公开(公告)号：US20240028370A1

公开(公告)日：2024-01-25

申请号：US17902327

申请日：2022-09-02

Applicant: VMware, Inc.

Inventor： Jian LAN ,  Liang CUI ,  Qi WANG ,  Aravind SRINIVASAN ,  Todd SABIN ,  Govind HARIDAS ,  Weiqing WU ,  Uday Suresh MASUREKAR ,  Wenwu PENG ,  Ni LU

IPC: G06F9/455 ,  G06F9/50 ,  G06F11/36

CPC classification number: G06F9/45558 ,  G06F9/5077 ,  G06F11/36 ,  G06F2009/4557

Abstract: An example method of diagnosing remote sites of a distributed container orchestration system includes: receiving, at a management cluster, definition of a test suite custom resource; deploying, in response to the test suite custom resource, a first pod in the management cluster; deploying, by the first pod, a second pod in a server of a first remote site of the remote sites; checking, by the second pod, configuration of the server that includes an additional pod executing alongside the second pod, at least one virtual machine (VM) in which the second pod and the additional pod execute, a hypervisor configured to support the at least one VM, and a hardware platform on which the hypervisor executes; and returning test data from the second pod to the first pod, the test data including results of the step of checking the configuration of the server.

公开(公告)号：US20190081912A1

公开(公告)日：2019-03-14

申请号：US15701396

申请日：2017-09-11

Applicant: VMware, Inc.

Inventor： Leon CUI ,  Siddharth EKBOTE ,  Todd SABIN ,  Weiqing WU ,  Uday MASUREKAR

IPC: H04L12/931 ,  G06F11/00 ,  G06F21/62 ,  G06F9/455

Abstract: The disclosure provides an approach for managing and diagnosing middleboxes in a cloud computing system. In one embodiment, a network operations center, that is located remote to a virtualized cloud computing system and communicates with the cloud computing system via a wide area network, controls network middleboxes in the cloud computing system through a secure routing module inside a gateway of the cloud computing system. The secure routing module is configured to receive, from an authenticated management application and via a secure communication channel, packets intended for managing network middleboxes. In turn, the secure routing module establishes secure communication channels with the target middleboxes, translates the identified packets to protocols and/or application programming interfaces (APIs) of the target middleboxes, and transmits the translated packets to the target middleboxes.

公开(公告)号：US20180139174A1

公开(公告)日：2018-05-17

申请号：US15818584

申请日：2017-11-20

Applicant: VMware, Inc.

Inventor： Sachin THAKKAR ,  Debashis BASAK ,  Serge MASKALIK ,  Weiqing WU ,  Aravind SRINIVASAN

IPC: H04L29/12 ,  G06F9/455 ,  H04L12/46

CPC classification number: H04L61/2061 ,  G06F2009/45595 ,  H04L12/4641 ,  H04L61/2038 ,  H04L61/2596 ,  H04L61/6022

Abstract: A centralized namespace controller allocates addresses in a distributed cloud infrastructure on-demand. Upon receiving a request to allocate addresses for a network to be provisioned by a cloud computing system included in the distributed cloud infrastructure, the centralized namespace controller allocates a network address that is unique within the distributed cloud infrastructure. Further, the centralized namespace controller allocates a range of virtual network interface cards (NIC) addresses that are unique within the network. The centralized namespace controller then allocates addresses from the range of virtual NIC addresses on an as-requested basis—when a virtual NIC is being created by the first cloud computing system on the network. Advantageously, by centralizing the allocation of addresses and dedicating independent NIC address ranges to different cloud computing systems, the centralized namespace controller enables stretched L2 networks between cloud computing systems while preventing duplicated addresses on the stretched networks.

公开(公告)号：US20170063673A1

公开(公告)日：2017-03-02

申请号：US14838537

申请日：2015-08-28

Applicant: VMware, Inc.

Inventor： Serge MASKALIK ,  Weiqing WU ,  Debashis BASAK ,  Sachin THAKKAR ,  Allwyn SEQUEIRA

IPC: H04L12/721 ,  H04L12/813 ,  H04L29/08

Abstract: An example method of optimizing connectivity between data centers in a hybrid cloud system having a first data center managed by a first organization and a second data center managed by a second organization, the first organization being a tenant in the second data center. The method includes probing a wide area network (WAN) with test packets by varying an internet protocol (IP) flow tuple of the test packets across a set of IP flows. The method includes identifying a plurality of paths between a gateway of the first data center and another gateway of the second data center associated with the set of IP flows. The method further includes selecting an IP flow from the set of IP flows for an application executing in the first data center. The method further includes establishing a path-optimized connection between the gateway and the other gateway through the WAN having the selected IP flow for use by the application.

