公开(公告)号：US11194608B2

公开(公告)日：2021-12-07

申请号：US16417491

申请日：2019-05-20

Applicant: VMware, Inc.

Inventor： Allwyn Sequeira ,  Sachin Thakkar ,  Serge Maskalik ,  Debashis Basak ,  Mark Whipple

IPC: G06F9/455 ,  G06F9/50 ,  G06F9/48 ,  H04L29/08 ,  H04L9/32 ,  H04L29/06

Abstract: Techniques disclosed herein relate to migrating virtual computing instances such as virtual machines (VMs). In one embodiment, VMs are migrated across different virtual infrastructure platforms by, among other things, translating between resource models used by virtual infrastructure managers (VIMs) that manage the different virtual infrastructure platforms. VM migrations may also be validated prior to being performed, including based on resource policies that define what is and/or is not allowed to migrate, thereby providing compliance and controls for borderless data centers. In addition, an agent-based technique may be used to migrate VMs and physical servers to virtual infrastructure, without requiring access to an underlying hypervisor layer.

公开(公告)号：US11184397B2

公开(公告)日：2021-11-23

申请号：US16248824

申请日：2019-01-16

Applicant: VMWARE, INC.

Inventor： Bhaskar Subramanyam Annadata ,  Abhinav Vijay Bhagwat ,  Sachin Thakkar ,  Debashis Basak ,  Serge Maskalik

IPC: H04L29/06 ,  G06F9/48 ,  G06F9/455

Abstract: An example method of migrating a firewall policy between a first virtual data center and a second virtual data center includes: generating a static firewall from a firewall document at a first firewall server in the first virtual data center, the firewall document defining polices applied to groups of objects in the first virtual data center, the static firewall including firewall rule tuples; sending the static firewall from the first firewall server to a second firewall server in the second virtual data center; migrating a plurality of virtual machines (VMs) from the first virtual data center to the second virtual data center; and importing the firewall document from the first firewall server to the second firewall server by mapping the policies of the first firewall to groups of objects in an inventory of the second virtual data center.

公开(公告)号：US20210203550A1

公开(公告)日：2021-07-01

申请号：US17130862

申请日：2020-12-22

Applicant: VMware, Inc.

Inventor： Sachin Thakkar ,  Abhinav Vijay Bhagwat ,  Weiqing Wu ,  Serge Maskalik ,  Uday Suresh Masurekar

IPC: H04L12/24 ,  G06F9/455 ,  H04L29/06 ,  H04L29/08

Abstract: A method of deploying a network service across a plurality of data centers, includes the steps of: in response to a request for or relating to a network service, identifying virtual network functions associated with the network service and determining network connectivity requirements of the virtual network functions, issuing commands to provision a first virtual link between at least two of the data centers in which the virtual network functions are to be deployed, and issuing commands to provision a second virtual link to one of the data centers in which the virtual network functions are to be deployed.

公开(公告)号：US10757170B2

公开(公告)日：2020-08-25

申请号：US14664939

申请日：2015-03-23

Applicant: VMWARE, INC.

Inventor： Sachin Thakkar ,  Debashis Basak ,  Serge Maskalik ,  Weiqing Wu ,  Aravind Srinivasan

IPC: H04L29/08 ,  H04L12/24 ,  H04L29/12 ,  H04L29/06

Abstract: Conditional address translation is performed in a multi-tenant cloud infrastructure to effectively support tenant-assigned addresses. For each tenant, the multi-tenant cloud infrastructure deploys both a private network used to communicate between the tenant and the cloud and a tenant-facing gateway to manage the private network. The multi-tenant cloud infrastructure also includes an externally-facing gateway used to communicate between the multi-tenant cloud and a public network. The tenant-facing gateways are configured to bypass address translation—providing consistent addressing across each private network irrespective of the physical location of resources linked by the private network. By contrast, the public-facing gateway is configured to translate source addresses in outgoing packets to addresses that are unique within the public network. Advantageously, discriminately mapping addresses enables multiple tenants to interact in a uniform fashion with both on-premises resources and cloud-hosted resources without incurring undesirable address collisions between tenants.

公开(公告)号：US10721161B2

公开(公告)日：2020-07-21

申请号：US14838537

申请日：2015-08-28

Applicant: VMware, Inc.

Inventor： Serge Maskalik ,  Weiqing Wu ,  Debashis Basak ,  Sachin Thakkar ,  Allwyn Sequeira

IPC: H04L12/721 ,  H04L12/813 ,  H04L12/24 ,  H04L12/26 ,  H04L29/08

Abstract: An example method of optimizing connectivity between data centers in a hybrid cloud system having a first data center managed by a first organization and a second data center managed by a second organization, the first organization being a tenant in the second data center. The method includes probing a wide area network (WAN) with test packets by varying an internet protocol (IP) flow tuple of the test packets across a set of IP flows. The method includes identifying a plurality of paths between a gateway of the first data center and another gateway of the second data center associated with the set of IP flows. The method further includes selecting an IP flow from the set of IP flows for an application executing in the first data center. The method further includes establishing a path-optimized connection between the gateway and the other gateway through the WAN having the selected IP flow for use by the application.

公开(公告)号：US10666729B2

公开(公告)日：2020-05-26

申请号：US15654588

申请日：2017-07-19

Applicant: VMware, Inc.

