
between scheduling events,

estimating time during the execution interval that was spent repopulating cache line misses evicted from the LLC by the other
resources as the lesser of the execution interval or a product of a number of misses during the execution interval caused
by cache lines being evicted from the LLC by the other resource consumers, an estimated amount of time to repopulate one evicted
cache line, and the execution interval, and

determining an effective central processing unit (CPU) time as an estimated portion of the execution interval that excludes
the estimated time; and

compensating the one resource consumer for contention of microarchitectural resources by prioritizing scheduling of the one
resource consumer based in part on the effective CPU time for the one resource consumer and executing the resource consumers
on the at least one processor core in accordance with the scheduling.

US Pat. No. 9,471,482

INPUT/OUTPUT TRACE SAMPLING

VMware, Inc., Palo Alto,...

1. A computer-implemented method, comprising:
selecting, by a host computer, a first workload of a plurality of workloads running on the host computer to be subjected to
an input/output (I/O) trace;

determining whether to generate the I/O trace for the first workload for a first length of time or for a second length of
time, the first length of time being shorter than the second length of time, wherein the determination is based upon runtime
history for the first workload, I/O trace history for the first workload, and/or workload type of the first workload, wherein
when the determination is based upon the runtime history for the workload, the first length of time is selected if the first
workload has run for less than a threshold amount of time, and the second length of time is selected if the first workload
has run for at least the threshold amount of time; and

generating the I/O trace of the first workload for the selected length of time.

US Pat. No. 9,411,619

PERFORMANCE MANAGEMENT OF SYSTEM OBJECTS BASED ON CONSEQUENCE PROBABILITIES

VMware, Inc., Palo Alto,...

7. A method of increasing a utility of a system, the method comprising:
determining, by a monitoring module, a net health of a system using importance values and a health value associated with each
available object, and an importance value representative of an importance of a respective available object;

receiving, by an optimization module, the health value of the plurality of available objects within the system, the health
value representative of an expected performance level for each of the available objects;

receiving importance values associated with each available object, wherein the importance values indicate a weighting to be
applied to the respective health values;

identifying a plurality of available actions to be implemented on the available objects, wherein each of the plurality of
available actions is associated with at least one expected consequence;

calculating an expected utility for at each of the plurality of available actions based on an expected net health of the system
upon execution of each of the plurality of available actions, the net health of the system based on a net effect of each expected
consequence for the plurality of available objects, an effect being calculated by multiplying an expected change in the health
value of an available object with an importance value of the available object and with a probability of an occurrence of the
at least one expected consequence;

calculate an effective utility of each of the plurality of available actions by summing the expected utility of each of the
plurality of available actions; and

selecting, from using respective effective utilities for the plurality of available actions, an action based on the highest
expected utility for the system,

implement, by the monitoring module, the selected action upon the plurality of objects and the system, wherein the implementation
of the selected action further comprises:

adjusting performance of the plurality of objects and the system and validating the probability of the occurrence of the at
least one expected consequence.

US Pat. No. 9,363,192

AUTOMATIC REMEDIATION IN A DISTRIBUTED COMPUTER SYSTEM WITH MULTIPLE CLUSTERS OF HOST COMPUTERS

VMware, Inc., Palo Alto,...

1. A method for performing automatic remediation in a distributed computer system with multiple clusters of host computers,
the method comprising:
receiving a remediation request in response to a detection of a remediation-requiring condition in the distributed computer
system for a client running in one of the multiple clusters of host computers;

constructing a remediation placement problem for the client;
executing a placement selection algorithm for the remediation placement problem to generate a placement solution for the client,
the placement selection algorithm being the same placement selection algorithm used for initial placements of new clients
in the distributed computer system; and

implementing the placement solution for the client for remediation,
wherein the remediation-requiring condition in the distributed computer system is detected by one of a compute fabric component,
a storage fabric component, a network fabric component and a policy based management (PBM) fabric component and

wherein the remediation-requiring condition is one of a storage class violation for the client in one of the multiple clusters
in the distributed computer system detected by the storage fabric component and a policy change for the distributed computer
system detected by the PBM fabric component.

US Pat. No. 9,304,915

VIRTUALIZATION SYSTEM USING HARDWARE ASSISTANCE FOR PAGE TABLE COHERENCE

VMware, Inc., Palo Alto,...

1. A method of operating a virtualization system, the method comprising:
supplying underlying hardware with indications of those locations in physical memory for which the virtualization system is
to receive buffered write information, the indicated locations corresponding to those that encode page mapping information
of a guest operating system executing in a virtual machine of the virtualization system; and

asynchronous with write-type accesses performed for the guest operating system which target the indicated locations, but responsive
to a coherency-inducing operation of the guest operating system, updating a virtualization system page table based on the
buffered write information, the virtualization system page table mapping addresses to machine addresses in physical memory.

US Pat. No. 9,244,755

SCALABLE LOG ANALYTICS

VMware, Inc., Palo Alto,...

1. A method for providing real-time analysis of log messages for a computer infrastructure, the method comprising:
receiving a plurality of log messages including a first log message;
generating a sketch associated with the first log message, wherein the the sketch includes a tuple of fingerprint values generated
by processing a subset of words of the first log message through a fingerprint function;

determining a message type for the first log message based on a comparison of the generated sketch to a plurality of sketches
stored in an index, wherein log messages of a same message type have similar sketches;

determining a first log event associated with one or more of the plurality of log messages occurring with a time interval,
wherein the first log event comprises a first composition of message types corresponding to the one or more of the plurality
of log messages associated with the first log event;

determining an event type for the first log event based on a comparison of the first composition of message types to a plurality
of compositions of message types stored in the index; and

determining an anomalous log event within the plurality of log messages based on the event type for the first log event.

US Pat. No. 9,251,102

VIRTUALIZING PROCESSOR MEMORY PROTECTION WITH “L1 ITERATE AND L2 DROP/REPOPULATE”

VMware, Inc., Palo Alto,...

1. A non-transitory computer readable medium that stores instructions that are executable by a computer system, the computer
system comprising a processor and virtualization software, the virtualization software including a guest operating system
(OS) that utilizes a guest domain access control register (DACR) containing domain access information and guest page tables
including first level page tables (L1 page tables) and second level page tables (L2 page tables), where the guest page tables
contain: (a) domain identifiers used to obtain domain access information from the guest DACR and (b) access permission information,
and where the domain access information and the access permission information are combined to provide an effective guest access
permission, wherein the instructions, when executed, cause the computer system to perform a method for providing shadow page
tables and processor DACR settings that virtualize processor memory protection, the method comprising:
providing, by the virtualization software, a shadow page table, wherein:
(a) domain identifiers in the shadow page table are used to identify domain access information in the processor DACR that
are mapped from the domain access information in the guest DACR; and

(b) access permissions in the shadow page table are mapped from the effective access permission information in the guest page
tables based on a guest operation mode selected from a privileged mode and a user mode,

and wherein
a memory management unit (MMU) in the processor traverses the shadow page table, accesses the processor DACR, and combines
the mapped domain access information in the processor DACR with the mapped access permission in the shadow page table to reflect
the guest intended effective access permissions while isolating the guest from the virtualization software.

US Pat. No. 9,250,854

USER INTERFACE VIRTUALIZATION FOR REMOTE DEVICES

VMware, Inc., Palo Alto,...

1. A method of generating a local graphical user interface (GUI) on a client device that is connected to a server device having
a remote GUI, the method comprising:
receiving, from the server device, a base image of the remote GUI and UI metadata describing a GUI element in the remote GUI;
generating the local GUI to be displayed on the touch screen of the client device, the local GUI including the base image
received from the server device and a native GUI element to be displayed on the touch screen, the native GUI element generated
according to the received UI metadata, the native GUI element corresponding to the GUI element in the remote GUI;

receiving, at the client device, a voice input through an input device of the client device;
processing the voice input to determine a command input to manipulate the remote GUI of the server device; and
transmitting, to the server device, information indicating the command input configured to manipulate the remote GUI.

US Pat. No. 9,086,904

LIVE MIGRATION OF VIRTUAL MACHINE DURING DIRECT ACCESS TO STORAGE OVER SR IOV ADAPTER

VMware, Inc., Palo Alto,...

1. In a system of computing machines that includes a source computing machine and a destination computing machine, wherein
the source computing machine is configured to implement a virtual machine (VM) and a virtualization intermediary, and wherein
the source computing machine includes a physical storage adapter that is configured to implement a physical function (PF)
and a virtual function (VF) to support IO operations between the VM and physical storage, a method to migrate the VM from
the source computing machine to the destination computing machine while the VM runs an application that involves the VM queuing
IO requests to be made to the physical storage within a request queue within a first memory region of the source computing
machine and queuing IO responses received from the physical storage within a response queue within the first memory region
of the source computing machine, the method comprising:
providing state information within a memory region of the VF that is indicative of state of queued IO requests and state of
queued IO responses within the first memory region;

suspending de-queuing of requests from the request queue to the VF;
while suspending the de-queuing of requests, determining when no more outstanding responses to previous requests remain to
be received;

in response to a determination that no more outstanding responses to previous requests remain to be received, transferring
the state information from the VF memory to a second memory region associated with the virtualization intermediary within
the source computing machine; and

transferring the state information from the second memory region within the source computing machine to the destination machine.

US Pat. No. 9,195,707

DISTRIBUTED EVENT SYSTEM FOR RELATIONAL MODELS

VMware, Inc., Palo Alto,...

1. A database method comprising:
providing an event data model of a target database, the target database being one of a plurality of databases;
per a subject entity in the target database, using the event data model to declare and define triggering events modifying
the target database and respective corresponding operations for each triggering event modifying the target database, wherein
the operations are executed on an integrated external system in response to a triggering event modifying the target database
and are for execution by at least one agent according to respective skill and credential of the at least one agent;

detecting occurrence of an event modifying the target database involving the subject entity in the target database;
based on the detected event modifying the target database, determining from the event data model corresponding operations
for execution on the integrated external system in addition to modifying the target database and determining one or more agents
to perform the corresponding operations;

distributing execution of the determined corresponding operations on the integrated external system to the one or more agents
configured to execute a workflow associated with the corresponding operations according to the respective skill and credential
of the at least one agent, wherein the workflow comprises an integration with the integrated external system;

initiating communication with the event data model by the at least one agent to determine whether the operations are for execution
by the at least one agent; and

the at least one agent downloading code binaries for the corresponding operations according the respective skill and credential
of the at least one agent.

US Pat. No. 9,407,613

MEDIA ACCELERATION FOR VIRTUAL COMPUTING SERVICES

VMware, Inc., Palo Alto,...

1. A method for transmitting a media stream between a local host and a remote rendering device comprising:
transmitting desktop information between the local host and the remote rendering device using a first channel using a remoting
protocol;

identifying an uncompressed media stream that is being rendered on the local host, wherein the media stream is being rendered
with the desktop information transmitted using the remoting protocol;

capturing bitmap content for the identified media stream after the media stream has been rendered on the local host, wherein
the capturing prevents a remoting protocol from processing the rendered bitmap content for transmission to the remote rendering
device, and wherein the capturing includes intercepting calls to render the identified media stream as bitmap content;

encoding the identified media stream using an encoder configured to encode streaming media and supported on both the local
host and the remote rendering device, wherein encoding includes encapsulating the bitmap content in a software wrapper; and

transmitting the encoded media stream to the remote rendering device using a second channel comprising a media acceleration
channel associated with the remoting protocol to cause the encoded content of the media stream to be decoded and displayed
with the desktop information at the remote rendering device.

US Pat. No. 9,367,253

CATASTROPHIC DATA LOSS AVOIDANCE

VMware, Inc., Palo Alto,...

1. A computer-implemented method, comprising:
dividing data into a plurality of portions, wherein the data is recoverable using a subset of the plurality of portions;
selecting, for each portion of the data, a storage device different than storage devices storing all other portions of the
data, wherein the selecting includes distributing the portions of data based upon diversity of geographic locations of storage
devices and diversity of storage device characteristics, the storage device characteristics including at least one of hardware
characteristics, software characteristics, and operating history characteristics; and

storing each portion of the data on a corresponding selected storage device.

US Pat. No. 9,256,353

PROVIDING APPLICATION AND DEVICE MANAGEMENT USING ENTITLEMENTS

VMware, Inc., Palo Alto,...

1. A method for providing access to applications for a computing device comprising:
receiving an identification of a user and/or group to which the user belongs, wherein the user is associated with the device;
determining, based on the identification, a plurality of applications that the user and/or the group to which the user belongs
is entitled to access, wherein each of the plurality of applications includes (i) code and/or script that is locally executed
on the computing device to provide screen and user input functionality, and (ii) code and/or script that is executed remotely
from the computing device to perform functions of the application; and

transmitting information corresponding to the plurality of applications to the computing device to enable the computing device
to present a set of icons, each of which is associated with one of the applications, wherein upon a selection of one of the
icons by the user, the associated application is launched through a web browser of the computing device.

US Pat. No. 9,251,103

MEMORY-ACCESS-RESOURCE MANAGEMENT

VMware, Inc., Palo Alto,...

1. A multiplexing memory controller comprising:
a number of channels that each stores a specification of memory-access-request servicing characteristics for the channel;
a memory-request input through which the multiplexing memory controller receives memory-access requests from two or more processing
entities, each memory-access request accompanied with a channel indication; and

memory-controller logic that processes the received memory-access requests in order to provide memory-access-request servicing
to each channel in accordance with the channel's memory-access-request servicing characteristics;

wherein each channel is associated with a number of registers that store values that specify the memory-access-request servicing
characteristics for the channel, including a memory-access-request processing priority and a memory-access-request processing
limit; and

wherein each channel is associated with three-registers, including
a shares register that stores a number of memory-access-resource shares,
tokens register that stores a current number of memory-access-request-processing tokens, and
a token-increment register that stores an indication of a number of memory-access-request-processing tokens to be allocated
to the channel by the multiplexing memory controller during each token-refresh cycle.

US Pat. No. 9,268,549

METHODS AND APPARATUS TO CONVERT A MACHINE TO A VIRTUAL MACHINE

VMware, Inc., Palo Alto,...

1. A method comprising:
moving, via a processor, an original operating system to create free space on a storage device;
installing a hypervisor in the free space on the storage device;
generating a virtual machine in the free space on the storage device; and
loading the hypervisor and the virtual machine, the virtual machine to execute the original operating system.

US Pat. No. 9,262,198

CPU SCHEDULER CONFIGURED TO SUPPORT LATENCY SENSITIVE VIRTUAL MACHINES

VMware, Inc., Palo Alto,...

1. In a host computer having one or more physical central processing units (CPUs) that support the execution of a plurality
of containers, the containers each including one or more processes, wherein the host computer is programmed to perform a method
of assigning at least one of the processes to have exclusive affinity to a corresponding physical CPU, the method comprising:
determining that a first container is latency sensitive; and
responsive to the determining, assigning each of the processes of the first container to have exclusive affinity to one or
more corresponding physical CPUs, said assigning comprising:

migrating running tasks on the corresponding physical CPUs to the one or more other physical CPUs of the host system;
directing queued tasks and interrupt processing for the corresponding physical CPUs to the one or more other physical CPUs;
and

executing tasks of each of the processes of the first container on the one or more corresponding CPUs to which the process
has exclusive affinity.

US Pat. No. 9,304,878

PROVIDING MULTIPLE IO PATHS IN A VIRTUALIZED ENVIRONMENT TO SUPPORT FOR HIGH AVAILABILITY OF VIRTUAL MACHINES

VMware, Inc., Palo Alto,...

1. In a virtualized computing environment having multiple host computers in which one or more virtual machines are being executed
and a shared storage system that stores virtual disks of the virtual machines, a method of connecting the virtual machines
to the virtual disks of the virtual machines that are stored in the shared storage system over one of multiple input/output
(IO) paths, comprising:
detecting a failure in an IO path from a virtual machine being executed in a first host computer to the shared storage system;
initiating a migration process of the virtual machine to a second host computer that is connected to the shared storage system
along a different IO path that is functioning; and

terminating execution control of the virtual machine in the first host computer when the second host computer takes over execution
of the virtual machine.

US Pat. No. 9,146,721

INSTALLATION OF A SOFTWARE AGENT VIA AN EXISTING TEMPLATE AGENT

VMware, Inc., Palo Alto,...

1. A method, comprising:
responsive to a request to deploy a multi-tier application on a plurality of virtual machines (VMs) using a first server to
orchestrate a deployment of the multi-tier application, provisioning a VM based on a template generated for use with a second
server, wherein the template comprises a template agent configured for communication with the second server;

executing the template agent to receive a script; and
executing the script to install a software agent on the provisioned VM, wherein the software agent is configured for communication
with the first server to facilitate deployment of at least a portion of the multi-tier application onto the provisioned VM.

US Pat. No. 9,135,342

COMPREHENSIVE, RELEVANT, AND DYNAMIC DATA SEARCHING IN A VIRTUALIZATION ENVIRONMENT

VMware, Inc., Palo Alto,...

1. A method for maintaining a search capability offered by a search system in a virtualization environment, the method comprising:
receiving, by the search system, first index data from an agent running in a currently running VM, wherein the agent is configured
to generate the first index data wherein first index data corresponds to files stored on a file system used by the currently
running VM;

determining, by the search system, an event for the currently running VM that indicates a change in state for the currently
running VM to an offline VM, the offline VM being a VM that is not currently running;

when the event is determined by the search system, using an offline VM adapter to generate second index data, wherein using
the offline VM adapter comprises:

mounting, by the offline VM adapter in the search system, a virtual disk image file associated with the offline VM to access
file systems stored in the virtual disk image file; and

generating the second index data wherein second index data corresponds to the file systems stored in the virtual disk image
file; and

maintaining, by the search system, a database of the first index data received from the agent and the second index data generated
by offline VM adapter in the search system from the file systems stored in the virtual disk image files to enable a search
result in response to a search query received by the search system.

US Pat. No. 9,049,257

METHODS AND APPARATUS FOR AN E-MAIL-BASED MANAGEMENT INTERFACE FOR VIRTUALIZED ENVIRONMENTS

VMware, Inc., Palo Alto,...

