公开(公告)号：US11119739B1

公开(公告)日：2021-09-14

申请号：US16448523

申请日：2019-06-21

Applicant: Amazon Technologies, Inc.

Inventor： Stewart Allen ,  Dheerendra Talur ,  Venkat Maithreya Paritala ,  Joseph Magerramov ,  Anthony Liguori

IPC: H04L29/06 ,  G06F9/455 ,  H04L29/08 ,  H04L12/753 ,  G06F8/41 ,  G06F9/30

Abstract: Techniques for compiling firewall rules into byte code or assembly code that can be loaded into cache memory of a processor and executed to evaluate received data packets. Rather than representing firewall rules in mid- or high-level languages stored in main memory, the techniques described herein include compiling the firewall rules into bytecode or assembly code, and distributing the code to the data plane. A packet-processing device may load the code representing the firewall rules into instruction cache of the processor. Further, the packet-processing device receives a data packet and extracts packet context data indicating attributes of the packet, and load the packet context data into a data cache of the processor. The processor can then execute the byte code or assembly code representing the firewall rules to evaluate the packet context data without having to access main memory to determine whether allow or block the data packet.

公开(公告)号：US09454407B2

公开(公告)日：2016-09-27

申请号：US14796280

申请日：2015-07-10

Applicant: Amazon Technologies, Inc.

Inventor： Joseph Magerramov ,  Ganesh Subramaniam

IPC: G06F9/50 ,  G06F9/54

CPC classification number: G06F9/5083 ,  G06F9/50 ,  G06F9/547 ,  G06F2209/5022 ,  G06F2209/504 ,  Y02D10/22

Abstract: Disclosed are various embodiments for a resource allocation application. Usage data for application program interfaces is aggregated over time. Limits for an allocation of resources for each of the application program interfaces are calculated as a function of the usage data. Limits are recalculated as new application program interfaces are added.

公开(公告)号：US20150317188A1

公开(公告)日：2015-11-05

申请号：US14796280

申请日：2015-07-10

Applicant: Amazon Technologies, Inc.

Inventor： Joseph Magerramov ,  Ganesh Subramaniam

IPC: G06F9/50

CPC classification number: G06F9/5083 ,  G06F9/50 ,  G06F9/547 ,  G06F2209/5022 ,  G06F2209/504 ,  Y02D10/22

Abstract: Disclosed are various embodiments for a resource allocation application. Usage data for application program interfaces is aggregated over time. Limits for an allocation of resources for each of the application program interfaces are calculated as a function of the usage data. Limits are recalculated as new application program interfaces are added.

Abstract translation: 公开了用于资源分配应用的各种实施例。 应用程序接口的使用数据随时间进行汇总。 根据使用情况数据计算每个应用程序接口的资源分配限制。 当添加新的应用程序接口时，会重新计算限制。

公开(公告)号：US11916880B1

公开(公告)日：2024-02-27

申请号：US16448459

申请日：2019-06-21

Applicant: Amazon Technologies, Inc.

Inventor： Stewart Allen ,  Dheerendra Talur ,  Venkat Maithreya Paritala ,  Joseph Magerramov ,  Anthony Liguori

IPC: H04L9/40 ,  G06F9/455

CPC classification number: H04L63/0263 ,  G06F9/45558 ,  H04L63/0236 ,  H04L63/101 ,  G06F2009/45595

Abstract: Techniques for compiling firewall rules into byte code or assembly code that can be loaded into cache memory of a processor and executed to evaluate received data packets. Rather than representing firewall rules in mid- or high-level languages stored in main memory, the techniques described herein include compiling the firewall rules into bytecode or assembly code, and distributing the code to the data plane. A packet-processing device may load the code representing the firewall rules into instruction cache of the processor. Further, the packet-processing device receives a data packet and extracts packet context data indicating attributes of the packet, and load the packet context data into a data cache of the processor. The processor can then execute the byte code or assembly code representing the firewall rules to evaluate the packet context data without having to access main memory to determine whether allow or block the data packet.

公开(公告)号：US09355134B1

公开(公告)日：2016-05-31

申请号：US13867450

申请日：2013-04-22

Applicant: Amazon Technologies, Inc.

Inventor： Weinan Wang ,  Joseph Magerramov ,  Maxym Kharchenko ,  Min Zhu ,  Aaron Drew Alexander Kujat ,  Alessandro Gherardi ,  Jason Curtis Jenks

IPC: G06F7/00 ,  G06F17/30

CPC classification number: G06F17/3033 ,  G06F17/30194 ,  G06F17/30289 ,  G06F17/30584

Abstract: Disclosed are various embodiments for facilitating data redistribution in database sharding. A database is maintained that is horizontally partitioned into a set of first buckets using modulo-based assignments. A fixed number of the first buckets are stored in each of multiple physical data stores. The database is repartitioned into a set of second buckets using modulo-based assignments. The number of second buckets in the set is a multiple of the sum of a positive integer and the quantity of the physical data stores. The data in the database is unmoved between the physical data stores by repartitioning.

公开(公告)号：US09081623B1

公开(公告)日：2015-07-14

申请号：US13705363

申请日：2012-12-05

Applicant: Amazon Technologies, Inc.

Inventor： Joseph Magerramov ,  Ganesh Subramaniam

IPC: G06F9/50 ,  G06F9/54

CPC classification number: G06F9/5083 ,  G06F9/50 ,  G06F9/547 ,  G06F2209/5022 ,  G06F2209/504 ,  Y02D10/22

Abstract: Disclosed are various embodiments for a resource allocation application. Usage data for application program interfaces is aggregated over time. Limits for an allocation of resources for each of the application program interfaces are calculated as a function of the usage data. Limits are recalculated as new application program interfaces are added.

Abstract translation: 公开了用于资源分配应用的各种实施例。 应用程序接口的使用数据随时间进行汇总。 根据使用数据计算每个应用程序接口的资源分配限制。 当添加新的应用程序接口时，会重新计算限制。