Presenting multiple endpoints from an enhanced PCI express endpoint device
US-9842075-B1 · Dec 12, 2017 · US
Network address sharing in a multitenant, monolithic application environment
US10148611B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-10148611-B2 |
| Application number | US-201515024250-A |
| Country | US |
| Kind code | B2 |
| Filing date | Mar 30, 2015 |
| Priority date | Mar 30, 2015 |
| Publication date | Dec 4, 2018 |
| Grant date | Dec 4, 2018 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Improved techniques of running multitenant applications involve opening sockets in multiple network namespaces through which respective tenants may access a monolithic application thread. A server running such an application may assign tenants network bandwidth through one or more network namespaces. Each network namespace has its own independent set of network addresses that may overlap or even be identical to another namespace's set of network addresses. The server may then identify a request to access application data with a particular tenant by network identifiers such as virtual local area network (VLAN) identifiers attached to the request. Thus, even though two established sockets may include identical source and destination addresses, data may be exchanged between the server and the intended tenants.
First claim
Opening claim text (preview).
What is claimed is: 1. A method of operating a monolithic, multitenant application on a server device, the application being run on the server device from a default namespace in a context of an operating system over a network, the method comprising: generating, by processing circuitry of the server device, a first network namespace and second network namespace in the context of the operating system, the first network namespace and the second network namespace being distinct from one another; opening (i) a first socket within the first network namespace and (ii) a second socket within the second network namespace; receiving (i) a first request to access a thread of the application from a first tenant through the first socket and (ii) a second request to access the thread of the application from a second tenant through the second socket, the first tenant and the second tenant being distinct from one another; transferring, by the processor, data generated by the thread of the application to the first tenant through the first socket; and transferring, by the processor, data generated by the thread of the application to the second tenant through the second socket; wherein: the first network namespace has a first network address within a first virtual network and the second network namespace has a second network address within a second virtual network; generating the first network namespace includes allocating a first range of network addresses within the first virtual network to the first tenant; generating the second network namespace includes allocating a second range of network addresses within the second virtual network to the second tenant; and the first range of network addresses and the second range of network addresses have at least one network address in common. 2. A method of operating a monolithic, multitenant application on a server device, the application being run on the server device from a default namespace in a context of an operating system over a network, the method comprising: generating, by processing circuitry of the server device, a first network namespace and second network namespace in the context of the operating system, the first network namespace and the second network namespace being distinct from one another; opening (i) a first socket within the first network namespace and (ii) a second socket within the second network namespace; receiving (i) a first request to access a thread of the application from a first tenant through the first socket and (ii) a second request to access the thread of the application from a second tenant through the second socket, the first tenant and the second tenant being distinct from one another; transferring, by the processor, data generated by the thread of the application to the first tenant through the first socket; and transferring, by the processor, data generated by the thread of the application to the second tenant through the second socket; wherein generating the first network namespace and the second network namespace includes: producing a first set of virtual local area network (VLAN) interfaces within the first network namespace, each of the first set of VLAN interfaces having a respective value of a VLAN identifier, the VLAN identifier identifying a VLAN over which data may be transported between a tenant and a namespace of the server; and producing a second set of VLAN interfaces within the second network namespace, each of the second set of VLAN interfaces having a respective value of the VLAN identifier; wherein the first request has a first value of the VLAN identifier and the second request has a second value of the VLAN identifier; and wherein the method further comprises: routing the first request to one of the first network namespace and the second network namespace according to the first VLAN identifier; and routing the second request to one of the first network namespace and the second network namespace according to the second VLAN identifier. 3. A method as in claim 2 , wherein the server includes a set of network interfaces configured to receive requests from tenants, each of the network interfaces having a value of a network interface identifier identifying that network interface; wherein receiving the first request to access the thread of the application from the first tenant through the first socket includes obtaining a first value of the network interface identifier; wherein receiving the second request to access the thread of the application from the second tenant through the second socket includes obtaining a second value of the network interface identifier; wherein routing the first request includes sending the first request to one of the first network namespace and the second network namespace according to the first value of the VLAN identifier and the first value of the network interface identifier; and wherein routing the second request includes sending the second request to one of the first network namespace and the second network namespace according to the second value of the VLAN identifier and the second value of the network interface identifier. 4. A method as in claim 2 , wherein generating the first network namespace and the second network namespace further includes configuring the monolithic application to generate a first virtual data mover (VDM) serving the first network namespace and a second VDM serving the second network namespace, each of the first VDM and second VDM being configured to extract application data from a storage device and respectively present the extracted application data to the first tenant and the second tenant, each of the first VDM and second VDM being run by the server within the default namespace within the server. 5. A method as in claim 2 , wherein generating the first network namespace and the second network namespace further includes creating a VLAN table, the VLAN table having entries, each entry of the VLAN table including a value of a namespace identifier identifying a network namespace and a value of the VLAN identifier; wherein receiving the first request includes accessing an entry of the VLAN table that includes the first value of the VLAN identifier; and wherein routing the first request to one of the first network namespace and the second network namespace includes sending the first request to the network namespace identified by the value of the namespace identifier of the accessed entry. 6. A method as in claim 5 , further comprising displaying the entries of the VLAN table in a graphical user interface (GUI) within a window generated by the operating system, the GUI including a control that enables an administrator of the server to add or delete a VLAN identifier from a network namespace. 7. A method as in claim 5 , wherein the first tenant represents a production system and the second tenant represents a test system, the production system being used by external customers and having a first set of network addresses in the first virtual network, the test system being used internally for experimentation and having a second set of network addresses in the second virtual network, the first set of network addresses and the second set of network addresses each having at least one address in common; wherein the production system connects to the network at a production port of a switch and the test system connects to the network at a tenant port of the switch; wherein producing the first set of VLAN interfaces within the first network namespace includes: storing a production value of the VLAN identifier in a first entry of the VLAN table, the first entry also having the first value of the network namespace identifier identifying the first network namespace; and assigning the production value
Assignees
Inventors
Classifications
- H04L69/162Primary
involving adaptations of sockets based mechanisms (secure socket layer H04L63/168) · CPC title
Partitioning or combining of resources · CPC title
Managing network names, e.g. use of aliases or nicknames (name-to-address mapping H04L61/45) · CPC title
Bus networks · CPC title
in which an application is distributed across nodes in the network (software deployment G06F8/60; multiprogramming arrangements G06F9/46) · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US10148611B2 cover?
- Improved techniques of running multitenant applications involve opening sockets in multiple network namespaces through which respective tenants may access a monolithic application thread. A server running such an application may assign tenants network bandwidth through one or more network namespaces. Each network namespace has its own independent set of network addresses that may overlap or eve…
- Who is the assignee on this patent?
- Emc Corp, Emc Ip Holding Co Llc
- What technology area does this patent fall under?
- Primary CPC classification H04L69/162. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Dec 04 2018 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 3 related publications on this page (citations in our corpus or others sharing the same primary CPC).