1. A method of processing commands for a virtual machine (VM) management module managing a virtualized computing environment
comprising a plurality of physical host computers executing one or more VMs, comprising:
receiving an e-mail message from a sender, the e-mail message comprising one or more commands for provisioning or migrating
the virtual machines of the virtualized computing environment in a first format;

parsing the e-mail message to extract the one or more commands;
determining whether the e-mail message is a redundant response to a notification issued by the VM management module, wherein
the notification indicates a condition associated with the virtualized computing environment has been detected;

if the e-mail message is a redundant response, then:
determining whether the extracted commands conflict with one or more commands received by the VM management module in a previous
response to the detected condition;

if the extracted commands do not conflict with the commands received in the previous response, translating the extracted commands
from the first format to a second format executable by the VM management module and transmitting the translated commands to
the VM management module for execution therein; and

if the extracted commands conflict with the commands received in the previous response, ignoring the e-mail message; and
if the e-mail message is not a redundant response, thentranslating the extracted commands from the first format to the second format and transmitting the translated commands to
the VM management module for execution therein.

US Pat. No. 9,304,662

USER INTERFACE VIRTUALIZATION TECHNIQUES

VMware, Inc., Palo Alto,...

1. A method of generating a local graphical user interface (GUI) on a touch screen of a client device that is connected to
a server device having a remote desktop, the method comprising:
receiving, from the server device, user interface (UI) metadata that specifies content of a GUI element in the remote desktop,
and a base image comprising a graphical representation of the remote desktop;

generating, at the client device, a native GUI element based on received UI metadata, wherein the native GUI element comprises
a virtual representation of a corresponding GUI element of the remote desktop, wherein the native GUI element includes a copy
of content shown in an application within the remote desktop, wherein the copy of continent is provided by the received UI
metadata;

generating a local GUI to be displayed on the touch screen of the client device, the local GUI comprising the base image received
from the server device and the native GUI element rendered on top of the base image; and

responsive to detecting that the native GUI element has been manipulated through a touch input, modifying a selection region
of the native GUI element that indicates a selected portion of the copy of content by using touch input to resize the selection
region, and transmitting, to the server device, an input event indicating a manipulation of the corresponding GUI element
in the remote GUI by the client device, the input event indicating a selection of a corresponding portion of the content shown
in the application within the remote desktop, the input event also indicating a clipboard operation at the remote desktop
based on a local selection of the copy of content, as specified by the selection region.

US Pat. No. 9,311,140

METHOD AND APPARATUS FOR EXTENDING LOCAL AREA NETWORKS BETWEEN CLOUDS AND MIGRATING VIRTUAL MACHINES USING STATIC NETWORK ADDRESSES

VMware, Inc., Palo Alto,...

1. A cloud-connector subsystem that provides a stretch-deploy operation for moving one or more virtual machines and virtual
applications, that execute in a source cloud-computing facility, to a target cloud-computing facility where the one or more
virtual machines and virtual applications resume executing, the cloud-connector subsystem comprising:
a cloud-connector node associated with the source cloud-computing facility;
a cloud-connector node associated with the target cloud-computing facility; and
a cloud-connector server that includes one or more processors, one or more memories, one or more data-storage devices, and
computer instructions that, when executed on the one or more processors, control the cloud-connector server to provide, in
cooperation with the cloud-connector nodes, a stretch-deploy operation that

extends a first local virtual network, within the source cloud-computing facility, to a second local virtual network, within
the target cloud-computing facility, forming an extended local virtual network by

verifying the source cloud-computing facility and one or more virtual machines and virtual applications to be moved,
verifying the target cloud-computing facility,
creating a routed virtual application within the second local virtual network,
launching execution of the routed virtual application within the target cloud-computing facility, and
creating, from a first edge appliance through which the one or more virtual machines are connected to a first virtual organization
network that is, in turn, connected to an external network, a secure communications tunnel to a second edge appliance through
which the second local virtual network in the routed virtual application is connected to a second virtual organization network,
in turn connected to the external network; and

moves the one or more virtual machines and virtual applications from executing on the source cloud-computing facility and
communicating with other computational entities through the extended local virtual network using one or more network addresses
to executing on the target cloud-computing facility and communicating with other computational entities through the extended
local virtual network using the same one or more network addresses.

US Pat. No. 9,298,538

METHODS AND SYSTEMS FOR ABNORMALITY ANALYSIS OF STREAMED LOG DATA

VMware, Inc., Palo Alto,...

1. A data-processing system comprising:
one or more processors;
one or more computer-readable media; and
a routine that executes on the one or more processors to analyze a stream of digitally encoded log data output from a computational
system and stored in the computer-readable media by

maintaining a historical dynamic normalcy graph of meta-data that represents statistical patterns within the stream of log
data based on a first set of event types from the stream of log data;

detecting changes within the stream of log data based on similarities between the historical dynamic normalcy graph and a
moving historical graph constructed from a second set of event types from the steam of log data; and

identifying abnormalities in the stream of log data based on the statistical patterns and on detected changes within the stream
of log data.

US Pat. No. 9,285,993

ERROR HANDLING METHODS FOR VIRTUALIZED COMPUTER SYSTEMS EMPLOYING SPACE-OPTIMIZED BLOCK DEVICES

VMware, Inc., Palo Alto,...

1. A method of offloading a logical block device that is thinly provisioned in a storage system, in response to an error notification
from the storage system, comprising:
receiving an error notification generated by the storage system, the error notification indicating that the logical block
device has reached a threshold in used capacity;

in response to the error notification, examining configuration settings of virtual machines that have files stored in the
logical block device, the configuration settings of virtual machines indicating a remedial measure to be taken when the logical
block device has reached the threshold in used capacity; and

executing a process for offloading the logical block device according to the remedial measure indicated in the configuration
settings of the virtual machines.

US Pat. No. 9,142,004

DYNAMIC ALLOCATION OF PHYSICAL GRAPHICS PROCESSING UNITS TO VIRTUAL MACHINES

VMware, Inc., Palo Alto,...

1. A computer-implemented method in a server computing system for dynamically allocating physical graphics processing unit
(GPU) resources among a plurality of virtual machines to be potentially allocated some portion of the physical GPU resources,
the physical GPU resources including processing bandwidth of at least one physical GPU available to the server computing system,
comprising:
determining a processing capacity of each physical GPU resource;
determining a GPU benefit factor for each virtual machine of the plurality of virtual machines, the GPU benefit factor being
a numerical value indicating benefit to the virtual machine of using a GPU resource, wherein a larger GPU benefit factor indicates
a greater benefit;

receiving a priority for each of the plurality of virtual machines;
ranking the plurality of virtual machines based on the GPU benefit factor and the priority of each virtual machine, wherein
virtual machines having the same priority are ranked based on the GPU benefit factor from largest to smallest;

establishing an allocation of the physical GPU resources among the plurality of virtual machines by assigning each physical
GPU resource to one or more of the plurality of virtual machines based upon the determined capacity of each physical GPU and
the ranking of the plurality of virtual machines, wherein the physical GPU resources are assigned based on the ranking from
highest to lowest;

determining a revised GPU benefit factor for at least one of the plurality of virtual machines based upon runtime behavior
of the at least one virtual machine; and

dynamically adjusting the physical GPU resource allocation to account for the revised GPU benefit factor determined for the
at least one virtual machine.

US Pat. No. 9,135,287

DISTRIBUTED, TRANSACTIONAL KEY-VALUE STORE

VMware, Inc., Palo Alto,...

1. A method performed by a node in a set of nodes, wherein the set of nodes implements a distributed key-value store, wherein
the node is communicatively coupled with one or more storage devices storing a set of data log files, and wherein each data
log file in the set of data log files includes key-value pairs for a key namespace of the distributed key-value store, the
method comprising:
executing, by the node, a modifier transaction for modifying a key-value pair in the set of data log files, wherein the executing
of the modifier transaction comprises:

determining a data log snapshot that identifies one or more data log files in the set data log files that the node will access
due to the modifier transaction, the data log snapshot including, for each of the one or more data log files, a version number
and a length; and

determining one or more key-value subsets, each key-value subset including key-value pairs from an associated data log file
in the one or more data log files that the node will attempt to modify due to the modifier transaction.

US Pat. No. 9,396,024

ONLINE COMPUTATION OF CACHE OCCUPANCY AND PERFORMANCE

VMware, Inc., Palo Alto,...

1. A computer implemented method to manage thread performance in a computing environment, the method comprising:
assigning a thread performance counter to threads being created in the computing environment, the thread performance counter
measuring a number of cache misses for a corresponding thread;

calculating a self-thread value S as a change in the thread performance counter of a given thread during a predetermined period;
calculating an other-thread value O as a sum of changes in all the thread performance counters during the predetermined period
minus S;

estimating a cache occupancy of a cache for the given thread based on estimating cache misses that occurred since a previous
estimate of a previous occupancy E for the given thread using the self-thread value S and the other-thread value O and estimating
a fraction of the previous occupancy E unaffected by the cache misses that occurred since the previous estimate using the
previous occupancy E for the given thread, the self-thread value S and the other-thread value O, wherein the cache occupancy
indicating an estimated amount of data that is stored in the cache for the given thread; and

assigning computing environment resources to the given thread based on the estimated cache occupancy.

US Pat. No. 9,230,001

INTELLIGENT DATA PROPAGATION USING PERFORMANCE MONITORING

VMware, Inc., Palo Alto,...

1. A computer-implemented method comprising:
copying, by a processing device, data on a plurality of datastores, wherein the copying of the data includes determining a
shortest path tree from a source datastore at a root of the shortest path tree to a remainder of the plurality of datastores;

determining, by a processing device, that one of the plurality of datastores has exceeded a threshold during the copying of
the data to the datastore or during the copying of the data from the datastore, wherein the threshold is based on resource
utilization, network latency, or input/output (I/O) latency of the datastore;

suspending, by a processing device, the copying of the data to the datastore in response to the datastore exceeding the threshold;
determining, by a processing device, an updated shortest path tree from a source datastore at a root of the shortest path
tree to the datastore; and

resuming, by a processing device, the copying of the data to the datastore using the updated shortest path tree.

US Pat. No. 9,292,507

AUTOMATED DOCUMENT REVISION TRIMMING IN A COLLABORATIVE MULTI-USER DOCUMENT STORE

VMware, Inc., Palo Alto,...

1. A computer-implemented method in a server computing system for trimming revisions of a file to facilitate management of
revision growth, the revisions stored in a document store accessed by a plurality of users and received from a plurality of
distinct client systems, the revisions previously grouped into a plurality of logical clusters, comprising:
automatically, under control of the computing system,
determining which revisions of the file are an essential revisions of the plurality of logical clusters and therefore represent
their respective logical clusters and which revisions of the file are non-essential revisions of the plurality of logical
clusters;

determining an amount of available space in the document store;
designating as hidden a portion of the non-essential revisions randomly chosen across the plurality of logical clusters and
deleting a portion of the non-essential revisions randomly chosen across the plurality of logical clusters, wherein the portion
of the non-essential revisions that are designated as hidden and the portion of the non-essential revisions that are deleted
are determined based upon the determined amount of available space in the document store and age of the determined non-essential
revisions; and

presenting the revisions of the file to a user by presenting indicators to each essential revision of each of the plurality
of logical clusters and presenting by default only indicators to the non-essential revisions of each of the plurality of logical
clusters that have not been designated as hidden or have not been deleted.

US Pat. No. 9,135,050

EXTENSIBLE NETWORK CONFIGURATION MANAGEMENT

VMware, Inc., Palo Alto,...

1. A method for transporting data between a module in virtualization software and a management application running on a virtualization
management platform, the method comprising:
registering a common namespace on the virtualization management platform by the management application and on the virtualization
software in a host server by the module to create a communication channel, wherein the registering identifies the module in
the virtualization software and the management application as endpoints of the communication channel, and wherein the common
namespace indicates an association with at least one of a distributed virtual switch, a port group of a distributed virtual
switch, a port of a distributed virtual switch, and the host server;

sending, by the management application or the module, the data via the communication channel, wherein the data is associated
with a key specifying the common namespace that identifies the data and indicates ownership of the data, wherein the data
traverses at least the virtualization management platform and one or more intermediate layers of the virtualization software
and at least relates to configuration of the module, wherein the data is converted to a binary format and is opaque to the
virtualization management platform and the one or more intermediate layers, and wherein the data is not processed by the virtualization
management platform and the one or more intermediate layers including a virtual machine kernel.

US Pat. No. 9,110,728

ELASTIC ALLOCATION OF COMPUTING RESOURCES TO SOFTWARE APPLICATIONS

VMware, Inc., Palo Alto,...

1. A system for executing virtual machines on one or more computing devices, the system comprising:
a plurality of host computing devices; and
a management device coupled in communication with the host computing devices, the management device configured to:
determine an application performance metric representing performance of one or more instances of a software application executed
by virtual machines (VMs) that are hosted by the plurality of host computing devices;

determine an elasticity action based on the application performance metric, wherein the elasticity action comprises a scale-up
action that instructs a target host computing device of the plurality of host computing devices to activate a target quantity
of VMs;

calculate a projected quantity of ready VMs based on the target quantity of VMs and a current quantity of ready VMs in a ready
pool of ready VMs; and

when the projected quantity of ready VMs is less than a predetermined minimum quantity of ready VMs, transmit a deploy action
to the target host computing device, the deploy action instructing the target host computing device to add one or more VMs
to the ready pool of ready VMs.

US Pat. No. 9,218,200

SELECTIVE CLASS HIDING IN OPEN API COMPONENT ARCHITECTURE SYSTEM

VMware, Inc., Palo Alto,...

1. A method for granting class level trust in an open application programming interface (API) system, comprising:
defining a common information model (CIM) architecture, the CIM architecture configured with a CIM object manager (CIMOM)
for managing client requests made through APIs, the APIs being handled by the CIMOM, wherein the CIMOM accesses schemas that
include one or more classes;

applying trust level settings to particular ones of the one or more classes of the schemas, the trust level settings defining
client permissions to the particular classes;

hiding the particular classes to clients that lack a trust level sufficient to access the particular classes, including preventing
the clients that lack the trust level sufficient to know the existence of a particular subclass of a parent class even if
the clients have access to the parent class and another subclass of the parent class by defining a new class that contains
only a list of classes to be kept private; and

servicing clients that lack the trust level with classes that do not have the applied trust level settings.

US Pat. No. 9,069,902

SOFTWARE TEST AUTOMATION

VMware, Inc., Palo Alto,...

1. A non-transitory computer readable storage medium comprising instructions stored thereon which, when executed, cause a
computing system to perform a method of creating a custom action, said method comprising:
presenting a user interface for entry of lines of a custom action;
responsive to receipt of a sub-portion of a line of said custom action via said user interface, automatically checking said
sub-portion for errors in syntax as well as for auto-completion recommendations; and

storing said custom action as a selectable custom action in a dynamic layer of a testing infrastructure which is associated
with a particular instance of a software item.

US Pat. No. 9,292,422

SCHEDULED SOFTWARE ITEM TESTING

VMware, Inc., Palo Alto,...

1. A non-transitory computer readable storage medium comprising instructions stored thereon which, when executed, cause a
computing system to perform a method of software item testing, said method comprising:
presenting a graphical user interface for scheduling a test of a software item, said graphical user interface comprising a
test name field, test time initiation selections and an electronic notification entry field;

receiving, via said graphical user interface, specified information regarding conduct of a test, said specified information
comprising said name of said test, a test time for initiating said test, a recurrence interval for executing said test, and
an electronic notification location for sending results of said test;

initiating said test at said test time and in accordance with said recurrence interval;
in response to an error condition occurring during said test, pausing said test while maintaining said test in an active state
without terminating said test;

electronically sending a report of said error condition to said electronic notification location while said test is paused;
and

maintaining said test in said active state while paused for a pre-specified period of time to permit for receiving an alteration
to said test.

US Pat. No. 9,058,259

SYSTEM AND METHOD FOR DYNAMIC PROBLEM DETERMINATION USING AGGREGATE ANOMALY ANALYSIS

VMware, Inc., Palo Alto,...

1. A method comprising:
determining an aggregated count of metric anomalies occurring in an information technology (IT) infrastructure, including
obtaining a total count of all metric anomalies as a function of time for a set of resources supplying metric data that are
being monitored on the IT infrastructure and adjusting the total count of all metric anomalies to produce the aggregated count
of metric anomalies to account for the number of resources in the set of resources that are supplying metric data at a given
time, the number of resources that are supplying the metric data being less than the number of resources in the set of resources;

determining a threshold noise level for the aggregated count of metric anomalies above which a problem event is likely to
be occurring in the IT infrastructure;

identifying a problem event in the IT infrastructure when the aggregated count of metric anomalies exceeds the threshold noise
level at a given time;

issuing an alert when the problem event in the IT infrastructure is identified; and
initiating a corrective action in response to the issued alert;
wherein at least one of the determining the aggregated count of metric anomalies, the determining the threshold noise level
and the identifying the problem event is executed by a processor.

US Pat. No. 9,367,244

COMPOSING A VIRTUAL DISK USING APPLICATION DELTA DISK IMAGES

VMware, Inc., Palo Alto,...

1. A method for composing a virtual disk for a virtual machine, the virtual disk comprising a base virtual disk image, a user
delta disk image, and one or more application delta disk images, the method comprising:
identifying an application delta disk image in an application store, the application delta disk image having an application
stored therein, wherein the identifying of the application delta disk image comprises analyzing metadata that has been stored
in the user delta disk image;

copying the identified application delta disk image to a location that is accessible to a virtual desktop of the virtual machine;
modifying a logical size of the copied application delta disk image to conform with a logical size of the base virtual disk
image of the virtual machine;

linking the base virtual disk image, the application delta disk image, and the user delta disk image; and
modifying the user delta disk image so that read requests from the virtual desktop directed to the virtual disk are satisfied
with data from the application delta disk image.

US Pat. No. 9,756,010

RESOLVING NETWORK ADDRESS CONFLICTS

VMware, Inc., Palo Alto,...

1. A computer-implemented method comprising:
receiving a message from a first device connected to a network or a second device connecting to the network, wherein the second
device has a network address that is a duplicate of a network address of the first device, and wherein the message includes
the duplicate network address or an indication of a conflict resulting from the duplicate network address;

detecting, from the message, a network address conflict between the first device and the second device;
selecting and disconnecting one of the first device and the second device from the network in response to detecting the conflict,
wherein the selected one of the first device and the second device is disconnected from the network, wherein the selected
and disconnected one of the first device and the second device comprises a disconnected device, and wherein the disconnected
device is a virtual machine running within a host device;

receiving a new network address for the disconnected device, the new network address received from the disconnected device
via a secure communication channel between the disconnected device and virtualization software of the host device, the secure
communication channel being independent of a networking stack of the disconnected device; and

reconnecting the disconnected device to the network using the new network address in response to determining that the new
network address does not conflict with a network address of another device connected to the network.

