Inter-cluster automated failover and migration of containerized workloads across edges devices
Granted: April 23, 2024
Patent Number:
11968096
Computer-implemented methods, media, and systems for inter-cluster automated failover and migration of containerized workloads across edges devices are disclosed. One example method includes monitoring telemetry data received from a first software defined wide area network (SD-WAN) edge device that has a workload scheduled, where the telemetry data includes at least one of a health status of the workload or multiple runtime context elements at the first SD-WAN edge device. It is…
Intelligent provisioning management
Granted: April 23, 2024
Patent Number:
11966728
Disclosed are various examples of intelligent provisioning management. In some examples, device configuration signatures are received for a group of client devices. A user interface shows at least one of a recommended configuration with a recommended set of hardware components, a recommended hardware specification, a recommended set of applications, and a recommended set of firmware based on a superset of firmware identified from the device configuration signatures. A request to…
Multitenancy for service machines
Granted: April 16, 2024
Patent Number:
11962499
In an embodiment, a computer-implemented method for enabling multitenancy for service machines is disclosed. In an embodiment, the method comprises detecting a packet by a service insertion module implemented in a hypervisor. Based on metadata received along with the packet, the service insertion module determines a tenant identifier of a tenant that sent the packet. The service insertion module also determines a plurality of attributes of the packet. Based on the tenant identifier and…
Encryption key removal tool
Granted: April 16, 2024
Patent Number:
11962696
Systems and methods are described for removing unused encryption key files from a computing device. In an example, a key removal tool can identify three sets of keys to preserve. For the first set, the key removal tool can append a device identifier to known key names and add the resulting key file names to a whitelist. For the second set, the key removal tool can identify keys associated with certificates on the computing device and add their corresponding file names to the whitelist.…
Data migration using dynamic synchronization
Granted: April 16, 2024
Patent Number:
11962647
Examples can include (1) identifying, on a network, a source node and a destination node, the source node including at least one source node virtual machine (“VM”) to be replicated as a destination node VM on the destination node, (2) performing a full synchronization by copying disks used by the source node VM in a current operational state to the destination node VM, (3) scheduling start times for multiple update synchronizations of changed data between the source node VM and the…
Dynamically switching between synchronous and asynchronous communication channels
Granted: April 16, 2024
Patent Number:
11962635
Disclosed herein are systems and methods for dynamically switching between synchronous and asynchronous communication channels. A communication request can be received from an application, and a request identifier can be generated for the communication request. The communication request can be transmitted to an edge server application via a first communication channel. The first communication channel can be selected from a plurality of communication channels based at least in part on a…
Anycast address for network address translation at edge
Granted: April 16, 2024
Patent Number:
11962564
Some embodiments provide a method for forwarding data messages at multiple edge nodes of a logical network that process data messages between a logical network and an external network. At a particular one of the edge nodes, the method receives a data message sent from a source machine in the logical network. The method performs network address translation to translate a source network address of the data message corresponding to the source machine into an anycast network address that is…
Hardware acceleration techniques using flow selection
Granted: April 16, 2024
Patent Number:
11962518
In some embodiments, a method receives a packet for a flow associated with a workload. Based on an indicator for the flow, the method determines whether the flow corresponds to one of an elephant flow or a mice flow. Only when the flow is determined to correspond to an elephant flow, the method enables a hardware acceleration operation on the packet. The hardware acceleration operation may include hardware operation offload, receive side scaling, and workload migration.
