-
公开(公告)号:US08533701B2
公开(公告)日:2013-09-10
申请号:US12724010
申请日:2010-03-15
CPC分类号: G06F8/63 , G06F8/656 , G06F9/45558
摘要: Systems, methods, and computer-readable media for updating a component utilized by an application within a distributed computing environment. An inventory of components relied on by applications within a distributed computing environment is created and maintained to facilitate identifying applications utilizing a particular component. A determination is made from the inventory of applications that utilize the particular component. An indication is received that an update is available for the particular component. An application image for an application utilizing the particular component is booted in an isolated computing environment to allow the component to be updated. A new image of the application is created to reflect the updated component. A user, such as a developer, of the application may be notified that the new image is available for future instantiations of the application.
摘要翻译: 用于更新由分布式计算环境中的应用使用的组件的系统,方法和计算机可读介质。 创建和维护在分布式计算环境中由应用程序依赖的组件的清单,以便于使用特定组件识别应用程序。 从使用特定组件的应用程序的清单确定。 接收到对特定组件可用的更新的指示。 使用特定组件的应用程序的应用程序映像在隔离的计算环境中启动,以允许更新组件。 创建应用程序的新映像以反映更新的组件。 可以通知应用的用户,例如开发者,新图像可用于应用的将来实例化。
-
公开(公告)号:US08280908B2
公开(公告)日:2012-10-02
申请号:US11479192
申请日:2006-06-30
IPC分类号: G06F7/00
CPC分类号: G06F17/30235
摘要: Two or more separate physical file system directories are presented as one merged (virtual) file system directory to a process running in a silo. The operating system controls the level of access to the files in the merge directory. The operating system provides the merged view of the file system directories by monitoring file system requests made by processes in silos on a computer or computer system and in response to detecting certain types of file system access requests, provides the view of the seemingly merged directories by performing special processing. The types of requests which trigger the special processing include: enumeration, open, create, rename or close.
摘要翻译: 将两个或多个单独的物理文件系统目录作为一个合并的(虚拟)文件系统目录呈现给在筒仓中运行的进程。 操作系统控制对合并目录中文件的访问级别。 操作系统通过监视由计算机或计算机系统上的孤岛中的进程产生的文件系统请求并响应于检测到某些类型的文件系统访问请求而提供文件系统目录的合并视图,通过以下方式提供看似合并的目录的视图: 进行特殊处理。 触发特殊处理的请求类型包括:枚举,打开,创建,重命名或关闭。
-
公开(公告)号:US20110225574A1
公开(公告)日:2011-09-15
申请号:US12724010
申请日:2010-03-15
IPC分类号: G06F9/44
CPC分类号: G06F8/63 , G06F8/656 , G06F9/45558
摘要: Systems, methods, and computer-readable media for updating a component utilized by an application within a distributed computing environment. An inventory of components relied on by applications within a distributed computing environment is created and maintained to facilitate identifying applications utilizing a particular component. A determination is made from the inventory of applications that utilize the particular component. An indication is received that an update is available for the particular component. An application image for an application utilizing the particular component is booted in an isolated computing environment to allow the component to be updated. A new image of the application is created to reflect the updated component. A user, such as a developer, of the application may be notified that the new image is available for future instantiations of the application.
摘要翻译: 用于更新由分布式计算环境中的应用使用的组件的系统,方法和计算机可读介质。 创建和维护在分布式计算环境中由应用程序依赖的组件的清单,以便于使用特定组件识别应用程序。 从使用特定组件的应用程序的清单确定。 接收到对特定组件可用的更新的指示。 使用特定组件的应用程序的应用程序映像在隔离的计算环境中启动,以允许更新组件。 创建应用程序的新映像以反映更新的组件。 可以通知应用的用户,例如开发者,新图像可用于应用的将来实例化。
-
公开(公告)号:US07996841B2
公开(公告)日:2011-08-09
申请号:US11301065
申请日:2005-12-12
IPC分类号: G06F9/46
CPC分类号: G06F21/53 , G06F21/6281 , G06F2221/2141 , H04L49/90
摘要: A containment mechanism provides for the grouping and isolation of multiple processes running on a single computer using a single instance of the operating system. A system is divided into one or more side-by-side and/or nested spaces enabling the partitioning and controlled sharing of resources by creating different views of hierarchical name spaces by creating a new branch of an existing global system name space or by linking the sub-root level nodes of a new hierarchy to a subset of nodes in an existing global system name space.
