公开(公告)号：US11848910B1

公开(公告)日：2023-12-19

申请号：US18098081

申请日：2023-01-17

Applicant: VMware, Inc.

Inventor： Tao Zou ,  Danting Liu ,  Salvatore Orlando ,  Wenfeng Liu ,  Donghai Han

IPC: H04L61/5007 ,  H04L41/0895 ,  H04L41/044

CPC classification number: H04L61/5007 ,  H04L41/044 ,  H04L41/0895

Abstract: Some embodiments provide a novel method for resiliently associating Internet Protocol (IP) addresses with pods that each have unique identifiers (IDs) in a managed cluster of worker nodes managed by a first set of one or more controllers of the managed cluster. The resilient association between IP addresses and pods is maintained even when pods are moved between worker nodes. At a second set of controllers, the method receives notification regarding deployment, on a first worker node, of a stateful pod associated with a particular ID. The method allocates an IP address to the stateful pod. The method creates a mapping between the IP address and the particular ID in order to maintain the allocation of the IP address to the stateful pod. The method provides the IP address to the first set of controllers to use for the stateful pod.

公开(公告)号：US20210349765A1

公开(公告)日：2021-11-11

申请号：US16897680

申请日：2020-06-10

Applicant: VMware, Inc.

Inventor： Zhengsheng Zhou ,  Qian Sun ,  Danting Liu ,  Donghai Han

IPC: G06F9/50 ,  G06F9/455 ,  G06F9/54 ,  H04L12/713

Abstract: Some embodiments of the invention provide a method for deploying network elements for a set of machines in a set of one or more datacenters. The datacenter set is part of one availability zone in some embodiments. The method receives intent-based API (Application Programming Interface) requests, and parses these API requests to identify a set of network elements to connect and/or perform services for the set of machines. In some embodiments, the API is a hierarchical document that can specify multiple different compute and/or network elements at different levels of compute and/or network element hierarchy. The method performs automated processes to define a virtual private cloud (VPC) to connect the set of machines to a logical network that segregates the set of machines from other machines in the datacenter set. In some embodiments, the set of machines include virtual machines and containers, the VPC is defined with a supervisor cluster namespace, and the API requests are provided as YAML files.

公开(公告)号：US20240113968A1

公开(公告)日：2024-04-04

申请号：US17960126

申请日：2022-10-04

Applicant: VMware, Inc.

Inventor： Danting Liu ,  Qian Sun ,  Jianjun Shen ,  Wenfeng Liu ,  Donghai Han

IPC: H04L45/745 ,  H04L45/02 ,  H04L45/586

CPC classification number: H04L45/745 ,  H04L45/02 ,  H04L45/586

Abstract: Some embodiments provide an automated method for defining externally routable Pods within a Kubernetes cluster. In some embodiments, the Pod operates in a guest cluster has its own VPC (virtual private cloud) network in a datacenter with several other guest clusters that have their own VPC networks and their own set of managers. In some embodiments, a Pod within a GC can be made externally routable so that it can be directly addressable from an external client outside of the Pod's network by using two new Kubernetes CRDs (custom resource definitions), which are an IPPool CRD and a RouteSet CRD. Examples of such external clients include VMs or Pods in another GC or a supervisor cluster connected to the particular GC through a gateway, or from a machine outside of the network of all of the GCs or SC.

公开(公告)号：US11936544B2

公开(公告)日：2024-03-19

申请号：US17820328

申请日：2022-08-17

Applicant: VMware, Inc.

Inventor： Jianwei Sui ,  Danting Liu ,  Donghai Han ,  Wenfeng Liu ,  Jianjun Shen

IPC: G06F9/455 ,  G06F9/54 ,  H04L43/0876

CPC classification number: H04L43/0876 ,  G06F9/45558 ,  G06F9/547 ,  G06F2009/45595

Abstract: A system and method for capturing resource usage information in a network for namespaces in which pods operate are described herein. A data structure specifies a topology that includes a gateway and routing addresses in a network whose usage is to be captured. The data structure is provided to an API of a master node controlling the pods. A controller in the master node enforces the data structure and reports results back to the API.