US Pat. No. 9,277,237

USER INTERFACE REMOTING THROUGH VIDEO ENCODING TECHNIQUES

VMware, Inc., Palo Alto,...

1. A method in a server computing system for remoting a user interface to be rendered on a client device, comprising:
during a motion estimation process of a generic video encoder, causing the generic video encoder to:
perform pattern matching on a graphics command stream of a quest operating system of a virtual machine on the server computing
system in order to detect a move, scroll or expose region event;

when the move, scroll or expose region event is detected, determine, prior to causing an updated portion of the user interface
to be rendered on a display screen associated with the client device, a set of pixels that can be reused in the updated portion
of the user interface and identify a motion vector caused by the move, scroll or expose region event, wherein the motion vector
indicates new locations for the set of pixels in the updated portion of the user interface;

using a generic video encoding protocol supported by a web browser of the client device, generate and encode a video-based
representation of the updated portion of the user interface that indicates reuse of the determined set of pixels that can
be reused in the updated portion of the user interface and the motion vector that indicates the new locations; and

sending the generated and encoded video-based representation of the updated portion of the user interface to the web browser
on the client device in a manner that causes a decoder for the video encoding protocol on the web browser of the client device
to decode and render the updated portion of the user interface on the display screen associated with the client device by
using the set of pixels cached on the client device and the motion vector caused by the move, scroll or expose region event.

US Pat. No. 9,509,615

MANAGING LINK AGGREGATION TRAFFIC IN A VIRTUAL ENVIRONMENT

VMware, Inc., Palo Alto,...

1. A computer-implemented method of transmitting packets between host devices, the method comprising:
determining, by a first host device, that a first packet from a first virtual machine within the first host device is to be
transmitted to a second virtual machine on a second host device;

determining, by the first host device, that the first host device and the second host device each transmit or receive packets
via physical ports within a first link aggregation group (LAG); and

transmitting the first packet from a first physical synchronization port of the first host device to a second physical synchronization
port of the second host device in response to determining that the first host device and the second host device each transmit
or receive packets via physical ports within the first LAG, the first physical synchronization port being excluded from sharing
a common LAG with any physical ports of the second host device and the second physical synchronization port being excluded
from sharing a common LAG with any physical ports of the first host device.

US Pat. No. 9,417,900

METHOD AND SYSTEM FOR AUTOMATIC ASSIGNMENT AND PRESERVATION OF NETWORK CONFIGURATION FOR A VIRTUAL MACHINE

VMware, Inc., Palo Alto,...

1. A computer-implemented method for providing network configuration to a respective network adapter of a number of cloned
virtual machines, comprising:
storing in a data structure one or more network identifiers assignable to a network adapter of a cloned virtual machine in
a pool of virtual machines cloned from a parent virtual machine, wherein a network identifier comprises a portion of an Internet
Protocol (IP) address that identifies a network;

determining availability of a network identifier from the data structure for the network adapter of the cloned virtual machine;
and

assigning the network identifier to the network adapter in response to the network identifier being available, thereby associating
the network adapter with the corresponding network configuration.

US Pat. No. 9,384,033

LARGE RECEIVE OFFLOAD FOR VIRTUAL MACHINES

VMware, Inc., Palo Alto,...

1. A method for operating a host machine in a virtualized network environment, the host machine hosting a plurality of virtual
machines, the method comprising:
specifying a set of rules for determining whether or not to aggregate packets at a plurality of incoming packet buffers, each
rule in the set of rules controlling a packet aggregation operation in a corresponding incoming packet buffer of the plurality
of incoming packet buffers, wherein a first rule specifies not aggregating packets for a first set of packets at a first incoming
packet buffer and a second rule specifies aggregating packets for a second set of packets at a second incoming packet buffer,
wherein packet header contents distinguish the first set of packets from the second set of packets;

forwarding a non-aggregated packet from the first incoming packet buffer to a first virtual machine of the plurality of virtual
machines, wherein the first virtual machine forwards the non-aggregated packet; and

forwarding an aggregated packet from the second incoming packet buffer to a second virtual machine of the plurality of virtual
machines, wherein the second virtual machine terminates the aggregated packet.

US Pat. No. 9,367,414

PERSISTING HIGH AVAILABILITY PROTECTION STATE FOR VIRTUAL MACHINES STORED ON DISTRIBUTED OBJECT-BASED STORAGE

VMware, Inc., Palo Alto,...

1. A method for persisting high availability (HA) protection state for virtual machines (VMs) running on host systems of a
host cluster, wherein the host cluster aggregates locally-attached storage resources of the host systems to provide an object
store, and wherein persistent data for the VMs is stored as per-VM storage objects across the locally-attached storage resources
comprising the object store, the method comprising:
determining, by a first host system in the host cluster executing a first HA module, an identity of a VM that has been powered-on
in the host cluster; and

persisting, by the first host system, HA protection state for the VM in a storage object of the VM, the HA protection state
indicating that the VM should be restarted on an active host system in case of a failure in the host cluster.

US Pat. No. 9,804,880

RESERVATION FOR A MULTI-MACHINE APPLICATION

VMware, Inc., Palo Alto,...

1. A system, comprising:
a number of processors;
memory resources coupled to the processors, the memory resources storing instructions executable by the processors to:
create a mixed reservation of information technology (IT) resources from a cluster of hosts including a virtual machine host
and a plurality of container hosts, wherein the plurality of container hosts each include a respective networking agent;

create a multi-machine blueprint from the mixed reservation including a virtual machine template for a first server type,
a first container image for a second server type, a second container image for a third server type, and a definition of networking
therefor; and

deploy the multi-machine blueprint to provide a multi-machine application; wherein the definition of networking for the plurality
of container hosts is provided via an interface with the respective networking agents, which facilitate creation of a network
according to the definition of networking:

wherein the definition of networking includes;
a first network bridge connected to the first container image;
a second network bridge connected to the second container image;
a virtual extensible local area network tunnel between the first network bridge and the second network bridge via a virtual
switch distributed across the plurality of container hosts; and

the virtual machine template on a different Layer 3 network than the first container image and the second container image,
connected by a router.

US Pat. No. 9,213,556

APPLICATION DIRECTED USER INTERFACE REMOTING USING VIDEO ENCODING TECHNIQUES

VMware, Inc., Palo Alto,...

1. A method in a server computing system for efficiently remoting a user interface on a client device by reusing pixel information,
comprising:
based on a first set of pixel information to be rendered on a display screen associated with the client device, requesting
a second set of pixel information, the second set of pixel information being accessed prior to the second set of pixel information
being requested for display;

receiving an indication from an application that causes the second set of pixel information to be stored in lookahead reference
frames;

determining, from a user interface aspect of the application and prior to updating or rendering the remoted user interface
on the display screen associated with the client device,

whether the second set of pixel information stored in the lookahead reference frames can be reused to accomplish the updating
based at least in part on one or more of the following indications from the application: scrolling, pinch and/or stretching,
three dimensional effects, window movement, and/or window exposure;

when it is determined that the second set of pixel information cannot be reused to accomplish the updating, using a video
encoding protocol to generate and encode a video encoded representation of the updated portion of the user interface using
one or more macroblocks with new pixel information;

when it is determined that at least one portion of the second set of pixel information stored in the lookahead reference frames
can be reused to accomplish the updating,

using a video encoding protocol to generate and encode a video encoded representation that refers to the at least one portion
of the second set of pixel information stored in the lookahead reference frames, instead of sending new pixel data; and

sending the encoded video encoded representation to the client device in a manner that causes a video decoder on the client
device to render the updated portion.

US Pat. No. 9,383,935

SECONDARY CPU MMU INITIALIZATION USING PAGE FAULT EXCEPTION

VMware, Inc., Palo Alto,...

1. A method of initializing a memory management unit (MMU) to perform virtual address to physical address memory mapping for
a secondary central processing unit (CPU) in a multiple CPU system, comprising:
executing an activation instruction to cause the memory management unit to perform address mapping based on page tables;
attempting to fetch an instruction at a first virtual address sequentially following an address of the activation instruction
and triggering an exception because the first virtual address does not have a mapping to a physical address in the page tables;
and

responsive to the exception, fetching an instruction at a second virtual address that has a mapping to a physical address
in the page tables, and executing the instruction at the second virtual address,

wherein the physical address to which the second virtual address is mapped corresponds to a physical address of an instruction
to initialize the secondary CPU.

US Pat. No. 9,055,119

METHOD AND SYSTEM FOR VM-GRANULAR SSD/FLASH CACHE LIVE MIGRATION

VMware, Inc., Palo Alto,...

1. A method for migrating virtual machine (VM)-specific content cached in a first solid state drive (SSD) attached to an original
host, the method comprising:
receiving an event indicating an upcoming migration of a VM to a destination host, wherein the migration includes an indication
the VM will be powered off;

transmitting a set of metadata associated with the first SSD cache to the destination host, wherein the set of metadata indicates
a number of data blocks stored in the first SSD cache, thereby allowing the destination host to pre-fetch data blocks specified
in the set of metadata from a storage shared by the original host and the destination host for storing in a second SSD cache
for the destination host, wherein pre-fetch of the data blocks occurs before the indication the VM will be powered off occurs;

receiving the indication the VM will be powered off; and
transmitting a dirty block list to the destination, wherein:
the dirty block list specifies one or more data blocks that have changed on the first SSD cache since the transmission of
the set of metadata, and

the destination host uses the dirty block list to invalidate one or more pre-fetched blocks in the second SSD cache.

US Pat. No. 9,201,653

BINARY TRANSLATOR WITH PRECISE EXCEPTION SYNCHRONIZATION MECHANISM

VMware, Inc., Palo Alto,...

1. A method comprising:
translating source instruction sequences of a source system into target instruction sequences;
initiating, by a target computing system, execution of the target instructions;
identifying a synchronous exception generated by the execution of the target instructions;
determining whether the synchronous exception is transparent or non-transparent, a transparent exception being an exception
involving processing action within the target computing system, and a non-transparent exception being an exception involving
processing that alters a visible state of the source system; and

if the synchronous exception is transparent, handling the exception externally from the source system, the visible state of
the source system thereby being unaffected by the handling of the synchronous exception; or

if the sensed synchronous exception is non-transparent, forwarding the synchronous exception to the source system for processing.

US Pat. No. 9,111,241

CREATION OF A SOCIAL NETWORK OF MEMBERS OF A VIRTUALIZATION INFRASTRUCTURE

VMware, Inc., Palo Alto,...

19. A computer-implemented method for creating a social network of members of a virtualization infrastructure, the method
comprising:
at a virtualization infrastructure manager, identifying at least a portion of the members of the virtualization infrastructure,
the identifying at least a portion of the members of the virtualization infrastructure comprising:

for a respective member of the virtualization infrastructure, identifying child members of the respective member; and
identifying whether the child members are active participants of the social network or passive participants of the social
network, wherein the active participants are able to generate a message to a shared message stream of the social network;

identifying parent/child relationships of identified members of the virtualization infrastructure;
generating a social network of the identified members of the virtualization infrastructure based on the identified parent/child
relationships; and

establishing affiliation relationships between parent members and child members of the virtualization infrastructure, wherein
the child members can access shared message streams corresponding to the parent members, such that a child member can establish
an association of a message from a shared message stream with an indication that the child member identifies with content
of the message, wherein the affiliation relationships are established between respective parent members and child members
that are able to generate a message to the shared message stream of the social network.

US Pat. No. 9,280,358

CONFIGURING A COMPUTER FOR USING MOBILE DEVICES AS INPUT AND OUTPUT DEVICES

VMware, Inc., Palo Alto,...

1. A method comprising:
receiving a first message indicating a first mobile device in a plurality of mobile devices is requesting to join a user session
as a first type of input/output (I/O) device and receiving a second message indicating a second mobile device in the plurality
of mobile devices is requesting to join the user session as a second type of input/output (I/O) device;

determining a first device driver to enable communication between an operating system and a first type of the first mobile
device as the first type of input/output (I/O) device and determining a second device driver to enable communication between
the operating system and a second type of the second mobile device as the second type of input/output (I/O) device; and

processing a first type of communication between the first mobile device and the operating system via the first device driver
to use the first mobile device as the first type of I/O device and a second type of communication between the second mobile
device and the operating system via the second device driver to use the second mobile device as the second type of I/O device.

US Pat. No. 9,244,717

METHOD AND SYSTEM FOR VISUALIZING LINKED CLONE TREES

VMware, Inc., Palo Alto,...

1. A method of displaying virtual machine disks in a hierarchy, comprising:
scanning a plurality of virtual machines associated with a datastore to generate a virtual machine list, the virtual machines
including first and second virtual machines that share at least one virtual disk;

parsing configuration data for the first virtual machine included in the virtual machine list;
identifying a plurality of virtual disks corresponding to the first virtual machine based on the configuration data for the
first virtual machine;

examining parent/child relationships associated with the plurality of virtual disks corresponding to the first virtual machine
to populate a data structure;

parsing configuration data for the second virtual machine included in the virtual machine list;
identifying a plurality of virtual disks corresponding to the second virtual machine based on the configuration data for the
second virtual machine;

examining parent/child relationships associated with the plurality of virtual disks corresponding to the second virtual machine
to populate the data structure; and

displaying a graphical representation of the virtual disks corresponding to the first and second virtual machines in a hierarchy
using the data structure.

US Pat. No. 9,298,490

MANAGING A DATA STRUCTURE FOR ALLOCATING GRAPHICS PROCESSING UNIT RESOURCES TO VIRTUAL MACHINES

VMware, Inc., Palo Alto,...

1. A computer-implemented method in a server computing system for managing a graphics processing unit (GPU) allocation list
for use in allocation of physical GPU resources, including processing bandwidth, to one or more virtual machines, the list
comprising one or more virtual machine entries each containing a designation of a virtual machine, an indication of a GPU
benefit factor associated with the designated virtual machine, and an indication of processing bandwidth requirements associated
with the designated virtual machine, comprising:
rank ordering the one or more virtual machine entries based at least upon the GPU benefit factor associated with each designated
virtual machine;

determining the processing capacity of one or more physical GPU resources associated with the server computing system;
determining a subset of entries on the GPU allocation list that each include a designated virtual machine to which to allocate
a portion of the processing bandwidth resources of the one or more physical GPU resources, the determining based upon matching,
according to the ranked order of the one or more virtual machine entries, the indicated processing bandwidth requirements
associated with each designated virtual machine to the determined processing capacities of the one or more physical GPU resources
until no more virtual machines can be accommodated;

causing processing bandwidth resources of the one or more physical GPU resources to be allocated to the virtual machines designated
by the determined subset of entries on the GPU allocation list;

identifying one or more candidate virtual machines designated by entries on the GPU allocation list that are candidates for
unseating;

determining one or more contender virtual machines designated by entries on the GPU allocation list having corresponding GPU
benefit factors that exceed the GPU benefit factors of the candidate virtual machines by some threshold; and

de-allocating allocations of processing bandwidth resources from one or more of the candidate virtual machines and allocating
the de-allocated processing bandwidth resources instead to the one or more contender virtual machines.

US Pat. No. 9,166,895

DETECTING PROCESS EXECUTION STATE CHANGE USING MEASUREMENT OF RESOURCE CONSUMPTION

VMware, Inc., Palo Alto,...

1. A method for measuring performance for a plurality of virtual machines being run concurrently, the method comprising:
sampling usage of a computing resource associated with a virtual machine in the plurality of virtual machines, wherein the
virtual machine is using the computing resource when running a test using an application, the test being run by the plurality
of virtual machines, and wherein the sampling is performed by a tool manager running in the virtual machine;

determining, by the tool manager that is running within the virtual machine, that the application running in the virtual machine
started execution of the test based on the detecting a first state change from a first state to a second state of usage of
the computing resources;

sending, by the tool manager, a start command to a performance measurement tool that is configured to measure the performance
of the virtual machine upon receiving the start command;

determining, by the tool manager that is running within the virtual machine, the application ended execution of the test based
on the detecting a second state change from a third state to a fourth state of usage of the computing resources; and

sending, by the tool manager, a stop command to the performance measurement tool upon determining the change from the second
state, wherein the performance measurement tools stops measuring the performance of the virtual machine upon receiving the
stop command.

US Pat. No. 9,323,550

MECHANISM FOR PROVIDING VIRTUAL MACHINES FOR USE BY MULTIPLE USERS

VMware, Inc., Palo Alto,...

1. A method comprising:
generating a state vector representing a total machine state for a virtual machine;
establishing the state vector for the virtual machine as a read-only common computer system image for use by multiple users;
loading the state vector into a plurality of virtual machines; and
enabling processing paths of a first and second virtual machine of the plurality of virtual machines to diverge.

US Pat. No. 9,247,042

CONTROLLING USE OF A BUSINESS ENVIRONMENT ON A MOBILE DEVICE

VMWARE, INC., Palo Alto,...

1. A method of controlling use of a business environment on a mobile device by an enterprise server, the method comprising:
receiving identifying information transmitted from a mobile device, wherein the identifying information identifies a user
of the mobile device to the enterprise server;

transmitting a virtual phone template to the mobile device, wherein the virtual phone template (i) corresponds to the identifying
information, and (ii) is configured to provide the business environment on the mobile device as a virtual machine running
on a hypervisor installed on top of a host operating system of the mobile device;

receiving a periodic transmission from the mobile device to indicate that the mobile device remains in periodic communication
with the enterprise server;

causing, if a first period of time passes without the mobile device successfully communicating with the enterprise server,
an access to the virtual machine to be disabled; and

causing, if a second period of time passes without the mobile device successfully communicating with the enterprise server,
the virtual phone image to be erased from the mobile device, wherein the first period of time is shorter than the second period
of time,

wherein the periodic transmission is transmitted by a management component running on the mobile device, wherein the management
component runs in a privileged mode on the mobile device and cannot be manually terminated by the user, and wherein the method
further comprises transmitting a security policy to the mobile device that specifies the first and second period of time.

US Pat. No. 9,189,758

ADMINISTRATION OF A NETWORK

VMware, Inc., Palo Alto,...