摘要翻译: 遏制机制提供了使用单个操作系统实例在单个计算机上运行的多个进程的分组和隔离。 系统被划分为一个或多个并排和/或嵌套空间,通过创建现有全球系统名称空间的新分支,通过创建分层名称空间的不同视图来实现资源的分区和控制共享,或者通过链接 新层次结构的子根级别节点到现有全局系统名称空间中的节点子集。
-
公开(公告)号:US07447896B2
公开(公告)日:2008-11-04
申请号:US11301066
申请日:2005-12-12
IPC分类号: G06F9/24
CPC分类号: G06F9/4401 , Y10S707/99939
摘要: An intra-operating system isolation mechanism called a silo provides for the grouping and isolation of processes running on a single computer using a single instance of the operating system. The operating system enables the controlled sharing of resources by providing a view of a system name space to processes executing within an isolated application called a server silo. A server silo is created by performing a separate “mini-boot” of user-level services within the server silo. The single OS image serving the computer employs the mechanism of name space containment to constrain which server silos can use which resource(s). Restricting access to resources is therefore directly based on the process or application placed in the server silo rather than who is running the application because if a process or application is unable to resolve a name used to access a resource, it will be unable to use the resource.
摘要翻译: 称为仓库的操作系统隔离机制提供了使用单个操作系统实例在单个计算机上运行的进程的分组和隔离。 操作系统通过提供系统名称空间的视图来实现资源的受控共享,以便在被称为服务器仓的隔离应用程序内执行的进程进行处理。 通过在服务器仓内执行用户级服务的单独“微引导”来创建服务器仓库。 服务于计算机的单个OS映像使用名称空间容纳的机制来约束哪个服务器孤岛可以使用哪个资源。 因此,限制对资源的访问直接基于放置在服务器仓中的进程或应用程序,而不是运行应用程序的用户,因为如果进程或应用程序无法解析用于访问资源的名称,则无法使用 资源。
-
公开(公告)号:US20080109394A1
公开(公告)日:2008-05-08
申请号:US11555745
申请日:2006-11-02
IPC分类号: G06F17/30
CPC分类号: G06F17/30365 , G06F17/30117
摘要: An element of a file system is virtually deleted by creating a deletion marker for the element. Two or more separate physical file system directories are presented as one merged (virtual) file system directory to a process running in a silo. The operating system provides the merged view of the file system directories by monitoring file system requests made by processes in silos on a computer or computer system and filtering out those elements associated with deletion markers. Special processing is invoked in response to detecting certain types of file system access requests, including: enumeration, open, create, rename or delete.
摘要翻译: 通过创建元素的删除标记,虚拟地删除文件系统的元素。 将两个或多个单独的物理文件系统目录作为一个合并的(虚拟)文件系统目录呈现给在筒仓中运行的进程。 操作系统通过监视由计算机或计算机系统上的孤岛中的进程产生的文件系统请求并过滤出与删除标记相关的元素,来提供文件系统目录的合并视图。 响应检测某些类型的文件系统访问请求,调用特殊处理,包括:枚举,打开,创建,重命名或删除。
-
公开(公告)号:US20080022385A1
公开(公告)日:2008-01-24
申请号:US11479458
申请日:2006-06-30
IPC分类号: G06F15/16
CPC分类号: H04L63/0263
摘要: Each virtualized environment on a computer has its own set of firewall rules. The virtualized environments share a single instance of the operating system image, a filter engine and a single network stack. A virtualized environment may be a compartment or a server silo. A virtualized environment is a network isolation mechanism and may be used to prevent use of a computer to traverse network boundaries by creating a separate virtualized environment for each network, enabling a separate set of rules to be applied to each virtualized environment and the network interfaces within it. Virtualized environments may also be used to assign different trust levels to the same physical network. Firewall rules are applied by virtualized environment identifier (ID), enabling separate filters to be applied to each virtualized environment on a computer. A virtualized environment may include or be associated with one or more network interfaces.