Resource watermarking and management
Granted: April 16, 2024
Patent Number:
11962510
Resource watermarking and management actions on electronic resources are described. In one example, a process for resource watermarking and management actions includes receiving, from a client device, a request to perform an action on an electronic resource and a device profile for the client device. The device profile can include at least one attribute of the client device. The process also includes identifying a watermark template for the electronic resource, determining descriptive…
Identification of route-map clauses using prefix trees
Granted: April 16, 2024
Patent Number:
11962504
Described herein are systems and methods to apply route-map configurations in a computing network. In one implementation, a routing computing system may identify a route for redistribution in a computing network and identify a longest prefix in a radix tree associated with the route. The routing computing system may further identify a highest priority route-map clause associated with the longest prefix match or any parent prefixes of the longest prefix match in the radix tree. Once…
Network address translation in active-active edge cluster
Granted: April 16, 2024
Patent Number:
11962493
Some embodiments provide a method for forwarding data messages at multiple edge gateways of a logical network that process data messages between the logical network and an external network. At a first edge gateway, the method receives a data message, having an external address as a destination address, from the logical network. Based on the destination address, the method applies a default route to the data message that routes the data message to a second edge gateway and specifies a…
Secure enterprise access with voice assistant devices
Granted: April 16, 2024
Patent Number:
11961523
Systems and methods are provided for optimizing and securing an enterprise voice service accessed by an external voice assistant device. An enterprise voice assistant installed on a client device acts as an enterprise voice service for an external voice assistant device. The enterprise voice assistant receives a voice query from the external voice assistant device. The voice query is processed using a machine learning model to extract an intent and at least one slot. The extracted intent…
Virtual accelerators in a virtualized computing system
Granted: April 16, 2024
Patent Number:
11960919
An example method of virtualizing a hardware accelerator in a host cluster of a virtualized computing system includes: commanding, at an initiator host in the host cluster, a programmable expansion bus device to reconfigure as a virtual accelerator based on specifications of a hardware accelerator in a target host of the host cluster; executing, in the programmable expansion bus device, software to emulate the virtual accelerator as connected to an expansion bus of the initiator host;…
Document printing in a virtualized computing environment
Granted: April 16, 2024
Patent Number:
11960779
The capability to print to a portable document format (PDF) file is provided in a virtualized computing environment that supports a virtual desktop infrastructure (VDI). Printing-related properties, of local printers coupled to a client device, are provided to a host, so that virtual printers at the host can be configured with the printing-related properties. A simulator may be provided at the host to receive the printing-related properties from the client device and to receive a query…
Byzantine fault tolerance protocol for backing up blockchains
Granted: April 16, 2024
Patent Number:
11960502
In some embodiments, a method sends first messages that request first information for a set of blocks of the blockchain to the N replicas. Each replica maintains a respective instance of the blockchain. Second messages is received from at least a portion of the N replicas. The second messages include the first information for the set of blocks from each respective instance of the blockchain that is maintained by the N replicas. The method analyzes the first information to determine…
Preserving user profiles across remote desktop sessions
Granted: April 16, 2024
Patent Number:
11960501
User profiles of remote desktops are managed in a crash-consistent manner. When a user logs into a remote desktop, metadata of the user profile is loaded from persistent storage while registry settings and files of the user profile are loaded asynchronously with respect to the login. During the remote desktop session, snapshots of the remote desktop image in persistent storage are generated periodically, and a change log that indicates changes to the user profile is created therefrom.…
Enhancing efficiency of segment cleaning for a log-structured file system
Granted: April 16, 2024
Patent Number:
11960450
The efficiency of segment cleaning for a log-structured file system (LFS) is enhanced at least by storing additional information in a segment usage table (SUT). Live blocks (representing portions of stored objects) in an LFS are determined based at least on the SUT. Chunk identifiers associated with the live blocks are read. The live blocks are coalesced at least by writing at least a portion of the live blocks into at least one new segment. A blind update of at least a portion of the…
Managing the migration of virtual machines in the presence of uncorrectable memory errors
Granted: April 16, 2024
Patent Number:
11960357
Techniques for migrating virtual machines (VMs) in the presence of uncorrectable memory errors are provided. According to one set of embodiments, a source host hypervisor of a source host system can determine, for each guest memory page of a VM to be migrated from the source host system to a destination host system, whether the guest memory page is impacted by an uncorrectable memory error in a byte-addressable memory of the source host system. If the source host hypervisor determines…
Unifying hardware trusted execution environment technologies using virtual secure enclave device
Granted: April 9, 2024
Patent Number:
11954198
System and method for creating and managing trusted execution environments (TEEs) using different underlying hardware TEE mechanisms use a virtual secure enclave device which runs in a virtualized environment in a computer system. The device enables an enclave command transmitted to the virtual secure enclave device to be retrieved and parsed to extract an enclave operation to be executed. A TEE backend module is used to interact with a particular hardware TEE mechanism among those…
Conflict resolution for device-driven management
Granted: April 9, 2024
Patent Number:
11954472
Disclosed are various embodiments for resolving conflicts between workflows in a workflow processing system. A plurality of workflows stored in a workflow queue are evaluated to identify a common dependency of the plurality of workflows. Then, a version hierarchy is created for the common dependency of the plurality of workflows, the version hierarchy identifying multiple versions of the common dependency. In response to execution of a first one of the plurality of workflows stored in…
