MANAGING CROSS-CLOUD DISTRIBUTED APPLICATION
Granted: January 23, 2020
Application Number:
20200028747
A manager of a cross-cloud distributed application manages the application via a cloud-management service. The application is hosted collectively by plural clouds, at least one of which is a public cloud. The service is provided with log-in credentials for the public cloud so that the resources provided by the public cloud to the application can be discovered. The service collects data generate by the clouds, translates the collected data to conform to a unified data model used by the…
METHOD OF COOPERATIVE ACTIVE-STANDBY FAILOVER BETWEEN LOGICAL ROUTERS BASED ON HEALTH OF ATTACHED SERVICES
Granted: January 23, 2020
Application Number:
20200028731
A method for cooperative active-standby failover between service routers based on health of services configured on the service routers is presented. In an embodiment, a method comprises determining, by a first service router (“SR”) of a SR cluster, a plurality of aggregate score values for a plurality of SRs of the SR clusters. The SR cluster comprises the first SR which is active, and a second SR. An aggregate score value, of the plurality of aggregate score values, indicates health…
METHOD FOR MOVING LOGICAL RESOURCES WITHOUT EXPLICIT NEGOTIATIONS IN A HIGH AVAILABILITY, ACTIVE-ACTIVE SERVICE ROUTER CLUSTER
Granted: January 23, 2020
Application Number:
20200028730
A method for a service router (“SR”) implemented in an active-active SR cluster to move logical resources without explicit negotiations between the service routers (“SRs”) in the cluster to provide high availability of services is disclosed. In an embodiment, the method comprises: determining, by an active SR of a plurality of SRs implemented in an active-active SR cluster, that a particular SR has failed; and obtaining, by the active SR, a plurality of hash values computed for…
HYPERVISOR EXCHANGE WITH VIRTUAL-MACHINE CONSOLIDATION
Granted: January 23, 2020
Application Number:
20200026544
A hypervisor exchange, e.g., an upgrade, can include consolidating resident virtual machines into a single host virtual machine, exchanging an old hypervisor with a new (upgraded) hypervisor, and disassociating the virtual resident virtual machines by migrating them to the new hypervisor. The consolidating can involve migrating the resident virtual machines from the old hypervisor to a guest hypervisor on the host virtual machine. The exchange can involve: 1) suspending the host virtual…
PACKET PROCESSING USING SERVICE CHAINS
Granted: January 16, 2020
Application Number:
20200021518
Example methods are provided for a host to perform packet processing using a service chain in a software-defined networking (SDN) environment. The method may comprise establishing a datapath between a first virtualized computing instance and a second virtualized computing instance in the service chain, the datapath bypassing a forwarding element to which the first virtualized computing instance and the second virtualized computing instance are connected. The method may also comprise: the…
TECHNIQUES FOR CONTAINER SCHEDULING IN A VIRTUAL ENVIRONMENT
Granted: January 16, 2020
Application Number:
20200019426
The present disclosure relates generally to virtualization, and more particularly to techniques for deploying containers in a virtual environment. The container scheduling can be based on information determined by a virtual machine scheduler. For example, a container scheduler can receive a request to deploy a container. The container scheduler can send container information to the virtual machine scheduler. The virtual machine scheduler can use the container information along with…
SECURE TRANSFER OF CONTROL OVER COMPUTATIONAL ENTITIES IN A DISTRIBUTED COMPUTING ENVIRONMENT
Granted: January 9, 2020
Application Number:
20200012527
The current document is directed to methods and systems that establish secure, verifiable chains of control for computational entities within a distributed computing system. When a computational entity is first instantiated or introduced into the distributed computing system, public and private identities are generated for the computational entity and secure control is established over the computational entity by an initial controlling entity. Subsequently, control of the computational…
SEAMLESS VIRTUAL STANDARD SWITCH TO VIRTUAL DISTRIBUTED SWITCH MIGRATION FOR HYPER-CONVERGED INFRASTRUCTURE
Granted: December 26, 2019
Application Number:
20190391831
A method to migrate a cluster's hosts and virtual machines from virtual standard switches to a virtual distributed switch includes creating distributed port groups on the virtual distributed switch, where properties of the distributed port groups are automatically replicated to host proxy switches on the hosts. The method further includes configuring the distributed port group with ephemeral binding so port binding of the distributed port group is configurable through a host in the…
CLOUD AGNOSTIC BLUEPRINT
Granted: December 12, 2019
Application Number:
20190377591
A method to implement a cloud application includes receiving a blueprint of the cloud application, wherein the blueprint specifies virtual machines and a network connecting the virtual machines and being isolated from traffic external to the virtual machines. The method further includes automatically selecting a cloud profile specifying a cloud provider and a network isolation strategy and deploying the blueprint with the cloud provider by causing the cloud provider to create the virtual…
Linear View-Change BFT with Optimistic Responsiveness
Granted: December 12, 2019
Application Number:
20190377645
Techniques for implementing linear view-change with optimistic responsiveness in a BFT protocol running on a distributed system comprising n replicas are provided. According to one set of embodiments, the replicas can execute, during a view v of the BFT protocol, a first voting round comprising communicating instances of a first type of COMMIT certificate among the replicas. Further, when 2f+1 instances of the first type of COMMIT certificate associated with view v have been received by…
