Enabling virtual workloads using overlay technologies to interoperate with physical network services
US-9049115-B2 · Jun 2, 2015 · US
Extension of a private cloud end-point group to a public cloud
US10142346B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-10142346-B2 |
| Application number | US-201615222851-A |
| Country | US |
| Kind code | B2 |
| Filing date | Jul 28, 2016 |
| Priority date | Jul 28, 2016 |
| Publication date | Nov 27, 2018 |
| Grant date | Nov 27, 2018 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Disclosed are systems, methods and computer-readable storage medium for extending a private cloud to a public cloud. The private cloud can be extended to the public cloud by establishing a virtual private network between a private cloud and a public cloud, receiving one or more access control lists provisioned by the private cloud, determining contracts between an end point group of the private cloud and an end point group of the public cloud based on the one or more access control lists, and extending the end point group of the private cloud to the end point group of the public cloud across the virtual private network.
First claim
Opening claim text (preview).
The invention claimed is: 1. A method of extending a private cloud to a public cloud, the method comprising: establishing, by an orchestrator, a virtual private network between a private cloud and a public cloud, wherein the private cloud is behind a firewall; receiving, by the orchestrator, one or more access control lists provisioned by the private cloud; determining, by the orchestrator, contracts between an end point group of the private cloud and an end point group of the public cloud based on the one or more access control lists; extending, by the orchestrator, the end point group of the private cloud to the end point group of the public cloud across the virtual private network; and monitoring and troubleshooting, by the orchestrator, the end point group of the public clouds and associated public endpoints of the public cloud. 2. The method of claim 1 , wherein the extending further comprising: enabling bi-directional communication between the end point group of the private cloud and the end point group of the public cloud. 3. The method of claim 1 , further comprising: creating, by the orchestrator at the private cloud, a layer three connection bridge between the private cloud and the public cloud, wherein the layer three connection bridge is configured to enable communication from the end point group in the private cloud to the end point group in the public cloud. 4. The method of claim 3 , wherein the layer three connection bridge communicates with the end point group of the private network using a set of security and connectivity rules based on the contracts. 5. The method of claim 1 , wherein the end point groups of the private cloud and the public cloud are in a web network tier. 6. The method of claim 1 , wherein the orchestrator is at the private cloud. 7. The method of claim 1 , wherein the orchestrator is at the public cloud. 8. An orchestrator of a private cloud comprising: a processor device; and a computer-readable storage medium device having stored therein instructions which, when executed by the processor device, cause the processor device to: establish a virtual private network between a private cloud and a public cloud, wherein the private cloud is behind a firewall; receive one or more access control lists provisioned by the private cloud; determine contracts between an end point group of the private cloud and an end point group of the public cloud based on the one or more access control lists; extend the end point group of the private cloud to the end point group of the public cloud across the virtual private network; and monitoring and troubleshooting the end point group of the public cloud and associated public endpoints of the public cloud. 9. The orchestrator of claim 8 , comprising further instructions which, when executed by the processor device, cause the processor to: enable bi-directional communication between the end point group of the private cloud and the end point group of the public cloud. 10. The orchestrator of claim 8 , comprising further instructions which, when executed by the processor device, cause the processor device to: create, at the private cloud, a layer three connection bridge between the private cloud and the public cloud, wherein the layer three connection bridge is configured to enable communication from the end point group in the private cloud to the end point group in the public cloud. 11. The orchestrator of claim 10 , wherein the layer three connection bridge communicates with the end point group of the virtual private network using a set of security and connectivity rules based on the contracts. 12. The orchestrator of claim 8 , wherein the end point groups of the private cloud and the public cloud are in a web network tier. 13. The orchestrator of claim 8 , wherein the orchestrator is at the private cloud. 14. The orchestrator of claim 8 , wherein the orchestrator is at the public cloud. 15. A non-transitory computer-readable storage medium having stored therein instructions which, when executed by a processor of an orchestrator, cause the processor to perform operations comprising: establish a virtual private network between a private cloud and a public cloud, wherein the private cloud is behind a firewall; receive one or more access control lists provisioned by the private cloud; determine contracts between an end point group of the private cloud and an end point group of the public cloud based on the one or more access control lists; extend the end point group of the private cloud to the end point group of the public cloud across the virtual private network; and monitor and troubleshoot, by the orchestrator, the end point group of the public cloud and associated public endpoints of the public cloud. 16. The non-transitory computer-readable storage medium of claim 15 , the operations further comprising: enable bi-directional communication between the end point group of the private cloud and the end point group of the public cloud. 17. The non-transitory computer-readable storage medium of claim 15 , the operation further comprising: create, at the private cloud, a layer three connection bridge between the private cloud and the public cloud, wherein the layer three connection bridge is configured to enable communication from the end point group in the private cloud to the end point group in the public cloud. 18. The non-transitory computer-readable storage medium of claim 17 , wherein the layer three connection bridge communicates with the end point group of the virtual private network using a set of security and connectivity rules based on the contracts. 19. The non-transitory computer-readable storage medium of claim 15 , wherein the end point groups of the private cloud and the public cloud are in a web network tier. 20. The non-transitory computer-readable storage medium of claim 15 , wherein the orchestrator is at the private cloud.
Assignees
Inventors
Classifications
- H04L63/101Primary
Access control lists [ACL] · CPC title
Isolation or security of virtual machine instances · CPC title
Grid computing · CPC title
in which an application is distributed across nodes in the network (software deployment G06F8/60; multiprogramming arrangements G06F9/46) · CPC title
Interconnection of networks using encapsulation techniques, e.g. tunneling · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US10142346B2 cover?
- Disclosed are systems, methods and computer-readable storage medium for extending a private cloud to a public cloud. The private cloud can be extended to the public cloud by establishing a virtual private network between a private cloud and a public cloud, receiving one or more access control lists provisioned by the private cloud, determining contracts between an end point group of the private…
- Who is the assignee on this patent?
- Cisco Tech Inc
- What technology area does this patent fall under?
- Primary CPC classification H04L63/101. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Nov 27 2018 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 12 related publications on this page (citations in our corpus or others sharing the same primary CPC).