公开(公告)号：US11070521B2

公开(公告)日：2021-07-20

申请号：US15591538

申请日：2017-05-10

Applicant: VMware, Inc.

Inventor： YiSan Zhao ,  Shengbo Teng ,  Jian Lan ,  Nan Wang ,  Wen Wang

IPC: G06F21/00 ,  H04L29/06

Abstract: Described herein are systems, methods, and software to enhance network traffic management for virtual machines. In one implementation, a network policy controller may maintain firewall rules at one or more hosts of a computing environment, wherein the firewall rules define network packet forwarding policies for application groups available to virtual machines in the environment. The network policy controller further identifies an application group for attachment to one or more virtual machines, and in response to the identification, adds the one or more virtual machines to a security group for a firewall wall rule corresponding to the application group.

公开(公告)号：US20240007385A1

公开(公告)日：2024-01-04

申请号：US17887761

申请日：2022-08-15

Applicant: VMware, Inc.

Inventor： Yan Qi ,  Jian Lan ,  Liang Cui ,  Xiaoli Tie ,  Weiqing Wu ,  Aravind Srinivasan ,  Doug MacEashern

IPC: H04L43/50 ,  H04L41/14 ,  G06F9/54

CPC classification number: H04L43/50 ,  H04L41/145 ,  G06F9/547

Abstract: This disclosure is directed to a simulation system that verifies functionality and performance of an automated telecommunication cloud platform (“TCP”) which is used to configure hosts of cell sites and a mobile core of a 5G cellular network. The mock hosts are created with a required virtualization platform inventory of objects for implementing a 5G cellular network and registers the mock hosts with a mock centralized server management platform (“mock VC”). The mock hosts are used to simulate hosts of cell sites and a mobile core of a 5G cellular network using features of the TCP. Scale tests are used to verify functionality and performance of the TCP are performed on the mock hosts without any changes to the TCP.

公开(公告)号：US11258816B2

公开(公告)日：2022-02-22

申请号：US16546513

申请日：2019-08-21

Applicant: VMware, Inc.

Inventor： Mani Kancherla ,  Jian Lan ,  Xi Zeng ,  Hailing Xu ,  K. Antion Shiban

IPC: H04L29/06 ,  H04W12/08

Abstract: Embodiments described herein relate to managing firewall rules. Embodiments include identifying a plurality of firewall rules for request handling. Embodiments include determining a deny count for each given firewall rule of the plurality of firewall rules based on a number of requests flagged on account of the given firewall rule. Embodiments include determining an anomaly score for each given firewall rule of the plurality of firewall rules indicating a severity of attacks the given firewall rule protects against. Embodiments include determining an urgency measure for each given firewall rule of the plurality of firewall rules based on the deny count for the given firewall rule and the anomaly score for the given firewall rule. Embodiments include determining an update to at least one firewall rule of the plurality of firewall rules based on the urgency measure for each given firewall rule of the plurality of firewall rules.

公开(公告)号：US20240345909A1

公开(公告)日：2024-10-17

申请号：US18133877

申请日：2023-04-12

Applicant: VMWARE, Inc.

Inventor： Qi Wang ,  Jian Lan ,  Yan QI ,  Liang CuI ,  Aravind Srinivasan ,  Weiqing Wu ,  Uday Suresh Masurekar ,  Todd Sabin ,  Hemanth Kumar Pannem ,  Govind Haridas

IPC: G06F11/07

CPC classification number: G06F11/079 ,  G06F11/0709

Abstract: The disclosure provides a method for diagnosing remote sites of a distributed container orchestration system. The method generally includes receiving a test suite custom resource defining an image to be used for a diagnosis of components of a workload cluster deployed at the remote sites, wherein the image comprises a diagnosis module and/or a user-provided plugin to be used for the diagnosis; identifying a failed component in the workload cluster; obtaining infrastructure information about the workload cluster; identifying the components of the workload cluster for diagnosis based on the failed component, the infrastructure information, and the test suite custom resource; identifying at least one diagnosis site of the remote sites where the components are running using the infrastructure information; and deploying a first pod at the at least one diagnosis site to execute the diagnosis of the one or more components.

公开(公告)号：US12026045B2

公开(公告)日：2024-07-02

申请号：US17902350

申请日：2022-09-02

Applicant: VMware, Inc.