Inventor： Laxminarayana Tumuluru ,  Todd Sabin ,  Weiqing Wu ,  Uday Masurekar ,  Serge Maskalik ,  Sachin Thakkar ,  Debashis Basak

IPC: H04L12/56 ,  H04L29/08 ,  H04L29/12 ,  H04L29/06 ,  G06F8/65 ,  H04L12/24 ,  G06F9/50 ,  H04L12/801 ,  H04L12/911 ,  H04W28/02 ,  H04L12/931 ,  H04L12/46 ,  H04L12/26 ,  H04L12/721 ,  H04L12/715 ,  H04L12/725 ,  G06F9/455

Abstract: An approach is disclosed for steering network traffic away from congestion hot-spots to achieve better throughput and latency. In one embodiment, multiple Foo-over-UDP (FOU) tunnels, each having a distinct source port, are created between two endpoints. As a result of the distinct source ports, routers that compute hashes of packet fields in order to distribute traffic flows across network paths will compute distinct hash values for the FOU tunnels that may be associated with different paths. Probes are scheduled to measure network metrics, such as latency and liveliness, of each of the FOU tunnels. In turn, the network metrics are used to select particular FOU tunnel(s) to send traffic over so as to avoid congestion and high-latency hotspots in the network.

公开(公告)号：US10547540B2

公开(公告)日：2020-01-28

申请号：US14981436

申请日：2015-12-28

Applicant: VMware, Inc.

Inventor： Serge Maskalik ,  Weiqing Wu ,  Debashis Basak ,  Sachin Thakkar ,  Allwyn Sequeira

IPC: H04L29/06 ,  H04L12/721 ,  H04L29/08 ,  H04L12/66 ,  H04L12/813

Abstract: A cloud computing system may include multiple cloud data centers. A gateway may establish connections between a cloud providers' multiple data centers using knowledge about the types of applications workloads executing within the cloud computing system, and may be further based on determines policies indicating priorities for routing traffic for the application workloads.

公开(公告)号：US10452430B2

公开(公告)日：2019-10-22

申请号：US15690241

申请日：2017-08-29

Applicant: VMware, Inc.

Inventor： Serge Maskalik ,  Vemana Murty ,  Manjunath Bandi ,  Todd Sabin ,  Narendra Kumar Basur Shankarappa ,  Sachin Thakkar

IPC: G06F9/455 ,  G06F9/48 ,  G06F9/50

Abstract: A method of migrating a virtualized computing instance between source and destination virtualized computing systems includes executing a first migration workflow in the source virtualized computing system between a source host computer and a first mobility agent simulating a destination host, executing a second migration workflow in the destination virtualized computing system between a second mobility agent simulating a source host and a destination host computer, sending, as part of the first migration workflow, a configuration of the migrated virtualized computing instance to the destination virtualized computing system, translating, as part of the second migration workflow, infrastructure-dependent information in the configuration of the migrated virtualized computing instance, and transferring, during execution of the first and second migration workflows, migration data including the virtualized computing instance between the source host and the destination host over a network.

公开(公告)号：US10382532B2

公开(公告)日：2019-08-13

申请号：US15666513

申请日：2017-08-01

Applicant: VMware, Inc.

Inventor： Sachin Thakkar ,  Debashis Basak ,  Serge Maskalik ,  Mark Bryan Whipple ,  Aarti Kumar Gupta

IPC: G06F9/455 ,  H04L29/08 ,  H04L12/46 ,  H04L12/26 ,  G06F9/50

Abstract: A method for managing an application executing in a computing system is disclosed as including a private cloud operated by a first organization and a multi-tenant public cloud of which the first organization is one of the tenants. The method comprises instantiating a first virtual object in the private cloud and instantiating a second virtual object in the public cloud for executing the application cooperatively with the first virtual object. Mapping associated with the first virtual object is generated, wherein the mapping comprises a first identifier having a context of the private cloud and a second identifier having a context of the public cloud. The method further includes detecting migration of the first or second virtual object such that both of the first and second virtual objects are instantiated in a single one of the private and public clouds and updating the mapping to reflect the migration.

公开(公告)号：US10375170B2

公开(公告)日：2019-08-06

申请号：US15690230

申请日：2017-08-29

Applicant: VMware, Inc.

Inventor： Narendra Kumar Basur Shankarappa ,  Aravind Srinivasan ,  Sachin Thakkar ,  Serge Maskalik ,  Govind Haridas

IPC: G06F15/177 ,  H04L29/08 ,  H04L29/12 ,  H04L12/721 ,  H04L12/801 ,  H04L12/911 ,  H04W28/02 ,  G06F9/50 ,  H04L12/24 ,  H04L12/931 ,  H04L12/46 ,  H04L29/06 ,  G06F8/65 ,  H04L12/715 ,  H04L12/725 ,  G06F9/455

Abstract: Techniques for upgrading virtual appliances in a hybrid cloud computing system are provided. In one embodiment, virtual appliances are upgraded by deploying the upgraded appliances in both a data center and a cloud, configuring the upgraded appliances to have the same IP addresses as original appliances, and disconnecting the original appliances from networks to which they are connected and connecting the upgraded appliances to those networks via the same ports previously used by the original appliances. In another embodiment, upgraded appliances are deployed in the data center and the cloud, but configured with new IP addresses that are different from those of the original appliances, and connections are switched from those of the original appliances to new connections with the new IP addresses. Embodiments disclosed herein permit virtual appliances to be upgraded or replaced with relatively little downtime so as to help minimize disruptions to existing traffic flows.