Method and apparatus for deploying tenant deployable elements across public clouds based on harvested performance metrics of types of resource elements in the public clouds
Granted: June 18, 2024
Patent Number:
12015536
Some embodiments of the invention provide a method of deploying first and second tenant deployable elements to a set of one or more public clouds, the first and second tenant deployable elements being different types of elements. The method identifies first and second sets of performance metrics respectively for first and second sets of candidate resource elements to use to deploy the first and second tenant deployable elements, the two sets of performance metrics being different sets of…
Authorizing lower privilege users to invoke privileged calls
Granted: June 18, 2024
Patent Number:
12014225
Solutions for enabling lower privilege users (e.g., applications, virtualized computing environment applications such as virtual machines or containers) to perform requests for service (e.g., remote procedure calls) that require higher privilege include: receiving, by a relay service executing at a first privilege level, from an application executing at a lower privilege level, a received request for service. The first privilege level is sufficient for the request, however, the…
Communications across privilege domains within a central processing unit core
Granted: June 18, 2024
Patent Number:
12014203
Systems and methods are described for communications across privilege domains within a central processing unit (“CPU”) core. The CPU core can store a kernel context associated with an operating system within the CPU. An application can request access to the CPU, and the CPU can load a user context associated with the application into the CPU. The CPU can execute instructions from the application while both the kernel context and the user context persist in the CPU. Because both…
Offloading packet processing programs from virtual machines to a hypervisor and efficiently executing the offloaded packet processing programs
Granted: June 18, 2024
Patent Number:
12014197
In one set of embodiments, a hypervisor of a host system can receive a packet processing program from a virtual network interface controller (NIC) driver of a virtual machine (VM) running on the hypervisor. The hypervisor can then attach the packet processing program to a first execution point in a physical NIC driver of the hypervisor and to a second execution point in a virtual NIC backend of the hypervisor, where the virtual NIC backend corresponds to a virtual NIC of the VM that…
Unified boot image for multiple operating systems
Granted: June 18, 2024
Patent Number:
12014185
Disclosed are various embodiments for a unified boot image that can be used to install an operating system onto a host machine and a respective operating system onto a data processing units (DPU) installed on a host machine. The unified boot image contains installation files for installing an operating system on the host machine and an installation depot that can be used to create a boot image for installing the same or different operating system on the DPU. During installation of an…
Enhanced accessibility user interface for space assignment on a floorplan
Granted: June 18, 2024
Patent Number:
12014027
Various examples are described for improving accessibility in a user interface. A is generated to manipulate a floorplan. A list user interface element can be included that allows a user to assign unassigned locations in a floorplan without having to drag and drop within the user interface.
Methods and systems for discovering incidents through clustering of alert occurring in a data center
Granted: June 11, 2024
Patent Number:
12009965
Automated computer-implemented methods and systems for discovering clusters of alerts triggered by abnormal events occurring with objects in a data center are described. In one aspect, alerts with start times in a sliding run-time window are retrieved from an alerts database. Each alert corresponds to a run-time event occurring with an object of the data center. Clusters of alerts in the sliding run-time window are detected based on the start times of the alerts and topological proximity…
Method and system for automatically curating intrusion detection signatures for workloads based on contextual attributes in an SDDC
Granted: June 11, 2024
Patent Number:
12010126
Some embodiments of the invention provide a method of implementing an intent-based intrusion detection and prevention system in a datacenter that includes at least one host computer executing multiple machines. The method receives multiple contextual attributes associated with a set of data messages processed by the multiple machines executing on the at least one host computer, the multiple contextual attributes including contextual attributes that are not L2-L4 attributes and that…
Managing L4 ports
Granted: June 11, 2024
Patent Number:
12010095
Some embodiments of the invention provide a novel method for managing layer four (L4) ports associated with a machine executing on a host computer. The method collects a set of contextual attributes relating to applications executing on the machine. It then analyzes the collected contextual attributes to identify at least one L4 port that has to have its status modified. Next, it modifies the status of the identified L4 port. In some embodiments, the status of an L4 port can be either…
Methods to support dynamic transit paths through hub clustering across branches in SD-WAN
Granted: June 11, 2024
Patent Number:
12009987
Some embodiments provide a method of transmitting data in a logical network that includes multiple hubs in a hub cluster and multiple branches. Each branch connects to a hub of the cluster through a virtual private network (VPN) tunnel. The method is performed by a network controller. The method assigns one of the hubs as a master hub. The method then sends a command to each of the other hubs in the hub cluster to establish a VPN tunnel between the other hub and the master hub. The…