14. A non-transitory computer readable storage medium having computer-readable program code stored thereon for causing a computer
system to perform a method for facilitating management of a virtualization infrastructure, the method comprising:
mapping members of the virtualization infrastructure to a social network arranged in a hierarchy, wherein members of a first
level of the hierarchy are affiliated with members of at least a second level of the hierarchy, wherein the mapping is based
at least in part on respective indications that particular members of the network are following other particular members of
the network, and wherein the members of the network comprise components of the virtualization infrastructure;

providing the members of the virtualization infrastructure with access to shared message streams of the social network such
that the members are able to monitor messages generated by other members of the social network posted to the shared message
streams, wherein at least some of the messages are indicative of operational conditions of particular other members which
generated the messages;

responsive to a first member of the virtualization infrastructure identifying a specific operational condition, monitoring
at least one shared message stream for a message related to the specific operational condition, wherein the message is generated
by another member of a same level of the hierarchy as the first member; and

receiving an update to the at least one shared message stream with an indication that the first member has identified the
specific operational condition.

US Pat. No. 9,467,505

SATURATION DETECTION AND ADMISSION CONTROL FOR STORAGE DEVICES

VMware, Inc., Palo Alto,...

1. A method of estimating throughput of a storage unit, comprising:
monitoring a workload on the storage unit and a latency of the storage unit at multiple points in time over a period of time;
and

determining a maximum throughput of the storage unit based on a linear relationship between the monitored workloads and the
monitored latencies.

US Pat. No. 9,377,963

ONLINE VIRTUAL MACHINE DISK MIGRATION

VMware, Inc., Palo Alto,...

1. A method for migrating a virtual disk from first physical storage to second physical storage while an application execution
environment depending on the virtual disk for execution is maintained in its physical location, the method comprising:
creating a first child virtual disk to which writes are redirected from a first parent virtual disk, the first parent virtual
disk being on the first physical storage, wherein an application execution environment is dependent on the first parent virtual
disk for execution;

copying the first parent virtual disk to the second physical storage as a second parent virtual disk while the application
execution environment is running;

re-parenting the first virtual child disk to the second parent virtual disk; and
consolidating the first child virtual disk and the second parent virtual disk on the second physical storage;
wherein the first parent virtual disk is migrated from the first physical storage to the second physical storage without migrating
the application execution environment.

US Pat. No. 9,264,313

SYSTEM AND METHOD FOR PERFORMING A SERVICE DISCOVERY FOR VIRTUAL NETWORKS

VMware, Inc., Palo Alto,...

1. A method for performing a service discovery for a distributed computer system, the method comprising:
obtaining information of a service that is provided by a host computer in the distributed computer system;
embedding the information into a Link Layer Discovery Protocol (LLDP) data frame to be transmitted from the host computer
to another component of the distributed computer system;

intercepting the LLDP data frame at a network device; and
at the network device, decoding the LLDP data frame and embedding the information into a Border Gateway Protocol (BGP) data
frame.

US Pat. No. 9,170,924

ECOSYSTEM CERTIFICATION OF A PARTNER PRODUCT

VMware, Inc., Palo Alto,...

1. A computer-implemented method comprising:
transmitting, by a certification agent within a partner computing system to a certification server that is external to the
partner computing system, a heartbeat signal including an indication that the certification agent is ready to run a certification
test of a partner product, wherein the certification agent is configured to run the certification test, the certification
agent is communicatively coupled to a testbed operating within the partner computing system and in which the partner product
is to be tested, wherein the certification agent is configured by the certification server in response to input received by
the certification server from the partner computing system, the input characterizing the partner product and an originally
developed product;

receiving, by the certification agent from the external certification server, an instruction to implement at least a portion
of the certification test, wherein the instruction includes a directive to execute the portion of the certification test;

initiating, by the certification agent, the portion of the certification test within the testbed in response to receiving
the instruction;

receiving, by the certification agent from the testbed, certification test results data; and
transmitting, by the certification agent to the certification server, at least a portion of the certification test results
data.

US Pat. No. 9,164,695

PLACING A STORAGE NETWORK DEVICE INTO A MAINTENANCE MODE IN A VIRTUALIZED COMPUTING ENVIRONMENT

VMware, Inc., Palo Alto,...

1. An automated method of placing a first storage network device into a maintenance mode in a virtualized computing environment
in which each data store is connected to at least one host computing system via a storage network device, comprising:
identifying a first data store having an active input/output (I/O) path to a first host computing system via the first storage
network device; and

migrating at least one of virtual machine disks (VMDKs) on the first data store and workloads running on the first host computing
system such that the VMDKs can be accessed by the workloads via any other storage network device.

US Pat. No. 9,465,704

VM AVAILABILITY DURING MANAGEMENT AND VM NETWORK FAILURES IN HOST COMPUTING SYSTEMS

VMware, Inc., Palo Alto,...

1. A method for virtual machine (VM) availability during management network failure in a first host computing system in a
failover cluster in a virtual datacenter, comprising:
identifying management network failure in the first host computing system, wherein the management network being coupled to
virtual management software in a management server and used for management functions; and

initiating migration of VMs running on the first host computing system to at least one other host computing system in the
failover cluster via a migration network by a failover agent associated with the first host computing system upon identifying
the management network failure, wherein the migration network being isolated from the virtual management software and capable
of handling live migrations.

US Pat. No. 9,407,519

VIRTUAL NETWORK FLOW MONITORING

VMware, Inc., Palo Alto,...

1. A system for end-to-end virtual network flow monitoring in a virtual datacenter having a plurality of virtual machines
(VMs), said system comprising:
a memory area associated with the virtual datacenter, said memory area storing a flow pattern including at least a source
address and a destination address, the flow pattern being received from a user in a request to perform virtual network flow
monitoring; and

a processor programmed to:
distribute the flow pattern stored in the memory area to a plurality of applications in the virtual datacenter, each of the
plurality of applications managing a plurality of VMs as part of at least one virtual network;

aggregate, by the virtual datacenter from the plurality of applications, context data for one or more data packets routed
by the plurality of applications and matching the flow pattern;

determine a role associated with the user;
generate, by the virtual datacenter based on the determined role, at least one of a plurality of virtual network monitoring
views using the aggregated context data; and

present the generated at least one of a plurality of virtual network monitoring views to the user.

US Pat. No. 9,355,163

USING A GRAPH DATABASE OF A VIRTUALIZATION INFRASTRUCTURE

VMware, Inc., Palo Alto,...

1. A computer-implemented method for providing management of a virtualization infrastructure, the method comprising:
receiving a query related to the virtualization infrastructure, wherein the virtualization infrastructure is mapped into a
social network comprising human members and non-human members, wherein the human members of the social network comprise users
corresponding to entities of the virtualization infrastructure and groups of users, wherein the non-human members of the social
network comprise components of the virtualization infrastructure, and wherein the components of the virtualization infrastructure
comprise a host computing system and a virtual machine hosted by the host computing system, wherein the query is sent through
the social network of the virtualization infrastructure, wherein the query is received at a user of the social network associated
with a graph database, and wherein the query identifies at least one of: a type of member of the virtualization infrastructure
and a type of relationship of the virtualization infrastructure;

accessing the graph database populated with the members and relationships of the social network of the virtualization infrastructure,
the graph database comprising nodes associated with the members of the virtualization infrastructure and edges associated
with the relationships of the members of the virtualization infrastructure, wherein the graph database is based on the social
network of the virtualization infrastructure, wherein the relationships of the members are in accordance with an inventory
structure of the virtualization infrastructure, and wherein the nodes and the relationships comprise types, wherein the members
of the virtualization infrastructure comprises at least one host computing system, and at least one virtual machine hosted
by the at least one host computing system;

retrieving an answer to the query from the graph database; and
transmitting the answer over the social network from the user of the social network associated with the graph database to
a user of the social network associated with a source of the query.

US Pat. No. 9,330,015

IDENTIFICATION OF LOW-ACTIVITY LARGE MEMORY PAGES

VMware, Inc., Palo Alto,...

1. A method of identifying an activity level for large pages in a computer system having memory that is partitioned and accessed
as small pages and large pages, comprising:
selecting a large page that includes a group of small pages;
updating mappings for the memory so that a mapping to the large page is changed to mappings to the small pages;
tracking accesses to the small pages; and
determining an activity level for the large page based on the accesses to the small pages.

US Pat. No. 9,298,377

TECHNIQUES FOR REDUCING READ I/O LATENCY IN VIRTUAL MACHINES

VMware, Inc., Palo Alto,...

1. A computer-implemented method for reducing the latency of an anticipated read of disk blocks from a swap file in a virtualized
environment, the environment including: a host swap file maintained by a host operating system and a virtual machine (VM)
that includes a guest swap file maintained by a guest operating system, the method comprising:
identifying, in the guest swap file, a sequence of disk blocks that was written by the guest operating system;
detecting, within the sequence of disk blocks, a first reference to a first disk block stored in the host swap file;
detecting, within the sequence of disk blocks, a second reference to a second disk block stored in the host swap file; and
moving the second disk block to a location in the host swap file adjacent to the first disk block.

US Pat. No. 9,285,999

CACHE MIGRATION

VMware, Inc., Palo Alto,...

1. A computer-implemented method, comprising:
determining that a cache is to be migrated from a first storage device to a second storage device, wherein each cache entry
within the cache includes an indicator to indicate whether or not the cache entry has long-term utility;

selecting cache entries from the cache to be migrated to the second storage device, wherein only a portion of all cache entries
are selected to be migrated, the portion is selected from cache entries with the indicator set to indicate long-term utility,
and unselected cache entries are not migrated to the second storage device; and

migrating, from the first storage device to the second storage device, the selected cache entries and metadata for the unselected
cache entries that are not migrated to the second storage device.

US Pat. No. 9,286,102

DESKTOP IMAGE MANAGEMENT FOR HOSTED HYPERVISOR ENVIRONMENTS

VMware, Inc., Palo Alto,...

1. A computing device for managing desktop images in a hosted hypervisor environment, said system comprising:
a host operating system on the computing device;
a hosted hypervisor executing within the host operating system, the hosted hypervisor configured to manage one or more virtual
machines, each virtual machine including a guest operating system, wherein each virtual machine is associated with a virtual
disk;

an image management client executing within the host operating system, the image management client configured to monitor changes
on the computing device and to periodically replicate the changes to a remote server over a network connection;

wherein each guest operating system on each virtual machine includes a driver configured to:
detect a modification of a file in the virtual disk of the virtual machine in which the driver is operating; and
provide file identification information of the file that was modified to the image management client operating within the
host operating system to enable the image management client to replicate the modification of the file to the remote server;

wherein the image management client is configured to:
receive, from the driver, the information identifying the file that was modified in the virtual disk of the virtual machine;
read the file in the virtual disk via a virtual machine communication interface; and
replicate the modification of the file to the remote server;
wherein the image management client is configured to use the driver to capture a volume shadow service (VSS) snapshot of the
virtual disk and scan the VSS snapshot of the virtual disk at a file level to read the file using the information identifying
the file.

US Pat. No. 9,183,016

ADAPTIVE TASK SCHEDULING OF HADOOP IN A VIRTUALIZED ENVIRONMENT

VMware, Inc., Palo Alto,...

1. A method for managing resources for a first application comprising a distributed computing application, the method comprising:
receiving a first performance metric for a host computer having a first plurality of virtual machines (VMs) controlled by
the distributed computing application and a second plurality of VMs controlled by a second application separate from the distributed
computing application;

determining a state of resource contention between the distributed computing application and the second application based
on the first performance metric, wherein it is determined that there is no state of resource contention if VMs controlled
by the distributed computing application are primary contributors to the first performance metric;

modifying an allocation of task slots associated with the host computer based on the first performance metric, wherein each
task slot represents a capability to receive a unit of work for the distributed computing application; and

transmitting the modified allocation of task slots to a scheduler, wherein the scheduler is configured to assign a plurality
of tasks to be executed in the first plurality of VMs controlled by the distributed computing application based on the modified
allocation of task slots.

US Pat. No. 9,122,765

EFFICIENT OVERCOMMITMENT OF MAIN-MEMORY BASED VIRTUAL DATABASE SYSTEM TO DISK

VMware, Inc., Palo Alto,...

1. A method of operating a database management system (DBMS) in a computer system comprising a primary DBMS engine and at
least one clone DBMS engine, wherein a memory space of the primary DBMS engine and a memory space of the clone DBMS engine
are both mapped to a global buffer cache that is stored in a physical memory space of the computer system, the method comprising:
receiving a queued database transaction at the clone DBMS engine for processing while the primary DBMS engine is processing
a current database transaction;

during processing of the queued database transaction by the clone DBMS engine, locating data needed to process the queued
database transaction in a swap space stored on a persistent storage device upon a determination that the data is not currently
available in the memory space of the clone DBMS engine or in the global buffer cache;

reading the data from the persistent storage device into the global buffer cache; and
mapping the data from the global buffer cache into the memory space of the primary DBMS engine during a subsequent processing
of the queued database transaction by the primary DBMS engine, thereby avoiding a need to access to the persistent storage
device in order to obtain the data during processing of the queued database transaction by the primary DBMS engine.

US Pat. No. 9,081,722

SYSTEMS AND METHODS FOR IMPROVING PERFORMANCE OF REMOTE USB STORAGE

VMware, Inc., Palo Alto...

1. A virtual host comprising:
a virtual machine running a guest operating system (OS); and
a virtual universal serial bus (USB) host associated with the virtual machine and configured to:
communicate with a USB storage device that is connected to a remote terminal; and
transmit a data-in request to the USB storage device before the guest OS generates the data-in request.

US Pat. No. 9,454,487

TRANSPARENT HOST-SIDE CACHING OF VIRTUAL DISKS LOCATED ON SHARED STORAGE

VMware, Inc., Palo Alto,...

1. A method for using a host-side cache to accelerate virtual machine (VM) I/O, the method comprising:
intercepting an I/O request from a VM running on the host system, the I/O request being directed to a virtual disk residing
on a shared storage device; and

processing the I/O request by accessing a host-side cache distinct from the shared storage device, wherein a guest operating
system of the VM is unware that the host-side cache is being accessed as part of the processing,

wherein the host-side cache is spread across a plurality of cache devices, and
wherein the plurality of cache devices are pooled into a single logical resource by applying a common file system to the plurality
of cache devices.

US Pat. No. 9,355,081

TRANSFORMING HTML FORMS INTO MOBILE NATIVE FORMS

VMware, Inc., Palo Alto,...

1. A method of providing access to a markup document form, the method comprising:
dividing the markup document form into rows based on row breaks;
determining name fields in the markup document form which specify the names of input fields;
determining the input fields in the markup document form which correspond to the determined name fields;
generating UI metadata that specifies the rows and the name and input fields; and
rendering, at a mobile client device and based on the UI metadata, a form having UI elements native to the mobile client device.

US Pat. No. 9,124,488

METHOD AND APPARATUS FOR VISUALIZING THE HEALTH OF DATACENTER OBJECTS

VMware, Inc., Palo Alto,...

1. A method for visualizing the health of datacenter objects which comprises:
displaying various datacenter objects on a scatterplot of a dashboard, wherein the various datacenter objects are identified
on the scatterplot using characters on the scatterplot, the characters including at least one alphanumeric character;

wherein:
one axis of the scatterplot corresponds to problem severity from a least severe problem to a most severe problem in an increasing
manner and another axis of the scatterplot corresponds to time, the problem severity of at least one datacenter object of
the various datacenter objects being determined by a metric that relates to an amount by with a state of the at least one
datacenter object differs from a reference state of the at least one datacenter object when the at least one datacenter object
is operating in accordance with predetermined parameters, wherein a first datacenter object has a higher problem severity
than a second datacenter object if the first datacenter object have more inoperative components than the second datacenter
object, wherein the first datacenter object is a first virtual machine with insufficient memory and processing power and the
second datacenter object is a second virtual machine with insufficient memory or processing power, and wherein the first virtual
machine has a higher problem severity than the second virtual machine; and

each datacenter objects on the scatterplot represents a single object of a datacenter, and has a particular position along
the one axis and another particular position along the another axis, and

wherein the displaying the datacenter objects on the scatterplot of the dashboard is executed using a computer with a display.

US Pat. No. 9,122,594

DIRECT ACCESS TO A HARDWARE DEVICE FOR VIRTUAL MACHINES OF A VIRTUALIZED COMPUTER SYSTEM

VMware, Inc., Palo Alto,...

1. A method executed in a virtualized computer system in which a guest operating system runs on a virtual machine of a virtualized
computer system that includes a processor, a memory, and a hardware device, the method comprising:
obtaining information corresponding to the hardware device, the hardware device connected to the virtualized computer system
via a communication interface;

creating, within virtualization software, a passthrough device corresponding to the hardware device, the passthrough device
enabling the guest operating system to have access to the hardware device in either a trap mode or a non-trap mode, the passthrough
device having one or more guest physical addresses in a Base Address Register for input/output (I/O) operations to the hardware
device, the hardware device defining a machine address in the memory for the I/O operations;

identifying the guest physical address;
upon determining that the guest physical addresses is contained within the BAR of the passthrough device, mapping the guest
physical address to the machine address, thus allowing the guest operating system to have direct access to the hardware device
using the mapped machine address;

sending, by the guest operation system, an I/O request with the machine address; and
enabling an I/O operation to the hardware to be performed in either trap mode or non-trap mode using the mapped machine address.

US Pat. No. 9,098,318

COMPUTATIONAL ASSET IDENTIFICATION WITHOUT PREDETERMINED IDENTIFIERS

VMware, Inc., Palo Alto,...

1. A system for communicating with a plurality of virtual machines (VMs) in a computing system, the system comprising:
a plurality of host computing devices executing a plurality of VMs; and
a management device coupled in communication with the host computing devices and configured to:
negotiate an expected transaction nonce with a first VM of the plurality of VMs, wherein the first VM is enrolled by the management
device and associated with a first VM authenticator value;

receive a transaction request from a sender VM of the plurality of VMs, wherein the transaction request is associated with
the first VM authenticator value and a transaction nonce, wherein the first VM authenticator value and the transaction nonce
are used to authenticate the sender VM;

upon determining that the transaction nonce associated with the transaction request is equal to the expected transaction nonce,
enroll the sender VM as the first VM;

receive a second transaction request from a second sender VM of the plurality of VMs, wherein the second transaction request
is associated with the first VM authenticator value and a second transaction nonce, wherein the first VM authenticator value
and the second transaction nonce are used to authenticate the second sender VM; and

upon determining that the second transaction nonce associated with the second transaction request is equal to the expected
transaction nonce, enroll the second sender VM as a duplicate of the first VM.