Abstract translation: 一种优化具有由第一组织管理的第一数据中心和由第二组织管理的第二数据中心的混合云系统中的数据中心之间的连接性的示例性方法，所述第一组织是第二数据中心中的租户。 该方法包括通过在一组IP流中改变测试分组的因特网协议（IP）流元组来测试具有测试分组的广域网（WAN）。 该方法包括识别第一数据中心的网关与与该组IP流相关联的第二数据中心的另一个网关之间的多个路径。 该方法还包括从针对在第一数据中心中执行的应用的IP流集合中选择IP流。 该方法还包括通过具有所选择的IP流的WAN建立网关和另一网关之间的路径优化连接，供应用使用。

公开(公告)号：US20240176639A1

公开(公告)日：2024-05-30

申请号：US18153283

申请日：2023-01-11

Applicant: VMware, Inc.

Inventor： Jian LAN ,  Qi WANG ,  Yan QI ,  Liang CUI ,  Aravind SRINIVASAN ,  Weiqing WU ,  Uday Suresh MASUREKAR ,  Todd SABIN ,  Hemanth Kumar PANNEM ,  Govind HARIDAS

IPC: G06F9/455 ,  H04L67/10

CPC classification number: G06F9/45558 ,  H04L67/10 ,  G06F2009/4557 ,  G06F2009/45595

Abstract: An example method of diagnosing remote sites of a distributed container orchestration system includes: receiving, at a management cluster, definition of a test suite custom resource; detecting, by a test controller agent in a cluster of the remote sites, a diagnosis object in the management cluster created in response to the test suite custom resource; deploying, by the test controller agent in response to the diagnosis object, a first pod in the cluster; deploying, by the first pod, a second pod in a server of a first remote site of the remote sites; checking, by the second pod, configuration of the server that includes an additional pod executing alongside the second pod, at least one virtual machine (VM) in which the second pod and the additional pod execute, a hypervisor configured to support the at least one VM, and a hardware platform on which the hypervisor executes; and returning test data from the second pod to the first pod, the test data including results of the step of checking the configuration of the server.

公开(公告)号：US20240028441A1

公开(公告)日：2024-01-25

申请号：US17902350

申请日：2022-09-02

Applicant: VMware, Inc.

Inventor： Jian LAN ,  Liang CUI ,  Aravind SRINIVASAN ,  Hailing XU ,  Yan QI ,  Prachi DALVI ,  Shuting MA ,  Todd SABIN ,  Uday Suresh MASUREKAR ,  Weiqing WU

IPC: G06F11/07 ,  G06F9/455

CPC classification number: G06F11/0784 ,  G06F9/45558 ,  G06F11/0709 ,  G06F2009/45591

Abstract: An example method of propagating fault domain topology information in a distributed container orchestration system includes: receiving, at control plane software executing in a data center, the fault domain topology, which includes tags for a protection group and fault domains for remote sites in communication with the data center; deploying, by a master server of the distributed container orchestration system that executes in the data center, a node pool comprising virtual machines (VMs) executing in servers of the remote sites, the VMs being nodes of the distributed container orchestration system in which containers execute; determining, by a controller of the master server, relationships among the VMs, the servers, the protection group, and the fault domains based on state of resources maintained by the master server; and providing, by the controller, labels to the servers for associating the tags of the protection group and the fault domains to the VMs.

公开(公告)号：US20240028322A1

公开(公告)日：2024-01-25

申请号：US17939713

申请日：2022-09-07

Applicant: VMware, Inc.

Inventor： Weiqing WU ,  Uday Suresh MASUREKAR ,  Liang CUI ,  Govind HARIDAS ,  Narendra Kumar BASUR SHANKARAPPA

IPC: G06F8/65 ,  G06F9/455

CPC classification number: G06F8/65 ,  G06F9/45558 ,  G06F2009/4557

Abstract: An example method of upgrading remote sites of a distributed container orchestration system includes: deploying, by upgrade software executing in a data center remote from the remote sites, a second container orchestration (CO) control plane executing concurrently with a first CO control plane, the second CO control plane having a second version different than a first version of the first CO control plane, the first CO control plane initially managing all of the remote sites; upgrading, by the upgrade software, CO support software of a first portion of the remote sites; adding, by the upgrade software, the first portion of the remote sites to a second CO cluster managed by the second CO control plane; and removing, by the upgrade software, the first portion of the remote sites from a first CO cluster managed by the first CO control plane.

公开(公告)号：US20180069924A1

公开(公告)日：2018-03-08

申请号：US15690222

申请日：2017-08-29

Applicant: VMware, Inc.

