公开(公告)号：US20240414057A1

公开(公告)日：2024-12-12

申请号：US18243807

申请日：2023-09-08

Applicant: VMware LLC

Inventor： Sachin Mohan Vaidya ,  Thomas Pierre Labor Vigneron ,  Shailesh Makhijani ,  Goutham Bodduluri ,  Nikhil Bokare ,  Rushikesh Wagh ,  Vaibhav Bhandari

IPC: H04L41/0894 ,  H04L41/0893

Abstract: Some embodiments provide a method for managing logical network policy at a network management service that manages one or more logical networks, each of which is defined across one or more datacenters. From a first user that controls a first portion of a logical network, the method receives (i) a definition of a policy configuration object for the logical network and (ii) sharing of the policy configuration object with a second user that controls a second portion of the logical network. From the second user, the method receives definition of a service rule that uses the policy configuration object. The method distributes the service rule to a set of network element elements that implement the logical network at the one or more datacenters for the set of network elements to enforce the service rule.

公开(公告)号：US12261746B2

公开(公告)日：2025-03-25

申请号：US18211360

申请日：2023-06-19

Applicant: VMware LLC

Inventor： Sachin Mohan Vaidya ,  Mayur Dhas ,  Naveen Ramaswamy ,  Pavlush Margarian ,  Hamza Aharchaou

IPC: H04L41/08 ,  H04L41/0806 ,  H04L67/10

Abstract: Some embodiments of the invention provide a method for deploying software-implemented resources in a software defined datacenter (SDDC). The method initially receives a hierarchical API command that, in a declarative format, specifies several operation requests for several software-defined (SD) resources at several resource levels of a resource hierarchy in the SDDC. The method parses the API command to identify the SD resources at the plurality of resource levels. Based on the parsed API command, the method deploys the SD resources by using a deployment process that ensures that any first SD resource on which a second SD resource depends is deployed before the second resource. In some embodiments, a second SD resource depends on a first SD resource when the second SD resource is a child of the first SD resource. Alternatively, or conjunctively, a second SD resource can also depend on a first SD resource in some embodiments when the second SD resource has some operational dependency on the first SD resource. In some embodiments, the method parses the API command by identifying several sets of SD resources, with each set having one or more SD resources at one resource level. The deployment in some embodiments deploys the identified SD resource sets at higher resource levels before deploying SD resources at lower resource levels.

公开(公告)号：US20240152374A1

公开(公告)日：2024-05-09

申请号：US18195825

申请日：2023-05-10

Applicant: VMware LLC

Inventor： Shailesh Makhijani ,  Nikhil Bokare ,  Thomas Pierre Labor Vigneron ,  Rushikesh Wagh ,  Vaibhav Bhandari ,  Sachin Mohan Vaidya ,  Pavlush Margarian ,  Josh Dorr

IPC: G06F9/455

CPC classification number: G06F9/45558 ,  G06F2009/4557 ,  G06F2009/45595

Abstract: Some embodiments provide a method of managing policy for a logical network spanning multiple datacenters, including at least first and second datacenters. The method is performed by a network management service operating in a public cloud to manage the datacenters. The method receives (i) a first policy configuration specifying logical network policy at the first datacenter from a first local network manager at the first datacenter and (ii) a second policy configuration specifying logical network policy at the second datacenter from a second local network manager at the second datacenter. The method consolidates the first and second policy configurations into a global policy configuration that also includes policy configuration defined at the network management service. The method uses the global policy configuration to manage the policy configurations for the logical network.

公开(公告)号：US12182630B2

公开(公告)日：2024-12-31

申请号：US18227306

申请日：2023-07-28

Applicant: VMware LLC

Inventor： Amarnath Palavalli ,  Sachin Mohan Vaidya ,  Pavlush Margarian

IPC: G06F9/50 ,  H04L9/40 ,  H04L67/1074 ,  H04L67/1087 ,  H04L67/60

Abstract: Some embodiments of the invention provide a method for processing requests for performing operations on resources in a software defined datacenter (SDDC). The resources are software-defined (SD) resources in some embodiments. The method initially receives a request to perform an operation with respect to a first resource in the SDDC. The method identifies a policy that matches (i.e., is applicable to) the received request for the first resource by comparing a set of attributes of the request with sets of attributes of a set of policies that place constraints on operations specified for resources. In some embodiments, several sets of attributes for several policies can be expressed for resources at different hierarchal resource levels of the SDDC. The method rejects the received request when the identified policy specifies that the requested operation violates a constraint on operations specified for the first resource.

公开(公告)号：US20240152377A1

公开(公告)日：2024-05-09

申请号：US18195835

申请日：2023-05-10

Applicant: VMware LLC

Inventor： Shailesh Makhijani ,  Nikhil Bokare ,  Thomas Pierre Labor Vigneron ,  Rushikesh Wagh ,  Vaibhav Bhandari ,  Sachin Mohan Vaidya ,  Pavlush Margarian ,  Josh Dorr ,  Slava Ivashkevich ,  Suresh Muppala

IPC: G06F9/455

CPC classification number: G06F9/45558 ,  G06F2009/4557 ,  G06F2009/45587 ,  G06F2009/45595

Abstract: Some embodiments provide a method for deploying network management services for a plurality of tenants. The method is performed at a multi-tenant service executing in a container cluster implemented in a public cloud. For a first tenant, the method deploys a first set of network management services in the container cluster for managing a first group of datacenters of the first tenant. For a second tenant, the method deploys a second set of network management services in the container cluster for managing a second group of datacenters of the second tenant.