公开(公告)号：US20200341799A1

公开(公告)日：2020-10-29

申请号：US16778437

申请日：2020-01-31

Applicant: Amazon Technologies, Inc.

Inventor： Timothy Allen Wagner ,  Dylan Chandler Thomas ,  Ajay Nair

IPC: G06F9/455

Abstract: A system for providing security mechanisms for secure execution of program code is described. The system may be configured to maintain a plurality of virtual machine instances. The system may be further configured to receive a request to execute a program code and allocate computing resources for executing the program code on one of the virtual machine instances. One mechanism involves executing program code according to a user-specified security policy. Another mechanism involves executing program code that may be configured to communicate or interface with an auxiliary service. Another mechanism involves splitting and executing program code in a plurality of portions, where some portions of the program code are executed in association with a first level of trust and some portions of the program code are executed with different levels of trust.

公开(公告)号：US10754701B1

公开(公告)日：2020-08-25

申请号：US14971794

申请日：2015-12-16

Applicant: Amazon Technologies, Inc.

Inventor： Timothy Allen Wagner

IPC: G06F9/50

Abstract: Systems and methods are described for determining a location in an on-demand code execution environment to execute user-specified code. The on-demand code execution environment may include many points of presence (POPs), some of which have limited computing resources. An execution profile for a set of user-specified code can be determined that indicates the resources likely to be used during execution of the code. Each POP of the environment may compare that execution profile to resource restrictions of the POP, to determine whether execution of the code should be permitted. In some instances, where execution of the code should not be permitted at a given POP, an alternative POP may be selected to execute the code.

公开(公告)号：US10592269B2

公开(公告)日：2020-03-17

申请号：US15658038

申请日：2017-07-24

Applicant: Amazon Technologies, Inc.

Inventor： Timothy Allen Wagner ,  Sean Philip Reque ,  Derek Steven Manwaring ,  Xin Zhao ,  Dylan Chandler Thomas

IPC: G06F9/45 ,  G06F9/455 ,  G06F9/445

Abstract: A system for providing dynamic code deployment and versioning is provided. The system may be configured to receive a first request to execute a newer program code on a virtual compute system, determine, based on the first request, that the newer program code is a newer version of an older program code loaded onto an existing container on a virtual machine instance on the virtual compute system, initiate a download of the newer program code onto a second container on the same virtual machine instance, and causing the first request to be processed with the older program code in the existing container.

公开(公告)号：US20190205171A1

公开(公告)日：2019-07-04

申请号：US16113887

申请日：2018-08-27

Applicant: Amazon Technologies, Inc.

Inventor： Marc John Brooker ,  Timothy Allen Wagner ,  Ajay Nair

IPC: G06F9/50

CPC classification number: G06F9/5005 ,  G06F9/445

Abstract: Systems and methods are described for handling requests to execute idempotent code in an on-demand code execution system or other distributed code execution environment. Idempotent code can generally include code that produces the same outcome even when executed multiple times, so long as dependencies for the code are in the same state as during a prior execution. Due to this feature, multiple executions of idempotent code may inefficiently use computing resources, particularly in on-demand code execution system (which may require, for example, generation and provisioning of an appropriate execution environment for the code). Aspects of the present disclosure enable the on-demand code execution system to process requests to execute code by verifying whether dependency states associated with the code have changed since a prior execution. If dependency states have not changed, no execution need occur, and the overall computing resource us of the on-demand code execution system is decreased.

公开(公告)号：US10303492B1

公开(公告)日：2019-05-28

申请号：US15841132

申请日：2017-12-13

Applicant: Amazon Technologies, Inc.

Inventor： Timothy Allen Wagner ,  Marc John Brooker ,  Bryan Nicholas Moffatt ,  Robison Rodrigues dos Santos ,  Niranjan Jayakar

IPC: G06F9/44 ,  G06F9/445 ,  G06F8/41 ,  G06F9/54

Abstract: Systems and methods are described for managing provisioning of runtimes to execution environments within an on-demand code execution system. Different runtimes can include various software enabling execution of user-submitted code within the on-demand code execution system, potentially written in different programming languages. Each runtime can implement a pull-based request handler, such that when the runtime is provisioned within an execution environment, the runtime requests execution instructions from a management system on the on-demand code execution system. The management system can maintain a queue of execution instructions for each runtime, and can use a depth of each queue to manage the provisioning of environments with runtimes.

