公开(公告)号：US20140115576A1

公开(公告)日：2014-04-24

申请号：US13655352

申请日：2012-10-18

Applicant: VMWARE, INC.

Inventor： Piyush KOTHARI ,  Mukesh BAPHNA ,  Chi-Hsiang SU

IPC: G06F9/455

CPC classification number: G06F9/45558

Abstract: Techniques are disclosed for a management application running on a virtualization management platform and a module on a virtual machine host to communicate via an opaque pass-through channel for transporting data through the management platform and intermediate layer(s) of the virtual machine host between the management application and the module. In one embodiment, the data is identified by a key which is unique across management applications and includes a namespace registered by the management application on the management platform and registered by the module on the virtual machine host. In another embodiment, the namespace may indicate an association of the data with one or more entities such as a distributed virtual switch, port groups, ports, and virtual machine hosts. Configuration property settings for an entity may be propagated to its sub-entities based on inheritance. Further, the data may be persisted in database(s) of the management platform and/or the intermediate layer(s).

Abstract translation: 公开了一种在虚拟化管理平台上运行的管理应用程序和虚拟机主机上的模块的技术，以通过不透明的通过通道进行通信，用于通过虚拟机主机的管理平台和中间层 管理应用和模块。 在一个实施例中，数据由管理应用程序中唯一的密钥来标识，并且包括由管理应用程序在管理平台上注册并由该模块在虚拟机主机上注册的命名空间。 在另一个实施例中，命名空间可以指示数据与一个或多个实体（诸如分布式虚拟交换机，端口组，端口和虚拟机主机）的关联。 可以根据继承将实体的配置属性设置传播到其子实体。 此外，数据可以保持在管理平台和/或中间层的数据库中。

公开(公告)号：US20160191427A1

公开(公告)日：2016-06-30

申请号：US14697586

申请日：2015-04-27

Applicant: VMware, Inc.

Inventor： Mukesh BAPHNA ,  Piyush KOTHARI ,  Chi-Hsiang SU

IPC: H04L12/931 ,  H04L12/24

Abstract: A method, non-transitory storage medium, and apparatus are presented for configuration management of a distributed virtual switch including components distributed on different entities in a computing system is provided. In an exemplary embodiment, a snapshot of a configuration of the distributed virtual switch is received from a management plane configured to manage the distributed virtual switch. The snapshot may include settings for the configuration at a time of taking the snapshot. A persistent storage location independent from the management plane is designated for storing the received snapshot of the configuration. After the snapshot is taken, the configuration may be retrieved from the persistent storage location and the settings of the configuration may be applied to the distributed virtual switch, a new distributed virtual switch, or an existing distributed virtual switch.

Abstract translation: 提供了一种方法，非暂时性存储介质和装置，用于配置分布式虚拟交换机的配置管理，该分布式虚拟交换机包括分布在计算系统中的不同实体上的组件。 在示例性实施例中，从被配置为管理分布式虚拟交换机的管理平面接收分布式虚拟交换机的配置的快照。 快照可能包括拍摄快照时配置的设置。 指定与管理平面无关的持久存储位置用于存储所接收的配置的快照。 在拍摄快照之后，可以从持久存储位置检索配置，并且配置的设置可以应用于分布式虚拟交换机，新的分布式虚拟交换机或现有的分布式虚拟交换机。

公开(公告)号：US20240193049A1

公开(公告)日：2024-06-13

申请号：US18080460

申请日：2022-12-13

Applicant: VMware, Inc.

Inventor： Boris WEISSMAN ,  Bharath Kumar CHANDRASEKHAR ,  Kiran KAMATH ,  Piyush KOTHARI ,  Juan Pablo CASARES-CHARLES ,  Mamta BHAVSAR ,  Ryan Joseph TODD ,  Michael KOLECHKIN ,  David Aaron KRIEGER ,  Deepa SREEKUMAR ,  Sharath Nagaraj DWARAL ,  Kamala Narayan Balasubramanian SHARATH ,  Kedar THIAGARAJAN ,  Amol Abhay KHARE ,  Leena Shuklendu SOMAN ,  Mandar Kashinath NADGOUDA ,  Robert James SPEAKER

IPC: G06F11/14 ,  G06F9/455

CPC classification number: G06F11/1464 ,  G06F9/45558 ,  G06F2009/45587

Abstract: A method for virtual computing instance remediation is provided. Some embodiments include retrieving a first backup of a virtual machine from storage, the first backup comprising configuration information and data of the virtual machine, the configuration information comprising network connectivity information in a first software defined data center (SDDC) running on a first set of host machines. Some embodiments include configuring a second SDDC running on a second set of host machines based on the configuration information, where the second SDDC is network isolated from the first SDDC and powering on the virtual machine from the first backup in the second SDDC. Some embodiments include sending, from the virtual machine to a security platform, behavior information of the virtual machine running in the second SDDC and determining, based on the behavior information, whether the virtual machine running in the second SDDC is infected with malware.

