Direct access storage for persistent services in a distributed storage system
Granted: February 13, 2024
Patent Number:
11900141
An example virtualized computing system includes a cluster of hosts having a virtualization layer executing thereon and configured to manage virtual machines (VMs); first and second local storage devices in a first host, the first local storage device being part of a virtual storage area network (vSAN) and the second local storage device being exclusive of the vSAN; and an orchestration control plane, integrated with the virtualization layer and including a master server managing state…
Secure gateway onboarding via mobile devices for internet of things device management
Granted: February 13, 2024
Patent Number:
11902268
Disclosed are various examples for enrollment of gateways using a client device. In one example, a request is transmitted from a client device to a management service. The request comprises the gateway identifier. Gateway credentials are relayed through the client device from the management service to the gateway device. The gateway credentials are unexposed to users of the client device.
Path selection for data packets encrypted based on an IPSEC protocol
Granted: February 13, 2024
Patent Number:
11902264
A method for selecting between a plurality of paths for sending an encrypted packet from a source endpoint to a destination endpoint is provided. The method selects a first path of the plurality of paths for sending the encrypted packet from the source endpoint to the destination endpoint, each of the plurality of paths associated with a different one of a plurality of source ports, the encrypted packet being encrypted based on a security association established between the source…
Methods and systems of application security mesh user interfaces
Granted: February 13, 2024
Patent Number:
11902247
A computerized method for implementing distributed application security mesh systems comprising: providing a service graph; and providing an underlying mesh graph with a pre-defined paths.
Per-namespace IP address management method for container networks
Granted: February 13, 2024
Patent Number:
11902245
Some embodiments of the invention provide a method of sending data in a network that includes at least one worker node executing one or more sets of containers and a virtual switch, the virtual switch including a gateway interface, a virtual local area network (VLAN) tunnel interface, and a set of virtual Ethernet interfaces associated with the one or more sets of containers. The method configures the gateway interface of the worker node to associate the gateway interface with multiple…
Using VTI teaming to achieve load balance and redundancy
Granted: February 13, 2024
Patent Number:
11902164
In an embodiment, a computer-implemented method for using virtual tunnel interface teaming to achieve load balance and redundancy in virtual private networks (“VPNs”) is disclosed. In an embodiment, a method comprises: receiving, by a gateway, configuration data from a control plane; based on the configuration data, configuring on the gateway a bonded virtual tunnel interface (“bonded VTI”) having a plurality of slave virtual tunnel interfaces (“slave VTIs”); configuring a…
Congestion avoidance in a slice-based network
Granted: February 13, 2024
Patent Number:
11902080
A system can reduce congestion in slice-based networks, such as a virtual service network (“VSN”). The system can include a monitoring module that communicates with agents on switches, such as routers or servers. The switches report telematics data to the monitoring module, which determines slice-specific performance attributes such as slice latency and slice throughput. These slice-specific performance attributes are compared against software license agreement (“SLA”)…
Method for providing distributed gateway service at host computer
Granted: February 13, 2024
Patent Number:
11902050
Some embodiments of the invention provide a novel network architecture for providing edge services of a virtual private cloud (VPC) at host computers hosting machines of the VPC. The host computers in the novel network architecture are reachable from external networks through a gateway router of an availability zone (AZ). The gateway router receives a data message from the external network addressed to one or more data compute nodes (DCNs) in the VPC and forwards the data message to a…
System for analyzing and attesting physical access
Granted: February 13, 2024
Patent Number:
11900748
Methods and systems are described for analyzing and attesting physical access to a location. In an example, an administrator can create a survey for users in an organization. The survey can be sent to a user device as a notification. The user can complete the survey, and the user's physical access rights can be determined based on the survey answers. When the user attempts to gain access to a location of the organization, the user can provide a digital access badge. The digital access…
Method for repointing resources between hosts
Granted: February 13, 2024
Patent Number:
11900159
Techniques are disclosed for reallocating host resources in a virtualized computing environment when certain criteria have been met. In some embodiments, a system identifies a host disabling event. In view of the disabling event, the system identifies a resource for reallocation from a first host to a second host. Based on the identification, the computer system disassociates the identified resource's virtual identifier from the first host device and associates the virtual identifier…
Managing power consumption in a software build environment
Granted: February 13, 2024
Patent Number:
11899514