公开(公告)号：US20190108058A1

公开(公告)日：2019-04-11

申请号：US16101144

申请日：2018-08-10

Applicant: Amazon Technologies, Inc.

Inventor： Timothy Allen Wagner ,  Derek Steven Manwaring ,  Sean Philip Reque ,  Dylan Chandler Thomas

IPC: G06F9/50 ,  G06F9/455

Abstract: A system for routing requests to execute user code based on how frequently the user code is executed is provided. The system may be configured to receive a request to execute user code on a virtual compute system, where the virtual compute system comprises multiple fleets of virtual machine instances. The system may be further configured to determine whether the user code associated with the request satisfies one or more usage criteria, and based on the determination, route the request to the appropriate fleet of virtual machine instances.

公开(公告)号：US20180210760A1

公开(公告)日：2018-07-26

申请号：US15912273

申请日：2018-03-05

Applicant: Amazon Technologies, Inc.

Inventor： Scott Daniel Wisniewski ,  Marc John Brooker ,  Timothy Allen Wagner

IPC: G06F9/50 ,  G06F9/455

CPC classification number: G06F9/5055 ,  G06F9/45558 ,  G06F9/5027 ,  G06F9/5033 ,  G06F9/5077 ,  G06F2009/45562 ,  G06F2009/4557 ,  G06F2209/5011 ,  G06F2209/5013

Abstract: A system for providing low-latency compute capacity is provided. The system may be configured to route incoming code execution requests based on user indications to use specific containers running on a plurality of virtual machine instances. The system may be configured to process a code execution request, identify, based on the user indication that a specific container previously used to handle a request of similar type is to be used for handling the code execution request, and cause the code execution request to be handled using the specific container.

公开(公告)号：US20180203717A1

公开(公告)日：2018-07-19

申请号：US15676777

申请日：2017-08-14

Applicant: Amazon Technologies, Inc.

Inventor： Timothy Allen Wagner ,  Dylan Chandler Thomas ,  Ajay Nair

IPC: G06F9/455

CPC classification number: G06F9/45558 ,  G06F2009/4557

Abstract: A system for providing security mechanisms for secure execution of program code is described. The system may be configured to maintain a plurality of virtual machine instances. The system may be further configured to receive a request to execute a program code and allocate computing resources for executing the program code on one of the virtual machine instances. One mechanism involves executing program code according to a user-specified security policy. Another mechanism involves executing program code that may be configured to communicate or interface with an auxiliary service. Another mechanism involves splitting and executing program code in a plurality of portions, where some portions of the program code are executed in association with a first level of trust and some portions of the program code are executed with different levels of trust.

公开(公告)号：US10002026B1

公开(公告)日：2018-06-19

申请号：US14977503

申请日：2015-12-21

Applicant: Amazon Technologies, Inc.

Inventor： Timothy Allen Wagner

IPC: G06F9/50 ,  G06F9/455

CPC classification number: G06F9/45558 ,  G06F9/5027 ,  G06F2009/4557 ,  G06F2209/5011 ,  G06F2209/503 ,  G06F2209/506

Abstract: A system for providing low-latency computational capacity from a virtual compute fleet is provided. The system may be configured to maintain a plurality of virtual machine instances on one or more physical computing devices, wherein the plurality of virtual machine instances comprises a first pool comprising a first sub-pool of virtual machine instances and a second sub-pool of virtual machine instances, and a second pool comprising virtual machine instances used for executing one or more program codes thereon. The first sub-pool and/or the second sub-pool may be associated with one or more users of the system. The system may be further configured to process code execution requests and execute program codes on the virtual machine instances of the first or second sub-pool.

公开(公告)号：US20170371724A1

公开(公告)日：2017-12-28

申请号：US15595774

申请日：2017-05-15

Applicant: Amazon Technologies, Inc.

Inventor： Timothy Allen Wagner ,  Ajay Nair ,  Marc John Brooker ,  Scott Daniel Wisniewski

IPC: G06F9/54 ,  G06F9/455

Abstract: A service manages a plurality of virtual machine instances for low latency execution of user codes. The service can provide the capability to execute user code in response to events triggered on various event sources and initiate execution of other control functions to improve the code execution environment in response to detecting errors or unexpected execution results. The service may maintain or communicate with a separate storage area for storing code execution requests that were not successfully processed by the service. Requests stored in such a storage area may subsequently be re-processed by the service.