公开(公告)号：US5648965A

公开(公告)日：1997-07-15

申请号：US499275

申请日：1995-07-07

申请人： Moti N. Thadani ,  Jose M. Bernabeu-Auban ,  Yousef A. Khalidi ,  Vladimir Matena ,  Kenneth W. Shirriff

发明人： Moti N. Thadani ,  Jose M. Bernabeu-Auban ,  Yousef A. Khalidi ,  Vladimir Matena ,  Kenneth W. Shirriff

IPC分类号： H04L12/26 ,  H04J3/14

CPC分类号： H04L43/00 ,  H04L12/2602 ,  H04L43/022 ,  H04L43/062 ,  H04L43/14 ,  Y10S370/912

摘要： A packet filter can be programmed by a remote controller to detect packets meeting a particular criterion and to report detection of these packets to the controller. The reports from the packet filter are collected and analyzed by the remote controller. A streams module that incorporates the packet filter is used within a Solaris operating system environment that has been enhanced to support an object framework. The streams module exports a programming interface to the packet filter defined in an interface definition language (IDL). The streams module can be pushed onto a network device in a similar fashion to other streams modules. The streams module responds to requests from one remote controller or to requests from more than one remote controller. These remote controller requests arrive as remote procedure call (RPC) requests on the IDL object references exported by the module. The packet filter within the streams module is fully programmable, and it collects and returns information to the controller through a call back object on the controller. The particular traces collected can be configured dynamically by the controller, by issuing RPC requests to the packet filters through the IDL interfaces. Alternately, a standard Solaris environment can be used. In such a case, a standard (i.e., non-object oriented) RPC approach is employed. Furthermore, the above approach will work with other UNIX systems that support stream modules. Moreover, because other operating systems have streams-like input/output capabilities, the approach can be extended to non-UNIX systems such as DOS, Windows NT, OS/2 Warp or the Macintosh operating system.

摘要翻译： 分组过滤器可以由遥控器编程，以检测符合特定标准的数据包，并将这些数据包的检测报告给控制器。 来自包过滤器的报告由遥控器收集和分析。 集成了数据包过滤器的流模块在已被增强以支持对象框架的Solaris操作系统环境中使用。 流模块将编程接口导出到以接口定义语言（IDL）定义的包过滤器。 流模块可以以与其他流模块类似的方式被推送到网络设备上。 流模块响应来自一个遥控器的请求或来自多个遥控器的请求。 这些远程控制器请求作为远程过程调用（RPC）请求到达由模块导出的IDL对象引用。 流模块内的数据包过滤器是完全可编程的，它通过控制器上的回调对象收集和返回信息给控制器。 收集的特定踪迹可以由控制器动态配置，通过IDL接口向包过滤器发出RPC请求。 或者，可以使用标准的Solaris环境。 在这种情况下，采用标准（即非面向对象）RPC方法。 此外，上述方法将适用于支持流模块的其他UNIX系统。 此外，由于其他操作系统具有类似流的输入/输出功能，因此该方法可以扩展到非UNIX系统，如DOS，Windows NT，OS / 2 Warp或Macintosh操作系统。

公开(公告)号：US5860153A

公开(公告)日：1999-01-12

申请号：US562177

申请日：1995-11-22

申请人： Vladimir Matena ,  Jose M. Bernabeu-Auban ,  Yousef A. Khalidi ,  Kenneth W. Shirriff ,  Moti N. Thadani

发明人： Vladimir Matena ,  Jose M. Bernabeu-Auban ,  Yousef A. Khalidi ,  Kenneth W. Shirriff ,  Moti N. Thadani

