公开(公告)号：US20240048375A1

公开(公告)日：2024-02-08

申请号：US18380580

申请日：2023-10-16

Applicant: VMware, Inc.

Inventor： Haoran ZHENG ,  Tao XIE ,  Wei FANG ,  Anil CHINTALAPATI ,  Jing LIU

IPC: H04L9/14 ,  G06F9/54 ,  H04L9/32

CPC classification number: H04L9/14 ,  G06F9/545 ,  H04L9/32 ,  H04L2101/622

Abstract: Distributed storage system and method for transmitting storage-related messages between host computers in a distributed storage system uses a handshake operation of a first-type communication connection between a source data transport daemon of a source host computer and a target data transport daemon of a target host computer to derive a symmetric key at each of the source and target data transport daemons. The two symmetric keys are sent to a source data transport manager of the source host computer and to a target data transport manager of the target host computer. The source and target data transport managers then use the same symmetric keys to encrypt and decrypt storage-related messages that are transmitted from the source data transport manager to the target data transport manager through multiple second-type communication connections between the source and target data transport managers.

公开(公告)号：US20220407685A1

公开(公告)日：2022-12-22

申请号：US17402293

申请日：2021-08-13

Applicant: VMware, Inc.

Inventor： Tao XIE ,  Wenguang WANG ,  Ruiling DOU ,  Zhao JIN

IPC: H04L9/08 ,  H04L29/08

Abstract: A method for encryption in a distributed datastore is provided. The method generally includes receiving random data from a virtualization management platform as a wrapped data encryption key (DEK), retrieving a key encryption key (KEK) from a key management server (KMS), decrypting the wrapped DEK using the KEK to determine a blank DEK, where the blank DEK is common to a plurality of hosts of a host cluster accessing a distributed datastore; encrypting first data using the blank DEK, and storing the encrypted first data in one or more disks of the distributed datastore, the one or more disks belonging to the plurality of hosts.

公开(公告)号：US20230224155A1

公开(公告)日：2023-07-13

申请号：US17684432

申请日：2022-03-02

Applicant: VMware, Inc.

Inventor： Wenguang WANG ,  Abhay Kuamr JAIN ,  Ruiling DOU ,  Tao XIE ,  Xin LI ,  Chandrakanth GADHIRAJU ,  Kevin Rayfeng LI ,  Satish PUDI

IPC: H04L9/08 ,  G06F21/60

CPC classification number: H04L9/0891 ,  G06F21/602

Abstract: An example method for a first host, being an owner of an object stored in a virtual storage area network (vSAN) cluster, to perform encryption and decryption operations during a rekey in the vSAN cluster is disclosed. The method includes obtaining a first encryption key and a first key identifier (ID) of the first encryption key; transmitting the first key ID and an active key index to a second host; using the first encryption key to perform encryption and decryption operations; and in response to a determination of receiving a key change notification from a master node of the vSAN cluster, terminating a connection with the second host.

公开(公告)号：US20230221877A1

公开(公告)日：2023-07-13

申请号：US17684436

申请日：2022-03-02

Applicant: VMware, Inc.

Inventor： Banghui LUO ,  Tao XIE ,  Zhen LIU ,  Enning XIANG ,  YangYang ZHANG ,  Wenguang WANG ,  Kiran PATIL

IPC: G06F3/06

CPC classification number: G06F3/0647 ,  G06F3/0664 ,  G06F3/0659 ,  G06F3/0617 ,  G06F3/0619 ,  G06F3/067

Abstract: Example methods and systems to perform a migration of a virtualized computing instance and its first snapshot hierarchy from a first object store to a second object store have been disclosed. One example method includes identifying a first disk chain of the first snapshot hierarchy having an object running point, identifying a second disk chain of the first snapshot hierarchy different from the first disk chain, and migrating the second disk chain from the first object store to the second object store to form a first branch of a second snapshot hierarchy in the second object store. After the migrating, the example method includes instructing to take a first native snapshot on the object running point in the second object store, instructing to revert the object running point along the first branch and migrating the first disk chain from the first object store to the second object store.

公开(公告)号：US20240220370A1

公开(公告)日：2024-07-04

申请号：US18147061

申请日：2022-12-28

Applicant: VMware, Inc.

