公开(公告)号：US11940898B2

公开(公告)日：2024-03-26

申请号：US17527188

申请日：2021-11-16

Applicant: VMware, Inc.

Inventor： Jin Liu ,  Caixia Jiang ,  Qiong Wang ,  Donghai Han

IPC: G06F11/00 ,  G06F11/07 ,  G06F11/34

CPC classification number: G06F11/3495 ,  G06F11/0709 ,  G06F11/0751

Abstract: An administrator agent and local worker agents are provided in nodes of a distributed system to support dynamic tracing of runtime data. Trace profiles are associated with the nodes on which the local worker agents reside. The local worker agents monitor the runtime data for an error, and the administrator agent adjusts the trace profile(s) in response to the error(s). The administrator agent sends the adjusted trace profile(s) to the local worker agents, so as to enable trace output data of traces performed by the nodes to be increased or decreased.

公开(公告)号：US11855862B2

公开(公告)日：2023-12-26

申请号：US17507453

申请日：2021-10-21

Applicant: VMware, Inc.

Inventor： Xi Cheng ,  Caixia Jiang ,  Dongrui Mo ,  Jingchun Jason Jiang ,  Xiaoyan Jin ,  Qiong Wang ,  Donghai Han

IPC: H04L43/028 ,  G06F9/455 ,  H04L43/10 ,  H04L47/2483 ,  H04L43/04 ,  H04L69/22 ,  H04L47/41

CPC classification number: H04L43/028 ,  G06F9/45558 ,  H04L43/04 ,  H04L43/10 ,  H04L47/2483 ,  H04L47/41 ,  H04L69/22 ,  G06F2009/45595

Abstract: Some embodiments provide a method for performing data traffic monitoring. The method processes a packet through a packet processing pipeline that includes multiple stages. At a filtering stage, the method tags the packet with a set of monitoring actions for subsequent stages to perform on the packet based on a determination that the packet matches a particular filter. For each stage of a set of packet processing stages subsequent to the filtering stage, the method (i) executes any monitoring actions specified for the stage to perform on the packet and (ii) sends the packet to a next stage in the packet processing pipeline.

公开(公告)号：US11848910B1

公开(公告)日：2023-12-19

申请号：US18098081

申请日：2023-01-17

Applicant: VMware, Inc.

Inventor： Tao Zou ,  Danting Liu ,  Salvatore Orlando ,  Wenfeng Liu ,  Donghai Han

IPC: H04L61/5007 ,  H04L41/0895 ,  H04L41/044

CPC classification number: H04L61/5007 ,  H04L41/044 ,  H04L41/0895

Abstract: Some embodiments provide a novel method for resiliently associating Internet Protocol (IP) addresses with pods that each have unique identifiers (IDs) in a managed cluster of worker nodes managed by a first set of one or more controllers of the managed cluster. The resilient association between IP addresses and pods is maintained even when pods are moved between worker nodes. At a second set of controllers, the method receives notification regarding deployment, on a first worker node, of a stateful pod associated with a particular ID. The method allocates an IP address to the stateful pod. The method creates a mapping between the IP address and the particular ID in order to maintain the allocation of the IP address to the stateful pod. The method provides the IP address to the first set of controllers to use for the stateful pod.

公开(公告)号：US11698805B2

公开(公告)日：2023-07-11

申请号：US16532098

申请日：2019-08-05

Applicant: VMware, Inc.

Inventor： Da Wan ,  Jianjun Shen ,  Feng Pan ,  Pankaj Thakkar ,  Donghai Han

IPC: G06F9/455 ,  G06F9/50

CPC classification number: G06F9/45558 ,  G06F9/5083 ,  G06F2009/4557 ,  G06F2009/45595

Abstract: In an embodiment, a computer-implemented method for dynamically exchanging runtime state data between datacenters with a gateway using a controller bridge is disclosed. In an embodiment, the method comprises: receiving one or more first runtime state data from one or more logical sharding central control planes (“CCPs”) controlling one or more logical sharding hosts; receiving one or more second runtime state data from a gateway that is controlled by a CCP that also controls one or more physical sharding hosts; aggregating to aggregated runtime state data, the one or more first runtime state data received from the one or more logical sharding CCPs and the one or more second runtime state data received from the gateway; determining updated runtime state data based on the aggregated runtime state data, the one or more first runtime state data, and the one or more second runtime state data; and transmitting the updated runtime state data to at least one of the one or more logical sharding CCPs and the gateway.

公开(公告)号：US11695665B2

公开(公告)日：2023-07-04

申请号：US16550311

申请日：2019-08-26

Applicant: VMware, Inc.

Inventor： Qiao Huang ,  Donghai Han ,  Qiong Wang ,  Xu Wang ,  Xinghua Hu ,  Yuping Wei

IPC: H04L43/065 ,  H04L41/046 ,  H04L43/0811 ,  H04L43/10

CPC classification number: H04L43/065 ,  H04L41/046 ,  H04L43/0811 ,  H04L43/10

Abstract: Example methods and systems are provided for cross-cloud connectivity checks. One example method may include detecting a first connectivity check packet that is addressed from a first virtualized computing instance deployed in a first cloud environment; and determining that the first connectivity check packet is destined for a second virtualized computing instance in a second cloud environment reachable via the network device. The method may also comprise: generating a second connectivity check packet by modifying the first connectivity check packet to include one or more indicators that a connectivity check is required along a datapath towards the second virtualized computing instance in the second cloud environment. The method may further comprise: sending the second connectivity check packet to cause one or more observation points along the datapath to, based on the one or more indicators, generate and send report information associated with the second connectivity packet.

