公开(公告)号：US09712411B2

公开(公告)日：2017-07-18

申请号：US14981629

申请日：2015-12-28

Applicant: NETFLIX, INC.

Inventor： Ariel Tseitlin ,  Joseph Sondow

IPC: G06F15/16 ,  H04L12/26 ,  H04L12/24 ,  H04L29/08 ,  G06F11/36

CPC classification number: H04L43/08 ,  G06F11/368 ,  H04L29/08153 ,  H04L29/0827 ,  H04L41/0896 ,  H04L41/5025 ,  H04L41/5096 ,  H04L67/10

Abstract: A data processing method, comprising: using computing apparatus, causing instantiating a plurality of baseline application instances that are running a first version of software, and one or more canary application instances that are running a second version of the software; using computing apparatus including a load balancer, causing selectively routing a first proportion of incoming requests to the baseline instances, and routing a second proportion of the incoming requests to the canary instances; monitoring the plurality of canary instances to collect performance data for performance metrics; determining that the performance data indicates a negative performance issue, and in response thereto: using computing apparatus, automatically updating the first proportion to be larger and updating the second proportion to be smaller, and then reconfiguring the load balancer based upon the first proportion and the second proportion; terminating one or more of the canary application instances.

公开(公告)号：US20140379901A1

公开(公告)日：2014-12-25

申请号：US13926797

申请日：2013-06-25

Applicant: NETFLIX, INC.

Inventor： Ariel Tseitlin ,  Joe Sondow

IPC: H04L12/26

CPC classification number: H04L43/08 ,  G06F11/368 ,  H04L29/08153 ,  H04L29/0827 ,  H04L41/0896 ,  H04L41/5025 ,  H04L41/5096 ,  H04L67/10

Abstract: A data processing method, comprising: using computing apparatus, causing instantiating a plurality of baseline application instances that are running a first version of software, and one or more canary application instances that are running a second version of the software; using computing apparatus including a load balancer, causing selectively routing a first proportion of incoming requests to the baseline instances, and routing a second proportion of the incoming requests to the canary instances; monitoring the plurality of canary instances to collect performance data for performance metrics; determining that the performance data indicates a negative performance issue, and in response thereto: using computing apparatus, automatically updating the first proportion to be larger and updating the second proportion to be smaller, and then reconfiguring the load balancer based upon the first proportion and the second proportion; terminating one or more of the canary application instances.

Abstract translation: 一种数据处理方法，包括：使用计算装置，使得运行软件的第一版本的多个基线应用程序实例，以及运行该软件的第二版本的一个或多个金丝雀应用程序实例; 使用包括负载均衡器的计算设备，使得选择性地将进入的请求的第一比例路由到基线实例，并将传入请求的第二比例路由到金丝雀实例; 监视多个金丝雀实例以收集绩效指标的绩效数据; 确定性能数据表示负性能问题，并响应于此：使用计算装置，将第一比例自动更新为更大，并将第二比例更新为更小，然后基于第一比例重新配置负载平衡器， 第二比例; 终止一个或多个金丝雀应用程序实例。

公开(公告)号：US20140282422A1

公开(公告)日：2014-09-18

申请号：US13796923

申请日：2013-03-12

Applicant: NETFLIX, INC.

Inventor： Philip Simon Tuffs ,  Roy Rapoport ,  Ariel Tseitlin

IPC: G06F11/34

CPC classification number: G06F11/3452 ,  G06F11/3428 ,  G06F2201/865

Abstract: Techniques for evaluating a second version of software. Embodiments selectively route incoming requests to software instances within a plurality of baseline instances and a plurality of canary instances, where the baseline instances run a first software version and the canary instances run the second software version. The software instances are monitored to collect performance data for a plurality of performance metrics. Embodiments calculate aggregate baseline performance metrics, where each of the aggregate baseline performance metrics is calculated based on the collected performance data for the plurality of baseline instances. For each of the performance metrics and canary instances, embodiments calculate a relative performance value that measures the collected performance data for the respective canary instance and for the respective performance metric, relative to the corresponding aggregate baseline performance metric. A final measure of performance is calculated for the second version of software, based on the relative performance values.

Abstract translation: 用于评估第二版软件的技术。 实体选择性地将传入请求路由到多个基线实例和多个金丝雀实例中的软件实例，其中基准实例运行第一软件版本，而金丝雀实例运行第二软件版本。 监视软件实例以收集多个性能度量的性能数据。 实施例计算聚合基线性能度量，其中基于多个基准实例的收集的性能数据来计算每个聚合基线性能指标。 对于每个性能指标和金丝雀实例，实施例计算相对性能值，该相对性能值相对于相应的聚合基线性能度量来衡量针对相应的金丝雀实例和相应的性能度量的收集的性能数据。 基于相对性能值，针对第二版软件计算性能的最终测量。

公开(公告)号：US10318399B2

公开(公告)日：2019-06-11

申请号：US13796923

申请日：2013-03-12

Applicant: Netflix, Inc.

