Policy compliance of container images
US-2017212830-A1 · Jul 27, 2017 · US
Hot deployment in a distributed cluster system
US10230786B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-10230786-B2 |
| Application number | US-201615055512-A |
| Country | US |
| Kind code | B2 |
| Filing date | Feb 26, 2016 |
| Priority date | Feb 26, 2016 |
| Publication date | Mar 12, 2019 |
| Grant date | Mar 12, 2019 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Implementations provide for a source to image framework for a Platform-as-a-Service (PaaS) system in a distributed cluster system that can apply modifications to source code. A method of the disclosure includes invoking source-to-image (STI) methodology to execute an instance of an application image. The application image is associated with source code and an application framework of an application. A modification to the source code utilized in the instance is received and identified via the application framework utilized in the instance. The identified modification to the source code is applied during runtime of the instance in a container via the application framework.
First claim
Opening claim text (preview).
What is claimed is: 1. A method comprising: launching, by a processing device in a distributed cluster system, a container using an application image, the container comprising an executing instance of the application image, the application image associated with source code and an application framework of an application; receiving, by the processing device, a modification to the source code utilized in the instance; determining, by the processing device via a supervisor process executing in the container, whether the application framework lacks support for performing a scan process; responsive to determine that the application framework lacks the support for performing the scan process, identifying, by the processing device via the supervisor process executing in the container, the modification to the source code using a scan process of the supervisor process; applying, by the processing device via the application framework, the identified modification to the source code during runtime of the instance in the container; and preventing, by the processing device via the supervisor process, the container from terminating while the identified modification is applied to the source code via the application framework. 2. The method of claim 1 , further comprising disabling the application framework and the supervisor process from scanning the container to identify the modification in response to receiving a user request to disable the scanning, wherein the disabling prevents further modification to the source code. 3. The method of claim 1 , wherein the modification to the source code is embodied in modified source code on a second device. 4. The method of claim 3 , wherein the second device is located remotely from the processing device. 5. The method of claim 3 , wherein the second device comprises a synchronization command used to synchronize the source code of the instance with the modified source code. 6. The method of claim 1 , wherein the modification to the source code is streamed via a tunnel. 7. The method of claim 1 , further comprising scaling a plurality of instances of the application image to the instance of the application image as a single instance prior to receiving the modification to the source code. 8. The method of claim 1 , wherein the application framework applies the identified modification to respective source codes of each of a plurality of instances of the application image of the application. 9. A system comprising: a memory; and a processing device a distributed cluster system, the processing device communicably coupled to the memory, the processing device to: launch a container using an application image, the container comprising an executing instance of the application image, the application image associated with source code and an application framework of an application; receive a modification to the source code utilized in the instance; determine, via a supervisor process executing in the container, whether the application framework lacks support for performing a scan process; responsive to determine that the application framework lacks the support for performing the scan process, identify, via the supervisor process executing in the container, the modification to the source code using a scan process of the supervisor process; apply the modification to the source code during runtime of the instance in the container; prevent, by the processing device via the supervisor process, the container from terminating while the identified modification is applied to the source code via the application framework; and restart the application image instance without including the modification to the source code. 10. The system of claim 9 , wherein the processing device is further to test the functionality of the application in response to applying the modification to the source code. 11. The system of claim 9 , wherein the modification to the source code is embodied in modified source code on a second device. 12. The system of claim 11 , wherein the second device is located remotely from the processing device. 13. The system of claim 9 , and wherein the modification to the source code is streamed via a tunnel. 14. The system of claim 9 , wherein the container system comprises a single container launched from the image of the application. 15. A non-transitory machine-readable storage medium including instructions that, when accessed by a processing device in a distributed cluster system, cause the processing device to: launch, by the processing device, a container using an application image, the container comprising an executing instance of the application image, the application image associated with source code and an application framework of an application; receive a modification to the source code utilized in the instance; identify, via the application framework utilized in the instance, the modification to the source code; determine, via a supervisor process executing in the container, whether the application framework lacks support for performing a scan process; responsive to determine that the application framework lacks the support for performing the scan process, identify, via the supervisor process executing in the container, the modification to the source code using a scan process of the supervisor process; apply, via the application framework, the identified modification to the source code during runtime of the instance in the container; and preventing, by the processing device via the supervisor process, the container from terminating while the identified modification is applied to the source code via the application framework. 16. The non-transitory machine-readable storage medium of claim 15 , wherein the processing device is further to: disable the application framework and the supervisor process from scanning the container to identify the modification in response to receiving a user request to disable the scanning, wherein the disabling prevents further modification to the source code. 17. The non-transitory machine-readable storage medium of claim 15 , wherein the modification to the source code is embodied in modified source code on a second device. 18. The non-transitory machine-readable storage medium of claim 17 , wherein the second device comprises a synchronization command used to synchronize the source code of the instance with the modified source code. 19. The non-transitory machine-readable storage medium of claim 15 , wherein the processing device is further to: scale a plurality of instances of the application image to the instance of the application image as a single instance prior to receiving the modification to the source code. 20. The non-transitory machine-readable storage medium of claim 15 , wherein the application framework applies the identified modification to respective source codes of each of a plurality of instances of the application image of the application.
Assignees
Inventors
Classifications
- H04L67/10Primary
in which an application is distributed across nodes in the network (software deployment G06F8/60; multiprogramming arrangements G06F9/46) · CPC title
involving the movement of software or configuration parameters (network booting or remote initial program loading [RIPL] G06F9/4416) · CPC title
Version control (security arrangements therefor G06F21/57); Configuration management · CPC title
Runtime interpretation or emulation, e g. emulator loops, bytecode interpretation · CPC title
Hypervisor-specific management and integration aspects · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US10230786B2 cover?
- Implementations provide for a source to image framework for a Platform-as-a-Service (PaaS) system in a distributed cluster system that can apply modifications to source code. A method of the disclosure includes invoking source-to-image (STI) methodology to execute an instance of an application image. The application image is associated with source code and an application framework of an applica…
- Who is the assignee on this patent?
- Red Hat Inc
- What technology area does this patent fall under?
- Primary CPC classification H04L67/10. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Mar 12 2019 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 3 related publications on this page (citations in our corpus or others sharing the same primary CPC).