IPC分类号： G06F12/08 ,  H04L29/12 ,  G06F13/00 ,  G06F15/16

CPC分类号： H04L61/00 ,  G06F12/0817 ,  H04L29/12009

摘要： A bit map is maintained by a provider object of a name server to keep track of names cached by a cache object of the client. The bit map is indexed by performing a hash of the name. When a name is looked up by the server on behalf of a client, the server hashes the name, and sets the bit in the bit map indexed by the result of the hash modulo the size of the bit map. The result of the hash is returned to the client and is stored with the entry in the cache. A bit "set" in the bit map indicates that the client caches at least one name that hashes into the bit. When the server invalidates a name, a hash of the name to be invalidated is used to find the corresponding bit in the bit mask. If the bit is set, the server sends an invalidation request to the client. The invalidation request includes the result of the hash, and the size of the provider's bit map. The client invalidates all entries that hash into the specified bit in the bitmap on the server. Alternatively, the invalidation request also includes the name to be invalidated and the client invalidates only the entry that matches the name.

摘要翻译： 位图由名称服务器的提供程序对象维护，以跟踪由客户机的缓存对象缓存的名称。 通过执行名称的哈希来对位图进行索引。 当代表客户端查询服务器的名称时，服务器将哈希名称，并将由映射结果索引的位图中的位设置为模数位图的大小。 哈希的结果返回到客户端，并将该条目存储在缓存中。 位图中的位“位”表示客户端将至少一个散列的名称缓存到该位中。 当服务器使名称失效时，将使用要使无效名称的散列来查找位掩码中的相应位。 如果该位置位，则服务器向客户端发送无效请求。 无效请求包括哈希的结果和提供者的位图的大小。 客户端会将所有散列到服务器位图中指定位的条目无效。 或者，无效请求还包括要被无效的名称，并且客户端仅使与匹配该名称的条目无效。

公开(公告)号：US5805572A

公开(公告)日：1998-09-08

申请号：US561791

申请日：1995-11-22

申请人： Jose M. Bernabeu-Auban ,  Yousef A. Khalidi ,  Vladimir Matena ,  Kenneth W. Shirriff

发明人： Jose M. Bernabeu-Auban ,  Yousef A. Khalidi ,  Vladimir Matena ,  Kenneth W. Shirriff

IPC分类号： H04L29/06 ,  H04L29/08 ,  H04L12/66

CPC分类号： H04L29/06 ,  H04L69/32

摘要： Transparent routing within the cluster is achieved (without changing the networking code on each node of the cluster) by using a pair of modules interposed appropriately on the networking stack. In a "clustered" system built out of several computers, using the present invention, the networking subsystem appears to applications as if the applications are running on a single computer. In addition, no modifications to the networking code is needed. The present invention is extensible to a variety of networking protocols, not just TCP/IP as the packet filter allows the routing within the cluster to be done dynamically. No modifications to the applications is needed (same binaries will work). A packet filter and remote communication between the modules through IDL enable the modules to do their job. A name server that maintains the port name space is used.

摘要翻译： 通过在网络堆栈中适当插入一对模块，实现集群内的透明路由（不改变集群各节点上的网络代码）。 在使用本发明的由几台计算机构建的“集群”系统中，网络子系统似乎应用程序似乎应用程序在单个计算机上运行。 另外，不需要修改网络代码。 本发明可扩展到各种网络协议，不仅仅是TCP / IP，因为分组过滤器允许动态地完成集群内的路由。 不需要对应用程序进行修改（相同的二进制文件将工作）。 数据包过滤器和通过IDL的模块之间的远程通信使模块能够完成任务。 使用维护端口名称空间的名称服务器。

公开(公告)号：US06298390B1

公开(公告)日：2001-10-02

申请号：US08621536

申请日：1996-03-26

申请人： Vladimir Matena ,  Yousef A. Khalidi ,  Jose Bernabeu-Auban ,  Moti N. Thadani ,  Kenneth W. Shirriff

发明人： Vladimir Matena ,  Yousef A. Khalidi ,  Jose Bernabeu-Auban ,  Moti N. Thadani ,  Kenneth W. Shirriff