US Pat. No. 9,098,457

VISUALIZING DISASTER RECOVERY PLAN EXECUTION FOR THE CLOUD

VMware, Inc., Palo Alto,...

1. A computing device for monitoring and troubleshooting disaster recovery for a datacenter, said computing device comprising:
a display;
a memory area storing a master recovery plan, the master recovery plan identifying a plurality of business units in the datacenter,
each of the business units executing a plurality of virtual machines (VMs); and

a processor programmed to generate a map user interface (UI) on the display during performance of the master recovery plan
stored in the memory area, the map UI including:

a first region for displaying a first animated progress indicator representing termination of each of the plurality of business
units at a source site, the first region corresponding to a geographic location of the source site in the map UI; and

a second region for displaying, simultaneous to the display of the first animated progress indicator, a second animated progress
indicator representing initiation of each of the plurality of business units at a target site, the second region corresponding
to a geographic location of the target site in the map UI, the second animated progress indicator further representing a reverse
animation of the first animated progress indicator.

US Pat. No. 9,292,376

PROACTIVE RESOURCE RESERVATION FOR PROTECTING VIRTUAL MACHINES

VMware, Inc., Palo Alto,...

1. A system comprising:
a cluster of hosts, the cluster of hosts comprising a master host, a first slave host, and one or more other slave hosts,
wherein the first slave host executes one or more virtual machines thereon; and

wherein the first slave host is configured to:
identify a failure that impacts an ability of the one or more virtual machines to provide service;
calculate a list of impacted virtual machines from the one or more virtual machines executed on the first slave host; and
wherein the master host is configured to:
receive, from the first slave host, a request to reserve resources on another host in the cluster of hosts to enable the impacted
one or more virtual machines executed on the first slave host to failover;

calculate a resource capacity among the cluster of hosts;
determine whether the calculated resource capacity is sufficient to reserve the resources; and
send, to the first slave host, an indication as to whether the resources are reserved for each of the impacted one or more
virtual machines.

US Pat. No. 9,097,528

MANAGING A DATACENTER USING MOBILE DEVICES

VMware, Inc., Palo Alto,...

1. A method for managing a datacenter using a mobile device, which method comprises:
in response to a user request, the mobile device causing an identification prober to obtain information from one or more of
a plurality of identification providers disposed at predetermined locations in the datacenter, and determining a mobile device
location in the datacenter therefrom;

the mobile device requesting a datacenter map from a datacenter management system, displaying at least a portion of the map
on a mobile device display, and displaying the mobile device location on the at least a portion of the map; and

the mobile device obtaining an equipment location of an equipment in the datacenter from the datacenter management system,
displaying directions from the mobile device location to the equipment location, displaying the equipment location on the
at least a portion of the map if it fits in the display, and displaying a photograph of the equipment location and a photograph
of the equipment,

wherein the equipment is a malfunctioning equipment, and wherein the method comprises causing the malfunctioning equipment
to provide some physical manifestation that indicates an identity of the malfunctioning equipment, including causing the malfunctioning
equipment to provide a visual output, which comprises causing the malfunctioning equipment to flash a network interface card.

US Pat. No. 9,459,904

NUMA I/O AWARE NETWORK QUEUE ASSIGNMENTS

VMware, Inc., Palo Alto,...

1. A method of assigning a plurality of virtual machines (VMs) to a set of network queues operating on a host machine, the
method comprising:
identifying a non-uniform memory access (NUMA) node associated with a VM of the plurality of VMs;
for the identified NUMA node, identifying, from the set of network queues, a network queue assigned to the NUMA node associated
with the VM;

upon identifying the network queue assigned to the NUMA node associated with the VM, generating an assignment for the VM to
one of the network queues from the set of network queues, said generating is biased toward assigning the VM to the network
queue assigned to the NUMA node associated with the VM; and

using the generated assignment to assign the VM to the network queue assigned to the NUMA node associated with the VM, wherein
the NUMA node is associated with the VM when the VM is executed by at least one processor of the NUMA node and data from the
VM is stored in the memory of the NUMA node.

US Pat. No. 9,389,900

METHOD AND SYSTEM FOR SUPPORTING A CHANGE IN STATE WITHIN A CLUSTER OF HOST COMPUTERS THAT RUN VIRTUAL MACHINES

VMware, Inc., Palo Alto,...

1. A method for supporting a change in state within a cluster of host computers that run virtual machines, the method comprising:
identifying a change in state within a cluster of host computers that run virtual machines;
determining if predefined criteria for resources to be available to host computers within the cluster of host computers can
be met by resources available in the cluster of host computers after the change in state;

determining if predefined criteria for resources to be available to host computers within the cluster of host computers can
be maintained after at least one different predefined change in state; and

supporting the change in state if it is determined that the predefined criteria can be met and if it is determined that the
predefined criteria can be maintained;

wherein determining if predefined criteria for resources to be available to host computers within the cluster of host computers
can be maintained comprises simulating the cluster of host computers, simulating the failure of a predefined number of host
computers in the simulated cluster, and determining if the predefined criteria can be maintained based on the simulations.

US Pat. No. 9,311,129

METHODS AND SYSTEMS FOR CONVERTING A RELATED GROUP OF PHYSICAL MACHINES TO VIRTUAL MACHINES

VMware, Inc., Palo Alto,...

1. A method comprising:
receiving a request to virtualize a plurality of physical computers into virtual computers;
accessing a script that defines an execution sequence of virtualization operations to be executed in order to virtualize each
of the plurality of physical computers into the virtual computers at a point in time, the sequence of operations being based
on: a) relationship data for the plurality of physical computers, the relationship data identifying parameters that define
communication information needed to communicate between the plurality of physical computers and maintain interrelationships
that existed between the plurality of physical computers when virtualizing the physical computers into the virtual computers,
and b) each hosting machine designated to define the virtual computers for each of the plurality of physical computers; and

virtualizing the plurality of physical computers into the virtual computers at the point in time by executing the execution
sequence of virtualization.

US Pat. No. 9,298,512

CLIENT PLACEMENT IN A COMPUTER NETWORK SYSTEM USING DYNAMIC WEIGHT ASSIGNMENTS ON RESOURCE UTILIZATION METRICS

VMware, Inc., Palo Alto,...

1. A method for placing a client in a computer network system, the method comprising:
collecting a plurality of resource utilization metrics for each candidate device from a group of candidate devices in the
computer network system that can support the client;

assigning continuously variable weights to the resource utilization metrics for each candidate device, wherein each of the
resource utilization metrics is assigned at least one of the continuously variable weights and wherein each of the continuously
variable weights is a function of a corresponding resource utilization metric;

computing a selection score using the resource utilization metrics with the continuously variable weights for each candidate
device, wherein the selection score is computed by multiplying one of the resource utilization metrics with one of the continuously
variable weights assigned to that resource utilization metric; and

selecting a target candidate device from the group of candidate devices for placement of the client based on the selection
score of the target candidate device for resource utilization balancing in the computer network system, wherein the collecting
the resource utilization metrics, the assigning the continuously variable weights, the computing the selection score and the
selecting the target candidate device are performed using one or more processors.

US Pat. No. 9,253,309

METHOD AND SYSTEM FOR VPN ISOLATION USING NETWORK NAMESPACES

VMWARE, INC., Palo Alto,...

1. A computer executable method for providing exclusive access to a virtual private network (VPN) connection to an authorized
application, comprising:
creating a unique network namespace of a host system;
placing a virtual device associated with the VPN connection into the unique network namespace;
placing at least one socket for the authorized application into the unique network namespace; and
precluding all unauthorized applications on the host system from accessing the unique network namespace, thereby facilitating
exclusive access to the VPN connection by the authorized application.

US Pat. No. 9,246,877

PLACING A VIRTUAL EDGE GATEWAY APPLIANCE ON A HOST COMPUTING SYSTEM

VMware, Inc., Palo Alto,...

1. An automated method for recommending placing a virtual edge gateway appliance on at least one host computing system comprising:
identifying a virtual switch assigned to a tenant for creating virtual networks based on future network connectivity requirements
of the tenant;

identifying at least one host computing system having access to the virtual switch; and
recommending placing a virtual edge gateway appliance on the at least one identified host computing system that is having
access to the virtual switch to allow connectivity to networks created using the virtual switch assigned to the tenant.

US Pat. No. 9,189,622

STATIC REDIRECTION FOR OBJECTIVE C

VMware, Inc., Palo Alto,...

1. A method to establish static redirection of a function that is a member of a class to an alternate implementation of the
function, the method comprising using a processor configured to perform operations to:
receive, by a software tool executing on a computer server, an executable file for an application and a first location for
an alternate implementation of the function, the function being written in Objective C;

locate, by the software tool, a structure for the function by traversing serialized metadata in the executable file;
modify, by the software tool, the metadata in the executable file by updating a value of a selector indicating a second location
of a current implementation of the function to indicate the first location of the alternate implementation, the selector being
included in an element of the structure for the function; and

provide, by the software tool, the modified executable file for installation on client devices.

US Pat. No. 9,449,169

BLOCK STORAGE VIRTUALIZATION ON COMMODITY SECURE DIGITAL CARDS

VMware, Inc., Palo Alto,...

1. A computer executable method comprising:
storing, by a first driver implemented in a computer, data in a log-structured format in a first file system, wherein the
first file system comprises a plurality of memory clusters, each memory cluster comprising a plurality of contiguous memory
blocks, and

wherein the storing comprises:
writing sequentially to each of the contiguous memory blocks in a first memory cluster;
determining that the first memory cluster is full; and
responsive to the determining, selecting a second memory cluster and writing sequentially to each of the contiguous memory
blocks in the second memory cluster;

storing in a second file system, by a second driver implemented in the computer, meta-data associated with the data stored
in the first file system, wherein the meta-data comprises a plurality of entries, including a first meta-data entry and a
second meta-data entry, the first meta-data entry corresponding to the first memory cluster containing data stored in the
log-structured format by the first driver and the second meta-data entry corresponding to the second memory cluster containing
data stored in the log-structured format by the first driver; and

checking integrity of the data stored in the first file system using the meta-data in the second file system, wherein the
first and second file systems are different file systems.

US Pat. No. 9,424,065

METHODS AND APPARATUS TO SCALE APPLICATION DEPLOYMENTS IN CLOUD COMPUTING ENVIRONMENTS USING VIRTUAL MACHINE POOLS

VMware, Inc., Palo Alto,...

1. A method to scale an application, the method comprising:
displaying a user-selectable control in a user interface, the user-selectable control to specify whether the application is
to be scaled in accordance with a scaling policy;

based on selection of the user-selectable control, storing, in a blueprint of the application, an indication of whether the
application is to be scaled in accordance with the scaling policy;

based on the indication in the blueprint, preparing, by executing an instruction with at least one processor, a virtual machine
pool in the computing environment, the virtual machine pool including a first virtual machine provisioned for use in a scaling
operation;

in response to a request to scale the application deployed in a deployment environment, determining, by executing an instruction
with the at least one processor, whether configuration information of the virtual machine pool satisfies a scaling requirement
included in the request;

determining, by executing an instruction with the at least one processor, whether the scaling policy permits expanding the
virtual machine pool when the configuration information fails to satisfy the scaling requirement;

instantiating, by executing an instruction with the at least one processor, a second virtual machine in the virtual machine
pool when the scaling policy permits expanding the virtual machine pool;

updating, by executing an instruction with the at least one processor, the configuration information of the virtual machine
pool;

determining, by executing an instruction with the at least one processor, whether the updated configuration information satisfies
the scaling requirement; and

based on the determination of the updated configuration information, performing, by executing an instruction with the at least
one processor, the scaling operation in accordance with the request by transferring the first virtual machine to the deployment
environment.

US Pat. No. 9,392,022

METHODS AND APPARATUS TO MEASURE COMPLIANCE OF A VIRTUAL COMPUTING ENVIRONMENT

VMware, Inc., Palo Alto,...

1. A method to measure compliance of policies to be enforced in a computing environment, the method comprising:
determining, with a processor, a maximum surprisal value of a policy to be enforced on a computing resource in the computing
environment, the policy defining a state associated with a compliance position for the computing resource, the maximum surprisal
value (1) corresponding to a probability of the computing resource being in-compliance with the policy based on conditions
of the policy and (2) determined without testing the computing resource with respect to the policy;

determining, with the processor, a current surprisal value of the computing resource with respect to the policy based on knowledge
of at least one condition of the policy being at least one of satisfied by or inapplicable to the computing resource, the
determining of the current surprisal value based on surprisal analysis techniques;

determining a compliance score of the computing resource with respect to the policy based on the maximum surprisal value of
the policy and the current surprisal value of the computing resource with respect to the policy;

identifying a priority for determining when to perform a repair action to correct a defect associated with the computing resource
based on the compliance score, the priority associated with a repair action to correct the defect; and
performing the repair action at a scheduled time, the scheduled time based on the compliance score.

US Pat. No. 9,292,353

RESOURCE ALLOCATION USING CAPACITY DISTRIBUTION

VMware, Inc., Palo Alto,...

1. A method for allocating a resource among clients running on host computers using capacity distribution, the method comprising:
determining a demand value, a reservation value and a limit value for each of the clients, comprising
determining the demand value for a client based on a measured activity of that client in a measurement interval,
determining the reservation value for the client based on a guaranteed allocation of the resource to be made to that client
and

determining the limit value for the client based on a maximum allocation of the resource that can be made to that client;
setting a lower bound representing a minimum capacity of the resource to be allocated to each of the clients, the lower bound
of each of the clients being determined based on a comparison between the reservation value and the demand value of each respective
client;

setting an upper bound representing a maximum capacity of the resource to be allocated to each of the clients, the upper bound
of each of the clients being determined based on the reservation value, the demand value and the limit value of each respective
client;

allocating a portion of the capacity of the resource to each of the clients based on the lower bound for that client;
computing an excess amount of the capacity of the resource after the capacity of the resource has been allocated to each of
the clients based on the lower bound; and

allocating the excess amount of the capacity to the clients based at least partly on the lower bound and the upper bound of
each of the clients to derive total capacity allocation values for the clients, the total capacity allocation values being
used to allocate the resource to the clients.

US Pat. No. 9,288,259

REMOTE DESKTOP SHARING FOR WIRELESS ENVIRONMENT

VMware, Inc., Palo Alto,...

1. A method for a presenter device to screen share a remote desktop on a remote server with participant devices in a wireless
network including the presenter device and the participant devices, the method comprising:
the presenter device connecting to the wireless network, the presenter device comprising a computer processor that is used
to connect to the wireless network;

the presenter device connecting to the remote desktop on the remote server through the wireless network by using the computer
processor;

the presenter device receiving screen data of the remote desktop through the wireless network by using the computer processor;
the presenter device displaying the screen data on a display screen by using the computer processor;
the presenter device multicasting the screen data to a multicast group through the wireless network by using the computer
processor; and

the presenter device transmitting a multicast address to the participant devices through the wireless network by using the
computer processor, wherein the participant devices use the multicast address to receive the screen data through the wireless
network.

US Pat. No. 9,245,000

METHODS FOR THE CYCLICAL PATTERN DETERMINATION OF TIME-SERIES DATA USING A CLUSTERING APPROACH

VMware, Inc., Palo Alto,...

1. A non-transitory tangible machine readable medium having program instructions stored thereon executable by the machine
to perform the steps comprising:
obtaining a set of time-series data;
clustering the time-series data into at least one cluster of a plurality of clusters based on non-time data values of the
time-series data;

organizing the clustered time-series data into a data structure that, on a per time period basis, comprises discretized cluster
data for each cluster indicating whether or not raw data was present in that cluster for the time period; and

recognizing at least one cycle from the clustered time-series data by:
comparing the discretized cluster data to identify similar time periods;
multiclustering the time periods into groups of similar time periods;
discretizing the multiclusters;
determining from the discretized multiclusters at least one cycle; and
determining sets of similar cycles based on non-matching elements in different cluster sets and at least one neighbor element
of each of the non-matching elements, wherein determining the sets of the similar cycles comprises:

creating a subarray of elements for a first element in a first cluster set, wherein the subarray of elements comprise the
first element and two neighbor elements of the first element;

creating a second subarray of elements for a second element in a second cluster set that is different from the first element,
wherein the second subarray of elements comprise the second element and two neighbor elements of the second element;

calculating a median, mean or average of at least one element of the first subarray;
calculating a median, mean or average of at least one element of the second subarray; and
comparing a function of the median, mean or average of the at least one element of the first subarray and the median, mean
or average of the at least one element of the second subarray with a threshold probability.

US Pat. No. 9,053,064

METHOD FOR SAVING VIRTUAL MACHINE STATE TO A CHECKPOINT FILE

VMware, Inc., Palo Alto,...

22. A system for saving a state of a virtual machine running in a physical machine to a checkpoint file that is maintained
in persistent storage, the system comprising:
a processing unit executing a hypervisor that includes a checkpoint module configured to:
compress a block of memory pages;
copy compressed contents of the block of memory pages into a buffer; and
save the compressed contents of the block of memory pages in the buffer and metadata information associated with the compressed
contents that indicate size of the compressed contents and a unique identifier for the block of memory pages, in a storage
block of the checkpoint file.

US Pat. No. 9,459,652

VIRTUAL REFERENCE CLOCK FOR VIRTUAL MACHINES

VMware, Inc., Palo Alto,...

1. In a host computer having virtual machines with guest operating systems instantiated therein, a method of supplying reference
time to the guest operating systems, comprising:
receiving at a virtual reference clock a reference time request from a first guest operating system; and
in response to the reference time request from said first guest operating system:
sending, by the virtual reference clock, a request to a virtual clock switch to generate a first reference time, the virtual
reference clock saving a time at which the request to the virtual clock switch is sent;

receiving at the virtual reference clock a first reference time, the first reference time being generated by the virtual clock
switch from multiple reference times received from different timing sources, the virtual reference clock saving a time at
which the first reference time is received from the virtual clock switch;

computing at the virtual reference clock a first latency value based on the times that the virtual reference clock requests
and receives the first reference time;

transforming at the virtual reference clock the first reference time from a format that is incompatible with a clock driver
of the first guest operating system into a format that is compatible with said clock driver of the first guest operating system;
and

supplying, by the virtual reference clock, the transformed first reference time and the first latency value to the first guest
operating system.

