公开(公告)号：US20240031268A1

公开(公告)日：2024-01-25

申请号：US17898351

申请日：2022-08-29

Applicant: VMware, Inc.

Inventor： Ran Gu ,  Wenfeng Liu ,  Donghai Han ,  Jianjun Shen ,  Zhengsheng Zhou

IPC: H04L43/10 ,  H04L45/64

CPC classification number: H04L43/10 ,  H04L45/64

Abstract: Some embodiments of the invention provide a method for performing data traffic monitoring for a system that includes a set of heterogeneous networks that includes at least an overlay first network layer that is built on top of an underlay second network layer. The method is performed at a federation controller for the system. The method directs (1) a first set of components in the overlay first network layer to perform a first trace operation to trace a packet exchanged between two machines and passing through network components defined in the overlay first network layer and underlay second network layer and (2) a second set of components in the underlay second network layer to perform a second trace operation to trace the packet. The method receives, from the first and second sets of components, first and second sets of trace data collected during the first and second trace operations. The collected trace data includes correlation data for correlating the first and second sets of data. The method uses the correlation data to correlate the first and second sets of trace data to generate a final trace report identifying a complete path traversed by the packet through the overlay first network layer and underlay second network layer.

公开(公告)号：US11863352B2

公开(公告)日：2024-01-02

申请号：US17185844

申请日：2021-02-25

Applicant: VMware, Inc.

Inventor： Jianjun Shen ,  Mark Johnson ,  Gaetano Borgione ,  Benjamin John Corrie ,  Derek Beard ,  Zach James Shepherd ,  Vinay Reddy

IPC: H04L12/66 ,  H04L47/125 ,  H04L9/40 ,  H04L45/42 ,  H04L45/586 ,  H04L45/44

CPC classification number: H04L12/66 ,  H04L45/42 ,  H04L45/44 ,  H04L45/586 ,  H04L47/125 ,  H04L63/0272

Abstract: Some embodiments of the invention provide a novel network architecture for deploying guest clusters (GCs) including workload machines for a tenant (or other entity) within an availability zone. The novel network architecture includes a virtual private cloud (VPC) deployed in the availability zone (AZ) that includes a centralized routing element that provides access to a gateway routing element of the AZ. In some embodiments, the centralized routing element provides a set of services for packets traversing a boundary of the VPC. The services, in some embodiments, include load balancing, firewall, quality of service (QoS) and may be stateful or stateless. Guest clusters are deployed within the VPC and use the centralized routing element of the VPC to access the gateway routing element of the AZ.

公开(公告)号：US20230393881A1

公开(公告)日：2023-12-07

申请号：US18324373

申请日：2023-05-26

Applicant: VMware Inc.

Inventor： Brian Masao Oki ,  George Gregory Hicken ,  Mukesh Hira ,  Leonid Livshin ,  Ivaylo Vladimirov Loboshki ,  Ivaylo Radoslavov Radev ,  Alkesh Shah ,  Jianjun Shen ,  Abhishek Ajit Srivastava ,  Konstantinos Roussos ,  Stanimir Plamenov Lukanov ,  Anton Valentinov Donchevski ,  Georgi Lyubomirov Dimitrov

IPC: G06F9/455

CPC classification number: G06F9/45558 ,  G06F2009/45566 ,  G06F2009/45591

Abstract: Systems, apparatus, articles of manufacture, and methods are disclosed to manage a deployment of virtual machines in a cluster by, in a first host of a plurality of hosts, monitor, with first control plane services, an availability of second control plane services at a second host of the plurality of hosts, wherein the first control plane services and the second control plane services support implementation of application programming interface (API) requests in association with managing a cluster, after a determination that the second control plane services at the second host is not available, assign the first control plane services at the first host to operate in place of the second control plane services at the second host, and in the first host, assign, via the first control plane services at the first host, resources of one or more hosts in the cluster to support the API request.

公开(公告)号：US11570090B2

公开(公告)日：2023-01-31

申请号：US17006845

申请日：2020-08-30

Applicant: VMware, Inc.

Inventor： Jianjun Shen ,  Ran Gu ,  Quan Tian ,  Wenying Dong

IPC: H04L45/00 ,  H04L45/02

Abstract: Some embodiments provide a method for an agent executing on a Kubernetes node in a cluster. The method instructs a forwarding element that also executes on the node to process a flow tracing packet. From the forwarding element, the method receives a message indicating a set of flow entries matched by the flow tracing packet as the forwarding element processes the flow tracing packet. For each flow entry of at least a subset of the flow entries matched by the flow tracing packet, the method generates mapping data that maps elements of the flow entry to Kubernetes concepts implemented in the cluster. The method reports data regarding the set of flow entries along with the generated mapping data.

公开(公告)号：US20220400053A1

公开(公告)日：2022-12-15

申请号：US17389305

申请日：2021-07-29

Applicant: VMware, Inc.

Inventor： Danting Liu ,  Jianjun Shen ,  Wenfeng Liu ,  Rui Cao ,  Ran Gu ,  Donghai Han

IPC: H04L12/24 ,  H04L12/46

Abstract: The method of some embodiments allocates a secondary network interface for a pod, which has a primary network interface, in a container network operating on an underlying logical network. The method receives an ND that designates a network segment. The method receives the pod, wherein the pod includes an identifier of the ND. The method then creates a secondary network interface for the pod and connects the secondary network interface to the network segment. In some embodiments, the pods include multiple ND identifiers that each identify a network segment. The method of such embodiments creates multiple secondary network interfaces and attaches the multiple network segments to the multiple secondary network interfaces.