公开(公告)号：US20220141158A1

公开(公告)日：2022-05-05

申请号：US17345513

申请日：2021-06-11

Applicant: VMware, Inc.

Inventor： Mukesh BAPHNA ,  Piyush KOTHARI ,  Chi-Hsiang SU

IPC: H04L49/00 ,  H04L41/0803

Abstract: A method, non-transitory storage medium, and apparatus are presented for configuration management of a distributed virtual switch including components distributed on different entities in a computing system is provided. In an exemplary embodiment, a snapshot of a configuration of the distributed virtual switch is received from a management plane configured to manage the distributed virtual switch. The snapshot may include settings for the configuration at a time of taking the snapshot. A persistent storage location independent from the management plane is designated for storing the received snapshot of the configuration. After the snapshot is taken, the configuration may be retrieved from the persistent storage location and the settings of the configuration may be applied to the distributed virtual switch, a new distributed virtual switch, or an existing distributed virtual switch.

公开(公告)号：US20250061187A1

公开(公告)日：2025-02-20

申请号：US18452319

申请日：2023-08-18

Applicant: VMware, Inc.

Inventor： Boris WEISSMAN ,  Kiran KAMATH ,  Juan Pablo CASARES-CHARLES ,  Piyush KOTHARI ,  Michael KOLECHKIN ,  Deepa SREEKUMAR ,  Mamta BHAVSAR

IPC: G06F21/53 ,  G06F9/455 ,  G06F21/55 ,  G06F21/56

Abstract: Aspects of the disclosure provide continual backup verification for ransomware detection and recovery of fileless malicious logic. On an ongoing basis, even prior to detecting an attack within a production environment, each of a plurality of backup virtual machines (VMs) is executed in an isolation environment and subject to behavior monitoring to detect malicious logic (e.g., ransomware). If malicious logic is detected in a backup VM, an alert is generated and/or that backup VM is marked as unavailable for use as a restoration backup, in order to avoid re-infecting the production environment. In some examples, a backup VM with malicious logic is cleaned and returned to the pool of available backups that are suitable for use. Because the production environment is not burdened, in some examples, the probability of detection for finding malicious logic in the isolation environment is set higher than what is used in the production environment.

公开(公告)号：US20170295056A1

公开(公告)日：2017-10-12

申请号：US15621465

申请日：2017-06-13

Applicant: VMware, Inc.

Inventor： Piyush KOTHARI ,  Mukesh BAPHNA ,  ChiHsiang SU

IPC: H04L12/24 ,  G06F9/455 ,  G06F9/445 ,  H04L12/931

CPC classification number: H04L41/0672 ,  G06F9/44505 ,  G06F9/45558 ,  G06F2009/45591 ,  G06F2009/45595 ,  H04L41/0816 ,  H04L41/0859 ,  H04L41/0863 ,  H04L41/12 ,  H04L49/557 ,  H04L49/65 ,  H04L49/70

Abstract: Techniques for managing configuration of virtual switches in a virtual machine network are disclosed. In an embodiment, a virtual machine network that includes virtual switches is configured to revert back to a saved network configuration if a configuration change causes the connection between the VM management system and a managed node to be lost. For example, before any configuration changes are made, the active configuration is saved. If the new configuration supports a working connection between the managed node and the VM management system, then the saved configuration is no longer needed and can be flushed from memory. If, however, the new configuration causes the managed node to be disconnected from the VM management system, then the system reverts back to the saved configuration that was previously known to work. The saved configuration is used to reestablish the connection so that the network continues to function.

公开(公告)号：US20160105381A1

公开(公告)日：2016-04-14

申请号：US14971749

申请日：2015-12-16

Applicant: VMware, Inc.

Inventor： Mukesh BAPHNA ,  Chi-Hsiang SU ,  Piyush KOTHARI ,  Geetha KAKARLAPUDI

IPC: H04L12/931 ,  H04L12/46 ,  H04L12/935 ,  H04L12/24

Abstract: Techniques are disclosed for pushing configuration changes of a distributed virtual switch from a management server to a plurality of host servers underlying the distributed virtual switch. The approach includes sending, in parallel, by the management server, a message to each of the plurality of host servers. The message specifies a final configuration state for one or more virtual ports emulated via virtualization layers of the host servers. The approach further includes determining, by each of the plurality of host servers, port state configuration changes to make to the virtual ports to achieve the final configuration state, and reconfiguring, by each of the plurality of host servers, their respective virtual ports, to match the final configuration state.

Abstract translation: 公开了将分布式虚拟交换机的配置更改从管理服务器推送到分布式虚拟交换机下方的多个主机服务器的技术。 该方法包括并行地由管理服务器发送到多个主机服务器中的每一个的消息。 消息指定通过主机服务器的虚拟化层仿真的一个或多个虚拟端口的最终配置状态。 该方法还包括由多个主机服务器中的每一个确定端口状态配置改变以对虚拟端口进行最终配置状态，并且由多个主机服务器中的每一个重新配置其各自的虚拟端口， 匹配最终配置状态。