Policy-based forwarding to a load balancer of a load balancing cluster
Granted: December 10, 2024
Patent Number:
12166816
Some embodiments of the invention provide a method for forwarding data messages between a client and a server (e.g., between client and server machines and/or applications). In some embodiments, the method receives a data message that a load balancer has directed from a particular client to a particular server after selecting the particular server from a set of several candidate servers for the received data message's flow. The method stores an association between an identifier…
Actor-and-data-grid-based distributed applications
Granted: December 10, 2024
Patent Number:
12166814
The current document is directed to improved distributed service-oriented applications developed according to a new and improved architecture for developing distributed service-oriented applications. The new and improved architecture includes a stateless-communications-protocol interface to external users and clients, services implemented by actors that communicate using message passing, and a distributed data grid for persistent storage of data. Distributed service-oriented applications…
Connecting a software-defined data center to cloud services through an agent platform appliance
Granted: December 10, 2024
Patent Number:
12166753
A method of connecting a software-defined data center (SDDC) to a cloud platform to enable the cloud platform to deliver cloud services to the SDDC includes the steps of: deploying an agent platform appliance that is connected to a management network of the SDDC; and deploying a plurality of agents on the agent platform appliance, wherein the agents include a first agent that is configured to issue a command to a component of the SDDC to perform an operation requested by a cloud service…
DNS-based GSLB-aware SD-WAN for low latency SaaS applications
Granted: December 10, 2024
Patent Number:
12166661
Some embodiments of the invention provide a method of sending data messages from an edge router at a first location of an enterprise network to a SaaS (software as a service) application server provided by a third-party at a second location. The method receives, from a DNS (domain name system) first server, a resolution for a particular destination network address for the SaaS application server at the second location. From a second server, the method obtains an identifier for a first…
System for software service upgrade
Granted: December 10, 2024
Patent Number:
12164899
Examples are disclosed for upgrading services of a software-based service according to a predefined sequence to account for dependencies between services. An upgrade package that includes a manifest defining an order for upgrading services of the software-based system is retrieved. Each service is upgraded according to the sequence and a status log is modified following each upgrade to include a unified status summary associated with all services being upgraded.
Two-phase commit using reserved log sequence values
Granted: December 10, 2024
Patent Number:
12164505
System and method for managing different classes of storage input/output (I/O) requests for a two-phase commit operation in a distributed storage system assigns reserved log sequence values to each of storage I/O requests of a first class, which are added to a two-phase commit queue. The reserved log sequence values of the storage I/O requests of the first class in the two-phase commit queue are assigned to some of the storage I/O requests of the second class, which are added to the…
Obtaining software updates from neighboring hosts in a virtualized computing system
Granted: December 3, 2024
Patent Number:
12159132
An example method of upgrading a host in a cluster under management of a lifecycle manager in a virtualized computing system includes: receiving, from the lifecycle manager at a host in the cluster being upgraded, a desired software specification for a hypervisor of the host; determining, by the host, a list of required software installation bundles (SIBs) to satisfy the desired software specification; identifying a neighboring host in the cluster for the host; downloading, from the…
Managing layer two network extension communications using maximum segment size (MSS) modifications
Granted: December 3, 2024
Patent Number:
12160491
Described herein are systems, methods, and software to manage the encapsulation of layer two communications across computing sites. In one example, a gateway at a first computing site may receive an encapsulated packet from a second gateway at a second computing site. After receiving the encapsulated packet, the gateway decapsulates the encapsulated packet and determines that the decapsulated packet satisfies MSS criteria. The gateway further, in response to determining that the…
Multi-network/domain service discovery in a container orchestration platform
Granted: December 3, 2024
Patent Number:
12160467
A computer-implemented method, medium, and system for multi-network/domain service discovery in a container orchestration platform are disclosed. In one computer-implemented method, a pool of servers with a plurality of network interface controllers (NICs) is created in a load balancer and by an operator in a worker node of a container orchestration platform, where each of the plurality of NICs is defined by a corresponding network attachment definition (NAD) object of a plurality of NAD…
Capacity-aware layer-4 load balancer
Granted: December 3, 2024
Patent Number:
12160465
Some embodiments provide a method of implementing capacity-aware load balancing across a set of data compute nodes (DCNs) by reducing latency for the set of DCNs. From the set of DCNs, the method identifies (1) a first subset of DCNs including DCNs that have a latency that is higher than an average latency computed for the set of DCNs and (2) a second subset of DCNs including DCNs that have a latency that is lower than the average latency computed for the set of DCNs. For each DCN in the…