Inventor： Zhen LIU ,  Tao XIE ,  Banghui LUO ,  Enning XIANG ,  Yang Yang ZHANG

IPC: G06F11/14

CPC classification number: G06F11/1451 ,  G06F11/1435 ,  G06F11/1464 ,  G06F2201/845

Abstract: A method for implementing native snapshot capabilities on non-native snapshots includes generating a virtual disk container having both native snapshot functionality and functionality of the non-native snapshot, including redo-log snapshot functionality. Redo-log parent disk chains may be preserved, along with subsequent native snapshot data, in virtual disk container objects. A virtual root node of a copy-on-write data structure of a virtual disk container object enables snapshotting and traversal between a redo-log disk chain and a native snapshot disk chain. Throughout backup and reversion operations, the virtual disk container object may be reparented as necessary, and a constant running point may be maintained for the virtual disk container object.

公开(公告)号：US20230236863A1

公开(公告)日：2023-07-27

申请号：US17678551

申请日：2022-02-23

Applicant: VMware, Inc.

Inventor： Peng DAI ,  Matthew B. AMDUR ,  Tao XIE ,  Ruiling DOU

IPC: G06F9/455

CPC classification number: G06F9/45558 ,  G06F2009/45583 ,  G06F2009/45595 ,  G06F2009/4557

Abstract: An example method of providing a common volume (cVol) datastore for virtual machines (VMs) managed by a hypervisor in a cloud computing system includes: mounting, by the hypervisor in cooperation with a network file system server, a network file system share of a common volume (cVol), the network file system share storing metadata for the VMs; creating a file system container backed by the network file system share; routing file operations targeting the metadata to the file system container; attaching cloud volumes as devices on a host of the hypervisor, the cloud volumes referenced by descriptors in the metadata; and routing file operations targeting virtual disks of the VMs to the devices.

公开(公告)号：US20220350820A1

公开(公告)日：2022-11-03

申请号：US17243578

申请日：2021-04-29

Applicant: VMware, Inc.

Inventor： Tao XIE ,  Zhao JIN ,  YangYang ZHANG ,  Wei FANG ,  Lei ZHOU

IPC: G06F16/28 ,  G06F16/22 ,  G06F9/4401 ,  G06F16/182

Abstract: A distributed system, such as a distributed storage system in a virtualized computing environment and having storage nodes arranged in a cluster, is provided with capability by a management server to detect mutually exclusive features. If a feature being requested for installation is detected as being a mutually exclusive feature by using a first table, the management server searches for the feature in second table. If the feature is located in the second table and if the feature meets a condition for interoperability specified by the second table, then the management server proceeds with serving the request by installing the feature in the distributed storage system. Else, the management server rejects the request.

公开(公告)号：US20220109570A1

公开(公告)日：2022-04-07

申请号：US17102363

申请日：2020-11-23

Applicant: VMware, Inc.

Inventor： Wei FANG ,  Haoran ZHENG ,  Tao XIE ,  Yun ZHOU ,  YangYang ZHANG

IPC: H04L9/32 ,  H04L29/06

Abstract: A distributed system, such as a distributed storage system in a virtualized computing environment and having storage nodes arranged in a cluster, is provided by management server with a transition period between non-encryption and encryption modes of operation. The transition period enables all of the nodes to complete a transition from the non-encryption mode of operation to the encryption mode of operation, without loss of data-in-transit (DIT). An auto-remediation feature is provided by the management server to the cluster, so as to fix inconsistent state(s) of one or more nodes in the cluster.

公开(公告)号：US20210117443A1

公开(公告)日：2021-04-22

申请号：US16658172

申请日：2019-10-21

Applicant: VMware, Inc.

Inventor： Haoran ZHENG ,  Wenguang WANG ,  Tao XIE ,  Yizheng CHEN

IPC: G06F16/27 ,  G06F3/06 ,  H04L29/08 ,  G06F11/20 ,  G06F16/182 ,  G06F11/16

Abstract: A distributed storage system, such as a distributed storage system in a virtualized computing environment, stores data in storage nodes as immutable key-value entries. A coordinator storage node creates a key-value entry and attempts to store the key-value entry in the coordinator storage node and in neighbor storage nodes. If the storage of the key-value entry in the in the coordinator storage node and in the neighbor storage node is successful, the coordinator storage node pushes the key-value entry to other storage nodes in the distributed storage system for storage as replicas.