US Pat. No. 9,448,728

CONSISTENT UNMAPPING OF APPLICATION DATA IN PRESENCE OF CONCURRENT, UNQUIESCED WRITERS AND READERS

VMware, Inc., Palo Alto,...

1. A method of releasing free blocks of a logical block device back to an underlying disk-based storage system supporting
the logical block device, comprising:
identifying a set of the free blocks of the logical block device that are candidates to be released;
updating the set of free blocks to remove those free blocks that have already been released from the logical block device;
allocating the free blocks in the updated set to a file stored on the disk-based storage system; and
issuing a command to the logical block device to release the free blocks allocated to the file from the logical block device.

US Pat. No. 9,391,801

VIRTUAL PRIVATE NETWORKS DISTRIBUTED ACROSS MULTIPLE CLOUD-COMPUTING FACILITIES

VMware, Inc., Palo Alto,...

1. A cloud-connector subsystem that provides a virtual private cloud operation for creating virtual private clouds distributed
across a first and a second cloud-computing facility, the cloud- connector subsystem comprising:
cloud-connector nodes associated with each of the first and second cloud-computing facilities; and
a cloud-connector server that includes one or more processors, one or more memories, one or more data-storage devices, and
computer instructions that, when executed on the one or more processors, control the cloud-connector server to provide, in
cooperation with the cloud- connector nodes, a virtual-private-cloud-creation operation that

securely interconnects a first organization edge appliance associated with a first virtual organization network within the
first cloud-computing facility to a second organization edge appliance associated with a second virtual organization network
within the second cloud-computing facility using an Internet-protocol-secure tunnel or a secure-socket-layer secure tunnel
between the first and second organization edge appliances, each of the first and second organization edge appliances perform
the steps of:

receiving virtual-private-network IP addresses and virtual-private-network configuration information, rules, and policies
from the cloud-connector server;

internally storing the received virtual-private-network IP addresses in routing tables;
distributing a portion of the virtual-private-network IP addresses and virtual-private-network configuration information,
rules, and policies received from the cloud-connector server to additional edge appliances connected to the virtual organization
network with which the organization edge appliance is associated; and

providing a firewall that isolates a sub-network within each respective cloud-computing facility from a network external to
each respective cloud-computing facility;

distributes internal IP virtual-private-network addresses to the first and second cloud-computing facilities for use by two
or more virtual-private-cloud members that execute within the first and second cloud-computing facilities to communicate over
the virtual private network; and

configures organization-edge appliances and edge appliances associated with virtual appliances within the first and second
cloud-computing facilities to route packets transmitted by the two or more virtual-private-cloud members through the virtual
private network.

US Pat. No. 9,374,365

PUSHING A VIRTUAL DESKTOP SESSION FROM AN AUTHENTICATED DEVICE USING IMAGE SCANNING

VMware, Inc., Palo Alto,...

1. A system for accessing a virtual desktop using image scanning, the system comprising:
an unauthenticated computing device configured to display an image on a display screen, the image encoded with information
identifying the unauthenticated computing device and information identifying a connection broker; and

an authenticated mobile device having a virtual desktop session established thereon for accessing a virtual desktop, the authenticated
mobile device including a camera used to capture the image, the authenticated mobile device configured to:

scan the image;
decode the information identifying the unauthenticated computing device and the information identifying the connection broker
from the image; and

verify that the connection broker identified by the information encoded in the image corresponds to the same connection broker
that was used to establish the virtual desktop session on the authenticated mobile device;

transmit the information identifying the unauthenticated computing device and a session identifier of the virtual desktop
session to the connection broker; and

the connection broker configured to:
receive the information identifying the unauthenticated computing device from the authenticated mobile device;
authenticate the unauthenticated computing device based on the information identifying the unauthenticated computing device;
and

migrate the virtual desktop session from the authenticated mobile device to the authenticated computing device by using the
session identifier.

US Pat. No. 9,292,416

SOFTWARE DEVELOPMENT KIT TESTING

VMware, Inc., Palo Alto,...

1. A non-transitory computer readable storage medium comprising instructions stored thereon which, when executed, cause a
computing system to perform a method of software development kit (SDK) testing, said method comprising:
presenting a graphical user interface for initializing a test of an SDK;
creating an application to run against said SDK;
verifying an output of said SDK;
testing callbacks from said SDK back to entry points in said application; and
testing a set of callbacks from said SDK to said application without regard to a sequence.

US Pat. No. 9,262,189

CONFIGURING VM AND IO STORAGE ADAPTER VF FOR VIRTUAL TARGET ADDRESSING DURING DIRECT DATA ACCESS

VMware, Inc., Palo Alto,...

1. A method for providing an emulated hybrid storage adapter (HSA) in a system that includes a host computing machine configured
to implement a virtualization intermediary and that includes a physical storage adapter, a virtual machine (VM), and a virtual
function (VF) of the physical storage adapter, the method comprising:
providing, for the HSA, a first HSA memory space that provides access from the VM directly to the VF of the physical storage
adapter and a second HSA memory space that provides access from the VM to physical storage with virtualization intermediary
intervention;

sending, by the HSA, a request to the virtualization intermediary to forward mapping information to the VF, the mapping information
including a first mapping between virtual disks and physical regions of the physical storage and a second mapping between
virtual disks and virtual disk addresses;

receiving a first JO operation from a VF driver of the VM directed to the first HSA memory space for direct access to the
physical storage through the VF;

forwarding the first JO operation to the VF directly without virtual intermediary intervention, wherein the VF uses the mapping
information to provide access to the physical storage;

receiving a second JO operation from the VF driver of the VM directed to the second HSA memory space for emulated access to
the physical storage; and

forwarding the second JO operation to the virtual intermediary, wherein the virtual intermediary uses the mapping information
to provide access to the physical storage.

US Pat. No. 9,195,393

CUSTOMIZABLE VIRTUAL DISK ALLOCATION FOR BIG DATA WORKLOAD

VMware, Inc., Palo Alto,...

1. A system configured to allocate a virtual disk for a virtual machine (VM), the system comprising a processor, a storage
system, and a memory coupled with the processor, wherein the memory is configured to provide the processor with instructions
for:
allocating a plurality of virtual machine disk file (VMDK) candidates in a virtual machine file system (VMFS) volume, wherein
the VMFS volume is supported by one or more physical hard disks in the storage system;

selecting a subset of VMDK candidates from the plurality of VMDK candidates for having performance scores indicative of higher
I/O throughputs associated with the one or more physical hard disks than rest of the plurality of VMDK candidates; and

configuring the virtual disk based on the subset of the VMDK candidates.

US Pat. No. 9,189,609

SECURING VIRTUAL MACHINES WITH VIRTUAL VOLUMES

VMware, Inc., Palo Alto,...

1. A system for securing a virtual machine with a virtual volume, said system comprising:
a memory area associated with a host computing device, said memory area storing a location of a virtual volume, security software,
configuration information, and a plurality of virtual machines (VMs), the virtual volume storing security information associated
with one of the plurality of VMs, the configuration information defining access by the one of the plurality of VMs to the
virtual volume; and

a processor programmed to:
assign the virtual volume to the host computing device and to the one of the plurality of VMs;
attach, based on the configuration information stored in the memory area, the assigned virtual volume to the one of the plurality
of VMs for use as secure storage;

execute the security software on the one of the plurality of VMs, the security software accessing the security information
from the attached virtual volume; and

detach, based on the configuration information, the attached virtual volume from the one of the plurality of VMs.

US Pat. No. 9,189,419

DETECTING AND SUPPRESSING REDUNDANT INPUT-OUTPUT OPERATIONS

VMware, Inc., Palo Alto,...

1. A method of detecting and suppressing redundant input/output operations (IOs) to persistent storage, comprising:
maintaining a map of physical memory pages to blocks of persistent storage;
for a write IO to write contents of a physical memory page into a target block in persistent storage, examining if the map
contains an entry for the physical memory page and an indication that the entry is valid;

if the map contains the valid entry, wherein the valid entry associates the physical memory page with a mapped block in the
persistent storage and indicates that both the physical memory page and the mapped block in persistent storage have the same
contents, preventing the write IO from being issued and updating a data structure to redirect subsequent IOs to the target
block to the mapped block; and

if the map does not contain the valid entry, issuing the write IO.

US Pat. No. 9,088,591

COMPUTER FILE SYSTEM WITH PATH LOOKUP TABLES

VMware, Inc., Palo Alto,...

1. A method for obtaining access to an attributes record for a file stored in a file system, wherein the attributes record
is stored in one of a plurality of data storage units that store data for the file system and comprises a plurality of references
to data blocks of the data storage units that include data for the file, said method comprising:
maintaining, in each of the data storage units, a lookup table that is persistently stored in the data storage unit, wherein
each entry in the lookup table comprises a reference to an attributes record stored in the data storage unit and a pathname
in the file system related to a file or directory corresponding to the attributes record;

receiving a request to access a first file in the file system, wherein the request comprises a first pathname corresponding
to the first file, the first pathname includes a first directory name and a second directory name that follows the first directory
name, and the first pathname ends with a filename;

determining that a data storage unit that stores a first attributes record corresponding to the first directory name is unavailable;
responsive to the determining, performing a table look-up on one of the lookup tables using a sub-pathname of the pathname
that includes the first and second directory names;

locating a reference to a second attributes record corresponding to the sub-pathname, wherein the second attributes record
is stored in the data storage unit that the lookup table from which the reference to the second attributes record is located
is maintained in,

wherein the plurality of data storage units includes a first storage unit configured in a first physical storage device that
is accessible over a network and a second storage unit configured in a second physical storage device that is accessible over
the network and is distinct from the first physical storage device.

US Pat. No. 9,052,949

SCHEDULING A PROCESSOR TO SUPPORT EFFICIENT MIGRATION OF A VIRTUAL MACHINE

VMware, Inc., Palo Alto,...

1. A method of migrating a virtual machine (VM) running in a source host to a destination host, the source host having at
least one processing unit for executing instructions of the VM, said method comprising:
transmitting contents of a plurality of pages of guest physical memory of the VM from the source host to the destination host
over a network;

determining a modification rate of the pages at the source host while the contents are being transmitted over the network;
scheduling the processing unit so as to slow down a rate at which the processing unit is executing instructions of the VM
based on the modification rate and a transmission rate of the contents over the network; and

transmitting contents of the pages that have been modified from the source host to the destination host over the network;
wherein the scheduling of the processing unit comprises inserting a pause into the instructions of the VM; and
wherein the pause is inserted into the instructions of the VM if a ratio of the transmission rate to the modification rate
is lower than a threshold value.

US Pat. No. 9,436,471

EFFICIENT RECORDING AND REPLAYING OF NON-DETERMINISTIC INSTRUCTIONS IN A VIRTUAL MACHINE AND CPU THEREFOR

VMware, Inc., Palo Alto,...

1. A CPU having operational modes comprising at least a normal mode, a record mode, and a replay mode, wherein:
the CPU is configured such that when the CPU is in the record mode, each time an instruction included in a predefined subset
of an instruction set of the CPU is executed in a virtual computing instance, a result of execution of the instruction is
stored in a buffer without a context switch to a virtualization software hosting the virtual computing instance, the CPU triggering
a fault or exception to perform the context switch and move contents of the buffer into a log file that is accessible by the
virtualization software when the buffer is full; and

the CPU is further configured such that when the CPU is in the replay mode, each time the instruction included in the predefined
subset is executed, a next non-deterministic value is read from the buffer without a context switch to the virtualization
software and supplied in place of a result of the execution of the instruction, the CPU triggering a fault or exception to
perform the context switch to the virtualization software and move contents of the log file into the buffer, when the buffer
does not contain the next non-deterministic value;

wherein the predefined subset comprises instructions that generate non-deterministic values.

US Pat. No. 9,390,286

ENFORCING RESTRICTIONS RELATED TO A VIRTUALIZED COMPUTER ENVIRONMENT

VMware, Inc., Palo Alto,...

1. A method for enforcing restrictions on a virtual machine (VM), said method comprising:
executing the VM on a physical computer, the VM configured to give a user access to guest software on the VM, the VM being
executed using virtualization software and a virtual disk for storing data accessible to the guest software;

determining when an action violates one or more restrictions, the action relating to operation of the VM, the one or more
restrictions being defined by contents of a policy file;

enforcing the one or more restrictions using enforcer software that is executing on the physical computer on which the VM
runs, but is not executing within any VM on the physical computer, by intercepting the action relating to operation of the
VM that violates the one or more restrictions and restricting the action relating to the operation of the VM that violates
the one or more restrictions.

US Pat. No. 9,389,924

SYSTEM AND METHOD FOR PERFORMING RESOURCE ALLOCATION FOR A HOST COMPUTER CLUSTER

VMware, Inc., Palo Alto,...

1. A method for performing resource allocation for a host computer cluster, the method comprising:
obtaining a copy of a cluster resource allocation hierarchy of the host computer cluster; and
generating a host resource allocation hierarchy of a host computer in the host computer cluster based on the copy of the cluster
resource allocation hierarchy, the host resource allocation hierarchy including a hierarchical relationship of resource nodes
associated with the host computer and resource allocation settings of the resource nodes,

wherein at least one of obtaining the copy of the cluster resource allocation hierarchy of the host computer cluster and generating
the host resource allocation hierarchy of the host computer in the host computer cluster based on the copy of the cluster
resource allocation hierarchy is performed by a processor.

US Pat. No. 9,355,116

CROSS-FILE DIFFERENTIAL CONTENT SYNCHRONIZATION USING CACHED PATCHES

VMware, Inc., Palo Alto,...

1. A computer-implemented method in a server computing system for synchronizing content of a file, comprising:
receiving a patch from a client computing system that is separate and distinct from the server computing system, the patch
comprising a plurality of segments, each segment corresponding to one portion out of a plurality of portions of the file to
be synchronized, the file being divided into the plurality of portions based on a chunking algorithm, each segment containing
data content or a reference to data content;

processing each segment of the received patch to create a new file, until the end of the received patch is detected, wherein,
when the segment contains data content, appending the data content to the new file;
wherein, when the segment contents a reference to data content, attempting to locate the referred to data content and, when
the referred to data content is located, appending the located data content to the new file; and

otherwise when the referred to data content is not located, requesting a copy of a reference file from the client computing
system that contains the referred to data content, and when the reference file is received, locating the referred to data
content in the reference file and appending the data content located in the reference file to the new file.

US Pat. No. 9,304,803

COOPERATIVE APPLICATION WORKLOAD SCHEDULING FOR A CONSOLIDATED VIRTUAL ENVIRONMENT

VMware, Inc., Palo Alto,...

1. A method for managing a cluster for a distributed computing application, the method comprising:
receiving, from a user, an indication specifying a workload priority of an application workload for executing a distributed
computing application relative to other workloads, wherein the other workloads are not for executing the distributed computing
application in a virtualized computing system, wherein the distributed computing application includes a workload scheduler
configured to distribute execution of the application workload to a plurality of virtual machines (VMs) allocated from a resource
pool within the virtualized computing system;

modifying a resource control for the resource pool based on the workload priority;
responsive to determining that the workload priority indicates a higher priority for executing the distributed computing application
relative to the other workloads, determining an amount of available computing resources comprised of resources not reserved
by other workloads within the virtualized computing system;

responsive to determining that the workload priority does not indicate a higher priority for executing the distributed computing
application relative to the other workloads, determining the amount of available computing resources comprised of inactive
resources held by the other workloads within the virtualized computing system; and

modifying a first VM of the plurality of VMs to increase an amount of computing resources seen by the workload scheduler to
be available for execution of the application workload based on the determined amount of available computing resources.

US Pat. No. 9,292,281

IDENTIFYING CODE THAT EXHIBITS IDEAL LOGGING BEHAVIOR

VMware, Inc., Palo Alto,...

1. A method for identifying methods which exhibit ideal logging behavior in source code, said method comprising:
under control of one or more computer systems configured with executable instructions,
processing the source code of a computer program to identify a plurality of methods that contain one or more log printing
statements;

processing a commit history of the source code to identify a frequency of modifications performed on the one or more log printing
statements for each of the plurality of methods;

storing each of the plurality of methods into a static call graph in memory of the one or more computing systems, wherein
each node of the static call graph represents a method and each edge between nodes in the static call graph represents a function
call;

assigning, to each node of the static call graph a numerical weight to indicate a log rank of the method resented by the node,
the numerical weight computed based at least in part on the frequency of modifications performed on the one or more log printing
statements; and

ranking the nodes of the static call graph according to the numerical weight indicating the log rank; and
displaying the method represented by the node having the highest numerical weight on a display device, wherein processing
the commit history further comprises restricting the frequency of modifications used to compute the numerical weight to only
changes that include verbosity level changes, and addition and deletion of log printing statements.

US Pat. No. 9,235,577

FILE TRANSFER USING STANDARD BLOCKS AND STANDARD-BLOCK IDENTIFIERS

VMware, Inc., Palo Alto,...

1. A computer-implemented method comprising:
converting by a processor of a source system an original file into original blocks;
generating hashes from said original blocks;
transmitting some of said hashes over a network to a server system and, in response thereto, receiving, from the server system,
identifiers of standard blocks having hashes that match one of the hashes transmitted over the network;

generating a recipe file including the received identifiers; and
transferring over said network said recipe file to a target system.

US Pat. No. 9,519,581

STORAGE INTEGRATION FOR HOST-BASED WRITE-BACK CACHING

VMware, Inc., Palo Alto,...

1. A method for enabling integration between a storage system and a host system that performs write-back caching, the method
comprising:
transmitting, by the host system to the storage system, a first command indicating that the host system intends to cache,
in a write-back cache local to the host system, writes directed to a range of logical block addresses (LBAs) of a storage
object stored on the storage system, wherein the writes originate from one or more storage clients resident on the host system;

receiving, by the host system from the storage system, a response indicating that the first command is accepted;
based on the response, initiating, by the host system, caching of the writes in the write-back cache;
receiving, by the host system from the storage system, a first message indicating that the entirety of the write-back cache
should be flushed once;

in response to the first message:
flushing, by the host system, the entirety of the write-back cache;
transmitting, by the host system to the storage system, a second command indicating that the flushing is complete; and
continuing the caching;
receiving, by the host system from the storage system, a second message indicating that the entirety of the write-back cache
should be flushed permanently, such that the caching of writes to the write-back cache is terminated on the host system; and

in response to the second message:
flushing, by the host system, the entirety of the write-back cache;
transmitting, by the host system to the storage system, a third command indicating that the flushing is complete and no further
write-back caching will be performed; and

terminating, by the host system, the caching of writes to the write-back cache.