Inventor： Jian Lan ,  Liang Cui ,  Aravind Srinivasan ,  Hailing Xu ,  Yan Qi ,  Prachi Dalvi ,  Shuting Ma ,  Todd Sabin ,  Uday Suresh Masurekar ,  Weiqing Wu

IPC: G06F11/00 ,  G06F9/455 ,  G06F11/07

CPC classification number: G06F11/0784 ,  G06F9/45558 ,  G06F11/0709 ,  G06F11/0712 ,  G06F2009/45591

Abstract: An example method of propagating fault domain topology information in a distributed container orchestration system includes: receiving, at control plane software executing in a data center, the fault domain topology, which includes tags for a protection group and fault domains for remote sites in communication with the data center; deploying, by a master server of the distributed container orchestration system that executes in the data center, a node pool comprising virtual machines (VMs) executing in servers of the remote sites, the VMs being nodes of the distributed container orchestration system in which containers execute; determining, by a controller of the master server, relationships among the VMs, the servers, the protection group, and the fault domains based on state of resources maintained by the master server; and providing, by the controller, labels to the servers for associating the tags of the protection group and the fault domains to the VMs.

公开(公告)号：US20240345820A1

公开(公告)日：2024-10-17

申请号：US18133667

申请日：2023-04-12

Applicant: VMware, Inc.

Inventor： Yan Qi ,  Jian Lan ,  Liang Cui ,  Qi Wang ,  Xiaoli Tie ,  Xiaojun Lin ,  Wenwu Peng ,  Shuting Ma ,  Weiqing Wu ,  Aravind Srinivasan

IPC: G06F8/65 ,  G06F9/455

CPC classification number: G06F8/65 ,  G06F9/45558 ,  G06F2009/45591

Abstract: The disclosure provides a method for preparing a simulation system to simulate upgrade operations for a distributed container orchestration system. The method generally includes monitoring, by a simulation operator of the simulation system, for new resources generated at a management cluster in the distributed container orchestration system, based on the monitoring, discovering, by the simulation operator, a new resource generated at the management cluster specifying a version of container orchestration software supported and made available by the management cluster, and triggering, by the simulation operator, a creation of a new mock virtual machine (VM) template in the simulation system specifying the version of the container orchestration software, wherein the simulation system is configured to use the new mock VM template for simulating mock VMs in the simulation system that are compatible with the version of the container orchestration software supported and made available by the management cluster.

公开(公告)号：US20230195489A1

公开(公告)日：2023-06-22

申请号：US17583148

申请日：2022-01-24

Applicant: VMware Inc.

Inventor： Jian Lan ,  Liang Cui ,  Aravind Srinivasan ,  Todd Sabin ,  Uday Suresh Masurekar ,  Weiqing Wu

IPC: G06F9/455 ,  H04W84/02

CPC classification number: G06F9/45558 ,  H04W84/02 ,  G06F2009/4557 ,  G06F2009/45579 ,  G06F2009/45595

Abstract: A computer-implemented method, medium, and system for implementing a pluggable diagnostic tool for Telco radio access network (RAN) troubleshooting are disclosed. In one computer-implemented method, one or more containerized network function (CNF) instances are generated in a container orchestration platform by a test system and by using a telecommunication cloud automation (TCA) platform executed in the container orchestration platform, where the test system is onboarded to the TCA platform, and the one or more CNF instances are associated with 5G RAN. A customer resources (CR) file is received by the test system, where the CR file defines multiple test cases associated with validation of the TCA platform. The CR file is transmitted to a cluster of nodes in the container orchestration platform. The validation of the TCA platform is executed at the cluster of nodes based on the one or more CNF instances and the CR file.

公开(公告)号：US20180332006A1

公开(公告)日：2018-11-15

申请号：US15591538

申请日：2017-05-10

Applicant: VMware, Inc.

Inventor： YiSan Zhao ,  Shengbo Teng ,  Jian Lan ,  Nan Wang ,  Wen Wang

IPC: H04L29/06 ,  G06F9/455

CPC classification number: H04L63/0263 ,  G06F9/45558 ,  G06F2009/45587

Abstract: Described herein are systems, methods, and software to enhance network traffic management for virtual machines. In one implementation, a network policy controller may maintain firewall rules at one or more hosts of a computing environment, wherein the firewall rules define network packet forwarding policies for application groups available to virtual machines in the environment. The network policy controller further identifies an application group for attachment to one or more virtual machines, and in response to the identification, adds the one or more virtual machines to a security group for a firewall wall rule corresponding to the application group.