IPC分类号： G06F900

CPC分类号： G06F12/0866 ,  G06F17/30067 ,  G06F2212/311

摘要： In a computer system having a kernel supporting an interface definition language, a file system composed of an object framework. The object framework includes a set of proxy vnodes, a set of memcache vnodes, and a set of storage vnodes. The set of proxy vnodes and the set of memcache vnodes are linked to the set of storage vnodes through the use of the interface definition language, and the set of proxy vnodes are linked to the set of memcache vnodes through the use of a set of pointers. Each proxy vnode of said set of proxy vnodes is typed so as to differentiate between a set of file system objects such as files, directories and devices. The set of memcache vnodes forms an interface to a virtual memory system while the set of storage vnodes forms an interface to an underlying file system. The file system also uses a set of file paging interfaces that support extensions to the file system while providing full coherence of data.

摘要翻译： 在具有支持接口定义语言的内核的计算机系统中，由对象框架组成的文件系统。 对象框架包括一组代理vnodes，一组memcache vnodes和一组存储vnodes。 通过使用接口定义语言将该组代理vnodes和一组memcache vnodes链接到该组存储vnodes，并且该代理vnode集合通过使用一组指针链接到该memcache vnodes集合 。 所述代理vnode集合的每个代理vnode被输入以区分一组文件系统对象，例如文件，目录和设备。 该组memcache vnodes构成了虚拟内存系统的接口，而该组存储vnodes构成了一个基础文件系统的接口。 文件系统还使用一组支持文件系统扩展的文件分页界面，同时提供完全一致的数据。

公开(公告)号：US06185695B2

公开(公告)日：2001-02-06

申请号：US09058406

申请日：1998-04-09

申请人： Declan J. Murphy ,  Madhusudhan Talluri ,  Vladimir Matena ,  Yousef A. Khalidi ,  Jose M. Bernabeu-Auban ,  Andrew G. Tucker

发明人： Declan J. Murphy ,  Madhusudhan Talluri ,  Vladimir Matena ,  Yousef A. Khalidi ,  Jose M. Bernabeu-Auban ,  Andrew G. Tucker

IPC分类号： G06F1107

CPC分类号： G06F11/2097 ,  G06F11/2025 ,  G06F11/2028 ,  G06F11/2041 ,  G06F11/2046

摘要： One embodiment of the present invention provides a method and an apparatus that facilitates transparent failovers from a primary copy of an object on a first server to a secondary copy of the object on a second server when the first server fails, or otherwise becomes unresponsive. The method includes detecting the failure of the first server; selecting the second server; and reconfiguring the second server to act as a new primary server for the object. Additionally, the method includes transparently retrying uncompleted invocations to the object to the second server, without requiring explicit retry commands from a client application program. A variation on this embodiment further includes winding up active invocations to the object before reconfiguring the second server to act as the new primary server. This winding up process may include causing invocations to unresponsive nodes to unblock and complete. Another variation includes blocking new invocations to the object after detecting the failure of the first server, and unblocking these new invocations after reconfiguring the second server to act as the new primary server. Hence, the present invention can greatly simplify programming of client application programs for highly available systems. It also makes it possible to use a client application program written for a nonhighly available system in a highly available system.

摘要翻译： 本发明的一个实施例提供了一种方法和装置，其在第一服务器发生故障时促进从第一服务器上的对象的主副本到第二服务器上的对象的副本的透明故障转移，或者否则变得不响应。 该方法包括检测第一服务器的故障; 选择第二台服务器; 并重新配置第二个服务器以充当该对象的新的主服务器。 此外，该方法包括将未完成的对该对象的调用透明地重试到第二个服务器，而不需要客户端应用程序的显式重试命令。 该实施例的变体还包括在重新配置第二服务器以充当新的主服务器之前将主动调用卷绕到对象。 这个清理过程可能包括导致对无响应节点的调用以解锁和完成。 另一个变体包括在检测到第一个服务器的故障之后阻止对对象的新的调用，并且在重新配置第二个服务器以充当新的主服务器之后解除这些新的调用。 因此，本发明可以极大地简化用于高可用性系统的客户端应用程序的编程。 它还可以在高可用性系统中使用为非高可用系统编写的客户端应用程序。