US Pat. No. 9,454,368

DATA MOVER PERMITTING DATA TRANSFER WITHOUT TRANSFERRING DATA BETWEEN APPLICATION AND OPERATING SYSTEM

VMware, Inc., Palo Alto,...

1. In a computer system including a host computer connected to a storage system having storage devices, a method of carrying
out data movement operations, the method comprising:
receiving a data movement instruction, from an application program executing on the host computer, specifying a source data
location in the storage devices and a destination data location in the storage devices; and

transferring source data from the source data location to the destination data location at an operating system level of the
host computer without transferring the source data between an address space of the application program and an operating system
address space,

wherein the transferring includes translating the source data location, as specified in the data movement instruction, into
file segments of a file, translating the file segments of the file into logical extents, and then translating the logical
extents to a blocklist representing the file and comprising source blocks which are non-contiguous to each other and which
do not all have a fixed separation between each other, each source block identifying a contiguous region of storage locations
in a single logical storage unit, the logical storage unit being provisioned as a logical storage device from the storage
devices.

US Pat. No. 9,411,623

STORAGE PERFORMANCE BY HEURISTICALLY COALESCING IO REQUESTS

VMware, Inc., Palo Alto,...

1. A method for coalescing IO requests issued from a virtual machine to an IO stack of a hypervisor, the method comprising:
maintaining a queue in a layer of the IO stack of the hypervisor, wherein (i) the queue holds IO requests received from an
upper layer of the IO stack without forwarding the IO requests down the IO stack until at least one condition is satisfied,
and (ii) the layer of the IO stack resides above a file system layer of the IO stack that manages storage of a virtual disk
file corresponding to the virtual machine;

receiving, at the layer, either an a first IO request from the upper layer of the IO stack, the first IO request being issued
by an application running on the virtual machine or a notification of a completion of certain IO requests previously transmitted
by the layer down the IO stack;

determining, upon the receiving of the first IO request, whether the queue is full;
in response to determining that the queue is not full, holding the first IO request in the queue;
in response to determining that the queue is full of additional IO requests, determining, upon the receiving, whether any
combining two or more of the first and additional IO requests currently held in the queue should be transmitted down the IO
stack into one or more coalesced IO requests according to one or more coalescing conditions based upon at least one condition;
and

transmitting the one or more coalesced IO requests combining any IO requests in the queue into at least one combined IO request
to transmit down the IO stack if the at least one condition is satisfied.

US Pat. No. 9,389,901

LOAD BALANCING OF CLONED VIRTUAL MACHINES

VMware, Inc., Palo Alto,...

1. A method for managing the placement of a set of virtual machines in a virtual machine network, the method comprising:
determining, by a processor, if instantiated virtual machines in a set of virtual machines supporting a process and running
on a first host computer can be supported by the first host computer; and

if at least one instantiated virtual machine cannot be supported by the first host computer, selecting at least one of the
virtual machines from the set of virtual machines that has copied a number of pages to dedicated memory in excess of a pre-defined
threshold; and

separating the at least one virtual machine from the other virtual machines in the set of virtual machines.

US Pat. No. 9,354,913

KEY INPUT PROCESSING IN VIRTUALIZED COMPUTING ENVIRONMENT

VMware, Inc., Palo Alto,...

1. A method to process an input in a virtualized computing environment including a physical machine that runs a host operating
system and a virtualization software with a virtual machine, the method comprising:
detecting activation of at least one key input that causes a first message to be generated, the first message associated with
the key input;

comparing the first message with a set of stored messages, wherein any of the set of stored messages can be properly executed
by targets in both the host operating system and the virtual machine but with different responses; and

determining, based on the comparing, whether the first message is intended for a target in the host operating system or in
the virtual machine.

US Pat. No. 9,335,985

DESKTOP IMAGE MANAGEMENT FOR VIRTUAL DESKTOPS

VMware, Inc., Palo Alto,...

1. A method for efficient management of virtual desktop images, said method comprising:
receiving, on a central server, a request to distribute an update to a plurality of virtual desktops residing on virtual machines
being executed by a host computing device, the host computing device including a hypervisor having a virtual disk layer configured
to manage access to a physical storage associated with the host computing device by the virtual machines;

transmitting a single copy of content of the update from the central server to the host computing device without transmitting
individual copies of the content for each of the plurality virtual desktops;

receiving the content of a file to be updated from the central server;
storing the content of the file to be updated in a single instance store on the physical storage;
in response to receiving the content of the file to be updated, applying the update by an agent operating on each virtual
machine to be updated, the agent creating a corresponding stub file on each virtual machine to be updated, the stub file being
empty of the content, such that at the end of completion of the update for the virtual machine, the stub file of the virtual
machine does not contain the content of the file that has been updated;

marking the stub file to indicate that the stub file is mapped to the single instance store;
receiving, by the virtual disk layer, a request to access the content of the file from a guest operating system executed on
a virtual machine;

fetching the content of the file from the single instance store by the virtual disk layer.

US Pat. No. 9,306,910

PRIVATE ALLOCATED NETWORKS OVER SHARED COMMUNICATIONS INFRASTRUCTURE

VMWARE, INC., Palo Alto,...

1. For a controller, a method for managing a virtualized infrastructure, the method comprising:
assigning a set of virtual machines on a particular private allocated network (PAN) to a set of host machines in a network
of host machines, wherein a plurality of PANs are implemented within the network;

generating, for each host machine of the set of host machines, a different addressing mode table that specifies, for a virtual
switch on the host machine, rules for forwarding packets between virtual machines within the particular PAN, wherein the addressing
mode table for a first host machine in the set specifies different rules for forwarding packets to a particular virtual machine
in the PAN than the rules for forwarding packets to the particular virtual machine specified by the addressing mode table
for a second host machine in the set; and

distributing the generated addressing mode tables to the set of host machines in order for the host machines to forward packets
between the virtual machines assigned to the particular PAN.

US Pat. No. 9,257,092

METHOD AND SYSTEM FOR ENHANCING USER EXPERIENCE FOR REMOTING TECHNOLOGIES

VMware, Inc., Palo Alto,...

1. A computer-implemented method, comprising:
receiving, by a client device, from a remoting server, a sequence of frame updates for a display screen;
determining, at the client device, a sequence of frames corresponding to the received frame updates;
monitoring, at the client device, the received sequence of frame updates to observe the available network bandwidth, frame
refresh rate, and image quality corresponding to the received sequence of frame updates; and

executing an enhancement application on the client device, the enhancement application adaptively applying, at the client
device, one or more image enhancing techniques to the sequence of frames based on at least one of:

the observed available network bandwidth;
the observed frame refresh rate; and
the observed image quality;
wherein applying the one or more image enhancement techniques comprises:
detecting a user interaction with a user-interface object;
generating a predicted frame based on the user interaction; and
appending the predicted frame to the received sequence of frame updates;
wherein generating the predicted frame based on the user interaction with the user-interface object comprises:
generating a predicted motion vector corresponding to the user interaction with the user-interface object;
generating the predicted frame based on the predicted motion vector; and
wherein the user interaction with the user-interface object comprises at least one of:
a window-scrolling operation;
a window-resizing operation;
a text entry into a text field;
a mouse-pointer movement;
an button click; and
a drag operation that moves the object to a new screen position.

US Pat. No. 9,223,608

SYSTEMS AND METHODS FOR FINDING SOLUTIONS IN DISTRIBUTED LOAD BALANCING

VMware, Inc., Palo Alto,...

1. A virtual infrastructure comprising:
a plurality of hosts;
a plurality of virtual machines (VMs); and
a virtual machine management server (VMMS) in communication with said plurality of VMs, said VMMS running on a computer, wherein
said VMMS is configured to:

generate a matrix that represents a mapping of said plurality of VMs to said a plurality of hosts;
calculate a first imbalance metric of the matrix;
identify a plurality of candidate migrations of said plurality of VMs;
for each candidate migration, alter the matrix to represent the candidate migration and calculate a candidate imbalance metric
based on a standard deviation of the altered matrix;

determine a cost and a benefit for each candidate migration; and
determine which candidate migration to perform based at least in part on the following: the candidate imbalance metric for
each candidate migration and the first imbalance metric, and whether the determined benefit is greater than the determined
cost.

US Pat. No. 9,195,487

INTERPOSITION METHOD SUITABLE FOR HARDWARE-ASSISTED VIRTUAL MACHINE

VMware, Inc., Palo Alto,...

1. A method of interposing operations in a computational system that includes a virtualization system executable on an underlying
hardware processor that natively supports one or more instructions that transition between host and guest execution modes,
the method comprising:
introducing a hooked vector into a supervisor register block of the hardware processor, wherein the hooked vector displaces
a system call handler vector otherwise set by a guest computation to activate a system call handler;

read and write protecting at least the hooked vector containing portion of the supervisor register block by executing a protection
mechanism that covers a system call vector containing portion of the supervisor register block, the protection mechanism hiding
the hooked vector from the guest computation;

initiating execution of a code sequence of the guest computation on the hardware processor using one of the instructions that
transition between the host and guest execution modes thereof, wherein the code sequence includes a system call and wherein
upon initiation of the system call, the hardware processor transfers execution to a substitute handler in accordance with
the hooked vector, the substitute handler being introduced into the guest computation as a loadable kernel module; and

responsive to execution of the substitute handler, initiating a hooked operation and transferring control to the system call
handler.

US Pat. No. 9,087,191

METHOD AND SYSTEM FOR FACILITATING ISOLATED WORKSPACE FOR APPLICATIONS

VMware, Inc., Palo Alto,...

1. A method for maintaining an isolated workspace environment of enterprise applications on a mobile device, the method comprising:
receiving enterprise applications for installation on the mobile device, wherein functionality has been inserted into binary
executables of the enterprise applications to force the enterprise applications to communicate with an application management
agent installed on the mobile device in order to obtain a security policy governing a user's ability to access the enterprise
applications, the security policy including a validity time period value related to keeping the isolated workspace valid;

providing by the application management agent, cryptographic keys to the enterprise applications to share encrypted messages
relating to the isolated workspace that are stored on the mobile device;

upon launch of one of the enterprise applications, encrypting, by the launched enterprise application, a workspace expiration
time value using one of the cryptographic keys provided by the application management agent and storing, by the launched enterprise
application, the encrypted workspace expiration time value as an encrypted message on the mobile device, wherein the workspace
expiration time value is a function of the validity time period value and reflects a period of time in which the isolated
workspace remains valid;

extending the workspace expiration time value by the launched enterprise application if the user continues to use the launched
enterprise application or, by at least one other enterprise application, if the other enterprise application is launched by
the user before an expiration of the expiration time value; and

requesting, by the application management agent, authentication credentials from the user to continue using enterprise applications
in the isolated workspace if the workspace expiration time value expires due to a lack of activity by the user of any of the
enterprise applications.

US Pat. No. 9,064,447

METHODS AND DEVICES FOR FILTERING AND DISPLAYING DATA

VMware, Inc., Palo Alto,...

1. A computing device comprising:
a presentation device comprising a display area for displaying data;
a network communication interface configured to receive a plurality of display sections, wherein each display section of the
plurality of display sections includes data to be displayed in a portion of the display area;

a processor coupled to the presentation device and to the network communication interface; and
at least one memory coupled to the processor, the memory comprising:
a display cache configured to store the plurality of display sections;
a filter module executable by the processor and configured to filter at least one display section of the plurality of display
sections to create a filtered display section; and

a display module executable by the processor and configured to:
determine that data corresponding to a first display section of the plurality of display sections is stored within the display
cache;

based on determining that data corresponding to the first display section of the plurality of display sections is stored within
the display cache, determine whether the first display section corresponds to a first filtered display section that compensates
for colorblindness of a colorblind user viewing the display area based on a prescription of the colorblind user;

when it is determined that the first display section corresponds to a first filtered display section, determine whether the
first filtered display section is stored within the display cache,

when it is determined that the first filtered display section is stored within the display cache, retrieve the first filtered
display section from the display cache; and

cause the first filtered display section to be displayed within the display area.

US Pat. No. 10,050,939

TECHNIQUES FOR COMMUNICATION IN HYBRID CLOUD SYSTEM

VMWARE, INC., Palo Alto,...

1. A method for communicating in a hybrid cloud system, the hybrid cloud system having a public cloud and a private cloud, the method comprising:executing, in a web application renderer that implements a same-origin policy, a web-based application having, as an origin, a public host computer in the public cloud, wherein the web-based application exposes functionality that allows for migration of a virtual machine between the public host computer and a private host computer in the private cloud;
responsive to determining that the web application renderer is executing in a client device that shares a private network with the private host computer in the private cloud, requesting from the private host computer through the private network, an indication that the origin of the web application renderer is an allowed origin of the private host computer;
responsive to determining that the web application renderer is executing in a client device that does not share a private network with the private host computer, forming a virtual private network between the client device and the private host computer and requesting from the private host computer through the virtual private network, an indication that the origin of the web application renderer is an allowed origin of the private host computer;
receiving an indication through the private network or the virtual private network that the origin of the web application renderer is an allowed origin of the private host computer;
receiving virtual machine state for migrating a virtual machine from the public host computer to the private host computer; and
transmitting the virtual machine state for migrating the virtual machine from the public host computer to the private host computer.

US Pat. No. 9,491,116

DYNAMIC MANAGEMENT OF GROUPS FOR ENTITLEMENT AND PROVISIONING OF COMPUTER RESOURCES

VMware, Inc., Palo Alto,...

1. A method comprising:
maintaining a plurality of group definitions defining a plurality of groups, wherein the group definitions individually include
one or more logic clauses that define membership in a corresponding group, wherein the one or more logic clauses, when evaluated,
generate one or more data repository queries corresponding to the group which when executed indicate whether an entity is
a member of one or more of the groups, and wherein the groups are either entitled to access the computer resource or not entitled
to access the computer resource;

analyzing, using a group management engine of a computer system, one or more of the group definitions to determine inefficiently
used logic clauses of the one or more logic clauses, wherein analyzing each of the one or more of the group definitions includes
parsing the group definitions into a rule tree using a group definition compiler and analyzing one or more tables produced
by the rule tree for each of the following conditions:

whether a given logic clause of the group definition is over-used,
whether a given logic clause of the group definition is under-used, wherein a particular logic clause is under-used if the
particular logic clause is not called for a given period of time and the group associated with the particular logic clause
can be formed using one or more other logic clauses, and

whether a given logic clause of the group definition is inaccurate;
in response to determining that one or more logic clauses satisfies a condition of being under-used, over-used, or inaccurate
logic clauses, re-factoring the one or more group definitions by eliminating the inefficiently used logic clauses, wherein
refactoring eliminates the inefficiency by replacing one or more logic clauses in a rule tree or by writing one or more new
logic clauses as a new rule tree; and

using the refactored group definitions to assign entitlements to each of the plurality of groups such that members of each
group that receives particular entitlements are provided with access to computer resources provisioned based on the assigned
entitlements.

US Pat. No. 9,454,478

SYSTEM AND METHOD FOR CONTROLLING RESOURCE REVOCATION IN A MULTI-GUEST COMPUTER SYSTEM

VMware, Inc., Palo Alto,...

1. A non-transitory computer-readable storage medium containing program instructions for allocating at least one shared resource
of a computer system, wherein execution of the program instructions by one or more processors of the computer system causes
the one or more processors to perform steps comprising:
issuing a memory quantity request to a virtual machine, the computer system comprising a host system including a host operating
system and a hardware memory, and at least one virtual machine operatively connected as a guest system running on the host
system and having a guest operating system operable to address and allocate guest physical memory, wherein the guest physical
memory is mapped to various regions of the hardware memory;

executing a memory reservation software module in the virtual machine in response to the memory quantity request;
by the virtual machine, allocating guest physical memory that is assigned to be used by the virtual machine to the memory
reservation software module in the virtual machine for reallocation to one or more other virtual machines; and

by the host system, assigning a portion of the hardware memory corresponding to the guest physical memory allocated to the
memory reservation software module to the one or more other virtual machines,

wherein the portion of the hardware memory corresponding to the guest physical memory that is allocated to the memory reservation
software module by the guest operating system is made available to the host system for reallocation.

US Pat. No. 9,389,872

SOFTWARE WIZARD IMPLEMENTATION FRAMEWORK

VMware, Inc., Palo Alto,...

5. A non-transitory computer readable storage medium comprising instructions that, when executed by a processor, cause the
processor to generate and test a sequence of user interface (UI) pages of a software wizard, by performing the steps of:
generating UI pages of the software wizard that includes a first UI page and other UI pages of the software wizard, wherein
the first UI page is associated with one or more constraint functions which, when triggered, cause a transition from the first
UI page to another UI page of the software wizard; and

testing the constraint functions independently of the UI pages of the software wizard to determine that the software wizard
executes as expected,

wherein inputs to the constraint functions include UI input elements, properties of a data structure that stores data relied
upon by the constraint functions to generate content for the UI pages of the software wizard, and external data, and outputs
of the constraint functions include validation results, a set of values to be presented on one or more of the UI pages of
the software wizard, a value to be assigned to a particular property of the data structure, and a page flow map change that
modifies one or more transitions between the UI pages of the software wizard, and

wherein the constraint functions include a first constraint function, a second constraint function, and a third constraint
function, the output of the first constraint function including a value for a particular property of the data structure, that
is an input to the second constraint function and triggers the second constraint function, and wherein an input of the third
constraint function is a UI input element and a validation result of the third constraint function is an error message that
causes the UI input element to be disabled.

US Pat. No. 9,389,888

VIRTUALIZATION SYSTEM WITH A REMOTE PROXY IN A VIRTUALIZATION LAYER DOMAIN

VMware, Inc., Palo Alto,...

1. A method comprising:
establishing, by a remote proxy in a virtualization layer domain, a plurality of logical channels via a network connection,
wherein the virtualization layer domain is part of a host system in which a set of virtual machines of a virtual machine domain
run on a virtualization layer of the virtualization layer domain;

receiving, by the remote proxy, first information from a first logical channel in plurality of logical channels and second
information from a second logical channel in plurality of logical channels through the network connection;

determining, by the remote proxy, that the virtual machine domain should process the first information;
forwarding, by the remote proxy, the first information received from the first logical channel from the virtualization layer
domain to a virtual machine in the set of virtual machines in the virtual machine domain;

determining, by the remote proxy, that the virtualization layer domain should process the second information; and
forwarding, by the remote proxy, the second information received from the second logical channel that is different from the
first logical channel to the virtualization layer for processing.