Application component identification and analysis in a virtualized computing system
Granted: June 11, 2024
Patent Number:
12008392
An example method of application identification in a virtualized computing system having a cluster of hosts, the hosts including virtualization layers supporting virtual machines (VMs), is described. The method includes: executing, by application analysis software, process discovery agents for the VMs; receiving, at the application analysis software from the process discovery agents, process metadata describing processes executing on the VMs; generating signatures for the processes based…
Universal serial bus (USB) redirection for USB human interface device (HID) class devices
Granted: June 11, 2024
Patent Number:
12008381
Techniques for implementing improved USB redirection of USB HID class devices are provided. In one set of embodiments a client system can receive, from a virtual desktop running on a server system, a poll message directed to an HID interface of a USB HID class device plugged into the client system and identify a polling thread associated with the HID interface. The client system can further save a copy of the poll message in the polling thread and initiate local polling of the HID…
Techniques for reducing CPU privilege boundary crossings
Granted: June 11, 2024
Patent Number:
12008372
In one set of embodiments, an operating system (OS) kernel of a computer system can receive an invocation of a system call by a user program running on the computer system. The OS kernel can further fetch a plurality of subsequent instructions that will be executed by the user program after the invocation of the system call and decode the plurality of subsequent instructions into a plurality of decoded instructions. The OS kernel can then analyze whether the plurality of decoded…
Coherence-based dynamic code rewriting, tracing and code coverage
Granted: June 11, 2024
Patent Number:
12008361
A device tracks accesses to pages of code executed by processors and modifies a portion of the code without terminating the execution of the code. The device is connected to the processors via a coherence interconnect and a local memory of the device stores the code pages. As a result, any requests to access cache lines of the code pages made by the processors will be placed on the coherence interconnect, and the device is able to track any cache-line accesses of the code pages by…
Power efficient memory value updates for arm architectures
Granted: June 11, 2024
Patent Number:
12007936
Disclosed are various examples of providing provide efficient waiting for detection of memory value updates for Advanced RISC Machines (ARM) architectures. An ARM processor component instructs a memory agent to perform a processing action, and executes a waiting function. The waiting function ensures that the processing action is completed by the memory agent. The waiting function performs an exclusive load at a memory location, and a wait for event (WFE) instruction that causes the ARM…
Lifecycle management of virtual infrastructure management server appliance
Granted: June 11, 2024
Patent Number:
12007859
A method of upgrading a VIM server appliance includes: creating a snapshot of logical volumes mapped to physical volumes that store configuration and database files of virtual infrastructure management (VIM) services provided by a first VIM server appliance to be upgraded; after the snapshot is created, expanding the configuration and database files to be compatible with a second VIM server appliance; replicating the logical volumes which have been modified as a result of expanding the…
Methods and systems for resolving performance problems with objects of a data center
Granted: June 11, 2024
Patent Number:
12007830
Automated, computer-implemented methods and systems for resolving performance problems with objects executing in a data center are described. The automated methods use machine learning to train a model that comprises rules defining relationships between probabilities of event types of in log messages and values of a key performance indictor (“KPI”) of the object over a historical time period. When a KPI violates a corresponding threshold, the rules are used to evaluate run time log…
Replication of inventory data across multiple software-defined data centers
Granted: June 4, 2024
Patent Number:
12001449
A method of managing the sharing of inventory data across a plurality of data centers, includes the steps of detecting a change made to the inventory data by one of the data centers, updating a desired state document that specifies a desired state of each of the data centers, the updated desired state document including the inventory data as changed, and instructing each of other ones of the data centers to update the inventory data using the updated desired state document. Each of the…
Methods and apparatus to generate code as a plug-in in a cloud computing environment
Granted: June 4, 2024
Patent Number:
12001860
Methods, apparatus, systems, and articles of manufacture are disclosed to generate code as a plug-in in a cloud computing environment. An example system includes at least one memory, programmable circuitry, and machine readable instructions to program the programmable circuitry to introspect code in a library to obtain introspection data, the library corresponding to a resource that is to be deployed in a cloud infrastructure environment, generate a model based on the introspection data,…
Automatic self-adjusting software image recommendation
Granted: June 4, 2024
Patent Number:
12001828
A method of updating a desired state of a virtualization software for a cluster of hosts includes: in response to a notification of a change associated with the cluster, determining versions of a base image of the virtualization software that are compatible with the cluster; for each compatible version of the base image, determining versions of an add-on image of the virtualization software that are compatible with the compatible version of the base image and the cluster; presenting as a…
