Network controller as a service (NCaaS) to define network policies for third-party container clusters
Granted: January 14, 2025
Patent Number:
12199833
Some embodiments provide a method for using a first SDN controller as a Network Controller as a Service (NCaaS). The first SDN controller receives a first set of network attributes regarding network elements in a first container cluster configured by a second SDN controller, and a second set of network attributes regarding network elements in a second container cluster configured by a third SDN controller. These container clusters do not have a controller for defining particular network…
Template driven approach to deploy a multi-segmented application in an SDDC
Granted: January 14, 2025
Patent Number:
12197971
Some embodiments of the invention provide a simplified mechanism to deploy and control a multi-segmented application by using application-based manifests that express how application segments of the multi-segment application are to be defined or modified, and how the communication profiles between these segments. In some embodiments, these manifests are application specific. Also, in some embodiments, deployment managers in a software defined datacenter (SDDC) provide these manifests as…
Provisioning DPU management operating systems
Granted: January 14, 2025
Patent Number:
12197939
Disclosed are various examples of provisioning a data processing unit (DPU) management operating system (OS). A management hypervisor installer executed on a host device launches or causes a server component to provide a management operating system (OS) installer image at a particular URI accessible over a network internal to the host device. A baseboard management controller (BMC) transfers the DPU management OS installer image to the DPU device. A volatile memory based virtual disk is…
Migrating virtual machines in cluster memory systems
Granted: January 14, 2025
Patent Number:
12197935
Disclosed are various embodiments for optimizing the migration of pages of memory servers in cluster memory systems. To begin, a computing device can mark in a page table of the computing device that a page stored on a first memory host is not present. Then, the computing device can flush a translation lookaside buffer of the computing device. Next, the computing device can copy the page from the first memory host to a second memory host. Moving on, the computing device can update a page…
Distribution of bootstrap management for application monitoring
Granted: January 7, 2025
Patent Number:
12190121
The present invention is a highly available system comprising a system to send a plurality of bootstrap requests, at least one cloud proxy fit to receive the plurality of bootstrap requests, wherein each instance of the at least one cloud proxy is coupled with an adapter, and at least one host fit to communicate with one of the at least one cloud proxy.
Configuring pNIC to perform flow processing offload using virtual port identifiers
Granted: January 7, 2025
Patent Number:
12192116
Some embodiments of the invention provide a method for configuring a physical network card or physical network controller (pNIC) to provide flow processing offload (FPO) for a host computer connected to the pNIC. The host computers host a set of compute nodes in a virtual network. The set of compute nodes are each associated with a set of interfaces that are each assigned a locally-unique virtual port identifier (VPID) by a flow processing and action generator. The pNIC includes a set of…
Virtualized QoS support in software defined networks
Granted: January 7, 2025
Patent Number:
12192109
A network system that implements quality of service (QoS) by rate limiting at a logical network entity is provided. The logical network entity includes multiple transport nodes for transporting network traffic in and out of the logical network entity. The system monitors traffic loads of the multiple transport nodes of the logical network entity. The system allocates a local CR and a local BS to each of the multiple transport nodes. The allocated local CR and the local BS are determined…
Scaling for split-networking datapath
Granted: January 7, 2025
Patent Number:
12192051
Some embodiments of the invention provide a method for implementing an edge device that handles data traffic between a logical network and an external network. The method monitors resource usage of a node pool that includes multiple nodes that each executes a respective set of pods. Each of the pods is for performing a respective set of data message processing operations for at least one of multiple logical routers. The method determines that a particular node in the node pool has…
Scheduling workloads in a container orchestrator of a virtualized computer system
Granted: January 7, 2025
Patent Number:
12190140
An example method of scheduling a workload in a virtualized computing system including a host cluster having a virtualization layer directly executing on hardware platforms of hosts is described. The virtualization layer supports execution of virtual machines (VMs) and is integrated with an orchestration control plane. The method includes: receiving, at the orchestration control plane, a workload specification for the workload; selecting, at the orchestration control plane, a plurality…
Remote provisioning of hosts in public clouds
Granted: January 7, 2025
Patent Number:
12190122
Examples provide for automatically provisioning hosts in a cloud environment. A cloud daemon generates a cloud host-state configuration, for a given cloud instance of a host, stored on a cloud metadata service prior to first boot of the given cloud instance of the host. A first boot of a plurality of cloud instances of hosts is performed using a stateless, master boot image lacking host-specific configuration data. On completion of the first boot of a given cloud instance of a host, the…
Secure offloaded data transfer
Granted: January 7, 2025
