公开(公告)号：US10235209B2

公开(公告)日：2019-03-19

申请号：US14839180

申请日：2015-08-28

Applicant: VMware, Inc.

Inventor： Mark Bryan Whipple ,  Sachin Thakkar ,  Debashis Basak ,  Serge Maskalik ,  Narendra Kumar Basur Shankarappa

IPC: G06F9/50 ,  H04L29/08

Abstract: Techniques for executing jobs in a hybrid cloud computing system. A job defines multiple states and tasks for transitioning between states. Jobs are passed between systems that execute different tasks via a message bus, so that the different tasks may be executed. A job manager controls execution flow of jobs based on a job descriptor that describes the job.

公开(公告)号：US10198281B2

公开(公告)日：2019-02-05

申请号：US15137023

申请日：2016-04-25

Applicant: VMWARE, INC.

Inventor： Sachin Thakkar ,  Debashis Basak ,  Abhinav Vijay Bhagwat ,  Narendra Kumar Basur Shankarappa ,  Serge Maskalik

IPC: G06F9/455 ,  H04L12/24 ,  H04L12/46 ,  G06F9/50 ,  H04L29/08 ,  G06F8/60 ,  H04L29/06 ,  H04L29/14

Abstract: Techniques are disclosed for deploying and maintaining appliances in a hybrid cloud computing system which includes an on-premise data center and a public cloud computing system configured to provide a common platform for managing and executing virtual workloads. Appliances to be deployed may include those required (or useful) for hybrid operations, including a cloud gateway appliance, a wide area network (WAN) optimizer, a layer 2 (L2) concentrator, and a mobility agent that handles virtual machine (VM) migration traffic. Such appliances are deployed first on the on-premise data center, and remote jobs are then sent to the public cloud to deploy the same appliances thereon. After deployment, the appliances deployed on the on-premise data center and corresponding appliances on the public cloud share configuration states and may further be wired together to communicate via secure encrypted tunnels.

公开(公告)号：US20180302429A1

公开(公告)日：2018-10-18

申请号：US16016420

申请日：2018-06-22

Applicant: VMware, Inc.

Inventor： Sachin Thakkar ,  Serge Maskalik ,  Debashis Basak ,  Allwyn Sequeira ,  Govind Haridas

IPC: H04L29/06 ,  G06F21/53 ,  G06F21/62 ,  H04L29/08 ,  G06F9/455

CPC classification number: H04L63/1433 ,  G06F9/45558 ,  G06F21/53 ,  G06F21/6236 ,  G06F2009/4557 ,  G06F2009/45591 ,  G06F2009/45595 ,  H04L63/1408 ,  H04L67/1097

Abstract: A method of transferring a virtual machine between a virtualized computing system and a cloud computing system includes determining that a virtual machine is to be transferred from a virtualized computing system to a cloud computing system and determining a connection between a first resource in the virtualized computing system and a second resource in the cloud computing system. Files that enable implementation of the virtual machine at the virtualized computing system and identified, as are file portions of the files for transfer from the virtualized computing system to the cloud computing system. At least one compliance check is executed on each of the file portions using at least one compliance checker. Each of the file portions that fails a compliance check is blocked from being maintained in the cloud computing system.

公开(公告)号：US09553887B2

公开(公告)日：2017-01-24

申请号：US14582464

申请日：2014-12-24

Applicant: VMware, Inc.

Inventor： Sachin Thakkar ,  Serge Maskalik ,  Debashis Basak ,  Allwyn Sequeira ,  Govind Haridas

IPC: G06F15/173 ,  H04L29/06 ,  H04L29/08 ,  G06F21/53 ,  G06F21/62

CPC classification number: H04L63/1433 ,  G06F9/45558 ,  G06F21/53 ,  G06F21/6236 ,  G06F2009/4557 ,  G06F2009/45591 ,  G06F2009/45595 ,  H04L63/1408 ,  H04L67/1097

Abstract: One or more examples provide a method of transferring a virtual machine between a virtualized computing system and a cloud computing system that includes: establishing connection between a first resource in the virtualized computing system and a second resource in the cloud computing system to transfer files that implement the virtual machine from the first resource to the second resource; accessing, for transmission over the connection, data blocks on a storage device in the virtualized computing system that include the files; executing at least one compliance check on each of the data blocks using at least one compliance checker; and preventing each of the data blocks that fails a compliance check from being maintained in the cloud computing system.