Inventor： Philip Simon Tuffs ,  Roy Rapoport ,  Ariel Tseitlin

IPC: G06F9/44 ,  G06F11/34

Abstract: Techniques for evaluating a second version of software. Embodiments selectively route incoming requests to software instances within a plurality of baseline instances and a plurality of canary instances, where the baseline instances run a first software version and the canary instances run the second software version. The software instances are monitored to collect performance data for a plurality of performance metrics. Embodiments calculate aggregate baseline performance metrics, where each of the aggregate baseline performance metrics is calculated based on the collected performance data for the plurality of baseline instances. For each of the performance metrics and canary instances, embodiments calculate a relative performance value that measures the collected performance data for the respective canary instance and for the respective performance metric, relative to the corresponding aggregate baseline performance metric. A final measure of performance is calculated for the second version of software, based on the relative performance values.

公开(公告)号：US09577950B2

公开(公告)日：2017-02-21

申请号：US14703859

申请日：2015-05-04

Applicant: NETFLIX, INC.

Inventor： Ariel Tseitlin ,  Praveen Sadhu

IPC: G06F15/16 ,  H04L12/917 ,  G06F17/30 ,  H04L29/08

CPC classification number: H04L47/76 ,  G06F9/5022 ,  G06F17/301 ,  G06F17/30598 ,  H04L29/06 ,  H04L29/08072 ,  H04L67/10 ,  H04L67/306

Abstract: Techniques are disclosed for reclaiming resources within a distributed computing system. A reclamation application searches the distributed computing architecture for unused resources, classifies the unused resources, and determines an expiration period based on the classification. The reclamation application determines a candidate owner of the resource based on one or more characteristics of the resource. The reclamation application then notifies the candidate owner that the resource is to be reclaimed unless claimed by the candidate owner within the expiration period. If the candidate owner claims the resource within the expiration period, then the reclamation application terminates the reclamation of the resource. If the candidate owner does not claim the resource within the expiration period, then the reclamation application reclaims the resource after the duration of the expiration period. Advantageously, reclaiming resources results in more efficient utilization of resources, lower operation and maintenance costs, and improved system security.

Abstract translation: 公开了用于在分布式计算系统内回收资源的技术。 回收应用程序在分布式计算架构中搜索未使用的资源，对未使用的资源进行分类，并根据分类确定到期时间。 回收应用程序基于资源的一个或多个特征来确定资源的候选所有者。 填海申请然后通知候选人所有者资源将被回收，除非候选人在有效期内声明。 如果候选人在过期期限内要求资源，则填海申请将终止资源的回收。 如果候选人所有者在到期期限内没有要求资源，则填海申请在到期期限之后回收资源。 有利的是，回收资源可以更有效地利用资源，降低运营和维护成本，提高系统安全性。

公开(公告)号：US10798017B2

公开(公告)日：2020-10-06

申请号：US15437407

申请日：2017-02-20

Applicant: NETFLIX, INC.

Inventor： Ariel Tseitlin ,  Praveen Sadhu

IPC: G06F15/16 ,  H04L12/917 ,  G06F16/14 ,  G06F16/28 ,  H04L29/08 ,  G06F9/50 ,  H04L29/06

Abstract: Techniques are disclosed for reclaiming resources within a distributed computing system. A reclamation application searches the distributed computing architecture for unused resources, classifies the unused resources, and determines an expiration period based on the classification. The reclamation application determines a candidate owner of the resource based on one or more characteristics of the resource. The reclamation application then notifies the candidate owner that the resource is to be reclaimed unless claimed by the candidate owner within the expiration period. If the candidate owner claims the resource within the expiration period, then the reclamation application terminates the reclamation of the resource. If the candidate owner does not claim the resource within the expiration period, then the reclamation application reclaims the resource after the duration of the expiration period. Advantageously, this approach to reclaiming resources results in more efficient utilization of resources, lower operation and maintenance costs, and improved system security.

公开(公告)号：US10691814B2

公开(公告)日：2020-06-23

申请号：US15960468

申请日：2018-04-23

Applicant: NETFLIX, INC.

Inventor： Ariel Tseitlin ,  Roy Rapoport ,  Jason Chan

IPC: H04L29/06 ,  G06F21/60 ,  G06F16/28 ,  G06F21/45 ,  G06F21/57 ,  H04L9/32 ,  H04L12/26 ,  G06F9/50 ,  H04L12/24 ,  G06F11/30 ,  G06F21/00 ,  H04L29/08

Abstract: A security application manages security and reliability of networked applications executing collection of interacting computing elements within a distributed computing architecture. The security application monitors various classes of resources utilized by the collection of nodes within the distributed computing architecture and determine whether utilization of a class of resources is approaching a pre-determined maximum limit. The security application performs a vulnerability scan of a networked application to determine whether the networked application is prone to a risk of intentional or inadvertent breach by an external application. The security application scans a distributed computing architecture for the existence of access control lists (ACLs), and stores ACL configurations and configuration changes in a database. The security application scans a distributed computing architecture for the existence of security certificates, places newly discovered security certificates in a database, and deletes outdated security certificates. Advantageously, security and reliability are improved in a distributed computing architecture.

