公开(公告)号：US20170317902A1

公开(公告)日：2017-11-02

申请号：US15650810

申请日：2017-07-14

Applicant: NETFLIX, INC.

Inventor： Ariel TSEITLIN ,  Joseph SONDOW

IPC: H04L12/26 ,  H04L12/24 ,  H04L29/08 ,  G06F11/36

CPC classification number: H04L43/08 ,  G06F11/368 ,  H04L29/08153 ,  H04L29/0827 ,  H04L41/0896 ,  H04L41/5025 ,  H04L41/5096 ,  H04L67/10 ,  H04L67/1004 ,  H04L67/1031

Abstract: A data processing method, comprising: using computing apparatus, causing instantiating a plurality of baseline application instances that are running a first version of software, and one or more canary application instances that are running a second version of the software; using computing apparatus including a load balancer, causing selectively routing a first proportion of incoming requests to the baseline instances, and routing a second proportion of the incoming requests to the canary instances; monitoring the plurality of canary instances to collect performance data for performance metrics; determining that the performance data indicates a negative performance issue, and in response thereto: using computing apparatus, automatically updating the first proportion to be larger and updating the second proportion to be smaller, and then reconfiguring the load balancer based upon the first proportion and the second proportion; terminating one or more of the canary application instances.

公开(公告)号：US20150227444A1

公开(公告)日：2015-08-13

申请号：US14691538

申请日：2015-04-20

Applicant: NETFLIX, INC.

Inventor： Ariel TSEITLIN ,  Praveen SADHU ,  Sudhir TONSE ,  Pradeep KAMATH

IPC: G06F11/263 ,  G06F11/22

CPC classification number: G06F11/263 ,  G06F11/2205 ,  G06F11/36 ,  H04L29/08072

Abstract: Techniques are disclosed for validating the resiliency of a networked application made available using a distributed computing infrastructure. In one embodiment, a latency monitoring application observes each active application component and at specified or unspecified intervals, selects one and introduces latency or error messages in one or more messages emanating from the selected active application component. The latency monitoring application then measures the effect of the latency or error messages on other active application components that are dependent on the affected active application component. By observing the effects of the failed server on the rest of the network application, a provider can ensure that each component can tolerate any unexpected latency or error conditions with the distributed computing infrastructure.

Abstract translation: 公开了用于验证使用分布式计算基础设施可用的联网应用的弹性的技术。 在一个实施例中，等待时间监视应用观察每个活动应用组件并且以指定或未指定的间隔选择一个并且在从所选活动应用组件发出的一个或多个消息中引入等待时间或错误消息。 延迟监视应用程序然后测量延迟或错误消息对依赖于受影响的活动应用程序组件的其他活动应用程序组件的影响。 通过观察失败的服务器对网络应用程序的其余部分的影响，提供商可以确保每个组件可以容忍分布式计算基础设施的任何意外的延迟或错误状况。

公开(公告)号：US20180307849A1

公开(公告)日：2018-10-25

申请号：US15960468

申请日：2018-04-23

Applicant: NETFLIX, INC.

Inventor： Ariel TSEITLIN ,  Roy RAPOPORT ,  Jason CHAN

IPC: G06F21/60 ,  H04L29/06 ,  G06F9/50 ,  G06F11/30 ,  G06F17/30 ,  H04L12/26 ,  H04L12/24 ,  H04L9/32 ,  G06F21/57 ,  G06F21/45 ,  H04L29/08

Abstract: A security application manages security and reliability of networked applications executing collection of interacting computing elements within a distributed computing architecture. The security application monitors various classes of resources utilized by the collection of nodes within the distributed computing architecture and determine whether utilization of a class of resources is approaching a pre-determined maximum limit. The security application performs a vulnerability scan of a networked application to determine whether the networked application is prone to a risk of intentional or inadvertent breach by an external application. The security application scans a distributed computing architecture for the existence of access control lists (ACLs), and stores ACL configurations and configuration changes in a database. The security application scans a distributed computing architecture for the existence of security certificates, places newly discovered security certificates in a database, and deletes outdated security certificates. Advantageously, security and reliability are improved in a distributed computing architecture.

公开(公告)号：US20160119207A1

公开(公告)日：2016-04-28

申请号：US14981629

申请日：2015-12-28

Applicant: NETFLIX, INC.

Inventor： Ariel TSEITLIN ,  Joe SONDOW

IPC: H04L12/26 ,  H04L12/24 ,  H04L29/08

CPC classification number: H04L43/08 ,  G06F11/368 ,  H04L29/08153 ,  H04L29/0827 ,  H04L41/0896 ,  H04L41/5025 ,  H04L41/5096 ,  H04L67/10

Abstract: A data processing method, comprising: using computing apparatus, causing instantiating a plurality of baseline application instances that are running a first version of software, and one or more canary application instances that are running a second version of the software; using computing apparatus including a load balancer, causing selectively routing a first proportion of incoming requests to the baseline instances, and routing a second proportion of the incoming requests to the canary instances; monitoring the plurality of canary instances to collect performance data for performance metrics; determining that the performance data indicates a negative performance issue, and in response thereto: using computing apparatus, automatically updating the first proportion to be larger and updating the second proportion to be smaller, and then reconfiguring the load balancer based upon the first proportion and the second proportion; terminating one or more of the canary application instances.