摘要翻译: 计算机上的每个虚拟化环境都有自己的防火墙规则集。 虚拟化环境共享操作系统映像,过滤器引擎和单个网络堆栈的单个实例。 虚拟化环境可能是隔离专区或服务器仓库。 虚拟化环境是网络隔离机制,可以用于防止计算机通过为每个网络创建单独的虚拟化环境来遍历网络边界,从而实现单独的一组规则应用于每个虚拟化环境和网络接口内的网络接口 它。 虚拟化环境也可用于将不同的信任级别分配给同一物理网络。 虚拟化环境标识符(ID)应用防火墙规则,可以将单独的过滤器应用于计算机上的每个虚拟化环境。 虚拟化环境可以包括或者与一个或多个网络接口相关联。
-
58.发明授权Method and apparatus for managing virtual computer memory with multiple page sizes 失效用于管理具有多个页面大小的虚拟计算机存储器的方法和装置
公开(公告)号:US5784707A
公开(公告)日:1998-07-21
申请号:US634956
申请日:1996-04-19
IPC分类号: G06F12/10
CPC分类号: G06F12/1009 , G06F12/1027 , G06F2212/652
摘要: A computer system having virtual memory that can be mapped using multiple page sizes onto logically addressable physical memory. An intermediate addressing scheme permits the mapping of several non-contiguous small pages in physical memory onto a bigger sized virtual memory page. Rather than translating a virtual address directly into a physical address, a virtual address is translated into an intermediate address that may or may not be a physical address. If the virtual page is backed by physical memory that is contiguous and aligned on a proper boundary for the page size, then the intermediate address will be the physical address and no second translation is required. If the intermediate address is not a physical address, it is then translated into a physical address. This is the case where a big page in virtual memory is backed by more than one smaller page in physical memory. Thus, non-contiguous small pages in physical memory can be mapped together using an intermediate translation to form a single big page thereby removing the requirement that a big page be mapped using a single contiguous portion of physical memory and further removing the requirement that the big page be big page boundary aligned within physical memory. Furthermore, several small pages can be promoted to a single big page simply by changing the virtual address to intermediate address mappings and also changing the intermediate address to physical address mappings to reflect the promotion thereby eliminating the need to move the contents of the small pages into a single contiguous, big page aligned region of physical memory. Furthermore, a big page sized region of virtual memory that has one or more smaller page sized holes within it can be treated as a single big virtual memory page and be backed in physical memory using only as many smaller pages as are required to back the non-hole regions of the virtual address space.