METHODS AND SYSTEMS THAT SHARE RESOURCES AMONG MULTIPLE, INTERDEPENDENT RELEASE PIPELINES
Granted: December 12, 2019
Application Number:
20190377570
The current document is directed to automated application-release-management facilities that, in a described implementation, coordinate continuous development and release of cloud-computing applications. The application-release-management process is specified, in the described implementation, by application-release-management pipelines, each pipeline comprising one or more stages, with each stage comprising one or more tasks. The currently described methods and systems allow resources to…
IDENTIFYING COMMON FILE-SEGMENT SEQUENCES
Granted: December 5, 2019
Application Number:
20190370224
Virtual-machine images (VMIs) can be compressed by identifying common cluster sequences shared across VMIs. To identify these sequences, hashes are generated for each cluster in each VMI, resulting in hash files for respective VMIs. The hashes are partitioned to address memory constraints. For each partition, its hashes are entered into buckets of a hash map according to their respective hash values. Each (non-empty) bucket associates a key hash value with one or more pointers to…
HIGH AVAILABILITY FOR A SHARED-MEMORY-BASED FIREWALL SERVICE VIRTUAL MACHINE
Granted: December 5, 2019
Application Number:
20190370131
A method for a shared-memory-based SVM to provide high availability of service is disclosed. In an embodiment, an agent process of the SVM receives a signal that one or more data packets have been queued in a shared memory device of one or more shared memory devices. Upon receiving the signal, the agent process determines whether the SVM has been designated as active for the shared memory device, and if it has, the agent process reads the one or more data packets from the shared memory…
PACKET FLOW INFORMATION INVALIDATION IN SOFTWARE-DEFINED NETWORKING (SDN) ENVIRONMENTS
Granted: November 28, 2019
Application Number:
20190363977
Example methods are provided for a first host to perform packet flow information invalidation in a software-defined networking (SDN) environment. One example method may comprise learning packet flow information based on one or more packets from a second host, the packet flow information being stored in association with a packet flow information identifier assigned to the second host. The method may further comprise: in response to detecting, from a third host or management entity, a…
APPLICATION BUILD AUTOMATION
Granted: November 28, 2019
Application Number:
20190361680
An example application build automation system can include a management engine configured to receive a first set of definitions corresponding to a first configuration file, receive a second set of definitions corresponding to a second configuration file, generate a first VSCI image using the first configuration file, and generate a second VSCI image using the second configuration file. The example system may further include a build engine configured to receive the first VSCI image and…
METHODS AND SYSTEMS TO COMPOUND ALERTS IN A DISTRIBUTED COMPUTING SYSTEM
Granted: November 7, 2019
Application Number:
20190340057
Computational methods and systems described herein are directed to compounding alerts generated in a distributed computing system. A user or system administrator may define a set of multistage process rules that can be used by a log management server application to examine log messages generated by event sources of a multistage process for alerts. A log-message database is searched to identify a log-message file used to record log messages generated by the event sources. A single…
METHODS AND SYSTEMS TO MANAGE ALERTS IN A DISTRIBUTED COMPUTING SYSTEM
Granted: November 7, 2019
Application Number:
20190340048
Computational methods and systems described herein manage alerts generated by event sources that run in a distributed computing system. Methods and system provide a graphical user interface that enables a user to define a dominant alert and select subsumed alerts generated by the event sources. Methods and systems may also compute a relative fraction that represents a number of times each alert is triggered with respect to a number of times another alert is triggered for each pair of…
LIVE MIGRATION OF VIRTUAL MACHINES ACROSS HETEROGENEOUS VIRTUAL MACHINE MANAGEMENT DOMAINS
Granted: November 7, 2019
Application Number:
20190340003
A method of migrating a virtual machine (VM) having a virtual disk from a source data center to a destination data center includes generating a snapshot of the VM to create a base disk and a delta disk in which writes to the virtual disk subsequent to the snapshot are recorded, and copying the base disk to a destination data store. The method further includes, in response to a request to migrate the VM, preparing a migration specification at the source and transmitting the migration…
PACKET HANDLING BASED ON MULTIPROCESSOR ARCHITECTURE CONFIGURATION
Granted: October 31, 2019
Application Number:
20190332408
Example methods are provided for a host to perform packet handling based on a microprocessor architecture configuration that includes a first node and a second node. One example method may comprise detecting, from a virtualized computing instance supported by the host, an egress packet for transmission to a destination via one of multiple physical network interface controllers (PNICs) of the host. The method may also comprise: identifying the first node assigned to the virtualized…
PACKET CAPTURE IN SOFTWARE-DEFINED NETWORKING (SDN) ENVIRONMENTS
Granted: October 31, 2019
Application Number:
20190334880
Example methods are provided for a network device to perform packet capture in a software-defined networking (SDN) environment. One example method may comprise detecting an egress packet that includes an inner header addressed from a first node to a second node; and identifying a security policy applicable to the egress packet by comparing one or more fields in the inner header with one or more match fields specified by the security policy. The method may further comprise: based on the…