公开(公告)号：US20210349765A1

公开(公告)日：2021-11-11

申请号：US16897680

申请日：2020-06-10

Applicant: VMware, Inc.

Inventor： Zhengsheng Zhou ,  Qian Sun ,  Danting Liu ,  Donghai Han

IPC: G06F9/50 ,  G06F9/455 ,  G06F9/54 ,  H04L12/713

Abstract: Some embodiments of the invention provide a method for deploying network elements for a set of machines in a set of one or more datacenters. The datacenter set is part of one availability zone in some embodiments. The method receives intent-based API (Application Programming Interface) requests, and parses these API requests to identify a set of network elements to connect and/or perform services for the set of machines. In some embodiments, the API is a hierarchical document that can specify multiple different compute and/or network elements at different levels of compute and/or network element hierarchy. The method performs automated processes to define a virtual private cloud (VPC) to connect the set of machines to a logical network that segregates the set of machines from other machines in the datacenter set. In some embodiments, the set of machines include virtual machines and containers, the VPC is defined with a supervisor cluster namespace, and the API requests are provided as YAML files.

公开(公告)号：US10999196B2

公开(公告)日：2021-05-04

申请号：US16384666

申请日：2019-04-15

Applicant: VMware, Inc.

Inventor： Da Wan ,  Mukesh Hira ,  Feng Gu ,  Jianjun Shen ,  Pankaj Thakkar ,  Donghai Han ,  Wen Feng Liu ,  Tao Ma

IPC: H04L12/715 ,  H04L12/933 ,  H04L12/931 ,  H04L12/46

Abstract: Systems and methods of communicating between a plurality of hosts comprising one or more first hosts controlled by a first control plane and one or more second hosts controlled by a second control plane are disclosed herein. Each of the one or more first hosts runs at least one tunneling endpoint of one or more first tunneling endpoints, and each of the one or more second hosts runs at least one tunneling endpoint of one or more second tunneling endpoint. The method includes storing, at each of the one or more first hosts, a global list identifying at least the one or more second tunneling endpoints. The method further includes receiving a packet at one of the one or more first tunneling endpoints. The method further includes replicating, encapsulating, and transmitting the packet to each of the one or more second tunneling endpoints based on the global list.

公开(公告)号：US20210011781A1

公开(公告)日：2021-01-14

申请号：US16532098

申请日：2019-08-05

Applicant: VMware, Inc.

Inventor： Da Wan ,  Jianjun Shen ,  Feng Pan ,  Pankaj Thakkar ,  Donghai Han

IPC: G06F9/50 ,  G06F9/455

Abstract: In an embodiment, a computer-implemented method for dynamically exchanging runtime state data between datacenters with a gateway using a controller bridge is disclosed. In an embodiment, the method comprises: receiving one or more first runtime state data from one or more logical sharding central control planes (“CCPs”) controlling one or more logical sharding hosts; receiving one or more second runtime state data from a gateway that is controlled by a CCP that also controls one or more physical sharding hosts; aggregating to aggregated runtime state data, the one or more first runtime state data received from the one or more logical sharding CCPs and the one or more second runtime state data received from the gateway; determining updated runtime state data based on the aggregated runtime state data, the one or more first runtime state data, and the one or more second runtime state data; and transmitting the updated runtime state data to at least one of the one or more logical sharding CCPs and the gateway.

公开(公告)号：US20150058463A1

公开(公告)日：2015-02-26

申请号：US14070346

申请日：2013-11-01

Applicant: VMware, Inc.

Inventor： Hua Wang ,  Jianjun Shen ,  Donghai Han ,  Caixia Jiang ,  Wei Lu ,  Rahul Korivi Subramaniyam

IPC: H04L12/58

CPC classification number: H04L63/0281 ,  G06F9/45558 ,  G06F2009/45595 ,  H04L51/12 ,  H04L61/103 ,  H04L61/2015 ,  H04L61/6013 ,  H04L61/6022 ,  H04L63/0236 ,  H04L63/1441 ,  H04L63/1466

Abstract: Some embodiments use proxies on host devices to suppress broadcast traffic in a network. Each host in some embodiments executes one or more virtual machines (VMs). In some embodiments, a proxy operates on each host between each VM and the underlying network. For instance, in some of these embodiments, a VM's proxy operates between the VM and a physical forwarding element executing on the VM's host. The proxy monitors the VM's traffic, and intercepts broadcast packets when it knows how to deal with them. The proxy connects to a set of one or more controllers that provides a directory service that collects and maintains global information of the network. By connecting to the controller cluster, the proxy can obtain information that it can use to resolve broadcast requests. In some embodiments, the connection between the proxy and the controller cluster is encrypted and authenticated, to enhance the security. Also, in some embodiments, the connection is an indirect connection through an agent that executes on the host device and connects the proxies of the host device with the controller cluster.

公开(公告)号：US20240388523A1

公开(公告)日：2024-11-21

申请号：US18212677

申请日：2023-06-21

Applicant: VMware, Inc.

Inventor： Quan Tian ,  Jianjun Shen ,  Donghai Han ,  Shuyang Xin ,  Wenqi Qiu

IPC: H04L45/02 ,  H04L9/40

Abstract: Systems and methods for configuring an egress node for an egress pod set comprising one or more pods are provided. The egress pod set may be allocated one or more egress internet protocol (IP) addresses. The egress node may be selected among nodes of a cluster including the one or more pods. The egress node may be configured as the routing destination for an egress IP address selected among the one or more egress internet protocol (IP) addresses.