公开(公告)号：US20200042542A1

公开(公告)日：2020-02-06

申请号：US16655015

申请日：2019-10-16

申请人： Red Hat, Inc.

发明人： Benjamin Michael Parees ,  Martin Nagy ,  Michal Fojtik ,  Rodolfo Henrique Carvalho

IPC分类号： G06F16/28 ,  H04L29/12 ,  G06F9/44

摘要： Implementations provide for container clustering in a container-based architecture. A method of the disclosure includes generating by a processing device executing a container deploying an instance of an application image, a domain name server (DNS) query to request identification of other containers in a container cluster. The other containers deploy other instances of the application image. The method also includes in responsive to the DNS query, receiving the identification of each of the other containers in the container cluster. The method further includes configuring, without manual intervention, the container as a member of the container cluster in view of the identification of each of the other containers.

公开(公告)号：US09747438B2

公开(公告)日：2017-08-29

申请号：US14930358

申请日：2015-11-02

申请人： Red Hat, Inc.

发明人： Michal Fojtik ,  Benjamin Michael Parees

IPC分类号： G06F11/00 ,  G06F17/30 ,  G06F21/53

CPC分类号： G06F21/53 ,  G06F21/629

摘要： Embodiments of the disclosure enable resource access for secure application containers. In accordance with one embodiment, a method is provided that comprises identifying a tracing wrapper for an application to be executed by a process. The tracing wrapper to track an event associated with an interaction of the application with one or more system resources. An instance of the application is executed by the process using an application account having access to the system resources. A first system resource of the system resources is determined to be used by the application in view of the tracing wrapper. The application is then copied to a secure container to be executed by the process using a container account of the secure container. The secure container is isolated from access to the one or more system resources. Thereupon, the container account is provided access to the first system resource.

公开(公告)号：US11308129B2

公开(公告)日：2022-04-19

申请号：US16655015

申请日：2019-10-16

申请人： Red Hat, Inc.

发明人： Benjamin Michael Parees ,  Martin Nagy ,  Michal Fojtik ,  Rodolfo Henrique Carvalho

IPC分类号： G06F16/28 ,  G06F9/44 ,  H04L29/12 ,  H04L61/4511

摘要： Implementations provide for container clustering in a container-based architecture. A method of the disclosure includes generating by a processing device executing a container deploying an instance of an application image, a domain name server (DNS) query to request identification of other containers in a container cluster. The other containers deploy other instances of the application image. The method also includes in responsive to the DNS query, receiving the identification of each of the other containers in the container cluster. The method further includes configuring, without manual intervention, the container as a member of the container cluster in view of the identification of each of the other containers.

公开(公告)号：US20170249374A1

公开(公告)日：2017-08-31

申请号：US15054746

申请日：2016-02-26

申请人： Red Hat, Inc.

发明人： Benjamin Michael Parees ,  Martin Nagy ,  Michal Fojtik ,  Rodolfo Henrique Carvalho

IPC分类号： G06F17/30 ,  H04L29/12

摘要： Implementations provide for container clustering in a container-based architecture. A method of the disclosure includes generating by a processing device executing a container deploying an instance of an application image, a domain name server (DNS) query to request identification of other containers in a container cluster. The other containers deploy other instances of the application image. The method also includes in responsive to the DNS query, receiving the identification of each of the other containers in the container cluster. The method further includes configuring, without manual intervention, the container as a member of the container cluster in view of the identification of each of the other containers.

公开(公告)号：US10230786B2

公开(公告)日：2019-03-12

申请号：US15055512

申请日：2016-02-26

申请人： Red Hat, Inc.

发明人： Benjamin Parees ,  Michal Fojtik ,  Daniel McPherson ,  Clayton Coleman ,  Cesar Wong

IPC分类号： G06F9/44 ,  H04L29/08 ,  G06F11/36 ,  G06F8/71 ,  G06F8/656 ,  G06F9/455

摘要： Implementations provide for a source to image framework for a Platform-as-a-Service (PaaS) system in a distributed cluster system that can apply modifications to source code. A method of the disclosure includes invoking source-to-image (STI) methodology to execute an instance of an application image. The application image is associated with source code and an application framework of an application. A modification to the source code utilized in the instance is received and identified via the application framework utilized in the instance. The identified modification to the source code is applied during runtime of the instance in a container via the application framework.