Abstract translation: 一个或多个示例提供了在虚拟化计算系统和云计算系统之间传送虚拟机的方法，其包括：建立虚拟化计算系统中的第一资源与云计算系统中的第二资源之间的连接，以传送实现 虚拟机从第一资源到第二资源; 访问通过连接传输在包括文件的虚拟化计算系统中的存储设备上的数据块; 使用至少一个一致性检验器对每个数据块执行至少一次合规性检查; 并且防止在云计算系统中保持不合格检查的每个数据块。

公开(公告)号：US20160191396A1

公开(公告)日：2016-06-30

申请号：US14968890

申请日：2015-12-14

Applicant: VMware, Inc.

Inventor： Jayant Jain ,  Anirban Sengupta ,  Debashis Basak ,  Serge Maskalik ,  Weiqing Wu ,  Aravind Srinivasan ,  Todd Sabin

IPC: H04L12/813

CPC classification number: H04L47/20 ,  H04L61/2514 ,  H04L63/0218 ,  H04L63/0263 ,  H04L67/1002

Abstract: The disclosure herein describes an edge device of a network for distributed policy enforcement. During operation, the edge device receives an initial packet for an outgoing traffic flow, and identifies a policy being triggered by the initial packet. The edge device performs a reverse lookup to identify at least an intermediate node that is previously traversed by the initial packet and traffic parameters associated with the initial packet at the identified intermediate node. The edge device translates the policy based on the traffic parameters at the intermediate node, and forwards the translated policy to the intermediate node, thus facilitating the intermediate node in applying the policy to the traffic flow.

Abstract translation: 本文的公开内容描述了用于分布式策略实施的网络的边缘设备。 在操作期间，边缘设备接收用于出站业务流的初始分组，并且识别由初始分组触发的策略。 边缘设备执行反向查找以识别先前由初始分组穿过的中间节点和与所识别的中间节点处的初始分组相关联的业务参数。 边缘设备根据中间节点的流量参数转换策略，并将转换的策略转发到中间节点，从而便于中间节点将策略应用于业务流。

公开(公告)号：US20160105392A1

公开(公告)日：2016-04-14

申请号：US14664952

申请日：2015-03-23

Applicant: VMWARE, INC.

Inventor： SACHIN THAKKAR ,  Debashis Basak ,  Serge Maskalik ,  Weiqing Wu ,  Aravind Srinivasan

IPC: H04L29/12 ,  H04L29/08

CPC classification number: H04L61/2061 ,  G06F2009/45595 ,  H04L12/4641 ,  H04L61/2038 ,  H04L61/2596 ,  H04L61/6022

Abstract: A centralized namespace controller allocates addresses in a distributed cloud infrastructure on-demand. Upon receiving a request to allocate addresses for a network to be provisioned by a cloud computing system included in the distributed cloud infrastructure, the centralized namespace controller allocates a network address that is unique within the distributed cloud infrastructure. Further, the centralized namespace controller allocates a range of virtual network interface cards (NIC) addresses that are unique within the network. The centralized namespace controller then allocates addresses from the range of virtual NIC addresses on an as-requested basis—when a virtual NIC is being created by the first cloud computing system on the network. Advantageously, by centralizing the allocation of addresses and dedicating independent NIC address ranges to different cloud computing systems, the centralized namespace controller enables stretched L2 networks between cloud computing systems while preventing duplicated addresses on the stretched networks.