摘要翻译: 具有虚拟存储器的计算机系统,其可以使用多个页面大小映射到可逻辑寻址的物理存储器上。 中间寻址方案允许将物理存储器中的几个不连续的小页面映射到更大尺寸的虚拟存储器页面上。 虚拟地址不是将虚拟地址直接转换为物理地址,而是将虚拟地址转换为可能是或可能不是物理地址的中间地址。 如果虚拟页面由物理内存支持,该物理内存在页面大小的正确边界上是连续的并对齐,则中间地址将是物理地址,不需要第二个转换。 如果中间地址不是物理地址,则将其转换为物理地址。 这是虚拟内存中的大页面由物理内存中的多个较小页面支持的情况。 因此,物理存储器中的不连续的小页面可以使用中间翻译映射到一起,以形成单个大页面,从而消除使用物理内存的单个连续部分映射大页面的要求,并进一步消除大 页面是物理内存中大页边界对齐。 此外,只需将虚拟地址更改为中间地址映射,并将中间地址更改为物理地址映射即可将几个小页面提升为单个大页面,以反映升级,从而无需将小页面的内容移动到 一个连续的大页面对齐的物理内存区域。 此外,在其中具有一个或多个更小的页面大小的空间的虚拟存储器的大页面大小的区域可被视为单个大型虚拟存储器页面,并且仅使用与所需的数量相同的较小页面来支持物理存储器, 虚拟地址空间的空区域。
-
59.发明授权Method and apparatus for managing transactions in an object-oriented distributed system 失效用于管理面向对象的分布式系统中的事务的方法和装置
公开(公告)号:US5764897A
公开(公告)日:1998-06-09
申请号:US738918
申请日:1996-10-28
申请人: Yousef A. Khalidi
发明人: Yousef A. Khalidi
摘要: This disclosure describes a solution to this basic problem of transaction management for systems which use the object metaphor to define the interfaces between different components of a system. An elegant solution is described which defines a transaction manager protocol and process, which is independent of the operating system micro-kernel's interprocess communication activities. The object-oriented transaction manager ("TM") creates transactions, keeps track of all object managers (servers) that are a part of a transaction, and coordinates transaction termination among all objects that are involved in the transaction. In addition, operations by naive applications can be made to execute under transaction control without modifying the applications.
摘要翻译: 本公开描述了使用对象隐喻来定义系统的不同组件之间的接口的系统的事务管理的这个基本问题的解决方案。 描述了一种定义事务管理器协议和过程的优雅解决方案,它独立于操作系统微内核的进程间通信活动。 面向对象的事务管理器(“TM”)创建事务,跟踪作为事务一部分的所有对象管理器(服务器),并协调事务中涉及的所有对象之间的事务终止。 另外,通过天真的应用程序的操作可以在事务控制下执行,而无需修改应用程序。
-
60.发明授权
公开(公告)号:US5630087A
公开(公告)日:1997-05-13
申请号:US333487
申请日:1994-11-02
CPC分类号: G06F12/1027 , G06F12/10
摘要: A method and apparatus to share virtual memory translations in a computer is described. The apparatus includes an operating system that runs in conjunction with a central processing unit. The operating system is programmed to include an address identification routine to identify distinct virtual memory translation entries, associated with a plurality of distinct processes running on the computer, that map to one or more common physical memory page addresses. The operating system also includes a mask assignment routine to assign a first mask value to the distinct virtual memory translation entries, and a write routine to write, to a translation-lookaside buffer or a page table, the distinct virtual memory translation entries as a single address associated with the first mask value. A comparison mechanism is used to compare a second mask value of a translation-request virtual memory translation value to the first mask value to determine whether the second mask value corresponds to said first mask value. If the two mask values correspond, then the single address associated with the first mask value is used as a virtual memory translation address.
摘要翻译: 描述了在计算机中共享虚拟存储器转换的方法和装置。 该装置包括与中央处理单元一起运行的操作系统。 操作系统被编程为包括地址识别例程,以识别与在计算机上运行的多个不同进程相关联的映射到一个或多个公共物理存储器页地址的不同虚拟内存转换条目。 该操作系统还包括一个掩模分配程序,用于将第一掩码值分配给不同的虚拟存储器转换条目,以及写入例程,以将翻译后备缓冲器或页表写入不同的虚拟存储器转换条目作为单个 与第一个掩码值相关联的地址。 比较机制用于将翻译请求虚拟存储器转换值的第二掩码值与第一掩码值进行比较,以确定第二掩码值是否对应于所述第一掩码值。 如果两个掩码值对应,则将与第一掩码值相关联的单个地址用作虚拟存储器转换地址。
-
-
-
-
-
-
-
-
-
搜索结果
62 条记录 (耗时 0.051 秒)