公开(公告)号：US11436057B2

公开(公告)日：2022-09-06

申请号：US16897627

申请日：2020-06-10

Applicant: VMware, Inc.

Inventor： Jianjun Shen ,  Danting Liu ,  Yang Liu

IPC: G06F9/50 ,  H04L49/00 ,  H04L45/42 ,  G06F9/455 ,  G06F9/54 ,  H04L9/40 ,  H04L61/103 ,  H04L67/1001 ,  H04L41/0893 ,  H04L41/18 ,  H04L41/5041 ,  H04L41/50 ,  H04L67/10 ,  H04L12/46 ,  H04L12/66 ,  H04L61/50 ,  H04L45/586

Abstract: Some embodiments of the invention provide a method for deploying network elements for a set of machines in a set of one or more datacenters. The datacenter set is part of one availability zone in some embodiments. The method receives intent-based API (Application Programming Interface) requests, and parses these API requests to identify a set of network elements to connect and/or perform services for the set of machines. In some embodiments, the API is a hierarchical document that can specify multiple different compute and/or network elements at different levels of compute and/or network element hierarchy. The method performs automated processes to define a virtual private cloud (VPC) to connect the set of machines to a logical network that segregates the set of machines from other machines in the datacenter set. In some embodiments, the set of machines include virtual machines and containers, the VPC is defined with a supervisor cluster namespace, and the API requests are provided as YAML, files.

公开(公告)号：US20220038368A1

公开(公告)日：2022-02-03

申请号：US17006845

申请日：2020-08-30

Applicant: VMware, Inc.

Inventor： Jianjun Shen ,  Ran Gu ,  Quan Tian ,  Wenying Dong

IPC: H04L12/721 ,  H04L12/715 ,  H04L12/751

Abstract: Some mbodiments provide a method for an agent executing on a Kubernetes node in a cluster. The method instructs a forwarding element that also executes on the node to process a flow tracing packet. From the forwarding element, the method receives a message indicating a set of flow entries matched by the flow tracing packet as the forwarding element processes the flow tracing packet. For each flow entry of at least a subset of the flow entries matched by the flow tracing packet, the method generates mapping data that maps elements of the flow entry to Kubernetes concepts implemented in the cluster. The method reports data regarding the set of flow entries along with the generated mapping data.

公开(公告)号：US11190424B2

公开(公告)日：2021-11-30

申请号：US16742919

申请日：2020-01-15

Applicant: VMware, Inc.

Inventor： Abhishek Raut ,  Kai Su ,  Jianjun Shen ,  Salvatore Orlando ,  Tong Liu ,  Shih-Hao Li

IPC: G06F15/173 ,  H04L12/26 ,  H04L12/713 ,  H04L29/06 ,  H04L12/931 ,  H04L12/825 ,  H04L12/751 ,  H04L12/715

Abstract: Example methods and systems for container-based connectivity check in a software-defined networking (SDN) environment are disclosed. One example method may comprise detecting, a request for a connectivity check between a first container-based resource and a second container-based resource; identifying a first logical network element and a second logical network element; and injecting a connectivity check packet at the first logical network element for forwarding towards the second logical network element. The example method also may comprise: obtaining report information associated with one or more intermediate logical network elements located along a path that is traversed by the connectivity check packet; and determining a connectivity status associated with the first container-based resource and the second container-based resource based on the report information.

公开(公告)号：US20210314388A1

公开(公告)日：2021-10-07

申请号：US16897640

申请日：2020-06-10

Applicant: VMware, Inc.

Inventor： Zhengsheng Zhou ,  Jianjun Shen ,  Abhishek Raut ,  Yang Liu

IPC: H04L29/08 ,  H04L29/12 ,  G06F9/50 ,  G06F9/54

Abstract: Some embodiments of the invention provide a method for deploying network elements for a set of machines in a set of one or more datacenters. The datacenter set is part of one availability zone in some embodiments. The method receives intent-based API (Application Programming Interface) requests, and parses these API requests to identify a set of network elements to connect and/or perform services for the set of machines. In some embodiments, the API is a hierarchical document that can specify multiple different compute and/or network elements at different levels of compute and/or network element hierarchy. The method performs automated processes to define a virtual private cloud (VPC) to connect the set of machines to a logical network that segregates the set of machines from other machines in the datacenter set. In some embodiments, the set of machines include virtual machines and containers, the VPC is defined with a supervisor cluster namespace, and the API requests are provided as YAML files.

公开(公告)号：US20210314361A1

公开(公告)日：2021-10-07

申请号：US16897695

申请日：2020-06-10

Applicant: VMware, Inc.

Inventor： Zhengsheng Zhou ,  Abhishek Raut ,  Jianjun Shen ,  Donghai Han

IPC: H04L29/06 ,  H04L29/12

Abstract: Some embodiments of the invention provide a method for deploying network elements for a set of machines in a set of one or more datacenters. The datacenter set is part of one availability zone in some embodiments. The method receives intent-based API (Application Programming Interface) requests, and parses these API requests to identify a set of network elements to connect and/or perform services for the set of machines. In some embodiments, the API is a hierarchical document that can specify multiple different compute and/or network elements at different levels of compute and/or network element hierarchy. The method performs automated processes to define a virtual private cloud (VPC) to connect the set of machines to a logical network that segregates the set of machines from other machines in the datacenter set. In some embodiments, the set of machines include virtual machines and containers, the VPC is defined with a supervisor cluster namespace, and the API requests are provided as YAML, files.