Abstract translation: 一种数据处理方法，包括：使用计算装置，使得运行软件的第一版本的多个基线应用程序实例，以及运行该软件的第二版本的一个或多个金丝雀应用程序实例; 使用包括负载均衡器的计算设备，使得选择性地将进入的请求的第一比例路由到基线实例，并将传入请求的第二比例路由到金丝雀实例; 监视多个金丝雀实例以收集绩效指标的绩效数据; 确定性能数据表示负性能问题，并响应于此：使用计算装置，将第一比例自动更新为更大并将第二比例更新为更小，然后基于第一比例重新配置负载平衡器， 第二比例; 终止一个或多个金丝雀应用程序实例。

公开(公告)号：US20150235035A1

公开(公告)日：2015-08-20

申请号：US14703862

申请日：2015-05-04

Applicant: NETFLIX, INC

Inventor： Ariel TSEITLIN ,  Roy RAPOPORT ,  Jason CHAN

IPC: G06F21/60 ,  G06F17/30 ,  H04L29/06 ,  H04L12/26

CPC classification number: G06F21/604 ,  G06F9/50 ,  G06F11/302 ,  G06F11/3051 ,  G06F17/30598 ,  G06F21/00 ,  G06F21/45 ,  G06F21/577 ,  G06F2209/504 ,  G06F2221/034 ,  G06F2221/2141 ,  H04L9/3268 ,  H04L41/12 ,  H04L43/16 ,  H04L63/101 ,  H04L63/1408 ,  H04L63/1433 ,  H04L67/10 ,  Y02D10/22

Abstract: A security application manages security and reliability of networked applications executing collection of interacting computing elements within a distributed computing architecture. The security application monitors various classes of resources utilized by the collection of nodes within the distributed computing architecture and determine whether utilization of a class of resources is approaching a pre-determined maximum limit. The security application performs a vulnerability scan of a networked application to determine whether the networked application is prone to a risk of intentional or inadvertent breach by an external application. The security application scans a distributed computing architecture for the existence of access control lists (ACLs), and stores ACL configurations and configuration changes in a database. The security application scans a distributed computing architecture for the existence of security certificates, places newly discovered security certificates in a database, and deletes outdated security certificates. Advantageously, security and reliability are improved in a distributed computing architecture.

Abstract translation: 安全应用程序管理在分布式计算体系结构中执行交互式计算元素集合的网络应用程序的安全性和可靠性。 安全应用程序监视在分布式计算架构内收集节点所利用的各种资源，并确定一类资源的利用率是否接近预定的最大限制。 安全应用程序执行联网应用程序的漏洞扫描，以确定网络应用程序是否容易受到外部应用程序有意或无意的违规的风险。 安全应用程序扫描分布式计算架构以存在访问控制列表（ACL），并将ACL配置和配置更改存储在数据库中。 安全应用程序扫描分布式计算架构以确保安全证书的存在，将新发现的安全证书放置在数据库中，并删除过期的安全证书。 有利地，在分布式计算架构中提高了安全性和可靠性。

公开(公告)号：US20170163556A1

公开(公告)日：2017-06-08

申请号：US15437407

申请日：2017-02-20

Applicant: NETFLIX, INC.

Inventor： Ariel TSEITLIN ,  Praveen SADHU

IPC: H04L12/917 ,  H04L29/08

Abstract: Techniques are disclosed for reclaiming resources within a distributed computing system. A reclamation application searches the distributed computing architecture for unused resources, classifies the unused resources, and determines an expiration period based on the classification. The reclamation application determines a candidate owner of the resource based on one or more characteristics of the resource. The reclamation application then notifies the candidate owner that the resource is to be reclaimed unless claimed by the candidate owner within the expiration period. If the candidate owner claims the resource within the expiration period, then the reclamation application terminates the reclamation of the resource. If the candidate owner does not claim the resource within the expiration period, then the reclamation application reclaims the resource after the duration of the expiration period. Advantageously, this approach to reclaiming resources results in more efficient utilization of resources, lower operation and maintenance costs, and improved system security.

公开(公告)号：US20150236976A1

公开(公告)日：2015-08-20

申请号：US14703859

申请日：2015-05-04

Applicant: NETFLIX, INC

Inventor： Ariel TSEITLIN ,  Praveen SADHU

IPC: H04L12/917 ,  G06F17/30

CPC classification number: H04L47/76 ,  G06F9/5022 ,  G06F17/301 ,  G06F17/30598 ,  H04L29/06 ,  H04L29/08072 ,  H04L67/10 ,  H04L67/306

Abstract: Techniques are disclosed for reclaiming resources within a distributed computing system. A reclamation application searches the distributed computing architecture for unused resources, classifies the unused resources, and determines an expiration period based on the classification. The reclamation application determines a candidate owner of the resource based on one or more characteristics of the resource. The reclamation application then notifies the candidate owner that the resource is to be reclaimed unless claimed by the candidate owner within the expiration period. If the candidate owner claims the resource within the expiration period, then the reclamation application terminates the reclamation of the resource. If the candidate owner does not claim the resource within the expiration period, then the reclamation application reclaims the resource after the duration of the expiration period. Advantageously, reclaiming resources results in more efficient utilization of resources, lower operation and maintenance costs, and improved system security.

Abstract translation: 公开了用于在分布式计算系统内回收资源的技术。 回收应用程序在分布式计算架构中搜索未使用的资源，对未使用的资源进行分类，并根据分类确定到期时间。 回收应用程序基于资源的一个或多个特征来确定资源的候选所有者。 填海申请然后通知候选人所有者资源将被回收，除非候选人在有效期内声明。 如果候选人在过期期限内要求资源，则填海申请将终止资源的回收。 如果候选人所有者在到期期限内没有要求资源，则填海申请在到期期限之后回收资源。 有利的是，回收资源可以更有效地利用资源，降低运营和维护成本，提高系统安全性。