Abstract translation: 集中命名空间控制器按需分配分布式云基础架构中的地址。 在收到分配云基础设施中包含的云计算系统提供的网络分配地址的请求后，集中命名空间控制器分配在分布式云基础设施中是唯一的网络地址。 此外，集中命名空间控制器分配在网络内是唯一的一系列虚拟网络接口卡（NIC）地址。 当由网络上的第一个云计算系统创建虚拟网卡时，集中命名空间控制器将按照要求从虚拟NIC地址范围分配地址。 有利的是，通过集中地址分配并将独立NIC地址范围专用于不同的云计算系统，集中命名空间控制器可在云计算系统之间实现拉伸的L2网络，同时防止扩展网络上的重复地址。

公开(公告)号：US11640315B2

公开(公告)日：2023-05-02

申请号：US17088958

申请日：2020-11-04

Applicant: VMware, Inc.

Inventor： Sachin Thakkar ,  Allwyn M. Sequeira ,  Serge Maskalik ,  Debashis Basak ,  Akshatha Sathyanarayan

IPC: G06F9/455 ,  G06F9/54 ,  H04L29/08 ,  H04L15/16 ,  G06F9/50 ,  G06F15/16 ,  H04L67/00 ,  H04L67/10

Abstract: A method of deploying a virtual network function of a network service in a data center having a cloud management server running a cloud computing management software to provision virtual infrastructure resources of the data center to at least one tenant, includes generating at least first and second API calls to the cloud computing management software in response to external commands received at the data center to deploy a virtual network function, and executing at least the first and second API calls by the cloud computing management software to deploy the virtual network function. The cloud computing management software creates at least one virtual machine by executing the first API call and at least one virtual disk by executing the second API call.

公开(公告)号：US11340929B2

公开(公告)日：2022-05-24

申请号：US16417533

申请日：2019-05-20

Applicant: VMware, Inc.

Inventor： Allwyn Sequeira ,  Sachin Thakkar ,  Serge Maskalik ,  Debashis Basak ,  Mark Whipple

IPC: G06F9/455 ,  H04L67/1012 ,  G06F9/50 ,  G06F9/48 ,  H04L9/32 ,  H04L29/06

Abstract: Techniques disclosed herein relate to migrating virtual computing instances such as virtual machines (VMs). In one embodiment, VMs are migrated across different virtual infrastructure platforms by, among other things, translating between resource models used by virtual infrastructure managers (VIMs) that manage the different virtual infrastructure platforms. VM migrations may also be validated prior to being performed, including based on resource policies that define what is and/or is not allowed to migrate, thereby providing compliance and controls for borderless data centers. In addition, an agent-based technique may be used to migrate VMs and physical servers to virtual infrastructure, without requiring access to an underlying hypervisor layer.

公开(公告)号：US11050713B2

公开(公告)日：2021-06-29

申请号：US16678738

申请日：2019-11-08

Applicant: VMware, Inc.

Inventor： Debashis Basak ,  Rohit Toshniwal ,  Allwyn Sequeira

IPC: H04L29/06

Abstract: A method is provided to control the flow of packets within a system that includes one or more computer networks comprising: policy rules are provided that set forth attribute dependent conditions for communications among machines on the one or more networks; machine attributes and corresponding machine identifiers are obtained for respective machines on the networks; and policy rules are transformed to firewall rules that include machine identifiers of machines having attributes from among the obtained machine attributes that satisfy the attribute dependent policy rules.

公开(公告)号：US10721098B2

公开(公告)日：2020-07-21

申请号：US14838559

申请日：2015-08-28

Applicant: VMware, Inc.

Inventor： Serge Maskalik ,  Weiqing Wu ,  Aravind Srinivasan ,  Sachin Thakkar ,  Debashis Basak

IPC: H04L12/66 ,  H04L29/08

Abstract: Connectivity between data centers in a hybrid cloud system having a first data center managed by a first organization and a second data center managed by a second organization, the first organization being a tenant in the second data center, is optimized. According to the described technique, a path-optimized connection is established through a wide area network (WAN) between a first gateway of a first data center and a second gateway of a second data center for an application executing in the first data center based on performance of paths across a set of Internet Protocol (IP) flows. Application packets received from the application at the first gateway are forwarded to a WAN optimization appliance in the first data center. WAN optimized application packets received from the WAN optimization appliance at the first gateway are then sent to the second gateway over the path-optimized connection.