公开(公告)号：US20170124320A1

公开(公告)日：2017-05-04

申请号：US14930358

申请日：2015-11-02

申请人： Red Hat, Inc.

发明人： Michal Fojtik ,  Benjamin Michael Parees

IPC分类号： G06F21/53

CPC分类号： G06F21/53 ,  G06F21/629

摘要： Embodiments of the disclosure enable resource access for secure application containers. In accordance with one embodiment, a method is provided that comprises identifying a tracing wrapper for an application to be executed by a processing system. The tracing wrapper to track an event associated with an interaction of the application with one or more system resources. An instance of the application is executed by the processing system using an application account having access to the system resources. A first system resource of the system resources is determined to be used by the application in view of the tracing wrapper. The application is then copied to a secure container to be executed by the processing system using a container account of the secure container. The secure container is isolated from access to the one or more system resources. Thereupon, the container account is provided access to the first system resource.

公开(公告)号：US10482108B2

公开(公告)日：2019-11-19

申请号：US15054746

申请日：2016-02-26

申请人： Red Hat, Inc.

发明人： Benjamin Michael Parees ,  Martin Nagy ,  Michal Fojtik ,  Rodolfo Henrique Carvalho

IPC分类号： G06F16/28 ,  H04L29/12

摘要： Implementations provide for container clustering in a container-based architecture. A method of the disclosure includes generating by a processing device executing a container deploying an instance of an application image, a domain name server (DNS) query to request identification of other containers in a container cluster. The other containers deploy other instances of the application image. The method also includes in responsive to the DNS query, receiving the identification of each of the other containers in the container cluster. The method further includes configuring, without manual intervention, the container as a member of the container cluster in view of the identification of each of the other containers.

公开(公告)号：US10162627B2

公开(公告)日：2018-12-25

申请号：US15056365

申请日：2016-02-29

申请人： Red Hat, Inc.

发明人： Michal Fojtik ,  Vyacheslav Semushin

IPC分类号： G06F9/44 ,  G06F8/71 ,  G06F9/445

摘要： Implementations provide for a container-based architecture that can maintain build secrets. A method of the disclosure includes storing a file in a destination directory of a build container. The file includes authentication data to retrieve information from a repository. A build of an application image is initiated at a build container. The application image is built using the information retrieved from the repository via the loaded file. In response to receiving an indication that the build of the application imaged is complete, the loaded file is truncated.

公开(公告)号：US20170249141A1

公开(公告)日：2017-08-31

申请号：US15055512

申请日：2016-02-26

申请人： Red Hat, Inc.

发明人： Benjamin Parees ,  Michal Fojtik ,  Daniel McPherson ,  Clayton Coleman ,  Cesar Wong

IPC分类号： G06F9/44 ,  H04L29/08 ,  G06F11/36

CPC分类号： H04L67/10 ,  G06F8/656 ,  G06F8/71 ,  G06F9/45508 ,  G06F9/45558 ,  G06F11/3668 ,  H04L67/34

摘要： Implementations provide for a source to image framework for a Platform-as-a-Service (PaaS) system in a distributed cluster system that can apply modifications to source code. A method of the disclosure includes invoking source-to-image (STI) methodology to execute an instance of an application image. The application image is associated with source code and an application framework of an application. A modification to the source code utilized in the instance is received and identified via the application framework utilized in the instance. The identified modification to the source code is applied during runtime of the instance in a container via the application framework.

公开(公告)号：US20170249128A1

公开(公告)日：2017-08-31

申请号：US15056365

申请日：2016-02-29

申请人： Red Hat, Inc.

发明人： Michal Fojtik ,  Vyacheslav Semushin

IPC分类号： G06F9/44

CPC分类号： G06F8/71 ,  G06F9/44505

摘要： Implementations provide for a container-based architecture that can maintain build secrets. A method of the disclosure includes storing a file in a destination directory of a build container. The file includes authentication data to retrieve information from a repository. A build of an application image is initiated at a build container. The application image is built using the information retrieved from the repository via the loaded file. In response to receiving an indication that the build of the application imaged is complete, the loaded file is truncated.