US Pat. No. 9,378,040

ATTACHING APPLICATIONS BASED ON FILE TYPE

VMware, Inc., Palo Alto,...

10. A computer apparatus to dynamically make applications available to a computing device, the computer apparatus comprising:
processing instructions that direct an application attaching system, when executed by the application attaching system, to:
identify an application attach triggering event based on a file selection of a certain file type on the computing device;
in response to the application attach triggering event, identify an application within an application volume based on the
certain file type;

attach the application volume to the computing device, wherein attaching the application volume to the computing device comprises
mounting the application volume to the computing device and modifying one or more registry keys on the computing device to
make the application executable from the application volume;

associate the application to the certain file type on the computing device;
execute files for the application stored on the application volume to support the file selection;
identify a detach triggering event; and
in response to the detach triggering event, detaching the application volume from the computing device; and
one or more non-transitory computer readable media that store the processing instructions.

US Pat. No. 9,294,407

NETWORK DEVICE LOAD BALANCING IN A VIRTUALIZED COMPUTING ENVIRONMENT

VMware, Inc., Palo Alto,...

1. An automated method for balancing network load at network devices in a virtualized computing environment comprising:
determining a first network device of a plurality of network devices having network load above a threshold value, wherein
the plurality of network devices routes or carries network traffic to and from a plurality of host computing systems;

identifying a first host computing system coupled to the first network device from the plurality of host computing systems,
the first host computing system executing a workload that transmits and receives network traffic via the first network device;

if the first host computing system is not coupled to any other network device, reducing the network load at the first network
device by initiating migration of at least a part of the workload to a second host computing system coupled to any other network
device; and

if the first host computing system is coupled to a second network device, reducing the network load at the first network device
by instructing a virtual switch of the first host computing system to route at least a part of the network traffic between
the workload and the second network device.

US Pat. No. 9,276,809

COMBINING PROFILES BASED ON PRIORITIES

VMware, Inc., Palo Alto,...

1. A system comprising:
a memory storing a plurality of profiles defining one or more rules that affect operation of a plurality of functional computing
objects, the plurality of profiles including a first profile that defines a first rule and a second profile that defines a
second rule; and

a processor coupled to the memory and programmed to:
determine that the second rule conflicts with the first rule;
determine a first priority corresponding to the first profile based on a distance of the first functional computing object
to another functional computing object that is positioned below the first functional computing object in a predetermined hierarchy;

combine the first profile and the second profile to create an effective profile, wherein the conflict between the first profile
and the second profile is resolved in favor of the first profile with respect to a first functional computing object and in
favor of the second profile with respect to a second functional computing object, and wherein the effective profile includes
no conflicting rules; and

apply the effective profile to one of the first and second functional computer objects.

US Pat. No. 9,268,591

SYSTEMS AND METHODS FOR DETECTING SYSTEM EXCEPTIONS IN GUEST OPERATING SYSTEMS

VMware, Inc., Palo Alto,...

1. A virtual machine host comprising:
a virtual machine that includes a guest operating system (OS);
a detector module capable of detecting a system exception in the guest OS, the system exception being a crash of the guest
OS, and wherein the detector module executes within the guest OS and is capable of executing within the guest OS after the
system exception has occurred; and

a hypervisor comprising a query module, the query module configured to determine a current status of the guest OS by receiving
a guest OS status message from the detector module, wherein the guest OS status message includes a system exception indicator,
the query module further configured to transmit a system exception information request message to the detector module after
receiving the guest OS status message that includes the system exception indicator, and in response to the system exception
information request message, receive, from the detector module, system exception information collected by the detector module.

US Pat. No. 9,268,642

PROTECTING PAIRED VIRTUAL MACHINES

VMware, Inc., Palo Alto,...

1. A system for monitoring virtual machines, the system comprising:
a master host; and
a slave host comprising a primary virtual machine and a secondary virtual machine, the secondary virtual machine being a backup
virtual machine to the primary virtual machine, and wherein the slave host is configured to identify a failure that impacts
an ability of at least one of the primary virtual machine and the secondary virtual machine to provide service; and

wherein if the failure is a Permanent Device Loss (PDL) failure, the slave host is configured to terminate each impacted virtual
machine; and

wherein if the failure is an All Paths Down (APD) failure, the master host is configured to apply one of the following: a
first remedy if the primary virtual machine is impacted and the secondary virtual machine is not impacted; a second remedy
if the secondary virtual machine is impacted and the primary virtual machine is not impacted; or a third remedy if both the
primary virtual machine and the secondary virtual machine are impacted.

US Pat. No. 9,183,015

HIBERNATE MECHANISM FOR VIRTUALIZED JAVA VIRTUAL MACHINES

VMware, Inc., Palo Alto,...

1. A method for managing memory of a runtime environment executing in a virtual machine, the method comprising:
receiving an indication of an idle state of a runtime environment executing in a virtual machine;
suspending operation of a plurality of threads associated with the runtime environment, wherein the plurality of threads is
configured to run program code within the runtime environment;

determining a plurality of memory pages associated with the runtime environment based on the indication of the idle state;
transmitting, to a virtualization layer, a request to page out and compress the plurality of memory pages into a compression
cache; and

executing a listener thread configured to monitor for a refresh request for the runtime environment.

US Pat. No. 9,819,712

CLOUD-BASED CONFERENCING SYSTEM

VMware, Inc., Palo Alto,...

1. A method of web conferencing, comprising:
receiving an initiation request at a management server from a host client device to initiate a scheduled web conference;
identifying, in response to the initiation request, an enterprise device located at an enterprise location reserved for the
scheduled web conference, the enterprise device communicatively coupled to the management server over a network;

determining whether the enterprise device includes a conference client application;
in response to determining that the enterprise device does not include a conference client application, provisioning the conference
client application from the management server to the enterprise device, wherein provisioning comprises sending the conference
client application for installation and sending at least one profile that includes an authorization credential, controlled
at the management server, for using the conference client application; and

relaying a content stream from the host client device through the management server to the enterprise device over the network
for display of the content stream at the enterprise location.

US Pat. No. 9,460,481

SYSTEMS AND METHODS FOR PROCESSING DESKTOP GRAPHICS FOR REMOTE DISPLAY

VMware, Inc., Palo Alto,...

1. A host hosting a virtual machine within a virtual desktop infrastructure, the host comprising:
a central processing unit (CPU);
a communications bus; and
a graphics processing unit (GPU) coupled to said CPU by the communications bus, said GPU configured to:
access a reference frame associated with desktop graphics;
generate a current frame associated with desktop graphics;
compare the reference frame with the current frame to identify one or more changed portions of the current frame relative
to the reference frame;

generate a bitmap, wherein the bitmap includes a series of bits with each bit representing a portion of the current frame,
bits set to a first value identifying which portions of the current frame have changed in comparison to the reference frame
and bits set to a second value identifying which portions of the current frame have not changed in comparison to the reference
frame; and

send, over said communications bus, the bitmap and the one or more changed portions of the current frame, while excluding
unchanged portions of the current frame, to said CPU, wherein the bitmap and the one or more changed portions are encoded
to generate an encoded frame and the encoded frame is transmitted to a remote terminal to be displayed.

US Pat. No. 9,336,039

DETERMINING STATUS OF MIGRATING VIRTUAL MACHINES

VMware, Inc., Palo Alto,...

1. A computer-implemented method comprising:
initiating a migration of one or more virtual machines from a source host that is located at a source site to a destination
host that is located at a destination site;

determining that a fault has occurred during the migration of the one or more virtual machines, the fault resulting in the
source host becoming unavailable;

in response to determining that the fault has occurred, determining, while the source host is unavailable and for each virtual
machine of the one or more virtual machines, whether the virtual machine has been fully migrated from the source host to the
destination host, the determining comprising:

determining whether a migration started record has been stored at the destination site for the virtual machine, the migration
started record being a record that is stored prior to migrating the virtual machine;

in response to determining that the migration started record has been stored at the destination site, determining whether
a placeholder virtual machine that has a unique identifier that matches a unique identifier for the virtual machine has been
created at the destination site;

in response to determining that the placeholder virtual machine has been created at the destination site, determining whether
the placeholder virtual machine has an associated migration completed event, the migration completed event being an event
associated with the placeholder virtual machine in response to migration of the virtual machine being completed; and

in response to determining that the placeholder virtual machine has an associated migration completed event, determining that
the virtual machine has been fully migrated from the source host to the destination host.

US Pat. No. 9,336,117

REMOTE DISPLAY PERFORMANCE MEASUREMENT TRIGGERED BY APPLICATION DISPLAY UPGRADE

VMware, Inc., Palo Alto,...

1. A method for measuring performance of a computer system, the method comprising:
detecting one or more calls from an application executing on a virtual machine to an application programming interface (API)
provided for rendering images, each call causing an update of a display image;

in response to the detecting, embedding data for measuring performance in each of a plurality of display frames of the display
image, the embedding resulting in a plurality of modified display frames each with respective data for measuring performance;

transmitting the plurality of modified display frames to a remote client, the remote client receiving a plurality of received
modified display frames with respective received data for measuring performance; and

calculating a remote display quality for the application at the remote client based on received performance data from the
remote client, wherein the received performance data is based on the respective data for measuring performance extracted from
the plurality of modified display frames, wherein operations of the method are executed by a processor.

US Pat. No. 9,329,855

DESKTOP IMAGE MANAGEMENT FOR VIRTUAL DESKTOPS USING A BRANCH REFLECTOR

VMware, Inc., Palo Alto,...

1. A system for virtual desktop image management, the system comprising:
a central server storing a set of updates to be applied to a plurality of virtual machines, each of the set of updates including
one or more of: files, registry entries, or drivers;

a host server device hosting the plurality of virtual machines, the host server device connected to the central server via
a communication connection, the host server device further including:

a first virtual machine including a first agent nominated to be a branch reflector for all of the plurality of virtual machines
hosted on the host server device;

a second virtual machine that is to be updated with at least one of the set of updates from the central server, the second
virtual machine including a second agent;

wherein the first agent on the first virtual machine is configured to (a) determine that an update is to be applied to the
second virtual machine, (b) download the files, registry entries and drivers from the central server on behalf of the second
virtual machine (c) store the files, registry entries and drivers in a single instance store on physical storage associated
with the host server, and (d) provide an instruction to the second agent to apply the update to the second virtual machine
by creating one or more stub files; and

wherein the one or more stub files are created on the second virtual machine corresponding to at least some of the files,
registry entries in the single instance store, such that a request to read the one or more stub files returns content from
the single instance store.

US Pat. No. 9,158,561

SYSTEMS AND METHODS FOR MODIFYING AN OPERATING SYSTEM FOR A VIRTUAL MACHINE

VMware, Inc., Palo Alto,...

1. A method comprising:
identifying at least one application available for execution on an initial virtual machine;
identifying a triggering event comprising an attempt to upgrade an operating system on the initial virtual machine to an updated
version of the operating system;

in response to the triggering event, provisioning a new virtual machine with the updated version of the operating system;
monitoring for completion of the provisioning of the new virtual machine;
in response to the completion of the provisioning of the new virtual machine, dynamically attaching the at least one application
to the new virtual machine, wherein dynamically attaching the at least one application to the new virtual machine comprises
dynamically attaching at least one application volume containing the at least one application to the new virtual machine,
and making the at least one application available without installation on the new virtual machine; and

in response to dynamically attaching the at least one application volume, overlaying contents of the at least one application
volume corresponding to the at least one application in the new virtual machine.

US Pat. No. 9,158,434

USER INTERFACE VIRTUALIZATION PROFILES FOR ACCESSING APPLICATIONS ON REMOTE DEVICES

VMware, Inc., Palo Alto,...

1. A method of providing access to a remote desktop of a server device having a guest operating system executing therein,
the method comprising:
launching an application in the remote desktop of the server device, wherein the application includes one or more elements
of a graphical user interface (GUI);

retrieving a user interface virtualization profile associated with the application;
generating user interface (UI) metadata that specifies the GUI of the application, wherein the UI metadata is generated according
to the user interface virtualization profile and using an application programming interface (API) configured to programmatically
manipulate the GUI of the application;

transmitting a base image of the GUI and the generated UI metadata to a touch input client device communicatively connected
to the server device;

receiving, from the touch input client device, an input event indicating manipulation of the GUI of the application; and
invoking the API to programmatically manipulate the GUI of the application according to the received input event and further
according to the user interface virtualization profile,

wherein the user interface virtualization profile associated with the application specifies application-specific support for
the API configured to programmatically manipulate the GUI of the application.

US Pat. No. 9,152,448

PERFORMANCE OF LOAD BALANCING MODULES WITH MIGRATION AWARENESS

VMware, Inc., Palo Alto,...

1. A system comprising:
a memory area associated with a first host, said memory area storing a migration module and one or more load balancing modules,
the load balancing modules distributing data requests to a plurality of virtual machines (VMs); and

a processor programmed to:
send a migration notification from the migration module to each of the identified load balancing modules before a migration
of at least one of the plurality of VMs to a second host begins, the migration notification being an interrupt or an event
notification;

reduce, by the load balancing modules responsive to the migration notification, a quantity of the data requests distributed
to the at least one of the plurality of VMs by reducing establishment of new connections to the at least one of the plurality
of VMs while maintaining existing connections to the at least one of the plurality of VMs;

send an updated migration notification from the migration module to each of the identified load balancing modules upon completion
of the migration; and

increase, by the load balancing modules responsive to the updated migration notification, a quantity of the data requests
distributed to the at least one of the plurality of VMs.

US Pat. No. 9,146,766

CONSISTENT UNMAPPING OF APPLICATION DATA IN PRESENCE OF CONCURRENT, UNQUIESCED WRITERS AND READERS

VMware, Inc., Palo Alto,...

1. A method for releasing free storage blocks previously allocated to a logical block device back to an underlying disk-based
storage system supporting the logical block device, comprising:
receiving a notification from a first process of a processing entity accessing the logical block device, the notification
indicating an intent to release a first set of storage blocks that are currently allocated to the logical block device but
that are not being used by the logical block device;

adding the first set of storage blocks to a set of storage blocks intended to be released;
intercepting a write operation issued from a second process of the processing entity;
determining that the write operation corresponds to a subset of the set of storage blocks to be released and, in response
to said determining, removing the subset from the set of storage blocks intended to be released;

re-issuing the intercepted write operation to the logical block device after the subset has been removed;
receiving from the first process a command for the release of storage blocks;
failing the command in response to the storage blocks pertaining to the command not being in the set of storage blocks intended
to be released; and

issuing the command in response to the storage blocks pertaining to the command being in the set of storage blocks intended
to be released.

US Pat. No. 9,495,192

NUMA I/O AWARE NETWORK QUEUE ASSIGNMENTS

VMware, Inc., Palo Alto,...

1. A method comprising:
identifying a plurality of non-uniform memory access (NUMA) nodes, one of the plurality of NUMA nodes being a NUMA node having
a physical network interface card (PNIC);

generating an assignment for a virtual machine (VM) to a NUMA node of the plurality of identified NUMA nodes, said generating
is biased toward assigning the VM to the NUMA node having the PNIC; and

using the generated assignment to assign the VM to the NUMA node having the PNIC.

US Pat. No. 9,379,995

RESOURCE ALLOCATION DIAGNOSIS ON DISTRIBUTED COMPUTER SYSTEMS BASED ON RESOURCE HIERARCHY

VMware, Inc., Palo Alto,...

1. A method for performing a resource allocation diagnosis for a distributed computer system, the method comprising:
obtaining a target resource allocation and a snapshot of the distributed computer system, wherein the snapshot includes configurations
and resource usage information of at least some components of the distributed computer system;

generating a resource allocation recommendation based on the target resource allocation and the snapshot by iteratively traversing
a resource hierarchy in the distributed computer system, wherein the resource allocation recommendation specifies at least
one resource configuration action or at least one capacity expansion action for the distributed computer system to meet the
target resource allocation; and

executing the resource allocation recommendation on the distributed computer system.

US Pat. No. 9,350,666

MANAGING LINK AGGREGATION TRAFFIC IN A VIRTUAL ENVIRONMENT

VMware, Inc., Palo Alto,...

1. A method of transmitting packets between physical hosts, the method comprising:
negotiating with a switch coupled to a first set of one or more physical ports of a first physical host to configure the first
set of physical ports to be included within a first link aggregation group (LAG), and to configure a second set of one or
more physical ports of a second physical host to also be included within the first LAG, wherein each of the first and second
physical hosts runs one or more virtual machines;

configuring a first physical synchronization port on the first physical host so that the first physical synchronization port
does not share a common LAG with the second physical host, and configuring a second physical synchronization port on the second
physical host so that the second physical synchronization port does not share a common LAG with the first physical host;

receiving, by the first physical host from a source physical host, a first packet destined for a virtual machine running on
the second physical host, the first packet including source and destination information;

determining from at least one of the source or destination information that the first packet is destined for a virtual machine
running on a physical host other than the first physical host and that the source information indicates that the source physical
host of the first packet did not use a physical synchronization port to transmit the first packet to the first physical host;
and

forwarding, from the first physical host, in response to the determination and based upon the second physical host having
the second set of physical ports included in the first LAG, the first packet via the first physical synchronization port to
the second physical host.

US Pat. No. 9,182,927

TECHNIQUES FOR IMPLEMENTING HYBRID FLASH/HDD-BASED VIRTUAL DISK FILES

VMware, Inc., Palo Alto,...

1. A method for utilizing flash storage as an extension of hard disk (HDD) based storage, the method comprising:
storing, by a computer system, a first subset of blocks of a logical file in a first physical file residing on a flash storage
tier, the first physical file being associated with a first inode data structure;

storing, by the computer system, a second subset of blocks of the logical file in a second physical file residing on an HDD
storage tier, the second physical file being associated with a second inode data structure distinct from the first inode data
structure, the second inode data structure comprising tiering configuration information that includes an identifier of the
first physical file;

receiving, by the computer system, an I/O request directed to one or more blocks of the logical file; and
processing, by the computer system, the I/O request by directing the I/O request to the first physical file on the flash storage
tier or to the second physical file on the HDD storage tier, the directing comprising:

verifying the tiering configuration information in the second inode data structure; and
in response to the verifying, determining whether the one or more blocks are part of the first subset of blocks in the first
physical file or the second subset of blocks in the second physical file.