Patent Number:
12189750
The disclosure provides an approach for secure offloaded data transfer. Embodiments include receiving, by a security component on a client device, from a storage system connected to the client device, a token associated with a data read request corresponding to a source file on the storage system. Embodiments include determining, by the security component, that the source file is trusted. Embodiments include generating, by the security component, an entry in a trusted token cache based…
Two-level logical to physical mapping mechanism in a log-structured file system
Granted: January 7, 2025
Patent Number:
12189574
Example methods and systems for accessing data in a log-structured file system having a plurality of snapshots of storage objects backed by a first-level copy-on-write (COW) B+ tree data structure and a plurality of second-level B+ tree data structures have been disclosed. One example method includes obtaining a first first-level mapping associated with a first snapshot from the plurality of snapshots based on a first logical block address, wherein each of the plurality of snapshots…
Credentials management and usage in application modernization
Granted: December 31, 2024
Patent Number:
12182250
Credentials management and usage in application modernization can be implemented as computer-readable methods, media and systems. A notification identifying an application modernization operation is received. The operation is to be performed on an application deployed by multiple resources arranged in multiple hierarchical levels. A resource residing at a hierarchical level of the multiple hierarchical levels is identified. The application modernization operation is to be performed on…
Explicit congestion notification in a virtual environment
Granted: December 31, 2024
Patent Number:
12184557
Some embodiments provide a method of reducing network congestion in a virtual network. The method, at a first CFE of the virtual network, receives multiple encapsulated data packets of a data stream. The encapsulated data packets having been encapsulated by a second CFE, operating on a server of the virtual network. The second CFE identifies a load percentage of the server, sets explicit congestion notification (ECN) bits on a percentage of the data packets based on the load percentage…
Framework for providing health status data
Granted: December 31, 2024
Patent Number:
12184521
Some embodiments provide a method for a health monitoring service that monitors a system with a set of services executing across a set of one or more datacenters. For each of multiple services monitored by the health monitoring service, the method (1) contacts an API exposed by the service to provide health monitoring data for the service and (2) receives health monitoring data for the service that provides, for each of multiple aspects of the service, (i) a status and (ii) an…
Mapping VLAN of container network to logical network in hypervisor to support flexible IPAM and routing container traffic
Granted: December 31, 2024
Patent Number:
12184450
Some embodiments of the invention provide a method for adding routable subnets to a logical network that connects multiple machines and is implemented by a software defined network (SDN). The method receives an intent-based API that includes a request to add a routable subnet to the logical network. The method defines (i) a VLAN (virtual local area network) tag associated with the routable subnet, (ii) a first identifier associated with a first logical switch to which at least a first…
Communications framework for multi-cluster management systems
Granted: December 31, 2024
Patent Number:
12182632
A framework for facilitating communication between a multi-cluster management (MCM) system and the clusters managed by the system is provided. According to one set of embodiments, the framework comprises two independent, unidirectional communications channels: a first channel (i.e., “intent channel”) that flows from the MCM system to each cluster, and a second channel (i.e., “data sync channel”) that flows from each cluster to the MCM system. Through the intent channel, the MCM…
Policy constraint framework for an SDDC
Granted: December 31, 2024
Patent Number:
12182630
Some embodiments of the invention provide a method for processing requests for performing operations on resources in a software defined datacenter (SDDC). The resources are software-defined (SD) resources in some embodiments. The method initially receives a request to perform an operation with respect to a first resource in the SDDC. The method identifies a policy that matches (i.e., is applicable to) the received request for the first resource by comparing a set of attributes of the…
Provisioning DPU management operating systems using firmware capsules
Granted: December 31, 2024
Patent Number:
12182602
Disclosed are various examples of provisioning a data processing unit (DPU) management operating system using a capsule. A management hypervisor installer executed on a host device receives a listing DPU device from a baseboard management controller (BMC). A preinstalled DPU management operating system image is identified for a DPU device from the listing, and is wrapped with a capsule that specifies the capsule as a DPU management operating system image capsule. A server component…
Hybrid partitioning of virtualization on multiple core systems
Granted: December 31, 2024
Patent Number:
12182597
Disclosed are various approaches for the partitioning of virtualization on systems with multiple core processors. In one approach, hardware extensions for virtualizations are enabled on one or more first cores of a plurality of cores of the processor. The hardware extensions for virtualization are disabled on one or more second cores of the plurality of cores. A virtual machine instance is executed on the first cores having the hardware extensions for virtualization enabled. A real-time…
