Detection of resource contention on computerized systems using co-located computer processes such as virtual machines

The invention claimed is: 1. A method for detecting resource contention on a computerized system that uses collocation of computer processes, the method comprising: monitoring data produced by each computer process of a set of computer processes co-located on the computerized system; detecting in the monitored data a change in a behavior of data produced by a given computer process of the set of computer processes; throttling other computer processes of the set than said given computer process to detect potential resource contention at said given computer process; wherein the computerized system uses virtual machines collocation; wherein monitoring comprises monitoring data produced by each virtual machine, or VM, of a set of VMs co-located on the computerized system; wherein detecting comprises detecting in the monitored data a change in a behavior of data produced by a given VM of the set; wherein throttling comprises throttling other VMs of the set than said given VM to detect potential resource contention at said given VM; wherein throttling further comprises restricting or shutting down one or more neighboring VMs of the set of VMs that neighbor the given VM; wherein the restricting or shutting down is sufficient to obtain isolative conditions for the given VM, such that the given VM is independently monitored; and after detecting the change in the behavior of data produced by the given VM and prior to throttling the other VMs, establishing a passive diagnosis by comparing data produced by the given VM after detecting the change to reference data; wherein throttling the one or more other VMs is performed when the passive diagnosis established is inconclusive as to a potential resource contention at said given VM. 2. The method of claim 1 , wherein the method comprises establishing an active diagnosis as to potential contention at said given VM, wherein establishing the active diagnosis comprises throttling said other VMs to detect potential resource contention at said given VM, and wherein, establishing the active diagnosis further comprises: accumulating isolated data produced by said given VM when throttling the other VMs; and comparing the isolated data to reference data. 3. The method of claim 2 , wherein comparing the isolated data comprises comparing the isolated data to reference data previously obtained for said given VM. 4. The method of claim 3 , wherein comparing the isolated data comprises comparing the isolated data to reference data in distinct clusters of reference data previously obtained for said given VM, the distinct clusters of reference data comprising: a cluster of normal data, indicative of a statistically normal behavior of said given VM, and a cluster of outlier data, indicative of a statistically abnormal behavior of said given VM. 5. The method of claim 4 , wherein comparing the isolated data further comprises: comparing the isolated data with reference data in the cluster of normal data; and if the isolated data match said reference data in the cluster of normal data, storing, in a history file, data from the cluster of outlier data together with metadata identifying them as indicative of resource contention for said given VM. 6. The method of claim 5 , wherein comparing the isolated data further comprises: if the isolated data do not match said reference data in the cluster of normal reference data, comparing the isolated data with reference data in the cluster of outlier data; and if the isolated data match said reference data in the cluster of outlier data, storing, in the history file, the isolated data together with metadata identifying them as non-contention related. 7. The method of claim 2 , wherein establishing a diagnosis further comprises, prior to comparing the isolated data to reference data and after accumulating the isolated data, releasing throttling of the other VMs. 8. The method of claim 1 , wherein the method further comprises: establishing an active diagnosis as to potential contention at said given VM, wherein establishing the active diagnosis comprises throttling said other VMs to detect potential resource contention at said given VM, and wherein establishing the active diagnosis further comprises: accumulating isolated data produced by said given VM when throttling the other VMs; comparing the isolated data to reference data; and storing an outcome of comparing the accumulated data to reference data in a history file, and wherein, the method further comprises: upon detecting a new change in the behavior of data produced by said given VM, establishing a further passive diagnosis by comparing data produced by the given VM after detecting the new change to reference data that comprises the stored outcome. 9. The method of claim 1 , wherein monitoring data comprises using a moving average and a standard deviation of data in a temporal window of data produced by each VM of the set of co-located VMs, to detect the change in the behavior of the monitored data. 10. The method of claim 9 , wherein a change in the behavior of the monitored data is assumed to be detected if n consecutive statistical outliers are detected for said data in said temporal window, n≥2. 11. The method of claim 1 , wherein the computerized system is a cloud server. 12. A computerized system using collocation of computer processes, whereby of a set of computer processes are co-located on the computerized system, the system comprising: one or more processing units; and a memory comprising computerized methods, the latter configured, upon execution by the one or more processing units, for: monitoring data produced by each computer process of a set of computer processes co-located on the computerized system; detecting in the monitored data a change in a behavior of data produced by a given computer process of the set of computer processes; throttling other computer processes of the set than said given computer process to detect potential resource contention at said given computer process; wherein the computerized system uses virtual machines collocation; wherein monitoring comprises monitoring data produced by each virtual machine, or VM, of a set of VMs co-located on the computerized system; wherein detecting comprises detecting in the monitored data a change in a behavior of data produced by a given VM of the set; wherein throttling comprises throttling other VMs of the set than said given VM to detect potential resource contention at said given VM; wherein throttling further comprises restricting or shutting down one or more neighboring VMs of the set of VMs that neighbor the given VM; wherein the restricting or shutting down is sufficient to obtain isolative conditions for the given VM, such that the given VM is independently monitored; and after detecting the change in the behavior of data produced by the given VM and prior to throttling the other VMs, establishing a passive diagnosis by comparing data produced by the given VM after detecting the change to reference data; wherein throttling the one or more other VMs is performed when the passive diagnosis established is inconclusive as to a potential resource contention at said given VM. 13. The computerized system of claim 12 , wherein the system comprises a resource capping unit configured in the system for throttling one or more of the co-located VMs; a detection unit for monitoring data produced by each VM of the set of VMs and detecting a change in a behavior of data produced by any of the VMs of the set; and a decision unit coupled to the detection unit and the resource capping unit for inst