Described herein are systems, methods, and software to manage power consumption in a software build environment. In one implementation, a monitoring service monitors power consumption information associated with a build environment for one or more software components. The monitoring service further identifies one or more trends associated with the power consumption information based at least on the power consumption information satisfying one or more criteria and generates a summary for…
Multisite service personalization hybrid workflow engine
Granted: February 13, 2024
Patent Number:
11900139
A method of executing workflows in virtual machines that have been deployed to implement virtual network functions of a network service, wherein the virtual machines are running in a plurality of data centers each having a cloud management server running a cloud computing management software to provision virtual infrastructure resources thereof for a plurality of tenants, includes upon receiving a request to execute a workflow along with a plurality of parameters including first and…
Remote access control of VM console located in cloud from on-premises computer device
Granted: February 13, 2024
Patent Number:
11900138
A method of enabling remote access to a console of a virtual machine (VM) running in a host and managed by a VM management server, from a remote computing device, includes the steps of: in response to a request to access the console of the VM from the remote computing device, issuing a request for a first ticket, the first ticket including an identifier of the host in which the VM is running; upon receiving the first ticket, issuing a request for a second ticket to access a proxy server;…
Reduced downtime during upgrade of an application hosted in a data center
Granted: February 13, 2024
Patent Number:
11900099
A method of upgrading an application in a software-defined data center (SDDC) includes: deploying, by lifecycle management software executing in the SDDC, a second appliance, a first appliance executing services of the application at a first version, the second appliance having services of the application at a second version, the services in the first appliance being active and the services in the second appliance being inactive; expanding, by the lifecycle management software, state of…
Extracting and populating content from an email link
Granted: February 13, 2024
Patent Number:
11899734
Systems and methods are described for extracting and populating content from an email link. In an example, a machine learning (“ML”) model can be trained based on user interactions with emails. When an email is received for the user, the ML model can be applied to score the email. An application can extract a link in the email. The application can retrieve a web page with the link and store it locally. The application can create a card for the email that includes the link and insert…
Linear byzantine agreement
Granted: February 13, 2024
Patent Number:
11899654
An optimistic byzantine agreement protocol (the protocol) first tries to reach agreement via an efficient deterministic algorithm (synchronous protocol) that relies on synchrony for termination. If an agreement is not reached (e.g., due to asynchrony), the protocol uses a randomized asynchronous algorithm (asynchronous protocol) for fallback. Although randomized asynchronous algorithms are considered to be costly, the rationale here is to bound communication in non-synchronous runs after…
Maintenance of data message classification cache on smart NIC
Granted: February 13, 2024
Patent Number:
11899594
Some embodiments provide a method for performing data message processing at a smart NIC of a computer that executes a software forwarding element (SFE). The method stores (i) a set of cache entries that the smart NIC uses to process a set of received data messages without providing the data messages to the SFE and (ii) rule updates used by the smart NIC to validate the cache entries. After a period of time, the method determines that the rule updates are incorporated into a data message…
Computer storage deduplication
Granted: February 13, 2024
Patent Number:
11899592
Decentralized deduplication operations in a computer system employ a hash index that is a variant of a B+ tree to support both efficient sequential updates as well as efficient random updates. Sequential update is selected when deduplication is infrequently performed, such as on the order of days, and random update is selected when deduplication is performed more frequently, such as on the order of seconds. More frequent deduplication may be beneficial during periods when large amounts…
Usage pattern virtual machine idle detection
Granted: February 13, 2024
Patent Number:
11899554
The detection of utilized virtual machines through usage pattern analysis is described. In one example, a computing device can collect utilization metrics from a virtual machine over time. The utilization metrics can be related to one or more processing usage, disk usage, network usage, and memory usage metrics, among others. The utilization metrics can be used to determine a number of clusters, and the clusters can be used to organize the utilization metrics into groups. Depending upon…
Methods and systems for identifying and resolving root causes of performance problems in data center object
Granted: February 13, 2024
Patent Number:
11899528
Automated methods and systems for identifying and resolving performance problems of objects of a data center are described. The automated methods and systems construct a model for identifying objects of the datacenter that are experiencing performance problems based on baseline distributions of events of the objects in a historical time period and event distributions of events of the objects in a time window located outside the historical time period. A root causes and recommendations…