公开(公告)号：US11689497B2

公开(公告)日：2023-06-27

申请号：US16897652

申请日：2020-06-10

Applicant: VMware, Inc.

Inventor： Jianjun Shen ,  Kai Su ,  Danting Liu ,  Yang Liu

IPC: H04L12/24 ,  H04L29/08 ,  G06F9/54 ,  H04L29/06 ,  G06F9/455 ,  H04L61/50 ,  H04L49/00 ,  H04L45/42 ,  G06F9/50 ,  H04L9/40 ,  H04L61/103 ,  H04L41/0893 ,  H04L41/18 ,  H04L41/5041 ,  H04L41/50 ,  H04L67/10 ,  H04L12/46 ,  H04L12/66 ,  H04L67/1001 ,  H04L45/586

CPC classification number: H04L61/50 ,  G06F9/45558 ,  G06F9/5083 ,  G06F9/54 ,  G06F9/547 ,  H04L12/4641 ,  H04L12/66 ,  H04L41/0893 ,  H04L41/18 ,  H04L41/5048 ,  H04L41/5077 ,  H04L45/42 ,  H04L45/586 ,  H04L49/70 ,  H04L61/103 ,  H04L63/0209 ,  H04L63/0218 ,  H04L63/0263 ,  H04L63/0272 ,  H04L63/20 ,  H04L67/10 ,  H04L67/1001 ,  G06F9/5077 ,  G06F2009/4557 ,  G06F2009/45562 ,  G06F2009/45595

Abstract: Some embodiments of the invention provide a method for deploying network elements for a set of machines in a set of one or more datacenters. The datacenter set is part of one availability zone in some embodiments. The method receives intent-based API (Application Programming Interface) requests, and parses these API requests to identify a set of network elements to connect and/or perform services for the set of machines. In some embodiments, the API is a hierarchical document that can specify multiple different compute and/or network elements at different levels of compute and/or network element hierarchy. The method performs automated processes to define a virtual private cloud (VPC) to connect the set of machines to a logical network that segregates the set of machines from other machines in the datacenter set. In some embodiments, the set of machines include virtual machines and containers, the VPC is defined with a supervisor cluster namespace, and the API requests are provided as YAML files.

公开(公告)号：US20230179484A1

公开(公告)日：2023-06-08

申请号：US18102700

申请日：2023-01-28

Applicant: VMware, Inc.

Inventor： Danting Liu ,  Jianjun Shen ,  Wenfeng Liu ,  Rui Cao ,  Ran Gu ,  Donghai Han

IPC: H04L41/08 ,  H04L12/46

CPC classification number: H04L41/0876 ,  H04L12/4641

Abstract: The method of some embodiments allocates a secondary network interface for a pod, which has a primary network interface, in a container network operating on an underlying logical network. The method receives an ND that designates a network segment. The method receives the pod, wherein the pod includes an identifier of the ND. The method then creates a secondary network interface for the pod and connects the secondary network interface to the network segment. In some embodiments, the pods include multiple ND identifiers that each identify a network segment. The method of such embodiments creates multiple secondary network interfaces and attaches the multiple network segments to the multiple secondary network interfaces.

公开(公告)号：US11595303B2

公开(公告)日：2023-02-28

申请号：US16538855

申请日：2019-08-13

Applicant: VMware, Inc.