公开(公告)号：US07581232B2

公开(公告)日：2009-08-25

申请号：US11130308

申请日：2005-05-16

申请人： Jose M. Bernabeu-Auban ,  Jeff L. Havens ,  Yousef A. Khalidi

发明人： Jose M. Bernabeu-Auban ,  Jeff L. Havens ,  Yousef A. Khalidi

IPC分类号： G06F3/00 ,  G06F9/44 ,  G06F9/46 ,  G06F13/00 ,  G06F15/173

CPC分类号： G06F9/465 ,  G06F9/5016 ,  G06F9/5022 ,  G06F2209/463

摘要： Reference counting is shared between an in-process service runtime and a machine-wide service. The service maintains a global reference count, a global export count, and an exports before revoke count. When the global reference count for a resource or object drops to zero, the machine-wide service deletes the table entry for the object or resource and sends an unref message including the value of the global export count to the sharing process. If the local export count is greater than the global export count of the unref, there are committed exports which have not yet been unreferenced. If both counts are the same, the committed exports have been accounted for and a revoke operation can be issued.

摘要翻译： 引用计数在进程内服务运行时和机器范围服务之间共享。 服务在撤销计数之前维护全局引用计数，全局导出计数和导出。 当资源或对象的全局引用计数下降到零时，机器范围的服务将删除对象或资源的表项，并将包含全局导出计数值的未引用消息发送到共享进程。 如果本地出口计数大于unref的全局出口计数，那么有承诺的出口尚未被引用。 如果两者都是一样的，承诺的出口已经被核算，可以发放撤销经营。

公开(公告)号：US09038071B2

公开(公告)日：2015-05-19

申请号：US11393495

申请日：2006-03-30

申请人： Jose M. Bernabeu-Auban ,  Stephen E. Dossick ,  Frank V. Peschel-Gallee ,  Yousef A. Khalidi ,  Stephan J. Zachwieja

发明人： Jose M. Bernabeu-Auban ,  Stephen E. Dossick ,  Frank V. Peschel-Gallee ,  Yousef A. Khalidi ,  Stephan J. Zachwieja

IPC分类号： G06F21/53 ,  G06F9/46

CPC分类号： G06F21/53 ,  G06F9/468

摘要： The resources needed by an application to execute are declared by the application. When the application is activated, only the declared resources are made available to the application because only the declared resources are connected to the execution environment. Accessibility to resources may be controlled by the operating system by making the resource visible or invisible to the executing software by mapping a local name used by the executing software to a global resource, possibly limiting the type of access allowed. Because the executing software relies on the mapping function performed by the operating system for access to resources, and the operating system only maps names declared by the software, the operating system can isolate the software, and prevent the application from accessing undeclared global resources.

摘要翻译： 应用程序执行所需的资源由应用程序声明。 当应用程序被激活时，只有声明的资源才可用于应用程序，因为只有声明的资源连接到执行环境。 资源的可访问性可以由操作系统控制，通过将执行软件使用的本地名称映射到全局资源，使资源可见或不可见，从而可能限制所允许的访问类型。 由于执行软件依赖于操作系统对资源进行访问的映射功能，操作系统仅映射软件声明的名称，因此操作系统可以隔离软件，防止应用程序访问未声明的全局资源。

公开(公告)号：US07496576B2

公开(公告)日：2009-02-24

申请号：US11394667

申请日：2006-03-30

申请人： Jose M. Bernabeu-Auban ,  Yousef A. Khalidi

发明人： Jose M. Bernabeu-Auban ,  Yousef A. Khalidi

IPC分类号： G06F17/30

CPC分类号： H04L63/101 ,  Y10S707/99939

摘要： When a process running in an isolated execution environment is started by a user, the credentials of the user are associated with a naming environment for the isolated execution environment. The isolated execution environment may be implemented via creation of a namespace representing resources available to one or more processes running within the isolated execution environment. The resources available to the isolated processes may represent some subset of global resources. When a request to access a named resource is received, the request is mediated by the operating system. Access, if provided, may be provided via the naming environment associated with the isolated execution environment. The operating system determines whether to grant or deny access to the resource by checking the credentials associated with the naming environment with the ACL of the resource.