Inventor： Laxminarayana TUMULURU ,  Todd SABIN ,  Weiqing WU ,  Serge MASKALIK ,  Sachin THAKKAR

IPC: H04L29/08 ,  G06F9/50 ,  H04L12/931

CPC classification number: H04L67/1097 ,  G06F8/65 ,  G06F9/5027 ,  G06F9/5061 ,  G06F2009/4557 ,  H04L12/4633 ,  H04L41/0803 ,  H04L41/082 ,  H04L43/103 ,  H04L45/04 ,  H04L45/302 ,  H04L45/72 ,  H04L47/10 ,  H04L47/12 ,  H04L47/825 ,  H04L49/354 ,  H04L49/70 ,  H04L61/2007 ,  H04L61/2061 ,  H04L61/2592 ,  H04L61/6022 ,  H04L63/0272 ,  H04L63/029 ,  H04L67/10 ,  H04L69/16 ,  H04L69/22 ,  H04L69/324 ,  H04W28/02 ,  H04W28/0273 ,  H04W28/0284 ,  H04W28/0289

Abstract: Techniques leveraging CPU flow affinity to increase throughput of a layer 2 (L2) extension network are disclosed. In one embodiment, an L2 concentrator appliance, which bridges a local area network (LAN) and a wide area network (WAN) in a stretched network, is configured such that multiple Internet Protocol Security (IPsec) tunnels are pinned to respective CPUs or cores, which each process traffic flows for one of the IPsec tunnels. Such parallelism can increase the throughput of the stretched network. Further, an L2 concentrator appliance that receives FOU packets is configured to distribute the received FOU packets across receive queues based a deeper inspection of inner headers of such packets.

公开(公告)号：US20180062983A1

公开(公告)日：2018-03-01

申请号：US15690235

申请日：2017-08-29

Applicant: VMware, Inc.

Inventor： Sachin THAKKAR ,  Serge MASKALIK ,  Aravind SRINIVASAN ,  Weiqing WU ,  Narendra Kumar Basur SHANKARAPPA

IPC: H04L12/721 ,  H04L29/08 ,  H04L12/715 ,  G06F9/50 ,  H04L12/931 ,  G06F9/455

CPC classification number: H04L45/38 ,  G06F9/45558 ,  G06F9/5077 ,  G06F2009/4557 ,  G06F2009/45595 ,  H04L12/462 ,  H04L41/0816 ,  H04L41/083 ,  H04L41/5096 ,  H04L45/64 ,  H04L45/66 ,  H04L45/74 ,  H04L45/745 ,  H04L47/122 ,  H04L47/365 ,  H04L49/70 ,  H04L61/103 ,  H04L61/2007 ,  H04L61/6022 ,  H04L67/101 ,  H04L67/1031 ,  H04L67/2814

Abstract: Techniques for stateful connection optimization over stretched networks are disclosed. In one embodiment, traffic of virtual machines (VMs) that are live-migrated from a data center to a cloud is temporarily tromboned back to the data center to preserve active sessions. In such a case, a stretched network is created that includes a network in the data center and two stub networks in the cloud, one of which is route optimized such that traffic does not trombone back to the data center and the other which is not so optimized. A VM that is live migrated to the cloud is first attached to the unoptimized network so that traffic tromboning occurs. Thereafter, when the VM is powered off (e.g., during a reboot), in a maintenance mode, or in a quiet period, the VM is switched to the route optimized network.

公开(公告)号：US20170063674A1

公开(公告)日：2017-03-02

申请号：US14981436

申请日：2015-12-28

Applicant: VMware, Inc.

Inventor： Serge MASKALIK ,  Weiqing WU ,  Debashis BASAK ,  Sachin THAKKAR ,  Allwyn SEQUEIRA

IPC: H04L12/721 ,  H04L29/06 ,  H04L12/66 ,  H04L12/813 ,  H04L29/12 ,  H04L29/08

CPC classification number: H04L45/38 ,  H04L12/66 ,  H04L47/20 ,  H04L61/2015 ,  H04L61/2514 ,  H04L63/0272 ,  H04L63/166 ,  H04L67/06 ,  H04L67/1008

Abstract: A cloud computing system may include multiple cloud data centers. A gateway may establish connections between a cloud providers' multiple data centers using knowledge about the types of applications workloads executing within the cloud computing system, and may be further based on determines policies indicating priorities for routing traffic for the application workloads.

Abstract translation: 云计算系统可能包括多个云数据中心。 网关可以使用关于在云计算系统中执行的应用程序工作负载的类型的知识来建立云提供商的多个数据中心之间的连接，并且还可以基于指示为应用工作负载路由流量的优先级的确定策略。