Generally described, computing devices utilize a communication network, or a series of communication networks, to exchange data. Companies and organizations operate computer networks that interconnect a number of computing devices to support operations or provide services to third parties. The computing systems can be located in a single geographic location or located in multiple, distinct geographic locations (e.g., interconnected via private or public communication networks). Specifically, data centers or data processing centers, herein generally referred to as a “data center,” may include a number of interconnected computing systems to provide computing resources to users of the data center. The data centers may be private data centers operated on behalf of an organization or public data centers operated on behalf, or for the benefit of, the general public.
To facilitate increased utilization of data center resources, virtualization technologies may allow a single physical computing device to host one or more instances of virtual machines that appear and operate as independent computing devices to users of a data center. The single physical computing device can create, maintain, delete, or otherwise manage virtual machines in a dynamic manner. In some scenarios, various computing devices may be associated with different combinations of operating systems or operating system configurations, virtualized hardware resources and software applications to enable a computing device to provide different desired functionalities, or to provide similar functionalities more efficiently. Further, virtual machines can themselves be partitioned into multiple isolated virtual systems, called “containers.” The virtual machine controls allocation of resources such as processing power and memory, and each container has its own process and network space in which the container can, for example, execute software programs.
In turn, users can request computer resources from a data center, including single computing devices or a configuration of networked computing devices, and be provided with varying numbers of virtual machine resources. Virtualization also scales upward from virtual machines; entire data centers and even multiple data centers may implement computing environments with varying capacities, such as a virtual private network and a virtual private cloud. Computing environments that share a platform can be physically and/or logically isolated from each other to prevent or control data transmissions between the environments. Physical isolation may include, for example, eliminating network communication between servers of different computing environments. Logical isolation can be achieved in many ways, such as by placing a computing environment's network access onto a private subnet and/or virtual private network, or by requiring user authentication to access any interfaces with the computing environment. User-directed resource allocation may span multiple isolated computing environments, providing flexibility to serve geographically diverse end-users and establish data redundancy, load balancing, and other efficiencies.