Inventor： Yusheng Wang ,  Donghai Han ,  Danting Liu ,  Quan Tian

IPC: H04L45/00 ,  H04L45/64 ,  G06F9/455 ,  H04L47/125

Abstract: Example methods and systems for packet handling in a software-defined networking (SDN) environment are disclosed. One example method may comprise detecting an egress application-layer message from a first logical endpoint supported by a first host; and identifying a second logical endpoint supported by the second host for which the egress application-layer message is destined. The method may also comprise generating an egress packet that includes the egress application-layer message and metadata associated with the second logical endpoint, but omits one or more headers that are addressed from the first logical endpoint to the second logical endpoint. The method may further comprise sending the egress packet to the second host to cause the second host to identify the second logical endpoint based on the metadata, and to send the egress application-layer message to the second logical endpoint.

公开(公告)号：US20220400053A1

公开(公告)日：2022-12-15

申请号：US17389305

申请日：2021-07-29

Applicant: VMware, Inc.

Inventor： Danting Liu ,  Jianjun Shen ,  Wenfeng Liu ,  Rui Cao ,  Ran Gu ,  Donghai Han

IPC: H04L12/24 ,  H04L12/46

Abstract: The method of some embodiments allocates a secondary network interface for a pod, which has a primary network interface, in a container network operating on an underlying logical network. The method receives an ND that designates a network segment. The method receives the pod, wherein the pod includes an identifier of the ND. The method then creates a secondary network interface for the pod and connects the secondary network interface to the network segment. In some embodiments, the pods include multiple ND identifiers that each identify a network segment. The method of such embodiments creates multiple secondary network interfaces and attaches the multiple network segments to the multiple secondary network interfaces.

公开(公告)号：US11436057B2

公开(公告)日：2022-09-06

申请号：US16897627

申请日：2020-06-10

Applicant: VMware, Inc.

Inventor： Jianjun Shen ,  Danting Liu ,  Yang Liu

IPC: G06F9/50 ,  H04L49/00 ,  H04L45/42 ,  G06F9/455 ,  G06F9/54 ,  H04L9/40 ,  H04L61/103 ,  H04L67/1001 ,  H04L41/0893 ,  H04L41/18 ,  H04L41/5041 ,  H04L41/50 ,  H04L67/10 ,  H04L12/46 ,  H04L12/66 ,  H04L61/50 ,  H04L45/586

Abstract: Some embodiments of the invention provide a method for deploying network elements for a set of machines in a set of one or more datacenters. The datacenter set is part of one availability zone in some embodiments. The method receives intent-based API (Application Programming Interface) requests, and parses these API requests to identify a set of network elements to connect and/or perform services for the set of machines. In some embodiments, the API is a hierarchical document that can specify multiple different compute and/or network elements at different levels of compute and/or network element hierarchy. The method performs automated processes to define a virtual private cloud (VPC) to connect the set of machines to a logical network that segregates the set of machines from other machines in the datacenter set. In some embodiments, the set of machines include virtual machines and containers, the VPC is defined with a supervisor cluster namespace, and the API requests are provided as YAML, files.

公开(公告)号：US20210314240A1

公开(公告)日：2021-10-07

申请号：US16897704

申请日：2020-06-10

Applicant: VMware, Inc.

Inventor： Danting Liu ,  Jianjun Shen ,  Abhishek Raut ,  Wenfeng Liu ,  Donghai Han

IPC: H04L12/24 ,  H04L29/08 ,  G06F9/455 ,  H04L29/06 ,  G06F9/54

Abstract: Some embodiments of the invention provide a method for deploying network elements for a set of machines in a set of one or more datacenters. The datacenter set is part of one availability zone in some embodiments. The method receives intent-based API (Application Programming Interface) requests, and parses these API requests to identify a set of network elements to connect and/or perform services for the set of machines. In some embodiments, the API is a hierarchical document that can specify multiple different compute and/or network elements at different levels of compute and/or network element hierarchy. The method performs automated processes to define a virtual private cloud (VPC) to connect the set of machines to a logical network that segregates the set of machines from other machines in the datacenter set. In some embodiments, the set of machines include virtual machines and containers, the VPC is defined with a supervisor cluster namespace, and the API requests are provided as YAML files.