摘要翻译： 当用户启动在隔离执行环境中运行的进程时，用户的凭据与隔离的执行环境的命名环境相关联。 可以通过创建表示在隔离的执行环境中运行的一个或多个进程可用的资源的命名空间来实现隔离的执行环境。 可用于隔离进程的资源可能代表全球资源的一些子集。 当接收到访问命名资源的请求时，请求由操作系统调停。 访问（如果提供）可以通过与隔离的执行环境相关联的命名环境来提供。 操作系统通过使用资源的ACL检查与命名环境相关联的凭据来确定是否授予或拒绝对资源的访问。

公开(公告)号：US07607142B2

公开(公告)日：2009-10-20

申请号：US11129848

申请日：2005-05-16

申请人： Jose M. Bernabeu-Auban ,  Jeff L. Havens ,  Yousef A. Khalidi

发明人： Jose M. Bernabeu-Auban ,  Jeff L. Havens ,  Yousef A. Khalidi

IPC分类号： G06F3/00 ,  G06F9/44 ,  G06F9/46 ,  G06F13/00 ,  G06F15/16

CPC分类号： G06F9/485 ,  G06F9/548

摘要： Object invocation may be carried out by one thread in a service which may include multiple executing threads. In a mechanism for implementing a cancellation operation in a cooperative system, a thread identifies an operation to be cancelled. A cancel function has an argument comprising the thread identifier in which the operation is to be cancelled. The cancel function is called by a client process thread to cancel a pending object invocation initiated by the client process. An immediate or hard cancel causes the targeted client and cancel thread to return immediately. A discretionary or soft cancel does not affect the targeted client thread. In either case the server process is notified via a maintenance notification. The target thread of the cancel cannot be reused for other work until the cancel request or notification has returned.

摘要翻译： 对象调用可以由可能包括多个执行线程的服务中的一个线程执行。 在用于在协作系统中实现取消操作的机制中，线程识别要取消的操作。 取消功能具有包括要取消操作的线程标识符的参数。 取消函数由客户端进程线程调用以取消客户端进程启动的挂起对象调用。 立即或严格取消导致目标客户端和取消线程立即返回。 任意或软取消不会影响目标客户端线程。 在任一情况下，通过维护通知通知服务器进程。 取消请求或通知返回之前，取消的目标线程不能重复用于其他工作。

公开(公告)号：US08375383B2

公开(公告)日：2013-02-12

申请号：US12200313

申请日：2008-08-28

申请人： Jose M. Bernabeu-Auban ,  Yousef A. Khalidi ,  Frederick J. Smith

发明人： Jose M. Bernabeu-Auban ,  Yousef A. Khalidi ,  Frederick J. Smith

IPC分类号： G06F9/44

CPC分类号： G06F8/65

摘要： Embodiments described herein are directed to updating the various software associated with a distributed application in a piecemeal fashion. All instances of the software are analyzed and separated into different portions, called “roles.” Each instance of a role is strategically assigned to an update domain based on the structural information included in the service model of the distributed application. The distributed application is upgraded one update at a time by selecting an update or host update domain, bringing the roles assigned thereto offline, updating the offline roles, bringing the roles back online, and repeating for other update or host update domains.

摘要翻译： 本文描述的实施例旨在以零碎的方式更新与分布式应用相关联的各种软件。 软件的所有实例都被分析并分成不同的部分，称为角色。 基于分布式应用程序的服务模型中包含的结构信息，将角色的每个实例战略性地分配给更新域。 通过选择更新或主机更新域，将分布式应用程序升级为一个更新，将分配给其的角色脱机，更新脱机角色，使角色重新联机，并为其他更新或主机更新域重复。