公开(公告)号：US20240031265A1

公开(公告)日：2024-01-25

申请号：US17820328

申请日：2022-08-17

Applicant: VMware, Inc.

Inventor： Jianwei SUI ,  Danting LIU ,  Donghai HAN ,  Wenfeng LIU ,  Jianjun SHEN

IPC: H04L43/0876 ,  G06F9/54 ,  G06F9/455

CPC classification number: H04L43/0876 ,  G06F9/547 ,  G06F9/45558 ,  G06F2009/45595

Abstract: A system and method for capturing resource usage information in a network for namespaces in which pods operate are described herein. A data structure specifies a topology that includes a gateway and routing addresses in a network whose usage is to be captured. The data structure is provided to an API of a master node controlling the pods. A controller in the master node enforces the data structure and reports results back to the API.

公开(公告)号：US20240028431A1

公开(公告)日：2024-01-25

申请号：US17960259

申请日：2022-10-05

Applicant: VMWARE, INC.

Inventor： Xiaopei LIU ,  Zhengsheng ZHOU ,  Wenfeng LIU ,  Donghai HAN

IPC: G06F9/54 ,  G06F9/50

CPC classification number: G06F9/547 ,  G06F9/5072

Abstract: A computer-implemented method for electing a leader in a computing system is provided. In one aspect, a method includes identifying a computing resource for multiple container groups that each include one or more containers. A determination is made, from applications running in containers of the container groups, of multiple election candidate applications. Each election candidate application has an instance deployed in a corresponding container in each container group. For each container group, an election runner process is established within the container group. For each instance of each of the election candidate applications, a corresponding election watcher process is established. A communication link is established between the election runner process and each election watcher process. A request for leader election is transmitted from the election runner process to the computing resource. A response received from the computing resource. The response is transmitted to each election watcher process via the communication link.

公开(公告)号：US20240244053A1

公开(公告)日：2024-07-18

申请号：US18185746

申请日：2023-03-17

Applicant: VMware, Inc.

Inventor： Quan TIAN ,  Wenfeng LIU ,  Jianjun SHEN ,  Donghai HAN

IPC: H04L9/40

CPC classification number: H04L63/0892 ,  H04L63/0245

Abstract: An example method of packet capture in a container orchestration (CO) system includes: receiving, from a user interface executing on a client device, a packet capture request from a user at a packet capture agent executing in a node of the CO system; authenticating and authorizing, by the packet capture agent in cooperation with an application programming interface (API) server executing in a master server of the CO system, the user specified in the packet capture request; capturing, by the packet capture agent, packets from at least one network interface based on the packet capture request; and returning information based on the packets as captured from the packet capture agent to the user interface.

公开(公告)号：US20240028358A1

公开(公告)日：2024-01-25

申请号：US17821232

申请日：2022-08-22

Applicant: VMware, Inc.

Inventor： Danting LIU ,  Qian SUN ,  Jianjun SHEN ,  Wenfeng LIU ,  Donghai HAN

IPC: G06F9/455

CPC classification number: G06F9/45558 ,  G06F2009/45595 ,  G06F2009/4557

Abstract: Disclosed herein is a system and method for controlling network traffic among namespaces in which various entities, such as virtual machines, pod virtual machines, and a container orchestration system, such as Kubernetes, reside and operate. The entities have access to a network that includes one or more firewalls. The traffic that is permitted to flow over the network among and between the namespaces is defined by a security policy definition. The security policy definition is posted to a master node in a supervisor cluster that supports and provisions the namespaces. The master node invokes a network manager to generate a set of firewall rules and program the one or more firewalls in the network to enforce the rules.

公开(公告)号：US20220283823A1

公开(公告)日：2022-09-08

申请号：US17664154

申请日：2022-05-19

Applicant: VMware, Inc.

Inventor： Ziyou WANG ,  Donghai HAN ,  Chaitanya KODEBOYINA ,  Qi WU ,  Qiong WANG ,  Wenfeng LIU

IPC: G06F9/445 ,  G06Q10/10 ,  G06F8/61

Abstract: The disclosure provides an approach for providing an extendable system health management framework in a network. Embodiments include receiving, by a manager, a system health plugin. Embodiments include determining, by the manager, an association between the system health plugin and a host in the network based on the host satisfying one or more conditions. Embodiments include providing, by the manager, the system health plugin to the host for installation in a system health agent on the host. Embodiments include receiving, by the manager, from the host, status information for the system health plugin.

公开(公告)号：US20240022542A1

公开(公告)日：2024-01-18

申请号：US17820351

申请日：2022-08-17

Applicant: VMware, Inc.

Inventor： Xiaopei LIU ,  Jianjun SHEN ,  Donghai HAN ,  Wenfeng LIU ,  Danting LIU

IPC: H04L61/5061

CPC classification number: H04L61/5061

Abstract: A method for network address management is provided. Embodiments include determining a creation of a namespace associated with a cluster of computing devices, wherein a subset of computing resources of the cluster of computing devices is allocated to the namespace. Embodiments include assigning, to the namespace, a network address pool comprising a plurality of network addresses in a subnet, wherein the assigning causes the plurality of network addresses to be reserved exclusively for the namespace. Embodiments include receiving an indication that a pod is added to the namespace. Embodiments include, in response to the receiving of the indication, assigning a network address from the network address pool to the pod.

公开(公告)号：US20220058036A1

公开(公告)日：2022-02-24

申请号：US17069132

申请日：2020-10-13

Applicant: VMware, Inc.

Inventor： Ziyou WANG ,  Donghai HAN ,  Chaitanya KODEBOYINA ,  Wu QI ,  Qiong WANG ,  Wenfeng LIU

IPC: G06F9/445 ,  G06F8/61 ,  G06Q10/10

Abstract: The disclosure provides an approach for providing an extendable system health management framework in a network. Embodiments include receiving, by a manager, a system health plugin. Embodiments include determining, by the manager, an association between the system health plugin and a host in the network based on the host satisfying one or more conditions. Embodiments include providing, by the manager, the system health plugin to the host for installation in a system health agent on the host. Embodiments include receiving, by the manager, from the host, status information for the system health plugin.