公开(公告)号：US09953173B2

公开(公告)日：2018-04-24

申请号：US14703862

申请日：2015-05-04

Applicant: NETFLIX, INC.

Inventor： Ariel Tseitlin ,  Roy Rapoport ,  Jason Chan

IPC: H04L29/06 ,  G06F21/60 ,  H04L12/26 ,  G06F17/30

CPC classification number: G06F21/604 ,  G06F9/50 ,  G06F11/302 ,  G06F11/3051 ,  G06F17/30598 ,  G06F21/00 ,  G06F21/45 ,  G06F21/577 ,  G06F2209/504 ,  G06F2221/034 ,  G06F2221/2141 ,  H04L9/3268 ,  H04L41/12 ,  H04L43/16 ,  H04L63/101 ,  H04L63/1408 ,  H04L63/1433 ,  H04L67/10 ,  Y02D10/22

Abstract: A security application manages security and reliability of networked applications executing collection of interacting computing elements within a distributed computing architecture. The security application monitors various classes of resources utilized by the collection of nodes within the distributed computing architecture and determine whether utilization of a class of resources is approaching a pre-determined maximum limit. The security application performs a vulnerability scan of a networked application to determine whether the networked application is prone to a risk of intentional or inadvertent breach by an external application. The security application scans a distributed computing architecture for the existence of access control lists (ACLs), and stores ACL configurations and configuration changes in a database. The security application scans a distributed computing architecture for the existence of security certificates, places newly discovered security certificates in a database, and deletes outdated security certificates. Advantageously, security and reliability are improved in a distributed computing architecture.

公开(公告)号：US09582395B2

公开(公告)日：2017-02-28

申请号：US13826942

申请日：2013-03-14

Applicant: Netflix, Inc.

Inventor： Philip Simon Tuffs ,  Roy Rapoport ,  Ariel Tseitlin

IPC: G06F11/00 ,  G06F11/34 ,  G06F11/07

CPC classification number: G06F11/3452 ,  G06F11/0709 ,  G06F11/079 ,  G06F11/3409 ,  G06F11/3495

Abstract: Techniques are described for identifying a root cause of a pattern of performance data in a system including a plurality of services. Embodiments provide dependency information for each of the plurality of services, where at least one of the plurality of services is dependent upon a first one of the plurality of services. Each of the plurality of services is monitored to collect performance data for the respective service. Embodiments further analyze the performance data to identify a cluster of services that each follow a pattern of performance data. The first one of the services in the cluster of services is determined to be a root cause of the pattern of performance data, based on the determined dependency information for each of the plurality of services.

Abstract translation: 描述了用于识别包括多个服务的系统中的性能数据模式的根本原因的技术。 实施例为多个服务中的每一个提供依赖信息，其中多个服务中的至少一个服务依赖于多个服务中的第一个服务。 监视多个服务中的每一个以收集相应服务的性能数据。 实施例进一步分析性能数据，以识别每个遵循性能数据模式的服务集群。 基于针对多个服务中的每一个确定的依赖性信息，将服务集群中的服务中的第一个服务确定为性能数据模式的根本原因。

公开(公告)号：US09225621B2

公开(公告)日：2015-12-29

申请号：US13926797

申请日：2013-06-25

Applicant: NETFLIX, INC.

Inventor： Ariel Tseitlin ,  Joe Sondow

IPC: G06F15/173 ,  H04L12/26 ,  H04L12/24 ,  H04L29/08 ,  G06F11/36

CPC classification number: H04L43/08 ,  G06F11/368 ,  H04L29/08153 ,  H04L29/0827 ,  H04L41/0896 ,  H04L41/5025 ,  H04L41/5096 ,  H04L67/10

Abstract: A data processing method, comprising: using computing apparatus, causing instantiating a plurality of baseline application instances that are running a first version of software, and one or more canary application instances that are running a second version of the software; using computing apparatus including a load balancer, causing selectively routing a first proportion of incoming requests to the baseline instances, and routing a second proportion of the incoming requests to the canary instances; monitoring the plurality of canary instances to collect performance data for performance metrics; determining that the performance data indicates a negative performance issue, and in response thereto: using computing apparatus, automatically updating the first proportion to be larger and updating the second proportion to be smaller, and then reconfiguring the load balancer based upon the first proportion and the second proportion; terminating one or more of the canary application instances.

Abstract translation: 一种数据处理方法，包括：使用计算装置，使得运行软件的第一版本的多个基线应用程序实例，以及运行该软件的第二版本的一个或多个金丝雀应用程序实例; 使用包括负载均衡器的计算设备，使得选择性地将进入的请求的第一比例路由到基线实例，并将传入请求的第二比例路由到金丝雀实例; 监视多个金丝雀实例以收集绩效指标的绩效数据; 确定性能数据表示负性能问题，并响应于此：使用计算装置，将第一比例自动更新为更大并将第二比例更新为更小，然后基于第一比例重新配置负载平衡器， 第二比例; 终止一个或多个金丝雀应用程序实例。