Deploying a distributed load balancer in a virtualized computing system
Granted: November 26, 2024
Patent Number:
12155718
An example method of distributed load balancing in a virtualized computing system includes: configuring, at a logical load balancer, a traffic detector to detect traffic to a virtual internet protocol address (VIP) of an application having a plurality of instances; detecting, at the traffic detector, a first request to the VIP from a client executing in a virtual machine (VM) supported by a hypervisor executing on a first host; sending, by a configuration distributor of the logical load…
Packet classification with multiple classifiers
Granted: November 26, 2024
Patent Number:
12155576
Some embodiments provide a method for a forwarding element that receives a packet. The method determines whether the packet matches any flow entries in a first cache that uses a first type of algorithm to identify matching flow entries for packets. When the packet does not match any flow entries in the first cache, the method determines whether the packet matches any flow entries in a second cache that uses a second, different type of algorithm to identify matching flow entries for…
Scalable overlay multicast routing in multi-tier edge gateways
Granted: November 26, 2024
Patent Number:
12155564
A method for offloading multicast replication from multiple tiers of edge nodes implemented by multiple host machines to a physical switch is provided. Each of the multiple host machines implements a provider edge node and a tenant edge node. One host machine among the multiple host machines receives a packet having an overlay multicast group identifier. The host machine maps the overlay multicast group identifier to an underlay multicast group identifier. The host machine encapsulates…
Resource access control in cloud environments
Granted: November 19, 2024
Patent Number:
12149537
Access control management to shared resources in a common resource directory between different users of cloud data centers can be implemented as computer-readable methods, media and systems. A resource managing service receives a request to access resources of a resource directory managed by the resource managing service. The request includes a token for identity authentication. The resource managing service determined a container membership associated with the token, where the container…
Determining flow paths of packets through nodes of a network
Granted: November 19, 2024
Patent Number:
12149441
A search engine queries a network model for behavior of the entire network, such as data flow, based on combinations of multiple network elements. The search engine provides the state information and/or predicted behavior of the network by searching network objects in a graph-based model or a network state database that satisfy constraints given in a search query. The search engine provides the state information and/or predicted behavior based on regular-expression or plain language…
Deploying enclaves on different tee backends using a universal enclave binary
Granted: November 19, 2024
Patent Number:
12147530
The disclosure herein describes deploying a Virtual Secure Enclave (VSE) using a universal enclave binary and a Trusted Runtime (TR). A universal enclave binary is generated that includes a set of binaries of Instruction Set Architectures (ISAs) associated with Trusted Execution Environment (TEE) hardware backends. A TEE hardware backend is identified in association with a VSE-compatible device. A VSE that is compatible with the identified TEE hardware backend is generated on the…
Coherence-based attack detection
Granted: November 19, 2024
Patent Number:
12147528
While an application or a virtual machine (VM) is running, a device tracks accesses to cache lines to detect access patterns that indicate security attacks, such as cache-based side channel attacks or row hammer attacks. To enable the device to detect accesses to cache lines, the device is connected to processors via a coherence interconnect, and the application/VM data is stored in a local memory of the device. The device collects the cache lines of the application/VM data that are…
Efficient write-back for journal truncation
Granted: November 12, 2024
Patent Number:
12141063
A method for efficient write-back for journal truncation is provided. A method includes maintaining a journal in a memory of a computing system including a plurality of records. Each record indicates a transaction associated with one or more pages in an ordered data structure and maintaining a dirty list including an entry for each page indicated by a record in the journal. Each entry in the dirty list includes a respective first log sequence number (LSN) associated with a least recent…
Stun free snapshots in virtual volume datastores using delta storage structure
Granted: November 12, 2024
Patent Number:
12141463
The disclosure provides a method for virtual volume snapshot creation by a storage array. The method generally includes receiving a request to generate a snapshot of a virtual volume associated with a virtual machine, in response to receiving the request, preparing a file system of the storage array to generate the snapshot, wherein preparing the file system comprises creating a delta storage structure to receive write input/output (I/O) requests directed for the virtual volume when…
Performing resynchronization jobs in a distributed storage system based on a parallelism policy
Granted: November 12, 2024
Patent Number:
12141440
The disclosure herein describes performing resynchronization (“resync”) jobs in a distributed storage system based on a parallelism policy. A resync job is obtained from a queue and input/output (I/O) resources that will be used during execution of the resync job are identified. Available bandwidth slots of each I/O resource of the identified I/O resources are determined. The parallelism policy is applied to the identified I/O resources and the available bandwidth slots. Based on the…
